Loading os_if/linux/scan/src/wlan_cfg80211_scan.c +9 −7 Original line number Diff line number Diff line Loading @@ -1388,13 +1388,15 @@ int wlan_cfg80211_scan(struct wlan_objmgr_vdev *vdev, req->scan_req.p2p_scan_type = SCAN_P2P_SEARCH; /* Set dwell time mode according to scan policy type flags */ if (ucfg_scan_cfg_honour_nl_scan_policy_flags(psoc)) { if (req->scan_req.scan_policy_high_accuracy) req->scan_req.adaptive_dwell_time_mode = SCAN_DWELL_MODE_STATIC; if ((req->scan_req.scan_policy_low_power) || (req->scan_req.scan_policy_low_span)) if (req->scan_req.scan_policy_low_power || req->scan_req.scan_policy_low_span) req->scan_req.adaptive_dwell_time_mode = SCAN_DWELL_MODE_AGGRESSIVE; } /* * FW require at least 1 MAC to send probe request. Loading os_if/linux/wifi_pos/src/os_if_wifi_pos.c +47 −8 Original line number Diff line number Diff line Loading @@ -83,6 +83,8 @@ static int wifi_pos_parse_req(const void *data, int len, int pid, { tAniMsgHdr *msg_hdr; struct nlattr *tb[CLD80211_ATTR_MAX + 1]; uint32_t msg_len, id, nl_field_info_size, expected_field_info_size; struct wifi_pos_field_info *field_info; if (wlan_cfg80211_nla_parse(tb, CLD80211_ATTR_MAX, data, len, NULL)) { cfg80211_err("invalid data in request"); Loading @@ -94,23 +96,54 @@ static int wifi_pos_parse_req(const void *data, int len, int pid, return OEM_ERR_INVALID_MESSAGE_TYPE; } msg_hdr = (tAniMsgHdr *)nla_data(tb[CLD80211_ATTR_DATA]); if (!msg_hdr) { cfg80211_err("msg_hdr null"); return OEM_ERR_NULL_MESSAGE_HEADER; msg_len = nla_len(tb[CLD80211_ATTR_DATA]); if (msg_len < sizeof(*msg_hdr)) { cfg80211_err("Insufficient length for msg_hdr: %u", msg_len); return OEM_ERR_INVALID_MESSAGE_LENGTH; } msg_hdr = nla_data(tb[CLD80211_ATTR_DATA]); req->msg_type = msg_hdr->type; if (msg_len < sizeof(*msg_hdr) + msg_hdr->length) { cfg80211_err("Insufficient length for msg_hdr buffer: %u", msg_len); return OEM_ERR_INVALID_MESSAGE_LENGTH; } req->buf_len = msg_hdr->length; req->buf = (uint8_t *)&msg_hdr[1]; req->pid = pid; if (tb[CLD80211_ATTR_META_DATA]) { req->field_info_buf = (struct wifi_pos_field_info *) nla_data(tb[CLD80211_ATTR_META_DATA]); req->field_info_buf_len = nla_len(tb[CLD80211_ATTR_META_DATA]); id = CLD80211_ATTR_META_DATA; if (!tb[id]) return 0; nl_field_info_size = nla_len(tb[id]); if (nl_field_info_size < sizeof(*field_info)) { cfg80211_err("Insufficient length for field_info_buf: %u", nl_field_info_size); return OEM_ERR_INVALID_MESSAGE_LENGTH; } field_info = nla_data(tb[id]); if (!field_info->count) { cfg80211_debug("field_info->count is zero, ignoring META_DATA"); return 0; } expected_field_info_size = sizeof(*field_info) + (field_info->count - 1) * sizeof(struct wifi_pos_field); if (nl_field_info_size < expected_field_info_size) { cfg80211_err("Insufficient len for total no.of %u fields", field_info->count); return OEM_ERR_INVALID_MESSAGE_LENGTH; } req->field_info_buf = field_info; req->field_info_buf_len = nl_field_info_size; return 0; } #else