qcacmn: DFS kernel panic fixed

NULL pointer dereference is fixed.

Change-Id: I6c5dce998dd276306a42a14253450965329afd56
CRs-Fixed: 2001106
This commit is contained in:
Abhijit Pradhan
2017-04-28 10:58:34 +05:30
committed by snandini
parent 8b8334baa4
commit b4ebf34ea2
3 changed files with 28 additions and 19 deletions

View File

@@ -428,36 +428,38 @@ struct dfs_state *dfs_getchanstate(struct wlan_dfs *dfs, uint8_t *index,
int ext_chan_flag) int ext_chan_flag)
{ {
struct dfs_state *rs = NULL; struct dfs_state *rs = NULL;
struct dfs_ieee80211_channel *cmp_ch = NULL; struct dfs_ieee80211_channel *cmp_ch, cmp_ch1;
int i; int i;
QDF_STATUS err;
if (dfs == NULL) { if (dfs == NULL) {
DFS_DPRINTK(dfs, WLAN_DEBUG_DFS, "%s: dfs is NULL\n", __func__); DFS_DPRINTK(dfs, WLAN_DEBUG_DFS, "%s: dfs is NULL\n", __func__);
return NULL; return NULL;
} }
cmp_ch = &cmp_ch1;
if (ext_chan_flag) { if (ext_chan_flag) {
dfs_mlme_get_extchan(dfs->dfs_pdev_obj, err = dfs_mlme_get_extchan(dfs->dfs_pdev_obj,
&(cmp_ch->ic_freq), &(cmp_ch->ic_freq),
&(cmp_ch->ic_flags), &(cmp_ch->ic_flags),
&(cmp_ch->ic_flagext), &(cmp_ch->ic_flagext),
&(cmp_ch->ic_ieee), &(cmp_ch->ic_ieee),
&(cmp_ch->ic_vhtop_ch_freq_seg1), &(cmp_ch->ic_vhtop_ch_freq_seg1),
&(cmp_ch->ic_vhtop_ch_freq_seg2)); &(cmp_ch->ic_vhtop_ch_freq_seg2));
if (cmp_ch) {
if (err == QDF_STATUS_SUCCESS) {
DFS_DPRINTK(dfs, WLAN_DEBUG_DFS2, DFS_DPRINTK(dfs, WLAN_DEBUG_DFS2,
"Extension channel freq = %u flags=0x%x\n", "Extension channel freq = %u flags=0x%x\n",
cmp_ch->ic_freq, cmp_ch->ic_flagext); cmp_ch->ic_freq, cmp_ch->ic_flagext);
} else { } else
return NULL; return NULL;
}
} else { } else {
cmp_ch = dfs->dfs_curchan; cmp_ch = dfs->dfs_curchan;
DFS_DPRINTK(dfs, WLAN_DEBUG_DFS2, DFS_DPRINTK(dfs, WLAN_DEBUG_DFS2,
"Primary channel freq = %u flags=0x%x\n", "Primary channel freq = %u flags=0x%x\n",
cmp_ch->ic_freq, cmp_ch->ic_flagext); cmp_ch->ic_freq, cmp_ch->ic_flagext);
} }
for (i = 0; i < DFS_NUM_RADAR_STATES; i++) { for (i = 0; i < DFS_NUM_RADAR_STATES; i++) {
if ((dfs->dfs_radar[i].rs_chan.ic_freq == cmp_ch->ic_freq) && if ((dfs->dfs_radar[i].rs_chan.ic_freq == cmp_ch->ic_freq) &&
(dfs->dfs_radar[i].rs_chan.ic_flags == cmp_ch->ic_flags) (dfs->dfs_radar[i].rs_chan.ic_flags == cmp_ch->ic_flags)
@@ -494,7 +496,8 @@ void dfs_radar_enable(struct wlan_dfs *dfs, int no_cac, uint32_t opmode)
{ {
int is_ext_ch; int is_ext_ch;
int is_fastclk = 0; int is_fastclk = 0;
struct dfs_ieee80211_channel *ext_ch = NULL; struct dfs_ieee80211_channel *ext_ch, extchan;
QDF_STATUS err = QDF_STATUS_E_FAILURE;
if (dfs == NULL) { if (dfs == NULL) {
DFS_DPRINTK(dfs, WLAN_DEBUG_DFS1, DFS_DPRINTK(dfs, WLAN_DEBUG_DFS1,
@@ -522,8 +525,9 @@ void dfs_radar_enable(struct wlan_dfs *dfs, int no_cac, uint32_t opmode)
dfs->dfs_proc_phyerr |= DFS_RADAR_EN; dfs->dfs_proc_phyerr |= DFS_RADAR_EN;
dfs->dfs_proc_phyerr |= DFS_SECOND_SEGMENT_RADAR_EN; dfs->dfs_proc_phyerr |= DFS_SECOND_SEGMENT_RADAR_EN;
ext_ch = &extchan;
if (is_ext_ch) if (is_ext_ch)
dfs_mlme_get_extchan(dfs->dfs_pdev_obj, err = dfs_mlme_get_extchan(dfs->dfs_pdev_obj,
&(ext_ch->ic_freq), &(ext_ch->ic_freq),
&(ext_ch->ic_flags), &(ext_ch->ic_flags),
&(ext_ch->ic_flagext), &(ext_ch->ic_flagext),
@@ -531,13 +535,16 @@ void dfs_radar_enable(struct wlan_dfs *dfs, int no_cac, uint32_t opmode)
&(ext_ch->ic_vhtop_ch_freq_seg1), &(ext_ch->ic_vhtop_ch_freq_seg1),
&(ext_ch->ic_vhtop_ch_freq_seg2)); &(ext_ch->ic_vhtop_ch_freq_seg2));
dfs_reset_alldelaylines(dfs); dfs_reset_alldelaylines(dfs);
rs_pri = dfs_getchanstate(dfs, &index_pri, 0); rs_pri = dfs_getchanstate(dfs, &index_pri, 0);
if (ext_ch) if (err == QDF_STATUS_SUCCESS) {
rs_ext = dfs_getchanstate(dfs, &index_ext, 1); rs_ext = dfs_getchanstate(dfs, &index_ext, 1);
}
if (rs_pri != NULL && ((ext_ch == NULL) || (rs_ext != NULL))) { if (rs_pri != NULL && ((err == QDF_STATUS_E_FAILURE) ||
(rs_ext != NULL))) {
struct wlan_dfs_phyerr_param pe; struct wlan_dfs_phyerr_param pe;
qdf_mem_set(&pe, '\0', sizeof(pe)); qdf_mem_set(&pe, '\0', sizeof(pe));

