diff --git a/arch/arm64/configs/marlin_defconfig b/arch/arm64/configs/marlin_defconfig
index 022c50dd426165fed29913c7dd9338127bb8c0a9..4a4dee7571a260e37cf676f5958fbf97d786ed09 100644
--- a/arch/arm64/configs/marlin_defconfig
+++ b/arch/arm64/configs/marlin_defconfig
@@ -483,7 +483,6 @@ CONFIG_WLAN_FEATURE_NAN=y
CONFIG_WLAN_FEATURE_NAN_DATAPATH=y
CONFIG_QCOM_TDLS=y
CONFIG_QCOM_LTE_COEX=y
-CONFIG_WLAN_FEATURE_MEMDUMP=y
CONFIG_WLAN_OFFLOAD_PACKETS=y
CONFIG_NANOHUB=y
CONFIG_NANOHUB_SPI=y
diff --git a/drivers/char/adsprpc.c b/drivers/char/adsprpc.c
index 3cf23cd502c28a7b3e698c6162f6a8d031cee00a..7d6e62a137cccb3388e50a018d235871560400d7 100644
--- a/drivers/char/adsprpc.c
+++ b/drivers/char/adsprpc.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012-2016, The Linux Foundation. All rights reserved.
+ * Copyright (c) 2012-2018, The Linux Foundation. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 and
@@ -63,6 +63,9 @@
#define BALIGN 128
#define NUM_CHANNELS 3 /*1 compute 1 cpz 1 mdsp*/
#define NUM_SESSIONS 8 /*8 compute*/
+#define FASTRPC_CTX_MAGIC (0xbeeddeed)
+#define FASTRPC_CTX_MAX (256)
+#define FASTRPC_CTXID_MASK (0xFF0)
#define IS_CACHE_ALIGNED(x) (((x) & ((L1_CACHE_BYTES)-1)) == 0)
@@ -151,6 +154,8 @@ struct smq_invoke_ctx {
struct overlap *overs;
struct overlap **overps;
struct smq_msg msg;
+ unsigned int magic;
+ uint64_t ctxid;
};
struct fastrpc_ctx_lst {
@@ -213,6 +218,8 @@ struct fastrpc_apps {
struct ion_client *client;
struct device *dev;
bool glink;
+ spinlock_t ctxlock;
+ struct smq_invoke_ctx *ctxtable[FASTRPC_CTX_MAX];
};
struct fastrpc_mmap {
@@ -246,6 +253,7 @@ struct fastrpc_file {
int cid;
int ssrcount;
struct fastrpc_apps *apps;
+ struct mutex map_mutex;
};
static struct fastrpc_apps gfa;
@@ -776,7 +784,8 @@ static int context_alloc(struct fastrpc_file *fl, uint32_t kernel,
struct fastrpc_ioctl_invoke_fd *invokefd,
struct smq_invoke_ctx **po)
{
- int err = 0, bufs, size = 0;
+ int err = 0, bufs, ii, size = 0;
+ struct fastrpc_apps *me = &gfa;
struct smq_invoke_ctx *ctx = 0;
struct fastrpc_ctx_lst *clst = &fl->clst;
struct fastrpc_ioctl_invoke *invoke = &invokefd->inv;
@@ -821,11 +830,27 @@ static int context_alloc(struct fastrpc_file *fl, uint32_t kernel,
ctx->pid = current->pid;
ctx->tgid = current->tgid;
init_completion(&ctx->work);
+ ctx->magic = FASTRPC_CTX_MAGIC;
spin_lock(&fl->hlock);
hlist_add_head(&ctx->hn, &clst->pending);
spin_unlock(&fl->hlock);
+ spin_lock(&me->ctxlock);
+ for (ii = 0; ii < FASTRPC_CTX_MAX; ii++) {
+ if (!me->ctxtable[ii]) {
+ me->ctxtable[ii] = ctx;
+ ctx->ctxid = (ptr_to_uint64(ctx) & ~0xFFF)|(ii << 4);
+ break;
+ }
+ }
+ spin_unlock(&me->ctxlock);
+ VERIFY(err, ii < FASTRPC_CTX_MAX);
+ if (err) {
+ pr_err("adsprpc: out of context memory\n");
+ goto bail;
+ }
+
*po = ctx;
bail:
if (ctx && err)
@@ -847,6 +872,7 @@ static void context_save_interrupted(struct smq_invoke_ctx *ctx)
static void context_free(struct smq_invoke_ctx *ctx)
{
int i;
+ struct fastrpc_apps *me = &gfa;
int nbufs = REMOTE_SCALARS_INBUFS(ctx->sc) +
REMOTE_SCALARS_OUTBUFS(ctx->sc);
spin_lock(&ctx->fl->hlock);
@@ -855,6 +881,18 @@ static void context_free(struct smq_invoke_ctx *ctx)
for (i = 0; i < nbufs; ++i)
fastrpc_mmap_free(ctx->maps[i]);
fastrpc_buf_free(ctx->buf, 1);
+ ctx->magic = 0;
+ ctx->ctxid = 0;
+
+ spin_lock(&me->ctxlock);
+ for (i = 0; i < FASTRPC_CTX_MAX; i++) {
+ if (me->ctxtable[i] == ctx) {
+ me->ctxtable[i] = NULL;
+ break;
+ }
+ }
+ spin_unlock(&me->ctxlock);
+
kfree(ctx);
}
@@ -1222,7 +1260,7 @@ static int fastrpc_invoke_send(struct smq_invoke_ctx *ctx,
msg->tid = current->pid;
if (kernel)
msg->pid = 0;
- msg->invoke.header.ctx = ptr_to_uint64(ctx);
+ msg->invoke.header.ctx = ctx->ctxid;
msg->invoke.header.handle = handle;
msg->invoke.header.sc = ctx->sc;
msg->invoke.page.addr = ctx->buf ? ctx->buf->phys : 0;
@@ -1248,15 +1286,34 @@ static void fastrpc_smd_read_handler(int cid)
{
struct fastrpc_apps *me = &gfa;
struct smq_invoke_rsp rsp = {0};
- int ret = 0;
+ int ret = 0, err = 0;
+ uint32_t index;
do {
ret = smd_read_from_cb(me->channel[cid].chan, &rsp,
sizeof(rsp));
if (ret != sizeof(rsp))
break;
- context_notify_user(uint64_to_ptr(rsp.ctx), rsp.retval);
+ index = (uint32_t)((rsp.ctx & FASTRPC_CTXID_MASK) >> 4);
+ VERIFY(err, index < FASTRPC_CTX_MAX);
+ if (err)
+ goto bail;
+
+ VERIFY(err, !IS_ERR_OR_NULL(me->ctxtable[index]));
+ if (err)
+ goto bail;
+
+ VERIFY(err, ((me->ctxtable[index]->ctxid == (rsp.ctx)) &&
+ me->ctxtable[index]->magic == FASTRPC_CTX_MAGIC));
+ if (err)
+ goto bail;
+
+ context_notify_user(me->ctxtable[index], rsp.retval);
} while (ret == sizeof(rsp));
+
+bail:
+ if (err)
+ pr_err("adsprpc: invalid response or context\n");
}
static void smd_event_handler(void *priv, unsigned event)
@@ -1283,6 +1340,7 @@ static void fastrpc_init(struct fastrpc_apps *me)
INIT_HLIST_HEAD(&me->drivers);
INIT_HLIST_HEAD(&me->fls);
spin_lock_init(&me->hlock);
+ spin_lock_init(&me->ctxlock);
mutex_init(&me->smd_mutex);
me->channel = &gcinfo[0];
for (i = 0; i < NUM_CHANNELS; i++) {
@@ -1393,11 +1451,19 @@ static int fastrpc_init_process(struct fastrpc_file *fl,
inbuf.pgid = current->tgid;
inbuf.namelen = strlen(current->comm) + 1;
inbuf.filelen = init->filelen;
+ VERIFY(err, access_ok(0, (void __user *)init->file,
+ init->filelen));
+ if (err)
+ goto bail;
VERIFY(err, !fastrpc_mmap_create(fl, init->filefd, init->file,
init->filelen, mflags, &file));
if (err)
goto bail;
inbuf.pageslen = 1;
+ VERIFY(err, access_ok(1, (void __user *)init->mem,
+ init->memlen));
+ if (err)
+ goto bail;
VERIFY(err, !fastrpc_mmap_create(fl, init->memfd, init->mem,
init->memlen, mflags, &mem));
if (err)
@@ -1645,6 +1711,8 @@ static int fastrpc_internal_munmap(struct fastrpc_file *fl,
{
int err = 0;
struct fastrpc_mmap *map = 0;
+
+ mutex_lock(&fl->map_mutex);
if (!fastrpc_mmap_remove(fl, ud->vaddrout, ud->size,
&map)) {
VERIFY(err, !fastrpc_munmap_on_dsp(fl, map));
@@ -1655,6 +1723,7 @@ static int fastrpc_internal_munmap(struct fastrpc_file *fl,
bail:
if (err && map)
fastrpc_mmap_add(map);
+ mutex_unlock(&fl->map_mutex);
return err;
}
@@ -1664,9 +1733,13 @@ static int fastrpc_internal_mmap(struct fastrpc_file *fl,
struct fastrpc_mmap *map = 0;
int err = 0;
+
+ mutex_lock(&fl->map_mutex);
if (!fastrpc_mmap_find(fl, ud->fd, (uintptr_t)ud->vaddrin, ud->size,
- ud->flags, &map))
+ ud->flags, &map)) {
+ mutex_unlock(&fl->map_mutex);
return 0;
+ }
VERIFY(err, !fastrpc_mmap_create(fl, ud->fd, (uintptr_t)ud->vaddrin,
ud->size, ud->flags, &map));
@@ -1679,6 +1752,7 @@ static int fastrpc_internal_mmap(struct fastrpc_file *fl,
bail:
if (err && map)
fastrpc_mmap_free(map);
+ mutex_unlock(&fl->map_mutex);
return err;
}
@@ -1785,13 +1859,32 @@ void fastrpc_glink_notify_rx(void *handle, const void *priv,
const void *pkt_priv, const void *ptr, size_t size)
{
struct smq_invoke_rsp *rsp = (struct smq_invoke_rsp *)ptr;
- int len = size;
+ struct fastrpc_apps *me = &gfa;
+ uint32_t index;
+ int err = 0;
- while (len >= sizeof(*rsp) && rsp) {
- context_notify_user(uint64_to_ptr(rsp->ctx), rsp->retval);
- rsp++;
- len = len - sizeof(*rsp);
- }
+ VERIFY(err, (rsp && size >= sizeof(*rsp)));
+ if (err)
+ goto bail;
+
+ index = (uint32_t)((rsp->ctx & FASTRPC_CTXID_MASK) >> 4);
+ VERIFY(err, index < FASTRPC_CTX_MAX);
+ if (err)
+ goto bail;
+
+ VERIFY(err, !IS_ERR_OR_NULL(me->ctxtable[index]));
+ if (err)
+ goto bail;
+
+ VERIFY(err, ((me->ctxtable[index]->ctxid == (rsp->ctx)) &&
+ me->ctxtable[index]->magic == FASTRPC_CTX_MAGIC));
+ if (err)
+ goto bail;
+
+ context_notify_user(me->ctxtable[index], rsp->retval);
+bail:
+ if (err)
+ pr_err("adsprpc: invalid response or context\n");
glink_rx_done(handle, ptr, true);
}
@@ -1850,6 +1943,7 @@ static int fastrpc_device_release(struct inode *inode, struct file *file)
}
me->pending_free++;
mutex_unlock(&me->flfree_mutex);
+ mutex_destroy(&fl->map_mutex);
file->private_data = 0;
}
bail:
@@ -2005,6 +2099,7 @@ static int fastrpc_device_open(struct inode *inode, struct file *filp)
me->channel[cid].ssrcount;
}
}
+ mutex_init(&fl->map_mutex);
spin_lock(&me->hlock);
hlist_add_head(&fl->hn, &me->drivers);
spin_unlock(&me->hlock);
diff --git a/drivers/char/diag/diag_dci.c b/drivers/char/diag/diag_dci.c
index 5eb7839be4ac4f350d86c2797880917003542a2b..ecdae555ce64a7daef81adaf575b12806a2c1bb9 100644
--- a/drivers/char/diag/diag_dci.c
+++ b/drivers/char/diag/diag_dci.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2012-2016, The Linux Foundation. All rights reserved.
+/* Copyright (c) 2012-2016, 2018, The Linux Foundation. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 and
@@ -808,11 +808,11 @@ static void dci_process_ctrl_status(unsigned char *buf, int len, int token)
{
struct diag_ctrl_dci_status *header = NULL;
unsigned char *temp = buf;
- uint32_t read_len = 0;
+ unsigned int read_len = 0;
uint8_t i;
int peripheral_mask, status;
- if (!buf || (len < sizeof(struct diag_ctrl_dci_status))) {
+ if (!buf || (len < 2) || (len < sizeof(struct diag_ctrl_dci_status))) {
pr_err("diag: In %s, invalid buf %pK or length: %d\n",
__func__, buf, len);
return;
@@ -828,7 +828,7 @@ static void dci_process_ctrl_status(unsigned char *buf, int len, int token)
read_len += sizeof(struct diag_ctrl_dci_status);
for (i = 0; i < header->count; i++) {
- if (read_len > len) {
+ if (read_len > (len - 2)) {
pr_err("diag: In %s, Invalid length len: %d\n",
__func__, len);
return;
@@ -870,7 +870,9 @@ static void dci_process_ctrl_handshake_pkt(unsigned char *buf, int len,
unsigned char *temp = buf;
int err = 0;
- if (!buf || (len < sizeof(struct diag_ctrl_dci_handshake_pkt)))
+ if (!buf)
+ return;
+ if (len < 0 || len < sizeof(struct diag_ctrl_dci_handshake_pkt))
return;
if (!VALID_DCI_TOKEN(token))
@@ -1105,18 +1107,31 @@ void extract_dci_events(unsigned char *buf, int len, int data_source, int token)
struct list_head *start, *temp;
struct diag_dci_client_tbl *entry = NULL;
- length = *(uint16_t *)(buf + 1); /* total length of event series */
- if (length == 0) {
- pr_err("diag: Incoming dci event length is invalid\n");
+ if (!buf) {
+ pr_err("diag: In %s buffer is NULL\n", __func__);
return;
}
/*
- * Move directly to the start of the event series. 1 byte for
- * event code and 2 bytes for the length field.
+ * 1 byte for event code and 2 bytes for the length field.
* The length field indicates the total length removing the cmd_code
* and the lenght field. The event parsing in that case should happen
* till the end.
