ath9k: prevent aggregation session deadlocks

	int tidno;

	int tidno;

	int baw_head;   /* first un-acked tx buffer */

	int baw_head;   /* first un-acked tx buffer */

	int baw_tail;   /* next unused tx buffer slot */

	int baw_tail;   /* next unused tx buffer slot */

	int sched;

	bool sched;

	int paused;

	bool paused;

	u8 state;

	bool active;

	bool stop_cb;

};

};

struct ath_node {

struct ath_node {

#endif

#endif

};

};

#define AGGR_CLEANUP         BIT(1)

#define AGGR_ADDBA_COMPLETE  BIT(2)

#define AGGR_ADDBA_PROGRESS  BIT(3)

struct ath_tx_control {

struct ath_tx_control {

	struct ath_txq *txq;

	struct ath_txq *txq;

	struct ath_node *an;

	struct ath_node *an;

void ath_tx_edma_tasklet(struct ath_softc *sc);

void ath_tx_edma_tasklet(struct ath_softc *sc);

int ath_tx_aggr_start(struct ath_softc *sc, struct ieee80211_sta *sta,

int ath_tx_aggr_start(struct ath_softc *sc, struct ieee80211_sta *sta,

		      u16 tid, u16 *ssn);

		      u16 tid, u16 *ssn);

bool ath_tx_aggr_stop(struct ath_softc *sc, struct ieee80211_sta *sta, u16 tid,

void ath_tx_aggr_stop(struct ath_softc *sc, struct ieee80211_sta *sta, u16 tid);

		      bool flush);

void ath_tx_aggr_resume(struct ath_softc *sc, struct ieee80211_sta *sta, u16 tid);

void ath_tx_aggr_resume(struct ath_softc *sc, struct ieee80211_sta *sta, u16 tid);

void ath_tx_aggr_wakeup(struct ath_softc *sc, struct ath_node *an);

void ath_tx_aggr_wakeup(struct ath_softc *sc, struct ath_node *an);

		flush = true;

		flush = true;

	case IEEE80211_AMPDU_TX_STOP_CONT:

	case IEEE80211_AMPDU_TX_STOP_CONT:

		ath9k_ps_wakeup(sc);

		ath9k_ps_wakeup(sc);

		if (ath_tx_aggr_stop(sc, sta, tid, flush))

		ath_tx_aggr_stop(sc, sta, tid);

		if (!flush)

			ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);

			ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);

		ath9k_ps_restore(sc);

		ath9k_ps_restore(sc);

		break;

		break;

		return false;

		return false;

	txtid = ATH_AN_2_TID(an, tidno);

	txtid = ATH_AN_2_TID(an, tidno);

	return !txtid->active;

	if (!(txtid->state & (AGGR_ADDBA_COMPLETE | AGGR_ADDBA_PROGRESS)))

			return true;

	return false;

}

}

	list_add_tail(&ac->list, &txq->axq_acq);

	list_add_tail(&ac->list, &txq->axq_acq);

}

}

static void ath_tx_resume_tid(struct ath_softc *sc, struct ath_atx_tid *tid)

{

	struct ath_txq *txq = tid->ac->txq;

	WARN_ON(!tid->paused);

	ath_txq_lock(sc, txq);

	tid->paused = false;

	if (skb_queue_empty(&tid->buf_q))

		goto unlock;

	ath_tx_queue_tid(txq, tid);

	ath_txq_schedule(sc, txq);

unlock:

	ath_txq_unlock_complete(sc, txq);

}

static struct ath_frame_info *get_frame_info(struct sk_buff *skb)

static struct ath_frame_info *get_frame_info(struct sk_buff *skb)

{

{

	struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);

	struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);

			       ARRAY_SIZE(bf->rates));

			       ARRAY_SIZE(bf->rates));

}

}

static void ath_tx_clear_tid(struct ath_softc *sc, struct ath_atx_tid *tid)

static void ath_tx_flush_tid(struct ath_softc *sc, struct ath_atx_tid *tid)

{

	tid->state &= ~AGGR_ADDBA_COMPLETE;

	tid->state &= ~AGGR_CLEANUP;

	if (!tid->stop_cb)

		return;

	ieee80211_start_tx_ba_cb_irqsafe(tid->an->vif, tid->an->sta->addr,

					 tid->tidno);

	tid->stop_cb = false;

}

static void ath_tx_flush_tid(struct ath_softc *sc, struct ath_atx_tid *tid,

			     bool flush_packets)

