Commit 88a9e31c authored by Eliad Peller's avatar Eliad Peller Committed by Johannes Berg

mac80211: clear ifmgd->bssid only after building DELBA

ieee80211_set_disassoc() clears ifmgd->bssid before
building DELBA frames, resulting in frames with invalid
bssid ("00:00:00:00:00:00").

Fix it by clearing ifmgd->bssid only after building
all the needed frames.

After this change, we no longer need to save the
bssid (before clearing it), so remove the local array.
Reported-by: default avatarIdo Yariv <ido@wizery.com>
Cc: stable@vger.kernel.org
Signed-off-by: default avatarEliad Peller <eliad@wizery.com>
Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
parent 79543d8e
...@@ -1342,7 +1342,6 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata, ...@@ -1342,7 +1342,6 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
struct ieee80211_local *local = sdata->local; struct ieee80211_local *local = sdata->local;
struct sta_info *sta; struct sta_info *sta;
u32 changed = 0; u32 changed = 0;
u8 bssid[ETH_ALEN];
ASSERT_MGD_MTX(ifmgd); ASSERT_MGD_MTX(ifmgd);
...@@ -1354,10 +1353,7 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata, ...@@ -1354,10 +1353,7 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
ieee80211_stop_poll(sdata); ieee80211_stop_poll(sdata);
memcpy(bssid, ifmgd->associated->bssid, ETH_ALEN);
ifmgd->associated = NULL; ifmgd->associated = NULL;
memset(ifmgd->bssid, 0, ETH_ALEN);
/* /*
* we need to commit the associated = NULL change because the * we need to commit the associated = NULL change because the
...@@ -1377,7 +1373,7 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata, ...@@ -1377,7 +1373,7 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
netif_carrier_off(sdata->dev); netif_carrier_off(sdata->dev);
mutex_lock(&local->sta_mtx); mutex_lock(&local->sta_mtx);
sta = sta_info_get(sdata, bssid); sta = sta_info_get(sdata, ifmgd->bssid);
if (sta) { if (sta) {
set_sta_flag(sta, WLAN_STA_BLOCK_BA); set_sta_flag(sta, WLAN_STA_BLOCK_BA);
ieee80211_sta_tear_down_BA_sessions(sta, tx); ieee80211_sta_tear_down_BA_sessions(sta, tx);
...@@ -1386,13 +1382,16 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata, ...@@ -1386,13 +1382,16 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
/* deauthenticate/disassociate now */ /* deauthenticate/disassociate now */
if (tx || frame_buf) if (tx || frame_buf)
ieee80211_send_deauth_disassoc(sdata, bssid, stype, reason, ieee80211_send_deauth_disassoc(sdata, ifmgd->bssid, stype,
tx, frame_buf); reason, tx, frame_buf);
/* flush out frame */ /* flush out frame */
if (tx) if (tx)
drv_flush(local, false); drv_flush(local, false);
/* clear bssid only after building the needed mgmt frames */
memset(ifmgd->bssid, 0, ETH_ALEN);
/* remove AP and TDLS peers */ /* remove AP and TDLS peers */
sta_info_flush(local, sdata); sta_info_flush(local, sdata);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment