diff options
author | Johannes Berg <johannes.berg@intel.com> | 2012-02-20 17:19:58 +0400 |
---|---|---|
committer | John W. Linville <linville@tuxdriver.com> | 2012-02-27 23:06:32 +0400 |
commit | 79ebfb85d4ad3495d70124a249a1096ab6396c05 (patch) | |
tree | a24b8155adbc30e2ed49768351061c48037b9242 | |
parent | d26ad3771fe7405bf80d736cae9ba4c706a7b1d8 (diff) | |
download | linux-79ebfb85d4ad3495d70124a249a1096ab6396c05.tar.xz |
mac80211: fix associated vs. idle race
Eliad reports that if a scan finishes in the
middle of processing associated (however it
happens), the interface can go idle. This is
because we set assoc_data to NULL before we
set associated. Change the order so any idle
check will find either one of them.
Doing this requires duplicating the TX sync
processing, but I already have a patch to
delete that completely and will submit that
as soon as my driver changes to no longer
require it are submitted.
Reported-by: Eliad Peller <eliad@wizery.com>
Tested-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
-rw-r--r-- | net/mac80211/mlme.c | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c index 586d4fb8e130..1495fb99b379 100644 --- a/net/mac80211/mlme.c +++ b/net/mac80211/mlme.c @@ -2238,14 +2238,28 @@ ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata, } else { printk(KERN_DEBUG "%s: associated\n", sdata->name); - ieee80211_destroy_assoc_data(sdata, true); + /* tell driver about sync done first */ + if (assoc_data->synced) { + drv_finish_tx_sync(sdata->local, sdata, + assoc_data->bss->bssid, + IEEE80211_TX_SYNC_ASSOC); + assoc_data->synced = false; + } if (!ieee80211_assoc_success(sdata, *bss, mgmt, len)) { /* oops -- internal error -- send timeout for now */ + ieee80211_destroy_assoc_data(sdata, true); sta_info_destroy_addr(sdata, mgmt->bssid); cfg80211_put_bss(*bss); return RX_MGMT_CFG80211_ASSOC_TIMEOUT; } + + /* + * destroy assoc_data afterwards, as otherwise an idle + * recalc after assoc_data is NULL but before associated + * is set can cause the interface to go idle + */ + ieee80211_destroy_assoc_data(sdata, true); } return RX_MGMT_CFG80211_RX_ASSOC; |