> +++ b/net/wireless/mlme.c
> @@ -340,6 +340,8 @@ int cfg80211_mlme_deauth(struct
> cfg80211_registered_device *rdev,
>
> ASSERT_WDEV_LOCK(wdev);
>
> + wdev->conn_owner_nlportid = 0;
Is this really correct? The deauth might not be to the current_bss, as
you can see in the following if statement:
> if (local_state_change &&
> (!wdev->current_bss ||
> !ether_addr_equal(wdev->current_bss->pub.bssid, bssid)))
It seems that perhaps this should go into some other place, perhaps
only be reset when current_bss is also reset to NULL?
> @@ -14539,13 +14554,21 @@ static int nl80211_netlink_notify(struct
> notifier_block * nb,
> spin_unlock(&rdev-
> >destroy_list_lock);
> schedule_work(&rdev->destroy_work);
> }
> - } else if (schedule_scan_stop) {
> +
> + continue;
> + }
This also doesn't seem right - the same socket could possibly own both
an interface and a connection? If the connection is on the same
interface you might not really want to do both - though it shouldn't
hurt if all the cancel_work is in the right place - but it could be a
different interface?
johannes
