diff options
| author | Trilok Soni <tsoni@codeaurora.org> | 2016-07-22 16:33:20 -0700 |
|---|---|---|
| committer | Trilok Soni <tsoni@codeaurora.org> | 2016-07-22 16:45:32 -0700 |
| commit | f145f4147857a00bb23251d5d7f0df5791633a92 (patch) | |
| tree | 31e15bc4fcb30e5fc1ae6ed3f46d9ce9affc42b7 /net/bluetooth/mgmt.c | |
| parent | 3f4a2a724ebf6edfbc8c9a1f248c1b9fd0a006f2 (diff) | |
| parent | 2bf7955152a0544342fcaed28930748cc68392ae (diff) | |
Merge remote-tracking branch 'msm-4.4/tmp-2bf7955' into msm-4.4
* msm-4.4/tmp-2bf7955:
Linux 4.4.8
Revert "usb: hub: do not clear BOS field during reset device"
usbvision: fix crash on detecting device with invalid configuration
staging: android: ion: Set the length of the DMA sg entries in buffer
Revert "PCI, x86: Implement pcibios_alloc_irq() and pcibios_free_irq()"
Revert "PCI: Add helpers to manage pci_dev->irq and pci_dev->irq_managed"
Revert "x86/PCI: Don't alloc pcibios-irq when MSI is enabled"
HID: usbhid: fix inconsistent reset/resume/reset-resume behavior
HID: wacom: fix Bamboo ONE oops
ALSA: usb-audio: Skip volume controls triggers hangup on Dell USB Dock
ALSA: usb-audio: Add a quirk for Plantronics BT300
ALSA: usb-audio: Add a sample rate quirk for Phoenix Audio TMX320
ALSA: hda/realtek - Enable the ALC292 dock fixup on the Thinkpad T460s
ALSA: hda - fix front mic problem for a HP desktop
ALSA: hda - Fix headset support and noise on HP EliteBook 755 G2
ALSA: hda - Fixup speaker pass-through control for nid 0x14 on ALC225
mmc: sdhci-pci: Add support and PCI IDs for more Broxton host controllers
perf: Cure event->pending_disable race
perf: Do not double free
arm64: replace read_lock to rcu lock in call_step_hook
Btrfs: fix file/data loss caused by fsync after rename and new inode
iommu: Don't overwrite domain pointer when there is no default_domain
ext4: ignore quota mount options if the quota feature is enabled
ext4: add lockdep annotations for i_data_sem
btrfs: fix crash/invalid memory access on fsync when using overlayfs
nfs: use file_dentry()
fs: add file_dentry()
sd: Fix excessive capacity printing on devices with blocks bigger than 512 bytes
iio: gyro: bmg160: fix endianness when reading axes
iio: gyro: bmg160: fix buffer read values
iio: accel: bmc150: fix endianness when reading axes
iio: st_magn: always define ST_MAGN_TRIGGER_SET_STATE
usb: renesas_usbhs: fix to avoid using a disabled ep in usbhsg_queue_done()
usb: renesas_usbhs: disable TX IRQ before starting TX DMAC transfer
usb: renesas_usbhs: avoid NULL pointer derefernce in usbhsf_pkt_handler()
mac80211: fix txq queue related crashes
mac80211: fix unnecessary frame drops in mesh fwding
mac80211: fix ibss scan parameters
mac80211: avoid excessive stack usage in sta_info
mac80211: properly deal with station hashtable insert errors
virtio: virtio 1.0 cs04 spec compliance for reset
rbd: use GFP_NOIO consistently for request allocations
pcmcia: db1xxx_ss: fix last irq_to_gpio user
v4l: vsp1: Set the SRU CTRL0 register when starting the stream
coda: fix error path in case of missing pdata on non-DT platform
au0828: Fix dev_state handling
au0828: fix au0828_v4l2_close() dev_state race condition
pinctrl: freescale: imx: fix bogus check of of_iomap() return value
pinctrl: nomadik: fix pull debug print inversion
pinctrl: sunxi: Fix A33 external interrupts not working
pinctrl: sh-pfc: only use dummy states for non-DT platforms
pinctrl: pistachio: fix mfio84-89 function description and pinmux.
