• Johannes Berg's avatar
    mac80211: don't process work item with wrong frame · b8d92c9c
    Johannes Berg authored
    When we process a frame, we currently just match it
    to the work struct by the MAC addresses, and not by
    the work type. This means that we can end up doing
    the work for an association request item when (for
    whatever reason) we receive another frame type, for
    example a probe response. Processing the wrong type
    of frame will lead to completely invalid data being
    processed, and will lead to various problems like
    thinking the association was successful even if the
    AP never sent an assocation response.
    
    Fix this by making each processing function check
    that it is invoked for the right work struct type
    only and continue processing otherwise (and drop
    frames that we didn't expect).
    
    This bug was uncovered during the debugging for
    https://bugzilla.kernel.org/show_bug.cgi?id=15862
    but doesn't seem to be the cause for any of the
    various problems reported there.
    Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
    Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
    b8d92c9c
work.c 28.3 KB