Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-12-26 12:52:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
396887a2b2
linux/drivers/net/wireless/iwlwifi
History
Daniel C Halperin 396887a2b2 iwlwifi: fix erroneous use of iwl_rx_packet.len as a length 
The field called 'len' in struct iwl_rx_packet is in fact not just a length
field but also includes some flags from the flow handler.  In several places
throughout the driver, this causes incorrect values to be interpreted as
lengths when the field is improperly masked.

In most situations the improper use is for debugging output, and simply results
in an erroneous message, such as:

[551933.070224] ieee80211 phy0: I iwl_rx_statistics Statistics notification received (480 vs -1367342620).

which should read '(480 vs 484)'.

In at least one case this could case bad things to happen:

void iwl_rx_pm_debug_statistics_notif(struct iwl_priv *priv,
                                      struct iwl_rx_mem_buffer *rxb)
{
        struct iwl_rx_packet *pkt = (struct iwl_rx_packet *)rxb->skb->data;
        IWL_DEBUG_RADIO(priv, "Dumping %d bytes of unhandled "
                        "notification for %s:\n",
                        le32_to_cpu(pkt->len), get_cmd_string(pkt->hdr.cmd));
        iwl_print_hex_dump(priv, IWL_DL_RADIO, pkt->u.raw, le32_to_cpu(pkt->len)
);
}
EXPORT_SYMBOL(iwl_rx_pm_debug_statistics_notif);

Given the rampant misuse of this field without proper masking throughout the
driver (every use but one), this patch renames the field from 'len' to
'len_n_flags' to reduce confusion.  It also adds the proper masking when
this field is used as a length value.

Signed-off-by: Daniel C Halperin <daniel.c.halperin@intel.com>
Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2009-08-20 11:33:13 -04:00
..
iwl3945-base.c iwlwifi: prevent read outside array bounds 2009-08-20 11:33:09 -04:00
iwl-1000.c iwlwifi: use station HT capabilities and BSS operating mode for Green-field 2009-08-20 11:33:12 -04:00
iwl-3945-fh.h
iwl-3945-hw.h iwlwifi: name changed from "fat" to "ht40" 2009-08-14 09:13:46 -04:00
iwl-3945-led.c iwlwifi: remove command callback return value 2009-07-27 15:24:22 -04:00
iwl-3945-led.h
iwl-3945-rs.c mac80211: add helper for management / no-ack frame rate decision 2009-07-24 15:05:16 -04:00
iwl-3945.c iwlwifi: fix erroneous use of iwl_rx_packet.len as a length 2009-08-20 11:33:13 -04:00
iwl-3945.h iwlwifi: fix up command sending 2009-07-27 15:24:21 -04:00
iwl-4965-hw.h iwlwifi: name changed from "fat" to "ht40" 2009-08-14 09:13:46 -04:00
iwl-4965.c iwlwifi: use station HT capabilities and BSS operating mode for Green-field 2009-08-20 11:33:12 -04:00
iwl-5000-hw.h iwlwifi: Temperature sensor voltage reading for 5150 2009-05-22 14:06:03 -04:00
iwl-5000.c iwlwifi: fix erroneous use of iwl_rx_packet.len as a length 2009-08-20 11:33:13 -04:00
iwl-6000-hw.h
iwl-6000.c iwlwifi: use station HT capabilities and BSS operating mode for Green-field 2009-08-20 11:33:12 -04:00
iwl-agn-rs.c iwlwifi: use station HT capabilities and BSS operating mode for Green-field 2009-08-20 11:33:12 -04:00
iwl-agn-rs.h iwlagn: improve rate scale table search 2009-05-11 15:24:01 -04:00
iwl-agn.c iwlwifi: automatically adjust sleep level 2009-08-14 09:13:50 -04:00
iwl-calib.c iwlwifi: automatically adjust sleep level 2009-08-14 09:13:50 -04:00
iwl-calib.h
iwl-commands.h iwlwifi: fix erroneous use of iwl_rx_packet.len as a length 2009-08-20 11:33:13 -04:00
iwl-core.c iwlwifi: fix erroneous use of iwl_rx_packet.len as a length 2009-08-20 11:33:13 -04:00
iwl-core.h iwlwifi: use station HT capabilities and BSS operating mode for Green-field 2009-08-20 11:33:12 -04:00
iwl-csr.h iwlwifi: Distinguish power amplifier for 6000 series 2009-08-04 16:44:22 -04:00
iwl-debug.h iwlwifi: automatically adjust sleep level 2009-08-14 09:13:50 -04:00
iwl-debugfs.c iwlwifi: automatically adjust sleep level 2009-08-14 09:13:50 -04:00
iwl-dev.h iwlwifi: use station HT capabilities and BSS operating mode for Green-field 2009-08-20 11:33:12 -04:00
iwl-eeprom.c iwlwifi: traverse linklist to find the valid OTP block 2009-08-20 11:33:11 -04:00
iwl-eeprom.h iwlwifi: traverse linklist to find the valid OTP block 2009-08-20 11:33:11 -04:00
iwl-fh.h
iwl-hcmd.c iwlwifi: Traffic type and counter for debugFs 2009-08-14 09:13:47 -04:00
iwl-helpers.h iwlwifi: change iwl_enable/disable_interrupts to "inline" 2009-07-24 15:05:26 -04:00
iwl-io.h iwlcore: register locks 2009-05-22 14:06:04 -04:00
iwl-led.c iwlwifi: Traffic type and counter for debugFs 2009-08-14 09:13:47 -04:00
iwl-led.h
iwl-power.c iwlwifi: automatically adjust sleep level 2009-08-14 09:13:50 -04:00
iwl-power.h iwlwifi: automatically adjust sleep level 2009-08-14 09:13:50 -04:00
iwl-prph.h iwlagn: modify digital SVR for 1000 2009-07-24 15:05:23 -04:00
iwl-rx.c iwlwifi: fix erroneous use of iwl_rx_packet.len as a length 2009-08-20 11:33:13 -04:00
iwl-scan.c iwlwifi: fix up command sending 2009-07-27 15:24:21 -04:00
iwl-spectrum.c
iwl-spectrum.h
iwl-sta.c iwlwifi: name changed from "fat" to "ht40" 2009-08-14 09:13:46 -04:00
iwl-sta.h iwlwifi: unify station management 2009-06-04 10:56:20 -04:00
iwl-tx.c iwlwifi: prevent read outside array bounds 2009-08-20 11:33:09 -04:00
Kconfig iwlwifi: fix LED config option 2009-07-27 15:24:27 -04:00
Makefile iwlwifi: port to cfg80211 rfkill 2009-06-10 13:27:49 -04:00