Fix a bug where the mac80211 RX aggregation code sets a new aggregation
"session" at the remote station's request, but the head_seq_num
(the sequence number the receiver expects to receive) isn't reset.
Spotted on a pair of AR9580 in IBSS mode.
Signed-off-by: Krzysztof Halasa <khalasa@xxxxxxx>
diff --git a/net/mac80211/agg-rx.c b/net/mac80211/agg-rx.c
index 4d1c335e06e5..67733bd61297 100644
--- a/net/mac80211/agg-rx.c
+++ b/net/mac80211/agg-rx.c
@@ -354,10 +354,13 @@ void ___ieee80211_start_rx_ba_session(struct sta_info *sta,
*/
rcu_read_lock();
tid_rx = rcu_dereference(sta->ampdu_mlme.tid_rx[tid]);
- if (tid_rx && tid_rx->timeout == timeout)
+ if (tid_rx && tid_rx->timeout == timeout) {
+ tid_rx->ssn = start_seq_num;
+ tid_rx->head_seq_num = start_seq_num;
status = WLAN_STATUS_SUCCESS;
- else
+ } else {
status = WLAN_STATUS_REQUEST_DECLINED;
+ }
rcu_read_unlock();
goto end;
}
--
Krzysztof Hałasa
ŁUKASIEWICZ Research Network
Industrial Research Institute for Automation and Measurements PIAP
Al. Jerozolimskie 202, 02-486 Warsaw, Poland
