[PATCH] SCAN: Fix unexpected disconnection in re-scheduled STA scan during P2P concurrent operation.

Poulain, LoicX loicx.poulain
Mon Jun 3 03:22:25 PDT 2013


Hello Jouni, list,

I have  noticed an issue in scan results processing.
Indeed, on scan results event if a concurrent p2p scan was triggered
previously, scan results processing is canceled, p2p_find
executed and a new STA scan is triggered (pending scan).

However this new STA scan does not restore the scan_req value
of the previous scan (whose scan result has been canceled).
If we are currently AP connected, the new triggered scan will
cause an assoc whereas we are already connected.
This mechanism can cause an unexpected disconnection.

________________________________________________________________________
What's going on:

1 - The first scan (manual) resets scan_req value to NORMAL_SCAN_REQ:
in wpa_supplicant_scan():
wpa_s->last_scan_req = wpa_s->scan_req;
wpa_s->scan_req = NORMAL_SCAN_REQ;

2 - Then we run a p2p_find (delayed due to the ongoing STA scan).

3 - STA scan results event happens, but as there is a pending p2p operation,
scan result processing is canceled and an other STA scan triggered:
in _wpa_supplicant_event_scan_results():
if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) {
            wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation "
                "stopped scan processing");
            wpa_s->sta_scan_pending = 1;
            wpa_supplicant_req_scan(wpa_s, 5, 0);
            return -1;
}

4 - Then pending STA scan is executed 5 seconds later  (and p2p_find is over).
This scan triggers an assoc because scan_req is NORMAL_SCAN_REQ
and ap_scan is 2.
in wpa_supplicant_scan():
if (wpa_s->last_scan_req != MANUAL_SCAN_REQ &&
        wpa_s->conf->ap_scan == 2) {
        ...
        wpa_supplicant_assoc_try(wpa_s, ssid);
}
Log: wlan0: State: COMPLETED -> ASSOCIATING

5 - This cause an assoc error and a disconnection.
Log:
nl80211: MLME connect failed: ret=-114 (Operation already in progress)
wpa_driver_nl80211_disconnect(addr=68:7f:74:44:52:fa reason_code=2)
________________________________________________________________________

I attach a patch that fixes this issue by restoring the correct scan_req value.

BR,
Lo?c Poulain

---------------------------------------------------------------------
Intel Corporation SAS (French simplified joint stock company)
Registered headquarters: "Les Montalets"- 2, rue de Paris, 
92196 Meudon Cedex, France
Registration Number:  302 456 199 R.C.S. NANTERRE
Capital: 4,572,000 Euros

This e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Restore-scan_req-value-if-a-sta-scan-is-rescheduled-.patch
Type: text/x-patch
Size: 4393 bytes
Desc: 0001-Restore-scan_req-value-if-a-sta-scan-is-rescheduled-.patch
URL: <http://lists.shmoo.com/pipermail/hostap/attachments/20130603/c26afbd8/attachment.bin>



More information about the Hostap mailing list