In the API lim_perform_ft_pre_auth, the driver sends
a auth frame to a peer whose MAC address is extracted
from the session entry, and it may happen that the
pointer tpftPEContext is NULL, which results in
pointer dereference.
Fix is to send an auth frame only if the sFTPEContext
is valid.
Change-Id: I5544739a0b438efcc0216bbccdcff113946b330b
CRs-Fixed: 2259250
To poiulate peer rates (Supproted rates, HT & VHT Capabilities)
lim_populate_peer_rate_set first copy values of
psessionEntry->rateSet.rate in a local buffer tempRateSet for
sorting of rates. Currently while copying, index for
psessionEntry->rateSet.rate bufffer varies from 0 to max rate
allowed SIR_MAC_RATESET_EID_MAX(12). This results access of 13th
index(OOB) of psessionEntry->rateSet.rate buffer.
The fix is to set proper upper bound to copy values of
psessionEntry->rateSet.rate in to a local buffer tempRateSet.
Change-Id: I75d5f5b5e7d44665101dae6e095b4adadc1781fb
CRs-Fixed: 2268610
During the review of "qcacld-3.0: lim: Replace tSirRetStatus with
QDF_STATUS" it was observed that the documentation for function
pe_process_messages() referenced an incorrect return type and return
value. While addressing this issue it was further observed that
pe_process_messages() was only being called from within lim_api.c by
pe_mc_process_handler(). Since these are both trivial functions,
consolidate them into one function.
Change-Id: Ia66088b79003e0c8c517a8e3ae32540c19fec070
CRs-Fixed: 2271550
A recent set of changes replaced all tSirRetStatus definitions with
QDF_STATUS. However some code comments were overlooked since they
incorrectly referred to eSirRetStatus instead of tSirRetStatus. Change
those comments to correctly reference QDF_STATUS.
Change-Id: I3b5779d0a09e594f1371362d161d3ea4c887110c
CRs-Fixed: 2271549
Currently lim_post_msg_api() and lim_post_msg_high_priority() are
defined to return a uint32_t status. This is an artifact of many
generations of driver changes. These functions now return QDF_STATUS,
so update the signatures as well as all callers to properly expect
this return type. In addition remove the legacy wrapper function
pe_post_msg_api() since it is unused.
Change-Id: I00f991d64e3542336526e7ed2ca36e4112918cb7
CRs-Fixed: 2271548
Change "qcacld-3.0: Remap tSirRetStatus to QDF_STATUS" introduced a
set of macros to map tSirRetStatus to QDF_STATUS. All of the
tSirRetStatus identifiers have been renamed, so remove the now unused
macros.
Change-Id: Ie95c9806bdcc52e25e81c8adaecacbdc79207e37
CRs-Fixed: 2270654
The tSirRetStatus definitions are obsolete, so replace them with
QDF_STATUS definitions in the mac pe/lim folder.
Note that this change introduces some checkpatch issues, but due to
the number of pre-existing checkpatch issues in lim these are just
noise, and in order to have this change just address the issue at hand
any checkpatch issues will be addressed as part of a separate cleanup
activity.
Change-Id: I677292c208fe08f1bbba8bf294870cbc73cc3b5c
CRs-Fixed: 2270620
Clenaup legacy passive scan minimum channel time configuration
value and the code references related to the same.
Change-Id: I15d508484dde8f4db775a6fb263646a7af8e5f69
CRs-Fixed: 2262691
Clenaup legacy active scan minimum channel time
configuration item and the code references related
to the same.
Change-Id: I5eef7ec09345e199946700c033eaa85fbf69d289
CRs-Fixed: 2262691
While processing the WMA_ROAM_OFFLOAD_SYNCH_IND event, The
driver takes nearly 150 to 200 msec time to just write fatal,
error and info messages to the kmsg log buffer. Also to get
tx power supplicant runs another thread while roaming. These
cause more latency(300ms) to send WMA_ROAM_OFFLOAD_SYNCH_CNF
message to fw. To decrease roam latency, the driver should
write the only necessary error message to kmsg buffer.
The fix is to change irrelevant fatal, error and info message
type to debug add a check in __wlan_hdd_cfg80211_get_txpower
to reject the request to get Tx power while roaming in progress
otherwise driver will process this and will increase the roaming
latency.
Change-Id: I6c31637f21991b5b29c1e2dd2c2935ae7d4fc3d0
CRs-Fixed: 2251824
The tSirRetStatus definitions are obsolete, so replace them with
QDF_STATUS definitions in the mac pe/rrm folder.
Change-Id: Iba8b15a3f17ee4bd827d384cf775ac0679590208
CRs-Fixed: 2269739
The tSirRetStatus definitions are obsolete, so replace them with
QDF_STATUS definitions in the mac pe/sch folder.
Change-Id: I7301c209adccdb63b1f1ac063d4590b5019f2e40
CRs-Fixed: 2269738
Currently mac_handle_t is defined as a void pointer. This is
convenient from an information hiding point of view since that means a
non-MAC component cannot dereference a MAC handle to access MAC
private data. However this is not convenient from a defect prevention
point of view since the C standard allows any other pointer type to be
freely and silently converted to and from a void pointer, and hence
the compiler is unable to detect when a MAC handle is used in a
context where a different pointer type is expected.
An example of multiple such defects was addressed by Change-Id
I01812b2390269805da4d1a5cb40a811d1e22ec56 (qcacld-3.0: Fix bad
pointers being passed from SME to WMA).
To help prevent these kinds of defects change the definition of
mac_handle_t to be a pointer to an opaque struct.
Change-Id: I72483bf0e693d6eca24355f31d3a1653b8f31302
CRs-Fixed: 2268814
