samsung-sm8650/android_kernel_samsung_sm8650-modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

qcacmn: Add NULL ptr and data initialization checks in pktlog

Browse Source 
Add checks for NULL ptr. Also initialize data properly.

Change-Id: Ib6db409f038421c5a0c9033bea7948f9cd6376dd
CRs-Fixed: 2160752
This commit is contained in:
Amar Singhal
2018-01-02 15:30:49 -08:00
committed by snandini
parent c686275355
commit 479698e1d7
3 changed files with 19 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
utils/pktlog/linux_ac.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2012-2017 The Linux Foundation. All rights reserved. * Copyright (c) 2012-2018 The Linux Foundation. All rights reserved.
* *
* Previously licensed under the ISC license by Qualcomm Atheros, Inc. * Previously licensed under the ISC license by Qualcomm Atheros, Inc.
* *
@@ -165,7 +165,6 @@ void pktlog_release_buf(struct hif_opaque_softc *scn)
struct ath_pktlog_info *pl_info; struct ath_pktlog_info *pl_info;
pl_dev = get_pktlog_handle(); pl_dev = get_pktlog_handle();
pl_info = pl_dev->pl_info;
if (!pl_dev) { if (!pl_dev) {
qdf_print("%s: invalid pl_dev handle", __func__); qdf_print("%s: invalid pl_dev handle", __func__);
@@ -177,6 +176,8 @@ void pktlog_release_buf(struct hif_opaque_softc *scn)
return; return;
} }
pl_info = pl_dev->pl_info;
page_cnt = ((sizeof(*(pl_info->buf)) + pl_info->buf_size) / page_cnt = ((sizeof(*(pl_info->buf)) + pl_info->buf_size) /
PAGE_SIZE) + 1; PAGE_SIZE) + 1;

8
utils/pktlog/pktlog_ac.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2012-2017 The Linux Foundation. All rights reserved. * Copyright (c) 2012-2018 The Linux Foundation. All rights reserved.
* *
* Previously licensed under the ISC license by Qualcomm Atheros, Inc. * Previously licensed under the ISC license by Qualcomm Atheros, Inc.
* *
@@ -82,6 +82,12 @@ void pktlog_set_callback_regtype(
enum pktlog_callback_regtype callback_type) enum pktlog_callback_regtype callback_type)
{ {
struct pktlog_dev_t *pl_dev = get_pktlog_handle(); struct pktlog_dev_t *pl_dev = get_pktlog_handle();
if (!pl_dev) {
qdf_print("Invalid pl_dev");
return;
}
pl_dev->callback_type = callback_type; pl_dev->callback_type = callback_type;
} }