*/
+ if (len < 3) {
+ pr_err("diag: In %s invalid len: %d\n", __func__, len);
+ return;
+ }
+ length = *(uint16_t *)(buf + 1); /* total length of event series */
+ if ((length == 0) || (len != (length + 3))) {
+ pr_err("diag: Incoming dci event length: %d is invalid\n",
+ length);
+ return;
+ }
+ /*
+ * Move directly to the start of the event series.
+ * The event parsing should happen from start of event
+ * series till the end.
+ */
temp_len = 3;
while (temp_len < length) {
event_id_packet = *(uint16_t *)(buf + temp_len);
@@ -1133,30 +1148,60 @@ void extract_dci_events(unsigned char *buf, int len, int data_source, int token)
* necessary.
*/
timestamp_len = 8;
- memcpy(timestamp, buf + temp_len + 2, timestamp_len);
+ if ((temp_len + timestamp_len + 2) <= len)
+ memcpy(timestamp, buf + temp_len + 2,
+ timestamp_len);
+ else {
+ pr_err("diag: Invalid length in %s, len: %d, temp_len: %d",
+ __func__, len, temp_len);
+ return;
+ }
}
/* 13th and 14th bit represent the payload length */
if (((event_id_packet & 0x6000) >> 13) == 3) {
payload_len_field = 1;
- payload_len = *(uint8_t *)
+ if ((temp_len + timestamp_len + 3) <= len) {
+ payload_len = *(uint8_t *)
(buf + temp_len + 2 + timestamp_len);
- if (payload_len < (MAX_EVENT_SIZE - 13)) {
- /* copy the payload length and the payload */
+ } else {
+ pr_err("diag: Invalid length in %s, len: %d, temp_len: %d",
+ __func__, len, temp_len);
+ return;
+ }
+ if ((payload_len < (MAX_EVENT_SIZE - 13)) &&
+ ((temp_len + timestamp_len + payload_len + 3) <= len)) {
+ /*
+ * Copy the payload length and the payload
+ * after skipping temp_len bytes for already
+ * parsed packet, timestamp_len for timestamp
+ * buffer, 2 bytes for event_id_packet.
+ */
memcpy(event_data + 12, buf + temp_len + 2 +
timestamp_len, 1);
memcpy(event_data + 13, buf + temp_len + 2 +
timestamp_len + 1, payload_len);
} else {
- pr_err("diag: event > %d, payload_len = %d\n",
- (MAX_EVENT_SIZE - 13), payload_len);
+ pr_err("diag: event > %d, payload_len = %d, temp_len = %d\n",
+ (MAX_EVENT_SIZE - 13), payload_len, temp_len);
return;
}
} else {
payload_len_field = 0;
payload_len = (event_id_packet & 0x6000) >> 13;
- /* copy the payload */
- memcpy(event_data + 12, buf + temp_len + 2 +
+ /*
+ * Copy the payload after skipping temp_len bytes
+ * for already parsed packet, timestamp_len for
+ * timestamp buffer, 2 bytes for event_id_packet.
+ */
+ if ((payload_len < (MAX_EVENT_SIZE - 12)) &&
+ ((temp_len + timestamp_len + payload_len + 2) <= len))
+ memcpy(event_data + 12, buf + temp_len + 2 +
timestamp_len, payload_len);
+ else {
+ pr_err("diag: event > %d, payload_len = %d, temp_len = %d\n",
+ (MAX_EVENT_SIZE - 12), payload_len, temp_len);
+ return;
+ }
}
/* Before copying the data to userspace, check if we are still
@@ -1274,19 +1319,19 @@ void extract_dci_log(unsigned char *buf, int len, int data_source, int token)
pr_err("diag: In %s buffer is NULL\n", __func__);
return;
}
-
- /* The first six bytes for the incoming log packet contains
- * Command code (2), the length of the packet (2) and the length
- * of the log (2)
+ /*
+ * The first eight bytes for the incoming log packet contains
+ * Command code (2), the length of the packet (2), the length
+ * of the log (2) and log code (2)
*/
- log_code = *(uint16_t *)(buf + 6);
- read_bytes += sizeof(uint16_t) + 6;
- if (read_bytes > len) {
- pr_err("diag: Invalid length in %s, len: %d, read: %d",
- __func__, len, read_bytes);
+ if (len < 8) {
+ pr_err("diag: In %s invalid len: %d\n", __func__, len);
return;
}
+ log_code = *(uint16_t *)(buf + 6);
+ read_bytes += sizeof(uint16_t) + 6;
+
/* parse through log mask table of each client and check mask */
mutex_lock(&driver->dci_mutex);
list_for_each_safe(start, temp, &driver->dci_client_list) {
diff --git a/drivers/gpu/msm/kgsl.c b/drivers/gpu/msm/kgsl.c
index 312eb2c6a6d7e7b6fe2a6b16d84dae031d2b8f37..5f302d0559b006b0b189281a62a1b72df3c15a55 100644
--- a/drivers/gpu/msm/kgsl.c
+++ b/drivers/gpu/msm/kgsl.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2008-2017, The Linux Foundation. All rights reserved.
+/* Copyright (c) 2008-2018, The Linux Foundation. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 and
@@ -2800,7 +2800,7 @@ long kgsl_ioctl_gpuobj_sync(struct kgsl_device_private *dev_priv,
long ret = 0;
bool full_flush = false;
uint64_t size = 0;
- int i, count = 0;
+ int i;
void __user *ptr;
if (param->count == 0 || param->count > 128)
@@ -2812,8 +2812,8 @@ long kgsl_ioctl_gpuobj_sync(struct kgsl_device_private *dev_priv,
entries = kzalloc(param->count * sizeof(*entries), GFP_KERNEL);
if (entries == NULL) {
- ret = -ENOMEM;
- goto out;
+ kfree(objs);
+ return -ENOMEM;
}
ptr = to_user_ptr(param->objs);
@@ -2830,36 +2830,32 @@ long kgsl_ioctl_gpuobj_sync(struct kgsl_device_private *dev_priv,
if (entries[i] == NULL)
continue;
- count++;
-
if (!(objs[i].op & KGSL_GPUMEM_CACHE_RANGE))
size += entries[i]->memdesc.size;
else if (objs[i].offset < entries[i]->memdesc.size)
size += (entries[i]->memdesc.size - objs[i].offset);
full_flush = check_full_flush(size, objs[i].op);
- if (full_flush)
- break;
+ if (full_flush) {
+ trace_kgsl_mem_sync_full_cache(i, size);
+ flush_cache_all();
+ goto out;
+ }
ptr += sizeof(*objs);
}
- if (full_flush) {
- trace_kgsl_mem_sync_full_cache(count, size);
- flush_cache_all();
- } else {
- for (i = 0; !ret && i < param->count; i++)
- if (entries[i])
- ret = _kgsl_gpumem_sync_cache(entries[i],
- objs[i].offset, objs[i].length,
- objs[i].op);
- }
+ for (i = 0; !ret && i < param->count; i++)
+ if (entries[i])
+ ret = _kgsl_gpumem_sync_cache(entries[i],
+ objs[i].offset, objs[i].length,
+ objs[i].op);
+out:
for (i = 0; i < param->count; i++)
if (entries[i])
kgsl_mem_entry_put(entries[i]);
-out:
kfree(entries);
kfree(objs);
diff --git a/drivers/media/platform/msm/camera_v2/isp/msm_isp40.c b/drivers/media/platform/msm/camera_v2/isp/msm_isp40.c
index 5dc7b8ee498c8b7723b301ecf0eb38b128447b7e..b2d165c1912b5006560221586d00b27596c87e9e 100644
--- a/drivers/media/platform/msm/camera_v2/isp/msm_isp40.c
+++ b/drivers/media/platform/msm/camera_v2/isp/msm_isp40.c
@@ -1034,15 +1034,18 @@ static int msm_vfe40_start_fetch_engine(struct vfe_device *vfe_dev,
fe_cfg->stream_id);
vfe_dev->fetch_engine_info.bufq_handle = bufq_handle;
+ mutex_lock(&vfe_dev->buf_mgr->lock);
rc = vfe_dev->buf_mgr->ops->get_buf_by_index(
vfe_dev->buf_mgr, bufq_handle, fe_cfg->buf_idx, &buf);
if (rc < 0 || !buf) {
pr_err("%s: No fetch buffer rc= %d buf= %pK\n",
__func__, rc, buf);
+ mutex_unlock(&vfe_dev->buf_mgr->lock);
return -EINVAL;
}
mapped_info = buf->mapped_info[0];
buf->state = MSM_ISP_BUFFER_STATE_DISPATCHED;
+ mutex_unlock(&vfe_dev->buf_mgr->lock);
} else {
rc = vfe_dev->buf_mgr->ops->map_buf(vfe_dev->buf_mgr,
&mapped_info, fe_cfg->fd);
diff --git a/drivers/media/platform/msm/camera_v2/isp/msm_isp44.c b/drivers/media/platform/msm/camera_v2/isp/msm_isp44.c
index 90564ac215e6952968f884561e67ac37f2c2bc79..7ba9b764fe02dd696143f622a321bb6e6f7ed9c9 100644
--- a/drivers/media/platform/msm/camera_v2/isp/msm_isp44.c
+++ b/drivers/media/platform/msm/camera_v2/isp/msm_isp44.c
@@ -871,14 +871,17 @@ static int msm_vfe44_fetch_engine_start(struct vfe_device *vfe_dev,
vfe_dev->buf_mgr, fe_cfg->session_id,
fe_cfg->stream_id);
vfe_dev->fetch_engine_info.bufq_handle = bufq_handle;
+ mutex_lock(&vfe_dev->buf_mgr->lock);
rc = vfe_dev->buf_mgr->ops->get_buf_by_index(
vfe_dev->buf_mgr, bufq_handle, fe_cfg->buf_idx, &buf);
if (rc < 0) {
pr_err("%s: No fetch buffer\n", __func__);
+ mutex_unlock(&vfe_dev->buf_mgr->lock);
return -EINVAL;
}
mapped_info = buf->mapped_info[0];
buf->state = MSM_ISP_BUFFER_STATE_DISPATCHED;
+ mutex_unlock(&vfe_dev->buf_mgr->lock);
} else {
rc = vfe_dev->buf_mgr->ops->map_buf(vfe_dev->buf_mgr,
&mapped_info, fe_cfg->fd);
diff --git a/drivers/media/platform/msm/camera_v2/isp/msm_isp46.c b/drivers/media/platform/msm/camera_v2/isp/msm_isp46.c
index bab4e19239730cd1acbdd9d48c5c453fe380a0f1..492cdee1c55f8d14a950a00f2e1b17e765956d1a 100644
--- a/drivers/media/platform/msm/camera_v2/isp/msm_isp46.c
+++ b/drivers/media/platform/msm/camera_v2/isp/msm_isp46.c
@@ -811,16 +811,18 @@ static int msm_vfe46_start_fetch_engine(struct vfe_device *vfe_dev,
vfe_dev->buf_mgr, fe_cfg->session_id,
fe_cfg->stream_id);
vfe_dev->fetch_engine_info.bufq_handle = bufq_handle;
-
+ mutex_lock(&vfe_dev->buf_mgr->lock);
rc = vfe_dev->buf_mgr->ops->get_buf_by_index(
vfe_dev->buf_mgr, bufq_handle, fe_cfg->buf_idx, &buf);
if (rc < 0 || !buf) {
pr_err("%s: No fetch buffer rc= %d buf= %pK\n",
__func__, rc, buf);
+ mutex_unlock(&vfe_dev->buf_mgr->lock);
return -EINVAL;
}
mapped_info = buf->mapped_info[0];
buf->state = MSM_ISP_BUFFER_STATE_DISPATCHED;
+ mutex_unlock(&vfe_dev->buf_mgr->lock);
} else {
rc = vfe_dev->buf_mgr->ops->map_buf(vfe_dev->buf_mgr,
&mapped_info, fe_cfg->fd);
diff --git a/drivers/media/platform/msm/camera_v2/isp/msm_isp47.c b/drivers/media/platform/msm/camera_v2/isp/msm_isp47.c
index 0e5565516e145bfddf7a6d2423e951095e88f1ba..12107a18a1100905becc34e8de318c7f95e1d4f3 100644
--- a/drivers/media/platform/msm/camera_v2/isp/msm_isp47.c
+++ b/drivers/media/platform/msm/camera_v2/isp/msm_isp47.c
@@ -999,16 +999,18 @@ int msm_vfe47_start_fetch_engine(struct vfe_device *vfe_dev,
vfe_dev->buf_mgr, fe_cfg->session_id,
fe_cfg->stream_id);
vfe_dev->fetch_engine_info.bufq_handle = bufq_handle;
-
+ mutex_lock(&vfe_dev->buf_mgr->lock);
