lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20231128083115.613235-8-yu-hao.lin@nxp.com>
Date:   Tue, 28 Nov 2023 16:31:10 +0800
From:   David Lin <yu-hao.lin@....com>
To:     linux-wireless@...r.kernel.org
Cc:     linux-kernel@...r.kernel.org, briannorris@...omium.org,
        kvalo@...nel.org, francesco@...cini.it, tsung-hsien.hsieh@....com,
        David Lin <yu-hao.lin@....com>
Subject: [PATCH v7 07/12] wifi: mwifiex: fixed TLV error for station add cmd.

TLV commands setting for host command HostCmd_CMD_ADD_NEW_STATION is
not correct. This issue will set wrong station information to firmware.

Without this patch, transmission will get 50-70% low throughput for host
mlme AP mode.

Signed-off-by: David Lin <yu-hao.lin@....com>
---
 .../net/wireless/marvell/mwifiex/uap_cmd.c    | 52 +++++++++----------
 1 file changed, 25 insertions(+), 27 deletions(-)

diff --git a/drivers/net/wireless/marvell/mwifiex/uap_cmd.c b/drivers/net/wireless/marvell/mwifiex/uap_cmd.c
index c1133da28bc6..eb7e39146b8a 100644
--- a/drivers/net/wireless/marvell/mwifiex/uap_cmd.c
+++ b/drivers/net/wireless/marvell/mwifiex/uap_cmd.c
@@ -809,7 +809,7 @@ static int mwifiex_cmd_uap_add_station(struct mwifiex_private *priv,
 	u8 qos_capa;
 	u16 header_len = sizeof(struct mwifiex_ie_types_header);
 	u16 tlv_len;
-	struct mwifiex_ie_types_header *tlv;
+	struct mwifiex_ie_types_data *tlv;
 	struct mwifiex_ie_types_sta_flag *sta_flag;
 	int i;
 
@@ -846,45 +846,44 @@ static int mwifiex_cmd_uap_add_station(struct mwifiex_private *priv,
 	cmd->size += sizeof(struct mwifiex_ie_types_sta_flag);
 
 	if (params->ext_capab_len) {
-		tlv = (struct mwifiex_ie_types_header *)pos;
-		tlv->type = cpu_to_le16(WLAN_EID_EXT_CAPABILITY);
+		tlv = (struct mwifiex_ie_types_data *)pos;
+		tlv->header.type = cpu_to_le16(WLAN_EID_EXT_CAPABILITY);
 		tlv_len = params->ext_capab_len;
-		tlv->len = cpu_to_le16(tlv_len);
-		memcpy(tlv + header_len, params->ext_capab, tlv_len);
+		tlv->header.len = cpu_to_le16(tlv_len);
+		memcpy(tlv->data, params->ext_capab, tlv_len);
 		pos += (header_len + tlv_len);
 		cmd->size += (header_len + tlv_len);
 	}
 
 	if (params->link_sta_params.supported_rates_len) {
-		tlv = (struct mwifiex_ie_types_header *)pos;
-		tlv->type = cpu_to_le16(WLAN_EID_SUPP_RATES);
+		tlv = (struct mwifiex_ie_types_data *)pos;
+		tlv->header.type = cpu_to_le16(WLAN_EID_SUPP_RATES);
 		tlv_len = params->link_sta_params.supported_rates_len;
-		tlv->len = cpu_to_le16(tlv_len);
-		memcpy(tlv + header_len,
+		tlv->header.len = cpu_to_le16(tlv_len);
+		memcpy(tlv->data,
 		       params->link_sta_params.supported_rates, tlv_len);
 		pos += (header_len + tlv_len);
 		cmd->size += (header_len + tlv_len);
 	}
 
 	if (params->uapsd_queues || params->max_sp) {
-		tlv = (struct mwifiex_ie_types_header *)pos;
-		tlv->type = cpu_to_le16(WLAN_EID_QOS_CAPA);
+		tlv = (struct mwifiex_ie_types_data *)pos;
+		tlv->header.type = cpu_to_le16(WLAN_EID_QOS_CAPA);
 		tlv_len = sizeof(qos_capa);
-		tlv->len = cpu_to_le16(tlv_len);
+		tlv->header.len = cpu_to_le16(tlv_len);
 		qos_capa = params->uapsd_queues | (params->max_sp << 5);
-		memcpy(tlv + header_len, &qos_capa, tlv_len);
+		memcpy(tlv->data, &qos_capa, tlv_len);
 		pos += (header_len + tlv_len);
 		cmd->size += (header_len + tlv_len);
 		sta_ptr->is_wmm_enabled = 1;
 	}
 
 	if (params->link_sta_params.ht_capa) {
-		tlv = (struct mwifiex_ie_types_header *)pos;
-		tlv->type = cpu_to_le16(WLAN_EID_HT_CAPABILITY);
+		tlv = (struct mwifiex_ie_types_data *)pos;
+		tlv->header.type = cpu_to_le16(WLAN_EID_HT_CAPABILITY);
 		tlv_len = sizeof(struct ieee80211_ht_cap);
-		tlv->len = cpu_to_le16(tlv_len);
-		memcpy(tlv + header_len, params->link_sta_params.ht_capa,
-		       tlv_len);
+		tlv->header.len = cpu_to_le16(tlv_len);
+		memcpy(tlv->data, params->link_sta_params.ht_capa, tlv_len);
 		pos += (header_len + tlv_len);
 		cmd->size += (header_len + tlv_len);
 		sta_ptr->is_11n_enabled = 1;
@@ -896,23 +895,22 @@ static int mwifiex_cmd_uap_add_station(struct mwifiex_private *priv,
 	}
 
 	if (params->link_sta_params.vht_capa) {
-		tlv = (struct mwifiex_ie_types_header *)pos;
-		tlv->type = cpu_to_le16(WLAN_EID_VHT_CAPABILITY);
+		tlv = (struct mwifiex_ie_types_data *)pos;
+		tlv->header.type = cpu_to_le16(WLAN_EID_VHT_CAPABILITY);
 		tlv_len = sizeof(struct ieee80211_vht_cap);
-		tlv->len = cpu_to_le16(tlv_len);
-		memcpy(tlv + header_len, params->link_sta_params.vht_capa,
-		       tlv_len);
+		tlv->header.len = cpu_to_le16(tlv_len);
+		memcpy(tlv->data, params->link_sta_params.vht_capa, tlv_len);
 		pos += (header_len + tlv_len);
 		cmd->size += (header_len + tlv_len);
 		sta_ptr->is_11ac_enabled = 1;
 	}
 
 	if (params->link_sta_params.opmode_notif_used) {
-		tlv = (struct mwifiex_ie_types_header *)pos;
-		tlv->type = cpu_to_le16(WLAN_EID_OPMODE_NOTIF);
+		tlv = (struct mwifiex_ie_types_data *)pos;
+		tlv->header.type = cpu_to_le16(WLAN_EID_OPMODE_NOTIF);
 		tlv_len = sizeof(u8);
-		tlv->len = cpu_to_le16(tlv_len);
-		memcpy(tlv + header_len, params->link_sta_params.opmode_notif,
+		tlv->header.len = cpu_to_le16(tlv_len);
+		memcpy(tlv->data, params->link_sta_params.opmode_notif,
 		       tlv_len);
 		pos += (header_len + tlv_len);
 		cmd->size += (header_len + tlv_len);
-- 
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