diff options
120 files changed, 5530 insertions, 3040 deletions
@@ -59,7 +59,7 @@ ifeq ($(KERNEL_BUILD), 0) CONFIG_MOBILE_ROUTER := y endif - ifeq ($(CONFIG_ARCH_SDX24), y) + ifeq ($(CONFIG_ARCH_SDXPOORWILLS), y) CONFIG_MOBILE_ROUTER := y endif @@ -71,7 +71,7 @@ ifeq ($(KERNEL_BUILD), 0) CONFIG_WLAN_DISABLE_EXPORT_SYMBOL := y endif - ifeq ($(CONFIG_ARCH_SDX24), y) + ifeq ($(CONFIG_ARCH_SDXPOORWILLS), y) CONFIG_WLAN_DISABLE_EXPORT_SYMBOL := y endif @@ -820,7 +820,8 @@ QDF_OBJS := $(QDF_OBJ_DIR)/qdf_defer.o \ $(QDF_OBJ_DIR)/qdf_nbuf.o \ $(QDF_OBJ_DIR)/qdf_threads.o \ $(QDF_OBJ_DIR)/qdf_crypto.o \ - $(QDF_OBJ_DIR)/qdf_trace.o + $(QDF_OBJ_DIR)/qdf_trace.o \ + $(QDF_OBJ_DIR)/qdf_idr.o ifeq ($(CONFIG_WLAN_DEBUGFS), y) QDF_OBJS += $(QDF_OBJ_DIR)/qdf_debugfs.o diff --git a/core/cds/inc/cds_concurrency.h b/core/cds/inc/cds_concurrency.h index 61c5aa8610ec..c70764bbd86d 100644 --- a/core/cds/inc/cds_concurrency.h +++ b/core/cds/inc/cds_concurrency.h @@ -1074,4 +1074,14 @@ void cds_trim_acs_channel_list(tsap_Config_t *sap_cfg); * Return: true or false */ bool cds_allow_sap_go_concurrency(enum cds_con_mode mode, uint8_t channel); + +/** + * cds_is_sta_sap_scc() - check whether SAP is doing SCC with + * STA + * @sap_ch: operating channel of SAP interface + * This function checks whether SAP is doing SCC with STA + * + * Return: true or false + */ +bool cds_is_sta_sap_scc(uint8_t sap_ch); #endif /* __CDS_CONCURRENCY_H */ diff --git a/core/cds/inc/cds_ieee80211_common.h b/core/cds/inc/cds_ieee80211_common.h index dfa19967205e..1cbaa4c385d3 100644 --- a/core/cds/inc/cds_ieee80211_common.h +++ b/core/cds/inc/cds_ieee80211_common.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011,2014-2015, 2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011,2014-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -1806,6 +1806,8 @@ enum { #define IEEE80211_CCMP_HEADERLEN 8 #define IEEE80211_CCMP_MICLEN 8 +#define WLAN_IEEE80211_GCMP_HEADERLEN 8 +#define WLAN_IEEE80211_GCMP_MICLEN 16 /* * 802.11w defines a MMIE chunk to be attached at the end of diff --git a/core/cds/src/cds_api.c b/core/cds/src/cds_api.c index a74a43464cda..991a88a3bd21 100644 --- a/core/cds/src/cds_api.c +++ b/core/cds/src/cds_api.c @@ -583,6 +583,45 @@ err_probe_event: return status; } /* cds_open() */ +static QDF_STATUS cds_pktlog_enable(void *pdev_txrx_ctx, void *scn) +{ + int errno; + + switch (cds_get_conparam()) { + case QDF_GLOBAL_FTM_MODE: + case QDF_GLOBAL_EPPING_MODE: + return QDF_STATUS_SUCCESS; + default: + break; + } + + htt_pkt_log_init(pdev_txrx_ctx, scn); + + errno = pktlog_htc_attach(); + if (errno) + goto pktlog_deinit; + + return QDF_STATUS_SUCCESS; + +pktlog_deinit: + htt_pktlogmod_exit(pdev_txrx_ctx, scn); + + return QDF_STATUS_E_FAILURE; +} + +static void cds_pktlog_disable(void *pdev_txrx_ctx, void *scn) +{ + switch (cds_get_conparam()) { + case QDF_GLOBAL_FTM_MODE: + case QDF_GLOBAL_EPPING_MODE: + return; + default: + break; + } + + htt_pktlogmod_exit(pdev_txrx_ctx, scn); +} + /** * cds_pre_enable() - pre enable cds * @cds_context: CDS context @@ -626,12 +665,9 @@ QDF_STATUS cds_pre_enable(v_CONTEXT_t cds_context) } /* call Packetlog connect service */ - if (QDF_GLOBAL_FTM_MODE != cds_get_conparam() && - QDF_GLOBAL_EPPING_MODE != cds_get_conparam()) { - htt_pkt_log_init(gp_cds_context->pdev_txrx_ctx, scn); - if (pktlog_htc_attach()) - return QDF_STATUS_E_FAILURE; - } + qdf_status = cds_pktlog_enable(gp_cds_context->pdev_txrx_ctx, scn); + if (QDF_IS_STATUS_ERROR(qdf_status)) + return qdf_status; /* Reset wma wait event */ qdf_event_reset(&gp_cds_context->wmaCompleteEvent); @@ -642,7 +678,7 @@ QDF_STATUS cds_pre_enable(v_CONTEXT_t cds_context) QDF_TRACE(QDF_MODULE_ID_SYS, QDF_TRACE_LEVEL_FATAL, "Failed to WMA prestart"); QDF_ASSERT(0); - return QDF_STATUS_E_FAILURE; + goto pktlog_disable; } /* Need to update time out of complete */ @@ -665,7 +701,7 @@ QDF_STATUS cds_pre_enable(v_CONTEXT_t cds_context) wlan_sys_probe(); QDF_ASSERT(0); - return QDF_STATUS_E_FAILURE; + goto pktlog_disable; } qdf_status = htc_start(gp_cds_context->htc_ctx); @@ -673,7 +709,7 @@ QDF_STATUS cds_pre_enable(v_CONTEXT_t cds_context) QDF_TRACE(QDF_MODULE_ID_SYS, QDF_TRACE_LEVEL_FATAL, "Failed to Start HTC"); QDF_ASSERT(0); - return QDF_STATUS_E_FAILURE; + goto pktlog_disable; } qdf_status = wma_wait_for_ready_event(gp_cds_context->pWMAContext); if (!QDF_IS_STATUS_SUCCESS(qdf_status)) { @@ -690,7 +726,7 @@ QDF_STATUS cds_pre_enable(v_CONTEXT_t cds_context) wma_wmi_stop(); htc_stop(gp_cds_context->htc_ctx); - return QDF_STATUS_E_FAILURE; + goto pktlog_disable; } if (ol_txrx_pdev_post_attach(gp_cds_context->pdev_txrx_ctx)) { @@ -699,10 +735,16 @@ QDF_STATUS cds_pre_enable(v_CONTEXT_t cds_context) wma_wmi_stop(); htc_stop(gp_cds_context->htc_ctx); QDF_ASSERT(0); - return QDF_STATUS_E_FAILURE; + qdf_status = QDF_STATUS_E_FAILURE; + goto pktlog_disable; } return QDF_STATUS_SUCCESS; + +pktlog_disable: + cds_pktlog_disable(gp_cds_context->pdev_txrx_ctx, scn); + + return qdf_status; } /** diff --git a/core/cds/src/cds_concurrency.c b/core/cds/src/cds_concurrency.c index 46e856a5db13..caf037042acf 100644 --- a/core/cds/src/cds_concurrency.c +++ b/core/cds/src/cds_concurrency.c @@ -5540,8 +5540,6 @@ static QDF_STATUS cds_modify_pcl_based_on_enabled_channels( { cds_context_type *cds_ctx; uint32_t i, pcl_len = 0; - uint8_t pcl_list[QDF_MAX_NUM_CHAN]; - uint8_t weight_list[QDF_MAX_NUM_CHAN]; cds_ctx = cds_get_context(QDF_MODULE_ID_QDF); if (!cds_ctx) { @@ -5551,15 +5549,10 @@ static QDF_STATUS cds_modify_pcl_based_on_enabled_channels( for (i = 0; i < *pcl_len_org; i++) { if (!CDS_IS_PASSIVE_OR_DISABLE_CH(pcl_list_org[i])) { - pcl_list[pcl_len] = pcl_list_org[i]; - weight_list[pcl_len++] = weight_list_org[i]; + pcl_list_org[pcl_len] = pcl_list_org[i]; + weight_list_org[pcl_len++] = weight_list_org[i]; } } - - qdf_mem_zero(pcl_list_org, QDF_ARRAY_SIZE(pcl_list_org)); - qdf_mem_zero(weight_list_org, QDF_ARRAY_SIZE(weight_list_org)); - qdf_mem_copy(pcl_list_org, pcl_list, pcl_len); - qdf_mem_copy(weight_list_org, weight_list, pcl_len); *pcl_len_org = pcl_len; return QDF_STATUS_SUCCESS; @@ -5717,11 +5710,6 @@ QDF_STATUS cds_get_pcl(enum cds_con_mode mode, return status; } - if (mode >= CDS_MAX_NUM_OF_MODE) { - cds_err("requested mode:%d is not supported", mode); - return status; - } - /* find the current connection state from conc_connection_list*/ num_connections = cds_get_connection_count(); @@ -8092,8 +8080,7 @@ sap_restart: hdd_ap_ctx->sapConfig.channel, intf_ch); } hdd_ap_ctx->sapConfig.channel = intf_ch; - hdd_ap_ctx->sapConfig.ch_params.ch_width = - hdd_ap_ctx->sapConfig.ch_width_orig; + hdd_ap_ctx->sapConfig.ch_params.ch_width = CH_WIDTH_MAX; hdd_ap_ctx->bss_stop_reason = BSS_STOP_DUE_TO_MCC_SCC_SWITCH; cds_set_channel_params(hdd_ap_ctx->sapConfig.channel, hdd_ap_ctx->sapConfig.sec_ch, @@ -8107,10 +8094,7 @@ sap_restart: if (!QDF_IS_STATUS_SUCCESS(status)) cds_err("wait for event failed, still continue with channel switch"); - if (((hdd_ctx->config->WlanMccToSccSwitchMode == - QDF_MCC_TO_SCC_SWITCH_FORCE_WITHOUT_DISCONNECTION) || - (hdd_ctx->config->WlanMccToSccSwitchMode == - QDF_MCC_TO_SCC_SWITCH_WITH_FAVORITE_CHANNEL)) && + if (cds_is_force_scc() && (cds_ctx->sap_restart_chan_switch_cb)) { cds_debug("SAP chan change without restart"); cds_ctx->sap_restart_chan_switch_cb(ap_adapter, @@ -10044,8 +10028,6 @@ QDF_STATUS cds_modify_sap_pcl_based_on_mandatory_channel(uint8_t *pcl_list_org, { cds_context_type *cds_ctx; uint32_t i, j, pcl_len = 0; - uint8_t pcl_list[QDF_MAX_NUM_CHAN]; - uint8_t weight_list[QDF_MAX_NUM_CHAN]; bool found; cds_ctx = cds_get_context(QDF_MODULE_ID_QDF); @@ -10076,15 +10058,10 @@ QDF_STATUS cds_modify_sap_pcl_based_on_mandatory_channel(uint8_t *pcl_list_org, } } if (found) { - pcl_list[pcl_len] = pcl_list_org[i]; - weight_list[pcl_len++] = weight_list_org[i]; + pcl_list_org[pcl_len] = pcl_list_org[i]; + weight_list_org[pcl_len++] = weight_list_org[i]; } } - - qdf_mem_zero(pcl_list_org, QDF_ARRAY_SIZE(pcl_list_org)); - qdf_mem_zero(weight_list_org, QDF_ARRAY_SIZE(weight_list_org)); - qdf_mem_copy(pcl_list_org, pcl_list, pcl_len); - qdf_mem_copy(weight_list_org, weight_list, pcl_len); *pcl_len_org = pcl_len; return QDF_STATUS_SUCCESS; @@ -10257,7 +10234,9 @@ bool cds_is_force_scc(void) return ((hdd_ctx->config->WlanMccToSccSwitchMode == QDF_MCC_TO_SCC_SWITCH_FORCE_WITHOUT_DISCONNECTION) || (hdd_ctx->config->WlanMccToSccSwitchMode == - QDF_MCC_TO_SCC_SWITCH_WITH_FAVORITE_CHANNEL)); + QDF_MCC_TO_SCC_SWITCH_WITH_FAVORITE_CHANNEL) || + (hdd_ctx->config->WlanMccToSccSwitchMode == + QDF_MCC_TO_SCC_WITH_PREFERRED_BAND)); } /** * cds_get_valid_chan_weights() - Get the weightage for all @@ -11065,3 +11044,36 @@ void cds_trim_acs_channel_list(tsap_Config_t *sap_cfg) sap_cfg->acs_cfg.ch_list[i] = ch_list[i]; } } + +bool cds_is_sta_sap_scc(uint8_t sap_ch) +{ + uint32_t conn_index; + cds_context_type *cds_ctx; + bool is_scc = false; + + cds_ctx = cds_get_context(QDF_MODULE_ID_QDF); + if (!cds_ctx) { + cds_err("Invalid CDS Context"); + return is_scc; + } + + if (!cds_mode_specific_connection_count(CDS_STA_MODE, NULL)) { + cds_debug("There is no STA+SAP conc"); + return is_scc; + } + + qdf_mutex_acquire(&cds_ctx->qdf_conc_list_lock); + for (conn_index = 0; conn_index < MAX_NUMBER_OF_CONC_CONNECTIONS; + conn_index++) { + if (conc_connection_list[conn_index].in_use && + (conc_connection_list[conn_index].mode == CDS_STA_MODE) && + (sap_ch == conc_connection_list[conn_index].chan)) { + is_scc = true; + break; + } + } + qdf_mutex_release(&cds_ctx->qdf_conc_list_lock); + + return is_scc; +} + diff --git a/core/dp/htt/htt_fw_stats.c b/core/dp/htt/htt_fw_stats.c index b2434f48c118..3b9501ee6fd4 100644 --- a/core/dp/htt/htt_fw_stats.c +++ b/core/dp/htt/htt_fw_stats.c @@ -968,7 +968,7 @@ htt_t2h_tx_ppdu_log_print(struct ol_fw_tx_dbg_ppdu_msg_hdr *hdr, p8 = (uint8_t *) record; calculated_p8 = p8 + sizeof(struct ol_fw_tx_dbg_ppdu_base); if (calculated_p8 < p8) { - qdf_err("Overflow due to record %p", p8); + qdf_err("Overflow due to record %pK", p8); continue; } p8 = calculated_p8; diff --git a/core/dp/htt/htt_rx.c b/core/dp/htt/htt_rx.c index 11ee196bdcbc..9a4f987af15d 100644 --- a/core/dp/htt/htt_rx.c +++ b/core/dp/htt/htt_rx.c @@ -497,6 +497,14 @@ static int htt_rx_ring_fill_n(struct htt_pdev_t *pdev, int num) idx = *(pdev->rx_ring.alloc_idx.vaddr); + if ((idx < 0) || (idx > pdev->rx_ring.size_mask) || + (num > pdev->rx_ring.size)) { + QDF_TRACE(QDF_MODULE_ID_HTT, + QDF_TRACE_LEVEL_ERROR, + "%s:rx refill failed!", __func__); + return filled; + } + if (qdf_mem_smmu_s1_enabled(pdev->osdev) && pdev->is_ipa_uc_enabled && pdev->rx_ring.smmu_map) ipa_smmu = true; diff --git a/core/dp/htt/htt_t2h.c b/core/dp/htt/htt_t2h.c index 017bf9991f7a..96630a703169 100644 --- a/core/dp/htt/htt_t2h.c +++ b/core/dp/htt/htt_t2h.c @@ -274,33 +274,12 @@ static void htt_t2h_lp_msg_handler(void *context, qdf_nbuf_t htt_t2h_msg, } case HTT_T2H_MSG_TYPE_RX_ADDBA: { - uint16_t peer_id; - uint8_t tid; - uint8_t win_sz; - uint16_t start_seq_num; - - /* - * FOR NOW, the host doesn't need to know the initial - * sequence number for rx aggregation. - * Thus, any value will do - specify 0. - */ - start_seq_num = 0; - peer_id = HTT_RX_ADDBA_PEER_ID_GET(*msg_word); - tid = HTT_RX_ADDBA_TID_GET(*msg_word); - win_sz = HTT_RX_ADDBA_WIN_SIZE_GET(*msg_word); - ol_rx_addba_handler(pdev->txrx_pdev, peer_id, tid, - win_sz, start_seq_num, - 0 /* success */); + qdf_print("HTT_T2H_MSG_TYPE_RX_ADDBA not supported "); break; } case HTT_T2H_MSG_TYPE_RX_DELBA: { - uint16_t peer_id; - uint8_t tid; - - peer_id = HTT_RX_DELBA_PEER_ID_GET(*msg_word); - tid = HTT_RX_DELBA_TID_GET(*msg_word); - ol_rx_delba_handler(pdev->txrx_pdev, peer_id, tid); + qdf_print("HTT_T2H_MSG_TYPE_RX_DELBA not supported "); break; } case HTT_T2H_MSG_TYPE_PEER_MAP: @@ -702,6 +681,8 @@ void htt_t2h_msg_handler(void *context, HTC_PACKET *pkt) { unsigned int num_mpdu_ranges; unsigned int num_msdu_bytes; + unsigned int calculated_msg_len; + unsigned int rx_mpdu_range_offset_bytes; uint16_t peer_id; uint8_t tid; int msg_len = qdf_nbuf_len(htt_t2h_msg); @@ -733,18 +714,46 @@ void htt_t2h_msg_handler(void *context, HTC_PACKET *pkt) * 1 word for every 4 MSDU bytes (round up), * 1 word for the MPDU range header */ + rx_mpdu_range_offset_bytes = + (HTT_RX_IND_HDR_BYTES + num_msdu_bytes + 3); + if (qdf_unlikely(num_msdu_bytes > + rx_mpdu_range_offset_bytes)) { + qdf_print("HTT_T2H_MSG_TYPE_RX_IND, invalid num_msdu_bytes %u\n", + num_msdu_bytes); + WARN_ON(1); + break; + } pdev->rx_mpdu_range_offset_words = - (HTT_RX_IND_HDR_BYTES + num_msdu_bytes + 3) >> 2; + rx_mpdu_range_offset_bytes >> 2; num_mpdu_ranges = HTT_RX_IND_NUM_MPDU_RANGES_GET(*(msg_word + 1)); pdev->rx_ind_msdu_byte_idx = 0; - if (qdf_unlikely(pdev->rx_mpdu_range_offset_words + (num_mpdu_ranges * 4) > msg_len)) { - qdf_print("HTT_T2H_MSG_TYPE_RX_IND, invalid mpdu_ranges %d\n", - num_mpdu_ranges); + if (qdf_unlikely(rx_mpdu_range_offset_bytes > + msg_len)) { + qdf_print("HTT_T2H_MSG_TYPE_RX_IND, invalid rx_mpdu_range_offset_words %d\n", + pdev->rx_mpdu_range_offset_words); + WARN_ON(1); + break; + } + calculated_msg_len = rx_mpdu_range_offset_bytes + + (num_mpdu_ranges * (int)sizeof(uint32_t)); + /* + * Check that the addition and multiplication + * do not cause integer overflow + */ + if (qdf_unlikely(calculated_msg_len < + rx_mpdu_range_offset_bytes)) { + qdf_print("HTT_T2H_MSG_TYPE_RX_IND, invalid num_mpdu_ranges %u\n", + (num_mpdu_ranges * (int)sizeof(uint32_t))); + WARN_ON(1); + break; + } + if (qdf_unlikely(calculated_msg_len > msg_len)) { + qdf_print("HTT_T2H_MSG_TYPE_RX_IND, invalid offset_words + mpdu_ranges %u\n", + calculated_msg_len); WARN_ON(1); break; } - ol_rx_indication_handler(pdev->txrx_pdev, htt_t2h_msg, peer_id, tid, num_mpdu_ranges); @@ -993,6 +1002,7 @@ void htt_t2h_msg_handler_fast(void *context, qdf_nbuf_t *cmpl_msdus, unsigned int num_mpdu_ranges; unsigned int num_msdu_bytes; unsigned int calculated_msg_len; + unsigned int rx_mpdu_range_offset_bytes; u_int16_t peer_id; u_int8_t tid; msg_len = qdf_nbuf_len(htt_t2h_msg); @@ -1017,21 +1027,29 @@ void htt_t2h_msg_handler_fast(void *context, qdf_nbuf_t *cmpl_msdus, * 1 word for every 4 MSDU bytes (round up), * 1 word for the MPDU range header */ + rx_mpdu_range_offset_bytes = + (HTT_RX_IND_HDR_BYTES + num_msdu_bytes + 3); + if (qdf_unlikely(num_msdu_bytes > + rx_mpdu_range_offset_bytes)) { + qdf_print("HTT_T2H_MSG_TYPE_RX_IND, invalid num_msdu_bytes %u\n", + num_msdu_bytes); + WARN_ON(1); + break; + } pdev->rx_mpdu_range_offset_words = - (HTT_RX_IND_HDR_BYTES + num_msdu_bytes + 3) >> - 2; + rx_mpdu_range_offset_bytes >> 2; num_mpdu_ranges = HTT_RX_IND_NUM_MPDU_RANGES_GET(*(msg_word + 1)); pdev->rx_ind_msdu_byte_idx = 0; - if (qdf_unlikely(pdev->rx_mpdu_range_offset_words > + if (qdf_unlikely(rx_mpdu_range_offset_bytes > msg_len)) { qdf_print("HTT_T2H_MSG_TYPE_RX_IND, invalid rx_mpdu_range_offset_words %d\n", pdev->rx_mpdu_range_offset_words); WARN_ON(1); break; } - calculated_msg_len = pdev->rx_mpdu_range_offset_words + + calculated_msg_len = rx_mpdu_range_offset_bytes + (num_mpdu_ranges * (int)sizeof(uint32_t)); /* @@ -1039,8 +1057,8 @@ void htt_t2h_msg_handler_fast(void *context, qdf_nbuf_t *cmpl_msdus, * do not cause integer overflow */ if (qdf_unlikely(calculated_msg_len < - pdev->rx_mpdu_range_offset_words)) { - qdf_print("HTT_T2H_MSG_TYPE_RX_IND, invalid mpdu_ranges %u\n", + rx_mpdu_range_offset_bytes)) { + qdf_print("HTT_T2H_MSG_TYPE_RX_IND, invalid num_mpdu_ranges %u\n", (num_mpdu_ranges * (int)sizeof(uint32_t))); WARN_ON(1); diff --git a/core/dp/htt/htt_tx.c b/core/dp/htt/htt_tx.c index 2460b1fde197..343771507511 100644 --- a/core/dp/htt/htt_tx.c +++ b/core/dp/htt/htt_tx.c @@ -1724,7 +1724,7 @@ htt_tx_desc_init(htt_pdev_handle pdev, (struct htt_host_tx_desc_t *) (((char *)htt_tx_desc) - HTT_TX_DESC_VADDR_OFFSET); bool desc_ext_required = (type != EXT_HEADER_NOT_PRESENT); - uint16_t channel_freq; + int channel_freq; void *qdf_ctx = cds_get_context(QDF_MODULE_ID_QDF_DEVICE); QDF_STATUS status; @@ -1821,7 +1821,7 @@ htt_tx_desc_init(htt_pdev_handle pdev, */ local_word3 = HTT_INVALID_PEER; channel_freq = htt_get_channel_freq(type, ext_header_data); - if (channel_freq != HTT_INVALID_CHANNEL) + if (channel_freq != HTT_INVALID_CHANNEL && channel_freq > 0) HTT_TX_DESC_CHAN_FREQ_SET(local_word3, channel_freq); #if HTT_PADDR64 *word4 = local_word3; diff --git a/core/dp/ol/inc/ol_txrx_ctrl_api.h b/core/dp/ol/inc/ol_txrx_ctrl_api.h index 4b8d3dd95776..c2315b96c312 100644 --- a/core/dp/ol/inc/ol_txrx_ctrl_api.h +++ b/core/dp/ol/inc/ol_txrx_ctrl_api.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -490,7 +490,6 @@ QDF_STATUS ol_txrx_get_vdevid(struct ol_txrx_peer_t *peer, uint8_t *vdev_id); void *ol_txrx_get_vdev_by_sta_id(uint8_t sta_id); #define OL_TXRX_INVALID_LOCAL_PEER_ID 0xffff -#define OL_TXRX_INVALID_TDLS_PEER_ID 0xff #define OL_TXRX_RSSI_INVALID 0xffff /** diff --git a/core/dp/ol/inc/ol_txrx_htt_api.h b/core/dp/ol/inc/ol_txrx_htt_api.h index e2b477bd5044..da5b066a742d 100644 --- a/core/dp/ol/inc/ol_txrx_htt_api.h +++ b/core/dp/ol/inc/ol_txrx_htt_api.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -493,47 +493,6 @@ ol_rx_sec_ind_handler(ol_txrx_pdev_handle pdev, enum htt_sec_type sec_type, int is_unicast, uint32_t *michael_key, uint32_t *rx_pn); -/** - * @brief Process an ADDBA message sent by the target. - * @details - * When the target notifies the host of an ADDBA event for a specified - * peer-TID, the host will set up the rx reordering state for the peer-TID. - * Specifically, the host will create a rx reordering array whose length - * is based on the window size specified in the ADDBA. - * - * @param pdev - data physical device handle - * (registered with HTT as a context pointer during attach time) - * @param peer_id - which peer the ADDBA event is for - * @param tid - which traffic ID within the peer the ADDBA event is for - * @param win_sz - how many sequence numbers are in the ARQ block ack window - * set up by the ADDBA event - * @param start_seq_num - the initial value of the sequence number during the - * block ack agreement, as specified by the ADDBA request. - * @param failed - indicate whether the target's ADDBA setup succeeded: - * 0 -> success, 1 -> fail - */ -void -ol_rx_addba_handler(ol_txrx_pdev_handle pdev, - uint16_t peer_id, - uint8_t tid, - uint8_t win_sz, uint16_t start_seq_num, uint8_t failed); - -/** - * @brief Process a DELBA message sent by the target. - * @details - * When the target notifies the host of a DELBA event for a specified - * peer-TID, the host will clean up the rx reordering state for the peer-TID. - * Specifically, the host will remove the rx reordering array, and will - * set the reorder window size to be 1 (stop and go ARQ). - * - * @param pdev - data physical device handle - * (registered with HTT as a context pointer during attach time) - * @param peer_id - which peer the ADDBA event is for - * @param tid - which traffic ID within the peer the ADDBA event is for - */ -void -ol_rx_delba_handler(ol_txrx_pdev_handle pdev, uint16_t peer_id, uint8_t tid); - enum htt_rx_flush_action { htt_rx_flush_release, htt_rx_flush_discard, diff --git a/core/dp/ol/inc/ol_txrx_osif_api.h b/core/dp/ol/inc/ol_txrx_osif_api.h index fff4da3d1bda..eea3d384d437 100644 --- a/core/dp/ol/inc/ol_txrx_osif_api.h +++ b/core/dp/ol/inc/ol_txrx_osif_api.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, 2014-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2012, 2014-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -69,7 +69,9 @@ qdf_nbuf_t ol_txrx_osif_tso_segment(ol_txrx_vdev_handle txrx_vdev, int max_seg_payload_bytes, qdf_nbuf_t jumbo_tcp_frame); -qdf_nbuf_t ol_tx_data(ol_txrx_vdev_handle data_vdev, qdf_nbuf_t skb); +qdf_nbuf_t ol_tx_data(ol_txrx_vdev_handle data_vdev, + qdf_nbuf_t skb, + bool notify_tx_comp); void ol_rx_data_process(struct ol_txrx_peer_t *peer, qdf_nbuf_t rx_buf_list); diff --git a/core/dp/txrx/ol_rx.c b/core/dp/txrx/ol_rx.c index ad843f8846af..92bf922e81e3 100644 --- a/core/dp/txrx/ol_rx.c +++ b/core/dp/txrx/ol_rx.c @@ -1427,9 +1427,7 @@ void ol_rx_peer_init(struct ol_txrx_pdev_t *pdev, struct ol_txrx_peer_t *peer) peer->keyinstalled = 0; peer->last_assoc_rcvd = 0; - peer->last_disassoc_rcvd = 0; - peer->last_deauth_rcvd = 0; - + peer->last_disassoc_deauth_rcvd = 0; qdf_atomic_init(&peer->fw_pn_check); } @@ -1438,8 +1436,7 @@ ol_rx_peer_cleanup(struct ol_txrx_vdev_t *vdev, struct ol_txrx_peer_t *peer) { peer->keyinstalled = 0; peer->last_assoc_rcvd = 0; - peer->last_disassoc_rcvd = 0; - peer->last_deauth_rcvd = 0; + peer->last_disassoc_deauth_rcvd = 0; ol_rx_reorder_peer_cleanup(vdev, peer); } diff --git a/core/dp/txrx/ol_rx_fwd.c b/core/dp/txrx/ol_rx_fwd.c index f33db7424a81..ebc15b7206d9 100644 --- a/core/dp/txrx/ol_rx_fwd.c +++ b/core/dp/txrx/ol_rx_fwd.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, 2014-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011, 2014-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -124,7 +124,7 @@ static inline void ol_rx_fwd_to_tx(struct ol_txrx_vdev_t *vdev, qdf_nbuf_t msdu) qdf_mem_set(msdu->cb, sizeof(msdu->cb), 0); /* update any cb field expected by OL_TX_SEND */ - msdu = OL_TX_SEND(vdev, msdu); + msdu = OL_TX_SEND(vdev, msdu, 0); if (msdu) { /* diff --git a/core/dp/txrx/ol_rx_reorder.c b/core/dp/txrx/ol_rx_reorder.c index 3fc22b72a126..b9dccff83b8e 100644 --- a/core/dp/txrx/ol_rx_reorder.c +++ b/core/dp/txrx/ol_rx_reorder.c @@ -38,24 +38,12 @@ #include <ol_rx_defrag.h> /*=== data types and defines ===*/ -#define OL_RX_REORDER_ROUND_PWR2(value) g_log2ceil[value] + +/*---*/ /*=== global variables ===*/ -static char g_log2ceil[] = { - 1, /* 0 -> 1 */ - 1, /* 1 -> 1 */ - 2, /* 2 -> 2 */ - 4, 4, /* 3-4 -> 4 */ - 8, 8, 8, 8, /* 5-8 -> 8 */ - 16, 16, 16, 16, 16, 16, 16, 16, /* 9-16 -> 16 */ - 32, 32, 32, 32, 32, 32, 32, 32, - 32, 32, 32, 32, 32, 32, 32, 32, /* 17-32 -> 32 */ - 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, - 64, 64, 64, 64, 64, 64, 64, 64, /* 33-64 -> 64 */ -}; +/*---*/ /*=== function definitions ===*/ @@ -519,91 +507,6 @@ ol_rx_reorder_peer_cleanup(struct ol_txrx_vdev_t *vdev, /* functions called by HTT */ void -ol_rx_addba_handler(ol_txrx_pdev_handle pdev, - uint16_t peer_id, - uint8_t tid, - uint8_t win_sz, uint16_t start_seq_num, uint8_t failed) -{ - uint8_t round_pwr2_win_sz; - unsigned int array_size; - struct ol_txrx_peer_t *peer; - struct ol_rx_reorder_t *rx_reorder; - - if (tid >= OL_TXRX_NUM_EXT_TIDS) { - ol_txrx_err("%s: invalid tid, %u\n", __FUNCTION__, tid); - WARN_ON(1); - return; - } - - peer = ol_txrx_peer_find_by_id(pdev, peer_id); - if (peer == NULL) - return; - - if (pdev->cfg.host_addba) { - ol_ctrl_rx_addba_complete(pdev->ctrl_pdev, - &peer->mac_addr.raw[0], tid, failed); - } - if (failed) - return; - - peer->tids_last_seq[tid] = IEEE80211_SEQ_MAX; /* invalid */ - rx_reorder = &peer->tids_rx_reorder[tid]; - - TXRX_ASSERT2(win_sz <= 64); - rx_reorder->win_sz = win_sz; - round_pwr2_win_sz = OL_RX_REORDER_ROUND_PWR2(win_sz); - array_size = - round_pwr2_win_sz * sizeof(struct ol_rx_reorder_array_elem_t); - rx_reorder->array = qdf_mem_malloc(array_size); - TXRX_ASSERT1(rx_reorder->array); - - rx_reorder->win_sz_mask = round_pwr2_win_sz - 1; - rx_reorder->num_mpdus = 0; - - peer->tids_next_rel_idx[tid] = - OL_RX_REORDER_IDX_INIT(start_seq_num, rx_reorder->win_sz, - rx_reorder->win_sz_mask); -} - -void -ol_rx_delba_handler(ol_txrx_pdev_handle pdev, uint16_t peer_id, uint8_t tid) -{ - struct ol_txrx_peer_t *peer; - struct ol_rx_reorder_t *rx_reorder; - - if (tid >= OL_TXRX_NUM_EXT_TIDS) { - ol_txrx_err("%s: invalid tid, %u\n", __FUNCTION__, tid); - WARN_ON(1); - return; - } - - peer = ol_txrx_peer_find_by_id(pdev, peer_id); - if (peer == NULL) - return; - - peer->tids_next_rel_idx[tid] = INVALID_REORDER_INDEX; - rx_reorder = &peer->tids_rx_reorder[tid]; - - /* check that there really was a block ack agreement */ - TXRX_ASSERT1(rx_reorder->win_sz_mask != 0); - /* - * Deallocate the old rx reorder array. - * The call to ol_rx_reorder_init below - * will reset rx_reorder->array to point to - * the single-element statically-allocated reorder array - * used for non block-ack cases. - */ - if (rx_reorder->array != &rx_reorder->base) { - ol_txrx_dbg("%s, delete reorder array, tid:%d\n", - __func__, tid); - qdf_mem_free(rx_reorder->array); - } - - /* set up the TID with default parameters (ARQ window size = 1) */ - ol_rx_reorder_init(rx_reorder, tid); -} - -void ol_rx_flush_handler(ol_txrx_pdev_handle pdev, uint16_t peer_id, uint8_t tid, diff --git a/core/dp/txrx/ol_tx.c b/core/dp/txrx/ol_tx.c index e08ebab8e82b..ccd87818817e 100644 --- a/core/dp/txrx/ol_tx.c +++ b/core/dp/txrx/ol_tx.c @@ -239,10 +239,12 @@ static inline uint8_t ol_tx_prepare_tso(ol_txrx_vdev_handle vdev, * ol_tx_data() - send data frame * @vdev: virtual device handle * @skb: skb + * @notify_tx_comp: whether OTA to be notified * * Return: skb/NULL for success */ -qdf_nbuf_t ol_tx_data(ol_txrx_vdev_handle vdev, qdf_nbuf_t skb) +qdf_nbuf_t ol_tx_data(ol_txrx_vdev_handle vdev, qdf_nbuf_t skb, + bool notify_tx_comp) { struct ol_txrx_pdev_t *pdev; qdf_nbuf_t ret; @@ -268,7 +270,7 @@ qdf_nbuf_t ol_tx_data(ol_txrx_vdev_handle vdev, qdf_nbuf_t skb) /* Terminate the (single-element) list of tx frames */ qdf_nbuf_set_next(skb, NULL); - ret = OL_TX_SEND(vdev, skb); + ret = OL_TX_SEND(vdev, skb, notify_tx_comp); if (ret) { ol_txrx_dbg("%s: Failed to tx", __func__); return ret; @@ -312,7 +314,7 @@ qdf_nbuf_t ol_tx_send_ipa_data_frame(void *vdev, */ qdf_net_buf_debug_acquire_skb(skb, __FILE__, __LINE__); - ret = OL_TX_SEND((struct ol_txrx_vdev_t *)vdev, skb); + ret = OL_TX_SEND((struct ol_txrx_vdev_t *)vdev, skb, 0); if (ret) { ol_txrx_dbg("%s: Failed to tx", __func__); return ret; @@ -375,7 +377,8 @@ static uint32_t ol_tx_tso_get_stats_idx(struct ol_txrx_pdev_t *pdev) #endif #if defined(FEATURE_TSO) -qdf_nbuf_t ol_tx_ll(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) +qdf_nbuf_t ol_tx_ll(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp) { qdf_nbuf_t msdu = msdu_list; struct ol_txrx_msdu_info_t msdu_info; @@ -473,7 +476,8 @@ qdf_nbuf_t