Fix errors reported after enabling Kernel Control Flow
Integrity (KCFI) on kernel code. This is a security
mechanism that disallows changes to the original
control flow of a compiled binary.
Change-Id: I1e1e901c5889d9928411dc785da88e1eac378560
Signed-off-by: Govindaraj Rajagopal <grajagop@codeaurora.org>
Signed-off-by: Sanjay Singh <sisanj@codeaurora.org>
In error handling, trying to free memory which is not yet
allocated. Fix is added to correct this error handling.
Change-Id: I4e91a95f7ebd9132141d8686ae2bdfaed3a9a8c1
Signed-off-by: Sanjay Singh <sisanj@codeaurora.org>
Signed-off-by: Vasantha Balla <vballa@codeaurora.org>
Add memory barrier after updating queue header variables
to ensure main memory is updated so that video hardware
reads the updated header values.
CRs-Fixed: 2135048
Change-Id: I1a2778bee16c9093284c4d33980e6985c279f499
Signed-off-by: Vikash Garodia <vgarodia@codeaurora.org>
Signed-off-by: Sanjay Singh <sisanj@codeaurora.org>
In fast_smmu_alloc size_t variable size is type casted to int
variable count, this variable count can get truncated and can
result in memory corruption during unmap, make count as size_t
and also add a check for count as sg_alloc_table_from_pages
accepts unsigned int value for count.
Change-Id: I4780a554c5c062fd9dd229e5cc0ac804b1ba31d8
Signed-off-by: Vijayanand Jitta <vjitta@codeaurora.org>
Ensure the count of supported encoder and decoder returned
from firmware are within the range of supported sessions
Change-Id: If3eae7bc82dc8302444e2e4104fb6ae3cfbfed5a
Signed-off-by: Dikshita Agarwal <dikshita@codeaurora.org>
Signed-off-by: Vasantha Balla <vballa@codeaurora.org>
The SVA history buffer is out of order if there are
more than 2 continuous RX buffer done from GLINK. Implement
FIFO to ensure sequence consistency.
Change-Id: If70e2d0160e8f3140d621298b0db03bd89ba88ba
Signed-off-by: Xiaojun Sang <xsang@codeaurora.org>
gadget_driver can become null if gadget_stop is called while any other
gadget callbacks are in progress. As gadget callbacks needs to release
spinlock before the callback, store the local copy of gadget_driver to
avoid the race with gadget_stop.
Change-Id: I7f0cbf9af3e3b286f2826647f08215f29f699de1
Signed-off-by: Mayank Rana <mrana@codeaurora.org>
Signed-off-by: Vijayavardhan Vennapusa <vvreddy@codeaurora.org>
Due to improper type conversion compilation
issue will be seen. Made change to access the
appropriate type.
Change-Id: I54777fe71a2f29297b439ac26f80b9684222d89a
Signed-off-by: E V Ravi <evenka@codeaurora.org>
Due to improper type conversion compilation
issue will be seen. Made change to access the
appropriate type.
Change-Id: I2c61364f0385c83aa304788cc705bf4ca48ac2cc
Signed-off-by: Meera Gande <mgande@codeaurora.org>
In db.txt, update ETSI1 and ETSI13 countries with NO-OUTDOOR flag
for frequency ranges: (5170 - 5250) and (5250 - 5330).
CRs-Fixed: 2379868
Change-Id: I8a9ce955e82b14814ead5f0bf118608ea90cbc53
Signed-off-by: Rajeev Kumar Sirasanagandla <rsirasan@codeaurora.org>
The kernel buffer 'ubuf' can overflow while copying data to user
space in debugfs read functions. Fix it by limiting the length of
data to be copied to userspace.
Change-Id: Ibb3d8c4fb637ddc0e63677ec2dff14a4cf8c0c73
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
A fixed sink PDO request includes both operating current and
max current. Although the max current requested may be greater
than the available source advertisement, as per spec only the
operating current request needs to be considered. The sink will
likely have also set the Capability Mismatch bit as well. Hence,
don't reject the request otherwise the sink will keep
re-requesting and never enter a contract.
Change-Id: Ia15e2e17abe43f2bcbc1fe7011b70ab0e0f5d9eb
Signed-off-by: Jack Pham <jackp@codeaurora.org>
Update country ETSI13 related country's frequency range and tx
power.
Change-Id: Iae27b12df3b36621c395ef9e8a3b1b46461848b6
CRs-Fixed: 2246140
Signed-off-by: Gaole Zhang <gaolez@codeaurora.org>
Per the EU STD. ETSI EN 300 440, sub-band 5725-5875 is
allowed in EU at reduced power of 25 mW. Add the sub-band to
the EU countries that support this sub-band.
CRs-Fixed: 2141740
Change-Id: I0a43e99c4357527f607110faecddd9d0fd444fc6
Signed-off-by: Amar Singhal <asinghal@codeaurora.org>
Signed-off-by: Rajeev Kumar Sirasanagandla <rsirasan@codeaurora.org>
Specify the name of GPU temperature sensor in the device tree.
This name is used to get the sensor's temperature by querying the
thermal driver API.
