diff options
| author | Linux Build Service Account <lnxbuild@localhost> | 2018-06-18 22:17:06 -0700 |
|---|---|---|
| committer | Linux Build Service Account <lnxbuild@localhost> | 2018-06-18 22:17:06 -0700 |
| commit | 2b9a70faf3c6593ec4686cad109eedd16336f247 (patch) | |
| tree | ecc9d8ae86834cc18ff462df4babc2d05c1b66df | |
| parent | 35d4802c108391d57bdb7bb3d30c40cc96cdf9a1 (diff) | |
| parent | 04b790dff9470c4a37e6666542b7626672c547aa (diff) | |
Merge 04b790dff9470c4a37e6666542b7626672c547aa on remote branch
Change-Id: I6f7cc2b62bce2739313ab1730805942886975603
98 files changed, 4551 insertions, 2524 deletions
@@ -820,7 +820,8 @@ QDF_OBJS := $(QDF_OBJ_DIR)/qdf_defer.o \ $(QDF_OBJ_DIR)/qdf_nbuf.o \ $(QDF_OBJ_DIR)/qdf_threads.o \ $(QDF_OBJ_DIR)/qdf_crypto.o \ - $(QDF_OBJ_DIR)/qdf_trace.o + $(QDF_OBJ_DIR)/qdf_trace.o \ + $(QDF_OBJ_DIR)/qdf_idr.o ifeq ($(CONFIG_WLAN_DEBUGFS), y) QDF_OBJS += $(QDF_OBJ_DIR)/qdf_debugfs.o diff --git a/core/cds/inc/cds_ieee80211_common.h b/core/cds/inc/cds_ieee80211_common.h index dfa19967205e..1cbaa4c385d3 100644 --- a/core/cds/inc/cds_ieee80211_common.h +++ b/core/cds/inc/cds_ieee80211_common.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011,2014-2015, 2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011,2014-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -1806,6 +1806,8 @@ enum { #define IEEE80211_CCMP_HEADERLEN 8 #define IEEE80211_CCMP_MICLEN 8 +#define WLAN_IEEE80211_GCMP_HEADERLEN 8 +#define WLAN_IEEE80211_GCMP_MICLEN 16 /* * 802.11w defines a MMIE chunk to be attached at the end of diff --git a/core/cds/src/cds_api.c b/core/cds/src/cds_api.c index a74a43464cda..991a88a3bd21 100644 --- a/core/cds/src/cds_api.c +++ b/core/cds/src/cds_api.c @@ -583,6 +583,45 @@ err_probe_event: return status; } /* cds_open() */ +static QDF_STATUS cds_pktlog_enable(void *pdev_txrx_ctx, void *scn) +{ + int errno; + + switch (cds_get_conparam()) { + case QDF_GLOBAL_FTM_MODE: + case QDF_GLOBAL_EPPING_MODE: + return QDF_STATUS_SUCCESS; + default: + break; + } + + htt_pkt_log_init(pdev_txrx_ctx, scn); + + errno = pktlog_htc_attach(); + if (errno) + goto pktlog_deinit; + + return QDF_STATUS_SUCCESS; + +pktlog_deinit: + htt_pktlogmod_exit(pdev_txrx_ctx, scn); + + return QDF_STATUS_E_FAILURE; +} + +static void cds_pktlog_disable(void *pdev_txrx_ctx, void *scn) +{ + switch (cds_get_conparam()) { + case QDF_GLOBAL_FTM_MODE: + case QDF_GLOBAL_EPPING_MODE: + return; + default: + break; + } + + htt_pktlogmod_exit(pdev_txrx_ctx, scn); +} + /** * cds_pre_enable() - pre enable cds * @cds_context: CDS context @@ -626,12 +665,9 @@ QDF_STATUS cds_pre_enable(v_CONTEXT_t cds_context) } /* call Packetlog connect service */ - if (QDF_GLOBAL_FTM_MODE != cds_get_conparam() && - QDF_GLOBAL_EPPING_MODE != cds_get_conparam()) { - htt_pkt_log_init(gp_cds_context->pdev_txrx_ctx, scn); - if (pktlog_htc_attach()) - return QDF_STATUS_E_FAILURE; - } + qdf_status = cds_pktlog_enable(gp_cds_context->pdev_txrx_ctx, scn); + if (QDF_IS_STATUS_ERROR(qdf_status)) + return qdf_status; /* Reset wma wait event */ qdf_event_reset(&gp_cds_context->wmaCompleteEvent); @@ -642,7 +678,7 @@ QDF_STATUS cds_pre_enable(v_CONTEXT_t cds_context) QDF_TRACE(QDF_MODULE_ID_SYS, QDF_TRACE_LEVEL_FATAL, "Failed to WMA prestart"); QDF_ASSERT(0); - return QDF_STATUS_E_FAILURE; + goto pktlog_disable; } /* Need to update time out of complete */ @@ -665,7 +701,7 @@ QDF_STATUS cds_pre_enable(v_CONTEXT_t cds_context) wlan_sys_probe(); QDF_ASSERT(0); - return QDF_STATUS_E_FAILURE; + goto pktlog_disable; } qdf_status = htc_start(gp_cds_context->htc_ctx); @@ -673,7 +709,7 @@ QDF_STATUS cds_pre_enable(v_CONTEXT_t cds_context) QDF_TRACE(QDF_MODULE_ID_SYS, QDF_TRACE_LEVEL_FATAL, "Failed to Start HTC"); QDF_ASSERT(0); - return QDF_STATUS_E_FAILURE; + goto pktlog_disable; } qdf_status = wma_wait_for_ready_event(gp_cds_context->pWMAContext); if (!QDF_IS_STATUS_SUCCESS(qdf_status)) { @@ -690,7 +726,7 @@ QDF_STATUS cds_pre_enable(v_CONTEXT_t cds_context) wma_wmi_stop(); htc_stop(gp_cds_context->htc_ctx); - return QDF_STATUS_E_FAILURE; + goto pktlog_disable; } if (ol_txrx_pdev_post_attach(gp_cds_context->pdev_txrx_ctx)) { @@ -699,10 +735,16 @@ QDF_STATUS cds_pre_enable(v_CONTEXT_t cds_context) wma_wmi_stop(); htc_stop(gp_cds_context->htc_ctx); QDF_ASSERT(0); - return QDF_STATUS_E_FAILURE; + qdf_status = QDF_STATUS_E_FAILURE; + goto pktlog_disable; } return QDF_STATUS_SUCCESS; + +pktlog_disable: + cds_pktlog_disable(gp_cds_context->pdev_txrx_ctx, scn); + + return qdf_status; } /** diff --git a/core/cds/src/cds_concurrency.c b/core/cds/src/cds_concurrency.c index 46e856a5db13..7fe97ac5fe35 100644 --- a/core/cds/src/cds_concurrency.c +++ b/core/cds/src/cds_concurrency.c @@ -5717,11 +5717,6 @@ QDF_STATUS cds_get_pcl(enum cds_con_mode mode, return status; } - if (mode >= CDS_MAX_NUM_OF_MODE) { - cds_err("requested mode:%d is not supported", mode); - return status; - } - /* find the current connection state from conc_connection_list*/ num_connections = cds_get_connection_count(); @@ -8092,8 +8087,7 @@ sap_restart: hdd_ap_ctx->sapConfig.channel, intf_ch); } hdd_ap_ctx->sapConfig.channel = intf_ch; - hdd_ap_ctx->sapConfig.ch_params.ch_width = - hdd_ap_ctx->sapConfig.ch_width_orig; + hdd_ap_ctx->sapConfig.ch_params.ch_width = CH_WIDTH_MAX; hdd_ap_ctx->bss_stop_reason = BSS_STOP_DUE_TO_MCC_SCC_SWITCH; cds_set_channel_params(hdd_ap_ctx->sapConfig.channel, hdd_ap_ctx->sapConfig.sec_ch, diff --git a/core/dp/htt/htt_rx.c b/core/dp/htt/htt_rx.c index 11ee196bdcbc..9a4f987af15d 100644 --- a/core/dp/htt/htt_rx.c +++ b/core/dp/htt/htt_rx.c @@ -497,6 +497,14 @@ static int htt_rx_ring_fill_n(struct htt_pdev_t *pdev, int num) idx = *(pdev->rx_ring.alloc_idx.vaddr); + if ((idx < 0) || (idx > pdev->rx_ring.size_mask) || + (num > pdev->rx_ring.size)) { + QDF_TRACE(QDF_MODULE_ID_HTT, + QDF_TRACE_LEVEL_ERROR, + "%s:rx refill failed!", __func__); + return filled; + } + if (qdf_mem_smmu_s1_enabled(pdev->osdev) && pdev->is_ipa_uc_enabled && pdev->rx_ring.smmu_map) ipa_smmu = true; diff --git a/core/dp/htt/htt_t2h.c b/core/dp/htt/htt_t2h.c index 017bf9991f7a..96630a703169 100644 --- a/core/dp/htt/htt_t2h.c +++ b/core/dp/htt/htt_t2h.c @@ -274,33 +274,12 @@ static void htt_t2h_lp_msg_handler(void *context, qdf_nbuf_t htt_t2h_msg, } case HTT_T2H_MSG_TYPE_RX_ADDBA: { - uint16_t peer_id; - uint8_t tid; - uint8_t win_sz; - uint16_t start_seq_num; - - /* - * FOR NOW, the host doesn't need to know the initial - * sequence number for rx aggregation. - * Thus, any value will do - specify 0. - */ - start_seq_num = 0; - peer_id = HTT_RX_ADDBA_PEER_ID_GET(*msg_word); - tid = HTT_RX_ADDBA_TID_GET(*msg_word); - win_sz = HTT_RX_ADDBA_WIN_SIZE_GET(*msg_word); - ol_rx_addba_handler(pdev->txrx_pdev, peer_id, tid, - win_sz, start_seq_num, - 0 /* success */); + qdf_print("HTT_T2H_MSG_TYPE_RX_ADDBA not supported "); break; } case HTT_T2H_MSG_TYPE_RX_DELBA: { - uint16_t peer_id; - uint8_t tid; - - peer_id = HTT_RX_DELBA_PEER_ID_GET(*msg_word); - tid = HTT_RX_DELBA_TID_GET(*msg_word); - ol_rx_delba_handler(pdev->txrx_pdev, peer_id, tid); + qdf_print("HTT_T2H_MSG_TYPE_RX_DELBA not supported "); break; } case HTT_T2H_MSG_TYPE_PEER_MAP: @@ -702,6 +681,8 @@ void htt_t2h_msg_handler(void *context, HTC_PACKET *pkt) { unsigned int num_mpdu_ranges; unsigned int num_msdu_bytes; + unsigned int calculated_msg_len; + unsigned int rx_mpdu_range_offset_bytes; uint16_t peer_id; uint8_t tid; int msg_len = qdf_nbuf_len(htt_t2h_msg); @@ -733,18 +714,46 @@ void htt_t2h_msg_handler(void *context, HTC_PACKET *pkt) * 1 word for every 4 MSDU bytes (round up), * 1 word for the MPDU range header */ + rx_mpdu_range_offset_bytes = + (HTT_RX_IND_HDR_BYTES + num_msdu_bytes + 3); + if (qdf_unlikely(num_msdu_bytes > + rx_mpdu_range_offset_bytes)) { + qdf_print("HTT_T2H_MSG_TYPE_RX_IND, invalid num_msdu_bytes %u\n", + num_msdu_bytes); + WARN_ON(1); + break; + } pdev->rx_mpdu_range_offset_words = - (HTT_RX_IND_HDR_BYTES + num_msdu_bytes + 3) >> 2; + rx_mpdu_range_offset_bytes >> 2; num_mpdu_ranges = HTT_RX_IND_NUM_MPDU_RANGES_GET(*(msg_word + 1)); pdev->rx_ind_msdu_byte_idx = 0; - if (qdf_unlikely(pdev->rx_mpdu_range_offset_words + (num_mpdu_ranges * 4) > msg_len)) { - qdf_print("HTT_T2H_MSG_TYPE_RX_IND, invalid mpdu_ranges %d\n", - num_mpdu_ranges); + if (qdf_unlikely(rx_mpdu_range_offset_bytes > + msg_len)) { + qdf_print("HTT_T2H_MSG_TYPE_RX_IND, invalid rx_mpdu_range_offset_words %d\n", + pdev->rx_mpdu_range_offset_words); + WARN_ON(1); + break; + } + calculated_msg_len = rx_mpdu_range_offset_bytes + + (num_mpdu_ranges * (int)sizeof(uint32_t)); + /* + * Check that the addition and multiplication + * do not cause integer overflow + */ + if (qdf_unlikely(calculated_msg_len < + rx_mpdu_range_offset_bytes)) { + qdf_print("HTT_T2H_MSG_TYPE_RX_IND, invalid num_mpdu_ranges %u\n", + (num_mpdu_ranges * (int)sizeof(uint32_t))); + WARN_ON(1); + break; + } + if (qdf_unlikely(calculated_msg_len > msg_len)) { + qdf_print("HTT_T2H_MSG_TYPE_RX_IND, invalid offset_words + mpdu_ranges %u\n", + calculated_msg_len); WARN_ON(1); break; } - ol_rx_indication_handler(pdev->txrx_pdev, htt_t2h_msg, peer_id, tid, num_mpdu_ranges); @@ -993,6 +1002,7 @@ void htt_t2h_msg_handler_fast(void *context, qdf_nbuf_t *cmpl_msdus, unsigned int num_mpdu_ranges; unsigned int num_msdu_bytes; unsigned int calculated_msg_len; + unsigned int rx_mpdu_range_offset_bytes; u_int16_t peer_id; u_int8_t tid; msg_len = qdf_nbuf_len(htt_t2h_msg); @@ -1017,21 +1027,29 @@ void htt_t2h_msg_handler_fast(void *context, qdf_nbuf_t *cmpl_msdus, * 1 word for every 4 MSDU bytes (round up), * 1 word for the MPDU range header */ + rx_mpdu_range_offset_bytes = + (HTT_RX_IND_HDR_BYTES + num_msdu_bytes + 3); + if (qdf_unlikely(num_msdu_bytes > + rx_mpdu_range_offset_bytes)) { + qdf_print("HTT_T2H_MSG_TYPE_RX_IND, invalid num_msdu_bytes %u\n", + num_msdu_bytes); + WARN_ON(1); + break; + } pdev->rx_mpdu_range_offset_words = - (HTT_RX_IND_HDR_BYTES + num_msdu_bytes + 3) >> - 2; + rx_mpdu_range_offset_bytes >> 2; num_mpdu_ranges = HTT_RX_IND_NUM_MPDU_RANGES_GET(*(msg_word + 1)); pdev->rx_ind_msdu_byte_idx = 0; - if (qdf_unlikely(pdev->rx_mpdu_range_offset_words > + if (qdf_unlikely(rx_mpdu_range_offset_bytes > msg_len)) { qdf_print("HTT_T2H_MSG_TYPE_RX_IND, invalid rx_mpdu_range_offset_words %d\n", pdev->rx_mpdu_range_offset_words); WARN_ON(1); break; } - calculated_msg_len = pdev->rx_mpdu_range_offset_words + + calculated_msg_len = rx_mpdu_range_offset_bytes + (num_mpdu_ranges * (int)sizeof(uint32_t)); /* @@ -1039,8 +1057,8 @@ void htt_t2h_msg_handler_fast(void *context, qdf_nbuf_t *cmpl_msdus, * do not cause integer overflow */ if (qdf_unlikely(calculated_msg_len < - pdev->rx_mpdu_range_offset_words)) { - qdf_print("HTT_T2H_MSG_TYPE_RX_IND, invalid mpdu_ranges %u\n", + rx_mpdu_range_offset_bytes)) { + qdf_print("HTT_T2H_MSG_TYPE_RX_IND, invalid num_mpdu_ranges %u\n", (num_mpdu_ranges * (int)sizeof(uint32_t))); WARN_ON(1); diff --git a/core/dp/htt/htt_tx.c b/core/dp/htt/htt_tx.c index 2460b1fde197..343771507511 100644 --- a/core/dp/htt/htt_tx.c +++ b/core/dp/htt/htt_tx.c @@ -1724,7 +1724,7 @@ htt_tx_desc_init(htt_pdev_handle pdev, (struct htt_host_tx_desc_t *) (((char *)htt_tx_desc) - HTT_TX_DESC_VADDR_OFFSET); bool desc_ext_required = (type != EXT_HEADER_NOT_PRESENT); - uint16_t channel_freq; + int channel_freq; void *qdf_ctx = cds_get_context(QDF_MODULE_ID_QDF_DEVICE); QDF_STATUS status; @@ -1821,7 +1821,7 @@ htt_tx_desc_init(htt_pdev_handle pdev, */ local_word3 = HTT_INVALID_PEER; channel_freq = htt_get_channel_freq(type, ext_header_data); - if (channel_freq != HTT_INVALID_CHANNEL) + if (channel_freq != HTT_INVALID_CHANNEL && channel_freq > 0) HTT_TX_DESC_CHAN_FREQ_SET(local_word3, channel_freq); #if HTT_PADDR64 *word4 = local_word3; diff --git a/core/dp/ol/inc/ol_txrx_ctrl_api.h b/core/dp/ol/inc/ol_txrx_ctrl_api.h index 4b8d3dd95776..c2315b96c312 100644 --- a/core/dp/ol/inc/ol_txrx_ctrl_api.h +++ b/core/dp/ol/inc/ol_txrx_ctrl_api.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -490,7 +490,6 @@ QDF_STATUS ol_txrx_get_vdevid(struct ol_txrx_peer_t *peer, uint8_t *vdev_id); void *ol_txrx_get_vdev_by_sta_id(uint8_t sta_id); #define OL_TXRX_INVALID_LOCAL_PEER_ID 0xffff -#define OL_TXRX_INVALID_TDLS_PEER_ID 0xff #define OL_TXRX_RSSI_INVALID 0xffff /** diff --git a/core/dp/ol/inc/ol_txrx_htt_api.h b/core/dp/ol/inc/ol_txrx_htt_api.h index e2b477bd5044..da5b066a742d 100644 --- a/core/dp/ol/inc/ol_txrx_htt_api.h +++ b/core/dp/ol/inc/ol_txrx_htt_api.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -493,47 +493,6 @@ ol_rx_sec_ind_handler(ol_txrx_pdev_handle pdev, enum htt_sec_type sec_type, int is_unicast, uint32_t *michael_key, uint32_t *rx_pn); -/** - * @brief Process an ADDBA message sent by the target. - * @details - * When the target notifies the host of an ADDBA event for a specified - * peer-TID, the host will set up the rx reordering state for the peer-TID. - * Specifically, the host will create a rx reordering array whose length - * is based on the window size specified in the ADDBA. - * - * @param pdev - data physical device handle - * (registered with HTT as a context pointer during attach time) - * @param peer_id - which peer the ADDBA event is for - * @param tid - which traffic ID within the peer the ADDBA event is for - * @param win_sz - how many sequence numbers are in the ARQ block ack window - * set up by the ADDBA event - * @param start_seq_num - the initial value of the sequence number during the - * block ack agreement, as specified by the ADDBA request. - * @param failed - indicate whether the target's ADDBA setup succeeded: - * 0 -> success, 1 -> fail - */ -void -ol_rx_addba_handler(ol_txrx_pdev_handle pdev, - uint16_t peer_id, - uint8_t tid, - uint8_t win_sz, uint16_t start_seq_num, uint8_t failed); - -/** - * @brief Process a DELBA message sent by the target. - * @details - * When the target notifies the host of a DELBA event for a specified - * peer-TID, the host will clean up the rx reordering state for the peer-TID. - * Specifically, the host will remove the rx reordering array, and will - * set the reorder window size to be 1 (stop and go ARQ). - * - * @param pdev - data physical device handle - * (registered with HTT as a context pointer during attach time) - * @param peer_id - which peer the ADDBA event is for - * @param tid - which traffic ID within the peer the ADDBA event is for - */ -void -ol_rx_delba_handler(ol_txrx_pdev_handle pdev, uint16_t peer_id, uint8_t tid); - enum htt_rx_flush_action { htt_rx_flush_release, htt_rx_flush_discard, diff --git a/core/dp/ol/inc/ol_txrx_osif_api.h b/core/dp/ol/inc/ol_txrx_osif_api.h index fff4da3d1bda..eea3d384d437 100644 --- a/core/dp/ol/inc/ol_txrx_osif_api.h +++ b/core/dp/ol/inc/ol_txrx_osif_api.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, 2014-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2012, 2014-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -69,7 +69,9 @@ qdf_nbuf_t ol_txrx_osif_tso_segment(ol_txrx_vdev_handle txrx_vdev, int max_seg_payload_bytes, qdf_nbuf_t jumbo_tcp_frame); -qdf_nbuf_t ol_tx_data(ol_txrx_vdev_handle data_vdev, qdf_nbuf_t skb); +qdf_nbuf_t ol_tx_data(ol_txrx_vdev_handle data_vdev, + qdf_nbuf_t skb, + bool notify_tx_comp); void ol_rx_data_process(struct ol_txrx_peer_t *peer, qdf_nbuf_t rx_buf_list); diff --git a/core/dp/txrx/ol_rx.c b/core/dp/txrx/ol_rx.c index ad843f8846af..92bf922e81e3 100644 --- a/core/dp/txrx/ol_rx.c +++ b/core/dp/txrx/ol_rx.c @@ -1427,9 +1427,7 @@ void ol_rx_peer_init(struct ol_txrx_pdev_t *pdev, struct ol_txrx_peer_t *peer) peer->keyinstalled = 0; peer->last_assoc_rcvd = 0; - peer->last_disassoc_rcvd = 0; - peer->last_deauth_rcvd = 0; - + peer->last_disassoc_deauth_rcvd = 0; qdf_atomic_init(&peer->fw_pn_check); } @@ -1438,8 +1436,7 @@ ol_rx_peer_cleanup(struct ol_txrx_vdev_t *vdev, struct ol_txrx_peer_t *peer) { peer->keyinstalled = 0; peer->last_assoc_rcvd = 0; - peer->last_disassoc_rcvd = 0; - peer->last_deauth_rcvd = 0; + peer->last_disassoc_deauth_rcvd = 0; ol_rx_reorder_peer_cleanup(vdev, peer); } diff --git a/core/dp/txrx/ol_rx_fwd.c b/core/dp/txrx/ol_rx_fwd.c index f33db7424a81..ebc15b7206d9 100644 --- a/core/dp/txrx/ol_rx_fwd.c +++ b/core/dp/txrx/ol_rx_fwd.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, 2014-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011, 2014-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -124,7 +124,7 @@ static inline void ol_rx_fwd_to_tx(struct ol_txrx_vdev_t *vdev, qdf_nbuf_t msdu) qdf_mem_set(msdu->cb, sizeof(msdu->cb), 0); /* update any cb field expected by OL_TX_SEND */ - msdu = OL_TX_SEND(vdev, msdu); + msdu = OL_TX_SEND(vdev, msdu, 0); if (msdu) { /* diff --git a/core/dp/txrx/ol_rx_reorder.c b/core/dp/txrx/ol_rx_reorder.c index 3fc22b72a126..b9dccff83b8e 100644 --- a/core/dp/txrx/ol_rx_reorder.c +++ b/core/dp/txrx/ol_rx_reorder.c @@ -38,24 +38,12 @@ #include <ol_rx_defrag.h> /*=== data types and defines ===*/ -#define OL_RX_REORDER_ROUND_PWR2(value) g_log2ceil[value] + +/*---*/ /*=== global variables ===*/ -static char g_log2ceil[] = { - 1, /* 0 -> 1 */ - 1, /* 1 -> 1 */ - 2, /* 2 -> 2 */ - 4, 4, /* 3-4 -> 4 */ - 8, 8, 8, 8, /* 5-8 -> 8 */ - 16, 16, 16, 16, 16, 16, 16, 16, /* 9-16 -> 16 */ - 32, 32, 32, 32, 32, 32, 32, 32, - 32, 32, 32, 32, 32, 32, 32, 32, /* 17-32 -> 32 */ - 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, /* 33-64 -> 64 */ -}; +/*---*/ /*=== function definitions ===*/ @@ -519,91 +507,6 @@ ol_rx_reorder_peer_cleanup(struct ol_txrx_vdev_t *vdev, /* functions called by HTT */ void -ol_rx_addba_handler(ol_txrx_pdev_handle pdev, - uint16_t peer_id, - uint8_t tid, - uint8_t win_sz, uint16_t start_seq_num, uint8_t failed) -{ - uint8_t round_pwr2_win_sz; - unsigned int array_size; - struct ol_txrx_peer_t *peer; - struct ol_rx_reorder_t *rx_reorder; - - if (tid >= OL_TXRX_NUM_EXT_TIDS) { - ol_txrx_err("%s: invalid tid, %u\n", __FUNCTION__, tid); - WARN_ON(1); - return; - } - - peer = ol_txrx_peer_find_by_id(pdev, peer_id); - if (peer == NULL) - return; - - if (pdev->cfg.host_addba) { - ol_ctrl_rx_addba_complete(pdev->ctrl_pdev, - &peer->mac_addr.raw[0], tid, failed); - } - if (failed) - return; - - peer->tids_last_seq[tid] = IEEE80211_SEQ_MAX; /* invalid */ - rx_reorder = &peer->tids_rx_reorder[tid]; - - TXRX_ASSERT2(win_sz <= 64); - rx_reorder->win_sz = win_sz; - round_pwr2_win_sz = OL_RX_REORDER_ROUND_PWR2(win_sz); - array_size = - round_pwr2_win_sz * sizeof(struct ol_rx_reorder_array_elem_t); - rx_reorder->array = qdf_mem_malloc(array_size); - TXRX_ASSERT1(rx_reorder->array); - - rx_reorder->win_sz_mask = round_pwr2_win_sz - 1; - rx_reorder->num_mpdus = 0; - - peer->tids_next_rel_idx[tid] = - OL_RX_REORDER_IDX_INIT(start_seq_num, rx_reorder->win_sz, - rx_reorder->win_sz_mask); -} - -void -ol_rx_delba_handler(ol_txrx_pdev_handle pdev, uint16_t peer_id, uint8_t tid) -{ - struct ol_txrx_peer_t *peer; - struct ol_rx_reorder_t *rx_reorder; - - if (tid >= OL_TXRX_NUM_EXT_TIDS) { - ol_txrx_err("%s: invalid tid, %u\n", __FUNCTION__, tid); - WARN_ON(1); - return; - } - - peer = ol_txrx_peer_find_by_id(pdev, peer_id); - if (peer == NULL) - return; - - peer->tids_next_rel_idx[tid] = INVALID_REORDER_INDEX; - rx_reorder = &peer->tids_rx_reorder[tid]; - - /* check that there really was a block ack agreement */ - TXRX_ASSERT1(rx_reorder->win_sz_mask != 0); - /* - * Deallocate the old rx reorder array. - * The call to ol_rx_reorder_init below - * will reset rx_reorder->array to point to - * the single-element statically-allocated reorder array - * used for non block-ack cases. - */ - if (rx_reorder->array != &rx_reorder->base) { - ol_txrx_dbg("%s, delete reorder array, tid:%d\n", - __func__, tid); - qdf_mem_free(rx_reorder->array); - } - - /* set up the TID with default parameters (ARQ window size = 1) */ - ol_rx_reorder_init(rx_reorder, tid); -} - -void ol_rx_flush_handler(ol_txrx_pdev_handle pdev, uint16_t peer_id, uint8_t tid, diff --git a/core/dp/txrx/ol_tx.c b/core/dp/txrx/ol_tx.c index e08ebab8e82b..ccd87818817e 100644 --- a/core/dp/txrx/ol_tx.c +++ b/core/dp/txrx/ol_tx.c @@ -239,10 +239,12 @@ static inline uint8_t ol_tx_prepare_tso(ol_txrx_vdev_handle vdev, * ol_tx_data() - send data frame * @vdev: virtual device handle * @skb: skb + * @notify_tx_comp: whether OTA to be notified * * Return: skb/NULL for success */ -qdf_nbuf_t ol_tx_data(ol_txrx_vdev_handle vdev, qdf_nbuf_t skb) +qdf_nbuf_t ol_tx_data(ol_txrx_vdev_handle vdev, qdf_nbuf_t skb, + bool notify_tx_comp) { struct ol_txrx_pdev_t *pdev; qdf_nbuf_t ret; @@ -268,7 +270,7 @@ qdf_nbuf_t ol_tx_data(ol_txrx_vdev_handle vdev, qdf_nbuf_t skb) /* Terminate the (single-element) list of tx frames */ qdf_nbuf_set_next(skb, NULL); - ret = OL_TX_SEND(vdev, skb); + ret = OL_TX_SEND(vdev, skb, notify_tx_comp); if (ret) { ol_txrx_dbg("%s: Failed to tx", __func__); return ret; @@ -312,7 +314,7 @@ qdf_nbuf_t ol_tx_send_ipa_data_frame(void *vdev, */ qdf_net_buf_debug_acquire_skb(skb, __FILE__, __LINE__); - ret = OL_TX_SEND((struct ol_txrx_vdev_t *)vdev, skb); + ret = OL_TX_SEND((struct ol_txrx_vdev_t *)vdev, skb, 0); if (ret) { ol_txrx_dbg("%s: Failed to tx", __func__); return ret; @@ -375,7 +377,8 @@ static uint32_t ol_tx_tso_get_stats_idx(struct ol_txrx_pdev_t *pdev) #endif #if defined(FEATURE_TSO) -qdf_nbuf_t ol_tx_ll(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) +qdf_nbuf_t ol_tx_ll(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp) { qdf_nbuf_t msdu = msdu_list; struct ol_txrx_msdu_info_t msdu_info; @@ -473,7 +476,8 @@ qdf_nbuf_t ol_tx_ll(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) } #else /* TSO */ -qdf_nbuf_t ol_tx_ll(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) +qdf_nbuf_t ol_tx_ll(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp) { qdf_nbuf_t msdu = msdu_list; struct ol_txrx_msdu_info_t msdu_info; @@ -709,7 +713,8 @@ ol_tx_prepare_ll_fast(struct ol_txrx_pdev_t *pdev, * Return: on success return NULL, pointer to nbuf when it fails to send. */ qdf_nbuf_t -ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) +ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp) { qdf_nbuf_t msdu = msdu_list; struct ol_txrx_pdev_t *pdev = vdev->pdev; @@ -823,6 +828,10 @@ ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) htt_tx_desc_display(tx_desc->htt_tx_desc); + if (!msdu_info.tso_info.is_tso) + tx_desc->notify_tx_comp = + notify_tx_comp; + /* mark the relevant tso_seg free-able */ if (msdu_info.tso_info.curr_seg) { msdu_info.tso_info.curr_seg-> @@ -890,7 +899,8 @@ ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) } #else qdf_nbuf_t -ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) +ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp) { qdf_nbuf_t msdu = msdu_list; struct ol_txrx_pdev_t *pdev = vdev->pdev; @@ -955,6 +965,8 @@ ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) pkt_download_len += sizeof(struct htt_tx_msdu_desc_ext_t); + tx_desc->notify_tx_comp = notify_tx_comp; + htt_tx_desc_display(tx_desc->htt_tx_desc); /* * The netbuf may get linked into a different list @@ -991,23 +1003,25 @@ ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) * */ qdf_nbuf_t -ol_tx_ll_wrapper(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) +ol_tx_ll_wrapper(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp) { struct hif_opaque_softc *hif_device = (struct hif_opaque_softc *)cds_get_context(QDF_MODULE_ID_HIF); if (qdf_likely(hif_device && hif_is_fastpath_mode_enabled(hif_device))) - msdu_list = ol_tx_ll_fast(vdev, msdu_list); + msdu_list = ol_tx_ll_fast(vdev, msdu_list, notify_tx_comp); else - msdu_list = ol_tx_ll(vdev, msdu_list); + msdu_list = ol_tx_ll(vdev, msdu_list, notify_tx_comp); return msdu_list; } #else qdf_nbuf_t -ol_tx_ll_wrapper(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) +ol_tx_ll_wrapper(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp) { - return ol_tx_ll(vdev, msdu_list); + return ol_tx_ll(vdev, msdu_list, notify_tx_comp); } #endif /* WLAN_FEATURE_FASTPATH */ @@ -1057,7 +1071,7 @@ static void ol_tx_vdev_ll_pause_queue_send_base(struct ol_txrx_vdev_t *vdev) qdf_nbuf_set_next(tx_msdu, NULL); QDF_NBUF_UPDATE_TX_PKT_COUNT(tx_msdu, QDF_NBUF_TX_PKT_TXRX_DEQUEUE); - tx_msdu = ol_tx_ll_wrapper(vdev, tx_msdu); + tx_msdu = ol_tx_ll_wrapper(vdev, tx_msdu, 0); /* * It is unexpected that ol_tx_ll would reject the frame * since we checked that there's room for it, though @@ -1134,7 +1148,8 @@ ol_tx_vdev_pause_queue_append(struct ol_txrx_vdev_t *vdev, * Store up the tx frame in the vdev's tx queue if the vdev is paused. * If there are too many frames in the tx queue, reject it. */ -qdf_nbuf_t ol_tx_ll_queue(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) +qdf_nbuf_t ol_tx_ll_queue(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp) { uint16_t eth_type; uint32_t paused_reason; @@ -1153,7 +1168,8 @@ qdf_nbuf_t ol_tx_ll_queue(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) (((struct ethernet_hdr_t *) qdf_nbuf_data(msdu_list))->ethertype[1]); if (ETHERTYPE_IS_EAPOL_WAPI(eth_type)) { - msdu_list = ol_tx_ll_wrapper(vdev, msdu_list); + msdu_list = + ol_tx_ll_wrapper(vdev, msdu_list, 0); return msdu_list; } } @@ -1187,7 +1203,7 @@ qdf_nbuf_t ol_tx_ll_queue(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) * not paused, no throttle and no backlog - * send the new frames */ - msdu_list = ol_tx_ll_wrapper(vdev, msdu_list); + msdu_list = ol_tx_ll_wrapper(vdev, msdu_list, 0); } } return msdu_list; @@ -1251,7 +1267,7 @@ void ol_tx_pdev_ll_pause_queue_send_all(struct ol_txrx_pdev_t *pdev) vdev->ll_pause.txq.tail = NULL; qdf_nbuf_set_next(tx_msdu, NULL); - tx_msdu = ol_tx_ll_wrapper(vdev, tx_msdu); + tx_msdu = ol_tx_ll_wrapper(vdev, tx_msdu, 0); /* * It is unexpected that ol_tx_ll would reject * the frame, since we checked that there's @@ -1955,7 +1971,8 @@ MSDU_LOOP_BOTTOM: } qdf_nbuf_t -ol_tx_hl(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) +ol_tx_hl(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp) { struct ol_txrx_pdev_t *pdev = vdev->pdev; int tx_comp_req = pdev->cfg.default_tx_comp_req; diff --git a/core/dp/txrx/ol_tx.h b/core/dp/txrx/ol_tx.h index 7eb71ea38eb2..f6ae56790481 100644 --- a/core/dp/txrx/ol_tx.h +++ b/core/dp/txrx/ol_tx.h @@ -30,13 +30,17 @@ #include <ol_txrx_types.h> /* ol_tx_desc_t, ol_txrx_msdu_info_t */ -qdf_nbuf_t ol_tx_ll(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list); -qdf_nbuf_t ol_tx_ll_wrapper(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list); +qdf_nbuf_t ol_tx_ll(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp); +qdf_nbuf_t ol_tx_ll_wrapper(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp); #ifdef WLAN_FEATURE_FASTPATH -qdf_nbuf_t ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list); +qdf_nbuf_t ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp); #endif -qdf_nbuf_t ol_tx_ll_queue(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list); +qdf_nbuf_t ol_tx_ll_queue(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp); #ifdef CONFIG_HL_SUPPORT #define OL_TX_SEND ol_tx_hl @@ -79,11 +83,12 @@ ol_tx_non_std_hl(ol_txrx_vdev_handle data_vdev, * ol_tx_hl() - transmit tx frames for a HL system. * @vdev: the virtual device transmit the data * @msdu_list: the tx frames to send + * @notify_tx_comp: is OTA to be notified * * Return: NULL if all MSDUs are accepted */ qdf_nbuf_t -ol_tx_hl(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list); +ol_tx_hl(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, bool notify_tx_comp); qdf_nbuf_t ol_tx_non_std_ll(ol_txrx_vdev_handle data_vdev, diff --git a/core/dp/txrx/ol_tx_desc.c b/core/dp/txrx/ol_tx_desc.c index e8e150536ff0..0232296e745d 100644 --- a/core/dp/txrx/ol_tx_desc.c +++ b/core/dp/txrx/ol_tx_desc.c @@ -415,6 +415,7 @@ static void ol_tx_desc_free_common(struct ol_txrx_pdev_t *pdev, /* clear the ref cnt */ qdf_atomic_init(&tx_desc->ref_cnt); tx_desc->vdev_id = OL_TXRX_INVALID_VDEV_ID; + tx_desc->notify_tx_comp = 0; } #ifndef QCA_LL_TX_FLOW_CONTROL_V2 diff --git a/core/dp/txrx/ol_tx_queue.c b/core/dp/txrx/ol_tx_queue.c index 2816824e57b6..e35ab046a421 100644 --- a/core/dp/txrx/ol_tx_queue.c +++ b/core/dp/txrx/ol_tx_queue.c @@ -1735,7 +1735,7 @@ void ol_txrx_vdev_unpause(ol_txrx_vdev_handle vdev, uint32_t reason) vdev->ll_pause.is_q_paused = false; vdev->ll_pause.q_unpause_cnt++; qdf_spin_unlock_bh(&vdev->ll_pause.mutex); - ol_tx_vdev_ll_pause_queue_send(vdev); + ol_tx_vdev_ll_pause_queue_send((unsigned long) vdev); } else { qdf_spin_unlock_bh(&vdev->ll_pause.mutex); } @@ -2008,7 +2008,7 @@ static void ol_tx_pdev_throttle_phase_timer(unsigned long context) } #ifdef QCA_LL_LEGACY_TX_FLOW_CONTROL -static void ol_tx_pdev_throttle_tx_timer(void *context) +static void ol_tx_pdev_throttle_tx_timer(unsigned long context) { struct ol_txrx_pdev_t *pdev = (struct ol_txrx_pdev_t *)context; diff --git a/core/dp/txrx/ol_tx_send.c b/core/dp/txrx/ol_tx_send.c index 9fcf10c9d9f0..71fcda87da90 100644 --- a/core/dp/txrx/ol_tx_send.c +++ b/core/dp/txrx/ol_tx_send.c @@ -575,6 +575,41 @@ void ol_tx_flow_pool_unlock(struct ol_tx_desc_t *tx_desc) #endif /** + * ol_tx_notify_completion() - Notify tx completion for this desc + * @tx_desc: tx desc + * @netbuf: buffer + * + * Return: none + */ +static void ol_tx_notify_completion(struct ol_tx_desc_t *tx_desc, + qdf_nbuf_t netbuf) +{ + void *osif_dev; + ol_txrx_completion_fp tx_compl_cbk = NULL; + + qdf_assert(tx_desc); + + ol_tx_flow_pool_lock(tx_desc); + /* + * In cases when vdev has gone down and tx completion + * are received, leads to NULL vdev access. + * So, check for NULL before dereferencing it. + */ + if (!tx_desc->vdev || + !tx_desc->vdev->osif_dev || + !tx_desc->vdev->tx_comp || + !tx_desc->notify_tx_comp) { + ol_tx_flow_pool_unlock(tx_desc); + return; + } + osif_dev = tx_desc->vdev->osif_dev; + tx_compl_cbk = tx_desc->vdev->tx_comp; + ol_tx_flow_pool_unlock(tx_desc); + + tx_compl_cbk(netbuf, osif_dev); +} + +/** * ol_tx_update_connectivity_stats() - update connectivity stats * @tx_desc: tx desc * @netbuf: buffer @@ -772,6 +807,9 @@ ol_tx_completion_handler(ol_txrx_pdev_handle pdev, ol_tx_update_arp_stats(tx_desc, netbuf, status); } + /* check tx completion notification */ + ol_tx_notify_completion(tx_desc, netbuf); + /* track connectivity stats */ ol_tx_update_connectivity_stats(tx_desc, netbuf, status); diff --git a/core/dp/txrx/ol_txrx.c b/core/dp/txrx/ol_txrx.c index 8b6adcd73bd4..049f548598c8 100644 --- a/core/dp/txrx/ol_txrx.c +++ b/core/dp/txrx/ol_txrx.c @@ -1461,6 +1461,7 @@ ol_txrx_pdev_attach(ol_pdev_handle ctrl_pdev, ol_txrx_tso_stats_init(pdev); TAILQ_INIT(&pdev->vdev_list); + TAILQ_INIT(&pdev->roam_stale_peer_list); TAILQ_INIT(&pdev->req_list); pdev->req_list_depth = 0; @@ -1559,7 +1560,7 @@ void htt_pkt_log_init(struct ol_txrx_pdev_t *handle, void *scn) * * Return: void */ -static void htt_pktlogmod_exit(struct ol_txrx_pdev_t *handle, void *scn) +void htt_pktlogmod_exit(struct ol_txrx_pdev_t *handle, void *scn) { if (scn && cds_get_conparam() != QDF_GLOBAL_FTM_MODE && !QDF_IS_EPPING_ENABLED(cds_get_conparam()) && @@ -1570,7 +1571,7 @@ static void htt_pktlogmod_exit(struct ol_txrx_pdev_t *handle, void *scn) } #else void htt_pkt_log_init(ol_txrx_pdev_handle handle, void *ol_sc) { } -static void htt_pktlogmod_exit(ol_txrx_pdev_handle handle, void *sc) { } +void htt_pktlogmod_exit(ol_txrx_pdev_handle handle, void *sc) { } #endif /** @@ -2468,6 +2469,7 @@ void ol_txrx_vdev_register(ol_txrx_vdev_handle vdev, vdev->osif_dev = osif_vdev; vdev->rx = txrx_ops->rx.rx; vdev->stats_rx = txrx_ops->rx.stats_rx; + vdev->tx_comp = txrx_ops->tx.tx_comp; txrx_ops->tx.tx = ol_tx_data; } @@ -3501,6 +3503,32 @@ ol_txrx_peer_qoscapable_get(struct ol_txrx_pdev_t *txrx_pdev, uint16_t peer_id) return 0; } +bool ol_txrx_is_peer_eligible_for_deletion(ol_txrx_peer_handle peer, + struct ol_txrx_pdev_t *pdev) +{ + bool peerdel = true; + u_int16_t peer_id; + int i; + + for (i = 0; i < MAX_NUM_PEER_ID_PER_PEER; i++) { + peer_id = peer->peer_ids[i]; + + if (!pdev->peer_id_to_obj_map[peer_id].peer_ref) + continue; + + if (pdev->peer_id_to_obj_map[peer_id].peer_ref != peer) + continue; + + if (qdf_atomic_read(&pdev->peer_id_to_obj_map[peer_id]. + del_peer_id_ref_cnt)) { + peerdel = false; + break; + } + + pdev->peer_id_to_obj_map[peer_id].peer_ref = NULL; + } + return peerdel; +} int ol_txrx_peer_unref_delete(ol_txrx_peer_handle peer, const char *fname, int line) @@ -3683,7 +3711,32 @@ int ol_txrx_peer_unref_delete(ol_txrx_peer_handle peer, } } - qdf_mem_free(peer); + qdf_spin_lock_bh(&pdev->peer_map_unmap_lock); + if (ol_txrx_is_peer_eligible_for_deletion(peer, pdev)) { + qdf_mem_free(peer); + } else { + /* + * Mark this PEER as a stale peer, to be deleted + * during PEER UNMAP. Remove this peer from + * roam_stale_peer_list during UNMAP. + */ + struct ol_txrx_roam_stale_peer_t *roam_stale_peer; + + roam_stale_peer = qdf_mem_malloc( + sizeof(struct ol_txrx_roam_stale_peer_t)); + if (roam_stale_peer) { + roam_stale_peer->peer = peer; + TAILQ_INSERT_TAIL(&pdev->roam_stale_peer_list, + roam_stale_peer, + next_stale_entry); + } else { + QDF_TRACE(QDF_MODULE_ID_TXRX, + QDF_TRACE_LEVEL_ERROR, + "[%s][%d]: No memory allocated", + fname, line); + } + } + qdf_spin_unlock_bh(&pdev->peer_map_unmap_lock); } else { qdf_spin_unlock_bh(&pdev->peer_ref_mutex); QDF_TRACE(QDF_MODULE_ID_TXRX, QDF_TRACE_LEVEL_INFO_HIGH, diff --git a/core/dp/txrx/ol_txrx.h b/core/dp/txrx/ol_txrx.h index 647ba3440e63..c9fd6e0ae761 100644 --- a/core/dp/txrx/ol_txrx.h +++ b/core/dp/txrx/ol_txrx.h @@ -32,6 +32,15 @@ #define OL_TXRX_PEER_UNREF_DELETE(peer) \ ol_txrx_peer_unref_delete(peer, __func__, __LINE__) +/* ol_txrx_is_peer_eligible_for_deletion() - check if peer to be deleted + * @peer: peer handler + * @pdev: pointer to pdev + * + * Return: true if eligible for deletion else false + */ +bool ol_txrx_is_peer_eligible_for_deletion(ol_txrx_peer_handle peer, + struct ol_txrx_pdev_t *pdev); + int ol_txrx_peer_unref_delete(ol_txrx_peer_handle peer, const char *fname, int line); @@ -181,6 +190,7 @@ bool ol_txrx_fwd_desc_thresh_check(struct ol_txrx_vdev_t *vdev); ol_txrx_vdev_handle ol_txrx_get_vdev_from_vdev_id(uint8_t vdev_id); void htt_pkt_log_init(struct ol_txrx_pdev_t *handle, void *scn); +void htt_pktlogmod_exit(struct ol_txrx_pdev_t *handle, void *scn); QDF_STATUS ol_txrx_set_wisa_mode(ol_txrx_vdev_handle vdev, bool enable); void ol_txrx_update_mac_id(uint8_t vdev_id, uint8_t mac_id); diff --git a/core/dp/txrx/ol_txrx_peer_find.c b/core/dp/txrx/ol_txrx_peer_find.c index 1a8da0598f34..3fd5e18a2d90 100644 --- a/core/dp/txrx/ol_txrx_peer_find.c +++ b/core/dp/txrx/ol_txrx_peer_find.c @@ -81,6 +81,41 @@ void __ol_txrx_peer_change_ref_cnt(struct ol_txrx_peer_t *peer, fname, line, peer, change, qdf_atomic_read(&peer->ref_cnt)); } +/** + * ol_txrx_peer_delete_roam_stale_peer() - delete stale peers marked in roaming + * @pdev: pointer to pdev structure + * + * Return: none + */ +void ol_txrx_peer_delete_roam_stale_peer(struct ol_txrx_pdev_t *pdev) +{ + struct ol_txrx_peer_t *peer; + struct ol_txrx_roam_stale_peer_t *stale_peer; + struct ol_txrx_roam_stale_peer_t *stale_peer_next; + u_int16_t peer_id; + int i; + + TAILQ_FOREACH_SAFE(stale_peer, &pdev->roam_stale_peer_list, + next_stale_entry, stale_peer_next) { + peer = stale_peer->peer; + for (i = 0; i < MAX_NUM_PEER_ID_PER_PEER; i++) { + peer_id = peer->peer_ids[i]; + + if (pdev->peer_id_to_obj_map[peer_id].peer_ref != peer) + continue; + + pdev->peer_id_to_obj_map[peer_id].peer_ref = NULL; + qdf_atomic_set(&pdev->peer_id_to_obj_map[peer_id]. + del_peer_id_ref_cnt, 0); + } + qdf_mem_free(peer); + stale_peer->peer = NULL; + TAILQ_REMOVE(&pdev->roam_stale_peer_list, stale_peer, + next_stale_entry); + qdf_mem_free(stale_peer); + } +} + /*=== function definitions for peer MAC addr --> peer object hash table =====*/ /* @@ -271,6 +306,7 @@ void ol_txrx_peer_find_hash_erase(struct ol_txrx_pdev_t *pdev) * Not really necessary to take peer_ref_mutex lock - by this point, * it's known that the pdev is no longer in use. */ + ol_txrx_peer_delete_roam_stale_peer(pdev); for (i = 0; i <= pdev->peer_hash.mask; i++) { if (!TAILQ_EMPTY(&pdev->peer_hash.bins[i])) { @@ -564,10 +600,11 @@ void ol_txrx_peer_tx_ready_handler(ol_txrx_pdev_handle pdev, uint16_t peer_id) void ol_rx_peer_unmap_handler(ol_txrx_pdev_handle pdev, uint16_t peer_id) { struct ol_txrx_peer_t *peer; + struct ol_txrx_roam_stale_peer_t *stale_peer = NULL; + struct ol_txrx_roam_stale_peer_t *stale_peer_next = NULL; int i = 0; int32_t ref_cnt; - if (peer_id == HTT_INVALID_PEER) { ol_txrx_err( "%s: invalid peer ID %d\n", __func__, peer_id); @@ -586,7 +623,28 @@ void ol_rx_peer_unmap_handler(ol_txrx_pdev_handle pdev, uint16_t peer_id) del_peer_id_ref_cnt); ref_cnt = qdf_atomic_read(&pdev->peer_id_to_obj_map[peer_id]. del_peer_id_ref_cnt); + + peer = pdev->peer_id_to_obj_map[peer_id].peer_ref; + if (peer && ol_txrx_is_peer_eligible_for_deletion(peer, pdev)) { + TAILQ_FOREACH_SAFE(stale_peer, + &pdev->roam_stale_peer_list, + next_stale_entry, + stale_peer_next) { + if (stale_peer->peer == peer) { + stale_peer->peer = NULL; + break; + } + } + qdf_mem_free(peer); + if (stale_peer) { + TAILQ_REMOVE(&pdev->roam_stale_peer_list, + stale_peer, + next_stale_entry); + qdf_mem_free(stale_peer); + } + } qdf_spin_unlock_bh(&pdev->peer_map_unmap_lock); + wma_peer_debug_log(DEBUG_INVALID_VDEV_ID, DEBUG_PEER_UNMAP_EVENT, peer_id, NULL, NULL, ref_cnt, 0x101); @@ -699,7 +757,14 @@ void ol_txrx_peer_remove_obj_map_entries(ol_txrx_pdev_handle pdev, num_deleted_maps += peer_id_ref_cnt; pdev->peer_id_to_obj_map[peer_id].peer = NULL; peer->peer_ids[i] = HTT_INVALID_PEER; + + if (peer_id_ref_cnt) + pdev->peer_id_to_obj_map[peer_id].peer_ref = peer; + else + pdev->peer_id_to_obj_map[peer_id].peer_ref = NULL; + } + qdf_spin_unlock_bh(&pdev->peer_map_unmap_lock); if (num_deleted_maps > qdf_atomic_read(&peer->ref_cnt)) { diff --git a/core/dp/txrx/ol_txrx_peer_find.h b/core/dp/txrx/ol_txrx_peer_find.h index 5cb266092d4b..1265ce7858d5 100644 --- a/core/dp/txrx/ol_txrx_peer_find.h +++ b/core/dp/txrx/ol_txrx_peer_find.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, 2015-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011, 2015-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -106,6 +106,8 @@ ol_txrx_peer_find_hash_remove(struct ol_txrx_pdev_t *pdev, void ol_txrx_peer_find_hash_erase(struct ol_txrx_pdev_t *pdev); +void ol_txrx_peer_delete_roam_stale_peer(struct ol_txrx_pdev_t *pdev); + struct ol_txrx_peer_t *ol_txrx_assoc_peer_find(struct ol_txrx_vdev_t *vdev); void ol_txrx_peer_remove_obj_map_entries(ol_txrx_pdev_handle pdev, struct ol_txrx_peer_t *peer); diff --git a/core/dp/txrx/ol_txrx_types.h b/core/dp/txrx/ol_txrx_types.h index 793a5e71d856..572c048f9c02 100644 --- a/core/dp/txrx/ol_txrx_types.h +++ b/core/dp/txrx/ol_txrx_types.h @@ -203,6 +203,7 @@ struct ol_tx_desc_t { #endif void *tso_desc; void *tso_num_desc; + bool notify_tx_comp; }; typedef TAILQ_HEAD(some_struct_name, ol_tx_desc_t) ol_tx_desc_list; @@ -521,6 +522,7 @@ struct ol_tx_flow_pool_t { /* * struct ol_txrx_peer_id_map - Map of firmware peer_ids to peers on host * @peer: Pointer to peer object + * @peer_ref: Pointer to peer marked as stale * @peer_id_ref_cnt: No. of firmware references to the peer_id * @del_peer_id_ref_cnt: No. of outstanding unmap events for peer_id * after the peer object is deleted on the host. @@ -529,6 +531,7 @@ struct ol_tx_flow_pool_t { */ struct ol_txrx_peer_id_map { struct ol_txrx_peer_t *peer; + struct ol_txrx_peer_t *peer_ref; qdf_atomic_t peer_id_ref_cnt; qdf_atomic_t del_peer_id_ref_cnt; }; @@ -666,6 +669,8 @@ struct ol_txrx_pdev_t { int req_list_depth; qdf_spinlock_t req_list_spinlock; + TAILQ_HEAD(, ol_txrx_roam_stale_peer_t) roam_stale_peer_list; + /* peer ID to peer object map (array of pointers to peer objects) */ struct ol_txrx_peer_id_map *peer_id_to_obj_map; @@ -1054,6 +1059,9 @@ struct ol_txrx_vdev_t { ol_txrx_rx_fp rx; /* receive function used by this vdev */ ol_txrx_stats_rx_fp stats_rx; /* receive function used by this vdev */ + /* completion function used by this vdev*/ + ol_txrx_completion_fp tx_comp; + struct { /* * If the vdev object couldn't be deleted immediately because @@ -1221,6 +1229,12 @@ struct ol_txrx_cached_bufq_t { uint32_t dropped; }; +struct ol_txrx_roam_stale_peer_t { + ol_txrx_peer_handle peer; + + TAILQ_ENTRY(ol_txrx_roam_stale_peer_t) next_stale_entry; +}; + struct ol_txrx_peer_t { struct ol_txrx_vdev_t *vdev; @@ -1329,8 +1343,7 @@ struct ol_txrx_peer_t { u_int16_t tx_pause_flag; #endif qdf_time_t last_assoc_rcvd; - qdf_time_t last_disassoc_rcvd; - qdf_time_t last_deauth_rcvd; + qdf_time_t last_disassoc_deauth_rcvd; qdf_atomic_t fw_create_pending; qdf_timer_t peer_unmap_timer; }; diff --git a/core/hdd/inc/wlan_hdd_cfg.h b/core/hdd/inc/wlan_hdd_cfg.h index a89f2e615ae5..c77b839890e8 100644 --- a/core/hdd/inc/wlan_hdd_cfg.h +++ b/core/hdd/inc/wlan_hdd_cfg.h @@ -982,7 +982,7 @@ enum hdd_dot11_mode { #define CFG_SCAN_ALLOW_ADJ_CH_BCN_NAME "allow_adj_chan_bcns" #define CFG_SCAN_ALLOW_ADJ_CH_BCN_MIN (0) #define CFG_SCAN_ALLOW_ADJ_CH_BCN_MAX (1) -#define CFG_SCAN_ALLOW_ADJ_CH_BCN_DEFAULT (0) +#define CFG_SCAN_ALLOW_ADJ_CH_BCN_DEFAULT (1) #ifdef FEATURE_WLAN_EXTSCAN /* @@ -8638,11 +8638,6 @@ enum hdd_link_speed_rpt_type { #define CFG_IGNORE_CAC_MAX (1) #define CFG_IGNORE_CAC_DEFAULT (0) -#define CFG_ENABLE_SAP_DFS_CH_SIFS_BURST_NAME "gEnableSAPDfsChSifsBurst" -#define CFG_ENABLE_SAP_DFS_CH_SIFS_BURST_MIN (0) -#define CFG_ENABLE_SAP_DFS_CH_SIFS_BURST_MAX (1) -#define CFG_ENABLE_SAP_DFS_CH_SIFS_BURST_DEFAULT (1) - #define CFG_DFS_RADAR_PRI_MULTIPLIER_NAME "gDFSradarMappingPriMultiplier" #define CFG_DFS_RADAR_PRI_MULTIPLIER_DEFAULT (4) #define CFG_DFS_RADAR_PRI_MULTIPLIER_MIN (0) @@ -8707,32 +8702,6 @@ enum hdd_link_speed_rpt_type { #define CFG_WLAN_LOGGING_CONSOLE_SUPPORT_DEFAULT (1) #endif /* WLAN_LOGGING_SOCK_SVC_ENABLE */ -/* - * <ini> - * gEnableSifsBurst - Enables Sifs Burst - * @Min: 0 - * @Max: 3 - * @Default: 0 - * - * Sifs burst mode configuration - * 0) disabled - * 1) enabled, but disabled for legacy mode - * 3) enabled - * - * Related: None - * - * Supported Feature: STA - * - * Usage: Internal/External - * - * </ini> - */ - -#define CFG_ENABLE_SIFS_BURST "gEnableSifsBurst" -#define CFG_ENABLE_SIFS_BURST_MIN (0) -#define CFG_ENABLE_SIFS_BURST_MAX (3) -#define CFG_ENABLE_SIFS_BURST_DEFAULT (0) - #ifdef WLAN_FEATURE_LPSS #define CFG_ENABLE_LPASS_SUPPORT "gEnableLpassSupport" #define CFG_ENABLE_LPASS_SUPPORT_DEFAULT (0) @@ -10742,15 +10711,6 @@ enum restart_beaconing_on_ch_avoid_rule { #define CFG_FILTER_MULTICAST_REPLAY_MAX (1) #define CFG_FILTER_MULTICAST_REPLAY_DEFAULT (1) -/* - * This parameter will control SIFS burst duration in FW from 0 to 12 ms. - * Default value is set to 8ms. - */ -#define CFG_SIFS_BURST_DURATION_NAME "g_sifs_burst_duration" -#define CFG_SIFS_BURST_DURATION_MIN (0) -#define CFG_SIFS_BURST_DURATION_MAX (12) -#define CFG_SIFS_BURST_DURATION_DEFAULT (8) - /* Optimize channel avoidance indication comming from firmware */ #define CFG_OPTIMIZE_CA_EVENT_NAME "goptimize_chan_avoid_event" #define CFG_OPTIMIZE_CA_EVENT_DISABLE (0) @@ -14847,7 +14807,7 @@ enum hw_filter_mode { * * @Min: 0x0 * @Max: 0x3F - * @Default: 0x18 + * @Default: 0x17 * * It is a 32 bit value such that the various bits represent as below - * Bit-0 : is Enable/Disable Control for "PPDU Secondary Retry Support" @@ -14865,7 +14825,7 @@ enum hw_filter_mode { #define CFG_ENABLE_SECONDARY_RATE_NAME "gEnableSecondaryRate" #define CFG_ENABLE_SECONDARY_RATE_MIN (0) #define CFG_ENABLE_SECONDARY_RATE_MAX (0x3F) -#define CFG_ENABLE_SECONDARY_RATE_DEFAULT (0x18) +#define CFG_ENABLE_SECONDARY_RATE_DEFAULT (0x17) /*--------------------------------------------------------------------------- Type declarations @@ -15387,7 +15347,6 @@ struct hdd_config { uint8_t gMaxConcurrentActiveSessions; uint8_t ignoreCAC; - bool IsSapDfsChSifsBurstEnabled; #ifdef FEATURE_GREEN_AP bool enableGreenAP; @@ -15416,8 +15375,6 @@ struct hdd_config { bool wlanLoggingToConsole; #endif /* WLAN_LOGGING_SOCK_SVC_ENABLE */ - uint8_t enableSifsBurst; - #ifdef WLAN_FEATURE_LPSS bool enable_lpass_support; #endif @@ -15605,8 +15562,6 @@ struct hdd_config { bool go_force_11n_for_11ac; uint16_t sap_tx_leakage_threshold; bool multicast_replay_filter; - /* parameter for indicating sifs burst duration to fw */ - uint8_t sifs_burst_duration; bool goptimize_chan_avoid_event; bool enable_go_cts2self_for_sta; uint32_t tx_aggregation_size; diff --git a/core/hdd/inc/wlan_hdd_ipa.h b/core/hdd/inc/wlan_hdd_ipa.h index 54813cd7ca04..1db77054de54 100644 --- a/core/hdd/inc/wlan_hdd_ipa.h +++ b/core/hdd/inc/wlan_hdd_ipa.h @@ -162,6 +162,16 @@ void hdd_ipa_uc_info(hdd_context_t *hdd_ctx); */ void hdd_ipa_clean_adapter_iface(hdd_adapter_t *adapter); +/** + * hdd_ipa_uc_disconnect_ap() - send ap disconnect event + * @hdd_ctx: pointer to hdd adapter + * + * Send disconnect ap event to IPA driver during SSR + * + * Return: 0 - Success + */ +int hdd_ipa_uc_disconnect_ap(hdd_adapter_t *adapter); + #else static inline QDF_STATUS hdd_ipa_init(hdd_context_t *hdd_ctx) @@ -343,5 +353,9 @@ static inline void hdd_ipa_clean_adapter_iface(hdd_adapter_t *adapter) { } +static int hdd_ipa_uc_disconnect_ap(hdd_adapter_t *adapter) +{ + return 0; +} #endif /* IPA_OFFLOAD */ #endif /* #ifndef HDD_IPA_H__ */ diff --git a/core/hdd/inc/wlan_hdd_main.h b/core/hdd/inc/wlan_hdd_main.h index 11dcc65582f7..aba1d43d8dfc 100644 --- a/core/hdd/inc/wlan_hdd_main.h +++ b/core/hdd/inc/wlan_hdd_main.h @@ -53,6 +53,7 @@ #include "wlan_hdd_nan_datapath.h" #include "target_if_def_config.h" #include "wlan_hdd_apf.h" +#include <qdf_idr.h> /** Number of Tx Queues */ #ifdef QCA_LL_TX_FLOW_CONTROL_V2 @@ -274,6 +275,9 @@ #define HDD_MOD_EXIT_SSR_MAX_RETRIES 75 #endif +#define HDD_CFG_REQUEST_FIRMWARE_RETRIES (3) +#define HDD_CFG_REQUEST_FIRMWARE_DELAY (20) + #ifdef WLAN_FEATURE_GTK_OFFLOAD #define GTK_OFFLOAD_ENABLE 0 #define GTK_OFFLOAD_DISABLE 1 @@ -287,10 +291,7 @@ #define HDD_MIN_TX_POWER (-100) /* minimum tx power */ #define HDD_MAX_TX_POWER (+100) /* maximum tx power */ -/* FW expects burst duration in 1020*ms */ -#define SIFS_BURST_DUR_MULTIPLIER 1020 -#define SIFS_BURST_DUR_MAX 12240 - +#define HDD_ENABLE_SIFS_BURST_DEFAULT (1) /* If IPA UC data path is enabled, target should reserve extra tx descriptors * for IPA data path. * Then host data path should allow less TX packet pumping in case @@ -789,7 +790,7 @@ typedef struct hdd_remain_on_chan_ctx { struct ieee80211_channel chan; enum nl80211_channel_type chan_type; unsigned int duration; - u64 cookie; + int32_t id; enum rem_on_channel_request_type rem_on_chan_request; qdf_mc_timer_t hdd_remain_on_chan_timer; action_pkt_buffer_t action_pkt_buff; @@ -849,7 +850,7 @@ enum action_frm_type { typedef struct hdd_cfg80211_state_s { uint16_t current_freq; - u64 action_cookie; + int32_t action_id; uint8_t *buf; size_t len; hdd_remain_on_chan_ctx_t *remain_on_chan_ctx; @@ -975,6 +976,33 @@ enum bss_stop_reason { }; /** + * struct dhcp_phase - Per Peer DHCP Phases + * @DHCP_PHASE_ACK: upon receiving DHCP_ACK/NAK message in REQUEST phase or + * DHCP_DELINE message in OFFER phase + * @DHCP_PHASE_DISCOVER: upon receiving DHCP_DISCOVER message in ACK phase + * @DHCP_PHASE_OFFER: upon receiving DHCP_OFFER message in DISCOVER phase + * @DHCP_PHASE_REQUEST: upon receiving DHCP_REQUEST message in OFFER phase or + * ACK phase (Renewal process) + */ +enum dhcp_phase { + DHCP_PHASE_ACK, + DHCP_PHASE_DISCOVER, + DHCP_PHASE_OFFER, + DHCP_PHASE_REQUEST +}; + +/** + * struct dhcp_nego_status - Per Peer DHCP Negotiation Status + * @DHCP_NEGO_STOP: when the peer is in ACK phase or client disassociated + * @DHCP_NEGO_IN_PROGRESS: when the peer is in DISCOVER or REQUEST + * (Renewal process) phase + */ +enum dhcp_nego_status { + DHCP_NEGO_STOP, + DHCP_NEGO_IN_PROGRESS +}; + +/** * typedef struct hdd_station_info_t - Per station structure kept in HDD for * multiple station support for SoftAP * @isUsed: The station entry is used or not @@ -1055,6 +1083,8 @@ typedef struct { struct ieee80211_vht_cap vht_caps; uint32_t reason_code; int8_t rssi; + enum dhcp_phase dhcp_phase; + enum dhcp_nego_status dhcp_nego_status; } hdd_station_info_t; /** @@ -1785,14 +1815,6 @@ struct suspend_resume_stats { }; /** - * struct hdd_nud_stats_context - hdd NUD stats context - * @response_event: NUD stats request wait event - */ -struct hdd_nud_stats_context { - qdf_event_t response_event; -}; - -/** * struct hdd_scan_chan_info - channel info * @freq: radio frequence * @cmd flag: cmd flag @@ -2095,6 +2117,8 @@ struct hdd_context_s { struct delayed_work roc_req_work; qdf_spinlock_t hdd_roc_req_q_lock; qdf_list_t hdd_roc_req_q; + /*QDF ID allocation */ + qdf_idr p2p_idr; qdf_spinlock_t hdd_scan_req_q_lock; qdf_list_t hdd_scan_req_q; uint8_t miracast_value; @@ -2189,7 +2213,6 @@ struct hdd_context_s { uint8_t curr_band; uint32_t no_of_probe_req_ouis; uint32_t *probe_req_voui; - struct hdd_nud_stats_context nud_stats_context; uint8_t bt_a2dp_active:1; uint8_t bt_vo_active:1; #ifdef FEATURE_SPECTRAL_SCAN @@ -2882,19 +2905,6 @@ void wlan_hdd_start_sap(hdd_adapter_t *ap_adapter, bool reinit); void hdd_set_rx_mode_rps(hdd_context_t *hdd_ctx, void *padapter, bool enable); /** - * hdd_init_nud_stats_ctx() - initialize NUD stats context - * @hdd_ctx: Pointer to hdd context - * - * Return: none - */ -static inline void hdd_init_nud_stats_ctx(hdd_context_t *hdd_ctx) -{ - if (qdf_event_create(&hdd_ctx->nud_stats_context.response_event) != - QDF_STATUS_SUCCESS) - hdd_err("NUD stats response event init failed!"); -} - -/** * hdd_dbs_scan_selection_init() - initialization for DBS scan selection config * @hdd_ctx: HDD context * @@ -3148,4 +3158,17 @@ uint32_t hdd_wlan_get_version(hdd_context_t *hdd_ctx, */ void hdd_update_hw_sw_info(hdd_context_t *hdd_ctx); +/** + * hdd_get_nud_stats_cb() - callback api to update the stats received from FW + * @data: pointer to hdd context. + * @rsp: pointer to data received from FW. + * @context: callback context + * + * This is called when wlan driver received response event for + * get arp stats to firmware. + * + * Return: None + */ +void hdd_get_nud_stats_cb(void *data, struct rsp_stats *rsp, void *context); + #endif /* end #if !defined(WLAN_HDD_MAIN_H) */ diff --git a/core/hdd/inc/wlan_hdd_oemdata.h b/core/hdd/inc/wlan_hdd_oemdata.h index c4d7eb948039..580397716691 100644 --- a/core/hdd/inc/wlan_hdd_oemdata.h +++ b/core/hdd/inc/wlan_hdd_oemdata.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2012-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -175,8 +175,27 @@ void hdd_send_peer_status_ind_to_oem_app(struct qdf_mac_addr *peerMac, int iw_get_oem_data_cap(struct net_device *dev, struct iw_request_info *info, union iwreq_data *wrqu, char *extra); +/** + * oem_activate_service() - API to register the oem command handler + * @hdd_ctx: Pointer to HDD Context + * + * This API is used to register the handler to receive netlink message + * from an OEM application process + * + * Return: 0 + */ int oem_activate_service(struct hdd_context_s *hdd_ctx); +/** + * oem_deactivate_service() - API to unregister the oem command handler + * + * This API is used to deregister the handler to receive netlink message + * from an OEM application process + * + * Return: 0 + */ +int oem_deactivate_service(void); + void hdd_send_oem_data_rsp_msg(struct oem_data_rsp *oem_rsp); void hdd_update_channel_bw_info(hdd_context_t *hdd_ctx, uint16_t chan, @@ -186,6 +205,12 @@ static inline int oem_activate_service(struct hdd_context_s *hdd_ctx) { return 0; } + +static inline int oem_deactivate_service(void) +{ + return 0; +} + static inline void hdd_update_channel_bw_info(hdd_context_t *hdd_ctx, uint16_t chan, void *hdd_chan_info) {} diff --git a/core/hdd/inc/wlan_hdd_softap_tx_rx.h b/core/hdd/inc/wlan_hdd_softap_tx_rx.h index 73e2cab90f59..7ea467131d3d 100644 --- a/core/hdd/inc/wlan_hdd_softap_tx_rx.h +++ b/core/hdd/inc/wlan_hdd_softap_tx_rx.h @@ -38,7 +38,7 @@ QDF_STATUS hdd_softap_init_tx_rx_sta(hdd_adapter_t *pAdapter, struct qdf_mac_addr *pmacAddrSTA); QDF_STATUS hdd_softap_deinit_tx_rx_sta(hdd_adapter_t *pAdapter, uint8_t STAId); - +void hdd_softap_notify_tx_compl_cbk(struct sk_buff *skb, void *context); QDF_STATUS hdd_softap_rx_packet_cbk(void *context, qdf_nbuf_t rxBufChain); #ifdef IPA_OFFLOAD QDF_STATUS hdd_softap_rx_mul_packet_cbk(void *cds_context, @@ -80,4 +80,39 @@ void hdd_softap_tx_resume_cb(void *adapter_context, bool tx_resume) } #endif /* QCA_LL_LEGACY_TX_FLOW_CONTROL */ +/** + * hdd_post_dhcp_ind() - Send DHCP START/STOP indication to FW + * @adapter: pointer to hdd adapter + * @sta_id: peer station ID + * @type: WMA message type + * + * Return: None + */ +QDF_STATUS hdd_post_dhcp_ind(hdd_adapter_t *adapter, + uint8_t sta_id, uint16_t type); + +/** + * hdd_softap_notify_dhcp_ind() - Notify SAP for DHCP indication for tx desc + * @context: pointer to HDD context + * @netbuf: pointer to OS packet (sk_buff) + * + * Return: None + */ +void hdd_softap_notify_dhcp_ind(void *context, + struct sk_buff *netbuf); + +/** + * hdd_dhcp_indication() - Send DHCP START/STOP indication to FW + * @adapter: pointer to hdd adapter + * @sta_id: peer station ID + * @skb: pointer to OS packet (sk_buff) + * @dir: direction + * + * Return: true if tx comp is to be notified for skb + */ +bool hdd_dhcp_indication(hdd_adapter_t *adapter, + uint8_t sta_id, + struct sk_buff *skb, + enum qdf_proto_dir dir); + #endif /* end #if !defined(WLAN_HDD_SOFTAP_TX_RX_H) */ diff --git a/core/hdd/src/wlan_hdd_assoc.c b/core/hdd/src/wlan_hdd_assoc.c index 98b481d7db5d..8aa30132d3de 100644 --- a/core/hdd/src/wlan_hdd_assoc.c +++ b/core/hdd/src/wlan_hdd_assoc.c @@ -3251,12 +3251,22 @@ static QDF_STATUS hdd_association_completion_handler(hdd_adapter_t *pAdapter, hdd_conn_set_connection_state(pAdapter, eConnectionState_NotConnected); } + hdd_wmm_init(pAdapter); hdd_debug("Disabling queues"); wlan_hdd_netif_queue_control(pAdapter, WLAN_STOP_ALL_NETIF_QUEUE_N_CARRIER, WLAN_CONTROL_PATH); + /* + * if hddDisconInProgress is set and roamResult is + * eCSR_ROAM_RESULT_SCAN_FOR_SSID_FAILURE that mean HDD is + * waiting on disconnect_comp_var so unblock anyone waiting for + * disconnect to complete. + */ + if ((roamResult == eCSR_ROAM_RESULT_SCAN_FOR_SSID_FAILURE) && + hddDisconInProgress) + complete(&pAdapter->disconnect_comp_var); } if (QDF_STATUS_SUCCESS != cds_check_and_restart_sap( @@ -4010,7 +4020,7 @@ hdd_roam_tdls_status_update_handler(hdd_adapter_t *pAdapter, for (staIdx = 0; staIdx < pHddCtx->max_num_tdls_sta; staIdx++) { - if (0 == + if (HDD_WLAN_INVALID_STA_ID == pHddCtx->tdlsConnInfo[staIdx]. staId) { pHddCtx->tdlsConnInfo[staIdx]. @@ -4141,7 +4151,8 @@ hdd_roam_tdls_status_update_handler(hdd_adapter_t *pAdapter, peerMac.bytes); mutex_unlock(&pHddCtx->tdls_lock); - pHddCtx->tdlsConnInfo[staIdx].staId = 0; + pHddCtx->tdlsConnInfo[staIdx].staId = + HDD_WLAN_INVALID_STA_ID; pHddCtx->tdlsConnInfo[staIdx]. sessionId = 255; qdf_mem_zero(&pHddCtx-> diff --git a/core/hdd/src/wlan_hdd_cfg.c b/core/hdd/src/wlan_hdd_cfg.c index cebeb65c34d8..3dcc8fa68eb6 100644 --- a/core/hdd/src/wlan_hdd_cfg.c +++ b/core/hdd/src/wlan_hdd_cfg.c @@ -3297,13 +3297,6 @@ struct reg_table_entry g_registry_table[] = { CFG_IGNORE_CAC_MIN, CFG_IGNORE_CAC_MAX), - REG_VARIABLE(CFG_ENABLE_SAP_DFS_CH_SIFS_BURST_NAME, WLAN_PARAM_Integer, - struct hdd_config, IsSapDfsChSifsBurstEnabled, - VAR_FLAGS_OPTIONAL | VAR_FLAGS_RANGE_CHECK_ASSUME_DEFAULT, - CFG_ENABLE_SAP_DFS_CH_SIFS_BURST_DEFAULT, - CFG_ENABLE_SAP_DFS_CH_SIFS_BURST_MIN, - CFG_ENABLE_SAP_DFS_CH_SIFS_BURST_MAX), - REG_VARIABLE(CFG_DFS_RADAR_PRI_MULTIPLIER_NAME, WLAN_PARAM_Integer, struct hdd_config, dfsRadarPriMultiplier, VAR_FLAGS_OPTIONAL | VAR_FLAGS_RANGE_CHECK_ASSUME_DEFAULT, @@ -3362,13 +3355,6 @@ struct reg_table_entry g_registry_table[] = { CFG_WLAN_LOGGING_CONSOLE_SUPPORT_ENABLE), #endif /* WLAN_LOGGING_SOCK_SVC_ENABLE */ - REG_VARIABLE(CFG_ENABLE_SIFS_BURST, WLAN_PARAM_Integer, - struct hdd_config, enableSifsBurst, - VAR_FLAGS_OPTIONAL | VAR_FLAGS_RANGE_CHECK_ASSUME_DEFAULT, - CFG_ENABLE_SIFS_BURST_DEFAULT, - CFG_ENABLE_SIFS_BURST_MIN, - CFG_ENABLE_SIFS_BURST_MAX), - #ifdef WLAN_FEATURE_LPSS REG_VARIABLE(CFG_ENABLE_LPASS_SUPPORT, WLAN_PARAM_Integer, struct hdd_config, enable_lpass_support, @@ -4437,13 +4423,6 @@ struct reg_table_entry g_registry_table[] = { CFG_FILTER_MULTICAST_REPLAY_MIN, CFG_FILTER_MULTICAST_REPLAY_MAX), - REG_VARIABLE(CFG_SIFS_BURST_DURATION_NAME, WLAN_PARAM_Integer, - struct hdd_config, sifs_burst_duration, - VAR_FLAGS_OPTIONAL | VAR_FLAGS_RANGE_CHECK_ASSUME_DEFAULT, - CFG_SIFS_BURST_DURATION_DEFAULT, - CFG_SIFS_BURST_DURATION_MIN, - CFG_SIFS_BURST_DURATION_MAX), - REG_VARIABLE(CFG_ENABLE_PHY_REG_NAME, WLAN_PARAM_HexInteger, struct hdd_config, enable_phy_reg_retention, VAR_FLAGS_OPTIONAL | VAR_FLAGS_RANGE_CHECK_ASSUME_DEFAULT, @@ -5958,11 +5937,7 @@ static QDF_STATUS hdd_apply_cfg_ini(hdd_context_t *pHddCtx, int i; int rv; - if (MAX_CFG_INI_ITEMS < cRegTableEntries) { - hdd_err("MAX_CFG_INI_ITEMS too small, must be at least %ld", - cRegTableEntries); - WARN_ON(1); - } + BUILD_BUG_ON(MAX_CFG_INI_ITEMS < cRegTableEntries); for (idx = 0; idx < cRegTableEntries; idx++, pRegEntry++) { /* Calculate the address of the destination field in the structure. */ @@ -6997,8 +6972,6 @@ void hdd_cfg_print(hdd_context_t *pHddCtx) hdd_debug("Name = [isRoamOffloadEnabled] Value = [%u]", pHddCtx->config->isRoamOffloadEnabled); #endif - hdd_debug("Name = [gEnableSifsBurst] Value = [%u]", - pHddCtx->config->enableSifsBurst); #ifdef WLAN_FEATURE_LPSS hdd_debug("Name = [gEnableLpassSupport] Value = [%u] ", @@ -7763,7 +7736,9 @@ static void hdd_set_rx_mode_value(hdd_context_t *hdd_ctx) */ QDF_STATUS hdd_parse_config_ini(hdd_context_t *pHddCtx) { - int status, i = 0; + int status = 0; + int i = 0; + int retry = 0; /** Pointer for firmware image data */ const struct firmware *fw = NULL; char *buffer, *line, *pTemp = NULL; @@ -7775,7 +7750,15 @@ QDF_STATUS hdd_parse_config_ini(hdd_context_t *pHddCtx) memset(cfgIniTable, 0, sizeof(cfgIniTable)); - status = request_firmware(&fw, WLAN_INI_FILE, pHddCtx->parent_dev); + do { + if (status == -EAGAIN) + msleep(HDD_CFG_REQUEST_FIRMWARE_DELAY); + + status = request_firmware(&fw, WLAN_INI_FILE, + pHddCtx->parent_dev); + retry++; + } while ((retry < HDD_CFG_REQUEST_FIRMWARE_RETRIES) && + (status == -EAGAIN)); if (status) { hdd_alert("request_firmware failed %d", status); diff --git a/core/hdd/src/wlan_hdd_cfg80211.c b/core/hdd/src/wlan_hdd_cfg80211.c index d601f5d9f97b..db9b7632f13f 100644 --- a/core/hdd/src/wlan_hdd_cfg80211.c +++ b/core/hdd/src/wlan_hdd_cfg80211.c @@ -3725,24 +3725,37 @@ static int32_t hdd_add_tx_bitrate(struct sk_buff *skb, uint32_t bitrate, bitrate_compat; nla_attr = nla_nest_start(skb, idx); - if (!nla_attr) + if (!nla_attr) { + hdd_err("nla_nest_start failed"); goto fail; + } + /* cfg80211_calculate_bitrate will return 0 for mcs >= 32 */ bitrate = cfg80211_calculate_bitrate(&hdd_sta_ctx-> cache_conn_info.txrate); /* report 16-bit bitrate only if we can */ bitrate_compat = bitrate < (1UL << 16) ? bitrate : 0; - if (bitrate > 0 && - nla_put_u32(skb, NL80211_RATE_INFO_BITRATE32, bitrate)) { - hdd_err("put fail"); - goto fail; + + if (bitrate > 0) { + if (nla_put_u32(skb, NL80211_RATE_INFO_BITRATE32, bitrate)) { + hdd_err("put fail bitrate: %u", bitrate); + goto fail; + } + } else { + hdd_err("Invalid bitrate: %u", bitrate); } - if (bitrate_compat > 0 && - nla_put_u16(skb, NL80211_RATE_INFO_BITRATE, bitrate_compat)) { - hdd_err("put fail"); - goto fail; + + if (bitrate_compat > 0) { + if (nla_put_u16(skb, NL80211_RATE_INFO_BITRATE, + bitrate_compat)) { + hdd_err("put fail bitrate_compat: %u", bitrate_compat); + goto fail; + } + } else { + hdd_err("Invalid bitrate_compat: %u", bitrate_compat); } + if (nla_put_u8(skb, NL80211_RATE_INFO_VHT_NSS, hdd_sta_ctx->cache_conn_info.txrate.nss)) { hdd_err("put fail"); @@ -3768,15 +3781,21 @@ static int32_t hdd_add_sta_info(struct sk_buff *skb, struct nlattr *nla_attr; nla_attr = nla_nest_start(skb, idx); - if (!nla_attr) + if (!nla_attr) { + hdd_err("nla_nest_start failed"); goto fail; + } + if (nla_put_u8(skb, NL80211_STA_INFO_SIGNAL, (hdd_sta_ctx->cache_conn_info.signal + 100))) { hdd_err("put fail"); goto fail; } - if (hdd_add_tx_bitrate(skb, hdd_sta_ctx, NL80211_STA_INFO_TX_BITRATE)) + if (hdd_add_tx_bitrate(skb, hdd_sta_ctx, NL80211_STA_INFO_TX_BITRATE)) { + hdd_err("hdd_add_tx_bitrate failed"); goto fail; + } + nla_nest_end(skb, nla_attr); return 0; fail: @@ -3828,8 +3847,11 @@ hdd_add_link_standard_info(struct sk_buff *skb, struct nlattr *nla_attr; nla_attr = nla_nest_start(skb, idx); - if (!nla_attr) + if (!nla_attr) { + hdd_err("nla_nest_start failed"); goto fail; + } + if (nla_put(skb, NL80211_ATTR_SSID, hdd_sta_ctx->cache_conn_info.last_ssid.SSID.length, @@ -3839,12 +3861,18 @@ hdd_add_link_standard_info(struct sk_buff *skb, } if (nla_put(skb, NL80211_ATTR_MAC, QDF_MAC_ADDR_SIZE, hdd_sta_ctx->cache_conn_info.bssId.bytes)) { + hdd_err("put bssid failed"); goto fail; } - if (hdd_add_survey_info(skb, hdd_sta_ctx, NL80211_ATTR_SURVEY_INFO)) + if (hdd_add_survey_info(skb, hdd_sta_ctx, NL80211_ATTR_SURVEY_INFO)) { + hdd_err("hdd_add_survey_info failed"); goto fail; - if (hdd_add_sta_info(skb, hdd_sta_ctx, NL80211_ATTR_STA_INFO)) + } + + if (hdd_add_sta_info(skb, hdd_sta_ctx, NL80211_ATTR_STA_INFO)) { + hdd_err("hdd_add_sta_info failed"); goto fail; + } nla_nest_end(skb, nla_attr); return 0; fail: @@ -11613,13 +11641,18 @@ static int __wlan_hdd_cfg80211_get_nud_stats(struct wiphy *wiphy, const void *data, int data_len) { int err = 0; - struct hdd_nud_stats_context *context; struct net_device *dev = wdev->netdev; hdd_adapter_t *adapter = WLAN_HDD_GET_PRIV_PTR(dev); hdd_context_t *hdd_ctx = wiphy_priv(wiphy); struct get_arp_stats_params arp_stats_params; uint32_t pkt_type_bitmap; struct sk_buff *skb; + struct hdd_request *request = NULL; + static const struct hdd_request_params params = { + .priv_size = 0, + .timeout_ms = WLAN_WAIT_TIME_NUD_STATS, + }; + void *cookie = NULL; ENTER(); @@ -11642,13 +11675,17 @@ static int __wlan_hdd_cfg80211_get_nud_stats(struct wiphy *wiphy, return -EINVAL; } + request = hdd_request_alloc(¶ms); + if (!request) { + hdd_err("Request allocation failure"); + return -ENOMEM; + } + + cookie = hdd_request_cookie(request); + arp_stats_params.pkt_type = WLAN_NUD_STATS_ARP_PKT_TYPE; arp_stats_params.vdev_id = adapter->sessionId; - spin_lock(&hdd_context_lock); - context = &hdd_ctx->nud_stats_context; - qdf_event_reset(&context->response_event); - spin_unlock(&hdd_context_lock); pkt_type_bitmap = adapter->pkt_type_bitmap; @@ -11661,18 +11698,26 @@ static int __wlan_hdd_cfg80211_get_nud_stats(struct wiphy *wiphy, 0xFF, 0XFF, DATA_STALL_LOG_RECOVERY_TRIGGER_PDR); + if (sme_set_nud_debug_stats_cb(hdd_ctx->hHal, hdd_get_nud_stats_cb, + cookie) != QDF_STATUS_SUCCESS) { + hdd_err("Setting NUD debug stats callback failure"); + err = -EINVAL; + goto exit; + } + if (QDF_STATUS_SUCCESS != sme_get_nud_debug_stats(hdd_ctx->hHal, &arp_stats_params)) { QDF_TRACE(QDF_MODULE_ID_HDD, QDF_TRACE_LEVEL_ERROR, "%s STATS_SET_START CMD Failed!!", __func__); - return -EINVAL; + err = -EINVAL; + goto exit; } - if (qdf_wait_for_event_completion(&context->response_event, - WLAN_WAIT_TIME_NUD_STATS) != - QDF_STATUS_SUCCESS) { - hdd_err("Target response timed out request "); - return -ETIMEDOUT; + err = hdd_request_wait_for_response(request); + if (err) { + hdd_err("SME timedout while retrieving NUD stats"); + err = -ETIMEDOUT; + goto exit; } skb = cfg80211_vendor_cmd_alloc_reply_skb(wiphy, @@ -11680,7 +11725,8 @@ static int __wlan_hdd_cfg80211_get_nud_stats(struct wiphy *wiphy, if (!skb) { hdd_err("%s: cfg80211_vendor_cmd_alloc_reply_skb failed", __func__); - return -ENOMEM; + err = -ENOMEM; + goto exit; } if (nla_put_u16(skb, COUNT_FROM_NETDEV, @@ -11702,7 +11748,8 @@ static int __wlan_hdd_cfg80211_get_nud_stats(struct wiphy *wiphy, rx_host_drop_reorder)) { hdd_err("nla put fail"); kfree_skb(skb); - return -EINVAL; + err = -EINVAL; + goto exit; } if (adapter->con_status) nla_put_flag(skb, AP_LINK_ACTIVE); @@ -11713,11 +11760,15 @@ static int __wlan_hdd_cfg80211_get_nud_stats(struct wiphy *wiphy, pkt_type_bitmap &= ~CONNECTIVITY_CHECK_SET_ARP; if (pkt_type_bitmap) { - if (hdd_populate_connectivity_check_stats_info(adapter, skb)) - return -EINVAL; + if (hdd_populate_connectivity_check_stats_info(adapter, skb)) { + err = -EINVAL; + goto exit; + } } cfg80211_vendor_cmd_reply(skb); +exit: + hdd_request_put(request); return err; } @@ -16978,6 +17029,14 @@ static bool wlan_hdd_fils_data_in_limits(struct cfg80211_connect_params *req) return false; } + if (!req->fils_erp_rrk || !req->fils_erp_realm || + !req->fils_erp_username) { + hdd_err("buffer incorrect, user=%pK rrk=%pK realm=%pK", + req->fils_erp_username, req->fils_erp_rrk, + req->fils_erp_realm); + return false; + } + return true; } @@ -17969,6 +18028,7 @@ int wlan_hdd_try_disconnect(hdd_adapter_t *pAdapter) hdd_context_t *hdd_ctx; int status, result = 0; tHalHandle hal; + uint32_t wait_time = WLAN_WAIT_TIME_DISCONNECT; hdd_ctx = WLAN_HDD_GET_CTX(pAdapter); pHddStaCtx = WLAN_HDD_GET_STATION_CTX_PTR(pAdapter); @@ -18004,6 +18064,9 @@ int wlan_hdd_try_disconnect(hdd_adapter_t *pAdapter) (eConnectionState_Associated == pHddStaCtx->conn_info.connState) || (eConnectionState_Connecting == pHddStaCtx->conn_info.connState) || (eConnectionState_IbssConnected == pHddStaCtx->conn_info.connState)) { + eConnectionState prev_conn_state; + + prev_conn_state = pHddStaCtx->conn_info.connState; hdd_conn_set_connection_state(pAdapter, eConnectionState_Disconnecting); /* Issue disconnect to CSR */ @@ -18012,13 +18075,25 @@ int wlan_hdd_try_disconnect(hdd_adapter_t *pAdapter) status = sme_roam_disconnect(WLAN_HDD_GET_HAL_CTX(pAdapter), pAdapter->sessionId, eCSR_DISCONNECT_REASON_UNSPECIFIED); - /* - * Wait here instead of returning directly, this will block the - * next connect command and allow processing of the scan for - * ssid and the previous connect command in CSR. Else we might - * hit some race conditions leading to SME and HDD out of sync. - */ - if (QDF_STATUS_CMD_NOT_QUEUED == status) { + + if ((status == QDF_STATUS_CMD_NOT_QUEUED) && + prev_conn_state != eConnectionState_Connecting) { + hdd_debug("Already disconnect in progress"); + result = 0; + /* + * Wait here instead of returning directly. This will + * block the connect command and allow processing + * of the disconnect in SME. As disconnect is already + * in progress, wait here for 1 sec instead of 5 sec. + */ + wait_time = WLAN_WAIT_DISCONNECT_ALREADY_IN_PROGRESS; + } else if (status == QDF_STATUS_CMD_NOT_QUEUED) { + /* + * Wait here instead of returning directly, this will + * block the connect command and allow processing + * of the scan for ssid and the previous connect command + * in CSR. + */ hdd_debug("Already disconnected or connect was in sme/roam pending list and removed by disconnect"); } else if (0 != status) { hdd_err("sme_roam_disconnect failure, status: %d", @@ -18028,9 +18103,8 @@ int wlan_hdd_try_disconnect(hdd_adapter_t *pAdapter) goto disconnected; } - rc = wait_for_completion_timeout( - &pAdapter->disconnect_comp_var, - msecs_to_jiffies(WLAN_WAIT_TIME_DISCONNECT)); + rc = wait_for_completion_timeout(&pAdapter->disconnect_comp_var, + msecs_to_jiffies(wait_time)); if (!rc && (QDF_STATUS_CMD_NOT_QUEUED != status)) { hdd_err("Sme disconnect event timed out session Id: %d staDebugState: %d", pAdapter->sessionId, pHddStaCtx->staDebugState); @@ -18039,7 +18113,7 @@ int wlan_hdd_try_disconnect(hdd_adapter_t *pAdapter) } else if (eConnectionState_Disconnecting == pHddStaCtx->conn_info.connState) { rc = wait_for_completion_timeout(&pAdapter->disconnect_comp_var, - msecs_to_jiffies(WLAN_WAIT_TIME_DISCONNECT)); + msecs_to_jiffies(wait_time)); if (!rc) { hdd_err("Disconnect event timed out session Id: %d staDebugState: %d", pAdapter->sessionId, pHddStaCtx->staDebugState); @@ -19620,13 +19694,15 @@ static inline bool wlan_hdd_is_pmksa_valid(struct cfg80211_pmksa *pmksa) /* * hdd_fill_pmksa_info: API to update tPmkidCacheInfo from cfg80211_pmksa - * @pmk_cache: pmksa from supplicant - * @pmk_cache: pmk needs to be updated - * + * @adapter: Pointer to hdd adapter + * @pmk_cache: pmk that needs to be udated + * @pmksa: pmk from supplicant + * @is_delete: Bool to decide set or delete PMK * Return: None */ -static void hdd_fill_pmksa_info(tPmkidCacheInfo *pmk_cache, - struct cfg80211_pmksa *pmksa, bool is_delete) +static void hdd_fill_pmksa_info(hdd_adapter_t *adapter, + tPmkidCacheInfo *pmk_cache, + struct cfg80211_pmksa *pmksa, bool is_delete) { if (pmksa->bssid) { hdd_debug("%s PMKSA for " MAC_ADDRESS_STR, @@ -19674,14 +19750,18 @@ static inline bool wlan_hdd_is_pmksa_valid(struct cfg80211_pmksa *pmksa) /* * hdd_fill_pmksa_info: API to update tPmkidCacheInfo from cfg80211_pmksa - * @pmk_cache: pmksa from supplicant - * @pmk_cache: pmk needs to be updated + * @adapter: Pointer to hdd adapter + * @pmk_cache: pmk which needs to be updated + * @pmksa: pmk from supplicant + * @is_delete: Bool to decide whether to set or delete PMK * * Return: None */ -static void hdd_fill_pmksa_info(tPmkidCacheInfo *pmk_cache, - struct cfg80211_pmksa *pmksa, bool is_delete) +static void hdd_fill_pmksa_info(hdd_adapter_t *adapter, + tPmkidCacheInfo *pmk_cache, + struct cfg80211_pmksa *pmksa, bool is_delete) { + tHalHandle hal = WLAN_HDD_GET_HAL_CTX(adapter); hdd_debug("%s PMKSA for " MAC_ADDRESS_STR, is_delete ? "Delete" : "Set", MAC_ADDR_ARRAY(pmksa->bssid)); qdf_mem_copy(pmk_cache->BSSID.bytes, @@ -19689,7 +19769,7 @@ static void hdd_fill_pmksa_info(tPmkidCacheInfo *pmk_cache, if (is_delete) return; - + sme_get_pmk_info(hal, adapter->sessionId, pmk_cache); qdf_mem_copy(pmk_cache->PMKID, pmksa->pmkid, CSR_RSN_PMKID_SIZE); } #endif @@ -19748,7 +19828,7 @@ static int __wlan_hdd_cfg80211_set_pmksa(struct wiphy *wiphy, qdf_mem_zero(&pmk_cache, sizeof(pmk_cache)); - hdd_fill_pmksa_info(&pmk_cache, pmksa, false); + hdd_fill_pmksa_info(pAdapter, &pmk_cache, pmksa, false); /* * Add to the PMKSA Cache in CSR @@ -19843,7 +19923,7 @@ static int __wlan_hdd_cfg80211_del_pmksa(struct wiphy *wiphy, qdf_mem_zero(&pmk_cache, sizeof(pmk_cache)); - hdd_fill_pmksa_info(&pmk_cache, pmksa, true); + hdd_fill_pmksa_info(pAdapter, &pmk_cache, pmksa, true); /* Delete the PMKID CSR cache */ if (QDF_STATUS_SUCCESS != diff --git a/core/hdd/src/wlan_hdd_hostapd.c b/core/hdd/src/wlan_hdd_hostapd.c index c5de344d4974..0c1c78237d1d 100644 --- a/core/hdd/src/wlan_hdd_hostapd.c +++ b/core/hdd/src/wlan_hdd_hostapd.c @@ -1482,6 +1482,10 @@ static void hdd_fill_station_info(hdd_adapter_t *pHostapdAdapter, hdd_copy_ht_caps(&stainfo->ht_caps, &event->ht_caps); } + /* Initialize DHCP info */ + stainfo->dhcp_phase = DHCP_PHASE_ACK; + stainfo->dhcp_nego_status = DHCP_NEGO_STOP; + while (i < WLAN_MAX_STA_COUNT) { if (!qdf_mem_cmp(pHostapdAdapter-> cache_sta_info[i].macAddrSTA.bytes, @@ -1669,6 +1673,13 @@ QDF_STATUS hdd_hostapd_sap_event_cb(tpSap_Event pSapEvent, pHostapdAdapter->sessionId = pSapEvent->sapevt.sapStartBssCompleteEvent.sessionId; + pHostapdAdapter->sessionCtx.ap.sapConfig.channel = + pSapEvent->sapevt.sapStartBssCompleteEvent. + operatingChannel; + + pHostapdAdapter->sessionCtx.ap.sapConfig.ch_params.ch_width = + pSapEvent->sapevt.sapStartBssCompleteEvent.ch_width; + pHostapdState->qdf_status = pSapEvent->sapevt.sapStartBssCompleteEvent.status; @@ -1805,21 +1816,6 @@ QDF_STATUS hdd_hostapd_sap_event_cb(tpSap_Event pSapEvent, } } - - if ((CHANNEL_STATE_DFS == - cds_get_channel_state(pHddApCtx->operatingChannel)) - && (pHddCtx->config->IsSapDfsChSifsBurstEnabled == 0)) { - - hdd_debug("Set SIFS Burst disable for DFS channel %d", - pHddApCtx->operatingChannel); - - if (wma_cli_set_command(pHostapdAdapter->sessionId, - WMI_PDEV_PARAM_BURST_ENABLE, - 0, PDEV_CMD)) { - hdd_err("Failed to Set SIFS Burst channel: %d", - pHddApCtx->operatingChannel); - } - } /* Fill the params for sending IWEVCUSTOM Event * with SOFTAP.enabled */ @@ -2249,6 +2245,14 @@ QDF_STATUS hdd_hostapd_sap_event_cb(tpSap_Event pSapEvent, pHostapdAdapter->sessionId, QDF_PROTO_TYPE_MGMT, QDF_PROTO_MGMT_DISASSOC)); + /* Send DHCP STOP indication to FW */ + stainfo->dhcp_phase = DHCP_PHASE_ACK; + if (stainfo->dhcp_nego_status == + DHCP_NEGO_IN_PROGRESS) + hdd_post_dhcp_ind(pHostapdAdapter, staId, + WMA_DHCP_STOP_IND); + stainfo->dhcp_nego_status = DHCP_NEGO_STOP; + hdd_softap_deregister_sta(pHostapdAdapter, staId); pHddApCtx->bApActive = false; @@ -2641,6 +2645,10 @@ stopbss: if (!QDF_IS_STATUS_SUCCESS(qdf_status)) { hdd_warn("hdd_softap_stop_bss failed %d", qdf_status); + if (hdd_ipa_is_enabled(pHddCtx)) { + hdd_ipa_uc_disconnect_ap(pHostapdAdapter); + hdd_ipa_clean_adapter_iface(pHostapdAdapter); + } } /* notify userspace that the BSS has stopped */ @@ -6484,7 +6492,7 @@ QDF_STATUS hdd_init_ap_mode(hdd_adapter_t *pAdapter, bool reinit) ret = wma_cli_set_command(pAdapter->sessionId, WMI_PDEV_PARAM_BURST_ENABLE, - pHddCtx->config->enableSifsBurst, + HDD_ENABLE_SIFS_BURST_DEFAULT, PDEV_CMD); if (0 != ret) @@ -7212,6 +7220,10 @@ int wlan_hdd_cfg80211_update_apies(hdd_adapter_t *adapter) pConfig = &adapter->sessionCtx.ap.sapConfig; beacon = adapter->sessionCtx.ap.beacon; + if (!beacon) { + hdd_err("Beacon is NULL !"); + return -EINVAL; + } genie = qdf_mem_malloc(MAX_GENIE_LEN); @@ -8417,6 +8429,12 @@ int wlan_hdd_cfg80211_start_bss(hdd_adapter_t *pHostapdAdapter, if (!cds_is_sub_20_mhz_enabled()) wlan_hdd_set_sap_hwmode(pHostapdAdapter); + if (IS_24G_CH(pConfig->channel) && + pHddCtx->config->enableVhtFor24GHzBand && + (pConfig->SapHw_mode == eCSR_DOT11_MODE_11n || + pConfig->SapHw_mode == eCSR_DOT11_MODE_11n_ONLY)) + pConfig->SapHw_mode = eCSR_DOT11_MODE_11ac; + if (((pHostapdAdapter->device_mode == QDF_SAP_MODE) && (pHddCtx->config->sap_force_11n_for_11ac)) || ((pHostapdAdapter->device_mode == QDF_P2P_GO_MODE) && @@ -8461,7 +8479,9 @@ int wlan_hdd_cfg80211_start_bss(hdd_adapter_t *pHostapdAdapter, pConfig->channel = cds_mode_specific_get_channel(CDS_STA_MODE); hdd_debug("DBS is disabled, force SCC is enabled and STA is active, override the SAP channel to %d", pConfig->channel); - } else if (wlan_hdd_setup_driver_overrides(pHostapdAdapter)) { + } + + if (wlan_hdd_setup_driver_overrides(pHostapdAdapter)) { ret = -EINVAL; goto error; } diff --git a/core/hdd/src/wlan_hdd_ipa.c b/core/hdd/src/wlan_hdd_ipa.c index 036692af1dfd..719bde01880f 100644 --- a/core/hdd/src/wlan_hdd_ipa.c +++ b/core/hdd/src/wlan_hdd_ipa.c @@ -89,6 +89,8 @@ #define HDD_IPA_MAX_BANDWIDTH 800 +#define HDD_IPA_UC_STAT_LOG_RATE 10 + enum hdd_ipa_uc_op_code { HDD_IPA_UC_OPCODE_TX_SUSPEND = 0, HDD_IPA_UC_OPCODE_TX_RESUME = 1, @@ -3464,8 +3466,9 @@ static void __hdd_ipa_uc_stat_query(hdd_context_t *hdd_ctx, (false == hdd_ipa->resource_loading)) { *ipa_tx_diff = hdd_ipa->ipa_tx_packets_diff; *ipa_rx_diff = hdd_ipa->ipa_rx_packets_diff; - hdd_debug("STAT Query TX DIFF %d, RX DIFF %d", - *ipa_tx_diff, *ipa_rx_diff); + hdd_debug_ratelimited(HDD_IPA_UC_STAT_LOG_RATE, + "STAT Query TX DIFF %d, RX DIFF %d", + *ipa_tx_diff, *ipa_rx_diff); } qdf_mutex_release(&hdd_ipa->ipa_lock); } @@ -4997,8 +5000,7 @@ static int hdd_ipa_uc_disconnect_client(hdd_adapter_t *adapter) * * Return: 0 - Success */ - -static int hdd_ipa_uc_disconnect_ap(hdd_adapter_t *adapter) +int hdd_ipa_uc_disconnect_ap(hdd_adapter_t *adapter) { int ret = 0; @@ -5486,6 +5488,8 @@ static void hdd_ipa_send_skb_to_network(qdf_nbuf_t skb, struct hdd_ipa_priv *hdd_ipa = ghdd_ipa; unsigned int cpu_index; uint32_t enabled; + struct qdf_mac_addr src_mac; + uint8_t staid; if (hdd_validate_adapter(adapter)) { HDD_IPA_LOG(QDF_TRACE_LEVEL_DEBUG, "Invalid adapter: 0x%pK", @@ -5509,6 +5513,15 @@ static void hdd_ipa_send_skb_to_network(qdf_nbuf_t skb, if (!enabled) hdd_ipa_set_wake_up_idle(true); + if (adapter->device_mode == QDF_SAP_MODE) { + /* Send DHCP Indication to FW */ + qdf_mem_copy(&src_mac, skb->data + QDF_NBUF_SRC_MAC_OFFSET, + sizeof(src_mac)); + if (QDF_STATUS_SUCCESS == + hdd_softap_get_sta_id(adapter, &src_mac, &staid)) + hdd_dhcp_indication(adapter, staid, skb, QDF_RX); + } + skb->destructor = hdd_ipa_uc_rt_debug_destructor; skb->dev = adapter->dev; skb->protocol = eth_type_trans(skb, skb->dev); @@ -6368,9 +6381,11 @@ static void hdd_ipa_cleanup_iface(struct hdd_ipa_iface_context *iface_context) if (iface_context == NULL) return; - if (hdd_validate_adapter(iface_context->adapter)) + if (hdd_validate_adapter(iface_context->adapter)) { HDD_IPA_LOG(QDF_TRACE_LEVEL_DEBUG, "Invalid adapter: 0x%pK", iface_context->adapter); + return; + } hdd_ipa_wdi_dereg_intf(iface_context->hdd_ipa, iface_context->adapter->dev->name); @@ -7177,11 +7192,13 @@ hdd_ipa_uc_proc_pending_event(struct hdd_ipa_priv *hdd_ipa, bool is_loading) qdf_list_remove_front(&hdd_ipa->pending_event, (qdf_list_node_t **)&pending_event); while (pending_event != NULL) { - if (pending_event->is_loading == is_loading) + if (pending_event->is_loading == is_loading && + !hdd_validate_adapter(pending_event->adapter)) { __hdd_ipa_wlan_evt(pending_event->adapter, pending_event->sta_id, pending_event->type, pending_event->mac_addr); + } qdf_mem_free(pending_event); pending_event = NULL; qdf_list_remove_front(&hdd_ipa->pending_event, diff --git a/core/hdd/src/wlan_hdd_main.c b/core/hdd/src/wlan_hdd_main.c index 0a48b2b56d55..dba616f82630 100644 --- a/core/hdd/src/wlan_hdd_main.c +++ b/core/hdd/src/wlan_hdd_main.c @@ -771,8 +771,7 @@ int hdd_validate_adapter(hdd_adapter_t *adapter) } if (adapter->magic != WLAN_HDD_ADAPTER_MAGIC) { - hdd_err("bad adapter magic: 0x%x (should be 0x%x)", - adapter->magic, WLAN_HDD_ADAPTER_MAGIC); + hdd_err("bad adapter magic"); return -EINVAL; } @@ -3466,7 +3465,7 @@ QDF_STATUS hdd_init_station_mode(hdd_adapter_t *adapter) ret_val = sme_cli_set_command(adapter->sessionId, WMI_PDEV_PARAM_BURST_ENABLE, - hdd_ctx->config->enableSifsBurst, + HDD_ENABLE_SIFS_BURST_DEFAULT, PDEV_CMD); if (0 != ret_val) { @@ -4864,6 +4863,7 @@ QDF_STATUS hdd_stop_adapter(hdd_context_t *hdd_ctx, hdd_adapter_t *adapter, /* Reset WNI_CFG_PROBE_RSP Flags */ wlan_hdd_reset_prob_rspies(adapter); } + clear_bit(SOFTAP_INIT_DONE, &adapter->event_flags); qdf_mem_free(adapter->sessionCtx.ap.beacon); adapter->sessionCtx.ap.beacon = NULL; if (true == bCloseSession) @@ -4963,6 +4963,33 @@ QDF_STATUS hdd_stop_all_adapters(hdd_context_t *hdd_ctx, bool close_session) return QDF_STATUS_SUCCESS; } +#ifdef QCA_LL_LEGACY_TX_FLOW_CONTROL +/** + * hdd_adapter_abort_tx_flow() - Abort the tx flow control + * @pAdapter: pointer to hdd_adapter_t + * + * Resume tx and stop the tx flow control timer if the tx is paused and the flow + * control timer is running. This function is called by SSR to avoid the + * inconsistency of tx status before and after SSR. + * + * Return: void + */ +static void hdd_adapter_abort_tx_flow(hdd_adapter_t *adapter) +{ + if ((adapter->hdd_stats.hddTxRxStats.is_txflow_paused == TRUE) && + (QDF_TIMER_STATE_RUNNING == + qdf_mc_timer_get_current_state(&adapter->tx_flow_control_timer))) { + hdd_tx_resume_timer_expired_handler(adapter); + qdf_mc_timer_stop(&adapter->tx_flow_control_timer); + } +} +#else +static void hdd_adapter_abort_tx_flow(hdd_adapter_t *pAdapter) +{ + return; +} +#endif + QDF_STATUS hdd_reset_all_adapters(hdd_context_t *hdd_ctx) { hdd_adapter_list_node_t *adapterNode = NULL, *pNext = NULL; @@ -4983,6 +5010,8 @@ QDF_STATUS hdd_reset_all_adapters(hdd_context_t *hdd_ctx) while (NULL != adapterNode && QDF_STATUS_SUCCESS == status) { adapter = adapterNode->pAdapter; + hdd_adapter_abort_tx_flow(adapter); + if ((adapter->device_mode == QDF_STA_MODE) || (adapter->device_mode == QDF_P2P_CLIENT_MODE)) { /* Stop tdls timers */ @@ -6226,10 +6255,11 @@ void hdd_unregister_notifiers(hdd_context_t *hdd_ctx) */ static void hdd_exit_netlink_services(hdd_context_t *hdd_ctx) { + spectral_scan_deactivate_service(); + cnss_diag_deactivate_service(); hdd_close_cesium_nl_sock(); - ptt_sock_deactivate_svc(); - + oem_deactivate_service(); nl_srv_exit(); } @@ -6259,15 +6289,13 @@ static int hdd_init_netlink_services(hdd_context_t *hdd_ctx) goto err_nl_srv; } - ret = ptt_sock_activate_svc(); - if (ret) { - hdd_err("ptt_sock_activate_svc failed: %d", ret); - goto err_nl_srv; - } + ptt_sock_activate_svc(); ret = hdd_open_cesium_nl_sock(); - if (ret) + if (ret) { hdd_err("hdd_open_cesium_nl_sock failed ret: %d", ret); + goto err_ptt_sock; + } ret = cnss_diag_activate_service(); if (ret) { @@ -6278,14 +6306,18 @@ static int hdd_init_netlink_services(hdd_context_t *hdd_ctx) ret = spectral_scan_activate_service(); if (ret) { hdd_alert("spectral_scan_activate_service failed: %d", ret); - goto err_close_cesium; + goto err_cnss_diag; } return 0; +err_cnss_diag: + cnss_diag_deactivate_service(); err_close_cesium: hdd_close_cesium_nl_sock(); +err_ptt_sock: ptt_sock_deactivate_svc(); + oem_deactivate_service(); err_nl_srv: nl_srv_exit(); out: @@ -6330,6 +6362,7 @@ static int hdd_roc_context_init(hdd_context_t *hdd_ctx) { qdf_spinlock_create(&hdd_ctx->hdd_roc_req_q_lock); qdf_list_create(&hdd_ctx->hdd_roc_req_q, MAX_ROC_REQ_QUEUE_ENTRY); + qdf_idr_create(&hdd_ctx->p2p_idr); INIT_DELAYED_WORK(&hdd_ctx->roc_req_work, wlan_hdd_roc_request_dequeue); @@ -6346,6 +6379,7 @@ static int hdd_roc_context_init(hdd_context_t *hdd_ctx) */ static void hdd_roc_context_destroy(hdd_context_t *hdd_ctx) { + qdf_idr_destroy(&hdd_ctx->p2p_idr); qdf_list_destroy(&hdd_ctx->hdd_roc_req_q); qdf_spinlock_destroy(&hdd_ctx->hdd_roc_req_q_lock); } @@ -7936,8 +7970,7 @@ static void hdd_restart_sap(hdd_adapter_t *adapter, uint8_t channel) } hdd_ap_ctx->sapConfig.channel = channel; - hdd_ap_ctx->sapConfig.ch_params.ch_width = - hdd_ap_ctx->sapConfig.ch_width_orig; + hdd_ap_ctx->sapConfig.ch_params.ch_width = CH_WIDTH_MAX; hdd_debug("chan:%d width:%d", channel, hdd_ap_ctx->sapConfig.ch_width_orig); @@ -8530,7 +8563,6 @@ static int hdd_context_init(hdd_context_t *hdd_ctx) hdd_ctx->max_intf_count = CSR_ROAM_SESSION_MAX; hdd_init_ll_stats_ctx(); - hdd_init_nud_stats_ctx(hdd_ctx); init_completion(&hdd_ctx->chain_rssi_context.response_event); init_completion(&hdd_ctx->mc_sus_event_var); @@ -10153,15 +10185,6 @@ static int hdd_features_init(hdd_context_t *hdd_ctx, hdd_adapter_t *adapter) ENTER(); - if (hdd_ctx->config->sifs_burst_duration) { - set_value = (SIFS_BURST_DUR_MULTIPLIER) * - hdd_ctx->config->sifs_burst_duration; - - if ((set_value > 0) && (set_value <= SIFS_BURST_DUR_MAX)) - sme_cli_set_command(0, WMI_PDEV_PARAM_BURST_DUR, - set_value, PDEV_CMD); - } - sme_set_chip_pwr_save_fail_cb(hdd_ctx->hHal, hdd_chip_pwr_save_fail_detected_cb); @@ -11049,23 +11072,12 @@ void hdd_wlan_update_target_info(hdd_context_t *hdd_ctx, void *context) hdd_ctx->target_type = tgt_info->target_type; } -/** - * hdd_get_nud_stats_cb() - callback api to update the stats - * received from the firmware - * @data: pointer to adapter. - * @rsp: pointer to data received from FW. - * - * This is called when wlan driver received response event for - * get arp stats to firmware. - * - * Return: None - */ -static void hdd_get_nud_stats_cb(void *data, struct rsp_stats *rsp) +void hdd_get_nud_stats_cb(void *data, struct rsp_stats *rsp, void *context) { hdd_context_t *hdd_ctx = (hdd_context_t *)data; - struct hdd_nud_stats_context *context; int status; hdd_adapter_t *adapter = NULL; + struct hdd_request *request = NULL; ENTER(); @@ -11075,12 +11087,19 @@ static void hdd_get_nud_stats_cb(void *data, struct rsp_stats *rsp) } status = wlan_hdd_validate_context(hdd_ctx); - if (0 != status) + if (status != 0) + return; + + request = hdd_request_get(context); + if (!request) { + hdd_err("obselete request"); return; + } adapter = hdd_get_adapter_by_vdev(hdd_ctx, rsp->vdev_id); if ((NULL == adapter) || (WLAN_HDD_ADAPTER_MAGIC != adapter->magic)) { hdd_err("Invalid adapter or adapter has invalid magic"); + hdd_request_put(request); return; } @@ -11108,10 +11127,8 @@ static void hdd_get_nud_stats_cb(void *data, struct rsp_stats *rsp) rsp->icmpv4_rsp_recvd; } - spin_lock(&hdd_context_lock); - context = &hdd_ctx->nud_stats_context; - qdf_event_set(&context->response_event); - spin_unlock(&hdd_context_lock); + hdd_request_complete(request); + hdd_request_put(request); EXIT(); } @@ -11165,9 +11182,6 @@ int hdd_register_cb(hdd_context_t *hdd_ctx) sme_set_rssi_threshold_breached_cb(hdd_ctx->hHal, hdd_rssi_threshold_breached); - sme_set_nud_debug_stats_cb(hdd_ctx->hHal, - hdd_get_nud_stats_cb); - status = sme_apf_offload_register_callback(hdd_ctx->hHal, hdd_get_apf_capabilities_cb); if (!QDF_IS_STATUS_SUCCESS(status)) { @@ -12785,6 +12799,11 @@ static int con_mode_handler(const char *kmessage, const struct kernel_param *kp) if (ret) return ret; + if (!cds_wait_for_external_threads_completion(__func__)) { + hdd_warn("External threads are still active, can not change mode"); + return -EAGAIN; + } + cds_ssr_protect(__func__); ret = __con_mode_handler(kmessage, kp, hdd_ctx); cds_ssr_unprotect(__func__); diff --git a/core/hdd/src/wlan_hdd_nan_datapath.c b/core/hdd/src/wlan_hdd_nan_datapath.c index 90a72a179bc8..912043fff457 100644 --- a/core/hdd/src/wlan_hdd_nan_datapath.c +++ b/core/hdd/src/wlan_hdd_nan_datapath.c @@ -2391,7 +2391,7 @@ int hdd_init_nan_data_mode(struct hdd_adapter_s *adapter) ret_val = wma_cli_set_command((int)adapter->sessionId, (int)WMI_PDEV_PARAM_BURST_ENABLE, - (int)hdd_ctx->config->enableSifsBurst, + (int)HDD_ENABLE_SIFS_BURST_DEFAULT, PDEV_CMD); if (0 != ret_val) hdd_err("WMI_PDEV_PARAM_BURST_ENABLE set failed %d", ret_val); diff --git a/core/hdd/src/wlan_hdd_oemdata.c b/core/hdd/src/wlan_hdd_oemdata.c index 5e2d62ffb2da..c51b554c276f 100644 --- a/core/hdd/src/wlan_hdd_oemdata.c +++ b/core/hdd/src/wlan_hdd_oemdata.c @@ -1062,21 +1062,19 @@ static void oem_cmd_handler(const void *data, int data_len, void *ctx, int pid) oem_request_dispatcher(msg_hdr, pid); } -/** - * oem_activate_service() - API to register the oem command handler - * @hdd_ctx: Pointer to HDD Context - * - * This API is used to register the oem app command handler. Argument - * @pAdapter is given for prototype compatibility with legacy code. - * - * Return: 0 - */ int oem_activate_service(struct hdd_context_s *hdd_ctx) { p_hdd_ctx = hdd_ctx; register_cld_cmd_cb(WLAN_NL_MSG_OEM, oem_cmd_handler, NULL); return 0; } + +int oem_deactivate_service(void) +{ + deregister_cld_cmd_cb(WLAN_NL_MSG_OEM); + return 0; +} + #else /* @@ -1143,16 +1141,6 @@ static int __oem_msg_callback(struct sk_buff *skb) return ret; } -/** - * oem_activate_service() - Activate oem message handler - * @hdd_ctx: pointer to global HDD context - * - * This function registers a handler to receive netlink message from - * an OEM application process. - * - * Return: zero on success - * On error, error number will be returned. - */ int oem_activate_service(struct hdd_context_s *hdd_ctx) { p_hdd_ctx = hdd_ctx; @@ -1160,5 +1148,12 @@ int oem_activate_service(struct hdd_context_s *hdd_ctx) /* Register the msg handler for msgs addressed to WLAN_NL_MSG_OEM */ return nl_srv_register(WLAN_NL_MSG_OEM, __oem_msg_callback); } + +int oem_deactivate_service(void) +{ + /* Deregister the msg handler for msgs addressed to WLAN_NL_MSG_OEM */ + return nl_srv_unregister(WLAN_NL_MSG_OEM, __oem_msg_callback); +} + #endif #endif diff --git a/core/hdd/src/wlan_hdd_p2p.c b/core/hdd/src/wlan_hdd_p2p.c index c3ed24ebc7ce..0e6f537fa0bc 100644 --- a/core/hdd/src/wlan_hdd_p2p.c +++ b/core/hdd/src/wlan_hdd_p2p.c @@ -745,8 +745,7 @@ QDF_STATUS wlan_hdd_remain_on_channel_callback(tHalHandle hHal, void *pCtx, cfg80211_remain_on_channel_expired( pRemainChanCtx->dev-> ieee80211_ptr, - pRemainChanCtx-> - cookie, + (u64)pRemainChanCtx->id, &pRemainChanCtx->chan, GFP_KERNEL); pAdapter->last_roc_ts = @@ -787,6 +786,7 @@ QDF_STATUS wlan_hdd_remain_on_channel_callback(tHalHandle hHal, void *pCtx, pRemainChanCtx->action_pkt_buff.frame_ptr = NULL; pRemainChanCtx->action_pkt_buff.frame_length = 0; } + qdf_idr_remove(&hdd_ctx->p2p_idr, pRemainChanCtx->id); } qdf_mem_free(pRemainChanCtx); mutex_unlock(&cfgState->remain_on_chan_ctx_lock); @@ -1308,13 +1308,13 @@ static void wlan_hdd_indicate_roc_drop(hdd_adapter_t *adapter, hdd_debug("indicate roc drop to userspace"); cfg80211_ready_on_channel( adapter->dev->ieee80211_ptr, - (uintptr_t)ctx, + (u64)ctx->id, &ctx->chan, ctx->duration, GFP_KERNEL); cfg80211_remain_on_channel_expired( ctx->dev->ieee80211_ptr, - ctx->cookie, + (u64)ctx->id, &ctx->chan, GFP_KERNEL); } @@ -1467,6 +1467,7 @@ static int wlan_hdd_request_remain_on_channel(struct wiphy *wiphy, hdd_adapter_t *sta_adapter; int ret; int status = 0; + int roc_id; hdd_debug("Device_mode %s(%d)", hdd_device_mode_to_string(pAdapter->device_mode), @@ -1499,12 +1500,18 @@ static int wlan_hdd_request_remain_on_channel(struct wiphy *wiphy, return -ENOMEM; } + if (QDF_STATUS_SUCCESS != qdf_idr_alloc(&pHddCtx->p2p_idr, + pRemainChanCtx, &roc_id)) { + hdd_err("alloc id fail"); + qdf_mem_free(pRemainChanCtx); + return -EFAULT; + } qdf_mem_copy(&pRemainChanCtx->chan, chan, sizeof(struct ieee80211_channel)); pRemainChanCtx->duration = duration; pRemainChanCtx->dev = dev; - *cookie = (uintptr_t) pRemainChanCtx; - pRemainChanCtx->cookie = *cookie; + *cookie = (u64)roc_id; + pRemainChanCtx->id = roc_id; pRemainChanCtx->rem_on_chan_request = request_type; pRemainChanCtx->action_pkt_buff.freq = 0; pRemainChanCtx->action_pkt_buff.frame_ptr = NULL; @@ -1673,8 +1680,7 @@ void hdd_remain_chan_ready_handler(hdd_adapter_t *pAdapter, cfg80211_ready_on_channel( pAdapter->dev-> ieee80211_ptr, - (uintptr_t) - pRemainChanCtx, + (u64)pRemainChanCtx->id, &pRemainChanCtx->chan, pRemainChanCtx-> duration, GFP_KERNEL); @@ -1728,6 +1734,7 @@ __wlan_hdd_cfg80211_cancel_remain_on_channel(struct wiphy *wiphy, hdd_adapter_t *pAdapter = WLAN_HDD_GET_PRIV_PTR(dev); hdd_cfg80211_state_t *cfgState = WLAN_HDD_GET_CFG_STATE_PTR(pAdapter); hdd_remain_on_chan_ctx_t *pRemainChanCtx; + hdd_remain_on_chan_ctx_t *cur_ctx; hdd_context_t *pHddCtx = WLAN_HDD_GET_CTX(pAdapter); int status; int qdf_status; @@ -1752,10 +1759,17 @@ __wlan_hdd_cfg80211_cancel_remain_on_channel(struct wiphy *wiphy, if (0 != status) return status; + + if (QDF_STATUS_SUCCESS != qdf_idr_find(&pHddCtx->p2p_idr, + (int32_t)cookie, (void **)&cur_ctx)) { + hdd_debug("failed to find cookie, 0x%llx", cookie); + return -EFAULT; + } + qdf_spin_lock(&pHddCtx->hdd_roc_req_q_lock); list_for_each_safe(tmp, q, &pHddCtx->hdd_roc_req_q.anchor) { curr_roc_req = list_entry(tmp, hdd_roc_req_t, node); - if ((uintptr_t) curr_roc_req->pRemainChanCtx == cookie) { + if (curr_roc_req->pRemainChanCtx == cur_ctx) { qdf_status = qdf_list_remove_node(&pHddCtx->hdd_roc_req_q, (qdf_list_node_t *) curr_roc_req); @@ -1775,15 +1789,15 @@ __wlan_hdd_cfg80211_cancel_remain_on_channel(struct wiphy *wiphy, pRemainChanCtx = cfgState->remain_on_chan_ctx; if (pRemainChanCtx) { - hdd_debug("action_cookie = %08llx, roc cookie = %08llx, cookie = %08llx", - cfgState->action_cookie, pRemainChanCtx->cookie, + hdd_debug("action_id = %x, roc id = %x, cookie = %08llx", + cfgState->action_id, pRemainChanCtx->id, cookie); - if (pRemainChanCtx->cookie == cookie) { + if (pRemainChanCtx->id == (int32_t)cookie) { /* request to cancel on-going roc */ if (cfgState->buf) { /* Tx frame pending */ - if (cfgState->action_cookie != cookie) { + if (cfgState->action_id != (int32_t)cookie) { hdd_debug("Cookie matched with RoC cookie but not with tx cookie, indicate expired event for roc"); /* RoC was extended to accomodate the tx frame */ if (REMAIN_ON_CHANNEL_REQUEST == @@ -1792,21 +1806,21 @@ __wlan_hdd_cfg80211_cancel_remain_on_channel(struct wiphy *wiphy, cfg80211_remain_on_channel_expired( pRemainChanCtx->dev-> ieee80211_ptr, - pRemainChanCtx->cookie, + (u64)pRemainChanCtx->id, &pRemainChanCtx->chan, GFP_KERNEL); } pRemainChanCtx->rem_on_chan_request = OFF_CHANNEL_ACTION_TX; - pRemainChanCtx->cookie = - cfgState->action_cookie; + pRemainChanCtx->id = + cfgState->action_id; mutex_unlock(&cfgState-> remain_on_chan_ctx_lock); return 0; } } - } else if (cfgState->buf && cfgState->action_cookie == - cookie) { + } else if (cfgState->buf && cfgState->action_id == + (int32_t)cookie) { mutex_unlock(&cfgState->remain_on_chan_ctx_lock); hdd_debug("Cookie not matched with RoC cookie but matched with tx cookie, cleanup action frame"); /*free the buf and return 0*/ @@ -1941,6 +1955,7 @@ static int __wlan_hdd_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev, bool enb_random_mac = false; uint32_t mgmt_hdr_len = sizeof(struct ieee80211_hdr_3addr); QDF_STATUS qdf_status; + int32_t mgmt_id; ENTER(); @@ -2325,12 +2340,19 @@ send_frame: mutex_lock(&cfgState->remain_on_chan_ctx_lock); if (cfgState->remain_on_chan_ctx) { - cfgState->action_cookie = - cfgState->remain_on_chan_ctx->cookie; - *cookie = cfgState->action_cookie; + cfgState->action_id = + cfgState->remain_on_chan_ctx->id; + *cookie = cfgState->action_id; } else { - *cookie = (uintptr_t) cfgState->buf; - cfgState->action_cookie = *cookie; + if (QDF_STATUS_SUCCESS != qdf_idr_alloc( + &pHddCtx->p2p_idr, + cfgState->buf, &mgmt_id)) { + hdd_err("alloc id fail"); + goto err; + } + + *cookie = (u64)mgmt_id; + cfgState->action_id = mgmt_id; } mutex_unlock(&cfgState->remain_on_chan_ctx_lock); @@ -2423,10 +2445,16 @@ err: } return 0; err_rem_channel: - *cookie = (uintptr_t) cfgState; + if (QDF_STATUS_SUCCESS != qdf_idr_alloc(&pHddCtx->p2p_idr, + cfgState, &mgmt_id)) + mgmt_id = 0; + + *cookie = (u64)mgmt_id; cfg80211_mgmt_tx_status( pAdapter->dev->ieee80211_ptr, *cookie, buf, len, false, GFP_KERNEL); + qdf_idr_remove(&pHddCtx->p2p_idr, mgmt_id); + EXIT(); return 0; } @@ -2509,11 +2537,14 @@ int wlan_hdd_cfg80211_mgmt_tx_cancel_wait(struct wiphy *wiphy, void hdd_send_action_cnf(hdd_adapter_t *pAdapter, bool actionSendSuccess) { hdd_cfg80211_state_t *cfgState = WLAN_HDD_GET_CFG_STATE_PTR(pAdapter); + hdd_context_t *hdd_ctx = WLAN_HDD_GET_CTX(pAdapter); cfgState->actionFrmState = HDD_IDLE; - if (NULL == cfgState->buf) + if (NULL == cfgState->buf) { + qdf_idr_remove(&hdd_ctx->p2p_idr, cfgState->action_id); return; + } if (cfgState->is_go_neg_ack_received) { @@ -2526,6 +2557,7 @@ void hdd_send_action_cnf(hdd_adapter_t *pAdapter, bool actionSendSuccess) */ hdd_debug("Drop the pending ack received in cfgState->actionFrmState %d", cfgState->actionFrmState); + qdf_idr_remove(&hdd_ctx->p2p_idr, cfgState->action_id); return; } @@ -2539,10 +2571,11 @@ void hdd_send_action_cnf(hdd_adapter_t *pAdapter, bool actionSendSuccess) */ cfg80211_mgmt_tx_status( pAdapter->dev->ieee80211_ptr, - cfgState->action_cookie, + (u64)cfgState->action_id, cfgState->buf, cfgState->len, actionSendSuccess, GFP_KERNEL); + qdf_idr_remove(&hdd_ctx->p2p_idr, cfgState->action_id); qdf_mem_free(cfgState->buf); cfgState->buf = NULL; diff --git a/core/hdd/src/wlan_hdd_scan.c b/core/hdd/src/wlan_hdd_scan.c index 794a3fea1f70..4f6b771ae796 100644 --- a/core/hdd/src/wlan_hdd_scan.c +++ b/core/hdd/src/wlan_hdd_scan.c @@ -86,6 +86,10 @@ struct nla_policy scan_policy[QCA_WLAN_VENDOR_ATTR_SCAN_MAX + 1] = { [QCA_WLAN_VENDOR_ATTR_SCAN_COOKIE] = {.type = NLA_U64}, [QCA_WLAN_VENDOR_ATTR_SCAN_IE] = {.type = NLA_BINARY, .len = MAX_DEFAULT_SCAN_IE_LEN}, + [QCA_WLAN_VENDOR_ATTR_SCAN_MAC] = {.type = NLA_UNSPEC, + .len = QDF_MAC_ADDR_SIZE}, + [QCA_WLAN_VENDOR_ATTR_SCAN_MAC_MASK] = {.type = NLA_UNSPEC, + .len = QDF_MAC_ADDR_SIZE}, }; /** @@ -2813,7 +2817,7 @@ static int __wlan_hdd_cfg80211_vendor_scan(struct wiphy *wiphy, if (ie_len) nla_memcpy((void *)request->ie, - nla_data(tb[QCA_WLAN_VENDOR_ATTR_SCAN_IE]), ie_len); + tb[QCA_WLAN_VENDOR_ATTR_SCAN_IE], ie_len); for (count = 0; count < HDD_NUM_NL80211_BANDS; count++) if (wiphy->bands[count]) diff --git a/core/hdd/src/wlan_hdd_softap_tx_rx.c b/core/hdd/src/wlan_hdd_softap_tx_rx.c index af9affcda87c..11b927486171 100644 --- a/core/hdd/src/wlan_hdd_softap_tx_rx.c +++ b/core/hdd/src/wlan_hdd_softap_tx_rx.c @@ -34,6 +34,7 @@ #include <cds_utils.h> #include <wlan_hdd_regulatory.h> #include <wlan_hdd_ipa.h> +#include "wma_types.h" /* Preprocessor definitions and constants */ #undef QCA_HDD_SAP_DUMP_SK_BUFF @@ -254,6 +255,156 @@ static inline struct sk_buff *hdd_skb_orphan(hdd_adapter_t *pAdapter, #endif /* QCA_LL_LEGACY_TX_FLOW_CONTROL */ /** + * hdd_post_dhcp_ind() - Send DHCP START/STOP indication to FW + * @adapter: pointer to hdd adapter + * @sta_id: peer station ID + * @type: WMA message type + * + * Return: None + */ +QDF_STATUS hdd_post_dhcp_ind(hdd_adapter_t *adapter, + uint8_t sta_id, uint16_t type) +{ + QDF_STATUS status = QDF_STATUS_SUCCESS; + + hdd_debug("Post DHCP indication,sta_id=%d, type=%d", sta_id, type); + + if (!adapter) { + hdd_err("NULL adapter"); + return QDF_STATUS_E_FAILURE; + } + + status = wma_send_dhcp_ind(type, + adapter->device_mode, + adapter->macAddressCurrent.bytes, + adapter->aStaInfo[sta_id].macAddrSTA.bytes); + if (!QDF_IS_STATUS_SUCCESS(status)) + QDF_TRACE(QDF_MODULE_ID_HDD_SAP_DATA, QDF_TRACE_LEVEL_ERROR, + "%s: Post DHCP Ind MSG fail", __func__); + + return status; +} + +void hdd_softap_notify_dhcp_ind(void *context, struct sk_buff *netbuf) +{ + hdd_ap_ctx_t *hdd_ap_ctx; + struct qdf_mac_addr *dest_mac_addr; + uint8_t sta_id; + + hdd_adapter_t *adapter = context; + + if (!adapter) { + hdd_err("NULL adapter"); + return; + } + + hdd_ap_ctx = WLAN_HDD_GET_AP_CTX_PTR(adapter); + if (!hdd_ap_ctx) { + hdd_err("HDD sap context is NULL"); + return; + } + + dest_mac_addr = (struct qdf_mac_addr *)netbuf->data; + + if (QDF_NBUF_CB_GET_IS_BCAST(netbuf) || + QDF_NBUF_CB_GET_IS_MCAST(netbuf)) { + /* The BC/MC station ID is assigned during BSS + * starting phase. SAP will return the station ID + * used for BC/MC traffic. + */ + sta_id = hdd_ap_ctx->uBCStaId; + } else { + if (QDF_STATUS_SUCCESS != + hdd_softap_get_sta_id(adapter, + dest_mac_addr, &sta_id)) { + QDF_TRACE(QDF_MODULE_ID_HDD_SAP_DATA, + QDF_TRACE_LEVEL_INFO_HIGH, + "%s: Failed to find right station", __func__); + return; + } + } + hdd_post_dhcp_ind(adapter, sta_id, WMA_DHCP_STOP_IND); +} + +/** + * hdd_dhcp_indication() - Send DHCP START/STOP indication to FW + * @adapter: pointer to hdd adapter + * @sta_id: peer station ID + * @skb: pointer to OS packet (sk_buff) + * @dir: direction + * + * Return: true if tx completion to be notified for skb + */ +bool hdd_dhcp_indication(hdd_adapter_t *adapter, + uint8_t sta_id, + struct sk_buff *skb, + enum qdf_proto_dir dir) +{ + enum qdf_proto_subtype subtype = QDF_PROTO_INVALID; + hdd_station_info_t *hdd_sta_info; + + bool notify_tx_comp = false; + + hdd_debug("adapter=%p, sta_id=%d, dir=%d", adapter, sta_id, dir); + + if (((adapter->device_mode == QDF_SAP_MODE) || + (adapter->device_mode == QDF_P2P_GO_MODE)) && + ((dir == QDF_TX && QDF_NBUF_CB_PACKET_TYPE_DHCP == + QDF_NBUF_CB_GET_PACKET_TYPE(skb)) || + (dir == QDF_RX && qdf_nbuf_is_ipv4_dhcp_pkt(skb) == true))) { + + subtype = qdf_nbuf_get_dhcp_subtype(skb); + hdd_sta_info = &adapter->aStaInfo[sta_id]; + + hdd_debug("ENTER: type=%d, phase=%d, nego_status=%d", + subtype, + hdd_sta_info->dhcp_phase, + hdd_sta_info->dhcp_nego_status); + + switch (subtype) { + case QDF_PROTO_DHCP_DISCOVER: + if (dir != QDF_RX) + break; + if (hdd_sta_info->dhcp_nego_status == DHCP_NEGO_STOP) + hdd_post_dhcp_ind(adapter, sta_id, + WMA_DHCP_START_IND); + hdd_sta_info->dhcp_phase = DHCP_PHASE_DISCOVER; + hdd_sta_info->dhcp_nego_status = DHCP_NEGO_IN_PROGRESS; + break; + case QDF_PROTO_DHCP_OFFER: + hdd_sta_info->dhcp_phase = DHCP_PHASE_OFFER; + break; + case QDF_PROTO_DHCP_REQUEST: + if (dir != QDF_RX) + break; + if (hdd_sta_info->dhcp_nego_status == DHCP_NEGO_STOP) + hdd_post_dhcp_ind(adapter, sta_id, + WMA_DHCP_START_IND); + hdd_sta_info->dhcp_nego_status = DHCP_NEGO_IN_PROGRESS; + case QDF_PROTO_DHCP_DECLINE: + if (dir == QDF_RX) + hdd_sta_info->dhcp_phase = DHCP_PHASE_REQUEST; + break; + case QDF_PROTO_DHCP_ACK: + case QDF_PROTO_DHCP_NACK: + hdd_sta_info->dhcp_phase = DHCP_PHASE_ACK; + if (hdd_sta_info->dhcp_nego_status == + DHCP_NEGO_IN_PROGRESS) + notify_tx_comp = true; + hdd_sta_info->dhcp_nego_status = DHCP_NEGO_STOP; + break; + default: + break; + } + + hdd_debug("EXIT: phase=%d, nego_status=%d", + hdd_sta_info->dhcp_phase, + hdd_sta_info->dhcp_nego_status); + } + return notify_tx_comp; +} + +/** * __hdd_softap_hard_start_xmit() - Transmit a frame * @skb: pointer to OS packet (sk_buff) * @dev: pointer to network device @@ -275,6 +426,7 @@ static netdev_tx_t __hdd_softap_hard_start_xmit(struct sk_buff *skb, struct qdf_mac_addr *pDestMacAddress; uint8_t STAId; uint32_t num_seg; + bool notify_tx_comp = false; ++pAdapter->hdd_stats.hddTxRxStats.txXmitCalled; pAdapter->hdd_stats.hddTxRxStats.cont_txtimeout_cnt = 0; @@ -415,6 +567,10 @@ static netdev_tx_t __hdd_softap_hard_start_xmit(struct sk_buff *skb, } pAdapter->aStaInfo[STAId].last_tx_rx_ts = qdf_system_ticks(); + if (STAId != pHddApCtx->uBCStaId) + notify_tx_comp = hdd_dhcp_indication(pAdapter, + STAId, skb, QDF_TX); + hdd_event_eapol_log(skb, QDF_TX); QDF_NBUF_CB_TX_PACKET_TRACK(skb) = QDF_NBUF_TX_PKT_DATA_TRACK; QDF_NBUF_UPDATE_TX_PKT_COUNT(skb, QDF_NBUF_TX_PKT_HDD); @@ -434,7 +590,7 @@ static netdev_tx_t __hdd_softap_hard_start_xmit(struct sk_buff *skb, } if (pAdapter->tx_fn(ol_txrx_get_vdev_by_sta_id(STAId), - (qdf_nbuf_t) skb) != NULL) { + (qdf_nbuf_t)skb, notify_tx_comp) != NULL) { QDF_TRACE(QDF_MODULE_ID_HDD_SAP_DATA, QDF_TRACE_LEVEL_INFO_HIGH, "%s: Failed to send packet to txrx for staid:%d", __func__, STAId); @@ -658,6 +814,28 @@ QDF_STATUS hdd_softap_deinit_tx_rx_sta(hdd_adapter_t *pAdapter, uint8_t STAId) } /** + * hdd_softap_notify_tx_compl_cbk() - callback to notify tx completion + * @skb: pointer to skb data + * @adapter: pointer to vdev apdapter + * + * Return: None + */ +void hdd_softap_notify_tx_compl_cbk(struct sk_buff *skb, + void *context) +{ + int errno; + hdd_adapter_t *adapter = NULL; + + adapter = (hdd_adapter_t *)context; + errno = hdd_validate_adapter(adapter); + if (errno) + return; + + if (QDF_NBUF_CB_PACKET_TYPE_DHCP == QDF_NBUF_CB_GET_PACKET_TYPE(skb)) + hdd_softap_notify_dhcp_ind(context, skb); +} + +/** * hdd_softap_rx_packet_cbk() - Receive packet handler * @context: pointer to HDD context * @rxBuf: pointer to rx qdf_nbuf @@ -709,7 +887,6 @@ QDF_STATUS hdd_softap_rx_packet_cbk(void *context, qdf_nbuf_t rxBuf) skb->dev = pAdapter->dev; if (unlikely(skb->dev == NULL)) { - QDF_TRACE(QDF_MODULE_ID_HDD_SAP_DATA, QDF_TRACE_LEVEL_ERROR, "%s: ERROR!!Invalid netdevice", __func__); return QDF_STATUS_E_FAILURE; @@ -731,6 +908,8 @@ QDF_STATUS hdd_softap_rx_packet_cbk(void *context, qdf_nbuf_t rxBuf) } } + hdd_dhcp_indication(pAdapter, staid, skb, QDF_RX); + hdd_event_eapol_log(skb, QDF_RX); qdf_dp_trace_log_pkt(pAdapter->sessionId, skb, QDF_RX); DPTRACE(qdf_dp_trace(skb, @@ -876,6 +1055,7 @@ QDF_STATUS hdd_softap_register_sta(hdd_adapter_t *pAdapter, /* Register the vdev transmit and receive functions */ qdf_mem_zero(&txrx_ops, sizeof(txrx_ops)); txrx_ops.rx.rx = hdd_softap_rx_packet_cbk; + txrx_ops.tx.tx_comp = hdd_softap_notify_tx_compl_cbk; ol_txrx_vdev_register( ol_txrx_get_vdev_from_vdev_id(pAdapter->sessionId), pAdapter, &txrx_ops); diff --git a/core/hdd/src/wlan_hdd_spectral.c b/core/hdd/src/wlan_hdd_spectral.c index f02c9159bcc9..7b6735d24922 100644 --- a/core/hdd/src/wlan_hdd_spectral.c +++ b/core/hdd/src/wlan_hdd_spectral.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2017-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -434,16 +434,6 @@ static void spectral_scan_msg_handler(const void *data, int data_len, cds_ssr_unprotect(__func__); } -/** - * spectral_scan_activate_service() - API to register spectral - * scan cmd handler - * - * API to register the spectral scan command handler using new - * genl infra. Return type is zero to match with legacy - * prototype - * - * Return: 0 - */ int spectral_scan_activate_service(void) { register_cld_cmd_cb(WLAN_NL_MSG_SPECTRAL_SCAN, @@ -451,6 +441,12 @@ int spectral_scan_activate_service(void) return 0; } +int spectral_scan_deactivate_service(void) +{ + deregister_cld_cmd_cb(WLAN_NL_MSG_SPECTRAL_SCAN); + return 0; +} + #else static int spectral_scan_msg_callback(struct sk_buff *skb) { @@ -488,16 +484,6 @@ static int spectral_scan_msg_callback(struct sk_buff *skb) return 0; } -/** - * spectral_scan_activate_service() - Activate spectral scan message handler - * - * This function registers a handler to receive netlink message from - * the spectral scan application process. - * param - - * - None - * - * Return - 0 for success, non zero for failure - */ int spectral_scan_activate_service(void) { int ret; @@ -512,6 +498,23 @@ int spectral_scan_activate_service(void) return ret; } + +int spectral_scan_deactivate_service(void) +{ + int ret; + + /* + * Unregister the msg handler for msgs addressed to + * WLAN_NL_MSG_SPECTRAL_SCAN + */ + ret = nl_srv_unregister(WLAN_NL_MSG_SPECTRAL_SCAN, + spectral_scan_msg_callback); + if (ret) + hdd_err("Spectral Scan Unregistration failed"); + + return ret; +} + #endif /** diff --git a/core/hdd/src/wlan_hdd_spectralscan.h b/core/hdd/src/wlan_hdd_spectralscan.h index 552af910f045..6e61715058a3 100644 --- a/core/hdd/src/wlan_hdd_spectralscan.h +++ b/core/hdd/src/wlan_hdd_spectralscan.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2017-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -112,16 +112,24 @@ int wlan_hdd_cfg80211_spectral_scan_stop(struct wiphy *wiphy, /** * spectral_scan_activate_service() - Activate spectral scan message handler * - * This function registers a handler to receive netlink message from - * the spectral scan application process. - * param - - * - None + * This function registers a handler to receive netlink message from + * the spectral scan application process. * * Return - 0 for success, non zero for failure */ int spectral_scan_activate_service(void); /** + * spectral_scan_deactivate_service() - Deactivate spectral scan message handler + * + * This function deregisters a handler to receive netlink message from + * the spectral scan application process. + * + * Return - 0 for success, non zero for failure + */ +int spectral_scan_deactivate_service(void); + +/** * hdd_init_spectral_scan() - Initialize spectral scan config parameters * * This function initialize spectral scan configuration parameters @@ -160,6 +168,11 @@ static inline int spectral_scan_activate_service(void) return 0; } +static inline int spectral_scan_deactivate_service(void) +{ + return 0; +} + static inline void hdd_init_spectral_scan(hdd_context_t *hdd_ctx) { } diff --git a/core/hdd/src/wlan_hdd_tdls.c b/core/hdd/src/wlan_hdd_tdls.c index 351936082194..ca758c9c571a 100644 --- a/core/hdd/src/wlan_hdd_tdls.c +++ b/core/hdd/src/wlan_hdd_tdls.c @@ -288,7 +288,8 @@ void wlan_hdd_tdls_disable_offchan_and_teardown_links(hdd_context_t *hddctx, for (staidx = 0; staidx < hddctx->max_num_tdls_sta; staidx++) { - if (!hddctx->tdlsConnInfo[staidx].staId) + if (hddctx->tdlsConnInfo[staidx].staId == + HDD_WLAN_INVALID_STA_ID) continue; mutex_lock(&hddctx->tdls_lock); @@ -320,7 +321,8 @@ void wlan_hdd_tdls_disable_offchan_and_teardown_links(hdd_context_t *hddctx, hdd_roam_deregister_tdlssta(adapter, hddctx->tdlsConnInfo[staidx].staId); wlan_hdd_tdls_decrement_peer_count(adapter); - hddctx->tdlsConnInfo[staidx].staId = 0; + hddctx->tdlsConnInfo[staidx].staId = + HDD_WLAN_INVALID_STA_ID; hddctx->tdlsConnInfo[staidx].sessionId = 255; @@ -665,7 +667,7 @@ static void wlan_hdd_tdls_del_non_forced_peers(tdlsCtx_t *hdd_tdls_ctx) } else { peer->link_status = eTDLS_LINK_IDLE; peer->reason = eTDLS_LINK_UNSPECIFIED; - peer->staId = OL_TXRX_INVALID_TDLS_PEER_ID; + peer->staId = HDD_WLAN_INVALID_STA_ID; peer->discovery_attempt = 0; } } @@ -720,7 +722,8 @@ void hdd_tdls_context_init(hdd_context_t *hdd_ctx, bool ssr) hdd_debug("max_num_tdls_sta: %d", hdd_ctx->max_num_tdls_sta); for (sta_idx = 0; sta_idx < hdd_ctx->max_num_tdls_sta; sta_idx++) { - hdd_ctx->tdlsConnInfo[sta_idx].staId = 0; + hdd_ctx->tdlsConnInfo[sta_idx].staId = + HDD_WLAN_INVALID_STA_ID; hdd_ctx->tdlsConnInfo[sta_idx].sessionId = 255; qdf_mem_zero(&hdd_ctx->tdlsConnInfo[sta_idx].peerMac, QDF_MAC_ADDR_SIZE); @@ -1691,7 +1694,7 @@ static void wlan_hdd_tdls_set_mode(hdd_context_t *pHddCtx, ENTER(); - hdd_debug("mode %d", (int)tdls_mode); + hdd_debug("mode %d, source %d", (int)tdls_mode, source); if (0 != (wlan_hdd_validate_context(pHddCtx))) return; @@ -1740,7 +1743,9 @@ static void wlan_hdd_tdls_set_mode(hdd_context_t *pHddCtx, peer_update_timer) == QDF_TIMER_STATE_STOPPED)) { hdd_debug("Start timer again,source bitmap:%lu", pHddCtx->tdls_source_bitmap); + mutex_lock(&pHddCtx->tdls_lock); wlan_hdd_tdls_implicit_enable(pHddTdlsCtx); + mutex_unlock(&pHddCtx->tdls_lock); } status = hdd_get_next_adapter(pHddCtx, pAdapterNode, &pNext); @@ -1772,22 +1777,6 @@ static void wlan_hdd_tdls_set_mode(hdd_context_t *pHddCtx, return; } wlan_hdd_tdls_implicit_enable(pHddTdlsCtx); - /* tdls implicit mode is enabled, so - * enable the connection tracker - */ - pHddCtx->enable_tdls_connection_tracker - = true; - - if (tdls_mode == eTDLS_SUPPORT_EXTERNAL_CONTROL - && !pHddCtx->tdls_external_peer_count - && !pHddCtx->connected_peer_count) { - /* Disable connection tracker if tdls - * mode is external and no force peers - * were configured by application. - */ - pHddCtx->enable_tdls_connection_tracker - = false; - } } else if (eTDLS_SUPPORT_DISABLED == tdls_mode) { set_bit((unsigned long)source, @@ -1829,6 +1818,7 @@ static void wlan_hdd_tdls_set_mode(hdd_context_t *pHddCtx, pHddCtx->tdls_mode = tdls_mode; mutex_unlock(&pHddCtx->tdls_lock); + cds_set_tdls_ct_mode(pHddCtx); EXIT(); } @@ -1888,6 +1878,9 @@ int wlan_hdd_tdls_set_params(struct net_device *dev, config->rssi_trigger_threshold, config->rssi_teardown_threshold); + if (pHddCtx->tdls_mode == eTDLS_SUPPORT_NOT_ENABLED) + return -EINVAL; + wlan_hdd_tdls_set_mode(pHddCtx, req_tdls_mode, true, HDD_SET_TDLS_MODE_SOURCE_USER); @@ -1970,8 +1963,9 @@ void wlan_hdd_update_tdls_info(hdd_adapter_t *adapter, bool tdls_prohibited, goto done; } - hdd_debug("tdls_prohibited: %d, tdls_chan_swit_prohibited: %d", - tdls_prohibited, tdls_chan_swit_prohibited); + hdd_debug("tdls_prohibited: %d, tdls_chan_swit_prohibited: %d, source bitmap:%lu", + tdls_prohibited, tdls_chan_swit_prohibited, + hdd_ctx->tdls_source_bitmap); mutex_lock(&hdd_ctx->tdls_lock); @@ -1992,13 +1986,27 @@ void wlan_hdd_update_tdls_info(hdd_adapter_t *adapter, bool tdls_prohibited, /* If AP or caller indicated TDLS Prohibited then disable tdls mode */ if (tdls_prohibited) { hdd_ctx->tdls_mode = eTDLS_SUPPORT_NOT_ENABLED; + /* If the source bit is non zero then tdls mode is + * eTDLS_SUPPORT_DISABLED before changing the mode to + * eTDLS_SUPPORT_NOT_ENABlED, make the source bit to 0 + * as the wlan_hdd_tdls_set_mode is not called to + * clear the source bit, if the current mode is + * eTDLS_SUPPORT_NOT_ENABLED. + */ + hdd_ctx->tdls_source_bitmap = 0; } else { - if (false == hdd_ctx->config->fEnableTDLSImplicitTrigger) + if (false == hdd_ctx->config->fEnableTDLSImplicitTrigger) { hdd_ctx->tdls_mode = eTDLS_SUPPORT_EXPLICIT_TRIGGER_ONLY; - else if (true == hdd_ctx->config->fTDLSExternalControl) + } else if (true == hdd_ctx->config->fTDLSExternalControl) { hdd_ctx->tdls_mode = eTDLS_SUPPORT_EXTERNAL_CONTROL; - else + if (!hdd_ctx->tdls_source_bitmap && + hdd_ctx->tdls_external_peer_count) + wlan_hdd_tdls_implicit_enable(hdd_tdls_ctx); + } else { hdd_ctx->tdls_mode = eTDLS_SUPPORT_ENABLED; + if (!hdd_ctx->tdls_source_bitmap) + wlan_hdd_tdls_implicit_enable(hdd_tdls_ctx); + } } tdls_param = qdf_mem_malloc(sizeof(*tdls_param)); if (!tdls_param) { @@ -2090,8 +2098,9 @@ void wlan_hdd_update_tdls_info(hdd_adapter_t *adapter, bool tdls_prohibited, hdd_ctx->set_state_info.set_state_cnt--; } - hdd_debug("TDLS Set state cnt %d", - hdd_ctx->set_state_info.set_state_cnt); + hdd_debug("TDLS Set state cnt %d, source bitmap:%lu", + hdd_ctx->set_state_info.set_state_cnt, + hdd_ctx->tdls_source_bitmap); mutex_unlock(&hdd_ctx->tdls_lock); done: @@ -2477,7 +2486,7 @@ int wlan_hdd_tdls_reset_peer(hdd_adapter_t *pAdapter, const uint8_t *mac) wlan_hdd_tdls_set_peer_link_status(curr_peer, eTDLS_LINK_IDLE, eTDLS_LINK_UNSPECIFIED); - curr_peer->staId = OL_TXRX_INVALID_TDLS_PEER_ID; + curr_peer->staId = HDD_WLAN_INVALID_STA_ID; ret_status: return status; } @@ -2891,7 +2900,8 @@ bool wlan_hdd_tdls_check_peer_buf_capable(hdd_context_t *hdd_ctx, return false; for (staIdx = 0; staIdx < hdd_ctx->max_num_tdls_sta; staIdx++) { - if (hdd_ctx->tdlsConnInfo[staIdx].staId) { + if (hdd_ctx->tdlsConnInfo[staIdx].staId != + HDD_WLAN_INVALID_STA_ID) { curr_peer = wlan_hdd_tdls_find_all_peer(hdd_ctx, hdd_ctx->tdlsConnInfo[staIdx].peerMac.bytes); if (curr_peer) { @@ -3004,7 +3014,7 @@ void wlan_hdd_tdls_scan_done_callback(hdd_adapter_t *pAdapter) return; if (eTDLS_SUPPORT_NOT_ENABLED == pHddCtx->tdls_mode) { - hdd_debug("TDLS mode is disabled OR not enabled"); + hdd_debug("TDLS mode is not enabled don't change the tdls mode"); return; } @@ -3427,6 +3437,10 @@ __wlan_hdd_cfg80211_configure_tdls_mode(struct wiphy *wiphy, hdd_err("Invalid TDLS trigger mode"); return -EINVAL; } + if (hdd_ctx->tdls_mode == eTDLS_SUPPORT_NOT_ENABLED) { + hdd_err("TDLS mode is Not Enabled"); + return -EPERM; + } wlan_hdd_tdls_set_mode(hdd_ctx, tdls_mode, false, HDD_SET_TDLS_MODE_SOURCE_USER); @@ -5866,7 +5880,7 @@ static void wlan_hdd_tdls_idle_handler(void *user_data) v_CONTEXT_t cds_context; hdd_adapter_t *adapter; - if (!tdls_info->staId) { + if (tdls_info->staId == HDD_WLAN_INVALID_STA_ID) { hdd_err("peer (staidx %u) doesn't exists", tdls_info->staId); return; } @@ -6275,7 +6289,8 @@ static int wlan_hdd_tdls_teardown_links(hdd_context_t *hddctx, for (staidx = 0; staidx < hddctx->max_num_tdls_sta; staidx++) { - if (!hddctx->tdlsConnInfo[staidx].staId) + if (hddctx->tdlsConnInfo[staidx].staId == + HDD_WLAN_INVALID_STA_ID) continue; mutex_lock(&hddctx->tdls_lock); @@ -6392,6 +6407,10 @@ void wlan_hdd_change_tdls_mode(void *data) { hdd_context_t *hdd_ctx = (hdd_context_t *)data; + if (hdd_ctx->tdls_mode == eTDLS_SUPPORT_NOT_ENABLED) { + hdd_debug("TDLS mode is not enabled, don't change the tdls mode"); + return; + } wlan_hdd_tdls_set_mode(hdd_ctx, hdd_ctx->tdls_mode_last, false, HDD_SET_TDLS_MODE_SOURCE_P2P); } @@ -6405,6 +6424,11 @@ void hdd_tdls_notify_p2p_roc(hdd_context_t *hdd_ctx, qdf_mc_timer_stop(&hdd_ctx->tdls_source_timer); + if (eTDLS_SUPPORT_NOT_ENABLED == hdd_ctx->tdls_mode) { + hdd_debug("TDLS mode is not enabled continue with roc"); + return; + } + if (event == P2P_ROC_START) { tdls_mode = eTDLS_SUPPORT_DISABLED; wlan_hdd_tdls_set_mode(hdd_ctx, tdls_mode, false, @@ -6477,6 +6501,11 @@ void hdd_tdls_notify_hw_mode_change(bool is_dbs_hw_mode) if (!hdd_ctx) return; + if (hdd_ctx->tdls_mode == eTDLS_SUPPORT_NOT_ENABLED) { + hdd_debug("TDLS mode is not enabled continue with hw mode change"); + return; + } + if (is_dbs_hw_mode) { hdd_debug("hw mode is DBS"); wlan_hdd_tdls_set_mode(hdd_ctx, diff --git a/core/hdd/src/wlan_hdd_tx_rx.c b/core/hdd/src/wlan_hdd_tx_rx.c index b07a7aaec412..89c5ac95997e 100644 --- a/core/hdd/src/wlan_hdd_tx_rx.c +++ b/core/hdd/src/wlan_hdd_tx_rx.c @@ -1071,7 +1071,7 @@ static netdev_tx_t __hdd_hard_start_xmit(struct sk_buff *skb, } if (pAdapter->tx_fn(ol_txrx_get_vdev_by_sta_id(STAId), - (qdf_nbuf_t) skb) != NULL) { + (qdf_nbuf_t)skb, 0) != NULL) { QDF_TRACE(QDF_MODULE_ID_HDD_DATA, QDF_TRACE_LEVEL_INFO_HIGH, "%s: Failed to send packet to txrx for staid: %d", __func__, STAId); diff --git a/core/hdd/src/wlan_hdd_wext.c b/core/hdd/src/wlan_hdd_wext.c index 2d9ded6dd24f..925e4dd84bb9 100644 --- a/core/hdd/src/wlan_hdd_wext.c +++ b/core/hdd/src/wlan_hdd_wext.c @@ -576,7 +576,7 @@ static const struct ccp_freq_chan_map freq_chan_map[] = { */ #define WE_SET_MAX_TX_POWER_5_0 43 #define WE_SET_PKTLOG 44 -/* Private ioctl for packet powe save */ +/* Private ioctl for packet power save */ #define WE_PPS_PAID_MATCH 45 #define WE_PPS_GID_MATCH 46 #define WE_PPS_EARLY_TIM_CLEAR 47 @@ -587,7 +587,7 @@ static const struct ccp_freq_chan_map freq_chan_map[] = { #define WE_PPS_GID_NSTS_ZERO 52 /* * <ioctl> - * rssi_chk - Chek the rssi + * rssi_chk - Check the rssi * * @INPUT: One argument as input * @@ -630,44 +630,6 @@ static const struct ccp_freq_chan_map freq_chan_map[] = { #define WE_SET_QPOWER_MAX_TX_BEFORE_WAKE 57 #define WE_SET_QPOWER_SPEC_PSPOLL_WAKE_INTERVAL 58 #define WE_SET_QPOWER_SPEC_MAX_SPEC_NODATA_PSPOLL 59 -/* - * <ioctl> - * burst_enable - Enables or disables the burst feature - * - * @INPUT: 0-Disable, 1-Enable - * - * @OUTPUT: None - * - * This IOCTL enables or disables the burst feature. - * - * @E.g: iwpriv wlan0 burst_enable 0 - * - * Supported Feature: STA - * - * Usage: Internal/External - * - * </ioctl> - */ -#define WE_SET_BURST_ENABLE 60 -/* - * <ioctl> - * burst_dur - Enables or disables the burst feature - * - * @INPUT: int 1…..int 8191 in microseconds - * - * @OUTPUT: None - * - * This IOCTL sets the burst duration. - * - * @E.g: iwpriv wlan0 burst_dur <value> - * - * Supported Feature: STA - * - * Usage: Internal/External - * - * </ioctl> - */ -#define WE_SET_BURST_DUR 61 /* GTX Commands */ /* * <ioctl> @@ -1496,47 +1458,6 @@ static const struct ccp_freq_chan_map freq_chan_map[] = { #define WE_GET_QPOWER_MAX_TX_BEFORE_WAKE 42 #define WE_GET_QPOWER_SPEC_PSPOLL_WAKE_INTERVAL 43 #define WE_GET_QPOWER_SPEC_MAX_SPEC_NODATA_PSPOLL 44 -/* - * <ioctl> - * get_burst_en - Enables or disables the burst feature - * - * @INPUT: None - * - * @OUTPUT: Enable/disable of burst feature - * wlan0 get_burst_en:1 - * - * This IOCTL enables or disables the burst feature - * - * @E.g: iwpriv wlan0 get_burst_en - * - * Supported Feature:STA - * - * Usage: Internal/External - * - * </ioctl> - */ -#define WE_GET_BURST_ENABLE 45 -/* - * <ioctl> - * get_burst_dur - Get the burst duration - * - * @INPUT: None - * - * @OUTPUT: Duration in microseconds - * wlan0 get_burst_dur:8160 - * - * This IOCTL gets the burst duration - * This command is useful if setting burst enable - * - * @E.g: iwpriv wlan0 get_burst_dur - * - * Supported Feature: STA - * - * Usage: Internal/External - * - * </ioctl> - */ -#define WE_GET_BURST_DUR 46 /* GTX Commands */ /* * <ioctl> @@ -4756,7 +4677,8 @@ static int __iw_set_bitrate(struct net_device *dev, hdd_adapter_t *pAdapter = WLAN_HDD_GET_PRIV_PTR(dev); hdd_wext_state_t *pWextState; hdd_station_ctx_t *pHddStaCtx = WLAN_HDD_GET_STATION_CTX_PTR(pAdapter); - uint8_t supp_rates[WNI_CFG_SUPPORTED_RATES_11A_LEN]; + uint8_t supp_rates[WNI_CFG_SUPPORTED_RATES_11A_LEN + + WNI_CFG_SUPPORTED_RATES_11B_LEN]; uint32_t a_len = WNI_CFG_SUPPORTED_RATES_11A_LEN; uint32_t b_len = WNI_CFG_SUPPORTED_RATES_11B_LEN; uint32_t i, rate; @@ -4792,7 +4714,8 @@ static int __iw_set_bitrate(struct net_device *dev, &a_len) == QDF_STATUS_SUCCESS) && (sme_cfg_get_str(WLAN_HDD_GET_HAL_CTX(pAdapter), - WNI_CFG_SUPPORTED_RATES_11B, supp_rates, + WNI_CFG_SUPPORTED_RATES_11B, + supp_rates + a_len, &b_len) == QDF_STATUS_SUCCESS)) { for (i = 0; i < (b_len + a_len); ++i) { /* supported rates returned is double @@ -7956,29 +7879,6 @@ static int __iw_setint_getnone(struct net_device *dev, break; } - case WE_SET_BURST_ENABLE: - { - hdd_debug("SET Burst enable val %d", set_value); - if ((set_value == 0) || (set_value == 1)) { - ret = wma_cli_set_command(pAdapter->sessionId, - WMI_PDEV_PARAM_BURST_ENABLE, - set_value, PDEV_CMD); - } else - ret = -EINVAL; - break; - } - case WE_SET_BURST_DUR: - { - hdd_debug("SET Burst duration val %d", set_value); - if ((set_value > 0) && (set_value <= 102400)) - ret = wma_cli_set_command(pAdapter->sessionId, - WMI_PDEV_PARAM_BURST_DUR, - set_value, PDEV_CMD); - else - ret = -EINVAL; - break; - } - case WE_SET_TX_CHAINMASK: { hdd_debug("WMI_PDEV_PARAM_TX_CHAIN_MASK val %d", @@ -9042,23 +8942,6 @@ static int __iw_setnone_getint(struct net_device *dev, break; } - case WE_GET_BURST_ENABLE: - { - hdd_debug("GET Burst enable value"); - *value = wma_cli_get_command(pAdapter->sessionId, - WMI_PDEV_PARAM_BURST_ENABLE, - PDEV_CMD); - break; - } - case WE_GET_BURST_DUR: - { - hdd_debug("GET Burst Duration value"); - *value = wma_cli_get_command(pAdapter->sessionId, - WMI_PDEV_PARAM_BURST_DUR, - PDEV_CMD); - break; - } - case WE_GET_TX_CHAINMASK: { hdd_debug("GET WMI_PDEV_PARAM_TX_CHAIN_MASK"); @@ -10102,10 +9985,10 @@ static int iw_get_policy_manager_ut_ops(hdd_context_t *hdd_ctx, { hdd_debug("<iwpriv wlan0 pm_clist> is called"); if ((apps_args[0] < 0) || (apps_args[1] < 0) || - (apps_args[2] < 0) || (apps_args[3] < 0) || - (apps_args[4] < 0) || (apps_args[5] < 0) || - (apps_args[6] < 0) || (apps_args[7] < 0)) { - hdd_err("Invalid input params recieved for the IOCTL"); + (apps_args[2] < 0) || (apps_args[3] < 0) || + (apps_args[4] < 0) || (apps_args[5] < 0) || + (apps_args[6] < 0) || (apps_args[7] < 0)) { + hdd_err("Invalid input params received for the IOCTL"); return 0; } cds_incr_connection_count_utfw(apps_args[0], @@ -10119,7 +10002,7 @@ static int iw_get_policy_manager_ut_ops(hdd_context_t *hdd_ctx, { hdd_debug("<iwpriv wlan0 pm_dlist> is called"); if ((apps_args[0] < 0) || (apps_args[1] < 0)) { - hdd_err("Invalid input params recieved for the IOCTL"); + hdd_err("Invalid input params received for the IOCTL"); return 0; } @@ -10132,10 +10015,10 @@ static int iw_get_policy_manager_ut_ops(hdd_context_t *hdd_ctx, { hdd_debug("<iwpriv wlan0 pm_ulist> is called"); if ((apps_args[0] < 0) || (apps_args[1] < 0) || - (apps_args[2] < 0) || (apps_args[3] < 0) || - (apps_args[4] < 0) || (apps_args[5] < 0) || - (apps_args[6] < 0) || (apps_args[7] < 0)) { - hdd_err("Invalid input params recieved for the IOCTL"); + (apps_args[2] < 0) || (apps_args[3] < 0) || + (apps_args[4] < 0) || (apps_args[5] < 0) || + (apps_args[6] < 0) || (apps_args[7] < 0)) { + hdd_err("Invalid input params received for the IOCTL"); return 0; } cds_update_connection_info_utfw(apps_args[0], @@ -10149,7 +10032,7 @@ static int iw_get_policy_manager_ut_ops(hdd_context_t *hdd_ctx, { hdd_debug("<iwpriv wlan0 pm_dbs> is called"); if (apps_args[0] < 0) { - hdd_err("Invalid input param recieved for the IOCTL"); + hdd_err("Invalid input param received for the IOCTL"); return 0; } @@ -10175,7 +10058,7 @@ static int iw_get_policy_manager_ut_ops(hdd_context_t *hdd_ctx, hdd_debug("<iwpriv wlan0 pm_pcl> is called"); if (apps_args[0] < 0) { - hdd_err("Invalid input param recieved for the IOCTL"); + hdd_err("Invalid input param received for the IOCTL"); return 0; } cds_get_pcl(apps_args[0], @@ -10222,7 +10105,7 @@ static int iw_get_policy_manager_ut_ops(hdd_context_t *hdd_ctx, hdd_debug("<iwpriv wlan0 pm_query_action> is called"); if (apps_args[0] < 0) { - hdd_err("Invalid input params recieved for the IOCTL"); + hdd_err("Invalid input params received for the IOCTL"); return 0; } @@ -10239,8 +10122,8 @@ static int iw_get_policy_manager_ut_ops(hdd_context_t *hdd_ctx, hdd_debug("<iwpriv wlan0 pm_query_allow> is called"); if ((apps_args[0] < 0) || (apps_args[1] < 0) || - (apps_args[2] < 0)) { - hdd_err("Invalid input params recieved for the IOCTL"); + (apps_args[2] < 0)) { + hdd_err("Invalid input params received for the IOCTL"); return 0; } allow = cds_allow_concurrency( @@ -11384,6 +11267,38 @@ int wlan_hdd_set_filter(hdd_context_t *hdd_ctx, } /** + * validate_packet_filter_params_size() - Validate the size of the params rcvd + * @priv_data: Pointer to the priv data from user space + * @request: Pointer to the struct containing the copied data from user space + * + * Return: False on invalid length, true otherwise + */ +static bool validate_packet_filter_params_size(struct pkt_filter_cfg *request, + uint16_t length) +{ + int max_params_size, rcvd_params_size; + + max_params_size = HDD_MAX_CMP_PER_PACKET_FILTER * + sizeof(struct pkt_filter_param_cfg); + + if (length < sizeof(struct pkt_filter_cfg) - max_params_size) { + hdd_err("Less than minimum number of arguments needed"); + return false; + } + + rcvd_params_size = request->num_params * + sizeof(struct pkt_filter_param_cfg); + + if (length != sizeof(struct pkt_filter_cfg) - + max_params_size + rcvd_params_size) { + hdd_err("Arguments do not match the number of params provided"); + return false; + } + + return true; +} + +/** * __iw_set_packet_filter_params() - set packet filter parameters in target * @dev: Pointer to netdev * @info: Pointer to iw request info @@ -11419,8 +11334,7 @@ static int __iw_set_packet_filter_params(struct net_device *dev, return -EINVAL; } - if ((NULL == priv_data.pointer) || (0 == priv_data.length) || - priv_data.length < sizeof(struct pkt_filter_cfg)) { + if ((NULL == priv_data.pointer) || (0 == priv_data.length)) { hdd_err("invalid priv data %pK or invalid priv data length %d", priv_data.pointer, priv_data.length); return -EINVAL; @@ -11440,11 +11354,18 @@ static int __iw_set_packet_filter_params(struct net_device *dev, /* copy data using copy_from_user */ request = mem_alloc_copy_from_user_helper(priv_data.pointer, priv_data.length); + if (NULL == request) { hdd_err("mem_alloc_copy_from_user_helper fail"); return -ENOMEM; } + if (!validate_packet_filter_params_size(request, priv_data.length)) { + hdd_err("Invalid priv data length %d", priv_data.length); + qdf_mem_free(request); + return -EINVAL; + } + if (request->filter_action == HDD_RCV_FILTER_SET) hdd_ctx->user_configured_pkt_filter_rules |= 1 << request->filter_id; @@ -12741,16 +12662,6 @@ static const struct iw_priv_args we_private_args[] = { 0, "amsdu"}, - {WE_SET_BURST_ENABLE, - IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, - 0, - "burst_enable"}, - - {WE_SET_BURST_DUR, - IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, - 0, - "burst_dur"}, - {WE_SET_TXPOW_2G, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, 0, @@ -13093,16 +13004,6 @@ static const struct iw_priv_args we_private_args[] = { IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, "get_amsdu"}, - {WE_GET_BURST_ENABLE, - 0, - IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, - "get_burst_en"}, - - {WE_GET_BURST_DUR, - 0, - IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, - "get_burst_dur"}, - {WE_GET_TXPOW_2G, 0, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, diff --git a/core/mac/inc/qwlan_version.h b/core/mac/inc/qwlan_version.h index ab2188edf863..448e29d9b271 100644 --- a/core/mac/inc/qwlan_version.h +++ b/core/mac/inc/qwlan_version.h @@ -32,9 +32,9 @@ #define QWLAN_VERSION_MAJOR 5 #define QWLAN_VERSION_MINOR 1 #define QWLAN_VERSION_PATCH 1 -#define QWLAN_VERSION_EXTRA "V" -#define QWLAN_VERSION_BUILD 57 +#define QWLAN_VERSION_EXTRA "O" +#define QWLAN_VERSION_BUILD 59 -#define QWLAN_VERSIONSTR "5.1.1.57V" +#define QWLAN_VERSIONSTR "5.1.1.59O" #endif /* QWLAN_VERSION_H */ diff --git a/core/mac/inc/sir_api.h b/core/mac/inc/sir_api.h index 313dae998639..988b7aba5fe4 100644 --- a/core/mac/inc/sir_api.h +++ b/core/mac/inc/sir_api.h @@ -1340,6 +1340,7 @@ typedef struct sSirSmeJoinReq { bool supported_nss_1x1; uint8_t vdev_nss; uint8_t nss; + bool nss_forced_1x1; tSirBssDescription bssDescription; /* * WARNING: Pls make bssDescription as last variable in struct @@ -1753,6 +1754,7 @@ typedef struct sSirSmeDisassocInd { typedef struct sSirSmeDisassocCnf { uint16_t messageType; /* eWNI_SME_DISASSOC_CNF */ uint16_t length; + uint8_t sme_session_id; tSirResultCodes statusCode; struct qdf_mac_addr bssid; struct qdf_mac_addr peer_macaddr; diff --git a/core/mac/src/cfg/cfgUtil/dot11f.frms b/core/mac/src/cfg/cfgUtil/dot11f.frms index 64748a7d5a38..e9a7334de603 100644 --- a/core/mac/src/cfg/cfgUtil/dot11f.frms +++ b/core/mac/src/cfg/cfgUtil/dot11f.frms @@ -1588,6 +1588,23 @@ IE BeaconReportFrmBody (EID_BCN_REPORT_FRAME_BODY) reportedFields[0..224]; } +const EID_BCN_REPORT_FRAME_BODY_FRAGMENT_ID = 2; +IE beacon_report_frm_body_fragment_id (EID_BCN_REPORT_FRAME_BODY_FRAGMENT_ID) +{ + // Data + { + beacon_report_id: 8; + fragment_id_number: 7; + more_fragments: 1; + } +} + +const EID_BCN_REPORT_LAST_BEACON_REPORT_INDICATION = 164; +IE last_beacon_report_indication (EID_BCN_REPORT_LAST_BEACON_REPORT_INDICATION) +{ + last_fragment, 1; +} + IE MeasurementReport (EID_MEAS_REPORT) // 7.3.2.22 { token, 1; @@ -1654,6 +1671,8 @@ IE MeasurementReport (EID_MEAS_REPORT) // 7.3.2.22 antenna_id, 1; parent_TSF, 4; OPTIE BeaconReportFrmBody; + OPTIE beacon_report_frm_body_fragment_id; + OPTIE last_beacon_report_indication; //IE vendor_specific } }; @@ -2746,6 +2765,7 @@ IE MeasurementRequest (EID_MEAS_REQUEST) // 7.3.2.21 OPTIE BcnReportingDetail; OPTIE RequestedInfo; OPTIE APChannelReport[0..2]; + OPTIE last_beacon_report_indication; //OPTIONAL vendor_specific[1..239]; } lci (measurement_type IS 8) diff --git a/core/mac/src/cfg/cfg_api.c b/core/mac/src/cfg/cfg_api.c index 265b22779702..0f70fbed505f 100644 --- a/core/mac/src/cfg/cfg_api.c +++ b/core/mac/src/cfg/cfg_api.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -937,3 +937,34 @@ uint8_t *cfg_get_vendor_ie_ptr_from_oui(tpAniSirGlobal mac_ctx, return NULL; } +uint8_t *wlan_cfg_get_ie_ptr(uint8_t *p_ie, int length, uint8_t eid, + enum size_of_len_field size_of_len_field) +{ + int left = length; + uint8_t *ptr = p_ie; + uint8_t elem_id; + uint16_t elem_len; + + while (left >= (size_of_len_field + 1)) { + elem_id = ptr[0]; + if (size_of_len_field == TWO_BYTE) + elem_len = ((uint16_t)ptr[1]) | (ptr[2] << 8); + else + elem_len = ptr[1]; + + left -= (size_of_len_field + 1); + if (elem_len > left) { + pe_err("Invalid IEs eid: %d elem_len: %d left: %d", + eid, elem_len, left); + return NULL; + } + + if (elem_id == eid) + return ptr; + + left -= elem_len; + ptr += (elem_len + (size_of_len_field + 1)); + } + return NULL; +} + diff --git a/core/mac/src/include/cfg_api.h b/core/mac/src/include/cfg_api.h index 7d7d3f2433ea..2050b0c53245 100644 --- a/core/mac/src/include/cfg_api.h +++ b/core/mac/src/include/cfg_api.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011-2012, 2015-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011-2012, 2015-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -119,4 +119,20 @@ uint8_t *cfg_get_vendor_ie_ptr_from_oui(tpAniSirGlobal mac_ctx, uint8_t *ie, uint16_t ie_len); +/** + * wlan_cfg_get_ie_ptr() - to get IE ptr corresponding + * to a particular eid + * @p_ie: ptr to complete IE of beacon/probe response + * @length: complete IE length + * @eid: IE id + * @size_of_len_field: ONE_BYTE/TWO_BYTE + * + * This function is called to get IE ptr corresponding + * to a particular eid + * + * @Return: ptr to IE + */ +uint8_t *wlan_cfg_get_ie_ptr(uint8_t *p_ie, int length, uint8_t eid, + enum size_of_len_field size_of_len_field); + #endif /* __CFGAPI_H */ diff --git a/core/mac/src/include/cfg_global.h b/core/mac/src/include/cfg_global.h index aea692245956..c4b5200a6ea3 100644 --- a/core/mac/src/include/cfg_global.h +++ b/core/mac/src/include/cfg_global.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011-2015 The Linux Foundation. All rights reserved. + * Copyright (c) 2011-2015, 2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -84,4 +84,14 @@ typedef struct sAniSirCfg { uint32_t *gParamList; } tAniSirCfg, *tpAniSirCfg; +/** + * enum size_of_len_field: IE length size + * @ONE_BYTE: one byte IE length + * @TWO_BYTE: two byte IE length + */ +enum size_of_len_field { + ONE_BYTE = 1, + TWO_BYTE = 2 +}; + #endif diff --git a/core/mac/src/include/dot11f.h b/core/mac/src/include/dot11f.h index cdd8175a742b..aac7e935635b 100644 --- a/core/mac/src/include/dot11f.h +++ b/core/mac/src/include/dot11f.h @@ -26,7 +26,7 @@ * * * This file was automatically generated by 'framesc' - * Thu May 10 17:00:57 2018 from the following file(s): + * Tue Jun 5 17:04:23 2018 from the following file(s): * * dot11f.frms * @@ -3890,6 +3890,86 @@ uint32_t dot11f_get_packed_ie_azimuth_req( }; /* End extern "C". */ #endif /* C++ */ +/* EID 2 (0x02) */ +typedef struct sDot11fIEbeacon_report_frm_body_fragment_id { + uint8_t present; + uint16_t beacon_report_id:8; + uint16_t fragment_id_number:7; + uint16_t more_fragments:1; +} tDot11fIEbeacon_report_frm_body_fragment_id; + +#define DOT11F_EID_BEACON_REPORT_FRM_BODY_FRAGMENT_ID (2) + +/* N.B. These #defines do *not* include the EID & length */ +#define DOT11F_IE_BEACON_REPORT_FRM_BODY_FRAGMENT_ID_MIN_LEN (2) + +#define DOT11F_IE_BEACON_REPORT_FRM_BODY_FRAGMENT_ID_MAX_LEN (2) + +#ifdef __cplusplus +extern "C" { +#endif /* C++ */ +__must_check uint32_t dot11f_unpack_ie_beacon_report_frm_body_fragment_id( + tpAniSirGlobal, + uint8_t *, + uint8_t, + tDot11fIEbeacon_report_frm_body_fragment_id*, + bool); + +uint32_t dot11f_pack_ie_beacon_report_frm_body_fragment_id( + tpAniSirGlobal, + tDot11fIEbeacon_report_frm_body_fragment_id *, + uint8_t *, + uint32_t, + uint32_t*); + +uint32_t dot11f_get_packed_ie_beacon_report_frm_body_fragment_id( + tpAniSirGlobal, + tDot11fIEbeacon_report_frm_body_fragment_id *, + uint32_t*); + +#ifdef __cplusplus +}; /* End extern "C". */ +#endif /* C++ */ + +/* EID 164 (0xa4) */ +typedef struct sDot11fIElast_beacon_report_indication { + uint8_t present; + uint8_t last_fragment; +} tDot11fIElast_beacon_report_indication; + +#define DOT11F_EID_LAST_BEACON_REPORT_INDICATION (164) + +/* N.B. These #defines do *not* include the EID & length */ +#define DOT11F_IE_LAST_BEACON_REPORT_INDICATION_MIN_LEN (1) + +#define DOT11F_IE_LAST_BEACON_REPORT_INDICATION_MAX_LEN (1) + +#ifdef __cplusplus +extern "C" { +#endif /* C++ */ +__must_check uint32_t dot11f_unpack_ie_last_beacon_report_indication( + tpAniSirGlobal, + uint8_t *, + uint8_t, + tDot11fIElast_beacon_report_indication*, + bool); + +uint32_t dot11f_pack_ie_last_beacon_report_indication( + tpAniSirGlobal, + tDot11fIElast_beacon_report_indication *, + uint8_t *, + uint32_t, + uint32_t*); + +uint32_t dot11f_get_packed_ie_last_beacon_report_indication( + tpAniSirGlobal, + tDot11fIElast_beacon_report_indication *, + uint32_t*); + +#ifdef __cplusplus +}; /* End extern "C". */ +#endif /* C++ */ + /* EID 4 (0x04) */ typedef struct sDot11fIEmax_age { uint8_t present; @@ -5361,6 +5441,8 @@ typedef struct sDot11fIEMeasurementReport { uint8_t antenna_id; uint32_t parent_TSF; tDot11fIEBeaconReportFrmBody BeaconReportFrmBody; + tDot11fIEbeacon_report_frm_body_fragment_id beacon_report_frm_body_fragment_id; + tDot11fIElast_beacon_report_indication last_beacon_report_indication; } Beacon; /* type = 5 */ } report; } tDot11fIEMeasurementReport; @@ -5438,6 +5520,7 @@ typedef struct sDot11fIEMeasurementRequest { tDot11fIERequestedInfo RequestedInfo; uint16_t num_APChannelReport; tDot11fIEAPChannelReport APChannelReport[2]; + tDot11fIElast_beacon_report_indication last_beacon_report_indication; } Beacon; /* measurement_type = 5 */ struct { uint8_t loc_subject; diff --git a/core/mac/src/include/parser_api.h b/core/mac/src/include/parser_api.h index 09fc3ad5472a..9f80d000b3a2 100644 --- a/core/mac/src/include/parser_api.h +++ b/core/mac/src/include/parser_api.h @@ -795,10 +795,21 @@ populate_dot11f_ext_supp_rates(tpAniSirGlobal pMac, uint8_t nChannelNum, tDot11fIEExtSuppRates *pDot11f, tpPESession psessionEntry); +/** + * populate_dot11f_beacon_report() - Populate the Beacon Report IE + * @pMac: Pointer to the global MAC context + * @pDot11f: Pointer to the measurement report structure + * @pBeaconReport: Pointer to the Beacon Report structure + * @last_beacon_report_params: Last Beacon Report indication params + * + * Return: Ret Status + */ tSirRetStatus populate_dot11f_beacon_report(tpAniSirGlobal pMac, tDot11fIEMeasurementReport *pDot11f, - tSirMacBeaconReport *pBeaconReport); + tSirMacBeaconReport *pBeaconReport, + struct rrm_beacon_report_last_beacon_params + *last_beacon_report_params); /** * \brief Populate a tDot11fIEExtSuppRates diff --git a/core/mac/src/pe/include/lim_session.h b/core/mac/src/pe/include/lim_session.h index cafda29420c2..beec2735af59 100644 --- a/core/mac/src/pe/include/lim_session.h +++ b/core/mac/src/pe/include/lim_session.h @@ -470,6 +470,7 @@ typedef struct sPESession /* Added to Support BT-AMP */ /* flag to indicate country code in beacon */ uint8_t country_info_present; uint8_t nss; + bool nss_forced_1x1; bool add_bss_failed; /* To hold OBSS Scan IE Parameters */ struct obss_scanparam obss_ht40_scanparam; diff --git a/core/mac/src/pe/include/rrm_global.h b/core/mac/src/pe/include/rrm_global.h index d5a56c11485b..fe4ac201b9a6 100644 --- a/core/mac/src/pe/include/rrm_global.h +++ b/core/mac/src/pe/include/rrm_global.h @@ -153,12 +153,27 @@ typedef struct sRRMReq { union { struct { uint8_t reportingDetail; + uint8_t last_beacon_report_indication; tRRMBeaconReportRequestedIes reqIes; } Beacon; } request; uint8_t sendEmptyBcnRpt; } tRRMReq, *tpRRMReq; +/** + * rrm_beacon_report_last_beacon_params - Last Beacon Report Indication params + * @last_beacon_ind: flag for whether last beacon indication is required + * @report_id: Report ID of the corresponding Beacon Report Request + * @frag_id: Current fragment's Fragment ID + * @num_frags: Total number of fragments in the Beacon Report + */ +struct rrm_beacon_report_last_beacon_params { + uint8_t last_beacon_ind; + uint8_t report_id; + uint8_t frag_id; + uint8_t num_frags; +}; + typedef struct sRRMCaps { uint8_t LinkMeasurement:1; uint8_t NeighborRpt:1; diff --git a/core/mac/src/pe/include/sch_global.h b/core/mac/src/pe/include/sch_global.h index d4245a00f58f..dc90b0ed8a42 100644 --- a/core/mac/src/pe/include/sch_global.h +++ b/core/mac/src/pe/include/sch_global.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2014 The Linux Foundation. All rights reserved. + * Copyright (c) 2013-2014, 2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -95,6 +95,10 @@ struct schMisc { uint16_t p2pIeOffset; + /* CSA and ECSA Switch Count Offsets to be sent to FW */ + uint32_t csa_count_offset; + uint32_t ecsa_count_offset; + }; /* ****************** MISC defs ********************************* */ diff --git a/core/mac/src/pe/lim/lim_p2p.c b/core/mac/src/pe/lim/lim_p2p.c index 43351cd3ffa9..59a18feac556 100644 --- a/core/mac/src/pe/lim/lim_p2p.c +++ b/core/mac/src/pe/lim/lim_p2p.c @@ -641,7 +641,7 @@ void lim_send_p2p_action_frame(tpAniSirGlobal mac_ctx, if (NULL != p2p_ie) { /* extract the presence of NoA attribute inside * P2P IE */ - presence_noa_attr = lim_get_ie_ptr_new(mac_ctx, + presence_noa_attr = wlan_cfg_get_ie_ptr( p2p_ie + SIR_P2P_IE_HEADER_LEN, p2p_ie[1], SIR_P2P_NOA_ATTR, TWO_BYTE); } diff --git a/core/mac/src/pe/lim/lim_process_fils.c b/core/mac/src/pe/lim/lim_process_fils.c index 0056b5ab2876..4877816d63c0 100644 --- a/core/mac/src/pe/lim/lim_process_fils.c +++ b/core/mac/src/pe/lim/lim_process_fils.c @@ -349,6 +349,13 @@ static uint32_t lim_process_fils_eap_tlv(tpPESession pe_session, pe_debug("tlv type %x len %u total %u", tlv->type, tlv->length, data_len); + + if (tlv->length > (data_len - 2)) { + pe_err("tlv len %d greater data_len %d", + tlv->length, data_len); + return 0; + } + switch (tlv->type) { case SIR_FILS_EAP_TLV_KEYNAME_NAI: auth_info->keyname = qdf_mem_malloc(tlv->length); diff --git a/core/mac/src/pe/lim/lim_process_message_queue.c b/core/mac/src/pe/lim/lim_process_message_queue.c index 3d956c86fee0..789906a30ba8 100644 --- a/core/mac/src/pe/lim/lim_process_message_queue.c +++ b/core/mac/src/pe/lim/lim_process_message_queue.c @@ -1349,16 +1349,18 @@ static void lim_process_messages(tpAniSirGlobal mac_ctx, tpSirMsgQ msg) tSirMbMsgP2p *p2p_msg = NULL; tSirSetActiveModeSetBncFilterReq *bcn_filter_req = NULL; - if (ANI_DRIVER_TYPE(mac_ctx) == QDF_DRIVER_TYPE_MFG) { - qdf_mem_free(msg->bodyptr); - msg->bodyptr = NULL; - return; - } if (msg == NULL) { pe_err("Message pointer is Null"); QDF_ASSERT(0); return; } + + if (ANI_DRIVER_TYPE(mac_ctx) == QDF_DRIVER_TYPE_MFG) { + qdf_mem_free(msg->bodyptr); + msg->bodyptr = NULL; + return; + } + #ifdef WLAN_DEBUG mac_ctx->lim.numTot++; #endif diff --git a/core/mac/src/pe/lim/lim_process_sme_req_messages.c b/core/mac/src/pe/lim/lim_process_sme_req_messages.c index 2d25981f30be..9d14c121dd00 100644 --- a/core/mac/src/pe/lim/lim_process_sme_req_messages.c +++ b/core/mac/src/pe/lim/lim_process_sme_req_messages.c @@ -1531,7 +1531,6 @@ __lim_process_sme_join_req(tpAniSirGlobal mac_ctx, uint32_t *msg_buf) uint16_t ie_len; uint8_t *vendor_ie; tSirBssDescription *bss_desc; - struct vdev_type_nss *vdev_type_nss; if (!mac_ctx || !msg_buf) { QDF_TRACE(QDF_MODULE_ID_PE, QDF_TRACE_LEVEL_ERROR, @@ -1727,15 +1726,6 @@ __lim_process_sme_join_req(tpAniSirGlobal mac_ctx, uint32_t *msg_buf) sme_join_req->force_24ghz_in_ht20); /* Copy The channel Id to the session Table */ session->currentOperChannel = bss_desc->channelId; - if (IS_5G_CH(session->currentOperChannel)) - vdev_type_nss = &mac_ctx->vdev_type_nss_5g; - else - vdev_type_nss = &mac_ctx->vdev_type_nss_2g; - if (session->pePersona == QDF_P2P_CLIENT_MODE) - session->vdev_nss = vdev_type_nss->p2p_cli; - else - session->vdev_nss = vdev_type_nss->sta; - session->nss = session->vdev_nss; session->vhtCapability = IS_DOT11_MODE_VHT(session->dot11mode); if (session->vhtCapability) { @@ -1889,6 +1879,12 @@ __lim_process_sme_join_req(tpAniSirGlobal mac_ctx, uint32_t *msg_buf) session->supported_nss_1x1 = sme_join_req->supported_nss_1x1; session->vdev_nss = sme_join_req->vdev_nss; session->nss = sme_join_req->nss; + session->nss_forced_1x1 = sme_join_req->nss_forced_1x1; + + pe_debug("nss %d, vdev_nss %d, supported_nss_1x1 %d", + session->nss, + session->vdev_nss, + session->supported_nss_1x1); mlm_join_req->bssDescription.length = session->pLimJoinReq->bssDescription.length; @@ -2146,6 +2142,7 @@ static void __lim_process_sme_reassoc_req(tpAniSirGlobal mac_ctx, session_entry->supported_nss_1x1 = reassoc_req->supported_nss_1x1; session_entry->vdev_nss = reassoc_req->vdev_nss; session_entry->nss = reassoc_req->nss; + session_entry->nss_forced_1x1 = reassoc_req->nss_forced_1x1; pe_debug("vhtCapability: %d su_beam_formee: %d su_tx_bformer %d", session_entry->vhtCapability, @@ -2602,7 +2599,7 @@ static void __lim_process_sme_disassoc_cnf(tpAniSirGlobal pMac, uint32_t *pMsgBu if (psessionEntry == NULL) { pe_err("session does not exist for given bssId"); status = lim_prepare_disconnect_done_ind(pMac, &msg, - CSR_SESSION_ID_INVALID, + smeDisassocCnf.sme_session_id, eSIR_SME_INVALID_SESSION, NULL); if (QDF_IS_STATUS_SUCCESS(status)) @@ -2614,7 +2611,8 @@ static void __lim_process_sme_disassoc_cnf(tpAniSirGlobal pMac, uint32_t *pMsgBu if (!lim_is_sme_disassoc_cnf_valid(pMac, &smeDisassocCnf, psessionEntry)) { pe_err("received invalid SME_DISASSOC_CNF message"); - status = lim_prepare_disconnect_done_ind(pMac, &msg, sessionId, + status = lim_prepare_disconnect_done_ind(pMac, &msg, + psessionEntry->smeSessionId, eSIR_SME_INVALID_PARAMETERS, &smeDisassocCnf.bssid.bytes[0]); if (QDF_IS_STATUS_SUCCESS(status)) @@ -2645,10 +2643,10 @@ static void __lim_process_sme_disassoc_cnf(tpAniSirGlobal pMac, uint32_t *pMsgBu lim_print_sme_state(pMac, LOGE, psessionEntry->limSmeState); status = lim_prepare_disconnect_done_ind(pMac, &msg, - sessionId, - eSIR_SME_INVALID_STATE, - &smeDisassocCnf.bssid. - bytes[0]); + psessionEntry->smeSessionId, + eSIR_SME_INVALID_STATE, + &smeDisassocCnf.bssid. + bytes[0]); if (QDF_IS_STATUS_SUCCESS(status)) lim_send_sme_disassoc_deauth_ntf(pMac, QDF_STATUS_SUCCESS, @@ -2665,7 +2663,8 @@ static void __lim_process_sme_disassoc_cnf(tpAniSirGlobal pMac, uint32_t *pMsgBu default: /* eLIM_UNKNOWN_ROLE */ pe_err("received unexpected SME_DISASSOC_CNF role %d", GET_LIM_SYSTEM_ROLE(psessionEntry)); - status = lim_prepare_disconnect_done_ind(pMac, &msg, sessionId, + status = lim_prepare_disconnect_done_ind(pMac, &msg, + psessionEntry->smeSessionId, eSIR_SME_INVALID_STATE, &smeDisassocCnf.bssid.bytes[0]); if (QDF_IS_STATUS_SUCCESS(status)) @@ -2686,7 +2685,7 @@ static void __lim_process_sme_disassoc_cnf(tpAniSirGlobal pMac, uint32_t *pMsgBu MAC_ADDRESS_STR, MAC_ADDR_ARRAY(smeDisassocCnf.peer_macaddr.bytes)); status = lim_prepare_disconnect_done_ind(pMac, &msg, - sessionId, + psessionEntry->smeSessionId, eSIR_SME_INVALID_PARAMETERS, &smeDisassocCnf.bssid.bytes[0]); if (QDF_IS_STATUS_SUCCESS(status)) @@ -2704,9 +2703,9 @@ static void __lim_process_sme_disassoc_cnf(tpAniSirGlobal pMac, uint32_t *pMsgBu MAC_ADDR_ARRAY(smeDisassocCnf.peer_macaddr.bytes), pStaDs->mlmStaContext.mlmState); status = lim_prepare_disconnect_done_ind(pMac, &msg, - CSR_SESSION_ID_INVALID, - eSIR_SME_SUCCESS, - NULL); + psessionEntry->smeSessionId, + eSIR_SME_SUCCESS, + NULL); if (QDF_IS_STATUS_SUCCESS(status)) lim_send_sme_disassoc_deauth_ntf(pMac, QDF_STATUS_SUCCESS, @@ -4874,9 +4873,9 @@ static void lim_set_pdev_ht_ie(tpAniSirGlobal mac_ctx, uint8_t pdev_id, ie_params->ie_len); if (NSS_1x1_MODE == i) { - p_ie = lim_get_ie_ptr_new(mac_ctx, ie_params->ie_ptr, - ie_params->ie_len, - DOT11F_EID_HTCAPS, ONE_BYTE); + p_ie = wlan_cfg_get_ie_ptr(ie_params->ie_ptr, + ie_params->ie_len, + DOT11F_EID_HTCAPS, ONE_BYTE); if (NULL == p_ie) { qdf_mem_free(ie_params->ie_ptr); qdf_mem_free(ie_params); @@ -4948,9 +4947,10 @@ static void lim_set_pdev_vht_ie(tpAniSirGlobal mac_ctx, uint8_t pdev_id, ie_params->ie_len); if (NSS_1x1_MODE == i) { - p_ie = lim_get_ie_ptr_new(mac_ctx, ie_params->ie_ptr, - ie_params->ie_len, - DOT11F_EID_VHTCAPS, ONE_BYTE); + p_ie = wlan_cfg_get_ie_ptr(ie_params->ie_ptr, + ie_params->ie_len, + DOT11F_EID_VHTCAPS, + ONE_BYTE); if (NULL == p_ie) { qdf_mem_free(ie_params->ie_ptr); qdf_mem_free(ie_params); diff --git a/core/mac/src/pe/lim/lim_process_tdls.c b/core/mac/src/pe/lim/lim_process_tdls.c index 9d7b2897e39f..686646ad51c6 100644 --- a/core/mac/src/pe/lim/lim_process_tdls.c +++ b/core/mac/src/pe/lim/lim_process_tdls.c @@ -3044,8 +3044,8 @@ tSirRetStatus lim_process_sme_tdls_del_sta_req(tpAniSirGlobal pMac, goto lim_tdls_del_sta_error; } - lim_tdls_del_sta(pMac, pDelStaReq->peermac, psessionEntry, true); - return eSIR_SUCCESS; + if (lim_tdls_del_sta(pMac, pDelStaReq->peermac, psessionEntry, true)) + return eSIR_SUCCESS; lim_tdls_del_sta_error: lim_send_sme_tdls_del_sta_rsp(pMac, psessionEntry->smeSessionId, diff --git a/core/mac/src/pe/lim/lim_send_management_frames.c b/core/mac/src/pe/lim/lim_send_management_frames.c index 55b87bfeed44..abfaeb83ee09 100644 --- a/core/mac/src/pe/lim/lim_send_management_frames.c +++ b/core/mac/src/pe/lim/lim_send_management_frames.c @@ -1893,8 +1893,7 @@ lim_send_assoc_req_mgmt_frame(tpAniSirGlobal mac_ctx, if (pe_session->beacon && pe_session->bcnLen > ie_offset) { bcn_ie = pe_session->beacon + ie_offset; bcn_ie_len = pe_session->bcnLen - ie_offset; - p_ext_cap = lim_get_ie_ptr_new(mac_ctx, - bcn_ie, + p_ext_cap = wlan_cfg_get_ie_ptr(bcn_ie, bcn_ie_len, DOT11F_EID_EXTCAP, ONE_BYTE); @@ -4136,34 +4135,15 @@ returnAfterError: return statusCode; } /* End lim_send_link_report_action_frame. */ -/** - * \brief Send a Beacon Report Action frame - * - * - * \param pMac Pointer to the global MAC structure - * - * \param dialog_token dialog token to be used in the action frame. - * - * \param num_report number of reports in pRRMReport. - * - * \param pRRMReport Address of a tSirMacRadioMeasureReport. - * - * \param peer mac address of peer station. - * - * \param psessionEntry address of session entry. - * - * \return eSIR_SUCCESS on success, eSIR_FAILURE else - * - * - */ - tSirRetStatus lim_send_radio_measure_report_action_frame(tpAniSirGlobal pMac, - uint8_t dialog_token, - uint8_t num_report, - tpSirMacRadioMeasureReport pRRMReport, - tSirMacAddr peer, - tpPESession psessionEntry) + uint8_t dialog_token, + uint8_t num_report, + struct rrm_beacon_report_last_beacon_params + *last_beacon_report_params, + tpSirMacRadioMeasureReport pRRMReport, + tSirMacAddr peer, + tpPESession psessionEntry) { tSirRetStatus statusCode = eSIR_SUCCESS; uint8_t *pFrame; @@ -4209,9 +4189,10 @@ lim_send_radio_measure_report_action_frame(tpAniSirGlobal pMac, switch (pRRMReport[i].type) { case SIR_MAC_RRM_BEACON_TYPE: populate_dot11f_beacon_report(pMac, - &frm->MeasurementReport[i], - &pRRMReport[i].report. - beaconReport); + &frm->MeasurementReport[i], + &pRRMReport[i].report. + beaconReport, + last_beacon_report_params); frm->MeasurementReport[i].incapable = pRRMReport[i].incapable; frm->MeasurementReport[i].refused = diff --git a/core/mac/src/pe/lim/lim_send_sme_rsp_messages.c b/core/mac/src/pe/lim/lim_send_sme_rsp_messages.c index 2a7e43151dec..5e19ae7b7987 100644 --- a/core/mac/src/pe/lim/lim_send_sme_rsp_messages.c +++ b/core/mac/src/pe/lim/lim_send_sme_rsp_messages.c @@ -1360,8 +1360,8 @@ QDF_STATUS lim_prepare_disconnect_done_ind(tpAniSirGlobal mac_ctx, sir_sme_dis_ind->length = sizeof(*sir_sme_dis_ind); sir_sme_dis_ind->session_id = session_id; if (peer_mac_addr) - qdf_mem_copy(&sir_sme_dis_ind->peer_mac, - &peer_mac_addr, ETH_ALEN); + qdf_mem_copy(sir_sme_dis_ind->peer_mac, + peer_mac_addr, ETH_ALEN); /* * Instead of sending deauth reason code as 505 which is diff --git a/core/mac/src/pe/lim/lim_types.h b/core/mac/src/pe/lim/lim_types.h index 27e8f6d7ef80..df1316cf3fde 100644 --- a/core/mac/src/pe/lim/lim_types.h +++ b/core/mac/src/pe/lim/lim_types.h @@ -578,11 +578,28 @@ tSirRetStatus lim_send_neighbor_report_request_frame(tpAniSirGlobal, tSirMacAddr, tpPESession); tSirRetStatus lim_send_link_report_action_frame(tpAniSirGlobal, tpSirMacLinkReport, tSirMacAddr, tpPESession); -tSirRetStatus lim_send_radio_measure_report_action_frame(tpAniSirGlobal, uint8_t, - uint8_t, - tpSirMacRadioMeasureReport, - tSirMacAddr, tpPESession); +/** + * lim_send_radio_measure_report_action_frame - Send RRM report action frame + * @pMac: pointer to global MAC context + * @dialog_token: Dialog token to be used in the action frame + * @num_report: number of reports in pRRMReport + * @last_beacon_report_params: Last Beacon Report indication params + * @pRRMReport: Pointer to the RRM report structure + * @peer: MAC address of the peer + * @psessionEntry: Pointer to the PE session entry + * + * Return: Ret Status + */ +tSirRetStatus +lim_send_radio_measure_report_action_frame(tpAniSirGlobal pMac, + uint8_t dialog_token, + uint8_t num_report, + struct rrm_beacon_report_last_beacon_params + *last_beacon_report_params, + tpSirMacRadioMeasureReport pRRMReport, + tSirMacAddr peer, + tpPESession psessionEntry); #ifdef FEATURE_WLAN_TDLS void lim_init_tdls_data(tpAniSirGlobal, tpPESession); diff --git a/core/mac/src/pe/lim/lim_utils.c b/core/mac/src/pe/lim/lim_utils.c index fe29a7608056..19f883b4f9a6 100644 --- a/core/mac/src/pe/lim/lim_utils.c +++ b/core/mac/src/pe/lim/lim_utils.c @@ -5678,38 +5678,6 @@ void lim_diag_event_report(tpAniSirGlobal pMac, uint16_t eventType, #endif /* FEATURE_WLAN_DIAG_SUPPORT */ -uint8_t *lim_get_ie_ptr_new(tpAniSirGlobal pMac, uint8_t *pIes, int length, - uint8_t eid, eSizeOfLenField size_of_len_field) -{ - int left = length; - uint8_t *ptr = pIes; - uint8_t elem_id; - uint16_t elem_len; - - while (left >= (size_of_len_field + 1)) { - elem_id = ptr[0]; - if (size_of_len_field == TWO_BYTE) { - elem_len = ((uint16_t) ptr[1]) | (ptr[2] << 8); - } else { - elem_len = ptr[1]; - } - - left -= (size_of_len_field + 1); - if (elem_len > left) { - pe_err("Invalid IEs eid: %d elem_len: %d left: %d", - eid, elem_len, left); - return NULL; - } - if (elem_id == eid) { - return ptr; - } - - left -= elem_len; - ptr += (elem_len + (size_of_len_field + 1)); - } - return NULL; -} - /* Returns length of P2P stream and Pointer ie passed to this function is filled with noa stream */ uint8_t lim_build_p2p_ie(tpAniSirGlobal pMac, uint8_t *ie, uint8_t *data, @@ -6097,8 +6065,8 @@ void lim_set_ht_caps(tpAniSirGlobal p_mac, tpPESession p_session_entry, tDot11fIEHTCaps dot11_ht_cap = {0,}; populate_dot11f_ht_caps(p_mac, p_session_entry, &dot11_ht_cap); - p_ie = lim_get_ie_ptr_new(p_mac, p_ie_start, num_bytes, - DOT11F_EID_HTCAPS, ONE_BYTE); + p_ie = wlan_cfg_get_ie_ptr(p_ie_start, num_bytes, + DOT11F_EID_HTCAPS, ONE_BYTE); pe_debug("p_ie: %pK dot11_ht_cap.supportedMCSSet[0]: 0x%x", p_ie, dot11_ht_cap.supportedMCSSet[0]); if (p_ie) { @@ -6172,8 +6140,8 @@ void lim_set_vht_caps(tpAniSirGlobal p_mac, tpPESession p_session_entry, tDot11fIEVHTCaps dot11_vht_cap; populate_dot11f_vht_caps(p_mac, p_session_entry, &dot11_vht_cap); - p_ie = lim_get_ie_ptr_new(p_mac, p_ie_start, num_bytes, - DOT11F_EID_VHTCAPS, ONE_BYTE); + p_ie = wlan_cfg_get_ie_ptr(p_ie_start, num_bytes, + DOT11F_EID_VHTCAPS, ONE_BYTE); if (p_ie) { tSirMacVHTCapabilityInfo *vht_cap = @@ -6573,7 +6541,7 @@ QDF_STATUS lim_send_ext_cap_ie(tpAniSirGlobal mac_ctx, */ tSirRetStatus lim_strip_ie(tpAniSirGlobal mac_ctx, uint8_t *addn_ie, uint16_t *addn_ielen, - uint8_t eid, eSizeOfLenField size_of_len_field, + uint8_t eid, enum size_of_len_field size_of_len_field, uint8_t *oui, uint8_t oui_length, uint8_t *extracted_ie, uint32_t eid_max_len) { diff --git a/core/mac/src/pe/lim/lim_utils.h b/core/mac/src/pe/lim/lim_utils.h index 46b2ea676d45..f92382176e4d 100644 --- a/core/mac/src/pe/lim/lim_utils.h +++ b/core/mac/src/pe/lim/lim_utils.h @@ -36,10 +36,6 @@ #include "lim_scan_result_utils.h" #include "lim_timer_utils.h" #include "lim_trace.h" -typedef enum { - ONE_BYTE = 1, - TWO_BYTE = 2 -} eSizeOfLenField; #define LIM_STA_ID_MASK 0x00FF #define LIM_AID_MASK 0xC000 @@ -456,9 +452,6 @@ tpPESession lim_is_ibss_session_active(tpAniSirGlobal pMac); tpPESession lim_is_ap_session_active(tpAniSirGlobal pMac); void lim_handle_heart_beat_failure_timeout(tpAniSirGlobal pMac); -uint8_t *lim_get_ie_ptr_new(tpAniSirGlobal pMac, uint8_t *pIes, int length, - uint8_t eid, eSizeOfLenField size_of_len_field); - #define limGetWscIEPtr(pMac, ie, ie_len) \ cfg_get_vendor_ie_ptr_from_oui(pMac, SIR_MAC_WSC_OUI, \ SIR_MAC_WSC_OUI_SIZE, ie, ie_len) @@ -753,7 +746,7 @@ void lim_send_set_dtim_period(tpAniSirGlobal mac_ctx, uint8_t dtim_period, tSirRetStatus lim_strip_ie(tpAniSirGlobal mac_ctx, uint8_t *addn_ie, uint16_t *addn_ielen, - uint8_t eid, eSizeOfLenField size_of_len_field, + uint8_t eid, enum size_of_len_field size_of_len_field, uint8_t *oui, uint8_t out_len, uint8_t *extracted_ie, uint32_t eid_max_len); bool lim_get_rx_ldpc(tpAniSirGlobal mac_ctx, enum channel_enum ch, diff --git a/core/mac/src/pe/rrm/rrm_api.c b/core/mac/src/pe/rrm/rrm_api.c index f06bd2910582..03fd19734256 100644 --- a/core/mac/src/pe/rrm/rrm_api.c +++ b/core/mac/src/pe/rrm/rrm_api.c @@ -560,6 +560,19 @@ rrm_process_beacon_report_req(tpAniSirGlobal pMac, present ? pBeaconReq->measurement_request.Beacon.BcnReportingDetail. reportingDetail : BEACON_REPORTING_DETAIL_ALL_FF_IE; + if (pBeaconReq->measurement_request.Beacon. + last_beacon_report_indication.present) { + pCurrentReq->request.Beacon.last_beacon_report_indication = + pBeaconReq->measurement_request.Beacon. + last_beacon_report_indication.last_fragment; + pe_debug("Last Beacon Report in request = %d", + pCurrentReq->request.Beacon. + last_beacon_report_indication); + } else { + pCurrentReq->request.Beacon.last_beacon_report_indication = 0; + pe_debug("Last Beacon report not present in request"); + } + if (pBeaconReq->measurement_request.Beacon.RequestedInfo.present) { pCurrentReq->request.Beacon.reqIes.pElementIds = qdf_mem_malloc(sizeof(uint8_t) * @@ -758,6 +771,7 @@ rrm_process_beacon_report_xmit(tpAniSirGlobal mac_ctx, tpSirBssDescription bss_desc; tpRRMReq curr_req = mac_ctx->rrm.rrmPEContext.pCurrentReq; tpPESession session_entry; + struct rrm_beacon_report_last_beacon_params last_beacon_report_params; uint8_t session_id, counter; uint8_t bss_desc_count = 0; uint8_t report_index = 0; @@ -874,22 +888,41 @@ rrm_process_beacon_report_xmit(tpAniSirGlobal mac_ctx, break; } } + + qdf_mem_zero(&last_beacon_report_params, + sizeof(last_beacon_report_params)); /* * Each frame can hold RADIO_REPORTS_MAX_IN_A_FRAME reports. * Multiple frames may be sent if bss_desc_count is larger. + * Count the total number of frames to be sent first */ + + last_beacon_report_params.last_beacon_ind = + curr_req->request.Beacon.last_beacon_report_indication; + last_beacon_report_params.num_frags = + (bss_desc_count / RADIO_REPORTS_MAX_IN_A_FRAME); + if (bss_desc_count % RADIO_REPORTS_MAX_IN_A_FRAME) + last_beacon_report_params.num_frags++; + + pe_debug("last_beacon_report_ind required %d num_frags %d bss_count %d", + last_beacon_report_params.last_beacon_ind, + last_beacon_report_params.num_frags, + bss_desc_count); + while (report_index < bss_desc_count) { int m_count; m_count = QDF_MIN((bss_desc_count - report_index), RADIO_REPORTS_MAX_IN_A_FRAME); - pe_debug("Sending Action frame with %d bss info", - m_count); + pe_debug("Sending Action frame with %d bss info frag_id %d", + m_count, last_beacon_report_params.frag_id); lim_send_radio_measure_report_action_frame(mac_ctx, curr_req->dialog_token, m_count, + &last_beacon_report_params, &report[report_index], beacon_xmit_ind->bssId, session_entry); report_index += m_count; + last_beacon_report_params.frag_id++; } curr_req->sendEmptyBcnRpt = false; } @@ -941,8 +974,11 @@ static void rrm_process_beacon_request_failure(tpAniSirGlobal pMac, return; } - lim_send_radio_measure_report_action_frame(pMac, pCurrentReq->dialog_token, 1, - pReport, peer, pSessionEntry); + lim_send_radio_measure_report_action_frame(pMac, + pCurrentReq->dialog_token, + 1, NULL, + pReport, peer, + pSessionEntry); qdf_mem_free(pReport); return; @@ -1095,8 +1131,8 @@ rrm_process_radio_measurement_request(tpAniSirGlobal mac_ctx, report->incapable = 1; num_report = 1; lim_send_radio_measure_report_action_frame(mac_ctx, - rrm_req->DialogToken.token, num_report, report, peer, - session_entry); + rrm_req->DialogToken.token, num_report, NULL, + report, peer, session_entry); qdf_mem_free(report); return eSIR_FAILURE; } @@ -1148,8 +1184,8 @@ rrm_process_radio_measurement_request(tpAniSirGlobal mac_ctx, end: if (report) { lim_send_radio_measure_report_action_frame(mac_ctx, - rrm_req->DialogToken.token, num_report, report, - peer, session_entry); + rrm_req->DialogToken.token, num_report, NULL, + report, peer, session_entry); qdf_mem_free(report); } return status; diff --git a/core/mac/src/pe/sch/sch_api.c b/core/mac/src/pe/sch/sch_api.c index 8790226a02ee..87f40199552d 100644 --- a/core/mac/src/pe/sch/sch_api.c +++ b/core/mac/src/pe/sch/sch_api.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -214,6 +214,15 @@ tSirRetStatus sch_send_beacon_req(tpAniSirGlobal pMac, uint8_t *beaconPayload, beaconParams->timIeOffset = 0; } else { beaconParams->timIeOffset = psessionEntry->schBeaconOffsetBegin; + if (psessionEntry->dfsIncludeChanSwIe) { + beaconParams->csa_count_offset = + pMac->sch.schObject.csa_count_offset; + beaconParams->ecsa_count_offset = + pMac->sch.schObject.ecsa_count_offset; + pe_debug("csa_count_offset %d ecsa_count_offset %d", + beaconParams->csa_count_offset, + beaconParams->ecsa_count_offset); + } } /* p2pIeOffset should be atleast greater than timIeOffset */ diff --git a/core/mac/src/pe/sch/sch_beacon_gen.c b/core/mac/src/pe/sch/sch_beacon_gen.c index 2d9f20ba7a06..dbdabeb606ee 100644 --- a/core/mac/src/pe/sch/sch_beacon_gen.c +++ b/core/mac/src/pe/sch/sch_beacon_gen.c @@ -42,6 +42,9 @@ #include "parser_api.h" +/* Offset of Channel Switch count field in CSA/ECSA IE */ +#define SCH_CSA_SWITCH_COUNT_OFFSET 2; +#define SCH_ECSA_SWITCH_COUNT_OFFSET 3; const uint8_t p2p_oui[] = { 0x50, 0x6F, 0x9A, 0x9 }; @@ -152,6 +155,53 @@ sch_append_addn_ie(tpAniSirGlobal mac_ctx, tpPESession session, } /** + * sch_get_csa_ecsa_count_offset() - get the offset of Switch count field + * @ie: pointer to the beggining of IEs in the beacon frame buffer + * @ie_len: length of the IEs in the buffer + * @csa_count_offset: pointer to the csa_count_offset variable in the caller + * @ecsa_count_offset: pointer to the ecsa_count_offset variable in the caller + * + * Gets the offset of the switch count field in the CSA/ECSA IEs from the start + * of the IEs buffer. + * + * Return: None + */ +static void sch_get_csa_ecsa_count_offset(uint8_t *ie, uint32_t ie_len, + uint32_t *csa_count_offset, + uint32_t *ecsa_count_offset) +{ + uint8_t *ptr = ie; + uint8_t elem_id; + uint16_t elem_len; + uint32_t offset = 0; + + /* IE is not present */ + if (!ie_len) + return; + + while (ie_len >= 2) { + elem_id = ptr[0]; + elem_len = ptr[1]; + ie_len -= 2; + offset += 2; + + if (elem_id == DOT11F_EID_CHANSWITCHANN && + elem_len == 3) + *csa_count_offset = offset + + SCH_CSA_SWITCH_COUNT_OFFSET; + + if (elem_id == DOT11F_EID_EXT_CHAN_SWITCH_ANN && + elem_len == 4) + *ecsa_count_offset = offset + + SCH_ECSA_SWITCH_COUNT_OFFSET; + + ie_len -= elem_len; + offset += elem_len; + ptr += (elem_len + 2); + } +} + +/** * sch_set_fixed_beacon_fields() - sets the fixed params in beacon frame * @mac_ctx: mac global context * @session: pe session entry @@ -178,6 +228,8 @@ sch_set_fixed_beacon_fields(tpAniSirGlobal mac_ctx, tpPESession session) uint32_t extra_ie_len = 0; uint16_t extra_ie_offset = 0; uint16_t p2p_ie_offset = 0; + uint32_t csa_count_offset = 0; + uint32_t ecsa_count_offset = 0; tSirRetStatus status = eSIR_SUCCESS; bool is_vht_enabled = false; uint16_t addn_ielen = 0; @@ -525,6 +577,26 @@ sch_set_fixed_beacon_fields(tpAniSirGlobal mac_ctx, tpPESession session) n_status); } + /* Fill the CSA/ECSA count offsets if the IEs are present */ + if (session->dfsIncludeChanSwIe) + sch_get_csa_ecsa_count_offset(session->pSchBeaconFrameEnd, + n_bytes, + &csa_count_offset, + &ecsa_count_offset); + + if (csa_count_offset) + mac_ctx->sch.schObject.csa_count_offset = + session->schBeaconOffsetBegin + TIM_IE_SIZE + + csa_count_offset; + if (ecsa_count_offset) + mac_ctx->sch.schObject.ecsa_count_offset = + session->schBeaconOffsetBegin + TIM_IE_SIZE + + ecsa_count_offset; + + pe_debug("csa_count_offset %d ecsa_count_offset %d", + mac_ctx->sch.schObject.csa_count_offset, + mac_ctx->sch.schObject.ecsa_count_offset); + extra_ie = session->pSchBeaconFrameEnd + n_bytes; extra_ie_offset = n_bytes; diff --git a/core/mac/src/pe/sch/sch_beacon_process.c b/core/mac/src/pe/sch/sch_beacon_process.c index 58a6e6095bb2..e0ccf28dbbc2 100644 --- a/core/mac/src/pe/sch/sch_beacon_process.c +++ b/core/mac/src/pe/sch/sch_beacon_process.c @@ -483,6 +483,10 @@ static void update_nss(tpAniSirGlobal mac_ctx, tpDphHashNode sta_ds, tpSirMacMgmtHdr mgmt_hdr) { if (sta_ds->vhtSupportedRxNss != (beacon->OperatingMode.rxNSS + 1)) { + if (session_entry->nss_forced_1x1) { + pe_debug("Not Updating NSS for special AP"); + return; + } sta_ds->vhtSupportedRxNss = beacon->OperatingMode.rxNSS + 1; lim_set_nss_change(mac_ctx, session_entry, diff --git a/core/mac/src/sys/legacy/src/utils/src/dot11f.c b/core/mac/src/sys/legacy/src/utils/src/dot11f.c index 2f1f3549175d..ee772e76742d 100644 --- a/core/mac/src/sys/legacy/src/utils/src/dot11f.c +++ b/core/mac/src/sys/legacy/src/utils/src/dot11f.c @@ -24,7 +24,7 @@ * * * This file was automatically generated by 'framesc' - * Thu May 10 17:00:57 2018 from the following file(s): + * Tue Jun 5 17:04:23 2018 from the following file(s): * * dot11f.frms * @@ -815,8 +815,10 @@ uint32_t dot11f_unpack_tlv_authorized_ma_cs(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 6)) + if (unlikely(tlvlen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->mac, pBuf, 6); pBuf += 6; @@ -839,8 +841,10 @@ uint32_t dot11f_unpack_tlv_version2(tpAniSirGlobal pCtx, uint32_t status = DOT11F_PARSE_SUCCESS; uint8_t tmp5__; pDst->present = 1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp5__ = *pBuf; pBuf += 1; @@ -899,14 +903,18 @@ uint32_t dot11f_unpack_tlv_extended_listen_timing(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 2)) + if (unlikely(tlvlen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->availibilityPeriod, pBuf, 0); pBuf += 2; tlvlen -= (uint8_t)2; - if (unlikely(tlvlen < 2)) + if (unlikely(tlvlen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->availibilityInterval, pBuf, 0); pBuf += 2; @@ -925,20 +933,26 @@ uint32_t dot11f_unpack_tlv_listen_channel(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 3)) + if (unlikely(tlvlen < 3)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->countryString, pBuf, 3); pBuf += 3; tlvlen -= (uint8_t)3; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->regulatoryClass = *pBuf; pBuf += 1; tlvlen -= (uint8_t)1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->channel = *pBuf; pBuf += 1; @@ -1029,14 +1043,18 @@ uint32_t dot11f_unpack_tlv_notice_of_absence(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->index = *pBuf; pBuf += 1; tlvlen -= (uint8_t)1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->CTSWindowOppPS = *pBuf; pBuf += 1; @@ -1064,20 +1082,26 @@ uint32_t dot11f_unpack_tlv_operating_channel(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 3)) + if (unlikely(tlvlen < 3)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->countryString, pBuf, 3); pBuf += 3; tlvlen -= (uint8_t)3; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->regulatoryClass = *pBuf; pBuf += 1; tlvlen -= (uint8_t)1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->channel = *pBuf; pBuf += 1; @@ -1096,14 +1120,18 @@ uint32_t dot11f_unpack_tlv_p2_p_capability(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->deviceCapability = *pBuf; pBuf += 1; tlvlen -= (uint8_t)1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->groupCapability = *pBuf; pBuf += 1; @@ -1122,8 +1150,10 @@ uint32_t dot11f_unpack_tlv_p2_p_device_id(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 6)) + if (unlikely(tlvlen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->P2PDeviceAddress, pBuf, 6); pBuf += 6; @@ -1149,20 +1179,26 @@ uint32_t dot11f_unpack_tlv_p2_p_device_info(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 6)) + if (unlikely(tlvlen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->P2PDeviceAddress, pBuf, 6); pBuf += 6; tlvlen -= (uint8_t)6; - if (unlikely(tlvlen < 2)) + if (unlikely(tlvlen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->configMethod, pBuf, 0); pBuf += 2; tlvlen -= (uint8_t)2; - if (unlikely(tlvlen < 8)) + if (unlikely(tlvlen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->primaryDeviceType, pBuf, 8); pBuf += 8; @@ -1209,20 +1245,26 @@ uint32_t dot11f_unpack_tlv_primary_device_type(tpAniSirGlobal pCtx, uint32_t status = DOT11F_PARSE_SUCCESS; (void)pBuf; (void)tlvlen; /* Shutup the compiler */ pDst->present = 1; - if (unlikely(tlvlen < 2)) + if (unlikely(tlvlen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->primary_category, pBuf, 1); pBuf += 2; tlvlen -= (uint8_t)2; - if (unlikely(tlvlen < 4)) + if (unlikely(tlvlen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->oui, pBuf, 4); pBuf += 4; tlvlen -= (uint8_t)4; - if (unlikely(tlvlen < 2)) + if (unlikely(tlvlen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->sub_category, pBuf, 1); pBuf += 2; @@ -1244,20 +1286,26 @@ uint32_t dot11f_unpack_tlv_request_device_type(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 2)) + if (unlikely(tlvlen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->primary_category, pBuf, 1); pBuf += 2; tlvlen -= (uint8_t)2; - if (unlikely(tlvlen < 4)) + if (unlikely(tlvlen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->oui, pBuf, 4); pBuf += 4; tlvlen -= (uint8_t)4; - if (unlikely(tlvlen < 2)) + if (unlikely(tlvlen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->sub_category, pBuf, 1); pBuf += 2; @@ -1311,8 +1359,10 @@ uint32_t dot11f_unpack_tlv_uuid_e(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 16)) + if (unlikely(tlvlen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->uuid, pBuf, 16); pBuf += 16; @@ -1331,8 +1381,10 @@ uint32_t dot11f_unpack_tlv_uuid_r(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 16)) + if (unlikely(tlvlen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->uuid, pBuf, 16); pBuf += 16; @@ -1365,8 +1417,10 @@ uint32_t dot11f_unpack_tlv_vendor_extension(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 3)) + if (unlikely(tlvlen < 3)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->vendorId, pBuf, 3); pBuf += 3; @@ -1392,8 +1446,10 @@ uint32_t dot11f_unpack_tlv_version(tpAniSirGlobal pCtx, uint32_t status = DOT11F_PARSE_SUCCESS; uint8_t tmp6__; pDst->present = 1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp6__ = *pBuf; pBuf += 1; @@ -1432,8 +1488,10 @@ uint32_t dot11f_unpack_tlv_non_prefferd_chan_rep(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->oper_class = *pBuf; pBuf += 1; @@ -1462,8 +1520,10 @@ uint32_t dot11f_unpack_tlv_oce_cap(tpAniSirGlobal pCtx, uint32_t status = DOT11F_PARSE_SUCCESS; uint8_t tmp7__; pDst->present = 1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp7__ = *pBuf; pBuf += 1; @@ -1487,8 +1547,10 @@ uint32_t dot11f_unpack_tlv_reduced_wan_metrics(tpAniSirGlobal pCtx, uint32_t status = DOT11F_PARSE_SUCCESS; uint8_t tmp8__; pDst->present = 1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp8__ = *pBuf; pBuf += 1; @@ -1509,14 +1571,18 @@ uint32_t dot11f_unpack_tlv_rssi_assoc_rej(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->delta_rssi = *pBuf; pBuf += 1; tlvlen -= (uint8_t)1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->retry_delay = *pBuf; pBuf += 1; @@ -1541,8 +1607,10 @@ uint32_t dot11f_unpack_tlv_p2_p_interface(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 6)) + if (unlikely(tlvlen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->P2PDeviceAddress, pBuf, 6); pBuf += 6; @@ -1569,22 +1637,28 @@ uint32_t dot11f_unpack_ie_gtk(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &tmp9__, pBuf, 0); pBuf += 2; ielen -= 2; pDst->keyId = tmp9__ >> 0 & 0x3; pDst->reserved = tmp9__ >> 2 & 0x3feb; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->keyLength = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->RSC, pBuf, 8); pBuf += 8; @@ -1614,26 +1688,34 @@ uint32_t dot11f_unpack_ie_igtk(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->keyID, pBuf, 2); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->IPN, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->keyLength = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 24)) + if (unlikely(ielen < 24)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->key, pBuf, 24); (void)pCtx; @@ -1679,8 +1761,10 @@ uint32_t dot11f_unpack_ie_r1_kh_id(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->PMK_R1_ID, pBuf, 6); (void)pCtx; @@ -1701,8 +1785,10 @@ uint32_t dot11f_unpack_ie_ap_channel_report(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->regulatoryClass = *pBuf; pBuf += 1; @@ -1732,8 +1818,10 @@ uint32_t dot11f_unpack_ie_bcn_reporting_detail(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->reportingDetail = *pBuf; (void)pCtx; @@ -1779,14 +1867,18 @@ uint32_t dot11f_unpack_ie_beacon_reporting(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->reportingCondition = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->threshold = *pBuf; (void)pCtx; @@ -1807,8 +1899,10 @@ uint32_t dot11f_unpack_ie_condensed_country_str(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->countryStr, pBuf, 2); (void)pCtx; @@ -1829,8 +1923,10 @@ uint32_t dot11f_unpack_ie_measurement_pilot(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurementPilot = *pBuf; pBuf += 1; @@ -1855,8 +1951,10 @@ uint32_t dot11f_unpack_ie_multi_bssid(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->maxBSSIDIndicator = *pBuf; pBuf += 1; @@ -1881,20 +1979,26 @@ uint32_t dot11f_unpack_ie_ric_data(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->Identifier = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->resourceDescCount = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->statusCode, pBuf, 0); (void)pCtx; @@ -1915,8 +2019,10 @@ uint32_t dot11f_unpack_ie_ric_descriptor(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->resourceType = *pBuf; pBuf += 1; @@ -1946,8 +2052,10 @@ uint32_t dot11f_unpack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp10__ = *pBuf; pBuf += 1; @@ -1960,8 +2068,10 @@ uint32_t dot11f_unpack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, pDst->BeaconActive = tmp10__ >> 5 & 0x1; pDst->BeaconTable = tmp10__ >> 6 & 0x1; pDst->BeaconRepCond = tmp10__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp11__ = *pBuf; pBuf += 1; @@ -1974,8 +2084,10 @@ uint32_t dot11f_unpack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, pDst->LCIAzimuth = tmp11__ >> 5 & 0x1; pDst->TCMCapability = tmp11__ >> 6 & 0x1; pDst->triggeredTCM = tmp11__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp12__ = *pBuf; pBuf += 1; @@ -1984,8 +2096,10 @@ uint32_t dot11f_unpack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, pDst->RRMMIBEnabled = tmp12__ >> 1 & 0x1; pDst->operatingChanMax = tmp12__ >> 2 & 0x7; pDst->nonOperatinChanMax = tmp12__ >> 5 & 0x7; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp13__ = *pBuf; pBuf += 1; @@ -1996,8 +2110,10 @@ uint32_t dot11f_unpack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, pDst->RCPIMeasurement = tmp13__ >> 5 & 0x1; pDst->RSNIMeasurement = tmp13__ >> 6 & 0x1; pDst->BssAvgAccessDelay = tmp13__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp14__ = *pBuf; pDst->BSSAvailAdmission = tmp14__ >> 0 & 0x1; @@ -2071,8 +2187,10 @@ uint32_t dot11f_unpack_ie_schedule(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &tmp15__, pBuf, 0); pBuf += 2; @@ -2081,26 +2199,34 @@ uint32_t dot11f_unpack_ie_schedule(tpAniSirGlobal pCtx, pDst->tsid = tmp15__ >> 1 & 0xf; pDst->direction = tmp15__ >> 5 & 0x3; pDst->reserved = tmp15__ >> 7 & 0x1ff; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->service_start_time, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->service_interval, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->max_service_dur, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->spec_interval, pBuf, 0); (void)pCtx; @@ -2121,124 +2247,162 @@ uint32_t dot11f_unpack_ie_tclas(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->user_priority = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->classifier_type = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->classifier_mask = *pBuf; pBuf += 1; ielen -= (uint8_t)1; switch (pDst->classifier_type) { case 0: - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.EthParams.source, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.EthParams.dest, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.EthParams.type, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; break; case 1: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->info.IpParams.version = *pBuf; pBuf += 1; ielen -= (uint8_t)1; switch (pDst->info.IpParams.version) { case 4: - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV4Params.source, pBuf, 4); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV4Params.dest, pBuf, 4); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.IpParams.params.IpV4Params.src_port, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.IpParams.params.IpV4Params.dest_port, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->info.IpParams.params.IpV4Params.DSCP = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->info.IpParams.params.IpV4Params.proto = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->info.IpParams.params.IpV4Params.reserved = *pBuf; pBuf += 1; ielen -= (uint8_t)1; break; case 6: - if (unlikely(ielen < 16)) + if (unlikely(ielen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV6Params.source, pBuf, 16); pBuf += 16; ielen -= (uint8_t)16; - if (unlikely(ielen < 16)) + if (unlikely(ielen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV6Params.dest, pBuf, 16); pBuf += 16; ielen -= (uint8_t)16; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.IpParams.params.IpV6Params.src_port, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.IpParams.params.IpV6Params.dest_port, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 3)) + if (unlikely(ielen < 3)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV6Params.flow_label, pBuf, 3); pBuf += 3; @@ -2247,8 +2411,10 @@ uint32_t dot11f_unpack_ie_tclas(tpAniSirGlobal pCtx, } break; case 2: - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.Params8021dq.tag_type, pBuf, 0); pBuf += 2; @@ -2276,8 +2442,10 @@ uint32_t dot11f_unpack_ie_ts_delay(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->delay, pBuf, 0); (void)pCtx; @@ -2298,14 +2466,18 @@ uint32_t dot11f_unpack_ie_tsf_info(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->TsfOffset, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->BeaconIntvl, pBuf, 0); (void)pCtx; @@ -2329,8 +2501,10 @@ uint32_t dot11f_unpack_ie_tspec(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &tmp16__, pBuf, 0); pBuf += 2; @@ -2343,102 +2517,134 @@ uint32_t dot11f_unpack_ie_tspec(tpAniSirGlobal pCtx, pDst->psb = tmp16__ >> 10 & 0x1; pDst->user_priority = tmp16__ >> 11 & 0x7; pDst->tsinfo_ack_pol = tmp16__ >> 14 & 0x3; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp17__ = *pBuf; pBuf += 1; ielen -= 1; pDst->schedule = tmp17__ >> 0 & 0x1; pDst->unused = tmp17__ >> 1 & 0x7f; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &tmp18__, pBuf, 0); pBuf += 2; ielen -= 2; pDst->size = tmp18__ >> 0 & 0x7fff; pDst->fixed = tmp18__ >> 15 & 0x1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->max_msdu_size, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->min_service_int, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->max_service_int, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->inactivity_int, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->suspension_int, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->service_start_time, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->min_data_rate, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->mean_data_rate, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->peak_data_rate, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->burst_size, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->delay_bound, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->min_phy_rate, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->surplus_bw_allowance, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->medium_time, pBuf, 0); (void)pCtx; @@ -2462,8 +2668,10 @@ uint32_t dot11f_unpack_ie_vht_caps(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &tmp19__, pBuf, 0); pBuf += 4; @@ -2488,28 +2696,36 @@ uint32_t dot11f_unpack_ie_vht_caps(tpAniSirGlobal pCtx, pDst->rxAntPattern = tmp19__ >> 28 & 0x1; pDst->txAntPattern = tmp19__ >> 29 & 0x1; pDst->reserved1 = tmp19__ >> 30 & 0x3; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->rxMCSMap, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &tmp20__, pBuf, 0); pBuf += 2; ielen -= 2; pDst->rxHighSupDataRate = tmp20__ >> 0 & 0x1fff; pDst->reserved2 = tmp20__ >> 13 & 0x7; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->txMCSMap, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &tmp21__, pBuf, 0); pDst->txSupDataRate = tmp21__ >> 0 & 0x1fff; @@ -2532,26 +2748,34 @@ uint32_t dot11f_unpack_ie_vht_operation(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->chanWidth = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->chanCenterFreqSeg1 = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->chanCenterFreqSeg2 = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->basicMCSSet, pBuf, 0); (void)pCtx; @@ -2573,8 +2797,10 @@ uint32_t dot11f_unpack_ie_wmm_schedule(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; pBuf += 1; @@ -2583,8 +2809,10 @@ uint32_t dot11f_unpack_ie_wmm_schedule(tpAniSirGlobal pCtx, pDst->present = 0; return status | DOT11F_BAD_FIXED_VALUE; } - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &tmp22__, pBuf, 0); pBuf += 2; @@ -2593,26 +2821,34 @@ uint32_t dot11f_unpack_ie_wmm_schedule(tpAniSirGlobal pCtx, pDst->tsid = tmp22__ >> 1 & 0xf; pDst->direction = tmp22__ >> 5 & 0x3; pDst->reserved = tmp22__ >> 7 & 0x1ff; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->service_start_time, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->service_interval, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->max_service_dur, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->spec_interval, pBuf, 0); (void)pCtx; @@ -2633,8 +2869,10 @@ uint32_t dot11f_unpack_ie_wmmtclas(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; pBuf += 1; @@ -2643,124 +2881,162 @@ uint32_t dot11f_unpack_ie_wmmtclas(tpAniSirGlobal pCtx, pDst->present = 0; return status | DOT11F_BAD_FIXED_VALUE; } - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->user_priority = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->classifier_type = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->classifier_mask = *pBuf; pBuf += 1; ielen -= (uint8_t)1; switch (pDst->classifier_type) { case 0: - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.EthParams.source, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.EthParams.dest, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.EthParams.type, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; break; case 1: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->info.IpParams.version = *pBuf; pBuf += 1; ielen -= (uint8_t)1; switch (pDst->info.IpParams.version) { case 4: - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV4Params.source, pBuf, 4); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV4Params.dest, pBuf, 4); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.IpParams.params.IpV4Params.src_port, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.IpParams.params.IpV4Params.dest_port, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->info.IpParams.params.IpV4Params.DSCP = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->info.IpParams.params.IpV4Params.proto = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->info.IpParams.params.IpV4Params.reserved = *pBuf; pBuf += 1; ielen -= (uint8_t)1; break; case 6: - if (unlikely(ielen < 16)) + if (unlikely(ielen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV6Params.source, pBuf, 16); pBuf += 16; ielen -= (uint8_t)16; - if (unlikely(ielen < 16)) + if (unlikely(ielen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV6Params.dest, pBuf, 16); pBuf += 16; ielen -= (uint8_t)16; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.IpParams.params.IpV6Params.src_port, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.IpParams.params.IpV6Params.dest_port, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 3)) + if (unlikely(ielen < 3)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV6Params.flow_label, pBuf, 3); pBuf += 3; @@ -2769,8 +3045,10 @@ uint32_t dot11f_unpack_ie_wmmtclas(tpAniSirGlobal pCtx, } break; case 2: - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.Params8021dq.tag_type, pBuf, 0); pBuf += 2; @@ -2795,8 +3073,10 @@ uint32_t dot11f_unpack_ie_wmmtclasproc(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; pBuf += 1; @@ -2805,8 +3085,10 @@ uint32_t dot11f_unpack_ie_wmmtclasproc(tpAniSirGlobal pCtx, pDst->present = 0; return status | DOT11F_BAD_FIXED_VALUE; } - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->processing = *pBuf; (void)pCtx; @@ -2827,8 +3109,10 @@ uint32_t dot11f_unpack_ie_wmmts_delay(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; pBuf += 1; @@ -2837,8 +3121,10 @@ uint32_t dot11f_unpack_ie_wmmts_delay(tpAniSirGlobal pCtx, pDst->present = 0; return status | DOT11F_BAD_FIXED_VALUE; } - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->delay, pBuf, 0); (void)pCtx; @@ -2862,8 +3148,10 @@ uint32_t dot11f_unpack_ie_wmmtspec(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; pBuf += 1; @@ -2872,8 +3160,10 @@ uint32_t dot11f_unpack_ie_wmmtspec(tpAniSirGlobal pCtx, pDst->present = 0; return status | DOT11F_BAD_FIXED_VALUE; } - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &tmp23__, pBuf, 0); pBuf += 2; @@ -2886,102 +3176,134 @@ uint32_t dot11f_unpack_ie_wmmtspec(tpAniSirGlobal pCtx, pDst->psb = tmp23__ >> 10 & 0x1; pDst->user_priority = tmp23__ >> 11 & 0x7; pDst->tsinfo_ack_pol = tmp23__ >> 14 & 0x3; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp24__ = *pBuf; pBuf += 1; ielen -= 1; pDst->tsinfo_rsvd = tmp24__ >> 0 & 0x7f; pDst->burst_size_defn = tmp24__ >> 7 & 0x1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &tmp25__, pBuf, 0); pBuf += 2; ielen -= 2; pDst->size = tmp25__ >> 0 & 0x7fff; pDst->fixed = tmp25__ >> 15 & 0x1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->max_msdu_size, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->min_service_int, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->max_service_int, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->inactivity_int, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->suspension_int, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->service_start_time, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->min_data_rate, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->mean_data_rate, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->peak_data_rate, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->burst_size, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->delay_bound, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->min_phy_rate, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->surplus_bw_allowance, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->medium_time, pBuf, 0); (void)pCtx; @@ -3002,20 +3324,26 @@ uint32_t dot11f_unpack_ie_wider_bw_chan_switch_ann(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->newChanWidth = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->newCenterChanFreq0 = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->newCenterChanFreq1 = *pBuf; (void)pCtx; @@ -3036,8 +3364,10 @@ uint32_t dot11f_unpack_ie_azimuth_req(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->request = *pBuf; (void)pCtx; @@ -3047,6 +3377,58 @@ uint32_t dot11f_unpack_ie_azimuth_req(tpAniSirGlobal pCtx, #define SigIeazimuth_req (0x001f) +uint32_t dot11f_unpack_ie_beacon_report_frm_body_fragment_id(tpAniSirGlobal pCtx, + uint8_t *pBuf, + uint8_t ielen, + tDot11fIEbeacon_report_frm_body_fragment_id *pDst, + bool append_ie) +{ + uint32_t status = DOT11F_PARSE_SUCCESS; + uint16_t tmp26__; + (void) pBuf; (void)ielen; /* Shutup the compiler */ + if (pDst->present) + status = DOT11F_DUPLICATE_IE; + pDst->present = 1; + if (unlikely(ielen < 2)) { + pDst->present = 0; + return DOT11F_INCOMPLETE_IE; + } + + framesntohs(pCtx, &tmp26__, pBuf, 0); + pDst->beacon_report_id = tmp26__ >> 0 & 0xff; + pDst->fragment_id_number = tmp26__ >> 8 & 0x7f; + pDst->more_fragments = tmp26__ >> 15 & 0x1; + (void)pCtx; + return status; +} /* End dot11f_unpack_ie_beacon_report_frm_body_fragment_id. */ + +#define SigIebeacon_report_frm_body_fragment_id (0x0020) + + +uint32_t dot11f_unpack_ie_last_beacon_report_indication(tpAniSirGlobal pCtx, + uint8_t *pBuf, + uint8_t ielen, + tDot11fIElast_beacon_report_indication *pDst, + bool append_ie) +{ + uint32_t status = DOT11F_PARSE_SUCCESS; + (void) pBuf; (void)ielen; /* Shutup the compiler */ + if (pDst->present) + status = DOT11F_DUPLICATE_IE; + pDst->present = 1; + if (unlikely(ielen < 1)) { + pDst->present = 0; + return DOT11F_INCOMPLETE_IE; + } + + pDst->last_fragment = *pBuf; + (void)pCtx; + return status; +} /* End dot11f_unpack_ie_last_beacon_report_indication. */ + +#define SigIelast_beacon_report_indication (0x0021) + + uint32_t dot11f_unpack_ie_max_age(tpAniSirGlobal pCtx, uint8_t *pBuf, uint8_t ielen, @@ -3058,15 +3440,17 @@ uint32_t dot11f_unpack_ie_max_age(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->max_age, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_max_age. */ -#define SigIemax_age (0x0020) +#define SigIemax_age (0x0022) static const tFFDefn FFS_neighbor_rpt[] = { @@ -3103,61 +3487,75 @@ uint32_t dot11f_unpack_ie_neighbor_rpt(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp26__; uint8_t tmp27__; + uint8_t tmp28__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->bssid, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp26__ = *pBuf; + tmp27__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->APReachability = tmp26__ >> 0 & 0x3; - pDst->Security = tmp26__ >> 2 & 0x1; - pDst->KeyScope = tmp26__ >> 3 & 0x1; - pDst->SpecMgmtCap = tmp26__ >> 4 & 0x1; - pDst->QosCap = tmp26__ >> 5 & 0x1; - pDst->apsd = tmp26__ >> 6 & 0x1; - pDst->rrm = tmp26__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->APReachability = tmp27__ >> 0 & 0x3; + pDst->Security = tmp27__ >> 2 & 0x1; + pDst->KeyScope = tmp27__ >> 3 & 0x1; + pDst->SpecMgmtCap = tmp27__ >> 4 & 0x1; + pDst->QosCap = tmp27__ >> 5 & 0x1; + pDst->apsd = tmp27__ >> 6 & 0x1; + pDst->rrm = tmp27__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp27__ = *pBuf; + tmp28__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->DelayedBA = tmp27__ >> 0 & 0x1; - pDst->ImmBA = tmp27__ >> 1 & 0x1; - pDst->MobilityDomain = tmp27__ >> 2 & 0x1; - pDst->reserved = tmp27__ >> 3 & 0x1f; - if (unlikely(ielen < 2)) + pDst->DelayedBA = tmp28__ >> 0 & 0x1; + pDst->ImmBA = tmp28__ >> 1 & 0x1; + pDst->MobilityDomain = tmp28__ >> 2 & 0x1; + pDst->reserved = tmp28__ >> 3 & 0x1f; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->reserved1, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->regulatoryClass = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->channel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->PhyType = *pBuf; pBuf += 1; @@ -3174,7 +3572,7 @@ uint32_t dot11f_unpack_ie_neighbor_rpt(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_neighbor_rpt. */ -#define SigIeneighbor_rpt (0x0021) +#define SigIeneighbor_rpt (0x0023) uint32_t dot11f_unpack_ie_req_mac_addr(tpAniSirGlobal pCtx, @@ -3188,15 +3586,17 @@ uint32_t dot11f_unpack_ie_req_mac_addr(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->addr, pBuf, 6); (void)pCtx; return status; } /* End dot11f_unpack_ie_req_mac_addr. */ -#define SigIereq_mac_addr (0x0022) +#define SigIereq_mac_addr (0x0024) uint32_t dot11f_unpack_ie_tgt_mac_addr(tpAniSirGlobal pCtx, @@ -3210,15 +3610,17 @@ uint32_t dot11f_unpack_ie_tgt_mac_addr(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->addr, pBuf, 6); (void)pCtx; return status; } /* End dot11f_unpack_ie_tgt_mac_addr. */ -#define SigIetgt_mac_addr (0x0023) +#define SigIetgt_mac_addr (0x0025) uint32_t dot11f_unpack_ie_vht_transmit_power_env(tpAniSirGlobal pCtx, @@ -3243,7 +3645,7 @@ uint32_t