Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp469995yba; Wed, 15 May 2019 04:41:38 -0700 (PDT) X-Google-Smtp-Source: APXvYqwcTBPeHO9/abx2s06VI5xWwnN2e04wQmovCeuOPRxA5mAuVAFTUYnQQ44uvfcardP/aADu X-Received: by 2002:a65:62c3:: with SMTP id m3mr43826950pgv.159.1557920498884; Wed, 15 May 2019 04:41:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1557920498; cv=none; d=google.com; s=arc-20160816; b=dcBZcV8qJsofloY+BIBbX+uMaCY+UyPaAEycM9CSKzwTXvDbbuNkcSeLP39HLjjUvb 16+rEWKIKe4c3gL2/Lsu3vJgOSBDagJ2mAgScE/8v2E3IFueJodCMJkANsCm6HPJwUc3 ++p6v97KWUueQwYWZfpSlPmAaO/WBgqztnzfeTp/BFFs2ewCv15BqKIu5tVatUmEVa4/ n5hJuHUnrF1zJA/MMC6bSWJd9SNkyhwBpDaFZJ0SWs0S0/ZoNhLneDd1BalcmxKc0ITq gDD1NBFU6bbxkrl+Q3Ych70wBuvHRFQ/aHe2ANPddKHKDU6EBYE6krB8nycCcOAd/z49 XdaA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=hf7mg7oG1mfxsT6PZScDZUxtMW5uiPuClYpt1UALAVA=; b=PvQC/9cqCLbRolgLxmQFC+MuO2rWudtO7nXEw847zkrsszF5jHXGdayMf4+xPC9N3f Yr1eOuT7WB2+z8XEeFXnGUpExNnss4M0KS8PExd+nAGOlW97zq9BjtCvFO+NG817H81t NbKQi0sB6DBaG/tJrPRF3/8guP/fSxyHuRV/jGox7V2YXsfE7ICcGVx1evyl+h/KhSy9 J3JrYa9uSNcYDkqcic6HfzkiqfmP4DDa0EP8p/XvTblCnXh8RwFpeAWc8OyOrOPRzDlp WtuFrUBZN/odf/+1zaWoGUu9vDhE2kVu8G4zu1RaKx9e2o2kfZI0WZ3NQ8u9Sy+9xQNQ K4HQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=ONLGU2JH; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n13si1633456pgq.400.2019.05.15.04.41.24; Wed, 15 May 2019 04:41:38 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=ONLGU2JH; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729634AbfEOLaO (ORCPT + 99 others); Wed, 15 May 2019 07:30:14 -0400 Received: from mail.kernel.org ([198.145.29.99]:41638 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731730AbfEOLaL (ORCPT ); Wed, 15 May 2019 07:30:11 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id A1F5320843; Wed, 15 May 2019 11:30:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1557919810; bh=dVQBo5mtvrTupR7EEWhapQ5svi0kusxcNoYyTDZh03o=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=ONLGU2JHinEj9dV5SaEgmI/wuw0sQXUNSYc/PW/OYaTkLXhtr7O2pFBA72vQEIelX s+peQay5IW8EK5YXgvT2C0fiVt8plrQrSDa1OpSZD4jH7hapP9OyEmXx0BrHaxyCMy 21MI5hhXvvuixJksej8pA3Csa//7f5pHf1XHS9rw= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Eubert Bao , =?UTF-8?q?Petr=20=C5=A0tetiar?= , Kalle Valo Subject: [PATCH 5.0 102/137] mwl8k: Fix rate_idx underflow Date: Wed, 15 May 2019 12:56:23 +0200 Message-Id: <20190515090700.931485945@linuxfoundation.org> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190515090651.633556783@linuxfoundation.org> References: <20190515090651.633556783@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Petr Štetiar commit 6b583201fa219b7b1b6aebd8966c8fd9357ef9f4 upstream. It was reported on OpenWrt bug tracking system[1], that several users are affected by the endless reboot of their routers if they configure 5GHz interface with channel 44 or 48. The reboot loop is caused by the following excessive number of WARN_ON messages: WARNING: CPU: 0 PID: 0 at backports-4.19.23-1/net/mac80211/rx.c:4516 ieee80211_rx_napi+0x1fc/0xa54 [mac80211] as the messages are being correctly emitted by the following guard: case RX_ENC_LEGACY: if (WARN_ON(status->rate_idx >= sband->n_bitrates)) as the rate_idx is in this case erroneously set to 251 (0xfb). This fix simply converts previously used magic number to proper constant and guards against substraction which is leading to the currently observed underflow. 1. https://bugs.openwrt.org/index.php?do=details&task_id=2218 Fixes: 854783444bab ("mwl8k: properly set receive status rate index on 5 GHz receive") Cc: Tested-by: Eubert Bao Reported-by: Eubert Bao Signed-off-by: Petr Štetiar Signed-off-by: Kalle Valo Signed-off-by: Greg Kroah-Hartman --- drivers/net/wireless/marvell/mwl8k.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) --- a/drivers/net/wireless/marvell/mwl8k.c +++ b/drivers/net/wireless/marvell/mwl8k.c @@ -441,6 +441,9 @@ static const struct ieee80211_rate mwl8k #define MWL8K_CMD_UPDATE_STADB 0x1123 #define MWL8K_CMD_BASTREAM 0x1125 +#define MWL8K_LEGACY_5G_RATE_OFFSET \ + (ARRAY_SIZE(mwl8k_rates_24) - ARRAY_SIZE(mwl8k_rates_50)) + static const char *mwl8k_cmd_name(__le16 cmd, char *buf, int bufsize) { u16 command = le16_to_cpu(cmd); @@ -1016,8 +1019,9 @@ mwl8k_rxd_ap_process(void *_rxd, struct if (rxd->channel > 14) { status->band = NL80211_BAND_5GHZ; - if (!(status->encoding == RX_ENC_HT)) - status->rate_idx -= 5; + if (!(status->encoding == RX_ENC_HT) && + status->rate_idx >= MWL8K_LEGACY_5G_RATE_OFFSET) + status->rate_idx -= MWL8K_LEGACY_5G_RATE_OFFSET; } else { status->band = NL80211_BAND_2GHZ; } @@ -1124,8 +1128,9 @@ mwl8k_rxd_sta_process(void *_rxd, struct if (rxd->channel > 14) { status->band = NL80211_BAND_5GHZ; - if (!(status->encoding == RX_ENC_HT)) - status->rate_idx -= 5; + if (!(status->encoding == RX_ENC_HT) && + status->rate_idx >= MWL8K_LEGACY_5G_RATE_OFFSET) + status->rate_idx -= MWL8K_LEGACY_5G_RATE_OFFSET; } else { status->band = NL80211_BAND_2GHZ; }