Thadeu Lima de Souza Cascardo <cascardo@xxxxxxxxxx> writes: > On Fri, Nov 08, 2024 at 01:41:45AM +0000, Ping-Ke Shih wrote: >> Thadeu Lima de Souza Cascardo <cascardo@xxxxxxxxxx> wrote: >> > These are fixes that affect mostly the usb probe error path. It fixes UAF >> > due to firmware loading touching freed memory by waiting for the load >> > completion before releasing that memory. It also fixes a couple of >> > identified memory leaks. >> >> This goes via wireless tree, not net. Just send to linux-wireless (you have done). >> No need "net" in patch subject. >> >> I would quickly check if you did really encounter problems and >> have tested this patchset with real hardware? >> >> > > Yeah, I was playing it safe here, in case some of the same rules apply, and > "PATCH net" was required. > > If found this with a reproducer emulating a usb gadget device (by using > /dev/raw-gadget), and then injecting memory allocation failures at > different points in the probe path (at ieee80211_register_hw and then at > init_sw_vars). > > I haven't tested this with real hardware, but given this lies in the probe > error path, I suppose it would be harder to test for the bugs that they > fix. On the other hand, it would be nice to at least confirm that it > doesn't break them, though I find it hard that it would. Yeah, regressions are what we maintainers are most worried. We certainly do not want cleanup patches breaking existing setups. -- https://patchwork.kernel.org/project/linux-wireless/list/ https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