Loading @@ -127,6 +160,12 @@ static int wifi_pos_parse_req(struct sk_buff *skb, struct wifi_pos_req_msg *req) return OEM_ERR_NULL_MESSAGE_HEADER; } if (nlh->nlmsg_len < NLMSG_LENGTH(sizeof(*msg_hdr))) { cfg80211_err("nlmsg_len(%d) and msg_hdr_size(%zu) mis-match", nlh->nlmsg_len, sizeof(*msg_hdr)); return OEM_ERR_INVALID_MESSAGE_LENGTH; } msg_hdr = NLMSG_DATA(nlh); if (!msg_hdr) { cfg80211_err("Message header null"); Loading umac/cmn_services/mgmt_txrx/core/src/wlan_mgmt_txrx_main.c +6 −0 Original line number Diff line number Diff line Loading @@ -151,6 +151,12 @@ void wlan_mgmt_txrx_desc_put( return; } desc->in_use = false; desc->context = NULL; desc->peer = NULL; desc->nbuf = NULL; desc->tx_dwnld_cmpl_cb = NULL; desc->tx_ota_cmpl_cb = NULL; desc->vdev_id = WLAN_UMAC_VDEV_ID_MAX; qdf_list_insert_front(&mgmt_txrx_pdev_ctx->mgmt_desc_pool.free_list, &desc->entry); Loading umac/cmn_services/mgmt_txrx/dispatcher/src/wlan_mgmt_txrx_tgt_api.c +4 −4 Original line number Diff line number Diff line Loading @@ -1070,7 +1070,7 @@ QDF_STATUS tgt_mgmt_txrx_tx_completion_handler( return QDF_STATUS_E_INVAL; } mgmt_desc = &mgmt_txrx_pdev_ctx->mgmt_desc_pool.pool[desc_id]; if (!mgmt_desc) { if (!mgmt_desc || !mgmt_desc->in_use) { mgmt_txrx_err("Mgmt desc empty for id %d pdev %pK ", desc_id, pdev); return QDF_STATUS_E_NULL_VALUE; Loading Loading @@ -1142,7 +1142,7 @@ qdf_nbuf_t tgt_mgmt_txrx_get_nbuf_from_desc_id( } mgmt_desc = &mgmt_txrx_pdev_ctx->mgmt_desc_pool.pool[desc_id]; if (!mgmt_desc) { if (!mgmt_desc || !mgmt_desc->in_use) { mgmt_txrx_err("Mgmt descriptor unavailable for id %d pdev %pK", desc_id, pdev); goto fail; Loading Loading @@ -1172,7 +1172,7 @@ tgt_mgmt_txrx_get_peer_from_desc_id( } mgmt_desc = &mgmt_txrx_pdev_ctx->mgmt_desc_pool.pool[desc_id]; if (!mgmt_desc) { if (!mgmt_desc || !mgmt_desc->in_use) { mgmt_txrx_err("Mgmt descriptor unavailable for id %d pdev %pK", desc_id, pdev); goto fail; Loading Loading @@ -1206,7 +1206,7 @@ uint8_t tgt_mgmt_txrx_get_vdev_id_from_desc_id( } mgmt_desc = &mgmt_txrx_pdev_ctx->mgmt_desc_pool.pool[desc_id]; if (!mgmt_desc) { if (!mgmt_desc || !mgmt_desc->in_use) { mgmt_txrx_err("Mgmt descriptor unavailable for id %d pdev %pK", desc_id, pdev); goto fail; Loading umac/cmn_services/mgmt_txrx/dispatcher/src/wlan_mgmt_txrx_utils_api.c +6 −1 Original line number Diff line number Diff line Loading @@ -370,13 +370,18 @@ QDF_STATUS wlan_mgmt_txrx_mgmt_frame_tx(struct wlan_objmgr_peer *peer, struct wlan_objmgr_pdev *pdev; struct mgmt_txrx_priv_pdev_context *txrx_ctx; struct wlan_objmgr_vdev *vdev; QDF_STATUS status; if (!peer) { mgmt_txrx_err("peer passed is NULL"); return QDF_STATUS_E_NULL_VALUE; } wlan_objmgr_peer_get_ref(peer, WLAN_MGMT_NB_ID); status = wlan_objmgr_peer_try_get_ref(peer, WLAN_MGMT_NB_ID); if (QDF_IS_STATUS_ERROR(status)) { mgmt_txrx_err("failed to get ref count for peer %pK", peer); return QDF_STATUS_E_NULL_VALUE; } vdev = wlan_peer_get_vdev(peer); if (!vdev) { Loading Loading
os_if/linux/scan/src/wlan_cfg80211_scan.c +9 −7 Original line number Diff line number Diff line Loading @@ -1388,13 +1388,15 @@ int wlan_cfg80211_scan(struct wlan_objmgr_vdev *vdev, req->scan_req.p2p_scan_type = SCAN_P2P_SEARCH; /* Set dwell time mode according to scan policy type flags */ if (ucfg_scan_cfg_honour_nl_scan_policy_flags(psoc)) { if (req->scan_req.scan_policy_high_accuracy) req->scan_req.adaptive_dwell_time_mode = SCAN_DWELL_MODE_STATIC; if ((req->scan_req.scan_policy_low_power) || (req->scan_req.scan_policy_low_span)) if (req->scan_req.scan_policy_low_power || req->scan_req.scan_policy_low_span) req->scan_req.adaptive_dwell_time_mode = SCAN_DWELL_MODE_AGGRESSIVE; } /* * FW require at least 1 MAC to send probe request. Loading
os_if/linux/wifi_pos/src/os_if_wifi_pos.c +47 −8 Original line number Diff line number Diff line Loading @@ -83,6 +83,8 @@ static int wifi_pos_parse_req(const void *data, int len, int pid, { tAniMsgHdr *msg_hdr; struct nlattr *tb[CLD80211_ATTR_MAX + 1]; uint32_t msg_len, id, nl_field_info_size, expected_field_info_size; struct wifi_pos_field_info *field_info; if (wlan_cfg80211_nla_parse(tb, CLD80211_ATTR_MAX, data, len, NULL)) { cfg80211_err("invalid data in request"); Loading @@ -94,23 +96,54 @@ static int wifi_pos_parse_req(const void *data, int len, int pid, return OEM_ERR_INVALID_MESSAGE_TYPE; } msg_hdr = (tAniMsgHdr *)nla_data(tb[CLD80211_ATTR_DATA]); if (!msg_hdr) { cfg80211_err("msg_hdr null"); return OEM_ERR_NULL_MESSAGE_HEADER; msg_len = nla_len(tb[CLD80211_ATTR_DATA]); if (msg_len < sizeof(*msg_hdr)) { cfg80211_err("Insufficient length for msg_hdr: %u", msg_len); return OEM_ERR_INVALID_MESSAGE_LENGTH; } msg_hdr = nla_data(tb[CLD80211_ATTR_DATA]); req->msg_type = msg_hdr->type; if (msg_len < sizeof(*msg_hdr) + msg_hdr->length) { cfg80211_err("Insufficient length for msg_hdr buffer: %u", msg_len); return OEM_ERR_INVALID_MESSAGE_LENGTH; } req->buf_len = msg_hdr->length; req->buf = (uint8_t *)&msg_hdr[1]; req->pid = pid; if (tb[CLD80211_ATTR_META_DATA]) { req->field_info_buf = (struct wifi_pos_field_info *) nla_data(tb[CLD80211_ATTR_META_DATA]); req->field_info_buf_len = nla_len(tb[CLD80211_ATTR_META_DATA]); id = CLD80211_ATTR_META_DATA; if (!tb[id]) return 0; nl_field_info_size = nla_len(tb[id]); if (nl_field_info_size < sizeof(*field_info)) { cfg80211_err("Insufficient length for field_info_buf: %u", nl_field_info_size); return OEM_ERR_INVALID_MESSAGE_LENGTH; } field_info = nla_data(tb[id]); if (!field_info->count) { cfg80211_debug("field_info->count is zero, ignoring META_DATA"); return 0; } expected_field_info_size = sizeof(*field_info) + (field_info->count - 1) * sizeof(struct wifi_pos_field); if (nl_field_info_size < expected_field_info_size) { cfg80211_err("Insufficient len for total no.of %u fields", field_info->count); return OEM_ERR_INVALID_MESSAGE_LENGTH; } req->field_info_buf = field_info; req->field_info_buf_len = nl_field_info_size; return 0; } #else Loading @@ -127,6 +160,12 @@ static int wifi_pos_parse_req(struct sk_buff *skb, struct wifi_pos_req_msg *req) return OEM_ERR_NULL_MESSAGE_HEADER; } if (nlh->nlmsg_len < NLMSG_LENGTH(sizeof(*msg_hdr))) { cfg80211_err("nlmsg_len(%d) and msg_hdr_size(%zu) mis-match", nlh->nlmsg_len, sizeof(*msg_hdr)); return OEM_ERR_INVALID_MESSAGE_LENGTH; } msg_hdr = NLMSG_DATA(nlh); if (!msg_hdr) { cfg80211_err("Message header null"); Loading
umac/cmn_services/mgmt_txrx/core/src/wlan_mgmt_txrx_main.c +6 −0 Original line number Diff line number Diff line Loading @@ -151,6 +151,12 @@ void wlan_mgmt_txrx_desc_put( return; } desc->in_use = false; desc->context = NULL; desc->peer = NULL; desc->nbuf = NULL; desc->tx_dwnld_cmpl_cb = NULL; desc->tx_ota_cmpl_cb = NULL; desc->vdev_id = WLAN_UMAC_VDEV_ID_MAX; qdf_list_insert_front(&mgmt_txrx_pdev_ctx->mgmt_desc_pool.free_list, &desc->entry); Loading
umac/cmn_services/mgmt_txrx/dispatcher/src/wlan_mgmt_txrx_tgt_api.c +4 −4 Original line number Diff line number Diff line Loading @@ -1070,7 +1070,7 @@ QDF_STATUS tgt_mgmt_txrx_tx_completion_handler( return QDF_STATUS_E_INVAL; } mgmt_desc = &mgmt_txrx_pdev_ctx->mgmt_desc_pool.pool[desc_id]; if (!mgmt_desc) { if (!mgmt_desc || !mgmt_desc->in_use) { mgmt_txrx_err("Mgmt desc empty for id %d pdev %pK ", desc_id, pdev); return QDF_STATUS_E_NULL_VALUE; Loading Loading @@ -1142,7 +1142,7 @@ qdf_nbuf_t tgt_mgmt_txrx_get_nbuf_from_desc_id( } mgmt_desc = &mgmt_txrx_pdev_ctx->mgmt_desc_pool.pool[desc_id]; if (!mgmt_desc) { if (!mgmt_desc || !mgmt_desc->in_use) { mgmt_txrx_err("Mgmt descriptor unavailable for id %d pdev %pK", desc_id, pdev); goto fail; Loading Loading @@ -1172,7 +1172,7 @@ tgt_mgmt_txrx_get_peer_from_desc_id( } mgmt_desc = &mgmt_txrx_pdev_ctx->mgmt_desc_pool.pool[desc_id]; if (!mgmt_desc) { if (!mgmt_desc || !mgmt_desc->in_use) { mgmt_txrx_err("Mgmt descriptor unavailable for id %d pdev %pK", desc_id, pdev); goto fail; Loading Loading @@ -1206,7 +1206,7 @@ uint8_t tgt_mgmt_txrx_get_vdev_id_from_desc_id( } mgmt_desc = &mgmt_txrx_pdev_ctx->mgmt_desc_pool.pool[desc_id]; if (!mgmt_desc) { if (!mgmt_desc || !mgmt_desc->in_use) { mgmt_txrx_err("Mgmt descriptor unavailable for id %d pdev %pK", desc_id, pdev); goto fail; Loading
umac/cmn_services/mgmt_txrx/dispatcher/src/wlan_mgmt_txrx_utils_api.c +6 −1 Original line number Diff line number Diff line Loading @@ -370,13 +370,18 @@ QDF_STATUS wlan_mgmt_txrx_mgmt_frame_tx(struct wlan_objmgr_peer *peer, struct wlan_objmgr_pdev *pdev; struct mgmt_txrx_priv_pdev_context *txrx_ctx; struct wlan_objmgr_vdev *vdev; QDF_STATUS status; if (!peer) { mgmt_txrx_err("peer passed is NULL"); return QDF_STATUS_E_NULL_VALUE; } wlan_objmgr_peer_get_ref(peer, WLAN_MGMT_NB_ID); status = wlan_objmgr_peer_try_get_ref(peer, WLAN_MGMT_NB_ID); if (QDF_IS_STATUS_ERROR(status)) { mgmt_txrx_err("failed to get ref count for peer %pK", peer); return QDF_STATUS_E_NULL_VALUE; } vdev = wlan_peer_get_vdev(peer); if (!vdev) { Loading
