samsung-sm8650/android_kernel_samsung_sm8650-modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

qcacmn: Delete logger timer then reset pcur_node

Browse Source 
Delete the flush timer then set the pcur_node to NULL
while cleanup to avoid NULL pointer dereference in timer handler.

CRs-Fixed: 2820441
Change-Id: If6edca1343890e0fe962d7b3e3b5b07f379143ef
This commit is contained in:
Balaganapathy Palanisamy
2020-11-23 11:55:33 +05:30
committed by snandini
parent 6ef2047d56
commit d939d58b24
1 changed files with 22 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
utils/logging/src/wlan_logging_sock_svc.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 2014-2020 The Linux Foundation. All rights reserved.
* Copyright (c) 2014-2021 The Linux Foundation. All rights reserved.
*
* Permission to use, copy, modify, and/or distribute this software for
* any purpose with or without fee is hereby granted, provided that the
@@ -1033,12 +1033,21 @@ static void flush_timer_init(void)
gwlan_logging.flush_timer_period = 0;
}
static void flush_timer_deinit(void)
{
gwlan_logging.is_flush_timer_initialized = false;
qdf_spin_lock(&gwlan_logging.flush_timer_lock);
qdf_timer_stop(&gwlan_logging.flush_timer);
qdf_timer_free(&gwlan_logging.flush_timer);
qdf_spin_unlock(&gwlan_logging.flush_timer_lock);
qdf_spinlock_destroy(&gwlan_logging.flush_timer_lock);
}
int wlan_logging_sock_init_svc(void)
{
int i = 0, j, pkt_stats_size;
unsigned long irq_flag;
flush_timer_init();
spin_lock_init(&gwlan_logging.spin_lock);
spin_lock_init(&gwlan_logging.pkt_stats_lock);
@@ -1065,6 +1074,8 @@ int wlan_logging_sock_init_svc(void)
list_del_init(gwlan_logging.free_list.next);
spin_unlock_irqrestore(&gwlan_logging.spin_lock, irq_flag);
flush_timer_init();
/* Initialize the pktStats data structure here */
pkt_stats_size = sizeof(struct pkt_stats_msg);
gpkt_stats_buffers = vmalloc(MAX_PKTSTATS_BUFF * pkt_stats_size);
@@ -1133,6 +1144,7 @@ err2:
vfree(gpkt_stats_buffers);
gpkt_stats_buffers = NULL;
err1:
flush_timer_deinit();
spin_lock_irqsave(&gwlan_logging.spin_lock, irq_flag);
gwlan_logging.pcur_node = NULL;
spin_unlock_irqrestore(&gwlan_logging.spin_lock, irq_flag);
@@ -1141,16 +1153,6 @@ err1:
return -ENOMEM;
}
static void flush_timer_deinit(void)
{
gwlan_logging.is_flush_timer_initialized = false;
qdf_spin_lock(&gwlan_logging.flush_timer_lock);
qdf_timer_stop(&gwlan_logging.flush_timer);
qdf_timer_free(&gwlan_logging.flush_timer);
qdf_spin_unlock(&gwlan_logging.flush_timer_lock);
qdf_spinlock_destroy(&gwlan_logging.flush_timer_lock);
}
int wlan_logging_sock_deinit_svc(void)
{
unsigned long irq_flag;
@@ -1172,10 +1174,6 @@ int wlan_logging_sock_deinit_svc(void)
wake_up_interruptible(&gwlan_logging.wait_queue);
wait_for_completion(&gwlan_logging.shutdown_comp);
spin_lock_irqsave(&gwlan_logging.spin_lock, irq_flag);
gwlan_logging.pcur_node = NULL;
spin_unlock_irqrestore(&gwlan_logging.spin_lock, irq_flag);
spin_lock_irqsave(&gwlan_logging.pkt_stats_lock, irq_flag);
gwlan_logging.pkt_stats_pcur_node = NULL;
gwlan_logging.pkt_stats_msg_idx = 0;
@@ -1185,12 +1183,18 @@ int wlan_logging_sock_deinit_svc(void)
dev_kfree_skb(gpkt_stats_buffers[i].skb);
}
spin_unlock_irqrestore(&gwlan_logging.pkt_stats_lock, irq_flag);
vfree(gpkt_stats_buffers);
gpkt_stats_buffers = NULL;
free_log_msg_buffer();
/* Delete the Flush timer then mark pcur_node NULL */
flush_timer_deinit();
spin_lock_irqsave(&gwlan_logging.spin_lock, irq_flag);
gwlan_logging.pcur_node = NULL;
spin_unlock_irqrestore(&gwlan_logging.spin_lock, irq_flag);
free_log_msg_buffer();
return 0;
}