diff options
author | Johannes Berg <johannes.berg@intel.com> | 2013-06-19 13:21:15 +0200 |
---|---|---|
committer | Johannes Berg <johannes.berg@intel.com> | 2013-06-19 18:55:39 +0200 |
commit | f1940c5730f0f0555e42afbcf629be7f7fbbce8e (patch) | |
tree | 0e85c3b6f57bbb8e9f2640c28d0e98e0bdf55765 | |
parent | 959867fa55d0cb55fb3d08656e5e62607167617f (diff) | |
download | op-kernel-dev-f1940c5730f0f0555e42afbcf629be7f7fbbce8e.zip op-kernel-dev-f1940c5730f0f0555e42afbcf629be7f7fbbce8e.tar.gz |
cfg80211: hold BSS over association process
This fixes the potential issue that the BSS struct that we use
and later assign to wdev->current_bss is removed from the scan
list while associating.
Also warn when we don't have a BSS struct in connect_result
unless it's from a driver that only has the connect() API.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
-rw-r--r-- | net/wireless/mlme.c | 4 | ||||
-rw-r--r-- | net/wireless/sme.c | 15 |
2 files changed, 14 insertions, 5 deletions
diff --git a/net/wireless/mlme.c b/net/wireless/mlme.c index dd6f79d..bfac5e1 100644 --- a/net/wireless/mlme.c +++ b/net/wireless/mlme.c @@ -38,6 +38,7 @@ void cfg80211_rx_assoc_resp(struct net_device *dev, struct cfg80211_bss *bss, * frame instead of reassoc. */ if (cfg80211_sme_rx_assoc_resp(wdev, status_code)) { + cfg80211_unhold_bss(bss_from_pub(bss)); cfg80211_put_bss(wiphy, bss); return; } @@ -142,6 +143,7 @@ void cfg80211_assoc_timeout(struct net_device *dev, struct cfg80211_bss *bss) nl80211_send_assoc_timeout(rdev, dev, bss->bssid, GFP_KERNEL); cfg80211_sme_assoc_timeout(wdev); + cfg80211_unhold_bss(bss_from_pub(bss)); cfg80211_put_bss(wiphy, bss); } EXPORT_SYMBOL(cfg80211_assoc_timeout); @@ -309,6 +311,8 @@ int cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev, goto out; err = rdev_assoc(rdev, dev, req); + if (!err) + cfg80211_hold_bss(bss_from_pub(req->bss)); out: if (err) diff --git a/net/wireless/sme.c b/net/wireless/sme.c index ae7e2cb..c0bf781 100644 --- a/net/wireless/sme.c +++ b/net/wireless/sme.c @@ -615,19 +615,24 @@ void __cfg80211_connect_result(struct net_device *dev, const u8 *bssid, kfree(wdev->connect_keys); wdev->connect_keys = NULL; wdev->ssid_len = 0; - cfg80211_put_bss(wdev->wiphy, bss); + if (bss) { + cfg80211_unhold_bss(bss_from_pub(bss)); + cfg80211_put_bss(wdev->wiphy, bss); + } return; } - if (!bss) + if (!bss) { + WARN_ON_ONCE(!wiphy_to_dev(wdev->wiphy)->ops->connect); bss = cfg80211_get_bss(wdev->wiphy, NULL, bssid, wdev->ssid, wdev->ssid_len, WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS); - if (WARN_ON(!bss)) - return; + if (WARN_ON(!bss)) + return; + cfg80211_hold_bss(bss_from_pub(bss)); + } - cfg80211_hold_bss(bss_from_pub(bss)); wdev->current_bss = bss_from_pub(bss); cfg80211_upload_connect_keys(wdev); |