Commit 79ebfb85 authored by Johannes Berg's avatar Johannes Berg Committed by John W. Linville

mac80211: fix associated vs. idle race

Eliad reports that if a scan finishes in the
middle of processing associated (however it
happens), the interface can go idle. This is
because we set assoc_data to NULL before we
set associated. Change the order so any idle
check will find either one of them.

Doing this requires duplicating the TX sync
processing, but I already have a patch to
delete that completely and will submit that
as soon as my driver changes to no longer
require it are submitted.
Reported-by: default avatarEliad Peller <eliad@wizery.com>
Tested-by: default avatarEliad Peller <eliad@wizery.com>
Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
parent d26ad377
......@@ -2238,14 +2238,28 @@ ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
} else {
printk(KERN_DEBUG "%s: associated\n", sdata->name);
ieee80211_destroy_assoc_data(sdata, true);
/* tell driver about sync done first */
if (assoc_data->synced) {
drv_finish_tx_sync(sdata->local, sdata,
assoc_data->bss->bssid,
IEEE80211_TX_SYNC_ASSOC);
assoc_data->synced = false;
}
if (!ieee80211_assoc_success(sdata, *bss, mgmt, len)) {
/* oops -- internal error -- send timeout for now */
ieee80211_destroy_assoc_data(sdata, true);
sta_info_destroy_addr(sdata, mgmt->bssid);
cfg80211_put_bss(*bss);
return RX_MGMT_CFG80211_ASSOC_TIMEOUT;
}
/*
* destroy assoc_data afterwards, as otherwise an idle
* recalc after assoc_data is NULL but before associated
* is set can cause the interface to go idle
*/
ieee80211_destroy_assoc_data(sdata, true);
}
return RX_MGMT_CFG80211_RX_ASSOC;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment