mac80211: avoid crashing when no scan sdata

[pandora-kernel.git] / net / mac80211 / mlme.c

diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 209abb0..dc60804 100644 (file)
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -30,7 +30,7 @@
 #define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
 #define IEEE80211_ASSOC_MAX_TRIES 3
 #define IEEE80211_MONITORING_INTERVAL (2 * HZ)
-#define IEEE80211_PROBE_INTERVAL (60 * HZ)
+#define IEEE80211_PROBE_IDLE_TIME (60 * HZ)
 #define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
 
 /* utils */
@@ -610,6 +610,8 @@ static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
                bss_info_changed |= ieee80211_handle_bss_capability(sdata,
                        bss->cbss.capability, bss->has_erp_value, bss->erp_value);
 
+               cfg80211_hold_bss(&bss->cbss);
+
                ieee80211_rx_bss_put(local, bss);
        }
 
@@ -751,6 +753,8 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
 {
        struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
        struct ieee80211_local *local = sdata->local;
+       struct ieee80211_conf *conf = &local_to_hw(local)->conf;
+       struct ieee80211_bss *bss;
        struct sta_info *sta;
        u32 changed = 0, config_changed = 0;
 
@@ -774,6 +778,15 @@ static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
 
        ieee80211_sta_tear_down_BA_sessions(sta);
 
+       bss = ieee80211_rx_bss_get(local, ifmgd->bssid,
+                                  conf->channel->center_freq,
+                                  ifmgd->ssid, ifmgd->ssid_len);
+
+       if (bss) {
+               cfg80211_unhold_bss(&bss->cbss);
+               ieee80211_rx_bss_put(local, bss);
+       }
+
        if (self_disconnected) {
                if (deauth)
                        ieee80211_send_deauth_disassoc(sdata,
@@ -925,12 +938,43 @@ void ieee80211_sta_rx_notify(struct ieee80211_sub_if_data *sdata,
                          jiffies + IEEE80211_MONITORING_INTERVAL);
 }
 
+void ieee80211_beacon_loss_work(struct work_struct *work)
+{
+       struct ieee80211_sub_if_data *sdata =
+               container_of(work, struct ieee80211_sub_if_data,
+                            u.mgd.beacon_loss_work);
+       struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
+
+#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
+       if (net_ratelimit()) {
+               printk(KERN_DEBUG "%s: driver reports beacon loss from AP %pM "
+                      "- sending probe request\n", sdata->dev->name,
+                      sdata->u.mgd.bssid);
+       }
+#endif
+
+       ifmgd->flags |= IEEE80211_STA_PROBEREQ_POLL;
+       ieee80211_send_probe_req(sdata, ifmgd->bssid, ifmgd->ssid,
+                                ifmgd->ssid_len, NULL, 0);
+
+       mod_timer(&ifmgd->timer, jiffies + IEEE80211_MONITORING_INTERVAL);
+}
+
+void ieee80211_beacon_loss(struct ieee80211_vif *vif)
+{
+       struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
+
+       queue_work(sdata->local->hw.workqueue,
+                  &sdata->u.mgd.beacon_loss_work);
+}
+EXPORT_SYMBOL(ieee80211_beacon_loss);
+
 static void ieee80211_associated(struct ieee80211_sub_if_data *sdata)
 {
        struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
        struct ieee80211_local *local = sdata->local;
        struct sta_info *sta;
-       int disassoc;
+       bool disassoc = false;
 
