summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJohannes Berg <johannes.berg@intel.com>2012-02-20 17:19:58 +0400
committerJohn W. Linville <linville@tuxdriver.com>2012-02-27 23:06:32 +0400
commit79ebfb85d4ad3495d70124a249a1096ab6396c05 (patch)
treea24b8155adbc30e2ed49768351061c48037b9242
parentd26ad3771fe7405bf80d736cae9ba4c706a7b1d8 (diff)
downloadlinux-79ebfb85d4ad3495d70124a249a1096ab6396c05.tar.xz
mac80211: fix associated vs. idle race
Eliad reports that if a scan finishes in the middle of processing associated (however it happens), the interface can go idle. This is because we set assoc_data to NULL before we set associated. Change the order so any idle check will find either one of them. Doing this requires duplicating the TX sync processing, but I already have a patch to delete that completely and will submit that as soon as my driver changes to no longer require it are submitted. Reported-by: Eliad Peller <eliad@wizery.com> Tested-by: Eliad Peller <eliad@wizery.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-rw-r--r--net/mac80211/mlme.c16
1 files changed, 15 insertions, 1 deletions
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 586d4fb8e130..1495fb99b379 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -2238,14 +2238,28 @@ ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
} else {
printk(KERN_DEBUG "%s: associated\n", sdata->name);
- ieee80211_destroy_assoc_data(sdata, true);
+ /* tell driver about sync done first */
+ if (assoc_data->synced) {
+ drv_finish_tx_sync(sdata->local, sdata,
+ assoc_data->bss->bssid,
+ IEEE80211_TX_SYNC_ASSOC);
+ assoc_data->synced = false;
+ }
if (!ieee80211_assoc_success(sdata, *bss, mgmt, len)) {
/* oops -- internal error -- send timeout for now */
+ ieee80211_destroy_assoc_data(sdata, true);
sta_info_destroy_addr(sdata, mgmt->bssid);
cfg80211_put_bss(*bss);
return RX_MGMT_CFG80211_ASSOC_TIMEOUT;
}
+
+ /*
+ * destroy assoc_data afterwards, as otherwise an idle
+ * recalc after assoc_data is NULL but before associated
+ * is set can cause the interface to go idle
+ */
+ ieee80211_destroy_assoc_data(sdata, true);
}
return RX_MGMT_CFG80211_RX_ASSOC;