Re: [ 08/12] mac80211: zero initialize count field in ieee80211_tx_rate

From: Mohammed Shafi Shajakhan
Date: Mon Mar 12 2012 - 02:52:59 EST

Next message: Viresh Kumar: "Re: [PATCH] input/spear-keyboard: Remove kbd_set_plat_data()"
Previous message: santosh prasad nayak: "Re: [PATCH 3/3 v2] netxen: qlogic ethernet : Fix endian bug."
In reply to: Willy Tarreau: "Re: [ 08/12] mac80211: zero initialize count field in ieee80211_tx_rate"
Next in thread: Ben Hutchings: "Re: [ 08/12] mac80211: zero initialize count field inieee80211_tx_rate"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Willy,

On Mon, Mar 12, 2012 at 10:06:23AM +0530, Mohammed Shafi Shajakhan wrote:
So I'm pretty sure this patch is wrong for 2.6.32; it could be
backported but I don't think the change is necessary anyway.

true, but i think its better to initialize the count = 0 rather than
count = 1, though the older version driver checks for rate[i].idx>= 0
in ath_rc_tx_status. while the ath_tx_status has no such iteration in
the older driver code.

In practice, if the patch brings nothing and not even correctness, I'd
rather drop it than make us believe that some issue is fixed. However
if you think it does happen to fix a real issue in 2.6.32 (possibly
combined with some other missing patch), please tell me so and I will
happily undelete it.

we can drop it. also as there was no driver code checking for rate[i].count in the 2.6.32 driver. i am also not sure this fixes something in 2.6.32 but the patch itself is correct.

Pavel fixed a rate control crash in ath9k because of invalid rate index (-1) access. we were wondering how is it possible the driver can be using a invalid rate index ?
we can simply rule out a rate is invalid checking for (rate[i].idx < 0 && rate[i].count != 0)

Pavel found that the driver previously checks "only" for rate[i].count as non-zero and this itself seems sufficient as we assumed the invalid rate indexes are initialized with -1, 0 for rate[i].idx and rate[i].count respectively. later found that mac80211 rate[i].count initializes with '1' for the 'rate[i].count' field.

thus we generically fixed in mac80211(also as per doc) to avoid any such issues in any rate control, though we can blame the driver for not checking for invalid rate.idx while blindly believing on rate[i].count.

thank you!

--
thanks,
shafi
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Viresh Kumar: "Re: [PATCH] input/spear-keyboard: Remove kbd_set_plat_data()"
Previous message: santosh prasad nayak: "Re: [PATCH 3/3 v2] netxen: qlogic ethernet : Fix endian bug."
In reply to: Willy Tarreau: "Re: [ 08/12] mac80211: zero initialize count field in ieee80211_tx_rate"
Next in thread: Ben Hutchings: "Re: [ 08/12] mac80211: zero initialize count field inieee80211_tx_rate"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]