On 19.10.2020 04:54, Jia-Ju Bai wrote:
> In rtl8180_tx(), skb->data is mapped to streaming DMA on line 476:
> mapping = dma_map_single(..., skb->data, ...);
>
> On line 459, skb->data is assigned to hdr after cast:
> struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
>
> Then hdr->seq_ctrl is accessed on lines 540 and 541:
> hdr->seq_ctrl &= cpu_to_le16(IEEE80211_SCTL_FRAG);
> hdr->seq_ctrl |= cpu_to_le16(priv->seqno);
>
> These DMA accesses may cause data inconsistency between CPU and hardwre.
>
> To fix this problem, hdr->seq_ctrl is accessed before the DMA mapping.
>
This looks like a bug fix to me, shouldn't this have a Fixes: tag and
be CC'ed to stable@?
Maciej