samsung-sm8650/android_kernel_samsung_sm8650-modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

qcacmn: add refcnt and lock support for scan

Browse Source 
1. Take reference count for vdev/pdev/psoc object before posting
   async message to scan component.
2. Take proper lock before invoking objmgr APIs which require locking.
3. Fixed few memory issues in failure cases.

Change-Id: I594b9ebf904c1c3b049a5d9d9e15679ac41599e7
CRs-Fixed: 1095299
This commit is contained in:
Om Prakash Tripathi
2017-04-11 17:52:12 +05:30
committed by Sandeep Puligilla
parent c350256efa
commit f527f16e8e
9 changed files with 173 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
target_if/scan/src/target_if_scan.c
View File

@@ -77,6 +77,9 @@ target_if_scan_event_handler(ol_scn_t scn, uint8_t *data, uint32_t datalen)
qdf_mem_free(event_info); qdf_mem_free(event_info);
return -EINVAL; return -EINVAL;
} }
} else {
qdf_mem_free(event_info);
return -EINVAL;
} }
return 0; return 0;
@@ -126,6 +129,9 @@ int target_if_nlo_complete_handler(ol_scn_t scn, uint8_t *data,
qdf_mem_free(event_info); qdf_mem_free(event_info);
return -EINVAL; return -EINVAL;
} }
} else {
qdf_mem_free(event_info);
return -EINVAL;
} }
return 0; return 0;
@@ -173,6 +179,9 @@ int target_if_nlo_match_event_handler(ol_scn_t scn, uint8_t *data,
qdf_mem_free(event_info); qdf_mem_free(event_info);
return -EINVAL; return -EINVAL;
} }
} else {
qdf_mem_free(event_info);
return -EINVAL;
} }
return 0; return 0;

10
umac/scan/core/src/wlan_scan_cache_db.c
View File

@@ -562,6 +562,8 @@ QDF_STATUS scm_handle_bcn_probe(struct scheduler_msg *msg)
} }
free_nbuf: free_nbuf:
if (bcn->psoc)
wlan_objmgr_psoc_release_ref(bcn->psoc, WLAN_SCAN_ID);
if (pdev) if (pdev)
wlan_objmgr_pdev_release_ref(pdev, WLAN_SCAN_ID); wlan_objmgr_pdev_release_ref(pdev, WLAN_SCAN_ID);
if (bcn->rx_data) if (bcn->rx_data)
@@ -755,7 +757,9 @@ qdf_list_t *scm_get_scan_result(struct wlan_objmgr_pdev *pdev,
return NULL; return NULL;
} }
wlan_pdev_obj_lock(pdev);
psoc = wlan_pdev_get_psoc(pdev); psoc = wlan_pdev_get_psoc(pdev);
wlan_pdev_obj_unlock(pdev);
if (!psoc) { if (!psoc) {
scm_err("psoc is NULL"); scm_err("psoc is NULL");
return NULL; return NULL;
@@ -837,7 +841,9 @@ scm_iterate_scan_db(struct wlan_objmgr_pdev *pdev,
return QDF_STATUS_E_INVAL; return QDF_STATUS_E_INVAL;
} }
wlan_pdev_obj_lock(pdev);
psoc = wlan_pdev_get_psoc(pdev); psoc = wlan_pdev_get_psoc(pdev);
wlan_pdev_obj_unlock(pdev);
if (!psoc) { if (!psoc) {
scm_err("psoc is NULL"); scm_err("psoc is NULL");
return QDF_STATUS_E_INVAL; return QDF_STATUS_E_INVAL;
@@ -923,7 +929,9 @@ QDF_STATUS scm_flush_results(struct wlan_objmgr_pdev *pdev,
return QDF_STATUS_E_INVAL; return QDF_STATUS_E_INVAL;
} }
wlan_pdev_obj_lock(pdev);
psoc = wlan_pdev_get_psoc(pdev); psoc = wlan_pdev_get_psoc(pdev);
wlan_pdev_obj_unlock(pdev);
if (!psoc) { if (!psoc) {
scm_err("psoc is NULL"); scm_err("psoc is NULL");
return QDF_STATUS_E_INVAL; return QDF_STATUS_E_INVAL;
@@ -985,7 +993,9 @@ void scm_filter_valid_channel(struct wlan_objmgr_pdev *pdev,
return; return;
} }
wlan_pdev_obj_lock(pdev);
psoc = wlan_pdev_get_psoc(pdev); psoc = wlan_pdev_get_psoc(pdev);
wlan_pdev_obj_unlock(pdev);
if (!psoc) { if (!psoc) {
scm_err("psoc is NULL"); scm_err("psoc is NULL");
return; return;

