Add changes to add support for unpacking of MBO IE in association
request packet.
Change-Id: I575f718b0804e679bab31432694c97e45bd87ca0
CRs-Fixed: 2044512
When roaming engine in firmware comes across handoff-failure and
host processor is in sleep state, it sends WOW_REASON_ROAM_HO. Enable
that reason code to follow the code path that leads into
wma_roam_event_callback() where it is handled as normal.
Modify peer debug log messages for better information for this
event.
CRs-Fixed: 2002239
Change-Id: I9ed854382287077ea66de78ce05e3d24c74058f3
In __wlan_hdd_cfg80211_handle_tsf_cmd(), nla_parse() is called to
parse the TSF command attributes. Currently a policy is not
specified. This prevents nla_parse() from doing basic validation of
the attributes, and in some circumstances could result in a buffer
overread. To avoid this issue define an appropriate policy and use it
in the invocation of nla_parse().
Change-Id: Ic246cf8cf78b043af38198c301465c088b12184a
CRs-Fixed: 2054776
Restart SAP with CSA/ECSA when ini variable gWlanMccToSccSwitchMod=3.
Currently ini variable setting gWlanMccToSccSwitchMod=2 was
causing SAP to restart with CSA.
Change-Id: I9a4b68cd154fa63325d146510832c2410f2dc244
CRs-Fixed: 2058154
Currently, the device mode is not verified before servicing the FTM
command. Reject FTM commands unless the device is in FTM mode.
Change-Id: Ia27dbe5922755a94e80ddc1c5824b8082ae3325a
CRs-Fixed: 2051888
CSR API for roam_sync callback acquires SME lock for its operation and
have multiple exit points. This creates risk of missing on releasing lock.
This change acquires and releases lock once in csr_roam_synch_callback and
add a lock less API that does logic handling.
Change-Id: Ifab0a8cce4b0746364ddbde44347d497999cc821
CRs-Fixed: 2048614
When heartbeat failure happens, the heartbeat handler
lim_handle_heart_beat_failure_timeout will tear down
the link and not send the deauth frame to peer.
Change-Id: Ifdef06d366c305d6c5f975f48356a83a77cf7b2c
CRs-Fixed: 2043958
qcacld-2.0 to qcacld-3.0 propagation
Current ini setting doesn't support configuring per band mgmt rate.
Add ini to configure per band mgmt rate.
Change-Id: I340b09324fc16b15846598b17de9976f92b93252
CRs-Fixed: 2038854
vdev create request with selfMAC address matching to any of the peer MAC
address cause crash in firmware, So before creating new session/peer
make sure that there is no peer/session with same MAC address.
Change-Id: I7be415365ab7112b013b478139deb451863d52d8
CRs-Fixed: 1115373
While disabling SAP session, policy_mgr_decr_session_set_pcl()
is getting called twice, one from mc_thread (hdd_hostapd_sap_
event_cb()) and other from hostapd (__wlan_hdd_cfg80211_stop
_ap()). This can corrupt the pm_conn_connection_info table.
This change removes policy_mgr_decr_session_set_pcl() getting
called from hdd_hostapd_sap_event_cb().
Change-Id: Ib16af839060cb2dd3cb9f9957fd6dbb40c3b79dc
CRs-Fixed: 2055025
Initiate self recovery when firmware failed to send the unmap
event within unmap timeout OL_TXRX_PEER_UNMAP_TIMEOUT value.
Change-Id: I053e34682cb610cb258c7dabdb3f84a4b59525f1
CRs-Fixed: 2023387
Currently, driver is rejecting the FASTREASSOC command if the channel
is not provided as part of it (or) channel is given as zero.
Update channel from BSS description of the given BSS and honour
the FASTREASSOC command even if the channel is given zero.
Change-Id: Ie67a75fb7ccf470b95454842b7f46baa9b09d54c
CRs-Fixed: 2046547
Currently in __wlan_hdd_cfg80211_set_scanning_mac_oui() the
QCA_WLAN_VENDOR_ATTR_SET_SCANNING_MAC_OUI attribute is copied without
first performing a length check. Add a check to ensure the attribute
is of the expected length.
Change-Id: I12ee10ed5760af6e5069707ae14b26f275da1829
CRs-Fixed: 2054687
In __wlan_hdd_vendor_abort_scan(), nla_parse() is invoked without
specifying a policy. This can result in a buffer overread when
processing the QCA_WLAN_VENDOR_ATTR_SCAN_COOKIE attribute. To avoid
this issue use the existing "scan_policy" when invoking nla_parse().
