From 4be43770fd03391df66f9043280d55764e477221 Mon Sep 17 00:00:00 2001 From: Markus Fritsche Date: Fri, 8 May 2026 00:22:14 +0200 Subject: [PATCH] =?UTF-8?q?bes2600:=20Patch=20E=20=E2=80=94=20skip=20ps=5F?= =?UTF-8?q?state=5Flock=20when=20PSM-known-disabled?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Per the Opus structural critique (PR #8 §2.4) and Sonnet review item 5. The per-RX-frame early-data path takes ps_state_lock to double-check whether a link entry transitioned to BES2600_LINK_SOFT (AP-side power-save state machine, soft-link transition). When c7 has latched pm_unsupported = true (firmware does not honor PSM, see feedback_bes2600_firmware_no_psm memory), the AP power-save state machine is dead and link entries never transition to LINK_SOFT. The per-frame spin_lock_bh + double-check is wasted work. This patch gates the lock acquisition on !pm_unsupported. When the latch is on (the steady state on the production-shipped bes2600 firmware), early_data RX frames bypass the spin_lock_bh and go directly to ieee80211_rx_irqsafe. If a future firmware drop fixes PSM, c7 self-clears pm_unsupported on the first real PM_INDICATION and the locked path resumes. Scope is narrower than Sonnet originally framed: only the per-RX-frame hot path (txrx.c:1945-1951 in cleanups+G+D) is touched. Other ps_state_lock sites in txrx.c (lines 657, 1256, 1420, 1528) are TX submission / multicast-start / link-id paths, not per-frame RX, and not on the Bug #5 hot path. Leave those alone. Build verified: srcversion B5922B4933590F33207EE97 on ohm sandbox. --- bes2600/txrx.c | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/bes2600/txrx.c b/bes2600/txrx.c index 84c34bc..bf17777 100644 --- a/bes2600/txrx.c +++ b/bes2600/txrx.c @@ -1942,13 +1942,31 @@ void bes2600_rx_cb(struct bes2600_vif *priv, if (unlikely(bes2600_itp_rxed(hw_priv, skb))) consume_skb(skb); else if (unlikely(early_data)) { - spin_lock_bh(&priv->ps_state_lock); - /* Double-check status with lock held */ - if (entry->status == BES2600_LINK_SOFT) - skb_queue_tail(&entry->rx_queue, skb); - else + /* + * Patch E: when c7 has latched pm_unsupported (firmware + * doesn't honour PSM, see feedback_bes2600_firmware_no_psm), + * AP-side power-save state machine is dead and link entries + * never transition to BES2600_LINK_SOFT. The double-check + * branch under ps_state_lock is unreachable in that case, + * so skip the per-frame lock acquisition entirely and + * deliver to mac80211 directly. + * + * On firmware that does honour PSM (the latch self-clears + * if a real PM_INDICATION ever arrives — see c7), this + * predicate flips back to false and the original locked + * path is taken. + */ + if (hw_priv->bes_power.pm_unsupported) { ieee80211_rx_irqsafe(priv->hw, skb); - spin_unlock_bh(&priv->ps_state_lock); + } else { + spin_lock_bh(&priv->ps_state_lock); + /* Double-check status with lock held */ + if (entry->status == BES2600_LINK_SOFT) + skb_queue_tail(&entry->rx_queue, skb); + else + ieee80211_rx_irqsafe(priv->hw, skb); + spin_unlock_bh(&priv->ps_state_lock); + } } else { ieee80211_rx_irqsafe(priv->hw, skb); } -- 2.47.3