diff options
| author | Christian Lamparter <chunkeey@googlemail.com> | 2011-01-31 13:48:44 -0500 |
|---|---|---|
| committer | John W. Linville <linville@tuxdriver.com> | 2011-02-04 16:29:49 -0500 |
| commit | 512119b36f7945a650877cbc7e9b5f4cc4d92e4c (patch) | |
| tree | 324117fb41bff372ac9a5e669cf279106731cac1 /net | |
| parent | 4099e2f4404762add8ef2b0dadef3c5122117210 (diff) | |
mac80211: fix race between next beacon dtim and ieee80211_get_buffered_bc
On review of 'zd1211rw: implement beacon fetching and handling
ieee80211_get_buffered_bc()', Christian Lamparter noted that [1]:
Since zd_beacon_done also uploads the next beacon so long in advance,
there could be an equally long race between the outdated state of the
next beacon's DTIM broadcast traffic indicator (802.11-2007 7.3.2.6)
which -in your case- was uploaded almost a beacon interval ago and
the xmit of ieee80211_get_buffered_bc *now*.
The dtim bc/mc bit might be not set, when a mc/bc arrived after the
beacon was uploaded, but before the "beacon done event" from the
hardware. So, dozing stations don't expect the broadcast traffic
and of course, they might miss it completely.
It's probably better to fix this in mac80211 (see the attached hack).
[1] http://marc.info/?l=linux-wireless&m=129435041117256&w=2
CC: Christian Lamparter <chunkeey@googlemail.com>
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@mbnet.fi>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to 'net')
| -rw-r--r-- | net/mac80211/ieee80211_i.h | 1 | ||||
| -rw-r--r-- | net/mac80211/tx.c | 4 |
2 files changed, 4 insertions, 1 deletions
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h index c47d7c0e48a..f71ed31d176 100644 --- a/net/mac80211/ieee80211_i.h +++ b/net/mac80211/ieee80211_i.h | |||
| @@ -225,6 +225,7 @@ struct ieee80211_if_ap { | |||
| 225 | struct sk_buff_head ps_bc_buf; | 225 | struct sk_buff_head ps_bc_buf; |
| 226 | atomic_t num_sta_ps; /* number of stations in PS mode */ | 226 | atomic_t num_sta_ps; /* number of stations in PS mode */ |
| 227 | int dtim_count; | 227 | int dtim_count; |
| 228 | bool dtim_bc_mc; | ||
| 228 | }; | 229 | }; |
| 229 | 230 | ||
| 230 | struct ieee80211_if_wds { | 231 | struct ieee80211_if_wds { |
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c index 8fbbc7a816d..bf67a223cd6 100644 --- a/net/mac80211/tx.c +++ b/net/mac80211/tx.c | |||
| @@ -2179,6 +2179,8 @@ static void ieee80211_beacon_add_tim(struct ieee80211_if_ap *bss, | |||
| 2179 | if (bss->dtim_count == 0 && !skb_queue_empty(&bss->ps_bc_buf)) | 2179 | if (bss->dtim_count == 0 && !skb_queue_empty(&bss->ps_bc_buf)) |
| 2180 | aid0 = 1; | 2180 | aid0 = 1; |
| 2181 | 2181 | ||
| 2182 | bss->dtim_bc_mc = aid0 == 1; | ||
| 2183 | |||
| 2182 | if (have_bits) { | 2184 | if (have_bits) { |
| 2183 | /* Find largest even number N1 so that bits numbered 1 through | 2185 | /* Find largest even number N1 so that bits numbered 1 through |
| 2184 | * (N1 x 8) - 1 in the bitmap are 0 and number N2 so that bits | 2186 | * (N1 x 8) - 1 in the bitmap are 0 and number N2 so that bits |
| @@ -2549,7 +2551,7 @@ ieee80211_get_buffered_bc(struct ieee80211_hw *hw, | |||
| 2549 | if (sdata->vif.type != NL80211_IFTYPE_AP || !beacon || !beacon->head) | 2551 | if (sdata->vif.type != NL80211_IFTYPE_AP || !beacon || !beacon->head) |
| 2550 | goto out; | 2552 | goto out; |
| 2551 | 2553 | ||
| 2552 | if (bss->dtim_count != 0) | 2554 | if (bss->dtim_count != 0 || !bss->dtim_bc_mc) |
| 2553 | goto out; /* send buffered bc/mc only after DTIM beacon */ | 2555 | goto out; /* send buffered bc/mc only after DTIM beacon */ |
| 2554 | 2556 | ||
| 2555 | while (1) { | 2557 | while (1) { |