Merge branch 'octeon_ep_vf-fix-napi_build_skb-null-dereference'

	return new_pkts;

}

static inline u32 octep_vf_oq_next_idx(struct octep_vf_oq *oq, u32 idx)

{

	return (idx + 1 == oq->max_count) ? 0 : idx + 1;

}

/**

 * __octep_vf_oq_process_rx() - Process hardware Rx queue and push to stack.

 *

			data_offset = OCTEP_VF_OQ_RESP_HW_SIZE;

			rx_ol_flags = 0;

		}

		rx_bytes += buff_info->len;

		if (buff_info->len <= oq->max_single_buffer_size) {

			skb = napi_build_skb((void *)resp_hw, PAGE_SIZE);

			if (!skb) {

				oq->stats->alloc_failures++;

				desc_used++;

				read_idx = octep_vf_oq_next_idx(oq, read_idx);

				continue;

			}

			rx_bytes += buff_info->len;

			skb_reserve(skb, data_offset);

			skb_put(skb, buff_info->len);

			read_idx++;

			desc_used++;

			if (read_idx == oq->max_count)

				read_idx = 0;

			read_idx = octep_vf_oq_next_idx(oq, read_idx);

		} else {

			struct skb_shared_info *shinfo;

			u16 data_len;

			skb = napi_build_skb((void *)resp_hw, PAGE_SIZE);

			if (!skb) {

				oq->stats->alloc_failures++;

				desc_used++;

				read_idx = octep_vf_oq_next_idx(oq, read_idx);

				data_len = buff_info->len - oq->max_single_buffer_size;

				while (data_len) {

					dma_unmap_page(oq->dev, oq->desc_ring[read_idx].buffer_ptr,

						       PAGE_SIZE, DMA_FROM_DEVICE);

					buff_info = (struct octep_vf_rx_buffer *)

						    &oq->buff_info[read_idx];

					buff_info->page = NULL;

					if (data_len < oq->buffer_size)

						data_len = 0;

					else

						data_len -= oq->buffer_size;

					desc_used++;

					read_idx = octep_vf_oq_next_idx(oq, read_idx);

				}

				continue;

			}

			rx_bytes += buff_info->len;

			skb_reserve(skb, data_offset);

			/* Head fragment includes response header(s);

			 * subsequent fragments contains only data.

			 */

			skb_put(skb, oq->max_single_buffer_size);

			read_idx++;

			desc_used++;

			if (read_idx == oq->max_count)

				read_idx = 0;

			read_idx = octep_vf_oq_next_idx(oq, read_idx);

			shinfo = skb_shinfo(skb);

			data_len = buff_info->len - oq->max_single_buffer_size;

						buff_info->len,

						buff_info->len);

				buff_info->page = NULL;

				read_idx++;

				desc_used++;

				if (read_idx == oq->max_count)

					read_idx = 0;

				read_idx = octep_vf_oq_next_idx(oq, read_idx);

			}

		}