From 592f6f4174f9dcb5d0e6a6ed68a1c464fc4c5c34 Mon Sep 17 00:00:00 2001 From: Rongjun Chen Date: Tue, 18 Sep 2018 15:49:44 +0800 Subject: [PATCH] wifi: fix wext cmd ioctl fail issue Change-Id: Ie4d2202a4601b15b17a351a8d51c0cd62fce7ec8 --- bcmdhd.1.579.77.41.1.cn/dhd_linux.c | 43 ++++++++++++++----- bcmdhd.1.579.77.41.1.cn/include/usbrdl.h | 0 .../include/wlioctl_defs.h | 1 + bcmdhd.1.579.77.41.1.cn/wl_iw.c | 6 ++- 4 files changed, 38 insertions(+), 12 deletions(-) mode change 100755 => 100644 bcmdhd.1.579.77.41.1.cn/include/usbrdl.h diff --git a/bcmdhd.1.579.77.41.1.cn/dhd_linux.c b/bcmdhd.1.579.77.41.1.cn/dhd_linux.c index 2bf3709..e3b6eb5 100644 --- a/bcmdhd.1.579.77.41.1.cn/dhd_linux.c +++ b/bcmdhd.1.579.77.41.1.cn/dhd_linux.c @@ -7987,17 +7987,35 @@ dhd_ioctl_entry(struct net_device *net, struct ifreq *ifr, int cmd) goto done; } ioc.cmd = compat_ioc.cmd; - ioc.buf = compat_ptr(compat_ioc.buf); - ioc.len = compat_ioc.len; - ioc.set = compat_ioc.set; - ioc.used = compat_ioc.used; - ioc.needed = compat_ioc.needed; - /* To differentiate between wl and dhd read 4 more byes */ - if ((copy_from_user(&ioc.driver, (char *)ifr->ifr_data + sizeof(compat_wl_ioctl_t), - sizeof(uint)) != 0)) { - bcmerror = BCME_BADADDR; - goto done; - } + if (ioc.cmd & WLC_SPEC_FLAG) { + memset(&ioc, 0, sizeof(ioc)); + /* Copy the ioc control structure part of ioctl request */ + if (copy_from_user(&ioc, ifr->ifr_data, sizeof(wl_ioctl_t))) { + bcmerror = BCME_BADADDR; + goto done; + } + ioc.cmd &= ~WLC_SPEC_FLAG; /* Clear the FLAG */ + + /* To differentiate between wl and dhd read 4 more byes */ + if ((copy_from_user(&ioc.driver, (char *)ifr->ifr_data + sizeof(wl_ioctl_t), + sizeof(uint)) != 0)) { + bcmerror = BCME_BADADDR; + goto done; + } + + } else { /* ioc.cmd & WLC_SPEC_FLAG */ + ioc.buf = compat_ptr(compat_ioc.buf); + ioc.len = compat_ioc.len; + ioc.set = compat_ioc.set; + ioc.used = compat_ioc.used; + ioc.needed = compat_ioc.needed; + /* To differentiate between wl and dhd read 4 more byes */ + if ((copy_from_user(&ioc.driver, (char *)ifr->ifr_data + sizeof(compat_wl_ioctl_t), + sizeof(uint)) != 0)) { + bcmerror = BCME_BADADDR; + goto done; + } + } /* ioc.cmd & WLC_SPEC_FLAG */ } else #endif /* CONFIG_COMPAT */ { @@ -8006,6 +8024,9 @@ dhd_ioctl_entry(struct net_device *net, struct ifreq *ifr, int cmd) bcmerror = BCME_BADADDR; goto done; } +#ifdef CONFIG_COMPAT + ioc.cmd &= ~WLC_SPEC_FLAG; /* make sure it was clear when it isn't a compat task*/ +#endif /* To differentiate between wl and dhd read 4 more byes */ if ((copy_from_user(&ioc.driver, (char *)ifr->ifr_data + sizeof(wl_ioctl_t), diff --git a/bcmdhd.1.579.77.41.1.cn/include/usbrdl.h b/bcmdhd.1.579.77.41.1.cn/include/usbrdl.h old mode 100755 new mode 100644 diff --git a/bcmdhd.1.579.77.41.1.cn/include/wlioctl_defs.h b/bcmdhd.1.579.77.41.1.cn/include/wlioctl_defs.h index 658d94e..8038588 100644 --- a/bcmdhd.1.579.77.41.1.cn/include/wlioctl_defs.h +++ b/bcmdhd.1.579.77.41.1.cn/include/wlioctl_defs.h @@ -828,6 +828,7 @@ #define WLC_DUMP_RATESET 322 #define WLC_ECHO 323 #define WLC_LAST 324 +#define WLC_SPEC_FLAG 0x80000000 /* For some special IOCTL */ #ifndef EPICTRL_COOKIE #define EPICTRL_COOKIE 0xABADCEDE #endif diff --git a/bcmdhd.1.579.77.41.1.cn/wl_iw.c b/bcmdhd.1.579.77.41.1.cn/wl_iw.c index 0c6b395..5cae9f8 100644 --- a/bcmdhd.1.579.77.41.1.cn/wl_iw.c +++ b/bcmdhd.1.579.77.41.1.cn/wl_iw.c @@ -244,7 +244,11 @@ dev_wlc_ioctl( int ret; memset(&ioc, 0, sizeof(ioc)); +#ifdef CONFIG_COMPAT + ioc.cmd = cmd | WLC_SPEC_FLAG; +#else ioc.cmd = cmd; +#endif ioc.buf = arg; ioc.len = len; @@ -728,7 +732,7 @@ wl_iw_get_range( dwrq->length = sizeof(struct iw_range); memset(range, 0, sizeof(*range)); - + memset(channels, 0, sizeof(channels)); /* We don't use nwids */ range->min_nwid = range->max_nwid = 0; -- 2.20.1