10
utils/pktlog/pktlog_internal.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2013-2017 The Linux Foundation. All rights reserved. * Copyright (c) 2013-2018 The Linux Foundation. All rights reserved.
* *
* Previously licensed under the ISC license by Qualcomm Atheros, Inc. * Previously licensed under the ISC license by Qualcomm Atheros, Inc.
* *
@@ -657,6 +657,8 @@ A_STATUS process_rx_info(void *pdev, void *data)
pl_info = pl_dev->pl_info; pl_info = pl_dev->pl_info;
pl_tgt_hdr = (uint32_t *) data; pl_tgt_hdr = (uint32_t *) data;
qdf_mem_set(&pl_hdr, sizeof(pl_hdr), 0);
pl_hdr.flags = (*(pl_tgt_hdr + ATH_PKTLOG_HDR_FLAGS_OFFSET) & pl_hdr.flags = (*(pl_tgt_hdr + ATH_PKTLOG_HDR_FLAGS_OFFSET) &
ATH_PKTLOG_HDR_FLAGS_MASK) >> ATH_PKTLOG_HDR_FLAGS_MASK) >>
ATH_PKTLOG_HDR_FLAGS_SHIFT; ATH_PKTLOG_HDR_FLAGS_SHIFT;
@@ -716,6 +718,8 @@ A_STATUS process_rate_find(void *pdev, void *data)
* Makes the short words (16 bits) portable b/w little endian * Makes the short words (16 bits) portable b/w little endian
* and big endian * and big endian
*/ */
qdf_mem_set(&pl_hdr, sizeof(pl_hdr), 0);
pl_hdr.flags = (*(pl_tgt_hdr + ATH_PKTLOG_HDR_FLAGS_OFFSET) & pl_hdr.flags = (*(pl_tgt_hdr + ATH_PKTLOG_HDR_FLAGS_OFFSET) &
ATH_PKTLOG_HDR_FLAGS_MASK) >> ATH_PKTLOG_HDR_FLAGS_MASK) >>
ATH_PKTLOG_HDR_FLAGS_SHIFT; ATH_PKTLOG_HDR_FLAGS_SHIFT;
@@ -730,6 +734,7 @@ A_STATUS process_rate_find(void *pdev, void *data)
ATH_PKTLOG_HDR_MAC_ID_MASK) >> ATH_PKTLOG_HDR_MAC_ID_MASK) >>
ATH_PKTLOG_HDR_MAC_ID_SHIFT; ATH_PKTLOG_HDR_MAC_ID_SHIFT;
pl_hdr.flags |= PKTLOG_HDR_SIZE_16; pl_hdr.flags |= PKTLOG_HDR_SIZE_16;
#else #else
pl_hdr.log_type = (*(pl_tgt_hdr + ATH_PKTLOG_HDR_LOG_TYPE_OFFSET) & pl_hdr.log_type = (*(pl_tgt_hdr + ATH_PKTLOG_HDR_LOG_TYPE_OFFSET) &
ATH_PKTLOG_HDR_LOG_TYPE_MASK) >> ATH_PKTLOG_HDR_LOG_TYPE_MASK) >>
@@ -845,6 +850,7 @@ A_STATUS process_rate_update(void *pdev, void *data)
* Makes the short words (16 bits) portable b/w little endian * Makes the short words (16 bits) portable b/w little endian
* and big endian * and big endian
*/ */
qdf_mem_set(&pl_hdr, sizeof(pl_hdr), 0);
pl_hdr.flags = (*(pl_tgt_hdr + ATH_PKTLOG_HDR_FLAGS_OFFSET) & pl_hdr.flags = (*(pl_tgt_hdr + ATH_PKTLOG_HDR_FLAGS_OFFSET) &
ATH_PKTLOG_HDR_FLAGS_MASK) >> ATH_PKTLOG_HDR_FLAGS_MASK) >>
ATH_PKTLOG_HDR_FLAGS_SHIFT; ATH_PKTLOG_HDR_FLAGS_SHIFT;
@@ -895,6 +901,7 @@ int process_rx_desc_remote(void *pdev, void *data)
qdf_nbuf_t log_nbuf = (qdf_nbuf_t)data; qdf_nbuf_t log_nbuf = (qdf_nbuf_t)data;
pl_info = pl_dev->pl_info; pl_info = pl_dev->pl_info;
qdf_mem_set(&pl_hdr, sizeof(pl_hdr), 0);
pl_hdr.flags = (1 << PKTLOG_FLG_FRM_TYPE_REMOTE_S); pl_hdr.flags = (1 << PKTLOG_FLG_FRM_TYPE_REMOTE_S);
pl_hdr.missed_cnt = 0; pl_hdr.missed_cnt = 0;
pl_hdr.log_type = 22; /*PKTLOG_TYPE_RX_STATBUF*/ pl_hdr.log_type = 22; /*PKTLOG_TYPE_RX_STATBUF*/
@@ -927,6 +934,7 @@ process_pktlog_lite(void *context, void *log_data, uint16_t log_type)
qdf_nbuf_t log_nbuf = (qdf_nbuf_t)log_data; qdf_nbuf_t log_nbuf = (qdf_nbuf_t)log_data;
pl_info = pl_dev->pl_info; pl_info = pl_dev->pl_info;
qdf_mem_set(&pl_hdr, sizeof(pl_hdr), 0);
pl_hdr.flags = (1 << PKTLOG_FLG_FRM_TYPE_REMOTE_S); pl_hdr.flags = (1 << PKTLOG_FLG_FRM_TYPE_REMOTE_S);
pl_hdr.missed_cnt = 0; pl_hdr.missed_cnt = 0;
pl_hdr.log_type = log_type; pl_hdr.log_type = log_type;