wifi: cfg80211: remove BSS pointer from cfg80211_disassoc_request

The race described by the comment in mac80211 hasn't existed
since the locking rework to use the same lock and for MLO we
need to pass the AP MLD address, so just pass the BSSID or
AP MLD address instead of the BSS struct pointer, and adjust
all the code accordingly.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>

diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
index a4e2cb2378b8f46d1d535529c431d5092ff250ff..d0be08483fa65e9476fbba8c1af0395f15411f2d 100644 (file)
--- a/include/net/cfg80211.h
+++ b/include/net/cfg80211.h
@@ -2886,7 +2886,7 @@ struct cfg80211_assoc_request {
  * This structure provides information needed to complete IEEE 802.11
  * deauthentication.
  *
- * @bssid: the BSSID of the BSS to deauthenticate from
+ * @bssid: the BSSID or AP MLD address to deauthenticate from
  * @ie: Extra IEs to add to Deauthentication frame or %NULL
  * @ie_len: Length of ie buffer in octets
  * @reason_code: The reason code for the deauthentication
@@ -2907,7 +2907,7 @@ struct cfg80211_deauth_request {
  * This structure provides information needed to complete IEEE 802.11
  * disassociation.
  *
- * @bss: the BSS to disassociate from
+ * @ap_addr: the BSSID or AP MLD address to disassociate from
  * @ie: Extra IEs to add to Disassociation frame or %NULL
  * @ie_len: Length of ie buffer in octets
  * @reason_code: The reason code for the disassociation
@@ -2915,7 +2915,7 @@ struct cfg80211_deauth_request {
  *     Disassociation frame is to be transmitted.
  */
 struct cfg80211_disassoc_request {
-       struct cfg80211_bss *bss;
+       const u8 *ap_addr;
        const u8 *ie;
        size_t ie_len;
        u16 reason_code;

diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index b71de89d9734c1cba5b72423a9753b3637487fa9..a2b4536c3a241712fa7a83319bca46f126ffcbe1 100644 (file)
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -6426,18 +6426,14 @@ int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata,
 {
        u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
 
-       /*
-        * cfg80211 should catch this ... but it's racy since
-        * we can receive a disassoc frame, process it, hand it
-        * to cfg80211 while that's in a locked section already
-        * trying to tell us that the user wants to disconnect.
-        */
-       if (sdata->deflink.u.mgd.bss != req->bss)
-               return -ENOLINK;
+       if (!sdata->u.mgd.associated ||
+           memcmp(sdata->vif.cfg.ap_addr, req->ap_addr, ETH_ALEN))
+               return -ENOTCONN;
 
        sdata_info(sdata,
                   "disassociating from %pM by local choice (Reason: %u=%s)\n",
-                  req->bss->bssid, req->reason_code, ieee80211_get_reason_code_string(req->reason_code));
+                  req->ap_addr, req->reason_code,
+                  ieee80211_get_reason_code_string(req->reason_code));
 
        ieee80211_set_disassoc(sdata, IEEE80211_STYPE_DISASSOC,
                               req->reason_code, !req->local_state_change,

diff --git a/net/wireless/core.h b/net/wireless/core.h
index fd723fa5e2d70946f562c0b26254f0605b1f106a..e72ca6eefafb8fc2b5e83d193c6741aafdfa4682 100644 (file)
--- a/net/wireless/core.h
+++ b/net/wireless/core.h
@@ -372,7 +372,7 @@ int cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev,
                         const u8 *ie, int ie_len, u16 reason,
                         bool local_state_change);
 int cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev,
-                          struct net_device *dev, const u8 *bssid,
+                          struct net_device *dev, const u8 *ap_addr,
                           const u8 *ie, int ie_len, u16 reason,
                           bool local_state_change);
 void cfg80211_mlme_down(struct cfg80211_registered_device *rdev,

diff --git a/net/wireless/mlme.c b/net/wireless/mlme.c
index 935537c64ed8e62fce162c49906931a2be14146b..4a35b3559daa0dcb38458de043fb05df03210666 100644 (file)
--- a/net/wireless/mlme.c
+++ b/net/wireless/mlme.c
@@ -370,7 +370,7 @@ int cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev,
 }
 
 int cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev,
-                          struct net_device *dev, const u8 *bssid,
+                          struct net_device *dev, const u8 *ap_addr,
                           const u8 *ie, int ie_len, u16 reason,
                           bool local_state_change)
 {
@@ -380,6 +380,7 @@ int cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev,
                .local_state_change = local_state_change,
                .ie = ie,
                .ie_len = ie_len,
+               .ap_addr = ap_addr,
        };
        int err;
 
@@ -388,10 +389,7 @@ int cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev,
        if (!wdev->connected)
                return -ENOTCONN;
 
-       if (ether_addr_equal(wdev->links[0].client.current_bss->pub.bssid,
-                            bssid))
-               req.bss = &wdev->links[0].client.current_bss->pub;
-       else
+       if (memcmp(wdev->u.client.connected_addr, ap_addr, ETH_ALEN))
                return -ENOTCONN;
 
        err = rdev_disassoc(rdev, dev, &req);

diff --git a/net/wireless/trace.h b/net/wireless/trace.h
index c50e8a04199ec45eb12f2d2016215a2c896a19aa..4316d3dc31eadd8174f12ca550bff8d2a8bb6e8b 100644 (file)
--- a/net/wireless/trace.h
+++ b/net/wireless/trace.h
@@ -1318,10 +1318,7 @@ TRACE_EVENT(rdev_disassoc,
        TP_fast_assign(
                WIPHY_ASSIGN;
                NETDEV_ASSIGN;
-               if (req->bss)
-                       MAC_ASSIGN(bssid, req->bss->bssid);
-               else
-                       eth_zero_addr(__entry->bssid);
+               MAC_ASSIGN(bssid, req->ap_addr);
                __entry->reason_code = req->reason_code;
                __entry->local_state_change = req->local_state_change;
        ),