From c72e4b0e8392a845c70dd37c79775013c5f7355e Mon Sep 17 00:00:00 2001
From: Weiyi Chen <quic_weiyic@quicinc.com>
Date: Wed, 19 Jan 2022 11:13:43 -0800
Subject: [PATCH 1/2] rmnet_core: fix race condition in rmnet_get_packets

In rmnet powersave work, rmnet_get_packets() could access NULL dev pointer
if rmnet_dellink() is nullifying the dev pointer at the same time.

18377 [   72.651710][ T1527] Unable to handle kernel NULL pointer dereference
at virtual address 00000000000009d0

18424 [   72.653999][ T1527] Call trace:
18425 [   72.654085][ T1527]  rmnet_get_packets+0xc4/0x11c [rmnet_core]
18426 [   72.654170][ T1527]  qmi_rmnet_check_stats_2+0x80/0x410 [rmnet_core]
18427 [   72.654180][ T1527]  process_one_work+0x260/0x804

This change Uses the rcu variant of the hlist traversal function in
rmnet_get_packet for safe concurrency with the hlist del primitives.
It also checks dev pointer before accessing the dev private structure.
The existing synchronize rcu call in rmnet_dellink ensures that the ep
and dev structure are not freed while being referenced in rcu read
session of rmnet_get_packets.

Change-Id: Ib5f5aff6e76f9fffd9110a2aa924ad6ab090991f
Signed-off-by: Weiyi Chen <quic_weiyic@quicinc.com>
---
 core/rmnet_config.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/core/rmnet_config.c b/core/rmnet_config.c
index b341099c15b7b..47cc316bd37cb 100644
--- a/core/rmnet_config.c
+++ b/core/rmnet_config.c
@@ -1,4 +1,5 @@
 /* Copyright (c) 2013-2021, The Linux Foundation. All rights reserved.
+ * Copyright (c) 2022 Qualcomm Innovation Center, Inc. All rights reserved.
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2 and
@@ -641,6 +642,7 @@ EXPORT_SYMBOL(rmnet_init_qmi_pt);
 
 void rmnet_get_packets(void *port, u64 *rx, u64 *tx)
 {
+	struct net_device *dev;
 	struct rmnet_priv *priv;
 	struct rmnet_pcpu_stats *ps;
 	unsigned int cpu, start;
@@ -654,8 +656,12 @@ void rmnet_get_packets(void *port, u64 *rx, u64 *tx)
 	*tx = 0;
 	*rx = 0;
 	rcu_read_lock();
-	hash_for_each(((struct rmnet_port *)port)->muxed_ep, bkt, ep, hlnode) {
-		priv = netdev_priv(ep->egress_dev);
+	hash_for_each_rcu(((struct rmnet_port *)port)->muxed_ep, bkt, ep,
+			  hlnode) {
+		dev = ep->egress_dev;
+		if (!dev)
+			continue;
+		priv = netdev_priv(dev);
 		for_each_possible_cpu(cpu) {
 			ps = per_cpu_ptr(priv->pcpu_stats, cpu);
 			do {

From e7cdcf9e03034c4072795201f6d17c04a6cc7c77 Mon Sep 17 00:00:00 2001
From: Kaustubh Pandey <quic_kapandey@quicinc.com>
Date: Mon, 31 Jan 2022 16:56:19 +0530
Subject: [PATCH 2/2] datarmnet: Remove monaco_go and monaco_go_aon from
 BOARD_PLATFORM_LIST

For wearable line of devices derived from monaco, monaco will be used as
TARGET_BOARD_PLATFORM. Change removes others variants which were added
to support _go and _go_aon variants.

Change-Id: Id3ef3aa94ad0c80701260417d92eecf1b96558dd
Signed-off-by: Kaustubh Pandey <quic_kapandey@quicinc.com>
---
 core/Android.mk                | 2 --
 datarmnet_dlkm_vendor_board.mk | 2 --
 2 files changed, 4 deletions(-)

diff --git a/core/Android.mk b/core/Android.mk
index 8df2c97d16ef0..f358d0b2ee384 100644
--- a/core/Android.mk
+++ b/core/Android.mk
@@ -2,8 +2,6 @@ ifneq ($(TARGET_PRODUCT),qssi)
 RMNET_CORE_DLKM_PLATFORMS_LIST := lahaina
 RMNET_CORE_DLKM_PLATFORMS_LIST += holi
 RMNET_CORE_DLKM_PLATFORMS_LIST += monaco
-RMNET_CORE_DLKM_PLATFORMS_LIST += monaco_go
-RMNET_CORE_DLKM_PLATFORMS_LIST += monaco_go_aon
 
 ifeq ($(call is-board-platform-in-list, $(RMNET_CORE_DLKM_PLATFORMS_LIST)),true)
 #Make file to create RMNET_CORE DLKM
diff --git a/datarmnet_dlkm_vendor_board.mk b/datarmnet_dlkm_vendor_board.mk
index 60a81a7d351b4..3eb26a9fc94d4 100644
--- a/datarmnet_dlkm_vendor_board.mk
+++ b/datarmnet_dlkm_vendor_board.mk
@@ -2,8 +2,6 @@
 DATA_DLKM_BOARD_PLATFORMS_LIST := lahaina
 DATA_DLKM_BOARD_PLATFORMS_LIST += holi
 DATA_DLKM_BOARD_PLATFORMS_LIST += monaco
-DATA_DLKM_BOARD_PLATFORMS_LIST += monaco_go
-DATA_DLKM_BOARD_PLATFORMS_LIST += monaco_go_aon
 ifneq ($(TARGET_BOARD_AUTO),true)
 ifeq ($(call is-board-platform-in-list,$(DATA_DLKM_BOARD_PLATFORMS_LIST)),true)
 BOARD_VENDOR_KERNEL_MODULES += $(KERNEL_MODULES_OUT)/rmnet_core.ko