mt76: add missing locking around ampdu action

This is needed primarily to avoid races in dealing with rx aggregation
related data structures

Signed-off-by: Felix Fietkau <nbd@nbd.name>

diff --git a/drivers/net/wireless/mediatek/mt76/mt7603/main.c b/drivers/net/wireless/mediatek/mt76/mt7603/main.c
index 31cce1c..a0632ca 100644 (file)
--- a/drivers/net/wireless/mediatek/mt76/mt7603/main.c
+++ b/drivers/net/wireless/mediatek/mt76/mt7603/main.c
@@ -575,6 +575,7 @@ mt7603_ampdu_action(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
 
        mtxq = (struct mt76_txq *)txq->drv_priv;
 
+       mutex_lock(&dev->mt76.mutex);
        switch (action) {
        case IEEE80211_AMPDU_RX_START:
                mt76_rx_aggr_start(&dev->mt76, &msta->wcid, tid, ssn,
@@ -603,6 +604,7 @@ mt7603_ampdu_action(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
                ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
                break;
        }
+       mutex_unlock(&dev->mt76.mutex);
 
        return 0;
 }

diff --git a/drivers/net/wireless/mediatek/mt76/mt7615/main.c b/drivers/net/wireless/mediatek/mt76/mt7615/main.c
index 602add1..7e1e148 100644 (file)
--- a/drivers/net/wireless/mediatek/mt76/mt7615/main.c
+++ b/drivers/net/wireless/mediatek/mt76/mt7615/main.c
@@ -489,6 +489,7 @@ mt7615_ampdu_action(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
 
        mtxq = (struct mt76_txq *)txq->drv_priv;
 
+       mutex_lock(&dev->mt76.mutex);
        switch (action) {
        case IEEE80211_AMPDU_RX_START:
                mt76_rx_aggr_start(&dev->mt76, &msta->wcid, tid, ssn,
@@ -518,6 +519,7 @@ mt7615_ampdu_action(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
                ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
                break;
        }
+       mutex_unlock(&dev->mt76.mutex);
 
        return 0;
 }

diff --git a/drivers/net/wireless/mediatek/mt76/mt76x02_util.c b/drivers/net/wireless/mediatek/mt76/mt76x02_util.c
index 23134bb..ceb0325 100644 (file)
--- a/drivers/net/wireless/mediatek/mt76/mt76x02_util.c
+++ b/drivers/net/wireless/mediatek/mt76/mt76x02_util.c
@@ -372,6 +372,7 @@ int mt76x02_ampdu_action(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
 
        mtxq = (struct mt76_txq *)txq->drv_priv;
 
+       mutex_lock(&dev->mt76.mutex);
        switch (action) {
        case IEEE80211_AMPDU_RX_START:
                mt76_rx_aggr_start(&dev->mt76, &msta->wcid, tid,
@@ -400,6 +401,7 @@ int mt76x02_ampdu_action(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
                ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
                break;
        }
+       mutex_unlock(&dev->mt76.mutex);
 
        return 0;
 }