Commit 807b0860 authored by Alexei Avshalom Lazar's avatar Alexei Avshalom Lazar Committed by Kalle Valo

wil6210: Initialize reply struct of the WMI commands

WMI command reply saved in uninitialized struct.
In order to avoid accessing unset values from FW initialize
the reply struct.
Signed-off-by: default avatarAlexei Avshalom Lazar <ailizaro@codeaurora.org>
Signed-off-by: default avatarMaya Erez <merez@codeaurora.org>
Signed-off-by: default avatarKalle Valo <kvalo@codeaurora.org>
parent 1c21cc5f
......@@ -276,6 +276,8 @@ int wil_cid_fill_sinfo(struct wil6210_vif *vif, int cid,
struct wil_net_stats *stats = &wil->sta[cid].stats;
int rc;
memset(&reply, 0, sizeof(reply));
rc = wmi_call(wil, WMI_NOTIFY_REQ_CMDID, vif->mid, &cmd, sizeof(cmd),
WMI_NOTIFY_REQ_DONE_EVENTID, &reply, sizeof(reply), 20);
if (rc)
......@@ -2246,7 +2248,9 @@ static int wil_rf_sector_get_cfg(struct wiphy *wiphy,
struct {
struct wmi_cmd_hdr wmi;
struct wmi_get_rf_sector_params_done_event evt;
} __packed reply;
} __packed reply = {
.evt = {.status = WMI_RF_SECTOR_STATUS_NOT_SUPPORTED_ERROR},
};
struct sk_buff *msg;
struct nlattr *nl_cfgs, *nl_cfg;
u32 i;
......@@ -2292,7 +2296,6 @@ static int wil_rf_sector_get_cfg(struct wiphy *wiphy,
cmd.sector_idx = cpu_to_le16(sector_index);
cmd.sector_type = sector_type;
cmd.rf_modules_vec = rf_modules_vec & 0xFF;
memset(&reply, 0, sizeof(reply));
rc = wmi_call(wil, WMI_GET_RF_SECTOR_PARAMS_CMDID, vif->mid,
&cmd, sizeof(cmd), WMI_GET_RF_SECTOR_PARAMS_DONE_EVENTID,
&reply, sizeof(reply),
......@@ -2367,7 +2370,9 @@ static int wil_rf_sector_set_cfg(struct wiphy *wiphy,
struct {
struct wmi_cmd_hdr wmi;
struct wmi_set_rf_sector_params_done_event evt;
} __packed reply;
} __packed reply = {
.evt = {.status = WMI_RF_SECTOR_STATUS_NOT_SUPPORTED_ERROR},
};
struct nlattr *nl_cfg;
struct wmi_rf_sector_info *si;
......@@ -2450,7 +2455,6 @@ static int wil_rf_sector_set_cfg(struct wiphy *wiphy,
}
cmd.rf_modules_vec = rf_modules_vec & 0xFF;
memset(&reply, 0, sizeof(reply));
rc = wmi_call(wil, WMI_SET_RF_SECTOR_PARAMS_CMDID, vif->mid,
&cmd, sizeof(cmd), WMI_SET_RF_SECTOR_PARAMS_DONE_EVENTID,
&reply, sizeof(reply),
......@@ -2474,7 +2478,9 @@ static int wil_rf_sector_get_selected(struct wiphy *wiphy,
struct {
struct wmi_cmd_hdr wmi;
struct wmi_get_selected_rf_sector_index_done_event evt;
} __packed reply;
} __packed reply = {
.evt = {.status = WMI_RF_SECTOR_STATUS_NOT_SUPPORTED_ERROR},
};
struct sk_buff *msg;
if (!test_bit(WMI_FW_CAPABILITY_RF_SECTORS, wil->fw_capabilities))
......@@ -2514,7 +2520,6 @@ static int wil_rf_sector_get_selected(struct wiphy *wiphy,
memset(&cmd, 0, sizeof(cmd));
cmd.cid = (u8)cid;
cmd.sector_type = sector_type;
memset(&reply, 0, sizeof(reply));
rc = wmi_call(wil, WMI_GET_SELECTED_RF_SECTOR_INDEX_CMDID, vif->mid,
&cmd, sizeof(cmd),
WMI_GET_SELECTED_RF_SECTOR_INDEX_DONE_EVENTID,
......@@ -2555,14 +2560,15 @@ static int wil_rf_sector_wmi_set_selected(struct wil6210_priv *wil,
struct {
struct wmi_cmd_hdr wmi;
struct wmi_set_selected_rf_sector_index_done_event evt;
} __packed reply;
} __packed reply = {
.evt = {.status = WMI_RF_SECTOR_STATUS_NOT_SUPPORTED_ERROR},
};
int rc;
memset(&cmd, 0, sizeof(cmd));
cmd.sector_idx = cpu_to_le16(sector_index);
cmd.sector_type = sector_type;
cmd.cid = (u8)cid;
memset(&reply, 0, sizeof(reply));
rc = wmi_call(wil, WMI_SET_SELECTED_RF_SECTOR_INDEX_CMDID, mid,
&cmd, sizeof(cmd),
WMI_SET_SELECTED_RF_SECTOR_INDEX_DONE_EVENTID,
......
