Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp6697532iob; Wed, 11 May 2022 03:28:25 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw8meczn3WZAO70KfTr/66iJfgzhFmaOgNe61ibDhZJQ+9M4akn9nuXSjGiSi4TlQ1o0399 X-Received: by 2002:a17:907:94cd:b0:6f4:da4d:6ec2 with SMTP id dn13-20020a17090794cd00b006f4da4d6ec2mr23107096ejc.702.1652264905559; Wed, 11 May 2022 03:28:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1652264905; cv=none; d=google.com; s=arc-20160816; b=F9yLI43oOwNxl4dBcsMEFhlQvPqjlFTv2V2w0DWz6LaOhAnIG8qWiQ4N00msuYyg9a ovWmJofFhQd15rfvVm/lRvTbRs/ywqFfP6paVcgaUcWGBvXhmHJ6PQHvVrSE0C9oG5jt tIKMRDER28+WLGjQJucjYuv4oB8+IZwi65nBl+31GLT2CFxDQEEix6oWyCRbmNKrY/8Q /gfT5eiq71ZtHo6gOA/fJn9hZYdxeHDrHlAGqmuPwOGXk/B4HIHPLResKzZZGuQ5r8zk 0roLGKmvKbR0h/i4p29MWdJRchdXR64eDsxp9Idtl5VtaFmny6f3+zjtP+//KhaptCGY gs7A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:message-id:date:references :in-reply-to:subject:cc:to:dkim-signature:from; bh=+1U3flpqWJAv5df7SW1MN/dDT5tlFWQa/zIqHpVu/94=; b=GzVSvRxBC6OcjVLmqYnrGKCIpCyCkaRjNHUpvG3JKhxCJJLqCqhjAh+YxQJq6VGuzB ANu6vHq+uc7H/4kJ6IK060cp1ISE6QNGlxdFWvYSjkiPgimS2JoYGSgBnUMDFSEfB2Ob 9eSb+ALO5E+ZYSJhHMNYB7VQ63LaTLC9lig8wKs5e0leUN+OQ85VlUScxenUkdeozlB6 zH+pc7YJfVjy0IKQyXaucKkfLaiOp9qdQlu/8jm/rF/fSWJUlrAiJCKYpg27mtLTdOOV 5CKUDeoujoCpBgTBelVfNqWqRznR+u6Hp5jolCPbhgbnmJoHQGMv1iuavdRdPo78k2N7 xD3g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@toke.dk header.s=20161023 header.b=pQ4WE1Mi; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=toke.dk Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id cr19-20020a170906d55300b006f36f1c2d67si2048227ejc.134.2022.05.11.03.28.02; Wed, 11 May 2022 03:28:25 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@toke.dk header.s=20161023 header.b=pQ4WE1Mi; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=toke.dk Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237682AbiEKJyJ (ORCPT + 69 others); Wed, 11 May 2022 05:54:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50620 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233303AbiEKJyA (ORCPT ); Wed, 11 May 2022 05:54:00 -0400 Received: from mail.toke.dk (mail.toke.dk [IPv6:2a0c:4d80:42:2001::664]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 388528CCCD; Wed, 11 May 2022 02:53:25 -0700 (PDT) From: Toke =?utf-8?Q?H=C3=B8iland-J=C3=B8rgensen?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=toke.dk; s=20161023; t=1652262803; bh=+1U3flpqWJAv5df7SW1MN/dDT5tlFWQa/zIqHpVu/94=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From; b=pQ4WE1MiEekSRpCqyLnNMJUfVxyA1jwmuXHXtesfricLrC9TjnPKYNsu5d2h+VyR9 eZl9AJWS12FQUnBC9g6O/kcq9wwh0KlLGd1Y4ZJTTIuaUyDeA7IMRGotSrZPbWb8ZP F9EmvtYZK7UUfH0OZqvzjFlPoiLVrgrTn5f8wkTH7UzEZhlDYRyhDEzDDUvkhhlNVN 1jrz2yiKw1fDXrOPiOo8k/U2cOYgsL4yMMqwZmzIO2T/LbcjdIiSJqTkWEU75mjtbx IlfELp6+Gv75kMPpo2rbLAoQrGPCZP3MJ5RPr+PMU9vqSd55xl/1UfXvZl3zH6phDZ bvOCm1vlX2xcQ== To: Kalle Valo , Pavel Skripkin Cc: Tetsuo Handa , ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kuba@kernel.org, linville@tuxdriver.com, linux-wireless@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, syzbot+03110230a11411024147@syzkaller.appspotmail.com, syzbot+c6dde1f690b60e0b9fbe@syzkaller.appspotmail.com Subject: Re: [PATCH v3 1/2] ath9k: fix use-after-free in ath9k_hif_usb_rx_cb In-Reply-To: <87ilqc7jv9.fsf@kernel.org> References: <80962aae265995d1cdb724f5362c556d494c7566.1644265120.git.paskripkin@gmail.com> <87h799a007.fsf@toke.dk> <6f0615da-aa0b-df8e-589c-f5caf09d3449@gmail.com> <5fd22dda-01d6-cfae-3458-cb3fa23eb84d@I-love.SAKURA.ne.jp> <3cb712d9-c6be-94b7-6135-10b0eabba341@gmail.com> <426f6965-152c-6d59-90e0-34fe3cd208ee@gmail.com> <87ilqc7jv9.fsf@kernel.org> Date: Wed, 11 May 2022 11:53:23 +0200 X-Clacks-Overhead: GNU Terry Pratchett Message-ID: <87o804wg30.fsf@toke.dk> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org Kalle Valo writes: > Pavel Skripkin writes: > >> Hi Tetsuo, >> >> On 5/6/22 02:31, Tetsuo Handa wrote: >>> On 2022/05/06 4:09, Pavel Skripkin wrote: >>>>>> And we can meet NULL defer even if we leave drv_priv = priv initialization >>>>>> on it's place. >>>>> >>>>> I didn't catch the location. As long as "htc_handle->drv_priv = priv;" is done >>>>> before complete_all(&hif_dev->fw_done) is done, is something wrong? >>>>> >>>> >>>> I don't really remember why I said that, but looks like I just haven't opened callbacks' code. >>> >>> OK. Then, why not accept Pavel's patch? >> >> As you might expect, I have same question. This series is under review >> for like 7-8 months. >> >> I have no ath9 device, so I can't test it on real hw, so somebody else >> should do it for me. It's requirement to get patch accepted. > > As Toke stepped up to be the ath9k maintainer the situation with ath9k > is now much better. I recommend resubmitting any ath9k patches you might > have. No need to resubmit this one, it's still in patchwork waiting for me to take a closer look. I have a conference this week, but should hopefully have some time for this next week. -Toke