mac80211: fix IBSS teardown race
Ignacy reports that sometimes after leaving an IBSS joining a new one didn't work because there still were stations on the list. He fixed it by flushing stations when attempting to join a new IBSS, but this shouldn't be happening in the first case. When I looked into it I saw a race condition in teardown that could cause stations to be added after flush, and thus cause this situation. Ignacy confirms that after applying my patch he hasn't seen this happen again. Reported-by: Ignacy Gawedzki <i@lri.fr> Debugged-by: Ignacy Gawedzki <i@lri.fr> Tested-by: Ignacy Gawedzki <i@lri.fr> Cc: stable@kernel.org Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
This commit is contained in:
parent
43e4e0b949
commit
f3209bea11
|
@ -965,6 +965,10 @@ int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata)
|
|||
|
||||
mutex_lock(&sdata->u.ibss.mtx);
|
||||
|
||||
sdata->u.ibss.state = IEEE80211_IBSS_MLME_SEARCH;
|
||||
memset(sdata->u.ibss.bssid, 0, ETH_ALEN);
|
||||
sdata->u.ibss.ssid_len = 0;
|
||||
|
||||
active_ibss = ieee80211_sta_active_ibss(sdata);
|
||||
|
||||
if (!active_ibss && !is_zero_ether_addr(ifibss->bssid)) {
|
||||
|
@ -999,8 +1003,6 @@ int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata)
|
|||
kfree_skb(skb);
|
||||
|
||||
skb_queue_purge(&sdata->skb_queue);
|
||||
memset(sdata->u.ibss.bssid, 0, ETH_ALEN);
|
||||
sdata->u.ibss.ssid_len = 0;
|
||||
|
||||
del_timer_sync(&sdata->u.ibss.timer);
|
||||
|
||||
|
|
Loading…
Reference in New Issue