Linux wireless drivers development
 help / color / mirror / Atom feed
* [PATCH RESEND] wifi: ath12k: fix channel list copy on big endian
@ 2026-06-29  7:46 Alexander Wilhelm
  2026-07-02  8:27 ` Baochen Qiang
  0 siblings, 1 reply; 7+ messages in thread
From: Alexander Wilhelm @ 2026-06-29  7:46 UTC (permalink / raw)
  To: Jeff Johnson; +Cc: linux-wireless, ath12k, linux-kernel

The ath12k_wmi_scan_req_arg structure defines the channel list in
CPU-native order, while wmi_start_scan_cmd expects the values in
little-endian format. The simple memcpy causes the hardware scan to fail on
big-endian architectures. Set __le32* type for the tmp_ptr and swap channel
values to support both architectures correctly.

Signed-off-by: Alexander Wilhelm <alexander.wilhelm@westermo.com>
---
 drivers/net/wireless/ath/ath12k/wmi.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/drivers/net/wireless/ath/ath12k/wmi.c b/drivers/net/wireless/ath/ath12k/wmi.c
index 65a05a9520ff..9e1d3c662852 100644
--- a/drivers/net/wireless/ath/ath12k/wmi.c
+++ b/drivers/net/wireless/ath/ath12k/wmi.c
@@ -2571,7 +2571,8 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
 	struct wmi_tlv *tlv;
 	void *ptr;
 	int i, ret, len;
-	u32 *tmp_ptr, extraie_len_with_pad = 0;
+	__le32 *tmp_ptr;
+	u32 extraie_len_with_pad = 0;
 	struct ath12k_wmi_hint_short_ssid_arg *s_ssid = NULL;
 	struct ath12k_wmi_hint_bssid_arg *hint_bssid = NULL;
 
@@ -2656,9 +2657,10 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
 	tlv = ptr;
 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_UINT32, len);
 	ptr += TLV_HDR_SIZE;
-	tmp_ptr = (u32 *)ptr;
+	tmp_ptr = (__le32 *)ptr;
 
-	memcpy(tmp_ptr, arg->chan_list, arg->num_chan * 4);
+	for (i = 0; i < arg->num_chan; i++)
+		tmp_ptr[i] = cpu_to_le32(arg->chan_list[i]);
 
 	ptr += len;
 

---
base-commit: 702847e8cfd51856836a282db2073defd7cfd80c
change-id: 20260317-fix-channel-list-copy-cef5cad24fb6

Best regards,
-- 
Alexander Wilhelm <alexander.wilhelm@westermo.com>


^ permalink raw reply related	[flat|nested] 7+ messages in thread

* Re: [PATCH RESEND] wifi: ath12k: fix channel list copy on big endian
  2026-06-29  7:46 [PATCH RESEND] wifi: ath12k: fix channel list copy on big endian Alexander Wilhelm
@ 2026-07-02  8:27 ` Baochen Qiang
  2026-07-02  8:44   ` Alexander Wilhelm
  0 siblings, 1 reply; 7+ messages in thread
From: Baochen Qiang @ 2026-07-02  8:27 UTC (permalink / raw)
  To: Alexander Wilhelm, Jeff Johnson; +Cc: linux-wireless, ath12k, linux-kernel



On 6/29/2026 3:46 PM, Alexander Wilhelm wrote:
> The ath12k_wmi_scan_req_arg structure defines the channel list in
> CPU-native order, while wmi_start_scan_cmd expects the values in
> little-endian format. The simple memcpy causes the hardware scan to fail on
> big-endian architectures. Set __le32* type for the tmp_ptr and swap channel
> values to support both architectures correctly.
> 
> Signed-off-by: Alexander Wilhelm <alexander.wilhelm@westermo.com>
> ---
>  drivers/net/wireless/ath/ath12k/wmi.c | 8 +++++---
>  1 file changed, 5 insertions(+), 3 deletions(-)
> 
> diff --git a/drivers/net/wireless/ath/ath12k/wmi.c b/drivers/net/wireless/ath/ath12k/wmi.c
> index 65a05a9520ff..9e1d3c662852 100644
> --- a/drivers/net/wireless/ath/ath12k/wmi.c
> +++ b/drivers/net/wireless/ath/ath12k/wmi.c
> @@ -2571,7 +2571,8 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
>  	struct wmi_tlv *tlv;
>  	void *ptr;
>  	int i, ret, len;
> -	u32 *tmp_ptr, extraie_len_with_pad = 0;
> +	__le32 *tmp_ptr;
> +	u32 extraie_len_with_pad = 0;
>  	struct ath12k_wmi_hint_short_ssid_arg *s_ssid = NULL;
>  	struct ath12k_wmi_hint_bssid_arg *hint_bssid = NULL;
>  
> @@ -2656,9 +2657,10 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
>  	tlv = ptr;
>  	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_UINT32, len);
>  	ptr += TLV_HDR_SIZE;
> -	tmp_ptr = (u32 *)ptr;
> +	tmp_ptr = (__le32 *)ptr;
>  
> -	memcpy(tmp_ptr, arg->chan_list, arg->num_chan * 4);
> +	for (i = 0; i < arg->num_chan; i++)
> +		tmp_ptr[i] = cpu_to_le32(arg->chan_list[i]);
>  
>  	ptr += len;
>  
> 

seems hint_s_ssid and hint_bssid at the last also need the endian conversion?

> ---
> base-commit: 702847e8cfd51856836a282db2073defd7cfd80c
> change-id: 20260317-fix-channel-list-copy-cef5cad24fb6
> 
> Best regards,


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH RESEND] wifi: ath12k: fix channel list copy on big endian
  2026-07-02  8:27 ` Baochen Qiang
@ 2026-07-02  8:44   ` Alexander Wilhelm
  2026-07-02 12:18     ` Alexander Wilhelm
  0 siblings, 1 reply; 7+ messages in thread
From: Alexander Wilhelm @ 2026-07-02  8:44 UTC (permalink / raw)
  To: Baochen Qiang; +Cc: Jeff Johnson, linux-wireless, ath12k, linux-kernel

On Thu, Jul 02, 2026 at 04:27:44PM +0800, Baochen Qiang wrote:
> 
> 
> On 6/29/2026 3:46 PM, Alexander Wilhelm wrote:
> > The ath12k_wmi_scan_req_arg structure defines the channel list in
> > CPU-native order, while wmi_start_scan_cmd expects the values in
> > little-endian format. The simple memcpy causes the hardware scan to fail on
> > big-endian architectures. Set __le32* type for the tmp_ptr and swap channel
> > values to support both architectures correctly.
> > 
> > Signed-off-by: Alexander Wilhelm <alexander.wilhelm@westermo.com>
> > ---
> >  drivers/net/wireless/ath/ath12k/wmi.c | 8 +++++---
> >  1 file changed, 5 insertions(+), 3 deletions(-)
> > 
> > diff --git a/drivers/net/wireless/ath/ath12k/wmi.c b/drivers/net/wireless/ath/ath12k/wmi.c
> > index 65a05a9520ff..9e1d3c662852 100644
> > --- a/drivers/net/wireless/ath/ath12k/wmi.c
> > +++ b/drivers/net/wireless/ath/ath12k/wmi.c
> > @@ -2571,7 +2571,8 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
> >  	struct wmi_tlv *tlv;
> >  	void *ptr;
> >  	int i, ret, len;
> > -	u32 *tmp_ptr, extraie_len_with_pad = 0;
> > +	__le32 *tmp_ptr;
> > +	u32 extraie_len_with_pad = 0;
> >  	struct ath12k_wmi_hint_short_ssid_arg *s_ssid = NULL;
> >  	struct ath12k_wmi_hint_bssid_arg *hint_bssid = NULL;
> >  
> > @@ -2656,9 +2657,10 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
> >  	tlv = ptr;
> >  	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_UINT32, len);
> >  	ptr += TLV_HDR_SIZE;
> > -	tmp_ptr = (u32 *)ptr;
> > +	tmp_ptr = (__le32 *)ptr;
> >  
> > -	memcpy(tmp_ptr, arg->chan_list, arg->num_chan * 4);
> > +	for (i = 0; i < arg->num_chan; i++)
> > +		tmp_ptr[i] = cpu_to_le32(arg->chan_list[i]);
> >  
> >  	ptr += len;
> >  
> > 
> 
> seems hint_s_ssid and hint_bssid at the last also need the endian conversion?

Okay, I will investigate this further.


Best regards
Alexander Wilhelm

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH RESEND] wifi: ath12k: fix channel list copy on big endian
  2026-07-02  8:44   ` Alexander Wilhelm
@ 2026-07-02 12:18     ` Alexander Wilhelm
  2026-07-03  2:48       ` Baochen Qiang
  0 siblings, 1 reply; 7+ messages in thread
From: Alexander Wilhelm @ 2026-07-02 12:18 UTC (permalink / raw)
  To: Baochen Qiang; +Cc: Jeff Johnson, linux-wireless, ath12k, linux-kernel

On Thu, Jul 02, 2026 at 10:44:46AM +0200, Alexander Wilhelm wrote:
> On Thu, Jul 02, 2026 at 04:27:44PM +0800, Baochen Qiang wrote:
> > 
> > 
> > On 6/29/2026 3:46 PM, Alexander Wilhelm wrote:
> > > The ath12k_wmi_scan_req_arg structure defines the channel list in
> > > CPU-native order, while wmi_start_scan_cmd expects the values in
> > > little-endian format. The simple memcpy causes the hardware scan to fail on
> > > big-endian architectures. Set __le32* type for the tmp_ptr and swap channel
> > > values to support both architectures correctly.
> > > 
> > > Signed-off-by: Alexander Wilhelm <alexander.wilhelm@westermo.com>
> > > ---
> > >  drivers/net/wireless/ath/ath12k/wmi.c | 8 +++++---
> > >  1 file changed, 5 insertions(+), 3 deletions(-)
> > > 
> > > diff --git a/drivers/net/wireless/ath/ath12k/wmi.c b/drivers/net/wireless/ath/ath12k/wmi.c
> > > index 65a05a9520ff..9e1d3c662852 100644
> > > --- a/drivers/net/wireless/ath/ath12k/wmi.c
> > > +++ b/drivers/net/wireless/ath/ath12k/wmi.c
> > > @@ -2571,7 +2571,8 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
> > >  	struct wmi_tlv *tlv;
> > >  	void *ptr;
> > >  	int i, ret, len;
> > > -	u32 *tmp_ptr, extraie_len_with_pad = 0;
> > > +	__le32 *tmp_ptr;
> > > +	u32 extraie_len_with_pad = 0;
> > >  	struct ath12k_wmi_hint_short_ssid_arg *s_ssid = NULL;
> > >  	struct ath12k_wmi_hint_bssid_arg *hint_bssid = NULL;
> > >  
> > > @@ -2656,9 +2657,10 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
> > >  	tlv = ptr;
> > >  	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_UINT32, len);
> > >  	ptr += TLV_HDR_SIZE;
> > > -	tmp_ptr = (u32 *)ptr;
> > > +	tmp_ptr = (__le32 *)ptr;
> > >  
> > > -	memcpy(tmp_ptr, arg->chan_list, arg->num_chan * 4);
> > > +	for (i = 0; i < arg->num_chan; i++)
> > > +		tmp_ptr[i] = cpu_to_le32(arg->chan_list[i]);
> > >  
> > >  	ptr += len;
> > >  
> > > 
> > 
> > seems hint_s_ssid and hint_bssid at the last also need the endian conversion?

`hist_s_ssid` and `hint_bssid` are both structs within
`ath12k_wmi_scan_req_arg`, and the remaining member variables are also stored in
CPU order. Therefore, it seems wrong to me to perform byte swapping at this
point. What I actually need to swap is the data written through `ptr`, not the
structure members themselves. For that reason, I could also use the `__le32
*tmp_ptr` approach. What do you think about that?

