aboutsummaryrefslogtreecommitdiffstats
path: root/net/wireless
diff options
context:
space:
mode:
Diffstat (limited to 'net/wireless')
-rw-r--r--net/wireless/core.c4
-rw-r--r--net/wireless/mlme.c13
-rw-r--r--net/wireless/reg.c2
-rw-r--r--net/wireless/scan.c13
-rw-r--r--net/wireless/sme.c1
5 files changed, 25 insertions, 8 deletions
diff --git a/net/wireless/core.c b/net/wireless/core.c
index c2a2c563d21a..92b812442488 100644
--- a/net/wireless/core.c
+++ b/net/wireless/core.c
@@ -745,9 +745,9 @@ static int cfg80211_netdev_notifier_call(struct notifier_block * nb,
745 mutex_unlock(&rdev->devlist_mtx); 745 mutex_unlock(&rdev->devlist_mtx);
746 dev_put(dev); 746 dev_put(dev);
747 } 747 }
748#ifdef CONFIG_CFG80211_WEXT
749 cfg80211_lock_rdev(rdev); 748 cfg80211_lock_rdev(rdev);
750 mutex_lock(&rdev->devlist_mtx); 749 mutex_lock(&rdev->devlist_mtx);
750#ifdef CONFIG_CFG80211_WEXT
751 wdev_lock(wdev); 751 wdev_lock(wdev);
752 switch (wdev->iftype) { 752 switch (wdev->iftype) {
753 case NL80211_IFTYPE_ADHOC: 753 case NL80211_IFTYPE_ADHOC:
@@ -760,10 +760,10 @@ static int cfg80211_netdev_notifier_call(struct notifier_block * nb,
760 break; 760 break;
761 } 761 }
762 wdev_unlock(wdev); 762 wdev_unlock(wdev);
763#endif
763 rdev->opencount++; 764 rdev->opencount++;
764 mutex_unlock(&rdev->devlist_mtx); 765 mutex_unlock(&rdev->devlist_mtx);
765 cfg80211_unlock_rdev(rdev); 766 cfg80211_unlock_rdev(rdev);
766#endif
767 break; 767 break;
768 case NETDEV_UNREGISTER: 768 case NETDEV_UNREGISTER:
769 /* 769 /*
diff --git a/net/wireless/mlme.c b/net/wireless/mlme.c
index 1001db4912f7..82e6002c8d67 100644
--- a/net/wireless/mlme.c
+++ b/net/wireless/mlme.c
@@ -93,7 +93,18 @@ void cfg80211_send_rx_assoc(struct net_device *dev, const u8 *buf, size_t len)
93 } 93 }
94 } 94 }
95 95
96 WARN_ON(!bss); 96 /*
97 * We might be coming here because the driver reported
98 * a successful association at the same time as the
99 * user requested a deauth. In that case, we will have
100 * removed the BSS from the auth_bsses list due to the
101 * deauth request when the assoc response makes it. If
102 * the two code paths acquire the lock the other way
103 * around, that's just the standard situation of a
104 * deauth being requested while connected.
105 */
106 if (!bss)
107 goto out;
97 } else if (wdev->conn) { 108 } else if (wdev->conn) {
98 cfg80211_sme_failed_assoc(wdev); 109 cfg80211_sme_failed_assoc(wdev);
99 /* 110 /*
diff --git a/net/wireless/reg.c b/net/wireless/reg.c
index baa898add287..7a0754c92df4 100644
--- a/net/wireless/reg.c
+++ b/net/wireless/reg.c
@@ -1690,7 +1690,7 @@ int regulatory_hint_user(const char *alpha2)
1690 request->wiphy_idx = WIPHY_IDX_STALE; 1690 request->wiphy_idx = WIPHY_IDX_STALE;
1691 request->alpha2[0] = alpha2[0]; 1691 request->alpha2[0] = alpha2[0];
1692 request->alpha2[1] = alpha2[1]; 1692 request->alpha2[1] = alpha2[1];
1693 request->initiator = NL80211_REGDOM_SET_BY_USER, 1693 request->initiator = NL80211_REGDOM_SET_BY_USER;
1694 1694
1695 queue_regulatory_request(request); 1695 queue_regulatory_request(request);
1696 1696
diff --git a/net/wireless/scan.c b/net/wireless/scan.c
index 12dfa62aad18..0c2cbbebca95 100644
--- a/net/wireless/scan.c
+++ b/net/wireless/scan.c
@@ -601,7 +601,7 @@ int cfg80211_wext_siwscan(struct net_device *dev,
601 struct cfg80211_registered_device *rdev; 601 struct cfg80211_registered_device *rdev;
602 struct wiphy *wiphy; 602 struct wiphy *wiphy;
603 struct iw_scan_req *wreq = NULL; 603 struct iw_scan_req *wreq = NULL;
604 struct cfg80211_scan_request *creq; 604 struct cfg80211_scan_request *creq = NULL;
605 int i, err, n_channels = 0; 605 int i, err, n_channels = 0;
606 enum ieee80211_band band; 606 enum ieee80211_band band;
607 607
@@ -694,8 +694,10 @@ int cfg80211_wext_siwscan(struct net_device *dev,
694 /* translate "Scan for SSID" request */ 694 /* translate "Scan for SSID" request */
695 if (wreq) { 695 if (wreq) {
696 if (wrqu->data.flags & IW_SCAN_THIS_ESSID) { 696 if (wrqu->data.flags & IW_SCAN_THIS_ESSID) {
697 if (wreq->essid_len > IEEE80211_MAX_SSID_LEN) 697 if (wreq->essid_len > IEEE80211_MAX_SSID_LEN) {
698 return -EINVAL; 698 err = -EINVAL;
699 goto out;
700 }
699 memcpy(creq->ssids[0].ssid, wreq->essid, wreq->essid_len); 701 memcpy(creq->ssids[0].ssid, wreq->essid, wreq->essid_len);
700 creq->ssids[0].ssid_len = wreq->essid_len; 702 creq->ssids[0].ssid_len = wreq->essid_len;
701 } 703 }
@@ -707,12 +709,15 @@ int cfg80211_wext_siwscan(struct net_device *dev,
707 err = rdev->ops->scan(wiphy, dev, creq); 709 err = rdev->ops->scan(wiphy, dev, creq);
708 if (err) { 710 if (err) {
709 rdev->scan_req = NULL; 711 rdev->scan_req = NULL;
710 kfree(creq); 712 /* creq will be freed below */
711 } else { 713 } else {
712 nl80211_send_scan_start(rdev, dev); 714 nl80211_send_scan_start(rdev, dev);
715 /* creq now owned by driver */
716 creq = NULL;
713 dev_hold(dev); 717 dev_hold(dev);
714 } 718 }
715 out: 719 out:
720 kfree(creq);
716 cfg80211_unlock_rdev(rdev); 721 cfg80211_unlock_rdev(rdev);
717 return err; 722 return err;
718} 723}
diff --git a/net/wireless/sme.c b/net/wireless/sme.c
index 2333d78187e4..dc0fc4989d54 100644
--- a/net/wireless/sme.c
+++ b/net/wireless/sme.c
@@ -655,6 +655,7 @@ void __cfg80211_disconnected(struct net_device *dev, const u8 *ie,
655 memset(&wrqu, 0, sizeof(wrqu)); 655 memset(&wrqu, 0, sizeof(wrqu));
656 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 656 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
657 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL); 657 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
658 wdev->wext.connect.ssid_len = 0;
658#endif 659#endif
659} 660}
660 661
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-20 12:11:27 -0500