2022-05-08 12:14:06

by Igor Russkikh

[permalink] [raw]
Subject: Re: [EXT] Re: [PATCH 0/5] net: atlantic: more fuzzing fixes


Hi Grant and Dmitrii,

>> So to close session I guess need to set is_rsc_completed to true when
>> number of frags is going to exceed value MAX_SKB_FRAGS, then packet will
>> be built and submitted to stack.
>> But of course need to check that there will not be any other corner cases
>> with this new change.
>
> Ok. Sounds like I should post a v2 then and just drop 1/5 and 5/5
> patches. Will post that tomorrow.

I think the part with check `hw_head_ >= ring->size` still can be used safely (patch 5).

For patch 1 - I agree it may make things worse, so either drop or think on how to interpret invalid `next` and stop LRO session.

Thanks,
Igor