Change-Id: Ia3e5cb7535bf0f700399e4a49c9c5da362a3ccf6
CRs-Fixed: 2054775
Currently in __wlan_hdd_cfg80211_vendor_scan() there are several
attributes which are not properly validated, and this can lead to a
buffer overread. In order to avoid these issues:
1) Define an appropriate nla_policy and specify this policy when
invoking nla_parse().
2) Explicitly validate the size of the attributes nested in the
QCA_WLAN_VENDOR_ATTR_SCAN_FREQUENCIES attribute.
Change-Id: I1e0d9ecf87839031fbbca9616e4bae0b0c127404
CRs-Fixed: 2054773
Currently in __wlan_hdd_cfg80211_get_preferred_freq_list(),
nla_parse() is called to parse the command attributes without
specifying a policy. This prevents nla_parse() from doing basic
validation of the attributes, and in some circumstances could result
in a buffer overread. To avoid this issue define an appropriate policy
and use it in the invocation of nla_parse().
Change-Id: I5d90b77562adb1be0d8789f1ad320612402ba90b
CRs-Fixed: 2054742
Currently in hdd_fill_encrypt_decrypt_params() there are multiple
issues with the incoming cfg80211 vendor command handling:
1) A policy is not supplied when invoking nla_parse() which prevents
basic sanity of the incoming attribute stream.
2) The length of attribute QCA_WLAN_VENDOR_ATTR_ENCRYPTION_TEST_PN is
not properly validated.
3) The length of attribute QCA_WLAN_VENDOR_ATTR_ENCRYPTION_TEST_DATA
is not properly validated.
To address these issues:
1) Create an appropriate nla_policy and specify this policy when
invoking nla_parse().
2) Validate the length of QCA_WLAN_VENDOR_ATTR_ENCRYPTION_TEST_PN to
prevent potential buffer overflow.
3) Validate the length of QCA_WLAN_VENDOR_ATTR_ENCRYPTION_TEST_DATA to
prevent potential buffer overread.
Change-Id: Ibb86897f249010c94c4098b283aad7a7f95ab9a2
CRs-Fixed: 2054760
__wlan_hdd_cfg80211_txpower_scale() calls nla_parse without specifying
a policy. Specify an nla policy with the expected attribute information
when calling nla_parse in __wlan_hdd_cfg80211_txpower_scale().
Change-Id: I6ff8a986d5d3a7137351cf66e19ca1a952b9f5f1
CRs-Fixed: 2054748
Currently in __wlan_hdd_cfg80211_set_probable_oper_channel,
nla_parse() is called to parse the command attributes without
specifying a policy. This prevents nla_parse() from doing basic
validation of the attributes, and in some circumstances could result
in a buffer overread. In addition, the tb array is not sized
correctly. To avoid these issues properly size the tb array, and
define an appropriate policy and use it in the invocation of
nla_parse().
Change-Id: I1d4bc3d1f09f0767a3cbd5ed84dc214f167c3c4d
CRs-Fixed: 2054744
When commands to Firmware fail during probe due to Firmware being down, in
most cases QDF_BUGs are hit, not allowing re-probing to take place. A new
API is defined to check if the failure is due to Firmware being down or not.
If so, return error gracefully allowing re-probing to take place
Change-Id: Ib2f21a6f1ced1c16e9d2bdbda810b160ff63e2c6
CRs-fixed: 2027444
Set WMI_VDEV_PARAM_SMPS_INTOLERANT when a VDEV cannot be allowed to
send SMPS frame. This is needed as certain AP wont properly handle
SMPS frames.
Change-Id: I1dd30bcb4fcaf312fa376cbfe3c1fb9c0d37750a
CRs-Fixed: 2049789
Replace the legacy csr api with regulatory component public api
to check if the 11d support is enabled by host.
Change-Id: I53c2378cf010693d4efa7ff8ff611e6062569adb
CRs-Fixed: 2048784
Fix replenishing logic by taking care of fragments as well
in monitor mode. Also drop the packets with mpdu_length_err
bit set in rx attention desc and don't send those packets to
upper layers.
Change-Id: Iaeeb0e40e4988ca5a2d4c5e7c98ed3f82dfca533
CRs-Fixed: 2037633
For Network Listen Offload and Preferred Network Offload, the fast scan
period is multiplied by scan_backoff_multiplier after max cycles have
occurred. Add a new configuration item, gScanBackoffMultiplier, to
configure scan_backoff_multiplier.
Change-Id: I832d3e058d1c6c0b441090039204d68502e2b96d
CRs-Fixed: 2035197
