lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CANXQDtYYg1psrAcPkpvAavW1AGezuG0M-Bo=SA=JuurPt1sA6A@mail.gmail.com>
Date: Fri, 23 Jan 2026 23:12:11 +0530
From: Bhargava Chenna Marreddy <bhargava.marreddy@...adcom.com>
To: Jakub Kicinski <kuba@...nel.org>
Cc: andrew+netdev@...n.ch, vikas.gupta@...adcom.com, 
	vsrama-krishna.nemani@...adcom.com, pabeni@...hat.com, 
	rajashekar.hudumula@...adcom.com, rahul-rg.gupta@...adcom.com, 
	davem@...emloft.net, edumazet@...gle.com, pavan.chebbi@...adcom.com, 
	linux-kernel@...r.kernel.org, netdev@...r.kernel.org, horms@...nel.org, 
	ajit.khaparde@...adcom.com, michael.chan@...adcom.com
Subject: Re: [v5,net-next,6/8] bng_en: Add support to handle AGG events

On Tue, Jan 20, 2026 at 1:15 AM Jakub Kicinski <kuba@...nel.org> wrote:
>
> This is an AI-generated review of your patch. The human sending this
> email has considered the AI review valid, or at least plausible.
>
> For local reproduction steps see https://netdev-ai.bots.linux.dev/ai-local.html
> ---
> bng_en: Add support to handle AGG events
>
> This patch adds AGG event handling in the RX path to receive packet data
> on AGG rings, enabling Jumbo and HDS functionality.
>
> > diff --git a/drivers/net/ethernet/broadcom/bnge/bnge_txrx.c b/drivers/net/ethernet/broadcom/bnge/bnge_txrx.c
> > index dffb8c17babe..d6c8557fcb19 100644
> > --- a/drivers/net/ethernet/broadcom/bnge/bnge_txrx.c
> > +++ b/drivers/net/ethernet/broadcom/bnge/bnge_txrx.c
>
> [ ... ]
>
> > @@ -284,14 +487,25 @@ static int bnge_rx_pkt(struct bnge_net *bn, struct bnge_cp_ring_info *cpr,
> >       if (len <= bn->rx_copybreak) {
> >               skb = bnge_copy_skb(bnapi, data_ptr, len, dma_addr);
> >               bnge_reuse_rx_data(rxr, cons, data);
> > -             if (!skb)
> > +             if (!skb) {
> > +                     if (agg_bufs)
> > +                             bnge_reuse_rx_agg_bufs(cpr, cp_cons, 0,
> > +                                                    agg_bufs);
> >                       goto oom_next_rx;
> > +             }
> >       } else {
> >               skb = bnge_rx_skb(bn, rxr, cons, data, data_ptr, dma_addr, len);
> >               if (!skb)
> >                       goto oom_next_rx;
> >       }
>
> In the copy path (small packets), when bnge_copy_skb() returns NULL, the code
> properly calls bnge_reuse_rx_agg_bufs() to recycle the AGG buffers. However,
> in the large packet path (else branch), when bnge_rx_skb() returns NULL, are
> the AGG buffers being leaked? At this point the completion ring consumer has
> already been advanced past the AGG completions by bnge_agg_bufs_valid(), but
> without calling bnge_reuse_rx_agg_bufs() the AGG ring producer won't be
> updated with replacement buffers.
>
> Should the large packet path also reuse AGG buffers on allocation failure,
> similar to the copy path?

Good catch. Leak was possible in the non-copy path if bnge_rx_skb() failed,
especially with smaller rx_copybreak values (i.e. less than 60).
This will be fixed in the next spin.

Thanks,
Bhargava Marreddy

> --
> pw-bot: cr

Download attachment "smime.p7s" of type "application/pkcs7-signature" (5496 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