projects / cascardo / linux.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a1269dd)
NFC: nci: Fix incorrect data chaining when sending data
authorChristophe Ricard <christophe.ricard@gmail.com>
Sun, 25 Oct 2015 21:54:20 +0000 (22:54 +0100)
committerSamuel Ortiz <sameo@linux.intel.com>
Mon, 26 Oct 2015 05:53:11 +0000 (06:53 +0100)
When sending HCI data over NCI, cmd information should be
present only on the first packet.
Each packet shall be specifically allocated and sent to the
NCI layer.

Cc: stable@vger.kernel.org
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
net/nfc/nci/hci.c patch | blob | history

diff --git a/net/nfc/nci/hci.c b/net/nfc/nci/hci.c
index 609f922..321889e 100644 (file)
--- a/net/nfc/nci/hci.c
+++ b/net/nfc/nci/hci.c
@@ -146,18 +146,18 @@ static int nci_hci_send_data(struct nci_dev *ndev, u8 pipe,
        if (!conn_info)
                return -EPROTO;
 
-       skb = nci_skb_alloc(ndev, 2 + conn_info->max_pkt_payload_len +
+       i = 0;
+       skb = nci_skb_alloc(ndev, conn_info->max_pkt_payload_len +
                            NCI_DATA_HDR_SIZE, GFP_KERNEL);
        if (!skb)
                return -ENOMEM;
 
-       skb_reserve(skb, 2 + NCI_DATA_HDR_SIZE);
+       skb_reserve(skb, NCI_DATA_HDR_SIZE + 2);
        *skb_push(skb, 1) = data_type;
 
-       i = 0;
-       len = conn_info->max_pkt_payload_len;
-
        do {
+               len = conn_info->max_pkt_payload_len;
+
                /* If last packet add NCI_HFP_NO_CHAINING */
                if (i + conn_info->max_pkt_payload_len -
                    (skb->len + 1) >= data_len) {
@@ -177,9 +177,15 @@ static int nci_hci_send_data(struct nci_dev *ndev, u8 pipe,
                        return r;
 
                i += len;
+
                if (i < data_len) {
-                       skb_trim(skb, 0);
-                       skb_pull(skb, len);
+                       skb = nci_skb_alloc(ndev,
+                                           conn_info->max_pkt_payload_len +
+                                           NCI_DATA_HDR_SIZE, GFP_KERNEL);
+                       if (!skb)
+                               return -ENOMEM;
+
+                       skb_reserve(skb, NCI_DATA_HDR_SIZE + 1);
                }
        } while (i < data_len);
 
Unnamed repository; edit this file 'description' to name the repository.