~hc/RK356X_SDK_RELEASE.git

..	..	@@ -776,10 +776,8 @@
776	776	cmd->info.params.roam_rssi_floor = DEF_LRSSI_ROAM_FLOOR;
777	777	cmd->roam_ctrl = WMI_SET_LRSSI_SCAN_PARAMS;
778	778
779		- ath6kl_wmi_cmd_send(wmi, 0, skb, WMI_SET_ROAM_CTRL_CMDID,
	779	+ return ath6kl_wmi_cmd_send(wmi, 0, skb, WMI_SET_ROAM_CTRL_CMDID,
780	780	NO_SYNC_WMIFLAG);
781		-
782		- return 0;
783	781	}
784	782
785	783	int ath6kl_wmi_force_roam_cmd(struct wmi wmi, const u8 bssid)
..	..	@@ -1203,8 +1201,7 @@
1203	1201	static int ath6kl_wmi_bitrate_reply_rx(struct wmi wmi, u8 datap, int len)
1204	1202	{
1205	1203	struct wmi_bit_rate_reply *reply;
1206		- s32 rate;
1207		- u32 sgi, index;
	1204	+ u32 index;
1208	1205
1209	1206	if (len < sizeof(struct wmi_bit_rate_reply))
1210	1207	return -EINVAL;
..	..	@@ -1213,15 +1210,10 @@
1213	1210
1214	1211	ath6kl_dbg(ATH6KL_DBG_WMI, "rateindex %d\n", reply->rate_index);
1215	1212
1216		- if (reply->rate_index == (s8) RATE_AUTO) {
1217		- rate = RATE_AUTO;
1218		- } else {
	1213	+ if (reply->rate_index != (s8) RATE_AUTO) {
1219	1214	index = reply->rate_index & 0x7f;
1220	1215	if (WARN_ON_ONCE(index > (RATE_MCS_7_40 + 1)))
1221	1216	return -EINVAL;
1222		-
1223		- sgi = (reply->rate_index & 0x80) ? 1 : 0;
1224		- rate = wmi_rate_tbl[index][sgi];
1225	1217	}
1226	1218
1227	1219	ath6kl_wakeup_event(wmi->parent_dev);
..	..	@@ -1301,8 +1293,7 @@
1301	1293	if (len < sizeof(*ev))
1302	1294	return -EINVAL;
1303	1295	ev = (struct wmi_neighbor_report_event *) datap;
1304		- if (sizeof(ev) + ev->num_neighbors sizeof(struct wmi_neighbor_info)
1305		- > len) {
	1296	+ if (struct_size(ev, neighbor, ev->num_neighbors) > len) {
1306	1297	ath6kl_dbg(ATH6KL_DBG_WMI,
1307	1298	"truncated neighbor event (num=%d len=%d)\n",
1308	1299	ev->num_neighbors, len);
..	..	@@ -1857,9 +1848,9 @@
1857	1848	enum network_type nw_type,
1858	1849	enum dot11_auth_mode dot11_auth_mode,
1859	1850	enum auth_mode auth_mode,
1860		- enum crypto_type pairwise_crypto,
	1851	+ enum ath6kl_crypto_type pairwise_crypto,
1861	1852	u8 pairwise_crypto_len,
1862		- enum crypto_type group_crypto,
	1853	+ enum ath6kl_crypto_type group_crypto,
1863	1854	u8 group_crypto_len, int ssid_len, u8 *ssid,
1864	1855	u8 *bssid, u16 channel, u32 ctrl_flags,
1865	1856	u8 nw_subtype)
..	..	@@ -2309,7 +2300,7 @@
2309	2300	}
2310	2301
2311	2302	int ath6kl_wmi_addkey_cmd(struct wmi *wmi, u8 if_idx, u8 key_index,
2312		- enum crypto_type key_type,
	2303	+ enum ath6kl_crypto_type key_type,
2313	2304	u8 key_usage, u8 key_len,
2314	2305	u8 *key_rsc, unsigned int key_rsc_len,
2315	2306	u8 *key_material,
..	..	@@ -3660,7 +3651,7 @@
3660	3651	if (wait)
3661	3652	return -EINVAL; /* Offload for wait not supported */
3662	3653
3663		- buf = kmalloc(data_len, GFP_KERNEL);
	3654	+ buf = kmemdup(data, data_len, GFP_KERNEL);
3664	3655	if (!buf)
3665	3656	return -ENOMEM;
3666	3657
..	..	@@ -3671,7 +3662,6 @@
3671	3662	}
3672	3663
3673	3664	kfree(wmi->last_mgmt_tx_frame);
3674		- memcpy(buf, data, data_len);
3675	3665	wmi->last_mgmt_tx_frame = buf;
3676	3666	wmi->last_mgmt_tx_frame_len = data_len;
3677	3667
..	..	@@ -3699,7 +3689,7 @@
3699	3689	if (wait)
3700	3690	return -EINVAL; /* Offload for wait not supported */
3701	3691
3702		- buf = kmalloc(data_len, GFP_KERNEL);
	3692	+ buf = kmemdup(data, data_len, GFP_KERNEL);
3703	3693	if (!buf)
3704	3694	return -ENOMEM;
3705	3695
..	..	@@ -3710,7 +3700,6 @@
3710	3700	}
3711	3701
3712	3702	kfree(wmi->last_mgmt_tx_frame);
3713		- memcpy(buf, data, data_len);
3714	3703	wmi->last_mgmt_tx_frame = buf;
3715	3704	wmi->last_mgmt_tx_frame_len = data_len;
3716	3705