LinuxLists.cc - [PATCH v4 1/2] ath11k: fix mgmt_tx_wmi cmd sent to FW for deleted vdev

2020-04-28 04:47:10

Subject: [PATCH v4 1/2] ath11k: fix mgmt_tx_wmi cmd sent to FW for deleted vdev

In Multi-AP VAP scenario with frequent interface up-down, there is a
chance that ath11k_mgmt_over_wmi_tx_work() will dequeue a skb
corresponding to currently deleted/stopped vdev.

FW will assert on receiving mgmt_tx_wmi cmd for already deleted vdev.
Hence adding validation checks for arvif present on the corresponding
ar before sending mgmt_tx_wmi cmd.

Signed-off-by: Sathishkumar Muruganandam <[email protected]>
---
drivers/net/wireless/ath/ath11k/mac.c | 29 ++++++++++++++++++++++-------
1 file changed, 22 insertions(+), 7 deletions(-)

diff --git a/drivers/net/wireless/ath/ath11k/mac.c b/drivers/net/wireless/ath/ath11k/mac.c
index 065b7d6d4ab2..2b3a63ac216c 100644
--- a/drivers/net/wireless/ath/ath11k/mac.c
+++ b/drivers/net/wireless/ath/ath11k/mac.c
@@ -3793,15 +3793,30 @@ static void ath11k_mgmt_over_wmi_tx_work(struct work_struct *work)

while ((skb = skb_dequeue(&ar->wmi_mgmt_tx_queue)) != NULL) {
info = IEEE80211_SKB_CB(skb);
- arvif = ath11k_vif_to_arvif(info->control.vif);
-
- ret = ath11k_mac_mgmt_tx_wmi(ar, arvif, skb);
- if (ret) {
- ath11k_warn(ar->ab, "failed to transmit management frame %d\n",
- ret);
+ if (!info->control.vif) {
+ ath11k_warn(ar->ab, "no vif found for mgmt frame, flags 0x%x\n",
+ info->control.flags);
ieee80211_free_txskb(ar->hw, skb);
+ continue;
+ }
+
+ arvif = ath11k_vif_to_arvif(info->control.vif);
+ if (ar->allocated_vdev_map & (1LL << arvif->vdev_id) &&
+ arvif->is_started) {
+ ret = ath11k_mac_mgmt_tx_wmi(ar, arvif, skb);
+ if (ret) {
+ ath11k_warn(ar->ab, "failed to tx mgmt frame, vdev_id %d :%d\n",
+ arvif->vdev_id, ret);
+ ieee80211_free_txskb(ar->hw, skb);
+ } else {
+ atomic_inc(&ar->num_pending_mgmt_tx);
+ }
} else {
- atomic_inc(&ar->num_pending_mgmt_tx);
+ ath11k_warn(ar->ab,
+ "dropping mgmt frame for vdev %d, flags 0x%x is_started %d\n",
+ arvif->vdev_id, info->control.flags,
+ arvif->is_started);
+ ieee80211_free_txskb(ar->hw, skb);
}
}
}
--
2.7.4

2020-05-04 09:10:50

by Kalle Valo

[permalink] [raw]

Subject: Re: [PATCH v4 1/2] ath11k: fix mgmt_tx_wmi cmd sent to FW for deleted vdev

Sathishkumar Muruganandam <[email protected]> wrote:

> In Multi-AP VAP scenario with frequent interface up-down, there is a
> chance that ath11k_mgmt_over_wmi_tx_work() will dequeue a skb
> corresponding to currently deleted/stopped vdev.
>
> FW will assert on receiving mgmt_tx_wmi cmd for already deleted vdev.
> Hence adding validation checks for arvif present on the corresponding
> ar before sending mgmt_tx_wmi cmd.
>
> Signed-off-by: Sathishkumar Muruganandam <[email protected]>
> Signed-off-by: Kalle Valo <[email protected]>

2 patches applied to ath-next branch of ath.git, thanks.

66307ca04057 ath11k: fix mgmt_tx_wmi cmd sent to FW for deleted vdev
657680cc86ca ath11k: add DBG_MAC prints to track vdev events

--
https://patchwork.kernel.org/patch/11513813/

https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches