* [PATCH ath-next] wifi: ath11k: use kzalloc_flex
@ 2026-03-13 0:16 Rosen Penev
0 siblings, 0 replies; only message in thread
From: Rosen Penev @ 2026-03-13 0:16 UTC (permalink / raw)
To: linux-wireless
Cc: Jeff Johnson, Kees Cook, Gustavo A. R. Silva,
open list:QUALCOMM ATHEROS ATH11K WIRELESS DRIVER, open list,
open list:KERNEL HARDENING (not covered by other areas):Keyword:b__counted_by(_le|_be)?b
Convert kzalloc_obj + kcalloc to kzalloc_flex to save an allocation.
Add __counted_by to get extra runtime analysis. Move counting variable
assignment immediately after allocation as required by __counted_by.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
---
drivers/net/wireless/ath/ath11k/mac.c | 71 ++++++++++-----------------
drivers/net/wireless/ath/ath11k/wmi.h | 2 +-
2 files changed, 28 insertions(+), 45 deletions(-)
diff --git a/drivers/net/wireless/ath/ath11k/mac.c b/drivers/net/wireless/ath/ath11k/mac.c
index 4a68bb9ca4fa..b5f3d7221b5f 100644
--- a/drivers/net/wireless/ath/ath11k/mac.c
+++ b/drivers/net/wireless/ath/ath11k/mac.c
@@ -4228,13 +4228,14 @@ static int ath11k_mac_op_hw_scan(struct ieee80211_hw *hw,
if (ret)
goto exit;
- arg = kzalloc_obj(*arg);
+ arg = kzalloc_flex(*arg, chan_list, req->n_channels);
if (!arg) {
ret = -ENOMEM;
goto exit;
}
+ arg->num_chan = req->n_channels;
ath11k_wmi_start_scan_init(ar, arg);
arg->vdev_id = arvif->vdev_id;
arg->scan_id = ATH11K_SCAN_ID;
@@ -4262,38 +4263,27 @@ static int ath11k_mac_op_hw_scan(struct ieee80211_hw *hw,
arg->scan_f_passive = 1;
}
- if (req->n_channels) {
- arg->num_chan = req->n_channels;
- arg->chan_list = kcalloc(arg->num_chan, sizeof(*arg->chan_list),
- GFP_KERNEL);
+ for (i = 0; i < arg->num_chan; i++) {
+ if (test_bit(WMI_TLV_SERVICE_SCAN_CONFIG_PER_CHANNEL,
+ ar->ab->wmi_ab.svc_map)) {
+ arg->chan_list[i] =
+ u32_encode_bits(req->channels[i]->center_freq,
+ WMI_SCAN_CONFIG_PER_CHANNEL_MASK);
- if (!arg->chan_list) {
- ret = -ENOMEM;
- goto exit;
- }
-
- for (i = 0; i < arg->num_chan; i++) {
- if (test_bit(WMI_TLV_SERVICE_SCAN_CONFIG_PER_CHANNEL,
- ar->ab->wmi_ab.svc_map)) {
- arg->chan_list[i] =
- u32_encode_bits(req->channels[i]->center_freq,
- WMI_SCAN_CONFIG_PER_CHANNEL_MASK);
-
- /* If NL80211_SCAN_FLAG_COLOCATED_6GHZ is set in scan
- * flags, then scan all PSC channels in 6 GHz band and
- * those non-PSC channels where RNR IE is found during
- * the legacy 2.4/5 GHz scan.
- * If NL80211_SCAN_FLAG_COLOCATED_6GHZ is not set,
- * then all channels in 6 GHz will be scanned.
- */
- if (req->channels[i]->band == NL80211_BAND_6GHZ &&
- req->flags & NL80211_SCAN_FLAG_COLOCATED_6GHZ &&
- !cfg80211_channel_is_psc(req->channels[i]))
- arg->chan_list[i] |=
- WMI_SCAN_CH_FLAG_SCAN_ONLY_IF_RNR_FOUND;
- } else {
- arg->chan_list[i] = req->channels[i]->center_freq;
- }
+ /* If NL80211_SCAN_FLAG_COLOCATED_6GHZ is set in scan
+ * flags, then scan all PSC channels in 6 GHz band and
+ * those non-PSC channels where RNR IE is found during
+ * the legacy 2.4/5 GHz scan.