        /* TODO: start monitoring current AP signal quality and number of
         * missed beacons. Scan other channels every now and then and search
@@ -945,36 +989,49 @@ static void ieee80211_associated(struct ieee80211_sub_if_data *sdata)
        if (!sta) {
                printk(KERN_DEBUG "%s: No STA entry for own AP %pM\n",
                       sdata->dev->name, ifmgd->bssid);
-               disassoc = 1;
-       } else {
-               disassoc = 0;
-               if (time_after(jiffies,
-                              sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
-                       if (ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL) {
-                               printk(KERN_DEBUG "%s: No ProbeResp from "
-                                      "current AP %pM - assume out of "
-                                      "range\n",
-                                      sdata->dev->name, ifmgd->bssid);
-                               disassoc = 1;
-                       } else
-                               ieee80211_send_probe_req(sdata, ifmgd->bssid,
-                                                        ifmgd->ssid,
-                                                        ifmgd->ssid_len,
-                                                        NULL, 0);
-                       ifmgd->flags ^= IEEE80211_STA_PROBEREQ_POLL;
-               } else {
-                       ifmgd->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
-                       if (time_after(jiffies, ifmgd->last_probe +
-                                      IEEE80211_PROBE_INTERVAL)) {
-                               ifmgd->last_probe = jiffies;
-                               ieee80211_send_probe_req(sdata, ifmgd->bssid,
-                                                        ifmgd->ssid,
-                                                        ifmgd->ssid_len,
-                                                        NULL, 0);
-                       }
+               disassoc = true;
+               goto unlock;
+       }
+
+       if ((ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL) &&
+           time_after(jiffies, sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
+               printk(KERN_DEBUG "%s: no probe response from AP %pM "
+                      "- disassociating\n",
+                      sdata->dev->name, ifmgd->bssid);
+               disassoc = true;
+               ifmgd->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
+               goto unlock;
+       }
+
+       /*
+        * Beacon filtering is only enabled with power save and then the
+        * stack should not check for beacon loss.
+        */
+       if (!((local->hw.flags & IEEE80211_HW_BEACON_FILTER) &&
+             (local->hw.conf.flags & IEEE80211_CONF_PS)) &&
+           time_after(jiffies,
+                      ifmgd->last_beacon + IEEE80211_MONITORING_INTERVAL)) {
+#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
+               if (net_ratelimit()) {
+                       printk(KERN_DEBUG "%s: beacon loss from AP %pM "
+                              "- sending probe request\n",
+                              sdata->dev->name, ifmgd->bssid);
                }
+#endif
+               ifmgd->flags |= IEEE80211_STA_PROBEREQ_POLL;
+               ieee80211_send_probe_req(sdata, ifmgd->bssid, ifmgd->ssid,
+                                        ifmgd->ssid_len, NULL, 0);
+               goto unlock;
+
        }
 
+       if (time_after(jiffies, sta->last_rx + IEEE80211_PROBE_IDLE_TIME)) {
+               ifmgd->flags |= IEEE80211_STA_PROBEREQ_POLL;
+               ieee80211_send_probe_req(sdata, ifmgd->bssid, ifmgd->ssid,
+                                        ifmgd->ssid_len, NULL, 0);
+       }
+
+ unlock:
        rcu_read_unlock();
 
        if (disassoc)
@@ -1374,6 +1431,12 @@ static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
        bss_conf->assoc_capability = capab_info;
        ieee80211_set_associated(sdata, changed);
 
+       /*
+        * initialise the time of last beacon to be the association time,
+        * otherwise beacon loss check will trigger immediately
+        */
+       ifmgd->last_beacon = jiffies;
+
        ieee80211_associated(sdata);
        cfg80211_send_rx_assoc(sdata->dev, (u8 *) mgmt, len);
 }
@@ -1422,9 +1485,12 @@ static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
                                         size_t len,
                                         struct ieee80211_rx_status *rx_status)
 {
+       struct ieee80211_if_managed *ifmgd;
        size_t baselen;
        struct ieee802_11_elems elems;
 
+       ifmgd = &sdata->u.mgd;
+
        if (memcmp(mgmt->da, sdata->dev->dev_addr, ETH_ALEN))
                return; /* ignore ProbeResp to foreign address */
 
@@ -1439,11 +1505,14 @@ static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
 
        /* direct probe may be part of the association flow */
        if (test_and_clear_bit(IEEE80211_STA_REQ_DIRECT_PROBE,
-           &sdata->u.mgd.request)) {
+                              &ifmgd->request)) {
                printk(KERN_DEBUG "%s direct probe responded\n",
                       sdata->dev->name);
                ieee80211_authenticate(sdata);
        }
+
+       if (ifmgd->flags & IEEE80211_STA_PROBEREQ_POLL)
+               ifmgd->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
 }
 
 static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
@@ -1854,6 +1923,7 @@ void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata)
        ifmgd = &sdata->u.mgd;
        INIT_WORK(&ifmgd->work, ieee80211_sta_work);
        INIT_WORK(&ifmgd->chswitch_work, ieee80211_chswitch_work);
+       INIT_WORK(&ifmgd->beacon_loss_work, ieee80211_beacon_loss_work);
        setup_timer(&ifmgd->timer, ieee80211_sta_timer,
                    (unsigned long) sdata);
        setup_timer(&ifmgd->chswitch_timer, ieee80211_chswitch_timer,
@@ -2043,12 +2113,13 @@ void ieee80211_dynamic_ps_enable_work(struct work_struct *work)
        struct ieee80211_local *local =
                container_of(work, struct ieee80211_local,
                             dynamic_ps_enable_work);
+       /* XXX: using scan_sdata is completely broken! */
        struct ieee80211_sub_if_data *sdata = local->scan_sdata;
 
        if (local->hw.conf.flags & IEEE80211_CONF_PS)
                return;
 
-       if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)
+       if (local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK && sdata)
                ieee80211_send_nullfunc(local, sdata, 1);
 
        local->hw.conf.flags |= IEEE80211_CONF_PS;