Date: Sun, 14 Feb 2016 20:20:44 +0200 From: "Andriy Voskoboinyk" <avos@freebsd.org> To: "Hans Petter Selasky" <hps@selasky.org> Cc: "src-committers@freebsd.org" <src-committers@freebsd.org>, "svn-src-all@freebsd.org" <svn-src-all@freebsd.org>, "svn-src-head@freebsd.org" <svn-src-head@freebsd.org> Subject: Re: svn commit: r295607 - head/sys/dev/usb/wlan Message-ID: <op.yct48uor4dikkl@localhost> In-Reply-To: <56C0A8F6.1090105@selasky.org> References: <201602140716.u1E7Gaot040504@repo.freebsd.org> <op.yctwknx14dikkl@localhost> <56C0A8F6.1090105@selasky.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Sun, 14 Feb 2016 18:19:02 +0200 =D0=B1=D1=83=D0=BB=D0=BE =D0=BD=D0=B0=D0= =BF=D0=B8=D1=81=D0=B0=D0=BD=D0=BE Hans Petter Selasky = <hps@selasky.org>: > On 02/14/16 16:13, Andriy Voskoboinyk wrote: >> Sun, 14 Feb 2016 09:16:36 +0200 =D0=B1=D1=83=D0=BB=D0=BE =D0=BD=D0=B0= =D0=BF=D0=B8=D1=81=D0=B0=D0=BD=D0=BE Hans Petter Selasky >> <hselasky@freebsd.org>: >> >>> Author: hselasky >>> Date: Sun Feb 14 07:16:36 2016 >>> New Revision: 295607 >>> URL: https://svnweb.freebsd.org/changeset/base/295607 >>> >>> Log: >>> Reduce the number of supported WLAN keys in the rum driver, else w= e >>> risk bit shifting overflows. Found by D5245 / PVS. >>> MFC after: 1 week >> >> Hardware crypto support was never merged (so, there is nothing to MFC= ). > > OK. > >>> Modified: head/sys/dev/usb/wlan/if_rumreg.h >>> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D >>> >>> --- head/sys/dev/usb/wlan/if_rumreg.h Sun Feb 14 02:28:59 2016 >>> (r295606) >>> +++ head/sys/dev/usb/wlan/if_rumreg.h Sun Feb 14 07:16:36 2016 >>> (r295607) >>> @@ -47,7 +47,7 @@ >>> * H/w encryption/decryption support >>> */ >>> #define KEY_SIZE (IEEE80211_KEYBUF_SIZE + = >>> IEEE80211_MICBUF_SIZE) >>> -#define RT2573_ADDR_MAX 64 >>> +#define RT2573_ADDR_MAX (32 / RT2573_SKEY_MAX) >>> #define RT2573_SKEY_MAX 4 >>> #define RT2573_SKEY(vap, kidx) (0x1000 + ((vap) * RT2573_SKEY_MAX= + = >>> \ >>> >> >> Reason of this change? (device table has 64 entries, not 8). >> I have not seen any overflows, caused by it: > > You're right. > >> >> 1) >> vap->iv_key_set =3D rum_key_set; >> vap->iv_key_delete =3D rum_key_delete; >> vap->iv_update_beacon =3D rum_update_beacon; >> vap->iv_max_aid =3D RT2573_ADDR_MAX; // n= ot >> the case >> >> usb_callout_init_mtx(&rvp->ratectl_ch, &sc->sc_mtx, 0); >> TASK_INIT(&rvp->ratectl_task, 0, rum_ratectl_task, rvp); >> >> 2) >> k < &vap->iv_nw_keys[IEEE80211_WEP_NKID])) { >> if (!(k->wk_flags & IEEE80211_KEY_SWCRYPT)) { >> RUM_LOCK(sc); >> for (i =3D 0; i < RT2573_ADDR_MAX; i++) { // can ho= ld >> [0;63] without any overflows; >> // keys_bmap is 64-bit, so ther= e >> is no overflow too >> if ((sc->keys_bmap & (1ULL << i)) =3D=3D 0) { >> sc->keys_bmap |=3D 1ULL << i; >> *keyix =3D i; >> >> 3) >> } > > I'll revert the header file change shortly. Then we're up to date. > > --HPS Thanks!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?op.yct48uor4dikkl>