* @hw_scan: Ask the hardware to service the scan request, no need to start
* the scan state machine in stack. The scan must honour the channel
* configuration done by the regulatory agent in the wiphy's registered
- * bands.
+ * bands. When the scan finishes, ieee80211_scan_completed() must be
+ * called; note that it also must be called when the scan cannot finish
+ * because the hardware is turned off! Anything else is a bug!
*
* @get_stats: return low-level statistics
*
synchronize_rcu();
skb_queue_purge(&sdata->u.sta.skb_queue);
- if (local->scan_sdata == sdata) {
- if (!local->ops->hw_scan) {
- local->sta_sw_scanning = 0;
- cancel_delayed_work(&local->scan_work);
- } else
- local->sta_hw_scanning = 0;
- }
-
sdata->u.sta.flags &= ~IEEE80211_STA_PRIVACY_INVOKED;
kfree(sdata->u.sta.extra_ie);
sdata->u.sta.extra_ie = NULL;
}
/* fall through */
default:
+ if (local->scan_sdata == sdata) {
+ if (!local->ops->hw_scan)
+ cancel_delayed_work_sync(&local->scan_work);
+ /*
+ * The software scan can no longer run now, so we can
+ * clear out the scan_sdata reference. However, the
+ * hardware scan may still be running. The complete
+ * function must be prepared to handle a NULL value.
+ */
+ local->scan_sdata = NULL;
+ /*
+ * The memory barrier guarantees that another CPU
+ * that is hardware-scanning will now see the fact
+ * that this interface is gone.
+ */
+ smp_mb();
+ /*
+ * If software scanning, complete the scan but since
+ * the scan_sdata is NULL already don't send out a
+ * scan event to userspace -- the scan is incomplete.
+ */
+ if (local->sta_sw_scanning)
+ ieee80211_scan_completed(&local->hw);
+ }
+
conf.vif = &sdata->vif;
conf.type = sdata->vif.type;
conf.mac_addr = dev->dev_addr;
struct ieee80211_sub_if_data *sdata = local->scan_sdata;
struct ieee80211_if_sta *ifsta;
- if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
+ if (sdata && sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
ifsta = &sdata->u.sta;
if (!(ifsta->flags & IEEE80211_STA_BSSID_SET) ||
(!(ifsta->state == IEEE80211_STA_MLME_IBSS_JOINED) &&
struct ieee80211_sub_if_data *sdata;
union iwreq_data wrqu;
+ if (WARN_ON(!local->sta_hw_scanning && !local->sta_sw_scanning))
+ return;
+
local->last_scan_completed = jiffies;
memset(&wrqu, 0, sizeof(wrqu));
- wireless_send_event(local->scan_sdata->dev, SIOCGIWSCAN, &wrqu, NULL);
+
+ /*
+ * local->scan_sdata could have been NULLed by the interface
+ * down code in case we were scanning on an interface that is
+ * being taken down.
+ */
+ sdata = local->scan_sdata;
+ if (sdata)
+ wireless_send_event(sdata->dev, SIOCGIWSCAN, &wrqu, NULL);
if (local->sta_hw_scanning) {
local->sta_hw_scanning = 0;
int skip;
unsigned long next_delay = 0;
- if (!local->sta_sw_scanning)
+ /*
+ * Avoid re-scheduling when the sdata is going away.
+ */
+ if (!netif_running(sdata->dev))
return;
switch (local->scan_state) {
break;
}
- if (local->sta_sw_scanning)
- queue_delayed_work(local->hw.workqueue, &local->scan_work,
- next_delay);
+ queue_delayed_work(local->hw.workqueue, &local->scan_work,
+ next_delay);
}
}
if (local->ops->hw_scan) {
- int rc = local->ops->hw_scan(local_to_hw(local),
- ssid, ssid_len);
- if (!rc) {
- local->sta_hw_scanning = 1;
- local->scan_sdata = scan_sdata;
+ int rc;
+
+ local->sta_hw_scanning = 1;
+ rc = local->ops->hw_scan(local_to_hw(local), ssid, ssid_len);
+ if (rc) {
+ local->sta_hw_scanning = 0;
+ return rc;
}
- return rc;
+ local->scan_sdata = scan_sdata;
+ return 0;
}
local->sta_sw_scanning = 1;
git://ftp.safe.ca / safe / jmp / linux-2.6 / commitdiff