MIPS: Fix MSA ld unaligned failure cases
KVM: x86: reduce default value of halt_poll_ns parameter
KVM: x86: Inject pending interrupt even if pending nmi exist
cdc-acm: fix NULL pointer reference
USB: uas: Add a new NO_REPORT_LUNS quirk
USB: uas: Limit qdepth at the scsi-host level
mpls: find_outdev: check for err ptr in addition to NULL check
ipv6: Count in extension headers in skb->network_header
ip6_tunnel: set rtnl_link_ops before calling register_netdevice
ipv6: l2tp: fix a potential issue in l2tp_ip6_recv
ipv4: l2tp: fix a potential issue in l2tp_ip_recv
tuntap: restore default qdisc
tun, bpf: fix suspicious RCU usage in tun_{attach, detach}_filter
rtnl: fix msg size calculation in if_nlmsg_size()
bridge: Allow set bridge ageing time when switchdev disabled
ipv6: udp: fix UDP_MIB_IGNOREDMULTI updates
qmi_wwan: add "D-Link DWM-221 B1" device id
xfrm: Fix crash observed during device unregistration and decryption
ppp: take reference on channels netns
ipv4: initialize flowi4_flags before calling fib_lookup()
ipv4: fix broadcast packets reception
bonding: fix bond_get_stats()
net: bcmgenet: fix dma api length mismatch
qlge: Fix receive packets drop.
tcp/dccp: remove obsolete WARN_ON() in icmp handlers
ppp: ensure file->private_data can't be overridden
ath9k: fix buffer overrun for ar9287
farsync: fix off-by-one bug in fst_add_one
mlx4: add missing braces in verify_qp_parameters
net: Fix use after free in the recvmmsg exit path
ipv4: Don't do expensive useless work during inetdev destroy.
bridge: allow zero ageing time
rocker: set FDB cleanup timer according to lowest ageing time
mlxsw: spectrum: Check requested ageing time is valid
macvtap: always pass ethernet header in linear
qlcnic: Fix mailbox completion handling during spurious interrupt
qlcnic: Remove unnecessary usage of atomic_t
sh_eth: advance 'rxdesc' later in sh_eth_ring_format()
sh_eth: fix NULL pointer dereference in sh_eth_ring_format()
bpf: avoid copying junk bytes in bpf_get_current_comm()
packet: validate variable length ll headers
ax25: add link layer header validation function
net: validate variable length ll headers
ppp: release rtnl mutex when interface creation fails
tcp: fix tcpi_segs_in after connection establishment
udp6: fix UDP/IPv6 encap resubmit path
usbnet: cleanup after bind() in probe()
cdc_ncm: toggle altsetting to force reset before setup
vxlan: fix missing options_len update on RX with collect metadata
ipv6: re-enable fragment header matching in ipv6_find_hdr
qmi_wwan: add Sierra Wireless EM74xx device ID
tipc: Revert "tipc: use existing sk_write_queue for outgoing packet chain"
mld, igmp: Fix reserved tailroom calculation
sctp: lack the check for ports in sctp_v6_cmp_addr
net: fix bridge multicast packet checksum validation
net: qca_spi: clear IFF_TX_SKB_SHARING
net: qca_spi: Don't clear IFF_BROADCAST
net: vrf: Remove direct access to skb->data
net: jme: fix suspend/resume on JMC260
ipv4: only create late gso-skb if skb is already set up with CHECKSUM_PARTIAL
tunnel: Clear IPCB(skb)->opt before dst_link_failure called
tcp: convert cached rtt from usec to jiffies when feeding initial rto
xen/events: Mask a moving irq
drm/amdgpu/gmc: use proper register for vram type on Fiji
drm/amdgpu/gmc: move vram type fetching into sw_init
drm/radeon: add a dpm quirk for all R7 370 parts
drm/radeon: add another R7 370 quirk
drm/radeon: add a dpm quirk for sapphire Dual-X R7 370 2G D5
drm/udl: Use unlocked gem unreferencing
drm/dp: move hw_mutex up the call stack
arm64: opcodes.h: Add arm big-endian config options before including arm header
compiler-gcc: disable -ftracer for __noclone functions
libnvdimm, pfn: fix uuid validation
