Anilkumar Kolli <akolli@xxxxxxxxxxxxxx> wrote:
> CE interrupt configuration uses host ce parameters to assign/free
> interrupts. Use host ce parameters to enable/disable interrupts.
> This patch fixes below BUG,
>
> BUG: KASAN: global-out-of-bounds in 0xffffffbffdfb035c at addr
> ffffffbffde6eeac
> Read of size 4 by task kworker/u8:2/132
> Address belongs to variable ath11k_core_qmi_firmware_ready+0x1b0/0x5bc [ath11k]
>
> OOB is due to ath11k_ahb_ce_irqs_enable() iterates ce_count(which is 12)
> times and accessing 12th element in target_ce_config
> (which has only 11 elements) from ath11k_ahb_ce_irq_enable().
>
> With this change host ce configs are used to enable/disable interrupts.
>
> Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.5.0.1-00471-QCAHKSWPL_SILICONZ-1
>
> Fixes: 967c1d1131fa ("ath11k: move target ce configs to hw_params")
> Signed-off-by: Anilkumar Kolli <akolli@xxxxxxxxxxxxxx>
> Signed-off-by: Kalle Valo <kvalo@xxxxxxxxxxxxxx>
Patch applied to ath-next branch of ath.git, thanks.
b689f091aafd ath11k: Use host CE parameters for CE interrupts configuration
--
https://patchwork.kernel.org/project/linux-wireless/patch/1637249558-12793-1-git-send-email-akolli@xxxxxxxxxxxxxx/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
