forked from ~ljy/RK356X_SDK_RELEASE
blame | history | patch | commit | commitdiff
hc
2023-12-09 b22da3d8526a935aa31e086e63f60ff3246cb61c 
 kernel/drivers/net/wireless/marvell/mwifiex/scan.c
....@@ -1,10 +1,10 @@
11 /*
2
- * Marvell Wireless LAN device driver: scan ioctl and command handling
2
+ * NXP Wireless LAN device driver: scan ioctl and command handling
33  *
4
- * Copyright (C) 2011-2014, Marvell International Ltd.
4
+ * Copyright 2011-2020 NXP
55  *
6
- * This software file (the "File") is distributed by Marvell International
7
- * Ltd. under the terms of the GNU General Public License Version 2, June 1991
6
+ * This software file (the "File") is distributed by NXP
7
+ * under the terms of the GNU General Public License Version 2, June 1991
88  * (the "License").  You may use, redistribute and/or modify this File in
99  * accordance with the terms and conditions of the License, a copy of which
1010  * is available by writing to the Free Software Foundation, Inc.,
....@@ -1244,7 +1244,7 @@
12441244 			mwifiex_dbg(adapter, ERROR,
12451245 				    "err: InterpretIE: in processing\t"
12461246 				    "IE, bytes left < IE length\n");
1247
-			return -1;
1247
+			return -EINVAL;
12481248 		}
12491249 		switch (element_id) {
12501250 		case WLAN_EID_SSID:
....@@ -1270,7 +1270,7 @@
12701270 			break;
12711271 
12721272 		case WLAN_EID_FH_PARAMS:
1273
-			if (element_len + 2 < sizeof(*fh_param_set))
1273
+			if (total_ie_len < sizeof(*fh_param_set))
12741274 				return -EINVAL;
12751275 			fh_param_set =
12761276 				(struct ieee_types_fh_param_set *) current_ptr;
....@@ -1280,7 +1280,7 @@
12801280 			break;
12811281 
12821282 		case WLAN_EID_DS_PARAMS:
1283
-			if (element_len + 2 < sizeof(*ds_param_set))
1283
+			if (total_ie_len < sizeof(*ds_param_set))
12841284 				return -EINVAL;
12851285 			ds_param_set =
12861286 				(struct ieee_types_ds_param_set *) current_ptr;
....@@ -1293,7 +1293,7 @@
12931293 			break;
12941294 
12951295 		case WLAN_EID_CF_PARAMS:
1296
-			if (element_len + 2 < sizeof(*cf_param_set))
1296
+			if (total_ie_len < sizeof(*cf_param_set))
12971297 				return -EINVAL;
12981298 			cf_param_set =
12991299 				(struct ieee_types_cf_param_set *) current_ptr;
....@@ -1303,7 +1303,7 @@
13031303 			break;
13041304 
13051305 		case WLAN_EID_IBSS_PARAMS:
1306
-			if (element_len + 2 < sizeof(*ibss_param_set))
1306
+			if (total_ie_len < sizeof(*ibss_param_set))
13071307 				return -EINVAL;
13081308 			ibss_param_set =
13091309 				(struct ieee_types_ibss_param_set *)
....@@ -1328,7 +1328,7 @@
13281328 
13291329 		case WLAN_EID_CHANNEL_SWITCH:
13301330 			bss_entry->chan_sw_ie_present = true;
1331
-			/* fall through */
1331
+			fallthrough;
13321332 		case WLAN_EID_PWR_CAPABILITY:
13331333 		case WLAN_EID_TPC_REPORT:
13341334 		case WLAN_EID_QUIET:
....@@ -1460,10 +1460,8 @@
14601460 			break;
14611461 		}
14621462 
1463
-		current_ptr += element_len + 2;
1464
-
1465
-		/* Need to account for IE ID and IE Len */
1466
-		bytes_left -= (element_len + 2);
1463
+		current_ptr += total_ie_len;
1464
+		bytes_left -= total_ie_len;
14671465 
14681466 	}	/* while (bytes_left > 2) */
14691467 	return ret;
....@@ -1505,7 +1503,6 @@
15051503 	u8 filtered_scan;
15061504 	u8 scan_current_chan_only;
15071505 	u8 max_chan_per_scan;
1508
-	unsigned long flags;
15091506 
15101507 	if (adapter->scan_processing) {
15111508 		mwifiex_dbg(adapter, WARN,
....@@ -1526,9 +1523,9 @@
15261523 		return -EFAULT;
15271524 	}
15281525 
1529
-	spin_lock_irqsave(&adapter->mwifiex_cmd_lock, flags);
1526
+	spin_lock_bh(&adapter->mwifiex_cmd_lock);
