The current mwifiex pcie driver assumed that it would get
its cmdrsp_complete() callback called before another command
was sent to unmap the command's skbuff. However, that is not
true. The mwifiex_check_ps_cond() will send a sleep command
to the card without having adapter->curr_cmd set. Within the
workqueue's state machine the adapter's state would be set
to allow commands (curr_cmd = NULL && cmd_sent = false) after
having receieved the response from the sleep command. The
card->cmd_buf would then be overridden with the new command
but the first command's skbuff was not unmapped. This leaks
mapped skbuffs when a bounce buffer is employed.
To rectify this unmap the card->cmd_buf when the response is
received from the card instead of waiting for the
cmdrsp_complete() callback.
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-by: Paul Stewart <pstew@chromium.org>
Reviewed-by: Avinash Patil <patila@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
mwifiex_unmap_pci_memory(adapter, skb, PCI_DMA_FROMDEVICE);
+ /* Unmap the command as a response has been received. */
+ if (card->cmd_buf) {
+ mwifiex_unmap_pci_memory(adapter, card->cmd_buf,
+ PCI_DMA_TODEVICE);
+ card->cmd_buf = NULL;
+ }
+
pkt_len = *((__le16 *)skb->data);
rx_len = le16_to_cpu(pkt_len);
skb_trim(skb, rx_len);
struct sk_buff *skb)
{
struct pcie_service_card *card = adapter->card;
- struct sk_buff *skb_tmp;
if (skb) {
card->cmdrsp_buf = skb;
return -1;
}
- skb_tmp = card->cmd_buf;
- if (skb_tmp) {
- mwifiex_unmap_pci_memory(adapter, skb_tmp, PCI_DMA_FROMDEVICE);
- card->cmd_buf = NULL;
- }
-
return 0;
}
git.openpandora.org / pandora-kernel.git / commitdiff