{

{

	struct ath_txq *txq = tid->ac->txq;

	struct ath_txq *txq = tid->ac->txq;

	struct sk_buff *skb;

	struct sk_buff *skb;

	while ((skb = __skb_dequeue(&tid->buf_q))) {

	while ((skb = __skb_dequeue(&tid->buf_q))) {

		fi = get_frame_info(skb);

		fi = get_frame_info(skb);

		bf = fi->bf;

		bf = fi->bf;

		if (!bf && !flush_packets)

			bf = ath_tx_setup_buffer(sc, txq, tid, skb);

		if (!bf) {

			bf = ath_tx_setup_buffer(sc, txq, tid, skb);

			if (!bf) {

			if (!bf) {

				ieee80211_free_txskb(sc->hw, skb);

				ieee80211_free_txskb(sc->hw, skb);

				continue;

				continue;

			}

			}

		}

		if (fi->retries || flush_packets) {

		if (fi->retries) {

			list_add_tail(&bf->list, &bf_head);

			list_add_tail(&bf->list, &bf_head);

			ath_tx_update_baw(sc, tid, bf->bf_state.seqno);

			ath_tx_update_baw(sc, tid, bf->bf_state.seqno);

			ath_tx_complete_buf(sc, bf, txq, &bf_head, &ts, 0);

			ath_tx_complete_buf(sc, bf, txq, &bf_head, &ts, 0);

		}

		}

	}

	}

	if (tid->baw_head == tid->baw_tail)

	if (sendbar) {

		ath_tx_clear_tid(sc, tid);

	if (sendbar && !flush_packets) {

		ath_txq_unlock(sc, txq);

		ath_txq_unlock(sc, txq);

		ath_send_bar(tid, tid->seq_start);

		ath_send_bar(tid, tid->seq_start);

		ath_txq_lock(sc, txq);

		ath_txq_lock(sc, txq);

		tx_info = IEEE80211_SKB_CB(skb);

		tx_info = IEEE80211_SKB_CB(skb);

		fi = get_frame_info(skb);

		fi = get_frame_info(skb);

		if (ATH_BA_ISSET(ba, ATH_BA_INDEX(seq_st, seqno))) {

		if (!BAW_WITHIN(tid->seq_start, tid->baw_size, seqno)) {

			/*

			 * Outside of the current BlockAck window,

			 * maybe part of a previous session

			 */

			txfail = 1;

		} else if (ATH_BA_ISSET(ba, ATH_BA_INDEX(seq_st, seqno))) {

			/* transmit completion, subframe is

			/* transmit completion, subframe is

			 * acked by block ack */

			 * acked by block ack */

			acked_cnt++;

			acked_cnt++;

		} else if (!isaggr && txok) {

		} else if (!isaggr && txok) {

			/* transmit completion */

			/* transmit completion */

			acked_cnt++;

			acked_cnt++;

		} else if (tid->state & AGGR_CLEANUP) {

			/*

			 * cleanup in progress, just fail

			 * the un-acked sub-frames

			 */

			txfail = 1;

		} else if (flush) {

		} else if (flush) {

			txpending = 1;

			txpending = 1;

		} else if (fi->retries < ATH_MAX_SW_RETRIES) {

		} else if (fi->retries < ATH_MAX_SW_RETRIES) {

		if (bf_next != NULL || !bf_last->bf_stale)

		if (bf_next != NULL || !bf_last->bf_stale)

			list_move_tail(&bf->list, &bf_head);

			list_move_tail(&bf->list, &bf_head);

		if (!txpending || (tid->state & AGGR_CLEANUP)) {

		if (!txpending) {

			/*

			/*

			 * complete the acked-ones/xretried ones; update

			 * complete the acked-ones/xretried ones; update

			 * block-ack window

			 * block-ack window

		ath_txq_lock(sc, txq);

		ath_txq_lock(sc, txq);

	}

	}

	if (tid->state & AGGR_CLEANUP)

		ath_tx_flush_tid(sc, tid, false);

	rcu_read_unlock();

	rcu_read_unlock();

	if (needreset)

	if (needreset)

	an = (struct ath_node *)sta->drv_priv;

	an = (struct ath_node *)sta->drv_priv;

	txtid = ATH_AN_2_TID(an, tid);

	txtid = ATH_AN_2_TID(an, tid);

	if (txtid->state & (AGGR_CLEANUP | AGGR_ADDBA_COMPLETE))

		return -EAGAIN;

	/* update ampdu factor/density, they may have changed. This may happen

	/* update ampdu factor/density, they may have changed. This may happen

	 * in HT IBSS when a beacon with HT-info is received after the station

	 * in HT IBSS when a beacon with HT-info is received after the station

	 * has already been added.

