diff options
| author | Stanislaw Gruszka <sgruszka@redhat.com> | 2012-10-15 14:52:41 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2012-10-31 10:10:31 -0700 |
| commit | 116f83b82e7272fec7f9f0f71376bdc67b159ae2 (patch) | |
| tree | 688ca3c31e4e4d314fe4af4adb3dbc3ffc0a14a6 | |
| parent | 7c34784313937286fe71089203d62d6b3e534c93 (diff) | |
| download | lwn-116f83b82e7272fec7f9f0f71376bdc67b159ae2.tar.gz lwn-116f83b82e7272fec7f9f0f71376bdc67b159ae2.zip | |
cfg80211/mac80211: avoid state mishmash on deauth
commit 6863255bd0e48bc41ae5a066d5c771801e92735a upstream.
Avoid situation when we are on associate state in mac80211 and
on disassociate state in cfg80211. This can results on crash
during modules unload (like showed on this thread:
http://marc.info/?t=134373976300001&r=1&w=2) and possibly other
problems.
Reported-by: Pedro Francisco <pedrogfrancisco@gmail.com>
Cc: stable@vger.kernel.org
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
| -rw-r--r-- | include/net/cfg80211.h | 1 | ||||
| -rw-r--r-- | net/mac80211/mlme.c | 5 | ||||
| -rw-r--r-- | net/wireless/mlme.c | 12 |
3 files changed, 7 insertions, 11 deletions
diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h index 3d254e10ff30..f10553c938a6 100644 --- a/include/net/cfg80211.h +++ b/include/net/cfg80211.h @@ -1217,6 +1217,7 @@ struct cfg80211_deauth_request { const u8 *ie; size_t ie_len; u16 reason_code; + bool local_state_change; }; /** diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c index 9f5f9a436549..b71d46641830 100644 --- a/net/mac80211/mlme.c +++ b/net/mac80211/mlme.c @@ -3467,6 +3467,7 @@ int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata, { struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; u8 frame_buf[DEAUTH_DISASSOC_LEN]; + bool tx = !req->local_state_change; mutex_lock(&ifmgd->mtx); @@ -3483,11 +3484,11 @@ int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata, if (ifmgd->associated && ether_addr_equal(ifmgd->associated->bssid, req->bssid)) ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DEAUTH, - req->reason_code, true, frame_buf); + req->reason_code, tx, frame_buf); else ieee80211_send_deauth_disassoc(sdata, req->bssid, IEEE80211_STYPE_DEAUTH, - req->reason_code, true, + req->reason_code, tx, frame_buf); mutex_unlock(&ifmgd->mtx); diff --git a/net/wireless/mlme.c b/net/wireless/mlme.c index 1cdb1d5e6b0f..9ea174f9868f 100644 --- a/net/wireless/mlme.c +++ b/net/wireless/mlme.c @@ -457,20 +457,14 @@ int __cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev, .reason_code = reason, .ie = ie, .ie_len = ie_len, + .local_state_change = local_state_change, }; ASSERT_WDEV_LOCK(wdev); - if (local_state_change) { - if (wdev->current_bss && - ether_addr_equal(wdev->current_bss->pub.bssid, bssid)) { - cfg80211_unhold_bss(wdev->current_bss); - cfg80211_put_bss(&wdev->current_bss->pub); - wdev->current_bss = NULL; - } - + if (local_state_change && (!wdev->current_bss || + !ether_addr_equal(wdev->current_bss->pub.bssid, bssid))) return 0; - } return rdev->ops->deauth(&rdev->wiphy, dev, &req); } |