Apply patch to fix iwlwifi crash (rhbz 770484)
This commit is contained in:
Josh Boyer
parent
d7f29cc809
commit
dec491e2b4
94
iwlwifi-fix-6000-ch-switch.patch
Normal file
94
iwlwifi-fix-6000-ch-switch.patch
Normal file
@ -0,0 +1,94 @@
|
||||
commit a7d3a5d97acd4b8db17e1d5c3014357c9b2040f9
|
||||
Author: Johannes Berg <johannes.berg@intel.com>
|
||||
Date: Tue Sep 25 16:40:12 2012 +0200
|
||||
|
||||
iwlwifi: fix 6000 series channel switch command
|
||||
|
||||
The channel switch command for 6000 series devices
|
||||
is larger than the maximum inline command size of
|
||||
320 bytes. The command is therefore refused with a
|
||||
warning. Fix this by allocating the command and
|
||||
using the NOCOPY mechanism.
|
||||
|
||||
Cc: stable@kernel.org
|
||||
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
||||
|
||||
diff --git a/drivers/net/wireless/iwlwifi/dvm/devices.c b/drivers/net/wireless/iwlwifi/dvm/devices.c
|
||||
index 349c205..da58620 100644
|
||||
--- a/drivers/net/wireless/iwlwifi/dvm/devices.c
|
||||
+++ b/drivers/net/wireless/iwlwifi/dvm/devices.c
|
||||
@@ -518,7 +518,7 @@ static int iwl6000_hw_channel_switch(struct iwl_priv *priv,
|
||||
* See iwlagn_mac_channel_switch.
|
||||
*/
|
||||
struct iwl_rxon_context *ctx = &priv->contexts[IWL_RXON_CTX_BSS];
|
||||
- struct iwl6000_channel_switch_cmd cmd;
|
||||
+ struct iwl6000_channel_switch_cmd *cmd;
|
||||
u32 switch_time_in_usec, ucode_switch_time;
|
||||
u16 ch;
|
||||
u32 tsf_low;
|
||||
@@ -527,18 +527,25 @@ static int iwl6000_hw_channel_switch(struct iwl_priv *priv,
|
||||
struct ieee80211_vif *vif = ctx->vif;
|
||||
struct iwl_host_cmd hcmd = {
|
||||
.id = REPLY_CHANNEL_SWITCH,
|
||||
- .len = { sizeof(cmd), },
|
||||
+ .len = { sizeof(*cmd), },
|
||||
.flags = CMD_SYNC,
|
||||
- .data = { &cmd, },
|
||||
+ .dataflags[0] = IWL_HCMD_DFL_NOCOPY,
|
||||
};
|
||||
+ int err;
|
||||
|
||||
- cmd.band = priv->band == IEEE80211_BAND_2GHZ;
|
||||
+ cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
|
||||
+ if (!cmd)
|
||||
+ return -ENOMEM;
|
||||
+
|
||||
+ hcmd.data[0] = cmd;
|
||||
+
|
||||
+ cmd->band = priv->band == IEEE80211_BAND_2GHZ;
|
||||
ch = ch_switch->channel->hw_value;
|
||||
IWL_DEBUG_11H(priv, "channel switch from %u to %u\n",
|
||||
ctx->active.channel, ch);
|
||||
- cmd.channel = cpu_to_le16(ch);
|
||||
- cmd.rxon_flags = ctx->staging.flags;
|
||||
- cmd.rxon_filter_flags = ctx->staging.filter_flags;
|
||||
+ cmd->channel = cpu_to_le16(ch);
|
||||
+ cmd->rxon_flags = ctx->staging.flags;
|
||||
+ cmd->rxon_filter_flags = ctx->staging.filter_flags;
|
||||
switch_count = ch_switch->count;
|
||||
tsf_low = ch_switch->timestamp & 0x0ffffffff;
|
||||
/*
|
||||