One thing I am still unsure about is the use of `ether_addr_copy()`. Can I
simply copy the bytes as-is here, or does the address also need to be
byte-swapped? I could not find any place where this address is being populated,
so I am not sure what byte order it is expected to be in.


Best regards
Alexander Wilhelm

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH RESEND] wifi: ath12k: fix channel list copy on big endian
  2026-07-02 12:18     ` Alexander Wilhelm
@ 2026-07-03  2:48       ` Baochen Qiang
  2026-07-03  5:49         ` Alexander Wilhelm
  0 siblings, 1 reply; 7+ messages in thread
From: Baochen Qiang @ 2026-07-03  2:48 UTC (permalink / raw)
  To: Alexander Wilhelm; +Cc: Jeff Johnson, linux-wireless, ath12k, linux-kernel



On 7/2/2026 8:18 PM, Alexander Wilhelm wrote:
> On Thu, Jul 02, 2026 at 10:44:46AM +0200, Alexander Wilhelm wrote:
>> On Thu, Jul 02, 2026 at 04:27:44PM +0800, Baochen Qiang wrote:
>>>
>>>
>>> On 6/29/2026 3:46 PM, Alexander Wilhelm wrote:
>>>> The ath12k_wmi_scan_req_arg structure defines the channel list in
>>>> CPU-native order, while wmi_start_scan_cmd expects the values in
>>>> little-endian format. The simple memcpy causes the hardware scan to fail on
>>>> big-endian architectures. Set __le32* type for the tmp_ptr and swap channel
>>>> values to support both architectures correctly.
>>>>
>>>> Signed-off-by: Alexander Wilhelm <alexander.wilhelm@westermo.com>
>>>> ---
>>>>  drivers/net/wireless/ath/ath12k/wmi.c | 8 +++++---
>>>>  1 file changed, 5 insertions(+), 3 deletions(-)
>>>>
>>>> diff --git a/drivers/net/wireless/ath/ath12k/wmi.c b/drivers/net/wireless/ath/ath12k/wmi.c
>>>> index 65a05a9520ff..9e1d3c662852 100644
>>>> --- a/drivers/net/wireless/ath/ath12k/wmi.c
>>>> +++ b/drivers/net/wireless/ath/ath12k/wmi.c
>>>> @@ -2571,7 +2571,8 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
>>>>  	struct wmi_tlv *tlv;
>>>>  	void *ptr;
>>>>  	int i, ret, len;
>>>> -	u32 *tmp_ptr, extraie_len_with_pad = 0;
>>>> +	__le32 *tmp_ptr;
>>>> +	u32 extraie_len_with_pad = 0;
>>>>  	struct ath12k_wmi_hint_short_ssid_arg *s_ssid = NULL;
>>>>  	struct ath12k_wmi_hint_bssid_arg *hint_bssid = NULL;
>>>>  
>>>> @@ -2656,9 +2657,10 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
>>>>  	tlv = ptr;
>>>>  	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_UINT32, len);
>>>>  	ptr += TLV_HDR_SIZE;
>>>> -	tmp_ptr = (u32 *)ptr;
>>>> +	tmp_ptr = (__le32 *)ptr;
>>>>  
>>>> -	memcpy(tmp_ptr, arg->chan_list, arg->num_chan * 4);
>>>> +	for (i = 0; i < arg->num_chan; i++)
>>>> +		tmp_ptr[i] = cpu_to_le32(arg->chan_list[i]);
>>>>  
>>>>  	ptr += len;
>>>>  
>>>>
>>>
>>> seems hint_s_ssid and hint_bssid at the last also need the endian conversion?
> 
> `hist_s_ssid` and `hint_bssid` are both structs within
> `ath12k_wmi_scan_req_arg`, and the remaining member variables are also stored in
> CPU order. Therefore, it seems wrong to me to perform byte swapping at this
> point. What I actually need to swap is the data written through `ptr`, not the
> structure members themselves. For that reason, I could also use the `__le32
> *tmp_ptr` approach. What do you think about that?

