diff options
author | Dennis Jeon <dennis.jeon@broadcom.com> | 2022-06-17 16:44:38 +0900 |
---|---|---|
committer | Roger Wang <wangroger@google.com> | 2022-06-17 16:18:21 +0800 |
commit | 35d3fb387f8e74ab4b7043065ce1c057d0025475 (patch) | |
tree | f7806cd163b501c103a0ff3256b3019a96fd41d0 | |
parent | e784a9cf59203c900f68352c691675aea46ca015 (diff) | |
download | wlan-35d3fb387f8e74ab4b7043065ce1c057d0025475.tar.gz |
HAL: Fix not to crash by deprecated code
Multiple hal daemon crash issues which occured by memcpy with invalid address are reported.
#00 pc 000000000004edcc /apex/com.android.runtime/lib64/bionic/libc.so (__memcpy+284) (BuildId: f4bbb65957cf1dbe210e337f4656bdbc)
#01 pc 00000000000388f8 /vendor/lib64/libwifi-hal.so (GetLinkStatsCommand::handleResponse(WifiEvent&)+1016) (BuildId: 17e0eae73546034631ce75e7dc274029)
#02 pc 0000000000026260 /vendor/lib64/libwifi-hal.so (WifiCommand::response_handler(nl_msg*, void*)+160) (BuildId: 17e0eae73546034631ce75e7dc274029)
In some cases, this call flow can be proccessed even this code is deprecated.
so, we can remove this code to avoid hal daemon crash issue
Bug: 235782242
Test: halutil -stats
Signed-off-by: Dennis Jeon <dennis.jeon@broadcom.com>
Change-Id: Ibc316e5087b8ed5ea0eac5311c103ff722ab4ef0
-rw-r--r-- | bcmdhd/wifi_hal/link_layer_stats.cpp | 62 |
1 files changed, 3 insertions, 59 deletions
diff --git a/bcmdhd/wifi_hal/link_layer_stats.cpp b/bcmdhd/wifi_hal/link_layer_stats.cpp index 3a922db..4de0757 100644 --- a/bcmdhd/wifi_hal/link_layer_stats.cpp +++ b/bcmdhd/wifi_hal/link_layer_stats.cpp @@ -79,7 +79,7 @@ public: { } virtual int create() { - // ALOGI("Creating message to get link statistics; iface = %d", mIfaceInfo->id); + ALOGI("Creating message to get link statistics; iface = %d", mIfaceInfo->id); int ret = mMsg.create(GOOGLE_OUI, LSTATS_SUBCMD_GET_INFO); if (ret < 0) { @@ -99,7 +99,7 @@ protected: uint32_t total_size = 0, per_radio_size = 0, data_len = 0, rem_len = 0; int num_radios = 0, id = 0, subcmd = 0, len = 0; - // ALOGI("In GetLinkStatsCommand::handleResponse"); + ALOGI("In GetLinkStatsCommand::handleResponse"); if (reply.get_cmd() != NL80211_CMD_VENDOR) { ALOGD("Ignoring reply with cmd = %d", reply.get_cmd()); @@ -126,6 +126,7 @@ protected: } else { ALOGW("Ignoring invalid attribute type = %d, size = %d\n", it.get_type(), it.get_len()); + return NL_SKIP; } } @@ -176,32 +177,6 @@ protected: } (*mHandler.on_link_stats_results)(id, (wifi_iface_stat *)iface_stat, num_radios, (wifi_radio_stat *)radioStatsBuf); - } else { - /* To be deprecated, adding it to keep it backward compatible */ - ALOGD("GetLinkStatCommand: zero radio case\n"); - data = reply.get_vendor_data(); - if (!data) { - ALOGE("Invalid vendor data received\n"); - return NL_SKIP; - } - - num_radios = 1; - data = reply.get_vendor_data(); - len = reply.get_vendor_data_len(); - if (!data || !len) { - ALOGE("Invalid vendor data received\n"); - return NL_SKIP; - } - radio_stat_ptr = - convertToExternalRadioStatStructureLegacy((wifi_radio_stat_internal *)data); - if (!radio_stat_ptr) { - ALOGE("Invalid stats pointer received\n"); - return NL_SKIP; - } - wifi_iface_stat *iface_stat = - (wifi_iface_stat *)((char *)&((wifi_radio_stat_internal *)data)->channels - + radio_stat_ptr->num_channels * sizeof(wifi_channel_stat)); - (*mHandler.on_link_stats_results)(id, iface_stat, num_radios, radio_stat_ptr); } exit: if (radio_stat_ptr) { @@ -247,37 +222,6 @@ private: } return external_stat_ptr; } - - wifi_radio_stat *convertToExternalRadioStatStructureLegacy(wifi_radio_stat_internal *internal_stat_ptr) { - wifi_radio_stat *external_stat_ptr = NULL; - if (!internal_stat_ptr) { - ALOGE("Sta_ptr is null\n"); - } else { - uint32_t channel_size = internal_stat_ptr->num_channels * sizeof(wifi_channel_stat); - uint32_t total_size = sizeof(wifi_radio_stat) + channel_size; - external_stat_ptr = (wifi_radio_stat *)malloc(total_size); - if (external_stat_ptr) { - external_stat_ptr->radio = internal_stat_ptr->radio; - external_stat_ptr->on_time = internal_stat_ptr->on_time; - external_stat_ptr->tx_time = internal_stat_ptr->tx_time; - external_stat_ptr->rx_time = internal_stat_ptr->rx_time; - external_stat_ptr->tx_time_per_levels = NULL; - external_stat_ptr->num_tx_levels = 0; - external_stat_ptr->on_time_scan = internal_stat_ptr->on_time_scan; - external_stat_ptr->on_time_nbd = internal_stat_ptr->on_time_nbd; - external_stat_ptr->on_time_gscan = internal_stat_ptr->on_time_gscan; - external_stat_ptr->on_time_roam_scan = internal_stat_ptr->on_time_roam_scan; - external_stat_ptr->on_time_pno_scan = internal_stat_ptr->on_time_pno_scan; - external_stat_ptr->on_time_hs20 = internal_stat_ptr->on_time_hs20; - external_stat_ptr->num_channels = internal_stat_ptr->num_channels; - if (internal_stat_ptr->num_channels) { - memcpy(&(external_stat_ptr->channels), &(internal_stat_ptr->channels), - channel_size); - } - } - } - return external_stat_ptr; - } }; wifi_error wifi_get_link_stats(wifi_request_id id, |