dot11f_unpack_ie_vht_transmit_power_env(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_vht_transmit_power_env. */ -#define SigIevht_transmit_power_env (0x0024) +#define SigIevht_transmit_power_env (0x0026) uint32_t dot11f_unpack_ie_aid(tpAniSirGlobal pCtx, @@ -3257,15 +3659,17 @@ uint32_t dot11f_unpack_ie_aid(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->assocId, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_aid. */ -#define SigIeAID (0x0025) +#define SigIeAID (0x0027) uint32_t dot11f_unpack_ie_cf_params(tpAniSirGlobal pCtx, @@ -3279,33 +3683,41 @@ uint32_t dot11f_unpack_ie_cf_params(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->cfp_count = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->cfp_period = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->cfp_maxduration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->cfp_durremaining, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_cf_params. */ -#define SigIeCFParams (0x0026) +#define SigIeCFParams (0x0028) uint32_t dot11f_unpack_ie_challenge_text(tpAniSirGlobal pCtx, @@ -3330,7 +3742,7 @@ uint32_t dot11f_unpack_ie_challenge_text(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_challenge_text. */ -#define SigIeChallengeText (0x0027) +#define SigIeChallengeText (0x0029) uint32_t dot11f_unpack_ie_chan_switch_ann(tpAniSirGlobal pCtx, @@ -3344,27 +3756,33 @@ uint32_t dot11f_unpack_ie_chan_switch_ann(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->switchMode = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->newChannel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->switchCount = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_chan_switch_ann. */ -#define SigIeChanSwitchAnn (0x0028) +#define SigIeChanSwitchAnn (0x002a) static const tFFDefn FFS_ChannelSwitchWrapper[] = { @@ -3406,7 +3824,7 @@ uint32_t dot11f_unpack_ie_channel_switch_wrapper(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_channel_switch_wrapper. */ -#define SigIeChannelSwitchWrapper (0x0029) +#define SigIeChannelSwitchWrapper (0x002b) uint32_t dot11f_unpack_ie_country(tpAniSirGlobal pCtx, @@ -3420,8 +3838,10 @@ uint32_t dot11f_unpack_ie_country(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 3)) + if (unlikely(ielen < 3)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->country, pBuf, 3); pBuf += 3; @@ -3442,10 +3862,10 @@ uint32_t dot11f_unpack_ie_country(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_country. */ -#define SigIeCountry (0x002a) +#define SigIeCountry (0x002c) -#define SigIeDSParams (0x002b) +#define SigIeDSParams (0x002d) uint32_t dot11f_unpack_ie_edca_param_set(tpAniSirGlobal pCtx, @@ -3455,7 +3875,6 @@ uint32_t dot11f_unpack_ie_edca_param_set(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp28__; uint8_t tmp29__; uint8_t tmp30__; uint8_t tmp31__; @@ -3463,121 +3882,150 @@ uint32_t dot11f_unpack_ie_edca_param_set(tpAniSirGlobal pCtx, uint8_t tmp33__; uint8_t tmp34__; uint8_t tmp35__; + uint8_t tmp36__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->qos = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->reserved = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp28__ = *pBuf; + tmp29__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acbe_aifsn = tmp28__ >> 0 & 0xf; - pDst->acbe_acm = tmp28__ >> 4 & 0x1; - pDst->acbe_aci = tmp28__ >> 5 & 0x3; - pDst->unused1 = tmp28__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->acbe_aifsn = tmp29__ >> 0 & 0xf; + pDst->acbe_acm = tmp29__ >> 4 & 0x1; + pDst->acbe_aci = tmp29__ >> 5 & 0x3; + pDst->unused1 = tmp29__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp29__ = *pBuf; + tmp30__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acbe_acwmin = tmp29__ >> 0 & 0xf; - pDst->acbe_acwmax = tmp29__ >> 4 & 0xf; - if (unlikely(ielen < 2)) + pDst->acbe_acwmin = tmp30__ >> 0 & 0xf; + pDst->acbe_acwmax = tmp30__ >> 4 & 0xf; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->acbe_txoplimit, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp30__ = *pBuf; + tmp31__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acbk_aifsn = tmp30__ >> 0 & 0xf; - pDst->acbk_acm = tmp30__ >> 4 & 0x1; - pDst->acbk_aci = tmp30__ >> 5 & 0x3; - pDst->unused2 = tmp30__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->acbk_aifsn = tmp31__ >> 0 & 0xf; + pDst->acbk_acm = tmp31__ >> 4 & 0x1; + pDst->acbk_aci = tmp31__ >> 5 & 0x3; + pDst->unused2 = tmp31__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp31__ = *pBuf; + tmp32__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acbk_acwmin = tmp31__ >> 0 & 0xf; - pDst->acbk_acwmax = tmp31__ >> 4 & 0xf; - if (unlikely(ielen < 2)) + pDst->acbk_acwmin = tmp32__ >> 0 & 0xf; + pDst->acbk_acwmax = tmp32__ >> 4 & 0xf; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->acbk_txoplimit, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp32__ = *pBuf; + tmp33__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acvi_aifsn = tmp32__ >> 0 & 0xf; - pDst->acvi_acm = tmp32__ >> 4 & 0x1; - pDst->acvi_aci = tmp32__ >> 5 & 0x3; - pDst->unused3 = tmp32__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->acvi_aifsn = tmp33__ >> 0 & 0xf; + pDst->acvi_acm = tmp33__ >> 4 & 0x1; + pDst->acvi_aci = tmp33__ >> 5 & 0x3; + pDst->unused3 = tmp33__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp33__ = *pBuf; + tmp34__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acvi_acwmin = tmp33__ >> 0 & 0xf; - pDst->acvi_acwmax = tmp33__ >> 4 & 0xf; - if (unlikely(ielen < 2)) + pDst->acvi_acwmin = tmp34__ >> 0 & 0xf; + pDst->acvi_acwmax = tmp34__ >> 4 & 0xf; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->acvi_txoplimit, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp34__ = *pBuf; + tmp35__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acvo_aifsn = tmp34__ >> 0 & 0xf; - pDst->acvo_acm = tmp34__ >> 4 & 0x1; - pDst->acvo_aci = tmp34__ >> 5 & 0x3; - pDst->unused4 = tmp34__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->acvo_aifsn = tmp35__ >> 0 & 0xf; + pDst->acvo_acm = tmp35__ >> 4 & 0x1; + pDst->acvo_aci = tmp35__ >> 5 & 0x3; + pDst->unused4 = tmp35__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp35__ = *pBuf; + tmp36__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acvo_acwmin = tmp35__ >> 0 & 0xf; - pDst->acvo_acwmax = tmp35__ >> 4 & 0xf; - if (unlikely(ielen < 2)) + pDst->acvo_acwmin = tmp36__ >> 0 & 0xf; + pDst->acvo_acwmax = tmp36__ >> 4 & 0xf; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->acvo_txoplimit, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_edca_param_set. */ -#define SigIeEDCAParamSet (0x002c) +#define SigIeEDCAParamSet (0x002e) uint32_t dot11f_unpack_ie_erp_info(tpAniSirGlobal pCtx, @@ -3587,24 +4035,26 @@ uint32_t dot11f_unpack_ie_erp_info(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp36__; + uint8_t tmp37__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp36__ = *pBuf; - pDst->non_erp_present = tmp36__ >> 0 & 0x1; - pDst->use_prot = tmp36__ >> 1 & 0x1; - pDst->barker_preamble = tmp36__ >> 2 & 0x1; - pDst->unused = tmp36__ >> 3 & 0x1f; + tmp37__ = *pBuf; + pDst->non_erp_present = tmp37__ >> 0 & 0x1; + pDst->use_prot = tmp37__ >> 1 & 0x1; + pDst->barker_preamble = tmp37__ >> 2 & 0x1; + pDst->unused = tmp37__ >> 3 & 0x1f; (void)pCtx; return status; } /* End dot11f_unpack_ie_erp_info. */ -#define SigIeERPInfo (0x002d) +#define SigIeERPInfo (0x002f) uint32_t dot11f_unpack_ie_ese_cckm_opaque(tpAniSirGlobal pCtx, @@ -3629,7 +4079,7 @@ uint32_t dot11f_unpack_ie_ese_cckm_opaque(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_ese_cckm_opaque. */ -#define SigIeESECckmOpaque (0x002e) +#define SigIeESECckmOpaque (0x0030) uint32_t dot11f_unpack_ie_ese_rad_mgmt_cap(tpAniSirGlobal pCtx, @@ -3639,28 +4089,32 @@ uint32_t dot11f_unpack_ie_ese_rad_mgmt_cap(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp37__; + uint8_t tmp38__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->mgmt_state = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp37__ = *pBuf; - pDst->mbssid_mask = tmp37__ >> 0 & 0x7; - pDst->reserved = tmp37__ >> 3 & 0x1f; + tmp38__ = *pBuf; + pDst->mbssid_mask = tmp38__ >> 0 & 0x7; + pDst->reserved = tmp38__ >> 3 & 0x1f; (void)pCtx; return status; } /* End dot11f_unpack_ie_ese_rad_mgmt_cap. */ -#define SigIeESERadMgmtCap (0x002f) +#define SigIeESERadMgmtCap (0x0031) uint32_t dot11f_unpack_ie_ese_traf_strm_met(tpAniSirGlobal pCtx, @@ -3674,27 +4128,33 @@ uint32_t dot11f_unpack_ie_ese_traf_strm_met(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->tsid = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->state = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->msmt_interval, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_ese_traf_strm_met. */ -#define SigIeESETrafStrmMet (0x0030) +#define SigIeESETrafStrmMet (0x0032) uint32_t dot11f_unpack_ie_ese_traf_strm_rate_set(tpAniSirGlobal pCtx, @@ -3708,8 +4168,10 @@ uint32_t dot11f_unpack_ie_ese_traf_strm_rate_set(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->tsid = *pBuf; pBuf += 1; @@ -3725,7 +4187,7 @@ uint32_t dot11f_unpack_ie_ese_traf_strm_rate_set(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_ese_traf_strm_rate_set. */ -#define SigIeESETrafStrmRateSet (0x0031) +#define SigIeESETrafStrmRateSet (0x0033) uint32_t dot11f_unpack_ie_ese_txmit_power(tpAniSirGlobal pCtx, @@ -3739,21 +4201,25 @@ uint32_t dot11f_unpack_ie_ese_txmit_power(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->power_limit = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->reserved = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_ese_txmit_power. */ -#define SigIeESETxmitPower (0x0032) +#define SigIeESETxmitPower (0x0034) uint32_t dot11f_unpack_ie_ese_version(tpAniSirGlobal pCtx, @@ -3767,15 +4233,17 @@ uint32_t dot11f_unpack_ie_ese_version(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_ese_version. */ -#define SigIeESEVersion (0x0033) +#define SigIeESEVersion (0x0035) uint32_t dot11f_unpack_ie_ESP_information(tpAniSirGlobal pCtx, @@ -3800,7 +4268,7 @@ uint32_t dot11f_unpack_ie_ESP_information(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_ESP_information. */ -#define SigIeESP_information (0x0034) +#define SigIeESP_information (0x0036) uint32_t dot11f_unpack_ie_ext_cap(tpAniSirGlobal pCtx, @@ -3830,7 +4298,7 @@ endUnpackIeExtCap: return status; } /* End dot11f_unpack_ie_ext_cap. */ -#define SigIeExtCap (0x0035) +#define SigIeExtCap (0x0037) uint32_t dot11f_unpack_ie_ext_supp_rates(tpAniSirGlobal pCtx, @@ -3863,7 +4331,7 @@ uint32_t dot11f_unpack_ie_ext_supp_rates(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_ext_supp_rates. */ -#define SigIeExtSuppRates (0x0036) +#define SigIeExtSuppRates (0x0038) uint32_t dot11f_unpack_ie_fh_param_set(tpAniSirGlobal pCtx, @@ -3877,33 +4345,41 @@ uint32_t dot11f_unpack_ie_fh_param_set(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->dwell_time, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->hop_set = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->hop_pattern = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->hop_index = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_fh_param_set. */ -#define SigIeFHParamSet (0x0037) +#define SigIeFHParamSet (0x0039) uint32_t dot11f_unpack_ie_fh_params(tpAniSirGlobal pCtx, @@ -3917,21 +4393,25 @@ uint32_t dot11f_unpack_ie_fh_params(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->radix = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->nchannels = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_fh_params. */ -#define SigIeFHParams (0x0038) +#define SigIeFHParams (0x003a) uint32_t dot11f_unpack_ie_fh_patt_table(tpAniSirGlobal pCtx, @@ -3945,26 +4425,34 @@ uint32_t dot11f_unpack_ie_fh_patt_table(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->flag = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->nsets = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->modulus = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->offset = *pBuf; pBuf += 1; @@ -3980,7 +4468,7 @@ uint32_t dot11f_unpack_ie_fh_patt_table(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_fh_patt_table. */ -#define SigIeFHPattTable (0x0039) +#define SigIeFHPattTable (0x003b) static const tFFDefn FFS_FTInfo[] = { @@ -4009,33 +4497,41 @@ uint32_t dot11f_unpack_ie_ft_info(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint16_t tmp38__; + uint16_t tmp39__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - framesntohs(pCtx, &tmp38__, pBuf, 0); + framesntohs(pCtx, &tmp39__, pBuf, 0); pBuf += 2; ielen -= 2; - pDst->reserved = tmp38__ >> 0 & 0xff; - pDst->IECount = tmp38__ >> 8 & 0xff; - if (unlikely(ielen < 16)) + pDst->reserved = tmp39__ >> 0 & 0xff; + pDst->IECount = tmp39__ >> 8 & 0xff; + if (unlikely(ielen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->MIC, pBuf, 16); pBuf += 16; ielen -= (uint8_t)16; - if (unlikely(ielen < 32)) + if (unlikely(ielen < 32)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->Anonce, pBuf, 32); pBuf += 32; ielen -= (uint8_t)32; - if (unlikely(ielen < 32)) + if (unlikely(ielen < 32)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->Snonce, pBuf, 32); pBuf += 32; @@ -4052,7 +4548,7 @@ uint32_t dot11f_unpack_ie_ft_info(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_ft_info. */ -#define SigIeFTInfo (0x003a) +#define SigIeFTInfo (0x003c) uint32_t dot11f_unpack_ie_ht_caps(tpAniSirGlobal pCtx, @@ -4062,97 +4558,109 @@ uint32_t dot11f_unpack_ie_ht_caps(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint16_t tmp39__; - uint8_t tmp40__; - uint16_t tmp41__; - uint32_t tmp42__; - uint8_t tmp43__; + uint16_t tmp40__; + uint8_t tmp41__; + uint16_t tmp42__; + uint32_t tmp43__; + uint8_t tmp44__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - framesntohs(pCtx, &tmp39__, pBuf, 0); + framesntohs(pCtx, &tmp40__, pBuf, 0); pBuf += 2; ielen -= 2; - pDst->advCodingCap = tmp39__ >> 0 & 0x1; - pDst->supportedChannelWidthSet = tmp39__ >> 1 & 0x1; - pDst->mimoPowerSave = tmp39__ >> 2 & 0x3; - pDst->greenField = tmp39__ >> 4 & 0x1; - pDst->shortGI20MHz = tmp39__ >> 5 & 0x1; - pDst->shortGI40MHz = tmp39__ >> 6 & 0x1; - pDst->txSTBC = tmp39__ >> 7 & 0x1; - pDst->rxSTBC = tmp39__ >> 8 & 0x3; - pDst->delayedBA = tmp39__ >> 10 & 0x1; - pDst->maximalAMSDUsize = tmp39__ >> 11 & 0x1; - pDst->dsssCckMode40MHz = tmp39__ >> 12 & 0x1; - pDst->psmp = tmp39__ >> 13 & 0x1; - pDst->stbcControlFrame = tmp39__ >> 14 & 0x1; - pDst->lsigTXOPProtection = tmp39__ >> 15 & 0x1; - if (unlikely(ielen < 1)) - return DOT11F_INCOMPLETE_IE; - - tmp40__ = *pBuf; + pDst->advCodingCap = tmp40__ >> 0 & 0x1; + pDst->supportedChannelWidthSet = tmp40__ >> 1 & 0x1; + pDst->mimoPowerSave = tmp40__ >> 2 & 0x3; + pDst->greenField = tmp40__ >> 4 & 0x1; + pDst->shortGI20MHz = tmp40__ >> 5 & 0x1; + pDst->shortGI40MHz = tmp40__ >> 6 & 0x1; + pDst->txSTBC = tmp40__ >> 7 & 0x1; + pDst->rxSTBC = tmp40__ >> 8 & 0x3; + pDst->delayedBA = tmp40__ >> 10 & 0x1; + pDst->maximalAMSDUsize = tmp40__ >> 11 & 0x1; + pDst->dsssCckMode40MHz = tmp40__ >> 12 & 0x1; + pDst->psmp = tmp40__ >> 13 & 0x1; + pDst->stbcControlFrame = tmp40__ >> 14 & 0x1; + pDst->lsigTXOPProtection = tmp40__ >> 15 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; + return DOT11F_INCOMPLETE_IE; + } + + tmp41__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->maxRxAMPDUFactor = tmp40__ >> 0 & 0x3; - pDst->mpduDensity = tmp40__ >> 2 & 0x7; - pDst->reserved1 = tmp40__ >> 5 & 0x7; - if (unlikely(ielen < 16)) + pDst->maxRxAMPDUFactor = tmp41__ >> 0 & 0x3; + pDst->mpduDensity = tmp41__ >> 2 & 0x7; + pDst->reserved1 = tmp41__ >> 5 & 0x7; + if (unlikely(ielen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->supportedMCSSet, pBuf, 16); pBuf += 16; ielen -= (uint8_t)16; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - framesntohs(pCtx, &tmp41__, pBuf, 0); + framesntohs(pCtx, &tmp42__, pBuf, 0); pBuf += 2; ielen -= 2; - pDst->pco = tmp41__ >> 0 & 0x1; - pDst->transitionTime = tmp41__ >> 1 & 0x3; - pDst->reserved2 = tmp41__ >> 3 & 0x1f; - pDst->mcsFeedback = tmp41__ >> 8 & 0x3; - pDst->reserved3 = tmp41__ >> 10 & 0x3f; - if (unlikely(ielen < 4)) + pDst->pco = tmp42__ >> 0 & 0x1; + pDst->transitionTime = tmp42__ >> 1 & 0x3; + pDst->reserved2 = tmp42__ >> 3 & 0x1f; + pDst->mcsFeedback = tmp42__ >> 8 & 0x3; + pDst->reserved3 = tmp42__ >> 10 & 0x3f; + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - framesntohl(pCtx, &tmp42__, pBuf, 0); + framesntohl(pCtx, &tmp43__, pBuf, 0); pBuf += 4; ielen -= 4; - pDst->txBF = tmp42__ >> 0 & 0x1; - pDst->rxStaggeredSounding = tmp42__ >> 1 & 0x1; - pDst->txStaggeredSounding = tmp42__ >> 2 & 0x1; - pDst->rxZLF = tmp42__ >> 3 & 0x1; - pDst->txZLF = tmp42__ >> 4 & 0x1; - pDst->implicitTxBF = tmp42__ >> 5 & 0x1; - pDst->calibration = tmp42__ >> 6 & 0x3; - pDst->explicitCSITxBF = tmp42__ >> 8 & 0x1; - pDst->explicitUncompressedSteeringMatrix = tmp42__ >> 9 & 0x1; - pDst->explicitBFCSIFeedback = tmp42__ >> 10 & 0x7; - pDst->explicitUncompressedSteeringMatrixFeedback = tmp42__ >> 13 & 0x7; - pDst->explicitCompressedSteeringMatrixFeedback = tmp42__ >> 16 & 0x7; - pDst->csiNumBFAntennae = tmp42__ >> 19 & 0x3; - pDst->uncompressedSteeringMatrixBFAntennae = tmp42__ >> 21 & 0x3; - pDst->compressedSteeringMatrixBFAntennae = tmp42__ >> 23 & 0x3; - pDst->reserved4 = tmp42__ >> 25 & 0x7f; - if (unlikely(ielen < 1)) - return DOT11F_INCOMPLETE_IE; - - tmp43__ = *pBuf; + pDst->txBF = tmp43__ >> 0 & 0x1; + pDst->rxStaggeredSounding = tmp43__ >> 1 & 0x1; + pDst->txStaggeredSounding = tmp43__ >> 2 & 0x1; + pDst->rxZLF = tmp43__ >> 3 & 0x1; + pDst->txZLF = tmp43__ >> 4 & 0x1; + pDst->implicitTxBF = tmp43__ >> 5 & 0x1; + pDst->calibration = tmp43__ >> 6 & 0x3; + pDst->explicitCSITxBF = tmp43__ >> 8 & 0x1; + pDst->explicitUncompressedSteeringMatrix = tmp43__ >> 9 & 0x1; + pDst->explicitBFCSIFeedback = tmp43__ >> 10 & 0x7; + pDst->explicitUncompressedSteeringMatrixFeedback = tmp43__ >> 13 & 0x7; + pDst->explicitCompressedSteeringMatrixFeedback = tmp43__ >> 16 & 0x7; + pDst->csiNumBFAntennae = tmp43__ >> 19 & 0x3; + pDst->uncompressedSteeringMatrixBFAntennae = tmp43__ >> 21 & 0x3; + pDst->compressedSteeringMatrixBFAntennae = tmp43__ >> 23 & 0x3; + pDst->reserved4 = tmp43__ >> 25 & 0x7f; + if (unlikely(ielen < 1)) { + pDst->present = 0; + return DOT11F_INCOMPLETE_IE; + } + + tmp44__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->antennaSelection = tmp43__ >> 0 & 0x1; - pDst->explicitCSIFeedbackTx = tmp43__ >> 1 & 0x1; - pDst->antennaIndicesFeedbackTx = tmp43__ >> 2 & 0x1; - pDst->explicitCSIFeedback = tmp43__ >> 3 & 0x1; - pDst->antennaIndicesFeedback = tmp43__ >> 4 & 0x1; - pDst->rxAS = tmp43__ >> 5 & 0x1; - pDst->txSoundingPPDUs = tmp43__ >> 6 & 0x1; - pDst->reserved5 = tmp43__ >> 7 & 0x1; + pDst->antennaSelection = tmp44__ >> 0 & 0x1; + pDst->explicitCSIFeedbackTx = tmp44__ >> 1 & 0x1; + pDst->antennaIndicesFeedbackTx = tmp44__ >> 2 & 0x1; + pDst->explicitCSIFeedback = tmp44__ >> 3 & 0x1; + pDst->antennaIndicesFeedback = tmp44__ >> 4 & 0x1; + pDst->rxAS = tmp44__ >> 5 & 0x1; + pDst->txSoundingPPDUs = tmp44__ >> 6 & 0x1; + pDst->reserved5 = tmp44__ >> 7 & 0x1; pDst->num_rsvd = (uint8_t)(ielen); if (ielen > 32) { pDst->present = 0; @@ -4164,7 +4672,7 @@ uint32_t dot11f_unpack_ie_ht_caps(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_ht_caps. */ -#define SigIeHTCaps (0x003b) +#define SigIeHTCaps (0x003d) uint32_t dot11f_unpack_ie_ht_info(tpAniSirGlobal pCtx, @@ -4174,56 +4682,66 @@ uint32_t dot11f_unpack_ie_ht_info(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp44__; - uint16_t tmp45__; + uint8_t tmp45__; uint16_t tmp46__; + uint16_t tmp47__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->primaryChannel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp44__ = *pBuf; + tmp45__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->secondaryChannelOffset = tmp44__ >> 0 & 0x3; - pDst->recommendedTxWidthSet = tmp44__ >> 2 & 0x1; - pDst->rifsMode = tmp44__ >> 3 & 0x1; - pDst->controlledAccessOnly = tmp44__ >> 4 & 0x1; - pDst->serviceIntervalGranularity = tmp44__ >> 5 & 0x7; - if (unlikely(ielen < 2)) + pDst->secondaryChannelOffset = tmp45__ >> 0 & 0x3; + pDst->recommendedTxWidthSet = tmp45__ >> 2 & 0x1; + pDst->rifsMode = tmp45__ >> 3 & 0x1; + pDst->controlledAccessOnly = tmp45__ >> 4 & 0x1; + pDst->serviceIntervalGranularity = tmp45__ >> 5 & 0x7; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - framesntohs(pCtx, &tmp45__, pBuf, 0); + framesntohs(pCtx, &tmp46__, pBuf, 0); pBuf += 2; ielen -= 2; - pDst->opMode = tmp45__ >> 0 & 0x3; - pDst->nonGFDevicesPresent = tmp45__ >> 2 & 0x1; - pDst->transmitBurstLimit = tmp45__ >> 3 & 0x1; - pDst->obssNonHTStaPresent = tmp45__ >> 4 & 0x1; - pDst->reserved = tmp45__ >> 5 & 0x7ff; - if (unlikely(ielen < 2)) + pDst->opMode = tmp46__ >> 0 & 0x3; + pDst->nonGFDevicesPresent = tmp46__ >> 2 & 0x1; + pDst->transmitBurstLimit = tmp46__ >> 3 & 0x1; + pDst->obssNonHTStaPresent = tmp46__ >> 4 & 0x1; + pDst->reserved = tmp46__ >> 5 & 0x7ff; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - framesntohs(pCtx, &tmp46__, pBuf, 0); + framesntohs(pCtx, &tmp47__, pBuf, 0); pBuf += 2; ielen -= 2; - pDst->basicSTBCMCS = tmp46__ >> 0 & 0x7f; - pDst->dualCTSProtection = tmp46__ >> 7 & 0x1; - pDst->secondaryBeacon = tmp46__ >> 8 & 0x1; - pDst->lsigTXOPProtectionFullSupport = tmp46__ >> 9 & 0x1; - pDst->pcoActive = tmp46__ >> 10 & 0x1; - pDst->pcoPhase = tmp46__ >> 11 & 0x1; - pDst->reserved2 = tmp46__ >> 12 & 0xf; - if (unlikely(ielen < 16)) + pDst->basicSTBCMCS = tmp47__ >> 0 & 0x7f; + pDst->dualCTSProtection = tmp47__ >> 7 & 0x1; + pDst->secondaryBeacon = tmp47__ >> 8 & 0x1; + pDst->lsigTXOPProtectionFullSupport = tmp47__ >> 9 & 0x1; + pDst->pcoActive = tmp47__ >> 10 & 0x1; + pDst->pcoPhase = tmp47__ >> 11 & 0x1; + pDst->reserved2 = tmp47__ >> 12 & 0xf; + if (unlikely(ielen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->basicMCSSet, pBuf, 16); pBuf += 16; @@ -4239,7 +4757,7 @@ uint32_t dot11f_unpack_ie_ht_info(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_ht_info. */ -#define SigIeHTInfo (0x003c) +#define SigIeHTInfo (0x003e) uint32_t dot11f_unpack_ie_ibss_params(tpAniSirGlobal pCtx, @@ -4253,15 +4771,17 @@ uint32_t dot11f_unpack_ie_ibss_params(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->atim, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_ibss_params. */ -#define SigIeIBSSParams (0x003d) +#define SigIeIBSSParams (0x003f) uint32_t dot11f_unpack_ie_link_identifier(tpAniSirGlobal pCtx, @@ -4275,27 +4795,33 @@ uint32_t dot11f_unpack_ie_link_identifier(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->bssid, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->InitStaAddr, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->RespStaAddr, pBuf, 6); (void)pCtx; return status; } /* End dot11f_unpack_ie_link_identifier. */ -#define SigIeLinkIdentifier (0x003e) +#define SigIeLinkIdentifier (0x0040) static const tTLVDefn TLVS_MBO_IE[] = { @@ -4358,7 +4884,7 @@ uint32_t dot11f_unpack_ie_MBO_IE(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_MBO_IE. */ -#define SigIeMBO_IE (0x003f) +#define SigIeMBO_IE (0x0041) static const tFFDefn FFS_reportBeacon[] = { @@ -4371,6 +4897,18 @@ static const tIEDefn IES_reportBeacon[] = { offsetof(tDot11fIEBeaconReportFrmBody, present), 0, "BeaconReportFrmBody", 0, 2, 226, SigIeBeaconReportFrmBody, {0, 0, 0, 0, 0}, 0, DOT11F_EID_BEACONREPORTFRMBODY, 0, 0, }, + { offsetof(tDot11fIEMeasurementReport, + report.Beacon.beacon_report_frm_body_fragment_id), + offsetof(tDot11fIEbeacon_report_frm_body_fragment_id, present), 0, + "beacon_report_frm_body_fragment_id", + 0, 4, 4, SigIebeacon_report_frm_body_fragment_id, {0, 0, 0, 0, 0}, + 0, DOT11F_EID_BEACON_REPORT_FRM_BODY_FRAGMENT_ID, 0, 0, }, + { offsetof(tDot11fIEMeasurementReport, + report.Beacon.last_beacon_report_indication), + offsetof(tDot11fIElast_beacon_report_indication, present), 0, + "last_beacon_report_indication", + 0, 3, 3, SigIelast_beacon_report_indication, {0, 0, 0, 0, 0}, + 0, DOT11F_EID_LAST_BEACON_REPORT_INDICATION, 0, 0, }, {0, 0, 0, NULL, 0, 0, 0, 0, {0, 0, 0, 0, 0}, 0, 0xff, 0, }, }; @@ -4381,31 +4919,37 @@ uint32_t dot11f_unpack_ie_measurement_report(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp47__; uint8_t tmp48__; uint8_t tmp49__; + uint8_t tmp50__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->token = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp47__ = *pBuf; + tmp48__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->late = tmp47__ >> 0 & 0x1; - pDst->incapable = tmp47__ >> 1 & 0x1; - pDst->refused = tmp47__ >> 2 & 0x1; - pDst->unused = tmp47__ >> 3 & 0x1f; - if (unlikely(ielen < 1)) + pDst->late = tmp48__ >> 0 & 0x1; + pDst->incapable = tmp48__ >> 1 & 0x1; + pDst->refused = tmp48__ >> 2 & 0x1; + pDst->unused = tmp48__ >> 3 & 0x1f; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->type = *pBuf; pBuf += 1; @@ -4415,190 +4959,248 @@ uint32_t dot11f_unpack_ie_measurement_report(tpAniSirGlobal pCtx, } else { switch (pDst->type) { case 0: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.Basic.channel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohq(pCtx, &pDst->report.Basic.meas_start_time, pBuf, 0); pBuf += 8; ielen -= (uint8_t)8; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->report.Basic.meas_duration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp48__ = *pBuf; + tmp49__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->report.Basic.bss = tmp48__ >> 0 & 0x1; - pDst->report.Basic.ofdm_preamble = tmp48__ >> 1 & 0x1; - pDst->report.Basic.unid_signal = tmp48__ >> 2 & 0x1; - pDst->report.Basic.rader = tmp48__ >> 3 & 0x1; - pDst->report.Basic.unmeasured = tmp48__ >> 4 & 0x1; - pDst->report.Basic.unused = tmp48__ >> 5 & 0x7; + pDst->report.Basic.bss = tmp49__ >> 0 & 0x1; + pDst->report.Basic.ofdm_preamble = tmp49__ >> 1 & 0x1; + pDst->report.Basic.unid_signal = tmp49__ >> 2 & 0x1; + pDst->report.Basic.rader = tmp49__ >> 3 & 0x1; + pDst->report.Basic.unmeasured = tmp49__ >> 4 & 0x1; + pDst->report.Basic.unused = tmp49__ >> 5 & 0x7; break; case 1: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.CCA.channel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohq(pCtx, &pDst->report.CCA.meas_start_time, pBuf, 0); pBuf += 8; ielen -= (uint8_t)8; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->report.CCA.meas_duration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.CCA.cca_busy_fraction = *pBuf; pBuf += 1; ielen -= (uint8_t)1; break; case 2: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.RPIHistogram.channel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohq(pCtx, &pDst->report.RPIHistogram.meas_start_time, pBuf, 0); pBuf += 8; ielen -= (uint8_t)8; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->report.RPIHistogram.meas_duration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.RPIHistogram.rpi0_density = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.RPIHistogram.rpi1_density = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.RPIHistogram.rpi2_density = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.RPIHistogram.rpi3_density = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.RPIHistogram.rpi4_density = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.RPIHistogram.rpi5_density = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.RPIHistogram.rpi6_density = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.RPIHistogram.rpi7_density = *pBuf; pBuf += 1; ielen -= (uint8_t)1; break; case 5: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.Beacon.regClass = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.Beacon.channel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohq(pCtx, &pDst->report.Beacon.meas_start_time, pBuf, 0); pBuf += 8; ielen -= (uint8_t)8; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->report.Beacon.meas_duration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp49__ = *pBuf; + tmp50__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->report.Beacon.condensed_PHY = tmp49__ >> 0 & 0x7f; - pDst->report.Beacon.reported_frame_type = tmp49__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->report.Beacon.condensed_PHY = tmp50__ >> 0 & 0x7f; + pDst->report.Beacon.reported_frame_type = tmp50__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.Beacon.RCPI = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.Beacon.RSNI = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->report.Beacon.BSSID, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.Beacon.antenna_id = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->report.Beacon.parent_TSF, pBuf, 0); pBuf += 4; @@ -4617,7 +5219,7 @@ uint32_t dot11f_unpack_ie_measurement_report(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_measurement_report. */ -#define SigIeMeasurementReport (0x0040) +#define SigIeMeasurementReport (0x0042) static const tFFDefn FFS_measurement_requestBeacon[] = { @@ -4647,6 +5249,12 @@ static const tIEDefn IES_measurement_requestBeacon[] = { measurement_request.Beacon.APChannelReport), offsetof(tDot11fIEAPChannelReport, present), offsetof(tDot11fIEMeasurementRequest, measurement_request.Beacon.num_APChannelReport), "APChannelReport", 2, 3, 53, SigIeAPChannelReport, {0, 0, 0, 0, 0}, 0, DOT11F_EID_APCHANNELREPORT, 0, 0, }, + { offsetof(tDot11fIEMeasurementRequest, + measurement_request.Beacon.last_beacon_report_indication), + offsetof(tDot11fIElast_beacon_report_indication, present), 0, + "last_beacon_report_indication", + 0, 3, 3, SigIelast_beacon_report_indication, {0, 0, 0, 0, 0}, + 0, DOT11F_EID_LAST_BEACON_REPORT_INDICATION, 0, 0, }, {0, 0, 0, NULL, 0, 0, 0, 0, {0, 0, 0, 0, 0}, 0, 0xff, 0, }, }; @@ -4697,129 +5305,165 @@ uint32_t dot11f_unpack_ie_measurement_request(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp50__; + uint8_t tmp51__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_token = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp50__ = *pBuf; + tmp51__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->parallel = tmp50__ >> 0 & 0x1; - pDst->enable = tmp50__ >> 1 & 0x1; - pDst->request = tmp50__ >> 2 & 0x1; - pDst->report = tmp50__ >> 3 & 0x1; - pDst->durationMandatory = tmp50__ >> 4 & 0x1; - pDst->unused = tmp50__ >> 5 & 0x7; - if (unlikely(ielen < 1)) + pDst->parallel = tmp51__ >> 0 & 0x1; + pDst->enable = tmp51__ >> 1 & 0x1; + pDst->request = tmp51__ >> 2 & 0x1; + pDst->report = tmp51__ >> 3 & 0x1; + pDst->durationMandatory = tmp51__ >> 4 & 0x1; + pDst->unused = tmp51__ >> 5 & 0x7; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_type = *pBuf; pBuf += 1; ielen -= (uint8_t)1; switch (pDst->measurement_type) { case 0: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_request.Basic.channel_no = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->measurement_request.Basic.meas_start_time, pBuf, 8); pBuf += 8; ielen -= (uint8_t)8; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->measurement_request.Basic.meas_duration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; break; case 1: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_request.CCA.channel_no = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->measurement_request.CCA.meas_start_time, pBuf, 8); pBuf += 8; ielen -= (uint8_t)8; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->measurement_request.CCA.meas_duration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; break; case 2: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_request.RPIHistogram.channel_no = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->measurement_request.RPIHistogram.meas_start_time, pBuf, 8); pBuf += 8; ielen -= (uint8_t)8; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->measurement_request.RPIHistogram.meas_duration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; break; case 5: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_request.Beacon.regClass = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_request.Beacon.channel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->measurement_request.Beacon.randomization, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->measurement_request.Beacon.meas_duration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_request.Beacon.meas_mode = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->measurement_request.Beacon.BSSID, pBuf, 6); pBuf += 6; @@ -4833,8 +5477,10 @@ uint32_t dot11f_unpack_ie_measurement_request(tpAniSirGlobal pCtx, sizeof(*pDst), append_ie); break; case 8: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_request.lci.loc_subject = *pBuf; pBuf += 1; @@ -4848,14 +5494,18 @@ uint32_t dot11f_unpack_ie_measurement_request(tpAniSirGlobal pCtx, sizeof(*pDst), append_ie); break; case 16: - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->measurement_request.ftmrr.random_interval, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_request.ftmrr.min_ap_count = *pBuf; pBuf += 1; @@ -4873,7 +5523,7 @@ uint32_t dot11f_unpack_ie_measurement_request(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_measurement_request. */ -#define SigIeMeasurementRequest (0x0041) +#define SigIeMeasurementRequest (0x0043) uint32_t dot11f_unpack_ie_mobility_domain(tpAniSirGlobal pCtx, @@ -4883,29 +5533,33 @@ uint32_t dot11f_unpack_ie_mobility_domain(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp51__; + uint8_t tmp52__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->MDID, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp51__ = *pBuf; - pDst->overDSCap = tmp51__ >> 0 & 0x1; - pDst->resourceReqCap = tmp51__ >> 1 & 0x1; - pDst->reserved = tmp51__ >> 2 & 0x3f; + tmp52__ = *pBuf; + pDst->overDSCap = tmp52__ >> 0 & 0x1; + pDst->resourceReqCap = tmp52__ >> 1 & 0x1; + pDst->reserved = tmp52__ >> 2 & 0x3f; (void)pCtx; return status; } /* End dot11f_unpack_ie_mobility_domain. */ -#define SigIeMobilityDomain (0x0042) +#define SigIeMobilityDomain (0x0044) static const tFFDefn FFS_NeighborReport[] = { @@ -4942,61 +5596,75 @@ uint32_t dot11f_unpack_ie_neighbor_report(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp52__; uint8_t tmp53__; + uint8_t tmp54__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->bssid, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp52__ = *pBuf; + tmp53__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->APReachability = tmp52__ >> 0 & 0x3; - pDst->Security = tmp52__ >> 2 & 0x1; - pDst->KeyScope = tmp52__ >> 3 & 0x1; - pDst->SpecMgmtCap = tmp52__ >> 4 & 0x1; - pDst->QosCap = tmp52__ >> 5 & 0x1; - pDst->apsd = tmp52__ >> 6 & 0x1; - pDst->rrm = tmp52__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->APReachability = tmp53__ >> 0 & 0x3; + pDst->Security = tmp53__ >> 2 & 0x1; + pDst->KeyScope = tmp53__ >> 3 & 0x1; + pDst->SpecMgmtCap = tmp53__ >> 4 & 0x1; + pDst->QosCap = tmp53__ >> 5 & 0x1; + pDst->apsd = tmp53__ >> 6 & 0x1; + pDst->rrm = tmp53__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp53__ = *pBuf; + tmp54__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->DelayedBA = tmp53__ >> 0 & 0x1; - pDst->ImmBA = tmp53__ >> 1 & 0x1; - pDst->MobilityDomain = tmp53__ >> 2 & 0x1; - pDst->reserved = tmp53__ >> 3 & 0x1f; - if (unlikely(ielen < 2)) + pDst->DelayedBA = tmp54__ >> 0 & 0x1; + pDst->ImmBA = tmp54__ >> 1 & 0x1; + pDst->MobilityDomain = tmp54__ >> 2 & 0x1; + pDst->reserved = tmp54__ >> 3 & 0x1f; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->reserved1, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->regulatoryClass = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->channel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->PhyType = *pBuf; pBuf += 1; @@ -5013,7 +5681,7 @@ uint32_t dot11f_unpack_ie_neighbor_report(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_neighbor_report. */ -#define SigIeNeighborReport (0x0043) +#define SigIeNeighborReport (0x0045) uint32_t dot11f_unpack_ie_obss_scan_parameters(tpAniSirGlobal pCtx, @@ -5027,51 +5695,65 @@ uint32_t dot11f_unpack_ie_obss_scan_parameters(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->obssScanPassiveDwell, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->obssScanActiveDwell, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->bssChannelWidthTriggerScanInterval, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->obssScanPassiveTotalPerChannel, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->obssScanActiveTotalPerChannel, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->bssWidthChannelTransitionDelayFactor, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->obssScanActivityThreshold, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_obss_scan_parameters. */ -#define SigIeOBSSScanParameters (0x0044) +#define SigIeOBSSScanParameters (0x0046) uint32_t dot11f_unpack_ie_operating_mode(tpAniSirGlobal pCtx, @@ -5081,24 +5763,26 @@ uint32_t dot11f_unpack_ie_operating_mode(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp54__; + uint8_t tmp55__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp54__ = *pBuf; - pDst->chanWidth = tmp54__ >> 0 & 0x3; - pDst->reserved = tmp54__ >> 2 & 0x3; - pDst->rxNSS = tmp54__ >> 4 & 0x7; - pDst->rxNSSType = tmp54__ >> 7 & 0x1; + tmp55__ = *pBuf; + pDst->chanWidth = tmp55__ >> 0 & 0x3; + pDst->reserved = tmp55__ >> 2 & 0x3; + pDst->rxNSS = tmp55__ >> 4 & 0x7; + pDst->rxNSSType = tmp55__ >> 7 & 0x1; (void)pCtx; return status; } /* End dot11f_unpack_ie_operating_mode. */ -#define SigIeOperatingMode (0x0045) +#define SigIeOperatingMode (0x0047) static const tTLVDefn TLVS_P2PAssocReq[] = { @@ -5130,7 +5814,7 @@ uint32_t dot11f_unpack_ie_p2_p_assoc_req(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_p2_p_assoc_req. */ -#define SigIeP2PAssocReq (0x0046) +#define SigIeP2PAssocReq (0x0048) static const tTLVDefn TLVS_P2PAssocRes[] = { @@ -5159,7 +5843,7 @@ uint32_t dot11f_unpack_ie_p2_p_assoc_res(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_p2_p_assoc_res. */ -#define SigIeP2PAssocRes (0x0047) +#define SigIeP2PAssocRes (0x0049) static const tTLVDefn TLVS_P2PBeacon[] = { @@ -5191,7 +5875,7 @@ uint32_t dot11f_unpack_ie_p2_p_beacon(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_p2_p_beacon. */ -#define SigIeP2PBeacon (0x0048) +#define SigIeP2PBeacon (0x004a) static const tTLVDefn TLVS_P2PBeaconProbeRes[] = { @@ -5233,7 +5917,7 @@ uint32_t dot11f_unpack_ie_p2_p_beacon_probe_res(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_p2_p_beacon_probe_res. */ -#define SigIeP2PBeaconProbeRes (0x0049) +#define SigIeP2PBeaconProbeRes (0x004b) static const tTLVDefn TLVS_P2PDeAuth[] = { @@ -5259,7 +5943,7 @@ uint32_t dot11f_unpack_ie_p2_p_de_auth(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_p2_p_de_auth. */ -#define SigIeP2PDeAuth (0x004a) +#define SigIeP2PDeAuth (0x004c) static const tTLVDefn TLVS_P2PDisAssoc[] = { @@ -5285,7 +5969,7 @@ uint32_t dot11f_unpack_ie_p2_p_dis_assoc(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_p2_p_dis_assoc. */ -#define SigIeP2PDisAssoc (0x004b) +#define SigIeP2PDisAssoc (0x004d) uint32_t dot11f_unpack_ie_p2_pie_opaque(tpAniSirGlobal pCtx, @@ -5310,7 +5994,7 @@ uint32_t dot11f_unpack_ie_p2_pie_opaque(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_p2_pie_opaque. */ -#define SigIeP2PIEOpaque (0x004c) +#define SigIeP2PIEOpaque (0x004e) static const tTLVDefn TLVS_P2PProbeReq[] = { @@ -5349,7 +6033,7 @@ uint32_t dot11f_unpack_ie_p2_p_probe_req(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_p2_p_probe_req. */ -#define SigIeP2PProbeReq (0x004d) +#define SigIeP2PProbeReq (0x004f) static const tTLVDefn TLVS_P2PProbeRes[] = { @@ -5388,7 +6072,7 @@ uint32_t dot11f_unpack_ie_p2_p_probe_res(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_p2_p_probe_res. */ -#define SigIeP2PProbeRes (0x004e) +#define SigIeP2PProbeRes (0x0050) uint32_t dot11f_unpack_ie_pti_control(tpAniSirGlobal pCtx, @@ -5402,21 +6086,25 @@ uint32_t dot11f_unpack_ie_pti_control(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->tid = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->sequence_control, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_pti_control. */ -#define SigIePTIControl (0x004f) +#define SigIePTIControl (0x0051) uint32_t dot11f_unpack_ie_pu_buffer_status(tpAniSirGlobal pCtx, @@ -5426,25 +6114,27 @@ uint32_t dot11f_unpack_ie_pu_buffer_status(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp55__; + uint8_t tmp56__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp55__ = *pBuf; - pDst->ac_bk_traffic_aval = tmp55__ >> 0 & 0x1; - pDst->ac_be_traffic_aval = tmp55__ >> 1 & 0x1; - pDst->ac_vi_traffic_aval = tmp55__ >> 2 & 0x1; - pDst->ac_vo_traffic_aval = tmp55__ >> 3 & 0x1; - pDst->reserved = tmp55__ >> 4 & 0xf; + tmp56__ = *pBuf; + pDst->ac_bk_traffic_aval = tmp56__ >> 0 & 0x1; + pDst->ac_be_traffic_aval = tmp56__ >> 1 & 0x1; + pDst->ac_vi_traffic_aval = tmp56__ >> 2 & 0x1; + pDst->ac_vo_traffic_aval = tmp56__ >> 3 & 0x1; + pDst->reserved = tmp56__ >> 4 & 0xf; (void)pCtx; return status; } /* End dot11f_unpack_ie_pu_buffer_status. */ -#define SigIePUBufferStatus (0x0050) +#define SigIePUBufferStatus (0x0052) uint32_t dot11f_unpack_ie_power_caps(tpAniSirGlobal pCtx, @@ -5458,21 +6148,25 @@ uint32_t dot11f_unpack_ie_power_caps(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->minTxPower = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->maxTxPower = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_power_caps. */ -#define SigIePowerCaps (0x0051) +#define SigIePowerCaps (0x0053) uint32_t dot11f_unpack_ie_power_constraints(tpAniSirGlobal pCtx, @@ -5486,15 +6180,17 @@ uint32_t dot11f_unpack_ie_power_constraints(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->localPowerConstraints = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_power_constraints. */ -#define SigIePowerConstraints (0x0052) +#define SigIePowerConstraints (0x0054) uint32_t dot11f_unpack_ie_qbss_load(tpAniSirGlobal pCtx, @@ -5508,27 +6204,33 @@ uint32_t dot11f_unpack_ie_qbss_load(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->stacount, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->chautil = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->avail, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_qbss_load. */ -#define SigIeQBSSLoad (0x0053) +#define SigIeQBSSLoad (0x0055) uint32_t dot11f_unpack_ie_QCN_IE(tpAniSirGlobal pCtx, @@ -5542,15 +6244,17 @@ uint32_t dot11f_unpack_ie_QCN_IE(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->version, pBuf, 4); (void)pCtx; return status; } /* End dot11f_unpack_ie_QCN_IE. */ -#define SigIeQCN_IE (0x0054) +#define SigIeQCN_IE (0x0056) uint32_t dot11f_unpack_ie_QComVendorIE(tpAniSirGlobal pCtx, @@ -5564,21 +6268,25 @@ uint32_t dot11f_unpack_ie_QComVendorIE(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->type = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->channel = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_QComVendorIE. */ -#define SigIeQComVendorIE (0x0055) +#define SigIeQComVendorIE (0x0057) uint32_t dot11f_unpack_ie_qos_caps_ap(tpAniSirGlobal pCtx, @@ -5588,25 +6296,27 @@ uint32_t dot11f_unpack_ie_qos_caps_ap(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp56__; + uint8_t tmp57__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp56__ = *pBuf; - pDst->count = tmp56__ >> 0 & 0xf; - pDst->qack = tmp56__ >> 4 & 0x1; - pDst->qreq = tmp56__ >> 5 & 0x1; - pDst->txopreq = tmp56__ >> 6 & 0x1; - pDst->reserved = tmp56__ >> 7 & 0x1; + tmp57__ = *pBuf; + pDst->count = tmp57__ >> 0 & 0xf; + pDst->qack = tmp57__ >> 4 & 0x1; + pDst->qreq = tmp57__ >> 5 & 0x1; + pDst->txopreq = tmp57__ >> 6 & 0x1; + pDst->reserved = tmp57__ >> 7 & 0x1; (void)pCtx; return status; } /* End dot11f_unpack_ie_qos_caps_ap. */ -#define SigIeQOSCapsAp (0x0056) +#define SigIeQOSCapsAp (0x0058) uint32_t dot11f_unpack_ie_qos_caps_station(tpAniSirGlobal pCtx, @@ -5616,27 +6326,29 @@ uint32_t dot11f_unpack_ie_qos_caps_station(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp57__; + uint8_t tmp58__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp57__ = *pBuf; - pDst->acvo_uapsd = tmp57__ >> 0 & 0x1; - pDst->acvi_uapsd = tmp57__ >> 1 & 0x1; - pDst->acbk_uapsd = tmp57__ >> 2 & 0x1; - pDst->acbe_uapsd = tmp57__ >> 3 & 0x1; - pDst->qack = tmp57__ >> 4 & 0x1; - pDst->max_sp_length = tmp57__ >> 5 & 0x3; - pDst->more_data_ack = tmp57__ >> 7 & 0x1; + tmp58__ = *pBuf; + pDst->acvo_uapsd = tmp58__ >> 0 & 0x1; + pDst->acvi_uapsd = tmp58__ >> 1 & 0x1; + pDst->acbk_uapsd = tmp58__ >> 2 & 0x1; + pDst->acbe_uapsd = tmp58__ >> 3 & 0x1; + pDst->qack = tmp58__ >> 4 & 0x1; + pDst->max_sp_length = tmp58__ >> 5 & 0x3; + pDst->more_data_ack = tmp58__ >> 7 & 0x1; (void)pCtx; return status; } /* End dot11f_unpack_ie_qos_caps_station. */ -#define SigIeQOSCapsStation (0x0057) +#define SigIeQOSCapsStation (0x0059) uint32_t dot11f_unpack_ie_qos_map_set(tpAniSirGlobal pCtx, @@ -5661,7 +6373,7 @@ uint32_t dot11f_unpack_ie_qos_map_set(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_qos_map_set. */ -#define SigIeQosMapSet (0x0058) +#define SigIeQosMapSet (0x005a) uint32_t dot11f_unpack_ie_quiet(tpAniSirGlobal pCtx, @@ -5675,33 +6387,41 @@ uint32_t dot11f_unpack_ie_quiet(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->count = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->period = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->duration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->offset, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_quiet. */ -#define SigIeQuiet (0x0059) +#define SigIeQuiet (0x005b) uint32_t dot11f_unpack_ie_rcpiie(tpAniSirGlobal pCtx, @@ -5715,15 +6435,17 @@ uint32_t dot11f_unpack_ie_rcpiie(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->rcpi = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_rcpiie. */ -#define SigIeRCPIIE (0x005a) +#define SigIeRCPIIE (0x005c) static const tFFDefn FFS_RICDataDesc[] = { @@ -5799,7 +6521,7 @@ uint32_t dot11f_unpack_ie_ric_data_desc(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_ric_data_desc. */ -#define SigIeRICDataDesc (0x005b) +#define SigIeRICDataDesc (0x005d) uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, @@ -5816,8 +6538,10 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->version, pBuf, 0); pBuf += 2; @@ -5840,12 +6564,9 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, return 0U; } else { pDst->gp_cipher_suite_present = 1; - if (unlikely(ielen < 4)) - return DOT11F_INCOMPLETE_IE; - - if (ielen < 4) { + if (unlikely(ielen < 4)) { pDst->present = 0; - return DOT11F_SKIPPED_BAD_IE; + return DOT11F_INCOMPLETE_IE; } DOT11F_MEMCPY(pCtx, pDst->gp_cipher_suite, pBuf, 4); @@ -5863,20 +6584,19 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, pDst->pmkid_count = 0U; return 0U; } else { - if (unlikely(ielen < 2)) - return DOT11F_INCOMPLETE_IE; - - if (ielen < 2) { + if (unlikely(ielen < 2)) { pDst->present = 0; - return DOT11F_SKIPPED_BAD_IE; + return DOT11F_INCOMPLETE_IE; } framesntohs(pCtx, &pDst->pwise_cipher_suite_count, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; } - if (unlikely(ielen < pDst->pwise_cipher_suite_count * 4)) + if (unlikely(ielen < pDst->pwise_cipher_suite_count * 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } if (!pDst->pwise_cipher_suite_count || pDst->pwise_cipher_suite_count > 6) { @@ -5884,11 +6604,6 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, return DOT11F_SKIPPED_BAD_IE; } - if (ielen < pDst->pwise_cipher_suite_count * 4) { - pDst->present = 0; - return DOT11F_SKIPPED_BAD_IE; - } - DOT11F_MEMCPY(pCtx, pDst->pwise_cipher_suites, pBuf, (pDst->pwise_cipher_suite_count * 4)); pBuf += (pDst->pwise_cipher_suite_count * 4); ielen -= (pDst->pwise_cipher_suite_count * 4); @@ -5900,20 +6615,19 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, pDst->pmkid_count = 0U; return 0U; } else { - if (unlikely(ielen < 2)) - return DOT11F_INCOMPLETE_IE; - - if (ielen < 2) { + if (unlikely(ielen < 2)) { pDst->present = 0; - return DOT11F_SKIPPED_BAD_IE; + return DOT11F_INCOMPLETE_IE; } framesntohs(pCtx, &pDst->akm_suite_cnt, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; } - if (unlikely(ielen < pDst->akm_suite_cnt * 4)) + if (unlikely(ielen < pDst->akm_suite_cnt * 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } if (!pDst->akm_suite_cnt || pDst->akm_suite_cnt > 6) { @@ -5921,11 +6635,6 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, return DOT11F_SKIPPED_BAD_IE; } - if (ielen < pDst->akm_suite_cnt * 4) { - pDst->present = 0; - return DOT11F_SKIPPED_BAD_IE; - } - DOT11F_MEMCPY(pCtx, pDst->akm_suite, pBuf, (pDst->akm_suite_cnt * 4)); pBuf += (pDst->akm_suite_cnt * 4); ielen -= (pDst->akm_suite_cnt * 4); @@ -5936,12 +6645,9 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, return 0U; } else { pDst->RSN_Cap_present = 1; - if (unlikely(ielen < 2)) - return DOT11F_INCOMPLETE_IE; - - if (ielen < 2) { + if (unlikely(ielen < 2)) { pDst->present = 0; - return DOT11F_SKIPPED_BAD_IE; + return DOT11F_INCOMPLETE_IE; } DOT11F_MEMCPY(pCtx, pDst->RSN_Cap, pBuf, 2); @@ -5954,27 +6660,21 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, pDst->pmkid_count = 0U; return 0U; } else { - if (unlikely(ielen < 2)) - return DOT11F_INCOMPLETE_IE; - - if (ielen < 2) { + if (unlikely(ielen < 2)) { pDst->present = 0; - return DOT11F_SKIPPED_BAD_IE; + return DOT11F_INCOMPLETE_IE; } framesntohs(pCtx, &pDst->pmkid_count, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; } - if (unlikely(ielen < pDst->pmkid_count * 16)) - return DOT11F_INCOMPLETE_IE; - - if (pDst->pmkid_count > 4) { + if (unlikely(ielen < pDst->pmkid_count * 16)) { pDst->present = 0; - return DOT11F_SKIPPED_BAD_IE; + return DOT11F_INCOMPLETE_IE; } - if (ielen < pDst->pmkid_count * 16) { + if (pDst->pmkid_count > 4) { pDst->present = 0; return DOT11F_SKIPPED_BAD_IE; } @@ -5986,12 +6686,9 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, return 0U; } else { pDst->gp_mgmt_cipher_suite_present = 1; - if (unlikely(ielen < 4)) - return DOT11F_INCOMPLETE_IE; - - if (ielen < 4) { + if (unlikely(ielen < 4)) { pDst->present = 0; - return DOT11F_SKIPPED_BAD_IE; + return DOT11F_INCOMPLETE_IE; } DOT11F_MEMCPY(pCtx, pDst->gp_mgmt_cipher_suite, pBuf, 4); @@ -6000,7 +6697,7 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_rsn. */ -#define SigIeRSN (0x005c) +#define SigIeRSN (0x005e) uint32_t dot11f_unpack_ie_rsniie(tpAniSirGlobal pCtx, @@ -6014,15 +6711,17 @@ uint32_t dot11f_unpack_ie_rsniie(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->rsni = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_rsniie. */ -#define SigIeRSNIIE (0x005d) +#define SigIeRSNIIE (0x005f) uint32_t dot11f_unpack_ie_rsn_opaque(tpAniSirGlobal pCtx, @@ -6047,7 +6746,7 @@ uint32_t dot11f_unpack_ie_rsn_opaque(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_rsn_opaque. */ -#define SigIeRSNOpaque (0x005e) +#define SigIeRSNOpaque (0x0060) uint32_t dot11f_unpack_ie_supp_channels(tpAniSirGlobal pCtx, @@ -6072,7 +6771,7 @@ uint32_t dot11f_unpack_ie_supp_channels(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_supp_channels. */ -#define SigIeSuppChannels (0x005f) +#define SigIeSuppChannels (0x0061) uint32_t dot11f_unpack_ie_supp_operating_classes(tpAniSirGlobal pCtx, @@ -6097,7 +6796,7 @@ uint32_t dot11f_unpack_ie_supp_operating_classes(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_supp_operating_classes. */ -#define SigIeSuppOperatingClasses (0x0060) +#define SigIeSuppOperatingClasses (0x0062) uint32_t dot11f_unpack_ie_supp_rates(tpAniSirGlobal pCtx, @@ -6130,7 +6829,7 @@ uint32_t dot11f_unpack_ie_supp_rates(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_supp_rates. */ -#define SigIeSuppRates (0x0061) +#define SigIeSuppRates (0x0063) uint32_t dot11f_unpack_ie_tim(tpAniSirGlobal pCtx, @@ -6144,20 +6843,26 @@ uint32_t dot11f_unpack_ie_tim(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->dtim_count = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->dtim_period = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->bmpctl = *pBuf; pBuf += 1; @@ -6173,7 +6878,7 @@ uint32_t dot11f_unpack_ie_tim(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_tim. */ -#define SigIeTIM (0x0062) +#define SigIeTIM (0x0064) uint32_t dot11f_unpack_ie_tpc_report(tpAniSirGlobal pCtx, @@ -6187,21 +6892,25 @@ uint32_t dot11f_unpack_ie_tpc_report(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->tx_power = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->link_margin = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_tpc_report. */ -#define SigIeTPCReport (0x0063) +#define SigIeTPCReport (0x0065) uint32_t dot11f_unpack_ie_tpc_request(tpAniSirGlobal pCtx, @@ -6219,7 +6928,7 @@ uint32_t dot11f_unpack_ie_tpc_request(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_tpc_request. */ -#define SigIeTPCRequest (0x0064) +#define SigIeTPCRequest (0x0066) uint32_t dot11f_unpack_ie_time_advertisement(tpAniSirGlobal pCtx, @@ -6233,27 +6942,33 @@ uint32_t dot11f_unpack_ie_time_advertisement(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->timing_capabilities = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 10)) + if (unlikely(ielen < 10)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->time_value, pBuf, 10); pBuf += 10; ielen -= (uint8_t)10; - if (unlikely(ielen < 5)) + if (unlikely(ielen < 5)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->time_error, pBuf, 5); (void)pCtx; return status; } /* End dot11f_unpack_ie_time_advertisement. */ -#define SigIeTimeAdvertisement (0x0065) +#define SigIeTimeAdvertisement (0x0067) uint32_t dot11f_unpack_ie_timeout_interval(tpAniSirGlobal pCtx, @@ -6267,21 +6982,25 @@ uint32_t dot11f_unpack_ie_timeout_interval(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->timeoutType = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->timeoutValue, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_timeout_interval. */ -#define SigIeTimeoutInterval (0x0066) +#define SigIeTimeoutInterval (0x0068) uint32_t dot11f_unpack_ie_vht_ext_bss_load(tpAniSirGlobal pCtx, @@ -6295,39 +7014,49 @@ uint32_t dot11f_unpack_ie_vht_ext_bss_load(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->muMIMOCapStaCount = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->ssUnderUtil = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->FortyMHzUtil = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->EightyMHzUtil = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->OneSixtyMHzUtil = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_vht_ext_bss_load. */ -#define SigIeVHTExtBssLoad (0x0067) +#define SigIeVHTExtBssLoad (0x0069) uint32_t dot11f_unpack_ie_vendor1_ie(tpAniSirGlobal pCtx, @@ -6345,7 +7074,7 @@ uint32_t dot11f_unpack_ie_vendor1_ie(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_vendor1_ie. */ -#define SigIeVendor1IE (0x0068) +#define SigIeVendor1IE (0x006a) uint32_t dot11f_unpack_ie_vendor3_ie(tpAniSirGlobal pCtx, @@ -6363,7 +7092,7 @@ uint32_t dot11f_unpack_ie_vendor3_ie(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_vendor3_ie. */ -#define SigIeVendor3IE (0x0069) +#define SigIeVendor3IE (0x006b) uint32_t dot11f_unpack_ie_wapi(tpAniSirGlobal pCtx, @@ -6373,13 +7102,15 @@ uint32_t dot11f_unpack_ie_wapi(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint16_t tmp58__; + uint16_t tmp59__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->version, pBuf, 0); pBuf += 2; @@ -6388,14 +7119,18 @@ uint32_t dot11f_unpack_ie_wapi(tpAniSirGlobal pCtx, pDst->present = 0; return status | DOT11F_BAD_FIXED_VALUE; } - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->akm_suite_count, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < pDst->akm_suite_count * 4)) + if (unlikely(ielen < pDst->akm_suite_count * 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } if (pDst->akm_suite_count > 4) { pDst->present = 0; @@ -6405,14 +7140,18 @@ uint32_t dot11f_unpack_ie_wapi(tpAniSirGlobal pCtx, DOT11F_MEMCPY(pCtx, pDst->akm_suites, pBuf, (pDst->akm_suite_count * 4)); pBuf += (pDst->akm_suite_count * 4); ielen -= (pDst->akm_suite_count * 4); - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->unicast_cipher_suite_count, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < pDst->unicast_cipher_suite_count * 4)) + if (unlikely(ielen < pDst->unicast_cipher_suite_count * 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } if (pDst->unicast_cipher_suite_count > 4) { pDst->present = 0; @@ -6422,33 +7161,41 @@ uint32_t dot11f_unpack_ie_wapi(tpAniSirGlobal pCtx, DOT11F_MEMCPY(pCtx, pDst->unicast_cipher_suites, pBuf, (pDst->unicast_cipher_suite_count * 4)); pBuf += (pDst->unicast_cipher_suite_count * 4); ielen -= (pDst->unicast_cipher_suite_count * 4); - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->multicast_cipher_suite, pBuf, 4); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - framesntohs(pCtx, &tmp58__, pBuf, 0); + framesntohs(pCtx, &tmp59__, pBuf, 0); pBuf += 2; ielen -= 2; - pDst->preauth = tmp58__ >> 0 & 0x1; - pDst->reserved = tmp58__ >> 1 & 0x7fff; + pDst->preauth = tmp59__ >> 0 & 0x1; + pDst->reserved = tmp59__ >> 1 & 0x7fff; if (!ielen) { pDst->bkid_count = 0U; return 0U; } else { - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->bkid_count, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; } - if (unlikely(ielen < pDst->bkid_count * 16)) + if (unlikely(ielen < pDst->bkid_count * 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } if (pDst->bkid_count > 4) { pDst->present = 0; @@ -6460,7 +7207,7 @@ uint32_t dot11f_unpack_ie_wapi(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wapi. */ -#define SigIeWAPI (0x006a) +#define SigIeWAPI (0x006c) uint32_t dot11f_unpack_ie_wapi_opaque(tpAniSirGlobal pCtx, @@ -6485,7 +7232,7 @@ uint32_t dot11f_unpack_ie_wapi_opaque(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wapi_opaque. */ -#define SigIeWAPIOpaque (0x006b) +#define SigIeWAPIOpaque (0x006d) uint32_t dot11f_unpack_ie_wfatpc(tpAniSirGlobal pCtx, @@ -6499,21 +7246,25 @@ uint32_t dot11f_unpack_ie_wfatpc(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->txPower = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->linkMargin = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_wfatpc. */ -#define SigIeWFATPC (0x006c) +#define SigIeWFATPC (0x006e) uint32_t dot11f_unpack_ie_wfdie_opaque(tpAniSirGlobal pCtx, @@ -6538,7 +7289,7 @@ uint32_t dot11f_unpack_ie_wfdie_opaque(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wfdie_opaque. */ -#define SigIeWFDIEOpaque (0x006d) +#define SigIeWFDIEOpaque (0x006f) uint32_t dot11f_unpack_ie_wmm_caps(tpAniSirGlobal pCtx, @@ -6548,13 +7299,15 @@ uint32_t dot11f_unpack_ie_wmm_caps(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp59__; + uint8_t tmp60__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; pBuf += 1; @@ -6563,20 +7316,22 @@ uint32_t dot11f_unpack_ie_wmm_caps(tpAniSirGlobal pCtx, pDst->present = 0; return status | DOT11F_BAD_FIXED_VALUE; } - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp59__ = *pBuf; - pDst->reserved = tmp59__ >> 0 & 0xf; - pDst->qack = tmp59__ >> 4 & 0x1; - pDst->queue_request = tmp59__ >> 5 & 0x1; - pDst->txop_request = tmp59__ >> 6 & 0x1; - pDst->more_ack = tmp59__ >> 7 & 0x1; + tmp60__ = *pBuf; + pDst->reserved = tmp60__ >> 0 & 0xf; + pDst->qack = tmp60__ >> 4 & 0x1; + pDst->queue_request = tmp60__ >> 5 & 0x1; + pDst->txop_request = tmp60__ >> 6 & 0x1; + pDst->more_ack = tmp60__ >> 7 & 0x1; (void)pCtx; return status; } /* End dot11f_unpack_ie_wmm_caps. */ -#define SigIeWMMCaps (0x006e) +#define SigIeWMMCaps (0x0070) uint32_t dot11f_unpack_ie_wmm_info_ap(tpAniSirGlobal pCtx, @@ -6586,29 +7341,33 @@ uint32_t dot11f_unpack_ie_wmm_info_ap(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp60__; + uint8_t tmp61__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp60__ = *pBuf; - pDst->param_set_count = tmp60__ >> 0 & 0xf; - pDst->reserved = tmp60__ >> 4 & 0x7; - pDst->uapsd = tmp60__ >> 7 & 0x1; + tmp61__ = *pBuf; + pDst->param_set_count = tmp61__ >> 0 & 0xf; + pDst->reserved = tmp61__ >> 4 & 0x7; + pDst->uapsd = tmp61__ >> 7 & 0x1; (void)pCtx; return status; } /* End dot11f_unpack_ie_wmm_info_ap. */ -#define SigIeWMMInfoAp (0x006f) +#define SigIeWMMInfoAp (0x0071) uint32_t dot11f_unpack_ie_wmm_info_station(tpAniSirGlobal pCtx, @@ -6618,33 +7377,37 @@ uint32_t dot11f_unpack_ie_wmm_info_station(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp61__; + uint8_t tmp62__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp61__ = *pBuf; - pDst->acvo_uapsd = tmp61__ >> 0 & 0x1; - pDst->acvi_uapsd = tmp61__ >> 1 & 0x1; - pDst->acbk_uapsd = tmp61__ >> 2 & 0x1; - pDst->acbe_uapsd = tmp61__ >> 3 & 0x1; - pDst->reserved1 = tmp61__ >> 4 & 0x1; - pDst->max_sp_length = tmp61__ >> 5 & 0x3; - pDst->reserved2 = tmp61__ >> 7 & 0x1; + tmp62__ = *pBuf; + pDst->acvo_uapsd = tmp62__ >> 0 & 0x1; + pDst->acvi_uapsd = tmp62__ >> 1 & 0x1; + pDst->acbk_uapsd = tmp62__ >> 2 & 0x1; + pDst->acbe_uapsd = tmp62__ >> 3 & 0x1; + pDst->reserved1 = tmp62__ >> 4 & 0x1; + pDst->max_sp_length = tmp62__ >> 5 & 0x3; + pDst->reserved2 = tmp62__ >> 7 & 0x1; (void)pCtx; return status; } /* End dot11f_unpack_ie_wmm_info_station. */ -#define SigIeWMMInfoStation (0x0070) +#define SigIeWMMInfoStation (0x0072) uint32_t dot11f_unpack_ie_wmm_params(tpAniSirGlobal pCtx, @@ -6654,7 +7417,6 @@ uint32_t dot11f_unpack_ie_wmm_params(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp62__; uint8_t tmp63__; uint8_t tmp64__; uint8_t tmp65__; @@ -6662,12 +7424,15 @@ uint32_t dot11f_unpack_ie_wmm_params(tpAniSirGlobal pCtx, uint8_t tmp67__; uint8_t tmp68__; uint8_t tmp69__; + uint8_t tmp70__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; pBuf += 1; @@ -6676,117 +7441,145 @@ uint32_t dot11f_unpack_ie_wmm_params(tpAniSirGlobal pCtx, pDst->present = 0; return status | DOT11F_BAD_FIXED_VALUE; } - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->qosInfo = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->reserved2 = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp62__ = *pBuf; + tmp63__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acbe_aifsn = tmp62__ >> 0 & 0xf; - pDst->acbe_acm = tmp62__ >> 4 & 0x1; - pDst->acbe_aci = tmp62__ >> 5 & 0x3; - pDst->unused1 = tmp62__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->acbe_aifsn = tmp63__ >> 0 & 0xf; + pDst->acbe_acm = tmp63__ >> 4 & 0x1; + pDst->acbe_aci = tmp63__ >> 5 & 0x3; + pDst->unused1 = tmp63__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp63__ = *pBuf; + tmp64__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acbe_acwmin = tmp63__ >> 0 & 0xf; - pDst->acbe_acwmax = tmp63__ >> 4 & 0xf; - if (unlikely(ielen < 2)) + pDst->acbe_acwmin = tmp64__ >> 0 & 0xf; + pDst->acbe_acwmax = tmp64__ >> 4 & 0xf; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->acbe_txoplimit, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp64__ = *pBuf; + tmp65__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acbk_aifsn = tmp64__ >> 0 & 0xf; - pDst->acbk_acm = tmp64__ >> 4 & 0x1; - pDst->acbk_aci = tmp64__ >> 5 & 0x3; - pDst->unused2 = tmp64__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->acbk_aifsn = tmp65__ >> 0 & 0xf; + pDst->acbk_acm = tmp65__ >> 4 & 0x1; + pDst->acbk_aci = tmp65__ >> 5 & 0x3; + pDst->unused2 = tmp65__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp65__ = *pBuf; + tmp66__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acbk_acwmin = tmp65__ >> 0 & 0xf; - pDst->acbk_acwmax = tmp65__ >> 4 & 0xf; - if (unlikely(ielen < 2)) + pDst->acbk_acwmin = tmp66__ >> 0 & 0xf; + pDst->acbk_acwmax = tmp66__ >> 4 & 0xf; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->acbk_txoplimit, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp66__ = *pBuf; + tmp67__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acvi_aifsn = tmp66__ >> 0 & 0xf; - pDst->acvi_acm = tmp66__ >> 4 & 0x1; - pDst->acvi_aci = tmp66__ >> 5 & 0x3; - pDst->unused3 = tmp66__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->acvi_aifsn = tmp67__ >> 0 & 0xf; + pDst->acvi_acm = tmp67__ >> 4 & 0x1; + pDst->acvi_aci = tmp67__ >> 5 & 0x3; + pDst->unused3 = tmp67__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp67__ = *pBuf; + tmp68__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acvi_acwmin = tmp67__ >> 0 & 0xf; - pDst->acvi_acwmax = tmp67__ >> 4 & 0xf; - if (unlikely(ielen < 2)) + pDst->acvi_acwmin = tmp68__ >> 0 & 0xf; + pDst->acvi_acwmax = tmp68__ >> 4 & 0xf; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->acvi_txoplimit, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp68__ = *pBuf; + tmp69__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acvo_aifsn = tmp68__ >> 0 & 0xf; - pDst->acvo_acm = tmp68__ >> 4 & 0x1; - pDst->acvo_aci = tmp68__ >> 5 & 0x3; - pDst->unused4 = tmp68__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->acvo_aifsn = tmp69__ >> 0 & 0xf; + pDst->acvo_acm = tmp69__ >> 4 & 0x1; + pDst->acvo_aci = tmp69__ >> 5 & 0x3; + pDst->unused4 = tmp69__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp69__ = *pBuf; + tmp70__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acvo_acwmin = tmp69__ >> 0 & 0xf; - pDst->acvo_acwmax = tmp69__ >> 4 & 0xf; - if (unlikely(ielen < 2)) + pDst->acvo_acwmin = tmp70__ >> 0 & 0xf; + pDst->acvo_acwmax = tmp70__ >> 4 & 0xf; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->acvo_txoplimit, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_wmm_params. */ -#define SigIeWMMParams (0x0071) +#define SigIeWMMParams (0x0073) uint32_t dot11f_unpack_ie_wpa(tpAniSirGlobal pCtx, @@ -6800,8 +7593,10 @@ uint32_t dot11f_unpack_ie_wpa(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->version, pBuf, 0); pBuf += 2; @@ -6817,8 +7612,10 @@ uint32_t dot11f_unpack_ie_wpa(tpAniSirGlobal pCtx, return 0U; } else { pDst->multicast_cipher_present = 1U; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->multicast_cipher, pBuf, 4); pBuf += 4; @@ -6829,15 +7626,19 @@ uint32_t dot11f_unpack_ie_wpa(tpAniSirGlobal pCtx, pDst->auth_suite_count = 0U; return 0U; } else { - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->unicast_cipher_count, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; } - if (unlikely(ielen < pDst->unicast_cipher_count * 4)) + if (unlikely(ielen < pDst->unicast_cipher_count * 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } if (pDst->unicast_cipher_count > 4) { pDst->present = 0; @@ -6851,15 +7652,19 @@ uint32_t dot11f_unpack_ie_wpa(tpAniSirGlobal pCtx, pDst->auth_suite_count = 0U; return 0U; } else { - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->auth_suite_count, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; } - if (unlikely(ielen < pDst->auth_suite_count * 4)) + if (unlikely(ielen < pDst->auth_suite_count * 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } if (pDst->auth_suite_count > 4) { pDst->present = 0; @@ -6872,8 +7677,10 @@ uint32_t dot11f_unpack_ie_wpa(tpAniSirGlobal pCtx, if (!ielen) { return 0U; } else { - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->caps, pBuf, 0); } @@ -6881,7 +7688,7 @@ uint32_t dot11f_unpack_ie_wpa(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wpa. */ -#define SigIeWPA (0x0072) +#define SigIeWPA (0x0074) uint32_t dot11f_unpack_ie_wpa_opaque(tpAniSirGlobal pCtx, @@ -6906,7 +7713,7 @@ uint32_t dot11f_unpack_ie_wpa_opaque(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wpa_opaque. */ -#define SigIeWPAOpaque (0x0073) +#define SigIeWPAOpaque (0x0075) static const tTLVDefn TLVS_WSC[] = { @@ -6997,7 +7804,7 @@ uint32_t dot11f_unpack_ie_wsc(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wsc. */ -#define SigIeWSC (0x0074) +#define SigIeWSC (0x0076) static const tTLVDefn TLVS_WscAssocReq[] = { @@ -7029,7 +7836,7 @@ uint32_t dot11f_unpack_ie_wsc_assoc_req(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wsc_assoc_req. */ -#define SigIeWscAssocReq (0x0075) +#define SigIeWscAssocReq (0x0077) static const tTLVDefn TLVS_WscAssocRes[] = { @@ -7061,7 +7868,7 @@ uint32_t dot11f_unpack_ie_wsc_assoc_res(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wsc_assoc_res. */ -#define SigIeWscAssocRes (0x0076) +#define SigIeWscAssocRes (0x0078) static const tTLVDefn TLVS_WscBeacon[] = { @@ -7114,7 +7921,7 @@ uint32_t dot11f_unpack_ie_wsc_beacon(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wsc_beacon. */ -#define SigIeWscBeacon (0x0077) +#define SigIeWscBeacon (0x0079) static const tTLVDefn TLVS_WscBeaconProbeRes[] = { @@ -7192,7 +7999,7 @@ uint32_t dot11f_unpack_ie_wsc_beacon_probe_res(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wsc_beacon_probe_res. */ -#define SigIeWscBeaconProbeRes (0x0078) +#define SigIeWscBeaconProbeRes (0x007a) uint32_t dot11f_unpack_ie_wsc_ie_opaque(tpAniSirGlobal pCtx, @@ -7217,7 +8024,7 @@ uint32_t dot11f_unpack_ie_wsc_ie_opaque(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wsc_ie_opaque. */ -#define SigIeWscIEOpaque (0x0079) +#define SigIeWscIEOpaque (0x007b) static const tTLVDefn TLVS_WscProbeReq[] = { @@ -7290,7 +8097,7 @@ uint32_t dot11f_unpack_ie_wsc_probe_req(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wsc_probe_req. */ -#define SigIeWscProbeReq (0x007a) +#define SigIeWscProbeReq (0x007c) static const tTLVDefn TLVS_WscProbeRes[] = { @@ -7368,7 +8175,7 @@ uint32_t dot11f_unpack_ie_wsc_probe_res(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wsc_probe_res. */ -#define SigIeWscProbeRes (0x007b) +#define SigIeWscProbeRes (0x007d) static const tTLVDefn TLVS_WscReassocRes[] = { @@ -7400,7 +8207,7 @@ uint32_t dot11f_unpack_ie_wsc_reassoc_res(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wsc_reassoc_res. */ -#define SigIeWscReassocRes (0x007c) +#define SigIeWscReassocRes (0x007e) uint32_t dot11f_unpack_ie_dh_parameter_element(tpAniSirGlobal pCtx, @@ -7414,8 +8221,10 @@ uint32_t dot11f_unpack_ie_dh_parameter_element(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->group, pBuf, 2); pBuf += 2; @@ -7426,7 +8235,7 @@ uint32_t dot11f_unpack_ie_dh_parameter_element(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_dh_parameter_element. */ -#define SigIedh_parameter_element (0x007d) +#define SigIedh_parameter_element (0x007f) uint32_t dot11f_unpack_ie_ext_chan_switch_ann(tpAniSirGlobal pCtx, @@ -7440,33 +8249,41 @@ uint32_t dot11f_unpack_ie_ext_chan_switch_ann(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->switch_mode = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->new_reg_class = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->new_channel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->switch_count = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_ext_chan_switch_ann. */ -#define SigIeext_chan_switch_ann (0x007e) +#define SigIeext_chan_switch_ann (0x0080) uint32_t dot11f_unpack_ie_fils_assoc_delay_info(tpAniSirGlobal pCtx, @@ -7480,15 +8297,17 @@ uint32_t dot11f_unpack_ie_fils_assoc_delay_info(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->assoc_delay_info = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_fils_assoc_delay_info. */ -#define SigIefils_assoc_delay_info (0x007f) +#define SigIefils_assoc_delay_info (0x0081) uint32_t dot11f_unpack_ie_fils_hlp_container(tpAniSirGlobal pCtx, @@ -7502,14 +8321,18 @@ uint32_t dot11f_unpack_ie_fils_hlp_container(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->dest_mac, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->src_mac, pBuf, 6); pBuf += 6; @@ -7520,7 +8343,7 @@ uint32_t dot11f_unpack_ie_fils_hlp_container(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_fils_hlp_container. */ -#define SigIefils_hlp_container (0x0080) +#define SigIefils_hlp_container (0x0082) uint32_t dot11f_unpack_ie_fils_indication(tpAniSirGlobal pCtx, @@ -7530,33 +8353,35 @@ uint32_t dot11f_unpack_ie_fils_indication(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint16_t tmp70__; + uint16_t tmp71__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - framesntohs(pCtx, &tmp70__, pBuf, 0); + framesntohs(pCtx, &tmp71__, pBuf, 0); pBuf += 2; ielen -= 2; - pDst->public_key_identifiers_cnt = tmp70__ >> 0 & 0x7; - pDst->realm_identifiers_cnt = tmp70__ >> 3 & 0x7; - pDst->is_ip_config_supported = tmp70__ >> 6 & 0x1; - pDst->is_cache_id_present = tmp70__ >> 7 & 0x1; - pDst->is_hessid_present = tmp70__ >> 8 & 0x1; - pDst->is_fils_sk_auth_supported = tmp70__ >> 9 & 0x1; - pDst->is_fils_sk_auth_pfs_supported = tmp70__ >> 10 & 0x1; - pDst->is_pk_auth_supported = tmp70__ >> 11 & 0x1; - pDst->reserved = tmp70__ >> 12 & 0xf; + pDst->public_key_identifiers_cnt = tmp71__ >> 0 & 0x7; + pDst->realm_identifiers_cnt = tmp71__ >> 3 & 0x7; + pDst->is_ip_config_supported = tmp71__ >> 6 & 0x1; + pDst->is_cache_id_present = tmp71__ >> 7 & 0x1; + pDst->is_hessid_present = tmp71__ >> 8 & 0x1; + pDst->is_fils_sk_auth_supported = tmp71__ >> 9 & 0x1; + pDst->is_fils_sk_auth_pfs_supported = tmp71__ >> 10 & 0x1; + pDst->is_pk_auth_supported = tmp71__ >> 11 & 0x1; + pDst->reserved = tmp71__ >> 12 & 0xf; pDst->num_variable_data = (uint8_t)(ielen); DOT11F_MEMCPY(pCtx, pDst->variable_data, pBuf, (ielen)); (void)pCtx; return status; } /* End dot11f_unpack_ie_fils_indication. */ -#define SigIefils_indication (0x0081) +#define SigIefils_indication (0x0083) uint32_t dot11f_unpack_ie_fils_kde(tpAniSirGlobal pCtx, @@ -7570,8 +8395,10 @@ uint32_t dot11f_unpack_ie_fils_kde(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->key_rsc, pBuf, 8); pBuf += 8; @@ -7582,7 +8409,7 @@ uint32_t dot11f_unpack_ie_fils_kde(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_fils_kde. */ -#define SigIefils_kde (0x0082) +#define SigIefils_kde (0x0084) uint32_t dot11f_unpack_ie_fils_key_confirmation(tpAniSirGlobal pCtx, @@ -7602,7 +8429,7 @@ uint32_t dot11f_unpack_ie_fils_key_confirmation(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_fils_key_confirmation. */ -#define SigIefils_key_confirmation (0x0083) +#define SigIefils_key_confirmation (0x0085) uint32_t dot11f_unpack_ie_fils_nonce(tpAniSirGlobal pCtx, @@ -7616,15 +8443,17 @@ uint32_t dot11f_unpack_ie_fils_nonce(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 16)) + if (unlikely(ielen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->nonce, pBuf, 16); (void)pCtx; return status; } /* End dot11f_unpack_ie_fils_nonce. */ -#define SigIefils_nonce (0x0084) +#define SigIefils_nonce (0x0086) uint32_t dot11f_unpack_ie_fils_public_key(tpAniSirGlobal pCtx, @@ -7638,8 +8467,10 @@ uint32_t dot11f_unpack_ie_fils_public_key(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->key_type = *pBuf; pBuf += 1; @@ -7650,7 +8481,7 @@ uint32_t dot11f_unpack_ie_fils_public_key(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_fils_public_key. */ -#define SigIefils_public_key (0x0085) +#define SigIefils_public_key (0x0087) uint32_t dot11f_unpack_ie_fils_session(tpAniSirGlobal pCtx, @@ -7664,15 +8495,17 @@ uint32_t dot11f_unpack_ie_fils_session(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->session, pBuf, 8); (void)pCtx; return status; } /* End dot11f_unpack_ie_fils_session. */ -#define SigIefils_session (0x0086) +#define SigIefils_session (0x0088) uint32_t dot11f_unpack_ie_fils_wrapped_data(tpAniSirGlobal pCtx, @@ -7692,7 +8525,7 @@ uint32_t dot11f_unpack_ie_fils_wrapped_data(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_fils_wrapped_data. */ -#define SigIefils_wrapped_data (0x0087) +#define SigIefils_wrapped_data (0x0089) uint32_t dot11f_unpack_ie_fragment_ie(tpAniSirGlobal pCtx, @@ -7712,7 +8545,7 @@ uint32_t dot11f_unpack_ie_fragment_ie(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_fragment_ie. */ -#define SigIefragment_ie (0x0088) +#define SigIefragment_ie (0x008a) uint32_t dot11f_unpack_ie_hs20vendor_ie(tpAniSirGlobal pCtx, @@ -7722,36 +8555,42 @@ uint32_t dot11f_unpack_ie_hs20vendor_ie(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp71__; + uint8_t tmp72__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp71__ = *pBuf; + tmp72__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->dgaf_dis = tmp71__ >> 0 & 0x1; - pDst->hs_id_present = tmp71__ >> 1 & 0x3; - pDst->reserved = tmp71__ >> 3 & 0x1; - pDst->release_num = tmp71__ >> 4 & 0xf; + pDst->dgaf_dis = tmp72__ >> 0 & 0x1; + pDst->hs_id_present = tmp72__ >> 1 & 0x3; + pDst->reserved = tmp72__ >> 3 & 0x1; + pDst->release_num = tmp72__ >> 4 & 0xf; if (!ielen) { return 0U; } else { switch (pDst->hs_id_present) { case 1: - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->hs_id.pps_mo.pps_mo_id, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; break; case 2: - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->hs_id.anqp_domain.anqp_domain_id, pBuf, 0); pBuf += 2; @@ -7763,7 +8602,7 @@ uint32_t dot11f_unpack_ie_hs20vendor_ie(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_hs20vendor_ie. */ -#define SigIehs20vendor_ie (0x0089) +#define SigIehs20vendor_ie (0x008b) uint32_t dot11f_unpack_ie_ht2040_bss_coexistence(tpAniSirGlobal pCtx, @@ -7773,26 +8612,28 @@ uint32_t dot11f_unpack_ie_ht2040_bss_coexistence(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp72__; + uint8_t tmp73__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp72__ = *pBuf; - pDst->info_request = tmp72__ >> 0 & 0x1; - pDst->forty_mhz_intolerant = tmp72__ >> 1 & 0x1; - pDst->twenty_mhz_bsswidth_req = tmp72__ >> 2 & 0x1; - pDst->obss_scan_exemption_req = tmp72__ >> 3 & 0x1; - pDst->obss_scan_exemption_grant = tmp72__ >> 4 & 0x1; - pDst->unused = tmp72__ >> 5 & 0x7; + tmp73__ = *pBuf; + pDst->info_request = tmp73__ >> 0 & 0x1; + pDst->forty_mhz_intolerant = tmp73__ >> 1 & 0x1; + pDst->twenty_mhz_bsswidth_req = tmp73__ >> 2 & 0x1; + pDst->obss_scan_exemption_req = tmp73__ >> 3 & 0x1; + pDst->obss_scan_exemption_grant = tmp73__ >> 4 & 0x1; + pDst->unused = tmp73__ >> 5 & 0x7; (void)pCtx; return status; } /* End dot11f_unpack_ie_ht2040_bss_coexistence. */ -#define SigIeht2040_bss_coexistence (0x008a) +#define SigIeht2040_bss_coexistence (0x008c) uint32_t dot11f_unpack_ie_ht2040_bss_intolerant_report(tpAniSirGlobal pCtx, @@ -7806,8 +8647,10 @@ uint32_t dot11f_unpack_ie_ht2040_bss_intolerant_report(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->operating_class = *pBuf; pBuf += 1; @@ -7823,7 +8666,7 @@ uint32_t dot11f_unpack_ie_ht2040_bss_intolerant_report(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_ht2040_bss_intolerant_report. */ -#define SigIeht2040_bss_intolerant_report (0x008b) +#define SigIeht2040_bss_intolerant_report (0x008d) uint32_t dot11f_unpack_ie_osen_ie(tpAniSirGlobal pCtx, @@ -7843,7 +8686,7 @@ uint32_t dot11f_unpack_ie_osen_ie(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_osen_ie. */ -#define SigIeosen_ie (0x008c) +#define SigIeosen_ie (0x008e) uint32_t dot11f_unpack_ie_sec_chan_offset_ele(tpAniSirGlobal pCtx, @@ -7857,15 +8700,17 @@ uint32_t dot11f_unpack_ie_sec_chan_offset_ele(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->secondaryChannelOffset = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_sec_chan_offset_ele. */ -#define SigIesec_chan_offset_ele (0x008d) +#define SigIesec_chan_offset_ele (0x008f) static const tFFDefn FFS_vendor_vht_ie[] = { @@ -7894,8 +8739,10 @@ uint32_t dot11f_unpack_ie_vendor_vht_ie(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->sub_type = *pBuf; pBuf += 1; @@ -7912,7 +8759,7 @@ uint32_t dot11f_unpack_ie_vendor_vht_ie(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_vendor_vht_ie. */ -#define SigIevendor_vht_ie (0x008e) +#define SigIevendor_vht_ie (0x0090) static const tFFDefn FFS_AddTSRequest[] = { @@ -11574,6 +12421,26 @@ static uint32_t unpack_core(tpAniSirGlobal pCtx, countOffset), append_ie); break; + case SigIebeacon_report_frm_body_fragment_id: + status |= + dot11f_unpack_ie_beacon_report_frm_body_fragment_id( + pCtx, pBufRemaining, len, + (tDot11fIEbeacon_report_frm_body_fragment_id *) + (pFrm + pIe->offset + + sizeof(tDot11fIEbeacon_report_frm_body_fragment_id) * + countOffset), + append_ie); + break; + case SigIelast_beacon_report_indication: + status |= + dot11f_unpack_ie_last_beacon_report_indication( + pCtx, pBufRemaining, len, + (tDot11fIElast_beacon_report_indication *) + (pFrm + pIe->offset + + sizeof(tDot11fIElast_beacon_report_indication) * + countOffset), + append_ie); + break; case SigIemax_age: status |= dot11f_unpack_ie_max_age( @@ -12160,7 +13027,7 @@ static uint32_t unpack_core(tpAniSirGlobal pCtx, append_ie); break; case SigIeRICDataDesc: - /* reset the pointers back since this is a container IE and it doesnt have its own EID and Len. */ + /* reset the pointers back since this is a container IE and it doesn't have its own EID and Len. */ pBufRemaining -= 2; nBufRemaining += 2; if (pIe && pIe->noui) { @@ -14734,6 +15601,20 @@ static uint32_t get_packed_size_core(tpAniSirGlobal pCtx, (pFrm + pIe->offset + offset * i))-> present; break; + case SigIebeacon_report_frm_body_fragment_id: + offset = sizeof(tDot11fIEbeacon_report_frm_body_fragment_id); + byteCount = 2; + pIePresent = ((tDot11fIEbeacon_report_frm_body_fragment_id *) + (pFrm + pIe->offset + offset * i))-> + present; + break; + case SigIelast_beacon_report_indication: + offset = sizeof(tDot11fIElast_beacon_report_indication); + byteCount = 1; + pIePresent = ((tDot11fIElast_beacon_report_indication *) + (pFrm + pIe->offset + offset * i))-> + present; + break; case SigIemax_age: offset = sizeof(tDot11fIEmax_age); byteCount = 2; @@ -15189,7 +16070,7 @@ static uint32_t get_packed_size_core(tpAniSirGlobal pCtx, break; case SigIeRICDataDesc: offset = sizeof(tDot11fIERICDataDesc); - pnNeeded -= 2 ; /* Subtract the length and Oui as this is our container IE to group Ies and it doesnt have its own length and OUI. */ + pnNeeded -= 2 ; /* Subtract the length and Oui as this is our container IE to group Ies and it doesn't have its own length and OUI. */ status |= dot11f_get_packed_ieric_data_desc( pCtx, (tDot11fIERICDataDesc *) @@ -15943,25 +16824,25 @@ void dot11f_pack_ff_capabilities(tpAniSirGlobal pCtx, tDot11fFfCapabilities *pSrc, uint8_t *pBuf) { - uint16_t tmp73__; - tmp73__ = 0U; - tmp73__ |= (pSrc->ess << 0); - tmp73__ |= (pSrc->ibss << 1); - tmp73__ |= (pSrc->cfPollable << 2); - tmp73__ |= (pSrc->cfPollReq << 3); - tmp73__ |= (pSrc->privacy << 4); - tmp73__ |= (pSrc->shortPreamble << 5); - tmp73__ |= (pSrc->pbcc << 6); - tmp73__ |= (pSrc->channelAgility << 7); - tmp73__ |= (pSrc->spectrumMgt << 8); - tmp73__ |= (pSrc->qos << 9); - tmp73__ |= (pSrc->shortSlotTime << 10); - tmp73__ |= (pSrc->apsd << 11); - tmp73__ |= (pSrc->rrm << 12); - tmp73__ |= (pSrc->dsssOfdm << 13); - tmp73__ |= (pSrc->delayedBA << 14); - tmp73__ |= (pSrc->immediateBA << 15); - frameshtons(pCtx, pBuf, tmp73__, 0); + uint16_t tmp74__; + tmp74__ = 0U; + tmp74__ |= (pSrc->ess << 0); + tmp74__ |= (pSrc->ibss << 1); + tmp74__ |= (pSrc->cfPollable << 2); + tmp74__ |= (pSrc->cfPollReq << 3); + tmp74__ |= (pSrc->privacy << 4); + tmp74__ |= (pSrc->shortPreamble << 5); + tmp74__ |= (pSrc->pbcc << 6); + tmp74__ |= (pSrc->channelAgility << 7); + tmp74__ |= (pSrc->spectrumMgt << 8); + tmp74__ |= (pSrc->qos << 9); + tmp74__ |= (pSrc->shortSlotTime << 10); + tmp74__ |= (pSrc->apsd << 11); + tmp74__ |= (pSrc->rrm << 12); + tmp74__ |= (pSrc->dsssOfdm << 13); + tmp74__ |= (pSrc->delayedBA << 14); + tmp74__ |= (pSrc->immediateBA << 15); + frameshtons(pCtx, pBuf, tmp74__, 0); (void)pCtx; } /* End dot11f_pack_ff_capabilities. */ @@ -16025,13 +16906,13 @@ void dot11f_pack_ff_operating_mode(tpAniSirGlobal pCtx, tDot11fFfOperatingMode *pSrc, uint8_t *pBuf) { - uint8_t tmp74__; - tmp74__ = 0U; - tmp74__ |= (pSrc->chanWidth << 0); - tmp74__ |= (pSrc->reserved << 2); - tmp74__ |= (pSrc->rxNSS << 4); - tmp74__ |= (pSrc->rxNSSType << 7); - *pBuf = tmp74__; + uint8_t tmp75__; + tmp75__ = 0U; + tmp75__ |= (pSrc->chanWidth << 0); + tmp75__ |= (pSrc->reserved << 2); + tmp75__ |= (pSrc->rxNSS << 4); + tmp75__ |= (pSrc->rxNSSType << 7); + *pBuf = tmp75__; (void)pCtx; } /* End dot11f_pack_ff_operating_mode. */ @@ -16071,12 +16952,12 @@ void dot11f_pack_ff_sm_power_mode_set(tpAniSirGlobal pCtx, tDot11fFfSMPowerModeSet *pSrc, uint8_t *pBuf) { - uint8_t tmp75__; - tmp75__ = 0U; - tmp75__ |= (pSrc->PowerSave_En << 0); - tmp75__ |= (pSrc->Mode << 1); - tmp75__ |= (pSrc->reserved << 2); - *pBuf = tmp75__; + uint8_t tmp76__; + tmp76__ = 0U; + tmp76__ |= (pSrc->PowerSave_En << 0); + tmp76__ |= (pSrc->Mode << 1); + tmp76__ |= (pSrc->reserved << 2); + *pBuf = tmp76__; (void)pCtx; } /* End dot11f_pack_ff_sm_power_mode_set. */ @@ -16116,19 +16997,19 @@ void dot11f_pack_ff_ts_info(tpAniSirGlobal pCtx, tDot11fFfTSInfo *pSrc, uint8_t *pBuf) { - uint32_t tmp76__; - tmp76__ = 0U; - tmp76__ |= (pSrc->traffic_type << 0); - tmp76__ |= (pSrc->tsid << 1); - tmp76__ |= (pSrc->direction << 5); - tmp76__ |= (pSrc->access_policy << 7); - tmp76__ |= (pSrc->aggregation << 9); - tmp76__ |= (pSrc->psb << 10); - tmp76__ |= (pSrc->user_priority << 11); - tmp76__ |= (pSrc->tsinfo_ack_pol << 14); - tmp76__ |= (pSrc->schedule << 16); - tmp76__ |= (pSrc->unused << 17); - frameshtonl(pCtx, pBuf, tmp76__, 0); + uint32_t tmp77__; + tmp77__ = 0U; + tmp77__ |= (pSrc->traffic_type << 0); + tmp77__ |= (pSrc->tsid << 1); + tmp77__ |= (pSrc->direction << 5); + tmp77__ |= (pSrc->access_policy << 7); + tmp77__ |= (pSrc->aggregation << 9); + tmp77__ |= (pSrc->psb << 10); + tmp77__ |= (pSrc->user_priority << 11); + tmp77__ |= (pSrc->tsinfo_ack_pol << 14); + tmp77__ |= (pSrc->schedule << 16); + tmp77__ |= (pSrc->unused << 17); + frameshtonl(pCtx, pBuf, tmp77__, 0); (void)pCtx; } /* End dot11f_pack_ff_ts_info. */ @@ -16184,13 +17065,13 @@ void dot11f_pack_ff_ext_chan_switch_ann_action(tpAniSirGlobal pCtx, tDot11fFfext_chan_switch_ann_action *pSrc, uint8_t *pBuf) { - uint32_t tmp77__; - tmp77__ = 0U; - tmp77__ |= (pSrc->switch_mode << 0); - tmp77__ |= (pSrc->op_class << 8); - tmp77__ |= (pSrc->new_channel << 16); - tmp77__ |= (pSrc->switch_count << 24); - frameshtonl(pCtx, pBuf, tmp77__, 0); + uint32_t tmp78__; + tmp78__ = 0U; + tmp78__ |= (pSrc->switch_mode << 0); + tmp78__ |= (pSrc->op_class << 8); + tmp78__ |= (pSrc->new_channel << 16); + tmp78__ |= (pSrc->switch_count << 24); + frameshtonl(pCtx, pBuf, tmp78__, 0); (void)pCtx; } /* End dot11f_pack_ff_ext_chan_switch_ann_action. */ @@ -16277,7 +17158,7 @@ uint32_t dot11f_pack_tlv_version2(tpAniSirGlobal pCtx, uint8_t *pTlvLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp78__; + uint8_t tmp79__; nNeeded += 3; if (nNeeded > nBuf) return DOT11F_BUFFER_OVERFLOW; @@ -16286,13 +17167,13 @@ uint32_t dot11f_pack_tlv_version2(tpAniSirGlobal pCtx, pBuf += 1; *pnConsumed += 1; pTlvLen = pBuf; pBuf += 1; *pnConsumed += 1; - tmp78__ = 0U; - tmp78__ |= (pSrc->minor << 0); - tmp78__ |= (pSrc->major << 4); + tmp79__ = 0U; + tmp79__ |= (pSrc->minor << 0); + tmp79__ |= (pSrc->major << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp78__; + *pBuf = tmp79__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -17249,7 +18130,7 @@ uint32_t dot11f_pack_tlv_version(tpAniSirGlobal pCtx, uint8_t *pTlvLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp79__; + uint8_t tmp80__; nNeeded += 5; if (nNeeded > nBuf) return DOT11F_BUFFER_OVERFLOW; @@ -17258,13 +18139,13 @@ uint32_t dot11f_pack_tlv_version(tpAniSirGlobal pCtx, pBuf += 2; *pnConsumed += 2; pTlvLen = pBuf; pBuf += 2; *pnConsumed += 2; - tmp79__ = 0U; - tmp79__ |= (pSrc->minor << 0); - tmp79__ |= (pSrc->major << 4); + tmp80__ = 0U; + tmp80__ |= (pSrc->minor << 0); + tmp80__ |= (pSrc->major << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp79__; + *pBuf = tmp80__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -17493,7 +18374,7 @@ uint32_t dot11f_pack_tlv_oce_cap(tpAniSirGlobal pCtx, uint8_t *pTlvLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp80__; + uint8_t tmp81__; nNeeded += 3; if (nNeeded > nBuf) return DOT11F_BUFFER_OVERFLOW; @@ -17502,15 +18383,15 @@ uint32_t dot11f_pack_tlv_oce_cap(tpAniSirGlobal pCtx, pBuf += 1; *pnConsumed += 1; pTlvLen = pBuf; pBuf += 1; *pnConsumed += 1; - tmp80__ = 0U; - tmp80__ |= (pSrc->oce_release << 0); - tmp80__ |= (pSrc->is_sta_cfon << 3); - tmp80__ |= (pSrc->non_oce_ap_present << 4); - tmp80__ |= (pSrc->reserved << 5); + tmp81__ = 0U; + tmp81__ |= (pSrc->oce_release << 0); + tmp81__ |= (pSrc->is_sta_cfon << 3); + tmp81__ |= (pSrc->non_oce_ap_present << 4); + tmp81__ |= (pSrc->reserved << 5); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp80__; + *pBuf = tmp81__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -17532,7 +18413,7 @@ uint32_t dot11f_pack_tlv_reduced_wan_metrics(tpAniSirGlobal pCtx, uint8_t *pTlvLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp81__; + uint8_t tmp82__; nNeeded += 3; if (nNeeded > nBuf) return DOT11F_BUFFER_OVERFLOW; @@ -17541,13 +18422,13 @@ uint32_t dot11f_pack_tlv_reduced_wan_metrics(tpAniSirGlobal pCtx, pBuf += 1; *pnConsumed += 1; pTlvLen = pBuf; pBuf += 1; *pnConsumed += 1; - tmp81__ = 0U; - tmp81__ |= (pSrc->downlink_av_cap << 0); - tmp81__ |= (pSrc->uplink_av_cap << 4); + tmp82__ = 0U; + tmp82__ |= (pSrc->downlink_av_cap << 0); + tmp82__ |= (pSrc->uplink_av_cap << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp81__; + *pBuf = tmp82__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -17717,7 +18598,7 @@ uint32_t dot11f_pack_ie_gtk(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint16_t tmp82__; + uint16_t tmp83__; nNeeded += (pSrc->num_key + 11); while (pSrc->present) { if (nNeeded > nBuf) @@ -17726,13 +18607,13 @@ uint32_t dot11f_pack_ie_gtk(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp82__ = 0U; - tmp82__ |= (pSrc->keyId << 0); - tmp82__ |= (pSrc->reserved << 2); + tmp83__ = 0U; + tmp83__ |= (pSrc->keyId << 0); + tmp83__ |= (pSrc->reserved << 2); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp82__, 0); + frameshtons(pCtx, pBuf, tmp83__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; @@ -18141,11 +19022,11 @@ uint32_t dot11f_pack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp83__; uint8_t tmp84__; uint8_t tmp85__; uint8_t tmp86__; uint8_t tmp87__; + uint8_t tmp88__; nNeeded += 5; while (pSrc->present) { if (nNeeded > nBuf) @@ -18154,31 +19035,15 @@ uint32_t dot11f_pack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp83__ = 0U; - tmp83__ |= (pSrc->LinkMeasurement << 0); - tmp83__ |= (pSrc->NeighborRpt << 1); - tmp83__ |= (pSrc->parallel << 2); - tmp83__ |= (pSrc->repeated << 3); - tmp83__ |= (pSrc->BeaconPassive << 4); - tmp83__ |= (pSrc->BeaconActive << 5); - tmp83__ |= (pSrc->BeaconTable << 6); - tmp83__ |= (pSrc->BeaconRepCond << 7); - if (unlikely(nBuf < 1)) - return DOT11F_INCOMPLETE_IE; - - *pBuf = tmp83__; - *pnConsumed += 1; - pBuf += 1; - nBuf -= 1 ; tmp84__ = 0U; - tmp84__ |= (pSrc->FrameMeasurement << 0); - tmp84__ |= (pSrc->ChannelLoad << 1); - tmp84__ |= (pSrc->NoiseHistogram << 2); - tmp84__ |= (pSrc->statistics << 3); - tmp84__ |= (pSrc->LCIMeasurement << 4); - tmp84__ |= (pSrc->LCIAzimuth << 5); - tmp84__ |= (pSrc->TCMCapability << 6); - tmp84__ |= (pSrc->triggeredTCM << 7); + tmp84__ |= (pSrc->LinkMeasurement << 0); + tmp84__ |= (pSrc->NeighborRpt << 1); + tmp84__ |= (pSrc->parallel << 2); + tmp84__ |= (pSrc->repeated << 3); + tmp84__ |= (pSrc->BeaconPassive << 4); + tmp84__ |= (pSrc->BeaconActive << 5); + tmp84__ |= (pSrc->BeaconTable << 6); + tmp84__ |= (pSrc->BeaconRepCond << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; @@ -18187,10 +19052,14 @@ uint32_t dot11f_pack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, pBuf += 1; nBuf -= 1 ; tmp85__ = 0U; - tmp85__ |= (pSrc->APChanReport << 0); - tmp85__ |= (pSrc->RRMMIBEnabled << 1); - tmp85__ |= (pSrc->operatingChanMax << 2); - tmp85__ |= (pSrc->nonOperatinChanMax << 5); + tmp85__ |= (pSrc->FrameMeasurement << 0); + tmp85__ |= (pSrc->ChannelLoad << 1); + tmp85__ |= (pSrc->NoiseHistogram << 2); + tmp85__ |= (pSrc->statistics << 3); + tmp85__ |= (pSrc->LCIMeasurement << 4); + tmp85__ |= (pSrc->LCIAzimuth << 5); + tmp85__ |= (pSrc->TCMCapability << 6); + tmp85__ |= (pSrc->triggeredTCM << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; @@ -18199,12 +19068,10 @@ uint32_t dot11f_pack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, pBuf += 1; nBuf -= 1 ; tmp86__ = 0U; - tmp86__ |= (pSrc->MeasurementPilot << 0); - tmp86__ |= (pSrc->MeasurementPilotEnabled << 3); - tmp86__ |= (pSrc->NeighborTSFOffset << 4); - tmp86__ |= (pSrc->RCPIMeasurement << 5); - tmp86__ |= (pSrc->RSNIMeasurement << 6); - tmp86__ |= (pSrc->BssAvgAccessDelay << 7); + tmp86__ |= (pSrc->APChanReport << 0); + tmp86__ |= (pSrc->RRMMIBEnabled << 1); + tmp86__ |= (pSrc->operatingChanMax << 2); + tmp86__ |= (pSrc->nonOperatinChanMax << 5); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; @@ -18213,16 +19080,30 @@ uint32_t dot11f_pack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, pBuf += 1; nBuf -= 1 ; tmp87__ = 0U; - tmp87__ |= (pSrc->BSSAvailAdmission << 0); - tmp87__ |= (pSrc->AntennaInformation << 1); - tmp87__ |= (pSrc->fine_time_meas_rpt << 2); - tmp87__ |= (pSrc->lci_capability << 3); - tmp87__ |= (pSrc->reserved << 4); + tmp87__ |= (pSrc->MeasurementPilot << 0); + tmp87__ |= (pSrc->MeasurementPilotEnabled << 3); + tmp87__ |= (pSrc->NeighborTSFOffset << 4); + tmp87__ |= (pSrc->RCPIMeasurement << 5); + tmp87__ |= (pSrc->RSNIMeasurement << 6); + tmp87__ |= (pSrc->BssAvgAccessDelay << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; *pBuf = tmp87__; *pnConsumed += 1; + pBuf += 1; + nBuf -= 1 ; + tmp88__ = 0U; + tmp88__ |= (pSrc->BSSAvailAdmission << 0); + tmp88__ |= (pSrc->AntennaInformation << 1); + tmp88__ |= (pSrc->fine_time_meas_rpt << 2); + tmp88__ |= (pSrc->lci_capability << 3); + tmp88__ |= (pSrc->reserved << 4); + if (unlikely(nBuf < 1)) + return DOT11F_INCOMPLETE_IE; + + *pBuf = tmp88__; + *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; break; @@ -18301,7 +19182,7 @@ uint32_t dot11f_pack_ie_schedule(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint16_t tmp88__; + uint16_t tmp89__; nNeeded += 14; while (pSrc->present) { if (nNeeded > nBuf) @@ -18310,15 +19191,15 @@ uint32_t dot11f_pack_ie_schedule(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp88__ = 0U; - tmp88__ |= (pSrc->aggregation << 0); - tmp88__ |= (pSrc->tsid << 1); - tmp88__ |= (pSrc->direction << 5); - tmp88__ |= (pSrc->reserved << 7); + tmp89__ = 0U; + tmp89__ |= (pSrc->aggregation << 0); + tmp89__ |= (pSrc->tsid << 1); + tmp89__ |= (pSrc->direction << 5); + tmp89__ |= (pSrc->reserved << 7); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp88__, 0); + frameshtons(pCtx, pBuf, tmp89__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; @@ -18545,9 +19426,9 @@ uint32_t dot11f_pack_ie_tspec(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint16_t tmp89__; - uint8_t tmp90__; - uint16_t tmp91__; + uint16_t tmp90__; + uint8_t tmp91__; + uint16_t tmp92__; nNeeded += 55; while (pSrc->present) { if (nNeeded > nBuf) @@ -18556,39 +19437,39 @@ uint32_t dot11f_pack_ie_tspec(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp89__ = 0U; - tmp89__ |= (pSrc->traffic_type << 0); - tmp89__ |= (pSrc->tsid << 1); - tmp89__ |= (pSrc->direction << 5); - tmp89__ |= (pSrc->access_policy << 7); - tmp89__ |= (pSrc->aggregation << 9); - tmp89__ |= (pSrc->psb << 10); - tmp89__ |= (pSrc->user_priority << 11); - tmp89__ |= (pSrc->tsinfo_ack_pol << 14); + tmp90__ = 0U; + tmp90__ |= (pSrc->traffic_type << 0); + tmp90__ |= (pSrc->tsid << 1); + tmp90__ |= (pSrc->direction << 5); + tmp90__ |= (pSrc->access_policy << 7); + tmp90__ |= (pSrc->aggregation << 9); + tmp90__ |= (pSrc->psb << 10); + tmp90__ |= (pSrc->user_priority << 11); + tmp90__ |= (pSrc->tsinfo_ack_pol << 14); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp89__, 0); + frameshtons(pCtx, pBuf, tmp90__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; - tmp90__ = 0U; - tmp90__ |= (pSrc->schedule << 0); - tmp90__ |= (pSrc->unused << 1); + tmp91__ = 0U; + tmp91__ |= (pSrc->schedule << 0); + tmp91__ |= (pSrc->unused << 1); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp90__; + *pBuf = tmp91__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp91__ = 0U; - tmp91__ |= (pSrc->size << 0); - tmp91__ |= (pSrc->fixed << 15); + tmp92__ = 0U; + tmp92__ |= (pSrc->size << 0); + tmp92__ |= (pSrc->fixed << 15); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp91__, 0); + frameshtons(pCtx, pBuf, tmp92__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; @@ -18652,9 +19533,9 @@ uint32_t dot11f_pack_ie_vht_caps(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint32_t tmp92__; - uint16_t tmp93__; + uint32_t tmp93__; uint16_t tmp94__; + uint16_t tmp95__; nNeeded += 12; while (pSrc->present) { if (nNeeded > nBuf) @@ -18663,57 +19544,57 @@ uint32_t dot11f_pack_ie_vht_caps(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp92__ = 0U; - tmp92__ |= (pSrc->maxMPDULen << 0); - tmp92__ |= (pSrc->supportedChannelWidthSet << 2); - tmp92__ |= (pSrc->ldpcCodingCap << 4); - tmp92__ |= (pSrc->shortGI80MHz << 5); - tmp92__ |= (pSrc->shortGI160and80plus80MHz << 6); - tmp92__ |= (pSrc->txSTBC << 7); - tmp92__ |= (pSrc->rxSTBC << 8); - tmp92__ |= (pSrc->suBeamFormerCap << 11); - tmp92__ |= (pSrc->suBeamformeeCap << 12); - tmp92__ |= (pSrc->csnofBeamformerAntSup << 13); - tmp92__ |= (pSrc->numSoundingDim << 16); - tmp92__ |= (pSrc->muBeamformerCap << 19); - tmp92__ |= (pSrc->muBeamformeeCap << 20); - tmp92__ |= (pSrc->vhtTXOPPS << 21); - tmp92__ |= (pSrc->htcVHTCap << 22); - tmp92__ |= (pSrc->maxAMPDULenExp << 23); - tmp92__ |= (pSrc->vhtLinkAdaptCap << 26); - tmp92__ |= (pSrc->rxAntPattern << 28); - tmp92__ |= (pSrc->txAntPattern << 29); - tmp92__ |= (pSrc->reserved1 << 30); + tmp93__ = 0U; + tmp93__ |= (pSrc->maxMPDULen << 0); + tmp93__ |= (pSrc->supportedChannelWidthSet << 2); + tmp93__ |= (pSrc->ldpcCodingCap << 4); + tmp93__ |= (pSrc->shortGI80MHz << 5); + tmp93__ |= (pSrc->shortGI160and80plus80MHz << 6); + tmp93__ |= (pSrc->txSTBC << 7); + tmp93__ |= (pSrc->rxSTBC << 8); + tmp93__ |= (pSrc->suBeamFormerCap << 11); + tmp93__ |= (pSrc->suBeamformeeCap << 12); + tmp93__ |= (pSrc->csnofBeamformerAntSup << 13); + tmp93__ |= (pSrc->numSoundingDim << 16); + tmp93__ |= (pSrc->muBeamformerCap << 19); + tmp93__ |= (pSrc->muBeamformeeCap << 20); + tmp93__ |= (pSrc->vhtTXOPPS << 21); + tmp93__ |= (pSrc->htcVHTCap << 22); + tmp93__ |= (pSrc->maxAMPDULenExp << 23); + tmp93__ |= (pSrc->vhtLinkAdaptCap << 26); + tmp93__ |= (pSrc->rxAntPattern << 28); + tmp93__ |= (pSrc->txAntPattern << 29); + tmp93__ |= (pSrc->reserved1 << 30); if (unlikely(nBuf < 4)) return DOT11F_INCOMPLETE_IE; - frameshtonl(pCtx, pBuf, tmp92__, 0); + frameshtonl(pCtx, pBuf, tmp93__, 0); *pnConsumed += 4; pBuf += 4; nBuf -= 4 ; frameshtons(pCtx, pBuf, pSrc->rxMCSMap, 0); *pnConsumed += 2; pBuf += 2; - tmp93__ = 0U; - tmp93__ |= (pSrc->rxHighSupDataRate << 0); - tmp93__ |= (pSrc->reserved2 << 13); + tmp94__ = 0U; + tmp94__ |= (pSrc->rxHighSupDataRate << 0); + tmp94__ |= (pSrc->reserved2 << 13); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp93__, 0); + frameshtons(pCtx, pBuf, tmp94__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; frameshtons(pCtx, pBuf, pSrc->txMCSMap, 0); *pnConsumed += 2; pBuf += 2; - tmp94__ = 0U; - tmp94__ |= (pSrc->txSupDataRate << 0); - tmp94__ |= (pSrc->reserved3 << 13); + tmp95__ = 0U; + tmp95__ |= (pSrc->txSupDataRate << 0); + tmp95__ |= (pSrc->reserved3 << 13); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp94__, 0); + frameshtons(pCtx, pBuf, tmp95__, 0); *pnConsumed += 2; /* fieldsEndFlag = 1 */ nBuf -= 2 ; @@ -18773,7 +19654,7 @@ uint32_t dot11f_pack_ie_wmm_schedule(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint16_t tmp95__; + uint16_t tmp96__; nNeeded += 15; while (pSrc->present) { if (nNeeded > nBuf) @@ -18795,15 +19676,15 @@ uint32_t dot11f_pack_ie_wmm_schedule(tpAniSirGlobal pCtx, *pBuf = pSrc->version; *pnConsumed += 1; pBuf += 1; - tmp95__ = 0U; - tmp95__ |= (pSrc->aggregation << 0); - tmp95__ |= (pSrc->tsid << 1); - tmp95__ |= (pSrc->direction << 5); - tmp95__ |= (pSrc->reserved << 7); + tmp96__ = 0U; + tmp96__ |= (pSrc->aggregation << 0); + tmp96__ |= (pSrc->tsid << 1); + tmp96__ |= (pSrc->direction << 5); + tmp96__ |= (pSrc->reserved << 7); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp95__, 0); + frameshtons(pCtx, pBuf, tmp96__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; @@ -19037,9 +19918,9 @@ uint32_t dot11f_pack_ie_wmmtspec(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint16_t tmp96__; - uint8_t tmp97__; - uint16_t tmp98__; + uint16_t tmp97__; + uint8_t tmp98__; + uint16_t tmp99__; nNeeded += 38; while (pSrc->present) { if (nNeeded > nBuf) @@ -19061,39 +19942,39 @@ uint32_t dot11f_pack_ie_wmmtspec(tpAniSirGlobal pCtx, *pBuf = pSrc->version; *pnConsumed += 1; pBuf += 1; - tmp96__ = 0U; - tmp96__ |= (pSrc->traffic_type << 0); - tmp96__ |= (pSrc->tsid << 1); - tmp96__ |= (pSrc->direction << 5); - tmp96__ |= (pSrc->access_policy << 7); - tmp96__ |= (pSrc->aggregation << 9); - tmp96__ |= (pSrc->psb << 10); - tmp96__ |= (pSrc->user_priority << 11); - tmp96__ |= (pSrc->tsinfo_ack_pol << 14); + tmp97__ = 0U; + tmp97__ |= (pSrc->traffic_type << 0); + tmp97__ |= (pSrc->tsid << 1); + tmp97__ |= (pSrc->direction << 5); + tmp97__ |= (pSrc->access_policy << 7); + tmp97__ |= (pSrc->aggregation << 9); + tmp97__ |= (pSrc->psb << 10); + tmp97__ |= (pSrc->user_priority << 11); + tmp97__ |= (pSrc->tsinfo_ack_pol << 14); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp96__, 0); + frameshtons(pCtx, pBuf, tmp97__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; - tmp97__ = 0U; - tmp97__ |= (pSrc->tsinfo_rsvd << 0); - tmp97__ |= (pSrc->burst_size_defn << 7); + tmp98__ = 0U; + tmp98__ |= (pSrc->tsinfo_rsvd << 0); + tmp98__ |= (pSrc->burst_size_defn << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp97__; + *pBuf = tmp98__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp98__ = 0U; - tmp98__ |= (pSrc->size << 0); - tmp98__ |= (pSrc->fixed << 15); + tmp99__ = 0U; + tmp99__ |= (pSrc->size << 0); + tmp99__ |= (pSrc->fixed << 15); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp98__, 0); + frameshtons(pCtx, pBuf, tmp99__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; @@ -19212,6 +20093,73 @@ uint32_t dot11f_pack_ie_azimuth_req(tpAniSirGlobal pCtx, return DOT11F_PARSE_SUCCESS; } /* End dot11f_pack_ie_azimuth_req. */ +uint32_t dot11f_pack_ie_beacon_report_frm_body_fragment_id(tpAniSirGlobal pCtx, + tDot11fIEbeacon_report_frm_body_fragment_id *pSrc, + uint8_t *pBuf, + uint32_t nBuf, + uint32_t *pnConsumed) +{ + uint8_t *pIeLen = 0; + uint32_t nConsumedOnEntry = *pnConsumed; + uint32_t nNeeded = 0U; + uint16_t tmp100__; + nNeeded += 2; + while (pSrc->present) { + if (nNeeded > nBuf) + return DOT11F_BUFFER_OVERFLOW; + *pBuf = 2; + ++pBuf; ++(*pnConsumed); + pIeLen = pBuf; + ++pBuf; ++(*pnConsumed); + tmp100__ = 0U; + tmp100__ |= (pSrc->beacon_report_id << 0); + tmp100__ |= (pSrc->fragment_id_number << 8); + tmp100__ |= (pSrc->more_fragments << 15); + if (unlikely(nBuf < 2)) + return DOT11F_INCOMPLETE_IE; + + frameshtons(pCtx, pBuf, tmp100__, 0); + *pnConsumed += 2; + /* fieldsEndFlag = 1 */ + nBuf -= 2 ; + break; + } + (void)pCtx; + if (pIeLen) { + *pIeLen = *pnConsumed - nConsumedOnEntry - 2; + } + return DOT11F_PARSE_SUCCESS; +} /* End dot11f_pack_ie_beacon_report_frm_body_fragment_id. */ + +uint32_t dot11f_pack_ie_last_beacon_report_indication(tpAniSirGlobal pCtx, + tDot11fIElast_beacon_report_indication *pSrc, + uint8_t *pBuf, + uint32_t nBuf, + uint32_t *pnConsumed) +{ + uint8_t *pIeLen = 0; + uint32_t nConsumedOnEntry = *pnConsumed; + uint32_t nNeeded = 0U; + nNeeded += 1; + while (pSrc->present) { + if (nNeeded > nBuf) + return DOT11F_BUFFER_OVERFLOW; + *pBuf = 164; + ++pBuf; ++(*pnConsumed); + pIeLen = pBuf; + ++pBuf; ++(*pnConsumed); + *pBuf = pSrc->last_fragment; + *pnConsumed += 1; + /* fieldsEndFlag = 1 */ + break; + } + (void)pCtx; + if (pIeLen) { + *pIeLen = *pnConsumed - nConsumedOnEntry - 2; + } + return DOT11F_PARSE_SUCCESS; +} /* End dot11f_pack_ie_last_beacon_report_indication. */ + uint32_t dot11f_pack_ie_max_age(tpAniSirGlobal pCtx, tDot11fIEmax_age *pSrc, uint8_t *pBuf, @@ -19250,8 +20198,8 @@ uint32_t dot11f_pack_ie_neighbor_rpt(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp99__; - uint8_t tmp100__; + uint8_t tmp101__; + uint8_t tmp102__; uint32_t status = DOT11F_PARSE_SUCCESS; status = dot11f_get_packed_ie_neighbor_rpt(pCtx, pSrc, &nNeeded); if (!DOT11F_SUCCEEDED(status)) @@ -19266,30 +20214,30 @@ uint32_t dot11f_pack_ie_neighbor_rpt(tpAniSirGlobal pCtx, DOT11F_MEMCPY(pCtx, pBuf, pSrc->bssid, 6); *pnConsumed += 6; pBuf += 6; - tmp99__ = 0U; - tmp99__ |= (pSrc->APReachability << 0); - tmp99__ |= (pSrc->Security << 2); - tmp99__ |= (pSrc->KeyScope << 3); - tmp99__ |= (pSrc->SpecMgmtCap << 4); - tmp99__ |= (pSrc->QosCap << 5); - tmp99__ |= (pSrc->apsd << 6); - tmp99__ |= (pSrc->rrm << 7); + tmp101__ = 0U; + tmp101__ |= (pSrc->APReachability << 0); + tmp101__ |= (pSrc->Security << 2); + tmp101__ |= (pSrc->KeyScope << 3); + tmp101__ |= (pSrc->SpecMgmtCap << 4); + tmp101__ |= (pSrc->QosCap << 5); + tmp101__ |= (pSrc->apsd << 6); + tmp101__ |= (pSrc->rrm << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp99__; + *pBuf = tmp101__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp100__ = 0U; - tmp100__ |= (pSrc->DelayedBA << 0); - tmp100__ |= (pSrc->ImmBA << 1); - tmp100__ |= (pSrc->MobilityDomain << 2); - tmp100__ |= (pSrc->reserved << 3); + tmp102__ = 0U; + tmp102__ |= (pSrc->DelayedBA << 0); + tmp102__ |= (pSrc->ImmBA << 1); + tmp102__ |= (pSrc->MobilityDomain << 2); + tmp102__ |= (pSrc->reserved << 3); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp100__; + *pBuf = tmp102__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -19652,14 +20600,14 @@ uint32_t dot11f_pack_ie_edca_param_set(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp101__; - uint8_t tmp102__; uint8_t tmp103__; uint8_t tmp104__; uint8_t tmp105__; uint8_t tmp106__; uint8_t tmp107__; uint8_t tmp108__; + uint8_t tmp109__; + uint8_t tmp110__; nNeeded += 18; while (pSrc->present) { if (nNeeded > nBuf) @@ -19674,100 +20622,100 @@ uint32_t dot11f_pack_ie_edca_param_set(tpAniSirGlobal pCtx, *pBuf = pSrc->reserved; *pnConsumed += 1; pBuf += 1; - tmp101__ = 0U; - tmp101__ |= (pSrc->acbe_aifsn << 0); - tmp101__ |= (pSrc->acbe_acm << 4); - tmp101__ |= (pSrc->acbe_aci << 5); - tmp101__ |= (pSrc->unused1 << 7); + tmp103__ = 0U; + tmp103__ |= (pSrc->acbe_aifsn << 0); + tmp103__ |= (pSrc->acbe_acm << 4); + tmp103__ |= (pSrc->acbe_aci << 5); + tmp103__ |= (pSrc->unused1 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp101__; + *pBuf = tmp103__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp102__ = 0U; - tmp102__ |= (pSrc->acbe_acwmin << 0); - tmp102__ |= (pSrc->acbe_acwmax << 4); + tmp104__ = 0U; + tmp104__ |= (pSrc->acbe_acwmin << 0); + tmp104__ |= (pSrc->acbe_acwmax << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp102__; + *pBuf = tmp104__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; frameshtons(pCtx, pBuf, pSrc->acbe_txoplimit, 0); *pnConsumed += 2; pBuf += 2; - tmp103__ = 0U; - tmp103__ |= (pSrc->acbk_aifsn << 0); - tmp103__ |= (pSrc->acbk_acm << 4); - tmp103__ |= (pSrc->acbk_aci << 5); - tmp103__ |= (pSrc->unused2 << 7); + tmp105__ = 0U; + tmp105__ |= (pSrc->acbk_aifsn << 0); + tmp105__ |= (pSrc->acbk_acm << 4); + tmp105__ |= (pSrc->acbk_aci << 5); + tmp105__ |= (pSrc->unused2 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp103__; + *pBuf = tmp105__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp104__ = 0U; - tmp104__ |= (pSrc->acbk_acwmin << 0); - tmp104__ |= (pSrc->acbk_acwmax << 4); + tmp106__ = 0U; + tmp106__ |= (pSrc->acbk_acwmin << 0); + tmp106__ |= (pSrc->acbk_acwmax << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp104__; + *pBuf = tmp106__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; frameshtons(pCtx, pBuf, pSrc->acbk_txoplimit, 0); *pnConsumed += 2; pBuf += 2; - tmp105__ = 0U; - tmp105__ |= (pSrc->acvi_aifsn << 0); - tmp105__ |= (pSrc->acvi_acm << 4); - tmp105__ |= (pSrc->acvi_aci << 5); - tmp105__ |= (pSrc->unused3 << 7); + tmp107__ = 0U; + tmp107__ |= (pSrc->acvi_aifsn << 0); + tmp107__ |= (pSrc->acvi_acm << 4); + tmp107__ |= (pSrc->acvi_aci << 5); + tmp107__ |= (pSrc->unused3 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp105__; + *pBuf = tmp107__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp106__ = 0U; - tmp106__ |= (pSrc->acvi_acwmin << 0); - tmp106__ |= (pSrc->acvi_acwmax << 4); + tmp108__ = 0U; + tmp108__ |= (pSrc->acvi_acwmin << 0); + tmp108__ |= (pSrc->acvi_acwmax << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp106__; + *pBuf = tmp108__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; frameshtons(pCtx, pBuf, pSrc->acvi_txoplimit, 0); *pnConsumed += 2; pBuf += 2; - tmp107__ = 0U; - tmp107__ |= (pSrc->acvo_aifsn << 0); - tmp107__ |= (pSrc->acvo_acm << 4); - tmp107__ |= (pSrc->acvo_aci << 5); - tmp107__ |= (pSrc->unused4 << 7); + tmp109__ = 0U; + tmp109__ |= (pSrc->acvo_aifsn << 0); + tmp109__ |= (pSrc->acvo_acm << 4); + tmp109__ |= (pSrc->acvo_aci << 5); + tmp109__ |= (pSrc->unused4 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp107__; + *pBuf = tmp109__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp108__ = 0U; - tmp108__ |= (pSrc->acvo_acwmin << 0); - tmp108__ |= (pSrc->acvo_acwmax << 4); + tmp110__ = 0U; + tmp110__ |= (pSrc->acvo_acwmin << 0); + tmp110__ |= (pSrc->acvo_acwmax << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp108__; + *pBuf = tmp110__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -19792,7 +20740,7 @@ uint32_t dot11f_pack_ie_erp_info(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp109__; + uint8_t tmp111__; nNeeded += 1; while (pSrc->present) { if (nNeeded > nBuf) @@ -19801,15 +20749,15 @@ uint32_t dot11f_pack_ie_erp_info(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp109__ = 0U; - tmp109__ |= (pSrc->non_erp_present << 0); - tmp109__ |= (pSrc->use_prot << 1); - tmp109__ |= (pSrc->barker_preamble << 2); - tmp109__ |= (pSrc->unused << 3); + tmp111__ = 0U; + tmp111__ |= (pSrc->non_erp_present << 0); + tmp111__ |= (pSrc->use_prot << 1); + tmp111__ |= (pSrc->barker_preamble << 2); + tmp111__ |= (pSrc->unused << 3); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp109__; + *pBuf = tmp111__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -19868,7 +20816,7 @@ uint32_t dot11f_pack_ie_ese_rad_mgmt_cap(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp110__; + uint8_t tmp112__; nNeeded += 2; while (pSrc->present) { if (nNeeded > nBuf) @@ -19888,13 +20836,13 @@ uint32_t dot11f_pack_ie_ese_rad_mgmt_cap(tpAniSirGlobal pCtx, *pBuf = pSrc->mgmt_state; *pnConsumed += 1; pBuf += 1; - tmp110__ = 0U; - tmp110__ |= (pSrc->mbssid_mask << 0); - tmp110__ |= (pSrc->reserved << 3); + tmp112__ = 0U; + tmp112__ |= (pSrc->mbssid_mask << 0); + tmp112__ |= (pSrc->reserved << 3); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp110__; + *pBuf = tmp112__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -20276,7 +21224,7 @@ uint32_t dot11f_pack_ie_ft_info(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint16_t tmp111__; + uint16_t tmp113__; uint32_t status = DOT11F_PARSE_SUCCESS; status = dot11f_get_packed_ieft_info(pCtx, pSrc, &nNeeded); if (!DOT11F_SUCCEEDED(status)) @@ -20288,13 +21236,13 @@ uint32_t dot11f_pack_ie_ft_info(tpAniSirGlobal pCtx, ++pBuf; --nBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; --nBuf; ++(*pnConsumed); - tmp111__ = 0U; - tmp111__ |= (pSrc->reserved << 0); - tmp111__ |= (pSrc->IECount << 8); + tmp113__ = 0U; + tmp113__ |= (pSrc->reserved << 0); + tmp113__ |= (pSrc->IECount << 8); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp111__, 0); + frameshtons(pCtx, pBuf, tmp113__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; @@ -20332,11 +21280,11 @@ uint32_t dot11f_pack_ie_ht_caps(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint16_t tmp112__; - uint8_t tmp113__; uint16_t tmp114__; - uint32_t tmp115__; - uint8_t tmp116__; + uint8_t tmp115__; + uint16_t tmp116__; + uint32_t tmp117__; + uint8_t tmp118__; nNeeded += (pSrc->num_rsvd + 26); while (pSrc->present) { if (nNeeded > nBuf) @@ -20345,92 +21293,92 @@ uint32_t dot11f_pack_ie_ht_caps(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp112__ = 0U; - tmp112__ |= (pSrc->advCodingCap << 0); - tmp112__ |= (pSrc->supportedChannelWidthSet << 1); - tmp112__ |= (pSrc->mimoPowerSave << 2); - tmp112__ |= (pSrc->greenField << 4); - tmp112__ |= (pSrc->shortGI20MHz << 5); - tmp112__ |= (pSrc->shortGI40MHz << 6); - tmp112__ |= (pSrc->txSTBC << 7); - tmp112__ |= (pSrc->rxSTBC << 8); - tmp112__ |= (pSrc->delayedBA << 10); - tmp112__ |= (pSrc->maximalAMSDUsize << 11); - tmp112__ |= (pSrc->dsssCckMode40MHz << 12); - tmp112__ |= (pSrc->psmp << 13); - tmp112__ |= (pSrc->stbcControlFrame << 14); - tmp112__ |= (pSrc->lsigTXOPProtection << 15); + tmp114__ = 0U; + tmp114__ |= (pSrc->advCodingCap << 0); + tmp114__ |= (pSrc->supportedChannelWidthSet << 1); + tmp114__ |= (pSrc->mimoPowerSave << 2); + tmp114__ |= (pSrc->greenField << 4); + tmp114__ |= (pSrc->shortGI20MHz << 5); + tmp114__ |= (pSrc->shortGI40MHz << 6); + tmp114__ |= (pSrc->txSTBC << 7); + tmp114__ |= (pSrc->rxSTBC << 8); + tmp114__ |= (pSrc->delayedBA << 10); + tmp114__ |= (pSrc->maximalAMSDUsize << 11); + tmp114__ |= (pSrc->dsssCckMode40MHz << 12); + tmp114__ |= (pSrc->psmp << 13); + tmp114__ |= (pSrc->stbcControlFrame << 14); + tmp114__ |= (pSrc->lsigTXOPProtection << 15); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp112__, 0); + frameshtons(pCtx, pBuf, tmp114__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; - tmp113__ = 0U; - tmp113__ |= (pSrc->maxRxAMPDUFactor << 0); - tmp113__ |= (pSrc->mpduDensity << 2); - tmp113__ |= (pSrc->reserved1 << 5); + tmp115__ = 0U; + tmp115__ |= (pSrc->maxRxAMPDUFactor << 0); + tmp115__ |= (pSrc->mpduDensity << 2); + tmp115__ |= (pSrc->reserved1 << 5); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp113__; + *pBuf = tmp115__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; DOT11F_MEMCPY(pCtx, pBuf, pSrc->supportedMCSSet, 16); *pnConsumed += 16; pBuf += 16; - tmp114__ = 0U; - tmp114__ |= (pSrc->pco << 0); - tmp114__ |= (pSrc->transitionTime << 1); - tmp114__ |= (pSrc->reserved2 << 3); - tmp114__ |= (pSrc->mcsFeedback << 8); - tmp114__ |= (pSrc->reserved3 << 10); + tmp116__ = 0U; + tmp116__ |= (pSrc->pco << 0); + tmp116__ |= (pSrc->transitionTime << 1); + tmp116__ |= (pSrc->reserved2 << 3); + tmp116__ |= (pSrc->mcsFeedback << 8); + tmp116__ |= (pSrc->reserved3 << 10); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp114__, 0); + frameshtons(pCtx, pBuf, tmp116__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; - tmp115__ = 0U; - tmp115__ |= (pSrc->txBF << 0); - tmp115__ |= (pSrc->rxStaggeredSounding << 1); - tmp115__ |= (pSrc->txStaggeredSounding << 2); - tmp115__ |= (pSrc->rxZLF << 3); - tmp115__ |= (pSrc->txZLF << 4); - tmp115__ |= (pSrc->implicitTxBF << 5); - tmp115__ |= (pSrc->calibration << 6); - tmp115__ |= (pSrc->explicitCSITxBF << 8); - tmp115__ |= (pSrc->explicitUncompressedSteeringMatrix << 9); - tmp115__ |= (pSrc->explicitBFCSIFeedback << 10); - tmp115__ |= (pSrc->explicitUncompressedSteeringMatrixFeedback << 13); - tmp115__ |= (pSrc->explicitCompressedSteeringMatrixFeedback << 16); - tmp115__ |= (pSrc->csiNumBFAntennae << 19); - tmp115__ |= (pSrc->uncompressedSteeringMatrixBFAntennae << 21); - tmp115__ |= (pSrc->compressedSteeringMatrixBFAntennae << 23); - tmp115__ |= (pSrc->reserved4 << 25); + tmp117__ = 0U; + tmp117__ |= (pSrc->txBF << 0); + tmp117__ |= (pSrc->rxStaggeredSounding << 1); + tmp117__ |= (pSrc->txStaggeredSounding << 2); + tmp117__ |= (pSrc->rxZLF << 3); + tmp117__ |= (pSrc->txZLF << 4); + tmp117__ |= (pSrc->implicitTxBF << 5); + tmp117__ |= (pSrc->calibration << 6); + tmp117__ |= (pSrc->explicitCSITxBF << 8); + tmp117__ |= (pSrc->explicitUncompressedSteeringMatrix << 9); + tmp117__ |= (pSrc->explicitBFCSIFeedback << 10); + tmp117__ |= (pSrc->explicitUncompressedSteeringMatrixFeedback << 13); + tmp117__ |= (pSrc->explicitCompressedSteeringMatrixFeedback << 16); + tmp117__ |= (pSrc->csiNumBFAntennae << 19); + tmp117__ |= (pSrc->uncompressedSteeringMatrixBFAntennae << 21); + tmp117__ |= (pSrc->compressedSteeringMatrixBFAntennae << 23); + tmp117__ |= (pSrc->reserved4 << 25); if (unlikely(nBuf < 4)) return DOT11F_INCOMPLETE_IE; - frameshtonl(pCtx, pBuf, tmp115__, 0); + frameshtonl(pCtx, pBuf, tmp117__, 0); *pnConsumed += 4; pBuf += 4; nBuf -= 4 ; - tmp116__ = 0U; - tmp116__ |= (pSrc->antennaSelection << 0); - tmp116__ |= (pSrc->explicitCSIFeedbackTx << 1); - tmp116__ |= (pSrc->antennaIndicesFeedbackTx << 2); - tmp116__ |= (pSrc->explicitCSIFeedback << 3); - tmp116__ |= (pSrc->antennaIndicesFeedback << 4); - tmp116__ |= (pSrc->rxAS << 5); - tmp116__ |= (pSrc->txSoundingPPDUs << 6); - tmp116__ |= (pSrc->reserved5 << 7); + tmp118__ = 0U; + tmp118__ |= (pSrc->antennaSelection << 0); + tmp118__ |= (pSrc->explicitCSIFeedbackTx << 1); + tmp118__ |= (pSrc->antennaIndicesFeedbackTx << 2); + tmp118__ |= (pSrc->explicitCSIFeedback << 3); + tmp118__ |= (pSrc->antennaIndicesFeedback << 4); + tmp118__ |= (pSrc->rxAS << 5); + tmp118__ |= (pSrc->txSoundingPPDUs << 6); + tmp118__ |= (pSrc->reserved5 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp116__; + *pBuf = tmp118__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -20455,9 +21403,9 @@ uint32_t dot11f_pack_ie_ht_info(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp117__; - uint16_t tmp118__; - uint16_t tmp119__; + uint8_t tmp119__; + uint16_t tmp120__; + uint16_t tmp121__; nNeeded += (pSrc->num_rsvd + 22); while (pSrc->present) { if (nNeeded > nBuf) @@ -20469,44 +21417,44 @@ uint32_t dot11f_pack_ie_ht_info(tpAniSirGlobal pCtx, *pBuf = pSrc->primaryChannel; *pnConsumed += 1; pBuf += 1; - tmp117__ = 0U; - tmp117__ |= (pSrc->secondaryChannelOffset << 0); - tmp117__ |= (pSrc->recommendedTxWidthSet << 2); - tmp117__ |= (pSrc->rifsMode << 3); - tmp117__ |= (pSrc->controlledAccessOnly << 4); - tmp117__ |= (pSrc->serviceIntervalGranularity << 5); + tmp119__ = 0U; + tmp119__ |= (pSrc->secondaryChannelOffset << 0); + tmp119__ |= (pSrc->recommendedTxWidthSet << 2); + tmp119__ |= (pSrc->rifsMode << 3); + tmp119__ |= (pSrc->controlledAccessOnly << 4); + tmp119__ |= (pSrc->serviceIntervalGranularity << 5); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp117__; + *pBuf = tmp119__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp118__ = 0U; - tmp118__ |= (pSrc->opMode << 0); - tmp118__ |= (pSrc->nonGFDevicesPresent << 2); - tmp118__ |= (pSrc->transmitBurstLimit << 3); - tmp118__ |= (pSrc->obssNonHTStaPresent << 4); - tmp118__ |= (pSrc->reserved << 5); + tmp120__ = 0U; + tmp120__ |= (pSrc->opMode << 0); + tmp120__ |= (pSrc->nonGFDevicesPresent << 2); + tmp120__ |= (pSrc->transmitBurstLimit << 3); + tmp120__ |= (pSrc->obssNonHTStaPresent << 4); + tmp120__ |= (pSrc->reserved << 5); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp118__, 0); + frameshtons(pCtx, pBuf, tmp120__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; - tmp119__ = 0U; - tmp119__ |= (pSrc->basicSTBCMCS << 0); - tmp119__ |= (pSrc->dualCTSProtection << 7); - tmp119__ |= (pSrc->secondaryBeacon << 8); - tmp119__ |= (pSrc->lsigTXOPProtectionFullSupport << 9); - tmp119__ |= (pSrc->pcoActive << 10); - tmp119__ |= (pSrc->pcoPhase << 11); - tmp119__ |= (pSrc->reserved2 << 12); + tmp121__ = 0U; + tmp121__ |= (pSrc->basicSTBCMCS << 0); + tmp121__ |= (pSrc->dualCTSProtection << 7); + tmp121__ |= (pSrc->secondaryBeacon << 8); + tmp121__ |= (pSrc->lsigTXOPProtectionFullSupport << 9); + tmp121__ |= (pSrc->pcoActive << 10); + tmp121__ |= (pSrc->pcoPhase << 11); + tmp121__ |= (pSrc->reserved2 << 12); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp119__, 0); + frameshtons(pCtx, pBuf, tmp121__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; @@ -20646,9 +21594,9 @@ uint32_t dot11f_pack_ie_measurement_report(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp120__; - uint8_t tmp121__; uint8_t tmp122__; + uint8_t tmp123__; + uint8_t tmp124__; uint32_t status = DOT11F_PARSE_SUCCESS; status = dot11f_get_packed_ie_measurement_report(pCtx, pSrc, &nNeeded); if (!DOT11F_SUCCEEDED(status)) @@ -20663,15 +21611,15 @@ uint32_t dot11f_pack_ie_measurement_report(tpAniSirGlobal pCtx, *pBuf = pSrc->token; *pnConsumed += 1; pBuf += 1; - tmp120__ = 0U; - tmp120__ |= (pSrc->late << 0); - tmp120__ |= (pSrc->incapable << 1); - tmp120__ |= (pSrc->refused << 2); - tmp120__ |= (pSrc->unused << 3); + tmp122__ = 0U; + tmp122__ |= (pSrc->late << 0); + tmp122__ |= (pSrc->incapable << 1); + tmp122__ |= (pSrc->refused << 2); + tmp122__ |= (pSrc->unused << 3); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp120__; + *pBuf = tmp122__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -20690,17 +21638,17 @@ uint32_t dot11f_pack_ie_measurement_report(tpAniSirGlobal pCtx, frameshtons(pCtx, pBuf, pSrc->report.Basic.meas_duration, 0); *pnConsumed += 2; pBuf += 2; - tmp121__ = 0U; - tmp121__ |= (pSrc->report.Basic.bss << 0); - tmp121__ |= (pSrc->report.Basic.ofdm_preamble << 1); - tmp121__ |= (pSrc->report.Basic.unid_signal << 2); - tmp121__ |= (pSrc->report.Basic.rader << 3); - tmp121__ |= (pSrc->report.Basic.unmeasured << 4); - tmp121__ |= (pSrc->report.Basic.unused << 5); + tmp123__ = 0U; + tmp123__ |= (pSrc->report.Basic.bss << 0); + tmp123__ |= (pSrc->report.Basic.ofdm_preamble << 1); + tmp123__ |= (pSrc->report.Basic.unid_signal << 2); + tmp123__ |= (pSrc->report.Basic.rader << 3); + tmp123__ |= (pSrc->report.Basic.unmeasured << 4); + tmp123__ |= (pSrc->report.Basic.unused << 5); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp121__; + *pBuf = tmp123__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -20767,13 +21715,13 @@ uint32_t dot11f_pack_ie_measurement_report(tpAniSirGlobal pCtx, frameshtons(pCtx, pBuf, pSrc->report.Beacon.meas_duration, 0); *pnConsumed += 2; pBuf += 2; - tmp122__ = 0U; - tmp122__ |= (pSrc->report.Beacon.condensed_PHY << 0); - tmp122__ |= (pSrc->report.Beacon.reported_frame_type << 7); + tmp124__ = 0U; + tmp124__ |= (pSrc->report.Beacon.condensed_PHY << 0); + tmp124__ |= (pSrc->report.Beacon.reported_frame_type << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp122__; + *pBuf = tmp124__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -20822,7 +21770,7 @@ uint32_t dot11f_pack_ie_measurement_request(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp123__; + uint8_t tmp125__; uint32_t status = DOT11F_PARSE_SUCCESS; status = dot11f_get_packed_ie_measurement_request(pCtx, pSrc, &nNeeded); if (!DOT11F_SUCCEEDED(status)) @@ -20837,17 +21785,17 @@ uint32_t dot11f_pack_ie_measurement_request(tpAniSirGlobal pCtx, *pBuf = pSrc->measurement_token; *pnConsumed += 1; pBuf += 1; - tmp123__ = 0U; - tmp123__ |= (pSrc->parallel << 0); - tmp123__ |= (pSrc->enable << 1); - tmp123__ |= (pSrc->request << 2); - tmp123__ |= (pSrc->report << 3); - tmp123__ |= (pSrc->durationMandatory << 4); - tmp123__ |= (pSrc->unused << 5); + tmp125__ = 0U; + tmp125__ |= (pSrc->parallel << 0); + tmp125__ |= (pSrc->enable << 1); + tmp125__ |= (pSrc->request << 2); + tmp125__ |= (pSrc->report << 3); + tmp125__ |= (pSrc->durationMandatory << 4); + tmp125__ |= (pSrc->unused << 5); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp123__; + *pBuf = tmp125__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -20961,7 +21909,7 @@ uint32_t dot11f_pack_ie_mobility_domain(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp124__; + uint8_t tmp126__; nNeeded += 3; while (pSrc->present) { if (nNeeded > nBuf) @@ -20973,14 +21921,14 @@ uint32_t dot11f_pack_ie_mobility_domain(tpAniSirGlobal pCtx, frameshtons(pCtx, pBuf, pSrc->MDID, 0); *pnConsumed += 2; pBuf += 2; - tmp124__ = 0U; - tmp124__ |= (pSrc->overDSCap << 0); - tmp124__ |= (pSrc->resourceReqCap << 1); - tmp124__ |= (pSrc->reserved << 2); + tmp126__ = 0U; + tmp126__ |= (pSrc->overDSCap << 0); + tmp126__ |= (pSrc->resourceReqCap << 1); + tmp126__ |= (pSrc->reserved << 2); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp124__; + *pBuf = tmp126__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -21002,8 +21950,8 @@ uint32_t dot11f_pack_ie_neighbor_report(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp125__; - uint8_t tmp126__; + uint8_t tmp127__; + uint8_t tmp128__; uint32_t status = DOT11F_PARSE_SUCCESS; status = dot11f_get_packed_ie_neighbor_report(pCtx, pSrc, &nNeeded); if (!DOT11F_SUCCEEDED(status)) @@ -21018,30 +21966,30 @@ uint32_t dot11f_pack_ie_neighbor_report(tpAniSirGlobal pCtx, DOT11F_MEMCPY(pCtx, pBuf, pSrc->bssid, 6); *pnConsumed += 6; pBuf += 6; - tmp125__ = 0U; - tmp125__ |= (pSrc->APReachability << 0); - tmp125__ |= (pSrc->Security << 2); - tmp125__ |= (pSrc->KeyScope << 3); - tmp125__ |= (pSrc->SpecMgmtCap << 4); - tmp125__ |= (pSrc->QosCap << 5); - tmp125__ |= (pSrc->apsd << 6); - tmp125__ |= (pSrc->rrm << 7); + tmp127__ = 0U; + tmp127__ |= (pSrc->APReachability << 0); + tmp127__ |= (pSrc->Security << 2); + tmp127__ |= (pSrc->KeyScope << 3); + tmp127__ |= (pSrc->SpecMgmtCap << 4); + tmp127__ |= (pSrc->QosCap << 5); + tmp127__ |= (pSrc->apsd << 6); + tmp127__ |= (pSrc->rrm << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp125__; + *pBuf = tmp127__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp126__ = 0U; - tmp126__ |= (pSrc->DelayedBA << 0); - tmp126__ |= (pSrc->ImmBA << 1); - tmp126__ |= (pSrc->MobilityDomain << 2); - tmp126__ |= (pSrc->reserved << 3); + tmp128__ = 0U; + tmp128__ |= (pSrc->DelayedBA << 0); + tmp128__ |= (pSrc->ImmBA << 1); + tmp128__ |= (pSrc->MobilityDomain << 2); + tmp128__ |= (pSrc->reserved << 3); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp126__; + *pBuf = tmp128__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -21129,7 +22077,7 @@ uint32_t dot11f_pack_ie_operating_mode(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp127__; + uint8_t tmp129__; nNeeded += 1; while (pSrc->present) { if (nNeeded > nBuf) @@ -21138,15 +22086,15 @@ uint32_t dot11f_pack_ie_operating_mode(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp127__ = 0U; - tmp127__ |= (pSrc->chanWidth << 0); - tmp127__ |= (pSrc->reserved << 2); - tmp127__ |= (pSrc->rxNSS << 4); - tmp127__ |= (pSrc->rxNSSType << 7); + tmp129__ = 0U; + tmp129__ |= (pSrc->chanWidth << 0); + tmp129__ |= (pSrc->reserved << 2); + tmp129__ |= (pSrc->rxNSS << 4); + tmp129__ |= (pSrc->rxNSSType << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp127__; + *pBuf = tmp129__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -21621,7 +22569,7 @@ uint32_t dot11f_pack_ie_pu_buffer_status(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp128__; + uint8_t tmp130__; nNeeded += 1; while (pSrc->present) { if (nNeeded > nBuf) @@ -21630,16 +22578,16 @@ uint32_t dot11f_pack_ie_pu_buffer_status(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp128__ = 0U; - tmp128__ |= (pSrc->ac_bk_traffic_aval << 0); - tmp128__ |= (pSrc->ac_be_traffic_aval << 1); - tmp128__ |= (pSrc->ac_vi_traffic_aval << 2); - tmp128__ |= (pSrc->ac_vo_traffic_aval << 3); - tmp128__ |= (pSrc->reserved << 4); + tmp130__ = 0U; + tmp130__ |= (pSrc->ac_bk_traffic_aval << 0); + tmp130__ |= (pSrc->ac_be_traffic_aval << 1); + tmp130__ |= (pSrc->ac_vi_traffic_aval << 2); + tmp130__ |= (pSrc->ac_vo_traffic_aval << 3); + tmp130__ |= (pSrc->reserved << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp128__; + *pBuf = tmp130__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -21832,7 +22780,7 @@ uint32_t dot11f_pack_ie_qos_caps_ap(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp129__; + uint8_t tmp131__; nNeeded += 1; while (pSrc->present) { if (nNeeded > nBuf) @@ -21841,16 +22789,16 @@ uint32_t dot11f_pack_ie_qos_caps_ap(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp129__ = 0U; - tmp129__ |= (pSrc->count << 0); - tmp129__ |= (pSrc->qack << 4); - tmp129__ |= (pSrc->qreq << 5); - tmp129__ |= (pSrc->txopreq << 6); - tmp129__ |= (pSrc->reserved << 7); + tmp131__ = 0U; + tmp131__ |= (pSrc->count << 0); + tmp131__ |= (pSrc->qack << 4); + tmp131__ |= (pSrc->qreq << 5); + tmp131__ |= (pSrc->txopreq << 6); + tmp131__ |= (pSrc->reserved << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp129__; + *pBuf = tmp131__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -21872,7 +22820,7 @@ uint32_t dot11f_pack_ie_qos_caps_station(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp130__; + uint8_t tmp132__; nNeeded += 1; while (pSrc->present) { if (nNeeded > nBuf) @@ -21881,18 +22829,18 @@ uint32_t dot11f_pack_ie_qos_caps_station(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp130__ = 0U; - tmp130__ |= (pSrc->acvo_uapsd << 0); - tmp130__ |= (pSrc->acvi_uapsd << 1); - tmp130__ |= (pSrc->acbk_uapsd << 2); - tmp130__ |= (pSrc->acbe_uapsd << 3); - tmp130__ |= (pSrc->qack << 4); - tmp130__ |= (pSrc->max_sp_length << 5); - tmp130__ |= (pSrc->more_data_ack << 7); + tmp132__ = 0U; + tmp132__ |= (pSrc->acvo_uapsd << 0); + tmp132__ |= (pSrc->acvi_uapsd << 1); + tmp132__ |= (pSrc->acbk_uapsd << 2); + tmp132__ |= (pSrc->acbe_uapsd << 3); + tmp132__ |= (pSrc->qack << 4); + tmp132__ |= (pSrc->max_sp_length << 5); + tmp132__ |= (pSrc->more_data_ack << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp130__; + *pBuf = tmp132__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -22533,7 +23481,7 @@ uint32_t dot11f_pack_ie_wapi(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint16_t tmp131__; + uint16_t tmp133__; uint32_t status = DOT11F_PARSE_SUCCESS; status = dot11f_get_packed_iewapi(pCtx, pSrc, &nNeeded); if (!DOT11F_SUCCEEDED(status)) @@ -22563,13 +23511,13 @@ uint32_t dot11f_pack_ie_wapi(tpAniSirGlobal pCtx, DOT11F_MEMCPY(pCtx, pBuf, pSrc->multicast_cipher_suite, 4); *pnConsumed += 4; pBuf += 4; - tmp131__ = 0U; - tmp131__ |= (pSrc->preauth << 0); - tmp131__ |= (pSrc->reserved << 1); + tmp133__ = 0U; + tmp133__ |= (pSrc->preauth << 0); + tmp133__ |= (pSrc->reserved << 1); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp131__, 0); + frameshtons(pCtx, pBuf, tmp133__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; @@ -22709,7 +23657,7 @@ uint32_t dot11f_pack_ie_wmm_caps(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp132__; + uint8_t tmp134__; nNeeded += 2; while (pSrc->present) { if (nNeeded > nBuf) @@ -22731,16 +23679,16 @@ uint32_t dot11f_pack_ie_wmm_caps(tpAniSirGlobal pCtx, *pBuf = pSrc->version; *pnConsumed += 1; pBuf += 1; - tmp132__ = 0U; - tmp132__ |= (pSrc->reserved << 0); - tmp132__ |= (pSrc->qack << 4); - tmp132__ |= (pSrc->queue_request << 5); - tmp132__ |= (pSrc->txop_request << 6); - tmp132__ |= (pSrc->more_ack << 7); + tmp134__ = 0U; + tmp134__ |= (pSrc->reserved << 0); + tmp134__ |= (pSrc->qack << 4); + tmp134__ |= (pSrc->queue_request << 5); + tmp134__ |= (pSrc->txop_request << 6); + tmp134__ |= (pSrc->more_ack << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp132__; + *pBuf = tmp134__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -22762,7 +23710,7 @@ uint32_t dot11f_pack_ie_wmm_info_ap(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp133__; + uint8_t tmp135__; nNeeded += 2; while (pSrc->present) { if (nNeeded > nBuf) @@ -22784,14 +23732,14 @@ uint32_t dot11f_pack_ie_wmm_info_ap(tpAniSirGlobal pCtx, *pBuf = pSrc->version; *pnConsumed += 1; pBuf += 1; - tmp133__ = 0U; - tmp133__ |= (pSrc->param_set_count << 0); - tmp133__ |= (pSrc->reserved << 4); - tmp133__ |= (pSrc->uapsd << 7); + tmp135__ = 0U; + tmp135__ |= (pSrc->param_set_count << 0); + tmp135__ |= (pSrc->reserved << 4); + tmp135__ |= (pSrc->uapsd << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp133__; + *pBuf = tmp135__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -22813,7 +23761,7 @@ uint32_t dot11f_pack_ie_wmm_info_station(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp134__; + uint8_t tmp136__; nNeeded += 2; while (pSrc->present) { if (nNeeded > nBuf) @@ -22835,18 +23783,18 @@ uint32_t dot11f_pack_ie_wmm_info_station(tpAniSirGlobal pCtx, *pBuf = pSrc->version; *pnConsumed += 1; pBuf += 1; - tmp134__ = 0U; - tmp134__ |= (pSrc->acvo_uapsd << 0); - tmp134__ |= (pSrc->acvi_uapsd << 1); - tmp134__ |= (pSrc->acbk_uapsd << 2); - tmp134__ |= (pSrc->acbe_uapsd << 3); - tmp134__ |= (pSrc->reserved1 << 4); - tmp134__ |= (pSrc->max_sp_length << 5); - tmp134__ |= (pSrc->reserved2 << 7); + tmp136__ = 0U; + tmp136__ |= (pSrc->acvo_uapsd << 0); + tmp136__ |= (pSrc->acvi_uapsd << 1); + tmp136__ |= (pSrc->acbk_uapsd << 2); + tmp136__ |= (pSrc->acbe_uapsd << 3); + tmp136__ |= (pSrc->reserved1 << 4); + tmp136__ |= (pSrc->max_sp_length << 5); + tmp136__ |= (pSrc->reserved2 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp134__; + *pBuf = tmp136__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -22868,14 +23816,14 @@ uint32_t dot11f_pack_ie_wmm_params(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp135__; - uint8_t tmp136__; uint8_t tmp137__; uint8_t tmp138__; uint8_t tmp139__; uint8_t tmp140__; uint8_t tmp141__; uint8_t tmp142__; + uint8_t tmp143__; + uint8_t tmp144__; nNeeded += 19; while (pSrc->present) { if (nNeeded > nBuf) @@ -22903,100 +23851,100 @@ uint32_t dot11f_pack_ie_wmm_params(tpAniSirGlobal pCtx, *pBuf = pSrc->reserved2; *pnConsumed += 1; pBuf += 1; - tmp135__ = 0U; - tmp135__ |= (pSrc->acbe_aifsn << 0); - tmp135__ |= (pSrc->acbe_acm << 4); - tmp135__ |= (pSrc->acbe_aci << 5); - tmp135__ |= (pSrc->unused1 << 7); + tmp137__ = 0U; + tmp137__ |= (pSrc->acbe_aifsn << 0); + tmp137__ |= (pSrc->acbe_acm << 4); + tmp137__ |= (pSrc->acbe_aci << 5); + tmp137__ |= (pSrc->unused1 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp135__; + *pBuf = tmp137__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp136__ = 0U; - tmp136__ |= (pSrc->acbe_acwmin << 0); - tmp136__ |= (pSrc->acbe_acwmax << 4); + tmp138__ = 0U; + tmp138__ |= (pSrc->acbe_acwmin << 0); + tmp138__ |= (pSrc->acbe_acwmax << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp136__; + *pBuf = tmp138__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; frameshtons(pCtx, pBuf, pSrc->acbe_txoplimit, 0); *pnConsumed += 2; pBuf += 2; - tmp137__ = 0U; - tmp137__ |= (pSrc->acbk_aifsn << 0); - tmp137__ |= (pSrc->acbk_acm << 4); - tmp137__ |= (pSrc->acbk_aci << 5); - tmp137__ |= (pSrc->unused2 << 7); + tmp139__ = 0U; + tmp139__ |= (pSrc->acbk_aifsn << 0); + tmp139__ |= (pSrc->acbk_acm << 4); + tmp139__ |= (pSrc->acbk_aci << 5); + tmp139__ |= (pSrc->unused2 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp137__; + *pBuf = tmp139__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp138__ = 0U; - tmp138__ |= (pSrc->acbk_acwmin << 0); - tmp138__ |= (pSrc->acbk_acwmax << 4); + tmp140__ = 0U; + tmp140__ |= (pSrc->acbk_acwmin << 0); + tmp140__ |= (pSrc->acbk_acwmax << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp138__; + *pBuf = tmp140__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; frameshtons(pCtx, pBuf, pSrc->acbk_txoplimit, 0); *pnConsumed += 2; pBuf += 2; - tmp139__ = 0U; - tmp139__ |= (pSrc->acvi_aifsn << 0); - tmp139__ |= (pSrc->acvi_acm << 4); - tmp139__ |= (pSrc->acvi_aci << 5); - tmp139__ |= (pSrc->unused3 << 7); + tmp141__ = 0U; + tmp141__ |= (pSrc->acvi_aifsn << 0); + tmp141__ |= (pSrc->acvi_acm << 4); + tmp141__ |= (pSrc->acvi_aci << 5); + tmp141__ |= (pSrc->unused3 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp139__; + *pBuf = tmp141__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp140__ = 0U; - tmp140__ |= (pSrc->acvi_acwmin << 0); - tmp140__ |= (pSrc->acvi_acwmax << 4); + tmp142__ = 0U; + tmp142__ |= (pSrc->acvi_acwmin << 0); + tmp142__ |= (pSrc->acvi_acwmax << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp140__; + *pBuf = tmp142__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; frameshtons(pCtx, pBuf, pSrc->acvi_txoplimit, 0); *pnConsumed += 2; pBuf += 2; - tmp141__ = 0U; - tmp141__ |= (pSrc->acvo_aifsn << 0); - tmp141__ |= (pSrc->acvo_acm << 4); - tmp141__ |= (pSrc->acvo_aci << 5); - tmp141__ |= (pSrc->unused4 << 7); + tmp143__ = 0U; + tmp143__ |= (pSrc->acvo_aifsn << 0); + tmp143__ |= (pSrc->acvo_acm << 4); + tmp143__ |= (pSrc->acvo_aci << 5); + tmp143__ |= (pSrc->unused4 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp141__; + *pBuf = tmp143__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp142__ = 0U; - tmp142__ |= (pSrc->acvo_acwmin << 0); - tmp142__ |= (pSrc->acvo_acwmax << 4); + tmp144__ = 0U; + tmp144__ |= (pSrc->acvo_acwmin << 0); + tmp144__ |= (pSrc->acvo_acwmax << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp142__; + *pBuf = tmp144__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -23693,7 +24641,7 @@ uint32_t dot11f_pack_ie_fils_indication(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint16_t tmp143__; + uint16_t tmp145__; nNeeded += (pSrc->num_variable_data + 2); while (pSrc->present) { if (nNeeded > nBuf) @@ -23702,20 +24650,20 @@ uint32_t dot11f_pack_ie_fils_indication(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp143__ = 0U; - tmp143__ |= (pSrc->public_key_identifiers_cnt << 0); - tmp143__ |= (pSrc->realm_identifiers_cnt << 3); - tmp143__ |= (pSrc->is_ip_config_supported << 6); - tmp143__ |= (pSrc->is_cache_id_present << 7); - tmp143__ |= (pSrc->is_hessid_present << 8); - tmp143__ |= (pSrc->is_fils_sk_auth_supported << 9); - tmp143__ |= (pSrc->is_fils_sk_auth_pfs_supported << 10); - tmp143__ |= (pSrc->is_pk_auth_supported << 11); - tmp143__ |= (pSrc->reserved << 12); + tmp145__ = 0U; + tmp145__ |= (pSrc->public_key_identifiers_cnt << 0); + tmp145__ |= (pSrc->realm_identifiers_cnt << 3); + tmp145__ |= (pSrc->is_ip_config_supported << 6); + tmp145__ |= (pSrc->is_cache_id_present << 7); + tmp145__ |= (pSrc->is_hessid_present << 8); + tmp145__ |= (pSrc->is_fils_sk_auth_supported << 9); + tmp145__ |= (pSrc->is_fils_sk_auth_pfs_supported << 10); + tmp145__ |= (pSrc->is_pk_auth_supported << 11); + tmp145__ |= (pSrc->reserved << 12); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp143__, 0); + frameshtons(pCtx, pBuf, tmp145__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; @@ -23961,7 +24909,7 @@ uint32_t dot11f_pack_ie_hs20vendor_ie(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp144__; + uint8_t tmp146__; uint32_t status = DOT11F_PARSE_SUCCESS; status = dot11f_get_packed_ie_hs20vendor_ie(pCtx, pSrc, &nNeeded); if (!DOT11F_SUCCEEDED(status)) @@ -23981,15 +24929,15 @@ uint32_t dot11f_pack_ie_hs20vendor_ie(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); *pBuf = 0x10; ++pBuf; ++(*pnConsumed); - tmp144__ = 0U; - tmp144__ |= (pSrc->dgaf_dis << 0); - tmp144__ |= (pSrc->hs_id_present << 1); - tmp144__ |= (pSrc->reserved << 3); - tmp144__ |= (pSrc->release_num << 4); + tmp146__ = 0U; + tmp146__ |= (pSrc->dgaf_dis << 0); + tmp146__ |= (pSrc->hs_id_present << 1); + tmp146__ |= (pSrc->reserved << 3); + tmp146__ |= (pSrc->release_num << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp144__; + *pBuf = tmp146__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -24027,7 +24975,7 @@ uint32_t dot11f_pack_ie_ht2040_bss_coexistence(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp145__; + uint8_t tmp147__; nNeeded += 1; while (pSrc->present) { if (nNeeded > nBuf) @@ -24036,17 +24984,17 @@ uint32_t dot11f_pack_ie_ht2040_bss_coexistence(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp145__ = 0U; - tmp145__ |= (pSrc->info_request << 0); - tmp145__ |= (pSrc->forty_mhz_intolerant << 1); - tmp145__ |= (pSrc->twenty_mhz_bsswidth_req << 2); - tmp145__ |= (pSrc->obss_scan_exemption_req << 3); - tmp145__ |= (pSrc->obss_scan_exemption_grant << 4); - tmp145__ |= (pSrc->unused << 5); + tmp147__ = 0U; + tmp147__ |= (pSrc->info_request << 0); + tmp147__ |= (pSrc->forty_mhz_intolerant << 1); + tmp147__ |= (pSrc->twenty_mhz_bsswidth_req << 2); + tmp147__ |= (pSrc->obss_scan_exemption_req << 3); + tmp147__ |= (pSrc->obss_scan_exemption_grant << 4); + tmp147__ |= (pSrc->unused << 5); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp145__; + *pBuf = tmp147__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -25402,6 +26350,22 @@ static uint32_t pack_core(tpAniSirGlobal pCtx, sizeof(tDot11fIEazimuth_req) * i), pBufRemaining, nBufRemaining, &len); break; + case SigIebeacon_report_frm_body_fragment_id: + status |= + dot11f_pack_ie_beacon_report_frm_body_fragment_id( + pCtx, (tDot11fIEbeacon_report_frm_body_fragment_id *) + (pSrc + pIe->offset + + sizeof(tDot11fIEbeacon_report_frm_body_fragment_id) * i), + pBufRemaining, nBufRemaining, &len); + break; + case SigIelast_beacon_report_indication: + status |= + dot11f_pack_ie_last_beacon_report_indication( + pCtx, (tDot11fIElast_beacon_report_indication *) + (pSrc + pIe->offset + + sizeof(tDot11fIElast_beacon_report_indication) * i), + pBufRemaining, nBufRemaining, &len); + break; case SigIemax_age: status |= dot11f_pack_ie_max_age( diff --git a/core/mac/src/sys/legacy/src/utils/src/parser_api.c b/core/mac/src/sys/legacy/src/utils/src/parser_api.c index 3dce90cd9ea5..f46b7ccb0b06 100644 --- a/core/mac/src/sys/legacy/src/utils/src/parser_api.c +++ b/core/mac/src/sys/legacy/src/utils/src/parser_api.c @@ -294,7 +294,7 @@ populate_dot11f_chan_switch_wrapper(tpAniSirGlobal pMac, /* * Add the VHT Transmit power Envelope Sublement. */ - ie_ptr = lim_get_ie_ptr_new(pMac, + ie_ptr = wlan_cfg_get_ie_ptr( psessionEntry->addIeParams.probeRespBCNData_buff, psessionEntry->addIeParams.probeRespBCNDataLen, DOT11F_EID_VHT_TRANSMIT_POWER_ENV, ONE_BYTE); @@ -5943,8 +5943,10 @@ tSirRetStatus populate_dot11f_wfatpc(tpAniSirGlobal pMac, } tSirRetStatus populate_dot11f_beacon_report(tpAniSirGlobal pMac, - tDot11fIEMeasurementReport *pDot11f, - tSirMacBeaconReport *pBeaconReport) + tDot11fIEMeasurementReport *pDot11f, + tSirMacBeaconReport *pBeaconReport, + struct rrm_beacon_report_last_beacon_params + *last_beacon_report_params) { pDot11f->report.Beacon.regClass = pBeaconReport->regClass; @@ -5972,6 +5974,36 @@ tSirRetStatus populate_dot11f_beacon_report(tpAniSirGlobal pMac, pBeaconReport->numIes; } + if (last_beacon_report_params && + last_beacon_report_params->last_beacon_ind) { + pe_debug("Including Last Beacon Report in RRM Frame, report_id %d, frag_id %d", + last_beacon_report_params->report_id, + last_beacon_report_params->frag_id); + pDot11f->report.Beacon.beacon_report_frm_body_fragment_id. + present = 1; + pDot11f->report.Beacon.beacon_report_frm_body_fragment_id. + beacon_report_id = last_beacon_report_params->report_id; + pDot11f->report.Beacon.beacon_report_frm_body_fragment_id. + fragment_id_number = last_beacon_report_params->frag_id; + + pDot11f->report.Beacon.last_beacon_report_indication.present = 1; + + if (last_beacon_report_params->frag_id == + (last_beacon_report_params->num_frags - 1)) { + pDot11f->report.Beacon. + beacon_report_frm_body_fragment_id. + more_fragments = 0; + pDot11f->report.Beacon.last_beacon_report_indication. + last_fragment = 1; + pe_debug("Last Fragment"); + } else { + pDot11f->report.Beacon. + beacon_report_frm_body_fragment_id. + more_fragments = 1; + pDot11f->report.Beacon.last_beacon_report_indication. + last_fragment = 0; + } + } return eSIR_SUCCESS; } diff --git a/core/pld/src/pld_sdio.c b/core/pld/src/pld_sdio.c index a05b47480b64..5897d3e24a07 100644 --- a/core/pld/src/pld_sdio.c +++ b/core/pld/src/pld_sdio.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2016-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -51,15 +51,16 @@ static int pld_sdio_probe(struct sdio_func *sdio_func, const struct sdio_device_id *id) { struct pld_context *pld_context; - struct device *dev = &sdio_func->dev; - int ret = 0; + struct device *dev; + int ret; pld_context = pld_get_global_context(); - if (!pld_context) { + if (!pld_context || !sdio_func) { ret = -ENODEV; goto out; } + dev = &sdio_func->dev; ret = pld_add_dev(pld_context, dev, PLD_BUS_TYPE_SDIO); if (ret) goto out; diff --git a/core/sap/inc/sap_api.h b/core/sap/inc/sap_api.h index 228f7e3afa81..23ea7b3e0ef6 100644 --- a/core/sap/inc/sap_api.h +++ b/core/sap/inc/sap_api.h @@ -227,6 +227,7 @@ typedef enum { typedef struct sap_StartBssCompleteEvent_s { uint8_t status; uint8_t operatingChannel; + enum phy_ch_width ch_width; uint16_t staId; /* self StaID */ uint8_t sessionId; /* SoftAP SME session ID */ } tSap_StartBssCompleteEvent; diff --git a/core/sap/src/sap_api_link_cntl.c b/core/sap/src/sap_api_link_cntl.c index a26567362648..4bc0477f7581 100644 --- a/core/sap/src/sap_api_link_cntl.c +++ b/core/sap/src/sap_api_link_cntl.c @@ -1072,7 +1072,7 @@ wlansap_roam_callback(void *ctx, tCsrRoamInfo *csr_roam_info, uint32_t roamId, QDF_TRACE_LEVEL_ERROR, FL("sapdfs: no available channel for sapctx[%pK], StopBss"), pSapContext); - sap_signal_hdd_event(sap_ctx, NULL, + sap_signal_hdd_event(pSapContext, NULL, eSAP_STOP_BSS_DUE_TO_NO_CHNL, (void *) eSAP_STATUS_SUCCESS); } diff --git a/core/sap/src/sap_fsm.c b/core/sap/src/sap_fsm.c index da4ed69d8dd8..f56bf5d6054a 100644 --- a/core/sap/src/sap_fsm.c +++ b/core/sap/src/sap_fsm.c @@ -2991,6 +2991,7 @@ QDF_STATUS sap_signal_hdd_event(ptSapContext sap_ctx, bss_complete->staId); bss_complete->operatingChannel = (uint8_t) sap_ctx->channel; + bss_complete->ch_width = sap_ctx->ch_params.ch_width; bss_complete->sessionId = sap_ctx->sessionId; break; case eSAP_DFS_CAC_START: diff --git a/core/sap/src/sap_module.c b/core/sap/src/sap_module.c index 3d8cc9248fea..cee3dd91bce1 100644 --- a/core/sap/src/sap_module.c +++ b/core/sap/src/sap_module.c @@ -1648,13 +1648,13 @@ static QDF_STATUS wlansap_update_csa_channel_params(ptSapContext sap_context, mac_ctx->sap.SapDfsInfo.new_chanWidth = 0; } else { - - if (sap_context->ch_width_orig >= CH_WIDTH_80MHZ) + if (sap_context->csr_roamProfile.phyMode == + eCSR_DOT11_MODE_11ac || + sap_context->csr_roamProfile.phyMode == + eCSR_DOT11_MODE_11ac_ONLY) bw = BW80; - else if (sap_context->ch_width_orig == CH_WIDTH_40MHZ) - bw = BW40_HIGH_PRIMARY; else - bw = BW20; + bw = BW40_HIGH_PRIMARY; for (; bw >= BW20; bw--) { uint16_t op_class; diff --git a/core/sme/inc/csr_internal.h b/core/sme/inc/csr_internal.h index 9d9753c5a404..c73d7b0530f8 100644 --- a/core/sme/inc/csr_internal.h +++ b/core/sme/inc/csr_internal.h @@ -1042,6 +1042,7 @@ typedef struct tagCsrRoamSession { bool supported_nss_1x1; uint8_t vdev_nss; uint8_t nss; + bool nss_forced_1x1; bool disable_hi_rssi; bool dhcp_done; uint8_t disconnect_reason; diff --git a/core/sme/inc/sme_api.h b/core/sme/inc/sme_api.h index a9d44073ab86..43186c34be3a 100644 --- a/core/sme/inc/sme_api.h +++ b/core/sme/inc/sme_api.h @@ -420,6 +420,18 @@ QDF_STATUS sme_roam_set_pmkid_cache(tHalHandle hHal, uint8_t sessionId, tPmkidCacheInfo *pPMKIDCache, uint32_t numItems, bool update_entire_cache); + +/** + * sme_get_pmk_info(): A wrapper function to request CSR to save PMK + * @hal: Global structure + * @session_id: SME session_id + * @pmk_cache: pointer to a structure of pmk + * + * Return: none + */ +void sme_get_pmk_info(tHalHandle hal, uint8_t session_id, + tPmkidCacheInfo *pmk_cache); + #ifdef WLAN_FEATURE_ROAM_OFFLOAD QDF_STATUS sme_roam_set_psk_pmk(tHalHandle hHal, uint8_t sessionId, uint8_t *pPSK_PMK, size_t pmk_len); @@ -1733,7 +1745,8 @@ QDF_STATUS sme_get_nud_debug_stats(tHalHandle hal, struct get_arp_stats_params *get_stats_param); QDF_STATUS sme_set_nud_debug_stats_cb(tHalHandle hal, - void (*cb)(void *, struct rsp_stats *)); + void (*cb)(void *, struct rsp_stats *, void *context), + void *context); #ifdef WLAN_FEATURE_UDP_RESPONSE_OFFLOAD diff --git a/core/sme/inc/sme_internal.h b/core/sme/inc/sme_internal.h index 00538791e003..3c88d387cdee 100644 --- a/core/sme/inc/sme_internal.h +++ b/core/sme/inc/sme_internal.h @@ -265,7 +265,8 @@ typedef struct tagSmeStruct { struct sir_lost_link_info *lost_link_info); void (*rso_cmd_status_cb)(void *hdd_context, struct rso_cmd_status *rso_status); - void (*get_arp_stats_cb)(void *, struct rsp_stats *); + void *get_arp_stats_context; + void (*get_arp_stats_cb)(void *, struct rsp_stats *, void *); void (*bt_activity_info_cb)(void *context, uint32_t bt_activity); void (*chip_power_save_fail_cb)(void *, struct chip_pwr_save_fail_detected_params *); diff --git a/core/sme/src/common/sme_api.c b/core/sme/src/common/sme_api.c index 0f8f5c47a097..1d0516333961 100644 --- a/core/sme/src/common/sme_api.c +++ b/core/sme/src/common/sme_api.c @@ -4490,6 +4490,18 @@ QDF_STATUS sme_roam_del_pmkid_from_cache(tHalHandle hHal, uint8_t sessionId, return status; } +void sme_get_pmk_info(tHalHandle hal, uint8_t session_id, + tPmkidCacheInfo *pmk_cache) +{ + tpAniSirGlobal mac_ctx = PMAC_STRUCT(hal); + QDF_STATUS status = sme_acquire_global_lock(&mac_ctx->sme); + + if (QDF_IS_STATUS_SUCCESS(status)) { + if (CSR_IS_SESSION_VALID(mac_ctx, session_id)) + csr_get_pmk_info(mac_ctx, session_id, pmk_cache); + sme_release_global_lock(&mac_ctx->sme); + } +} #ifdef WLAN_FEATURE_ROAM_OFFLOAD /** * sme_roam_set_psk_pmk() - A wrapper function to request CSR to save PSK/PMK @@ -15835,13 +15847,15 @@ QDF_STATUS sme_set_rssi_threshold_breached_cb(tHalHandle h_hal, * sme_set_nud_debug_stats_cb() - set nud debug stats callback * @hal: global hal handle * @cb: callback function pointer + * @context: callback context * - * This function stores nud debug stats callback function. + * This function stores nud debug stats callback function and context * * Return: QDF_STATUS enumeration. */ QDF_STATUS sme_set_nud_debug_stats_cb(tHalHandle hal, - void (*cb)(void *, struct rsp_stats *)) + void (*cb)(void *, struct rsp_stats *, void *), + void *context) { QDF_STATUS status = QDF_STATUS_SUCCESS; tpAniSirGlobal mac; @@ -15862,6 +15876,7 @@ QDF_STATUS sme_set_nud_debug_stats_cb(tHalHandle hal, } mac->sme.get_arp_stats_cb = cb; + mac->sme.get_arp_stats_context = context; sme_release_global_lock(&mac->sme); return status; } diff --git a/core/sme/src/csr/csr_api_roam.c b/core/sme/src/csr/csr_api_roam.c index 5d8a575274de..4ff58fe69971 100644 --- a/core/sme/src/csr/csr_api_roam.c +++ b/core/sme/src/csr/csr_api_roam.c @@ -109,6 +109,43 @@ /* Static Type declarations */ static tCsrRoamSession csr_roam_roam_session[CSR_ROAM_SESSION_MAX]; +/** + * csr_get_ielen_from_bss_description() - to get IE length + * from tSirBssDescription structure + * @pBssDescr: pBssDescr + * + * This function is called in various places to get IE length + * from tSirBssDescription structure + * + * @Return: total IE length + */ +static inline uint16_t +csr_get_ielen_from_bss_description(tpSirBssDescription pBssDescr) +{ + uint16_t ielen; + + if (!pBssDescr) + return 0; + + /* + * Length of BSS desription is without length of + * length itself and length of pointer + * that holds ieFields + * + * <------------sizeof(tSirBssDescription)--------------------> + * +--------+---------------------------------+---------------+ + * | length | other fields | pointer to IEs| + * +--------+---------------------------------+---------------+ + * ^ + * ieFields + */ + + ielen = (uint16_t)(pBssDescr->length + sizeof(pBssDescr->length) - + GET_FIELD_OFFSET(tSirBssDescription, ieFields)); + + return ielen; +} + #ifdef WLAN_FEATURE_SAE /** * csr_sae_callback - Update SAE info to CSR roam session @@ -11773,6 +11810,8 @@ csr_roam_chk_lnk_swt_ch_ind(tpAniSirGlobal mac_ctx, tSirSmeRsp *msg_ptr) QDF_STATUS status; tpSirSmeSwitchChannelInd pSwitchChnInd; tCsrRoamInfo roamInfo; + tSirMacDsParamSetIE *ds_params_ie; + tDot11fIEHTInfo *ht_info_ie; /* in case of STA, the SWITCH_CHANNEL originates from its AP */ sme_debug("eWNI_SME_SWITCH_CHL_IND from SME"); @@ -11795,6 +11834,29 @@ csr_roam_chk_lnk_swt_ch_ind(tpAniSirGlobal mac_ctx, tSirSmeRsp *msg_ptr) (uint8_t) pSwitchChnInd->newChannelId; } + ds_params_ie = (tSirMacDsParamSetIE *)wlan_cfg_get_ie_ptr( + (uint8_t *)session->pConnectBssDesc-> + ieFields, + csr_get_ielen_from_bss_description( + session->pConnectBssDesc), + DOT11F_EID_DSPARAMS, ONE_BYTE); + if (ds_params_ie) + ds_params_ie->channelNumber = + (uint8_t)pSwitchChnInd->newChannelId; + + ht_info_ie = (tDot11fIEHTInfo *)wlan_cfg_get_ie_ptr( + (uint8_t *)session->pConnectBssDesc-> + ieFields, + csr_get_ielen_from_bss_description( + session->pConnectBssDesc), + DOT11F_EID_HTINFO, ONE_BYTE); + if (ht_info_ie) { + ht_info_ie->primaryChannel = + (uint8_t)pSwitchChnInd->newChannelId; + ht_info_ie->secondaryChannelOffset = + pSwitchChnInd->chan_params.sec_ch_offset; + } + qdf_mem_set(&roamInfo, sizeof(tCsrRoamInfo), 0); roamInfo.chan_info.chan_id = pSwitchChnInd->newChannelId; roamInfo.chan_info.ch_width = @@ -14380,6 +14442,24 @@ static void csr_roam_update_connected_profile_from_new_bss(tpAniSirGlobal pMac, } } +void csr_get_pmk_info(tpAniSirGlobal mac_ctx, uint8_t session_id, + tPmkidCacheInfo *pmk_cache) +{ + tCsrRoamSession *session = NULL; + + if (!mac_ctx) { + sme_err("Mac_ctx is NULL"); + return; + } + session = CSR_GET_SESSION(mac_ctx, session_id); + if (!session) { + sme_err("session %d not found", session_id); + return; + } + qdf_mem_copy(pmk_cache->pmk, session->psk_pmk, + sizeof(session->psk_pmk)); + pmk_cache->pmk_len = session->pmk_len; +} #ifdef WLAN_FEATURE_ROAM_OFFLOAD QDF_STATUS csr_roam_set_psk_pmk(tpAniSirGlobal pMac, uint32_t sessionId, uint8_t *pPSK_PMK, size_t pmk_len) @@ -15542,54 +15622,6 @@ csr_check_vendor_ap_3_present(tpAniSirGlobal mac_ctx, uint8_t *ie, } /** - * csr_get_ielen_from_bss_description() - * - ***FUNCTION: - * This function is called in various places to get IE length - * from tSirBssDescription structure - * number being scanned. - * - ***PARAMS: - * - ***LOGIC: - * - ***ASSUMPTIONS: - * NA - * - ***NOTE: - * NA - * - * @param pBssDescr - * @return Total IE length - */ -static inline uint16_t -csr_get_ielen_from_bss_description(tpSirBssDescription pBssDescr) -{ - uint16_t ielen; - - if (!pBssDescr) - return 0; - - /* - * Length of BSS desription is without length of - * length itself and length of pointer - * that holds ieFields - * - * <------------sizeof(tSirBssDescription)--------------------> - * +--------+---------------------------------+---------------+ - * | length | other fields | pointer to IEs| - * +--------+---------------------------------+---------------+ - * ^ - * ieFields - */ - - ielen = (uint16_t)(pBssDescr->length + sizeof(pBssDescr->length) - - GET_FIELD_OFFSET(tSirBssDescription, ieFields)); - - return ielen; -} - -/** * The communication between HDD and LIM is thru mailbox (MB). * Both sides will access the data structure "tSirSmeJoinReq". * The rule is, while the components of "tSirSmeJoinReq" can be accessed in the @@ -15627,6 +15659,7 @@ QDF_STATUS csr_send_join_req_msg(tpAniSirGlobal pMac, uint32_t sessionId, enum hw_mode_dbs_capab hw_mode_to_use; tDot11fIEVHTCaps *vht_caps = NULL; bool is_vendor_ap_present; + struct vdev_type_nss *vdev_type_nss; if (!pSession) { sme_err("session %d not found", sessionId); @@ -15726,6 +15759,29 @@ QDF_STATUS csr_send_join_req_msg(tpAniSirGlobal pMac, uint32_t sessionId, ucDot11Mode = WNI_CFG_DOT11_MODE_11N; } + if (IS_5G_CH(pBssDescription->channelId)) + vdev_type_nss = &pMac->vdev_type_nss_5g; + else + vdev_type_nss = &pMac->vdev_type_nss_2g; + if (pSession->pCurRoamProfile->csrPersona == + QDF_P2P_CLIENT_MODE) + pSession->vdev_nss = vdev_type_nss->p2p_cli; + else + pSession->vdev_nss = vdev_type_nss->sta; + pSession->nss = pSession->vdev_nss; + + if (pSession->nss > csr_get_nss_supported_by_sta_and_ap( + &pIes->VHTCaps, + &pIes->HTCaps, ucDot11Mode)) { + pSession->nss = csr_get_nss_supported_by_sta_and_ap( + &pIes->VHTCaps, &pIes->HTCaps, + ucDot11Mode); + pSession->vdev_nss = pSession->nss; + } + + if (pSession->nss == 1) + pSession->supported_nss_1x1 = true; + ieLen = csr_get_ielen_from_bss_description(pBssDescription); is_vendor_ap_present = csr_check_vendor_ap_present( pMac, pBssDescription, @@ -15743,6 +15799,7 @@ QDF_STATUS csr_send_join_req_msg(tpAniSirGlobal pMac, uint32_t sessionId, pSession->supported_nss_1x1 = true; pSession->vdev_nss = 1; pSession->nss = 1; + pSession->nss_forced_1x1 = true; sme_debug("For special ap, NSS: %d", pSession->nss); } @@ -15763,18 +15820,6 @@ QDF_STATUS csr_send_join_req_msg(tpAniSirGlobal pMac, uint32_t sessionId, VDEV_CMD); } - if (pSession->nss > csr_get_nss_supported_by_sta_and_ap( - &pIes->VHTCaps, - &pIes->HTCaps, ucDot11Mode)) { - pSession->nss = csr_get_nss_supported_by_sta_and_ap( - &pIes->VHTCaps, &pIes->HTCaps, - ucDot11Mode); - pSession->vdev_nss = pSession->nss; - } - - if (pSession->nss == 1) - pSession->supported_nss_1x1 = true; - /* * If Switch to 11N WAR is set for current AP, change dot11 * mode to 11N. @@ -15794,10 +15839,12 @@ QDF_STATUS csr_send_join_req_msg(tpAniSirGlobal pMac, uint32_t sessionId, csr_join_req->supported_nss_1x1 = pSession->supported_nss_1x1; csr_join_req->vdev_nss = pSession->vdev_nss; csr_join_req->nss = pSession->nss; + csr_join_req->nss_forced_1x1 = pSession->nss_forced_1x1; csr_join_req->dot11mode = (uint8_t) ucDot11Mode; - sme_debug("dot11mode=%d, uCfgDot11Mode=%d", - csr_join_req->dot11mode, - pSession->bssParams.uCfgDot11Mode); + sme_debug("dot11mode=%d, uCfgDot11Mode=%d, nss=%d", + csr_join_req->dot11mode, + pSession->bssParams.uCfgDot11Mode, + csr_join_req->nss); #ifdef FEATURE_WLAN_MCC_TO_SCC_SWITCH csr_join_req->cc_switch_mode = pMac->roam.configParam.cc_switch_mode; @@ -16731,6 +16778,7 @@ QDF_STATUS csr_send_mb_disassoc_cnf_msg(tpAniSirGlobal pMac, status = QDF_STATUS_SUCCESS; if (!QDF_IS_STATUS_SUCCESS(status)) break; + pMsg->sme_session_id = pDisassocInd->sessionId; pMsg->messageType = eWNI_SME_DISASSOC_CNF; pMsg->statusCode = eSIR_SME_SUCCESS; pMsg->length = sizeof(tSirSmeDisassocCnf); @@ -16771,6 +16819,7 @@ QDF_STATUS csr_send_mb_deauth_cnf_msg(tpAniSirGlobal pMac, pMsg->messageType = eWNI_SME_DEAUTH_CNF; pMsg->statusCode = eSIR_SME_SUCCESS; pMsg->length = sizeof(tSirSmeDeauthCnf); + pMsg->sme_session_id = pDeauthInd->sessionId; qdf_copy_macaddr(&pMsg->bssid, &pDeauthInd->bssid); status = QDF_STATUS_SUCCESS; if (!QDF_IS_STATUS_SUCCESS(status)) { @@ -21341,7 +21390,7 @@ QDF_STATUS csr_roam_channel_change_req(tpAniSirGlobal pMac, pMsg->sec_ch_offset = ch_params->sec_ch_offset; pMsg->ch_width = profile->ch_params.ch_width; pMsg->dot11mode = csr_translate_to_wni_cfg_dot11_mode(pMac, - pMac->roam.configParam.uCfgDot11Mode); + param.uCfgDot11Mode); if (IS_24G_CH(pMsg->targetChannel) && (false == pMac->roam.configParam.enableVhtFor24GHz) && (WNI_CFG_DOT11_MODE_11AC == pMsg->dot11mode || diff --git a/core/sme/src/csr/csr_cmd_process.c b/core/sme/src/csr/csr_cmd_process.c index f118ffedc6b9..b762f5904dad 100644 --- a/core/sme/src/csr/csr_cmd_process.c +++ b/core/sme/src/csr/csr_cmd_process.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -110,7 +110,9 @@ QDF_STATUS csr_msg_processor(tpAniSirGlobal mac_ctx, void *msg_buf) * due to failure or finding the condition meets both * SAP and infra/IBSS requirement. */ - if (eWNI_SME_SETCONTEXT_RSP == sme_rsp->messageType) { + if (eWNI_SME_SETCONTEXT_RSP == sme_rsp->messageType || + eWNI_SME_DISCONNECT_DONE_IND == + sme_rsp->messageType) { sme_warn("handling msg 0x%X CSR state is %d", sme_rsp->messageType, cur_state); csr_roam_check_for_link_status_change(mac_ctx, diff --git a/core/sme/src/csr/csr_inside_api.h b/core/sme/src/csr/csr_inside_api.h index eff2123500d6..5f9edf88c93c 100644 --- a/core/sme/src/csr/csr_inside_api.h +++ b/core/sme/src/csr/csr_inside_api.h @@ -926,6 +926,20 @@ QDF_STATUS csr_roam_set_pmkid_cache(tpAniSirGlobal pMac, uint32_t sessionId, tPmkidCacheInfo *pPMKIDCache, uint32_t numItems, bool update_entire_cache); +/* + * csr_get_pmk_info(): store PMK in pmk_cache + * @mac_ctx: pointer to global structure for MAC + * @session_id: Sme session id + * @pmk_cache: pointer to a structure of Pmk + * + * This API gets the PMK from the session and + * stores it in the pmk_cache + * + * Return: none + */ +void csr_get_pmk_info(tpAniSirGlobal mac_ctx, uint8_t session_id, + tPmkidCacheInfo *pmk_cache); + #ifdef WLAN_FEATURE_ROAM_OFFLOAD /* * csr_roam_set_psk_pmk() - diff --git a/core/sme/src/rrm/sme_rrm.c b/core/sme/src/rrm/sme_rrm.c index be4a6cd4f2f1..595a17398fff 100644 --- a/core/sme/src/rrm/sme_rrm.c +++ b/core/sme/src/rrm/sme_rrm.c @@ -26,6 +26,7 @@ #include "sme_inside.h" #include "sme_api.h" #include "cfg_api.h" +#include "cds_regdomain.h" #ifdef FEATURE_WLAN_DIAG_SUPPORT #include "host_diag_core_event.h" @@ -414,6 +415,7 @@ static QDF_STATUS sme_rrm_send_scan_result(tpAniSirGlobal mac_ctx, tpRrmSMEContext rrm_ctx = &mac_ctx->rrm.rrmSmeContext; uint32_t session_id; tCsrRoamInfo *roam_info; + tSirScanType scan_type; qdf_mem_zero(&filter, sizeof(filter)); qdf_mem_zero(scanresults_arr, @@ -510,11 +512,41 @@ static QDF_STATUS sme_rrm_send_scan_result(tpAniSirGlobal mac_ctx, goto rrm_send_scan_results_done; } + if (eRRM_MSG_SOURCE_ESE_UPLOAD == rrm_ctx->msgSource || + eRRM_MSG_SOURCE_LEGACY_ESE == rrm_ctx->msgSource) + scan_type = rrm_ctx->measMode[rrm_ctx->currentIndex]; + else + scan_type = rrm_ctx->measMode[0]; + while (scan_results) { + /* + * In passive scan, sta listens beacon. Connected AP beacon + * is offloaded to firmware. Firmware will discard + * connected AP beacon except that special IE exists. + * Connected AP beacon will not be sent to host. Hence, timer + * of connected AP in scan results is not updated and can + * not meet "pScanResult->timer >= RRM_scan_timer". + */ + tCsrRoamSession *session; + uint8_t is_conn_bss_found = false; + + if (scan_type == eSIR_PASSIVE_SCAN) { + session = CSR_GET_SESSION(mac_ctx, session_id); + if (csr_is_conn_state_connected_infra(mac_ctx, + session_id) && + (NULL != session->pConnectBssDesc) && + (csr_is_duplicate_bss_description(mac_ctx, + &scan_results->BssDescriptor, + session->pConnectBssDesc))) { + is_conn_bss_found = true; + sme_debug("Connected BSS in scan results"); + } + } next_result = sme_scan_result_get_next(mac_ctx, result_handle); sme_debug("Scan res timer:%lu, rrm scan timer:%llu", scan_results->timer, rrm_scan_timer); - if (scan_results->timer >= rrm_scan_timer) { + if ((scan_results->timer >= rrm_scan_timer) || + (is_conn_bss_found == true)) { roam_info->pBssDesc = &scan_results->BssDescriptor; csr_roam_call_callback(mac_ctx, session_id, roam_info, 0, eCSR_ROAM_UPDATE_SCAN_RESULT, @@ -833,6 +865,7 @@ QDF_STATUS sme_rrm_process_beacon_report_req_ind(tpAniSirGlobal pMac, tpSirBeaconReportReqInd pBeaconReq = (tpSirBeaconReportReqInd) pMsgBuf; tpRrmSMEContext pSmeRrmContext = &pMac->rrm.rrmSmeContext; uint32_t len = 0, i = 0; + uint8_t temp = 0; sme_debug("Received Beacon report request ind Channel = %d", pBeaconReq->channelInfo.channelNum); @@ -850,7 +883,19 @@ QDF_STATUS sme_rrm_process_beacon_report_req_ind(tpAniSirGlobal pMac, } csr_get_cfg_valid_channels(pMac, pSmeRrmContext->channelList. ChannelList, &len); - pSmeRrmContext->channelList.numOfChannels = (uint8_t) len; + + for (i = 0; i < len; i++) { + if (cds_reg_dmn_get_opclass_from_channel( + pMac->scan.countryCodeCurrent, + pSmeRrmContext->channelList.ChannelList[i], + BWALL) == + pBeaconReq->channelInfo.regulatoryClass) { + pSmeRrmContext->channelList.ChannelList[temp] = + pSmeRrmContext->channelList.ChannelList[i]; + temp++; + } + } + pSmeRrmContext->channelList.numOfChannels = (uint8_t) temp; } else { len = 0; pSmeRrmContext->channelList.numOfChannels = 0; diff --git a/core/utils/fwlog/dbglog_host.c b/core/utils/fwlog/dbglog_host.c index 04d92c3f0f00..7e5257faf48c 100644 --- a/core/utils/fwlog/dbglog_host.c +++ b/core/utils/fwlog/dbglog_host.c @@ -4237,20 +4237,18 @@ static void cnss_diag_cmd_handler(const void *data, int data_len, return; } -/** - * cnss_diag_activate_service() - API to register CNSS diag cmd handler - * - * API to register the CNSS diag command handler using new genl infra. - * Return type is zero to match with legacy prototype - * - * Return: 0 - */ int cnss_diag_activate_service(void) { register_cld_cmd_cb(WLAN_NL_MSG_CNSS_DIAG, cnss_diag_cmd_handler, NULL); return 0; } +int cnss_diag_deactivate_service(void) +{ + deregister_cld_cmd_cb(WLAN_NL_MSG_CNSS_DIAG); + return 0; +} + #else /** @@ -4282,30 +4280,35 @@ static int cnss_diag_msg_callback(struct sk_buff *skb) return 0; } -/** - * brief cnss_diag_activate_service() - Activate cnss_diag message handler - * - * This function registers a handler to receive netlink message from - * an cnss-diag application process. - * - * param - - * - None - * - * return - 0 for success, non zero for failure - */ int cnss_diag_activate_service(void) { - int ret = 0; + int ret; /* Register the msg handler for msgs addressed to WLAN_NL_MSG_OEM */ ret = nl_srv_register(WLAN_NL_MSG_CNSS_DIAG, cnss_diag_msg_callback); - if (ret) { + if (ret) AR_DEBUG_PRINTF(ATH_DEBUG_ERR, ("CNSS-DIAG Registration failed")); - return ret; - } - return 0; + + return ret; } + +int cnss_diag_deactivate_service(void) +{ + int ret; + + /* + * Deregister the msg handler for msgs addressed to + * WLAN_NL_MSG_CNSS_DIAG + */ + ret = nl_srv_unregister(WLAN_NL_MSG_CNSS_DIAG, cnss_diag_msg_callback); + if (ret) + AR_DEBUG_PRINTF(ATH_DEBUG_ERR, + ("CNSS-DIAG Registration failed")); + + return ret; +} + #endif static A_BOOL diff --git a/core/utils/fwlog/dbglog_host.h b/core/utils/fwlog/dbglog_host.h index fe4617acc2c4..be6c1ddc267b 100644 --- a/core/utils/fwlog/dbglog_host.h +++ b/core/utils/fwlog/dbglog_host.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, 2014-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011, 2014-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -159,9 +159,26 @@ dbglog_parse_debug_logs(ol_scn_t scn, u_int8_t *datap, u_int32_t len); -/** Register the cnss_diag activate with the wlan driver */ +/** + * cnss_diag_activate_service() - API to register CNSS diag cmd handler + * + * API to register the handler for the NL message received from cnss_diag + * application. + * + * Return: 0 + */ int cnss_diag_activate_service(void); +/** + * cnss_diag_deactivate_service() - API to deregister CNSS diag cmd handler + * + * API to deregister the handler for the NL message received from cnss_diag + * application. + * + * Return: 0 + */ +int cnss_diag_deactivate_service(void); + #ifdef __cplusplus } #endif diff --git a/core/utils/ptt/inc/wlan_ptt_sock_svc.h b/core/utils/ptt/inc/wlan_ptt_sock_svc.h index 0ff8e26d8137..d476ae35226f 100644 --- a/core/utils/ptt/inc/wlan_ptt_sock_svc.h +++ b/core/utils/ptt/inc/wlan_ptt_sock_svc.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2012-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -88,12 +88,34 @@ * Payload : LEN_PAYLOAD bytes */ #ifdef PTT_SOCK_SVC_ENABLE -int ptt_sock_activate_svc(void); + +/** + * ptt_sock_activate_svc() - API to register PTT/PUMAC command handlers + * + * API to register the handler for PTT/PUMAC NL messages. + * + * Return: None + */ +void ptt_sock_activate_svc(void); + +/** + * ptt_sock_deactivate_svc() - API to deregister PTT/PUMAC command handlers + * + * API to deregister the handler for PTT/PUMAC NL messages. + * + * Return: None + */ void ptt_sock_deactivate_svc(void); int ptt_sock_send_msg_to_app(tAniHdr *wmsg, int radio, int src_mod, int pid); #else -static inline int ptt_sock_activate_svc(void) { return 0; } -static inline void ptt_sock_deactivate_svc(void) { return; } +static inline void ptt_sock_activate_svc(void) +{ +} + +static inline void ptt_sock_deactivate_svc(void) +{ +} + static inline int ptt_sock_send_msg_to_app(tAniHdr *wmsg, int radio, int src_mod, int pid) { diff --git a/core/utils/ptt/src/wlan_ptt_sock_svc.c b/core/utils/ptt/src/wlan_ptt_sock_svc.c index 32b66cec0309..413b0f062df0 100644 --- a/core/utils/ptt/src/wlan_ptt_sock_svc.c +++ b/core/utils/ptt/src/wlan_ptt_sock_svc.c @@ -306,52 +306,30 @@ static void ptt_cmd_handler(const void *data, int data_len, void *ctx, int pid) } } -/** - * ptt_sock_activate_svc() - API to register PTT/PUMAC command handler - * - * API to register the PTT/PUMAC command handlers. Argument @pAdapter - * is sent for prototype compatibility between new genl and legacy - * implementation - * - * Return: 0 - */ -int ptt_sock_activate_svc(void) +void ptt_sock_activate_svc(void) { register_cld_cmd_cb(ANI_NL_MSG_PUMAC, ptt_cmd_handler, NULL); register_cld_cmd_cb(ANI_NL_MSG_PTT, ptt_cmd_handler, NULL); - return 0; } -/** - * ptt_sock_deactivate_svc() - Dummy API to deactivate PTT service - * - * Return: Void - */ void ptt_sock_deactivate_svc(void) { + deregister_cld_cmd_cb(ANI_NL_MSG_PTT); + deregister_cld_cmd_cb(ANI_NL_MSG_PUMAC); } #else -/** - * ptt_sock_activate_svc() - activate PTT service - * - * Return: 0 - */ -int ptt_sock_activate_svc(void) +void ptt_sock_activate_svc(void) { ptt_pid = INVALID_PID; nl_srv_register(ANI_NL_MSG_PUMAC, ptt_sock_rx_nlink_msg); nl_srv_register(ANI_NL_MSG_PTT, ptt_sock_rx_nlink_msg); - return 0; } -/** - * ptt_sock_deactivate_svc() - deactivate PTT service - * - * Return: Void - */ void ptt_sock_deactivate_svc(void) { + nl_srv_unregister(ANI_NL_MSG_PTT, ptt_sock_rx_nlink_msg); + nl_srv_unregister(ANI_NL_MSG_PUMAC, ptt_sock_rx_nlink_msg); ptt_pid = INVALID_PID; } #endif diff --git a/core/wma/inc/wma.h b/core/wma/inc/wma.h index eee3f93f0ad2..0b69941a8455 100644 --- a/core/wma/inc/wma.h +++ b/core/wma/inc/wma.h @@ -421,7 +421,6 @@ enum ds_mode { #define WMA_DEFAULT_QPOWER_MAX_PSPOLL_BEFORE_WAKE 1 #define WMA_DEFAULT_QPOWER_TX_WAKE_THRESHOLD 2 -#define WMA_DEFAULT_SIFS_BURST_DURATION 8160 #define WMA_VHT_PPS_PAID_MATCH 1 #define WMA_VHT_PPS_GID_MATCH 2 @@ -827,8 +826,6 @@ typedef struct { * @rxchainmask: rx chain mask * @txpow2g: tx power limit for 2GHz * @txpow5g: tx power limit for 5GHz - * @burst_enable: is burst enable/disable - * @burst_dur: burst duration * * This structure stores pdev parameters. * Some of these parameters are set in fw and some @@ -846,8 +843,6 @@ typedef struct { uint32_t rxchainmask; uint32_t txpow2g; uint32_t txpow5g; - uint32_t burst_enable; - uint32_t burst_dur; } pdev_cli_config_t; /** @@ -1041,6 +1036,7 @@ struct roam_synch_frame_ind { * @aid: association id * @rmfEnabled: Robust Management Frame (RMF) enabled/disabled * @key: GTK key + * @ucast_key_cipher: unicast cipher key * @uapsd_cached_val: uapsd cached value * @stats_rsp: stats response * @fw_stats_set: fw stats value @@ -1117,6 +1113,7 @@ struct wma_txrx_node { uint8_t rmfEnabled; #ifdef WLAN_FEATURE_11W wma_igtk_key_t key; + uint32_t ucast_key_cipher; #endif /* WLAN_FEATURE_11W */ uint32_t uapsd_cached_val; tAniGetPEStatsRsp *stats_rsp; diff --git a/core/wma/inc/wma_api.h b/core/wma/inc/wma_api.h index 43d99abe1093..2de08c97638f 100644 --- a/core/wma/inc/wma_api.h +++ b/core/wma/inc/wma_api.h @@ -572,4 +572,15 @@ bool wma_dual_beacon_on_single_mac_mcc_capable(void); */ void wma_cleanup_vdev_resp_and_hold_req(void *priv); +/** + * wma_send_dhcp_ind() - Send DHCP Start/Stop Indication to FW. + * @type - WMA message type. + * @device_mode - mode(AP, SAP etc) of the device. + * @mac_addr - MAC address of the adapter. + * @sta_mac_addr - MAC address of the peer station. + * + * Return: QDF_STATUS. + */ +QDF_STATUS wma_send_dhcp_ind(uint16_t type, uint8_t device_mode, + uint8_t *mac_addr, uint8_t *sta_mac_addr); #endif diff --git a/core/wma/inc/wma_if.h b/core/wma/inc/wma_if.h index e2d8b476a26a..e4ea2849c827 100644 --- a/core/wma/inc/wma_if.h +++ b/core/wma/inc/wma_if.h @@ -714,6 +714,8 @@ typedef struct sBeaconGenParams { * @beaconLength: beacon length of template * @timIeOffset: TIM IE offset * @p2pIeOffset: P2P IE offset + * @csa_count_offset: Offset of Switch count field in CSA IE + * @ecsa_count_offset: Offset of Switch count field in ECSA IE */ typedef struct { tSirMacAddr bssId; @@ -721,6 +723,8 @@ typedef struct { uint32_t beaconLength; uint32_t timIeOffset; uint16_t p2pIeOffset; + uint32_t csa_count_offset; + uint32_t ecsa_count_offset; } tSendbeaconParams, *tpSendbeaconParams; /** diff --git a/core/wma/src/wma_data.c b/core/wma/src/wma_data.c index f199e29c7fe5..8321c3a2f598 100644 --- a/core/wma/src/wma_data.c +++ b/core/wma/src/wma_data.c @@ -2670,11 +2670,20 @@ QDF_STATUS wma_tx_packet(void *wma_context, void *tx_frame, uint16_t frmLen, if (!IEEE80211_IS_BROADCAST(wh->i_addr1) && !IEEE80211_IS_MULTICAST(wh->i_addr1)) { if (pFc->wep) { + uint8_t mic_len, hdr_len; + /* Allocate extra bytes for privacy header and * trailer */ - newFrmLen = frmLen + IEEE80211_CCMP_HEADERLEN + - IEEE80211_CCMP_MICLEN; + if (iface->ucast_key_cipher == + WMI_CIPHER_AES_GCM) { + hdr_len = WLAN_IEEE80211_GCMP_HEADERLEN; + mic_len = WLAN_IEEE80211_GCMP_MICLEN; + } else { + hdr_len = IEEE80211_CCMP_HEADERLEN; + mic_len = IEEE80211_CCMP_MICLEN; + } + newFrmLen = frmLen + hdr_len + mic_len; qdf_status = cds_packet_alloc((uint16_t) newFrmLen, (void **)&pFrame, @@ -2697,7 +2706,7 @@ QDF_STATUS wma_tx_packet(void *wma_context, void *tx_frame, uint16_t frmLen, qdf_mem_set(pFrame, newFrmLen, 0); qdf_mem_copy(pFrame, wh, sizeof(*wh)); qdf_mem_copy(pFrame + sizeof(*wh) + - IEEE80211_CCMP_HEADERLEN, + hdr_len, pData + sizeof(*wh), frmLen - sizeof(*wh)); diff --git a/core/wma/src/wma_dev_if.c b/core/wma/src/wma_dev_if.c index 8af9c5bf7f61..d1d8eb49b810 100644 --- a/core/wma/src/wma_dev_if.c +++ b/core/wma/src/wma_dev_if.c @@ -653,6 +653,19 @@ QDF_STATUS wma_vdev_detach(tp_wma_handle wma_handle, struct wma_txrx_node *iface = &wma_handle->interfaces[vdev_id]; struct wma_target_req *req_msg; + if (!iface->handle || (!cds_is_target_ready())) { + WMA_LOGE("handle of vdev_id %d is NULL vdev is already freed or target is not ready", + vdev_id); + pdel_sta_self_req_param->status = status; + if (generateRsp) { + wma_send_del_sta_self_resp(pdel_sta_self_req_param); + } else { + qdf_mem_free(pdel_sta_self_req_param); + pdel_sta_self_req_param = NULL; + } + return status; + } + if (qdf_atomic_read(&iface->bss_status) == WMA_BSS_STATUS_STARTED) { req_msg = wma_find_vdev_req(wma_handle, vdev_id, WMA_TARGET_REQ_TYPE_VDEV_STOP, false); @@ -668,19 +681,6 @@ QDF_STATUS wma_vdev_detach(tp_wma_handle wma_handle, } iface->is_del_sta_defered = false; - if (!iface->handle) { - WMA_LOGE("handle of vdev_id %d is NULL vdev is already freed", - vdev_id); - pdel_sta_self_req_param->status = status; - if (generateRsp) { - wma_send_del_sta_self_resp(pdel_sta_self_req_param); - } else { - qdf_mem_free(pdel_sta_self_req_param); - pdel_sta_self_req_param = NULL; - } - return status; - } - if (iface->type == WMI_VDEV_TYPE_STA) wma_pno_stop(wma_handle, vdev_id); @@ -1915,6 +1915,16 @@ int wma_vdev_stop_resp_handler(void *handle, uint8_t *cmd_param_info, /* vdev in stopped state, no more waiting for key */ iface->is_waiting_for_key = false; + /* + * Reset the rmfEnabled as there might be MGMT action frames + * sent on this vdev before the next session is established. + */ + if (iface->rmfEnabled) { + iface->rmfEnabled = 0; + WMA_LOGD(FL("Reset rmfEnabled for vdev %d"), + resp_event->vdev_id); + } + wma_release_wakelock(&iface->vdev_stop_wakelock); req_msg = wma_find_vdev_req(wma, resp_event->vdev_id, @@ -2030,6 +2040,7 @@ int wma_vdev_stop_resp_handler(void *handle, uint8_t *cmd_param_info, wma_send_msg(wma, WMA_SET_LINK_STATE_RSP, (void *)params, 0); } + free_req_msg: qdf_mc_timer_destroy(&req_msg->event_timeout); qdf_mem_free(req_msg); @@ -3755,6 +3766,7 @@ static void wma_add_bss_ap_mode(tp_wma_handle wma, tpAddBssParams add_bss) req.vdev_id = vdev_id; req.chan = add_bss->currentOperChannel; req.chan_width = add_bss->ch_width; + req.dot11_mode = add_bss->dot11_mode; if (add_bss->ch_width == CH_WIDTH_10MHZ) req.is_half_rate = 1; diff --git a/core/wma/src/wma_features.c b/core/wma/src/wma_features.c index eeb1c085c7b3..3c8382311546 100644 --- a/core/wma/src/wma_features.c +++ b/core/wma/src/wma_features.c @@ -11004,7 +11004,8 @@ int wma_get_arp_stats_handler(void *handle, uint8_t *data, connect_stats_event->icmpv4_rsp_recvd); } - mac->sme.get_arp_stats_cb(mac->hHdd, &rsp); + mac->sme.get_arp_stats_cb(mac->hHdd, &rsp, + mac->sme.get_arp_stats_context); EXIT(); @@ -11529,3 +11530,44 @@ bool wma_dual_beacon_on_single_mac_mcc_capable(void) return false; } } + +/** + * wma_send_dhcp_ind() - Send DHCP Start/Stop Indication to FW. + * @type - WMA message type. + * @device_mode - mode(AP, SAP etc) of the device. + * @mac_addr - MAC address of the adapter. + * @sta_mac_addr - MAC address of the peer station. + * + * Return: QDF_STATUS. + */ +QDF_STATUS wma_send_dhcp_ind(uint16_t type, uint8_t device_mode, + uint8_t *mac_addr, uint8_t *peer_mac_addr) +{ + QDF_STATUS qdf_status = QDF_STATUS_SUCCESS; + tAniDHCPInd *msg; + + msg = (tAniDHCPInd *) qdf_mem_malloc(sizeof(tAniDHCPInd)); + if (NULL == msg) { + QDF_TRACE(QDF_MODULE_ID_WMA, QDF_TRACE_LEVEL_ERROR, + "%s: Not able to allocate memory for dhcp ind", + __func__); + return QDF_STATUS_E_NOMEM; + } + msg->msgType = type; + msg->msgLen = (uint16_t) sizeof(tAniDHCPInd); + msg->device_mode = device_mode; + qdf_mem_copy(msg->adapterMacAddr.bytes, mac_addr, QDF_MAC_ADDR_SIZE); + qdf_mem_copy(msg->peerMacAddr.bytes, peer_mac_addr, QDF_MAC_ADDR_SIZE); + + qdf_status = wma_process_dhcp_ind(cds_get_context(QDF_MODULE_ID_WMA), + (tAniDHCPInd *)msg); + if (!QDF_IS_STATUS_SUCCESS(qdf_status)) { + QDF_TRACE(QDF_MODULE_ID_WMA, QDF_TRACE_LEVEL_ERROR, + "%s: Failed to send DHCP indication", __func__); + qdf_status = QDF_STATUS_E_FAILURE; + } + + qdf_mem_free(msg); + + return qdf_status; +} diff --git a/core/wma/src/wma_main.c b/core/wma/src/wma_main.c index 6f2c77f1db58..5b09ef8e35b5 100644 --- a/core/wma/src/wma_main.c +++ b/core/wma/src/wma_main.c @@ -384,12 +384,6 @@ int wma_cli_get_command(int vdev_id, int param_id, int vpdev) case WMI_PDEV_PARAM_TXPOWER_LIMIT5G: ret = wma->pdevconfig.txpow5g; break; - case WMI_PDEV_PARAM_BURST_ENABLE: - ret = wma->pdevconfig.burst_enable; - break; - case WMI_PDEV_PARAM_BURST_DUR: - ret = wma->pdevconfig.burst_dur; - break; default: WMA_LOGE("Invalid cli_get pdev command/Not yet implemented 0x%x", param_id); @@ -1504,18 +1498,6 @@ static void wma_process_cli_set_cmd(tp_wma_handle wma, case WMI_PDEV_PARAM_RX_CHAIN_MASK: wma->pdevconfig.rxchainmask = privcmd->param_value; break; - case WMI_PDEV_PARAM_BURST_ENABLE: - wma->pdevconfig.burst_enable = privcmd->param_value; - if ((wma->pdevconfig.burst_enable == 1) && - (wma->pdevconfig.burst_dur == 0)) - wma->pdevconfig.burst_dur = - WMA_DEFAULT_SIFS_BURST_DURATION; - else if (wma->pdevconfig.burst_enable == 0) - wma->pdevconfig.burst_dur = 0; - break; - case WMI_PDEV_PARAM_BURST_DUR: - wma->pdevconfig.burst_dur = privcmd->param_value; - break; case WMI_PDEV_PARAM_TXPOWER_LIMIT2G: wma->pdevconfig.txpow2g = privcmd->param_value; if ((pMac->roam.configParam.bandCapability == @@ -3172,6 +3154,11 @@ static int wma_pdev_set_hw_mode_resp_evt_handler(void *handle, QDF_BUG(0); goto fail; } + if (vdev_id >= wma->max_bssid) { + WMA_LOGE("%s: vdev_id: %d is invalid, max_bssid: %d", + __func__, vdev_id, wma->max_bssid); + goto fail; + } mac_id = WMA_PDEV_TO_MAC_MAP(vdev_mac_entry[i].pdev_id); WMA_LOGE("%s: vdev_id:%d mac_id:%d", @@ -3260,6 +3247,11 @@ void wma_process_pdev_hw_mode_trans_ind(void *handle, QDF_BUG(0); return; } + if (vdev_id >= wma->max_bssid) { + WMA_LOGE("%s: vdev_id: %d is invalid, max_bssid: %d", + __func__, vdev_id, wma->max_bssid); + return; + } mac_id = WMA_PDEV_TO_MAC_MAP(vdev_mac_entry[i].pdev_id); @@ -4282,6 +4274,9 @@ static inline void wma_update_target_services(tp_wma_handle wh, /* Enable WOW */ g_fw_wlan_feat_caps |= (1 << WOW); + if (WMI_SERVICE_IS_ENABLED(wh->wmi_service_bitmap, WMI_SERVICE_NLO)) + g_fw_wlan_feat_caps |= (1 << PNO); + /* ARP offload */ cfg->arp_offload = WMI_SERVICE_IS_ENABLED(wh->wmi_service_bitmap, WMI_SERVICE_ARPNS_OFFLOAD); diff --git a/core/wma/src/wma_mgmt.c b/core/wma/src/wma_mgmt.c index 09cef7c2cdc9..2c0c3ebb2a68 100644 --- a/core/wma/src/wma_mgmt.c +++ b/core/wma/src/wma_mgmt.c @@ -1712,10 +1712,11 @@ static QDF_STATUS wma_setup_install_key_cmd(tp_wma_handle wma_handle, params.key_len = key_params->key_len; #ifdef WLAN_FEATURE_11W + iface = &wma_handle->interfaces[key_params->vdev_id]; + if ((key_params->key_type == eSIR_ED_AES_128_CMAC) || (key_params->key_type == eSIR_ED_AES_GMAC_128) || (key_params->key_type == eSIR_ED_AES_GMAC_256)) { - iface = &wma_handle->interfaces[key_params->vdev_id]; if (iface) { iface->key.key_length = key_params->key_len; iface->key.key_cipher = params.key_cipher; @@ -1729,6 +1730,9 @@ static QDF_STATUS wma_setup_install_key_cmd(tp_wma_handle wma_handle, CMAC_IPN_LEN); } } + + if (key_params->unicast && iface) + iface->ucast_key_cipher = params.key_cipher; #endif /* WLAN_FEATURE_11W */ WMA_LOGD("Key setup : vdev_id %d key_idx %d key_type %d key_len %d", @@ -2374,6 +2378,14 @@ static QDF_STATUS wma_unified_bcn_tmpl_send(tp_wma_handle wma, params.tmpl_len = tmpl_len; params.frm = frm; params.tmpl_len_aligned = tmpl_len_aligned; + if (bcn_info->csa_count_offset && + (bcn_info->csa_count_offset > bytes_to_strip)) + params.csa_count_offset = + bcn_info->csa_count_offset - bytes_to_strip; + if (bcn_info->ecsa_count_offset && + (bcn_info->ecsa_count_offset > bytes_to_strip)) + params.ecsa_count_offset = + bcn_info->ecsa_count_offset - bytes_to_strip; ret = wmi_unified_beacon_send_cmd(wma->wmi_handle, ¶ms); @@ -3340,6 +3352,7 @@ int wma_process_rmf_frame(tp_wma_handle wma_handle, { uint8_t *orig_hdr; uint8_t *ccmp; + uint8_t mic_len, hdr_len; if ((wh)->i_fc[1] & IEEE80211_FC1_WEP) { if (IEEE80211_IS_BROADCAST(wh->i_addr1) || @@ -3366,15 +3379,22 @@ int wma_process_rmf_frame(tp_wma_handle wma_handle, return -EINVAL; } + if (iface->ucast_key_cipher == WMI_CIPHER_AES_GCM) { + hdr_len = WLAN_IEEE80211_GCMP_HEADERLEN; + mic_len = WLAN_IEEE80211_GCMP_MICLEN; + } else { + hdr_len = IEEE80211_CCMP_HEADERLEN; + mic_len = IEEE80211_CCMP_MICLEN; + } /* Strip privacy headers (and trailer) * for a received frame */ qdf_mem_move(orig_hdr + - IEEE80211_CCMP_HEADERLEN, wh, + hdr_len, wh, sizeof(*wh)); qdf_nbuf_pull_head(wbuf, - IEEE80211_CCMP_HEADERLEN); - qdf_nbuf_trim_tail(wbuf, IEEE80211_CCMP_MICLEN); + hdr_len); + qdf_nbuf_trim_tail(wbuf, mic_len); /* * CCMP header has been pulled off * reinitialize the start pointer of mac header @@ -3496,37 +3516,33 @@ static bool wma_is_pkt_drop_candidate(tp_wma_handle wma_handle, } switch (subtype) { - case SIR_MAC_MGMT_ASSOC_REQ: - if (peer->last_assoc_rcvd) { - if (qdf_get_system_timestamp() - peer->last_assoc_rcvd < - WMA_MGMT_FRAME_DETECT_DOS_TIMER) { - WMA_LOGD(FL("Dropping Assoc Req received")); - should_drop = true; - } + case IEEE80211_FC0_SUBTYPE_ASSOC_REQ: + if (peer->last_assoc_rcvd && + qdf_system_time_before(qdf_get_system_timestamp(), + peer->last_assoc_rcvd + WMA_MGMT_FRAME_DETECT_DOS_TIMER)) { + WMA_LOGD(FL("Dropping Assoc Req as it is received after %d ms of last frame. Allow it only after %d ms"), + (int) (qdf_get_system_timestamp() - + peer->last_assoc_rcvd), + WMA_MGMT_FRAME_DETECT_DOS_TIMER); + should_drop = true; + break; } peer->last_assoc_rcvd = qdf_get_system_timestamp(); break; - case SIR_MAC_MGMT_DISASSOC: - if (peer->last_disassoc_rcvd) { - if (qdf_get_system_timestamp() - - peer->last_disassoc_rcvd < - WMA_MGMT_FRAME_DETECT_DOS_TIMER) { - WMA_LOGI(FL("Dropping DisAssoc received")); - should_drop = true; - } - } - peer->last_disassoc_rcvd = qdf_get_system_timestamp(); - break; - case SIR_MAC_MGMT_DEAUTH: - if (peer->last_deauth_rcvd) { - if (qdf_get_system_timestamp() - - peer->last_deauth_rcvd < - WMA_MGMT_FRAME_DETECT_DOS_TIMER) { - WMA_LOGI(FL("Dropping Deauth received")); - should_drop = true; - } + case IEEE80211_FC0_SUBTYPE_DISASSOC: + case IEEE80211_FC0_SUBTYPE_DEAUTH: + if (peer->last_disassoc_deauth_rcvd && + qdf_system_time_before(qdf_get_system_timestamp(), + peer->last_disassoc_deauth_rcvd + + WMA_MGMT_FRAME_DETECT_DOS_TIMER)) { + WMA_LOGD(FL("Dropping subtype %x frame as it is received after %d ms of last frame. Allow it only after %d ms"), + subtype, (int) (qdf_get_system_timestamp() - + peer->last_disassoc_deauth_rcvd), + WMA_MGMT_FRAME_DETECT_DOS_TIMER); + should_drop = true; + break; } - peer->last_deauth_rcvd = qdf_get_system_timestamp(); + peer->last_disassoc_deauth_rcvd = qdf_get_system_timestamp(); break; default: break; @@ -3707,6 +3723,9 @@ static int wma_mgmt_rx_process(void *handle, uint8_t *data, qdf_nbuf_put_tail(wbuf, hdr->buf_len); qdf_nbuf_set_protocol(wbuf, ETH_P_CONTROL); wh = (struct ieee80211_frame *)qdf_nbuf_data(wbuf); + qdf_mem_zero(((uint8_t *)wh + hdr->buf_len), roundup(hdr->buf_len + + RESERVE_BYTES, 4) - + hdr->buf_len); rx_pkt->pkt_meta.mpdu_hdr_ptr = qdf_nbuf_data(wbuf); rx_pkt->pkt_meta.mpdu_data_ptr = rx_pkt->pkt_meta.mpdu_hdr_ptr + diff --git a/core/wma/src/wma_nan_datapath.c b/core/wma/src/wma_nan_datapath.c index 1cf32838fad8..fb0a6cc81c04 100644 --- a/core/wma/src/wma_nan_datapath.c +++ b/core/wma/src/wma_nan_datapath.c @@ -462,6 +462,7 @@ static int wma_ndp_indication_event_handler(void *handle, uint8_t *event_info, wmi_ndp_indication_event_fixed_param *fixed_params; struct ndp_indication_event ind_event = {0}; tp_wma_handle wma_handle = handle; + size_t total_array_len; event = (WMI_NDP_INDICATION_EVENTID_param_tlvs *)event_info; fixed_params = @@ -480,6 +481,38 @@ static int wma_ndp_indication_event_handler(void *handle, uint8_t *event_info, return -EINVAL; } + if (fixed_params->nan_scid_len > event->num_ndp_scid) { + WMA_LOGE(FL("Invalid nan_scid_len: %d"), + fixed_params->nan_scid_len); + return -EINVAL; + } + + if (fixed_params->ndp_cfg_len > + (WMI_SVC_MSG_MAX_SIZE - sizeof(*fixed_params))) { + WMA_LOGE("%s: excess wmi buffer: ndp_cfg_len %d", + __func__, fixed_params->ndp_cfg_len); + return -EINVAL; + } + + total_array_len = fixed_params->ndp_cfg_len + + sizeof(*fixed_params); + + if (fixed_params->ndp_app_info_len > + (WMI_SVC_MSG_MAX_SIZE - total_array_len)) { + WMA_LOGE("%s: excess wmi buffer: ndp_cfg_len %d", + __func__, fixed_params->ndp_app_info_len); + return -EINVAL; + } + + total_array_len += fixed_params->ndp_app_info_len; + + if (fixed_params->nan_scid_len > + (WMI_SVC_MSG_MAX_SIZE - total_array_len)) { + WMA_LOGE("%s: excess wmi buffer: ndp_cfg_len %d", + __func__, fixed_params->nan_scid_len); + return -EINVAL; + } + ind_event.vdev_id = fixed_params->vdev_id; ind_event.service_instance_id = fixed_params->service_instance_id; ind_event.ndp_instance_id = fixed_params->ndp_instance_id; @@ -515,15 +548,6 @@ static int wma_ndp_indication_event_handler(void *handle, uint8_t *event_info, ind_event.ncs_sk_type = fixed_params->nan_csid; ind_event.scid.scid_len = fixed_params->nan_scid_len; - if (fixed_params->ndp_cfg_len > event->num_ndp_cfg || - fixed_params->ndp_app_info_len > event->num_ndp_app_info || - fixed_params->nan_scid_len > event->num_ndp_scid) { - WMA_LOGD(FL("Invalid ndp_cfg_len: %d, ndp_app_info_len: %d, nan_scid_len: %d"), - fixed_params->ndp_cfg_len, - fixed_params->ndp_app_info_len, - fixed_params->nan_scid_len); - return -EINVAL; - } if (ind_event.ndp_config.ndp_cfg_len) { ind_event.ndp_config.ndp_cfg = qdf_mem_malloc(fixed_params->ndp_cfg_len); diff --git a/core/wma/src/wma_utils.c b/core/wma/src/wma_utils.c index 3a39569150b2..c3fe6290a18a 100644 --- a/core/wma/src/wma_utils.c +++ b/core/wma/src/wma_utils.c @@ -160,7 +160,7 @@ void wma_swap_bytes(void *pv, uint32_t n) * Return: the found rate or 0 otherwise */ static inline uint16_t wma_mcs_rate_match(uint16_t match_rate, bool *is_sgi, - uint8_t nss, uint16_t nss1_rate, + uint8_t *nss, uint16_t nss1_rate, uint16_t nss1_srate, uint16_t nss2_rate, uint16_t nss2_srate) @@ -170,13 +170,15 @@ static inline uint16_t wma_mcs_rate_match(uint16_t match_rate, bool *is_sgi, nss2_srate); if (match_rate == nss1_rate) { + *nss = 1; return nss1_rate; } else if (match_rate == nss1_srate) { *is_sgi = true; + *nss = 1; return nss1_srate; - } else if (nss == 2 && match_rate == nss2_rate) + } else if (*nss == 2 && match_rate == nss2_rate) return nss2_rate; - else if (nss == 2 && match_rate == nss2_srate) { + else if (*nss == 2 && match_rate == nss2_srate) { *is_sgi = true; return nss2_srate; } else @@ -193,14 +195,14 @@ static inline uint16_t wma_mcs_rate_match(uint16_t match_rate, bool *is_sgi, * Return: return mcs index */ static uint8_t wma_get_mcs_idx(uint16_t maxRate, uint8_t rate_flags, - uint8_t nss, uint8_t *mcsRateFlag) + uint8_t *nss, uint8_t *mcsRateFlag) { uint8_t index = 0; uint16_t match_rate = 0; bool is_sgi = false; WMA_LOGD("%s rate:%d rate_flgs: 0x%x, nss: %d", - __func__, maxRate, rate_flags, nss); + __func__, maxRate, rate_flags, *nss); *mcsRateFlag = rate_flags; *mcsRateFlag &= ~eHAL_TX_RATE_SGI; @@ -254,7 +256,7 @@ static uint8_t wma_get_mcs_idx(uint16_t maxRate, uint8_t rate_flags, mcs_nss2[index].ht40_rate[1]); if (match_rate) { *mcsRateFlag = eHAL_TX_RATE_HT40; - if (nss == 2) + if (*nss == 2) index += MAX_HT_MCS_IDX; goto rate_found; } @@ -269,7 +271,7 @@ static uint8_t wma_get_mcs_idx(uint16_t maxRate, uint8_t rate_flags, mcs_nss2[index].ht20_rate[1]); if (match_rate) { *mcsRateFlag = eHAL_TX_RATE_HT20; - if (nss == 2) + if (*nss == 2) index += MAX_HT_MCS_IDX; goto rate_found; } @@ -1271,7 +1273,7 @@ static int wma_unified_link_peer_stats_event_handler(void *handle, size_t peer_info_size, peer_stats_size, rate_stats_size; size_t link_stats_results_size; bool excess_data = false; - uint32_t buf_len; + uint32_t buf_len = 0; tpAniSirGlobal pMac = cds_get_context(QDF_MODULE_ID_PE); @@ -1340,7 +1342,7 @@ static int wma_unified_link_peer_stats_event_handler(void *handle, } while (0); if (excess_data || - (sizeof(*fixed_param) > WMI_SVC_MSG_MAX_SIZE - buf_len)) { + (buf_len > WMI_SVC_MSG_MAX_SIZE - sizeof(*fixed_param))) { WMA_LOGE("excess wmi buffer: rates:%d, peers:%d", peer_stats->num_rates, fixed_param->num_peers); return -EINVAL; @@ -2712,6 +2714,7 @@ static void wma_update_peer_stats(tp_wma_handle wma, struct wma_txrx_node *node; uint8_t *stats_buf, vdev_id, macaddr[IEEE80211_ADDR_LEN], mcsRateFlags; uint32_t temp_mask; + uint8_t nss; WMI_MAC_ADDR_TO_CHAR_ARRAY(&peer_stats->peer_macaddr, &macaddr[0]); if (!wma_find_vdev_by_bssid(wma, macaddr, &vdev_id)) @@ -2740,12 +2743,13 @@ static void wma_update_peer_stats(tp_wma_handle wma, classa_stats->tx_rate_flags = node->rate_flags; if (!(node->rate_flags & eHAL_TX_RATE_LEGACY)) { + nss = node->nss; classa_stats->mcs_index = wma_get_mcs_idx( (peer_stats->peer_tx_rate / 100), node->rate_flags, - node->nss, &mcsRateFlags); - classa_stats->nss = node->nss; + &nss, &mcsRateFlags); + classa_stats->nss = nss; classa_stats->mcs_rate_flags = mcsRateFlags; } /* FW returns tx power in intervals of 0.5 dBm @@ -3177,7 +3181,7 @@ int wma_stats_event_handler(void *handle, uint8_t *cmd_param_info, } while (0); if (excess_data || - (sizeof(*event) > WMI_SVC_MSG_MAX_SIZE - buf_len)) { + (buf_len > WMI_SVC_MSG_MAX_SIZE - sizeof(*event))) { WMA_LOGE("excess wmi buffer: stats pdev %d vdev %d peer %d", event->num_pdev_stats, event->num_vdev_stats, event->num_peer_stats); |