From: Michael Brown <mcb30@ipxe.org>
Date: Sun, 5 Sep 2010 17:52:57 +0000 (+0100)
Subject: [rtl8139] Check for oversized packets when transmitting
X-Git-Tag: v1.20.1~2544
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e9efbcd84ca910b416cb5869a9b92f0e2e73e72c;p=thirdparty%2Fipxe.git

[rtl8139] Check for oversized packets when transmitting

An attempt to transmit a packet of 8192 bytes or larger will collide
with the status bits in the TX descriptor.  This gives the appearance
of the network card's transmit data path having just suddenly stopped
responding; iPXE is waiting for the card to report a TX completion
but, because of the status bit collision, the card thinks that the
descriptor has not yet been written.

Fix by explicitly checking for oversized packets in rtl_transmit().

Discovered during Fibre Channel over Ethernet testing, and debugged by
using gdb to examine the state of the emulated rtl8139 card in qemu.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
---

diff --git a/src/drivers/net/rtl8139.c b/src/drivers/net/rtl8139.c
index dd3f80e57..4ed43c02e 100644
--- a/src/drivers/net/rtl8139.c
+++ b/src/drivers/net/rtl8139.c
@@ -86,6 +86,7 @@ FILE_LICENCE ( GPL_ANY );
 #include <ipxe/nvo.h>
 
 #define TX_RING_SIZE 4
+#define TX_MAX_LEN 8192
 
 struct rtl8139_tx {
 	unsigned int next;
@@ -383,6 +384,13 @@ static int rtl_transmit ( struct net_device *netdev,
 		return -ENOBUFS;
 	}
 
+	/* Check for oversized packets */
+	if ( iob_len ( iobuf ) >= TX_MAX_LEN ) {
+		DBGC ( rtl, "rtl8139 %p TX too large (%zd bytes)\n",
+		       rtl, iob_len ( iobuf ) );
+		return -ERANGE;
+	}
+
 	/* Pad and align packet */
 	iob_pad ( iobuf, ETH_ZLEN );