PE is not freeing the second level of allocated memory during MC
thread message queue flush logic and hence leaking the memory.
Free second level of allocated memory in pe_free_message such
that message posted from WMA is still freed even if MC thread is
shutdown during driver unload/SSR.
Change-Id: I6a88d3b331c29496bc7c1d9e451c97206a2b85cf
CRs-Fixed: 2192884
If Deauth/Disassoc timer is currently running when lim_cleanup
happens due to SSR, the memory allocated for Disassoc/Deauth Req in
mac context is not freed leading to memory leak.
Free Deauth/Disassoc Requests stored in mac context in lim_cleanup
Also check for existing Deauth/Disassoc Request pointers stored in
mac context and free it before assigning it to point to the
current request.
Change-Id: Id7e221bd9d5061ecaa9b73a4fe1dc0f465f68aa9
CRs-Fixed: 2191131
In lim_set_rs_nie_wp_aiefrom_sme_start_bss_req_message, length passed
to unpack RSN IE is total length of WPA and RSN IE. So if only WPA IE
is present in assoc request, the RSN IE parser will try to validate the
buffer beyond the RSN IE and might fail as the buffer belongs to WPA IE.
Pass appropriate length to unpack RSN IE.
Change-Id: Ie679e67061e7ac622e8e76b285a32135a60ca6e8
CRs-Fixed: 2189926
In handling assoc request make sure to use VHT IE or vendor VHT IE
appropriately for suBFormee/suBFormer calculation.
Change-Id: I3934a0c7229a8a400d1aa54fe3bf0bc3513d4d70
CRs-Fixed: 2159206
lim_preauth_scan_event_handler using sme session id to find pe session,
it may find pe session new create for roaming bss, it will cause
pre-auth roaming command can't dequeue.
Change-Id: I81be20318300ac0e312aa9bcff1a43a47e9a38f7
CRs-Fixed: 2189778
Update the HE STBC capabilty per latest spec and add support
to configure it using INI configuration and ioctl.
Change-Id: I4ecc7b600671c132c1f3968a10fb652a4311f484
CRs-Fixed: 2181114
Change Id872e2b0b8b7a203b472e0bd152f25f63c873b4f introduced support
for GAS public action frames in lim_process_action_frame and included
GAS frames under the frame_len check for minimum length of Vendor
specific public action frames. This would fail for GAS frames which
do not include OUI and could be as small as 3 octets.
Do frame_len check only for vendor specific public action frames
and remove the checks for GAS public action frames
Change-Id: I8b20925a23e2ba26d0a8df32eb3e5b2d043888d2
CRs-Fixed: 2187538
Check new channel width and center frequency segments in CSA
wider BW IE before processing the channel switch and if CSA IE
has invalid data for any of these parameters then do not do the
channel switch with wider BW.
Also check for self capability for BW that is supported by device
before processing wider BW channel switch. If AP advertises the new
channel width with valid data that is greater than self capability
BW value then limit the channel switch BW to self capability.
Change-Id: I1d567e5cdc6347b56b513ea002b5a3978cb447e9
CRs-Fixed: 2182054