......@@ -1078,6 +1078,8 @@ static int wil_bf_debugfs_show(struct seq_file *s, void *data)
struct wmi_notify_req_done_event evt;
} __packed reply;
memset(&reply, 0, sizeof(reply));
for (i = 0; i < ARRAY_SIZE(wil->sta); i++) {
u32 status;
......
......@@ -342,6 +342,8 @@ void wil_disconnect_worker(struct work_struct *work)
/* already disconnected */
return;
memset(&reply, 0, sizeof(reply));
rc = wmi_call(wil, WMI_DISCONNECT_CMDID, vif->mid, NULL, 0,
WMI_DISCONNECT_EVENTID, &reply, sizeof(reply),
WIL6210_DISCONNECT_TO_MS);
......
......@@ -963,7 +963,9 @@ int wil_vring_init_tx(struct wil6210_vif *vif, int id, int size,
struct {
struct wmi_cmd_hdr wmi;
struct wmi_vring_cfg_done_event cmd;
} __packed reply;
} __packed reply = {
.cmd = {.status = WMI_FW_STATUS_FAILURE},
};
struct vring *vring = &wil->vring_tx[id];
struct vring_tx_data *txdata = &wil->vring_tx_data[id];
......@@ -1045,7 +1047,9 @@ int wil_vring_init_bcast(struct wil6210_vif *vif, int id, int size)
struct {
struct wmi_cmd_hdr wmi;
struct wmi_vring_cfg_done_event cmd;
} __packed reply;
} __packed reply = {
.cmd = {.status = WMI_FW_STATUS_FAILURE},
};
struct vring *vring = &wil->vring_tx[id];
struct vring_tx_data *txdata = &wil->vring_tx_data[id];
......
......@@ -1509,7 +1509,9 @@ int wmi_led_cfg(struct wil6210_priv *wil, bool enable)
struct {
struct wmi_cmd_hdr wmi;
struct wmi_led_cfg_done_event evt;
} __packed reply;
} __packed reply = {
.evt = {.status = cpu_to_le32(WMI_FW_STATUS_FAILURE)},
};
if (led_id == WIL_LED_INVALID_ID)
goto out;
......@@ -1562,7 +1564,9 @@ int wmi_pcp_start(struct wil6210_vif *vif,
struct {
struct wmi_cmd_hdr wmi;
struct wmi_pcp_started_event evt;
} __packed reply;
} __packed reply = {
.evt = {.status = WMI_FW_STATUS_FAILURE},
};
if (!vif->privacy)
cmd.disable_sec = 1;
......@@ -1639,6 +1643,8 @@ int wmi_get_ssid(struct wil6210_vif *vif, u8 *ssid_len, void *ssid)
} __packed reply;
int len; /* reply.cmd.ssid_len in CPU order */
memset(&reply, 0, sizeof(reply));
rc = wmi_call(wil, WMI_GET_SSID_CMDID, vif->mid, NULL, 0,
WMI_GET_SSID_EVENTID, &reply, sizeof(reply), 20);
if (rc)
......@@ -1674,6 +1680,8 @@ int wmi_get_channel(struct wil6210_priv *wil, int *channel)
struct wmi_set_pcp_channel_cmd cmd;
} __packed reply;
memset(&reply, 0, sizeof(reply));
rc = wmi_call(wil, WMI_GET_PCP_CHANNEL_CMDID, vif->mid, NULL, 0,
WMI_GET_PCP_CHANNEL_EVENTID, &reply, sizeof(reply), 20);
if (rc)
......@@ -1699,7 +1707,9 @@ int wmi_p2p_cfg(struct wil6210_vif *vif, int channel, int bi)
