Merge commit '954f3a807213fa425bb7d49ab4a793e5201ccc18' into sc-platform-merge
Change-Id: Iae7caf9c421079cd3742f1dbc8514311dd0f6f67
diff --git a/bcmdhd/wifi_hal/wifi_hal.cpp b/bcmdhd/wifi_hal/wifi_hal.cpp
index 0ba633b..d3ffe57 100755
--- a/bcmdhd/wifi_hal/wifi_hal.cpp
+++ b/bcmdhd/wifi_hal/wifi_hal.cpp
@@ -66,6 +66,7 @@
#define WIFI_HAL_CMD_SOCK_PORT 644
#define WIFI_HAL_EVENT_SOCK_PORT 645
#define MAX_VIRTUAL_IFACES 5
+#define WIFI_HAL_EVENT_BUFFER_NOT_AVAILABLE 105
/*
* Defines for wifi_wait_for_driver_ready()
@@ -747,6 +748,10 @@
ssize_t result2 = TEMP_FAILURE_RETRY(read(pfd[0].fd, buf, sizeof(buf)));
ALOGE("Read after POLL returned %zd, error no = %d (%s)", result2,
errno, strerror(errno));
+ if (errno == WIFI_HAL_EVENT_BUFFER_NOT_AVAILABLE) {
+ ALOGE("Exit, No buffer space");
+ break;
+ }
} else if (pfd[0].revents & POLLHUP) {
ALOGE("Remote side hung up");
break;
diff --git a/bcmdhd/wifi_hal/wifi_logger.cpp b/bcmdhd/wifi_hal/wifi_logger.cpp
index a9f9506..440d9ba 100755
--- a/bcmdhd/wifi_hal/wifi_logger.cpp
+++ b/bcmdhd/wifi_hal/wifi_logger.cpp
@@ -419,7 +419,7 @@
}
int start() {
- // ALOGD("Start debug command");
+ ALOGD("Start debug command");
WifiRequest request(familyId(), ifaceId());
int result = createRequest(request);
if (result != WIFI_SUCCESS) {
@@ -435,7 +435,7 @@
}
virtual int handleResponse(WifiEvent& reply) {
- ALOGD("In DebugCommand::handleResponse");
+ ALOGD("In DebugCommand::handleResponse, mType:%d\n", mType);
if (reply.get_cmd() != NL80211_CMD_VENDOR) {
ALOGD("Ignoring reply with cmd = %d", reply.get_cmd());
@@ -490,9 +490,15 @@
it.next();
for (unsigned int i = 0; it.has_next() && i < *mNumRings; it.next()) {
if (it.get_type() == LOGGER_ATTRIBUTE_RING_STATUS) {
- memcpy(status, it.get_data(), sizeof(wifi_ring_buffer_status));
- i++;
- status++;
+ if (it.get_len() > sizeof(wifi_ring_buffer_status)) {
+ ALOGE("ring status unexpected len = %d, dest len = %lu",
+ it.get_len(), sizeof(wifi_ring_buffer_status));
+ return NL_SKIP;
+ } else {
+ memcpy(status, it.get_data(), sizeof(wifi_ring_buffer_status));
+ i++;
+ status++;
+ }
} else {
ALOGW("Ignoring invalid attribute type = %d, size = %d",
it.get_type(), it.get_len());
@@ -699,16 +705,23 @@
return NL_SKIP;
}
- if(event_id == GOOGLE_DEBUG_RING_EVENT) {
+ if (event_id == GOOGLE_DEBUG_RING_EVENT) {
wifi_ring_buffer_status status;
memset(&status, 0, sizeof(status));
for (nl_iterator it(vendor_data); it.has_next(); it.next()) {
if (it.get_type() == LOGGER_ATTRIBUTE_RING_STATUS) {
- memcpy(&status, it.get_data(), sizeof(status));
+ if (it.get_len() > sizeof(wifi_ring_buffer_status)) {
+ ALOGE("SetLogHandler: ring status unexpected len = %d, dest len = %lu",
+ it.get_len(), sizeof(wifi_ring_buffer_status));
+ return NL_SKIP;
+ } else {
+ memcpy(&status, it.get_data(), sizeof(wifi_ring_buffer_status));
+ }
} else if (it.get_type() == LOGGER_ATTRIBUTE_RING_DATA) {
buffer_size = it.get_len();
buffer = (char *)it.get_data();
+ ALOGV("SetLogHandler: ring data size = %d", buffer_size);
} else {
ALOGW("Ignoring invalid attribute type = %d, size = %d",
it.get_type(), it.get_len());