From: Kalle Valo <kvalo@codeaurora.org> To: ath11k@lists.infradead.org Cc: linux-wireless@vger.kernel.org Subject: [PATCH 6/6] ath11k: Fix incorrect tlvs in scan start command Date: Thu, 10 Dec 2020 16:05:24 +0200 [thread overview] Message-ID: <1607609124-17250-7-git-send-email-kvalo@codeaurora.org> (raw) In-Reply-To: <1607609124-17250-1-git-send-email-kvalo@codeaurora.org> From: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org> Currently 6G specific tlvs have duplicate entries which is causing scan failures. Fix this by removing the duplicate entries of the same tlv. This also fixes out-of-bound memory writes caused due to adding tlvs when num_hint_bssid and num_hint_s_ssid are ZEROs. Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.4.0.1-01386-QCAHKSWPL_SILICONZ-1 Fixes: 74601ecfef6e ("ath11k: Add support for 6g scan hint") Reported-by: Carl Huang <cjhuang@codeaurora.org> Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org> Signed-off-by: Kalle Valo <kvalo@codeaurora.org> --- drivers/net/wireless/ath/ath11k/wmi.c | 31 ------------------------------- 1 file changed, 31 deletions(-) diff --git a/drivers/net/wireless/ath/ath11k/wmi.c b/drivers/net/wireless/ath/ath11k/wmi.c index 79b7f991c612..95ebb105dfd7 100644 --- a/drivers/net/wireless/ath/ath11k/wmi.c +++ b/drivers/net/wireless/ath/ath11k/wmi.c @@ -2213,37 +2213,6 @@ int ath11k_wmi_send_scan_start_cmd(struct ath11k *ar, } } - len = params->num_hint_s_ssid * sizeof(struct hint_short_ssid); - tlv = ptr; - tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) | - FIELD_PREP(WMI_TLV_LEN, len); - ptr += TLV_HDR_SIZE; - if (params->num_hint_s_ssid) { - s_ssid = ptr; - for (i = 0; i < params->num_hint_s_ssid; ++i) { - s_ssid->freq_flags = params->hint_s_ssid[i].freq_flags; - s_ssid->short_ssid = params->hint_s_ssid[i].short_ssid; - s_ssid++; - } - } - ptr += len; - - len = params->num_hint_bssid * sizeof(struct hint_bssid); - tlv = ptr; - tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) | - FIELD_PREP(WMI_TLV_LEN, len); - ptr += TLV_HDR_SIZE; - if (params->num_hint_bssid) { - hint_bssid = ptr; - for (i = 0; i < params->num_hint_bssid; ++i) { - hint_bssid->freq_flags = - params->hint_bssid[i].freq_flags; - ether_addr_copy(¶ms->hint_bssid[i].bssid.addr[0], - &hint_bssid->bssid.addr[0]); - hint_bssid++; - } - } - ret = ath11k_wmi_cmd_send(wmi, skb, WMI_START_SCAN_CMDID); if (ret) { -- 2.7.4
WARNING: multiple messages have this Message-ID (diff)
From: Kalle Valo <kvalo@codeaurora.org> To: ath11k@lists.infradead.org Cc: linux-wireless@vger.kernel.org Subject: [PATCH 6/6] ath11k: Fix incorrect tlvs in scan start command Date: Thu, 10 Dec 2020 16:05:24 +0200 [thread overview] Message-ID: <1607609124-17250-7-git-send-email-kvalo@codeaurora.org> (raw) In-Reply-To: <1607609124-17250-1-git-send-email-kvalo@codeaurora.org> From: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org> Currently 6G specific tlvs have duplicate entries which is causing scan failures. Fix this by removing the duplicate entries of the same tlv. This also fixes out-of-bound memory writes caused due to adding tlvs when num_hint_bssid and num_hint_s_ssid are ZEROs. Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.4.0.1-01386-QCAHKSWPL_SILICONZ-1 Fixes: 74601ecfef6e ("ath11k: Add support for 6g scan hint") Reported-by: Carl Huang <cjhuang@codeaurora.org> Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org> Signed-off-by: Kalle Valo <kvalo@codeaurora.org> --- drivers/net/wireless/ath/ath11k/wmi.c | 31 ------------------------------- 1 file changed, 31 deletions(-) diff --git a/drivers/net/wireless/ath/ath11k/wmi.c b/drivers/net/wireless/ath/ath11k/wmi.c index 79b7f991c612..95ebb105dfd7 100644 --- a/drivers/net/wireless/ath/ath11k/wmi.c +++ b/drivers/net/wireless/ath/ath11k/wmi.c @@ -2213,37 +2213,6 @@ int ath11k_wmi_send_scan_start_cmd(struct ath11k *ar, } } - len = params->num_hint_s_ssid * sizeof(struct hint_short_ssid); - tlv = ptr; - tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) | - FIELD_PREP(WMI_TLV_LEN, len); - ptr += TLV_HDR_SIZE; - if (params->num_hint_s_ssid) { - s_ssid = ptr; - for (i = 0; i < params->num_hint_s_ssid; ++i) { - s_ssid->freq_flags = params->hint_s_ssid[i].freq_flags; - s_ssid->short_ssid = params->hint_s_ssid[i].short_ssid; - s_ssid++; - } - } - ptr += len; - - len = params->num_hint_bssid * sizeof(struct hint_bssid); - tlv = ptr; - tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) | - FIELD_PREP(WMI_TLV_LEN, len); - ptr += TLV_HDR_SIZE; - if (params->num_hint_bssid) { - hint_bssid = ptr; - for (i = 0; i < params->num_hint_bssid; ++i) { - hint_bssid->freq_flags = - params->hint_bssid[i].freq_flags; - ether_addr_copy(¶ms->hint_bssid[i].bssid.addr[0], - &hint_bssid->bssid.addr[0]); - hint_bssid++; - } - } - ret = ath11k_wmi_cmd_send(wmi, skb, WMI_START_SCAN_CMDID); if (ret) { -- 2.7.4 -- ath11k mailing list ath11k@lists.infradead.org http://lists.infradead.org/mailman/listinfo/ath11k
next prev parent reply other threads:[~2020-12-10 14:06 UTC|newest] Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-12-10 14:05 [PATCH 0/6] ath11k: QCA6390 stability fixes Kalle Valo 2020-12-10 14:05 ` Kalle Valo 2020-12-10 14:05 ` [PATCH 1/6] ath11k: mhi: print a warning if firmware crashed Kalle Valo 2020-12-10 14:05 ` Kalle Valo 2020-12-12 4:40 ` Kalle Valo 2020-12-12 4:40 ` Kalle Valo 2020-12-10 14:05 ` [PATCH 2/6] ath11k: put hw to DBS using WMI_PDEV_SET_HW_MODE_CMDID Kalle Valo 2020-12-10 14:05 ` Kalle Valo 2020-12-10 14:05 ` [PATCH 3/6] ath11k: pci: fix hot reset stability issues Kalle Valo 2020-12-10 14:05 ` Kalle Valo 2020-12-10 14:05 ` [PATCH 4/6] ath11k: pci: fix L1ss clock unstable problem Kalle Valo 2020-12-10 14:05 ` Kalle Valo 2020-12-10 14:05 ` [PATCH 5/6] ath11k: pci: disable VDD4BLOW Kalle Valo 2020-12-10 14:05 ` Kalle Valo 2020-12-10 22:04 ` Peter Oh 2020-12-10 22:04 ` Peter Oh 2020-12-11 6:31 ` Kalle Valo 2020-12-11 6:31 ` Kalle Valo 2020-12-10 14:05 ` Kalle Valo [this message] 2020-12-10 14:05 ` [PATCH 6/6] ath11k: Fix incorrect tlvs in scan start command Kalle Valo 2020-12-10 14:14 ` [PATCH 0/6] ath11k: QCA6390 stability fixes Kalle Valo
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=1607609124-17250-7-git-send-email-kvalo@codeaurora.org \ --to=kvalo@codeaurora.org \ --cc=ath11k@lists.infradead.org \ --cc=linux-wireless@vger.kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.