DCI command buffer reallocation is not done properly with
required capacity. The patch reallocates the same buffer and
updated capacity properly with header and response length.
Bug: 129549913
Bug: 144528162
Bug: 140423420
Change-Id: I7b5fd132b9241d0f1493bcb602a6b361e4ad9a04
Signed-off-by: Hardik Arya <harya@codeaurora.org>
Proper buffer length check is missing for dci userspace data
buffer before processing the dci transaction. The patch adds
proper check for the same.
Change-Id: I68c0e8c41d4e05493adecf8a1fcacea708dfafa2
Signed-off-by: Hardik Arya <harya@codeaurora.org>
In diagchar_open() protect the decrement of number of diag clients
so that there will be no race conditions while reading the value
from other functions.
Bug: 79421261
Change-Id: I0e2fb5331eec9c7bba39e7d881b69559256833a3
Signed-off-by: Sreelakshmi Gownipalli <sgownipa@codeaurora.org>
when comparing a signed value vs sizeof, make sure
it's >= 0 so that when promoted to signed for comparison
it won't lead to unexpected results.
Bug: 70528036
Change-Id: I99a1220598e67e3ce5c99d425e84c79639121838
Signed-off-by: Andrew Chant <achant@google.com>
Add correct conditional check for len in dci_process_ctrl_status() to
prevent buffer overflow.
Bug: 70528036
Change-Id: Id73ed1c8b104428eceef0544ce2858160cc08fd2
Signed-off-by: Sreelakshmi Gownipalli <sgownipa@codeaurora.org>
There a possibility of out-of-bound read because of not
validating source buffer length against length that about
to be copied. The patch adds proper check for validating
length before copying data
Bug: 70399602
CRs-Fixed: 2163793
Change-Id: I7c93839d0c4d83024ce23a0ce494d09dd08567a9
Signed-off-by: Hardik Arya <harya@codeaurora.org>
Currently, while de-initializing clients, there is
a possibility of using already freed memory. The
patch adds proper protection to fix the issue.
CRs-Fixed: 2068569
Bug: 68870904
Change-Id: I4b397a82e03fa2f1c84cfa8ca912cdb6a51ba08b
Signed-off-by: Mohit Aggarwal <maggarwa@codeaurora.org>
Unserialized access to diag_dbgfs_dci_data_index can lead to
heap overflow. Add mutex protection while updating the
diag_dbgfs_dci_data_index.
Bug: 70237704
Change-Id: Iee9d0447494e3576e6293afcd4d7611bc429aa8a
Signed-off-by: Sreelakshmi Gownipalli <sgownipa@codeaurora.org>
Currently, protection is missing when querying event
status due to which already removed dci client entry
might be accessed. This patch takes care of issue by
taking proper locking.
CRs-Fixed: 2015892
Bug: 62378232
Change-Id: I4195c4c6198d85e96559f1728d74419527a76bc5
Signed-off-by: Mohit Aggarwal <maggarwa@codeaurora.org>
Currently while extracting events and logs information from
the data read over peripherals, the clients details are accessed
without mutex protection. As the client access may happen from
multiple context, mutex protection is needed. This patch
resolves the same.
Bug: 62378232
Change-Id: I9bd115e1cd9eebc625f4a68854d554ff874d866d
Signed-off-by: Katish Paran <kparan@codeaurora.org>
Currently, while de-initializing dci clients, there is
a possibility to access stale entries. This patch fixes
this issue by adding proper protection mechanism.
CRs-Fixed: 961469
Bug: 62378232
Change-Id: I829c9497eeb356662a6531592c66108e615ce6e4
Signed-off-by: Mohit Aggarwal <maggarwa@codeaurora.org>
Signed-off-by: Manoj Prabhu B <bmanoj@codeaurora.org>
This fix removes dependency between real time message mask
table and build time message mask table. Also this fix
synchronizes retrieval and modification of real time message
mask table
CRs-Fixed: 2015227
Bug: 62378962
Change-Id: Id0a0964337ec4645d7061fc35120dfa061a990ff
Signed-off-by: Gopikrishna Mogasati <gmogas@codeaurora.org>
Signed-off-by: Paresh Purabhiya <ppurab@codeaurora.org>
Signed-off-by: Dennis Cagle <d-cagle@codeaurora.org>
(cherry picked from commit ec46adf67ac36ab39feff508f6ec42cb703b8571)
Add check in order to fix possible integer underflow
during HDLC encoding which may lead to buffer
overflow. Also added check for packet length to
avoid buffer overflow.
Bug: 28767796
Change-Id: Iac02fc099792ec055c530afe24012486f3a065a5
Signed-off-by: Mohit Aggarwal <maggarwa@codeaurora.org>
Signed-off-by: Yuan Lin <yualin@google.com>
(cherry picked from commit 82c05c105c)
Diag maintains a buffer table in MEMORY_DEVICE_MODE for draining data
to userspace. Ensure that there are no duplicates while adding buffers
to this table. Also, remove an instance where the buffer used value
is incorrectly set as 0.
Change-Id: Idcfaed210ebb085b5086883375a2655dede10ba2
Signed-off-by: Ravi Aravamudhan <aravamud@codeaurora.org>
Diag driver has to support a new command for retrieving the
mobile id of the target. The response contains the chip family.
Change-Id: I2e12dd6834f8be95688678286e360c4e75af9524
Signed-off-by: Sreelakshmi Gownipalli <sgownipa@codeaurora.org>
In usb_connect() check whether the usb is connected before allocating
any usb read and write requests.
Change-Id: I3873dd2b5e98d9e9adbdf0cff3e0a5b0399f620d
Signed-off-by: Sreelakshmi Gownipalli <sgownipa@codeaurora.org>
Diag driver holds on to the socket process task structure even
after signaling the process to exit. This patch clears the internal
handle after signaling.
Change-Id: I642fb595fc2caebc6f2f5419efed4fb560e4e4db
Signed-off-by: Ravi Aravamudhan <aravamud@codeaurora.org>
Add support for voting active mask in callback mode and
support NRT mode in all the memory device modes.
Change-Id: Iacc81079c984e9ac9a48d56bcccdd6a5c5aa7a79
Signed-off-by: Sreelakshmi Gownipalli <sgownipa@codeaurora.org>
MSM8929 is a new device. Add diag support for sending
appropriate model number for MSM8929 so that QPST
can display the appropriate string.
Change-Id: I4e92f5a114b542083178fdb8d68f95990f741bee
Signed-off-by: Mohit Aggarwal <maggarwa@codeaurora.org>
Currently, mask_size gets accumulated when all the masks
are enabled. This patch updates the mask_size properly
before sending the mask updates.
Change-Id: I6564b387aa591b0b0170b92e808817f5f562897d
Signed-off-by: Mohit Aggarwal <maggarwa@codeaurora.org>
Tellurium is a new device. This patch adds the model number for
Tellurium so that QPST can display appropraite string.
Change-Id: I9541244941bf400fa81b5750abcfd5ee3a672ef0
Signed-off-by: Katish Paran <kparan@codeaurora.org>
Currently while running event stress commands without payload
the parsing for the last event report is not being done. This
leads to less number of events reported. This patch ensures that
the parsing happens till the end, for events with or without
payload.
Change-Id: I785ac431a40327896534b6389ff09c6ffc481546
Signed-off-by: Katish Paran <kparan@codeaurora.org>
MSM8992 is a new device. Add diag support for sending
the model number for MSM8992 so that QPST
can display the appropriate string.
Change-Id: I11570464c0e3cf9af7a0794901505e3cb9af2b92
Signed-off-by: Sreelakshmi Gownipalli <sgownipa@codeaurora.org>
Currently, there are few smd events which are not processed by
diag driver. This leads to the pile of responses committed by
peripherals over the DIAG_CMD channel. This patch continues to
read the DIAG_CMD channel until there is data on that channel.
Change-Id: Ie9c6c84f9f4fd3dc664e46871032def6d894b73c
Signed-off-by: Katish Paran <kparan@codeaurora.org>
Check if usb is connected before writing to USB so
that there is no race condition between usb_connected
variable update when usb is disconnected and
the time when we actually read the usb_connected variable.