libnvdimm: fix smart data retrieval
powerpc/mm: Fixup preempt underflow with huge pages
mm: fix invalid node in alloc_migrate_target()
ALSA: hda - Apply fix for white noise on Asus N550JV, too
ALSA: hda - Fix white noise on Asus N750JV headphone
ALSA: hda - Asus N750JV external subwoofer fixup
ALSA: timer: Use mod_timer() for rearming the system timer
parisc: Unbreak handling exceptions from kernel modules
parisc: Fix kernel crash with reversed copy_from_user()
parisc: Avoid function pointers for kernel exception routines
PKCS#7: pkcs7_validate_trust(): initialize the _trusted output argument
hwmon: (max1111) Return -ENODEV from max1111_read_channel if not instantiated
Linux 4.4.7
perf/x86/intel: Fix PEBS data source interpretation on Nehalem/Westmere
perf/x86/intel: Use PAGE_SIZE for PEBS buffer size on Core2
perf/x86/intel: Fix PEBS warning by only restoring active PMU in pmi
perf/x86/pebs: Add workaround for broken OVFL status on HSW+
sched/cputime: Fix steal time accounting vs. CPU hotplug
scsi_common: do not clobber fixed sense information
PM / sleep: Clear pm_suspend_global_flags upon hibernate
intel_idle: prevent SKL-H boot failure when C8+C9+C10 enabled
mtd: onenand: fix deadlock in onenand_block_markbad
mm/page_alloc: prevent merging between isolated and other pageblocks
ocfs2/dlm: fix BUG in dlm_move_lockres_to_recovery_list
ocfs2/dlm: fix race between convert and recovery
Input: ati_remote2 - fix crashes on detecting device with invalid descriptor
Input: ims-pcu - sanity check against missing interfaces
Input: synaptics - handle spurious release of trackstick buttons, again
writeback, cgroup: fix use of the wrong bdi_writeback which mismatches the inode
writeback, cgroup: fix premature wb_put() in locked_inode_to_wb_and_lock_list()
ACPI / PM: Runtime resume devices when waking from hibernate
ARM: dts: at91: sama5d4 Xplained: don't disable hsmci regulator
ARM: dts: at91: sama5d3 Xplained: don't disable hsmci regulator
nfsd: fix deadlock secinfo+readdir compound
nfsd4: fix bad bounds checking
iser-target: Rework connection termination
iser-target: Separate flows for np listeners and connections cma events
iser-target: Add new state ISER_CONN_BOUND to isert_conn
iser-target: Fix identification of login rx descriptor type
target: Fix target_release_cmd_kref shutdown comp leak
clk: bcm2835: Fix setting of PLL divider clock rates
clk: rockchip: add hclk_cpubus to the list of rk3188 critical clocks
clk: rockchip: rk3368: fix hdmi_cec gate-register
clk: rockchip: rk3368: fix parents of video encoder/decoder
clk: rockchip: rk3368: fix cpuclk core dividers
clk: rockchip: rk3368: fix cpuclk mux bit of big cpu-cluster
mmc: sdhci: Fix override of timeout clk wrt max_busy_timeout
mmc: sdhci: fix data timeout (part 2)
mmc: sdhci: fix data timeout (part 1)
mmc: mmc_spi: Add Card Detect comments and fix CD GPIO case
mmc: block: fix ABI regression of mmc_blk_ioctl
ideapad-laptop: Add ideapad Y700 (15) to the no_hw_rfkill DMI list
MAINTAINERS: Update mailing list and web page for hwmon subsystem
kbuild/mkspec: fix grub2 installkernel issue
scripts/kconfig: allow building with make 3.80 again
scripts/coccinelle: modernize &
bitops: Do not default to __clear_bit() for __clear_bit_unlock()
tracing: Fix trace_printk() to print when not using bprintk()
tracing: Fix crash from reading trace_pipe with sendfile
tracing: Have preempt(irqs)off trace preempt disabled functions
IB/ipoib: fix for rare multicast join race condition
drm/amdgpu: include the right version of gmc header files for iceland
drm/amdgpu: disable runtime pm on PX laptops without dGPU power control
drm/radeon: Don't drop DP 2.7 Ghz link setup on some cards.
