1. 15 9月, 2011 1 次提交
  2. 26 8月, 2011 2 次提交
    • G
      mac80211: fix race condition between assoc_done and first EAP packet · 2a33bee2
      Guy Eilam 提交于
      When associating to an AP, the station might miss the first EAP
      packet that the AP sends due to a race condition between the association
      success procedure and the rx flow in mac80211.
      In such cases, the packet might fall in ieee80211_rx_h_check due to
      the fact that the relevant rx->sta wasn't allocated yet.
      Allocation of the relevant station info struct before actually
      sending the association request and setting it with a new
      dummy_sta flag solve this problem.
      The station will accept only EAP packets from the AP while it
      is in the pre-association/dummy state.
      This dummy station entry is not seen by normal sta_info_get()
      calls, only by sta_info_get_bss_rx().
      The driver is not notified for the first insertion of the
      dummy station. The driver is notified only after the association
      is complete and the dummy flag is removed from the station entry.
      That way, all the rest of the code flow should be untouched by
      this change.
      Signed-off-by: NGuy Eilam <guy@wizery.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      2a33bee2
    • G
      mac80211: refactor sta_info_insert_rcu to 3 main stages · 8c71df7a
      Guy Eilam 提交于
      Divided the sta_info_insert_rcu function to 3 mini-functions:
      sta_info_insert_check - the initial checks done when inserting
      a new station
      sta_info_insert_ibss - the function that handles the station
      addition for IBSS interfaces
      sta_info_insert_non_ibss - the function that handles the station
      addition in other cases
      
      The outer API was not changed.
      The refactoring was done for better usage of the different
      stages in the station addition in new scenarios added
      in the next commit.
      Signed-off-by: NGuy Eilam <guy@wizery.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      8c71df7a
  3. 12 8月, 2011 1 次提交
  4. 09 7月, 2011 1 次提交
  5. 17 5月, 2011 2 次提交
  6. 13 5月, 2011 1 次提交
  7. 27 4月, 2011 1 次提交
    • R
      mac80211: Fix warnings due to -Wunused-but-set-variable · 0915cba3
      Rajkumar Manoharan 提交于
      These warnings are exposed by gcc 4.6.
      net/mac80211/sta_info.c: In function 'sta_info_cleanup_expire_buffered':
      net/mac80211/sta_info.c:590:32: warning: variable 'sdata' set but not used
      net/mac80211/ibss.c: In function 'ieee80211_rx_mgmt_auth_ibss':
      net/mac80211/ibss.c:43:34: warning: variable 'status_code' set but not used
      net/mac80211/work.c: In function 'ieee80211_send_assoc':
      net/mac80211/work.c:203:9: warning: variable 'len' set but not used
      net/mac80211/tx.c: In function '__ieee80211_parse_tx_radiotap':
      net/mac80211/tx.c:1039:35: warning: variable 'sband' set but not used
      net/mac80211/mesh.c: In function 'ieee80211_mesh_rx_queued_mgmt':
      net/mac80211/mesh.c:616:28: warning: variable 'ifmsh' set but not used
       ...
      Signed-off-by: NRajkumar Manoharan <rmanoharan@atheros.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      0915cba3
  8. 20 4月, 2011 1 次提交
  9. 13 4月, 2011 1 次提交
  10. 05 4月, 2011 1 次提交
  11. 31 3月, 2011 2 次提交
  12. 22 3月, 2011 1 次提交
  13. 04 2月, 2011 1 次提交
  14. 08 12月, 2010 1 次提交
  15. 25 11月, 2010 1 次提交
  16. 19 11月, 2010 1 次提交
  17. 18 11月, 2010 1 次提交
    • J
      mac80211: fix powersaving clients races · 50a9432d
      Johannes Berg 提交于
      The code to handle powersaving stations has a race:
      when the powersave flag is lifted from a station,
      we could transmit a packet that is being processed
      for TX at the same time right away, even if there
      are other frames queued for it. This would cause
      frame reordering. To fix this, lift the flag only
      under the appropriate lock that blocks TX.
      
      Additionally, the code to allow drivers to block a
      station while frames for it are on the HW queue is
      never re-enabled the station, so traffic would get
      stuck indefinitely. Fix this by clearing the flag
      for this appropriately.
      
      Finally, as an optimisation, don't do anything if
      the driver unblocks an already unblocked station.
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      50a9432d
  18. 07 10月, 2010 2 次提交
  19. 28 9月, 2010 1 次提交
  20. 17 9月, 2010 1 次提交
  21. 15 9月, 2010 1 次提交
  22. 26 8月, 2010 1 次提交
  23. 28 7月, 2010 1 次提交
    • J
      mac80211: Fix key freeing to handle unlinked keys · 32162a4d
      Jouni Malinen 提交于
      Key locking simplification removed key->sdata != NULL verification from
      ieee80211_key_free(). While that is fine for most use cases, there is one
      path where this function can be called with an unlinked key (i.e.,
      key->sdata == NULL && key->local == NULL). This results in a NULL pointer
      dereference with the current implementation. This is known to happen at
      least with FT protocol when wpa_supplicant tries to configure the key
      before association.
      
      Avoid the issue by passing in the local pointer to
      ieee80211_key_free(). In addition, do not clear the key from hw_accel
      or debugfs if it has not yet been added. At least the hw_accel one could
      trigger another NULL pointer dereference.
      Signed-off-by: NJouni Malinen <j@w1.fi>
      Reviewed-by: NJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      32162a4d
  24. 15 6月, 2010 4 次提交
  25. 04 6月, 2010 1 次提交
  26. 25 5月, 2010 1 次提交
  27. 04 5月, 2010 1 次提交
  28. 20 4月, 2010 1 次提交
  29. 09 4月, 2010 1 次提交
  30. 08 4月, 2010 2 次提交
    • J
      mac80211: clean up/fix aggregation code · 098a6070
      Johannes Berg 提交于
      The aggregation code has a number of quirks, like
      inventing an unneeded WLAN_BACK_TIMER value and
      leaking memory under certain circumstances during
      station destruction. Fix these issues by using
      the regular aggregation session teardown code and
      blocking new aggregation sessions, all before the
      station is really destructed.
      
      As a side effect, this gets rid of the long code
      block to destroy aggregation safely.
      
      Additionally, rename tid_state_rx which can only
      have the values IDLE and OPERATIONAL to
      tid_active_rx to make it easier to understand
      that there is no bitwise stuff going on on the
      RX side -- the TX side remains because it needs
      to keep track of the driver and peer states.
      Signed-off-by: NJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      098a6070
    • J
      mac80211: fix station destruction problem · e64b3795
      Johannes Berg 提交于
      When a station w/o a key is destroyed, or when
      a driver submits work for a station and thereby
      references it again, it seems like potentially
      we could reference the station structure while
      it is being destroyed.
      
      Wait for an RCU grace period to elapse before
      finishing destroying the station after we have
      removed the station from the driver and from
      the hash table etc., even in the case where no
      key is associated with the station.
      
      Also, there's no point in deleting the plink
      timer here since it'll be properly deleted just
      a bit later.
      Signed-off-by: NJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      e64b3795
  31. 07 4月, 2010 1 次提交
  32. 11 3月, 2010 1 次提交