diff mbox series

brcmfmac: clear EAP/association status bits on linkdown events

Message ID 1608807119-21785-1-git-send-email-luca.pesce@vimar.com (mailing list archive)
State Accepted
Commit e862a3e4088070de352fdafe9bd9e3ae0a95a33c
Delegated to: Kalle Valo
Headers show
Series brcmfmac: clear EAP/association status bits on linkdown events | expand

Commit Message

Luca Pesce Dec. 24, 2020, 10:51 a.m. UTC
This ensure that previous association attempts do not leave stale statuses
on subsequent attempts.

This fixes the WARN_ON(!cr->bss)) from __cfg80211_connect_result() when
connecting to an AP after a previous connection failure (e.g. where EAP fails
due to incorrect psk but association succeeded). In some scenarios, indeed,
brcmf_is_linkup() was reporting a link up event too early due to stale
BRCMF_VIF_STATUS_ASSOC_SUCCESS bit, thus reporting to cfg80211 a connection
result with a zeroed bssid (vif->profile.bssid is still empty), causing the
WARN_ON due to the call to cfg80211_get_bss() with the empty bssid.

Signed-off-by: Luca Pesce <luca.pesce@vimar.com>
---
 drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

Comments

Kalle Valo Jan. 14, 2021, 5:32 p.m. UTC | #1
Luca Pesce <luca.pesce@vimar.com> wrote:

> This ensure that previous association attempts do not leave stale statuses
> on subsequent attempts.
> 
> This fixes the WARN_ON(!cr->bss)) from __cfg80211_connect_result() when
> connecting to an AP after a previous connection failure (e.g. where EAP fails
> due to incorrect psk but association succeeded). In some scenarios, indeed,
> brcmf_is_linkup() was reporting a link up event too early due to stale
> BRCMF_VIF_STATUS_ASSOC_SUCCESS bit, thus reporting to cfg80211 a connection
> result with a zeroed bssid (vif->profile.bssid is still empty), causing the
> WARN_ON due to the call to cfg80211_get_bss() with the empty bssid.
> 
> Signed-off-by: Luca Pesce <luca.pesce@vimar.com>

Patch applied to wireless-drivers-next.git, thanks.

e862a3e40880 brcmfmac: clear EAP/association status bits on linkdown events
diff mbox series

Patch

diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
index 0ee421f..23e6422 100644
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
@@ -5611,7 +5611,8 @@  static bool brcmf_is_linkup(struct brcmf_cfg80211_vif *vif,
 	return false;
 }
 
-static bool brcmf_is_linkdown(const struct brcmf_event_msg *e)
+static bool brcmf_is_linkdown(struct brcmf_cfg80211_vif *vif,
+			    const struct brcmf_event_msg *e)
 {
 	u32 event = e->event_code;
 	u16 flags = e->flags;
@@ -5620,6 +5621,8 @@  static bool brcmf_is_linkdown(const struct brcmf_event_msg *e)
 	    (event == BRCMF_E_DISASSOC_IND) ||
 	    ((event == BRCMF_E_LINK) && (!(flags & BRCMF_EVENT_MSG_LINK)))) {
 		brcmf_dbg(CONN, "Processing link down\n");
+		clear_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
+		clear_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
 		return true;
 	}
 	return false;
@@ -6067,7 +6070,7 @@  brcmf_notify_connect_status(struct brcmf_if *ifp,
 		} else
 			brcmf_bss_connect_done(cfg, ndev, e, true);
 		brcmf_net_setcarrier(ifp, true);
-	} else if (brcmf_is_linkdown(e)) {
+	} else if (brcmf_is_linkdown(ifp->vif, e)) {
 		brcmf_dbg(CONN, "Linkdown\n");
 		if (!brcmf_is_ibssmode(ifp->vif) &&
 		    test_bit(BRCMF_VIF_STATUS_CONNECTED,