15301527 	adapter->scan_processing = true;
1531
-	spin_unlock_irqrestore(&adapter->mwifiex_cmd_lock, flags);
1528
+	spin_unlock_bh(&adapter->mwifiex_cmd_lock);
15321529 
15331530 	scan_cfg_out = kzalloc(sizeof(union mwifiex_scan_cmd_config_tlv),
15341531 			       GFP_KERNEL);
....@@ -1556,13 +1553,12 @@
15561553 
15571554 	/* Get scan command from scan_pending_q and put to cmd_pending_q */
15581555 	if (!ret) {
1559
-		spin_lock_irqsave(&adapter->scan_pending_q_lock, flags);
1556
+		spin_lock_bh(&adapter->scan_pending_q_lock);
15601557 		if (!list_empty(&adapter->scan_pending_q)) {
15611558 			cmd_node = list_first_entry(&adapter->scan_pending_q,
15621559 						    struct cmd_ctrl_node, list);
15631560 			list_del(&cmd_node->list);
1564
-			spin_unlock_irqrestore(&adapter->scan_pending_q_lock,
1565
-					       flags);
1561
+			spin_unlock_bh(&adapter->scan_pending_q_lock);
15661562 			mwifiex_insert_cmd_to_pending_q(adapter, cmd_node);
15671563 			queue_work(adapter->workqueue, &adapter->main_work);
15681564 
....@@ -1573,8 +1569,7 @@
15731569 				mwifiex_wait_queue_complete(adapter, cmd_node);
15741570 			}
15751571 		} else {
1576
-			spin_unlock_irqrestore(&adapter->scan_pending_q_lock,
1577
-					       flags);
1572
+			spin_unlock_bh(&adapter->scan_pending_q_lock);
15781573 		}
15791574 	}
15801575 
....@@ -1582,9 +1577,9 @@
15821577 	kfree(scan_chan_list);
15831578 done:
15841579 	if (ret) {
1585
-		spin_lock_irqsave(&adapter->mwifiex_cmd_lock, flags);
1580
+		spin_lock_bh(&adapter->mwifiex_cmd_lock);
15861581 		adapter->scan_processing = false;
1587
-		spin_unlock_irqrestore(&adapter->mwifiex_cmd_lock, flags);
1582
+		spin_unlock_bh(&adapter->mwifiex_cmd_lock);
15881583 	}
15891584 	return ret;
15901585 }
....@@ -1720,7 +1715,6 @@
17201715 {
17211716 	struct mwifiex_bssdescriptor *bss_desc;
17221717 	int ret;
1723
-	unsigned long flags;
17241718 
17251719 	/* Allocate and fill new bss descriptor */
17261720 	bss_desc = kzalloc(sizeof(struct mwifiex_bssdescriptor), GFP_KERNEL);
....@@ -1735,7 +1729,7 @@
17351729 	if (ret)
17361730 		goto done;
17371731 
1738
-	spin_lock_irqsave(&priv->curr_bcn_buf_lock, flags);
1732
+	spin_lock_bh(&priv->curr_bcn_buf_lock);
17391733 	/* Make a copy of current BSSID descriptor */
17401734 	memcpy(&priv->curr_bss_params.bss_descriptor, bss_desc,
17411735 	       sizeof(priv->curr_bss_params.bss_descriptor));
....@@ -1744,7 +1738,7 @@
17441738 	 * in mwifiex_save_curr_bcn()
17451739 	 */
17461740 	mwifiex_save_curr_bcn(priv);
1747
-	spin_unlock_irqrestore(&priv->curr_bcn_buf_lock, flags);
1741
+	spin_unlock_bh(&priv->curr_bcn_buf_lock);
17481742 
17491743 done:
17501744 	/* beacon_ie buffer was allocated in function
....@@ -1998,15 +1992,14 @@
19981992 {
19991993 	struct mwifiex_adapter *adapter = priv->adapter;
20001994 	struct cmd_ctrl_node *cmd_node;
2001
-	unsigned long flags;
20021995 
2003
-	spin_lock_irqsave(&adapter->scan_pending_q_lock, flags);
1996
+	spin_lock_bh(&adapter->scan_pending_q_lock);
20041997 	if (list_empty(&adapter->scan_pending_q)) {
2005
-		spin_unlock_irqrestore(&adapter->scan_pending_q_lock, flags);
1998
+		spin_unlock_bh(&adapter->scan_pending_q_lock);
20061999 
2007
-		spin_lock_irqsave(&adapter->mwifiex_cmd_lock, flags);
2000
+		spin_lock_bh(&adapter->mwifiex_cmd_lock);
20082001 		adapter->scan_processing = false;
2009
-		spin_unlock_irqrestore(&adapter->mwifiex_cmd_lock, flags);
2002
+		spin_unlock_bh(&adapter->mwifiex_cmd_lock);
20102003 
20112004 		mwifiex_active_scan_req_for_passive_chan(priv);
20122005 
....@@ -2030,13 +2023,13 @@
20302023 		}
