• Xinming Hu's avatar
    mwifiex: remove redundant dma padding in AMSDU · dcdeaa74
    Xinming Hu authored
    commit 5f0a221f upstream.
    
    We already ensure 64 bytes alignment and add padding if required
    during skb_aggr allocation.
    
    Alignment and padding in mwifiex_11n_form_amsdu_txpd() is redundant.
    We may end up accessing more data than allocated size with this.
    
    This patch fixes following issue by removing redundant padding.
    
    [  370.241338] skbuff: skb_over_panic: text:ffffffffc046946a len:3550
    put:72 head:ffff880000110000 data:ffff8800001100e4 tail:0xec2 end:0xec0 dev:<NULL>
    [  370.241374] ------------[ cut here ]------------
    [  370.241382] kernel BUG at net/core/skbuff.c:104!
      370.244032] Call Trace:
    [  370.244041]  [<ffffffff8c3df5ec>] skb_put+0x44/0x45
    [  370.244055]  [<ffffffffc046946a>]
    mwifiex_11n_aggregate_pkt+0x1e9/0xa50 [mwifiex]
    [  370.244067]  [<ffffffffc0467c16>] mwifiex_wmm_process_tx+0x44a/0x6b7
    [mwifiex]
    [  370.244074]  [<ffffffffc0411eb8>] ? 0xffffffffc0411eb8
    [  370.244084]  [<ffffffffc046116b>] mwifiex_main_process+0x476/0x5a5
    [mwifiex]
    [  370.244098]  [<ffffffffc0461298>] mwifiex_main_process+0x5a3/0x5a5
    [mwifiex]
    [  370.244113]  [<ffffffff8be7e9ff>] process_one_work+0x1a4/0x309
    [  370.244123]  [<ffffffff8be7f4ca>] worker_thread+0x20c/0x2ee
    [  370.244130]  [<ffffffff8be7f2be>] ? rescuer_thread+0x383/0x383
    [  370.244136]  [<ffffffff8be7f2be>] ? rescuer_thread+0x383/0x383
    [  370.244143]  [<ffffffff8be83742>] kthread+0x11c/0x124
    [  370.244150]  [<ffffffff8be83626>] ? kthread_parkme+0x24/0x24
    [  370.244157]  [<ffffffff8c4da1ef>] ret_from_fork+0x3f/0x70
    [  370.244168]  [<ffffffff8be83626>] ? kthread_parkme+0x24/0x24
    
    Fixes: 84b313b3 ("mwifiex: make tx packet 64 byte DMA aligned")
    Signed-off-by: default avatarXinming Hu <huxm@marvell.com>
    Signed-off-by: default avatarAmitkumar Karwar <akarwar@marvell.com>
    Signed-off-by: default avatarKalle Valo <kvalo@codeaurora.org>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    dcdeaa74
11n_aggr.c 9.33 KB