drm/radeon: disable runtime pm on PX laptops without dGPU power control
iwlwifi: mvm: Fix paging memory leak
ipr: Fix regression when loading firmware
ipr: Fix out-of-bounds null overwrite
rapidio/rionet: fix deadlock on SMP
fs/coredump: prevent fsuid=0 dumps into user-controlled directories
fuse: Add reference counting for fuse_io_priv
fuse: do not use iocb after it may have been freed
md: multipath: don't hardcopy bio in .make_request path
md/raid5: preserve STRIPE_PREREAD_ACTIVE in break_stripe_batch_list
raid10: include bio_end_io_list in nr_queued to prevent freeze_array hang
RAID5: revert e9e4c377e2f563 to fix a livelock
RAID5: check_reshape() shouldn't call mddev_suspend
md/raid5: Compare apples to apples (or sectors to sectors)
raid1: include bio_end_io_list in nr_queued to prevent freeze_array hang
xfs: fix two memory leaks in xfs_attr_list.c error paths
quota: Fix possible GPF due to uninitialised pointers
ARC: bitops: Remove non relevant comments
ARC: [BE] readl()/writel() to work in Big Endian CPU configuration
xtensa: clear all DBREAKC registers on start
xtensa: fix preemption in {clear,copy}_user_highpage
xtensa: ISS: don't hang if stdin EOF is reached
splice: handle zero nr_pages in splice_to_pipe()
vfs: show_vfsstat: do not ignore errors from show_devname method
of: alloc anywhere from memblock if range not specified
net: mvneta: enable change MAC address when interface is up
cgroup: ignore css_sets associated with dead cgroups during migration
Bluetooth: Fix potential buffer overflow with Add Advertising
Bluetooth: Add new AR3012 ID 0489:e095
watchdog: rc32434_wdt: fix ioctl error handling
watchdog: don't run proc_watchdog_update if new value is same as old
ia64: define ioremap_uc()
mm: memcontrol: reclaim and OOM kill when shrinking memory.max below usage
mm: memcontrol: reclaim when shrinking memory.high below usage
bcache: fix cache_set_flush() NULL pointer dereference on OOM
bcache: fix race of writeback thread starting before complete initialization
bcache: cleaned up error handling around register_cache()
IB/srpt: Simplify srpt_handle_tsk_mgmt()
brd: Fix discard request processing
jbd2: fix FS corruption possibility in jbd2_journal_destroy() on umount path
tools/hv: Use include/uapi with __EXPORTED_HEADERS__
ALSA: hda - Fix unconditional GPIO toggle via automute
ALSA: hda - fix the mic mute button and led problem for a Lenovo AIO
ALSA: hda - Don't handle ELD notify from invalid port
ALSA: intel8x0: Add clock quirk entry for AD1981B on IBM ThinkPad X41.
ALSA: pcm: Avoid "BUG:" string for warnings again
ALSA: hda - Apply reboot D3 fix for CX20724 codec, too
mtip32xx: Cleanup queued requests after surprise removal
mtip32xx: Implement timeout handler
mtip32xx: Handle FTL rebuild failure state during device initialization
mtip32xx: Handle safe removal during IO
mtip32xx: Fix for rmmod crash when drive is in FTL rebuild
mtip32xx: Print exact time when an internal command is interrupted
mtip32xx: Remove unwanted code from taskfile error handler
mtip32xx: Fix broken service thread handling
mtip32xx: Avoid issuing standby immediate cmd during FTL rebuild
media: v4l2-compat-ioctl32: fix missing length copy in put_v4l2_buffer32
coda: fix first encoded frame payload
bttv: Width must be a multiple of 16 when capturing planar formats
adv7511: TX_EDID_PRESENT is still 1 after a disconnect
saa7134: Fix bytesperline not being set correctly for planar formats
8250: use callbacks to access UART_DLL/UART_DLM
net: irda: Fix use-after-free in irtty_open()
tty: Fix GPF in flush_to_ldisc(), part 2
staging: comedi: ni_mio_common: fix the ni_write[blw]() functions
staging: android: ion_test: fix check of platform_device_register_simple() error code