struct {
struct wmi_cmd_hdr wmi;
struct wmi_p2p_cfg_done_event evt;
} __packed reply;
} __packed reply = {
.evt = {.status = WMI_FW_STATUS_FAILURE},
};
wil_dbg_wmi(wil, "sending WMI_P2P_CFG_CMDID\n");
......@@ -1720,7 +1730,9 @@ int wmi_start_listen(struct wil6210_vif *vif)
struct {
struct wmi_cmd_hdr wmi;
struct wmi_listen_started_event evt;
} __packed reply;
} __packed reply = {
.evt = {.status = WMI_FW_STATUS_FAILURE},
};
wil_dbg_wmi(wil, "sending WMI_START_LISTEN_CMDID\n");
......@@ -1742,7 +1754,9 @@ int wmi_start_search(struct wil6210_vif *vif)
struct {
struct wmi_cmd_hdr wmi;
struct wmi_search_started_event evt;
} __packed reply;
} __packed reply = {
.evt = {.status = WMI_FW_STATUS_FAILURE},
};
wil_dbg_wmi(wil, "sending WMI_START_SEARCH_CMDID\n");
......@@ -1868,7 +1882,9 @@ int wmi_rxon(struct wil6210_priv *wil, bool on)
struct {
struct wmi_cmd_hdr wmi;
struct wmi_listen_started_event evt;
} __packed reply;
} __packed reply = {
.evt = {.status = WMI_FW_STATUS_FAILURE},
};
wil_info(wil, "(%s)\n", on ? "on" : "off");
......@@ -1910,6 +1926,8 @@ int wmi_rx_chain_add(struct wil6210_priv *wil, struct vring *vring)
} __packed evt;
int rc;
memset(&evt, 0, sizeof(evt));
if (wdev->iftype == NL80211_IFTYPE_MONITOR) {
struct ieee80211_channel *ch = wil->monitor_chandef.chan;
......@@ -1939,14 +1957,14 @@ int wmi_rx_chain_add(struct wil6210_priv *wil, struct vring *vring)
if (rc)
return rc;
if (le32_to_cpu(evt.evt.status) != WMI_CFG_RX_CHAIN_SUCCESS)
rc = -EINVAL;
vring->hwtail = le32_to_cpu(evt.evt.rx_ring_tail_ptr);
wil_dbg_misc(wil, "Rx init: status %d tail 0x%08x\n",
le32_to_cpu(evt.evt.status), vring->hwtail);
if (le32_to_cpu(evt.evt.status) != WMI_CFG_RX_CHAIN_SUCCESS)
rc = -EINVAL;
return rc;
}
......@@ -1964,6 +1982,8 @@ int wmi_get_temperature(struct wil6210_priv *wil, u32 *t_bb, u32 *t_rf)
struct wmi_temp_sense_done_event evt;
} __packed reply;
memset(&reply, 0, sizeof(reply));
rc = wmi_call(wil, WMI_TEMP_SENSE_CMDID, vif->mid, &cmd, sizeof(cmd),
WMI_TEMP_SENSE_DONE_EVENTID, &reply, sizeof(reply), 100);
if (rc)
......@@ -1996,6 +2016,7 @@ int wmi_disconnect_sta(struct wil6210_vif *vif, const u8 *mac,
wil_dbg_wmi(wil, "disconnect_sta: (%pM, reason %d)\n", mac, reason);
memset(&reply, 0, sizeof(reply));
vif->locally_generated_disc = true;
if (del_sta) {
ether_addr_copy(del_sta_cmd.dst_mac, mac);
......@@ -2094,7 +2115,9 @@ int wmi_addba_rx_resp(struct wil6210_priv *wil,
struct {
struct wmi_cmd_hdr wmi;
