Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wirel...
[linux-2.6.git] / net / mac80211 / rx.c
index 5e9d3bc..a6701ed 100644 (file)
@@ -533,10 +533,11 @@ static inline u16 seq_sub(u16 sq1, u16 sq2)
 
 static void ieee80211_release_reorder_frame(struct ieee80211_hw *hw,
                                            struct tid_ampdu_rx *tid_agg_rx,
-                                           int index,
-                                           struct sk_buff_head *frames)
+                                           int index)
 {
+       struct ieee80211_local *local = hw_to_local(hw);
        struct sk_buff *skb = tid_agg_rx->reorder_buf[index];
+       struct ieee80211_rx_status *status;
 
        lockdep_assert_held(&tid_agg_rx->reorder_lock);
 
@@ -546,7 +547,9 @@ static void ieee80211_release_reorder_frame(struct ieee80211_hw *hw,
        /* release the frame from the reorder ring buffer */
        tid_agg_rx->stored_mpdu_num--;
        tid_agg_rx->reorder_buf[index] = NULL;
-       __skb_queue_tail(frames, skb);
+       status = IEEE80211_SKB_RXCB(skb);
+       status->rx_flags |= IEEE80211_RX_DEFERRED_RELEASE;
+       skb_queue_tail(&local->rx_skb_queue, skb);
 
 no_frame:
        tid_agg_rx->head_seq_num = seq_inc(tid_agg_rx->head_seq_num);
@@ -554,8 +557,7 @@ no_frame:
 
 static void ieee80211_release_reorder_frames(struct ieee80211_hw *hw,
                                             struct tid_ampdu_rx *tid_agg_rx,
-                                            u16 head_seq_num,
-                                            struct sk_buff_head *frames)
+                                            u16 head_seq_num)
 {
        int index;
 
@@ -564,7 +566,7 @@ static void ieee80211_release_reorder_frames(struct ieee80211_hw *hw,
        while (seq_less(tid_agg_rx->head_seq_num, head_seq_num)) {
                index = seq_sub(tid_agg_rx->head_seq_num, tid_agg_rx->ssn) %
                                                        tid_agg_rx->buf_size;
-               ieee80211_release_reorder_frame(hw, tid_agg_rx, index, frames);
+               ieee80211_release_reorder_frame(hw, tid_agg_rx, index);
        }
 }
 
@@ -580,8 +582,7 @@ static void ieee80211_release_reorder_frames(struct ieee80211_hw *hw,
 #define HT_RX_REORDER_BUF_TIMEOUT (HZ / 10)
 
 static void ieee80211_sta_reorder_release(struct ieee80211_hw *hw,
-                                         struct tid_ampdu_rx *tid_agg_rx,
-                                         struct sk_buff_head *frames)
+                                         struct tid_ampdu_rx *tid_agg_rx)
 {
        int index, j;
 
@@ -612,8 +613,7 @@ static void ieee80211_sta_reorder_release(struct ieee80211_hw *hw,
                                wiphy_debug(hw->wiphy,
                                            "release an RX reorder frame due to timeout on earlier frames\n");
 #endif
-                       ieee80211_release_reorder_frame(hw, tid_agg_rx,
-                                                       j, frames);
+                       ieee80211_release_reorder_frame(hw, tid_agg_rx, j);
 
                        /*
                         * Increment the head seq# also for the skipped slots.
@@ -623,31 +623,11 @@ static void ieee80211_sta_reorder_release(struct ieee80211_hw *hw,
                        skipped = 0;
                }
        } else while (tid_agg_rx->reorder_buf[index]) {
-               ieee80211_release_reorder_frame(hw, tid_agg_rx, index, frames);
+               ieee80211_release_reorder_frame(hw, tid_agg_rx, index);
                index = seq_sub(tid_agg_rx->head_seq_num, tid_agg_rx->ssn) %
                                                        tid_agg_rx->buf_size;
        }
 
-       /*
-        * Disable the reorder release timer for now.
-        *
-        * The current implementation lacks a proper locking scheme
-        * which would protect vital statistic and debug counters
-        * from being updated by two different but concurrent BHs.
-        *
-        * More information about the topic is available from:
-        * - thread: http://marc.info/?t=128635927000001
-        *
-        * What was wrong:
-        * =>  http://marc.info/?l=linux-wireless&m=128636170811964
-        * "Basically the thing is that until your patch, the data
-        *  in the struct didn't actually need locking because it
-        *  was accessed by the RX path only which is not concurrent."
-        *
-        * List of what needs to be fixed:
-        * => http://marc.info/?l=linux-wireless&m=128656352920957
-        *
-
        if (tid_agg_rx->stored_mpdu_num) {
                j = index = seq_sub(tid_agg_rx->head_seq_num,
                                    tid_agg_rx->ssn) % tid_agg_rx->buf_size;
@@ -666,10 +646,6 @@ static void ieee80211_sta_reorder_release(struct ieee80211_hw *hw,
        } else {
                del_timer(&tid_agg_rx->reorder_timer);
        }
-       */
-
-set_release_timer:
-       return;
 }
 
