OpenE2K/linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
6483bdc9d7
linux/drivers/net
History
Bjørn Mork 6483bdc9d7 net: qmi_wwan: fixup destination address (firmware bug workaround) 
Received packets are sometimes addressed to 00:a0:c6:00:00:00
instead of the address the device firmware should have learned
from the host:

321.224126 77.16.85.204 -> 148.122.171.134 ICMP 98 Echo (ping) request  id=0x4025, seq=64/16384, ttl=64

0000  82 c0 82 c9 f1 67 82 c0 82 c9 f1 67 08 00 45 00   .....g.....g..E.
0010  00 54 00 00 40 00 40 01 57 cc 4d 10 55 cc 94 7a   .T..@.@.W.M.U..z
0020  ab 86 08 00 62 fc 40 25 00 40 b2 bc 6e 51 00 00   ....b.@%.@..nQ..
0030  00 00 6b bd 09 00 00 00 00 00 10 11 12 13 14 15   ..k.............
0040  16 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25   .......... !"#$%
0050  26 27 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35   &'()*+,-./012345
0060  36 37                                             67

321.240607 148.122.171.134 -> 77.16.85.204 ICMP 98 Echo (ping) reply    id=0x4025, seq=64/16384, ttl=55

0000  00 a0 c6 00 00 00 02 50 f3 00 00 00 08 00 45 00   .......P......E.
0010  00 54 00 56 00 00 37 01 a0 76 94 7a ab 86 4d 10   .T.V..7..v.z..M.
0020  55 cc 00 00 6a fc 40 25 00 40 b2 bc 6e 51 00 00   U...j.@%.@..nQ..
0030  00 00 6b bd 09 00 00 00 00 00 10 11 12 13 14 15   ..k.............
0040  16 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25   .......... !"#$%
0050  26 27 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35   &'()*+,-./012345
0060  36 37                                             67

The bogus address is always the same, and matches the address
suggested by many devices as a default address.  It is likely a
hardcoded firmware default.

The circumstances where this bug has been observed indicates that
the trigger is related to timing or some other factor the host
cannot control. Repeating the exact same configuration sequence
that caused it to trigger once, will not necessarily cause it to
trigger the next time. Reproducing the bug is therefore difficult.
This opens up a possibility that the bug is more common than we can
confirm, because affected devices often will work properly again
after a reset.  A procedure most users are likely to try out before
reporting a bug.

Unconditionally rewriting the destination address if the first digit
of the received packet is 0, is considered an acceptable compromise
since we already have to inspect this digit.  The simplification will
cause unnecessary rewrites if the real address starts with 0, but this
is still better than adding additional tests for this particular case.

Signed-off-by: Bjørn Mork <bjorn@mork.no>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-04-19 17:51:17 -04:00
..
appletalk
arcnet
bonding bonding: in bond_mc_swap() bond's mc addr list is walked without lock 2013-04-19 17:48:19 -04:00
caif
can can: sja1000: fix handling on dt properties on little endian systems 2013-04-12 13:03:01 +02:00
cris
dsa
ethernet bnx2x: Fix status blocks configuration 2013-04-18 15:03:26 -04:00
fddi
hamradio
hippi rrunner.c: fix possible memory leak in rr_init_one() 2013-03-10 16:42:23 -04:00
hyperv hyperv: Fix RNDIS send_completion code path 2013-04-08 12:15:17 -04:00
ieee802154
irda
phy net/phy: micrel: Disable asymmetric pause for KSZ9021 2013-02-28 15:37:30 -05:00
plip
ppp ppp: convert to idr_alloc() 2013-02-27 19:10:18 -08:00
slip
team team: unsyc the devices addresses when port is removed 2013-03-07 16:35:57 -05:00
usb net: qmi_wwan: fixup destination address (firmware bug workaround) 2013-04-19 17:51:17 -04:00
vmxnet3 vmxnet3: prevent div-by-zero panic when ring resizing uninitialized dev 2013-03-07 16:10:47 -05:00
wan Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-02-26 20:16:07 -08:00
wimax
wireless ath9k_hw: change AR9580 initvals to fix a stability issue 2013-04-12 13:22:09 -04:00
xen-netback
dummy.c
eql.c
ifb.c
Kconfig Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-02-26 11:44:11 -08:00
LICENSE.SRC
loopback.c
macvlan.c macvlan: Set IFF_UNICAST_FLT flag to prevent unnecessary promisc mode. 2013-03-07 16:36:59 -05:00
macvtap.c macvtap: convert to idr_alloc() 2013-02-27 19:10:18 -08:00
Makefile
mdio.c
mii.c
netconsole.c netconsole: don't call __netpoll_cleanup() while atomic 2013-03-12 06:58:55 -04:00
ntb_netdev.c
rionet.c
sb1000.c
Space.c
sungem_phy.c
tun.c tuntap: fix error return code in tun_set_iff() 2013-04-12 15:00:04 -04:00
veth.c
virtio_net.c All trivial, thanks to the stuff which didn't quite make it time. 2013-02-26 14:49:12 -08:00
vxlan.c vxlan: fix oops when delete netns containing vxlan 2013-03-07 16:12:51 -05:00
xen-netfront.c