Currently there is no nl policy defined for vendor sub command
QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_MAX which may result in
buffer overread error.
To resolve this, add nl policy.
Change-Id: Ib5d3c34dbcec29a98766753efc4e9c4ecf748c2e
CRs-Fixed: 2054693
wlan_hdd_cfg80211_set_key_wapi() and sme_roam_set_key() prints
key information in default host logs.
Fix to remove debug logs which prints sensitive key information.
Change-Id: Ib71da962761f9b6b5fd8ba214676b649529bcaa7
CRs-Fixed: 2058305
In hdd state ctrl API buf used beyond its size.
Increase buf size to 3 to get rid of buffer over flow.
CRs-fixed: 2029584
Change-Id: Ie353d449f167bee05833841350d61dc0935786fc
Check for NULL values of peer and peer_map_addr before dereferencing.
Move the debug print statement before peer is detached and peer object
is freed.
CRs-Fixed: 1115011
Change-Id: I00d547847eed8e24a01178390b9a62be0b9b75d7
implicit conversion from enumeration type 'QDF_STATUS' to different enumeration type 'A_STATUS'
implicit conversion from enumeration type 'A_STATUS' to different enumeration type 'QDF_STATUS'
CRs-Fixed: 2063339
Change-Id: Ib96a49f40ea581127405560087354e7fa9bf46ec
SME queue is getting overflow due to IPA
stats request which gets posted at every 100ms.
Don't process IPA stats request in cds thread
context instead call wma API in the worker thread
context.
Change-Id: Id1ae20a1256ecd7ee43c2e3ebf50a14dc22e6714
CRs-Fixed: 2047462
Fix vdev_id validation at wma. Currently validation for vdev_id
which is an index to wma->interface array is off by 1.
Change-Id: I01fa048af08f76244896ae1ca4c53c61c1c60397
CRs-Fixed: 2057505
qcacld-2.0 to qcacld-3.0 Propagation.
improper validation of
QCA_WLAN_VENDOR_ATTR_EXTSCAN_BSSID_HOTLIST_PARAMS_LOST_AP_SAMPLE_SIZE
results in assigning an unchecked user-controller value.
This can lead to buffer overflow.
validate QCA_WLAN_VENDOR_ATTR_EXTSCAN_BSSID_HOTLIST_PARAMS_LOST_AP_SAMPLE_SIZE.
CRs-Fixed: 2056253
Change-Id: I7c33b6d78054672e9effbe9100c29e5604c250c6
Currently in __hdd_cfg80211_get_station_cmd there are two
attributes which are not properly validated.
Define an appropriate nla_policy and specify this policy when
invoking nla_parse().
CRs-Fixed: 2054741
Change-Id: I36e12f001b05069c8e06adb1f264392232b13bfb
qcacld-2.0 to qcacld-3.0 Propagation.
In get oui ie command API, ie pointer read out
of boundary.
Return NULL if ie length is less than oui size.
CRs-Fixed: 2053002
Change-Id: I13375d3bfa472eda25d8d6191431dd1f79bf5842
Currently even though all peer unmaps events of last associated peer are
not received, driver still goes ahead for new connection with a diffrent peer.
Now if firmware uses same peer id for new peer also this causes synchronization
issue of peer ref counts and will eventually lead of kernel panic.
Add changes to wait for last peer's all unmap events before proceeding with
new connection
CRs-Fixed: 2040627
Change-Id: I30e74d9bebe66fec55d7682d3cec581a078f5e75
Currently in case of HDD interface change timeout call back
disabling of IPA WDI pipes is not handled and only disconnect
is called. As a result disconnect fails because IPA driver
expects suspend and disable before disconnect. In this change
disable IPA pipes before doing disconnect.
Change-Id: I5ddf222730d57b39ba15bd5923c22d585eb52b08
CRs-Fixed: 2047110
In case on continuous Tx failure of management packets, logs
flooding can cause watchdog timeout.
Add changes to reduce log dumping in case of transmission
failure and log every 50th packet failure
Change-Id: Ia975fb71fcd14eb6abd8c0712d9d0704d592f97b
CRs-Fixed: 2040917
Driver unload may flush VDEV delete response from FW by
calling wma_mc_discard_msg which may cause this request to not
to be removed from wma_hold_req_queue queue.
Since during unload, wma_shutdown_notifier_cb goes through
pending response queue to see what are pending requests and it
may cause kernel panic for this req since response is already flushed.
Add changes to avoid bug_on during driver unload for FW timeout
CRs-Fixed: 2046856
Change-Id: I41cba0883099799c542329075d4620343e6b9d76
When platform driver initiates wlan driver remove, driver state
is set to unloading but it is not cleared on successful driver
remove, leading unload bit to be set forever and thereby host
returns failure for all north bound requests, though driver is
loaded successfully after this scenario.
After wlan driver is removed, clear the driver unload bit, so
that on next successful driver load, host can process north
bound requests.
Change-Id: I600705b340a824bcaa524e2ed981ad35943fb5cd
CRs-Fixed: 1113037
Try to set ap-ap mode on single wifi with acs enabled,
primary ap can start up successfully, but fail to bring up
the guest ap.
The fix is to call appropriate procedure once the guest ap
skip acs scan before starting bss.
Change-Id: I106269308932dafff27f9dc0665ade06b88e99a6
CRs-Fixed: 2063960
Move the log messages to appropriate log levels so that
the console does not get a huge spam of unnecessary logs
Change-Id: Ie58b45078ad8b4732d7b84bfb77261396bd5862a
CRs-Fixed: 2043741
qcacld-2.0 to qcacld-3.0 propagation
If ap switches channel, sta will follow ap, as ap may change phymode
and channel width in new channel, so host needs set new phymode and
channel mode to fw.
Change-Id: I87b28119e0f4a8005f9c80f8f32912747b28306c
CRs-Fixed: 913325
Currently there are multiple cfg80211 vendor commands where MAC
address attributes are defined in a nla_policy table with a type of
NLA_UNSPEC but without a minimum length. Add the proper minimum length
to avoid buffer overread.
Change-Id: I11ff2bd813dc4e6784a7cdee66a0c10ca0e69fcf
CRs-Fixed: 2062140
Currently sme_update_ht_config only update csr_session and sends updated
params to FW via VDEV_PARAM command. Same is not reflected in pe_session
and beacon template. Update beacon params in LIM by sending param update
message to LIM.
Change-Id: I1f926b4d2d5467c7702e03ff281879529c89f6f5
CRs-Fixed: 2055347
Presently the logging thread is not destroyed if the driver is unloaded
in the FTM mode leading to accessing to invalid memory location once
the wlan driver is unloaded.
Destroy the logging thread irrespective of the device mode during
the unload of the driver.
CRs-Fixed: 2040566
Change-Id: I1a97acffa5fb292ac9d355d6a95e6fc253fc833a
Change ssidHidden variable type as tHiddenssId enum instead of
original boolean type in tagCsrSSIDInfo structure to backup the
value from hdd (eg: eHIDDEN_SSID_NOT_IN_USE, eHIDDEN_SSID_ZERO_LEN,
eHIDDEN_SSID_ZERO_CONTENTS).
Change-Id: Ibc88c80856984b1b61e2fbe489219b391900dad3
CRs-Fixed: 2065342
During initializing station mode, the array holding STA IDs are
not set to HDD_WLAN_INVALID_STA_ID(0xFF), leading STA IDs to hold
a valid data, though there no connections.
Set array holding STA IDs with HDD_WLAN_INVALID_STA_ID, to make
STA IDs holding invalid data.
Change-Id: I12167e83bebe0380520676c194f11cd4848330cf
CRs-Fixed: 2053816
Change number of dropped packet before kickout threshold to max
theoretical value of 65535.
Change-Id: I9b29e704460cfabdc346cda7ab4bc5f01ad5ea98
CRs-Fixed: 2029453
Currently the QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR nla_policy specifies
a type of NLA_STRING, but the underlying implementation expects a
NUL-terminated string. Update the policy to correctly use a type of
NLA_NUL_STRING with the len updated to remove the allocation needed
for the terminating NUL.
Change-Id: Ic73241511ab73ae63fd7c1a8d6422da91931919c
CRs-Fixed: 2062141
VDEV object has not been checked against NULL value before passing as
part of message to a next layer
CRs-Fixed: 2063561
Change-Id: I9c7ad08f1e201779cb433044a1525555a2ccaa34
As part of the support for the FIPS certification feature add the
HDD infrastructure.
Change-Id: I76a545c42b10a662db04b5994de100c713a46c59
CRs-Fixed: 2065002
As part of the support for the FIPS certification feature add the
WMA infrastructure.
Change-Id: I7e113cee8ba9a08c2efd1141bef84e43d530cdcb
CRs-Fixed: 2065002
