@@ -1470,6 +1470,7 @@ static void ath12k_core_pre_reconfigure_recovery(struct ath12k_base *ab)
complete(&ar->vdev_setup_done);
complete(&ar->vdev_delete_done);
complete(&ar->bss_survey_done);
+ complete(&ar->regd_update_completed);
wake_up(&ar->dp.tx_empty_waitq);
idr_for_each(&ar->txmgmt_idr,
@@ -1509,6 +1510,9 @@ static void ath12k_update_11d(struct work_struct *work)
ar = pdev->ar;
memcpy(&ar->alpha2, &arg.alpha2, 2);
+
+ reinit_completion(&ar->regd_update_completed);
+
ret = ath12k_wmi_send_set_current_country_cmd(ar, &arg);
if (ret)
ath12k_warn(ar->ab,
@@ -804,6 +804,7 @@ struct ath12k {
enum ath12k_11d_state state_11d;
u8 alpha2[REG_ALPHA2_LEN];
bool regdom_set_by_user;
+ struct completion regd_update_completed;
struct completion fw_stats_complete;
@@ -10900,6 +10900,7 @@ ath12k_mac_op_reconfig_complete(struct ieee80211_hw *hw,
struct wmi_set_current_country_arg arg = {};
memcpy(&arg.alpha2, ar->alpha2, 2);
+ reinit_completion(&ar->regd_update_completed);
ath12k_wmi_send_set_current_country_cmd(ar, &arg);
}
@@ -12116,6 +12117,16 @@ static int ath12k_mac_hw_register(struct ath12k_hw *ah)
goto err_cleanup_if_combs;
}
+ /* Boot-time regulatory updates have already been processed.
+ * Mark them as complete now, because after registration,
+ * cfg80211 will notify us again if there are any pending hints.
+ * We need to wait for those hints to be processed, so it's
+ * important to mark the boot-time updates as complete before
+ * proceeding with registration.
+ */
+ for_each_ar(ah, ar, i)
+ complete(&ar->regd_update_completed);
+
ret = ieee80211_register_hw(hw);
if (ret) {
ath12k_err(ab, "ieee80211 registration failed: %d\n", ret);
@@ -12143,6 +12154,9 @@ static int ath12k_mac_hw_register(struct ath12k_hw *ah)
memcpy(¤t_cc.alpha2, ab->new_alpha2, 2);
memcpy(&ar->alpha2, ab->new_alpha2, 2);
+
+ reinit_completion(&ar->regd_update_completed);
+
ret = ath12k_wmi_send_set_current_country_cmd(ar, ¤t_cc);
if (ret)
ath12k_warn(ar->ab,
@@ -12215,6 +12229,7 @@ static void ath12k_mac_setup(struct ath12k *ar)
init_completion(&ar->scan.on_channel);
init_completion(&ar->mlo_setup_done);
init_completion(&ar->completed_11d_scan);
+ init_completion(&ar->regd_update_completed);
INIT_DELAYED_WORK(&ar->scan.timeout, ath12k_scan_timeout_work);
wiphy_work_init(&ar->scan.vdev_clean_wk, ath12k_scan_vdev_clean_work);
@@ -102,6 +102,8 @@ ath12k_reg_notifier(struct wiphy *wiphy, struct regulatory_request *request)
/* Send the reg change request to all the radios */
for_each_ar(ah, ar, i) {
+ reinit_completion(&ar->regd_update_completed);
+
if (ar->ab->hw_params->current_cc_support) {
memcpy(¤t_arg.alpha2, request->alpha2, 2);
memcpy(&ar->alpha2, ¤t_arg.alpha2, 2);
@@ -272,9 +274,19 @@ int ath12k_regd_update(struct ath12k *ar, bool init)
struct ieee80211_regdomain *regd, *regd_copy = NULL;
int ret, regd_len, pdev_id;
struct ath12k_base *ab;
+ long time_left;
ab = ar->ab;
+ time_left = wait_for_completion_timeout(&ar->regd_update_completed,
+ ATH12K_REG_UPDATE_TIMEOUT_HZ);
+ if (time_left == 0) {
+ ath12k_warn(ab, "Timeout while waiting for regulatory update");
+ /* Even though timeout has occurred, still continue since at least boot
+ * time data would be there to process
+ */
+ }
+
supported_bands = ar->pdev->cap.supported_bands;
reg_cap = &ab->hal_reg_cap[ar->pdev_idx];
@@ -13,6 +13,8 @@
struct ath12k_base;
struct ath12k;
+#define ATH12K_REG_UPDATE_TIMEOUT_HZ (3 * HZ)
+
#define ATH12K_2GHZ_MAX_FREQUENCY 2495
#define ATH12K_5GHZ_MAX_FREQUENCY 5920
@@ -6143,6 +6143,7 @@ static void ath12k_wmi_htc_tx_complete(struct ath12k_base *ab,
static int ath12k_reg_chan_list_event(struct ath12k_base *ab, struct sk_buff *skb)
{
struct ath12k_reg_info *reg_info;
+ struct ath12k *ar;
u8 pdev_idx;
int ret;
