On Tue, 2021-08-17 at 23:05 -0700, Kees Cook wrote: > > @@ -275,12 +275,11 @@ static void carl9170_tx_release(struct kref *ref) > if (WARN_ON_ONCE(!ar)) > return; > > > > > - BUILD_BUG_ON( > - offsetof(struct ieee80211_tx_info, status.ack_signal) != 20); > - > - memset(&txinfo->status.ack_signal, 0, > - sizeof(struct ieee80211_tx_info) - > - offsetof(struct ieee80211_tx_info, status.ack_signal)); > + /* > + * Should this call ieee80211_tx_info_clear_status() instead of clearing > + * manually? txinfo->status.rates do not seem to be used here. > + */ Since you insist, I went digging :) It should not, carl9170_tx_fill_rateinfo() has filled the rate information before we get to this point. johannes