staging: comedi: ni_tiocmd: change mistaken use of start_src for start_arg
HID: fix hid_ignore_special_drivers module parameter
HID: multitouch: force retrieving of Win8 signature blob
HID: i2c-hid: fix OOB write in i2c_hid_set_or_send_report()
HID: logitech: fix Dual Action gamepad support
tpm: fix the cleanup of struct tpm_chip
tpm_eventlog.c: fix binary_bios_measurements
tpm_crb: tpm2_shutdown() must be called before tpm_chip_unregister()
tpm: fix the rollback in tpm_chip_register()
mei: bus: check if the device is enabled before data transfer
X.509: Fix leap year handling again
crypto: marvell/cesa - forward devm_ioremap_resource() error code
crypto: ux500 - fix checks of error code returned by devm_ioremap_resource()
crypto: atmel - fix checks of error code returned by devm_ioremap_resource()
crypto: keywrap - memzero the correct memory
crypto: ccp - memset request context to zero during import
crypto: ccp - Don't assume export/import areas are aligned
crypto: ccp - Limit the amount of information exported
crypto: ccp - Add hash state import and export support
Bluetooth: btusb: Add a new AR3012 ID 13d3:3472
Bluetooth: btusb: Add a new AR3012 ID 04ca:3014
Bluetooth: btusb: Add new AR3012 ID 13d3:3395
ALSA: usb-audio: Fix double-free in error paths after snd_usb_add_audio_stream() call
ALSA: usb-audio: Minor code cleanup in create_fixed_stream_quirk()
ALSA: usb-audio: add Microsoft HD-5001 to quirks
ALSA: usb-audio: Add sanity checks for endpoint accesses
ALSA: usb-audio: Fix NULL dereference in create_fixed_stream_quirk()
Input: powermate - fix oops with malicious USB descriptors
pwc: Add USB id for Philips Spc880nc webcam
USB: option: add "D-Link DWM-221 B1" device id
USB: serial: ftdi_sio: Add support for ICP DAS I-756xU devices
USB: serial: cp210x: Adding GE Healthcare Device ID
USB: cypress_m8: add endpoint sanity check
USB: digi_acceleport: do sanity checking for the number of ports
USB: mct_u232: add sanity checking in probe
USB: usb_driver_claim_interface: add sanity checking
USB: iowarrior: fix oops with malicious USB descriptors
USB: cdc-acm: more sanity checking
USB: uas: Reduce can_queue to MAX_CMNDS
usb: hub: fix a typo in hub_port_init() leading to wrong logic
usb: retry reset if a device times out
dm: fix rq_end_stats() NULL pointer in dm_requeue_original_request()
dm cache: make sure every metadata function checks fail_io
dm thin metadata: don't issue prefetches if a transaction abort has failed
dm: fix excessive dm-mq context switching
dm snapshot: disallow the COW and origin devices from being identical
libnvdimm: Fix security issue with DSM IOCTL.
aic7xxx: Fix queue depth handling
be2iscsi: set the boot_kset pointer to NULL in case of failure
scsi: storvsc: fix SRB_STATUS_ABORTED handling
sd: Fix discard granularity when LBPRZ=1
aacraid: Set correct msix count for EEH recovery
aacraid: Fix memory leak in aac_fib_map_free
aacraid: Fix RRQ overload
sg: fix dxferp in from_to case
x86/mm: TLB_REMOTE_SEND_IPI should count pages
x86/iopl: Fix iopl capability check on Xen PV
x86/iopl/64: Properly context-switch IOPL on Xen PV
x86/apic: Fix suspicious RCU usage in smp_trace_call_function_interrupt()
x86/irq: Cure live lock in fixup_irqs()
PCI: ACPI: IA64: fix IO port generic range check
PCI: Disable IO/MEM decoding for devices with non-compliant BARs
pinctrl-bcm2835: Fix cut-and-paste error in "pull" parsing
s390/pci: enforce fmb page boundary rule
s390/cpumf: add missing lpp magic initialization
s390: fix floating pointer register corruption (again)
EDAC, amd64_edac: Shift wrapping issue in f1x_get_norm_dct_addr()
EDAC/sb_edac: Fix computation of channel address
sched/preempt, sh: kmap_coherent relies on disabled preemption
sched/cputime: Fix steal_account_process_tick() to always return jiffies
