[RFC 2/2] nl80211: make eloop sockets non-blocking

[Jouni Malinen]

On Mon, Oct 21, 2013 at 06:34:58PM +0200, Johannes Berg wrote:
> To avoid a problem where the beacon socket occasionally
> blocks, mark any sockets on the eloop as non-blocking.
> The previous patch reordered the code to never send a
> command after a socket was put on the eloop, but now also
> invalidate the nl handle pointer while it's on there.

> diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
> +#define ELOOP_SOCKET_INVALID	0x8888888888888889ULL

This needs something like

+#if __WORDSIZE == 64
 #define ELOOP_SOCKET_INVALID   0x8888888888888889ULL
+#else
+#define ELOOP_SOCKET_INVALID   0x88888889UL
+#endif

to compile for 32-bit targets.

>  static void nl80211_register_eloop_read(struct nl_handle **handle,
> +	*handle = (void *)(((unsigned long)*handle) ^ ELOOP_SOCKET_INVALID);

And this invalidation does trigger an issue in the test_ibss_rsn case,
i.e., the wpa_supplicant controlling wlan0 crashes with this backtrace:

==11352== Invalid read of size 8
==11352==    at 0x513EE26: nl_send_auto (in /lib/libnl-3.so.200.3.0)
==11352==    by 0x537CEC: send_and_recv.isra.17 (driver_nl80211.c:579)
==11352==    by 0x537EBC: nl80211_register_frame (driver_nl80211.c:3771)
==11352==    by 0x544F31: do_process_drv_event (driver_nl80211.c:1863)
==11352==    by 0x54538A: process_global_event (driver_nl80211.c:2824)
==11352==    by 0x513F4A9: nl_recvmsgs (in /lib/libnl-3.so.200.3.0)
==11352==    by 0x437DFF: eloop_sock_table_dispatch_table (eloop.c:335)
==11352==    by 0x438CB7: eloop_run (eloop.c:352)
==11352==    by 0x526878: wpa_supplicant_run (wpa_supplicant.c:3446)
==11352==    by 0x42CCFC: main (main.c:320)
==11352==  Address 0x888888888f6e7929 is not stack'd, malloc'd or (recently) free'd


So I cannot apply this before that gets fixed. I'd assume patch 1/2 is
fine, though, and I do need it for my buildbot setup to be more stable.
 
-- 
Jouni Malinen                                            PGP id EFC895FA