Search Linux Wireless

Re: [PATCH wireless-drivers] mt76: dma: do not report truncated frames to mac80211

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Lorenzo Bianconi <lorenzo.bianconi@xxxxxxxxxx> writes:

>>
>> Lorenzo Bianconi <lorenzo@xxxxxxxxxx> writes:
>>
>> >> Lorenzo Bianconi <lorenzo@xxxxxxxxxx> writes:
>> >>
>> >> >> Lorenzo Bianconi <lorenzo@xxxxxxxxxx> writes:
>> >> >>
>> >> >> > If the fragment is discarded in mt76_add_fragment() since shared_info
>> >> >> > frag array is full, discard truncated frames and do not forward them to
>> >> >> > mac80211.
>> >> >> >
>> >> >> > Signed-off-by: Lorenzo Bianconi <lorenzo@xxxxxxxxxx>
>> >> >>
>> >> >> Should there be a Fixes line? I can add it.
>> >> >
>> >> > I am not sure it needs a Fixes tag.
>> >>
>> >> I think the commit log should have some kind of description about the
>> >> background of the issue, for example if this is a recent regression or
>> >> has been there forever etc.
>> >
>> > Agree. Can you please check the commit log below?
>> >
>> > "
>> > Commit 'b102f0c522cf6 ("mt76: fix array overflow on receiving too many
>> > fragments for a packet")' fixes a possible OOB access but it introduces a
>> > memory leak since the pending frame is not released to page_frag_cache if
>> > the frag array of skb_shared_info is full.
>> > Commit '93a1d4791c10 ("mt76: dma: fix a possible memory leak in
>> > mt76_add_fragment()")' fixes the issue but does not free the truncated skb that
>> > is forwarded to mac80211 layer. Fix the leftover issue discarding even truncated
>> > skbs.
>> > "
>>
>> Looks good, but I think the recommended style for commit ids is not to
>> use ' chararacter. So I would change it to this:
>>
>> ----------------------------------------------------------------------
>> Commit b102f0c522cf6 ("mt76: fix array overflow on receiving too many
>> fragments for a packet") fixes a possible OOB access but it introduces a
>> memory leak since the pending frame is not released to page_frag_cache
>> if the frag array of skb_shared_info is full. Commit 93a1d4791c10
>> ("mt76: dma: fix a possible memory leak in mt76_add_fragment()") fixes
>> the issue but does not free the truncated skb that is forwarded to
>> mac80211 layer. Fix the leftover issue discarding even truncated skbs.
>> ----------------------------------------------------------------------
>>
>> Should I add that to the commit log and queue the patch to be applied
>> after the merge window opens?
>
> any news about this patch?

It was not assigned to me on patchwork so it was not on my radar. I now
assigned it to me.

-- 
https://patchwork.kernel.org/project/linux-wireless/list/

https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Wireless Personal Area Network]     [Linux Bluetooth]     [Wireless Regulations]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]

  Powered by Linux