From 03e4497ebeaa8011eb0ab0a54496ed6413b9d1a4 Mon Sep 17 00:00:00 2001 From: Johannes Berg Date: Wed, 27 Feb 2008 09:56:40 +0100 Subject: mac80211: fix sta_info mesh timer bug I noticed a bug I introduced when mesh is enabled: sta_info_destroy() will end up calling cancel_timer() on a timer that has never been initialized because the timer is only initialized in mesh_plink_alloc(), not in sta_info_alloc(). This patch moves the initialization of all mesh related fields into sta_info_alloc(), adds a bit of sanity checking to the cfg80211 handlers and sta_info_insert() and makes mesh_plink_alloc() a static helper function that is only used from the mesh plink code. Signed-off-by: Johannes Berg Cc: Luis Carlos Cobo Signed-off-by: John W. Linville --- net/mac80211/mesh_plink.c | 31 +++++-------------------------- 1 file changed, 5 insertions(+), 26 deletions(-) (limited to 'net/mac80211/mesh_plink.c') diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c index 85cb75d53c4..7f02ae8abe9 100644 --- a/net/mac80211/mesh_plink.c +++ b/net/mac80211/mesh_plink.c @@ -88,40 +88,19 @@ static inline void mesh_plink_fsm_restart(struct sta_info *sta) sta->llid = sta->plid = sta->reason = sta->plink_retries = 0; } -/** - * mesh_plink_alloc - allocate a new mesh peer link - * - * @sdata: local mesh interface - * @hw_addr: hardware address (ETH_ALEN length) - * @rates: rates the mesh peer supports - * - * The initial state of the new plink is set to LISTEN - * - * Returns: NULL on error. - */ -struct sta_info *mesh_plink_alloc(struct ieee80211_sub_if_data *sdata, - u8 *hw_addr, u64 rates, gfp_t gfp) +static struct sta_info *mesh_plink_alloc(struct ieee80211_sub_if_data *sdata, + u8 *hw_addr, u64 rates) { struct ieee80211_local *local = sdata->local; struct sta_info *sta; - if (compare_ether_addr(hw_addr, sdata->dev->dev_addr) == 0) - /* never add ourselves as neighbours */ - return NULL; - - if (is_multicast_ether_addr(hw_addr)) - return NULL; - if (local->num_sta >= MESH_MAX_PLINKS) return NULL; - sta = sta_info_alloc(sdata, hw_addr, gfp); + sta = sta_info_alloc(sdata, hw_addr, GFP_ATOMIC); if (!sta) return NULL; - sta->plink_state = LISTEN; - spin_lock_init(&sta->plink_lock); - init_timer(&sta->plink_timer); sta->flags |= WLAN_STA_AUTHORIZED; sta->supp_rates[local->hw.conf.channel->band] = rates; @@ -249,7 +228,7 @@ void mesh_neighbour_update(u8 *hw_addr, u64 rates, struct net_device *dev, sta = sta_info_get(local, hw_addr); if (!sta) { - sta = mesh_plink_alloc(sdata, hw_addr, rates, GFP_ATOMIC); + sta = mesh_plink_alloc(sdata, hw_addr, rates); if (!sta) { rcu_read_unlock(); return; @@ -518,7 +497,7 @@ void mesh_rx_plink_frame(struct net_device *dev, struct ieee80211_mgmt *mgmt, } rates = ieee80211_sta_get_rates(local, &elems, rx_status->band); - sta = mesh_plink_alloc(sdata, mgmt->sa, rates, GFP_ATOMIC); + sta = mesh_plink_alloc(sdata, mgmt->sa, rates); if (!sta) { mpl_dbg("Mesh plink error: plink table full\n"); rcu_read_unlock(); -- cgit v1.2.3-18-g5258