diff options
| author | Abhishek Singh <absingh@codeaurora.org> | 2016-10-26 15:02:21 +0530 |
|---|---|---|
| committer | Anjaneedevi Kapparapu <akappa@codeaurora.org> | 2016-11-21 13:27:14 +0530 |
| commit | 65f1e3abb4ebcc2e350ea9224bf270f9568d7888 (patch) | |
| tree | 012922f0c8cb6bcf0efeccfef7536de988ae6e07 | |
| parent | 53ea240bfe5803e0814e0e4de00158f7e2848f9a (diff) | |
qcacld-2.0: Use offset to get the ie length from bss descriptor
prima to qcacld-2.0 propagation
The length of bss descriptor is calculated using offset of IE
field but when lim tries to get the ielength it doesnt use the
offset which results in incorrect IE length.
To fix use offset to get the ie length from bss descriptor
Change-Id: I7abbde83aea1e0a1cfcd7bdb1a184158f75f2455
CRs-Fixed: 1082001
| -rw-r--r-- | CORE/MAC/src/pe/lim/limAssocUtils.c | 6 | ||||
| -rw-r--r-- | CORE/MAC/src/pe/lim/limFT.c | 14 | ||||
| -rw-r--r-- | CORE/MAC/src/pe/lim/limProcessAssocRspFrame.c | 8 | ||||
| -rw-r--r-- | CORE/MAC/src/pe/lim/limProcessMlmRspMessages.c | 19 | ||||
| -rw-r--r-- | CORE/MAC/src/pe/lim/limProcessSmeReqMessages.c | 20 | ||||
| -rw-r--r-- | CORE/MAC/src/pe/lim/limSendSmeRspMessages.c | 4 | ||||
| -rw-r--r-- | CORE/MAC/src/pe/lim/limTypes.h | 51 | ||||
| -rw-r--r-- | CORE/SAP/src/sapChSelect.c | 6 | ||||
| -rw-r--r-- | CORE/SME/src/csr/csrApiScan.c | 7 | ||||
| -rw-r--r-- | CORE/SME/src/csr/csrUtil.c | 2 |
10 files changed, 42 insertions, 95 deletions
diff --git a/CORE/MAC/src/pe/lim/limAssocUtils.c b/CORE/MAC/src/pe/lim/limAssocUtils.c index caea0bfc9254..f4acf6c8a711 100644 --- a/CORE/MAC/src/pe/lim/limAssocUtils.c +++ b/CORE/MAC/src/pe/lim/limAssocUtils.c @@ -4341,10 +4341,10 @@ tSirRetStatus limStaSendAddBssPreAssoc( tpAniSirGlobal pMac, tANI_U8 updateEntry vos_mem_set((tANI_U8 *) pAddBssParams, sizeof( tAddBssParams ), 0); - limExtractApCapabilities( pMac, + limExtractApCapabilities(pMac, (tANI_U8 *) bssDescription->ieFields, - limGetIElenFromBssDescription( bssDescription ), - pBeaconStruct ); + GET_IE_LEN_IN_BSS(bssDescription->length), + pBeaconStruct); if(pMac->lim.gLimProtectionControl != WNI_CFG_FORCE_POLICY_PROTECTION_DISABLE) limDecideStaProtectionOnAssoc(pMac, pBeaconStruct, psessionEntry); diff --git a/CORE/MAC/src/pe/lim/limFT.c b/CORE/MAC/src/pe/lim/limFT.c index aca49be7c4c7..cf42bca429a2 100644 --- a/CORE/MAC/src/pe/lim/limFT.c +++ b/CORE/MAC/src/pe/lim/limFT.c @@ -466,9 +466,9 @@ tSirRetStatus limFTPrepareAddBssReq( tpAniSirGlobal pMac, vos_mem_set((tANI_U8 *) pAddBssParams, sizeof( tAddBssParams ), 0); - limExtractApCapabilities( pMac, + limExtractApCapabilities(pMac, (tANI_U8 *) bssDescription->ieFields, - limGetIElenFromBssDescription( bssDescription ), pBeaconStruct ); + GET_IE_LEN_IN_BSS(bssDescription->length), pBeaconStruct); if (pMac->lim.gLimProtectionControl != WNI_CFG_FORCE_POLICY_PROTECTION_DISABLE) @@ -858,10 +858,10 @@ void limFillFTSession(tpAniSirGlobal pMac, pftSessionEntry->smeSessionId = psessionEntry->smeSessionId; pftSessionEntry->transactionId = 0; - limExtractApCapabilities( pMac, - (tANI_U8 *) pbssDescription->ieFields, - limGetIElenFromBssDescription( pbssDescription ), - pBeaconStruct ); + limExtractApCapabilities(pMac, + (tANI_U8 *)pbssDescription->ieFields, + GET_IE_LEN_IN_BSS(pbssDescription->length), + pBeaconStruct); pftSessionEntry->rateSet.numRates = pBeaconStruct->supportedRates.numRates; vos_mem_copy(pftSessionEntry->rateSet.rate, @@ -941,7 +941,7 @@ void limFillFTSession(tpAniSirGlobal pMac, pftSessionEntry->currentOperChannel ); localPowerConstraint = regMax; limExtractApCapability( pMac, (tANI_U8 *) pbssDescription->ieFields, - limGetIElenFromBssDescription(pbssDescription), + GET_IE_LEN_IN_BSS(pbssDescription->length), &pftSessionEntry->limCurrentBssQosCaps, &pftSessionEntry->limCurrentBssPropCap, ¤tBssUapsd , &localPowerConstraint, pftSessionEntry); diff --git a/CORE/MAC/src/pe/lim/limProcessAssocRspFrame.c b/CORE/MAC/src/pe/lim/limProcessAssocRspFrame.c index f89709a86522..6baa5184f5b1 100644 --- a/CORE/MAC/src/pe/lim/limProcessAssocRspFrame.c +++ b/CORE/MAC/src/pe/lim/limProcessAssocRspFrame.c @@ -979,10 +979,10 @@ limProcessAssocRspFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo, tANI_U8 sub limUpdateAssocStaDatas(pMac, pStaDs, pAssocRsp,psessionEntry); // Extract the AP capabilities from the beacon that was received earlier // TODO - Watch out for an error response! - limExtractApCapabilities( pMac, - (tANI_U8 *) psessionEntry->pLimJoinReq->bssDescription.ieFields, - limGetIElenFromBssDescription( &psessionEntry->pLimJoinReq->bssDescription ), - pBeaconStruct ); + limExtractApCapabilities(pMac, + (tANI_U8 *) psessionEntry->pLimJoinReq->bssDescription.ieFields, + GET_IE_LEN_IN_BSS(psessionEntry->pLimJoinReq->bssDescription.length), + pBeaconStruct); if(pMac->lim.gLimProtectionControl != WNI_CFG_FORCE_POLICY_PROTECTION_DISABLE) limDecideStaProtectionOnAssoc(pMac, pBeaconStruct, psessionEntry); diff --git a/CORE/MAC/src/pe/lim/limProcessMlmRspMessages.c b/CORE/MAC/src/pe/lim/limProcessMlmRspMessages.c index 8b7f84b0ad20..c2909ff6cb85 100644 --- a/CORE/MAC/src/pe/lim/limProcessMlmRspMessages.c +++ b/CORE/MAC/src/pe/lim/limProcessMlmRspMessages.c @@ -4813,10 +4813,12 @@ limHandleDelBssInReAssocContext(tpAniSirGlobal pMac, tpDphHashNode pStaDs,tpPESe assocRsp = (tpSirAssocRsp)psessionEntry->limAssocResponseData; limUpdateAssocStaDatas(pMac, pStaDs, assocRsp,psessionEntry); limUpdateReAssocGlobals(pMac, assocRsp,psessionEntry); - limExtractApCapabilities( pMac, - (tANI_U8 *) psessionEntry->pLimReAssocReq->bssDescription.ieFields, - limGetIElenFromBssDescription( &psessionEntry->pLimReAssocReq->bssDescription ), - pBeaconStruct ); + limExtractApCapabilities(pMac, + (tANI_U8 *) + psessionEntry->pLimReAssocReq->bssDescription.ieFields, + GET_IE_LEN_IN_BSS( + psessionEntry->pLimReAssocReq->bssDescription.length), + pBeaconStruct); if(pMac->lim.gLimProtectionControl != WNI_CFG_FORCE_POLICY_PROTECTION_DISABLE) limDecideStaProtectionOnAssoc(pMac, pBeaconStruct, psessionEntry); if(pBeaconStruct->erpPresent) { @@ -4986,10 +4988,11 @@ limHandleAddBssInReAssocContext(tpAniSirGlobal pMac, tpDphHashNode pStaDs, tpPES assocRsp = (tpSirAssocRsp)psessionEntry->limAssocResponseData; limUpdateAssocStaDatas(pMac, pStaDs, assocRsp, psessionEntry); limUpdateReAssocGlobals(pMac, assocRsp, psessionEntry); - limExtractApCapabilities( pMac, - (tANI_U8 *) psessionEntry->pLimReAssocReq->bssDescription.ieFields, - limGetIElenFromBssDescription( &psessionEntry->pLimReAssocReq->bssDescription ), - pBeaconStruct ); + limExtractApCapabilities(pMac, + (tANI_U8 *)psessionEntry->pLimReAssocReq->bssDescription.ieFields, + GET_IE_LEN_IN_BSS( + psessionEntry->pLimReAssocReq->bssDescription.length), + pBeaconStruct); if(pMac->lim.gLimProtectionControl != WNI_CFG_FORCE_POLICY_PROTECTION_DISABLE) limDecideStaProtectionOnAssoc(pMac, pBeaconStruct, psessionEntry); diff --git a/CORE/MAC/src/pe/lim/limProcessSmeReqMessages.c b/CORE/MAC/src/pe/lim/limProcessSmeReqMessages.c index b12e49a2fe73..5ba49133c921 100644 --- a/CORE/MAC/src/pe/lim/limProcessSmeReqMessages.c +++ b/CORE/MAC/src/pe/lim/limProcessSmeReqMessages.c @@ -2064,9 +2064,7 @@ __limProcessSmeJoinReq(tpAniSirGlobal pMac, tANI_U32 *pMsgBuf) /* Store vendor specfic IE for CISCO AP */ - ieLen = (pSmeJoinReq->bssDescription.length + - sizeof( pSmeJoinReq->bssDescription.length ) - - GET_FIELD_OFFSET( tSirBssDescription, ieFields )); + ieLen = GET_IE_LEN_IN_BSS(pSmeJoinReq->bssDescription.length); vendorIE = cfg_get_vendor_ie_ptr_from_oui(pMac, SIR_MAC_CISCO_OUI, SIR_MAC_CISCO_OUI_SIZE, @@ -2305,8 +2303,8 @@ __limProcessSmeJoinReq(tpAniSirGlobal pMac, tANI_U32 *pMsgBuf) { limExtractApCapability( pMac, (tANI_U8 *) psessionEntry->pLimJoinReq->bssDescription.ieFields, - limGetIElenFromBssDescription( - &psessionEntry->pLimJoinReq->bssDescription), + GET_IE_LEN_IN_BSS( + psessionEntry->pLimJoinReq->bssDescription.length), &psessionEntry->limCurrentBssQosCaps, &psessionEntry->limCurrentBssPropCap, &pMac->lim.gLimCurrentBssUapsd @@ -2318,8 +2316,8 @@ __limProcessSmeJoinReq(tpAniSirGlobal pMac, tANI_U32 *pMsgBuf) { limExtractApCapability( pMac, (tANI_U8 *) psessionEntry->pLimJoinReq->bssDescription.ieFields, - limGetIElenFromBssDescription( - &psessionEntry->pLimJoinReq->bssDescription), + GET_IE_LEN_IN_BSS( + psessionEntry->pLimJoinReq->bssDescription.length), &psessionEntry->limCurrentBssQosCaps, &psessionEntry->limCurrentBssPropCap, &psessionEntry->gLimCurrentBssUapsd, @@ -2670,8 +2668,8 @@ __limProcessSmeReassocReq(tpAniSirGlobal