rc = vfe_dev->buf_mgr->ops->get_buf_by_index(
vfe_dev->buf_mgr, bufq_handle, fe_cfg->buf_idx, &buf);
if (rc < 0 || !buf) {
pr_err("%s: No fetch buffer rc= %d buf= %pK\n",
__func__, rc, buf);
+ mutex_unlock(&vfe_dev->buf_mgr->lock);
return -EINVAL;
}
mapped_info = buf->mapped_info[0];
buf->state = MSM_ISP_BUFFER_STATE_DISPATCHED;
+ mutex_unlock(&vfe_dev->buf_mgr->lock);
} else {
rc = vfe_dev->buf_mgr->ops->map_buf(vfe_dev->buf_mgr,
&mapped_info, fe_cfg->fd);
diff --git a/drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c b/drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c
index 20c66ae466b11a3163839f395a27ce3fa0c97b71..502c90fa72449712c68edaa910b42d95ed64965c 100644
--- a/drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c
+++ b/drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c
@@ -3465,10 +3465,12 @@ int msm_isp_update_axi_stream(struct vfe_device *vfe_dev, void *arg)
&update_cmd->update_info[i];
stream_info = &axi_data->stream_info[HANDLE_TO_IDX(
update_info->stream_handle)];
+ mutex_lock(&vfe_dev->buf_mgr->lock);
rc = msm_isp_request_frame(vfe_dev, stream_info,
update_info->user_stream_id,
update_info->frame_id,
MSM_ISP_INVALID_BUF_INDEX);
+ mutex_unlock(&vfe_dev->buf_mgr->lock);
if (rc)
pr_err("%s failed to request frame!\n",
__func__);
diff --git a/drivers/media/platform/msm/camera_v2/isp/msm_isp_util.c b/drivers/media/platform/msm/camera_v2/isp/msm_isp_util.c
index 05db3002a3e46bcf3eeeff863df23429edac3e7a..72a61a1068e574d7e0b534247e28e0b988ff9122 100644
--- a/drivers/media/platform/msm/camera_v2/isp/msm_isp_util.c
+++ b/drivers/media/platform/msm/camera_v2/isp/msm_isp_util.c
@@ -784,7 +784,9 @@ static long msm_isp_ioctl_unlocked(struct v4l2_subdev *sd,
break;
case VIDIOC_MSM_ISP_CFG_STREAM:
mutex_lock(&vfe_dev->core_mutex);
+ mutex_lock(&vfe_dev->buf_mgr->lock);
rc = msm_isp_cfg_axi_stream(vfe_dev, arg);
+ mutex_unlock(&vfe_dev->buf_mgr->lock);
mutex_unlock(&vfe_dev->core_mutex);
break;
case VIDIOC_MSM_ISP_AXI_HALT:
@@ -794,6 +796,7 @@ static long msm_isp_ioctl_unlocked(struct v4l2_subdev *sd,
break;
case VIDIOC_MSM_ISP_AXI_RESET:
mutex_lock(&vfe_dev->core_mutex);
+ mutex_lock(&vfe_dev->buf_mgr->lock);
if (atomic_read(&vfe_dev->error_info.overflow_state)
!= HALT_ENFORCED) {
rc = msm_isp_stats_reset(vfe_dev);
@@ -804,6 +807,7 @@ static long msm_isp_ioctl_unlocked(struct v4l2_subdev *sd,
pr_err_ratelimited("%s: no HW reset, halt enforced.\n",
__func__);
}
+ mutex_unlock(&vfe_dev->buf_mgr->lock);
mutex_unlock(&vfe_dev->core_mutex);
break;
case VIDIOC_MSM_ISP_AXI_RESTART:
@@ -861,7 +865,9 @@ static long msm_isp_ioctl_unlocked(struct v4l2_subdev *sd,
break;
case VIDIOC_MSM_ISP_CFG_STATS_STREAM:
mutex_lock(&vfe_dev->core_mutex);
+ mutex_lock(&vfe_dev->buf_mgr->lock);
rc = msm_isp_cfg_stats_stream(vfe_dev, arg);
+ mutex_unlock(&vfe_dev->buf_mgr->lock);
mutex_unlock(&vfe_dev->core_mutex);
break;
case VIDIOC_MSM_ISP_UPDATE_STATS_STREAM:
diff --git a/drivers/staging/qcacld-2.0/CORE/CLD_TXRX/TXRX/ol_tx_send.c b/drivers/staging/qcacld-2.0/CORE/CLD_TXRX/TXRX/ol_tx_send.c
index 0734b79e198aaf814a8dd5070651cb3d523c59c7..7134864d1c9f4926d3533c6102a29571c2cceda7 100644
--- a/drivers/staging/qcacld-2.0/CORE/CLD_TXRX/TXRX/ol_tx_send.c
+++ b/drivers/staging/qcacld-2.0/CORE/CLD_TXRX/TXRX/ol_tx_send.c
@@ -555,6 +555,7 @@ ol_tx_completion_handler(
tx_desc = td_array[tx_desc_id].tx_desc;
tx_desc->status = status;
netbuf = tx_desc->netbuf;
+ NBUF_UPDATE_TX_PKT_COUNT(netbuf, NBUF_TX_PKT_FREE);
DPTRACE(adf_dp_trace_ptr(netbuf,
ADF_DP_TRACE_FREE_PACKET_PTR_RECORD,
adf_nbuf_data_addr(netbuf),
@@ -580,7 +581,6 @@ ol_tx_completion_handler(
pdev, tx_desc, tx_descs, netbuf,
lcl_freelist, tx_desc_last, status);
}
- NBUF_UPDATE_TX_PKT_COUNT(netbuf, NBUF_TX_PKT_FREE);
#ifdef QCA_SUPPORT_TXDESC_SANITY_CHECKS
tx_desc->pkt_type = 0xff;
#ifdef QCA_COMPUTE_TX_DELAY
@@ -755,6 +755,9 @@ ol_tx_single_completion_handler(
struct ol_tx_desc_list_elem_t *td_array = pdev->tx_desc.array;
adf_nbuf_t netbuf;
+ if (tx_desc_id >= pdev->tx_desc.pool_size)
+ return;
+
tx_desc = td_array[tx_desc_id].tx_desc;
tx_desc->status = status;
netbuf = tx_desc->netbuf;
diff --git a/drivers/staging/qcacld-2.0/CORE/EPPING/src/epping_main.c b/drivers/staging/qcacld-2.0/CORE/EPPING/src/epping_main.c
index f7b649d121f18e0025a2829c429c8059a389d498..ccf5881338736fc2810808751979eecf72feb866 100644
--- a/drivers/staging/qcacld-2.0/CORE/EPPING/src/epping_main.c
+++ b/drivers/staging/qcacld-2.0/CORE/EPPING/src/epping_main.c
@@ -68,7 +68,6 @@
#include "if_ath_sdio.h"
#endif
#include "epping_main.h"
-#include "wlan_hdd_memdump.h"
#include "epping_internal.h"
#ifdef TIMER_MANAGER
@@ -214,7 +213,6 @@ void epping_exit(v_CONTEXT_t pVosContext)
__func__);
return;
}
- memdump_deinit();
if (pEpping_ctx->epping_adapter) {
epping_destroy_adapter(pEpping_ctx->epping_adapter);
pEpping_ctx->epping_adapter = NULL;
@@ -413,7 +411,6 @@ int epping_wlan_startup(struct device *parent_dev, v_VOID_t *hif_sc)
}
}
#endif /* HIF_PCI */
- memdump_init();
EPPING_LOG(VOS_TRACE_LEVEL_INFO_HIGH, "%s: Exit", __func__);
complete(&pEpping_ctx->wlan_start_comp);
return ret;
diff --git a/drivers/staging/qcacld-2.0/CORE/HDD/inc/wlan_hdd_cfg80211.h b/drivers/staging/qcacld-2.0/CORE/HDD/inc/wlan_hdd_cfg80211.h
index 505a54a49214ea610d4c3402d953c29b9923a738..d5c66fc58b18b5fd40a7e3ebd65a99a33f9d6780 100644
--- a/drivers/staging/qcacld-2.0/CORE/HDD/inc/wlan_hdd_cfg80211.h
+++ b/drivers/staging/qcacld-2.0/CORE/HDD/inc/wlan_hdd_cfg80211.h
@@ -216,8 +216,9 @@ enum qca_nl80211_vendor_subcmds {
QCA_NL80211_VENDOR_SUBCMD_GET_WIFI_INFO = 61,
/* Start Wifi Logger */
QCA_NL80211_VENDOR_SUBCMD_WIFI_LOGGER_START = 62,
- /* Start Wifi Memory Dump */
- QCA_NL80211_VENDOR_SUBCMD_WIFI_LOGGER_MEMORY_DUMP = 63,
+
+ /* FW Memory Dump feature is deprecated */
+
QCA_NL80211_VENDOR_SUBCMD_ROAM = 64,
/*
@@ -327,9 +328,6 @@ enum qca_nl80211_vendor_subcmds_index {
/* OCB events */
QCA_NL80211_VENDOR_SUBCMD_DCC_STATS_EVENT_INDEX,
-#ifdef WLAN_FEATURE_MEMDUMP
- QCA_NL80211_VENDOR_SUBCMD_WIFI_LOGGER_MEMORY_DUMP_INDEX,
-#endif /* WLAN_FEATURE_MEMDUMP */
QCA_NL80211_VENDOR_SUBCMD_MONITOR_RSSI_INDEX,
#ifdef WLAN_FEATURE_NAN_DATAPATH
QCA_NL80211_VENDOR_SUBCMD_NDP_INDEX,
@@ -1489,7 +1487,6 @@ enum qca_wlan_vendor_features {
/**
* enum wifi_logger_supported_features - values for supported logger features
- * @WIFI_LOGGER_MEMORY_DUMP_SUPPORTED - Memory dump of FW
* @WIFI_LOGGER_PER_PACKET_TX_RX_STATUS_SUPPORTED - Per packet statistics
* @WIFI_LOGGER_CONNECT_EVENT_SUPPORTED - Logging of Connectivity events
* @WIFI_LOGGER_POWER_EVENT_SUPPORTED - Power of driver
@@ -1497,7 +1494,6 @@ enum qca_wlan_vendor_features {
* @WIFI_LOGGER_WATCHDOG_TIMER_SUPPORTED - monitor FW health
*/
enum wifi_logger_supported_features {
- WIFI_LOGGER_MEMORY_DUMP_SUPPORTED = (1 << (0)),
WIFI_LOGGER_PER_PACKET_TX_RX_STATUS_SUPPORTED = (1 << (1)),
WIFI_LOGGER_CONNECT_EVENT_SUPPORTED = (1 << (2)),
WIFI_LOGGER_POWER_EVENT_SUPPORTED = (1 << (3)),
diff --git a/drivers/staging/qcacld-2.0/CORE/HDD/inc/wlan_hdd_main.h b/drivers/staging/qcacld-2.0/CORE/HDD/inc/wlan_hdd_main.h
index 1412304d77c87cf9479d7d147e4b4493dc0bd66d..a030c1d2dc619111a97e6234ae2213763ff7da99 100644
--- a/drivers/staging/qcacld-2.0/CORE/HDD/inc/wlan_hdd_main.h
+++ b/drivers/staging/qcacld-2.0/CORE/HDD/inc/wlan_hdd_main.h
@@ -1823,14 +1823,7 @@ struct hdd_context_s
struct hdd_ll_stats_context ll_stats_context;
#endif /* End of WLAN_FEATURE_LINK_LAYER_STATS */
-#ifdef WLAN_FEATURE_MEMDUMP
- uint8_t *fw_dump_loc;
- uint32_t dump_loc_paddr;
- vos_timer_t memdump_cleanup_timer;
struct mutex memdump_lock;
- bool memdump_in_progress;
- bool memdump_init_done;
-#endif /* WLAN_FEATURE_MEMDUMP */
uint16_t driver_dump_size;
uint8_t *driver_dump_mem;
@@ -2201,8 +2194,6 @@ void hdd_get_fw_version(hdd_context_t *hdd_ctx,
uint32_t *major_spid, uint32_t *minor_spid,
uint32_t *siid, uint32_t *crmid);
-bool hdd_is_memdump_supported(void);
-
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28))
static inline void
hdd_set_needed_headroom(struct net_device *wlan_dev, uint16_t len)
diff --git a/drivers/staging/qcacld-2.0/CORE/HDD/inc/wlan_hdd_memdump.h b/drivers/staging/qcacld-2.0/CORE/HDD/inc/wlan_hdd_memdump.h
index 72143efe3157cb8f3fbd6272f080ee54fdb01f25..8f7c0639bd4bc0bfa357a9770d49ee4cdc6a7139 100644
--- a/drivers/staging/qcacld-2.0/CORE/HDD/inc/wlan_hdd_memdump.h
+++ b/drivers/staging/qcacld-2.0/CORE/HDD/inc/wlan_hdd_memdump.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2016 The Linux Foundation. All rights reserved.
+ * Copyright (c) 2015-2017 The Linux Foundation. All rights reserved.
*
* Previously licensed under the ISC license by Qualcomm Atheros, Inc.
*
@@ -40,65 +40,7 @@
/* Assigned size of driver memory dump is 4096 bytes */
#define DRIVER_MEM_DUMP_SIZE 4096
-#ifdef WLAN_FEATURE_MEMDUMP
-/**
- * enum qca_wlan_vendor_attr_memory_dump - values for memory dump attributes
- * @QCA_WLAN_VENDOR_ATTR_MEMORY_DUMP_INVALID - Invalid
- * @QCA_WLAN_VENDOR_ATTR_REQUEST_ID - Indicate request ID
- * @QCA_WLAN_VENDOR_ATTR_MEMDUMP_SIZE - Indicate size of the memory dump
- * @QCA_WLAN_VENDOR_ATTR_MEMORY_DUMP_AFTER_LAST - To keep track of the last enum
- * @QCA_WLAN_VENDOR_ATTR_MEMORY_DUMP_MAX - max value possible for this type
- *
- * enum values are used for NL attributes for data used by
- * QCA_NL80211_VENDOR_SUBCMD_WIFI_LOGGER_MEMORY_DUMP sub command.
