There was an an implicit assumption that any QoS data frame received from a STA/TID with an active BA session was sent to this vif as part of a BA. This is not true if IFF_PROMISC is enabled and the frame was destined for a different peer, for example. Don't treat these frames as part of a BA from the sending STA. Signed-off-by: Thomas Pedersen <thomas@xxxxxxxxxxx> --- net/mac80211/rx.c | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c index b9d3236..0995685 100644 --- a/net/mac80211/rx.c +++ b/net/mac80211/rx.c @@ -777,6 +777,10 @@ static void ieee80211_rx_reorder_ampdu(struct ieee80211_rx_data *rx) (ack_policy == IEEE80211_QOS_CTL_ACK_POLICY_NORMAL))) goto dont_reorder; + /* not actually part of this BA session */ + if (compare_ether_addr(hdr->addr1, rx->sdata->vif.addr) != 0) + goto dont_reorder; + /* new, potentially un-ordered, ampdu frame - process it */ /* reset session timer */ -- 1.7.5.4 -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
