1 From e922d683ca8001ce9a6272d6ab12d74e72c36521 Mon Sep 17 00:00:00 2001
2 From: Gabor Juhos <juhosg@openwrt.org>
3 Date: Tue, 11 Dec 2012 14:15:53 +0100
4 Subject: [PATCH v2] rt2x00: zero-out rx_status
6 In commit 'mac80211: support radiotap vendor namespace RX data'
7 new fields were added to 'struct ieee80211_rx_status' and those
8 fileds must be zeroed. However the rt2x00 driver stores driver
9 specific data in the cb array of the rx skbs, so the fields
10 might contain garbage and this can cause unexpected behaviour.
12 The rt2x00 driver from the compat-wireless-2012-12-01
13 tarball caused the following warning:
16 /devel/ramips/build_dir/target-mipsel_r2_uClibc-0.9.33.2/linux-ramips_rt305x/
17 compat-wireless-2012-12-01/net/mac80211/rx.c:115 ieee80211_rx_irqsafe+0x274/0xbcc
19 Modules linked in: dwc_otg ledtrig_usbdev nf_nat_irc
20 nf_nat_ftp nf_conntrack_irc nf_conntrack_ftp ipt_MASQUERADE
21 iptable_nat nf_nat pppoe xt_conntrack xt_CT xt_NOTRACK iptable_raw
22 xt_state nf_conntrack_ipv4 nf_defrag_ipv4 nf_conntrack pppox
23 ipt_REJECT xt_TCPMSS xt_comment xt_multiport xt_mac xt_limit
24 iptable_mangle iptable_filter ip_tables xt_tcpudp x_tables ppp_async
25 ppp_generic slhc rt2800pci(O) rt2800lib(O) rt2x00soc(O) rt2x00pci(O)
26 rt2x00lib(O) mac80211(O) usbcore usb_common nls_base crc_itu_t
27 crc_ccitt eeprom_93cx6 cfg80211(O) compat(O) arc4 aes_generic
28 crypto_blkcipher cryptomgr aead crypto_hash crypto_algapi leds_gpio
29 button_hotplug(O) gpio_keys_polled input_polldev input_core
31 [<801e96b4>] dump_stack+0x8/0x34
32 [<80010a9c>] warn_slowpath_common+0x78/0xa4
33 [<80010ae0>] warn_slowpath_null+0x18/0x24
34 [<80a9710c>] ieee80211_rx_irqsafe+0x274/0xbcc [mac80211]
36 The patch ensures that each field gets initialized with
39 Cc: <users@rt2x00.serialmonkey.com>
40 Signed-off-by: Gabor Juhos <juhosg@openwrt.org>
43 - update the commit message and add a comment to the code
44 - drop the ath5k and p54 patches
46 drivers/net/wireless/rt2x00/rt2x00dev.c | 8 ++++++++
47 1 file changed, 8 insertions(+)
49 --- a/drivers/net/wireless/rt2x00/rt2x00dev.c
50 +++ b/drivers/net/wireless/rt2x00/rt2x00dev.c
51 @@ -685,6 +685,14 @@ void rt2x00lib_rxdone(struct queue_entry
54 rx_status = IEEE80211_SKB_RXCB(entry->skb);
56 + /* Ensure that all fields of rx_status are initialized
57 + * properly. The skb->cb array was used for driver
58 + * specific informations, so rx_status might contain
61 + memset(rx_status, 0, sizeof(*rx_status));
63 rx_status->mactime = rxdesc.timestamp;
64 rx_status->band = rt2x00dev->curr_band;
65 rx_status->freq = rt2x00dev->curr_freq;