Thermal: Ignore invalid trip points
perf tools: Fix python extension build
perf tools: Fix checking asprintf return value
perf tools: Dont stop PMU parsing on alias parse error
perf/core: Fix perf_sched_count derailment
KVM: VMX: fix nested vpid for old KVM guests
KVM: VMX: avoid guest hang on invalid invvpid instruction
KVM: VMX: avoid guest hang on invalid invept instruction
KVM: fix spin_lock_init order on x86
KVM: i8254: change PIT discard tick policy
KVM: x86: fix missed hardware breakpoints
x86/PCI: Mark Broadwell-EP Home Agent & PCU as having non-compliant BARs
perf/x86/intel: Add definition for PT PMI bit
x86/entry/compat: Keep TS_COMPAT set during signal delivery
x86/microcode: Untangle from BLK_DEV_INITRD
x86/microcode/intel: Make early loader look for builtin microcode too
mmc: sh_mmcif: Correct TX DMA channel allocation
mmc: sh_mmcif: rework dma channel handling
ASoC: samsung: pass DMA channels as pointers
regulator: core: Fix nested locking of supplies
regulator: core: avoid unused variable warning
s390/cpumf: Fix lpp detection
cpufreq: dt: No need to allocate resources anymore
cpufreq: dt: No need to fetch voltage-tolerance
cpufreq: dt: Use dev_pm_opp_set_rate() to switch frequency
cpufreq: dt: Reuse dev_pm_opp_get_max_transition_latency()
cpufreq: dt: Unsupported OPPs are already disabled
cpufreq: dt: Pass regulator name to the OPP core
cpufreq: dt: OPP layers handles clock-latency for V1 bindings as well
cpufreq: dt: Rename 'need_update' to 'opp_v1'
cpufreq: dt: Convert few pr_debug/err() calls to dev_dbg/err()
cpufreq-dt: fix handling regulator_get_voltage() result
cpufreq-dt: Supply power coefficient when registering cooling devices
PM / OPP: Rename structures for clarity
PM / OPP: Fix incorrect comments
PM / OPP: Initialize regulator pointer to an error value
PM / OPP: Initialize u_volt_min/max to a valid value
PM / OPP: Fix NULL pointer dereference crash when disabling OPPs
PM / OPP: Add dev_pm_opp_set_rate()
PM / OPP: Manage device clk
PM / OPP: Parse clock-latency and voltage-tolerance for v1 bindings
PM / OPP: Introduce dev_pm_opp_get_max_transition_latency()
PM / OPP: Introduce dev_pm_opp_get_max_volt_latency()
PM / OPP: Disable OPPs that aren't supported by the regulator
PM / OPP: get/put regulators from OPP core
cpufreq: cpufreq-dt: avoid uninitialized variable warnings:
PM / OPP: Use snprintf() instead of sprintf()
PM / OPP: Set cpu_dev->id in cpumask first
PM / OPP: Fix parsing of opp-microvolt and opp-microamp properties
PM / OPP: Parse 'opp-<prop>-<name>' bindings
PM / OPP: Parse 'opp-supported-hw' binding
PM / OPP: Add missing doc comments
PM / OPP: Rename OPP nodes as opp@<opp-hz>
PM / OPP: Remove 'operating-points-names' binding
PM / OPP: Add {opp-microvolt|opp-microamp}-<name> binding
PM / OPP: Add "opp-supported-hw" binding
PM / OPP: Add debugfs support
arm64: vdso: Mark vDSO code as read-only
Conflicts:
drivers/staging/android/ion/ion.c
mm/page_alloc.c
CRs-Fixed: 1010239
Change-Id: Id59539cad642885e1e41340cebae4159ba1f7eaf
Signed-off-by: Trilok Soni <tsoni@codeaurora.org>
Diffstat (limited to 'net/bluetooth/mgmt.c')
| -rw-r--r-- | net/bluetooth/mgmt.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c index f00e788e0184..db399c1662ab 100644 --- a/net/bluetooth/mgmt.c +++ b/net/bluetooth/mgmt.c @@ -7155,6 +7155,10 @@ static int add_advertising(struct sock *sk, struct hci_dev *hdev, return mgmt_cmd_status(sk, hdev->id, MGMT_OP_ADD_ADVERTISING, status); + if (data_len != sizeof(*cp) + cp->adv_data_len + cp->scan_rsp_len) + return mgmt_cmd_status(sk, hdev->id, MGMT_OP_ADD_ADVERTISING, + MGMT_STATUS_INVALID_PARAMS); + flags = __le32_to_cpu(cp->flags); timeout = __le16_to_cpu(cp->timeout); duration = __le16_to_cpu(cp->duration); |