2
umac/scan/core/src/wlan_scan_cache_db_i.h
View File

@@ -183,7 +183,9 @@ wlan_pdev_get_scan_db(struct wlan_objmgr_psoc *psoc,
scm_err("pdev is NULL"); scm_err("pdev is NULL");
return NULL; return NULL;
} }
wlan_pdev_obj_lock(pdev);
pdev_id = wlan_objmgr_pdev_get_pdev_id(pdev); pdev_id = wlan_objmgr_pdev_get_pdev_id(pdev);
wlan_pdev_obj_unlock(pdev);
return wlan_pdevid_get_scan_db(psoc, pdev_id); return wlan_pdevid_get_scan_db(psoc, pdev_id);
} }

12
umac/scan/core/src/wlan_scan_main.c
View File

@@ -54,8 +54,11 @@ QDF_STATUS wlan_scan_psoc_destroyed_notification(
void *scan_obj = NULL; void *scan_obj = NULL;
QDF_STATUS status = QDF_STATUS_SUCCESS; QDF_STATUS status = QDF_STATUS_SUCCESS;
wlan_psoc_obj_lock(psoc);
scan_obj = wlan_objmgr_psoc_get_comp_private_obj(psoc, scan_obj = wlan_objmgr_psoc_get_comp_private_obj(psoc,
WLAN_UMAC_COMP_SCAN); WLAN_UMAC_COMP_SCAN);
wlan_psoc_obj_unlock(psoc);
if (!scan_obj) { if (!scan_obj) {
scm_err("Failed to detach scan in psoc ctx"); scm_err("Failed to detach scan in psoc ctx");
return QDF_STATUS_E_FAILURE; return QDF_STATUS_E_FAILURE;
@@ -83,7 +86,7 @@ QDF_STATUS wlan_scan_vdev_created_notification(struct wlan_objmgr_vdev *vdev,
return QDF_STATUS_E_NOMEM; return QDF_STATUS_E_NOMEM;
} }
/* Attach scan private date to psoc */ /* Attach scan private date to vdev */
status = wlan_objmgr_vdev_component_obj_attach(vdev, status = wlan_objmgr_vdev_component_obj_attach(vdev,
WLAN_UMAC_COMP_SCAN, (void *)scan_vdev_obj, WLAN_UMAC_COMP_SCAN, (void *)scan_vdev_obj,
QDF_STATUS_SUCCESS); QDF_STATUS_SUCCESS);
@@ -104,8 +107,11 @@ QDF_STATUS wlan_scan_vdev_destroyed_notification(
void *scan_vdev_obj = NULL; void *scan_vdev_obj = NULL;
QDF_STATUS status = QDF_STATUS_SUCCESS; QDF_STATUS status = QDF_STATUS_SUCCESS;
wlan_vdev_obj_lock(vdev);
scan_vdev_obj = wlan_objmgr_vdev_get_comp_private_obj(vdev, scan_vdev_obj = wlan_objmgr_vdev_get_comp_private_obj(vdev,
WLAN_UMAC_COMP_SCAN); WLAN_UMAC_COMP_SCAN);
wlan_vdev_obj_unlock(vdev);
if (!scan_vdev_obj) { if (!scan_vdev_obj) {
scm_err("Failed to detach scan in vdev ctx"); scm_err("Failed to detach scan in vdev ctx");
return QDF_STATUS_E_FAILURE; return QDF_STATUS_E_FAILURE;

56
umac/scan/core/src/wlan_scan_main.h
View File

@@ -355,9 +355,15 @@ struct wlan_scan_obj {
static inline struct wlan_scan_obj * static inline struct wlan_scan_obj *
wlan_psoc_get_scan_obj(struct wlan_objmgr_psoc *psoc) wlan_psoc_get_scan_obj(struct wlan_objmgr_psoc *psoc)
{ {
return (struct wlan_scan_obj *) struct wlan_scan_obj *scan_obj;
wlan_psoc_obj_lock(psoc);
scan_obj = (struct wlan_scan_obj *)
wlan_objmgr_psoc_get_comp_private_obj(psoc, wlan_objmgr_psoc_get_comp_private_obj(psoc,
WLAN_UMAC_COMP_SCAN); WLAN_UMAC_COMP_SCAN);
wlan_psoc_obj_unlock(psoc);
return scan_obj;
} }
/** /**
@@ -369,7 +375,11 @@ wlan_psoc_get_scan_obj(struct wlan_objmgr_psoc *psoc)
static inline struct wlan_scan_obj * static inline struct wlan_scan_obj *
wlan_pdev_get_scan_obj(struct wlan_objmgr_pdev *pdev) wlan_pdev_get_scan_obj(struct wlan_objmgr_pdev *pdev)
{ {
struct wlan_objmgr_psoc *psoc = wlan_pdev_get_psoc(pdev); struct wlan_objmgr_psoc *psoc;
wlan_pdev_obj_lock(pdev);
psoc = wlan_pdev_get_psoc(pdev);
wlan_pdev_obj_unlock(pdev);
return wlan_psoc_get_scan_obj(psoc); return wlan_psoc_get_scan_obj(psoc);
} }
@@ -383,7 +393,11 @@ wlan_pdev_get_scan_obj(struct wlan_objmgr_pdev *pdev)
static inline struct wlan_scan_obj * static inline struct wlan_scan_obj *
wlan_vdev_get_scan_obj(struct wlan_objmgr_vdev *vdev) wlan_vdev_get_scan_obj(struct wlan_objmgr_vdev *vdev)
{ {
struct wlan_objmgr_pdev *pdev = wlan_vdev_get_pdev(vdev); struct wlan_objmgr_pdev *pdev;
wlan_vdev_obj_lock(vdev);
pdev = wlan_vdev_get_pdev(vdev);
wlan_vdev_obj_unlock(vdev);
return wlan_pdev_get_scan_obj(pdev); return wlan_pdev_get_scan_obj(pdev);
} }
@@ -397,13 +411,19 @@ wlan_vdev_get_scan_obj(struct wlan_objmgr_vdev *vdev)
static inline struct scan_vdev_obj * static inline struct scan_vdev_obj *
wlan_get_vdev_scan_obj(struct wlan_objmgr_vdev *vdev) wlan_get_vdev_scan_obj(struct wlan_objmgr_vdev *vdev)
{ {
return (struct scan_vdev_obj *) struct scan_vdev_obj *scan_vdev_obj;
wlan_vdev_obj_lock(vdev);
scan_vdev_obj = (struct scan_vdev_obj *)
wlan_objmgr_vdev_get_comp_private_obj(vdev, wlan_objmgr_vdev_get_comp_private_obj(vdev,
WLAN_UMAC_COMP_SCAN); WLAN_UMAC_COMP_SCAN);
wlan_vdev_obj_unlock(vdev);
return scan_vdev_obj;
} }
/** /**
* wlan_scan_vdev_get_pdev_id)() - private API to get pdev id from vdev object * wlan_scan_vdev_get_pdev_id() - private API to get pdev id from vdev object
* @vdev: vdev object * @vdev: vdev object
* *
* Return: parent pdev id * Return: parent pdev id
@@ -411,7 +431,11 @@ wlan_get_vdev_scan_obj(struct wlan_objmgr_vdev *vdev)
static inline uint8_t static inline uint8_t
wlan_scan_vdev_get_pdev_id(struct wlan_objmgr_vdev *vdev) wlan_scan_vdev_get_pdev_id(struct wlan_objmgr_vdev *vdev)
{ {
struct wlan_objmgr_pdev *pdev = wlan_vdev_get_pdev(vdev); struct wlan_objmgr_pdev *pdev;
wlan_vdev_obj_lock(vdev);
pdev = wlan_vdev_get_pdev(vdev);
wlan_vdev_obj_unlock(vdev);
return wlan_objmgr_pdev_get_pdev_id(pdev); return wlan_objmgr_pdev_get_pdev_id(pdev);
} }
@@ -426,9 +450,17 @@ wlan_scan_vdev_get_pdev_id(struct wlan_objmgr_vdev *vdev)
static inline struct pdev_scan_ev_handler* static inline struct pdev_scan_ev_handler*
wlan_pdev_get_pdev_scan_ev_handlers(struct wlan_objmgr_pdev *pdev) wlan_pdev_get_pdev_scan_ev_handlers(struct wlan_objmgr_pdev *pdev)
{ {
uint8_t pdevid = wlan_objmgr_pdev_get_pdev_id(pdev); uint8_t pdevid;
struct wlan_scan_obj *scan = wlan_pdev_get_scan_obj(pdev); struct wlan_scan_obj *scan;
struct pdev_scan_ev_handler *pdev_ev_handler = struct pdev_scan_ev_handler *pdev_ev_handler;
wlan_pdev_obj_lock(pdev);
pdevid = wlan_objmgr_pdev_get_pdev_id(pdev);
wlan_pdev_obj_unlock(pdev);
scan = wlan_pdev_get_scan_obj(pdev);
pdev_ev_handler =
&scan->global_evhandlers.pdev_ev_handlers[pdevid]; &scan->global_evhandlers.pdev_ev_handlers[pdevid];
return pdev_ev_handler; return pdev_ev_handler;
@@ -444,7 +476,11 @@ wlan_pdev_get_pdev_scan_ev_handlers(struct wlan_objmgr_pdev *pdev)
static inline struct pdev_scan_ev_handler* static inline struct pdev_scan_ev_handler*
wlan_vdev_get_pdev_scan_ev_handlers(struct wlan_objmgr_vdev *vdev) wlan_vdev_get_pdev_scan_ev_handlers(struct wlan_objmgr_vdev *vdev)
{ {
struct wlan_objmgr_pdev *pdev = wlan_vdev_get_pdev(vdev); struct wlan_objmgr_pdev *pdev;
wlan_vdev_obj_lock(vdev);
pdev = wlan_vdev_get_pdev(vdev);
wlan_vdev_obj_unlock(vdev);
return wlan_pdev_get_pdev_scan_ev_handlers(pdev); return wlan_pdev_get_pdev_scan_ev_handlers(pdev);
} }

24
umac/scan/core/src/wlan_scan_manager.c
View File

@@ -30,8 +30,8 @@
#include <host_diag_core_event.h> #include <host_diag_core_event.h>
#endif #endif
static QDF_STATUS QDF_STATUS
scm_free_scan_request_mem(struct scan_start_request *req) scm_scan_free_scan_request_mem(struct scan_start_request *req)
{ {
void *ie; void *ie;
@@ -322,9 +322,10 @@ scm_scan_serialize_callback(struct wlan_serialization_command *cmd,
case WLAN_SER_CB_RELEASE_MEM_CMD: case WLAN_SER_CB_RELEASE_MEM_CMD:
/* command successfully completed. /* command successfully completed.
* release scan_start_request memory * Release vdev reference and free scan_start_request memory
*/ */
status = scm_free_scan_request_mem(req); wlan_objmgr_vdev_release_ref(req->vdev, WLAN_SCAN_ID);
status = scm_scan_free_scan_request_mem(req);
break; break;
default: default:
@@ -398,13 +399,19 @@ scm_scan_start_req(struct scheduler_msg *msg)
scm_post_internal_scan_complete_event(req, scm_post_internal_scan_complete_event(req,
SCAN_REASON_INTERNAL_FAILURE); SCAN_REASON_INTERNAL_FAILURE);
/* cmd can't be serviced. /* cmd can't be serviced.
* release scan_start_request memory. * release vdev reference and free scan_start_request memory
*/ */
scm_free_scan_request_mem(req); wlan_objmgr_vdev_release_ref(req->vdev, WLAN_SCAN_ID);
scm_scan_free_scan_request_mem(req);
break; break;
default: default:
QDF_ASSERT(0); QDF_ASSERT(0);
status = QDF_STATUS_E_INVAL; status = QDF_STATUS_E_INVAL;
/* cmd can't be serviced.
* release vdev reference and free scan_start_request memory
*/
wlan_objmgr_vdev_release_ref(req->vdev, WLAN_SCAN_ID);
scm_scan_free_scan_request_mem(req);
break; break;
} }
@@ -482,6 +489,11 @@ scm_scan_cancel_req(struct scheduler_msg *msg)
status = QDF_STATUS_E_INVAL; status = QDF_STATUS_E_INVAL;
break; break;
} }
/* Release vdev reference and scan cancel request
* processing is complete
*/
wlan_objmgr_vdev_release_ref(req->vdev, WLAN_SCAN_ID);
/* Free cancel request memory */ /* Free cancel request memory */
qdf_mem_free(req); qdf_mem_free(req);