struct wmi_rcp_addba_resp_sent_event evt;
} __packed reply;
} __packed reply = {
.evt = {.status = cpu_to_le16(WMI_FW_STATUS_FAILURE)},
};
wil_dbg_wmi(wil,
"ADDBA response for MID %d CID %d TID %d size %d timeout %d status %d AMSDU%s\n",
......@@ -2127,13 +2150,13 @@ int wmi_ps_dev_profile_cfg(struct wil6210_priv *wil,
struct {
struct wmi_cmd_hdr wmi;
struct wmi_ps_dev_profile_cfg_event evt;
} __packed reply;
} __packed reply = {
.evt = {.status = cpu_to_le32(WMI_PS_CFG_CMD_STATUS_ERROR)},
};
u32 status;
wil_dbg_wmi(wil, "Setting ps dev profile %d\n", ps_profile);
reply.evt.status = cpu_to_le32(WMI_PS_CFG_CMD_STATUS_ERROR);
rc = wmi_call(wil, WMI_PS_DEV_PROFILE_CFG_CMDID, vif->mid,
&cmd, sizeof(cmd),
WMI_PS_DEV_PROFILE_CFG_EVENTID, &reply, sizeof(reply),
......@@ -2162,15 +2185,15 @@ int wmi_set_mgmt_retry(struct wil6210_priv *wil, u8 retry_short)
struct {
struct wmi_cmd_hdr wmi;
struct wmi_set_mgmt_retry_limit_event evt;
} __packed reply;
} __packed reply = {
.evt = {.status = WMI_FW_STATUS_FAILURE},
};
wil_dbg_wmi(wil, "Setting mgmt retry short %d\n", retry_short);
if (!test_bit(WMI_FW_CAPABILITY_MGMT_RETRY_LIMIT, wil->fw_capabilities))
return -ENOTSUPP;
reply.evt.status = WMI_FW_STATUS_FAILURE;
rc = wmi_call(wil, WMI_SET_MGMT_RETRY_LIMIT_CMDID, vif->mid,
&cmd, sizeof(cmd),
WMI_SET_MGMT_RETRY_LIMIT_EVENTID, &reply, sizeof(reply),
......@@ -2201,7 +2224,7 @@ int wmi_get_mgmt_retry(struct wil6210_priv *wil, u8 *retry_short)
if (!test_bit(WMI_FW_CAPABILITY_MGMT_RETRY_LIMIT, wil->fw_capabilities))
return -ENOTSUPP;
reply.evt.mgmt_retry_limit = 0;
memset(&reply, 0, sizeof(reply));
rc = wmi_call(wil, WMI_GET_MGMT_RETRY_LIMIT_CMDID, vif->mid, NULL, 0,
WMI_GET_MGMT_RETRY_LIMIT_EVENTID, &reply, sizeof(reply),
100);
......@@ -2284,14 +2307,15 @@ int wmi_suspend(struct wil6210_priv *wil)
struct {
struct wmi_cmd_hdr wmi;
struct wmi_traffic_suspend_event evt;
} __packed reply;
} __packed reply = {
.evt = {.status = WMI_TRAFFIC_SUSPEND_REJECTED_LINK_NOT_IDLE},
};
u32 suspend_to = WIL_WAIT_FOR_SUSPEND_RESUME_COMP;
wil->suspend_resp_rcvd = false;
wil->suspend_resp_comp = false;
reply.evt.status = WMI_TRAFFIC_SUSPEND_REJECTED_LINK_NOT_IDLE;
rc = wmi_call(wil, WMI_TRAFFIC_SUSPEND_CMDID, vif->mid,
&cmd, sizeof(cmd),
WMI_TRAFFIC_SUSPEND_EVENTID, &reply, sizeof(reply),
......@@ -2367,10 +2391,11 @@ int wmi_resume(struct wil6210_priv *wil)
struct {
struct wmi_cmd_hdr wmi;
struct wmi_traffic_resume_event evt;
} __packed reply;
reply.evt.status = WMI_TRAFFIC_RESUME_FAILED;
