public-mirrors/linux
1
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-08-05 16:54:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/drivers/net/wireless/intel/iwlwifi
History
Johannes Berg 2438d43086 iwlwifi: mvm: fix delBA vs. NSSN queue sync race 
If we happen to decide an NSSN queue sync (IWL_MVM_RXQ_NSSN_SYNC)
for some remaining packets that are still on the queue, but just
after we've decided to do a delBA (which causes its own queues
sync with IWL_MVM_RXQ_NOTIF_DEL_BA) we can end up with a sequence
of events like this:

 CPU 1                              CPU 2

remove BA session with baid N
send IWL_MVM_RXQ_NOTIF_DEL_BA
send IWL_MVM_RXQ_NSSN_SYNC
get IWL_MVM_RXQ_NOTIF_DEL_BA
                                    get IWL_MVM_RXQ_NOTIF_DEL_BA
get IWL_MVM_RXQ_NSSN_SYNC
complete IWL_MVM_RXQ_NOTIF_DEL_BA
remove N from baid_map[]
                                    get IWL_MVM_RXQ_NSSN_SYNC
                                    WARN_ON(!baid_map[N])

Thus, there's a race that leads in hitting the WARN_ON, but more
importantly, it's a race that potentially even results in a new
aggregation session getting assigned to baid N.

To fix this, remove the WARN_ON() in the NSSN_SYNC case, we can't
completely protect against hitting this case, so we shouldn't be
warning. However, guard ourselves against BAID reuse by doing yet
another round of queue synchronization after the entry is removed
from the baid_map, so that it cannot be reused with any in-flight
IWL_MVM_RXQ_NSSN_SYNC messages.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Link: https://lore.kernel.org/r/iwlwifi.20211204083237.44abbbc50f40.I5492600dfe513356555abe2d7df0e2835846e3d8@changeid
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2021-12-07 20:04:56 +02:00
..
cfg iwlwifi: bump FW API to 67 for AX devices 2021-10-28 12:04:12 +03:00
dvm Core: 2021-11-02 06:20:58 -07:00
fw Core: 2021-11-02 06:20:58 -07:00
mei iwlwifi: mvm: fix a possible NULL pointer deference 2021-12-07 12:58:05 +02:00
mvm iwlwifi: mvm: fix delBA vs. NSSN queue sync race 2021-12-07 20:04:56 +02:00
pcie iwlwifi: integrate with iwlmei 2021-11-26 18:31:48 +02:00
queue wireless: iwlwifi: Fix a double free in iwl_txq_dyn_alloc_dma 2021-12-07 13:10:10 +02:00
iwl-agn-hw.h
iwl-config.h iwlwifi: add new killer devices to the driver 2021-10-22 10:49:04 +03:00
iwl-context-info-gen3.h iwlwifi: yoyo: fw debug config from context info and preset 2021-10-22 10:49:01 +03:00
iwl-context-info.h
iwl-csr.h iwlwifi: pcie: update sw error interrupt for BZ family 2021-10-28 12:04:09 +03:00
iwl-dbg-tlv.c iwlwifi: yoyo: support for ROM usniffer 2021-10-28 12:04:10 +03:00
iwl-dbg-tlv.h iwlwifi: yoyo: fw debug config from context info and preset 2021-10-22 10:49:01 +03:00
iwl-debug.c iwlwifi: allow rate-limited error messages 2021-10-22 10:49:03 +03:00
iwl-debug.h iwlwifi: allow rate-limited error messages 2021-10-22 10:49:03 +03:00
iwl-devtrace-data.h iwlwifi: remove contact information 2021-10-22 10:48:59 +03:00
iwl-devtrace-io.h iwlwifi: remove contact information 2021-10-22 10:48:59 +03:00
iwl-devtrace-iwlwifi.h iwlwifi: remove contact information 2021-10-22 10:48:59 +03:00
iwl-devtrace-msg.h iwlwifi: remove contact information 2021-10-22 10:48:59 +03:00
iwl-devtrace-ucode.h iwlwifi: remove contact information 2021-10-22 10:48:59 +03:00
iwl-devtrace.c iwlwifi: remove contact information 2021-10-22 10:48:59 +03:00
iwl-devtrace.h iwlwifi: remove contact information 2021-10-22 10:48:59 +03:00
iwl-drv.c iwlwifi: yoyo: fw debug config from context info and preset 2021-10-22 10:49:01 +03:00
iwl-drv.h iwlwifi: remove MODULE_AUTHOR() statements 2021-10-22 10:48:58 +03:00
iwl-eeprom-parse.c
iwl-eeprom-parse.h
iwl-eeprom-read.c iwlwifi: remove redundant iwl_finish_nic_init() argument 2021-10-22 10:49:02 +03:00
iwl-eeprom-read.h
iwl-fh.h
iwl-io.c iwlwifi: dump host monitor data when NIC doesn't init 2021-10-28 12:04:10 +03:00
iwl-io.h iwlwifi: remove redundant iwl_finish_nic_init() argument 2021-10-22 10:49:02 +03:00
iwl-modparams.h
iwl-nvm-parse.c iwlwifi: integrate with iwlmei 2021-11-26 18:31:48 +02:00
iwl-nvm-parse.h iwlwifi: integrate with iwlmei 2021-11-26 18:31:48 +02:00
iwl-op-mode.h iwlwifi: prepare for synchronous error dumps 2021-08-26 23:32:21 +03:00
iwl-phy-db.c
iwl-phy-db.h
iwl-prph.h iwlwifi: Add support for more BZ HWs 2021-10-22 10:40:58 +03:00
iwl-scd.h
iwl-trans.c iwlwifi: trans/pcie: defer transport initialisation 2021-04-14 12:07:21 +03:00
iwl-trans.h iwlwifi: integrate with iwlmei 2021-11-26 18:31:48 +02:00
Kconfig iwlwifi: mei: add the driver to allow cooperation with CSME 2021-11-26 18:31:47 +02:00
Makefile iwlwifi: mei: add the driver to allow cooperation with CSME 2021-11-26 18:31:47 +02:00