msm: ipa: UAPI security code changes

	(struct file *file,

	(struct file *file,

	const char __user *buf, size_t count, loff_t *ppos)

	const char __user *buf, size_t count, loff_t *ppos)

{

{

	struct rndis_ipa_dev *rndis_ipa_ctx = file->private_data;

	struct rndis_ipa_dev *rndis_ipa_ctx = NULL;

	int result;

	int result;

	if (file == NULL)

		return -EFAULT;

	rndis_ipa_ctx = file->private_data;

	result = ipa_cfg_ep(rndis_ipa_ctx->usb_to_ipa_hdl, &ipa_to_usb_ep_cfg);

	result = ipa_cfg_ep(rndis_ipa_ctx->usb_to_ipa_hdl, &ipa_to_usb_ep_cfg);

	if (result) {

	if (result) {

		pr_err("failed to re-configure USB to IPA point\n");

		pr_err("failed to re-configure USB to IPA point\n");

static int ipa_generate_hw_rule_from_eq(

static int ipa_generate_hw_rule_from_eq(

		const struct ipa_ipfltri_rule_eq *attrib, u8 **buf)

		const struct ipa_ipfltri_rule_eq *attrib, u8 **buf)

{

{

	int num_offset_meq_32 = attrib->num_offset_meq_32;

	uint8_t num_offset_meq_32 = attrib->num_offset_meq_32;

	int num_ihl_offset_range_16 = attrib->num_ihl_offset_range_16;

	uint8_t num_ihl_offset_range_16 = attrib->num_ihl_offset_range_16;

	int num_ihl_offset_meq_32 = attrib->num_ihl_offset_meq_32;

	uint8_t num_ihl_offset_meq_32 = attrib->num_ihl_offset_meq_32;

	int num_offset_meq_128 = attrib->num_offset_meq_128;

	uint8_t num_offset_meq_128 = attrib->num_offset_meq_128;

	int i;

	int i;

	if (attrib->tos_eq_present) {

	if (attrib->tos_eq_present) {

	struct ipa_install_fltr_rule_resp_msg_v01 resp;

	struct ipa_install_fltr_rule_resp_msg_v01 resp;

	struct msg_desc req_desc, resp_desc;

	struct msg_desc req_desc, resp_desc;

	int rc;

	int rc;

	int i;

	/* check if the filter rules from IPACM is valid */

	/* check if the filter rules from IPACM is valid */

	if (req->filter_spec_list_len == 0) {

	if (req->filter_spec_list_len == 0) {

		req->filter_spec_list_len);

		req->filter_spec_list_len);

	}

	}

	if (req->filter_spec_list_len >= QMI_IPA_MAX_FILTERS_V01) {

		IPAWANDBG(

		"IPACM passes the number of filtering rules exceed limit\n");

		return -EINVAL;

	} else if (req->source_pipe_index_valid != 0) {

		IPAWANDBG(

		"IPACM passes source_pipe_index_valid not zero 0 != %d\n",

			req->source_pipe_index_valid);

		return -EINVAL;

	} else if (req->source_pipe_index >= ipa_ctx->ipa_num_pipes) {

		IPAWANDBG(

		"IPACM passes source pipe index not valid ID = %d\n",

		req->source_pipe_index);

		return -EINVAL;

	}

	for (i = 0; i < req->filter_spec_list_len; i++) {

		if ((req->filter_spec_list[i].ip_type !=

			QMI_IPA_IP_TYPE_V4_V01) &&

			(req->filter_spec_list[i].ip_type !=

			QMI_IPA_IP_TYPE_V6_V01))

			return -EINVAL;

		if (req->filter_spec_list[i].is_mux_id_valid == false)

			return -EINVAL;

		if (req->filter_spec_list[i].is_routing_table_index_valid

			== false)

			return -EINVAL;

		if ((req->filter_spec_list[i].filter_action <=

			QMI_IPA_FILTER_ACTION_INVALID_V01) &&

			(req->filter_spec_list[i].filter_action >

			QMI_IPA_FILTER_ACTION_EXCEPTION_V01))

			return -EINVAL;