Maybe I was not clear. I intended to mean the ptr:

@@ -2728,8 +2728,8 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
                ptr += TLV_HDR_SIZE;
                s_ssid = ptr;
                for (i = 0; i < arg->num_hint_s_ssid; ++i) {
-                       s_ssid->freq_flags = arg->hint_s_ssid[i].freq_flags;
-                       s_ssid->short_ssid = arg->hint_s_ssid[i].short_ssid;
+                       s_ssid->freq_flags = cpu_to_le32(arg->hint_s_ssid[i].freq_flags);
+                       s_ssid->short_ssid = cpu_to_le32(arg->hint_s_ssid[i].short_ssid);
                        s_ssid++;
                }
                ptr += len;
@@ -2743,7 +2743,7 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
                hint_bssid = ptr;
                for (i = 0; i < arg->num_hint_bssid; ++i) {
                        hint_bssid->freq_flags =
-                               arg->hint_bssid[i].freq_flags;
+                               cpu_to_le32(arg->hint_bssid[i].freq_flags);
                        ether_addr_copy(&arg->hint_bssid[i].bssid.addr[0],
                                        &hint_bssid->bssid.addr[0]);

> 
> One thing I am still unsure about is the use of `ether_addr_copy()`. Can I
> simply copy the bytes as-is here, or does the address also need to be
> byte-swapped? I could not find any place where this address is being populated,
> so I am not sure what byte order it is expected to be in.

I think you are talking about ath12k_wmi_hint_bssid_arg::bssid, right? For now ath12k does
not populate hint_bssid or hint_s_ssid members, so bssid always remain empty. But if we
are going to populate it I think the address originates from userspace and there it is
passed in byte steams, so byte-swapping not required I think.

> 
> 
> Best regards
> Alexander Wilhelm


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH RESEND] wifi: ath12k: fix channel list copy on big endian
  2026-07-03  2:48       ` Baochen Qiang
@ 2026-07-03  5:49         ` Alexander Wilhelm
  2026-07-03  6:31           ` Baochen Qiang
  0 siblings, 1 reply; 7+ messages in thread
From: Alexander Wilhelm @ 2026-07-03  5:49 UTC (permalink / raw)
  To: Baochen Qiang; +Cc: Jeff Johnson, linux-wireless, ath12k, linux-kernel

