Commit 6ed13164 authored by Matti Gottlieb's avatar Matti Gottlieb Committed by Emmanuel Grumbach

iwlwifi: mvm: Fix wrongfully flushing frames in the roc/off channel queue

Sending multiple action frames off channel, one after the other can create
a race that will result in a timeout:

1. Start sending action frame off channel.
2. Once the frame is sent or the time event is over, the flow will
eventually call ieee80211_start_next_roc to start the next roc frame &
iwl_mvm_roc_finished schedules to schedule a work to flush the queue.
3. Start sending new roc frame and write it to the queue before the
flush work has started.
4. The work is called and it flushes the new packet that was placed on the
on the queue so the packet is lost.

This causes the frame to be removed & not sent, that causes a timeout in
userspace.

Flush the work queue that flushes the roc/off channel queue before starting
to send a new frame off channel, in order to avoid a race between the new
frame that is transmitted off channel & the flushing of the queue.
Signed-off-by: default avatarMatti Gottlieb <matti.gottlieb@intel.com>
Reviewed-by: default avatarJohannes Berg <johannes.berg@intel.com>
Signed-off-by: default avatarEmmanuel Grumbach <emmanuel.grumbach@intel.com>
parent b6e160ab
......@@ -3080,6 +3080,8 @@ static int iwl_mvm_roc(struct ieee80211_hw *hw,
IWL_DEBUG_MAC80211(mvm, "enter (%d, %d, %d)\n", channel->hw_value,
duration, type);
flush_work(&mvm->roc_done_wk);
mutex_lock(&mvm->mutex);
switch (vif->type) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment