<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux-stable.git/drivers/net, branch v3.4.107</title>
<subtitle>Linux kernel stable tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/'/>
<entry>
<title>can: dev: fix crtlmode_supported check</title>
<updated>2015-04-14T09:33:53+00:00</updated>
<author>
<name>Oliver Hartkopp</name>
<email>socketcan@hartkopp.net</email>
</author>
<published>2015-01-05T17:40:15+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=5b724689fa7063c323b0dd74e78c51617349cd5f'/>
<id>5b724689fa7063c323b0dd74e78c51617349cd5f</id>
<content type='text'>
commit 9b1087aa5e86448fe6ad40a58964e35f3ba423d5 upstream.

When changing flags in the CAN drivers ctrlmode the provided new content has to
be checked whether the bits are allowed to be changed. The bits that are to be
changed are given as a bitfield in cm-&gt;mask. Therefore checking against
cm-&gt;flags is wrong as the content can hold any kind of values.

The iproute2 tool sets the bits in cm-&gt;mask and cm-&gt;flags depending on the
detected command line options. To be robust against bogus user space
applications additionally sanitize the provided flags with the provided mask.

Cc: Wolfgang Grandegger &lt;wg@grandegger.com&gt;
Signed-off-by: Oliver Hartkopp &lt;socketcan@hartkopp.net&gt;
Signed-off-by: Marc Kleine-Budde &lt;mkl@pengutronix.de&gt;
[lizf: Backported to 3.4: adjust context]
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 9b1087aa5e86448fe6ad40a58964e35f3ba423d5 upstream.

When changing flags in the CAN drivers ctrlmode the provided new content has to
be checked whether the bits are allowed to be changed. The bits that are to be
changed are given as a bitfield in cm-&gt;mask. Therefore checking against
cm-&gt;flags is wrong as the content can hold any kind of values.

The iproute2 tool sets the bits in cm-&gt;mask and cm-&gt;flags depending on the
detected command line options. To be robust against bogus user space
applications additionally sanitize the provided flags with the provided mask.

Cc: Wolfgang Grandegger &lt;wg@grandegger.com&gt;
Signed-off-by: Oliver Hartkopp &lt;socketcan@hartkopp.net&gt;
Signed-off-by: Marc Kleine-Budde &lt;mkl@pengutronix.de&gt;
[lizf: Backported to 3.4: adjust context]
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>can: peak_usb: fix cleanup sequence order in case of error during init</title>
<updated>2015-04-14T09:33:45+00:00</updated>
<author>
<name>Stephane Grosjean</name>
<email>s.grosjean@peak-system.com</email>
</author>
<published>2014-11-28T12:49:10+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=3a95358ade4950574185c5b58835693836aa4ecb'/>
<id>3a95358ade4950574185c5b58835693836aa4ecb</id>
<content type='text'>
commit af35d0f1cce7a990286e2b94c260a2c2d2a0e4b0 upstream.

This patch sets the correct reverse sequence order to the instructions
set to run, when any failure occurs during the initialization steps.
It also adds the missing unregistration call of the can device if the
failure appears after having been registered.

Signed-off-by: Stephane Grosjean &lt;s.grosjean@peak-system.com&gt;
Signed-off-by: Marc Kleine-Budde &lt;mkl@pengutronix.de&gt;
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit af35d0f1cce7a990286e2b94c260a2c2d2a0e4b0 upstream.

This patch sets the correct reverse sequence order to the instructions
set to run, when any failure occurs during the initialization steps.
It also adds the missing unregistration call of the can device if the
failure appears after having been registered.

Signed-off-by: Stephane Grosjean &lt;s.grosjean@peak-system.com&gt;
Signed-off-by: Marc Kleine-Budde &lt;mkl@pengutronix.de&gt;
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>can: peak_usb: fix memset() usage</title>
<updated>2015-04-14T09:33:45+00:00</updated>
<author>
<name>Stephane Grosjean</name>
<email>s.grosjean@peak-system.com</email>
</author>
<published>2014-11-28T13:08:48+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=b476ea71ec15a885cab76dc1aa22abd6f24b9213'/>
<id>b476ea71ec15a885cab76dc1aa22abd6f24b9213</id>
<content type='text'>
commit dc50ddcd4c58a5a0226038307d6ef884bec9f8c2 upstream.

This patchs fixes a misplaced call to memset() that fills the request
buffer with 0. The problem was with sending PCAN_USBPRO_REQ_FCT
requests, the content set by the caller was thus lost.

With this patch, the memory area is zeroed only when requesting info
from the device.

Signed-off-by: Stephane Grosjean &lt;s.grosjean@peak-system.com&gt;
Signed-off-by: Marc Kleine-Budde &lt;mkl@pengutronix.de&gt;
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit dc50ddcd4c58a5a0226038307d6ef884bec9f8c2 upstream.

This patchs fixes a misplaced call to memset() that fills the request
buffer with 0. The problem was with sending PCAN_USBPRO_REQ_FCT
requests, the content set by the caller was thus lost.

With this patch, the memory area is zeroed only when requesting info
from the device.

Signed-off-by: Stephane Grosjean &lt;s.grosjean@peak-system.com&gt;
Signed-off-by: Marc Kleine-Budde &lt;mkl@pengutronix.de&gt;
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>ath5k: fix hardware queue index assignment</title>
<updated>2015-04-14T09:33:44+00:00</updated>
<author>
<name>Felix Fietkau</name>
<email>nbd@openwrt.org</email>
</author>
<published>2014-11-30T20:52:57+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=930830786da3f076da85ff0c057685bd69439b26'/>
<id>930830786da3f076da85ff0c057685bd69439b26</id>
<content type='text'>
commit 9e4982f6a51a2442f1bb588fee42521b44b4531c upstream.

Like with ath9k, ath5k queues also need to be ordered by priority.
queue_info-&gt;tqi_subtype already contains the correct index, so use it
instead of relying on the order of ath5k_hw_setup_tx_queue calls.

Signed-off-by: Felix Fietkau &lt;nbd@openwrt.org&gt;
Signed-off-by: John W. Linville &lt;linville@tuxdriver.com&gt;
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 9e4982f6a51a2442f1bb588fee42521b44b4531c upstream.

Like with ath9k, ath5k queues also need to be ordered by priority.
queue_info-&gt;tqi_subtype already contains the correct index, so use it
instead of relying on the order of ath5k_hw_setup_tx_queue calls.

Signed-off-by: Felix Fietkau &lt;nbd@openwrt.org&gt;
Signed-off-by: John W. Linville &lt;linville@tuxdriver.com&gt;
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>ath9k: fix BE/BK queue order</title>
<updated>2015-04-14T09:33:43+00:00</updated>
<author>
<name>Felix Fietkau</name>
<email>nbd@openwrt.org</email>
</author>
<published>2014-11-30T19:38:41+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=82e2db27f761521723b10683433e06b525527af9'/>
<id>82e2db27f761521723b10683433e06b525527af9</id>
<content type='text'>
commit 78063d81d353e10cbdd279c490593113b8fdae1c upstream.

Hardware queues are ordered by priority. Use queue index 0 for BK, which
has lower priority than BE.

Signed-off-by: Felix Fietkau &lt;nbd@openwrt.org&gt;
Signed-off-by: John W. Linville &lt;linville@tuxdriver.com&gt;
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 78063d81d353e10cbdd279c490593113b8fdae1c upstream.

Hardware queues are ordered by priority. Use queue index 0 for BK, which
has lower priority than BE.

Signed-off-by: Felix Fietkau &lt;nbd@openwrt.org&gt;
Signed-off-by: John W. Linville &lt;linville@tuxdriver.com&gt;
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>ath9k_hw: fix hardware queue allocation</title>
<updated>2015-04-14T09:33:43+00:00</updated>
<author>
<name>Felix Fietkau</name>
<email>nbd@openwrt.org</email>
</author>
<published>2014-11-30T19:38:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=37d2cb4f6b65fd2cdeca0c43eabee23f2c21eb16'/>
<id>37d2cb4f6b65fd2cdeca0c43eabee23f2c21eb16</id>
<content type='text'>
commit ad8fdccf9c197a89e2d2fa78c453283dcc2c343f upstream.

The driver passes the desired hardware queue index for a WMM data queue
in qinfo-&gt;tqi_subtype. This was ignored in ath9k_hw_setuptxqueue, which
instead relied on the order in which the function is called.

Reported-by: Hubert Feurstein &lt;h.feurstein@gmail.com&gt;
Signed-off-by: Felix Fietkau &lt;nbd@openwrt.org&gt;
Signed-off-by: John W. Linville &lt;linville@tuxdriver.com&gt;
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit ad8fdccf9c197a89e2d2fa78c453283dcc2c343f upstream.

The driver passes the desired hardware queue index for a WMM data queue
in qinfo-&gt;tqi_subtype. This was ignored in ath9k_hw_setuptxqueue, which
instead relied on the order in which the function is called.

Reported-by: Hubert Feurstein &lt;h.feurstein@gmail.com&gt;
Signed-off-by: Felix Fietkau &lt;nbd@openwrt.org&gt;
Signed-off-by: John W. Linville &lt;linville@tuxdriver.com&gt;
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>drivers/net, ipv6: Select IPv6 fragment idents for virtio UFO packets</title>
<updated>2015-02-02T09:05:26+00:00</updated>
<author>
<name>Ben Hutchings</name>
<email>ben@decadent.org.uk</email>
</author>
<published>2014-10-30T18:27:17+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=e02ae9ddc8130c8a83c3439d24ac831608384fc9'/>
<id>e02ae9ddc8130c8a83c3439d24ac831608384fc9</id>
<content type='text'>
commit 5188cd44c55db3e92cd9e77a40b5baa7ed4340f7 upstream.

UFO is now disabled on all drivers that work with virtio net headers,
but userland may try to send UFO/IPv6 packets anyway.  Instead of
sending with ID=0, we should select identifiers on their behalf (as we
used to).

Signed-off-by: Ben Hutchings &lt;ben@decadent.org.uk&gt;
Fixes: 916e4cf46d02 ("ipv6: reuse ip6_frag_id from ip6_ufo_append_data")
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
[bwh: For 3.2, net/ipv6/output_core.c is a completely new file]
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 5188cd44c55db3e92cd9e77a40b5baa7ed4340f7 upstream.

UFO is now disabled on all drivers that work with virtio net headers,
but userland may try to send UFO/IPv6 packets anyway.  Instead of
sending with ID=0, we should select identifiers on their behalf (as we
used to).

Signed-off-by: Ben Hutchings &lt;ben@decadent.org.uk&gt;
Fixes: 916e4cf46d02 ("ipv6: reuse ip6_frag_id from ip6_ufo_append_data")
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
[bwh: For 3.2, net/ipv6/output_core.c is a completely new file]
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>can: esd_usb2: fix memory leak on disconnect</title>
<updated>2015-02-02T09:05:22+00:00</updated>
<author>
<name>Alexey Khoroshilov</name>
<email>khoroshilov@ispras.ru</email>
</author>
<published>2014-10-10T20:31:07+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=11c9fc9d691d0a6669319c30f4da60c1d425801e'/>
<id>11c9fc9d691d0a6669319c30f4da60c1d425801e</id>
<content type='text'>
commit efbd50d2f62fc1f69a3dcd153e63ba28cc8eb27f upstream.

It seems struct esd_usb2 dev is not deallocated on disconnect. The patch adds
the missing deallocation.

Found by Linux Driver Verification project (linuxtesting.org).

Signed-off-by: Alexey Khoroshilov &lt;khoroshilov@ispras.ru&gt;
Acked-by: Matthias Fuchs &lt;matthias.fuchs@esd.eu&gt;
Signed-off-by: Marc Kleine-Budde &lt;mkl@pengutronix.de&gt;
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit efbd50d2f62fc1f69a3dcd153e63ba28cc8eb27f upstream.

It seems struct esd_usb2 dev is not deallocated on disconnect. The patch adds
the missing deallocation.

Found by Linux Driver Verification project (linuxtesting.org).

Signed-off-by: Alexey Khoroshilov &lt;khoroshilov@ispras.ru&gt;
Acked-by: Matthias Fuchs &lt;matthias.fuchs@esd.eu&gt;
Signed-off-by: Marc Kleine-Budde &lt;mkl@pengutronix.de&gt;
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>can: dev: avoid calling kfree_skb() from interrupt context</title>
<updated>2015-02-02T09:05:22+00:00</updated>
<author>
<name>Thomas Körper</name>
<email>thomas.koerper@esd.eu</email>
</author>
<published>2014-10-31T06:33:54+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=79cbdbf4cfbba078cc8864934eaf843db6ad31c3'/>
<id>79cbdbf4cfbba078cc8864934eaf843db6ad31c3</id>
<content type='text'>
commit 5247a589c24022ab34e780039cc8000c48f2035e upstream.

ikfree_skb() is Called in can_free_echo_skb(), which might be called from (TX
Error) interrupt, which triggers the folloing warning:

[ 1153.360705] ------------[ cut here ]------------
[ 1153.360715] WARNING: CPU: 0 PID: 31 at net/core/skbuff.c:563 skb_release_head_state+0xb9/0xd0()
[ 1153.360772] Call Trace:
[ 1153.360778]  [&lt;c167906f&gt;] dump_stack+0x41/0x52
[ 1153.360782]  [&lt;c105bb7e&gt;] warn_slowpath_common+0x7e/0xa0
[ 1153.360784]  [&lt;c158b909&gt;] ? skb_release_head_state+0xb9/0xd0
[ 1153.360786]  [&lt;c158b909&gt;] ? skb_release_head_state+0xb9/0xd0
[ 1153.360788]  [&lt;c105bc42&gt;] warn_slowpath_null+0x22/0x30
[ 1153.360791]  [&lt;c158b909&gt;] skb_release_head_state+0xb9/0xd0
[ 1153.360793]  [&lt;c158be90&gt;] skb_release_all+0x10/0x30
[ 1153.360795]  [&lt;c158bf06&gt;] kfree_skb+0x36/0x80
[ 1153.360799]  [&lt;f8486938&gt;] ? can_free_echo_skb+0x28/0x40 [can_dev]
[ 1153.360802]  [&lt;f8486938&gt;] can_free_echo_skb+0x28/0x40 [can_dev]
[ 1153.360805]  [&lt;f849a12c&gt;] esd_pci402_interrupt+0x34c/0x57a [esd402]
[ 1153.360809]  [&lt;c10a75b5&gt;] handle_irq_event_percpu+0x35/0x180
[ 1153.360811]  [&lt;c10a7623&gt;] ? handle_irq_event_percpu+0xa3/0x180
[ 1153.360813]  [&lt;c10a7731&gt;] handle_irq_event+0x31/0x50
[ 1153.360816]  [&lt;c10a9c7f&gt;] handle_fasteoi_irq+0x6f/0x120
[ 1153.360818]  [&lt;c10a9c10&gt;] ? handle_edge_irq+0x110/0x110
[ 1153.360822]  [&lt;c1011b61&gt;] handle_irq+0x71/0x90
[ 1153.360823]  &lt;IRQ&gt;  [&lt;c168152c&gt;] do_IRQ+0x3c/0xd0
[ 1153.360829]  [&lt;c1680b6c&gt;] common_interrupt+0x2c/0x34
[ 1153.360834]  [&lt;c107d277&gt;] ? finish_task_switch+0x47/0xf0
[ 1153.360836]  [&lt;c167c27b&gt;] __schedule+0x35b/0x7e0
[ 1153.360839]  [&lt;c10a5334&gt;] ? console_unlock+0x2c4/0x4d0
[ 1153.360842]  [&lt;c13df500&gt;] ? n_tty_receive_buf_common+0x890/0x890
[ 1153.360845]  [&lt;c10707b6&gt;] ? process_one_work+0x196/0x370
[ 1153.360847]  [&lt;c167c723&gt;] schedule+0x23/0x60
[ 1153.360849]  [&lt;c1070de1&gt;] worker_thread+0x161/0x460
[ 1153.360852]  [&lt;c1090fcf&gt;] ? __wake_up_locked+0x1f/0x30
[ 1153.360854]  [&lt;c1070c80&gt;] ? rescuer_thread+0x2f0/0x2f0
[ 1153.360856]  [&lt;c1074f01&gt;] kthread+0xa1/0xc0
[ 1153.360859]  [&lt;c1680401&gt;] ret_from_kernel_thread+0x21/0x30
[ 1153.360861]  [&lt;c1074e60&gt;] ? kthread_create_on_node+0x110/0x110
[ 1153.360863] ---[ end trace 5ff83639cbb74b35 ]---

This patch replaces the kfree_skb() by dev_kfree_skb_any().

Signed-off-by: Thomas Körper &lt;thomas.koerper@esd.eu&gt;
Signed-off-by: Marc Kleine-Budde &lt;mkl@pengutronix.de&gt;
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 5247a589c24022ab34e780039cc8000c48f2035e upstream.

ikfree_skb() is Called in can_free_echo_skb(), which might be called from (TX
Error) interrupt, which triggers the folloing warning:

[ 1153.360705] ------------[ cut here ]------------
[ 1153.360715] WARNING: CPU: 0 PID: 31 at net/core/skbuff.c:563 skb_release_head_state+0xb9/0xd0()
[ 1153.360772] Call Trace:
[ 1153.360778]  [&lt;c167906f&gt;] dump_stack+0x41/0x52
[ 1153.360782]  [&lt;c105bb7e&gt;] warn_slowpath_common+0x7e/0xa0
[ 1153.360784]  [&lt;c158b909&gt;] ? skb_release_head_state+0xb9/0xd0
[ 1153.360786]  [&lt;c158b909&gt;] ? skb_release_head_state+0xb9/0xd0
[ 1153.360788]  [&lt;c105bc42&gt;] warn_slowpath_null+0x22/0x30
[ 1153.360791]  [&lt;c158b909&gt;] skb_release_head_state+0xb9/0xd0
[ 1153.360793]  [&lt;c158be90&gt;] skb_release_all+0x10/0x30
[ 1153.360795]  [&lt;c158bf06&gt;] kfree_skb+0x36/0x80
[ 1153.360799]  [&lt;f8486938&gt;] ? can_free_echo_skb+0x28/0x40 [can_dev]
[ 1153.360802]  [&lt;f8486938&gt;] can_free_echo_skb+0x28/0x40 [can_dev]
[ 1153.360805]  [&lt;f849a12c&gt;] esd_pci402_interrupt+0x34c/0x57a [esd402]
[ 1153.360809]  [&lt;c10a75b5&gt;] handle_irq_event_percpu+0x35/0x180
[ 1153.360811]  [&lt;c10a7623&gt;] ? handle_irq_event_percpu+0xa3/0x180
[ 1153.360813]  [&lt;c10a7731&gt;] handle_irq_event+0x31/0x50
[ 1153.360816]  [&lt;c10a9c7f&gt;] handle_fasteoi_irq+0x6f/0x120
[ 1153.360818]  [&lt;c10a9c10&gt;] ? handle_edge_irq+0x110/0x110
[ 1153.360822]  [&lt;c1011b61&gt;] handle_irq+0x71/0x90
[ 1153.360823]  &lt;IRQ&gt;  [&lt;c168152c&gt;] do_IRQ+0x3c/0xd0
[ 1153.360829]  [&lt;c1680b6c&gt;] common_interrupt+0x2c/0x34
[ 1153.360834]  [&lt;c107d277&gt;] ? finish_task_switch+0x47/0xf0
[ 1153.360836]  [&lt;c167c27b&gt;] __schedule+0x35b/0x7e0
[ 1153.360839]  [&lt;c10a5334&gt;] ? console_unlock+0x2c4/0x4d0
[ 1153.360842]  [&lt;c13df500&gt;] ? n_tty_receive_buf_common+0x890/0x890
[ 1153.360845]  [&lt;c10707b6&gt;] ? process_one_work+0x196/0x370
[ 1153.360847]  [&lt;c167c723&gt;] schedule+0x23/0x60
[ 1153.360849]  [&lt;c1070de1&gt;] worker_thread+0x161/0x460
[ 1153.360852]  [&lt;c1090fcf&gt;] ? __wake_up_locked+0x1f/0x30
[ 1153.360854]  [&lt;c1070c80&gt;] ? rescuer_thread+0x2f0/0x2f0
[ 1153.360856]  [&lt;c1074f01&gt;] kthread+0xa1/0xc0
[ 1153.360859]  [&lt;c1680401&gt;] ret_from_kernel_thread+0x21/0x30
[ 1153.360861]  [&lt;c1074e60&gt;] ? kthread_create_on_node+0x110/0x110
[ 1153.360863] ---[ end trace 5ff83639cbb74b35 ]---

This patch replaces the kfree_skb() by dev_kfree_skb_any().

