Device crashed while accessing the unintialized
memory as part of scan request processing.
Initialize the scan params structure to zero.
Change-Id: Iaf430c6edb485a009f8d932ce0c2d033b9ec6137
CRs-Fixed: 2116256
Moved unnecessary kernel message to debug logs where ever not
required in kernel logs
Change-Id: If7b69fbdc4afea4597d38a44f786ee221ee917b2
CRs-Fixed: 2042092
As part of start_ap new beacon memory is allocated and filled with
the parameters sent by the upper layer. If there is any failure
during the start the bss, the memory is not freed resulting in
the leak.
Free the allocated beacon memory if there is any failure in starting
the bss.
Change-Id: Idc263ffbb352e56d65d397b200facb23b7ab207c
CRs-fixed: 2033325
qcacld-2.0 to qcacld-3.0 propagation
Cleanup target dump code and add support to dump IRAM region
for different platforms. Update the Target Memory Region for
different platforms.
Change-Id: Ie29fb62e0f1bc279311f77400e8be490ccf987a4
CRs-Fixed: 2088394
In LFR3 roaming, session->nss is recomputed by starting with mac_ctx
configured value, then lim_fill_ft_session() trims it based on
AP's capability in the beacon. Then lim_ft_prepare_add_bss_req() modifies
it based on dot11mode if necessary.
CRs-Fixed: 2082240
Change-Id: If9841ea8d10cc1269ec118c9e7f75fa0444abe3e
Currently logs are printed from HDD during scan and connect for every
retry, which is causing MCThread to get stuck at printk and crash
Rate limit the hdd logs to print for every 5 retries to avoid filling
the log buffer. Also change some error logs to debug level.
Change-Id: I09ad38cd89bbd20081673142bf5a350c55b0f005
CRs-Fixed: 2090761
This is qcacld-2.0 to qcacld-3.0 propagation
In get_container_ies_len size type for len is uint8_t.
len copies values from pBufRemaining.
There can be chance for integer overflow.
To avoid that make size type for len as uint32_t.
Change-Id: I305321a6631719808ef213571974ae23b0e61bb3
CRs-Fixed: 2064580
With the latest logging guidelines info logs will be routed to
console there are lot of redundant logs causing the watchdog
bark during driver initialization.
Reduce the loglevel from info to debug so these will be logged via
Loggerapp.
CRs-Fixed: 2040730
Change-Id: I2f073e3ab2fe9c129867cadd54c9f27a6b0e65c8
In hdd_send_re_assoc_event api to get ieee80211_channel,
channel number is passed to ieee80211_get_channel kernel
API which expect frequency as an argument.
Pass frequency to ieee80211_get_channel API instead of
channel number.
CRs-fixed: 2053536
Change-Id: I216889d13252c56e817c4e09e77459cc38f8e9ec
Currently hdd_clear_fils_connection_info is called for all device
modes which is leading to crash in SAP mode due to illegal memory
access.
Add check to invoke hdd_clear_fils_connection_info only if the
device mode is STA.
Change-Id: Ia0e28c29d809865169c254b0d45013aad39e13d2
CRs-Fixed: 2106324
Currently, Host performs validation of NLA attribute
QCA_WLAN_VENDOR_ATTR_OCB_SET_CONFIG_CHANNEL_ARRAY twice
which leads to memory leak.
As a part of fix, Check for SET_CONFIG_CHANNEL_ARRAY
only once and free memory in error scenario.
Change-Id: I5c90c937682417b8181fda7d499908b9425d4c6a
CRs-Fixed: 2103954
When host receives roam sync indication from firmware
and if state in PE is not equal to eLIM_SME_LINK_EST_STATE
then roam is aborted. As part of eCSR_ROAM_FT_START,
ft_carrier_on flag is set to true but is not set to false
as part of roam abort handling in hdd_sme_roam_callback api.
This results in not sending subsequent connect result to nl.
Fix is to set ft_carrier_on to false on roam abort.
Change-Id: I43c65730fd439145c22dbf77b0deb47a1bf2ef45
CRs-Fixed: 2105072
Currently, Host configures the NS entries through vendor command
where host do not check the active offload is enable or disabled.