9
umac/scan/core/src/wlan_scan_manager.h
View File

@@ -76,4 +76,13 @@ QDF_STATUS scm_scan_cancel_req(struct scheduler_msg *msg);
* Return: QDF_STATUS * Return: QDF_STATUS
*/ */
QDF_STATUS scm_scan_event_handler(struct scheduler_msg *msg); QDF_STATUS scm_scan_event_handler(struct scheduler_msg *msg);
/**
* scm_scan_free_scan_request_mem() - Free scan request memory
* @req: scan_start_request object
*
* Return: QDF_STATUS
*/
QDF_STATUS scm_scan_free_scan_request_mem(struct scan_start_request *req);
#endif #endif

57
umac/scan/dispatcher/src/wlan_scan_tgt_api.c
View File

@@ -44,7 +44,9 @@ wlan_vdev_get_scan_txops(struct wlan_objmgr_vdev *vdev)
{ {
struct wlan_objmgr_psoc *psoc = NULL; struct wlan_objmgr_psoc *psoc = NULL;
wlan_vdev_obj_lock(vdev);
psoc = wlan_vdev_get_psoc(vdev); psoc = wlan_vdev_get_psoc(vdev);
wlan_vdev_obj_unlock(vdev);
return wlan_psoc_get_scan_txops(psoc); return wlan_psoc_get_scan_txops(psoc);
} }
@@ -54,7 +56,9 @@ wlan_vdev_get_scan_rxops(struct wlan_objmgr_vdev *vdev)
{ {
struct wlan_objmgr_psoc *psoc = NULL; struct wlan_objmgr_psoc *psoc = NULL;
wlan_vdev_obj_lock(vdev);
psoc = wlan_vdev_get_psoc(vdev); psoc = wlan_vdev_get_psoc(vdev);
wlan_vdev_obj_unlock(vdev);
return &((psoc->soc_cb.rx_ops.scan)); return &((psoc->soc_cb.rx_ops.scan));
} }
@@ -64,10 +68,14 @@ wlan_vdev_get_scan_rxops(struct wlan_objmgr_vdev *vdev)
QDF_STATUS tgt_scan_pno_start(struct wlan_objmgr_vdev *vdev, QDF_STATUS tgt_scan_pno_start(struct wlan_objmgr_vdev *vdev,
struct pno_scan_req_params *req) struct pno_scan_req_params *req)
{ {
struct wlan_lmac_if_scan_tx_ops *scan_ops = NULL; struct wlan_lmac_if_scan_tx_ops *scan_ops;
struct wlan_objmgr_psoc *psoc = wlan_vdev_get_psoc(vdev); struct wlan_objmgr_psoc *psoc;
scan_ops = wlan_vdev_get_scan_txops(vdev); wlan_vdev_obj_lock(vdev);
psoc = wlan_vdev_get_psoc(vdev);
wlan_vdev_obj_unlock(vdev);
scan_ops = wlan_psoc_get_scan_txops(psoc);
/* invoke wmi_unified_pno_start_cmd() */ /* invoke wmi_unified_pno_start_cmd() */
QDF_ASSERT(scan_ops->pno_start); QDF_ASSERT(scan_ops->pno_start);
if (scan_ops->pno_start) if (scan_ops->pno_start)
@@ -79,11 +87,14 @@ QDF_STATUS tgt_scan_pno_start(struct wlan_objmgr_vdev *vdev,
QDF_STATUS tgt_scan_pno_stop(struct wlan_objmgr_vdev *vdev, QDF_STATUS tgt_scan_pno_stop(struct wlan_objmgr_vdev *vdev,
uint8_t vdev_id) uint8_t vdev_id)
{ {
struct wlan_lmac_if_scan_tx_ops *scan_ops = NULL; struct wlan_lmac_if_scan_tx_ops *scan_ops;
struct wlan_objmgr_psoc *psoc = wlan_vdev_get_psoc(vdev); struct wlan_objmgr_psoc *psoc;
scan_ops = wlan_vdev_get_scan_txops(vdev); wlan_vdev_obj_lock(vdev);
psoc = wlan_vdev_get_psoc(vdev);
wlan_vdev_obj_unlock(vdev);
scan_ops = wlan_psoc_get_scan_txops(psoc);
/* invoke wmi_unified_pno_stop_cmd() */ /* invoke wmi_unified_pno_stop_cmd() */
QDF_ASSERT(scan_ops->pno_stop); QDF_ASSERT(scan_ops->pno_stop);
if (scan_ops->pno_stop) if (scan_ops->pno_stop)
@@ -96,10 +107,15 @@ QDF_STATUS tgt_scan_pno_stop(struct wlan_objmgr_vdev *vdev,
QDF_STATUS QDF_STATUS
tgt_scan_start(struct scan_start_request *req) tgt_scan_start(struct scan_start_request *req)