Change-Id: I19135b0f7d1eb70e0aaa2be3beb62408aded34c2
Signed-off-by: Sreelakshmi Gownipalli <sgownipa@codeaurora.org>
In case of usb disconnect, the logging mode needs to be checked
accordingly to decide whether the data needs to be read over
peripherals or not. In case of memory device mode the data needs
to be read continuoulsy over smd channel even if the usb is
disconnected.
Change-Id: I963740bc3b66a77c2ef68a2c58b48a5c7ed0ab0b
Signed-off-by: Katish Paran <kparan@codeaurora.org>
Diag driver on Apps opens the remote DCI channels on remote ASICs
irrespective of the remote side support. Add a handshaking
mechanism that closes the DCI channel if handshaking fails.
Change-Id: I92bb0c6f2c8363bc3fd45d3c60bd9e79e7a216f0
Signed-off-by: Ravi Aravamudhan <aravamud@codeaurora.org>
Certain objects in the diag driver can be flagged falsely as
memory leaks. These objects will be freed when the driver exits.
This patch marks these objects as non-leaks.
Change-Id: Idcb3f97f5ec499ebb2da3ab6e1579128cad87c00
Signed-off-by: Ravi Aravamudhan <aravamud@codeaurora.org>
Certain objects in the diag driver can be flagged falsely as
memory leaks. These objects will be freed when the driver exits.
This patch marks these objects as non-leaks.
Change-Id: I7c3ac8ac1fb9b54d8f1da62eed518669b7c663b0
Signed-off-by: Ravi Aravamudhan <aravamud@codeaurora.org>
Currently while writing data to the peripherals over dci channel,
invalid channel access may happen. This patch add an error check
for such case.
Change-Id: I6a7bdb9c75c4863394dcab12b41387b081c2329f
Signed-off-by: Katish Paran <kparan@codeaurora.org>
This patch adds support for Diag with MHI as the transport layer
in fused ASICs.
Change-Id: I3781cf632711e778b75a7a24db373226464f9201
Signed-off-by: Ravi Aravamudhan <aravamud@codeaurora.org>
Currently the size of the buffer table in diag memory device mode
is set to a predefined value. This patch makes the size of the
buffer table consistent with the maximum number of buffers
possible.
Change-Id: I51313499f7bbe85b589605b7c3b27e27573d1684
Signed-off-by: Ravi Aravamudhan <aravamud@codeaurora.org>
Rename all device tree files and usages of msmferrum
to its official name msm8909.
Change-Id: Ie17e62046ed8b9626a59e393076a3ff00934c0fe
Signed-off-by: Kishan Kumar <kishank@codeaurora.org>
Add kmemleak_not_leak check in diagchar initialization to
avoid memleaks since this is not a leak case.
Change-Id: I72e208ec88f75d549458508e9f83d6af07c49a78
Signed-off-by: Katish Paran <kparan@codeaurora.org>
Diag driver sets the flag for usb connection irrespective of the
different logging modes. This patch sets the usb connection flag
only when Diag is streaming in USB mode.
Change-Id: I23f66c09242ca74b38f06700f21398f748856b41
Signed-off-by: Ravi Aravamudhan <aravamud@codeaurora.org>
Diag driver was setting the value of item number for a log equipment
id incorrectly. The item number should be set to the minimum of
the number of supported items and the requested items.
Change-Id: I558d4af14c2eefb0c53e432ed9056ca15406aa7d
Signed-off-by: Ravi Aravamudhan <aravamud@codeaurora.org>
Diag driver is currently checking the length of the received packet
incorrectly in callback mode. This patch fixes this issue.
Change-Id: I0544e1e0a665d9f764a88a19285abdccd7477714
Signed-off-by: Ravi Aravamudhan <aravamud@codeaurora.org>
On receiving the response from peripherals for the sent command
DCI traverses and deletes from the list. The list is not lock
protected while traversal or deletion. This patch resolves the
same.
Change-Id: Ie93f3e035b35c4d39f1e19f9c42a48f4147fe145
CRs-Fixed: 715663
Signed-off-by: Katish Paran <kparan@codeaurora.org>
This patch ratelimits printing of smd write failure dmesg for diag
commands that cannot be sent to the peripherals.
Change-Id: I68937ca6ccf9f1a5a49bbfac3779d3d530dbc78a
CRs-Fixed: 707938
Signed-off-by: Ravi Aravamudhan <aravamud@codeaurora.org>