summaryrefslogtreecommitdiff
path: root/include/net/mac80211.h
diff options
context:
space:
mode:
authorJohannes Berg <johannes@sipsolutions.net>2008-09-11 02:01:51 +0400
committerJohn W. Linville <linville@tuxdriver.com>2008-09-16 00:48:20 +0400
commit5bc75728fd43bb15b46f16ef465bcf9d487393cf (patch)
tree5732adee3965970390bf7953d214c757bbdba2a2 /include/net/mac80211.h
parentb7413430d4d2a6168e68231d9f93763047b6d60c (diff)
downloadlinux-5bc75728fd43bb15b46f16ef465bcf9d487393cf.tar.xz
mac80211: fix scan vs. interface removal race
When we remove an interface, we can currently end up having a pointer to it left in local->scan_sdata after it has been set down, and then with a hardware scan the scan completion can try to access it which is a bug. Alternatively, a scan that started as a hardware scan may terminate as though it was a software scan, if the timing is just right. On SMP systems, software scan also has a similar problem, just canceling the delayed work and setting a flag isn't enough since it may be running concurrently; in this case we would also never restore state of other interfaces. This patch hopefully fixes the problems by always invoking ieee80211_scan_completed or requiring it to be invoked by the driver, I suspect the drivers that have ->hw_scan() are buggy. The bug will not manifest itself unless you remove the interface while hw-scanning which will also turn off the hw, and then add a new interface which will be unusable until you scan once. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to 'include/net/mac80211.h')
-rw-r--r--include/net/mac80211.h4
1 files changed, 3 insertions, 1 deletions
diff --git a/include/net/mac80211.h b/include/net/mac80211.h
index f504e3eca7d3..d67882dd3604 100644
--- a/include/net/mac80211.h
+++ b/include/net/mac80211.h
@@ -1124,7 +1124,9 @@ enum ieee80211_ampdu_mlme_action {
* @hw_scan: Ask the hardware to service the scan request, no need to start
* the scan state machine in stack. The scan must honour the channel
* configuration done by the regulatory agent in the wiphy's registered
- * bands.
+ * bands. When the scan finishes, ieee80211_scan_completed() must be
+ * called; note that it also must be called when the scan cannot finish
+ * because the hardware is turned off! Anything else is a bug!
*
* @get_stats: return low-level statistics
*