{ {
struct wlan_lmac_if_scan_tx_ops *scan_ops = NULL; struct wlan_lmac_if_scan_tx_ops *scan_ops;
struct wlan_objmgr_psoc *psoc = wlan_vdev_get_psoc(req->vdev); struct wlan_objmgr_psoc *psoc;
struct wlan_objmgr_vdev *vdev = req->vdev;
scan_ops = wlan_vdev_get_scan_txops(req->vdev); wlan_vdev_obj_lock(vdev);
psoc = wlan_vdev_get_psoc(vdev);
wlan_vdev_obj_unlock(vdev);
scan_ops = wlan_psoc_get_scan_txops(psoc);
/* invoke wmi_unified_scan_start_cmd_send() */ /* invoke wmi_unified_scan_start_cmd_send() */
QDF_ASSERT(scan_ops->scan_start); QDF_ASSERT(scan_ops->scan_start);
if (scan_ops->scan_start) if (scan_ops->scan_start)
@@ -112,10 +128,15 @@ tgt_scan_start(struct scan_start_request *req)
QDF_STATUS QDF_STATUS
tgt_scan_cancel(struct scan_cancel_request *req) tgt_scan_cancel(struct scan_cancel_request *req)
{ {
struct wlan_lmac_if_scan_tx_ops *scan_ops = NULL; struct wlan_lmac_if_scan_tx_ops *scan_ops;
struct wlan_objmgr_psoc *psoc = wlan_vdev_get_psoc(req->vdev); struct wlan_objmgr_psoc *psoc;
struct wlan_objmgr_vdev *vdev = req->vdev;
scan_ops = wlan_vdev_get_scan_txops(req->vdev); wlan_vdev_obj_lock(vdev);
psoc = wlan_vdev_get_psoc(vdev);
wlan_vdev_obj_unlock(vdev);
scan_ops = wlan_psoc_get_scan_txops(psoc);
/* invoke wmi_unified_scan_stop_cmd_send() */ /* invoke wmi_unified_scan_stop_cmd_send() */
QDF_ASSERT(scan_ops->scan_cancel); QDF_ASSERT(scan_ops->scan_cancel);
if (scan_ops->scan_cancel) if (scan_ops->scan_cancel)
@@ -191,7 +212,6 @@ tgt_scan_event_handler(struct wlan_objmgr_psoc *psoc,
status = scheduler_post_msg(QDF_MODULE_ID_TARGET_IF, &msg); status = scheduler_post_msg(QDF_MODULE_ID_TARGET_IF, &msg);
if (QDF_IS_STATUS_ERROR(status)) { if (QDF_IS_STATUS_ERROR(status)) {
qdf_mem_free(event_info);
wlan_objmgr_vdev_release_ref(event_info->vdev, WLAN_SCAN_ID); wlan_objmgr_vdev_release_ref(event_info->vdev, WLAN_SCAN_ID);
} }
@@ -233,6 +253,16 @@ QDF_STATUS tgt_scan_bcn_probe_rx_callback(struct wlan_objmgr_psoc *psoc,
bcn->frm_type = MGMT_SUBTYPE_PROBE_RESP; bcn->frm_type = MGMT_SUBTYPE_PROBE_RESP;
else else
bcn->frm_type = MGMT_SUBTYPE_BEACON; bcn->frm_type = MGMT_SUBTYPE_BEACON;
status = wlan_objmgr_psoc_try_get_ref(psoc, WLAN_SCAN_ID);
if (QDF_IS_STATUS_ERROR(status)) {
scm_info("unable to get reference");
qdf_mem_free(bcn->rx_data);
qdf_mem_free(bcn);
qdf_nbuf_free(buf);
return status;
}
bcn->psoc = psoc; bcn->psoc = psoc;
bcn->buf = buf; bcn->buf = buf;
qdf_mem_copy(bcn->rx_data, rx_param, sizeof(*rx_param)); qdf_mem_copy(bcn->rx_data, rx_param, sizeof(*rx_param));
@@ -243,6 +273,7 @@ QDF_STATUS tgt_scan_bcn_probe_rx_callback(struct wlan_objmgr_psoc *psoc,
status = scheduler_post_msg(QDF_MODULE_ID_TARGET_IF, &msg); status = scheduler_post_msg(QDF_MODULE_ID_TARGET_IF, &msg);
if (!QDF_IS_STATUS_SUCCESS(status)) { if (!QDF_IS_STATUS_SUCCESS(status)) {
wlan_objmgr_psoc_release_ref(psoc, WLAN_SCAN_ID);
scm_err("failed to post to QDF_MODULE_ID_TARGET_IF"); scm_err("failed to post to QDF_MODULE_ID_TARGET_IF");
qdf_mem_free(bcn->rx_data); qdf_mem_free(bcn->rx_data);
qdf_mem_free(bcn); qdf_mem_free(bcn);