Hence it is not configuring according to active offload ini.
As part of fix, Cache the vendor command value and check whether
active offload is enabled or not before configuration to fwr.
Change-Id: Icb11e43198a75975418a2c9ed95d5f1df05ce0c5
CRs-fixed: 2105071
NULL constant is unsuitable for sapEvent parameter since following
may be called:
sapEventInit(sapEvent);
vosStatus = sapFsm(sapContext, sapEvent);
Change-Id: I2ffc1be27f96bcbd793b2302e6c5920b5d30073b
CRs-Fixed: 2111290
Presently in the sta mode locally administered is set and it
is not logged with new macaddress.
Print the macaddress of the STA once the LA bit is reset.
Change-Id: I5ab5c67c622723f32500bc07d815efb02bd834a7
CRs-Fixed: 2069219
Currently the mpdu_data_len in Rx pkt meta is not checked for
upper bound in wma_form_rx_packet.
Add sanity check to drop the packet if mpdu_data_len is
greater than 2000 bytes. Also add upper bound check for
frame_len in lim_process_auth_frame function.
Change-Id: I7ab454045e2f6d278351dcabde6da556f9f741e0
CRs-Fixed: 2093392
SIR_MAC_AUTH_CHALLENGE_LENGTH is updated to 253 from
128 as per IEEE spec due to connection fails between
DUT-SAP and old ref-STA. Auth failure occurs as encrypted
data sent by ref-STA is only 128 bytes instead of 253
bytes.
Fix is to set length of challenge text sent by SAP
to 128 bytes.
Change-Id: I81409bb58ad34e469c54e2909f45b8a6826eb06a
CRs-Fixed: 2096512
In function ol_configure_target cap is used uninitialized when call
pld_get_platform_cap fail, although pld_get_bus_type and
hif_get_bus_type return same bus type, so actually it has no issue here,
but it look not clear here, init it explicitly.
Change-Id: I001956521c62c14b3537b399bbca1791b274a4c7
CRs-Fixed: 2115553
In a noisy enviornment assoc indication in SME queueu
is not getting processed due to multiple beacons/probes
getting processed in PE queue which is high priority
than SME queue.
Instead of posting a message to SME queue, assoc indication
will run to completion using sme callback mechanism.
Change-Id: I4dc7e3ef0c91964ebc842afa38b7815464e0e406
CRs-Fixed: 2114425
Before sending tdls peer state update command to FW make sure
that tdls peer exists.
Change-Id: I26b5daf9896b0f57fbcfedadcabd67ddd000b257
CRs-Fixed: 2032770
In order to support multiple nla_parse function signatures across
different kernel versions, a new hdd_nla_parse wrapper was introduced.
However, some propagations were made that reintroduced nla_parse.
Convert these calls to nla_parse to hdd_nla_parse instead.
Change-Id: Ib60d51252d943c59648682fb2794c3dcbae7cbf4
CRs-Fixed: 2113637
Power save checks for user configuration and STA connection state,
if either of these fails then do not restart the auto power save
timer.
Change-Id: I83a337b828677464c74800adf690c00fda68fadc
CRs-Fixed: 2112585
When uevent is introduced for integrated devices, it breaks
the PLD handling for PCIe devices. Hence correct it by using
proper enum.
Change-Id: Iacb5037932065f1822c1408d74f8aa3824ff0e71
CRs-fixed: 2114385
On framework initiated scan, ies are not sent in
scan request from upper layer and default scan ies are
not sent as part of scan request sent to firmware. This
results in not including oce ie in probe requests for
framework initated scans
Fix is to copy default ies to ie field in scan request
sent to firmware.
Change-Id: I895563bafc2a2b6e483d08cb28ee44ad34f5af70
CRs-Fixed: 2087124
Default scan ies are sent to fw after interface
is up via set wifi configuration vendor subcommand.
In case of PDR, default ies are not sent again to
fw.
Fix is to send default scan ies to fw after PDR.
Change-Id: Ia42f5b49711ec77b84ae3031aa7998283c1d4ec8
CRs-Fixed: 2100739
