[PATCH 6/8] P2P: cancel action frame offchan wait after recv go neg resp

Jouni Malinen j
Tue Jan 7 06:07:16 PST 2014


On Thu, Dec 19, 2013 at 12:03:28PM +0200, Arik Nemtsov wrote:
> From: Eyal Shapira <eyal at wizery.com>
> A wait of 200ms is configured after sending the go neg request.
> The go neg process can end quickly within less than 200ms. If this wait
> isn't canceled it can cause the beaconing of the GO to start while
> mac80211 is still off channel on the listen channel and this may cause
> beaconing on the wrong channel if oper channel is different from
> the listen channel.

> diff --git a/src/p2p/p2p_go_neg.c b/src/p2p/p2p_go_neg.c
> @@ -852,6 +852,7 @@ void p2p_process_go_neg_resp(struct p2p_data *p2p, const u8 *sa,
>  	dev->flags &= ~P2P_DEV_WAIT_GO_NEG_RESPONSE;
> +	p2p->cfg->send_action_done(p2p->cfg->cb_ctx);
>  
>  	if (msg.dialog_token != dev->dialog_token) {

This does not look correct.. This would result in a possible
remain-on-channel operation to be canceled before sending GO Negotiation
Confirm and as such, forcing that frame to be sent from another
remain-on-channel command which could add considerable extra latency
here.

> @@ -878,7 +879,6 @@ void p2p_process_go_neg_resp(struct p2p_data *p2p, const u8 *sa,
>  			p2p_dbg(p2p, "Stop GO Negotiation attempt");
>  			p2p_go_neg_failed(p2p, dev, *msg.status);
>  		}
> -		p2p->cfg->send_action_done(p2p->cfg->cb_ctx);
>  		p2p_parse_free(&msg);
>  		return;
>  	}

This looks like a correct place to call send_action_done(), so removing
it from here does not look valid..
 
-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the Hostap mailing list