git: a775c23e4061 - stable/14 - LinuxKPI: 802.11: fix locking in lkpi_ic_ampdu_rx_stop()

From: Bjoern A. Zeeb <bz_at_FreeBSD.org>
Date: Wed, 26 Feb 2025 15:03:14 UTC 
The branch stable/14 has been updated by bz:

URL: https://cgit.FreeBSD.org/src/commit/?id=a775c23e406136b31d3c4c6bf6a7f2cf4a733c0b

commit a775c23e406136b31d3c4c6bf6a7f2cf4a733c0b
Author:     Bjoern A. Zeeb <bz@FreeBSD.org>
AuthorDate: 2025-02-22 23:38:54 +0000
Commit:     Bjoern A. Zeeb <bz@FreeBSD.org>
CommitDate: 2025-02-26 02:39:35 +0000

    LinuxKPI: 802.11: fix locking in lkpi_ic_ampdu_rx_stop()
    
    net80211 has inconsistent locking when calling into (*ic_ampdu_rx_stop)().
    Make use of 054c5ddf587a7 and conditionally check if the caller
    locked or not and if locked temporary drop the lock to avoid sleeping
    on a non-sleepaable lock during the downcall into the driver.
    
    Sponsored by:   The FreeBSD Foundation
    
    (cherry picked from commit 65c573e47c40e3f167f3d7e41bd8db40b6b8f91e)
---
 sys/compat/linuxkpi/common/src/linux_80211.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/sys/compat/linuxkpi/common/src/linux_80211.c b/sys/compat/linuxkpi/common/src/linux_80211.c
index 1255691ccf70..5ecfdf495948 100644
--- a/sys/compat/linuxkpi/common/src/linux_80211.c
+++ b/sys/compat/linuxkpi/common/src/linux_80211.c
@@ -5024,6 +5024,7 @@ lkpi_ic_ampdu_rx_stop(struct ieee80211_node *ni, struct ieee80211_rx_ampdu *rap)
 	struct ieee80211_ampdu_params params = { };
 	int error;
 	uint8_t tid;
+	bool ic_locked;
 
 	ic = ni->ni_ic;
 	lhw = ic->ic_softc;
@@ -5061,11 +5062,14 @@ lkpi_ic_ampdu_rx_stop(struct ieee80211_node *ni, struct ieee80211_rx_ampdu *rap)
 	params.tid = tid;
 	params.amsdu = false;
 
-	// IEEE80211_UNLOCK(ic);
+	ic_locked = IEEE80211_IS_LOCKED(ic);
+	if (ic_locked)
+		IEEE80211_UNLOCK(ic);
 	LKPI_80211_LHW_LOCK(lhw);
 	error = lkpi_80211_mo_ampdu_action(hw, vif, &params);
 	LKPI_80211_LHW_UNLOCK(lhw);
-	// IEEE80211_LOCK(ic);
+	if (ic_locked)
+		IEEE80211_LOCK(ic);
 	if (error != 0)
 		ic_printf(ic, "%s: mo_ampdu_action returned %d. ni %p rap %p\n",
 		    __func__, error, ni, rap);