When a network is moved or reconfigured on the different channel, there can be multiple BSSes with the same BSSID and SSID in scan result before the old one expires. Then, it can cause cfg80211_connect_result to map current_bss to a bss with the wrong channel.
Let mwifiex_cfg80211_assoc return the selected BSS and then the caller can report it cfg80211_connect_bss. Signed-off-by: Yen-lin Lai <yenlin...@chromium.org> --- .../net/wireless/marvell/mwifiex/cfg80211.c | 35 ++++++++++++++----- 1 file changed, 26 insertions(+), 9 deletions(-) diff --git a/drivers/net/wireless/marvell/mwifiex/cfg80211.c b/drivers/net/wireless/marvell/mwifiex/cfg80211.c index a6b9dc6700b1..4bae83e47e9e 100644 --- a/drivers/net/wireless/marvell/mwifiex/cfg80211.c +++ b/drivers/net/wireless/marvell/mwifiex/cfg80211.c @@ -2173,7 +2173,8 @@ static int mwifiex_cfg80211_assoc(struct mwifiex_private *priv, size_t ssid_len, const u8 *ssid, const u8 *bssid, int mode, struct ieee80211_channel *channel, - struct cfg80211_connect_params *sme, bool privacy) + struct cfg80211_connect_params *sme, bool privacy, + struct cfg80211_bss **sel_bss) { struct cfg80211_ssid req_ssid; int ret, auth_type = 0; @@ -2307,17 +2308,31 @@ mwifiex_cfg80211_assoc(struct mwifiex_private *priv, size_t ssid_len, } } + if (bss) + cfg80211_ref_bss(priv->adapter->wiphy, bss); + ret = mwifiex_bss_start(priv, bss, &req_ssid); if (ret) - return ret; + goto cleanup; if (mode == NL80211_IFTYPE_ADHOC) { /* Inform the BSS information to kernel, otherwise * kernel will give a panic after successful assoc */ - if (mwifiex_cfg80211_inform_ibss_bss(priv)) - return -EFAULT; + if (mwifiex_cfg80211_inform_ibss_bss(priv)) { + ret = -EFAULT; + goto cleanup; + } } + /* Pass the selected BSS entry to caller. */ + if (sel_bss) { + *sel_bss = bss; + bss = NULL; + } + +cleanup: + if (bss) + cfg80211_put_bss(priv->adapter->wiphy, bss); return ret; } @@ -2334,6 +2349,7 @@ mwifiex_cfg80211_connect(struct wiphy *wiphy, struct net_device *dev, { struct mwifiex_private *priv = mwifiex_netdev_get_priv(dev); struct mwifiex_adapter *adapter = priv->adapter; + struct cfg80211_bss *bss = NULL; int ret; if (GET_BSS_ROLE(priv) != MWIFIEX_BSS_ROLE_STA) { @@ -2369,11 +2385,12 @@ mwifiex_cfg80211_connect(struct wiphy *wiphy, struct net_device *dev, cfg80211_sched_scan_stopped_rtnl(priv->wdev.wiphy, 0); ret = mwifiex_cfg80211_assoc(priv, sme->ssid_len, sme->ssid, sme->bssid, - priv->bss_mode, sme->channel, sme, 0); + priv->bss_mode, sme->channel, sme, 0, + &bss); if (!ret) { - cfg80211_connect_result(priv->netdev, priv->cfg_bssid, NULL, 0, - NULL, 0, WLAN_STATUS_SUCCESS, - GFP_KERNEL); + cfg80211_connect_bss(priv->netdev, priv->cfg_bssid, bss, NULL, + 0, NULL, 0, WLAN_STATUS_SUCCESS, + GFP_KERNEL, NL80211_TIMEOUT_UNSPECIFIED); mwifiex_dbg(priv->adapter, MSG, "info: associated to bssid %pM successfully\n", priv->cfg_bssid); @@ -2504,7 +2521,7 @@ mwifiex_cfg80211_join_ibss(struct wiphy *wiphy, struct net_device *dev, ret = mwifiex_cfg80211_assoc(priv, params->ssid_len, params->ssid, params->bssid, priv->bss_mode, params->chandef.chan, NULL, - params->privacy); + params->privacy, NULL); done: if (!ret) { cfg80211_ibss_joined(priv->netdev, priv->cfg_bssid, -- 2.30.0.365.g02bc693789-goog