CRs-Fixed: 1064728
Change-Id: Ia93d93a442aa848cbd42a5fb8ecad5ef875f9abf
Signed-off-by: Harshdeep Dhatt <hdhatt@codeaurora.org>
Signed-off-by: Sunil Khatri <sunilkh@codeaurora.org>
Signed-off-by: Archana Sriram <apsrir@codeaurora.org>
Increase MAX_RESERVED_REGIONS for reserved regions
Change-Id: Ica7f7196d2c10d99a7d134f1036131657753df93
(cherry picked from commit f071e4e0734f90eb1be8c6c3d41cbc60cc46e243)
Android has been benefiting quicker boot from bigger readahead during
boottime than runtime. However, the boottime readahead setting is set
when init is established after treble early mount. This patch will make
readahead bigger by default so early boot can benefit from it. Readahead
will be reset by init on boot_complete.
Bug: 62413151
Test: boot walleye 100ms faster
Change-Id: Ic9dad5666ce3d4836d73afbcee04cfb875f64f5d
Signed-off-by: Wei Wang <wvw@google.com>
Change the VM_MAX_READAHEAD value from the default 128KB to a
configurable value. This will allow the readahead window to grow to a
maximum size bigger than 128KB, which greatly benefits to sequential
read throughput and thus boot performance.
Bug: 62413151
Test: boot walleye 100ms faster
Change-Id: Iad448cf1198056de46654dcb409466802b3b908d
Signed-off-by: Wei Wang <wvw@google.com>
Allocate all memory given to remote subsystem in the kernel
instead of mapping memory allocated in userspace.
Change-Id: I79c1f40d426e271403afa67514714fe6af26cf4e
Acked-by: Thyagarajan Venkatanarayanan <venkatan@qti.qualcomm.com>
Signed-off-by: Tharun Kumar Merugu <mtharu@codeaurora.org>
In certain 802.11 wireless deployments, there will be ARP proxies
that use knowledge of the network to correctly answer requests.
To prevent gratuitous ARP frames on the shared medium from being
a problem, on such deployments wireless needs to drop them.
Enable this by providing an option called "drop_gratuitous_arp".
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
(cherry picked from commit 4078228159c9f54cca7347a8bdace29f2abdef65)
Change-Id: I8772dbd7471085878f8b4161eb2a056d79b8b232
In certain 802.11 wireless deployments, there will be NA proxies
that use knowledge of the network to correctly answer requests.
To prevent unsolicitd advertisements on the shared medium from
being a problem, on such deployments wireless needs to drop them.
Enable this by providing an option called "drop_unsolicited_na".
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
(cherry picked from commit aec215e7aa380fe5f85eb6948766b58bf78cb6c3)
Change-Id: Iad429a767a786087b0985632be44932b2e3fd1a8
In order to solve a problem with 802.11, the so-called hole-196 attack,
add an option (sysctl) called "drop_unicast_in_l2_multicast" which, if
enabled, causes the stack to drop IPv6 unicast packets encapsulated in
link-layer multi- or broadcast frames. Such frames can (as an attack)
be created by any member of the same wireless network and transmitted
as valid encrypted frames since the symmetric key for broadcast frames
is shared between all stations.
Reviewed-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
(cherry picked from commit dede82143bf1bbf92ea73a519bb0298b19c56cb9)
Change-Id: I76c8f84b53e95c40ad3c2b5adac0ec4964cc920c
In order to solve a problem with 802.11, the so-called hole-196 attack,
add an option (sysctl) called "drop_unicast_in_l2_multicast" which, if
enabled, causes the stack to drop IPv4 unicast packets encapsulated in
link-layer multi- or broadcast frames. Such frames can (as an attack)
be created by any member of the same wireless network and transmitted
as valid encrypted frames since the symmetric key for broadcast frames
is shared between all stations.
Additionally, enabling this option provides compliance with a SHOULD
clause of RFC 1122.
Change-Id: I8de9fa5bdbea0556802f2ee553d0e73c1349213e
Reviewed-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Causes freezes and crashes on cheeseburger when using MTP
or switching android usb debugging on/off.
Change-Id: If08cc8a2662122b24c3fd0fcc5d421bb6a84d777
To resolve the timing issue between usb-driver
and android framework, made the change on rndis
ipa to send the usb-connect msg when usb-driver
connect the IPA pipes.
Change-Id: I51de37bc7610cb0a94659c64146f10ed322210b2
Acked-by: Pooja Kumari <kumarip@qti.qualcomm.com>
Signed-off-by: Mohammed Javid <mjavid@codeaurora.org>
Signed-off-by: Skylar Chang <chiaweic@codeaurora.org>
WDSP private data structure is freed in wdsp_glink_release()
but some of the member variables like work_queue pointer is
accessed even after free. Fix this issue by making sure that
glink callback functions are finished execution
before freeing up wdsp private data structure.
Change-Id: Ia4dd9d667109168874dc9188d70741cb9541b0c6
Signed-off-by: Vidyakumar Athota <vathota@codeaurora.org>
Signed-off-by: Ashish Jain <ashishj@codeaurora.org>
