diff options
author | Johannes Berg <johannes.berg@intel.com> | 2014-01-27 15:40:53 +0100 |
---|---|---|
committer | Emmanuel Grumbach <emmanuel.grumbach@intel.com> | 2014-02-03 21:43:50 +0100 |
commit | a6623e84c4242942a988a810d1f5e6e7e2a36858 (patch) | |
tree | 602f5d93ffd2757f83b113f8e43d6edfd133284b /drivers | |
parent | iwlwifi: fix potential buffer overrun in fw name (diff) | |
download | linux-a6623e84c4242942a988a810d1f5e6e7e2a36858.tar.xz linux-a6623e84c4242942a988a810d1f5e6e7e2a36858.zip |
iwlwifi: mvm: abort scheduled scan on scan request
Some older versions of wpa_supplicant don't necessarily stop
scheduled scan before starting a regular scan, and there's
nothing in the API that requires it either. As a consequence
our driver's behaviour of not allowing scan while scheduled
scan was in progress broke userspace.
However, it is valid to unilaterally stop scheduled scan at
any point in time, so when a regular scan request comes just
abort the scheduled scan and run the regular scan.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Reviewed-by: Alexander Bondar <alexander.bondar@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Diffstat (limited to 'drivers')
-rw-r--r-- | drivers/net/wireless/iwlwifi/mvm/mac80211.c | 25 | ||||
-rw-r--r-- | drivers/net/wireless/iwlwifi/mvm/ops.c | 2 | ||||
-rw-r--r-- | drivers/net/wireless/iwlwifi/mvm/scan.c | 7 |
3 files changed, 31 insertions, 3 deletions
diff --git a/drivers/net/wireless/iwlwifi/mvm/mac80211.c b/drivers/net/wireless/iwlwifi/mvm/mac80211.c index 59b5b7a80d12..9d9a2d061cbb 100644 --- a/drivers/net/wireless/iwlwifi/mvm/mac80211.c +++ b/drivers/net/wireless/iwlwifi/mvm/mac80211.c @@ -1449,6 +1449,8 @@ static int iwl_mvm_mac_hw_scan(struct ieee80211_hw *hw, struct cfg80211_scan_request *req) { struct iwl_mvm *mvm = IWL_MAC80211_GET_MVM(hw); + struct iwl_notification_wait wait_scan_done; + static const u8 scan_done_notif[] = { SCAN_OFFLOAD_COMPLETE, }; int ret; if (req->n_channels == 0 || req->n_channels > MAX_NUM_SCAN_CHANNELS) @@ -1456,7 +1458,28 @@ static int iwl_mvm_mac_hw_scan(struct ieee80211_hw *hw, mutex_lock(&mvm->mutex); - if (mvm->scan_status != IWL_MVM_SCAN_NONE) { + switch (mvm->scan_status) { + case IWL_MVM_SCAN_SCHED: + iwl_init_notification_wait(&mvm->notif_wait, &wait_scan_done, + scan_done_notif, + ARRAY_SIZE(scan_done_notif), + NULL, NULL); + iwl_mvm_sched_scan_stop(mvm); + ret = iwl_wait_notification(&mvm->notif_wait, + &wait_scan_done, HZ); + if (ret) { + ret = -EBUSY; + goto out; + } + /* iwl_mvm_rx_scan_offload_complete_notif() will be called + * soon but will not reset the scan status as it won't be + * IWL_MVM_SCAN_SCHED any more since we queue the next scan + * immediately (below) + */ + break; + case IWL_MVM_SCAN_NONE: + break; + default: ret = -EBUSY; goto out; } diff --git a/drivers/net/wireless/iwlwifi/mvm/ops.c b/drivers/net/wireless/iwlwifi/mvm/ops.c index 4b7fa7a55c1c..e268c15e5fea 100644 --- a/drivers/net/wireless/iwlwifi/mvm/ops.c +++ b/drivers/net/wireless/iwlwifi/mvm/ops.c @@ -228,7 +228,7 @@ static const struct iwl_rx_handlers iwl_mvm_rx_handlers[] = { RX_HANDLER(SCAN_REQUEST_CMD, iwl_mvm_rx_scan_response, false), RX_HANDLER(SCAN_COMPLETE_NOTIFICATION, iwl_mvm_rx_scan_complete, false), RX_HANDLER(SCAN_OFFLOAD_COMPLETE, - iwl_mvm_rx_scan_offload_complete_notif, false), + iwl_mvm_rx_scan_offload_complete_notif, true), RX_HANDLER(MATCH_FOUND_NOTIFICATION, iwl_mvm_rx_sched_scan_results, false), diff --git a/drivers/net/wireless/iwlwifi/mvm/scan.c b/drivers/net/wireless/iwlwifi/mvm/scan.c index 8477902a9183..a827a13f9873 100644 --- a/drivers/net/wireless/iwlwifi/mvm/scan.c +++ b/drivers/net/wireless/iwlwifi/mvm/scan.c @@ -511,11 +511,16 @@ int iwl_mvm_rx_scan_offload_complete_notif(struct iwl_mvm *mvm, struct iwl_rx_packet *pkt = rxb_addr(rxb); struct iwl_scan_offload_complete *scan_notif = (void *)pkt->data; + /* scan status must be locked for proper checking */ + lockdep_assert_held(&mvm->mutex); + IWL_DEBUG_SCAN(mvm, "Scheduled scan completed, status %s\n", scan_notif->status == IWL_SCAN_OFFLOAD_COMPLETED ? "completed" : "aborted"); - mvm->scan_status = IWL_MVM_SCAN_NONE; + /* might already be something else again, don't reset if so */ + if (mvm->scan_status == IWL_MVM_SCAN_SCHED) + mvm->scan_status = IWL_MVM_SCAN_NONE; ieee80211_sched_scan_stopped(mvm->hw); return 0; |