From: Christian Lamparter <chunkeey@gmail.com>
To: Kalle Valo <kvalo@qca.qualcomm.com>
Cc: Sebastian Gottschall <s.gottschall@dd-wrt.com>,
"linux-wireless@vger.kernel.org" <linux-wireless@vger.kernel.org>
Subject: Re: [PATCH] ath10k: fix recent bandwidth conversion bug
Date: Mon, 20 Nov 2017 18:05:00 +0100 [thread overview]
Message-ID: <1882220.dvZB77Gu54@debian64> (raw)
In-Reply-To: <87tvxpf9i8.fsf@kamboji.qca.qualcomm.com>
On Monday, November 20, 2017 11:57:21 AM CET Kalle Valo wrote:
> Christian Lamparter <chunkeey@gmail.com> writes:
>
> > On Wednesday, November 1, 2017 9:37:53 PM CET Sebastian Gottschall wrote:
> >> a additional array bounds check would be good
> >
> > Ah, about that:
> >
> > the bw variable in ath10k_htt_rx_h_rates() is extracted from info2
> > in the following way [0]:
> > | bw = info2 & 3;
> >
> > the txrate.bw variable in ath10k_update_per_peer_tx_stats() is set by [1]:
> > | txrate.bw = ATH10K_HW_BW(peer_stats->flags);
> >
> > ATH10K_HW_BW is a macro defined as [2]:
> > | #define ATH10K_HW_BW(flags) (((flags) >> 3) & 0x3)
> >
> > In both cases the bandwidth values already are limited to 0-3 by
> > the "and 3" operation.
>
> Until someone changes that part of the code (and the firmware
> interface). IMHO a switch is safer as there we don't have any risk of
> out of bands access.
The kbuild-bot/CI can catch this too.
For example, it will look like this:
drivers/net/wireless/ath/ath10k//htt_rx.c:710:52: warning: invalid access past the end of 'ath10k_bw_to_mac80211' (4 4)
BTW:
Have you noticed:
<https://github.com/lede-project/source/blob/master/package/kernel/mac80211/patches/319-ath10k-fix-recent-bandwidth-conversion-bug.patch>
Is this really your signed-off-by or not?
In any case, you - as the maintainer - can modify the patch as
you see fit. So, please do so.
next prev parent reply other threads:[~2017-11-20 17:05 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-01 20:01 [PATCH] ath10k: fix recent bandwidth conversion bug Christian Lamparter
2017-11-01 20:36 ` Sebastian Gottschall
2017-11-01 20:37 ` Sebastian Gottschall
2017-11-02 19:34 ` Christian Lamparter
2017-11-02 21:08 ` Sebastian Gottschall
2017-11-13 8:53 ` Johannes Berg
2017-11-20 11:57 ` Kalle Valo
2017-11-20 17:05 ` Christian Lamparter [this message]
2017-12-14 13:21 ` Kalle Valo
2018-03-01 11:52 ` Rafał Miłecki
2018-03-11 7:12 ` Kalle Valo
2018-03-11 21:01 ` Rafał Miłecki
-- strict thread matches above, loose matches on Subject: below --
2018-03-10 12:20 Anilkumar Kolli
2018-03-10 12:20 ` Anilkumar Kolli
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1882220.dvZB77Gu54@debian64 \
--to=chunkeey@gmail.com \
--cc=kvalo@qca.qualcomm.com \
--cc=linux-wireless@vger.kernel.org \
--cc=s.gottschall@dd-wrt.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.