 /*
@@ -679,8 +655,7 @@ set_release_timer:
  */
 static bool ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
                                             struct tid_ampdu_rx *tid_agg_rx,
-                                            struct sk_buff *skb,
-                                            struct sk_buff_head *frames)
+                                            struct sk_buff *skb)
 {
        struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
        u16 sc = le16_to_cpu(hdr->seq_ctrl);
@@ -707,8 +682,7 @@ static bool ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
        if (!seq_less(mpdu_seq_num, head_seq_num + buf_size)) {
                head_seq_num = seq_inc(seq_sub(mpdu_seq_num, buf_size));
                /* release stored frames up to new head to stack */
-               ieee80211_release_reorder_frames(hw, tid_agg_rx, head_seq_num,
-                                                frames);
+               ieee80211_release_reorder_frames(hw, tid_agg_rx, head_seq_num);
        }
 
        /* Now the new frame is always in the range of the reordering buffer */
@@ -736,7 +710,7 @@ static bool ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
        tid_agg_rx->reorder_buf[index] = skb;
        tid_agg_rx->reorder_time[index] = jiffies;
        tid_agg_rx->stored_mpdu_num++;
-       ieee80211_sta_reorder_release(hw, tid_agg_rx, frames);
+       ieee80211_sta_reorder_release(hw, tid_agg_rx);
 
  out:
        spin_unlock(&tid_agg_rx->reorder_lock);
@@ -747,8 +721,7 @@ static bool ieee80211_sta_manage_reorder_buf(struct ieee80211_hw *hw,
  * Reorder MPDUs from A-MPDUs, keeping them on a buffer. Returns
  * true if the MPDU was buffered, false if it should be processed.
  */
-static void ieee80211_rx_reorder_ampdu(struct ieee80211_rx_data *rx,
-                                      struct sk_buff_head *frames)
+static void ieee80211_rx_reorder_ampdu(struct ieee80211_rx_data *rx)
 {
        struct sk_buff *skb = rx->skb;
        struct ieee80211_local *local = rx->local;
@@ -803,11 +776,11 @@ static void ieee80211_rx_reorder_ampdu(struct ieee80211_rx_data *rx,
         * sure that we cannot get to it any more before doing
         * anything with it.
         */
-       if (ieee80211_sta_manage_reorder_buf(hw, tid_agg_rx, skb, frames))
+       if (ieee80211_sta_manage_reorder_buf(hw, tid_agg_rx, skb))
                return;
 
  dont_reorder:
-       __skb_queue_tail(frames, skb);
+       skb_queue_tail(&local->rx_skb_queue, skb);
 }
 
 static ieee80211_rx_result debug_noinline
@@ -1189,6 +1162,7 @@ ieee80211_rx_h_sta_process(struct ieee80211_rx_data *rx)
         * exchange sequence.
         */
        if (!ieee80211_has_morefrags(hdr->frame_control) &&
+           !(status->rx_flags & IEEE80211_RX_DEFERRED_RELEASE) &&
            (rx->sdata->vif.type == NL80211_IFTYPE_AP ||
             rx->sdata->vif.type == NL80211_IFTYPE_AP_VLAN)) {
                if (test_sta_flags(sta, WLAN_STA_PS_STA)) {
@@ -1831,11 +1805,11 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx)
 
                        fwd_skb = skb_copy(skb, GFP_ATOMIC);
 
-                       if (!fwd_skb && net_ratelimit()) {
+                       if (!fwd_skb && net_ratelimit())
                                printk(KERN_DEBUG "%s: failed to clone mesh frame\n",
                                                   sdata->name);
+                       if (!fwd_skb)
                                goto out;
-                       }
 
                        fwd_hdr =  (struct ieee80211_hdr *) fwd_skb->data;
                        memcpy(fwd_hdr->addr2, sdata->vif.addr, ETH_ALEN);
@@ -1930,7 +1904,7 @@ ieee80211_rx_h_data(struct ieee80211_rx_data *rx)
 }
 
 static ieee80211_rx_result debug_noinline
-ieee80211_rx_h_ctrl(struct ieee80211_rx_data *rx, struct sk_buff_head *frames)
+ieee80211_rx_h_ctrl(struct ieee80211_rx_data *rx)
 {
        struct ieee80211_local *local = rx->local;
        struct ieee80211_hw *hw = &local->hw;
@@ -1970,8 +1944,7 @@ ieee80211_rx_h_ctrl(struct ieee80211_rx_data *rx, struct sk_buff_head *frames)
 
                spin_lock(&tid_agg_rx->reorder_lock);
                /* release stored frames up to start of BAR */
-               ieee80211_release_reorder_frames(hw, tid_agg_rx, start_seq_num,
-                                                frames);
+               ieee80211_release_reorder_frames(hw, tid_agg_rx, start_seq_num);
                spin_unlock(&tid_agg_rx->reorder_lock);
 
                kfree_skb(skb);
@@ -2488,8 +2461,7 @@ static void ieee80211_rx_handlers_result(struct ieee80211_rx_data *rx,
        }
 }
 