ol_tx_ll(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) } #else /* TSO */ -qdf_nbuf_t ol_tx_ll(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) +qdf_nbuf_t ol_tx_ll(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp) { qdf_nbuf_t msdu = msdu_list; struct ol_txrx_msdu_info_t msdu_info; @@ -709,7 +713,8 @@ ol_tx_prepare_ll_fast(struct ol_txrx_pdev_t *pdev, * Return: on success return NULL, pointer to nbuf when it fails to send. */ qdf_nbuf_t -ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) +ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp) { qdf_nbuf_t msdu = msdu_list; struct ol_txrx_pdev_t *pdev = vdev->pdev; @@ -823,6 +828,10 @@ ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) htt_tx_desc_display(tx_desc->htt_tx_desc); + if (!msdu_info.tso_info.is_tso) + tx_desc->notify_tx_comp = + notify_tx_comp; + /* mark the relevant tso_seg free-able */ if (msdu_info.tso_info.curr_seg) { msdu_info.tso_info.curr_seg-> @@ -890,7 +899,8 @@ ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) } #else qdf_nbuf_t -ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) +ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp) { qdf_nbuf_t msdu = msdu_list; struct ol_txrx_pdev_t *pdev = vdev->pdev; @@ -955,6 +965,8 @@ ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) pkt_download_len += sizeof(struct htt_tx_msdu_desc_ext_t); + tx_desc->notify_tx_comp = notify_tx_comp; + htt_tx_desc_display(tx_desc->htt_tx_desc); /* * The netbuf may get linked into a different list @@ -991,23 +1003,25 @@ ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) * */ qdf_nbuf_t -ol_tx_ll_wrapper(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) +ol_tx_ll_wrapper(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp) { struct hif_opaque_softc *hif_device = (struct hif_opaque_softc *)cds_get_context(QDF_MODULE_ID_HIF); if (qdf_likely(hif_device && hif_is_fastpath_mode_enabled(hif_device))) - msdu_list = ol_tx_ll_fast(vdev, msdu_list); + msdu_list = ol_tx_ll_fast(vdev, msdu_list, notify_tx_comp); else - msdu_list = ol_tx_ll(vdev, msdu_list); + msdu_list = ol_tx_ll(vdev, msdu_list, notify_tx_comp); return msdu_list; } #else qdf_nbuf_t -ol_tx_ll_wrapper(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) +ol_tx_ll_wrapper(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp) { - return ol_tx_ll(vdev, msdu_list); + return ol_tx_ll(vdev, msdu_list, notify_tx_comp); } #endif /* WLAN_FEATURE_FASTPATH */ @@ -1057,7 +1071,7 @@ static void ol_tx_vdev_ll_pause_queue_send_base(struct ol_txrx_vdev_t *vdev) qdf_nbuf_set_next(tx_msdu, NULL); QDF_NBUF_UPDATE_TX_PKT_COUNT(tx_msdu, QDF_NBUF_TX_PKT_TXRX_DEQUEUE); - tx_msdu = ol_tx_ll_wrapper(vdev, tx_msdu); + tx_msdu = ol_tx_ll_wrapper(vdev, tx_msdu, 0); /* * It is unexpected that ol_tx_ll would reject the frame * since we checked that there's room for it, though @@ -1134,7 +1148,8 @@ ol_tx_vdev_pause_queue_append(struct ol_txrx_vdev_t *vdev, * Store up the tx frame in the vdev's tx queue if the vdev is paused. * If there are too many frames in the tx queue, reject it. */ -qdf_nbuf_t ol_tx_ll_queue(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) +qdf_nbuf_t ol_tx_ll_queue(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp) { uint16_t eth_type; uint32_t paused_reason; @@ -1153,7 +1168,8 @@ qdf_nbuf_t ol_tx_ll_queue(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) (((struct ethernet_hdr_t *) qdf_nbuf_data(msdu_list))->ethertype[1]); if (ETHERTYPE_IS_EAPOL_WAPI(eth_type)) { - msdu_list = ol_tx_ll_wrapper(vdev, msdu_list); + msdu_list = + ol_tx_ll_wrapper(vdev, msdu_list, 0); return msdu_list; } } @@ -1187,7 +1203,7 @@ qdf_nbuf_t ol_tx_ll_queue(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) * not paused, no throttle and no backlog - * send the new frames */ - msdu_list = ol_tx_ll_wrapper(vdev, msdu_list); + msdu_list = ol_tx_ll_wrapper(vdev, msdu_list, 0); } } return msdu_list; @@ -1251,7 +1267,7 @@ void ol_tx_pdev_ll_pause_queue_send_all(struct ol_txrx_pdev_t *pdev) vdev->ll_pause.txq.tail = NULL; qdf_nbuf_set_next(tx_msdu, NULL); - tx_msdu = ol_tx_ll_wrapper(vdev, tx_msdu); + tx_msdu = ol_tx_ll_wrapper(vdev, tx_msdu, 0); /* * It is unexpected that ol_tx_ll would reject * the frame, since we checked that there's @@ -1955,7 +1971,8 @@ MSDU_LOOP_BOTTOM: } qdf_nbuf_t -ol_tx_hl(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list) +ol_tx_hl(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp) { struct ol_txrx_pdev_t *pdev = vdev->pdev; int tx_comp_req = pdev->cfg.default_tx_comp_req; diff --git a/core/dp/txrx/ol_tx.h b/core/dp/txrx/ol_tx.h index 7eb71ea38eb2..f6ae56790481 100644 --- a/core/dp/txrx/ol_tx.h +++ b/core/dp/txrx/ol_tx.h @@ -30,13 +30,17 @@ #include <ol_txrx_types.h> /* ol_tx_desc_t, ol_txrx_msdu_info_t */ -qdf_nbuf_t ol_tx_ll(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list); -qdf_nbuf_t ol_tx_ll_wrapper(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list); +qdf_nbuf_t ol_tx_ll(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp); +qdf_nbuf_t ol_tx_ll_wrapper(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp); #ifdef WLAN_FEATURE_FASTPATH -qdf_nbuf_t ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list); +qdf_nbuf_t ol_tx_ll_fast(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp); #endif -qdf_nbuf_t ol_tx_ll_queue(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list); +qdf_nbuf_t ol_tx_ll_queue(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, + bool notify_tx_comp); #ifdef CONFIG_HL_SUPPORT #define OL_TX_SEND ol_tx_hl @@ -79,11 +83,12 @@ ol_tx_non_std_hl(ol_txrx_vdev_handle data_vdev, * ol_tx_hl() - transmit tx frames for a HL system. * @vdev: the virtual device transmit the data * @msdu_list: the tx frames to send + * @notify_tx_comp: is OTA to be notified * * Return: NULL if all MSDUs are accepted */ qdf_nbuf_t -ol_tx_hl(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list); +ol_tx_hl(ol_txrx_vdev_handle vdev, qdf_nbuf_t msdu_list, bool notify_tx_comp); qdf_nbuf_t ol_tx_non_std_ll(ol_txrx_vdev_handle data_vdev, diff --git a/core/dp/txrx/ol_tx_desc.c b/core/dp/txrx/ol_tx_desc.c index e8e150536ff0..0232296e745d 100644 --- a/core/dp/txrx/ol_tx_desc.c +++ b/core/dp/txrx/ol_tx_desc.c @@ -415,6 +415,7 @@ static void ol_tx_desc_free_common(struct ol_txrx_pdev_t *pdev, /* clear the ref cnt */ qdf_atomic_init(&tx_desc->ref_cnt); tx_desc->vdev_id = OL_TXRX_INVALID_VDEV_ID; + tx_desc->notify_tx_comp = 0; } #ifndef QCA_LL_TX_FLOW_CONTROL_V2 diff --git a/core/dp/txrx/ol_tx_queue.c b/core/dp/txrx/ol_tx_queue.c index 2816824e57b6..e35ab046a421 100644 --- a/core/dp/txrx/ol_tx_queue.c +++ b/core/dp/txrx/ol_tx_queue.c @@ -1735,7 +1735,7 @@ void ol_txrx_vdev_unpause(ol_txrx_vdev_handle vdev, uint32_t reason) vdev->ll_pause.is_q_paused = false; vdev->ll_pause.q_unpause_cnt++; qdf_spin_unlock_bh(&vdev->ll_pause.mutex); - ol_tx_vdev_ll_pause_queue_send(vdev); + ol_tx_vdev_ll_pause_queue_send((unsigned long) vdev); } else { qdf_spin_unlock_bh(&vdev->ll_pause.mutex); } @@ -2008,7 +2008,7 @@ static void ol_tx_pdev_throttle_phase_timer(unsigned long context) } #ifdef QCA_LL_LEGACY_TX_FLOW_CONTROL -static void ol_tx_pdev_throttle_tx_timer(void *context) +static void ol_tx_pdev_throttle_tx_timer(unsigned long context) { struct ol_txrx_pdev_t *pdev = (struct ol_txrx_pdev_t *)context; diff --git a/core/dp/txrx/ol_tx_send.c b/core/dp/txrx/ol_tx_send.c index 9fcf10c9d9f0..71fcda87da90 100644 --- a/core/dp/txrx/ol_tx_send.c +++ b/core/dp/txrx/ol_tx_send.c @@ -575,6 +575,41 @@ void ol_tx_flow_pool_unlock(struct ol_tx_desc_t *tx_desc) #endif /** + * ol_tx_notify_completion() - Notify tx completion for this desc + * @tx_desc: tx desc + * @netbuf: buffer + * + * Return: none + */ +static void ol_tx_notify_completion(struct ol_tx_desc_t *tx_desc, + qdf_nbuf_t netbuf) +{ + void *osif_dev; + ol_txrx_completion_fp tx_compl_cbk = NULL; + + qdf_assert(tx_desc); + + ol_tx_flow_pool_lock(tx_desc); + /* + * In cases when vdev has gone down and tx completion + * are received, leads to NULL vdev access. + * So, check for NULL before dereferencing it. + */ + if (!tx_desc->vdev || + !tx_desc->vdev->osif_dev || + !tx_desc->vdev->tx_comp || + !tx_desc->notify_tx_comp) { + ol_tx_flow_pool_unlock(tx_desc); + return; + } + osif_dev = tx_desc->vdev->osif_dev; + tx_compl_cbk = tx_desc->vdev->tx_comp; + ol_tx_flow_pool_unlock(tx_desc); + + tx_compl_cbk(netbuf, osif_dev); +} + +/** * ol_tx_update_connectivity_stats() - update connectivity stats * @tx_desc: tx desc * @netbuf: buffer @@ -772,6 +807,9 @@ ol_tx_completion_handler(ol_txrx_pdev_handle pdev, ol_tx_update_arp_stats(tx_desc, netbuf, status); } + /* check tx completion notification */ + ol_tx_notify_completion(tx_desc, netbuf); + /* track connectivity stats */ ol_tx_update_connectivity_stats(tx_desc, netbuf, status); diff --git a/core/dp/txrx/ol_txrx.c b/core/dp/txrx/ol_txrx.c index 8b6adcd73bd4..3e9ebd2ca56e 100644 --- a/core/dp/txrx/ol_txrx.c +++ b/core/dp/txrx/ol_txrx.c @@ -1461,6 +1461,7 @@ ol_txrx_pdev_attach(ol_pdev_handle ctrl_pdev, ol_txrx_tso_stats_init(pdev); TAILQ_INIT(&pdev->vdev_list); + TAILQ_INIT(&pdev->roam_stale_peer_list); TAILQ_INIT(&pdev->req_list); pdev->req_list_depth = 0; @@ -1559,7 +1560,7 @@ void htt_pkt_log_init(struct ol_txrx_pdev_t *handle, void *scn) * * Return: void */ -static void htt_pktlogmod_exit(struct ol_txrx_pdev_t *handle, void *scn) +void htt_pktlogmod_exit(struct ol_txrx_pdev_t *handle, void *scn) { if (scn && cds_get_conparam() != QDF_GLOBAL_FTM_MODE && !QDF_IS_EPPING_ENABLED(cds_get_conparam()) && @@ -1570,7 +1571,7 @@ static void htt_pktlogmod_exit(struct ol_txrx_pdev_t *handle, void *scn) } #else void htt_pkt_log_init(ol_txrx_pdev_handle handle, void *ol_sc) { } -static void htt_pktlogmod_exit(ol_txrx_pdev_handle handle, void *sc) { } +void htt_pktlogmod_exit(ol_txrx_pdev_handle handle, void *sc) { } #endif /** @@ -2468,6 +2469,7 @@ void ol_txrx_vdev_register(ol_txrx_vdev_handle vdev, vdev->osif_dev = osif_vdev; vdev->rx = txrx_ops->rx.rx; vdev->stats_rx = txrx_ops->rx.stats_rx; + vdev->tx_comp = txrx_ops->tx.tx_comp; txrx_ops->tx.tx = ol_tx_data; } @@ -3501,6 +3503,35 @@ ol_txrx_peer_qoscapable_get(struct ol_txrx_pdev_t *txrx_pdev, uint16_t peer_id) return 0; } +bool ol_txrx_is_peer_eligible_for_deletion(ol_txrx_peer_handle peer, + struct ol_txrx_pdev_t *pdev) +{ + bool peerdel = true; + u_int16_t peer_id; + int i; + + for (i = 0; i < MAX_NUM_PEER_ID_PER_PEER; i++) { + peer_id = peer->peer_ids[i]; + + if (peer_id == HTT_INVALID_PEER) + continue; + + if (!pdev->peer_id_to_obj_map[peer_id].peer_ref) + continue; + + if (pdev->peer_id_to_obj_map[peer_id].peer_ref != peer) + continue; + + if (qdf_atomic_read(&pdev->peer_id_to_obj_map[peer_id]. + del_peer_id_ref_cnt)) { + peerdel = false; + break; + } + + pdev->peer_id_to_obj_map[peer_id].peer_ref = NULL; + } + return peerdel; +} int ol_txrx_peer_unref_delete(ol_txrx_peer_handle peer, const char *fname, int line) @@ -3683,7 +3714,32 @@ int ol_txrx_peer_unref_delete(ol_txrx_peer_handle peer, } } - qdf_mem_free(peer); + qdf_spin_lock_bh(&pdev->peer_map_unmap_lock); + if (ol_txrx_is_peer_eligible_for_deletion(peer, pdev)) { + qdf_mem_free(peer); + } else { + /* + * Mark this PEER as a stale peer, to be deleted + * during PEER UNMAP. Remove this peer from + * roam_stale_peer_list during UNMAP. + */ + struct ol_txrx_roam_stale_peer_t *roam_stale_peer; + + roam_stale_peer = qdf_mem_malloc( + sizeof(struct ol_txrx_roam_stale_peer_t)); + if (roam_stale_peer) { + roam_stale_peer->peer = peer; + TAILQ_INSERT_TAIL(&pdev->roam_stale_peer_list, + roam_stale_peer, + next_stale_entry); + } else { + QDF_TRACE(QDF_MODULE_ID_TXRX, + QDF_TRACE_LEVEL_ERROR, + "[%s][%d]: No memory allocated", + fname, line); + } + } + qdf_spin_unlock_bh(&pdev->peer_map_unmap_lock); } else { qdf_spin_unlock_bh(&pdev->peer_ref_mutex); QDF_TRACE(QDF_MODULE_ID_TXRX, QDF_TRACE_LEVEL_INFO_HIGH, diff --git a/core/dp/txrx/ol_txrx.h b/core/dp/txrx/ol_txrx.h index 647ba3440e63..c9fd6e0ae761 100644 --- a/core/dp/txrx/ol_txrx.h +++ b/core/dp/txrx/ol_txrx.h @@ -32,6 +32,15 @@ #define OL_TXRX_PEER_UNREF_DELETE(peer) \ ol_txrx_peer_unref_delete(peer, __func__, __LINE__) +/* ol_txrx_is_peer_eligible_for_deletion() - check if peer to be deleted + * @peer: peer handler + * @pdev: pointer to pdev + * + * Return: true if eligible for deletion else false + */ +bool ol_txrx_is_peer_eligible_for_deletion(ol_txrx_peer_handle peer, + struct ol_txrx_pdev_t *pdev); + int ol_txrx_peer_unref_delete(ol_txrx_peer_handle peer, const char *fname, int line); @@ -181,6 +190,7 @@ bool ol_txrx_fwd_desc_thresh_check(struct ol_txrx_vdev_t *vdev); ol_txrx_vdev_handle ol_txrx_get_vdev_from_vdev_id(uint8_t vdev_id); void htt_pkt_log_init(struct ol_txrx_pdev_t *handle, void *scn); +void htt_pktlogmod_exit(struct ol_txrx_pdev_t *handle, void *scn); QDF_STATUS ol_txrx_set_wisa_mode(ol_txrx_vdev_handle vdev, bool enable); void ol_txrx_update_mac_id(uint8_t vdev_id, uint8_t mac_id); diff --git a/core/dp/txrx/ol_txrx_peer_find.c b/core/dp/txrx/ol_txrx_peer_find.c index 1a8da0598f34..3fd5e18a2d90 100644 --- a/core/dp/txrx/ol_txrx_peer_find.c +++ b/core/dp/txrx/ol_txrx_peer_find.c @@ -81,6 +81,41 @@ void __ol_txrx_peer_change_ref_cnt(struct ol_txrx_peer_t *peer, fname, line, peer, change, qdf_atomic_read(&peer->ref_cnt)); } +/** + * ol_txrx_peer_delete_roam_stale_peer() - delete stale peers marked in roaming + * @pdev: pointer to pdev structure + * + * Return: none + */ +void ol_txrx_peer_delete_roam_stale_peer(struct ol_txrx_pdev_t *pdev) +{ + struct ol_txrx_peer_t *peer; + struct ol_txrx_roam_stale_peer_t *stale_peer; + struct ol_txrx_roam_stale_peer_t *stale_peer_next; + u_int16_t peer_id; + int i; + + TAILQ_FOREACH_SAFE(stale_peer, &pdev->roam_stale_peer_list, + next_stale_entry, stale_peer_next) { + peer = stale_peer->peer; + for (i = 0; i < MAX_NUM_PEER_ID_PER_PEER; i++) { + peer_id = peer->peer_ids[i]; + + if (pdev->peer_id_to_obj_map[peer_id].peer_ref != peer) + continue; + + pdev->peer_id_to_obj_map[peer_id].peer_ref = NULL; + qdf_atomic_set(&pdev->peer_id_to_obj_map[peer_id]. + del_peer_id_ref_cnt, 0); + } + qdf_mem_free(peer); + stale_peer->peer = NULL; + TAILQ_REMOVE(&pdev->roam_stale_peer_list, stale_peer, + next_stale_entry); + qdf_mem_free(stale_peer); + } +} + /*=== function definitions for peer MAC addr --> peer object hash table =====*/ /* @@ -271,6 +306,7 @@ void ol_txrx_peer_find_hash_erase(struct ol_txrx_pdev_t *pdev) * Not really necessary to take peer_ref_mutex lock - by this point, * it's known that the pdev is no longer in use. */ + ol_txrx_peer_delete_roam_stale_peer(pdev); for (i = 0; i <= pdev->peer_hash.mask; i++) { if (!TAILQ_EMPTY(&pdev->peer_hash.bins[i])) { @@ -564,10 +600,11 @@ void ol_txrx_peer_tx_ready_handler(ol_txrx_pdev_handle pdev, uint16_t peer_id) void ol_rx_peer_unmap_handler(ol_txrx_pdev_handle pdev, uint16_t peer_id) { struct ol_txrx_peer_t *peer; + struct ol_txrx_roam_stale_peer_t *stale_peer = NULL; + struct ol_txrx_roam_stale_peer_t *stale_peer_next = NULL; int i = 0; int32_t ref_cnt; - if (peer_id == HTT_INVALID_PEER) { ol_txrx_err( "%s: invalid peer ID %d\n", __func__, peer_id); @@ -586,7 +623,28 @@ void ol_rx_peer_unmap_handler(ol_txrx_pdev_handle pdev, uint16_t peer_id) del_peer_id_ref_cnt); ref_cnt = qdf_atomic_read(&pdev->peer_id_to_obj_map[peer_id]. del_peer_id_ref_cnt); + + peer = pdev->peer_id_to_obj_map[peer_id].peer_ref; + if (peer && ol_txrx_is_peer_eligible_for_deletion(peer, pdev)) { + TAILQ_FOREACH_SAFE(stale_peer, + &pdev->roam_stale_peer_list, + next_stale_entry, + stale_peer_next) { + if (stale_peer->peer == peer) { + stale_peer->peer = NULL; + break; + } + } + qdf_mem_free(peer); + if (stale_peer) { + TAILQ_REMOVE(&pdev->roam_stale_peer_list, + stale_peer, + next_stale_entry); + qdf_mem_free(stale_peer); + } + } qdf_spin_unlock_bh(&pdev->peer_map_unmap_lock); + wma_peer_debug_log(DEBUG_INVALID_VDEV_ID, DEBUG_PEER_UNMAP_EVENT, peer_id, NULL, NULL, ref_cnt, 0x101); @@ -699,7 +757,14 @@ void ol_txrx_peer_remove_obj_map_entries(ol_txrx_pdev_handle pdev, num_deleted_maps += peer_id_ref_cnt; pdev->peer_id_to_obj_map[peer_id].peer = NULL; peer->peer_ids[i] = HTT_INVALID_PEER; + + if (peer_id_ref_cnt) + pdev->peer_id_to_obj_map[peer_id].peer_ref = peer; + else + pdev->peer_id_to_obj_map[peer_id].peer_ref = NULL; + } + qdf_spin_unlock_bh(&pdev->peer_map_unmap_lock); if (num_deleted_maps > qdf_atomic_read(&peer->ref_cnt)) { diff --git a/core/dp/txrx/ol_txrx_peer_find.h b/core/dp/txrx/ol_txrx_peer_find.h index 5cb266092d4b..1265ce7858d5 100644 --- a/core/dp/txrx/ol_txrx_peer_find.h +++ b/core/dp/txrx/ol_txrx_peer_find.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, 2015-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011, 2015-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -106,6 +106,8 @@ ol_txrx_peer_find_hash_remove(struct ol_txrx_pdev_t *pdev, void ol_txrx_peer_find_hash_erase(struct ol_txrx_pdev_t *pdev); +void ol_txrx_peer_delete_roam_stale_peer(struct ol_txrx_pdev_t *pdev); + struct ol_txrx_peer_t *ol_txrx_assoc_peer_find(struct ol_txrx_vdev_t *vdev); void ol_txrx_peer_remove_obj_map_entries(ol_txrx_pdev_handle pdev, struct ol_txrx_peer_t *peer); diff --git a/core/dp/txrx/ol_txrx_types.h b/core/dp/txrx/ol_txrx_types.h index 793a5e71d856..572c048f9c02 100644 --- a/core/dp/txrx/ol_txrx_types.h +++ b/core/dp/txrx/ol_txrx_types.h @@ -203,6 +203,7 @@ struct ol_tx_desc_t { #endif void *tso_desc; void *tso_num_desc; + bool notify_tx_comp; }; typedef TAILQ_HEAD(some_struct_name, ol_tx_desc_t) ol_tx_desc_list; @@ -521,6 +522,7 @@ struct ol_tx_flow_pool_t { /* * struct ol_txrx_peer_id_map - Map of firmware peer_ids to peers on host * @peer: Pointer to peer object + * @peer_ref: Pointer to peer marked as stale * @peer_id_ref_cnt: No. of firmware references to the peer_id * @del_peer_id_ref_cnt: No. of outstanding unmap events for peer_id * after the peer object is deleted on the host. @@ -529,6 +531,7 @@ struct ol_tx_flow_pool_t { */ struct ol_txrx_peer_id_map { struct ol_txrx_peer_t *peer; + struct ol_txrx_peer_t *peer_ref; qdf_atomic_t peer_id_ref_cnt; qdf_atomic_t del_peer_id_ref_cnt; }; @@ -666,6 +669,8 @@ struct ol_txrx_pdev_t { int req_list_depth; qdf_spinlock_t req_list_spinlock; + TAILQ_HEAD(, ol_txrx_roam_stale_peer_t) roam_stale_peer_list; + /* peer ID to peer object map (array of pointers to peer objects) */ struct ol_txrx_peer_id_map *peer_id_to_obj_map; @@ -1054,6 +1059,9 @@ struct ol_txrx_vdev_t { ol_txrx_rx_fp rx; /* receive function used by this vdev */ ol_txrx_stats_rx_fp stats_rx; /* receive function used by this vdev */ + /* completion function used by this vdev*/ + ol_txrx_completion_fp tx_comp; + struct { /* * If the vdev object couldn't be deleted immediately because @@ -1221,6 +1229,12 @@ struct ol_txrx_cached_bufq_t { uint32_t dropped; }; +struct ol_txrx_roam_stale_peer_t { + ol_txrx_peer_handle peer; + + TAILQ_ENTRY(ol_txrx_roam_stale_peer_t) next_stale_entry; +}; + struct ol_txrx_peer_t { struct ol_txrx_vdev_t *vdev; @@ -1329,8 +1343,7 @@ struct ol_txrx_peer_t { u_int16_t tx_pause_flag; #endif qdf_time_t last_assoc_rcvd; - qdf_time_t last_disassoc_rcvd; - qdf_time_t last_deauth_rcvd; + qdf_time_t last_disassoc_deauth_rcvd; qdf_atomic_t fw_create_pending; qdf_timer_t peer_unmap_timer; }; diff --git a/core/hdd/inc/wlan_hdd_cfg.h b/core/hdd/inc/wlan_hdd_cfg.h index a89f2e615ae5..82bb498d48c4 100644 --- a/core/hdd/inc/wlan_hdd_cfg.h +++ b/core/hdd/inc/wlan_hdd_cfg.h @@ -982,7 +982,7 @@ enum hdd_dot11_mode { #define CFG_SCAN_ALLOW_ADJ_CH_BCN_NAME "allow_adj_chan_bcns" #define CFG_SCAN_ALLOW_ADJ_CH_BCN_MIN (0) #define CFG_SCAN_ALLOW_ADJ_CH_BCN_MAX (1) -#define CFG_SCAN_ALLOW_ADJ_CH_BCN_DEFAULT (0) +#define CFG_SCAN_ALLOW_ADJ_CH_BCN_DEFAULT (1) #ifdef FEATURE_WLAN_EXTSCAN /* @@ -3225,7 +3225,7 @@ enum hdd_dot11_mode { #define CFG_WLAN_MCC_TO_SCC_SWITCH_MODE "gWlanMccToSccSwitchMode" #define CFG_WLAN_MCC_TO_SCC_SWITCH_MODE_MIN (QDF_MCC_TO_SCC_SWITCH_DISABLE) #define CFG_WLAN_MCC_TO_SCC_SWITCH_MODE_MAX \ - (QDF_MCC_TO_SCC_SWITCH_WITH_FAVORITE_CHANNEL) + (QDF_MCC_TO_SCC_SWITCH_MAX - 1) #define CFG_WLAN_MCC_TO_SCC_SWITCH_MODE_DEFAULT (QDF_MCC_TO_SCC_SWITCH_DISABLE) #endif @@ -8638,11 +8638,6 @@ enum hdd_link_speed_rpt_type { #define CFG_IGNORE_CAC_MAX (1) #define CFG_IGNORE_CAC_DEFAULT (0) -#define CFG_ENABLE_SAP_DFS_CH_SIFS_BURST_NAME "gEnableSAPDfsChSifsBurst" -#define CFG_ENABLE_SAP_DFS_CH_SIFS_BURST_MIN (0) -#define CFG_ENABLE_SAP_DFS_CH_SIFS_BURST_MAX (1) -#define CFG_ENABLE_SAP_DFS_CH_SIFS_BURST_DEFAULT (1) - #define CFG_DFS_RADAR_PRI_MULTIPLIER_NAME "gDFSradarMappingPriMultiplier" #define CFG_DFS_RADAR_PRI_MULTIPLIER_DEFAULT (4) #define CFG_DFS_RADAR_PRI_MULTIPLIER_MIN (0) @@ -8707,32 +8702,6 @@ enum hdd_link_speed_rpt_type { #define CFG_WLAN_LOGGING_CONSOLE_SUPPORT_DEFAULT (1) #endif /* WLAN_LOGGING_SOCK_SVC_ENABLE */ -/* - * <ini> - * gEnableSifsBurst - Enables Sifs Burst - * @Min: 0 - * @Max: 3 - * @Default: 0 - * - * Sifs burst mode configuration - * 0) disabled - * 1) enabled, but disabled for legacy mode - * 3) enabled - * - * Related: None - * - * Supported Feature: STA - * - * Usage: Internal/External - * - * </ini> - */ - -#define CFG_ENABLE_SIFS_BURST "gEnableSifsBurst" -#define CFG_ENABLE_SIFS_BURST_MIN (0) -#define CFG_ENABLE_SIFS_BURST_MAX (3) -#define CFG_ENABLE_SIFS_BURST_DEFAULT (0) - #ifdef WLAN_FEATURE_LPSS #define CFG_ENABLE_LPASS_SUPPORT "gEnableLpassSupport" #define CFG_ENABLE_LPASS_SUPPORT_DEFAULT (0) @@ -10742,15 +10711,6 @@ enum restart_beaconing_on_ch_avoid_rule { #define CFG_FILTER_MULTICAST_REPLAY_MAX (1) #define CFG_FILTER_MULTICAST_REPLAY_DEFAULT (1) -/* - * This parameter will control SIFS burst duration in FW from 0 to 12 ms. - * Default value is set to 8ms. - */ -#define CFG_SIFS_BURST_DURATION_NAME "g_sifs_burst_duration" -#define CFG_SIFS_BURST_DURATION_MIN (0) -#define CFG_SIFS_BURST_DURATION_MAX (12) -#define CFG_SIFS_BURST_DURATION_DEFAULT (8) - /* Optimize channel avoidance indication comming from firmware */ #define CFG_OPTIMIZE_CA_EVENT_NAME "goptimize_chan_avoid_event" #define CFG_OPTIMIZE_CA_EVENT_DISABLE (0) @@ -14847,7 +14807,7 @@ enum hw_filter_mode { * * @Min: 0x0 * @Max: 0x3F - * @Default: 0x18 + * @Default: 0x17 * * It is a 32 bit value such that the various bits represent as below - * Bit-0 : is Enable/Disable Control for "PPDU Secondary Retry Support" @@ -14865,7 +14825,7 @@ enum hw_filter_mode { #define CFG_ENABLE_SECONDARY_RATE_NAME "gEnableSecondaryRate" #define CFG_ENABLE_SECONDARY_RATE_MIN (0) #define CFG_ENABLE_SECONDARY_RATE_MAX (0x3F) -#define CFG_ENABLE_SECONDARY_RATE_DEFAULT (0x18) +#define CFG_ENABLE_SECONDARY_RATE_DEFAULT (0x17) /*--------------------------------------------------------------------------- Type declarations @@ -15387,7 +15347,6 @@ struct hdd_config { uint8_t gMaxConcurrentActiveSessions; uint8_t ignoreCAC; - bool IsSapDfsChSifsBurstEnabled; #ifdef FEATURE_GREEN_AP bool enableGreenAP; @@ -15416,8 +15375,6 @@ struct hdd_config { bool wlanLoggingToConsole; #endif /* WLAN_LOGGING_SOCK_SVC_ENABLE */ - uint8_t enableSifsBurst; - #ifdef WLAN_FEATURE_LPSS bool enable_lpass_support; #endif @@ -15605,8 +15562,6 @@ struct hdd_config { bool go_force_11n_for_11ac; uint16_t sap_tx_leakage_threshold; bool multicast_replay_filter; - /* parameter for indicating sifs burst duration to fw */ - uint8_t sifs_burst_duration; bool goptimize_chan_avoid_event; bool enable_go_cts2self_for_sta; uint32_t tx_aggregation_size; diff --git a/core/hdd/inc/wlan_hdd_ipa.h b/core/hdd/inc/wlan_hdd_ipa.h index 54813cd7ca04..1db77054de54 100644 --- a/core/hdd/inc/wlan_hdd_ipa.h +++ b/core/hdd/inc/wlan_hdd_ipa.h @@ -162,6 +162,16 @@ void hdd_ipa_uc_info(hdd_context_t *hdd_ctx); */ void hdd_ipa_clean_adapter_iface(hdd_adapter_t *adapter); +/** + * hdd_ipa_uc_disconnect_ap() - send ap disconnect event + * @hdd_ctx: pointer to hdd adapter + * + * Send disconnect ap event to IPA driver during SSR + * + * Return: 0 - Success + */ +int hdd_ipa_uc_disconnect_ap(hdd_adapter_t *adapter); + #else static inline QDF_STATUS hdd_ipa_init(hdd_context_t *hdd_ctx) @@ -343,5 +353,9 @@ static inline void hdd_ipa_clean_adapter_iface(hdd_adapter_t *adapter) { } +static int hdd_ipa_uc_disconnect_ap(hdd_adapter_t *adapter) +{ + return 0; +} #endif /* IPA_OFFLOAD */ #endif /* #ifndef HDD_IPA_H__ */ diff --git a/core/hdd/inc/wlan_hdd_main.h b/core/hdd/inc/wlan_hdd_main.h index 11dcc65582f7..288f06a5ef1e 100644 --- a/core/hdd/inc/wlan_hdd_main.h +++ b/core/hdd/inc/wlan_hdd_main.h @@ -53,6 +53,7 @@ #include "wlan_hdd_nan_datapath.h" #include "target_if_def_config.h" #include "wlan_hdd_apf.h" +#include <qdf_idr.h> /** Number of Tx Queues */ #ifdef QCA_LL_TX_FLOW_CONTROL_V2 @@ -274,6 +275,9 @@ #define HDD_MOD_EXIT_SSR_MAX_RETRIES 75 #endif +#define HDD_CFG_REQUEST_FIRMWARE_RETRIES (3) +#define HDD_CFG_REQUEST_FIRMWARE_DELAY (20) + #ifdef WLAN_FEATURE_GTK_OFFLOAD #define GTK_OFFLOAD_ENABLE 0 #define GTK_OFFLOAD_DISABLE 1 @@ -287,10 +291,7 @@ #define HDD_MIN_TX_POWER (-100) /* minimum tx power */ #define HDD_MAX_TX_POWER (+100) /* maximum tx power */ -/* FW expects burst duration in 1020*ms */ -#define SIFS_BURST_DUR_MULTIPLIER 1020 -#define SIFS_BURST_DUR_MAX 12240 - +#define HDD_ENABLE_SIFS_BURST_DEFAULT (1) /* If IPA UC data path is enabled, target should reserve extra tx descriptors * for IPA data path. * Then host data path should allow less TX packet pumping in case @@ -789,7 +790,7 @@ typedef struct hdd_remain_on_chan_ctx { struct ieee80211_channel chan; enum nl80211_channel_type chan_type; unsigned int duration; - u64 cookie; + int32_t id; enum rem_on_channel_request_type rem_on_chan_request; qdf_mc_timer_t hdd_remain_on_chan_timer; action_pkt_buffer_t action_pkt_buff; @@ -811,9 +812,10 @@ typedef struct hdd_roc_req { * @adapter: Adapter address * @scan_request: scan request holder * @scan_id: scan identifier used across host layers which is generated at WMI - * @cookie: scan request identifier sent to userspace * @source: scan request originator (NL/Vendor scan) * @timestamp: scan request timestamp + * @inactivity_timer: scan inactivity timer + * @scan_req_flags: scan request flags * * Scan request linked list element */ @@ -849,7 +851,7 @@ enum action_frm_type { typedef struct hdd_cfg80211_state_s { uint16_t current_freq; - u64 action_cookie; + int32_t action_id; uint8_t *buf; size_t len; hdd_remain_on_chan_ctx_t *remain_on_chan_ctx; @@ -975,6 +977,33 @@ enum bss_stop_reason { }; /** + * struct dhcp_phase - Per Peer DHCP Phases + * @DHCP_PHASE_ACK: upon receiving DHCP_ACK/NAK message in REQUEST phase or + * DHCP_DELINE message in OFFER phase + * @DHCP_PHASE_DISCOVER: upon receiving DHCP_DISCOVER message in ACK phase + * @DHCP_PHASE_OFFER: upon receiving DHCP_OFFER message in DISCOVER phase + * @DHCP_PHASE_REQUEST: upon receiving DHCP_REQUEST message in OFFER phase or + * ACK phase (Renewal process) + */ +enum dhcp_phase { + DHCP_PHASE_ACK, + DHCP_PHASE_DISCOVER, + DHCP_PHASE_OFFER, + DHCP_PHASE_REQUEST +}; + +/** + * struct dhcp_nego_status - Per Peer DHCP Negotiation Status + * @DHCP_NEGO_STOP: when the peer is in ACK phase or client disassociated + * @DHCP_NEGO_IN_PROGRESS: when the peer is in DISCOVER or REQUEST + * (Renewal process) phase + */ +enum dhcp_nego_status { + DHCP_NEGO_STOP, + DHCP_NEGO_IN_PROGRESS +}; + +/** * typedef struct hdd_station_info_t - Per station structure kept in HDD for * multiple station support for SoftAP * @isUsed: The station entry is used or not @@ -1055,6 +1084,8 @@ typedef struct { struct ieee80211_vht_cap vht_caps; uint32_t reason_code; int8_t rssi; + enum dhcp_phase dhcp_phase; + enum dhcp_nego_status dhcp_nego_status; } hdd_station_info_t; /** @@ -1354,8 +1385,6 @@ struct hdd_adapter_s { /* TODO Move this to sta Ctx */ struct wireless_dev wdev; - struct cfg80211_scan_request *request; - struct cfg80211_scan_request *vendor_request; /** ops checks if Opportunistic Power Save is Enable or Not * ctw stores ctWindow value once we receive Opps command from @@ -1512,6 +1541,8 @@ struct hdd_adapter_s { struct delayed_work acs_pending_work; struct work_struct scan_block_work; + qdf_list_t blocked_scan_request_q; + qdf_mutex_t blocked_scan_request_q_lock; #ifdef MSM_PLATFORM unsigned long prev_rx_packets; unsigned long prev_tx_packets; @@ -1785,14 +1816,6 @@ struct suspend_resume_stats { }; /** - * struct hdd_nud_stats_context - hdd NUD stats context - * @response_event: NUD stats request wait event - */ -struct hdd_nud_stats_context { - qdf_event_t response_event; -}; - -/** * struct hdd_scan_chan_info - channel info * @freq: radio frequence * @cmd flag: cmd flag @@ -2095,6 +2118,8 @@ struct hdd_context_s { struct delayed_work roc_req_work; qdf_spinlock_t hdd_roc_req_q_lock; qdf_list_t hdd_roc_req_q; + /*QDF ID allocation */ + qdf_idr p2p_idr; qdf_spinlock_t hdd_scan_req_q_lock; qdf_list_t hdd_scan_req_q; uint8_t miracast_value; @@ -2189,7 +2214,6 @@ struct hdd_context_s { uint8_t curr_band; uint32_t no_of_probe_req_ouis; uint32_t *probe_req_voui; - struct hdd_nud_stats_context nud_stats_context; uint8_t bt_a2dp_active:1; uint8_t bt_vo_active:1; #ifdef FEATURE_SPECTRAL_SCAN @@ -2882,19 +2906,6 @@ void wlan_hdd_start_sap(hdd_adapter_t *ap_adapter, bool reinit); void hdd_set_rx_mode_rps(hdd_context_t *hdd_ctx, void *padapter, bool enable); /** - * hdd_init_nud_stats_ctx() - initialize NUD stats context - * @hdd_ctx: Pointer to hdd context - * - * Return: none - */ -static inline void hdd_init_nud_stats_ctx(hdd_context_t *hdd_ctx) -{ - if (qdf_event_create(&hdd_ctx->nud_stats_context.response_event) != - QDF_STATUS_SUCCESS) - hdd_err("NUD stats response event init failed!"); -} - -/** * hdd_dbs_scan_selection_init() - initialization for DBS scan selection config * @hdd_ctx: HDD context * @@ -3148,4 +3159,17 @@ uint32_t hdd_wlan_get_version(hdd_context_t *hdd_ctx, */ void hdd_update_hw_sw_info(hdd_context_t *hdd_ctx); +/** + * hdd_get_nud_stats_cb() - callback api to update the stats received from FW + * @data: pointer to hdd context. + * @rsp: pointer to data received from FW. + * @context: callback context + * + * This is called when wlan driver received response event for + * get arp stats to firmware. + * + * Return: None + */ +void hdd_get_nud_stats_cb(void *data, struct rsp_stats *rsp, void *context); + #endif /* end #if !defined(WLAN_HDD_MAIN_H) */ diff --git a/core/hdd/inc/wlan_hdd_oemdata.h b/core/hdd/inc/wlan_hdd_oemdata.h index c4d7eb948039..580397716691 100644 --- a/core/hdd/inc/wlan_hdd_oemdata.h +++ b/core/hdd/inc/wlan_hdd_oemdata.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2012-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -175,8 +175,27 @@ void hdd_send_peer_status_ind_to_oem_app(struct qdf_mac_addr *peerMac, int iw_get_oem_data_cap(struct net_device *dev, struct iw_request_info *info, union iwreq_data *wrqu, char *extra); +/** + * oem_activate_service() - API to register the oem command handler + * @hdd_ctx: Pointer to HDD Context + * + * This API is used to register the handler to receive netlink message + * from an OEM application process + * + * Return: 0 + */ int oem_activate_service(struct hdd_context_s *hdd_ctx); +/** + * oem_deactivate_service() - API to unregister the oem command handler + * + * This API is used to deregister the handler to receive netlink message + * from an OEM application process + * + * Return: 0 + */ +int oem_deactivate_service(void); + void hdd_send_oem_data_rsp_msg(struct oem_data_rsp *oem_rsp); void hdd_update_channel_bw_info(hdd_context_t *hdd_ctx, uint16_t chan, @@ -186,6 +205,12 @@ static inline int oem_activate_service(struct hdd_context_s *hdd_ctx) { return 0; } + +static inline int oem_deactivate_service(void) +{ + return 0; +} + static inline void hdd_update_channel_bw_info(hdd_context_t *hdd_ctx, uint16_t chan, void *hdd_chan_info) {} diff --git a/core/hdd/inc/wlan_hdd_p2p.h b/core/hdd/inc/wlan_hdd_p2p.h index 67e3bf5b699a..f71ed6b1847a 100644 --- a/core/hdd/inc/wlan_hdd_p2p.h +++ b/core/hdd/inc/wlan_hdd_p2p.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2012-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -42,10 +42,10 @@ MAC_ADDR_LEN) -#define P2P_ROC_DURATION_MULTIPLIER_GO_PRESENT 2 -#define P2P_ROC_DURATION_MULTIPLIER_GO_ABSENT 3 +#define P2P_ROC_DURATION_MULTIPLIER_GO_PRESENT 6 +#define P2P_ROC_DURATION_MULTIPLIER_GO_ABSENT 10 -#define HDD_P2P_MAX_ROC_DURATION 1000 +#define HDD_P2P_MAX_ROC_DURATION 1500 #define MAX_ROC_REQ_QUEUE_ENTRY 10 #define P2P_POWER_SAVE_TYPE_OPPORTUNISTIC (1 << 0) diff --git a/core/hdd/inc/wlan_hdd_softap_tx_rx.h b/core/hdd/inc/wlan_hdd_softap_tx_rx.h index 73e2cab90f59..7ea467131d3d 100644 --- a/core/hdd/inc/wlan_hdd_softap_tx_rx.h +++ b/core/hdd/inc/wlan_hdd_softap_tx_rx.h @@ -38,7 +38,7 @@ QDF_STATUS hdd_softap_init_tx_rx_sta(hdd_adapter_t *pAdapter, struct qdf_mac_addr *pmacAddrSTA); QDF_STATUS hdd_softap_deinit_tx_rx_sta(hdd_adapter_t *pAdapter, uint8_t STAId); - +void hdd_softap_notify_tx_compl_cbk(struct sk_buff *skb, void *context); QDF_STATUS hdd_softap_rx_packet_cbk(void *context, qdf_nbuf_t rxBufChain); #ifdef IPA_OFFLOAD QDF_STATUS hdd_softap_rx_mul_packet_cbk(void *cds_context, @@ -80,4 +80,39 @@ void hdd_softap_tx_resume_cb(void *adapter_context, bool tx_resume) } #endif /* QCA_LL_LEGACY_TX_FLOW_CONTROL */ +/** + * hdd_post_dhcp_ind() - Send DHCP START/STOP indication to FW + * @adapter: pointer to hdd adapter + * @sta_id: peer station ID + * @type: WMA message type + * + * Return: None + */ +QDF_STATUS hdd_post_dhcp_ind(hdd_adapter_t *adapter, + uint8_t sta_id, uint16_t type); + +/** + * hdd_softap_notify_dhcp_ind() - Notify SAP for DHCP indication for tx desc + * @context: pointer to HDD context + * @netbuf: pointer to OS packet (sk_buff) + * + * Return: None + */ +void hdd_softap_notify_dhcp_ind(void *context, + struct sk_buff *netbuf); + +/** + * hdd_dhcp_indication() - Send DHCP START/STOP indication to FW + * @adapter: pointer to hdd adapter + * @sta_id: peer station ID + * @skb: pointer to OS packet (sk_buff) + * @dir: direction + * + * Return: true if tx comp is to be notified for skb + */ +bool hdd_dhcp_indication(hdd_adapter_t *adapter, + uint8_t sta_id, + struct sk_buff *skb, + enum qdf_proto_dir dir); + #endif /* end #if !defined(WLAN_HDD_SOFTAP_TX_RX_H) */ diff --git a/core/hdd/src/wlan_hdd_assoc.c b/core/hdd/src/wlan_hdd_assoc.c index 98b481d7db5d..8aa30132d3de 100644 --- a/core/hdd/src/wlan_hdd_assoc.c +++ b/core/hdd/src/wlan_hdd_assoc.c @@ -3251,12 +3251,22 @@ static QDF_STATUS hdd_association_completion_handler(hdd_adapter_t *pAdapter, hdd_conn_set_connection_state(pAdapter, eConnectionState_NotConnected); } + hdd_wmm_init(pAdapter); hdd_debug("Disabling queues"); wlan_hdd_netif_queue_control(pAdapter, WLAN_STOP_ALL_NETIF_QUEUE_N_CARRIER, WLAN_CONTROL_PATH); + /* + * if hddDisconInProgress is set and roamResult is + * eCSR_ROAM_RESULT_SCAN_FOR_SSID_FAILURE that mean HDD is + * waiting on disconnect_comp_var so unblock anyone waiting for + * disconnect to complete. + */ + if ((roamResult == eCSR_ROAM_RESULT_SCAN_FOR_SSID_FAILURE) && + hddDisconInProgress) + complete(&pAdapter->disconnect_comp_var); } if (QDF_STATUS_SUCCESS != cds_check_and_restart_sap( @@ -4010,7 +4020,7 @@ hdd_roam_tdls_status_update_handler(hdd_adapter_t *pAdapter, for (staIdx = 0; staIdx < pHddCtx->max_num_tdls_sta; staIdx++) { - if (0 == + if (HDD_WLAN_INVALID_STA_ID == pHddCtx->tdlsConnInfo[staIdx]. staId) { pHddCtx->tdlsConnInfo[staIdx]. @@ -4141,7 +4151,8 @@ hdd_roam_tdls_status_update_handler(hdd_adapter_t *pAdapter, peerMac.bytes); mutex_unlock(&pHddCtx->tdls_lock); - pHddCtx->tdlsConnInfo[staIdx].staId = 0; + pHddCtx->tdlsConnInfo[staIdx].staId = + HDD_WLAN_INVALID_STA_ID; pHddCtx->tdlsConnInfo[staIdx]. sessionId = 255; qdf_mem_zero(&pHddCtx-> diff --git a/core/hdd/src/wlan_hdd_cfg.c b/core/hdd/src/wlan_hdd_cfg.c index cebeb65c34d8..3dcc8fa68eb6 100644 --- a/core/hdd/src/wlan_hdd_cfg.c +++ b/core/hdd/src/wlan_hdd_cfg.c @@ -3297,13 +3297,6 @@ struct reg_table_entry g_registry_table[] = { CFG_IGNORE_CAC_MIN, CFG_IGNORE_CAC_MAX), - REG_VARIABLE(CFG_ENABLE_SAP_DFS_CH_SIFS_BURST_NAME, WLAN_PARAM_Integer, - struct hdd_config, IsSapDfsChSifsBurstEnabled, - VAR_FLAGS_OPTIONAL | VAR_FLAGS_RANGE_CHECK_ASSUME_DEFAULT, - CFG_ENABLE_SAP_DFS_CH_SIFS_BURST_DEFAULT, - CFG_ENABLE_SAP_DFS_CH_SIFS_BURST_MIN, - CFG_ENABLE_SAP_DFS_CH_SIFS_BURST_MAX), - REG_VARIABLE(CFG_DFS_RADAR_PRI_MULTIPLIER_NAME, WLAN_PARAM_Integer, struct hdd_config, dfsRadarPriMultiplier, VAR_FLAGS_OPTIONAL | VAR_FLAGS_RANGE_CHECK_ASSUME_DEFAULT, @@ -3362,13 +3355,6 @@ struct reg_table_entry g_registry_table[] = { CFG_WLAN_LOGGING_CONSOLE_SUPPORT_ENABLE), #endif /* WLAN_LOGGING_SOCK_SVC_ENABLE */ - REG_VARIABLE(CFG_ENABLE_SIFS_BURST, WLAN_PARAM_Integer, - struct hdd_config, enableSifsBurst, - VAR_FLAGS_OPTIONAL | VAR_FLAGS_RANGE_CHECK_ASSUME_DEFAULT, - CFG_ENABLE_SIFS_BURST_DEFAULT, - CFG_ENABLE_SIFS_BURST_MIN, - CFG_ENABLE_SIFS_BURST_MAX), - #ifdef WLAN_FEATURE_LPSS REG_VARIABLE(CFG_ENABLE_LPASS_SUPPORT, WLAN_PARAM_Integer, struct hdd_config, enable_lpass_support, @@ -4437,13 +4423,6 @@ struct reg_table_entry g_registry_table[] = { CFG_FILTER_MULTICAST_REPLAY_MIN, CFG_FILTER_MULTICAST_REPLAY_MAX), - REG_VARIABLE(CFG_SIFS_BURST_DURATION_NAME, WLAN_PARAM_Integer, - struct hdd_config, sifs_burst_duration, - VAR_FLAGS_OPTIONAL | VAR_FLAGS_RANGE_CHECK_ASSUME_DEFAULT, - CFG_SIFS_BURST_DURATION_DEFAULT, - CFG_SIFS_BURST_DURATION_MIN, - CFG_SIFS_BURST_DURATION_MAX), - REG_VARIABLE(CFG_ENABLE_PHY_REG_NAME, WLAN_PARAM_HexInteger, struct hdd_config, enable_phy_reg_retention, VAR_FLAGS_OPTIONAL | VAR_FLAGS_RANGE_CHECK_ASSUME_DEFAULT, @@ -5958,11 +5937,7 @@ static QDF_STATUS hdd_apply_cfg_ini(hdd_context_t *pHddCtx, int i; int rv; - if (MAX_CFG_INI_ITEMS < cRegTableEntries) { - hdd_err("MAX_CFG_INI_ITEMS too small, must be at least %ld", - cRegTableEntries); - WARN_ON(1); - } + BUILD_BUG_ON(MAX_CFG_INI_ITEMS < cRegTableEntries); for (idx = 0; idx < cRegTableEntries; idx++, pRegEntry++) { /* Calculate the address of the destination field in the structure. */ @@ -6997,8 +6972,6 @@ void hdd_cfg_print(hdd_context_t *pHddCtx) hdd_debug("Name = [isRoamOffloadEnabled] Value = [%u]", pHddCtx->config->isRoamOffloadEnabled); #endif - hdd_debug("Name = [gEnableSifsBurst] Value = [%u]", - pHddCtx->config->enableSifsBurst); #ifdef WLAN_FEATURE_LPSS hdd_debug("Name = [gEnableLpassSupport] Value = [%u] ", @@ -7763,7 +7736,9 @@ static void hdd_set_rx_mode_value(hdd_context_t *hdd_ctx) */ QDF_STATUS hdd_parse_config_ini(hdd_context_t *pHddCtx) { - int status, i = 0; + int status = 0; + int i = 0; + int retry = 0; /** Pointer for firmware image data */ const struct firmware *fw = NULL; char *buffer, *line, *pTemp = NULL; @@ -7775,7 +7750,15 @@ QDF_STATUS hdd_parse_config_ini(hdd_context_t *pHddCtx) memset(cfgIniTable, 0, sizeof(cfgIniTable)); - status = request_firmware(&fw, WLAN_INI_FILE, pHddCtx->parent_dev); + do { + if (status == -EAGAIN) + msleep(HDD_CFG_REQUEST_FIRMWARE_DELAY); + + status = request_firmware(&fw, WLAN_INI_FILE, + pHddCtx->parent_dev); + retry++; + } while ((retry < HDD_CFG_REQUEST_FIRMWARE_RETRIES) && + (status == -EAGAIN)); if (status) { hdd_alert("request_firmware failed %d", status); diff --git a/core/hdd/src/wlan_hdd_cfg80211.c b/core/hdd/src/wlan_hdd_cfg80211.c index d601f5d9f97b..9b99ed4c38ef 100644 --- a/core/hdd/src/wlan_hdd_cfg80211.c +++ b/core/hdd/src/wlan_hdd_cfg80211.c @@ -169,6 +169,11 @@ */ #define