aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJohannes Berg <johannes@sipsolutions.net>2007-08-28 17:01:52 -0400
committerDavid S. Miller <davem@sunset.davemloft.net>2007-10-10 19:48:39 -0400
commit2a8a9a88fc1b18f5c45244d0ef8a5352f6cf761f (patch)
treebe45f7673455ebceb88bc405a33ae1254bc9e62f
parent4b6aa59999a3a12dd4740a52299c6c33e85a8747 (diff)
[MAC80211]: avoid copying packets to interfaces that are down
David Woodhouse noticed that under some circumstances the number of slab allocations kept growing. After looking a bit, this seemed to happen when you had a management mode interface that was *down*. The reason for this is that when the device is down, all management frames get queued to the in-kernel MLME (via ieee80211_sta_rx_mgmt) but then the sta work is invoked but doesn't run when the netif is down. When you then bring the interface up, all such frames are freed, but if you change the mode all of them are lost because the skb queue is reinitialised as soon as you go back to managed mode. The skb queue is correctly cleared when the interface is brought down, but the code doesn't account for the fact that it may be filled while it is not up. This patch should fix the issue by simply ignoring all interfaces that are down when going through the RX handlers. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Acked-by: Michael Wu <flamingice@sourmilk.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/mac80211/ieee80211.c9
-rw-r--r--net/mac80211/rx.c3
2 files changed, 12 insertions, 0 deletions
diff --git a/net/mac80211/ieee80211.c b/net/mac80211/ieee80211.c
index 5fc240259f55..00df2a9a2661 100644
--- a/net/mac80211/ieee80211.c
+++ b/net/mac80211/ieee80211.c
@@ -493,7 +493,16 @@ static void ieee80211_if_shutdown(struct net_device *dev)
493 case IEEE80211_IF_TYPE_IBSS: 493 case IEEE80211_IF_TYPE_IBSS:
494 sdata->u.sta.state = IEEE80211_DISABLED; 494 sdata->u.sta.state = IEEE80211_DISABLED;
495 del_timer_sync(&sdata->u.sta.timer); 495 del_timer_sync(&sdata->u.sta.timer);
496 /*
497 * Holding the sub_if_lock for writing here blocks
498 * out the receive path and makes sure it's not
499 * currently processing a packet that may get
500 * added to the queue.
501 */
502 write_lock_bh(&local->sub_if_lock);
496 skb_queue_purge(&sdata->u.sta.skb_queue); 503 skb_queue_purge(&sdata->u.sta.skb_queue);
504 write_unlock_bh(&local->sub_if_lock);
505
497 if (!local->ops->hw_scan && 506 if (!local->ops->hw_scan &&
498 local->scan_dev == sdata->dev) { 507 local->scan_dev == sdata->dev) {
499 local->sta_scanning = 0; 508 local->sta_scanning = 0;
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 95a00eb57249..01176ba52df4 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -1380,6 +1380,9 @@ void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
1380 list_for_each_entry(sdata, &local->sub_if_list, list) { 1380 list_for_each_entry(sdata, &local->sub_if_list, list) {
1381 rx.u.rx.ra_match = 1; 1381 rx.u.rx.ra_match = 1;
1382 1382
1383 if (!netif_running(sdata->dev))
1384 continue;
1385
1383 prepres = prepare_for_handlers(sdata, bssid, &rx, hdr); 1386 prepres = prepare_for_handlers(sdata, bssid, &rx, hdr);
1384 /* prepare_for_handlers can change sta */ 1387 /* prepare_for_handlers can change sta */
1385 sta = rx.sta; 1388 sta = rx.sta;