Fix a bug where the mac80211 RX aggregation code sets a new aggregation
"session" at the remote station's request, but the head_seq_num
(the sequence number the receiver expects to receive) isn't reset.
Spotted on a pair of AR9580 in IBSS mode.
Signed-off-by: Krzysztof Halasa <khalasa@xxxxxxx>
diff --git a/net/mac80211/agg-rx.c b/net/mac80211/agg-rx.c
index 4d1c335e06e5..775a51cc51c9 100644
--- a/net/mac80211/agg-rx.c
+++ b/net/mac80211/agg-rx.c
@@ -354,9 +354,11 @@ void ___ieee80211_start_rx_ba_session(struct sta_info *sta,
*/
rcu_read_lock();
tid_rx = rcu_dereference(sta->ampdu_mlme.tid_rx[tid]);
- if (tid_rx && tid_rx->timeout == timeout)
+ if (tid_rx && tid_rx->timeout == timeout) {
+ tid_rx->ssn = start_seq_num;
+ tid_rx->head_seq_num = start_seq_num;
status = WLAN_STATUS_SUCCESS;
- else
+ } else