29
umac/scan/dispatcher/src/wlan_scan_ucfg_api.c
View File

@@ -334,18 +334,33 @@ ucfg_scan_start(struct scan_start_request *req)
if (!req || !req->vdev) { if (!req || !req->vdev) {
scm_err("vdev: %p, req: %p", req->vdev, req); scm_err("vdev: %p, req: %p", req->vdev, req);
if (req)
scm_scan_free_scan_request_mem(req);
return QDF_STATUS_E_NULL_VALUE; return QDF_STATUS_E_NULL_VALUE;
} }
scm_info("reqid: %d, scanid: %d, vdevid: %d", scm_info("reqid: %d, scanid: %d, vdevid: %d",
req->scan_req.scan_req_id, req->scan_req.scan_id, req->scan_req.scan_req_id, req->scan_req.scan_id,
req->scan_req.vdev_id); req->scan_req.vdev_id);
/* Try to get vdev reference. Return if reference could
* not be taken. Reference will be released once scan
* request handling completes along with free of @req.
*/
status = wlan_objmgr_vdev_try_get_ref(req->vdev, WLAN_SCAN_ID);
if (QDF_IS_STATUS_ERROR(status)) {
scm_info("unable to get reference");
scm_scan_free_scan_request_mem(req);
return status;
}
msg.bodyptr = req; msg.bodyptr = req;
msg.callback = scm_scan_start_req; msg.callback = scm_scan_start_req;
status = scheduler_post_msg(QDF_MODULE_ID_OS_IF, &msg); status = scheduler_post_msg(QDF_MODULE_ID_OS_IF, &msg);
if (!QDF_IS_STATUS_SUCCESS(status)) { if (QDF_IS_STATUS_ERROR(status)) {
wlan_objmgr_vdev_release_ref(req->vdev, WLAN_SCAN_ID);
scm_err("failed to post to QDF_MODULE_ID_OS_IF"); scm_err("failed to post to QDF_MODULE_ID_OS_IF");
qdf_mem_free(req); scm_scan_free_scan_request_mem(req);
} }
return status; return status;
@@ -366,12 +381,20 @@ ucfg_scan_cancel(struct scan_cancel_request *req)
scm_info("reqid: %d, scanid: %d, vdevid: %d, type: %d", scm_info("reqid: %d, scanid: %d, vdevid: %d, type: %d",
req->cancel_req.requester, req->cancel_req.scan_id, req->cancel_req.requester, req->cancel_req.scan_id,
req->cancel_req.vdev_id, req->cancel_req.req_type); req->cancel_req.vdev_id, req->cancel_req.req_type);
/* Get vdev reference unconditionally.
* Reference will be released once scan cancel is
* posted to FW.
*/
wlan_objmgr_vdev_get_ref(req->vdev, WLAN_SCAN_ID);
msg.bodyptr = req; msg.bodyptr = req;
msg.callback = scm_scan_cancel_req; msg.callback = scm_scan_cancel_req;
status = scheduler_post_msg(QDF_MODULE_ID_OS_IF, &msg); status = scheduler_post_msg(QDF_MODULE_ID_OS_IF, &msg);
if (!QDF_IS_STATUS_SUCCESS(status)) { if (QDF_IS_STATUS_ERROR(status)) {
scm_err("failed to post to QDF_MODULE_ID_OS_IF"); scm_err("failed to post to QDF_MODULE_ID_OS_IF");
wlan_objmgr_vdev_release_ref(req->vdev, WLAN_SCAN_ID);
qdf_mem_free(req); qdf_mem_free(req);
} }