s390/qeth: fix SETIP command handling

send_control_data() applies some special handling to SETIP v4 IPA
commands. But current code parses *all* command types for the SETIP
command code. Limit the command code check to IPA commands.

Fixes: 5b54e16f1a54 ("qeth: do not spin for SETIP ip assist command")
Signed-off-by: Julian Wiedmann <jwi@linux.vnet.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/drivers/s390/net/qeth_core.h b/drivers/s390/net/qeth_core.h
index c33fbc4c2e919dfe8aab7624e81919c2a5ddf992..959c65cf75d945b05954b1dc8d0f054be83920d7 100644 (file)
--- a/drivers/s390/net/qeth_core.h
+++ b/drivers/s390/net/qeth_core.h
@@ -591,6 +591,11 @@ struct qeth_cmd_buffer {
        void (*callback) (struct qeth_channel *, struct qeth_cmd_buffer *);
 };
 
+static inline struct qeth_ipa_cmd *__ipa_cmd(struct qeth_cmd_buffer *iob)
+{
+       return (struct qeth_ipa_cmd *)(iob->data + IPA_PDU_HEADER_SIZE);
+}
+
 /**
  * definition of a qeth channel, used for read and write
  */

diff --git a/drivers/s390/net/qeth_core_main.c b/drivers/s390/net/qeth_core_main.c
index 6abd3bc285e4f4bc0cdfffe8efcc198220438d45..ca72f3311004a3d020ed07266596ff63ce740b26 100644 (file)
--- a/drivers/s390/net/qeth_core_main.c
+++ b/drivers/s390/net/qeth_core_main.c
@@ -2120,7 +2120,7 @@ int qeth_send_control_data(struct qeth_card *card, int len,
        unsigned long flags;
        struct qeth_reply *reply = NULL;
        unsigned long timeout, event_timeout;
-       struct qeth_ipa_cmd *cmd;
+       struct qeth_ipa_cmd *cmd = NULL;
 
        QETH_CARD_TEXT(card, 2, "sendctl");
 
@@ -2146,10 +2146,13 @@ int qeth_send_control_data(struct qeth_card *card, int len,
        while (atomic_cmpxchg(&card->write.irq_pending, 0, 1)) ;
        qeth_prepare_control_data(card, len, iob);
 
-       if (IS_IPA(iob->data))
+       if (IS_IPA(iob->data)) {
+               cmd = __ipa_cmd(iob);
                event_timeout = QETH_IPA_TIMEOUT;
-       else
+       } else {
                event_timeout = QETH_TIMEOUT;
+       }
+
        timeout = jiffies + event_timeout;
 
        QETH_CARD_TEXT(card, 6, "noirqpnd");
@@ -2174,9 +2177,8 @@ int qeth_send_control_data(struct qeth_card *card, int len,
 
        /* we have only one long running ipassist, since we can ensure
           process context of this command we can sleep */
-       cmd = (struct qeth_ipa_cmd *)(iob->data+IPA_PDU_HEADER_SIZE);
-       if ((cmd->hdr.command == IPA_CMD_SETIP) &&
-           (cmd->hdr.prot_version == QETH_PROT_IPV4)) {
+       if (cmd && cmd->hdr.command == IPA_CMD_SETIP &&
+           cmd->hdr.prot_version == QETH_PROT_IPV4) {
                if (!wait_event_timeout(reply->wait_q,
                    atomic_read(&reply->received), event_timeout))
                        goto time_err;