20312024 	} else if ((priv->scan_aborting && !priv->scan_request) ||
20322025 		   priv->scan_block) {
2033
-		spin_unlock_irqrestore(&adapter->scan_pending_q_lock, flags);
2026
+		spin_unlock_bh(&adapter->scan_pending_q_lock);
20342027 
20352028 		mwifiex_cancel_pending_scan_cmd(adapter);
20362029 
2037
-		spin_lock_irqsave(&adapter->mwifiex_cmd_lock, flags);
2030
+		spin_lock_bh(&adapter->mwifiex_cmd_lock);
20382031 		adapter->scan_processing = false;
2039
-		spin_unlock_irqrestore(&adapter->mwifiex_cmd_lock, flags);
2032
+		spin_unlock_bh(&adapter->mwifiex_cmd_lock);
20402033 
20412034 		if (!adapter->active_scan_triggered) {
20422035 			if (priv->scan_request) {
....@@ -2062,7 +2055,7 @@
20622055 		cmd_node = list_first_entry(&adapter->scan_pending_q,
20632056 					    struct cmd_ctrl_node, list);
20642057 		list_del(&cmd_node->list);
2065
-		spin_unlock_irqrestore(&adapter->scan_pending_q_lock, flags);
2058
+		spin_unlock_bh(&adapter->scan_pending_q_lock);
20662059 		mwifiex_insert_cmd_to_pending_q(adapter, cmd_node);
20672060 	}
20682061 
....@@ -2072,15 +2065,14 @@
20722065 void mwifiex_cancel_scan(struct mwifiex_adapter *adapter)
20732066 {
20742067 	struct mwifiex_private *priv;
2075
-	unsigned long cmd_flags;
20762068 	int i;
20772069 
20782070 	mwifiex_cancel_pending_scan_cmd(adapter);
20792071 
20802072 	if (adapter->scan_processing) {
2081
-		spin_lock_irqsave(&adapter->mwifiex_cmd_lock, cmd_flags);
2073
+		spin_lock_bh(&adapter->mwifiex_cmd_lock);
20822074 		adapter->scan_processing = false;
2083
-		spin_unlock_irqrestore(&adapter->mwifiex_cmd_lock, cmd_flags);
2075
+		spin_unlock_bh(&adapter->mwifiex_cmd_lock);
20842076 		for (i = 0; i < adapter->priv_num; i++) {
20852077 			priv = adapter->priv[i];
20862078 			if (!priv)
....@@ -2562,7 +2554,6 @@
25622554 
25632555 	struct host_cmd_ds_command *cmd_ptr;
25642556 	struct cmd_ctrl_node *cmd_node;
2565
-	unsigned long cmd_flags, scan_flags;
25662557 	bool complete_scan = false;
25672558 
25682559 	mwifiex_dbg(adapter, INFO, "info: EXT scan returns successfully\n");
....@@ -2597,8 +2588,8 @@
25972588 			       sizeof(struct mwifiex_ie_types_header));
25982589 	}
25992590 
2600
-	spin_lock_irqsave(&adapter->cmd_pending_q_lock, cmd_flags);
2601
-	spin_lock_irqsave(&adapter->scan_pending_q_lock, scan_flags);
2591
+	spin_lock_bh(&adapter->cmd_pending_q_lock);
2592
+	spin_lock_bh(&adapter->scan_pending_q_lock);
26022593 	if (list_empty(&adapter->scan_pending_q)) {
26032594 		complete_scan = true;
26042595 		list_for_each_entry(cmd_node, &adapter->cmd_pending_q, list) {
....@@ -2612,8 +2603,8 @@
26122603 			}
26132604 		}
26142605 	}
2615
-	spin_unlock_irqrestore(&adapter->scan_pending_q_lock, scan_flags);
2616
-	spin_unlock_irqrestore(&adapter->cmd_pending_q_lock, cmd_flags);
2606
+	spin_unlock_bh(&adapter->scan_pending_q_lock);
2607
+	spin_unlock_bh(&adapter->cmd_pending_q_lock);
26172608 
26182609 	if (complete_scan)
26192610 		mwifiex_complete_scan(priv);
....@@ -2785,13 +2776,12 @@
27852776 		       struct cmd_ctrl_node *cmd_node)
27862777 {
27872778 	struct mwifiex_adapter *adapter = priv->adapter;
2788
-	unsigned long flags;
27892779 
27902780 	cmd_node->wait_q_enabled = true;
27912781 	cmd_node->condition = &adapter->scan_wait_q_woken;
2792
-	spin_lock_irqsave(&adapter->scan_pending_q_lock, flags);
2782
+	spin_lock_bh(&adapter->scan_pending_q_lock);
27932783 	list_add_tail(&cmd_node->list, &adapter->scan_pending_q);
2794
-	spin_unlock_irqrestore(&adapter->scan_pending_q_lock, flags);
2784
+	spin_unlock_bh(&adapter->scan_pending_q_lock);
27952785 }
27962786 
27972787 /*