@@ -554,23 +561,25 @@ static int iwl6000_hw_channel_switch(struct iwl_priv *priv,
|
||||
switch_count = 0;
|
||||
}
|
||||
if (switch_count <= 1)
|
||||
- cmd.switch_time = cpu_to_le32(priv->ucode_beacon_time);
|
||||
+ cmd->switch_time = cpu_to_le32(priv->ucode_beacon_time);
|
||||
else {
|
||||
switch_time_in_usec =
|
||||
vif->bss_conf.beacon_int * switch_count * TIME_UNIT;
|
||||
ucode_switch_time = iwl_usecs_to_beacons(priv,
|
||||
switch_time_in_usec,
|
||||
beacon_interval);
|
||||
- cmd.switch_time = iwl_add_beacon_time(priv,
|
||||
- priv->ucode_beacon_time,
|
||||
- ucode_switch_time,
|
||||
- beacon_interval);
|
||||
+ cmd->switch_time = iwl_add_beacon_time(priv,
|
||||
+ priv->ucode_beacon_time,
|
||||
+ ucode_switch_time,
|
||||
+ beacon_interval);
|
||||
}
|
||||
IWL_DEBUG_11H(priv, "uCode time for the switch is 0x%x\n",
|
||||
- cmd.switch_time);
|
||||
- cmd.expect_beacon = ch_switch->channel->flags & IEEE80211_CHAN_RADAR;
|
||||
+ cmd->switch_time);
|
||||
+ cmd->expect_beacon = ch_switch->channel->flags & IEEE80211_CHAN_RADAR;
|
||||
|
||||
- return iwl_dvm_send_cmd(priv, &hcmd);
|
||||
+ err = iwl_dvm_send_cmd(priv, &hcmd);
|
||||
+ kfree(cmd);
|
||||
+ return err;
|
||||
}
|
||||
|
||||
struct iwl_lib_ops iwl6000_lib = {
|
||||
11
kernel.spec
11
kernel.spec
@ -54,7 +54,7 @@ Summary: The Linux kernel
|
||||
# For non-released -rc kernels, this will be appended after the rcX and
|
||||
# gitX tags, so a 3 here would become part of release "0.rcX.gitX.3"
|
||||
#
|
||||
%global baserelease 1
|
||||
%global baserelease 2
|
||||
%global fedora_build %{baserelease}
|
||||
|
||||
# base_sublevel is the kernel version we're starting with and patching
|
||||
@ -681,6 +681,9 @@ Patch21300: unhandled-irqs-switch-to-polling.patch
|
||||
#rhbz 804957 CVE-2012-1568
|
||||
Patch21306: shlib_base_randomize.patch
|
||||
|
||||
#rhbz 770484
|
||||
Patch22071: iwlwifi-fix-6000-ch-switch.patch
|
||||
|
||||
# Debug patches
|
||||
Patch30000: weird-root-dentry-name-debug.patch
|
||||
Patch30010: debug-808990.patch
|
||||
@ -1287,6 +1290,9 @@ ApplyPatch unhandled-irqs-switch-to-polling.patch
|
||||
ApplyPatch weird-root-dentry-name-debug.patch
|
||||
ApplyPatch debug-808990.patch
|
||||
|
||||
#rhbz 770484
|
||||
ApplyPatch iwlwifi-fix-6000-ch-switch.patch
|
||||
|
||||
# END OF PATCH APPLICATIONS
|
||||
|
||||
%endif
|
||||
@ -1987,6 +1993,9 @@ fi
|
||||
# and build.
|
||||
|
||||
%changelog
|
||||
* Thu Oct 18 2012 Josh Boyer <jwboyer@redhat.com>
|
||||
- Apply patch to fix iwlwifi crash (rhbz 770484)
|
||||
|
||||
* Tue Oct 16 2012 Dave Jones <davej@redhat.com> 3.6.2-1
|
||||
- Linux 3.6.2
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user