On Fri, Jul 03, 2026 at 10:48:11AM +0800, Baochen Qiang wrote:
> 
> 
> On 7/2/2026 8:18 PM, Alexander Wilhelm wrote:
> > On Thu, Jul 02, 2026 at 10:44:46AM +0200, Alexander Wilhelm wrote:
> >> On Thu, Jul 02, 2026 at 04:27:44PM +0800, Baochen Qiang wrote:
> >>>
> >>>
> >>> On 6/29/2026 3:46 PM, Alexander Wilhelm wrote:
> >>>> The ath12k_wmi_scan_req_arg structure defines the channel list in
> >>>> CPU-native order, while wmi_start_scan_cmd expects the values in
> >>>> little-endian format. The simple memcpy causes the hardware scan to fail on
> >>>> big-endian architectures. Set __le32* type for the tmp_ptr and swap channel
> >>>> values to support both architectures correctly.
> >>>>
> >>>> Signed-off-by: Alexander Wilhelm <alexander.wilhelm@westermo.com>
> >>>> ---
> >>>>  drivers/net/wireless/ath/ath12k/wmi.c | 8 +++++---
> >>>>  1 file changed, 5 insertions(+), 3 deletions(-)
> >>>>
> >>>> diff --git a/drivers/net/wireless/ath/ath12k/wmi.c b/drivers/net/wireless/ath/ath12k/wmi.c
> >>>> index 65a05a9520ff..9e1d3c662852 100644
> >>>> --- a/drivers/net/wireless/ath/ath12k/wmi.c
> >>>> +++ b/drivers/net/wireless/ath/ath12k/wmi.c
> >>>> @@ -2571,7 +2571,8 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
> >>>>  	struct wmi_tlv *tlv;
> >>>>  	void *ptr;
> >>>>  	int i, ret, len;
> >>>> -	u32 *tmp_ptr, extraie_len_with_pad = 0;
> >>>> +	__le32 *tmp_ptr;
> >>>> +	u32 extraie_len_with_pad = 0;
> >>>>  	struct ath12k_wmi_hint_short_ssid_arg *s_ssid = NULL;
> >>>>  	struct ath12k_wmi_hint_bssid_arg *hint_bssid = NULL;
> >>>>  
> >>>> @@ -2656,9 +2657,10 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
> >>>>  	tlv = ptr;
> >>>>  	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_UINT32, len);
> >>>>  	ptr += TLV_HDR_SIZE;
> >>>> -	tmp_ptr = (u32 *)ptr;
> >>>> +	tmp_ptr = (__le32 *)ptr;
> >>>>  
> >>>> -	memcpy(tmp_ptr, arg->chan_list, arg->num_chan * 4);
> >>>> +	for (i = 0; i < arg->num_chan; i++)
> >>>> +		tmp_ptr[i] = cpu_to_le32(arg->chan_list[i]);
> >>>>  
> >>>>  	ptr += len;
> >>>>  
> >>>>
> >>>
> >>> seems hint_s_ssid and hint_bssid at the last also need the endian conversion?
> > 
> > `hist_s_ssid` and `hint_bssid` are both structs within
> > `ath12k_wmi_scan_req_arg`, and the remaining member variables are also stored in
> > CPU order. Therefore, it seems wrong to me to perform byte swapping at this
> > point. What I actually need to swap is the data written through `ptr`, not the
> > structure members themselves. For that reason, I could also use the `__le32
> > *tmp_ptr` approach. What do you think about that?
> 
> Maybe I was not clear. I intended to mean the ptr:
> 
> @@ -2728,8 +2728,8 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
>                 ptr += TLV_HDR_SIZE;
>                 s_ssid = ptr;
>                 for (i = 0; i < arg->num_hint_s_ssid; ++i) {
> -                       s_ssid->freq_flags = arg->hint_s_ssid[i].freq_flags;
> -                       s_ssid->short_ssid = arg->hint_s_ssid[i].short_ssid;
> +                       s_ssid->freq_flags = cpu_to_le32(arg->hint_s_ssid[i].freq_flags);
> +                       s_ssid->short_ssid = cpu_to_le32(arg->hint_s_ssid[i].short_ssid);

No, I understood what you meant. The issue is that the upper two lines will
trigger sparse warnings. The member variables `freq_flags` and `short_ssid` are
used on both the left-hand side and the right-hand side as members of the same
`struct ath12k_wmi_hint_short_ssid_arg`. I would keep these fields as `u32` and
use `tmp_ptr` on the left-hand side instead of `s_ssid` to keep things
consistent. Alternatively, I could introduce a separate structure specifically
for this use case.

>                         s_ssid++;
>                 }
>                 ptr += len;
> @@ -2743,7 +2743,7 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
>                 hint_bssid = ptr;
>                 for (i = 0; i < arg->num_hint_bssid; ++i) {
>                         hint_bssid->freq_flags =
> -                               arg->hint_bssid[i].freq_flags;
> +                               cpu_to_le32(arg->hint_bssid[i].freq_flags);
>                         ether_addr_copy(&arg->hint_bssid[i].bssid.addr[0],
>                                         &hint_bssid->bssid.addr[0]);
> 
> > 
> > One thing I am still unsure about is the use of `ether_addr_copy()`. Can I
> > simply copy the bytes as-is here, or does the address also need to be
> > byte-swapped? I could not find any place where this address is being populated,
> > so I am not sure what byte order it is expected to be in.
> 
> I think you are talking about ath12k_wmi_hint_bssid_arg::bssid, right? For now ath12k does
> not populate hint_bssid or hint_s_ssid members, so bssid always remain empty. But if we
> are going to populate it I think the address originates from userspace and there it is
> passed in byte steams, so byte-swapping not required I think.