+ * If NL80211_SCAN_FLAG_COLOCATED_6GHZ is not set,
+ * then all channels in 6 GHz will be scanned.
+ */
+ if (req->channels[i]->band == NL80211_BAND_6GHZ &&
+ req->flags & NL80211_SCAN_FLAG_COLOCATED_6GHZ &&
+ !cfg80211_channel_is_psc(req->channels[i]))
+ arg->chan_list[i] |=
+ WMI_SCAN_CH_FLAG_SCAN_ONLY_IF_RNR_FOUND;
+ } else {
+ arg->chan_list[i] = req->channels[i]->center_freq;
}
}
@@ -9736,19 +9726,14 @@ static int ath11k_mac_op_remain_on_channel(struct ieee80211_hw *hw,
scan_time_msec = ar->hw->wiphy->max_remain_on_channel_duration * 2;
- arg = kzalloc_obj(*arg);
+ arg = kzalloc_flex(*arg, chan_list, 1);
if (!arg) {
ret = -ENOMEM;
goto exit;
}
- ath11k_wmi_start_scan_init(ar, arg);
+
arg->num_chan = 1;
- arg->chan_list = kcalloc(arg->num_chan, sizeof(*arg->chan_list),
- GFP_KERNEL);
- if (!arg->chan_list) {
- ret = -ENOMEM;
- goto free_arg;
- }
+ ath11k_wmi_start_scan_init(ar, arg);
arg->vdev_id = arvif->vdev_id;
arg->scan_id = ATH11K_SCAN_ID;
@@ -9769,7 +9754,7 @@ static int ath11k_mac_op_remain_on_channel(struct ieee80211_hw *hw,
spin_lock_bh(&ar->data_lock);
ar->scan.state = ATH11K_SCAN_IDLE;
spin_unlock_bh(&ar->data_lock);
- goto free_chan_list;
+ goto free_arg;
}
ret = wait_for_completion_timeout(&ar->scan.on_channel, 3 * HZ);
@@ -9779,7 +9764,7 @@ static int ath11k_mac_op_remain_on_channel(struct ieee80211_hw *hw,
if (ret)
ath11k_warn(ar->ab, "failed to stop scan: %d\n", ret);
ret = -ETIMEDOUT;
- goto free_chan_list;
+ goto free_arg;
}
ieee80211_queue_delayed_work(ar->hw, &ar->scan.timeout,
@@ -9787,8 +9772,6 @@ static int ath11k_mac_op_remain_on_channel(struct ieee80211_hw *hw,
ret = 0;
-free_chan_list:
- kfree(arg->chan_list);
free_arg:
kfree(arg);
exit:
diff --git a/drivers/net/wireless/ath/ath11k/wmi.h b/drivers/net/wireless/ath/ath11k/wmi.h
index baed501b640b..b2dade0516ac 100644
--- a/drivers/net/wireless/ath/ath11k/wmi.h
+++ b/drivers/net/wireless/ath/ath11k/wmi.h
@@ -3423,7 +3423,6 @@ struct scan_req_params {
u32 num_bssid;
u32 num_ssids;
u32 n_probes;
- u32 *chan_list;
u32 notify_scan_events;
struct wlan_ssid ssid[WLAN_SCAN_PARAMS_MAX_SSID];
struct wmi_mac_addr bssid_list[WLAN_SCAN_PARAMS_MAX_BSSID];
@@ -3436,6 +3435,7 @@ struct scan_req_params {
struct hint_bssid hint_bssid[WLAN_SCAN_MAX_HINT_BSSID];
struct wmi_mac_addr mac_addr;
struct wmi_mac_addr mac_mask;
+ u32 chan_list[] __counted_by(num_chan);
};
struct wmi_ssid_arg {
--
2.53.0
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2026-03-13 0:16 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-03-13 0:16 [PATCH ath-next] wifi: ath11k: use kzalloc_flex Rosen Penev
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox