From b675eef0ea2da386e35ee9f3a9d158a90c84c4e9 Mon Sep 17 00:00:00 2001 From: cj-elijus-vilkas <101334820+cj-elijus-vilkas@users.noreply.github.com> Date: Wed, 10 Jun 2026 08:47:36 +0300 Subject: [PATCH 1/3] RDKB-64184, RDKB-65468, RDKB-64928 : 26.1.3 WDA update (#87) Reason for change: Fixes the OOB access in vap_subs_indexes on 6GHz radios Test Procedure: 1) CcspAdvSecuritySsp process crash should not be seen. Risks: Low Priority: P1 Signed-off-by: Elijus_Vilkas2@comcast.com Co-authored-by: SanthoshGujulvajagadeesh <68006718+SanthoshGujulvajagadeesh@users.noreply.github.com> --- source/AdvSecurityDml/cujoagent_dcl_api.c | 77 ++++++++++++++--------- 1 file changed, 46 insertions(+), 31 deletions(-) diff --git a/source/AdvSecurityDml/cujoagent_dcl_api.c b/source/AdvSecurityDml/cujoagent_dcl_api.c index f28935a..b2ab701 100644 --- a/source/AdvSecurityDml/cujoagent_dcl_api.c +++ b/source/AdvSecurityDml/cujoagent_dcl_api.c @@ -1560,13 +1560,29 @@ static void cujoagent_new_station_event( hash_map_t *assoc_dev_map = NULL; assoc_dev_data_t *assoc_dev_data = NULL; wifi_interface_name_idex_map_t *iface_map = NULL; + int vap_array_index = 0; /* Count clients across _all_ VAPs of interest */ *station_update_event_size = sizeof(struct cujo_fpc_wifi_station_event); for (unsigned int i = 0; i < consumer->hal_cap.wifi_prop.numRadios; i++) { for (unsigned int j = 0; j < consumer->vap_subs_count; j++) { + iface_map = cujoagent_iface_property( + &consumer->hal_cap.wifi_prop, consumer->vap_subs_indexes[j]); + if (!iface_map) { + CcspTraceError(("Couldn't find interface map for VAP index [%u]\n", + consumer->vap_subs_indexes[j])); + continue; + } + if (iface_map->rdk_radio_index != i) { + continue; + } + vap_array_index = + cujoagent_vap_array_index(&consumer->hal_cap.wifi_prop, iface_map); + if (vap_array_index < 0) { + continue; + } assoc_dev_map = consumer->radios[i] - .vaps.rdk_vap_array[consumer->vap_subs_indexes[j]] + .vaps.rdk_vap_array[vap_array_index] .associated_devices_map; if (assoc_dev_map) { assoc_dev_count = hash_map_count(assoc_dev_map); @@ -1586,28 +1602,25 @@ static void cujoagent_new_station_event( /* Populate the station update event with the list of _all_ connected clients */ for (unsigned int i = 0, offset = 0; i < consumer->hal_cap.wifi_prop.numRadios; i++) { for (unsigned int j = 0; j < consumer->vap_subs_count; j++) { + iface_map = cujoagent_iface_property( + &consumer->hal_cap.wifi_prop, consumer->vap_subs_indexes[j]); + if (!iface_map) { + CcspTraceError(("Couldn't find interface map for VAP index [%u]\n", + consumer->vap_subs_indexes[j])); + continue; + } + if (iface_map->rdk_radio_index != i) { + continue; + } + vap_array_index = + cujoagent_vap_array_index(&consumer->hal_cap.wifi_prop, iface_map); + if (vap_array_index < 0) { + continue; + } assoc_dev_map = consumer->radios[i] - .vaps.rdk_vap_array[consumer->vap_subs_indexes[j]] + .vaps.rdk_vap_array[vap_array_index] .associated_devices_map; if (assoc_dev_map) { - /* We need the if_name of the VAP each client is connected to, not the - * if_name of the VAP where the particular (dis)connect event happened. - * Therefore, get the iface_map here rather than passing it as an - * argument from the diff map we are processing the particular station - * event for. */ - iface_map = cujoagent_iface_property( - &consumer->hal_cap.wifi_prop, - consumer->radios[i] - .vaps.rdk_vap_array[consumer->vap_subs_indexes[j]] - .vap_index); - if (!iface_map) { - CcspTraceError(("Couldn't find interface map for vap index [%u]\n", - consumer->radios[i] - .vaps.rdk_vap_array[consumer->vap_subs_indexes[j]] - .vap_index)); - break; - } - assoc_dev_count = hash_map_count(assoc_dev_map); assoc_dev_data = hash_map_get_first(assoc_dev_map); for (unsigned int k = 0; assoc_dev_data; k++) { @@ -2048,20 +2061,22 @@ cujoagent_process_client_state(client_state_t client_state, for (unsigned int i = 0; i < consumer->hal_cap.wifi_prop.numRadios; i++) { for (unsigned int j = 0; j < consumer->vap_subs_count; j++) { - vap_array_index = consumer->vap_subs_indexes[j]; - iface_map = - cujoagent_iface_property(&decoded_params->hal_cap.wifi_prop, - decoded_params->radios[i] - .vaps.rdk_vap_array[vap_array_index] - .vap_index); + iface_map = cujoagent_iface_property( + &decoded_params->hal_cap.wifi_prop, consumer->vap_subs_indexes[j]); if (!iface_map) { - CcspTraceError(("Couldn't find interface map for vap index [%u]\n", - decoded_params->radios[i] - .vaps.rdk_vap_array[vap_array_index] - .vap_index)); + CcspTraceError(("Couldn't find interface map for VAP index [%u]\n", + consumer->vap_subs_indexes[j])); + continue; + } + if (iface_map->rdk_radio_index != i) { + continue; + } + vap_array_index = cujoagent_vap_array_index( + &decoded_params->hal_cap.wifi_prop, iface_map); + if (vap_array_index < 0) { continue; } - radio = &decoded_params->radios[iface_map->rdk_radio_index]; + radio = &decoded_params->radios[i]; vap_info = &radio->vaps.vap_map.vap_array[vap_array_index]; assoc_dev_diff_map = decoded_params->radios[i] From 61578e698ee565caf5cc00dcf49cd580c4507613 Mon Sep 17 00:00:00 2001 From: SanthoshGujulvajagadeesh <68006718+SanthoshGujulvajagadeesh@users.noreply.github.com> Date: Thu, 11 Jun 2026 14:41:41 +0530 Subject: [PATCH 2/3] RDKB-64184, RDKB-65468 : Include all Network Intelligence (NI) processes to compute overall NI memory consumption (#88) Reason for change: To compute NI memory consumption, include both long lived (cujo-qosd) and short lived (cujo-fpingdq, twamp-light-client) processes Test Procedure: Execute advsec_cpu_mem_recovery.sh script NI memory usage should include memory consumption of cujo-qosd, cujo-fpingdq and twamp-light-client Risks: Low Priority: P1 Signed-off-by: Santhosh_GujulvaJagadeesh@comcast.com --------- Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --- scripts/advsec_cpu_mem_recovery.sh | 24 +++++++++---------- source/AdvSecurityDml/cosa_adv_security_dml.c | 4 ++-- 2 files changed, 13 insertions(+), 15 deletions(-) diff --git a/scripts/advsec_cpu_mem_recovery.sh b/scripts/advsec_cpu_mem_recovery.sh index 2f87240..f685ae8 100644 --- a/scripts/advsec_cpu_mem_recovery.sh +++ b/scripts/advsec_cpu_mem_recovery.sh @@ -45,7 +45,7 @@ fi NI_ENABLE=$(dmcli eRT retv Device.DeviceInfo.X_RDKCENTRAL-COM_RFC.Feature.NetworkIntelligence.Enable) # Default NI memory hard limit in MB -NI_MEM_HARD_LIMIT=15 +NI_MEM_HARD_LIMIT=25 #syscfg contains value in MB. ni_max_rss=$(syscfg get Advsecurity_NetworkIntelligenceMemoryLimit) @@ -147,8 +147,8 @@ check_networkintelligence_mem_recovery() fi echo "####Network Intelligence RSS/PSS MEM stats####" >> $ADVSEC_AGENT_LOG_PATH - ni_rss=0 - ni_pss=0 + total_ni_rss=0 + total_ni_pss=0 for pid in ${NI_PID_LIST}; do sfile=/proc/$pid/smaps_rollup if [ -e "$sfile" ]; then @@ -156,21 +156,19 @@ check_networkintelligence_mem_recovery() pss=$(awk '/^Pss:/{print $2}' "$sfile") proc_name=$(tr '\0' ' ' < /proc/$pid/cmdline | sed 's/[[:space:]]*$//') echo_t "$pid:$proc_name : RSS=$rss kB PSS=$pss kB" >> $ADVSEC_AGENT_LOG_PATH - if [ ${ni_rss} -eq 0 ]; then - ni_rss=$rss - ni_pss=$pss - fi + total_ni_rss=$(( total_ni_rss + rss )) + total_ni_pss=$(( total_ni_pss + pss )) fi done - t2ValNotify "NI_RSS_MEM_kB_split" "$ni_rss" - t2ValNotify "NI_PSS_MEM_kB_split" "$ni_pss" - echo_t "NI_RSS_MEM:$ni_rss kB" >> $ADVSEC_AGENT_LOG_PATH - echo_t "NI_PSS_MEM:$ni_pss kB" >> $ADVSEC_AGENT_LOG_PATH + t2ValNotify "NI_RSS_MEM_kB_split" "$total_ni_rss" + t2ValNotify "NI_PSS_MEM_kB_split" "$total_ni_pss" + echo_t "NI_RSS_MEM:$total_ni_rss kB" >> $ADVSEC_AGENT_LOG_PATH + echo_t "NI_PSS_MEM:$total_ni_pss kB" >> $ADVSEC_AGENT_LOG_PATH echo "##############################################" >> $ADVSEC_AGENT_LOG_PATH - if [ "$ni_rss" -ge "$NI_MAX_RSS_THRESHOLD" ]; then - echo_t "Warning !!! NetworkIntelligence reached memory limit of $NI_MEM_HARD_LIMIT MB, current:$ni_rss kB, restarting cujo-ni" >> $ADVSEC_AGENT_LOG_PATH + if [ "$total_ni_rss" -ge "$NI_MAX_RSS_THRESHOLD" ]; then + echo_t "Warning !!! NetworkIntelligence reached memory limit of $NI_MEM_HARD_LIMIT MB, current:$total_ni_rss kB, restarting cujo-ni service" >> $ADVSEC_AGENT_LOG_PATH systemctl restart cujo-ni fi } diff --git a/source/AdvSecurityDml/cosa_adv_security_dml.c b/source/AdvSecurityDml/cosa_adv_security_dml.c index 68c1947..2d64122 100644 --- a/source/AdvSecurityDml/cosa_adv_security_dml.c +++ b/source/AdvSecurityDml/cosa_adv_security_dml.c @@ -31,7 +31,7 @@ #define MIN_AGENT_MEMORY_HARD_LIMIT 45 #define MAX_RABID_MACCACHE_SIZE 32768 #define MAX_RABID_DNSCACHE_SIZE 32768 -#define MIN_NI_MEMORY_HARD_LIMIT 15 +#define MIN_NI_MEMORY_HARD_LIMIT 25 extern COSA_DATAMODEL_AGENT* g_pAdvSecAgent; extern pthread_mutex_t logMutex; @@ -4127,7 +4127,7 @@ NetworkIntelligence_RFC_SetParamUlongValue if(uValue == g_pAdvSecAgent->pAdvNetworkIntelligence_RFC->uMemoryLimit) return TRUE; - if (uValue <= MIN_NI_MEMORY_HARD_LIMIT) + if (uValue < MIN_NI_MEMORY_HARD_LIMIT) return FALSE; returnStatus = CosaNetworkIntelligenceSetMemoryLimit(g_pAdvSecAgent->pAdvNetworkIntelligence_RFC, uValue); From 6c9179b2a3c3a4acbafc955db393a9a4b2ed99d6 Mon Sep 17 00:00:00 2001 From: bunnam988 Date: Mon, 15 Jun 2026 06:26:41 +0000 Subject: [PATCH 3/3] Add changelog for release 2.5.1 --- CHANGELOG.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0010d0c..ae8c9c5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,12 +4,21 @@ All notable changes to this project will be documented in this file. Dates are d Generated by [`auto-changelog`](https://github.com/CookPete/auto-changelog). +#### [2.5.1](https://github.com/rdkcentral/advanced-security/compare/2.5.0...2.5.1) + +- RDKB-64184, RDKB-65468 : Include all Network Intelligence (NI) processes to compute overall NI memory consumption [`#88`](https://github.com/rdkcentral/advanced-security/pull/88) +- RDKB-64184, RDKB-65468, RDKB-64928 : 26.1.3 WDA update [`#87`](https://github.com/rdkcentral/advanced-security/pull/87) +- Merge tag '2.5.0' into develop [`72be850`](https://github.com/rdkcentral/advanced-security/commit/72be8508d694d6c8fb0ab025921a8ca2e6161f52) + #### [2.5.0](https://github.com/rdkcentral/advanced-security/compare/2.4.0...2.5.0) +> 3 June 2026 + - RDKB-64489 : fix to prevent firewall restart on a bridgemode_event change [`#64`](https://github.com/rdkcentral/advanced-security/pull/64) - RDKB-64184, RDKB-63906 : start or stop Network Intelligence (NI) service only if present [`#84`](https://github.com/rdkcentral/advanced-security/pull/84) - RDKB-64184, RDKB-63906 : Remove platform specific checks for network intelligence feature [`#83`](https://github.com/rdkcentral/advanced-security/pull/83) - RDKB-64184, RDKB-64546 : RFC implementation and NI CPU, Memory monitoring for CUJO 26.1 release [`#80`](https://github.com/rdkcentral/advanced-security/pull/80) +- Add changelog for release 2.5.0 [`31135f5`](https://github.com/rdkcentral/advanced-security/commit/31135f51bc0719dc3ae6dcb1b2ac56ff1ddde5d2) - Merge tag '2.4.0' into develop [`57da2f9`](https://github.com/rdkcentral/advanced-security/commit/57da2f9956e4fa9143426e5af941f9a10db5fcfb) #### [2.4.0](https://github.com/rdkcentral/advanced-security/compare/2.3.0...2.4.0)