On 2023-01-17 12:13:06 +0100, Simon Horman wrote:
>> buf_size = sizeof(*rfi);
>> max_idx = reorder_data[BRCMF_RXREORDER_MAXIDX_OFFSET];
>> - buf_size += (max_idx + 1) * sizeof(pkt);
>> + buf_size += (max_idx + 1) * sizeof(struct sk_buff);
> This is followed by:
> rfi = kzalloc(buf_size, GFP_ATOMIC);
> ...
> rfi->pktslots = (struct sk_buff **)(rfi + 1);
> The type of rfi is struct brcmf_ampdu_rx_reorder, which
> looks like this:
> struct brcmf_ampdu_rx_reorder
> { struct sk_buff **pktslots; ... };
> And it looks to me that pkt is used as an array of
> (struct sk_buff *).
> So in all, it seems to me that the current code is correct.
So, the buf_size is a sum of sizeof(struct brcmf_ampdu_rx_reorder)
and size of array of pointers... and yes, this array is filled with
pointers: rfi->pktslots[rfi->cur_idx] = pkt;
Hmmm... looks correct. Sorry for bothering.
--
Alexey V. Vissarionov
gremlin ПРИ altlinux ТЧК org; +vii-cmiii-ccxxix-lxxix-xlii
GPG: 0D92F19E1C0DC36E27F61A29CD17E2B43D879005 @ hkp://keys.gnupg.net
