[13/21] wifi: iwlwifi: mvm: avoid UB shift of snif_queue

Message ID	20230305124407.b8da0b7eb194.I53744fd7cfb6e146a9393272a2a61852841238d9@changeid
State	New
Headers	show Return-Path: <linux-wireless-owner@vger.kernel.org> From: gregory.greenman@intel.com To: johannes@sipsolutions.net Cc: linux-wireless@vger.kernel.org, Johannes Berg <johannes.berg@intel.com>, Gregory Greenman <gregory.greenman@intel.com> Subject: [PATCH 13/21] wifi: iwlwifi: mvm: avoid UB shift of snif_queue Date: Sun, 5 Mar 2023 14:16:27 +0200 Message-Id: <20230305124407.b8da0b7eb194.I53744fd7cfb6e146a9393272a2a61852841238d9@changeid> In-Reply-To: <20230305121635.301451-1-gregory.greenman@intel.com> References: <20230305121635.301451-1-gregory.greenman@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	wifi: iwlwifi: updates intended for v6.4 2023-03-05 \| expand [00/21] wifi: iwlwifi: updates intended for v6.4 2023-03-05 [01/21] wifi: iwlwifi: mvm: add LSIG info to radio tap info in EHT [02/21] wifi: iwlwifi: mvm: mark mac header with no data frames [03/21] wifi: iwlwifi: Adding the code to get RF name for MsP device [04/21] wifi: iwlwifi: reduce verbosity of some logging events [05/21] wifi: iwlwifi: mvm: add an helper function for adding TLVs [06/21] wifi: iwlwifi: mvm: add EHT radiotap info based on rate_n_flags [07/21] wifi: iwlwifi: mvm: add all EHT based on data0 info from HW [08/21] wifi: iwlwifi: mvm: allow new vendor to use TAS [09/21] wifi: iwlwifi: mvm: rename define to generic name [10/21] wifi: iwlwifi: mvm: decode USIG_B1_B7 RU to nl80211 RU width [11/21] wifi: iwlwifi: mvm: parse FW frame metadata for EHT sniffer mode [12/21] wifi: iwlwifi: mvm: add primary 80 known for EHT TLV [13/21] wifi: iwlwifi: mvm: avoid UB shift of snif_queue [14/21] wifi: iwlwifi: mvm: make flush code a bit clearer [15/21] wifi: iwlwifi: Add support for B step of BnJ-Fm4 [16/21] wifi: iwlwifi: rs-fw: break out for unsupported bandwidth [17/21] wifi: iwlwifi: mvm: cleanup duplicated defines [18/21] wifi: iwlwifi: Update logs for yoyo reset sw changes [19/21] wifi: iwlwifi: mvm: add EHT - RU allocation to radiotap TLV [20/21] wifi: iwlwifi: Do not include radiotap EHT user info if not needed [21/21] wifi: iwlwifi: mvm: fix EOF bit reporting

Message ID

20230305124407.b8da0b7eb194.I53744fd7cfb6e146a9393272a2a61852841238d9@changeid

State

New

Headers

From: gregory.greenman@intel.com
To: johannes@sipsolutions.net
Cc: linux-wireless@vger.kernel.org,
        Johannes Berg <johannes.berg@intel.com>,
        Gregory Greenman <gregory.greenman@intel.com>
Subject: [PATCH 13/21] wifi: iwlwifi: mvm: avoid UB shift of snif_queue
Date: Sun,  5 Mar 2023 14:16:27 +0200
Message-Id: 
 <20230305124407.b8da0b7eb194.I53744fd7cfb6e146a9393272a2a61852841238d9@changeid>
In-Reply-To: <20230305121635.301451-1-gregory.greenman@intel.com>
References: <20230305121635.301451-1-gregory.greenman@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

wifi: iwlwifi: updates intended for v6.4 2023-03-05 | expand

Commit Message

Greenman, Gregory March 5, 2023, 12:16 p.m. UTC

From: Johannes Berg <johannes.berg@intel.com>

For the old TX API we need the tfd_queue_msk, but for the
new TX API we don't need it here because we add it to the
station later. However, for the new API mvm->snif_queue is
set to IWL_MVM_INVALID_QUEUE == 0xffff, so the BIT() here
is undefined behaviour.

Since we don't need the tfd_queue_msk value for the new TX
API at all, simply fill it in only for the old API.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
---
 drivers/net/wireless/intel/iwlwifi/mvm/mac-ctxt.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/drivers/net/wireless/intel/iwlwifi/mvm/mac-ctxt.c b/drivers/net/wireless/intel/iwlwifi/mvm/mac-ctxt.c
index aa791dbc3066..114c96ba39ee 100644
--- a/drivers/net/wireless/intel/iwlwifi/mvm/mac-ctxt.c
+++ b/drivers/net/wireless/intel/iwlwifi/mvm/mac-ctxt.c
@@ -654,7 +654,7 @@  static int iwl_mvm_mac_ctxt_cmd_listener(struct iwl_mvm *mvm,
 					 u32 action)
 {
 	struct iwl_mac_ctx_cmd cmd = {};
-	u32 tfd_queue_msk = BIT(mvm->snif_queue);
+	u32 tfd_queue_msk = 0;
 	int ret;
 
 	WARN_ON(vif->type != NL80211_IFTYPE_MONITOR);
@@ -669,6 +669,14 @@  static int iwl_mvm_mac_ctxt_cmd_listener(struct iwl_mvm *mvm,
 				       MAC_FILTER_ACCEPT_GRP);
 	ieee80211_hw_set(mvm->hw, RX_INCLUDES_FCS);
 
+	/*
+	 * the queue mask is only relevant for old TX API, and
+	 * mvm->snif_queue isn't set here (it's still set to
+	 * IWL_MVM_INVALID_QUEUE so the BIT() of it is UB)
+	 */
+	if (!iwl_mvm_has_new_tx_api(mvm))
+		tfd_queue_msk = BIT(mvm->snif_queue);
+
 	/* Allocate sniffer station */
 	ret = iwl_mvm_allocate_int_sta(mvm, &mvm->snif_sta, tfd_queue_msk,
 				       vif->type, IWL_STA_GENERAL_PURPOSE);

[13/21] wifi: iwlwifi: mvm: avoid UB shift of snif_queue

Commit Message

Patch