Home Explore Help
Sign In
samsung-sm8650
/
android_kernel_samsung_sm8650-modules
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

qcacmn: Fix skb overflow in wlan_pkt_stats_to_logger_thread

When wlan logging is turned on in developer options
wlan logging verbosity level is set to active and
pktlog buffer will also be passed to
wlan_pkt_stats_to_logger_thread. In this API we call
skb_put multiple times to copy ath_pktlog_hdr(16 bytes)
and pktlog buffer (2048 bytes) = 2064bytes  which is leading to
skb_over_panic as the skb length is set to 2048 bytes.
Increase the skb size to 2112 bytes which can accommodate
2048 bytes (pktlog buffer size)  + 16 bytes(ath_pktlog_hdr) +
8 bytes (pkt_dump) + 40 bytes (future use)  to avoid overflow.

Change-Id: Ia8bda14f45d2eb77357bf7e46a12c1062d56d8e1
CRs-Fixed: 2489338
Venkata Sharath Chandra Manchala 5 years ago
parent
1b0ec2a8fe
commit
d82dc29fe6
1 changed files with 28 additions and 3 deletions
Split View Show Diff Stats
  1. 28 3
      utils/logging/src/wlan_logging_sock_svc.c

+ 28 - 3
utils/logging/src/wlan_logging_sock_svc.c
View File 

@@ -30,9 +30,11 @@
 
 #include "csr_api.h"
 
 #include "wma.h"
 
 #include "ol_txrx_api.h"
 
-#include "pktlog_ac.h"
 
 #include <cdp_txrx_misc.h>
 
 #endif
 
+#if defined(FEATURE_PKTLOG) && !defined(REMOVE_PKT_LOG)
 
+#include <pktlog_ac.h>
 
+#endif /* FEATURE_PKTLOG */
 
 #include <wlan_logging_sock_svc.h>
 
 #include <linux/kthread.h>
 
 #include <qdf_time.h>
 
@@ -63,9 +65,32 @@
 
 #endif
 
 #define MAX_LOGMSG_LENGTH 2048
 
 #define MAX_SKBMSG_LENGTH 4096
 
-#define MAX_PKTSTATS_LENGTH 2048
 
-#define MAX_PKTSTATS_BUFF   16
 
 
+#define WLAN_LOG_BUFFER_SIZE 2048
 
+#if defined(FEATURE_PKTLOG) && !defined(REMOVE_PKT_LOG)
 
+/**
 
+ * Buffer to accommodate -
 
+ * pktlog buffer (2048 bytes)
 
+ * ath_pktlog_hdr (16 bytes)
 
+ * pkt_dump (8 bytes)
 
+ * extra padding (40 bytes)
 
+ *
 
+ * Note: pktlog buffer size is dependent on RX_BUFFER_SIZE and
 
+ * HTT_T2H_MAX_MSG_SIZE. Adjust WLAN_LOG_BUFFER_SIZE
 
+ * based on the above mentioned macros.
 
+ */
 
+#define ATH_PKTLOG_HDR_SIZE (sizeof(struct ath_pktlog_hdr))
 
+#define PKT_DUMP_HDR_SIZE (sizeof(struct packet_dump))
 
+#define EXTRA_PADDING 40
 
+
 
+#define MAX_PKTSTATS_LENGTH \
 
+	((WLAN_LOG_BUFFER_SIZE) + (ATH_PKTLOG_HDR_SIZE) + \
 
+	 (PKT_DUMP_HDR_SIZE) + (EXTRA_PADDING))
 
+#else
 
+#define MAX_PKTSTATS_LENGTH WLAN_LOG_BUFFER_SIZE
 
+#endif /* FEATURE_PKTLOG */
 
+
 
+#define MAX_PKTSTATS_BUFF   16
 
 #define HOST_LOG_DRIVER_MSG        0x001
 
 #define HOST_LOG_PER_PKT_STATS     0x002
 
 #define HOST_LOG_FW_FLUSH_COMPLETE 0x003