[ Upstream commit e2a6b711282a371c5153239e0468a48254f17ca6 ]

HTT High Latency (ATH10K_DEV_TYPE_HL) does not use txdone_fifo at all, we don't
even initialise it by skipping ath10k_htt_tx_alloc_buf() in
ath10k_htt_tx_start(). Because of this using QCA6174 SDIO
ath10k_htt_rx_tx_compl_ind() will crash when it accesses unitialised
txdone_fifo. So skip txdone_fifo when using High Latency mode.

Tested with QCA6174 SDIO with firmware WLAN.RMH.4.4.1-00007-QCARMSWP-1.

Co-developed-by: Wen Gong <wg...@codeaurora.org>
Signed-off-by: Alagu Sankar <alagusan...@silex-india.com>
Signed-off-by: Wen Gong <wg...@codeaurora.org>
Signed-off-by: Kalle Valo <kv...@codeaurora.org>
Signed-off-by: Sasha Levin <sas...@kernel.org>
---
 drivers/net/wireless/ath/ath10k/htt_rx.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/net/wireless/ath/ath10k/htt_rx.c 
b/drivers/net/wireless/ath/ath10k/htt_rx.c
index 1acc622d2183..f22840bbc389 100644
--- a/drivers/net/wireless/ath/ath10k/htt_rx.c
+++ b/drivers/net/wireless/ath/ath10k/htt_rx.c
@@ -2277,7 +2277,9 @@ static void ath10k_htt_rx_tx_compl_ind(struct ath10k *ar,
                 *  Note that with only one concurrent reader and one concurrent
                 *  writer, you don't need extra locking to use these macro.
                 */
-               if (!kfifo_put(&htt->txdone_fifo, tx_done)) {
+               if (ar->bus_param.dev_type == ATH10K_DEV_TYPE_HL) {
+                       ath10k_txrx_tx_unref(htt, &tx_done);
+               } else if (!kfifo_put(&htt->txdone_fifo, tx_done)) {
                        ath10k_warn(ar, "txdone fifo overrun, msdu_id %d status 
%d\n",
                                    tx_done.msdu_id, tx_done.status);
                        ath10k_txrx_tx_unref(htt, &tx_done);
-- 
2.20.1



Reply via email to