From 5e4708bcb5d5360730e31b14e5e36429fc7d48b2 Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Sun, 11 Oct 2009 05:21:10 +0200 Subject: mac80211: fix logic error ibss merge bssid check Signed-off-by: Felix Fietkau Acked-by: Johannes Berg Signed-off-by: John W. Linville --- net/mac80211/ibss.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'net') diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c index 920ec8792f4b..812cbaba324f 100644 --- a/net/mac80211/ibss.c +++ b/net/mac80211/ibss.c @@ -544,7 +544,7 @@ static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata) "%pM\n", bss->cbss.bssid, ifibss->bssid); #endif /* CONFIG_MAC80211_IBSS_DEBUG */ - if (bss && memcmp(ifibss->bssid, bss->cbss.bssid, ETH_ALEN)) { + if (bss && !memcmp(ifibss->bssid, bss->cbss.bssid, ETH_ALEN)) { printk(KERN_DEBUG "%s: Selected IBSS BSSID %pM" " based on configured SSID\n", sdata->dev->name, bss->cbss.bssid); -- cgit v1.2.3 From 51f98f1313d2fc4b1d3a3e1f4db7cf4925b29df6 Mon Sep 17 00:00:00 2001 From: Johannes Berg Date: Sun, 11 Oct 2009 11:47:57 +0200 Subject: mac80211: fix ibss race When a scan completes, we call ieee80211_sta_find_ibss(), which is also called from other places. When the scan was done in software, there's no problem as both run from the single-threaded mac80211 workqueue and are thus serialised against each other, but with hardware scan the completion can be in a different context and race against callers of this function from the workqueue (e.g. due to beacon RX). So instead of calling ieee80211_sta_find_ibss() directly, just arm the timer and have it fire, scheduling the work, which will invoke ieee80211_sta_find_ibss() (if that is appropriate in the current state). Signed-off-by: Johannes Berg Signed-off-by: John W. Linville --- net/mac80211/ibss.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'net') diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c index 812cbaba324f..6eaf69823439 100644 --- a/net/mac80211/ibss.c +++ b/net/mac80211/ibss.c @@ -829,7 +829,7 @@ void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local) if (!sdata->u.ibss.ssid_len) continue; sdata->u.ibss.last_scan_completed = jiffies; - ieee80211_sta_find_ibss(sdata); + mod_timer(&sdata->u.ibss.timer, 0); } mutex_unlock(&local->iflist_mtx); } -- cgit v1.2.3 From d20ef63d32461332958661df73e21c0ca42601b0 Mon Sep 17 00:00:00 2001 From: Johannes Berg Date: Sun, 11 Oct 2009 15:10:40 +0200 Subject: mac80211: document ieee80211_rx() context requirement ieee80211_rx() must be called with softirqs disabled since the networking stack requires this for netif_rx() and some code in mac80211 can assume that it can not be processing its own tasklet and this call at the same time. It may be possible to remove this requirement after a careful audit of mac80211 and doing any needed locking improvements in it along with disabling softirqs around netif_rx(). An alternative might be to push all packet processing to process context in mac80211, instead of to the tasklet, and add other synchronisation. Signed-off-by: Johannes Berg Signed-off-by: John W. Linville --- include/net/mac80211.h | 2 ++ net/mac80211/rx.c | 2 ++ 2 files changed, 4 insertions(+) (limited to 'net') diff --git a/include/net/mac80211.h b/include/net/mac80211.h index 466859b285e1..c75b960c8ac8 100644 --- a/include/net/mac80211.h +++ b/include/net/mac80211.h @@ -1669,6 +1669,8 @@ void ieee80211_restart_hw(struct ieee80211_hw *hw); * to this function and ieee80211_rx_irqsafe() may not be mixed for a * single hardware. * + * Note that right now, this function must be called with softirqs disabled. + * * @hw: the hardware this frame came in on * @skb: the buffer to receive, owned by mac80211 after this call */ diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c index 865fbc09be1a..7170bf4565a8 100644 --- a/net/mac80211/rx.c +++ b/net/mac80211/rx.c @@ -2453,6 +2453,8 @@ void ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb) struct ieee80211_supported_band *sband; struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb); + WARN_ON_ONCE(softirq_count() == 0); + if (WARN_ON(status->band < 0 || status->band >= IEEE80211_NUM_BANDS)) goto drop; -- cgit v1.2.3