View File

@@ -128,7 +128,7 @@ void dfs_mlme_find_any_valid_channel(struct wlan_objmgr_pdev *pdev,
* @ic_vhtop_ch_freq_seg2: Channel Center frequency applicable for 80+80MHz * @ic_vhtop_ch_freq_seg2: Channel Center frequency applicable for 80+80MHz
* mode of operation. * mode of operation.
*/ */
void dfs_mlme_get_extchan(struct wlan_objmgr_pdev *pdev, QDF_STATUS dfs_mlme_get_extchan(struct wlan_objmgr_pdev *pdev,
uint16_t *ic_freq, uint16_t *ic_freq,
uint32_t *ic_flags, uint32_t *ic_flags,
uint16_t *ic_flagext, uint16_t *ic_flagext,

View File

@@ -172,7 +172,7 @@ void dfs_mlme_find_any_valid_channel(struct wlan_objmgr_pdev *pdev,
ret_val); ret_val);
} }
void dfs_mlme_get_extchan(struct wlan_objmgr_pdev *pdev, QDF_STATUS dfs_mlme_get_extchan(struct wlan_objmgr_pdev *pdev,
uint16_t *ic_freq, uint16_t *ic_freq,
uint32_t *ic_flags, uint32_t *ic_flags,
uint16_t *ic_flagext, uint16_t *ic_flagext,
@@ -181,13 +181,15 @@ void dfs_mlme_get_extchan(struct wlan_objmgr_pdev *pdev,
uint8_t *ic_vhtop_ch_freq_seg2) uint8_t *ic_vhtop_ch_freq_seg2)
{ {
if (global_dfs_to_mlme.mlme_get_extchan != NULL) if (global_dfs_to_mlme.mlme_get_extchan != NULL)
global_dfs_to_mlme.mlme_get_extchan(pdev, return global_dfs_to_mlme.mlme_get_extchan(pdev,
ic_freq, ic_freq,
ic_flags, ic_flags,
ic_flagext, ic_flagext,
ic_ieee, ic_ieee,
ic_vhtop_ch_freq_seg1, ic_vhtop_ch_freq_seg1,
ic_vhtop_ch_freq_seg2); ic_vhtop_ch_freq_seg2);
return QDF_STATUS_E_FAILURE;
} }
void dfs_mlme_set_no_chans_available(struct wlan_objmgr_pdev *pdev, void dfs_mlme_set_no_chans_available(struct wlan_objmgr_pdev *pdev,