add new system file

hc

2024-02-20 102a0743326a03cd1a1202ceda21e175b7d3575c

 kernel/drivers/net/wireless/marvell/mwifiex/scan.c
..
..
@@ -1,10 +1,10 @@
1
1
 /*
2
- * Marvell Wireless LAN device driver: scan ioctl and command handling
2
+ * NXP Wireless LAN device driver: scan ioctl and command handling
3
3
  *
4
- * Copyright (C) 2011-2014, Marvell International Ltd.
4
+ * Copyright 2011-2020 NXP
5
5
  *
6
- * This software file (the "File") is distributed by Marvell International
7
- * Ltd. under the terms of the GNU General Public License Version 2, June 1991
6
+ * This software file (the "File") is distributed by NXP
7
+ * under the terms of the GNU General Public License Version 2, June 1991
8
8
  * (the "License").  You may use, redistribute and/or modify this File in
9
9
  * accordance with the terms and conditions of the License, a copy of which
10
10
  * is available by writing to the Free Software Foundation, Inc.,
..
..
@@ -1244,7 +1244,7 @@
1244
1244
 			mwifiex_dbg(adapter, ERROR,
1245
1245
 				    "err: InterpretIE: in processing\t"
1246
1246
 				    "IE, bytes left < IE length\n");
1247
-			return -1;
1247
+			return -EINVAL;
1248
1248
 		}
1249
1249
 		switch (element_id) {
1250
1250
 		case WLAN_EID_SSID:
..
..
@@ -1270,7 +1270,7 @@
1270
1270
 			break;
1271
1271
 
1272
1272
 		case WLAN_EID_FH_PARAMS:
1273
-			if (element_len + 2 < sizeof(*fh_param_set))
1273
+			if (total_ie_len < sizeof(*fh_param_set))
1274
1274
 				return -EINVAL;
1275
1275
 			fh_param_set =
1276
1276
 				(struct ieee_types_fh_param_set *) current_ptr;
..
..
@@ -1280,7 +1280,7 @@
1280
1280
 			break;
1281
1281
 
1282
1282
 		case WLAN_EID_DS_PARAMS:
1283
-			if (element_len + 2 < sizeof(*ds_param_set))
1283
+			if (total_ie_len < sizeof(*ds_param_set))
1284
1284
 				return -EINVAL;
1285
1285
 			ds_param_set =
1286
1286
 				(struct ieee_types_ds_param_set *) current_ptr;
..
..
@@ -1293,7 +1293,7 @@
1293
1293
 			break;
1294
1294
 
1295
1295
 		case WLAN_EID_CF_PARAMS:
1296
-			if (element_len + 2 < sizeof(*cf_param_set))
1296
+			if (total_ie_len < sizeof(*cf_param_set))
1297
1297
 				return -EINVAL;
1298
1298
 			cf_param_set =
1299
1299
 				(struct ieee_types_cf_param_set *) current_ptr;
..
..
@@ -1303,7 +1303,7 @@
1303
1303
 			break;
1304
1304
 
1305
1305
 		case WLAN_EID_IBSS_PARAMS:
1306
-			if (element_len + 2 < sizeof(*ibss_param_set))
1306
+			if (total_ie_len < sizeof(*ibss_param_set))
1307
1307
 				return -EINVAL;
1308
1308
 			ibss_param_set =
1309
1309
 				(struct ieee_types_ibss_param_set *)
..
..
@@ -1328,7 +1328,7 @@
1328
1328
 
1329
1329
 		case WLAN_EID_CHANNEL_SWITCH:
1330
1330
 			bss_entry->chan_sw_ie_present = true;
1331
-			/* fall through */
1331
+			fallthrough;
1332
1332
 		case WLAN_EID_PWR_CAPABILITY:
1333
1333
 		case WLAN_EID_TPC_REPORT:
1334
1334
 		case WLAN_EID_QUIET:
..
..
@@ -1460,10 +1460,8 @@
1460
1460
 			break;
1461
1461
 		}
1462
1462
 
1463
-		current_ptr += element_len + 2;
1464
-
1465
-		/* Need to account for IE ID and IE Len */
1466
-		bytes_left -= (element_len + 2);
1463
+		current_ptr += total_ie_len;
1464
+		bytes_left -= total_ie_len;
1467
1465
 
1468
1466
 	}	/* while (bytes_left > 2) */
1469
1467
 	return ret;
..
..
@@ -1505,7 +1503,6 @@
1505
1503
 	u8 filtered_scan;
1506
1504
 	u8 scan_current_chan_only;
1507
1505
 	u8 max_chan_per_scan;
1508
-	unsigned long flags;
1509
1506
 
1510
1507
 	if (adapter->scan_processing) {
1511
1508
 		mwifiex_dbg(adapter, WARN,
..
..
@@ -1526,9 +1523,9 @@
1526
1523
 		return -EFAULT;
1527
1524
 	}
1528
1525
 
1529
-	spin_lock_irqsave(&adapter->mwifiex_cmd_lock, flags);
1526
+	spin_lock_bh(&adapter->mwifiex_cmd_lock);
1530
1527
 	adapter->scan_processing = true;
1531
-	spin_unlock_irqrestore(&adapter->mwifiex_cmd_lock, flags);
1528
+	spin_unlock_bh(&adapter->mwifiex_cmd_lock);
1532
1529
 
1533
1530
 	scan_cfg_out = kzalloc(sizeof(union mwifiex_scan_cmd_config_tlv),
1534
1531
 			       GFP_KERNEL);
..
..
@@ -1556,13 +1553,12 @@
1556
1553
 
1557
1554
 	/* Get scan command from scan_pending_q and put to cmd_pending_q */
1558
1555
 	if (!ret) {
1559
-		spin_lock_irqsave(&adapter->scan_pending_q_lock, flags);
1556
+		spin_lock_bh(&adapter->scan_pending_q_lock);
1560
1557
 		if (!list_empty(&adapter->scan_pending_q)) {
1561
1558
 			cmd_node = list_first_entry(&adapter->scan_pending_q,
1562
1559
 						    struct cmd_ctrl_node, list);
1563
1560
 			list_del(&cmd_node->list);
1564
-			spin_unlock_irqrestore(&adapter->scan_pending_q_lock,
1565
-					       flags);
1561
+			spin_unlock_bh(&adapter->scan_pending_q_lock);
1566
1562
 			mwifiex_insert_cmd_to_pending_q(adapter, cmd_node);
1567
1563
 			queue_work(adapter->workqueue, &adapter->main_work);
1568
1564
 
..
..
@@ -1573,8 +1569,7 @@
1573
1569
 				mwifiex_wait_queue_complete(adapter, cmd_node);
1574
1570
 			}
1575
1571
 		} else {
1576
-			spin_unlock_irqrestore(&adapter->scan_pending_q_lock,
1577
-					       flags);
1572
+			spin_unlock_bh(&adapter->scan_pending_q_lock);
1578
1573
 		}
1579
1574
 	}
1580
1575
 
..
..
@@ -1582,9 +1577,9 @@
1582
1577
 	kfree(scan_chan_list);
1583
1578
 done:
1584
1579
 	if (ret) {
1585
-		spin_lock_irqsave(&adapter->mwifiex_cmd_lock, flags);
1580
+		spin_lock_bh(&adapter->mwifiex_cmd_lock);
1586
1581
 		adapter->scan_processing = false;
1587
-		spin_unlock_irqrestore(&adapter->mwifiex_cmd_lock, flags);
1582
+		spin_unlock_bh(&adapter->mwifiex_cmd_lock);
1588
1583
 	}
1589
1584
 	return ret;
1590
1585
 }
..
..
@@ -1720,7 +1715,6 @@
1720
1715
 {
1721
1716
 	struct mwifiex_bssdescriptor *bss_desc;
1722
1717
 	int ret;
1723
-	unsigned long flags;
1724
1718
 
1725
1719
 	/* Allocate and fill new bss descriptor */
1726
1720
 	bss_desc = kzalloc(sizeof(struct mwifiex_bssdescriptor), GFP_KERNEL);
..
..
@@ -1735,7 +1729,7 @@
1735
1729
 	if (ret)
1736
1730
 		goto done;
1737
1731
 
1738
-	spin_lock_irqsave(&priv->curr_bcn_buf_lock, flags);
1732
+	spin_lock_bh(&priv->curr_bcn_buf_lock);
1739
1733
 	/* Make a copy of current BSSID descriptor */
1740
1734
 	memcpy(&priv->curr_bss_params.bss_descriptor, bss_desc,
1741
1735
 	       sizeof(priv->curr_bss_params.bss_descriptor));
..
..
@@ -1744,7 +1738,7 @@
1744
1738
 	 * in mwifiex_save_curr_bcn()
1745
1739
 	 */
1746
1740
 	mwifiex_save_curr_bcn(priv);
1747
-	spin_unlock_irqrestore(&priv->curr_bcn_buf_lock, flags);
1741
+	spin_unlock_bh(&priv->curr_bcn_buf_lock);
1748
1742
 
1749
1743
 done:
1750
1744
 	/* beacon_ie buffer was allocated in function
..
..
@@ -1998,15 +1992,14 @@
1998
1992
 {
1999
1993
 	struct mwifiex_adapter *adapter = priv->adapter;
2000
1994
 	struct cmd_ctrl_node *cmd_node;
2001
-	unsigned long flags;
2002
1995
 
2003
-	spin_lock_irqsave(&adapter->scan_pending_q_lock, flags);
1996
+	spin_lock_bh(&adapter->scan_pending_q_lock);
2004
1997
 	if (list_empty(&adapter->scan_pending_q)) {
2005
-		spin_unlock_irqrestore(&adapter->scan_pending_q_lock, flags);
1998
+		spin_unlock_bh(&adapter->scan_pending_q_lock);
2006
1999
 
2007
-		spin_lock_irqsave(&adapter->mwifiex_cmd_lock, flags);
2000
+		spin_lock_bh(&adapter->mwifiex_cmd_lock);
2008
2001
 		adapter->scan_processing = false;
2009
-		spin_unlock_irqrestore(&adapter->mwifiex_cmd_lock, flags);
2002
+		spin_unlock_bh(&adapter->mwifiex_cmd_lock);
2010
2003
 
2011
2004
 		mwifiex_active_scan_req_for_passive_chan(priv);
2012
2005
 
..
..
@@ -2030,13 +2023,13 @@
2030
2023
 		}
2031
2024
 	} else if ((priv->scan_aborting && !priv->scan_request) ||
2032
2025
 		   priv->scan_block) {
2033
-		spin_unlock_irqrestore(&adapter->scan_pending_q_lock, flags);
2026
+		spin_unlock_bh(&adapter->scan_pending_q_lock);
2034
2027
 
2035
2028
 		mwifiex_cancel_pending_scan_cmd(adapter);
2036
2029
 
2037
-		spin_lock_irqsave(&adapter->mwifiex_cmd_lock, flags);
2030
+		spin_lock_bh(&adapter->mwifiex_cmd_lock);
2038
2031
 		adapter->scan_processing = false;
2039
-		spin_unlock_irqrestore(&adapter->mwifiex_cmd_lock, flags);
2032
+		spin_unlock_bh(&adapter->mwifiex_cmd_lock);
2040
2033
 
2041
2034
 		if (!adapter->active_scan_triggered) {
2042
2035
 			if (priv->scan_request) {
..
..
@@ -2062,7 +2055,7 @@
2062
2055
 		cmd_node = list_first_entry(&adapter->scan_pending_q,
2063
2056
 					    struct cmd_ctrl_node, list);
2064
2057
 		list_del(&cmd_node->list);
2065
-		spin_unlock_irqrestore(&adapter->scan_pending_q_lock, flags);
2058
+		spin_unlock_bh(&adapter->scan_pending_q_lock);
2066
2059
 		mwifiex_insert_cmd_to_pending_q(adapter, cmd_node);
2067
2060
 	}
2068
2061
 
..
..
@@ -2072,15 +2065,14 @@
2072
2065
 void mwifiex_cancel_scan(struct mwifiex_adapter *adapter)
2073
2066
 {
2074
2067
 	struct mwifiex_private *priv;
2075
-	unsigned long cmd_flags;
2076
2068
 	int i;
2077
2069
 
2078
2070
 	mwifiex_cancel_pending_scan_cmd(adapter);
2079
2071
 
2080
2072
 	if (adapter->scan_processing) {
2081
-		spin_lock_irqsave(&adapter->mwifiex_cmd_lock, cmd_flags);
2073
+		spin_lock_bh(&adapter->mwifiex_cmd_lock);
2082
2074
 		adapter->scan_processing = false;
2083
-		spin_unlock_irqrestore(&adapter->mwifiex_cmd_lock, cmd_flags);
2075
+		spin_unlock_bh(&adapter->mwifiex_cmd_lock);
2084
2076
 		for (i = 0; i < adapter->priv_num; i++) {
2085
2077
 			priv = adapter->priv[i];
2086
2078
 			if (!priv)
..
..
@@ -2208,9 +2200,9 @@
2208
2200
 
2209
2201
 	if (nd_config) {
2210
2202
 		adapter->nd_info =
2211
-			kzalloc(sizeof(struct cfg80211_wowlan_nd_match) +
2212
-				sizeof(struct cfg80211_wowlan_nd_match *) *
2213
-				scan_rsp->number_of_sets, GFP_ATOMIC);
2203
+			kzalloc(struct_size(adapter->nd_info, matches,
2204
+					    scan_rsp->number_of_sets),
2205
+				GFP_ATOMIC);
2214
2206
 
2215
2207
 		if (adapter->nd_info)
2216
2208
 			adapter->nd_info->n_matches = scan_rsp->number_of_sets;
..
..
@@ -2562,7 +2554,6 @@
2562
2554
 
2563
2555
 	struct host_cmd_ds_command *cmd_ptr;
2564
2556
 	struct cmd_ctrl_node *cmd_node;
2565
-	unsigned long cmd_flags, scan_flags;
2566
2557
 	bool complete_scan = false;
2567
2558
 
2568
2559
 	mwifiex_dbg(adapter, INFO, "info: EXT scan returns successfully\n");
..
..
@@ -2597,8 +2588,8 @@
2597
2588
 			       sizeof(struct mwifiex_ie_types_header));
2598
2589
 	}
2599
2590
 
2600
-	spin_lock_irqsave(&adapter->cmd_pending_q_lock, cmd_flags);
2601
-	spin_lock_irqsave(&adapter->scan_pending_q_lock, scan_flags);
2591
+	spin_lock_bh(&adapter->cmd_pending_q_lock);
2592
+	spin_lock_bh(&adapter->scan_pending_q_lock);
2602
2593
 	if (list_empty(&adapter->scan_pending_q)) {
2603
2594
 		complete_scan = true;
2604
2595
 		list_for_each_entry(cmd_node, &adapter->cmd_pending_q, list) {
..
..
@@ -2612,8 +2603,8 @@
2612
2603
 			}
2613
2604
 		}
2614
2605
 	}
2615
-	spin_unlock_irqrestore(&adapter->scan_pending_q_lock, scan_flags);
2616
-	spin_unlock_irqrestore(&adapter->cmd_pending_q_lock, cmd_flags);
2606
+	spin_unlock_bh(&adapter->scan_pending_q_lock);
2607
+	spin_unlock_bh(&adapter->cmd_pending_q_lock);
2617
2608
 
2618
2609
 	if (complete_scan)
2619
2610
 		mwifiex_complete_scan(priv);
..
..
@@ -2785,13 +2776,12 @@
2785
2776
 		       struct cmd_ctrl_node *cmd_node)
2786
2777
 {
2787
2778
 	struct mwifiex_adapter *adapter = priv->adapter;
2788
-	unsigned long flags;
2789
2779
 
2790
2780
 	cmd_node->wait_q_enabled = true;
2791
2781
 	cmd_node->condition = &adapter->scan_wait_q_woken;
2792
-	spin_lock_irqsave(&adapter->scan_pending_q_lock, flags);
2782
+	spin_lock_bh(&adapter->scan_pending_q_lock);
2793
2783
 	list_add_tail(&cmd_node->list, &adapter->scan_pending_q);
2794
-	spin_unlock_irqrestore(&adapter->scan_pending_q_lock, flags);
2784
+	spin_unlock_bh(&adapter->scan_pending_q_lock);
2795
2785
 }
2796
2786
 
2797
2787
 /*