-static void ieee80211_rx_handlers(struct ieee80211_rx_data *rx,
-                                 struct sk_buff_head *frames)
+static void ieee80211_rx_handlers(struct ieee80211_rx_data *rx)
 {
        ieee80211_rx_result res = RX_DROP_MONITOR;
        struct sk_buff *skb;
@@ -2501,7 +2473,15 @@ static void ieee80211_rx_handlers(struct ieee80211_rx_data *rx,
                        goto rxh_next;  \
        } while (0);
 
-       while ((skb = __skb_dequeue(frames))) {
+       spin_lock(&rx->local->rx_skb_queue.lock);
+       if (rx->local->running_rx_handler)
+               goto unlock;
+
+       rx->local->running_rx_handler = true;
+
+       while ((skb = __skb_dequeue(&rx->local->rx_skb_queue))) {
+               spin_unlock(&rx->local->rx_skb_queue.lock);
+
                /*
                 * all the other fields are valid across frames
                 * that belong to an aMPDU since they are on the
@@ -2524,12 +2504,7 @@ static void ieee80211_rx_handlers(struct ieee80211_rx_data *rx,
                        CALL_RXH(ieee80211_rx_h_mesh_fwding);
 #endif
                CALL_RXH(ieee80211_rx_h_data)
-
-               /* special treatment -- needs the queue */
-               res = ieee80211_rx_h_ctrl(rx, frames);
-               if (res != RX_CONTINUE)
-                       goto rxh_next;
-
+               CALL_RXH(ieee80211_rx_h_ctrl);
                CALL_RXH(ieee80211_rx_h_mgmt_check)
                CALL_RXH(ieee80211_rx_h_action)
                CALL_RXH(ieee80211_rx_h_userspace_mgmt)
@@ -2538,18 +2513,20 @@ static void ieee80211_rx_handlers(struct ieee80211_rx_data *rx,
 
  rxh_next:
                ieee80211_rx_handlers_result(rx, res);
-
+               spin_lock(&rx->local->rx_skb_queue.lock);
 #undef CALL_RXH
        }
+
+       rx->local->running_rx_handler = false;
+
+ unlock:
+       spin_unlock(&rx->local->rx_skb_queue.lock);
 }
 
 static void ieee80211_invoke_rx_handlers(struct ieee80211_rx_data *rx)
 {
-       struct sk_buff_head reorder_release;
        ieee80211_rx_result res = RX_DROP_MONITOR;
 
-       __skb_queue_head_init(&reorder_release);
-
 #define CALL_RXH(rxh)                  \
        do {                            \
                res = rxh(rx);          \
@@ -2560,9 +2537,9 @@ static void ieee80211_invoke_rx_handlers(struct ieee80211_rx_data *rx)
        CALL_RXH(ieee80211_rx_h_passive_scan)
        CALL_RXH(ieee80211_rx_h_check)
 
-       ieee80211_rx_reorder_ampdu(rx, &reorder_release);
+       ieee80211_rx_reorder_ampdu(rx);
 
-       ieee80211_rx_handlers(rx, &reorder_release);
+       ieee80211_rx_handlers(rx);
        return;
 
  rxh_next:
@@ -2577,7 +2554,6 @@ static void ieee80211_invoke_rx_handlers(struct ieee80211_rx_data *rx)
  */
 void ieee80211_release_reorder_timeout(struct sta_info *sta, int tid)
 {
-       struct sk_buff_head frames;
        struct ieee80211_rx_data rx = {
                .sta = sta,
                .sdata = sta->sdata,
@@ -2590,13 +2566,11 @@ void ieee80211_release_reorder_timeout(struct sta_info *sta, int tid)
        if (!tid_agg_rx)
                return;
 
-       __skb_queue_head_init(&frames);
-
        spin_lock(&tid_agg_rx->reorder_lock);
-       ieee80211_sta_reorder_release(&sta->local->hw, tid_agg_rx, &frames);
+       ieee80211_sta_reorder_release(&sta->local->hw, tid_agg_rx);
        spin_unlock(&tid_agg_rx->reorder_lock);
 
-       ieee80211_rx_handlers(&rx, &frames);
+       ieee80211_rx_handlers(&rx);
 }
 
 /* main receive path */