Okay, sounds good. I'll keep the `memcpy()` at this location and prepare the
next patch version.


Best regards
Alexander Wilhelm

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH RESEND] wifi: ath12k: fix channel list copy on big endian
  2026-07-03  5:49         ` Alexander Wilhelm
@ 2026-07-03  6:31           ` Baochen Qiang
  0 siblings, 0 replies; 7+ messages in thread
From: Baochen Qiang @ 2026-07-03  6:31 UTC (permalink / raw)
  To: Alexander Wilhelm; +Cc: Jeff Johnson, linux-wireless, ath12k, linux-kernel



On 7/3/2026 1:49 PM, Alexander Wilhelm wrote:
> On Fri, Jul 03, 2026 at 10:48:11AM +0800, Baochen Qiang wrote:
>>
>>
>> On 7/2/2026 8:18 PM, Alexander Wilhelm wrote:
>>> On Thu, Jul 02, 2026 at 10:44:46AM +0200, Alexander Wilhelm wrote:
>>>> On Thu, Jul 02, 2026 at 04:27:44PM +0800, Baochen Qiang wrote:
>>>>>
>>>>>
>>>>> On 6/29/2026 3:46 PM, Alexander Wilhelm wrote:
>>>>>> The ath12k_wmi_scan_req_arg structure defines the channel list in
>>>>>> CPU-native order, while wmi_start_scan_cmd expects the values in
>>>>>> little-endian format. The simple memcpy causes the hardware scan to fail on
>>>>>> big-endian architectures. Set __le32* type for the tmp_ptr and swap channel
>>>>>> values to support both architectures correctly.
>>>>>>
>>>>>> Signed-off-by: Alexander Wilhelm <alexander.wilhelm@westermo.com>
>>>>>> ---
>>>>>>  drivers/net/wireless/ath/ath12k/wmi.c | 8 +++++---
>>>>>>  1 file changed, 5 insertions(+), 3 deletions(-)
>>>>>>
>>>>>> diff --git a/drivers/net/wireless/ath/ath12k/wmi.c b/drivers/net/wireless/ath/ath12k/wmi.c
>>>>>> index 65a05a9520ff..9e1d3c662852 100644
>>>>>> --- a/drivers/net/wireless/ath/ath12k/wmi.c
>>>>>> +++ b/drivers/net/wireless/ath/ath12k/wmi.c
>>>>>> @@ -2571,7 +2571,8 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
>>>>>>  	struct wmi_tlv *tlv;
>>>>>>  	void *ptr;
>>>>>>  	int i, ret, len;
>>>>>> -	u32 *tmp_ptr, extraie_len_with_pad = 0;
>>>>>> +	__le32 *tmp_ptr;
>>>>>> +	u32 extraie_len_with_pad = 0;
>>>>>>  	struct ath12k_wmi_hint_short_ssid_arg *s_ssid = NULL;
>>>>>>  	struct ath12k_wmi_hint_bssid_arg *hint_bssid = NULL;
>>>>>>  
>>>>>> @@ -2656,9 +2657,10 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
>>>>>>  	tlv = ptr;
>>>>>>  	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_UINT32, len);
>>>>>>  	ptr += TLV_HDR_SIZE;
>>>>>> -	tmp_ptr = (u32 *)ptr;
>>>>>> +	tmp_ptr = (__le32 *)ptr;
>>>>>>  
>>>>>> -	memcpy(tmp_ptr, arg->chan_list, arg->num_chan * 4);
>>>>>> +	for (i = 0; i < arg->num_chan; i++)
>>>>>> +		tmp_ptr[i] = cpu_to_le32(arg->chan_list[i]);
>>>>>>  
>>>>>>  	ptr += len;
>>>>>>  
>>>>>>
>>>>>
>>>>> seems hint_s_ssid and hint_bssid at the last also need the endian conversion?
>>>
>>> `hist_s_ssid` and `hint_bssid` are both structs within
>>> `ath12k_wmi_scan_req_arg`, and the remaining member variables are also stored in
>>> CPU order. Therefore, it seems wrong to me to perform byte swapping at this
>>> point. What I actually need to swap is the data written through `ptr`, not the
>>> structure members themselves. For that reason, I could also use the `__le32
>>> *tmp_ptr` approach. What do you think about that?
>>
>> Maybe I was not clear. I intended to mean the ptr:
>>
>> @@ -2728,8 +2728,8 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
>>                 ptr += TLV_HDR_SIZE;
>>                 s_ssid = ptr;
>>                 for (i = 0; i < arg->num_hint_s_ssid; ++i) {
>> -                       s_ssid->freq_flags = arg->hint_s_ssid[i].freq_flags;
>> -                       s_ssid->short_ssid = arg->hint_s_ssid[i].short_ssid;
>> +                       s_ssid->freq_flags = cpu_to_le32(arg->hint_s_ssid[i].freq_flags);
>> +                       s_ssid->short_ssid = cpu_to_le32(arg->hint_s_ssid[i].short_ssid);
> 
> No, I understood what you meant. The issue is that the upper two lines will
> trigger sparse warnings. The member variables `freq_flags` and `short_ssid` are
> used on both the left-hand side and the right-hand side as members of the same
> `struct ath12k_wmi_hint_short_ssid_arg`. I would keep these fields as `u32` and
> use `tmp_ptr` on the left-hand side instead of `s_ssid` to keep things
> consistent. Alternatively, I could introduce a separate structure specifically
> for this use case.

Ah, I get your point. You are right, the issue is both the WMI cmd member and the arg use
the same definition.

Please introduce new structures for this. Note ath12k has a guidance on WMI interface
naming: for those interfacing with firmware, use the _params as the suffix:

e.g.:
	struct ath12k_wmi_hint_short_ssid_params
	struct ath12k_wmi_hint_bssid_params

for those host-used only use the _arg suffix, like the existing ones:

	struct ath12k_wmi_hint_short_ssid_arg;
	struct ath12k_wmi_hint_bssid_arg;

> 
>>                         s_ssid++;
>>                 }
>>                 ptr += len;
>> @@ -2743,7 +2743,7 @@ int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
>>                 hint_bssid = ptr;
>>                 for (i = 0; i < arg->num_hint_bssid; ++i) {
>>                         hint_bssid->freq_flags =
>> -                               arg->hint_bssid[i].freq_flags;
>> +                               cpu_to_le32(arg->hint_bssid[i].freq_flags);
>>                         ether_addr_copy(&arg->hint_bssid[i].bssid.addr[0],
>>                                         &hint_bssid->bssid.addr[0]);
>>
>>>
>>> One thing I am still unsure about is the use of `ether_addr_copy()`. Can I
>>> simply copy the bytes as-is here, or does the address also need to be
>>> byte-swapped? I could not find any place where this address is being populated,
>>> so I am not sure what byte order it is expected to be in.
>>
>> I think you are talking about ath12k_wmi_hint_bssid_arg::bssid, right? For now ath12k does
>> not populate hint_bssid or hint_s_ssid members, so bssid always remain empty. But if we
>> are going to populate it I think the address originates from userspace and there it is
>> passed in byte steams, so byte-swapping not required I think.
> 
> Okay, sounds good. I'll keep the `memcpy()` at this location and prepare the
> next patch version.
> 
> 
> Best regards
> Alexander Wilhelm


^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2026-07-03  6:32 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-06-29  7:46 [PATCH RESEND] wifi: ath12k: fix channel list copy on big endian Alexander Wilhelm
2026-07-02  8:27 ` Baochen Qiang
2026-07-02  8:44   ` Alexander Wilhelm
2026-07-02 12:18     ` Alexander Wilhelm
2026-07-03  2:48       ` Baochen Qiang
2026-07-03  5:49         ` Alexander Wilhelm
2026-07-03  6:31           ` Baochen Qiang

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox