mwifiex: fix skb length issue when send a command to firmware

author Stone Piao <piaoyun@marvell.com>

Thu, 23 Aug 2012 03:26:31 +0000 (20:26 -0700)

committer John W. Linville <linville@tuxdriver.com>

Wed, 5 Sep 2012 18:53:29 +0000 (14:53 -0400)
author Stone Piao <piaoyun@marvell.com>
Thu, 23 Aug 2012 03:26:31 +0000 (20:26 -0700)
committer John W. Linville <linville@tuxdriver.com>
Wed, 5 Sep 2012 18:53:29 +0000 (14:53 -0400)
diff --git a/drivers/net/wireless/mwifiex/cmdevt.c b/drivers/net/wireless/mwifiex/cmdevt.c

index c68adec3cc8b6522678c98582c7781b885193849..565527aee0ea3f73caa832f336c0ded06a3b22d9 100644 (file)
--- a/drivers/net/wireless/mwifiex/cmdevt.c
+++ b/drivers/net/wireless/mwifiex/cmdevt.c
@@ -170,7 +170,20 @@ static int mwifiex_dnld_cmd_to_fw(struct mwifiex_private *priv,
         cmd_code = le16_to_cpu(host_cmd->command);
         cmd_size = le16_to_cpu(host_cmd->size);
  
-       skb_trim(cmd_node->cmd_skb, cmd_size);
+       /* Adjust skb length */
+       if (cmd_node->cmd_skb->len > cmd_size)
+               /*
+                * cmd_size is less than sizeof(struct host_cmd_ds_command).
+                * Trim off the unused portion.
+                */
+               skb_trim(cmd_node->cmd_skb, cmd_size);
+       else if (cmd_node->cmd_skb->len < cmd_size)
+               /*
+                * cmd_size is larger than sizeof(struct host_cmd_ds_command)
+                * because we have appended custom IE TLV. Increase skb length
+                * accordingly.
+                */
+               skb_put(cmd_node->cmd_skb, cmd_size - cmd_node->cmd_skb->len);
  
         do_gettimeofday(&tstamp);
         dev_dbg(adapter->dev, "cmd: DNLD_CMD: (%lu.%lu): %#x, act %#x, len %d,"
author	Stone Piao <piaoyun@marvell.com>
	Thu, 23 Aug 2012 03:26:31 +0000 (20:26 -0700)
committer	John W. Linville <linville@tuxdriver.com>
	Wed, 5 Sep 2012 18:53:29 +0000 (14:53 -0400)