Hi Johannes, I have discovered and patched a race in the scanning function since a couple of releases. To day I checked the current Linux git and the problem is still there. The problem is the sequence of events when the scan result is reported back. The wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL); is called before ieee80211_hw_config(local); ieee80211_hw_config(local) will trig the wpa_supplicant to select an AP. That may happen before the ieee80211_hw_config() is executed since the wpa_supplicant generated actions is executed by an other thread (wpa_supplicant). The result is that: - wpa_supplicant setup for an association to an ap using correct channel. - ieee80211_hw_config() reset the channel to the value before the SCAN started. - the association request will be sent out using the wrong channel. Attached you will find the patch for 2.6.27. It is not a perfect patch since the code is duplicated but it works :) Regards Lars
Attachment:
lae-mac80211-mlme-SIOCGIWSCAN-race.patch
Description: Binary data
