[PATCH] bgscan_learn: Prevent infinte busy looping
In highly congested network (BSSes almost on every channel within ESS) we have hit a bug when wpa_supplicant become completly irresponsive, infinite looping on while loop. When probe_idx was equal 0 and we are not able to probe new frequency, following condition were never fulfill: "if (!in_array(freqs, data->supp_freqs[idx]))" Signed-hostap: Pawel Kulakowski <pawel.kulakowski <at> tieto.com> --- wpa_supplicant/bgscan_learn.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/wpa_supplicant/bgscan_learn.c b/wpa_supplicant/bgscan_learn.c index adf82d8..07d31e4 100644 --- a/wpa_supplicant/bgscan_learn.c +++ b/wpa_supplicant/bgscan_learn.c @@ -242,8 +242,11 @@ static int * bgscan_learn_get_probe_freq(struct bgscan_learn_data *data, idx = data->probe_idx + 1; while (idx != data->probe_idx) { - if (data->supp_freqs[idx] == 0) + if (data->supp_freqs[idx] == 0) { + if (data->probe_idx == 0) + break; idx = 0; + } if (!in_array(freqs, data->supp_freqs[idx])) { wpa_printf(MSG_DEBUG, "bgscan learn: Probe new freq " "%u", data->supp_freqs[idx]);
==================================================================================================================================
[PATCH] P2P: Fix duplicate handling of rx action frames
When using a separate group iface both p2p device iface and the group iface are registered for action frames. This causes duplicate handling of rx action frames. One side effect of this is getting multiple responses for requests sent over action frames while GO/CLI are up like prov disc and dev disc. Fix this by discarding the duplicate p2p action frames received on the group iface. The code will handle all of these correctly when coming on the p2p dev iface as it looks at the DA when where relevant. Signed-hostap: Eyal Shapira <eyal <at> wizery.com> --- wpa_supplicant/p2p_supplicant.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c index cf90fbd..8c54cb0 100644 --- a/wpa_supplicant/p2p_supplicant.c +++ b/wpa_supplicant/p2p_supplicant.c @@ -4497,6 +4497,12 @@ void wpas_p2p_rx_action(struct wpa_supplicant *wpa_s, const u8 *da, if (wpa_s->global->p2p == NULL) return; + if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE) { + wpa_printf(MSG_DEBUG, "Discard RX action event on P2P " + "GO/CLI iface. P2P Device interface will handle it"); + return; + } +===================================================================================================================================
[PATCH 1/3] wpa_supplicant: abort scan after removing all networks
From: David Spinadel <david.spinadel <at> intel.com> Change-Id: I737848dabed49d961985845f2e86f717c2926f0c Reviewed-on: http://git-mwg.jer.intel.com/gerrit/3585 Reviewed-by: Jenkins Tested-by: Jenkins Reviewed-by: Max Stepanov <Max.Stepanov <at> intel.com> Tested-by: Max Stepanov <Max.Stepanov <at> intel.com> Signed-off-by: David Spinadel <david.spinadel <at> intel.com> --- wpa_supplicant/ctrl_iface.c | 7 +++++++ wpa_supplicant/dbus/dbus_new_handlers.c | 8 ++++++++ wpa_supplicant/dbus/dbus_old_handlers.c | 5 +++++ wpa_supplicant/wps_supplicant.c | 5 +++++ 4 files changed, 25 insertions(+), 0 deletions(-) diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index 0351241..d1a5cf6 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -2224,6 +2224,8 @@ static int wpa_supplicant_ctrl_iface_remove_network( /* cmd: "<network id>" or "all" */ if (os_strcmp(cmd, "all") == 0) { wpa_printf(MSG_DEBUG, "CTRL_IFACE: REMOVE_NETWORK all"); + wpa_supplicant_cancel_sched_scan(wpa_s); + wpa_supplicant_cancel_scan(wpa_s); ssid = wpa_s->conf->ssid; while (ssid) { struct wpa_ssid *remove_ssid = ssid; @@ -2281,6 +2283,11 @@ static int wpa_supplicant_ctrl_iface_remove_network( return -1; } + if (!wpa_s->conf->ssid) { + wpa_supplicant_cancel_sched_scan(wpa_s); + wpa_supplicant_cancel_scan(wpa_s); + } + return 0; } diff --git a/wpa_supplicant/dbus/dbus_new_handlers.c b/wpa_supplicant/dbus/dbus_new_handlers.c index 00378be..b0f0d0e 100644 --- a/wpa_supplicant/dbus/dbus_new_handlers.c +++ b/wpa_supplicant/dbus/dbus_new_handlers.c @@ -1525,6 +1525,11 @@ DBusMessage * wpas_dbus_handler_remove_network(DBusMessage *message, wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING); + if (!wpa_s->conf->ssid) { + wpa_supplicant_cancel_sched_scan(wpa_s); + wpa_supplicant_cancel_scan(wpa_s); + } + out: os_free(iface); os_free(net_id); @@ -1562,6 +1567,9 @@ static void remove_network(void *arg, struct wpa_ssid *ssid) DBusMessage * wpas_dbus_handler_remove_all_networks( DBusMessage *message, struct wpa_supplicant *wpa_s) { + wpa_supplicant_cancel_sched_scan(wpa_s); + wpa_supplicant_cancel_scan(wpa_s); + /* NB: could check for failure and return an error */ wpa_config_foreach_network(wpa_s->conf, remove_network, wpa_s); return NULL; diff --git a/wpa_supplicant/dbus/dbus_old_handlers.c b/wpa_supplicant/dbus/dbus_old_handlers.c index e217a72..ff60f6e 100644 --- a/wpa_supplicant/dbus/dbus_old_handlers.c +++ b/wpa_supplicant/dbus/dbus_old_handlers.c @@ -870,6 +870,11 @@ DBusMessage * wpas_dbus_iface_remove_network(DBusMessage *message, WLAN_REASON_DEAUTH_LEAVING); reply = wpas_dbus_new_success_reply(message); + if (!wpa_s->conf->ssid) { + wpa_supplicant_cancel_sched_scan(wpa_s); + wpa_supplicant_cancel_scan(wpa_s); + } + out: os_free(iface); os_free(net_id); diff --git a/wpa_supplicant/wps_supplicant.c b/wpa_supplicant/wps_supplicant.c index 41aa5db..87ea320 100644 --- a/wpa_supplicant/wps_supplicant.c +++ b/wpa_supplicant/wps_supplicant.c @@ -759,6 +759,11 @@ static void wpas_clear_wps(struct wpa_supplicant *wpa_s) } wpas_wps_clear_ap_info(wpa_s); + + if (!wpa_s->conf->ssid) { + wpa_supplicant_cancel_sched_scan(wpa_s); + wpa_supplicant_cancel_scan(wpa_s); + } }