Commit a2c40249 authored Apr 27, 2010 by Shanyu Zhao Committed by John W. Linville Apr 27, 2010

mac80211: fix rts threshold check



Currently whenever rts thresold is set, every packet will use RTS
protection no matter its size exceeds the threshold or not. This is
due to a bug in the rts threshold check.
	if (len > tx->local->hw.wiphy->rts_threshold) {
		txrc.rts = rts = true;
	}
Basically it is comparing an int (len) and a u32 (rts_threshold),
and the variable len is assigned as:
	len = min_t(int, tx->skb->len + FCS_LEN,
			 tx->local->hw.wiphy->frag_threshold);
However, when frag_threshold is "-1", len is always "-1", which is
0xffffffff therefore rts is always set to true.

CC: stable@kernel.org
Signed-off-by: Shanyu Zhao <shanyu.zhao@intel.com>
Reviewed-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>

parent a060bbfe

net/mac80211/tx.c

+3 −2

Original line number	Diff line number	Diff line
		@@ -593,7 +593,8 @@ ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx)
		struct ieee80211_hdr hdr = (void )tx->skb->data;
		struct ieee80211_supported_band *sband;
		struct ieee80211_rate *rate;
		int i, len;
		int i;
		u32 len;
		bool inval = false, rts = false, short_preamble = false;
		struct ieee80211_tx_rate_control txrc;
		u32 sta_flags;
		@@ -602,7 +603,7 @@ ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx)

		sband = tx->local->hw.wiphy->bands[tx->channel->band];

		len = min_t(int, tx->skb->len + FCS_LEN,
		len = min_t(u32, tx->skb->len + FCS_LEN,
		tx->local->hw.wiphy->frag_threshold);

		/* set up the tx rate control struct we give the RC algo */

Admin message