mac80211: fix scan locking wrt. hw scan

Releasing the scan mutex while starting scans
can lead to unexpected things happening, so
we shouldn't do that. Fix that and hold the
mutex across the scan triggering.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>

diff --git a/net/mac80211/scan.c b/net/mac80211/scan.c
index 41f20fb7e67083fa8635ba50de021babe7778e8c..872d7b6ef6b34f6dabdfbd0c491d94306d2fdf04 100644 (file)
--- a/net/mac80211/scan.c
+++ b/net/mac80211/scan.c
@@ -400,19 +400,7 @@ static int __ieee80211_start_scan(struct ieee80211_sub_if_data *sdata,
        else
                __set_bit(SCAN_SW_SCANNING, &local->scanning);
 
-       /*
-        * Kicking off the scan need not be protected,
-        * only the scan variable stuff, since now
-        * local->scan_req is assigned and other callers
-        * will abort their scan attempts.
-        *
-        * This avoids too many locking dependencies
-        * so that the scan completed calls have more
-        * locking freedom.
-        */
-
        ieee80211_recalc_idle(local);
-       mutex_unlock(&local->scan_mtx);
 
        if (local->ops->hw_scan) {
                WARN_ON(!ieee80211_prep_hw_scan(local));
@@ -420,8 +408,6 @@ static int __ieee80211_start_scan(struct ieee80211_sub_if_data *sdata,
        } else
                rc = ieee80211_start_sw_scan(local);
 
-       mutex_lock(&local->scan_mtx);
-
        if (rc) {
                kfree(local->hw_scan_req);
                local->hw_scan_req = NULL;