- */
-enum qca_wlan_vendor_attr_memory_dump {
- QCA_WLAN_VENDOR_ATTR_MEMORY_DUMP_INVALID = 0,
- QCA_WLAN_VENDOR_ATTR_REQUEST_ID = 1,
- QCA_WLAN_VENDOR_ATTR_MEMDUMP_SIZE = 2,
-
- QCA_WLAN_VENDOR_ATTR_MEMORY_DUMP_AFTER_LAST,
- QCA_WLAN_VENDOR_ATTR_MEMORY_DUMP_MAX =
- QCA_WLAN_VENDOR_ATTR_MEMORY_DUMP_AFTER_LAST - 1,
-};
-
-/* Size of fw memory dump is estimated to be 327680 bytes */
-#define FW_MEM_DUMP_SIZE 327680
-#define FW_DRAM_LOCATION 0x00400000
-#define FW_MEM_DUMP_REQ_ID 1
-#define FW_MEM_DUMP_NUM_SEG 1
-#define MEMDUMP_COMPLETION_TIME_MS 800
-
-int memdump_init(void);
-void memdump_deinit(void);
-int wlan_hdd_cfg80211_get_fw_mem_dump(struct wiphy *wiphy,
- struct wireless_dev *wdev,
- const void *data, int data_len);
int hdd_driver_memdump_init(void);
void hdd_driver_memdump_deinit(void);
-#else
-static inline int memdump_init(void)
-{
- return -ENOTSUPP;
-}
-
-static inline void memdump_deinit(void)
-{
-}
-static inline int wlan_hdd_cfg80211_get_fw_mem_dump(struct wiphy *wiphy,
- struct wireless_dev *wdev,
- const void *data, int data_len)
-{
- return -ENOTSUPP;
-}
-static inline int hdd_driver_memdump_init(void)
-{
- return -EINVAL;
-}
-static inline void hdd_driver_memdump_deinit(void)
-{
- return;
-}
-#endif
#endif /* if !defined(WLAN_HDD_MEMDUMP_H)*/
diff --git a/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_cfg80211.c b/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_cfg80211.c
index 8cf98c34c7de768c7eaa590f80e9c9df465ecaa9..9238c2c1b832b190db89574e183fc82d6f8d0bd9 100644
--- a/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_cfg80211.c
+++ b/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_cfg80211.c
@@ -106,8 +106,6 @@
#include "wlan_hdd_ocb.h"
#include "qwlan_version.h"
-#include "wlan_hdd_memdump.h"
-
#include "wlan_logging_sock_svc.h"
#define g_mode_rates_size (12)
@@ -1347,12 +1345,6 @@ static const struct nl80211_vendor_cmd_info wlan_hdd_cfg80211_vendor_events[] =
.vendor_id = QCA_NL80211_VENDOR_ID,
.subcmd = QCA_NL80211_VENDOR_SUBCMD_DCC_STATS_EVENT
},
-#ifdef WLAN_FEATURE_MEMDUMP
- [QCA_NL80211_VENDOR_SUBCMD_WIFI_LOGGER_MEMORY_DUMP_INDEX] = {
- .vendor_id = QCA_NL80211_VENDOR_ID,
- .subcmd = QCA_NL80211_VENDOR_SUBCMD_WIFI_LOGGER_MEMORY_DUMP
- },
-#endif /* WLAN_FEATURE_MEMDUMP */
[QCA_NL80211_VENDOR_SUBCMD_MONITOR_RSSI_INDEX] = {
.vendor_id = QCA_NL80211_VENDOR_ID,
.subcmd = QCA_NL80211_VENDOR_SUBCMD_MONITOR_RSSI
@@ -6757,8 +6749,6 @@ __wlan_hdd_cfg80211_get_logger_supp_feature(struct wiphy *wiphy,
features = 0;
- if (hdd_is_memdump_supported())
- features |= WIFI_LOGGER_MEMORY_DUMP_SUPPORTED;
features |= WIFI_LOGGER_PER_PACKET_TX_RX_STATUS_SUPPORTED;
features |= WIFI_LOGGER_CONNECT_EVENT_SUPPORTED;
features |= WIFI_LOGGER_WAKE_LOCK_SUPPORTED;
@@ -11173,16 +11163,6 @@ const struct wiphy_vendor_command hdd_wiphy_vendor_commands[] =
.doit = wlan_hdd_cfg80211_get_logger_supp_feature
},
-#ifdef WLAN_FEATURE_MEMDUMP
- {
- .info.vendor_id = QCA_NL80211_VENDOR_ID,
- .info.subcmd = QCA_NL80211_VENDOR_SUBCMD_WIFI_LOGGER_MEMORY_DUMP,
- .flags = WIPHY_VENDOR_CMD_NEED_WDEV |
- WIPHY_VENDOR_CMD_NEED_NETDEV |
- WIPHY_VENDOR_CMD_NEED_RUNNING,
- .doit = wlan_hdd_cfg80211_get_fw_mem_dump
- },
-#endif /* WLAN_FEATURE_MEMDUMP */
{
.info.vendor_id = QCA_NL80211_VENDOR_ID,
.info.subcmd = QCA_NL80211_VENDOR_SUBCMD_WIFI_LOGGER_START,
diff --git a/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_main.c b/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_main.c
index 4d65c27f295b7d13f7879f17d099f23d3abc9464..bd1ef68b170e37ed706e349285a399d95a37f5f3 100644
--- a/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_main.c
+++ b/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_main.c
@@ -13359,7 +13359,6 @@ void __hdd_wlan_exit(void)
hdd_close_tx_queues(pHddCtx);
//Do all the cleanup before deregistering the driver
- memdump_deinit();
hdd_driver_memdump_deinit();
hdd_wlan_exit(pHddCtx);
EXIT();
@@ -14603,6 +14602,7 @@ static int hdd_initialize_mac_address(hdd_context_t *hdd_ctx)
}
return 0;
}
+
/**---------------------------------------------------------------------------
\brief hdd_wlan_startup() - HDD init function
@@ -15170,7 +15170,6 @@ int hdd_wlan_startup(struct device *dev, v_VOID_t *hif_sc)
vos_set_load_in_progress(VOS_MODULE_ID_VOSS, FALSE);
pHddCtx->isLoadInProgress = FALSE;
- memdump_init();
hdd_driver_memdump_init();
hddLog(LOGE, FL("FTM driver loaded"));
wlan_comp.status = 0;
@@ -15622,8 +15621,9 @@ int hdd_wlan_startup(struct device *dev, v_VOID_t *hif_sc)
if (pHddCtx->cfg_ini->enable_dynamic_sta_chainmask)
hdd_decide_dynamic_chain_mask(pHddCtx,
HDD_ANTENNA_MODE_1X1);
- memdump_init();
+
hdd_driver_memdump_init();
+
if (pHddCtx->cfg_ini->goptimize_chan_avoid_event) {
hal_status = sme_enable_disable_chanavoidind_event(pHddCtx->hHal, 0);
if (eHAL_STATUS_SUCCESS != hal_status)
@@ -18127,22 +18127,6 @@ void hdd_get_fw_version(hdd_context_t *hdd_ctx,
*crmid = hdd_ctx->target_fw_version & 0x7fff;
}
-/**
- * hdd_is_memdump_supported() - to check if memdump feature support
- *
- * This function is used to check if memdump feature is supported in
- * the host driver
- *
- * Return: true if supported and false otherwise
- */
-bool hdd_is_memdump_supported(void)
-{
-#ifdef WLAN_FEATURE_MEMDUMP
- return true;
-#endif
- return false;
-}
-
#ifdef QCA_CONFIG_SMP
int wlan_hdd_get_cpu()
{
diff --git a/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_memdump.c b/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_memdump.c
index edc90b532922f815b40bca56f1b3866e745d5202..dc6d6e3a969742c9cca9b564e6b9d174752f61c5 100644
--- a/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_memdump.c
+++ b/drivers/staging/qcacld-2.0/CORE/HDD/src/wlan_hdd_memdump.c
@@ -42,321 +42,6 @@
#include <linux/proc_fs.h> /* Necessary because we use the proc fs */
#include <linux/uaccess.h> /* for copy_to_user */
-/**
- * hdd_fw_dump_context - hdd firmware memory dump context
- *
- * @request_id: userspace assigned firmware memory dump request ID
- * @response_event: firmware memory dump request wait event
- */
-struct hdd_fw_dump_context {
- uint32_t request_id;
- struct completion response_event;
-};
-static struct hdd_fw_dump_context fw_dump_context;
-
-/**
- * memdump_cleanup_timer_cb() - Timer callback function for memory dump cleanup.
- *
- * @data: Callback data (used to stored HDD context)
- *
- * Callback function registered for memory dump cleanup VOS timer.
- *
- * Return: none
- */
-
-static void memdump_cleanup_timer_cb(void *data)
-{
- int status;
- hdd_context_t *hdd_ctx = data;
- adf_os_dma_addr_t paddr;
- adf_os_dma_addr_t dma_ctx;
- adf_os_device_t adf_ctx;
-
- status = wlan_hdd_validate_context(hdd_ctx);
- if (0 != status)
- return;
-
- if (!hdd_ctx->fw_dump_loc) {
- hddLog(LOG1, FL("Memory dump already freed"));
- return;
- }
-
- adf_ctx = vos_get_context(VOS_MODULE_ID_ADF, hdd_ctx->pvosContext);
- if (!adf_ctx) {
- hddLog(LOGE, FL("ADF context is NULL"));
- return;
- }
-
- paddr = hdd_ctx->dump_loc_paddr;
- mutex_lock(&hdd_ctx->memdump_lock);
- adf_os_mem_free_consistent(adf_ctx,
- FW_MEM_DUMP_SIZE, hdd_ctx->fw_dump_loc, paddr, dma_ctx);
- hdd_ctx->fw_dump_loc = NULL;
- hdd_ctx->memdump_in_progress = false;
- mutex_unlock(&hdd_ctx->memdump_lock);
-
-}
-
-/**
- * wlan_hdd_cfg80211_fw_mem_dump_cb() - Callback to receive FW memory dump
- * @ctx: pointer to HDD context.
- * @rsp: pointer to fw dump copy complete response
- *
- * This is a callback function used to indicate user space about the
- * availability for firmware memory dump via vendor event.
- *
- * Return: None
- */
-static void wlan_hdd_cfg80211_fw_mem_dump_cb(void *ctx,
- struct fw_dump_rsp *dump_rsp)
-{
- hdd_context_t *hdd_ctx = ctx;
- struct hdd_fw_dump_context *context;
- int status;
-
- status = wlan_hdd_validate_context(hdd_ctx);
- if (0 != status)
- return;
-
- spin_lock(&hdd_context_lock);
- context = &fw_dump_context;
- /* validate the response received */
- if (!dump_rsp->dump_complete ||
- context->request_id != dump_rsp->request_id) {
- spin_unlock(&hdd_context_lock);
- hddLog(LOGE,
- FL("Error @ request_id: %d response_id: %d status: %d"),
- context->request_id, dump_rsp->request_id,
- dump_rsp->dump_complete);
- return;
- } else {
- complete(&context->response_event);
- }
- spin_unlock(&hdd_context_lock);
-
- return;
-}
-
-/**
- * wlan_hdd_send_memdump_rsp - send memory dump response to user space
- * @hdd_ctx: Pointer to hdd context
- *
- * Return: 0 for success; non-zero for failure
- */
-static int wlan_hdd_send_memdump_rsp(hdd_context_t *hdd_ctx)
-{
- struct sk_buff *skb;
- int status;
-
- status = wlan_hdd_validate_context(hdd_ctx);
- if (0 != status)
- return status;
-
- skb = cfg80211_vendor_cmd_alloc_reply_skb(hdd_ctx->wiphy,
- NLMSG_HDRLEN + NLA_HDRLEN + sizeof(uint32_t));
-
- if (!skb) {
- hddLog(LOGE, FL("cfg80211_vendor_cmd_alloc_reply_skb failed"));
- return -ENOMEM;
- }
-
- if (nla_put_u32(skb, QCA_WLAN_VENDOR_ATTR_MEMDUMP_SIZE,
- FW_MEM_DUMP_SIZE)) {
- hddLog(LOGE, FL("nla put fail"));
- goto nla_put_failure;
- }
-
- cfg80211_vendor_cmd_reply(skb);
- hddLog(LOG1, FL("Memdump event sent successfully to user space"));
- return 0;
-
-nla_put_failure:
- kfree_skb(skb);
- return -EINVAL;
-}
-
-/**
- * __wlan_hdd_cfg80211_get_fw_mem_dump() - Get FW memory dump
- * @wiphy: pointer to wireless wiphy structure.
- * @wdev: pointer to wireless_dev structure.
- * @data: Pointer to the NL data.
- * @data_len:Length of @data
- *
- * This is called when wlan driver needs to get the firmware memory dump
- * via vendor specific command.
- *
- * Return: 0 on success, error number otherwise.
- */
-static int
-__wlan_hdd_cfg80211_get_fw_mem_dump(struct wiphy *wiphy,
- struct wireless_dev *wdev,
- const void *data, int data_len)
-{
- int status;
- VOS_STATUS sme_status;
- hdd_context_t *hdd_ctx = wiphy_priv(wiphy);
- struct fw_dump_req fw_mem_dump_req;
- struct fw_dump_seg_req* seg_req;
- uint8_t loop;
- adf_os_dma_addr_t paddr;
- adf_os_dma_addr_t dma_ctx;
- adf_os_device_t adf_ctx;
- unsigned long rc;
- struct hdd_fw_dump_context *context;
-
- if (VOS_FTM_MODE == hdd_get_conparam()) {
- hddLog(LOGE, FL("Command not allowed in FTM mode"));
- return -EINVAL;
- }
-
- status = wlan_hdd_validate_context(hdd_ctx);
- if (0 != status)
- return status;
-
- adf_ctx = vos_get_context(VOS_MODULE_ID_ADF, hdd_ctx->pvosContext);
- if (!adf_ctx) {
- hddLog(LOGE, FL("ADF context is NULL"));
- return -EINVAL;
- }
-
- if (hdd_ctx->memdump_in_progress) {
- hddLog(LOGE, FL("Already a memdump req in progress."));
- return -EBUSY;
- }
-
- /*
- * Allocate memory for fw memory dump. Memory allocated should be
- * contiguous. Physical address of the allocated memory is passed
- * to the FW for copy
- *
- * Reuse the memory if available.
- */
- mutex_lock(&hdd_ctx->memdump_lock);
- if (!hdd_ctx->fw_dump_loc) {
- hdd_ctx->fw_dump_loc = adf_os_mem_alloc_consistent(
- adf_ctx, FW_MEM_DUMP_SIZE, &paddr, dma_ctx);
- if (!hdd_ctx->fw_dump_loc) {
- mutex_unlock(&hdd_ctx->memdump_lock);
- hddLog(LOGE, FL("adf_os_mem_alloc_consistent failed"));
- return -ENOMEM;
- }
- hdd_ctx->dump_loc_paddr = paddr;
- }
- mutex_unlock(&hdd_ctx->memdump_lock);
-
- /*
- * Currently request_id and num_seg is assumed to be default(1)
- * It is assumed that firmware dump requested is for DRAM section
- * only
- */
-
- fw_mem_dump_req.request_id = FW_MEM_DUMP_REQ_ID;
- fw_mem_dump_req.num_seg = FW_MEM_DUMP_NUM_SEG;
-
- hddLog(LOG1, FL("request_id:%d num_seg:%d"),
- fw_mem_dump_req.request_id, fw_mem_dump_req.num_seg);
- seg_req = (struct fw_dump_seg_req *) fw_mem_dump_req.segment;
- for (loop = 0; loop < fw_mem_dump_req.num_seg; loop++) {
- seg_req->seg_id = 1;
- seg_req->seg_start_addr_lo = FW_DRAM_LOCATION;
- seg_req->seg_start_addr_hi = 0;
- seg_req->seg_length = FW_MEM_DUMP_SIZE;
- seg_req->dst_addr_lo = hdd_ctx->dump_loc_paddr;
- seg_req->dst_addr_hi = 0;
- hddLog(LOG1, FL("seg_number:%d"), loop);
- hddLog(LOG1,
- FL("seg_id:%d start_addr_lo:0x%x start_addr_hi:0x%x"),
- seg_req->seg_id, seg_req->seg_start_addr_lo,
- seg_req->seg_start_addr_hi);
- hddLog(LOG1,
- FL("seg_length:%d dst_addr_lo:0x%x dst_addr_hi:0x%x"),
- seg_req->seg_length, seg_req->dst_addr_lo,
- seg_req->dst_addr_hi);
- seg_req++;
- }
-
- /**
- * Start the cleanup timer.
- * Memory allocated for this request will be freed up
- * once the timer expires. Memory dump request is expected to be
- * completed by this time.
- *
- * User space will not be able to access the dump after this time.
- * New request should be issued to get the dump again.
- */
- vos_timer_start(&hdd_ctx->memdump_cleanup_timer,
- MEMDUMP_COMPLETION_TIME_MS);
- hdd_ctx->memdump_in_progress = true;
-
- spin_lock(&hdd_context_lock);
- context = &fw_dump_context;
- context->request_id = fw_mem_dump_req.request_id;
- INIT_COMPLETION(context->response_event);
- spin_unlock(&hdd_context_lock);
-
- sme_status = sme_fw_mem_dump(hdd_ctx->hHal, &fw_mem_dump_req);
- if (VOS_STATUS_SUCCESS != sme_status) {
- hddLog(LOGE, FL("sme_fw_mem_dump Failed"));
- mutex_lock(&hdd_ctx->memdump_lock);
- adf_os_mem_free_consistent(adf_ctx,
- FW_MEM_DUMP_SIZE, hdd_ctx->fw_dump_loc, paddr, dma_ctx);
- hdd_ctx->fw_dump_loc = NULL;
- mutex_unlock(&hdd_ctx->memdump_lock);
- hdd_ctx->memdump_in_progress = false;
- if (VOS_TIMER_STATE_RUNNING ==
- vos_timer_getCurrentState(&hdd_ctx->memdump_cleanup_timer)) {
- vos_timer_stop(&hdd_ctx->memdump_cleanup_timer);
- }
- return -EINVAL;
- }
-
- rc = wait_for_completion_timeout(&context->response_event,
- msecs_to_jiffies(MEMDUMP_COMPLETION_TIME_MS));
- if (!rc) {
- hddLog(LOGE, FL("Target response timed out for request_id: %d"),
- context->request_id);
- return -ETIMEDOUT;
- }
-
- status = wlan_hdd_send_memdump_rsp(hdd_ctx);
- if (status)
- hddLog(LOGE,
- FL("Failed to send FW memory dump rsp to user space"));
-
- return status;
-}
-
-/**
- * wlan_hdd_cfg80211_get_fw_mem_dump() - Get FW memory dump
- * @wiphy: pointer to wireless wiphy structure.
- * @wdev: pointer to wireless_dev structure.
- * @data: Pointer to the NL data.
- * @data_len:Length of @data
- *
- * This is called when wlan driver needs to get the firmware memory dump
- * via vendor specific command.
- *
- * Return: 0 on success, error number otherwise.
- */
-int wlan_hdd_cfg80211_get_fw_mem_dump(struct wiphy *wiphy,
- struct wireless_dev *wdev,
- const void *data, int data_len)
-{
- int ret;
-
- vos_ssr_protect(__func__);
- ret = __wlan_hdd_cfg80211_get_fw_mem_dump(wiphy, wdev, data, data_len);
- vos_ssr_unprotect(__func__);
-
- return ret;
-}
-
-#define PROCFS_MEMDUMP_DIR "debug"
-#define PROCFS_MEMDUMP_NAME "fwdump"
-#define PROCFS_MEMDUMP_PERM 0444
-
-static struct proc_dir_entry *proc_file, *proc_dir;
-
/** memdump_get_file_data() - get data available in proc file
*
* @file - handle for the proc file.
@@ -384,289 +69,6 @@ static void *memdump_get_file_data(struct file *file)
}
#endif
-/**
- * memdump_read() - perform read operation in memory dump proc file
- *
- * @file - handle for the proc file.
- * @buf - pointer to user space buffer.
- * @count - number of bytes to be read.
- * @pos - offset in the from buffer.
- *
- * This function performs read operation for the memory dump proc file.
- *
- * Return: number of bytes read on success, error code otherwise.
- */
-static ssize_t memdump_read(struct file *file, char __user *buf,
- size_t count, loff_t *pos)
-{
- int status;
- hdd_context_t *hdd_ctx;
- adf_os_dma_addr_t paddr;
- adf_os_dma_addr_t dma_ctx;
- adf_os_device_t adf_ctx;
-
- hdd_ctx = memdump_get_file_data(file);
-
- hddLog(LOG1, FL("Read req for size:%zu pos:%llu"), count, *pos);
- status = wlan_hdd_validate_context(hdd_ctx);
- if (0 != status)
- return -EINVAL;
-
- adf_ctx = vos_get_context(VOS_MODULE_ID_ADF, hdd_ctx->pvosContext);
- if (!adf_ctx) {
- hddLog(LOGE, FL("ADF context is NULL"));
- return -EINVAL;
- }
-
- if (!hdd_ctx->memdump_in_progress) {
- hddLog(LOGE, FL("Current mem dump request timed out/failed"));
- return -EINVAL;
- }
-
- if (*pos < 0) {
- hddLog(LOGE, FL("Invalid start offset for memdump read"));
- return -EINVAL;
- } else if (*pos >= FW_MEM_DUMP_SIZE || !count) {
- hddLog(LOGE, FL("No more data to copy"));
- return 0;
- } else if (count > FW_MEM_DUMP_SIZE - *pos) {
- count = FW_MEM_DUMP_SIZE - *pos;
- }
-
- if (!hdd_ctx->fw_dump_loc) {
- hddLog(LOGE, FL("Invalid fw mem dump location"));
- return -EINVAL;
- }
-
- if (copy_to_user(buf, hdd_ctx->fw_dump_loc + *pos, count)) {
- hddLog(LOGE, FL("copy to user space failed"));
- return -EFAULT;
- }
-
- /* offset(pos) should be updated here based on the copy done */
- *pos += count;
-
- /* Entire FW memory dump copy completed */
- if (*pos >= FW_MEM_DUMP_SIZE) {
- paddr = hdd_ctx->dump_loc_paddr;
- mutex_lock(&hdd_ctx->memdump_lock);
- adf_os_mem_free_consistent(adf_ctx,
- FW_MEM_DUMP_SIZE, hdd_ctx->fw_dump_loc, paddr, dma_ctx);
- hdd_ctx->fw_dump_loc = NULL;
- hdd_ctx->memdump_in_progress = false;
- if (VOS_TIMER_STATE_RUNNING ==
- vos_timer_getCurrentState(&hdd_ctx->memdump_cleanup_timer)) {
- vos_timer_stop(&hdd_ctx->memdump_cleanup_timer);
- }
- mutex_unlock(&hdd_ctx->memdump_lock);
- }
-
- return count;
-}
-
-/**
- * struct memdump_fops - file operations for memory dump feature
- * @read - read function for memory dump operation.
- *
- * This structure initialize the file operation handle for memory
- * dump feature
- */
-static const struct file_operations memdump_fops = {
- read: memdump_read
-};
-
-/**
- * memdump_procfs_init() - Initialize procfs for memory dump
- *
- * @vos_ctx - Global vos context.
- *
- * This function create file under proc file system to be used later for
- * processing firmware memory dump
- *
- * Return: 0 on success, error code otherwise.
- */
-static int memdump_procfs_init(void *vos_ctx)
-{
- hdd_context_t *hdd_ctx;
-
- hdd_ctx = vos_get_context(VOS_MODULE_ID_HDD, vos_ctx);
- if (!hdd_ctx) {
- hddLog(LOGE , FL("Invalid HDD context"));
- return -EINVAL;
- }
-
- proc_dir = proc_mkdir(PROCFS_MEMDUMP_DIR, NULL);
- if (proc_dir == NULL) {
- remove_proc_entry(PROCFS_MEMDUMP_DIR, NULL);
- pr_debug("Error: Could not initialize /proc/%s\n",
- PROCFS_MEMDUMP_DIR);
- return -ENOMEM;
- }
-
- proc_file = proc_create_data(PROCFS_MEMDUMP_NAME,
- PROCFS_MEMDUMP_PERM, proc_dir,
- &memdump_fops, hdd_ctx);
- if (proc_file == NULL) {
- remove_proc_entry(PROCFS_MEMDUMP_NAME, proc_dir);
- pr_debug("Error: Could not initialize /proc/%s\n",
- PROCFS_MEMDUMP_NAME);
- return -ENOMEM;
- }
-
- pr_debug("/proc/%s/%s created\n", PROCFS_MEMDUMP_DIR,
- PROCFS_MEMDUMP_NAME);
- return 0;
-}
-
-/**
- * memdump_procfs_remove() - Remove file/dir under procfs for memory dump
- *
- * This function removes file/dir under proc file system that was
- * processing firmware memory dump
- *
- * Return: None
- */
-static void memdump_procfs_remove(void)
-{
- remove_proc_entry(PROCFS_MEMDUMP_NAME, proc_dir);
- pr_debug("/proc/%s/%s removed\n", PROCFS_MEMDUMP_DIR,
- PROCFS_MEMDUMP_NAME);
- remove_proc_entry(PROCFS_MEMDUMP_DIR, NULL);
- pr_debug("/proc/%s removed\n", PROCFS_MEMDUMP_DIR);
-}
-
-/**
- * memdump_init() - Intialization function for memory dump feature
- *
- * This function creates proc file for memdump feature and registers
- * HDD callback function with SME.
- *
- * Return - 0 on success, error otherwise
- */
-int memdump_init(void)
-{
- hdd_context_t *hdd_ctx;
- void *vos_ctx;
- int status = 0;
- eHalStatus cb_status;
- VOS_STATUS vos_status;
-
- vos_ctx = vos_get_global_context(VOS_MODULE_ID_SYS, NULL);
- if (!vos_ctx) {
- hddLog(LOGE, FL("Invalid VOS context"));
- return -EINVAL;
- }
-
- hdd_ctx = vos_get_context(VOS_MODULE_ID_HDD, vos_ctx);
- if (!hdd_ctx) {
- hddLog(LOGE , FL("Invalid HDD context"));
- return -EINVAL;
- }
-
- if (VOS_FTM_MODE == hdd_get_conparam()) {
- hddLog(LOGE, FL("Not initializing memdump in FTM mode"));
- return -EINVAL;
- }
-
- cb_status = sme_fw_mem_dump_register_cb(hdd_ctx->hHal,
- wlan_hdd_cfg80211_fw_mem_dump_cb);
- if (eHAL_STATUS_SUCCESS != cb_status) {
- hddLog(LOGE , FL("Failed to register the callback"));
- return -EINVAL;
- }
-
- status = memdump_procfs_init(vos_ctx);
- if (status) {
- hddLog(LOGE , FL("Failed to create proc file"));
- return status;
- }
-
- init_completion(&fw_dump_context.response_event);
-
- vos_status = vos_timer_init(&hdd_ctx->memdump_cleanup_timer,
- VOS_TIMER_TYPE_SW, memdump_cleanup_timer_cb,
- (void *)hdd_ctx);
- if (!VOS_IS_STATUS_SUCCESS(vos_status)) {
- hddLog(LOGE, FL("Failed to init memdump cleanup timer"));
- return -EINVAL;
- }
-
- mutex_init(&hdd_ctx->memdump_lock);
- hdd_ctx->memdump_init_done = true;
-
- return 0;
-}
-
-/**
- * memdump_deinit() - De initialize memdump feature
- *
- * This function removes proc file created for memdump feature.
- *
- * Return: None
- */
-void memdump_deinit(void) {
- hdd_context_t *hdd_ctx;
- void *vos_ctx;
- adf_os_dma_addr_t paddr;
- adf_os_dma_addr_t dma_ctx;
- adf_os_device_t adf_ctx;
- VOS_STATUS vos_status;
-
- vos_ctx = vos_get_global_context(VOS_MODULE_ID_SYS, NULL);
- if (!vos_ctx) {
- hddLog(LOGE, FL("Invalid VOS context"));
- return;
- }
-
- hdd_ctx = vos_get_context(VOS_MODULE_ID_HDD, vos_ctx);
- if(!hdd_ctx) {
- hddLog(LOGE , FL("Invalid HDD context"));
- return;
- }
-
- if (VOS_FTM_MODE == hdd_get_conparam()) {
- hddLog(LOGE, FL("Not deinitializing memdump in FTM mode"));
- return;
- }
-
- if (!hdd_ctx->memdump_init_done) {
- hddLog(LOGE, FL("MemDump not initialized"));
- return;
- }
-
- hdd_ctx->memdump_init_done = false;
- adf_ctx = vos_get_context(VOS_MODULE_ID_ADF, hdd_ctx->pvosContext);
- if (!adf_ctx) {
- hddLog(LOGE, FL("ADF context is NULL"));
- return;
- }
-
- memdump_procfs_remove();
- sme_fw_mem_dump_unregister_cb(hdd_ctx->hHal);
-
- mutex_lock(&hdd_ctx->memdump_lock);
- if (hdd_ctx->fw_dump_loc) {
- paddr = hdd_ctx->dump_loc_paddr;
- adf_os_mem_free_consistent(adf_ctx,
- FW_MEM_DUMP_SIZE, hdd_ctx->fw_dump_loc, paddr, dma_ctx);
- hdd_ctx->fw_dump_loc = NULL;
- hdd_ctx->memdump_in_progress = false;
- }
-
- mutex_unlock(&hdd_ctx->memdump_lock);
- mutex_destroy(&hdd_ctx->memdump_lock);
-
- if (VOS_TIMER_STATE_RUNNING ==
- vos_timer_getCurrentState(&hdd_ctx->memdump_cleanup_timer)) {
- vos_timer_stop(&hdd_ctx->memdump_cleanup_timer);
- }
-
- vos_status = vos_timer_destroy(&hdd_ctx->memdump_cleanup_timer);
- if (!VOS_IS_STATUS_SUCCESS(vos_status)) {
- hddLog(LOGE, FL("Failed to deallocate timer"));
- }
-}
-
#define PROCFS_DRIVER_DUMP_DIR "debugdriver"
#ifdef MULTI_IF_NAME
@@ -815,29 +217,15 @@ static const struct file_operations driver_dump_fops = {
/**
* hdd_driver_memdump_procfs_init() - Initialize procfs for driver memory dump
+ * @hdd_ctx: hdd context
*
* This function create file under proc file system to be used later for
* processing driver memory dump
*
* Return: 0 on success, error code otherwise.
*/
-static int hdd_driver_memdump_procfs_init(void)
+static int hdd_driver_memdump_procfs_init(hdd_context_t *hdd_ctx)
{
- hdd_context_t *hdd_ctx;
- void *vos_ctx;
-
- vos_ctx = vos_get_global_context(VOS_MODULE_ID_SYS, NULL);
- if (!vos_ctx) {
- VOS_ASSERT(0);
- return -EINVAL;
- }
-
- hdd_ctx = vos_get_context(VOS_MODULE_ID_HDD, vos_ctx);
- if (!hdd_ctx) {
- hddLog(LOGE, FL("Invalid HDD context"));
- return -EINVAL;
- }
-
proc_dir_driver = proc_mkdir(PROCFS_DRIVER_DUMP_DIR, NULL);
if (proc_dir_driver == NULL) {
pr_debug("Error: Could not initialize /proc/%s\n",
@@ -889,13 +277,29 @@ static void hdd_driver_memdump_procfs_remove(void)
int hdd_driver_memdump_init(void)
{
int status;
+ void *vos_ctx;
+ hdd_context_t *hdd_ctx;
if (VOS_FTM_MODE == hdd_get_conparam()) {
hddLog(LOGE, FL("Not initializing memdump in FTM mode"));
return -EINVAL;
}
- status = hdd_driver_memdump_procfs_init();
+ vos_ctx = vos_get_global_context(VOS_MODULE_ID_SYS, NULL);
+ if (!vos_ctx) {
+ hddLog(LOGE, FL("Invalid VOS context"));
+ return -EINVAL;
+ }
+
+ hdd_ctx = vos_get_context(VOS_MODULE_ID_HDD, vos_ctx);
+ if (!hdd_ctx) {
+ hddLog(LOGE , FL("Invalid HDD context"));
+ return -EINVAL;
+ }
+
+ mutex_init(&hdd_ctx->memdump_lock);
+
+ status = hdd_driver_memdump_procfs_init(hdd_ctx);
if (status) {
hddLog(LOGE, FL("Failed to create proc file"));
return status;
diff --git a/drivers/staging/qcacld-2.0/CORE/MAC/inc/sirApi.h b/drivers/staging/qcacld-2.0/CORE/MAC/inc/sirApi.h
index aaf37d60d8bf24f873f76abfb38454a4473f8cba..886e034c94530c0562ad996e04c764eaa323ef35 100644
--- a/drivers/staging/qcacld-2.0/CORE/MAC/inc/sirApi.h
+++ b/drivers/staging/qcacld-2.0/CORE/MAC/inc/sirApi.h
@@ -6631,61 +6631,6 @@ struct sir_guard_time_request {
/* Max number of rates allowed in Supported Rates IE */
#define MAX_NUM_SUPPORTED_RATES (8)
-#define MAX_NUM_FW_SEGMENTS 4
-
-/**
- * struct fw_dump_seg_req - individual segment details
- * @seg_id - segment id.
- * @seg_start_addr_lo - lower address of the segment.
- * @seg_start_addr_hi - higher address of the segment.
- * @seg_length - length of the segment.
- * @dst_addr_lo - lower address of the destination buffer.
- * @dst_addr_hi - higher address of the destination buffer.
- *
- * This structure carries the information to firmware about the
- * individual segments. This structure is part of firmware memory
- * dump request.
- */
-struct fw_dump_seg_req
-{
- uint8_t seg_id;
- uint32_t seg_start_addr_lo;
- uint32_t seg_start_addr_hi;
- uint32_t seg_length;
- uint32_t dst_addr_lo;
- uint32_t dst_addr_hi;
-};
-
-/**
- * struct fw_dump_req - firmware memory dump request details.
- * @request_id - request id.
- * @num_seg - requested number of segments.
- * @fw_dump_seg_req - individual segment information.
- *
- * This structure carries information about the firmware
- * memory dump request.
- */
-struct fw_dump_req
-{
- uint32_t request_id;
- uint32_t num_seg;
- struct fw_dump_seg_req segment[MAX_NUM_FW_SEGMENTS];
-};
-
-/**
- * struct fw_dump_rsp - firmware dump response details.
- * @request_id - request id.
- * @dump_complete - copy completion status.
- *
- * This structure is used to store the firmware dump copy complete
- * response from the firmware.
- */
-struct fw_dump_rsp
-{
- uint32_t request_id;
- uint32_t dump_complete;
-};
-
/**
* struct vdev_ie_info - IE info
* @vdev_i - vdev for which the IE is being sent
diff --git a/drivers/staging/qcacld-2.0/CORE/MAC/inc/wniApi.h b/drivers/staging/qcacld-2.0/CORE/MAC/inc/wniApi.h
index b82d75742cf86c25e6d0a7b818812bdeee231be1..c6043614a7c26a72d9d08f5f162f49a74f16a488 100644
--- a/drivers/staging/qcacld-2.0/CORE/MAC/inc/wniApi.h
+++ b/drivers/staging/qcacld-2.0/CORE/MAC/inc/wniApi.h
@@ -391,7 +391,6 @@ enum eWniMsgTypes
eWNI_SME_DCC_STATS_EVENT,
eWNI_SME_TSF_EVENT,
- eWNI_SME_FW_DUMP_IND,
eWNI_SME_PDEV_SET_HT_VHT_IE,
eWNI_SME_EXT_CHANGE_CHANNEL,
eWNI_SME_EXT_CHANGE_CHANNEL_IND,
diff --git a/drivers/staging/qcacld-2.0/CORE/MAC/src/include/sirParams.h b/drivers/staging/qcacld-2.0/CORE/MAC/src/include/sirParams.h
index f327fde890883d94551df4e560f77d6046c5ccb1..597644ca291d3e5bf139a8fb66696a7a680bce7d 100644
--- a/drivers/staging/qcacld-2.0/CORE/MAC/src/include/sirParams.h
+++ b/drivers/staging/qcacld-2.0/CORE/MAC/src/include/sirParams.h
@@ -733,7 +733,7 @@ typedef struct sSirMbMsgP2p
#define SIR_HAL_DCC_GET_STATS_CMD (SIR_HAL_ITC_MSG_TYPES_BEGIN + 324)
#define SIR_HAL_DCC_CLEAR_STATS_CMD (SIR_HAL_ITC_MSG_TYPES_BEGIN + 325)
#define SIR_HAL_DCC_UPDATE_NDL_CMD (SIR_HAL_ITC_MSG_TYPES_BEGIN + 326)
-#define SIR_HAL_FW_MEM_DUMP_REQ (SIR_HAL_ITC_MSG_TYPES_BEGIN + 327)
+/* FW Memory Dump feature is deprecated */
#define SIR_HAL_START_STOP_LOGGING (SIR_HAL_ITC_MSG_TYPES_BEGIN + 328)
#define SIR_HAL_EXTSCAN_STATUS_IND (SIR_HAL_ITC_MSG_TYPES_BEGIN + 329)
diff --git a/drivers/staging/qcacld-2.0/CORE/SERVICES/HIF/USB/hif_usb.c b/drivers/staging/qcacld-2.0/CORE/SERVICES/HIF/USB/hif_usb.c
index fa28970389ad9567e2ab4f7d24b67d4e627714ec..ae8600cdc0913073bbb0f748330a96f9a3324094 100644
--- a/drivers/staging/qcacld-2.0/CORE/SERVICES/HIF/USB/hif_usb.c
+++ b/drivers/staging/qcacld-2.0/CORE/SERVICES/HIF/USB/hif_usb.c
@@ -245,7 +245,8 @@ static A_STATUS HIFSend_internal(HIF_DEVICE *hifDevice, a_uint8_t PipeID,
int usb_status;
int i;
struct HIFSendContext *pSendContext;
- int frag_count = 0, head_data_len, tmp_frag_count = 0;
+ uint8_t frag_count;
+ uint32_t head_data_len, tmp_frag_count = 0;
unsigned char *pData;
AR_DEBUG_PRINTF(USB_HIF_DEBUG_BULK_OUT, ("+%s pipe : %d, buf:0x%p\n",
@@ -254,8 +255,15 @@ static A_STATUS HIFSend_internal(HIF_DEVICE *hifDevice, a_uint8_t PipeID,
a_mem_trace(buf);
frag_count = adf_nbuf_get_num_frags(buf);
- if (frag_count > 1) { /* means have extra fragment buf in skb */
- /* header data length should be total sending length substract
+ if (frag_count == 1) {
+ /*
+ * | HIFSendContext | netbuf->data
+ */
+ head_data_len = sizeof(struct HIFSendContext);
+ } else if ((frag_count - 1) <= CVG_NBUF_MAX_EXTRA_FRAGS) {
+ /*
+ * means have extra fragment buf in skb
+ * header data length should be total sending length substract
* internal data length of netbuf
* | HIFSendContext | fragments except internal buffer |
* netbuf->data
@@ -268,10 +276,12 @@ static A_STATUS HIFSend_internal(HIF_DEVICE *hifDevice, a_uint8_t PipeID,
tmp_frag_count = tmp_frag_count + 1;
}
} else {
- /*
- * | HIFSendContext | netbuf->data
- */
- head_data_len = sizeof(struct HIFSendContext);
+ /* Extra fragments overflow */
+ AR_DEBUG_PRINTF(ATH_DEBUG_ERR, (
+ "%s Extra fragments count overflow : %d\n",
+ __func__, frag_count));
+ status = A_ERROR;
+ goto exit;
}
/* Check whether head room is enough to save extra head data */
@@ -366,6 +376,7 @@ static A_STATUS HIFSend_internal(HIF_DEVICE *hifDevice, a_uint8_t PipeID,
} while (FALSE);
+exit:
if (A_FAILED(status) && (status != A_NO_RESOURCE)) {
AR_DEBUG_PRINTF(ATH_DEBUG_ERR,
("athusb send failed %d\n", status));
diff --git a/drivers/staging/qcacld-2.0/CORE/SERVICES/WMA/wma.c b/drivers/staging/qcacld-2.0/CORE/SERVICES/WMA/wma.c
index 05f2e36746cce4b21923240c43fac64480af5ae8..c94b701043f6566ff0165ce69ddebb8ee3925244 100644
--- a/drivers/staging/qcacld-2.0/CORE/SERVICES/WMA/wma.c
+++ b/drivers/staging/qcacld-2.0/CORE/SERVICES/WMA/wma.c
@@ -2952,49 +2952,6 @@ static void wma_update_rssi_stats(tp_wma_handle wma,
}
}
-#ifdef WLAN_FEATURE_MEMDUMP
-/**
- * wma_fw_mem_dump_rsp() - send fw mem dump response to SME
- *
- * @req_id - request id.
- * @status - copy status from the firmware.
- *
- * This function is called by the memory dump response handler to
- * indicate SME that firmware dump copy is complete
- */
-static VOS_STATUS wma_fw_mem_dump_rsp(uint32_t req_id, uint32_t status)
-{
- struct fw_dump_rsp *dump_rsp;
- vos_msg_t sme_msg = {0} ;
- VOS_STATUS vos_status = VOS_STATUS_SUCCESS;
-
- dump_rsp = vos_mem_malloc(sizeof(*dump_rsp));
-
- if (!dump_rsp) {
- WMA_LOGE(FL("Memory allocation failed."));
- vos_status = VOS_STATUS_E_NOMEM;
- return vos_status;
- }
-
- WMA_LOGI(FL("FW memory dump copy complete status: %d for request: %d"),
- status, req_id);
-
- dump_rsp->request_id = req_id;
- dump_rsp->dump_complete = status;
-
- sme_msg.type = eWNI_SME_FW_DUMP_IND;
- sme_msg.bodyptr = dump_rsp;
- sme_msg.bodyval = 0;
-
- vos_status = vos_mq_post_message(VOS_MODULE_ID_SME, &sme_msg);
- if (!VOS_IS_STATUS_SUCCESS(vos_status)) {
- WMA_LOGE(FL("Fail to post fw mem dump ind msg"));
- vos_mem_free(dump_rsp);
- }
-
- return vos_status;
-}
-#endif /* WLAN_FEATURE_MEMDUMP */
static int wma_link_status_rsp(tp_wma_handle wma, u_int8_t *buf)
{
@@ -5373,49 +5330,6 @@ static int wma_unified_power_debug_stats_event_handler(void *handle,
}
#endif
-/**
- * wma_fw_mem_dump_event_handler() - handles fw memory dump event
- *
- * handle - pointer to wma handle.
- * cmd_param_info - pointer to TLV info received in the event.
- * len - length of data in @cmd_param_info
- *
- * This function is a handler for firmware memory dump event.
- */
-#ifdef WLAN_FEATURE_MEMDUMP
-static int wma_fw_mem_dump_event_handler(void *handle, u_int8_t *cmd_param_info,
- u_int32_t len)
-{
- WMI_UPDATE_FW_MEM_DUMP_EVENTID_param_tlvs *param_buf;
- wmi_update_fw_mem_dump_fixed_param *event;
- VOS_STATUS status;
-
- param_buf =
- (WMI_UPDATE_FW_MEM_DUMP_EVENTID_param_tlvs *) cmd_param_info;
- if (!param_buf) {
- WMA_LOGA("%s: Invalid stats event", __func__);
- return -EINVAL;
- }
-
- event = param_buf->fixed_param;
-
- status = wma_fw_mem_dump_rsp(event->request_id,
- event->fw_mem_dump_complete);
- if (VOS_STATUS_SUCCESS != status) {
- return -EINVAL;
- }
-
- WMA_LOGI("FW MEM DUMP RSP posted successfully");
- return 0;
-}
-#else
-static int wma_fw_mem_dump_event_handler(void *handle, u_int8_t *cmd_param_info,
- u_int32_t len)
-{
- return 0;
-}
-#endif /* WLAN_FEATURE_MEMDUMP */
-
u_int8_t *wma_add_p2p_ie(u_int8_t *frm)
{
u_int8_t wfa_oui[3] = WMA_P2P_WFA_OUI;
@@ -6607,7 +6521,8 @@ static int wma_nan_rsp_event_handler(void *handle, u_int8_t *event_buf,
alloc_len = sizeof(tSirNanEvent);
alloc_len += nan_rsp_event_hdr->data_len;
if (nan_rsp_event_hdr->data_len > ((WMA_SVC_MSG_MAX_SIZE -
- sizeof(*nan_rsp_event_hdr)) / sizeof(u_int8_t))) {
+ sizeof(*nan_rsp_event_hdr)) / sizeof(u_int8_t)) ||
+ nan_rsp_event_hdr->data_len > param_buf->num_data) {
WMA_LOGE("excess data length:%d", nan_rsp_event_hdr->data_len);
VOS_ASSERT(0);
return -EINVAL;
@@ -7962,12 +7877,6 @@ VOS_STATUS WDA_open(v_VOID_t *vos_context, v_VOID_t *os_ctx,
wma_register_ll_stats_event_handler(wma_handle);
#endif /* WLAN_FEATURE_LINK_LAYER_STATS */
- /* Register event handler to receive firmware mem dump
- * copy complete indication
- */
- wmi_unified_register_event_handler(wma_handle->wmi_handle,
- WMI_UPDATE_FW_MEM_DUMP_EVENTID,
- wma_fw_mem_dump_event_handler);
wmi_set_tgt_assert(wma_handle->wmi_handle,
mac_params->force_target_assert_enabled);
@@ -29734,111 +29643,6 @@ VOS_STATUS wma_config_guard_time(tp_wma_handle wma,
return ret;
}
-#ifdef WLAN_FEATURE_MEMDUMP
-/*
- * wma_process_fw_mem_dump_req() - Function to request fw memory dump from
- * firmware
- * @wma: Pointer to WMA handle
- * @mem_dump_req: Pointer for mem_dump_req
- *
- * This function sends memory dump request to firmware
- *
- * Return: VOS_STATUS_SUCCESS for success otherwise failure
- *
- */
-static VOS_STATUS wma_process_fw_mem_dump_req(tp_wma_handle wma,
- struct fw_dump_req* mem_dump_req)
-{
- wmi_get_fw_mem_dump_fixed_param *cmd;
- wmi_fw_mem_dump *dump_params;
- struct fw_dump_seg_req *seg_req;
- int32_t len;
- wmi_buf_t buf;
- u_int8_t *buf_ptr;
- int ret, loop;
-
- if (!mem_dump_req || !wma) {
- WMA_LOGE(FL("input pointer is NULL"));
- return VOS_STATUS_E_FAILURE;
- }
-
- /*
- * len = sizeof(fixed param) that includes tlv header +
- * tlv header for array of struc +
- * sizeof (each struct)
- */
- len = sizeof(*cmd) + WMI_TLV_HDR_SIZE;
- len += mem_dump_req->num_seg * sizeof(wmi_fw_mem_dump);
- buf = wmi_buf_alloc(wma->wmi_handle, len);
-
- if (!buf) {
- WMA_LOGE(FL("Failed allocate wmi buffer"));
- return VOS_STATUS_E_NOMEM;
- }
-
- buf_ptr = (u_int8_t *) wmi_buf_data(buf);
- vos_mem_zero(buf_ptr, len);
- cmd = (wmi_get_fw_mem_dump_fixed_param *) buf_ptr;
-
- WMITLV_SET_HDR(&cmd->tlv_header,
- WMITLV_TAG_STRUC_wmi_get_fw_mem_dump_fixed_param,
- WMITLV_GET_STRUCT_TLVLEN(wmi_get_fw_mem_dump_fixed_param));
-
- cmd->request_id = mem_dump_req->request_id;
- cmd->num_fw_mem_dump_segs = mem_dump_req->num_seg;
-
- /* TLV indicating array of structures to follow */
- buf_ptr += sizeof(wmi_get_fw_mem_dump_fixed_param);
- WMITLV_SET_HDR(buf_ptr, WMITLV_TAG_ARRAY_STRUC,
- sizeof(wmi_fw_mem_dump) *
- cmd->num_fw_mem_dump_segs);
-
- buf_ptr += WMI_TLV_HDR_SIZE;
- dump_params = (wmi_fw_mem_dump *) buf_ptr;
-
- WMA_LOGI(FL("request_id:%d num_seg:%d"),
- mem_dump_req->request_id, mem_dump_req->num_seg);
- for (loop = 0; loop < cmd->num_fw_mem_dump_segs; loop++) {
- seg_req = (struct fw_dump_seg_req *)
- ((uint8_t *)(mem_dump_req->segment) +
- loop * sizeof(*seg_req));
- WMITLV_SET_HDR(&dump_params->tlv_header,
- WMITLV_TAG_STRUC_wmi_fw_mem_dump_params,
- WMITLV_GET_STRUCT_TLVLEN(wmi_fw_mem_dump));
- dump_params->seg_id = seg_req->seg_id;
- dump_params->seg_start_addr_lo = seg_req-> seg_start_addr_lo;
- dump_params->seg_start_addr_hi = seg_req->seg_start_addr_hi;
- dump_params->seg_length = seg_req->seg_length;
- dump_params->dest_addr_lo = seg_req->dst_addr_lo;
- dump_params->dest_addr_hi = seg_req->dst_addr_hi;
- WMA_LOGI(FL("seg_number:%d"), loop);
- WMA_LOGI(FL("seg_id:%d start_addr_lo:0x%x start_addr_hi:0x%x"),
- dump_params->seg_id, dump_params->seg_start_addr_lo,
- dump_params->seg_start_addr_hi);
- WMA_LOGI(FL("seg_length:%d dst_addr_lo:0x%x dst_addr_hi:0x%x"),
- dump_params->seg_length, dump_params->dest_addr_lo,
- dump_params->dest_addr_hi);
- dump_params++;
- }
-
- ret = wmi_unified_cmd_send(wma->wmi_handle, buf, len,
- WMI_GET_FW_MEM_DUMP_CMDID);
- if (ret) {
- WMA_LOGE(FL("Failed to send get firmware mem dump request"));
- wmi_buf_free(buf);
- return VOS_STATUS_E_FAILURE;
- }
-
- WMA_LOGI(FL("Get firmware mem dump request sent successfully"));
- return VOS_STATUS_SUCCESS;
-}
-#else
-static VOS_STATUS wma_process_fw_mem_dump_req(tp_wma_handle wma,
- void *mem_dump_req)
-{
- return VOS_STATUS_SUCCESS;
-}
-#endif /* WLAN_FEATURE_MEMDUMP */
/*
* wma_process_set_ie_info() - Function to send IE info to firmware
@@ -31822,11 +31626,6 @@ VOS_STATUS wma_mc_process_msg(v_VOID_t *vos_context, vos_msg_t *msg)
(struct sir_guard_time_request *)msg->bodyptr);
vos_mem_free(msg->bodyptr);
break;
- case WDA_FW_MEM_DUMP_REQ:
- wma_process_fw_mem_dump_req(wma_handle,
- (struct fw_dump_req*)msg->bodyptr);
- vos_mem_free(msg->bodyptr);
- break;
case SIR_HAL_START_STOP_LOGGING:
wma_set_wifi_start_packet_stats(wma_handle,
(struct sir_wifi_start_log *)msg->bodyptr);
diff --git a/drivers/staging/qcacld-2.0/CORE/SME/inc/smeInternal.h b/drivers/staging/qcacld-2.0/CORE/SME/inc/smeInternal.h
index 3f8ef6713c7e1bf5a1f5aa5e376160851be42ca1..d5fbb13fe158e804df0e190bb57e154ece6b22d5 100644
--- a/drivers/staging/qcacld-2.0/CORE/SME/inc/smeInternal.h
+++ b/drivers/staging/qcacld-2.0/CORE/SME/inc/smeInternal.h
@@ -228,9 +228,6 @@ typedef struct tagSmeStruct
ocb_callback dcc_update_ndl_callback;
void *dcc_stats_event_context;
ocb_callback dcc_stats_event_callback;
-#ifdef WLAN_FEATURE_MEMDUMP
- void (*fw_dump_callback)(void *context, struct fw_dump_rsp *rsp);
-#endif
void (*set_thermal_level_cb)(void *hdd_context, uint8_t level);
void (*rssi_threshold_breached_cb)(void *, struct rssi_breach_event *);
diff --git a/drivers/staging/qcacld-2.0/CORE/SME/inc/sme_Api.h b/drivers/staging/qcacld-2.0/CORE/SME/inc/sme_Api.h
index 1adf98e19b790488bf389d4f381dd7848543f73a..ae514dd2521734c883883de94f2ec6bc67e517a0 100644
--- a/drivers/staging/qcacld-2.0/CORE/SME/inc/sme_Api.h
+++ b/drivers/staging/qcacld-2.0/CORE/SME/inc/sme_Api.h
@@ -4157,11 +4157,6 @@ eHalStatus sme_SetLinkLayerStatsIndCB
#endif /* WLAN_FEATURE_LINK_LAYER_STATS */
-eHalStatus sme_fw_mem_dump(tHalHandle hHal, void *recvd_req);
-eHalStatus sme_fw_mem_dump_register_cb(tHalHandle hHal,
- void (*callback_routine)(void *cb_context, struct fw_dump_rsp *rsp));
-eHalStatus sme_fw_mem_dump_unregister_cb(tHalHandle hHal);
-
#ifdef WLAN_FEATURE_ROAM_OFFLOAD
/*--------------------------------------------------------------------------
\brief sme_UpdateRoamOffloadEnabled() - enable/disable roam offload feature
diff --git a/drivers/staging/qcacld-2.0/CORE/SME/src/sme_common/sme_Api.c b/drivers/staging/qcacld-2.0/CORE/SME/src/sme_common/sme_Api.c
index 797a63f7907ed75e0b3cefaa5fa608671fd22b96..446b7961740e62be6034ee2d7ca3ea3f62ebb7bf 100644
--- a/drivers/staging/qcacld-2.0/CORE/SME/src/sme_common/sme_Api.c
+++ b/drivers/staging/qcacld-2.0/CORE/SME/src/sme_common/sme_Api.c
@@ -79,7 +79,6 @@
extern tSirRetStatus uMacPostCtrlMsg(void* pSirGlobal, tSirMbMsg* pMb);
#define LOG_SIZE 256
-#define READ_MEMORY_DUMP_CMD 9
#define TL_INIT_STATE 0
static tSelfRecoveryStats gSelfRecoveryStats;
@@ -2672,31 +2671,6 @@ eHalStatus sme_SetEseBeaconRequest(tHalHandle hHal, const tANI_U8 sessionId,
}
#endif /* FEATURE_WLAN_ESE && FEATURE_WLAN_ESE_UPLOAD */
-
-/**
- * sme_process_fw_mem_dump_rsp - process fw memory dump response from WMA
- *
- * @pMac - pointer to MAC handle.
- * @pMsg - pointer to received SME msg.
- *
- * This function process the received SME message and calls the corresponding
- * callback which was already registered with SME.
- */
-#ifdef WLAN_FEATURE_MEMDUMP
-static void sme_process_fw_mem_dump_rsp(tpAniSirGlobal pMac, vos_msg_t* pMsg)
-{
- if (pMsg->bodyptr) {
- if (pMac->sme.fw_dump_callback)
- pMac->sme.fw_dump_callback(pMac->hHdd,
- (struct fw_dump_rsp*) pMsg->bodyptr);
- vos_mem_free(pMsg->bodyptr);
- }
-}
-#else
-static void sme_process_fw_mem_dump_rsp(tpAniSirGlobal pMac, vos_msg_t* pMsg)
-{
-}
-#endif
eHalStatus sme_IbssPeerInfoResponseHandleer( tHalHandle hHal,
tpSirIbssGetPeerInfoRspParams pIbssPeerInfoParams)
{
@@ -3405,9 +3379,6 @@ eHalStatus sme_ProcessMsg(tHalHandle hHal, vos_msg_t* pMsg)
}
vos_mem_free(pMsg->bodyptr);
break;
- case eWNI_SME_FW_DUMP_IND:
- sme_process_fw_mem_dump_rsp(pMac, pMsg);
- break;
case eWNI_SME_SET_THERMAL_LEVEL_IND:
if (pMac->sme.set_thermal_level_cb)
{
@@ -16462,76 +16433,6 @@ eHalStatus sme_SetLinkLayerStatsIndCB
#endif /* WLAN_FEATURE_LINK_LAYER_STATS */
-/**
- * sme_fw_mem_dump_register_cb() - Register fw memory dump callback
- *
- * @hHal - MAC global handle
- * @callback_routine - callback routine from HDD
- *
- * This API is invoked by HDD to register its callback in SME
- *
- * Return: eHalStatus
- */
-#ifdef WLAN_FEATURE_MEMDUMP
-eHalStatus sme_fw_mem_dump_register_cb(tHalHandle hal,
- void (*callback_routine)(void *cb_context,
- struct fw_dump_rsp *rsp))
-{
- eHalStatus status = eHAL_STATUS_SUCCESS;
- tpAniSirGlobal pmac = PMAC_STRUCT(hal);
-
- status = sme_AcquireGlobalLock(&pmac->sme);
- if (eHAL_STATUS_SUCCESS == status) {
- pmac->sme.fw_dump_callback = callback_routine;
- sme_ReleaseGlobalLock(&pmac->sme);
- } else {
- VOS_TRACE(VOS_MODULE_ID_SME, VOS_TRACE_LEVEL_ERROR,
- FL("sme_AcquireGlobalLock error"));
- }
-
- return status;
-}
-#else
-eHalStatus sme_fw_mem_dump_register_cb(tHalHandle hal,
- void (*callback_routine)(void *cb_context,
- struct fw_dump_rsp *rsp))
-{
- return eHAL_STATUS_SUCCESS;
-}
-#endif /* WLAN_FEATURE_MEMDUMP */
-
-/**
- * sme_fw_mem_dump_unregister_cb() - Unregister fw memory dump callback
- *
- * @hHal - MAC global handle
- *
- * This API is invoked by HDD to unregister its callback in SME
- *
- * Return: eHalStatus
- */
-#ifdef WLAN_FEATURE_MEMDUMP
-eHalStatus sme_fw_mem_dump_unregister_cb(tHalHandle hal)
-{
- eHalStatus status;
- tpAniSirGlobal pmac = PMAC_STRUCT(hal);
-
- status = sme_AcquireGlobalLock(&pmac->sme);
- if (eHAL_STATUS_SUCCESS == status) {
- pmac->sme.fw_dump_callback = NULL;
- sme_ReleaseGlobalLock(&pmac->sme);
- } else {
- VOS_TRACE(VOS_MODULE_ID_SME, VOS_TRACE_LEVEL_ERROR,
- FL("sme_AcquireGlobalLock error"));
- }
-
- return status;
-}
-#else
-eHalStatus sme_fw_mem_dump_unregister_cb(tHalHandle hal)
-{
- return eHAL_STATUS_SUCCESS;
-}
-#endif /* WLAN_FEATURE_MEMDUMP */
#ifdef WLAN_FEATURE_ROAM_OFFLOAD
/*--------------------------------------------------------------------------
@@ -17127,80 +17028,6 @@ VOS_STATUS sme_apfind_set_cmd(struct sme_ap_find_request_req *input)
return VOS_STATUS_SUCCESS;
}
#endif /* WLAN_FEATURE_APFIND */
-/**
- * sme_fw_mem_dump() - Get FW memory dump
- *
- * This API is invoked by HDD to indicate FW to start
- * dumping firmware memory.
