diff options
| author | Sean Wang <sean.wang@mediatek.com> | 2021-06-17 09:39:19 +0800 |
|---|---|---|
| committer | Felix Fietkau <nbd@nbd.name> | 2021-06-19 09:22:51 +0200 |
| commit | 723885a6750102e5d807429b3d06aa6b0d29cc66 (patch) | |
| tree | d8bbb801469166d95ae9742ddbeaf2051abb3a2b /drivers/net/wireless/mediatek/mt76/mt7921/mac.c | |
| parent | 78b0328ff8c46fce64eb969d2572c3f631735dc1 (diff) | |
mt76: mt7921: fix the coredump is being truncated
Fix the maximum size of the coredump generated with current mt7921
firmware. Otherwise, a truncated coredump would be reported to userland
via dev_coredumpv.
Also, there is an additional error handling enhanced in the patch to avoid
the possible invalid buffer access when the system failed to create the
buffer to hold the coredump.
Fixes: 0da3c795d07b ("mt76: mt7921: add coredump support")
Co-developed-by: YN Chen <YN.Chen@mediatek.com>
Signed-off-by: YN Chen <YN.Chen@mediatek.com>
Signed-off-by: Sean Wang <sean.wang@mediatek.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Diffstat (limited to 'drivers/net/wireless/mediatek/mt76/mt7921/mac.c')
| -rw-r--r-- | drivers/net/wireless/mediatek/mt76/mt7921/mac.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/drivers/net/wireless/mediatek/mt76/mt7921/mac.c b/drivers/net/wireless/mediatek/mt76/mt7921/mac.c index 740773da2193..b8e64c58b9ed 100644 --- a/drivers/net/wireless/mediatek/mt76/mt7921/mac.c +++ b/drivers/net/wireless/mediatek/mt76/mt7921/mac.c @@ -1548,7 +1548,7 @@ void mt7921_coredump_work(struct work_struct *work) break; skb_pull(skb, sizeof(struct mt7921_mcu_rxd)); - if (data + skb->len - dump > MT76_CONNAC_COREDUMP_SZ) { + if (!dump || data + skb->len - dump > MT76_CONNAC_COREDUMP_SZ) { dev_kfree_skb(skb); continue; } @@ -1558,7 +1558,10 @@ void mt7921_coredump_work(struct work_struct *work) dev_kfree_skb(skb); } - dev_coredumpv(dev->mt76.dev, dump, MT76_CONNAC_COREDUMP_SZ, - GFP_KERNEL); + + if (dump) + dev_coredumpv(dev->mt76.dev, dump, MT76_CONNAC_COREDUMP_SZ, + GFP_KERNEL); + mt7921_reset(&dev->mt76); } |