• Yogesh Ashok Powar's avatar
    mac80211: Purge A-MPDU TX queues before station destructions · 42624d49
    Yogesh Ashok Powar authored
    When a station leaves suddenly while ampdu traffic to that station is still
    running, there is a possibility that the ampdu pending queues are not freed due
    to a race condition leading to memory leaks. In '__sta_info_destroy' when we
    attempt to destroy the ampdu sessions in 'ieee80211_sta_tear_down_BA_sessions',
    the driver calls 'ieee80211_stop_tx_ba_cb_irqsafe' to delete the ampdu
    structures (tid_tx) and splice the pending queues and this job gets queued in
    sdata workqueue. However, the sta entry can get destroyed before the above work
    gets scheduled and hence the race.
    
    Purging the queues and freeing the tid_tx to avoid the leak. The better solution
    would be to fix the race, but that can be taken up in a separate patch.
    Signed-off-by: default avatarNishant Sarmukadam <nishants@marvell.com>
    Signed-off-by: default avatarYogesh Ashok Powar <yogeshp@marvell.com>
    Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
    42624d49
sta_info.c 39.4 KB