- *
- * Return: eHalStatus
- */
-#ifdef WLAN_FEATURE_MEMDUMP
-eHalStatus sme_fw_mem_dump(tHalHandle hHal, void *recvd_req)
-{
- eHalStatus status = eHAL_STATUS_SUCCESS;
- VOS_STATUS vos_status = VOS_STATUS_SUCCESS;
- tpAniSirGlobal pMac = PMAC_STRUCT(hHal);
- vos_msg_t msg;
- struct fw_dump_req* send_req;
- struct fw_dump_seg_req seg_req;
- int loop;
-
- send_req = vos_mem_malloc(sizeof(*send_req));
- if(!send_req) {
- VOS_TRACE(VOS_MODULE_ID_SME, VOS_TRACE_LEVEL_ERROR,
- FL("Memory allocation failed for WDA_FW_MEM_DUMP"));
- return eHAL_STATUS_FAILURE;
- }
- vos_mem_copy(send_req, recvd_req, sizeof(*send_req));
-
- VOS_TRACE(VOS_MODULE_ID_SME, VOS_TRACE_LEVEL_INFO,
- FL("request_id:%d num_seg:%d"),
- send_req->request_id, send_req->num_seg);
- VOS_TRACE(VOS_MODULE_ID_SME, VOS_TRACE_LEVEL_INFO,
- FL("Segment Information"));
- for (loop = 0; loop < send_req->num_seg; loop++) {
- seg_req = send_req->segment[loop];
- VOS_TRACE(VOS_MODULE_ID_SME, VOS_TRACE_LEVEL_INFO,
- FL("seg_number:%d"), loop);
- VOS_TRACE(VOS_MODULE_ID_SME, VOS_TRACE_LEVEL_INFO,
- FL("seg_id:%d start_addr_lo:0x%x start_addr_hi:0x%x"),
- seg_req.seg_id, seg_req.seg_start_addr_lo,
- seg_req.seg_start_addr_hi);
- VOS_TRACE(VOS_MODULE_ID_SME, VOS_TRACE_LEVEL_INFO,
- FL("seg_length:%d dst_addr_lo:0x%x dst_addr_hi:0x%x"),
- seg_req.seg_length, seg_req.dst_addr_lo,
- seg_req.dst_addr_hi);
- }
-
- if (eHAL_STATUS_SUCCESS == sme_AcquireGlobalLock(&pMac->sme)) {
- msg.bodyptr = send_req;
- msg.type = WDA_FW_MEM_DUMP_REQ;
- msg.reserved = 0;
-
- vos_status = vos_mq_post_message(VOS_MODULE_ID_WDA, &msg);
- if (VOS_STATUS_SUCCESS != vos_status) {
- VOS_TRACE(VOS_MODULE_ID_SME, VOS_TRACE_LEVEL_ERROR,
- FL("Not able to post WDA_FW_MEM_DUMP"));
- vos_mem_free(send_req);
- status = eHAL_STATUS_FAILURE;
- }
- sme_ReleaseGlobalLock(&pMac->sme);
- } else {
- VOS_TRACE(VOS_MODULE_ID_SME, VOS_TRACE_LEVEL_ERROR,
- FL("Failed to acquire SME Global Lock"));
- vos_mem_free(send_req);
- status = eHAL_STATUS_FAILURE;
- }
-
- return status;
-}
-#else
-eHalStatus sme_fw_mem_dump(tHalHandle hHal, void *recvd_req)
-{
- return eHAL_STATUS_SUCCESS;
-}
-#endif /* WLAN_FEATURE_MEMDUMP */
#ifdef FEATURE_WLAN_MCC_TO_SCC_SWITCH
/*
* sme_validate_sap_channel_switch() - validate target channel switch w.r.t
diff --git a/drivers/staging/qcacld-2.0/CORE/SYS/legacy/src/utils/src/macTrace.c b/drivers/staging/qcacld-2.0/CORE/SYS/legacy/src/utils/src/macTrace.c
index 65ed102a7e3ff919609e280f439dccbc6cf51b86..e9a74b6f7e695c861725004eab9d221ad06ba2a7 100644
--- a/drivers/staging/qcacld-2.0/CORE/SYS/legacy/src/utils/src/macTrace.c
+++ b/drivers/staging/qcacld-2.0/CORE/SYS/legacy/src/utils/src/macTrace.c
@@ -571,7 +571,6 @@ tANI_U8* macTraceGetSmeMsgString(tANI_U16 smeMsg)
CASE_RETURN_STRING(eWNI_SME_DCC_UPDATE_NDL_RSP);
CASE_RETURN_STRING(eWNI_SME_DCC_STATS_EVENT);
CASE_RETURN_STRING(eWNI_SME_TSF_EVENT);
- CASE_RETURN_STRING(eWNI_SME_FW_DUMP_IND);
CASE_RETURN_STRING(eWNI_SME_PDEV_SET_HT_VHT_IE);
CASE_RETURN_STRING(eWNI_SME_EXT_CHANGE_CHANNEL);
CASE_RETURN_STRING(eWNI_SME_EXT_CHANGE_CHANNEL_IND);
@@ -988,7 +987,6 @@ tANI_U8* macTraceGetWdaMsgString(tANI_U16 wdaMsg)
CASE_RETURN_STRING(SIR_HAL_SET_MIRACAST);
CASE_RETURN_STRING(SIR_HAL_CONFIG_STATS_FACTOR);
CASE_RETURN_STRING(SIR_HAL_CONFIG_GUARD_TIME);
- CASE_RETURN_STRING(WDA_FW_MEM_DUMP_REQ);
CASE_RETURN_STRING(SIR_HAL_START_STOP_LOGGING);
CASE_RETURN_STRING(WDA_TSF_GPIO_PIN);
CASE_RETURN_STRING(SIR_HAL_FLUSH_LOG_TO_FW);
diff --git a/drivers/staging/qcacld-2.0/CORE/WDA/inc/wlan_qct_wda.h b/drivers/staging/qcacld-2.0/CORE/WDA/inc/wlan_qct_wda.h
index 110186db28f5641181119e87cc0028cb5af2d807..0c2efe50d0d82ed36b552716a3f3adf138677d93 100644
--- a/drivers/staging/qcacld-2.0/CORE/WDA/inc/wlan_qct_wda.h
+++ b/drivers/staging/qcacld-2.0/CORE/WDA/inc/wlan_qct_wda.h
@@ -1068,7 +1068,6 @@ tSirRetStatus uMacPostCtrlMsg(void* pSirGlobal, tSirMbMsg* pMb);
#define WDA_UPDATE_Q2Q_IE_IND SIR_HAL_UPDATE_Q2Q_IE_IND
#endif /* FEATURE_AP_MCC_CH_AVOIDANCE */
-#define WDA_FW_MEM_DUMP_REQ SIR_HAL_FW_MEM_DUMP_REQ
#define WDA_TSF_GPIO_PIN SIR_HAL_TSF_GPIO_PIN_REQ
#define WDA_SET_RSSI_MONITOR_REQ SIR_HAL_SET_RSSI_MONITOR_REQ
diff --git a/drivers/staging/qcacld-2.0/Kbuild b/drivers/staging/qcacld-2.0/Kbuild
index 94ce04771cfc77aaefd0797a26d362a547f67fd4..dc817a445f6b5368e791c80b0bf243d98cc7ad91 100644
--- a/drivers/staging/qcacld-2.0/Kbuild
+++ b/drivers/staging/qcacld-2.0/Kbuild
@@ -132,9 +132,6 @@ ifeq ($(KERNEL_BUILD), 0)
endif
ifneq ($(CONFIG_ARCH_MDM9607), y)
- #Flag to enable memdump feature
- CONFIG_WLAN_FEATURE_MEMDUMP := y
-
#Flag to enable offload packets feature
CONFIG_WLAN_OFFLOAD_PACKETS := y
endif
@@ -402,6 +399,7 @@ HDD_OBJS := $(HDD_SRC_DIR)/wlan_hdd_assoc.o \
$(HDD_SRC_DIR)/wlan_hdd_ftm.o \
$(HDD_SRC_DIR)/wlan_hdd_hostapd.o \
$(HDD_SRC_DIR)/wlan_hdd_main.o \
+ $(HDD_SRC_DIR)/wlan_hdd_memdump.o \
$(HDD_SRC_DIR)/wlan_hdd_ocb.o \
$(HDD_SRC_DIR)/wlan_hdd_oemdata.o \
$(HDD_SRC_DIR)/wlan_hdd_scan.o \
@@ -433,10 +431,6 @@ ifeq ($(CONFIG_WLAN_SYNC_TSF),y)
HDD_OBJS += $(HDD_SRC_DIR)/wlan_hdd_tsf.o
endif
-ifeq ($(CONFIG_WLAN_FEATURE_MEMDUMP),y)
-HDD_OBJS += $(HDD_SRC_DIR)/wlan_hdd_memdump.o
-endif
-
ifeq ($(CONFIG_WLAN_FEATURE_NAN_DATAPATH),y)
HDD_OBJS += $(HDD_SRC_DIR)/wlan_hdd_nan_datapath.o
endif
@@ -1515,10 +1509,6 @@ ifeq ($(CONFIG_STATICALLY_ADD_11P_CHANNELS),y)
CDEFINES += -DFEATURE_STATICALLY_ADD_11P_CHANNELS
endif
-ifeq ($(CONFIG_WLAN_FEATURE_MEMDUMP),y)
-CDEFINES += -DWLAN_FEATURE_MEMDUMP
-endif
-
ifeq ($(CONFIG_WLAN_OFFLOAD_PACKETS),y)
CDEFINES += -DWLAN_FEATURE_OFFLOAD_PACKETS
endif
diff --git a/drivers/staging/qcacld-2.0/Kconfig b/drivers/staging/qcacld-2.0/Kconfig
index 791b0588da3aaaa3530165dc86dbce8fb492d3a2..cc2c5105bb53fe00c85c847b9ad7f95453ab6f63 100644
--- a/drivers/staging/qcacld-2.0/Kconfig
+++ b/drivers/staging/qcacld-2.0/Kconfig
@@ -54,9 +54,6 @@ config WLAN_SYNC_TSF
bool "Enable QCOM sync multi devices tsf feature"
default n
-config WLAN_FEATURE_MEMDUMP
- bool "Enable MEMDUMP feature"
- default n
config WLAN_OFFLOAD_PACKETS
bool "Enable offload packets feature"
diff --git a/net/bluetooth/hidp/core.c b/net/bluetooth/hidp/core.c
index 99624495f6c219e28793ed193c7f9ffe903d5908..3af082bf7c6422d9d5c58c8d0bdff7706aefba26 100644
--- a/net/bluetooth/hidp/core.c
+++ b/net/bluetooth/hidp/core.c
@@ -416,8 +416,8 @@ static void hidp_del_timer(struct hidp_session *session)
del_timer(&session->timer);
}
-static void hidp_process_report(struct hidp_session *session,
- int type, const u8 *data, int len, int intr)
+static void hidp_process_report(struct hidp_session *session, int type,
+ const u8 *data, unsigned int len, int intr)
{
if (len > HID_MAX_BUFFER_SIZE)
len = HID_MAX_BUFFER_SIZE;
diff --git a/sound/soc/codecs/wcd_cpe_core.c b/sound/soc/codecs/wcd_cpe_core.c
index ad735a85926e7b4e83db93dd96891b321a0d5844..42ddfa8b8fd5f8d798f1aaad7eda8bc6754c8a28 100644
--- a/sound/soc/codecs/wcd_cpe_core.c
+++ b/sound/soc/codecs/wcd_cpe_core.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2016, The Linux Foundation. All rights reserved.
+/* Copyright (c) 2014-2018, The Linux Foundation. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 and
@@ -1956,6 +1956,7 @@ struct wcd_cpe_core *wcd_cpe_init(const char *img_fname,
init_completion(&core->online_compl);
init_waitqueue_head(&core->ssr_entry.offline_poll_wait);
mutex_init(&core->ssr_lock);
+ mutex_init(&core->session_lock);
core->cpe_users = 0;
core->cpe_clk_ref = 0;
@@ -3433,6 +3434,7 @@ static struct cpe_lsm_session *wcd_cpe_alloc_lsm_session(
* If this is the first session to be allocated,
* only then register the afe service.
*/
+ WCD_CPE_GRAB_LOCK(&core->session_lock, "session_lock");
if (!wcd_cpe_lsm_session_active())
afe_register_service = true;
@@ -3447,6 +3449,7 @@ static struct cpe_lsm_session *wcd_cpe_alloc_lsm_session(
dev_err(core->dev,
"%s: max allowed sessions already allocated\n",
__func__);
+ WCD_CPE_REL_LOCK(&core->session_lock, "session_lock");
return NULL;
}
@@ -3455,6 +3458,7 @@ static struct cpe_lsm_session *wcd_cpe_alloc_lsm_session(
dev_err(core->dev,
"%s: Failed to enable cpe, err = %d\n",
__func__, ret);
+ WCD_CPE_REL_LOCK(&core->session_lock, "session_lock");
return NULL;
}
@@ -3501,6 +3505,8 @@ static struct cpe_lsm_session *wcd_cpe_alloc_lsm_session(
init_completion(&session->cmd_comp);
lsm_sessions[session_id] = session;
+
+ WCD_CPE_REL_LOCK(&core->session_lock, "session_lock");
return session;
err_afe_mode_cmd:
@@ -3516,6 +3522,7 @@ err_ret:
err_session_alloc:
wcd_cpe_vote(core, false);
+ WCD_CPE_REL_LOCK(&core->session_lock, "session_lock");
return NULL;
}
@@ -3666,9 +3673,11 @@ static int wcd_cpe_dealloc_lsm_session(void *core_handle,
struct wcd_cpe_core *core = core_handle;
int ret = 0;
+ WCD_CPE_GRAB_LOCK(&core->session_lock, "session_lock");
if (!session) {
dev_err(core->dev,
"%s: Invalid lsm session\n", __func__);
+ WCD_CPE_REL_LOCK(&core->session_lock, "session_lock");
return -EINVAL;
}
@@ -3679,6 +3688,7 @@ static int wcd_cpe_dealloc_lsm_session(void *core_handle,
"%s: Wrong session id %d max allowed = %d\n",
__func__, session->id,
WCD_CPE_LSM_MAX_SESSIONS);
+ WCD_CPE_REL_LOCK(&core->session_lock, "session_lock");
return -EINVAL;
}
@@ -3700,6 +3710,7 @@ static int wcd_cpe_dealloc_lsm_session(void *core_handle,
"%s: Failed to un-vote cpe, err = %d\n",
__func__, ret);
+ WCD_CPE_REL_LOCK(&core->session_lock, "session_lock");
return ret;
}
diff --git a/sound/soc/codecs/wcd_cpe_core.h b/sound/soc/codecs/wcd_cpe_core.h
index 77027d58b178fff63d539bd5dc0488983e6bb0d9..d534b5caee08fbc2994a978dd4c7dcff475c04b5 100644
--- a/sound/soc/codecs/wcd_cpe_core.h
+++ b/sound/soc/codecs/wcd_cpe_core.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2013-2015, The Linux Foundation. All rights reserved.
+/* Copyright (c) 2013-2015, 2018, The Linux Foundation. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 and
@@ -169,6 +169,9 @@ struct wcd_cpe_core {
/* mutex to protect cpe ssr status variables */
struct mutex ssr_lock;
+ /* mutex to protect cpe session status variables */
+ struct mutex session_lock;
+
/* Store the calibration data needed for cpe */
struct cal_type_data *cal_data[WCD_CPE_LSM_CAL_MAX];
diff --git a/sound/soc/codecs/wcd_cpe_services.c b/sound/soc/codecs/wcd_cpe_services.c
index fdf785dd419759988ce1f03291794b1529dea53f..ee5988bd590aecb66613f7728f2e62bde7ba54d7 100644
--- a/sound/soc/codecs/wcd_cpe_services.c
+++ b/sound/soc/codecs/wcd_cpe_services.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2016, The Linux Foundation. All rights reserved.
+/* Copyright (c) 2014-2016, 2018, The Linux Foundation. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 and
@@ -617,9 +617,11 @@ static enum cpe_svc_result cpe_deregister_generic(struct cpe_info *t_info,
return CPE_SVC_INVALID_HANDLE;
}
+ CPE_SVC_GRAB_LOCK(&cpe_d.cpe_svc_lock, "cpe_svc");
list_del(&(n->list));
kfree(reg_handle);
reg_handle = NULL;
+ CPE_SVC_REL_LOCK(&cpe_d.cpe_svc_lock, "cpe_svc");
return CPE_SVC_SUCCESS;
}