Commit 4db89e14 authored by John W. Linville's avatar John W. Linville
parents 4978705d d86aa4f8
...@@ -893,6 +893,8 @@ struct tpt_led_trigger { ...@@ -893,6 +893,8 @@ struct tpt_led_trigger {
* that the scan completed. * that the scan completed.
* @SCAN_ABORTED: Set for our scan work function when the driver reported * @SCAN_ABORTED: Set for our scan work function when the driver reported
* a scan complete for an aborted scan. * a scan complete for an aborted scan.
* @SCAN_HW_CANCELLED: Set for our scan work function when the scan is being
* cancelled.
*/ */
enum { enum {
SCAN_SW_SCANNING, SCAN_SW_SCANNING,
...@@ -900,6 +902,7 @@ enum { ...@@ -900,6 +902,7 @@ enum {
SCAN_ONCHANNEL_SCANNING, SCAN_ONCHANNEL_SCANNING,
SCAN_COMPLETED, SCAN_COMPLETED,
SCAN_ABORTED, SCAN_ABORTED,
SCAN_HW_CANCELLED,
}; };
/** /**
......
...@@ -238,6 +238,9 @@ static bool ieee80211_prep_hw_scan(struct ieee80211_local *local) ...@@ -238,6 +238,9 @@ static bool ieee80211_prep_hw_scan(struct ieee80211_local *local)
enum ieee80211_band band; enum ieee80211_band band;
int i, ielen, n_chans; int i, ielen, n_chans;
if (test_bit(SCAN_HW_CANCELLED, &local->scanning))
return false;
do { do {
if (local->hw_scan_band == IEEE80211_NUM_BANDS) if (local->hw_scan_band == IEEE80211_NUM_BANDS)
return false; return false;
...@@ -940,7 +943,23 @@ void ieee80211_scan_cancel(struct ieee80211_local *local) ...@@ -940,7 +943,23 @@ void ieee80211_scan_cancel(struct ieee80211_local *local)
if (!local->scan_req) if (!local->scan_req)
goto out; goto out;
/*
* We have a scan running and the driver already reported completion,
* but the worker hasn't run yet or is stuck on the mutex - mark it as
* cancelled.
*/
if (test_bit(SCAN_HW_SCANNING, &local->scanning) &&
test_bit(SCAN_COMPLETED, &local->scanning)) {
set_bit(SCAN_HW_CANCELLED, &local->scanning);
goto out;
}
if (test_bit(SCAN_HW_SCANNING, &local->scanning)) { if (test_bit(SCAN_HW_SCANNING, &local->scanning)) {
/*
* Make sure that __ieee80211_scan_completed doesn't trigger a
* scan on another band.
*/
set_bit(SCAN_HW_CANCELLED, &local->scanning);
if (local->ops->cancel_hw_scan) if (local->ops->cancel_hw_scan)
drv_cancel_hw_scan(local, drv_cancel_hw_scan(local,
rcu_dereference_protected(local->scan_sdata, rcu_dereference_protected(local->scan_sdata,
......
...@@ -2238,6 +2238,10 @@ u64 ieee80211_calculate_rx_timestamp(struct ieee80211_local *local, ...@@ -2238,6 +2238,10 @@ u64 ieee80211_calculate_rx_timestamp(struct ieee80211_local *local,
} }
rate = cfg80211_calculate_bitrate(&ri); rate = cfg80211_calculate_bitrate(&ri);
if (WARN_ONCE(!rate,
"Invalid bitrate: flags=0x%x, idx=%d, vht_nss=%d\n",
status->flag, status->rate_idx, status->vht_nss))
return 0;
/* rewind from end of MPDU */ /* rewind from end of MPDU */
if (status->flag & RX_FLAG_MACTIME_END) if (status->flag & RX_FLAG_MACTIME_END)
......
...@@ -958,8 +958,6 @@ static int cfg80211_netdev_notifier_call(struct notifier_block *nb, ...@@ -958,8 +958,6 @@ static int cfg80211_netdev_notifier_call(struct notifier_block *nb,
case NETDEV_PRE_UP: case NETDEV_PRE_UP:
if (!(wdev->wiphy->interface_modes & BIT(wdev->iftype))) if (!(wdev->wiphy->interface_modes & BIT(wdev->iftype)))
return notifier_from_errno(-EOPNOTSUPP); return notifier_from_errno(-EOPNOTSUPP);
if (rfkill_blocked(rdev->rfkill))
return notifier_from_errno(-ERFKILL);
ret = cfg80211_can_add_interface(rdev, wdev->iftype); ret = cfg80211_can_add_interface(rdev, wdev->iftype);
if (ret) if (ret)
return notifier_from_errno(ret); return notifier_from_errno(ret);
......
...@@ -411,6 +411,9 @@ static inline int ...@@ -411,6 +411,9 @@ static inline int
cfg80211_can_add_interface(struct cfg80211_registered_device *rdev, cfg80211_can_add_interface(struct cfg80211_registered_device *rdev,
enum nl80211_iftype iftype) enum nl80211_iftype iftype)
{ {
if (rfkill_blocked(rdev->rfkill))
return -ERFKILL;
return cfg80211_can_change_interface(rdev, NULL, iftype); return cfg80211_can_change_interface(rdev, NULL, iftype);
} }
......
...@@ -97,6 +97,10 @@ int ieee80211_radiotap_iterator_init( ...@@ -97,6 +97,10 @@ int ieee80211_radiotap_iterator_init(
struct ieee80211_radiotap_header *radiotap_header, struct ieee80211_radiotap_header *radiotap_header,
int max_length, const struct ieee80211_radiotap_vendor_namespaces *vns) int max_length, const struct ieee80211_radiotap_vendor_namespaces *vns)
{ {
/* check the radiotap header can actually be present */
if (max_length < sizeof(struct ieee80211_radiotap_header))
return -EINVAL;
/* Linux only supports version 0 radiotap format */ /* Linux only supports version 0 radiotap format */
if (radiotap_header->it_version) if (radiotap_header->it_version)
return -EINVAL; return -EINVAL;
...@@ -131,7 +135,8 @@ int ieee80211_radiotap_iterator_init( ...@@ -131,7 +135,8 @@ int ieee80211_radiotap_iterator_init(
*/ */
if ((unsigned long)iterator->_arg - if ((unsigned long)iterator->_arg -
(unsigned long)iterator->_rtheader > (unsigned long)iterator->_rtheader +
sizeof(uint32_t) >
(unsigned long)iterator->_max_length) (unsigned long)iterator->_max_length)
return -EINVAL; return -EINVAL;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment