qcacld-2.0 to qcacld-3.0 propagation
Beacon does not show RSN IE after disabling/enabling SAP, hence
stations does not connect back while trying to associate in WPA.
While re-enable SAP from the hostapd_cli, the start_bss is called
twice, first from wps_init which does not populate RSNIE and secondly,
through bss_setup which has RSNIE but getting ignored as the BSS is
already started.
Added the RSN IE in case of BSS already started
Change-Id: I2a67156e66e255e7c007a5925cd81b859009114e
CRs-Fixed: 2144429
Add /* fallthrough */ comment in __lim_process_sme_deauth_req
as per linux checkpatch script while processing deauth req for
limSmeState 'eLIM_SME_LINK_EST_STATE'.
Change-Id: I38e0520aaec96e2ba35c916b39e79724c453632f
CRs-Fixed: 2233183
wlan_objmgr_get_vdev_by_macaddr_from_psoc and wlan_objmgr_get_peer
API's definitions have been changed to include pdev_id as an
argument.
Modify the callers of these APIs to include pdev_id as argument.
Change-Id: I3d0de6a0bc1dfefbe1b3cad51ec23f703baaf3ad
CRs-Fixed: 2210728
In hdd_send_association_event() and hdd_send_re_assoc_event(), there is
no check of pBssDesc against NULL which can lead to NULL pointer exception.
Circumvent this issue by adding NULL check.
Change-Id: Ic3a0142b4ea3f058e8d3993fb491d418ddb8f70d
CRs-Fixed: 2232721
Takecare to disable TCP delack internally if GRO is enabled.
This is required as enabling both will have adverse effect with
smaller window size and noisy scenario.
Change-Id: If91236620d87287c9b71901e9d8e3d176eebc648
CRs-Fixed: 2172652
Change I8e1b62cd9586f5b2be7acb863a106d2486be1b35 used unassigned
member dp_handle of wlan_objmgr_psoc, that causing failure on DP.
Assign dp_handle properly to avoid it.
CRs-Fixed: 2237072
Change-Id: If230b8a24f5ac9d26ac27f89779c7669cdee5455
Add /* fallthrough */ comment in sme_qos_add_ts_failure_fnp
as per linux checkpatch script in case of reason
SME_QOS_REASON_REQ_SUCCESS of flow request.
Change-Id: I6ea942e53cd6f0828dbe55cfdd77ecf75cf1cdbb
CRs-Fixed: 2233176
wma_is_service_enabled can't get valid service bitmap if call in
hdd_update_pmo_config, use psoc_ctx->caps.unified_wow instead to check
pattern id per vdev and legacy d0 wow capability.
Change-Id: If7bf316f482c49253fc4b95b94e172727b27ffd1
CRs-Fixed: 2225847
When do re-association, there is obsolete data exists in policy manager
until hdd_association_completion_handler updates the active session.
If check sap restart before this, will access the wrong data.
Change-Id: Ie62f86a5d523e70b6bb81b500bd358b63ae90ea8
CRs-Fixed: 2231675
In the API wma_process_pdev_hw_mode_trans_ind
the host doesnt check the upper limit of
num_vdev_mac_entries received from the firmware,
and fills the same to the host structure
hw_mode_trans_ind, which may cause OOB write.
Fix is to check for the max vdev supported in the
same API and return if the condition is false.
Change-Id: I54a9e12f777b87b49057d6c97c06ab71b9ad1d77
CRs-Fixed: 2221965
To avoid out-of-bounds access of mem_map_table from htt_rx_hash_deinit
, allocate mem_map_table size the same as maximum number of hash
entries, which is RX_NUM_HASH_BUCKETS * RX_ENTRIES_SIZE.
Change-Id: If25f97b47350196ceb2e8c60e7d5430a1484a01d
CRs-Fixed: 2214158
NAPI APIs in HDD are platform specific. So make these API's
conditionally compiled.
Change-Id: Id87c11da13f096d4f9ff735bbd98dcea23d52310
CRs-Fixed: 2235978
Initialize packet filter clear rule on stack properly to avoid
using un-initialized member variables.
Change-Id: I03b129e7660ed761b03ac163fdb3e7eee58ec034
CRs-Fixed: 2119208
In the function wma_set_epno_network_list,
req->networks[i].ssid.ssId is copied into the destination
params->networks[i].ssid.mac_ssid. But the ssid length is not
considered while copying and WMI_MAC_MAX_SSID_LENGTH is used as
the length for copying. This might result in possible buffer
overread if the ssid length is not WMI_MAC_MAX_SSID_LENGTH.
Similar issue is seen in wma_pno_start also.
Use pno->aNetworks[i].ssId.length as the size to mem copy the
ssid to the destination ssid buffer.
Change-Id: Id3f579da97e398663b7d583f5f46d4671eabeae3
CRs-Fixed: 2233682
GRO aggregations are hanging out of NAPI instance and We cannot use the
hif NAPI instance in Rx thread as gro_list inside NAPI is flushed out
at the start and end of NAPI poll, this will corrupt the gro_list on
which rx_thread is working. Address this concern by creating dummy
NAPI instances mapping to each hif NAPI and not scheduling them.
Change-Id: I6e1de57a669c56206a7863e86c3840bd0a9eabc1
CRs-Fixed: 2128450
Currently api hdd_wmm_free_context free the hdd_wmm context and
this api is getting invoked from several places without disabling
the inactivity timer.
Since the timer is not disabled, when hdd_wmm_inactivity_timer_cb
is invoked it tries to access the hdd_wmm context which is already
freed and the memory is reallocated to someone else resulting to
undefined behaviour.
To address this issue, disable hdd_wmm_inactivity timer before
calling hdd_wmm_free_context function and add a check for
hdd_wmm context in hdd_wmm_inactivity_timer_cb, if hdd_wmm context
is NULL don't proceed further and return.
Change-Id: Ib085c70b3e5a57b5cd494bc2cd21edd0580c16c4
CRs-Fixed: 2233987
During cfg80211 suspend there are couple of redundant log messages
which are logged on console. Change the log level to debug to avoid
logging them on console.
Change-Id: Id45cc261ec7c2c1397afa746216b090fc5d34d7a
CRs-Fixed: 2235798
Add pointer validation check for variable 'additional_ie' in
lim_send_probe_req_mgmt_frame() API before derefernce it.
Change-Id: I83f24b0707b129445b3b6bcdb84a5572aa4f0ccd
CRs-Fixed: 2232743
Add a check against for NULL pointer before accessing roam_info
object pointer.
Change-Id: Id03a47761fa9624ddf76305f110f1f83bcb0a7cd
CRs-Fixed: 2232419
Currently lim_create_fils_auth_data calls lim_create_fils_wrapper_data
to calculate length of the created wrapped data and stores it in an
unsigned variable wrapped_data_len. But return type of
lim_create_fils_wrapper_data is int so it could return negative value.
Less-than-zero comparison present in lim_create_fils_auth_data of an
unsigned value is never true, as unsigned value can never be less than 0.
Results lim_create_fils_auth_data returns improper 'fils auth data' which
used to be send in auth req.
To make 'less-than-zero comparison' effective in lim_create_fils_auth_data
change type of wrapped_data_len from unsigned int to signed int.
Change-Id: I66d872b76b2039179e3f3dd0ccbb6c135174e354
CRs-Fixed: 2233113
Add /* fallthrough */ comment in sme_qos_add_ts_success_fnp
as per linux checkpatch script in case of reason
SME_QOS_REASON_REQ_SUCCESS of flow request.
Change-Id: I6285ccdc74e5c19fb9bbb8a1b9e0dec5e54edc6e
CRs-Fixed: 2233179
In case of STA + SAP, when STA connect to a new AP, the SAP
initiate channel switch to the new channel of the STA. During
this transition period DUT will be in MCC scenario and thus
firmware changes the TBTT of SAP to get 50% channel time.
Due to this peer STA connected to DUT-SAP may miss all 5
beacons containing CSA info and when it comes out of hw-dtim
mode after 5 beacon misses the DUT SAP has already moved to
new channel and thus as SAP is not on the old channel the peer
STA will receive Heart beat failure.
To avoid this Heart beat failure on peer STA, increases the
default value of channel switch count (g_sap_chanswitch_beacon_cnt)
to 10 to increase the probability of receiving beacons with
CSA info.
Change-Id: I2e5182c299f2a100c9919ffc123aa6b1290324f9
CRs-Fixed: 2227704
Fix NPD in function lim_create_fils_wrapper_data, by moving the check
against NULL pointer before the access.
Change-Id: I00c6c4df0ff94ffdfe77a8a563b1747c29906b2f
CRs-Fixed: 2232734