	}

	mutex_lock(&ipa_qmi_lock);

	mutex_lock(&ipa_qmi_lock);

	if (ipa_qmi_ctx != NULL) {

	if (ipa_qmi_ctx != NULL) {

		/* cache the qmi_filter_request */

		/* cache the qmi_filter_request */

				req->filter_index_list[i].filter_handle,

				req->filter_index_list[i].filter_handle,

				req->filter_index_list[i].filter_index);

				req->filter_index_list[i].filter_index);

		return -EINVAL;

		return -EINVAL;

	} else if (req->install_status != IPA_QMI_RESULT_SUCCESS_V01) {

		IPAWANERR(" UL filter rule for pipe %d install_status = %d\n",

			req->source_pipe_index, req->install_status);

		return -EINVAL;

	} else if (req->source_pipe_index >= ipa_ctx->ipa_num_pipes) {

		IPAWANERR("IPACM passes source pipe index not valid ID = %d\n",

		req->source_pipe_index);

		return -EINVAL;

	} else if (((req->embedded_pipe_index_valid != true) ||

			(req->embedded_call_mux_id_valid != true)) &&

			((req->embedded_pipe_index_valid != false) ||

			(req->embedded_call_mux_id_valid != false))) {

		IPAWANERR(

			"IPACM passes embedded pipe and mux valid not valid\n");

		return -EINVAL;

	} else if (req->embedded_pipe_index >= ipa_ctx->ipa_num_pipes) {

		IPAWANERR("IPACM passes source pipe index not valid ID = %d\n",

		req->source_pipe_index);

		return -EINVAL;

	}

	}

	mutex_lock(&ipa_qmi_lock);

	mutex_lock(&ipa_qmi_lock);

		return -ENOMEM;

		return -ENOMEM;

	}

	}

	memset(req, 0, sizeof(struct ipa_fltr_installed_notif_req_msg_v01));

	param->commit = 1;

	param->commit = 1;

	param->ep = IPA_CLIENT_APPS_LAN_WAN_PROD;

	param->ep = IPA_CLIENT_APPS_LAN_WAN_PROD;

	param->global = false;

	param->global = false;

		/*  Get driver name  */

		/*  Get driver name  */

		case RMNET_IOCTL_GET_DRIVER_NAME:

		case RMNET_IOCTL_GET_DRIVER_NAME:

			memcpy(&extend_ioctl_data.u.if_name,

			memcpy(&extend_ioctl_data.u.if_name,

						ipa_netdevs[0]->name,

						ipa_netdevs[0]->name, IFNAMSIZ);

							sizeof(IFNAMSIZ));

			extend_ioctl_data.u.if_name[IFNAMSIZ - 1] = '\0';

			if (copy_to_user((u8 *)ifr->ifr_ifru.ifru_data,

			if (copy_to_user((u8 *)ifr->ifr_ifru.ifru_data,

					&extend_ioctl_data,

					&extend_ioctl_data,

					sizeof(struct rmnet_ioctl_extended_s)))

					sizeof(struct rmnet_ioctl_extended_s)))

				sizeof(wan_msg->upstream_ifname);

				sizeof(wan_msg->upstream_ifname);

			strlcpy(wan_msg->upstream_ifname,

			strlcpy(wan_msg->upstream_ifname,

				extend_ioctl_data.u.if_name, len);

				extend_ioctl_data.u.if_name, len);

			wan_msg->upstream_ifname[len - 1] = '\0';

			memset(&msg_meta, 0, sizeof(struct ipa_msg_meta));

			memset(&msg_meta, 0, sizeof(struct ipa_msg_meta));

			msg_meta.msg_type = WAN_XLAT_CONNECT;

			msg_meta.msg_type = WAN_XLAT_CONNECT;

			msg_meta.msg_len = sizeof(struct ipa_wan_msg);

			msg_meta.msg_len = sizeof(struct ipa_wan_msg);

		return -EFAULT;

		return -EFAULT;

	}

	}

	if (count > 0)

		dbg_buff[count - 1] = '\0';

	/* Prevent consequent calls from trying to load the FW again. */

	/* Prevent consequent calls from trying to load the FW again. */

	if (ipa3_is_ready())

	if (ipa3_is_ready())

		return count;

		return count;