| Message ID | 20190223083543.6009-2-wangxuerui@qiniu.com (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Luca Coelho |
| Headers | show |
| Series | iwlwifi: mvm: fix unaligned read of rx_pkt_status | expand |
On Sat, 2019-02-23 at 16:35 +0800, Wang Xuerui wrote: > This is present since the introduction of iwlmvm. > Example stack trace on MIPS: > > [<ffffffffc0789328>] iwl_mvm_rx_rx_mpdu+0xa8/0xb88 [iwlmvm] > [<ffffffffc0632b40>] iwl_pcie_rx_handle+0x420/0xc48 [iwlwifi] > > Tested with a Wireless AC 7265 for ~6 months, confirmed to fix the > problem. No other unaligned accesses are spotted yet. > > Signed-off-by: Wang Xuerui <wangxuerui@qiniu.com> > Tested-by: Wang Xuerui <wangxuerui@qiniu.com> > --- Thanks! I have applied this to our internal tree and it will reach the mainline following our normal upstreaming process. -- Cheers, Luca.
diff --git a/drivers/net/wireless/intel/iwlwifi/mvm/rx.c b/drivers/net/wireless/intel/iwlwifi/mvm/rx.c index 6653a238f32e..a9f35799e532 100644 --- a/drivers/net/wireless/intel/iwlwifi/mvm/rx.c +++ b/drivers/net/wireless/intel/iwlwifi/mvm/rx.c @@ -57,6 +57,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. *****************************************************************************/ +#include <asm/unaligned.h> #include <linux/etherdevice.h> #include <linux/skbuff.h> #include "iwl-trans.h" @@ -355,7 +356,7 @@ void iwl_mvm_rx_rx_mpdu(struct iwl_mvm *mvm, struct napi_struct *napi, rx_res = (struct iwl_rx_mpdu_res_start *)pkt->data; hdr = (struct ieee80211_hdr *)(pkt->data + sizeof(*rx_res)); len = le16_to_cpu(rx_res->byte_count); - rx_pkt_status = le32_to_cpup((__le32 *) + rx_pkt_status = get_unaligned_le32((__le32 *) (pkt->data + sizeof(*rx_res) + len)); /* Dont use dev_alloc_skb(), we'll have enough headroom once