linux/drivers/net
Vasanthakumar Thiagarajan c86515412f ath6kl: Fix kernel panic during rx aggregation
"ath6kl: Define a structure for connection specific aggregation information"
introduces this. In aggr_conn_init(), vif->aggr_cntxt is assigned to
aggr_conn->aggr_info, but vif->aggr_cntxt is not initialized at this
point, this would end up accessing an invalid pointer in aggregation
receive path. Fix this by passing the correct aggr_info to aggr_conn_init().
The panic trace would look like.

[<ffffffff8159e02e>] panic+0xa1/0x1c6
[<ffffffff8103773d>] ? kmsg_dump+0xfd/0x160
[<ffffffff815a2f6a>] oops_end+0xea/0xf0
[<ffffffff8102b95d>] no_context+0x11d/0x2d0
[<ffffffff8102bc5d>] __bad_area_nosemaphore+0x14d/0x230
[<ffffffff815a5c4d>] ? do_page_fault+0x30d/0x520
[<ffffffff8102bd53>] bad_area_nosemaphore+0x13/0x20
[<ffffffff815a5cfd>] do_page_fault+0x3bd/0x520
[<ffffffff8108bd60>] ? __lock_acquire+0x320/0x1680
[<ffffffff812e3a9d>] ? trace_hardirqs_off_thunk+0x3a/0x3c
[<ffffffff815a2385>] page_fault+0x25/0x30
[<ffffffffa0487a5f>] ? aggr_slice_amsdu+0xdf/0x170 [ath6kl_core]
[<ffffffffa0487bac>] aggr_deque_frms+0xbc/0x190 [ath6kl_core]
[<ffffffffa0488404>] ath6kl_rx+0x3e4/0xae0 [ath6kl_core]
[<ffffffffa047ae77>] ath6kl_htc_rxmsg_pending_handler+0x8b7/0xf10 [ath6kl_core]
[<ffffffffa00c82f0>] ? mmc_do_release_host+0x70/0x90 [mmc_core]
[<ffffffffa00c833a>] ? mmc_release_host+0x2a/0x50 [mmc_core]
[<ffffffffa04865c0>] ? ath6kl_alloc_amsdu_rxbuf+0x140/0x140 [ath6kl_core]
[<ffffffffa0477772>] ath6kl_hif_intr_bh_handler+0x362/0x510 [ath6kl_core]
[<ffffffffa01f1000>] ath6kl_sdio_irq_handler+0x60/0xb0 [ath6kl_sdio]
[<ffffffffa00d30bc>] sdio_irq_thread+0xec/0x320 [mmc_core]
[<ffffffffa00d2fd0>] ? sdio_claim_irq+0x220/0x220 [mmc_core]
[<ffffffffa00d2fd0>] ? sdio_claim_irq+0x220/0x220 [mmc_core]
[<ffffffff8105b21e>] kthread+0xbe/0xd0
[<ffffffff815ab574>] kernel_thread_helper+0x4/0x10
[<ffffffff815a2174>] ? retint_restore_args+0x13/0x13
[<ffffffff8105b160>] ? __init_kthread_worker+0x70/0x70
[<ffffffff815ab570>] ? gs_change+0x13/0x13

Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qca.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
2012-01-30 21:11:30 +02:00
..
appletalk
arcnet net: Revert ARCNET and PHYLIB to tristate options 2011-11-26 14:36:49 -05:00
bonding bonding: fix error handling if slave is busy (v2) 2012-01-03 12:49:16 -05:00
caif module_param: make bool parameters really bool (net & drivers/net) 2011-12-19 22:27:29 -05:00
can module_param: make bool parameters really bool (net & drivers/net) 2011-12-19 22:27:29 -05:00
cris
dsa dsa: Move switch drivers to new directory drivers/net/dsa 2011-11-29 00:21:36 -05:00
ethernet netdev: make net_device_ops const 2012-01-09 14:05:23 -08:00
fddi
hamradio
hippi net: drivers/net/hippi/Kconfig should be sourced 2011-11-09 15:55:06 -05:00
irda module_param: make bool parameters really bool (net & drivers/net) 2011-12-19 22:27:29 -05:00
phy net: phy: smsc: Move SMSC PHY constants to <linux/smscphy.h> 2012-01-03 20:23:18 -05:00
plip
ppp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2011-12-16 02:11:14 -05:00
slip
team team: use vlan_vids_[addr/del]_by_dev 2011-12-08 19:52:43 -05:00
tokenring
usb usbnet: make ethtool_ops const 2012-01-09 14:05:23 -08:00
vmxnet3 vmxnet3" make ethtool ops const 2012-01-05 13:23:00 -05:00
wan module_param: make bool parameters really bool (net & drivers/net) 2011-12-19 22:27:29 -05:00
wimax net: fix assignment of 0/1 to bool variables. 2011-12-19 22:27:29 -05:00
wireless ath6kl: Fix kernel panic during rx aggregation 2012-01-30 21:11:30 +02:00
xen-netback xen-netback: make ops structs const 2012-01-05 13:23:00 -05:00
dummy.c net: remove NETIF_F_NO_CSUM feature bit 2011-11-16 17:43:12 -05:00
eql.c
ifb.c net: remove NETIF_F_NO_CSUM feature bit 2011-11-16 17:43:12 -05:00
Kconfig dsa: Move switch drivers to new directory drivers/net/dsa 2011-11-29 00:21:36 -05:00
LICENSE.SRC
loopback.c net: remove NETIF_F_NO_CSUM feature bit 2011-11-16 17:43:12 -05:00
macvlan.c net: introduce vlan_vid_[add/del] and use them instead of direct [add/kill]_vid ndo calls 2011-12-08 19:52:42 -05:00
macvtap.c macvtap: Fix macvtap_get_queue to use rxhash first 2011-12-20 13:45:55 -05:00
Makefile dsa: Move switch drivers to new directory drivers/net/dsa 2011-11-29 00:21:36 -05:00
mdio.c
mii.c net: Change mii to ethtool advertisement function names 2011-11-21 15:27:19 -05:00
netconsole.c
rionet.c
sb1000.c
Space.c
sungem_phy.c
tun.c Sweep away N/A fw_version dustbunnies from the .get_drvinfo routine of a number of drivers 2011-11-22 16:43:32 -05:00
veth.c Sweep away N/A fw_version dustbunnies from the .get_drvinfo routine of a number of drivers 2011-11-22 16:43:32 -05:00
virtio_net.c virtio_net: Pass gfp flags when allocating rx buffers. 2012-01-05 13:20:40 -05:00
xen-netfront.c xen-netfront: delay gARP until backend switches to Connected 2011-12-12 19:02:41 -05:00