* [PATCH] mac80211: Remove race condition in sending null frame to check AP status
@ 2012-05-14 8:25 Soumik DAS
2012-05-14 14:32 ` Johannes Berg
0 siblings, 1 reply; 5+ messages in thread
From: Soumik DAS @ 2012-05-14 8:25 UTC (permalink / raw)
To: John Linville (linville@tuxdriver.com)
Cc: linux-wireless (linux-wireless@vger.kernel.org),
Johannes Berg (johannes@sipsolutions.net),
Kalle Valo (kvalo@adurom.com)
mac80211 tries to verify the existence of the current AP by probing or sending a NULL frame in function ieee80211_mgd_probe_ap_send. It 1st sends a null frame to the AP, increments probe_send_count and
waits for the ACK to the NULL frame for a finite duration of time. At times, it happens that by the time
mac80211 gets to increment probe_send_count, the ACK for the NULL frame transmitted has already
been processed. This leads to a race condition where mac80211 times out waiting for the ACK for the NULL
frame causing unnecessary disconnection with the AP.
Signed-off-by: Soumik Das <soumik.das@stericsson.com>
---
net/mac80211/mlme.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c index dbd4bd9..a1213e4 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -1522,6 +1522,7 @@ static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata)
* anymore. The timeout will be reset if the frame is ACKed by
* the AP.
*/
+ ifmgd->probe_send_count++;
if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) {
ifmgd->nullfunc_failed = false;
ieee80211_send_nullfunc(sdata->local, sdata, 0); @@ -1538,7 +1539,6 @@ static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata)
0, (u32) -1, true, false);
}
- ifmgd->probe_send_count++;
ifmgd->probe_timeout = jiffies + msecs_to_jiffies(probe_wait_ms);
run_again(ifmgd, ifmgd->probe_timeout);
if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)
--
1.7.5.4
^ permalink raw reply [flat|nested] 5+ messages in thread* Re: [PATCH] mac80211: Remove race condition in sending null frame to check AP status
2012-05-14 8:25 [PATCH] mac80211: Remove race condition in sending null frame to check AP status Soumik DAS
@ 2012-05-14 14:32 ` Johannes Berg
0 siblings, 0 replies; 5+ messages in thread
From: Johannes Berg @ 2012-05-14 14:32 UTC (permalink / raw)
To: Soumik DAS
Cc: John Linville (linville@tuxdriver.com),
linux-wireless (linux-wireless@vger.kernel.org),
Kalle Valo (kvalo@adurom.com)
On Mon, 2012-05-14 at 10:25 +0200, Soumik DAS wrote:
> mac80211 tries to verify the existence of the current AP by probing or sending a NULL frame in function ieee80211_mgd_probe_ap_send. It 1st sends a null frame to the AP, increments probe_send_count and
> waits for the ACK to the NULL frame for a finite duration of time. At times, it happens that by the time
> mac80211 gets to increment probe_send_count, the ACK for the NULL frame transmitted has already
> been processed. This leads to a race condition where mac80211 times out waiting for the ACK for the NULL
> frame causing unnecessary disconnection with the AP.
Please break your commit log lines to ~65 characters
johannes
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH] mac80211: Remove race condition in sending null frame to check AP status
@ 2012-05-15 6:04 Soumik DAS
2012-05-15 14:00 ` John W. Linville
0 siblings, 1 reply; 5+ messages in thread
From: Soumik DAS @ 2012-05-15 6:04 UTC (permalink / raw)
To: John Linville (linville@tuxdriver.com)
Cc: linux-wireless (linux-wireless@vger.kernel.org),
Johannes Berg (johannes@sipsolutions.net),
Kalle Valo (kvalo@adurom.com)
mac80211 tries to verify the existence of the current AP by
probing or sending a NULL frame in function
ieee80211_mgd_probe_ap_send. It 1st sends a null frame to the AP,
increments probe_send_count and waits for the ACK to the NULL
frame for a finite duration of time. At times, it happens that
by the time mac80211 gets to increment probe_send_count, the ACK
for the NULL frame transmitted has already been processed. This
leads to a race condition where mac80211 times out waiting for
the ACK for the NULL frame causing unnecessary disconnection with
the AP.
Signed-off-by: Soumik Das <soumik.das@stericsson.com>
---
net/mac80211/mlme.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c index dbd4bd9..a1213e4 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -1522,6 +1522,7 @@ static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata)
* anymore. The timeout will be reset if the frame is ACKed by
* the AP.
*/
+ ifmgd->probe_send_count++;
if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) {
ifmgd->nullfunc_failed = false;
ieee80211_send_nullfunc(sdata->local, sdata, 0); @@ -1538,7 +1539,6 @@ static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata)
0, (u32) -1, true, false);
}
- ifmgd->probe_send_count++;
ifmgd->probe_timeout = jiffies + msecs_to_jiffies(probe_wait_ms);
run_again(ifmgd, ifmgd->probe_timeout);
if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)
--
1.7.5.4
^ permalink raw reply [flat|nested] 5+ messages in thread* Re: [PATCH] mac80211: Remove race condition in sending null frame to check AP status
2012-05-15 6:04 Soumik DAS
@ 2012-05-15 14:00 ` John W. Linville
2012-05-15 14:23 ` Arend van Spriel
0 siblings, 1 reply; 5+ messages in thread
From: John W. Linville @ 2012-05-15 14:00 UTC (permalink / raw)
To: Soumik DAS
Cc: linux-wireless (linux-wireless@vger.kernel.org),
Johannes Berg (johannes@sipsolutions.net),
Kalle Valo (kvalo@adurom.com)
On Tue, May 15, 2012 at 08:04:32AM +0200, Soumik DAS wrote:
> mac80211 tries to verify the existence of the current AP by
> probing or sending a NULL frame in function
> ieee80211_mgd_probe_ap_send. It 1st sends a null frame to the AP,
> increments probe_send_count and waits for the ACK to the NULL
> frame for a finite duration of time. At times, it happens that
> by the time mac80211 gets to increment probe_send_count, the ACK
> for the NULL frame transmitted has already been processed. This
> leads to a race condition where mac80211 times out waiting for
> the ACK for the NULL frame causing unnecessary disconnection with
> the AP.
>
> Signed-off-by: Soumik Das <soumik.das@stericsson.com>
> ---
> net/mac80211/mlme.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c index dbd4bd9..a1213e4 100644
> --- a/net/mac80211/mlme.c
> +++ b/net/mac80211/mlme.c
> @@ -1522,6 +1522,7 @@ static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata)
> * anymore. The timeout will be reset if the frame is ACKed by
> * the AP.
> */
> + ifmgd->probe_send_count++;
> if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) {
> ifmgd->nullfunc_failed = false;
> ieee80211_send_nullfunc(sdata->local, sdata, 0); @@ -1538,7 +1539,6 @@ static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata)
> 0, (u32) -1, true, false);
> }
>
> - ifmgd->probe_send_count++;
> ifmgd->probe_timeout = jiffies + msecs_to_jiffies(probe_wait_ms);
> run_again(ifmgd, ifmgd->probe_timeout);
> if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)
> --
> 1.7.5.4
>
Looks like whitespace damage...?
--
John W. Linville Someday the world will need a hero, and you
linville@tuxdriver.com might be all we have. Be ready.
^ permalink raw reply [flat|nested] 5+ messages in thread* Re: [PATCH] mac80211: Remove race condition in sending null frame to check AP status
2012-05-15 14:00 ` John W. Linville
@ 2012-05-15 14:23 ` Arend van Spriel
0 siblings, 0 replies; 5+ messages in thread
From: Arend van Spriel @ 2012-05-15 14:23 UTC (permalink / raw)
To: John W. Linville
Cc: Soumik DAS, linux-wireless (linux-wireless@vger.kernel.org),
Johannes Berg (johannes@sipsolutions.net),
Kalle Valo (kvalo@adurom.com)
On 05/15/2012 04:00 PM, John W. Linville wrote:
> On Tue, May 15, 2012 at 08:04:32AM +0200, Soumik DAS wrote:
>> mac80211 tries to verify the existence of the current AP by
>> probing or sending a NULL frame in function
>> ieee80211_mgd_probe_ap_send. It 1st sends a null frame to the AP,
>> increments probe_send_count and waits for the ACK to the NULL
>> frame for a finite duration of time. At times, it happens that
>> by the time mac80211 gets to increment probe_send_count, the ACK
>> for the NULL frame transmitted has already been processed. This
>> leads to a race condition where mac80211 times out waiting for
>> the ACK for the NULL frame causing unnecessary disconnection with
>> the AP.
>>
>> Signed-off-by: Soumik Das <soumik.das@stericsson.com>
>> ---
>> net/mac80211/mlme.c | 2 +-
>> 1 files changed, 1 insertions(+), 1 deletions(-)
>>
>> diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c index dbd4bd9..a1213e4 100644
>> --- a/net/mac80211/mlme.c
>> +++ b/net/mac80211/mlme.c
>> @@ -1522,6 +1522,7 @@ static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata)
>> * anymore. The timeout will be reset if the frame is ACKed by
>> * the AP.
>> */
>> + ifmgd->probe_send_count++;
>> if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) {
>> ifmgd->nullfunc_failed = false;
>> ieee80211_send_nullfunc(sdata->local, sdata, 0); @@ -1538,7 +1539,6 @@ static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata)
>> 0, (u32) -1, true, false);
>> }
>>
>> - ifmgd->probe_send_count++;
>> ifmgd->probe_timeout = jiffies + msecs_to_jiffies(probe_wait_ms);
>> run_again(ifmgd, ifmgd->probe_timeout);
>> if (sdata->local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)
>> --
>> 1.7.5.4
>>
>
> Looks like whitespace damage...?
>
Apparently, 4 spaces are used instead of real tabs.
Gr. AvS
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2012-05-15 14:23 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-05-14 8:25 [PATCH] mac80211: Remove race condition in sending null frame to check AP status Soumik DAS
2012-05-14 14:32 ` Johannes Berg
-- strict thread matches above, loose matches on Subject: below --
2012-05-15 6:04 Soumik DAS
2012-05-15 14:00 ` John W. Linville
2012-05-15 14:23 ` Arend van Spriel
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).