[bug report] mt76: implement functions to get the response skb for MCU calls
Lorenzo Bianconi
lorenzo at kernel.org
Thu Oct 13 09:25:54 PDT 2022
> I would like to revisit this question. Last time I complained about
> this Johannes responded but he misread what mt76_mcu_send_and_get_msg()
> does. I have looked at it as well and I also cannot explain what is
> going on in that function.
>
> I have looked at the callers and my first instinct is that maybe this
> is dead stub code? But then when I look at mt76x02u_mcu_send_msg() I
> think "No, this is not stub code. This should be returning the newly
> allocated skb to the caller."
>
> But then I think, surely at some point someone tested this code??? It
> must be stub code.
>
> Could we get some clarity on this?
for mt76x2 and mt76x0 we do not care of ret_skb (in fact we do not run
mt76_mcu_send_and_get_msg() directly but we rely on mt76_mcu_send_msg()).
For mt7921 we set mcu_skb_send_msg function pointer and not mcu_send_msg.
Moreover mt7921_mcu_get_eeprom() has been remove a while back.
Am I missing something?
Regards,
Lorenzo
>
> regards,
> dan carpenter
>
> On Fri, Oct 08, 2021 at 05:27:35PM +0300, Dan Carpenter wrote:
> > On Fri, Oct 08, 2021 at 04:03:10PM +0200, Johannes Berg wrote:
> > > On Fri, 2021-10-08 at 16:00 +0300, Dan Carpenter wrote:
> > > >
> > > > 1146 ret = mt76_mcu_send_and_get_msg(&dev->mt76, MCU_EXT_CMD_EFUSE_ACCESS, &req,
> > > > 1147 sizeof(req), true, &skb);
> > > >
> > > > If mt76_mcu_send_and_get_msg() calls the dev->mcu_ops->mcu_send_msg()
> > > > then "skb" is not initialized.
> > > >
> > > > 1148 if (ret)
> > > > 1149 return ret;
> > > > 1150
> > > > --> 1151 res = (struct mt7921_mcu_eeprom_info *)skb->data;
> > >
> > > Looks like possibly 'skb' is always initialized if
> > > mt76_mcu_send_and_get_msg() returns 0 (success)?
> > >
> >
> > This build is with cross function analysis enabled so Smatch looks for
> > that.
> >
> > The problem is that the caller has to know if dev->mcu_ops->mcu_send_msg
> > is NULL or not because if it's non-NULL "skb" is not set. Perhaps that
> > means it should be separated into two functions and we pick which one
> > to call depending on whether the pointer is set.
> >
> > drivers/net/wireless/mediatek/mt76/mcu.c
> > 54 int mt76_mcu_send_and_get_msg(struct mt76_dev *dev, int cmd, const void *data,
> > 55 int len, bool wait_resp, struct sk_buff **ret_skb)
> > ^^^^^^^
> > This is the parameter.
> >
> > 56 {
> > 57 struct sk_buff *skb;
> > 58
> > 59 if (dev->mcu_ops->mcu_send_msg)
> > 60 return dev->mcu_ops->mcu_send_msg(dev, cmd, data, len, wait_resp);
> >
> > The function pointer doesn't set *ret_skb at all.
> >
> > 61
> > 62 skb = mt76_mcu_msg_alloc(dev, data, len);
> > 63 if (!skb)
> > 64 return -ENOMEM;
> > 65
> > 66 return mt76_mcu_skb_send_and_get_msg(dev, skb, cmd, wait_resp, ret_skb);
> >
> > But this does.
> >
> > 67 }
> >
> > regards,
> > dan carpenter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/linux-mediatek/attachments/20221013/d051f8fd/attachment.sig>
More information about the Linux-mediatek
mailing list