ccf5b37f7d
"qdf_nbuf_cb.u.rx.lro_eligible",
"qdf_nbuf_cb.u.rx.is_raw_frame"
bits occupy same memmory as
"qdf_nbuf_cb.u.tx.flags.bits.flag_efrag",
"qdf_nbuf_cb.u.tx.flags.bits.flag_nbuf" as it is a union
but flag_efrag and flag_nbuf are always set during
qdf_nbuf_alloc, this is resulting in is_raw_frame to be
explicitly set even when the received frame is not RAW
memory location of these fields in qdf_nbuf_cb
D:0xBCDFE0F4.0 lro_eligible = 1
D:0xBCDFE0F4.1 is_raw_frame = 1
D:0xBCDFE0F4.0 flag_efrag = 1
D:0xBCDFE0F4.1 flag_nbuf = 1
in qdf_nbuf_alloc the flag_efrag & flag_nbuf is set.
skb_alloc:
memset(skb->cb, 0x0, sizeof(skb->cb));
/*
* * The default is for netbuf fragments to be interpreted
* * as wordstreams rather than bytestreams.
* */
QDF_NBUF_CB_TX_EXTRA_FRAG_WORDSTR_EFRAG(skb) = 1;
QDF_NBUF_CB_TX_EXTRA_FRAG_WORDSTR_NBUF(skb) = 1;
As discussed over email this is a temporary WAR
until a long term solution is in place.
Below is the email conversation
This is a temporary change to unblock the present sanity issues
There seems to be a basic issue with nbuf_alloc, with following logic
QDF_NBUF_CB_TX_EXTRA_FRAG_WORDSTR_EFRAG(skb) = 1;
QDF_NBUF_CB_TX_EXTRA_FRAG_WORDSTR_NBUF(skb) = 1;
nbuf_lloc is assuming that the buffer is allocated for TX always
and setting fields in the area of TX portion of union.
If that skb is used for RX can lead to wrong interpretation of the RX
union fields, which is causing present issue.
This got exposed with a recent change that shuffled the fields of
RX union which made the imp fields got manipulated with this TX setting.
We need to resolve this basic issue with wider consent and validations,
while this fix unblocks the basic sanity issues.
Change-Id: I24a6d0faf3a874c54b4859dc027e059c693d6759
This is CNSS WLAN Host Driver for products starting from iHelium