Any direct reference to adapter->vdev outside the initial
assignment should use get/put to properly refer the vdev.
core/hdd/src/wlan_hdd_ioctl.c
core/hdd/src/wlan_hdd_station_info.c
os_if/interop_issues_ap/src/wlan_cfg80211_interop_issues_ap.c
Change-Id: I897ee8ac2a4816b91ed48e2c32e97540430c5520
CRs-Fixed: 2714025
The change If6d559a3aa7b8719a515e00e271e313c02f8135f has modified
few attribute types from NLA_UNSPEC to NLA_BINARY. But NLA_BINARY
validates only for max length and doesn't validate min length.
This could cause buffer overread if userspace sends less data as
the driver reads fixed length(e.g. 6 bytes for mac_addr) always.
Use VENDOR_NLA_POLICY_MAC_ADDR(NLA_POLICY_ETH_ADDR) or
NLA_EXACT_LEN instead of NLA_UNSPEC which validates for
exact length.
Change-Id: I92cc29716dff29037d14ffd2e269761149c7f74b
CRs-Fixed: 2700695
NLA_UNSPEC usage is restricted from kernel version 5.4 by adding
a strict check while validating the nla_policy. The advantage
of this is that types not specified in the policy will be
rejected.
Driver can give exception to NLA_UNSPEC by setting
strict_start_type in the policy of a vendor command to NLA_U8
or some greater value. But it's better to set the type to a
valid type so that kernel can validate.
So, use NLA_BINARY with valid length instead of NLA_UNSPEC.
Change-Id: If6d559a3aa7b8719a515e00e271e313c02f8135f
CRs-Fixed: 2692293
In the function __wlan_cfg80211_set_interop_issues_ap_config the
adapter->vdev pointer is being passed to fetch the psoc without any
prior NULL check. This can lead to NULL pointer dereference.
Add a NULL sanity check before performing action based on adapter->vdev
CRs-Fixed: 2681524
Change-Id: I0c58a3a263fe5166e0c13a5f866f4bccfa031086
According to new changes in kernel 5.4 version onwards, driver has to
provide the policy for a NL command to be verified against while
registering wiphy to the kernel.
To satisfy kernel 5.4 requirement add policy to following vendor
command as part of this change:
QCA_NL80211_VENDOR_SUBCMD_INTEROP_ISSUES_AP
Change-Id: I7cce1632efed4cbb3c431c449bf82ec8353b4bb2
CRs-Fixed: 2635041
Change Id3273498f623d04beec879aa9d77c1d33986357a ("qcacmn: Rename OSIF
logging macros") is renaming the OSIF logging macros, so update the
legacy OSIF to use the new names.
Change-Id: I73d4214c9fecc435f9ac8c9f79560aa36333d311
CRs-Fixed: 2469498
Implement the interface to transfer the info between
host driver and firmware about the ap which has interop
issues with the DUT. It is detected by firmware and
forwarded to user sapce for persistent storage. And
user space configs these APs to firmware when the DUT
starts up next time.
CRs-Fixed: 2425202
Change-Id: I2e828d521f0e04862a01fa1c90626f51b7f65796