@@ -6198,7 +6199,7 @@ static int ath12k_reg_chan_list_event(struct ath12k_base *ab, struct sk_buff *sk
kfree(reg_info);
if (ret == ATH12K_REG_STATUS_VALID)
- return ret;
+ goto out;
fallback:
/* Fallback to older reg (by sending previous country setting
@@ -6212,6 +6213,16 @@ static int ath12k_reg_chan_list_event(struct ath12k_base *ab, struct sk_buff *sk
WARN_ON(1);
out:
+ ar = ab->pdevs[pdev_idx].ar;
+
+ /* During the boot-time update, 'ar' might not be allocated,
+ * so the completion cannot be marked at that point.
+ * This boot-time update is handled in ath12k_mac_hw_register()
+ * before registering the hardware.
+ */
+ if (ar)
+ complete(&ar->regd_update_completed);
+
return ret;
}
If a regulatory notification is there in the system while the hardware is being registered, it attempts to set the new regulatory country. However, ath12k currently boots with a default country derived from the BDF. If this default country differs from the one provided in the notification, a race condition can occur while updating the regulatory information back to userspace. This potentially leads to driver having the incorrect regulatory applied. For example, suppose the regulatory domain for France (FR) is already applied, and then the driver is loaded with a BDF that has the United States (US) country programmed. When the driver finishes loading, the regulatory domain shown in phyX still reflects the US regulatory settings. This is incorrect, as the driver had already received a notification for FR during hardware registration, but failed to process it properly due to the race condition. The race condition exists during driver initialization and hardware registration: - On driver load, the firmware sends BDF-based country regulatory rules, which are stored in default_regd via ath12k_reg_handle_chan_list(). - During hardware registration, a regulatory notification is triggered through: ath12k_mac_hw_register() -> ieee80211_register_hw() -> wiphy_register() -> wiphy_regulatory_register() -> reg_call_notifier() This sends a country code to the firmware, which responds with updated regulatory rules. - After registration, ath12k_mac_hw_register() calls ath12k_regd_update(), which copies default_regd and passes it to the upper layers. The race occurs between the firmware's response and the execution of ath12k_regd_update(). If the firmware's new rules are processed before the update call, the correct values are used. Otherwise, outdated boot-time country settings are exposed to userspace. To resolve this issue, introduce a completion mechanism within the hardware group (ah). Trigger this completion whenever a regulatory change is requested from the firmware. Then, in ath12k_regd_update(), wait for the firmware to complete its regulatory processing before proceeding with the update. This ensures that during driver load, the default country is processed first. However, before ath12k_regd_update() is called, the new regulatory notification will have already been received by the driver. As a result, it will wait for the firmware's regulatory processing to complete, and only the final, correct regulatory domain will be updated to userspace. Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.4.1-00199-QCAHKSWPL_SILICONZ-1 Signed-off-by: Aditya Kumar Singh <aditya.kumar.singh@oss.qualcomm.com> --- drivers/net/wireless/ath/ath12k/core.c | 4 ++++ drivers/net/wireless/ath/ath12k/core.h | 1 + drivers/net/wireless/ath/ath12k/mac.c | 15 +++++++++++++++ drivers/net/wireless/ath/ath12k/reg.c | 12 ++++++++++++ drivers/net/wireless/ath/ath12k/reg.h | 2 ++ drivers/net/wireless/ath/ath12k/wmi.c | 13 ++++++++++++- 6 files changed, 46 insertions(+), 1 deletion(-) --- base-commit: 8270f43193a0d097659eca55e701fd6818708945 change-id: 20250522-handle_user_regd_update_hints_during_insmod-42c71ee7f386