From 5e4708bcb5d5360730e31b14e5e36429fc7d48b2 Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Sun, 11 Oct 2009 05:21:10 +0200 Subject: mac80211: fix logic error ibss merge bssid check Signed-off-by: Felix Fietkau Acked-by: Johannes Berg Signed-off-by: John W. Linville --- net/mac80211/ibss.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'net/mac80211/ibss.c') diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c index 920ec8792f4b..812cbaba324f 100644 --- a/net/mac80211/ibss.c +++ b/net/mac80211/ibss.c @@ -544,7 +544,7 @@ static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata) "%pM\n", bss->cbss.bssid, ifibss->bssid); #endif /* CONFIG_MAC80211_IBSS_DEBUG */ - if (bss && memcmp(ifibss->bssid, bss->cbss.bssid, ETH_ALEN)) { + if (bss && !memcmp(ifibss->bssid, bss->cbss.bssid, ETH_ALEN)) { printk(KERN_DEBUG "%s: Selected IBSS BSSID %pM" " based on configured SSID\n", sdata->dev->name, bss->cbss.bssid); -- cgit v1.2.2 From 51f98f1313d2fc4b1d3a3e1f4db7cf4925b29df6 Mon Sep 17 00:00:00 2001 From: Johannes Berg Date: Sun, 11 Oct 2009 11:47:57 +0200 Subject: mac80211: fix ibss race When a scan completes, we call ieee80211_sta_find_ibss(), which is also called from other places. When the scan was done in software, there's no problem as both run from the single-threaded mac80211 workqueue and are thus serialised against each other, but with hardware scan the completion can be in a different context and race against callers of this function from the workqueue (e.g. due to beacon RX). So instead of calling ieee80211_sta_find_ibss() directly, just arm the timer and have it fire, scheduling the work, which will invoke ieee80211_sta_find_ibss() (if that is appropriate in the current state). Signed-off-by: Johannes Berg Signed-off-by: John W. Linville --- net/mac80211/ibss.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'net/mac80211/ibss.c') diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c index 812cbaba324f..6eaf69823439 100644 --- a/net/mac80211/ibss.c +++ b/net/mac80211/ibss.c @@ -829,7 +829,7 @@ void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local) if (!sdata->u.ibss.ssid_len) continue; sdata->u.ibss.last_scan_completed = jiffies; - ieee80211_sta_find_ibss(sdata); + mod_timer(&sdata->u.ibss.timer, 0); } mutex_unlock(&local->iflist_mtx); } -- cgit v1.2.2 From d419b9f0fa69e79ccba3e5e79a58a52ae0c2ed6a Mon Sep 17 00:00:00 2001 From: Reinette Chatre Date: Mon, 19 Oct 2009 14:55:37 -0700 Subject: mac80211: fix ibss joining Recent commit "mac80211: fix logic error ibss merge bssid check" fixed joining of ibss cell when static bssid is provided. In this case ifibss->bssid is set before the cell is joined and comparing that address to a bss should thus always succeed. Unfortunately this change broke the other case of joining a ibss cell without providing a static bssid where the value of ifibss->bssid is not set before the cell is joined. Since ifibss->bssid may be set before or after joining the cell we do not learn anything by comparing it to a known bss. Remove this check. Signed-off-by: Reinette Chatre Signed-off-by: John W. Linville --- net/mac80211/ibss.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'net/mac80211/ibss.c') diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c index 6eaf69823439..ca8ecce31d34 100644 --- a/net/mac80211/ibss.c +++ b/net/mac80211/ibss.c @@ -538,13 +538,12 @@ static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata) WLAN_CAPABILITY_PRIVACY, capability); + if (bss) { #ifdef CONFIG_MAC80211_IBSS_DEBUG - if (bss) printk(KERN_DEBUG " sta_find_ibss: selected %pM current " "%pM\n", bss->cbss.bssid, ifibss->bssid); #endif /* CONFIG_MAC80211_IBSS_DEBUG */ - if (bss && !memcmp(ifibss->bssid, bss->cbss.bssid, ETH_ALEN)) { printk(KERN_DEBUG "%s: Selected IBSS BSSID %pM" " based on configured SSID\n", sdata->dev->name, bss->cbss.bssid); @@ -552,8 +551,7 @@ static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata) ieee80211_sta_join_ibss(sdata, bss); ieee80211_rx_bss_put(local, bss); return; - } else if (bss) - ieee80211_rx_bss_put(local, bss); + } #ifdef CONFIG_MAC80211_IBSS_DEBUG printk(KERN_DEBUG " did not try to join ibss\n"); -- cgit v1.2.2 From f446d10f214091408b7300f15c9adf60569edf28 Mon Sep 17 00:00:00 2001 From: Johannes Berg Date: Wed, 28 Oct 2009 15:12:32 +0100 Subject: mac80211: fix BSS leak The IBSS code leaks a BSS struct after telling cfg80211 about a given BSS by passing a frame. Signed-off-by: Johannes Berg Signed-off-by: John W. Linville --- net/mac80211/ibss.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'net/mac80211/ibss.c') diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c index ca8ecce31d34..f1362f32c17d 100644 --- a/net/mac80211/ibss.c +++ b/net/mac80211/ibss.c @@ -73,6 +73,7 @@ static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata, struct ieee80211_mgmt *mgmt; u8 *pos; struct ieee80211_supported_band *sband; + struct cfg80211_bss *bss; u32 bss_change; u8 supp_rates[IEEE80211_MAX_SUPP_RATES]; @@ -177,8 +178,9 @@ static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata, mod_timer(&ifibss->timer, round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL)); - cfg80211_inform_bss_frame(local->hw.wiphy, local->hw.conf.channel, - mgmt, skb->len, 0, GFP_KERNEL); + bss = cfg80211_inform_bss_frame(local->hw.wiphy, local->hw.conf.channel, + mgmt, skb->len, 0, GFP_KERNEL); + cfg80211_put_bss(bss); cfg80211_ibss_joined(sdata->dev, ifibss->bssid, GFP_KERNEL); } -- cgit v1.2.2