Hi Kalle, On Mon, 25 Oct 2021 at 15:22, Kalle Valo <kvalo@xxxxxxxxxxxxxx> wrote: > > Loic Poulain <loic.poulain@xxxxxxxxxx> wrote: > > > WCNSS RX DMA transfer support is limited to 3872 bytes, which is > > enough for simple MPDUs (single MSDU), but not enough for cases > > with A-MSDU (depending on max AMSDU size or max MPDU size). > > > > In that case the MPDU is spread over multiple transfers, with the > > first transfer containing the MPDU header and (at least) the first > > A-MSDU subframe and additional transfer(s) containing the following > > A-MSDUs. This can be handled with a series of flags to tagging the > > first and last A-MSDU transfers. > > > > In that case we have to bufferize and re-linearize the A-MSDU buffers > > into a proper MPDU skb before forwarding to mac80211 (in the same way > > as it is done in ath10k). > > > > This change also includes sanity check of the buffer descriptor to > > prevent skb overflow. > > > > Signed-off-by: Loic Poulain <loic.poulain@xxxxxxxxxx> > > Signed-off-by: Kalle Valo <kvalo@xxxxxxxxxxxxxx> > > Loic, what should I do with this patch? Bryan is hesitant but I > would be fine to take this. You have to decide :) So the point is that we had some skb overflows reported in the field, likely due to wcn36xx_rx buffer descriptor parsing, and possibly due to the A-MSDU split. No such issues have been reported since we applied that change. But I've not validated myself that the A-MSDU re-aggregation procedure is functional (though it's mostly copied from ath10k), since it can happen only in very specific cases, i.e when the MPDU (including the A-MSDU) size is larger than the 3872-byte DMA buffer and smaller than 3895 bytes (which is our max VHT MPDU length). But it's better than the previous situation IMHO, since we check the buffer descriptor to prevent skb breakage. Regards, Loic