pMac, tANI_U32 *pMsgBuf) { limExtractApCapability( pMac, (tANI_U8 *) psessionEntry->pLimReAssocReq->bssDescription.ieFields, - limGetIElenFromBssDescription( - &psessionEntry->pLimReAssocReq->bssDescription), + GET_IE_LEN_IN_BSS( + psessionEntry->pLimReAssocReq->bssDescription.length), &psessionEntry->limReassocBssQosCaps, &psessionEntry->limReassocBssPropCap, &pMac->lim.gLimCurrentBssUapsd @@ -2683,8 +2681,8 @@ __limProcessSmeReassocReq(tpAniSirGlobal pMac, tANI_U32 *pMsgBuf) { limExtractApCapability(pMac, (tANI_U8 *) psessionEntry->pLimReAssocReq->bssDescription.ieFields, - limGetIElenFromBssDescription( - &psessionEntry->pLimReAssocReq->bssDescription), + GET_IE_LEN_IN_BSS( + psessionEntry->pLimReAssocReq->bssDescription.length), &psessionEntry->limReassocBssQosCaps, &psessionEntry->limReassocBssPropCap, &psessionEntry->gLimCurrentBssUapsd, diff --git a/CORE/MAC/src/pe/lim/limSendSmeRspMessages.c b/CORE/MAC/src/pe/lim/limSendSmeRspMessages.c index 5af98c11fc9e..29a8a251e209 100644 --- a/CORE/MAC/src/pe/lim/limSendSmeRspMessages.c +++ b/CORE/MAC/src/pe/lim/limSendSmeRspMessages.c @@ -780,8 +780,8 @@ limSendSmeStartBssRsp(tpAniSirGlobal pMac, * pointer to ieFields. */ pSirSmeRsp->bssDescription.length = - sizeof(pSirSmeRsp->bssDescription) - - sizeof(tANI_U16) - sizeof(tANI_U32) + ieLen; + ((uintptr_t)OFFSET_OF(tSirBssDescription, ieFields)) + - sizeof(pSirSmeRsp->bssDescription.length) + ieLen; /* * This is the size of the message, subtract the size of * the pointer to ieFields diff --git a/CORE/MAC/src/pe/lim/limTypes.h b/CORE/MAC/src/pe/lim/limTypes.h index 90d97cf5838f..b2937b7d32bf 100644 --- a/CORE/MAC/src/pe/lim/limTypes.h +++ b/CORE/MAC/src/pe/lim/limTypes.h @@ -966,57 +966,6 @@ limGetCurrentScanChannel(tpAniSirGlobal pMac) return (*(pChanNum + pMac->lim.gLimCurrentScanChannelId)); } /*** end limGetCurrentScanChannel() ***/ - - -/** - * limGetIElenFromBssDescription() - * - *FUNCTION: - * This function is called in various places to get IE length - * from tSirBssDescription structure - * number being scanned. - * - *PARAMS: - * - *LOGIC: - * - *ASSUMPTIONS: - * NA - * - *NOTE: - * NA - * - * @param pBssDescr - * @return Total IE length - */ - -static inline tANI_U16 -limGetIElenFromBssDescription(tpSirBssDescription pBssDescr) -{ - uint16_t ielen; - - if (!pBssDescr) - return 0; - - /** - * Length of BSS desription is without length of - * length itself and length of pointer - * that holds ieFields - * - * <------------sizeof(tSirBssDescription)--------------------> - * +--------+---------------------------------+---------------+ - * | length | other fields | pointer to IEs| - * +--------+---------------------------------+---------------+ - * ^ - * ieFields - */ - - ielen = ((tANI_U16) (pBssDescr->length + sizeof(pBssDescr->length) + - sizeof(tANI_U32 *) - sizeof(tSirBssDescription))); - - return ielen; -} /*** end limGetIElenFromBssDescription() ***/ - /** * limSendBeaconInd() * diff --git a/CORE/SAP/src/sapChSelect.c b/CORE/SAP/src/sapChSelect.c index 7c5d8b0e7d12..2df7e464768a 100644 --- a/CORE/SAP/src/sapChSelect.c +++ b/CORE/SAP/src/sapChSelect.c @@ -319,9 +319,7 @@ sap_process_avoid_ie(tHalHandle hal, node = sme_ScanResultGetFirst(hal, scan_result); while (node) { - total_ie_len = (node->BssDescriptor.length + - sizeof(tANI_U16) + sizeof(tANI_U32) - - sizeof(tSirBssDescription)); + total_ie_len = GET_IE_LEN_IN_BSS(node->BssDescriptor.length); temp_ptr = cfg_get_vendor_ie_ptr_from_oui(mac_ctx, SIR_MAC_QCOM_VENDOR_OUI, SIR_MAC_QCOM_VENDOR_SIZE, @@ -1660,7 +1658,7 @@ void sapComputeSpectWeight( tSapChSelSpectInfo* pSpectInfoParams, vhtSupport = 0; centerFreq = 0; - ieLen = (pScanResult->BssDescriptor.length + sizeof(tANI_U16) + sizeof(tANI_U32) - sizeof(tSirBssDescription)); + ieLen = GET_IE_LEN_IN_BSS(pScanResult->BssDescriptor.length); vos_mem_set((tANI_U8 *) pBeaconStruct, sizeof(tSirProbeRespBeacon), 0); if ((sirParseBeaconIE(pMac, pBeaconStruct,(tANI_U8 *)( pScanResult->BssDescriptor.ieFields), ieLen)) == eSIR_SUCCESS) diff --git a/CORE/SME/src/csr/csrApiScan.c b/CORE/SME/src/csr/csrApiScan.c index ab52745ece21..e7777bf827c8 100644 --- a/CORE/SME/src/csr/csrApiScan.c +++ b/CORE/SME/src/csr/csrApiScan.c @@ -2989,8 +2989,7 @@ void csrCheckNSaveWscIe(tpAniSirGlobal pMac, tSirBssDescription *pNewBssDescr, t (0 == pNewBssDescr->WscIeLen)) { idx = 0; - len = pOldBssDescr->length - sizeof(tSirBssDescription) + - sizeof(tANI_U16) + sizeof(tANI_U32) - DOT11F_IE_WSCPROBERES_MIN_LEN - 2; + len = GET_IE_LEN_IN_BSS(pOldBssDescr->length) - DOT11F_IE_WSCPROBERES_MIN_LEN - 2; pbIe = (tANI_U8 *)pOldBssDescr->ieFields; //Save WPS IE if it exists pNewBssDescr->WscIeLen = 0; @@ -8779,8 +8778,8 @@ eHalStatus csrScanSavePreferredNetworkFound(tpAniSirGlobal pMac, * of pointer that holds the next BSS description */ pBssDescr->length = (tANI_U16)( - sizeof(tSirBssDescription) - sizeof(tANI_U16) - - sizeof(tANI_U32) + uLen); + ((uintptr_t)OFFSET_OF(tSirBssDescription, ieFields)) + - sizeof(pBssDescr->length) + uLen); if (pParsedFrame->dsParamsPresent) { pBssDescr->channelId = pParsedFrame->channelNumber; diff --git a/CORE/SME/src/csr/csrUtil.c b/CORE/SME/src/csr/csrUtil.c index ac104ab13df8..75d51688a2cf 100644 --- a/CORE/SME/src/csr/csrUtil.c +++ b/CORE/SME/src/csr/csrUtil.c @@ -1681,7 +1681,7 @@ eHalStatus csrParseBssDescriptionIEs(tHalHandle hHal, tSirBssDescription *pBssDe { eHalStatus status = eHAL_STATUS_FAILURE; tpAniSirGlobal pMac = PMAC_STRUCT( hHal ); - int ieLen = (int)(pBssDesc->length + sizeof( pBssDesc->length ) - GET_FIELD_OFFSET( tSirBssDescription, ieFields )); + int ieLen = (int)GET_IE_LEN_IN_BSS(pBssDesc->length); if(ieLen > 0 && pIEStruct) { |