This is a note to let you know that I've just added the patch titled
mac802154: Fix LQI recording
to the 6.0-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
mac802154-fix-lqi-recording.patch
and it can be found in the queue-6.0 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From 5a5c4e06fd03b595542d5590f2bc05a6b7fc5c2b Mon Sep 17 00:00:00 2001
From: Miquel Raynal <miquel.raynal@xxxxxxxxxxx>
Date: Thu, 20 Oct 2022 16:25:35 +0200
Subject: mac802154: Fix LQI recording
From: Miquel Raynal <miquel.raynal@xxxxxxxxxxx>
commit 5a5c4e06fd03b595542d5590f2bc05a6b7fc5c2b upstream.
Back in 2014, the LQI was saved in the skb control buffer (skb->cb, or
mac_cb(skb)) without any actual reset of this area prior to its use.
As part of a useful rework of the use of this region, 32edc40ae65c
("ieee802154: change _cb handling slightly") introduced mac_cb_init() to
basically memset the cb field to 0. In particular, this new function got
called at the beginning of mac802154_parse_frame_start(), right before
the location where the buffer got actually filled.
What went through unnoticed however, is the fact that the very first
helper called by device drivers in the receive path already used this
area to save the LQI value for later extraction. Resetting the cb field
"so late" led to systematically zeroing the LQI.
If we consider the reset of the cb field needed, we can make it as soon
as we get an skb from a device driver, right before storing the LQI,
as is the very first time we need to write something there.
Cc: stable@xxxxxxxxxxxxxxx
Fixes: 32edc40ae65c ("ieee802154: change _cb handling slightly")
Signed-off-by: Miquel Raynal <miquel.raynal@xxxxxxxxxxx>
Acked-by: Alexander Aring <aahringo@xxxxxxxxxx>
Link: https://lore.kernel.org/r/20221020142535.1038885-1-miquel.raynal@xxxxxxxxxxx
Signed-off-by: Stefan Schmidt <stefan@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/mac802154/rx.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
--- a/net/mac802154/rx.c
+++ b/net/mac802154/rx.c
@@ -132,7 +132,7 @@ static int
ieee802154_parse_frame_start(struct sk_buff *skb, struct ieee802154_hdr *hdr)
{
int hlen;
- struct ieee802154_mac_cb *cb = mac_cb_init(skb);
+ struct ieee802154_mac_cb *cb = mac_cb(skb);
skb_reset_mac_header(skb);
@@ -294,8 +294,9 @@ void
ieee802154_rx_irqsafe(struct ieee802154_hw *hw, struct sk_buff *skb, u8 lqi)
{
struct ieee802154_local *local = hw_to_local(hw);
+ struct ieee802154_mac_cb *cb = mac_cb_init(skb);
- mac_cb(skb)->lqi = lqi;
+ cb->lqi = lqi;
skb->pkt_type = IEEE802154_RX_MSG;
skb_queue_tail(&local->skb_queue, skb);
tasklet_schedule(&local->tasklet);
Patches currently in stable-queue which might be from miquel.raynal@xxxxxxxxxxx are
queue-6.0/mtd-rawnand-tegra-fix-pm-disable-depth-imbalance-in-probe.patch
queue-6.0/mtd-rawnand-marvell-use-correct-logic-for-nand-keep-config.patch
queue-6.0/mtd-spi-nor-core-ignore-enotsupp-in-spi_nor_init.patch
queue-6.0/mac802154-fix-lqi-recording.patch
queue-6.0/mtd-parsers-bcm47xxpart-fix-halfblock-reads.patch