	 * has already been added.

		an->mpdudensity = density;

		an->mpdudensity = density;

	}

	}

	txtid->state |= AGGR_ADDBA_PROGRESS;

	txtid->active = true;

	txtid->paused = true;

	txtid->paused = true;

	*ssn = txtid->seq_start = txtid->seq_next;

	*ssn = txtid->seq_start = txtid->seq_next;

	txtid->bar_index = -1;

	txtid->bar_index = -1;

	return 0;

	return 0;

}

}

bool ath_tx_aggr_stop(struct ath_softc *sc, struct ieee80211_sta *sta, u16 tid,

void ath_tx_aggr_stop(struct ath_softc *sc, struct ieee80211_sta *sta, u16 tid)

		      bool flush)

{

{

	struct ath_node *an = (struct ath_node *)sta->drv_priv;

	struct ath_node *an = (struct ath_node *)sta->drv_priv;

	struct ath_atx_tid *txtid = ATH_AN_2_TID(an, tid);

	struct ath_atx_tid *txtid = ATH_AN_2_TID(an, tid);

	struct ath_txq *txq = txtid->ac->txq;

	struct ath_txq *txq = txtid->ac->txq;

	bool ret = !flush;

	if (flush)

		txtid->stop_cb = false;

	if (txtid->state & AGGR_CLEANUP)

		return false;

	if (!(txtid->state & AGGR_ADDBA_COMPLETE)) {

		txtid->state &= ~AGGR_ADDBA_PROGRESS;

		return ret;

	}

	ath_txq_lock(sc, txq);

	ath_txq_lock(sc, txq);

	txtid->active = false;

	txtid->paused = true;

	txtid->paused = true;

	ath_tx_flush_tid(sc, txtid);

	/*

	 * If frames are still being transmitted for this TID, they will be

	 * cleaned up during tx completion. To prevent race conditions, this

	 * TID can only be reused after all in-progress subframes have been

	 * completed.

	 */

	if (txtid->baw_head != txtid->baw_tail) {

		txtid->state |= AGGR_CLEANUP;

		ret = false;

		txtid->stop_cb = !flush;

	} else {

		txtid->state &= ~AGGR_ADDBA_COMPLETE;

	}

	ath_tx_flush_tid(sc, txtid, flush);

	ath_txq_unlock_complete(sc, txq);

	ath_txq_unlock_complete(sc, txq);

	return ret;

}

}

void ath_tx_aggr_sleep(struct ieee80211_sta *sta, struct ath_softc *sc,

void ath_tx_aggr_sleep(struct ieee80211_sta *sta, struct ath_softc *sc,

	}

	}

}

}

void ath_tx_aggr_resume(struct ath_softc *sc, struct ieee80211_sta *sta, u16 tid)

void ath_tx_aggr_resume(struct ath_softc *sc, struct ieee80211_sta *sta,

			u16 tidno)

{

{

	struct ath_atx_tid *txtid;

	struct ath_atx_tid *tid;

	struct ath_node *an;

	struct ath_node *an;

	struct ath_txq *txq;

	an = (struct ath_node *)sta->drv_priv;

	an = (struct ath_node *)sta->drv_priv;

	tid = ATH_AN_2_TID(an, tidno);

	txq = tid->ac->txq;

	txtid = ATH_AN_2_TID(an, tid);

	ath_txq_lock(sc, txq);

	txtid->baw_size = IEEE80211_MIN_AMPDU_BUF << sta->ht_cap.ampdu_factor;

	txtid->state |= AGGR_ADDBA_COMPLETE;

	tid->baw_size = IEEE80211_MIN_AMPDU_BUF << sta->ht_cap.ampdu_factor;

	txtid->state &= ~AGGR_ADDBA_PROGRESS;

	tid->paused = false;

	ath_tx_resume_tid(sc, txtid);

	if (!skb_queue_empty(&tid->buf_q)) {

		ath_tx_queue_tid(txq, tid);

		ath_txq_schedule(sc, txq);

	}

	ath_txq_unlock_complete(sc, txq);

}

}

/********************/

/********************/

		tid->baw_head  = tid->baw_tail = 0;

		tid->baw_head  = tid->baw_tail = 0;

		tid->sched     = false;

		tid->sched     = false;

		tid->paused    = false;

		tid->paused    = false;

		tid->state &= ~AGGR_CLEANUP;

		tid->active	   = false;

		__skb_queue_head_init(&tid->buf_q);

		__skb_queue_head_init(&tid->buf_q);

		acno = TID_TO_WME_AC(tidno);

		acno = TID_TO_WME_AC(tidno);

		tid->ac = &an->ac[acno];

		tid->ac = &an->ac[acno];

		tid->state &= ~AGGR_ADDBA_COMPLETE;

		tid->state &= ~AGGR_ADDBA_PROGRESS;

		tid->stop_cb = false;

	}

	}

	for (acno = 0, ac = &an->ac[acno];

	for (acno = 0, ac = &an->ac[acno];

		}

		}

		ath_tid_drain(sc, txq, tid);

		ath_tid_drain(sc, txq, tid);

		ath_tx_clear_tid(sc, tid);

		tid->active = false;

		ath_txq_unlock(sc, txq);

		ath_txq_unlock(sc, txq);

	}

	}