Re: [RFC 5/5] cfg80211: scan before connect if we don't have the bss

[Johannes Berg <johannes@sipsolutions.net>]

[-- Attachment #1: Type: text/plain, Size: 1584 bytes --]

On Wed, 2009-08-19 at 01:04 +0100, David Kilroy wrote:

> @@ -791,18 +824,55 @@ int __cfg80211_connect(struct cfg80211_registered_device *rdev,
>  
>  		return err;
>  	} else {
> +		struct cfg80211_bss *bss;
> +
>  		wdev->sme_state = CFG80211_SME_CONNECTING;
>  		wdev->connect_keys = connkeys;
> +
> +		bss = cfg80211_get_bss(wdev->wiphy, NULL, connect->bssid,
> +				       connect->ssid, connect->ssid_len,
> +				       WLAN_CAPABILITY_ESS,
> +				       WLAN_CAPABILITY_ESS);

Hmm. What if the bssid isn't set? Then the card might select a different
BSS than the one we have on the scan list.


> +			/* Failed to clone (or scan), so we can't
> +			 * delay the connect. Free everything up and
> +			 * go ahead with the connect */
> +			if (wdev->conn)
> +				kfree(wdev->conn->ie);
> +			kfree(wdev->conn);
> +			wdev->conn = NULL;

and that would then run into the warning and the problem anyway? Better
to just reject with -ENOMEM I think? Also, I really don't think you
should use wdev->conn anywhere in this code path, because some code
looks at that to figure out whether or not the cfg80211 SME is used.

> +		} else {
> +			cfg80211_put_bss(bss);

>  		err = rdev->ops->connect(&rdev->wiphy, dev, connect);

And it's all racy too -- by the time the driver calls connect_result(),
the BSS might have expired after it was found here now.

I don't think this is really feasible to implement in cfg80211. Couldn't
the driver do a probe to the BSS that the device selected, and report
that before the connect result?

johannes

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 801 bytes --]