Print this page 
7154 arn(7D) walks out of bounds when byteswapping the 4K eeprom
7152 weird condition in arn(7D) needs clarification
7153 delete unused code in arn(7D)
7155 arn(7D) should include the mac fields in the eeprom enumeration


 454                 eep->baseEepHeader.version = word;
 455 
 456                 word = swab16(eep->baseEepHeader.regDmn[0]);
 457                 eep->baseEepHeader.regDmn[0] = word;
 458 
 459                 word = swab16(eep->baseEepHeader.regDmn[1]);
 460                 eep->baseEepHeader.regDmn[1] = word;
 461 
 462                 word = swab16(eep->baseEepHeader.rfSilent);
 463                 eep->baseEepHeader.rfSilent = word;
 464 
 465                 word = swab16(eep->baseEepHeader.blueToothOptions);
 466                 eep->baseEepHeader.blueToothOptions = word;
 467 
 468                 word = swab16(eep->baseEepHeader.deviceCap);
 469                 eep->baseEepHeader.deviceCap = word;
 470 
 471                 integer = swab32(eep->modalHeader.antCtrlCommon);
 472                 eep->modalHeader.antCtrlCommon = integer;
 473 
 474                 for (i = 0; i < AR5416_MAX_CHAINS; i++) {
 475                         integer = swab32(eep->modalHeader.antCtrlChain[i]);
 476                         eep->modalHeader.antCtrlChain[i] = integer;
 477                 }
 478 
 479                 for (i = 0; i < AR5416_EEPROM_MODAL_SPURS; i++) {
 480                         word = swab16(eep->modalHeader.spurChans[i].spurChan);
 481                         eep->modalHeader.spurChans[i].spurChan = word;
 482                 }
 483         }
 484 
 485         if (sum != 0xffff || ar5416_get_eep4k_ver(ahp) != AR5416_EEP_VER ||
 486             ar5416_get_eep4k_rev(ahp) < AR5416_EEP_NO_BACK_VER) {
 487                 ARN_DBG((ARN_DBG_EEPROM,
 488                     "Bad EEPROM checksum 0x%x or revision 0x%04x\n",
 489                     sum, ar5416_get_eep4k_ver(ahp)));
 490                 return (EINVAL);
 491         }
 492 
 493         return (0);
 494 #undef EEPROM_4K_SIZE




 454                 eep->baseEepHeader.version = word;
 455 
 456                 word = swab16(eep->baseEepHeader.regDmn[0]);
 457                 eep->baseEepHeader.regDmn[0] = word;
 458 
 459                 word = swab16(eep->baseEepHeader.regDmn[1]);
 460                 eep->baseEepHeader.regDmn[1] = word;
 461 
 462                 word = swab16(eep->baseEepHeader.rfSilent);
 463                 eep->baseEepHeader.rfSilent = word;
 464 
 465                 word = swab16(eep->baseEepHeader.blueToothOptions);
 466                 eep->baseEepHeader.blueToothOptions = word;
 467 
 468                 word = swab16(eep->baseEepHeader.deviceCap);
 469                 eep->baseEepHeader.deviceCap = word;
 470 
 471                 integer = swab32(eep->modalHeader.antCtrlCommon);
 472                 eep->modalHeader.antCtrlCommon = integer;
 473 
 474                 for (i = 0; i < AR5416_EEP4K_MAX_CHAINS; i++) {
 475                         integer = swab32(eep->modalHeader.antCtrlChain[i]);
 476                         eep->modalHeader.antCtrlChain[i] = integer;
 477                 }
 478 
 479                 for (i = 0; i < AR5416_EEPROM_MODAL_SPURS; i++) {
 480                         word = swab16(eep->modalHeader.spurChans[i].spurChan);
 481                         eep->modalHeader.spurChans[i].spurChan = word;
 482                 }
 483         }
 484 
 485         if (sum != 0xffff || ar5416_get_eep4k_ver(ahp) != AR5416_EEP_VER ||
 486             ar5416_get_eep4k_rev(ahp) < AR5416_EEP_NO_BACK_VER) {
 487                 ARN_DBG((ARN_DBG_EEPROM,
 488                     "Bad EEPROM checksum 0x%x or revision 0x%04x\n",
 489                     sum, ar5416_get_eep4k_ver(ahp)));
 490                 return (EINVAL);
 491         }
 492 
 493         return (0);
 494 #undef EEPROM_4K_SIZE