Signed-off-by: Thomas Körper &lt;thomas.koerper@esd.eu&gt;
Signed-off-by: Marc Kleine-Budde &lt;mkl@pengutronix.de&gt;
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>rt2x00: do not align payload on modern H/W</title>
<updated>2015-02-02T09:05:21+00:00</updated>
<author>
<name>Stanislaw Gruszka</name>
<email>sgruszka@redhat.com</email>
</author>
<published>2014-11-11T13:28:47+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=4c753f06b4e4b09f85fc2bb631bc5e3787bd16d0'/>
<id>4c753f06b4e4b09f85fc2bb631bc5e3787bd16d0</id>
<content type='text'>
commit cfd9167af14eb4ec21517a32911d460083ee3d59 upstream.

RT2800 and newer hardware require padding between header and payload if
header length is not multiple of 4.

For historical reasons we also align payload to to 4 bytes boundary, but
such alignment is not needed on modern H/W.

Patch fixes skb_under_panic problems reported from time to time:

https://bugzilla.kernel.org/show_bug.cgi?id=84911
https://bugzilla.kernel.org/show_bug.cgi?id=72471
http://marc.info/?l=linux-wireless&amp;m=139108549530402&amp;w=2
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1087591

Panic happened because we eat 4 bytes of skb headroom on each
(re)transmission when sending frame without the payload and the header
length not being multiple of 4 (i.e. QoS header has 26 bytes). On such
case because paylad_aling=2 is bigger than header_align=0 we increase
header_align by 4 bytes. To prevent that we could change the check to:

	if (payload_length &amp;&amp; payload_align &gt; header_align)
		header_align += 4;

but not aligning payload at all is more effective and alignment is not
really needed by H/W (that has been tested on OpenWrt project for few
years now).

Reported-and-tested-by: Antti S. Lankila &lt;alankila@bel.fi&gt;
Debugged-by: Antti S. Lankila &lt;alankila@bel.fi&gt;
Reported-by: Henrik Asp &lt;solenskiner@gmail.com&gt;
Originally-From: Helmut Schaa &lt;helmut.schaa@googlemail.com&gt;
Signed-off-by: Stanislaw Gruszka &lt;sgruszka@redhat.com&gt;
Signed-off-by: John W. Linville &lt;linville@tuxdriver.com&gt;
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit cfd9167af14eb4ec21517a32911d460083ee3d59 upstream.

RT2800 and newer hardware require padding between header and payload if
header length is not multiple of 4.

For historical reasons we also align payload to to 4 bytes boundary, but
such alignment is not needed on modern H/W.

Patch fixes skb_under_panic problems reported from time to time:

https://bugzilla.kernel.org/show_bug.cgi?id=84911
https://bugzilla.kernel.org/show_bug.cgi?id=72471
http://marc.info/?l=linux-wireless&amp;m=139108549530402&amp;w=2
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1087591

Panic happened because we eat 4 bytes of skb headroom on each
(re)transmission when sending frame without the payload and the header
length not being multiple of 4 (i.e. QoS header has 26 bytes). On such
case because paylad_aling=2 is bigger than header_align=0 we increase
header_align by 4 bytes. To prevent that we could change the check to:

	if (payload_length &amp;&amp; payload_align &gt; header_align)
		header_align += 4;

but not aligning payload at all is more effective and alignment is not
really needed by H/W (that has been tested on OpenWrt project for few
years now).

Reported-and-tested-by: Antti S. Lankila &lt;alankila@bel.fi&gt;
Debugged-by: Antti S. Lankila &lt;alankila@bel.fi&gt;
Reported-by: Henrik Asp &lt;solenskiner@gmail.com&gt;
Originally-From: Helmut Schaa &lt;helmut.schaa@googlemail.com&gt;
Signed-off-by: Stanislaw Gruszka &lt;sgruszka@redhat.com&gt;
Signed-off-by: John W. Linville &lt;linville@tuxdriver.com&gt;
Signed-off-by: Zefan Li &lt;lizefan@huawei.com&gt;
</pre>
</div>
</content>
</entry>
</feed>
