mac80211: zero-out rx_status in rt2x00, ath5k, p54

Signed-off-by: Gabor Juhos <juhosg@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@34627 3c298f89-4303-0410-b956-a3cf2f4a3e73

diff --git a/package/mac80211/patches/306-pending-rt2x00-zero-out-rx_status.patch b/package/mac80211/patches/306-pending-rt2x00-zero-out-rx_status.patch
new file mode 100644 (file)
index 0000000..1580337
--- /dev/null
+++ b/package/mac80211/patches/306-pending-rt2x00-zero-out-rx_status.patch
@@ -0,0 +1,54 @@
+From 84b435b38a84c9a7e8ba33e8d02d2f967f847ce1 Mon Sep 17 00:00:00 2001
+From: Gabor Juhos <juhosg@openwrt.org>
+Date: Tue, 11 Dec 2012 14:15:53 +0100
+Subject: [PATCH 1/3] rt2x00: zero-out rx_status
+
+In commit 'mac80211: support radiotap vendor namespace RX data'
+new fields were added to 'struct ieee80211_rx_status'.
+The rt2x00 driver does not initializes those fields and
+this can cause unexpected behaviour.
+
+The rt2x00 driver from the compat-wireless-2012-12-01
+tarball caused the following warning:
+
+  WARNING: at
+  /devel/ramips/build_dir/target-mipsel_r2_uClibc-0.9.33.2/linux-ramips_rt305x/
+  compat-wireless-2012-12-01/net/mac80211/rx.c:115 ieee80211_rx_irqsafe+0x274/0xbcc
+  [mac80211]()
+  Modules linked in: dwc_otg ledtrig_usbdev nf_nat_irc
+  nf_nat_ftp nf_conntrack_irc nf_conntrack_ftp ipt_MASQUERADE
+  iptable_nat nf_nat pppoe xt_conntrack xt_CT xt_NOTRACK iptable_raw
+  xt_state nf_conntrack_ipv4 nf_defrag_ipv4 nf_conntrack pppox
+  ipt_REJECT xt_TCPMSS xt_comment xt_multiport xt_mac xt_limit
+  iptable_mangle iptable_filter ip_tables xt_tcpudp x_tables ppp_async
+  ppp_generic slhc rt2800pci(O) rt2800lib(O) rt2x00soc(O) rt2x00pci(O)
+  rt2x00lib(O) mac80211(O) usbcore usb_common nls_base crc_itu_t
+  crc_ccitt eeprom_93cx6 cfg80211(O) compat(O) arc4 aes_generic
+  crypto_blkcipher cryptomgr aead crypto_hash crypto_algapi leds_gpio
+  button_hotplug(O) gpio_keys_polled input_polldev input_core
+  Call Trace:
+  [<801e96b4>] dump_stack+0x8/0x34
+  [<80010a9c>] warn_slowpath_common+0x78/0xa4
+  [<80010ae0>] warn_slowpath_null+0x18/0x24
+  [<80a9710c>] ieee80211_rx_irqsafe+0x274/0xbcc [mac80211]
+
+The patch ensures that each field gets initialized with
+zeroes.
+
+Cc: <users@rt2x00.serialmonkey.com>
+Signed-off-by: Gabor Juhos <juhosg@openwrt.org>
+---
+ drivers/net/wireless/rt2x00/rt2x00dev.c |    2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/drivers/net/wireless/rt2x00/rt2x00dev.c
++++ b/drivers/net/wireless/rt2x00/rt2x00dev.c
+@@ -685,6 +685,8 @@ void rt2x00lib_rxdone(struct queue_entry
+        * to mac80211.
+        */
+       rx_status = IEEE80211_SKB_RXCB(entry->skb);
++      memset(rx_status, 0, sizeof(*rx_status));
++
+       rx_status->mactime = rxdesc.timestamp;
+       rx_status->band = rt2x00dev->curr_band;
+       rx_status->freq = rt2x00dev->curr_freq;

diff --git a/package/mac80211/patches/307-pending-ath5k-zero-out-rx_status.patch b/package/mac80211/patches/307-pending-ath5k-zero-out-rx_status.patch
new file mode 100644 (file)
index 0000000..3f8723a
--- /dev/null
+++ b/package/mac80211/patches/307-pending-ath5k-zero-out-rx_status.patch
@@ -0,0 +1,31 @@
+From 4c0faf816beeb5d4175cff09c96e668a49ad032f Mon Sep 17 00:00:00 2001
+From: Gabor Juhos <juhosg@openwrt.org>
+Date: Tue, 11 Dec 2012 14:16:15 +0100
+Subject: [PATCH 2/3] ath5k: zero-out rx_status
+
+In commit 'mac80211: support radiotap vendor namespace RX data'
+new fields were added to 'struct ieee80211_rx_status'.
+The ath5k driver does not initializes those fields and
+this can cause unexpected behaviour. The patch ensures
+that each field gets initialized with zeroes.
+
+Cc: <ath5k-devel@lists.ath5k.org>
+Signed-off-by: Gabor Juhos <juhosg@openwrt.org>
+---
+Compile tested only.
+---
+ drivers/net/wireless/ath/ath5k/base.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/net/wireless/ath/ath5k/base.c
++++ b/drivers/net/wireless/ath/ath5k/base.c
+@@ -1325,8 +1325,8 @@ ath5k_receive_frame(struct ath5k_hw *ah,
+       ath5k_remove_padding(skb);
+ 
+       rxs = IEEE80211_SKB_RXCB(skb);
++      memset(rxs, 0, sizeof(*rxs));
+ 
+-      rxs->flag = 0;
+       if (unlikely(rs->rs_status & AR5K_RXERR_MIC))
+               rxs->flag |= RX_FLAG_MMIC_ERROR;
+ 

diff --git a/package/mac80211/patches/308-pending-p54-zero-out-rx_status.patch b/package/mac80211/patches/308-pending-p54-zero-out-rx_status.patch
new file mode 100644 (file)
index 0000000..22ff260
--- /dev/null
+++ b/package/mac80211/patches/308-pending-p54-zero-out-rx_status.patch
@@ -0,0 +1,30 @@
+From 6e73611e574ea3c8fe5afc67ee29d2c5ff777f4b Mon Sep 17 00:00:00 2001
+From: Gabor Juhos <juhosg@openwrt.org>
+Date: Tue, 11 Dec 2012 14:16:29 +0100
+Subject: [PATCH 3/3] p54: zero-out rx_status
+
+In commit 'mac80211: support radiotap vendor namespace RX data'
+new fields were added to 'struct ieee80211_rx_status'.
+The ath5k driver does not initializes those fields and
+this can cause unexpected behaviour. The patch ensures
+that each field gets initialized with zeroes.
+
+Cc: Christian Lamparter <chunkeey@googlemail.com>
+Signed-off-by: Gabor Juhos <juhosg@openwrt.org>
+---
+Compile tested only.
+---
+ drivers/net/wireless/p54/txrx.c |    2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/drivers/net/wireless/p54/txrx.c
++++ b/drivers/net/wireless/p54/txrx.c
+@@ -345,6 +345,8 @@ static int p54_rx_data(struct p54_common
+       if (!(hdr->flags & cpu_to_le16(P54_HDR_FLAG_DATA_IN_FCS_GOOD)))
+               return 0;
+ 
++      memset(rx_status, 0, sizeof(*rx_status));
++
+       if (hdr->decrypt_status == P54_DECRYPT_OK)
+               rx_status->flag |= RX_FLAG_DECRYPTED;
+       if ((hdr->decrypt_status == P54_DECRYPT_FAIL_MICHAEL) ||