From: Juuso Oikarinen <[email protected]>
This patch adds to the fix "fix BSS double-unlinking"
(commit 3207390a8b58bfc1335750f91cf6783c48ca19ca) by Johannes Berg.
It turns out, that the double-unlinking scenario can also occur if expired
BSS elements are removed whilst an interface is performing association.
To work around that, replace list_del with list_del_init also in the
"cfg80211_bss_expire" function, so that the check for whether the BSS still is
in the list works correctly in cfg80211_bss_expire.
Signed-off-by: Juuso Oikarinen <[email protected]>
---
net/wireless/scan.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/net/wireless/scan.c b/net/wireless/scan.c
index ea427f4..2823615 100644
--- a/net/wireless/scan.c
+++ b/net/wireless/scan.c
@@ -134,7 +134,7 @@ void cfg80211_bss_expire(struct cfg80211_registered_device *dev)
continue;
if (!time_after(jiffies, bss->ts + IEEE80211_SCAN_RESULT_EXPIRE))
continue;
- list_del(&bss->list);
+ list_del_init(&bss->list);
rb_erase(&bss->rbn, &dev->bss_tree);
kref_put(&bss->ref, bss_release);
expired = true;
--
1.7.1
On Mon, 2011-03-28 at 12:57 +0200, ext Johannes Berg wrote:
> On Mon, 2011-03-28 at 10:11 +0300, [email protected] wrote:
> > From: Juuso Oikarinen <[email protected]>
> >
> > This patch adds to the fix "fix BSS double-unlinking"
> > (commit 3207390a8b58bfc1335750f91cf6783c48ca19ca) by Johannes Berg.
> >
> > It turns out, that the double-unlinking scenario can also occur if expired
> > BSS elements are removed whilst an interface is performing association.
>
> Ack,
>
> > To work around that, replace list_del with list_del_init also in the
> > "cfg80211_bss_expire" function, so that the check for whether the BSS still is
> > in the list works correctly in cfg80211_bss_expire.
>
> but I think you mean cfg80211_unlink_bss there at the end.
Yeah, right.
> Might be worthwhile to create a new static function that rolls up this
> code (list_del_init, rb_erase, kref_put) between the two functions?
Sure, can do.
-Juuso
On Mon, 2011-03-28 at 10:11 +0300, [email protected] wrote:
> From: Juuso Oikarinen <[email protected]>
>
> This patch adds to the fix "fix BSS double-unlinking"
> (commit 3207390a8b58bfc1335750f91cf6783c48ca19ca) by Johannes Berg.
>
> It turns out, that the double-unlinking scenario can also occur if expired
> BSS elements are removed whilst an interface is performing association.
Ack,
> To work around that, replace list_del with list_del_init also in the
> "cfg80211_bss_expire" function, so that the check for whether the BSS still is
> in the list works correctly in cfg80211_bss_expire.
but I think you mean cfg80211_unlink_bss there at the end.
Might be worthwhile to create a new static function that rolls up this
code (list_del_init, rb_erase, kref_put) between the two functions?
johannes