reply.evt.resume_triggers = WMI_RESUME_TRIGGER_UNKNOWN;
} __packed reply = {
.evt = {.status = WMI_TRAFFIC_RESUME_FAILED,
.resume_triggers =
cpu_to_le32(WMI_RESUME_TRIGGER_UNKNOWN)},
};
rc = wmi_call(wil, WMI_TRAFFIC_RESUME_CMDID, vif->mid, NULL, 0,
WMI_TRAFFIC_RESUME_EVENTID, &reply, sizeof(reply),
......@@ -2396,7 +2421,9 @@ int wmi_port_allocate(struct wil6210_priv *wil, u8 mid,
struct {
struct wmi_cmd_hdr wmi;
struct wmi_port_allocated_event evt;
} __packed reply;
} __packed reply = {
.evt = {.status = WMI_FW_STATUS_FAILURE},
};
wil_dbg_misc(wil, "port allocate, mid %d iftype %d, mac %pM\n",
mid, iftype, mac);
......@@ -2421,8 +2448,6 @@ int wmi_port_allocate(struct wil6210_priv *wil, u8 mid,
return -EINVAL;
}
reply.evt.status = WMI_FW_STATUS_FAILURE;
rc = wmi_call(wil, WMI_PORT_ALLOCATE_CMDID, mid,
&cmd, sizeof(cmd),
WMI_PORT_ALLOCATED_EVENTID, &reply,
......@@ -2449,12 +2474,12 @@ int wmi_port_delete(struct wil6210_priv *wil, u8 mid)
struct {
struct wmi_cmd_hdr wmi;
struct wmi_port_deleted_event evt;
} __packed reply;
} __packed reply = {
.evt = {.status = WMI_FW_STATUS_FAILURE},
};
wil_dbg_misc(wil, "port delete, mid %d\n", mid);
reply.evt.status = WMI_FW_STATUS_FAILURE;
rc = wmi_call(wil, WMI_PORT_DELETE_CMDID, mid,
&cmd, sizeof(cmd),
WMI_PORT_DELETED_EVENTID, &reply,
......@@ -2711,7 +2736,9 @@ int wmi_start_sched_scan(struct wil6210_priv *wil,
struct {
struct wmi_cmd_hdr wmi;
struct wmi_start_sched_scan_event evt;
} __packed reply;
} __packed reply = {
.evt = {.result = WMI_PNO_REJECT},
};
if (!test_bit(WMI_FW_CAPABILITY_PNO, wil->fw_capabilities))
return -ENOTSUPP;
......@@ -2727,8 +2754,6 @@ int wmi_start_sched_scan(struct wil6210_priv *wil,
wmi_sched_scan_set_plans(wil, &cmd,
request->scan_plans, request->n_scan_plans);
reply.evt.result = WMI_PNO_REJECT;
rc = wmi_call(wil, WMI_START_SCHED_SCAN_CMDID, vif->mid,
&cmd, sizeof(cmd),
WMI_START_SCHED_SCAN_EVENTID, &reply, sizeof(reply),
......@@ -2752,13 +2777,13 @@ int wmi_stop_sched_scan(struct wil6210_priv *wil)
struct {
struct wmi_cmd_hdr wmi;
struct wmi_stop_sched_scan_event evt;
} __packed reply;
} __packed reply = {
.evt = {.result = WMI_PNO_REJECT},
};
if (!test_bit(WMI_FW_CAPABILITY_PNO, wil->fw_capabilities))
return -ENOTSUPP;
reply.evt.result = WMI_PNO_REJECT;
rc = wmi_call(wil, WMI_STOP_SCHED_SCAN_CMDID, vif->mid, NULL, 0,
WMI_STOP_SCHED_SCAN_EVENTID, &reply, sizeof(reply),
WIL_WMI_CALL_GENERAL_TO_MS);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment