Yu Wang <yyuwang@xxxxxxxxxxxxxx> wrote: > When processing HTT_T2H_MSG_TYPE_RX_IN_ORD_PADDR_IND, if the length of a msdu > is larger than the tailroom of the rx skb, skb_over_panic issue will happen > when calling skb_put. In monitor mode, amsdu will be handled in this path, and > msdu_len of the first msdu_desc is the length of the entire amsdu, which might > be larger than the maximum length of a skb, in such case, it will hit the issue > upon. > > To fix this issue, process msdu list separately for monitor mode. > > Successfully tested with: > QCA6174 (FW version: RM.4.4.1.c2-00057-QCARMSWP-1). > > Signed-off-by: Yu Wang <yyuwang@xxxxxxxxxxxxxx> > [kvalo@xxxxxxxxxxxxxx: cosmetic cleanup] > Signed-off-by: Kalle Valo <kvalo@xxxxxxxxxxxxxx> I did some cosmetic changes (commit log, line wraps, declaring variables beginning of the function), please check: https://git.kernel.org/pub/scm/linux/kernel/git/kvalo/ath.git/commit/?h=pending&id=8f5579342f10719341ae11307ce56c6235cfd484 -- https://patchwork.kernel.org/patch/10658777/ https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
