mac80211: reorder patches putting backports first

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

1 files changed, 43 insertions, 0 deletions

diff --git a/package/kernel/mac80211/patches/374-ath9k-Protect-queue-draining-by-rcu_read_lock.patch b/package/kernel/mac80211/patches/374-ath9k-Protect-queue-draining-by-rcu_read_lock.patch
new file mode 100644
index 0000000000..9970574e14
--- /dev/null
+++ b/package/kernel/mac80211/patches/374-ath9k-Protect-queue-draining-by-rcu_read_lock.patch
@@ -0,0 +1,43 @@
+From: =?UTF-8?q?Toke=20H=C3=B8iland-J=C3=B8rgensen?= <toke@toke.dk>
+Date: Fri, 2 Feb 2018 11:36:45 +0100
+Subject: [PATCH] ath9k: Protect queue draining by rcu_read_lock()
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+When ath9k was switched over to use the mac80211 intermediate queues,
+node cleanup now drains the mac80211 queues. However, this call path is
+not protected by rcu_read_lock() as it was previously entirely internal
+to the driver which uses its own locking.
+
+This leads to a possible rcu_dereference() without holding
+rcu_read_lock(); but only if a station is cleaned up while having
+packets queued on the TXQ. Fix this by adding the rcu_read_lock() to the
+caller in ath9k.
+
+Fixes: 50f08edf9809 ("ath9k: Switch to using mac80211 intermediate software queues.")
+Cc: stable@vger.kernel.org
+Reported-by: Ben Greear <greearb@candelatech.com>
+Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
+---
+
+--- a/drivers/net/wireless/ath/ath9k/xmit.c
++++ b/drivers/net/wireless/ath/ath9k/xmit.c
+@@ -2930,6 +2930,8 @@ void ath_tx_node_cleanup(struct ath_soft
+ 	struct ath_txq *txq;
+ 	int tidno;
+ 
++	rcu_read_lock();
++
+ 	for (tidno = 0; tidno < IEEE80211_NUM_TIDS; tidno++) {
+ 		tid = ath_node_to_tid(an, tidno);
+ 		txq = tid->txq;
+@@ -2947,6 +2949,8 @@ void ath_tx_node_cleanup(struct ath_soft
+ 		if (!an->sta)
+ 			break; /* just one multicast ath_atx_tid */
+ 	}
++
++	rcu_read_unlock();
+ }
+ 
+ #ifdef CPTCFG_ATH9K_TX99