mlm_set_keys_req may leak if return in some fail case or
there is no WMA_SET_STAKEY_RSP.
Change-Id: Ib89709a6656cfcff18341257e116861774489c8c
CRs-Fixed: 2166374
The string length of FwDebugModuleLogleveconfig is over 255 if set all
firmware log level in config file. Now FW moudle number is 67 which mean
the string length might be 336(67*5+1).
Extend the length to 512.
Change-Id: If9842f3bfdc9ae6b3351c27c3166e2940de71fb8
CRs-Fixed: 2166118
__con_mode_handler sets the new con_mode value before doing any of the
connection mode transition steps. Thus, if any step fails, the driver
will incorrectly report the new connection mode. Defer setting the new
con_mode value until the connection mode has be successfully changed.
Change-Id: Ib248ab06cf1bf8ef71c1c1bd26aa1beb91e9fa89
CRs-Fixed: 2166530
Stop the opportunistic timer & take action to keep HW mode in sync
when hdd stop happens.
Change-Id: Id34adb579987605831d2c7c4e22c2d76fe7d25dd
CRs-Fixed: 2165105
Target types are moved to target_type.h from hif.h.
Add new target type include for target definitions.
Change-Id: I54185fff428eebf678310f95f59a63db4f82aa80
CRs-Fixed: 2144470
When the driver transitions into Factory Test Mode (FTM), the existing
vdev is not properly destroyed. This ultimately leads to a vdev object
leak when the driver is unloaded while in FTM. To close the leak, tear
down the existing station vdev before doing the module stop operation.
Change-Id: I48ca4e6fc5750e593b6afc4e6b44a603570101cc
CRs-Fixed: 2137144
Check the channel width value in CSA IE before we process the
channel switch so that if the AP sends the wrong channel width in
CSA driver can process with correct configuration
Change-Id: Ib14a0146502b0f731f319ac1fe6657a389388cec
CRs-Fixed: 2162235
In wma_vdev_detach(), ignore vdev delete request at present if it is
received before VDEV_STOP and VDEV_DOWN which results in fw assert on
VDEV_START as no VDEV_DELETE is present before VDEV_START on the same vdev.
Do cds recovery or assert on vdev deletion or on vdev start if BSS
is already in started state and no VDEV_STOP is queued in the queue.
Change-Id: I273e6240840e7a0a54c2d7ad3de12c8a30d42a18
CRs-Fixed: 2164701
Add sanity check for rxNss value in lim_set_nss_change()
as rxNss cannot be zero.
Change-Id: Ie8043d41413a26469539a1f370ff4bca09870b61
CRs-Fixed: 2157501
This reverts commit 7cf307e148
as the check to drop auth frame if previous sequence number
and auth algo match with current sequence number and auth
algo returns true instead of false in a correct scenario.
Change-Id: I8dee272f535acaadb9dfff69ee9ce68ddea4eec1
CRs-Fixed: 2166125
Currently host is adding PMKSA cache on bssid from connect request
if PMKID is present in the RSNIE. This may cause duplicate
entry of PMKSA since supplicant may add the same PMKSA on basis of
SSID + cache identifier. This also cause different caches present
in driver and supplicant.
Setting PMKSA in connect request is not needed since supplicant
will always set/delete PMKSA cache using seperate kernel APIs.
Add changes to remove set PMKSA logic during connect path and
increased PMKSA cache path logging.
Change-Id: I7aa13daa59c4221380daebab3bee49de5d681d6b
CRs-Fixed: 2054351
Currently host driver is dumping all the connection related
info for FILS connection.
Add changes to remove excessive logging for FILS connection
Change-Id: Ib23a90672413e00c06ae61f01fbbb0fb51edda56
CRs-Fixed: 2077465
When ACS is started, acs_cfg.hw_mode in AP context will
be set after mapping from values defined in enum
qca_wlan_vendor_acs_hw_mode to values defined in enum
eCsrPhyMode, but when ACS scan fails due to some reason,
such as scan timeout, the code in function
sap_select_default_oper_chan is still using values
defined in enum qca_wlan_vendor_acs_hw_mode to setup
the default channel.
Change the code in function sap_select_default_oper_chan
to use the values defined in enum eCsrPhyMode when
setting up the default channel.
Change-Id: Ic0d43c43bf9b9a9a36c290d2754c30ebb40bb0e3
CRs-Fixed: 2163658
DUT retries auth with open system if shared key
authentication is not supported by AP. If auth
response from AP for open system auth has same
sequence number as that of shared key response,
host drops the frame.
Fix is to drop the auth frame only if previous
sequence number and auth algo match with current
sequence number and auth algo.
Change-Id: Ia02408d72371dfb91a7cae190ae9399cdf2e2e8b
CRs-Fixed: 2163231
Determine bss transition status for preferrable candidates provided
by userspace based on the transition reason, rssi of connected and
candidate bssids and other parameters like whether transitiong to the
candidate will result in sub-optimal scenario. The transition status
is either accept or a reason for reject.
Change-Id: Ib83c81909f4d8e31b4125309b8ac392a26a0d6bf
CRs-Fixed: 2007107
__wlan_hdd_cfg80211_get_key was invoked when unloading driver.
SAP ctx had been freed at this time.wlan_sap_get_roam_profile will
return NULL.
Check NULL pointer before use roam_profile.
Change-Id: If1f11f0fb7027a6af4e3242fe9af722740d32850
CRs-Fixed: 2162395
qcacld-2.0 to qcacld-3.0 propagation
Check for the validity of tx_desc_id when received the htt message of
HTT_T2H_MSG_TYPE_MGMT_TX_COMPL_IND from firmware to ensure the buffer
overwrite does not happen.
Change-Id: I0afc781b7fff303525352b817e7eb60b8b05e4d3
CRs-Fixed: 2164705
Adapter resources are not being released until after stop modules. This
leads to resource leaks on PCIe targets. Move the call to close adapters
to before stop modules.
Change-Id: I18ceba26bb6aab634da91a14cc6890a7b7bd836f
CRs-Fixed: 2162868
TX data transmit error is flooding out the logging
system.
Rate limit the TX transmit error to avoid
log buffer overrun.
Change-Id: Ie6f857378f1d8d2ee07ba0d6e10639f6f5dcbd1c
CRs-Fixed: 2160835
In function lim_send_probe_rsp_template_to_hal, memset is done for the
allocated packet for length nBytes which is calculated as size of payload +
MAC header + addn_ielen.
However, the buffer used psessionEntry->pSchProbeRspTemplate is allocated
for length 512 (SCH_MAX_PROBE_RESP_SIZE) only as part of create session.
This leads to a potential overflow of the memory if nBytes calculated is
greater than 512 leading to kernel panic while freeing the memory in
delete session.
Add sanity check to make sure we do not exceed the SCH_MAX_PROBE_RESP_SIZE
before doing a memset on the buffer.
Change-Id: I4657d34a429b1f0c11ac8ca24869727c222669b8
CRs-Fixed: 2160086
