Sometimes device returns wrong number of items in bssid-list. Appears that some specific beacons
trigger this problem and leads to very poor scanning results. Workaround by ignoring num_items
received from device and walkthrough full bssid-list buffer.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@xxxxxxxx>
---
drivers/net/wireless/rndis_wlan.c | 22 ++++++++++++++--------
1 files changed, 14 insertions(+), 8 deletions(-)
diff --git a/drivers/net/wireless/rndis_wlan.c b/drivers/net/wireless/rndis_wlan.c
index 4a4f005..8db8333 100644
--- a/drivers/net/wireless/rndis_wlan.c
+++ b/drivers/net/wireless/rndis_wlan.c
@@ -1967,8 +1967,8 @@ static struct cfg80211_bss *rndis_bss_info_update(struct usbnet *usbdev,
int ie_len, bssid_len;
u8 *ie;
- netdev_dbg(usbdev->net, " found bssid: '%.32s' [%pM]\n",
- bssid->ssid.essid, bssid->mac);
+ netdev_dbg(usbdev->net, " found bssid: '%.32s' [%pM], len: %d\n",
+ bssid->ssid.essid, bssid->mac, le32_to_cpu(bssid->length));
/* parse bssid structure */
bssid_len = le32_to_cpu(bssid->length);
@@ -2008,10 +2008,10 @@ static int rndis_check_bssid_list(struct usbnet *usbdev, u8 *match_bssid,
void *buf = NULL;
struct ndis_80211_bssid_list_ex *bssid_list;
struct ndis_80211_bssid_ex *bssid;
- int ret = -EINVAL, len, count, bssid_len;
+ int ret = -EINVAL, len, count, bssid_len, real_count;
bool resized = false;
- netdev_dbg(usbdev->net, "check_bssid_list\n");
+ netdev_dbg(usbdev->net, "%s\n", __func__);
len = CONTROL_BUFFER_SIZE;
resize_buf:
@@ -2035,10 +2035,13 @@ resize_buf:
bssid = bssid_list->bssid;
bssid_len = le32_to_cpu(bssid->length);
count = le32_to_cpu(bssid_list->num_items);
- netdev_dbg(usbdev->net, "check_bssid_list: %d BSSIDs found (buflen: %d)\n",
- count, len);
+ real_count = 0;
+ netdev_dbg(usbdev->net, "%s, buflen: %d\n", __func__, len);
- while (count && ((void *)bssid + bssid_len) <= (buf + len)) {
+ /* Device returns incorrect 'num_items'. Workaround by ignoring the
+ * received 'num_items' and walking through full bssid buffer instead.
+ */
+ while (bssid_len > 0 && ((void *)bssid + bssid_len) <= (buf + len)) {
if (rndis_bss_info_update(usbdev, bssid) && match_bssid &&
matched) {
if (compare_ether_addr(bssid->mac, match_bssid))
@@ -2047,9 +2050,12 @@ resize_buf:
bssid = (void *)bssid + bssid_len;
bssid_len = le32_to_cpu(bssid->length);
- count--;
+ real_count++;
}
+ netdev_dbg(usbdev->net, "%s, num_items from device: %d, really found: "
+ "%d\n", __func__, count, real_count);
+
out:
kfree(buf);
return ret;
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
