mac80211: move blockack stop due to fragmentation
authorJohannes Berg <johannes.berg@intel.com>
Thu, 10 Jun 2010 08:21:36 +0000 (10:21 +0200)
committerJohn W. Linville <linville@tuxdriver.com>
Mon, 14 Jun 2010 19:39:27 +0000 (15:39 -0400)
There's a corner case where we receive a fragmented
frame during a blockack session, in which case we
will terminate that session. To simplify future work
in this area that will culminate in allowing the
driver callbacks for aggregation to sleep, move the
processing of this case out of the RX path into the
interface work.

This will simplify future work because the new place
for this code doesn't require that the function will
always be atomic, which the RX path needs.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
net/mac80211/iface.c
net/mac80211/rx.c

index 7a3dbde9979ec830fb42c271ed522c33ef96c964..87fc012e4ab3e3ad9fe465de0e20e32df76dfcaf 100644 (file)
@@ -707,6 +707,7 @@ static void ieee80211_iface_work(struct work_struct *work)
                container_of(work, struct ieee80211_sub_if_data, work);
        struct ieee80211_local *local = sdata->local;
        struct sk_buff *skb;
+       struct sta_info *sta;
 
        if (!ieee80211_sdata_running(sdata))
                return;
@@ -729,7 +730,6 @@ static void ieee80211_iface_work(struct work_struct *work)
                if (ieee80211_is_action(mgmt->frame_control) &&
                    mgmt->u.action.category == WLAN_CATEGORY_BACK) {
                        int len = skb->len;
-                       struct sta_info *sta;
 
                        rcu_read_lock();
                        sta = sta_info_get(sdata, mgmt->sa);
@@ -753,6 +753,36 @@ static void ieee80211_iface_work(struct work_struct *work)
                                }
                        }
                        rcu_read_unlock();
+               } else if (ieee80211_is_data_qos(mgmt->frame_control)) {
+                       struct ieee80211_hdr *hdr = (void *)mgmt;
+                       /*
+                        * So the frame isn't mgmt, but frame_control
+                        * is at the right place anyway, of course, so
+                        * the if statement is correct.
+                        *
+                        * Warn if we have other data frame types here,
+                        * they must not get here.
+                        */
+                       WARN_ON(hdr->frame_control &
+                                       cpu_to_le16(IEEE80211_STYPE_NULLFUNC));
+                       WARN_ON(!(hdr->seq_ctrl &
+                                       cpu_to_le16(IEEE80211_SCTL_FRAG)));
+                       /*
+                        * This was a fragment of a frame, received while
+                        * a block-ack session was active. That cannot be
+                        * right, so terminate the session.
+                        */
+                       rcu_read_lock();
+                       sta = sta_info_get(sdata, mgmt->sa);
+                       if (sta) {
+                               u16 tid = *ieee80211_get_qos_ctl(hdr) &
+                                               IEEE80211_QOS_CTL_TID_MASK;
+
+                               __ieee80211_stop_rx_ba_session(
+                                       sta, tid, WLAN_BACK_RECIPIENT,
+                                       WLAN_REASON_QSTA_REQUIRE_SETUP);
+                       }
+                       rcu_read_unlock();
                } else switch (sdata->vif.type) {
                case NL80211_IFTYPE_STATION:
                        ieee80211_sta_rx_queued_mgmt(sdata, skb);
index 435c2166e0c5dc4f146c1bd31a00c3837ab23ec6..b716fa2370b30a3c362f58a7f130bfda2c9575de 100644 (file)
@@ -741,9 +741,8 @@ static void ieee80211_rx_reorder_ampdu(struct ieee80211_rx_data *rx,
        sc = le16_to_cpu(hdr->seq_ctrl);
        if (sc & IEEE80211_SCTL_FRAG) {
                spin_unlock(&sta->lock);
-               __ieee80211_stop_rx_ba_session(sta, tid, WLAN_BACK_RECIPIENT,
-                                              WLAN_REASON_QSTA_REQUIRE_SETUP);
-               dev_kfree_skb(skb);
+               skb_queue_tail(&rx->sdata->skb_queue, skb);
+               ieee80211_queue_work(&local->hw, &rx->sdata->work);
                return;
        }