WLAN_DEAUTH_DPTRACE_DUMP_COUNT 100 +/* + * Count to ratelimit the HDD logs during NL parsing + */ +#define HDD_NL_ERR_RATE_LIMIT 5 + static const u32 hdd_gcmp_cipher_suits[] = { WLAN_CIPHER_SUITE_GCMP, WLAN_CIPHER_SUITE_GCMP_256, @@ -3725,24 +3730,37 @@ static int32_t hdd_add_tx_bitrate(struct sk_buff *skb, uint32_t bitrate, bitrate_compat; nla_attr = nla_nest_start(skb, idx); - if (!nla_attr) + if (!nla_attr) { + hdd_err("nla_nest_start failed"); goto fail; + } + /* cfg80211_calculate_bitrate will return 0 for mcs >= 32 */ bitrate = cfg80211_calculate_bitrate(&hdd_sta_ctx-> cache_conn_info.txrate); /* report 16-bit bitrate only if we can */ bitrate_compat = bitrate < (1UL << 16) ? bitrate : 0; - if (bitrate > 0 && - nla_put_u32(skb, NL80211_RATE_INFO_BITRATE32, bitrate)) { - hdd_err("put fail"); - goto fail; + + if (bitrate > 0) { + if (nla_put_u32(skb, NL80211_RATE_INFO_BITRATE32, bitrate)) { + hdd_err("put fail bitrate: %u", bitrate); + goto fail; + } + } else { + hdd_err("Invalid bitrate: %u", bitrate); } - if (bitrate_compat > 0 && - nla_put_u16(skb, NL80211_RATE_INFO_BITRATE, bitrate_compat)) { - hdd_err("put fail"); - goto fail; + + if (bitrate_compat > 0) { + if (nla_put_u16(skb, NL80211_RATE_INFO_BITRATE, + bitrate_compat)) { + hdd_err("put fail bitrate_compat: %u", bitrate_compat); + goto fail; + } + } else { + hdd_err("Invalid bitrate_compat: %u", bitrate_compat); } + if (nla_put_u8(skb, NL80211_RATE_INFO_VHT_NSS, hdd_sta_ctx->cache_conn_info.txrate.nss)) { hdd_err("put fail"); @@ -3768,15 +3786,21 @@ static int32_t hdd_add_sta_info(struct sk_buff *skb, struct nlattr *nla_attr; nla_attr = nla_nest_start(skb, idx); - if (!nla_attr) + if (!nla_attr) { + hdd_err("nla_nest_start failed"); goto fail; + } + if (nla_put_u8(skb, NL80211_STA_INFO_SIGNAL, (hdd_sta_ctx->cache_conn_info.signal + 100))) { hdd_err("put fail"); goto fail; } - if (hdd_add_tx_bitrate(skb, hdd_sta_ctx, NL80211_STA_INFO_TX_BITRATE)) + if (hdd_add_tx_bitrate(skb, hdd_sta_ctx, NL80211_STA_INFO_TX_BITRATE)) { + hdd_err("hdd_add_tx_bitrate failed"); goto fail; + } + nla_nest_end(skb, nla_attr); return 0; fail: @@ -3828,8 +3852,11 @@ hdd_add_link_standard_info(struct sk_buff *skb, struct nlattr *nla_attr; nla_attr = nla_nest_start(skb, idx); - if (!nla_attr) + if (!nla_attr) { + hdd_err("nla_nest_start failed"); goto fail; + } + if (nla_put(skb, NL80211_ATTR_SSID, hdd_sta_ctx->cache_conn_info.last_ssid.SSID.length, @@ -3839,12 +3866,18 @@ hdd_add_link_standard_info(struct sk_buff *skb, } if (nla_put(skb, NL80211_ATTR_MAC, QDF_MAC_ADDR_SIZE, hdd_sta_ctx->cache_conn_info.bssId.bytes)) { + hdd_err("put bssid failed"); goto fail; } - if (hdd_add_survey_info(skb, hdd_sta_ctx, NL80211_ATTR_SURVEY_INFO)) + if (hdd_add_survey_info(skb, hdd_sta_ctx, NL80211_ATTR_SURVEY_INFO)) { + hdd_err("hdd_add_survey_info failed"); goto fail; - if (hdd_add_sta_info(skb, hdd_sta_ctx, NL80211_ATTR_STA_INFO)) + } + + if (hdd_add_sta_info(skb, hdd_sta_ctx, NL80211_ATTR_STA_INFO)) { + hdd_err("hdd_add_sta_info failed"); goto fail; + } nla_nest_end(skb, nla_attr); return 0; fail: @@ -5460,6 +5493,7 @@ wlan_hdd_wifi_config_policy[QCA_WLAN_VENDOR_ATTR_CONFIG_MAX + 1] = { .type = NLA_U8}, [QCA_WLAN_VENDOR_ATTR_CONFIG_LATENCY_LEVEL] = {.type = NLA_U16 }, [QCA_WLAN_VENDOR_ATTR_CONFIG_RSN_IE] = {.type = NLA_U8}, + [QCA_WLAN_VENDOR_ATTR_CONFIG_GTX] = {.type = NLA_U8}, }; /** @@ -6259,6 +6293,23 @@ __wlan_hdd_cfg80211_wifi_configuration_set(struct wiphy *wiphy, hdd_ctx->force_rsne_override); } + if (tb[QCA_WLAN_VENDOR_ATTR_CONFIG_GTX]) { + uint8_t config_gtx; + + config_gtx = nla_get_u8(tb[QCA_WLAN_VENDOR_ATTR_CONFIG_GTX]); + if (config_gtx > 1) { + hdd_err_ratelimited(HDD_NL_ERR_RATE_LIMIT, + "Invalid config_gtx value %d", + config_gtx); + return -EINVAL; + } + ret_val = sme_cli_set_command(adapter->sessionId, + WMI_VDEV_PARAM_GTX_ENABLE, + config_gtx, VDEV_CMD); + if (ret_val) + hdd_err("Failed to set GTX"); + } + return ret_val; } @@ -6323,7 +6374,7 @@ static int __wlan_hdd_cfg80211_wifi_logger_start(struct wiphy *wiphy, QDF_STATUS status; hdd_context_t *hdd_ctx = wiphy_priv(wiphy); struct nlattr *tb[QCA_WLAN_VENDOR_ATTR_WIFI_LOGGER_START_MAX + 1]; - struct sir_wifi_start_log start_log; + struct sir_wifi_start_log start_log = { 0 }; ENTER_DEV(wdev->netdev); @@ -6375,6 +6426,8 @@ static int __wlan_hdd_cfg80211_wifi_logger_start(struct wiphy *wiphy, tb[QCA_WLAN_VENDOR_ATTR_WIFI_LOGGER_FLAGS]); hdd_debug("is_iwpriv_command =%d", start_log.is_iwpriv_command); + start_log.user_triggered = 1; + /* size is buff size which can be set using iwpriv command*/ start_log.size = 0; start_log.is_pktlog_buff_clear = false; @@ -10835,18 +10888,29 @@ end: static int hdd_post_get_chain_rssi_rsp(hdd_context_t *hdd_ctx) { struct sk_buff *skb = NULL; - int data_len = sizeof(hdd_ctx->chain_rssi_context.result); + struct chain_rssi_result *result = + &hdd_ctx->chain_rssi_context.result; skb = cfg80211_vendor_cmd_alloc_reply_skb(hdd_ctx->wiphy, - data_len+NLMSG_HDRLEN); + (sizeof(result->chain_rssi) + NLA_HDRLEN) + + (sizeof(result->ant_id) + NLA_HDRLEN) + + NLMSG_HDRLEN); if (!skb) { hdd_err(FL("cfg80211_vendor_event_alloc failed")); return -ENOMEM; } - if (nla_put(skb, QCA_WLAN_VENDOR_ATTR_CHAIN_RSSI, data_len, - &hdd_ctx->chain_rssi_context.result)) { + if (nla_put(skb, QCA_WLAN_VENDOR_ATTR_CHAIN_RSSI, + sizeof(result->chain_rssi), + result->chain_rssi)) { + hdd_err(FL("put fail")); + goto nla_put_failure; + } + + if (nla_put(skb, QCA_WLAN_VENDOR_ATTR_ANTENNA_INFO, + sizeof(result->ant_id), + result->ant_id)) { hdd_err(FL("put fail")); goto nla_put_failure; } @@ -10988,8 +11052,7 @@ void wlan_hdd_cfg80211_chainrssi_callback(void *ctx, void *pmsg) return; } - memcpy(&context->result, data->chain_rssi, - sizeof(data->chain_rssi)); + memcpy(&context->result, data, sizeof(*data)); complete(&context->response_event); spin_unlock(&hdd_context_lock); @@ -11613,13 +11676,18 @@ static int __wlan_hdd_cfg80211_get_nud_stats(struct wiphy *wiphy, const void *data, int data_len) { int err = 0; - struct hdd_nud_stats_context *context; struct net_device *dev = wdev->netdev; hdd_adapter_t *adapter = WLAN_HDD_GET_PRIV_PTR(dev); hdd_context_t *hdd_ctx = wiphy_priv(wiphy); struct get_arp_stats_params arp_stats_params; uint32_t pkt_type_bitmap; struct sk_buff *skb; + struct hdd_request *request = NULL; + static const struct hdd_request_params params = { + .priv_size = 0, + .timeout_ms = WLAN_WAIT_TIME_NUD_STATS, + }; + void *cookie = NULL; ENTER(); @@ -11642,13 +11710,17 @@ static int __wlan_hdd_cfg80211_get_nud_stats(struct wiphy *wiphy, return -EINVAL; } + request = hdd_request_alloc(¶ms); + if (!request) { + hdd_err("Request allocation failure"); + return -ENOMEM; + } + + cookie = hdd_request_cookie(request); + arp_stats_params.pkt_type = WLAN_NUD_STATS_ARP_PKT_TYPE; arp_stats_params.vdev_id = adapter->sessionId; - spin_lock(&hdd_context_lock); - context = &hdd_ctx->nud_stats_context; - qdf_event_reset(&context->response_event); - spin_unlock(&hdd_context_lock); pkt_type_bitmap = adapter->pkt_type_bitmap; @@ -11661,18 +11733,26 @@ static int __wlan_hdd_cfg80211_get_nud_stats(struct wiphy *wiphy, 0xFF, 0XFF, DATA_STALL_LOG_RECOVERY_TRIGGER_PDR); + if (sme_set_nud_debug_stats_cb(hdd_ctx->hHal, hdd_get_nud_stats_cb, + cookie) != QDF_STATUS_SUCCESS) { + hdd_err("Setting NUD debug stats callback failure"); + err = -EINVAL; + goto exit; + } + if (QDF_STATUS_SUCCESS != sme_get_nud_debug_stats(hdd_ctx->hHal, &arp_stats_params)) { QDF_TRACE(QDF_MODULE_ID_HDD, QDF_TRACE_LEVEL_ERROR, "%s STATS_SET_START CMD Failed!!", __func__); - return -EINVAL; + err = -EINVAL; + goto exit; } - if (qdf_wait_for_event_completion(&context->response_event, - WLAN_WAIT_TIME_NUD_STATS) != - QDF_STATUS_SUCCESS) { - hdd_err("Target response timed out request "); - return -ETIMEDOUT; + err = hdd_request_wait_for_response(request); + if (err) { + hdd_err("SME timedout while retrieving NUD stats"); + err = -ETIMEDOUT; + goto exit; } skb = cfg80211_vendor_cmd_alloc_reply_skb(wiphy, @@ -11680,7 +11760,8 @@ static int __wlan_hdd_cfg80211_get_nud_stats(struct wiphy *wiphy, if (!skb) { hdd_err("%s: cfg80211_vendor_cmd_alloc_reply_skb failed", __func__); - return -ENOMEM; + err = -ENOMEM; + goto exit; } if (nla_put_u16(skb, COUNT_FROM_NETDEV, @@ -11702,7 +11783,8 @@ static int __wlan_hdd_cfg80211_get_nud_stats(struct wiphy *wiphy, rx_host_drop_reorder)) { hdd_err("nla put fail"); kfree_skb(skb); - return -EINVAL; + err = -EINVAL; + goto exit; } if (adapter->con_status) nla_put_flag(skb, AP_LINK_ACTIVE); @@ -11713,11 +11795,15 @@ static int __wlan_hdd_cfg80211_get_nud_stats(struct wiphy *wiphy, pkt_type_bitmap &= ~CONNECTIVITY_CHECK_SET_ARP; if (pkt_type_bitmap) { - if (hdd_populate_connectivity_check_stats_info(adapter, skb)) - return -EINVAL; + if (hdd_populate_connectivity_check_stats_info(adapter, skb)) { + err = -EINVAL; + goto exit; + } } cfg80211_vendor_cmd_reply(skb); +exit: + hdd_request_put(request); return err; } @@ -14052,7 +14138,8 @@ void wlan_hdd_cfg80211_deregister_frames(hdd_adapter_t *pAdapter) } #ifdef FEATURE_WLAN_WAPI -void wlan_hdd_cfg80211_set_key_wapi(hdd_adapter_t *pAdapter, uint8_t key_index, +static void wlan_hdd_cfg80211_set_key_wapi(struct hdd_adapter_s *pAdapter, + uint8_t key_index, const uint8_t *mac_addr, const uint8_t *key, int key_Len) { @@ -16978,6 +17065,14 @@ static bool wlan_hdd_fils_data_in_limits(struct cfg80211_connect_params *req) return false; } + if (!req->fils_erp_rrk || !req->fils_erp_realm || + !req->fils_erp_username) { + hdd_err("buffer incorrect, user=%pK rrk=%pK realm=%pK", + req->fils_erp_username, req->fils_erp_rrk, + req->fils_erp_realm); + return false; + } + return true; } @@ -17700,16 +17795,30 @@ static int wlan_hdd_cfg80211_set_ie(hdd_adapter_t *pAdapter, const uint8_t *ie, /* Setting WAPI Mode to ON=1 */ pAdapter->wapi_info.nWapiMode = 1; hdd_debug("WAPI MODE IS %u", pAdapter->wapi_info.nWapiMode); - tmp = (uint8_t *)ie; - tmp = tmp + 4; /* Skip element Id and Len, Version */ + /* genie is pointing to data field of WAPI IE's buffer */ + tmp = (uint8_t *)genie; + /* Validate length for Version(2 bytes) and Number + * of AKM suite (2 bytes) in WAPI IE buffer, coming from + * supplicant*/ + if (eLen < 4) { + hdd_err("Invalid IE Len: %u", eLen); + return -EINVAL; + } + tmp = tmp + 2; /* Skip Version */ /* Get the number of AKM suite */ akmsuiteCount = WPA_GET_LE16(tmp); /* Skip the number of AKM suite */ tmp = tmp + 2; + /* Validate total length for WAPI IE's buffer */ + if (eLen < (4 + (akmsuiteCount * sizeof(uint32_t)))) { + hdd_err("Invalid IE Len: %u", eLen); + return -EINVAL; + } /* AKM suite list, each OUI contains 4 bytes */ akmlist = (uint32_t *)(tmp); if (akmsuiteCount <= MAX_NUM_AKM_SUITES) { - memcpy(akmsuite, akmlist, akmsuiteCount); + qdf_mem_copy(akmsuite, akmlist, + sizeof(uint32_t) * akmsuiteCount); } else { hdd_err("Invalid akmSuite count: %u", akmsuiteCount); @@ -17969,6 +18078,7 @@ int wlan_hdd_try_disconnect(hdd_adapter_t *pAdapter) hdd_context_t *hdd_ctx; int status, result = 0; tHalHandle hal; + uint32_t wait_time = WLAN_WAIT_TIME_DISCONNECT; hdd_ctx = WLAN_HDD_GET_CTX(pAdapter); pHddStaCtx = WLAN_HDD_GET_STATION_CTX_PTR(pAdapter); @@ -18004,6 +18114,9 @@ int wlan_hdd_try_disconnect(hdd_adapter_t *pAdapter) (eConnectionState_Associated == pHddStaCtx->conn_info.connState) || (eConnectionState_Connecting == pHddStaCtx->conn_info.connState) || (eConnectionState_IbssConnected == pHddStaCtx->conn_info.connState)) { + eConnectionState prev_conn_state; + + prev_conn_state = pHddStaCtx->conn_info.connState; hdd_conn_set_connection_state(pAdapter, eConnectionState_Disconnecting); /* Issue disconnect to CSR */ @@ -18012,13 +18125,25 @@ int wlan_hdd_try_disconnect(hdd_adapter_t *pAdapter) status = sme_roam_disconnect(WLAN_HDD_GET_HAL_CTX(pAdapter), pAdapter->sessionId, eCSR_DISCONNECT_REASON_UNSPECIFIED); - /* - * Wait here instead of returning directly, this will block the - * next connect command and allow processing of the scan for - * ssid and the previous connect command in CSR. Else we might - * hit some race conditions leading to SME and HDD out of sync. - */ - if (QDF_STATUS_CMD_NOT_QUEUED == status) { + + if ((status == QDF_STATUS_CMD_NOT_QUEUED) && + prev_conn_state != eConnectionState_Connecting) { + hdd_debug("Already disconnect in progress"); + result = 0; + /* + * Wait here instead of returning directly. This will + * block the connect command and allow processing + * of the disconnect in SME. As disconnect is already + * in progress, wait here for 1 sec instead of 5 sec. + */ + wait_time = WLAN_WAIT_DISCONNECT_ALREADY_IN_PROGRESS; + } else if (status == QDF_STATUS_CMD_NOT_QUEUED) { + /* + * Wait here instead of returning directly, this will + * block the connect command and allow processing + * of the scan for ssid and the previous connect command + * in CSR. + */ hdd_debug("Already disconnected or connect was in sme/roam pending list and removed by disconnect"); } else if (0 != status) { hdd_err("sme_roam_disconnect failure, status: %d", @@ -18028,9 +18153,8 @@ int wlan_hdd_try_disconnect(hdd_adapter_t *pAdapter) goto disconnected; } - rc = wait_for_completion_timeout( - &pAdapter->disconnect_comp_var, - msecs_to_jiffies(WLAN_WAIT_TIME_DISCONNECT)); + rc = wait_for_completion_timeout(&pAdapter->disconnect_comp_var, + msecs_to_jiffies(wait_time)); if (!rc && (QDF_STATUS_CMD_NOT_QUEUED != status)) { hdd_err("Sme disconnect event timed out session Id: %d staDebugState: %d", pAdapter->sessionId, pHddStaCtx->staDebugState); @@ -18039,7 +18163,7 @@ int wlan_hdd_try_disconnect(hdd_adapter_t *pAdapter) } else if (eConnectionState_Disconnecting == pHddStaCtx->conn_info.connState) { rc = wait_for_completion_timeout(&pAdapter->disconnect_comp_var, - msecs_to_jiffies(WLAN_WAIT_TIME_DISCONNECT)); + msecs_to_jiffies(wait_time)); if (!rc) { hdd_err("Disconnect event timed out session Id: %d staDebugState: %d", pAdapter->sessionId, pHddStaCtx->staDebugState); @@ -19620,13 +19744,15 @@ static inline bool wlan_hdd_is_pmksa_valid(struct cfg80211_pmksa *pmksa) /* * hdd_fill_pmksa_info: API to update tPmkidCacheInfo from cfg80211_pmksa - * @pmk_cache: pmksa from supplicant - * @pmk_cache: pmk needs to be updated - * + * @adapter: Pointer to hdd adapter + * @pmk_cache: pmk that needs to be udated + * @pmksa: pmk from supplicant + * @is_delete: Bool to decide set or delete PMK * Return: None */ -static void hdd_fill_pmksa_info(tPmkidCacheInfo *pmk_cache, - struct cfg80211_pmksa *pmksa, bool is_delete) +static void hdd_fill_pmksa_info(hdd_adapter_t *adapter, + tPmkidCacheInfo *pmk_cache, + struct cfg80211_pmksa *pmksa, bool is_delete) { if (pmksa->bssid) { hdd_debug("%s PMKSA for " MAC_ADDRESS_STR, @@ -19674,14 +19800,18 @@ static inline bool wlan_hdd_is_pmksa_valid(struct cfg80211_pmksa *pmksa) /* * hdd_fill_pmksa_info: API to update tPmkidCacheInfo from cfg80211_pmksa - * @pmk_cache: pmksa from supplicant - * @pmk_cache: pmk needs to be updated + * @adapter: Pointer to hdd adapter + * @pmk_cache: pmk which needs to be updated + * @pmksa: pmk from supplicant + * @is_delete: Bool to decide whether to set or delete PMK * * Return: None */ -static void hdd_fill_pmksa_info(tPmkidCacheInfo *pmk_cache, - struct cfg80211_pmksa *pmksa, bool is_delete) +static void hdd_fill_pmksa_info(hdd_adapter_t *adapter, + tPmkidCacheInfo *pmk_cache, + struct cfg80211_pmksa *pmksa, bool is_delete) { + tHalHandle hal = WLAN_HDD_GET_HAL_CTX(adapter); hdd_debug("%s PMKSA for " MAC_ADDRESS_STR, is_delete ? "Delete" : "Set", MAC_ADDR_ARRAY(pmksa->bssid)); qdf_mem_copy(pmk_cache->BSSID.bytes, @@ -19689,7 +19819,7 @@ static void hdd_fill_pmksa_info(tPmkidCacheInfo *pmk_cache, if (is_delete) return; - + sme_get_pmk_info(hal, adapter->sessionId, pmk_cache); qdf_mem_copy(pmk_cache->PMKID, pmksa->pmkid, CSR_RSN_PMKID_SIZE); } #endif @@ -19748,7 +19878,7 @@ static int __wlan_hdd_cfg80211_set_pmksa(struct wiphy *wiphy, qdf_mem_zero(&pmk_cache, sizeof(pmk_cache)); - hdd_fill_pmksa_info(&pmk_cache, pmksa, false); + hdd_fill_pmksa_info(pAdapter, &pmk_cache, pmksa, false); /* * Add to the PMKSA Cache in CSR @@ -19843,7 +19973,7 @@ static int __wlan_hdd_cfg80211_del_pmksa(struct wiphy *wiphy, qdf_mem_zero(&pmk_cache, sizeof(pmk_cache)); - hdd_fill_pmksa_info(&pmk_cache, pmksa, true); + hdd_fill_pmksa_info(pAdapter, &pmk_cache, pmksa, true); /* Delete the PMKID CSR cache */ if (QDF_STATUS_SUCCESS != diff --git a/core/hdd/src/wlan_hdd_cfg80211.h b/core/hdd/src/wlan_hdd_cfg80211.h index 2e3dba7b8c29..173ccc116e52 100644 --- a/core/hdd/src/wlan_hdd_cfg80211.h +++ b/core/hdd/src/wlan_hdd_cfg80211.h @@ -345,11 +345,6 @@ QDF_STATUS wlan_hdd_cfg80211_roam_metrics_handover(hdd_adapter_t *pAdapter, tCsrRoamInfo *pRoamInfo); #endif -#ifdef FEATURE_WLAN_WAPI -void wlan_hdd_cfg80211_set_key_wapi(hdd_adapter_t *pAdapter, uint8_t key_index, - const uint8_t *mac_addr, const uint8_t *key, - int key_Len); -#endif hdd_context_t *hdd_cfg80211_wiphy_alloc(int priv_size); int wlan_hdd_cfg80211_tdls_scan(struct wiphy *wiphy, diff --git a/core/hdd/src/wlan_hdd_debugfs.c b/core/hdd/src/wlan_hdd_debugfs.c index c757a6be00c0..6ee6020e7644 100644 --- a/core/hdd/src/wlan_hdd_debugfs.c +++ b/core/hdd/src/wlan_hdd_debugfs.c @@ -593,7 +593,8 @@ static void hdd_power_debugstats_cb(struct power_stats_response *response, power_stats->cumulative_sleep_time_ms = response->cumulative_sleep_time_ms; power_stats->cumulative_total_on_time_ms - = response->cumulative_total_on_time_ms; + = response->cumulative_total_on_time_ms - + response->cumulative_sleep_time_ms; power_stats->deep_sleep_enter_counter = response->deep_sleep_enter_counter; power_stats->last_deep_sleep_enter_tstamp_ms diff --git a/core/hdd/src/wlan_hdd_ext_scan.c b/core/hdd/src/wlan_hdd_ext_scan.c index dee8cb54cb6d..7f8b1c35ad3b 100644 --- a/core/hdd/src/wlan_hdd_ext_scan.c +++ b/core/hdd/src/wlan_hdd_ext_scan.c @@ -3042,6 +3042,11 @@ static int hdd_extscan_start_fill_bucket_channel_spec( total_channels++; } + if (j != req_msg->buckets[bkt_index].numChannels) { + hdd_err("Input parameters didn't match"); + goto fail; + } + hdd_extscan_update_dwell_time_limits( req_msg, bkt_index, min_dwell_time_active_bucket, diff --git a/core/hdd/src/wlan_hdd_hostapd.c b/core/hdd/src/wlan_hdd_hostapd.c index c5de344d4974..474c7fd7935c 100644 --- a/core/hdd/src/wlan_hdd_hostapd.c +++ b/core/hdd/src/wlan_hdd_hostapd.c @@ -670,6 +670,10 @@ static void hdd_hostapd_inactivity_timer_cb(void *context) return; } #endif /* DISABLE_CONCURRENCY_AUTOSAVE */ + if (event_len > sizeof(we_custom_event)) { + hdd_err("Event len exceeds event buffer size: %d", event_len); + return; + } memset(&we_custom_event, '\0', sizeof(we_custom_event)); memcpy(&we_custom_event, autoShutEvent, event_len); @@ -1482,6 +1486,10 @@ static void hdd_fill_station_info(hdd_adapter_t *pHostapdAdapter, hdd_copy_ht_caps(&stainfo->ht_caps, &event->ht_caps); } + /* Initialize DHCP info */ + stainfo->dhcp_phase = DHCP_PHASE_ACK; + stainfo->dhcp_nego_status = DHCP_NEGO_STOP; + while (i < WLAN_MAX_STA_COUNT) { if (!qdf_mem_cmp(pHostapdAdapter-> cache_sta_info[i].macAddrSTA.bytes, @@ -1669,6 +1677,13 @@ QDF_STATUS hdd_hostapd_sap_event_cb(tpSap_Event pSapEvent, pHostapdAdapter->sessionId = pSapEvent->sapevt.sapStartBssCompleteEvent.sessionId; + pHostapdAdapter->sessionCtx.ap.sapConfig.channel = + pSapEvent->sapevt.sapStartBssCompleteEvent. + operatingChannel; + + pHostapdAdapter->sessionCtx.ap.sapConfig.ch_params.ch_width = + pSapEvent->sapevt.sapStartBssCompleteEvent.ch_width; + pHostapdState->qdf_status = pSapEvent->sapevt.sapStartBssCompleteEvent.status; @@ -1805,21 +1820,6 @@ QDF_STATUS hdd_hostapd_sap_event_cb(tpSap_Event pSapEvent, } } - - if ((CHANNEL_STATE_DFS == - cds_get_channel_state(pHddApCtx->operatingChannel)) - && (pHddCtx->config->IsSapDfsChSifsBurstEnabled == 0)) { - - hdd_debug("Set SIFS Burst disable for DFS channel %d", - pHddApCtx->operatingChannel); - - if (wma_cli_set_command(pHostapdAdapter->sessionId, - WMI_PDEV_PARAM_BURST_ENABLE, - 0, PDEV_CMD)) { - hdd_err("Failed to Set SIFS Burst channel: %d", - pHddApCtx->operatingChannel); - } - } /* Fill the params for sending IWEVCUSTOM Event * with SOFTAP.enabled */ @@ -2249,6 +2249,14 @@ QDF_STATUS hdd_hostapd_sap_event_cb(tpSap_Event pSapEvent, pHostapdAdapter->sessionId, QDF_PROTO_TYPE_MGMT, QDF_PROTO_MGMT_DISASSOC)); + /* Send DHCP STOP indication to FW */ + stainfo->dhcp_phase = DHCP_PHASE_ACK; + if (stainfo->dhcp_nego_status == + DHCP_NEGO_IN_PROGRESS) + hdd_post_dhcp_ind(pHostapdAdapter, staId, + WMA_DHCP_STOP_IND); + stainfo->dhcp_nego_status = DHCP_NEGO_STOP; + hdd_softap_deregister_sta(pHostapdAdapter, staId); pHddApCtx->bApActive = false; @@ -2641,6 +2649,10 @@ stopbss: if (!QDF_IS_STATUS_SUCCESS(qdf_status)) { hdd_warn("hdd_softap_stop_bss failed %d", qdf_status); + if (hdd_ipa_is_enabled(pHddCtx)) { + hdd_ipa_uc_disconnect_ap(pHostapdAdapter); + hdd_ipa_clean_adapter_iface(pHostapdAdapter); + } } /* notify userspace that the BSS has stopped */ @@ -6484,7 +6496,7 @@ QDF_STATUS hdd_init_ap_mode(hdd_adapter_t *pAdapter, bool reinit) ret = wma_cli_set_command(pAdapter->sessionId, WMI_PDEV_PARAM_BURST_ENABLE, - pHddCtx->config->enableSifsBurst, + HDD_ENABLE_SIFS_BURST_DEFAULT, PDEV_CMD); if (0 != ret) @@ -7212,6 +7224,10 @@ int wlan_hdd_cfg80211_update_apies(hdd_adapter_t *adapter) pConfig = &adapter->sessionCtx.ap.sapConfig; beacon = adapter->sessionCtx.ap.beacon; + if (!beacon) { + hdd_err("Beacon is NULL !"); + return -EINVAL; + } genie = qdf_mem_malloc(MAX_GENIE_LEN); @@ -8417,6 +8433,12 @@ int wlan_hdd_cfg80211_start_bss(hdd_adapter_t *pHostapdAdapter, if (!cds_is_sub_20_mhz_enabled()) wlan_hdd_set_sap_hwmode(pHostapdAdapter); + if (IS_24G_CH(pConfig->channel) && + pHddCtx->config->enableVhtFor24GHzBand && + (pConfig->SapHw_mode == eCSR_DOT11_MODE_11n || + pConfig->SapHw_mode == eCSR_DOT11_MODE_11n_ONLY)) + pConfig->SapHw_mode = eCSR_DOT11_MODE_11ac; + if (((pHostapdAdapter->device_mode == QDF_SAP_MODE) && (pHddCtx->config->sap_force_11n_for_11ac)) || ((pHostapdAdapter->device_mode == QDF_P2P_GO_MODE) && @@ -8454,14 +8476,7 @@ int wlan_hdd_cfg80211_start_bss(hdd_adapter_t *pHostapdAdapter, pConfig->ch_width_orig = CH_WIDTH_20MHZ; } - if (!wma_is_hw_dbs_capable() && - (pHostapdAdapter->device_mode == QDF_SAP_MODE) && - cds_is_force_scc() && - cds_mode_specific_get_channel(CDS_STA_MODE)) { - pConfig->channel = cds_mode_specific_get_channel(CDS_STA_MODE); - hdd_debug("DBS is disabled, force SCC is enabled and STA is active, override the SAP channel to %d", - pConfig->channel); - } else if (wlan_hdd_setup_driver_overrides(pHostapdAdapter)) { + if (wlan_hdd_setup_driver_overrides(pHostapdAdapter)) { ret = -EINVAL; goto error; } diff --git a/core/hdd/src/wlan_hdd_ioctl.c b/core/hdd/src/wlan_hdd_ioctl.c index 93af2e7ef9b8..b829d85ebd78 100644 --- a/core/hdd/src/wlan_hdd_ioctl.c +++ b/core/hdd/src/wlan_hdd_ioctl.c @@ -3094,7 +3094,26 @@ static int drv_cmd_country(hdd_adapter_t *adapter, char *country_code; int32_t cc_from_db; - country_code = command + 8; + country_code = strnchr(command, strlen(command), ' '); + /* no argument after the command*/ + if (!country_code) + return -EINVAL; + + /* no space after the command*/ + if (SPACE_ASCII_VALUE != *country_code) + return -EINVAL; + + country_code++; + + /* removing empty spaces*/ + while ((SPACE_ASCII_VALUE == *country_code) && + ('\0' != *country_code)) + country_code++; + + /* no or less than 2 arguments followed by spaces*/ + if (*country_code == '\0' || *(country_code + 1) == '\0') + return -EINVAL; + if (!((country_code[0] == 'X' && country_code[1] == 'X') || (country_code[0] == '0' && country_code[1] == '0'))) { cc_from_db = cds_get_country_from_alpha2(country_code); diff --git a/core/hdd/src/wlan_hdd_ipa.c b/core/hdd/src/wlan_hdd_ipa.c index 036692af1dfd..7e41a7e0461d 100644 --- a/core/hdd/src/wlan_hdd_ipa.c +++ b/core/hdd/src/wlan_hdd_ipa.c @@ -89,6 +89,8 @@ #define HDD_IPA_MAX_BANDWIDTH 800 +#define HDD_IPA_UC_STAT_LOG_RATE 10 + enum hdd_ipa_uc_op_code { HDD_IPA_UC_OPCODE_TX_SUSPEND = 0, HDD_IPA_UC_OPCODE_TX_RESUME = 1, @@ -559,9 +561,23 @@ do { \ (0 == qdf_mem_get_dma_addr(osdev, &ipa_resource->tx_comp_ring->mem_info)) || \ (0 == qdf_mem_get_dma_addr(osdev, &ipa_resource->rx_rdy_ring->mem_info)) || \ (0 == qdf_mem_get_dma_addr(osdev, &ipa_resource->rx2_rdy_ring->mem_info))) + +#define HDD_IPA_WDI2_SET_SMMU() \ +do { \ + qdf_mem_copy(&pipe_in.u.ul_smmu.rdy_comp_ring, \ + &ipa_res->rx2_rdy_ring->sgtable, \ + sizeof(sgtable_t)); \ + pipe_in.u.ul_smmu.rdy_comp_ring_size = \ + ipa_res->rx2_rdy_ring->mem_info.size; \ + pipe_in.u.ul_smmu.rdy_comp_ring_wp_pa = \ + ipa_res->rx2_proc_done_idx->mem_info.pa; \ + pipe_in.u.ul_smmu.rdy_comp_ring_wp_va = \ + ipa_res->rx2_proc_done_idx->vaddr; \ +} while (0) #else /* Do nothing */ #define HDD_IPA_WDI2_SET(pipe_in, ipa_ctxt, osdev) +#define HDD_IPA_WDI2_SET_SMMU() #define IPA_RESOURCE_READY(ipa_resource, osdev) \ ((0 == qdf_mem_get_dma_addr(osdev, &ipa_resource->ce_sr->mem_info)) || \ @@ -849,19 +865,6 @@ static inline bool hdd_ipa_is_rt_debugging_enabled(hdd_context_t *hdd_ctx) } /** - * hdd_ipa_is_clk_scaling_enabled() - Is IPA clock scaling enabled? - * @hdd_ipa: Global HDD IPA context - * - * Return: true if clock scaling is enabled, otherwise false - */ -static inline bool hdd_ipa_is_clk_scaling_enabled(hdd_context_t *hdd_ctx) -{ - return HDD_IPA_IS_CONFIG_ENABLED(hdd_ctx, - HDD_IPA_CLK_SCALING_ENABLE_MASK | - HDD_IPA_RM_ENABLE_MASK); -} - -/** * hdd_ipa_is_fw_wdi_actived() - Are FW WDI pipes activated? * @hdd_ipa: Global HDD IPA context * @@ -1024,6 +1027,19 @@ static void hdd_ipa_wdi_init_metering(struct hdd_ipa_priv *ipa_ctxt, void *in) #endif /* FEATURE_METERING */ #ifdef CONFIG_IPA_WDI_UNIFIED_API + +/** + * hdd_ipa_is_clk_scaling_enabled() - Is IPA clock scaling enabled? + * @hdd_ipa: Global HDD IPA context + * + * Return: true if clock scaling is enabled, otherwise false + */ +static inline bool hdd_ipa_is_clk_scaling_enabled(hdd_context_t *hdd_ctx) +{ + return HDD_IPA_IS_CONFIG_ENABLED(hdd_ctx, + HDD_IPA_CLK_SCALING_ENABLE_MASK); +} + /* * TODO: Get WDI version through FW capabilities */ @@ -1213,13 +1229,15 @@ static int hdd_ipa_wdi_conn_pipes(struct hdd_ipa_priv *hdd_ipa, info_smmu->transfer_ring_doorbell_pa = ipa_res->rx_proc_done_idx->mem_info.pa; - qdf_mem_copy(&info_smmu->event_ring_base, - &ipa_res->rx2_rdy_ring->sgtable, - sizeof(sgtable_t)); - info_smmu->event_ring_size = - ipa_res->rx2_rdy_ring->mem_info.size; - info_smmu->event_ring_doorbell_pa = - ipa_res->rx2_proc_done_idx->mem_info.pa; + if (hdd_ipa->wdi_version == IPA_WDI_2) { + qdf_mem_copy(&info_smmu->event_ring_base, + &ipa_res->rx2_rdy_ring->sgtable, + sizeof(sgtable_t)); + info_smmu->event_ring_size = + ipa_res->rx2_rdy_ring->mem_info.size; + info_smmu->event_ring_doorbell_pa = + ipa_res->rx2_proc_done_idx->mem_info.pa; + } } else { /* TX */ info = &in->u_tx.tx; @@ -1359,6 +1377,12 @@ static int hdd_ipa_wdi_enable_pipes(struct hdd_ipa_priv *hdd_ipa) struct ol_txrx_pdev_t *pdev = cds_get_context(QDF_MODULE_ID_TXRX); int ret; + if (!pdev) { + HDD_IPA_LOG(QDF_TRACE_LEVEL_ERROR, "pdev is NULL"); + ret = QDF_STATUS_E_FAILURE; + return ret; + } + /* Map IPA SMMU for all Rx hash table */ ret = ol_txrx_rx_hash_smmu_map(pdev, true); if (ret) { @@ -1387,6 +1411,12 @@ static int hdd_ipa_wdi_disable_pipes(struct hdd_ipa_priv *hdd_ipa) struct ol_txrx_pdev_t *pdev = cds_get_context(QDF_MODULE_ID_TXRX); int ret; + if (!pdev) { + HDD_IPA_LOG(QDF_TRACE_LEVEL_ERROR, "pdev is NULL"); + ret = QDF_STATUS_E_FAILURE; + return ret; + } + ret = ipa_wdi_disable_pipes(); if (ret) { HDD_IPA_LOG(QDF_TRACE_LEVEL_ERROR, @@ -1503,7 +1533,7 @@ static void hdd_ipa_pm_flush(struct work_struct *work) hdd_softap_hard_start_xmit(skb, pm_tx_cb->adapter->dev); else - ipa_free_skb(pm_tx_cb->ipa_tx_desc); + dev_kfree_skb_any(skb); } else { hdd_ipa_send_pkt_to_tl(pm_tx_cb->iface_context, pm_tx_cb->ipa_tx_desc); @@ -1532,6 +1562,20 @@ int hdd_ipa_uc_smmu_map(bool map, uint32_t num_buf, qdf_mem_info_t *buf_arr) (struct ipa_wdi_buffer_info *)buf_arr); } #else /* CONFIG_IPA_WDI_UNIFIED_API */ + +/** + * hdd_ipa_is_clk_scaling_enabled() - Is IPA clock scaling enabled? + * @hdd_ipa: Global HDD IPA context + * + * Return: true if clock scaling is enabled, otherwise false + */ +static inline bool hdd_ipa_is_clk_scaling_enabled(hdd_context_t *hdd_ctx) +{ + return HDD_IPA_IS_CONFIG_ENABLED(hdd_ctx, + HDD_IPA_CLK_SCALING_ENABLE_MASK | + HDD_IPA_RM_ENABLE_MASK); +} + static inline void hdd_ipa_wdi_get_wdi_version(struct hdd_ipa_priv *hdd_ipa) { } @@ -1734,18 +1778,7 @@ static int hdd_ipa_wdi_conn_pipes(struct hdd_ipa_priv *hdd_ipa, pipe_in.u.ul_smmu.rdy_ring_rp_va = ipa_res->rx_proc_done_idx->vaddr; - qdf_mem_copy(&pipe_in.u.ul_smmu.rdy_comp_ring, - &ipa_res->rx2_rdy_ring->sgtable, - sizeof(sgtable_t)); - - pipe_in.u.ul_smmu.rdy_comp_ring_size = - ipa_res->rx2_rdy_ring->mem_info.size; - - pipe_in.u.ul_smmu.rdy_comp_ring_wp_pa = - ipa_res->rx2_proc_done_idx->mem_info.pa; - - pipe_in.u.ul_smmu.rdy_comp_ring_wp_va = - ipa_res->rx2_proc_done_idx->vaddr; + HDD_IPA_WDI2_SET_SMMU(); } else { pipe_in.u.ul.rdy_ring_base_pa = ipa_res->rx_rdy_ring->mem_info.pa; @@ -2729,15 +2762,6 @@ static int hdd_ipa_wdi_setup_rm(struct hdd_ipa_priv *hdd_ipa) goto timer_init_failed; } - /* Set the lowest bandwidth to start with */ - ret = hdd_ipa_set_perf_level(hdd_ipa->hdd_ctx, 0, 0); - - if (ret) { - HDD_IPA_LOG(QDF_TRACE_LEVEL_ERROR, - "Set perf level failed: %d", ret); - goto set_perf_failed; - } - qdf_wake_lock_create(&hdd_ipa->wake_lock, "wlan_ipa"); INIT_DELAYED_WORK(&hdd_ipa->wake_lock_work, hdd_ipa_wake_lock_timer_func); @@ -2748,9 +2772,6 @@ static int hdd_ipa_wdi_setup_rm(struct hdd_ipa_priv *hdd_ipa) return ret; -set_perf_failed: - ipa_rm_inactivity_timer_destroy(IPA_RM_RESOURCE_WLAN_PROD); - timer_init_failed: ipa_rm_delete_resource(IPA_RM_RESOURCE_WLAN_CONS); @@ -2848,7 +2869,7 @@ static void hdd_ipa_pm_flush(struct work_struct *work) hdd_softap_hard_start_xmit(skb, pm_tx_cb->adapter->dev); else - ipa_free_skb(pm_tx_cb->ipa_tx_desc); + dev_kfree_skb_any(skb); } else { hdd_ipa_send_pkt_to_tl(pm_tx_cb->iface_context, pm_tx_cb->ipa_tx_desc); @@ -2881,6 +2902,47 @@ int hdd_ipa_uc_smmu_map(bool map, uint32_t num_buf, qdf_mem_info_t *buf_arr) #endif /* CONFIG_IPA_WDI_UNIFIED_API */ /** + * hdd_ipa_init_perf_level() - Initialize IPA performance level + * @hdd_cxt: HDD context + * + * If IPA clock scaling is disabled, initialize perf level to maximum. + * Else set the lowest level to start with + * + * Return: QDF_STATUS + */ +static QDF_STATUS hdd_ipa_init_perf_level(hdd_context_t *hdd_ctx) +{ + int ret; + + /* Set lowest bandwidth to start with if clk scaling enabled */ + if (hdd_ipa_is_clk_scaling_enabled(hdd_ctx)) { + if (hdd_ipa_set_perf_level(hdd_ctx, 0, 0)) + return QDF_STATUS_E_FAILURE; + else + return QDF_STATUS_SUCCESS; + } + + hdd_debug("IPA clock scaling is disabled. Set perf level to max %d", + HDD_IPA_MAX_BANDWIDTH); + + ret = hdd_ipa_wdi_rm_set_perf_profile(hdd_ctx->hdd_ipa, + IPA_CLIENT_WLAN1_CONS, HDD_IPA_MAX_BANDWIDTH); + if (ret) { + hdd_err("CONS set perf profile failed: %d", ret); + return QDF_STATUS_E_FAILURE; + } + + ret = hdd_ipa_wdi_rm_set_perf_profile(hdd_ctx->hdd_ipa, + IPA_CLIENT_WLAN1_PROD, HDD_IPA_MAX_BANDWIDTH); + if (ret) { + hdd_err("PROD set perf profile failed: %d", ret); + return QDF_STATUS_E_FAILURE; + } + + return QDF_STATUS_SUCCESS; +} + +/** * hdd_ipa_uc_rt_debug_host_fill - fill rt debug buffer * @ctext: pointer to hdd context. * @@ -3464,8 +3526,9 @@ static void __hdd_ipa_uc_stat_query(hdd_context_t *hdd_ctx, (false == hdd_ipa->resource_loading)) { *ipa_tx_diff = hdd_ipa->ipa_tx_packets_diff; *ipa_rx_diff = hdd_ipa->ipa_rx_packets_diff; - hdd_debug("STAT Query TX DIFF %d, RX DIFF %d", - *ipa_tx_diff, *ipa_rx_diff); + hdd_debug_ratelimited(HDD_IPA_UC_STAT_LOG_RATE, + "STAT Query TX DIFF %d, RX DIFF %d", + *ipa_tx_diff, *ipa_rx_diff); } qdf_mutex_release(&hdd_ipa->ipa_lock); } @@ -3963,6 +4026,10 @@ static void hdd_ipa_uc_loaded_handler(struct hdd_ipa_priv *ipa_ctxt) return; } + if (hdd_ipa_init_perf_level(ipa_ctxt->hdd_ctx) != QDF_STATUS_SUCCESS) + HDD_IPA_LOG(QDF_TRACE_LEVEL_ERROR, + "Failed to init perf level"); + /* If already any STA connected, enable IPA/FW PIPEs */ if (ipa_ctxt->sap_num_connected_sta) { HDD_IPA_LOG(QDF_TRACE_LEVEL_DEBUG, @@ -4747,6 +4814,10 @@ QDF_STATUS hdd_ipa_uc_ol_init(hdd_context_t *hdd_ctx) stat = QDF_STATUS_E_FAILURE; goto fail_return; } + + if (hdd_ipa_init_perf_level(hdd_ctx) != QDF_STATUS_SUCCESS) + HDD_IPA_LOG(QDF_TRACE_LEVEL_ERROR, + "Failed to init perf level"); } else { hdd_ipa_uc_get_db_paddr(&ipa_ctxt->tx_comp_doorbell_dmaaddr, IPA_CLIENT_WLAN1_CONS); @@ -4997,8 +5068,7 @@ static int hdd_ipa_uc_disconnect_client(hdd_adapter_t *adapter) * * Return: 0 - Success */ - -static int hdd_ipa_uc_disconnect_ap(hdd_adapter_t *adapter) +int hdd_ipa_uc_disconnect_ap(hdd_adapter_t *adapter) { int ret = 0; @@ -5486,6 +5556,8 @@ static void hdd_ipa_send_skb_to_network(qdf_nbuf_t skb, struct hdd_ipa_priv *hdd_ipa = ghdd_ipa; unsigned int cpu_index; uint32_t enabled; + struct qdf_mac_addr src_mac; + uint8_t staid; if (hdd_validate_adapter(adapter)) { HDD_IPA_LOG(QDF_TRACE_LEVEL_DEBUG, "Invalid adapter: 0x%pK", @@ -5509,6 +5581,15 @@ static void hdd_ipa_send_skb_to_network(qdf_nbuf_t skb, if (!enabled) hdd_ipa_set_wake_up_idle(true); + if (adapter->device_mode == QDF_SAP_MODE) { + /* Send DHCP Indication to FW */ + qdf_mem_copy(&src_mac, skb->data + QDF_NBUF_SRC_MAC_OFFSET, + sizeof(src_mac)); + if (QDF_STATUS_SUCCESS == + hdd_softap_get_sta_id(adapter, &src_mac, &staid)) + hdd_dhcp_indication(adapter, staid, skb, QDF_RX); + } + skb->destructor = hdd_ipa_uc_rt_debug_destructor; skb->dev = adapter->dev; skb->protocol = eth_type_trans(skb, skb->dev); @@ -6368,9 +6449,11 @@ static void hdd_ipa_cleanup_iface(struct hdd_ipa_iface_context *iface_context) if (iface_context == NULL) return; - if (hdd_validate_adapter(iface_context->adapter)) + if (hdd_validate_adapter(iface_context->adapter)) { HDD_IPA_LOG(QDF_TRACE_LEVEL_DEBUG, "Invalid adapter: 0x%pK", iface_context->adapter); + return; + } hdd_ipa_wdi_dereg_intf(iface_context->hdd_ipa, iface_context->adapter->dev->name); @@ -7177,11 +7260,13 @@ hdd_ipa_uc_proc_pending_event(struct hdd_ipa_priv *hdd_ipa, bool is_loading) qdf_list_remove_front(&hdd_ipa->pending_event, (qdf_list_node_t **)&pending_event); while (pending_event != NULL) { - if (pending_event->is_loading == is_loading) + if (pending_event->is_loading == is_loading && + !hdd_validate_adapter(pending_event->adapter)) { __hdd_ipa_wlan_evt(pending_event->adapter, pending_event->sta_id, pending_event->type, pending_event->mac_addr); + } qdf_mem_free(pending_event); pending_event = NULL; qdf_list_remove_front(&hdd_ipa->pending_event, @@ -7313,26 +7398,6 @@ static QDF_STATUS __hdd_ipa_init(hdd_context_t *hdd_ctx) goto fail_create_sys_pipe; } - /* When IPA clock scaling is disabled, initialze maximum clock */ - if (!hdd_ipa_is_clk_scaling_enabled(hdd_ctx)) { - hdd_debug("IPA clock scaling is disabled."); - hdd_debug("Set initial CONS/PROD perf: %d", - HDD_IPA_MAX_BANDWIDTH); - ret = hdd_ipa_wdi_rm_set_perf_profile(hdd_ipa, - IPA_CLIENT_WLAN1_CONS, HDD_IPA_MAX_BANDWIDTH); - if (ret) { - hdd_err("RM CONS set perf profile failed: %d", ret); - goto fail_create_sys_pipe; - } - - ret = hdd_ipa_wdi_rm_set_perf_profile(hdd_ipa, - IPA_CLIENT_WLAN1_PROD, HDD_IPA_MAX_BANDWIDTH); - if (ret) { - hdd_err("RM PROD set perf profile failed: %d", ret); - goto fail_create_sys_pipe; - } - } - init_completion(&hdd_ipa->ipa_resource_comp); HDD_IPA_LOG(QDF_TRACE_LEVEL_DEBUG, "exit: success"); @@ -7394,8 +7459,12 @@ static void __hdd_ipa_flush(hdd_context_t *hdd_ctx) qdf_spin_unlock_bh(&hdd_ipa->pm_lock); pm_tx_cb = (struct hdd_ipa_pm_tx_cb *)skb->cb; - if (pm_tx_cb->ipa_tx_desc) - ipa_free_skb(pm_tx_cb->ipa_tx_desc); + if (pm_tx_cb->exception) { + dev_kfree_skb_any(skb); + } else { + if (pm_tx_cb->ipa_tx_desc) + ipa_free_skb(pm_tx_cb->ipa_tx_desc); + } qdf_spin_lock_bh(&hdd_ipa->pm_lock); } diff --git a/core/hdd/src/wlan_hdd_main.c b/core/hdd/src/wlan_hdd_main.c index 0a48b2b56d55..d63ccbda31c8 100644 --- a/core/hdd/src/wlan_hdd_main.c +++ b/core/hdd/src/wlan_hdd_main.c @@ -517,10 +517,13 @@ static int __hdd_netdev_notifier_call(struct notifier_block *nb, msecs_to_jiffies(WLAN_WAIT_TIME_ABORTSCAN)); if (!rc) hdd_err("Timeout occurred while waiting for abortscan"); - } else { - cds_flush_work(&adapter->scan_block_work); - hdd_debug("Scan is not Pending from user"); } + cds_flush_work(&adapter->scan_block_work); + /* Need to clean up blocked scan request */ + wlan_hdd_cfg80211_scan_block_cb(&adapter->scan_block_work); + qdf_list_destroy(&adapter->blocked_scan_request_q); + qdf_mutex_destroy(&adapter->blocked_scan_request_q_lock); + hdd_debug("Scan is not Pending from user"); /* * After NETDEV_GOING_DOWN, kernel calls hdd_stop.Irrespective * of return status of hdd_stop call, kernel resets the IFF_UP @@ -771,8 +774,7 @@ int hdd_validate_adapter(hdd_adapter_t *adapter) } if (adapter->magic != WLAN_HDD_ADAPTER_MAGIC) { - hdd_err("bad adapter magic: 0x%x (should be 0x%x)", - adapter->magic, WLAN_HDD_ADAPTER_MAGIC); + hdd_err("bad adapter magic"); return -EINVAL; } @@ -1962,6 +1964,64 @@ static int hdd_mon_open(struct net_device *dev) } /** + * wlan_hdd_update_dbs_scan_and_fw_mode_config() - Send updated dual mac scan + * configuration and fw mode configuration + * + * This is called from hdd_start_adapter after the device specific adapter is + * started + * + * Return: 0 for success; non-zero for failure + */ +static QDF_STATUS +wlan_hdd_update_dbs_scan_and_fw_mode_config(void) +{ + struct sir_dual_mac_config cfg = {0}; + QDF_STATUS status; + uint32_t channel_select_logic_conc; + hdd_context_t *hdd_ctx; + + hdd_ctx = cds_get_context(QDF_MODULE_ID_HDD); + if (!hdd_ctx) { + hdd_err("HDD context is NULL"); + return QDF_STATUS_E_FAILURE; + } + if (!wma_is_hw_dbs_capable()) + return QDF_STATUS_SUCCESS; + + cfg.scan_config = 0; + cfg.fw_mode_config = 0; + cfg.set_dual_mac_cb = cds_soc_set_dual_mac_cfg_cb; + + channel_select_logic_conc = hdd_ctx->config-> + channel_select_logic_conc; + + if (hdd_ctx->config->dual_mac_feature_disable != + DISABLE_DBS_CXN_AND_SCAN) { + status = wma_get_updated_scan_and_fw_mode_config( + &cfg.scan_config, &cfg.fw_mode_config, + hdd_ctx->config->dual_mac_feature_disable, + channel_select_logic_conc); + + if (status != QDF_STATUS_SUCCESS) { + hdd_err("wma_get_updated_scan_and_fw_mode_config failed %d", + status); + return status; + } + } + + hdd_debug("send scan_cfg: 0x%x fw_mode_cfg: 0x%x to fw", + cfg.scan_config, cfg.fw_mode_config); + + status = sme_soc_set_dual_mac_config(hdd_ctx->hHal, cfg); + if (status != QDF_STATUS_SUCCESS) { + hdd_err("sme_soc_set_dual_mac_config failed %d", + status); + return status; + } + + return QDF_STATUS_SUCCESS; +} +/** * hdd_start_adapter() - Wrapper function for device specific adapter * @adapter: pointer to HDD adapter * @@ -2024,6 +2084,7 @@ int hdd_start_adapter(hdd_adapter_t *adapter) hdd_err("Failed to register frames - ret %d", ret); goto err_start_adapter; } + wlan_hdd_update_dbs_scan_and_fw_mode_config(); exit: EXIT(); return 0; @@ -3466,7 +3527,7 @@ QDF_STATUS hdd_init_station_mode(hdd_adapter_t *adapter) ret_val = sme_cli_set_command(adapter->sessionId, WMI_PDEV_PARAM_BURST_ENABLE, - hdd_ctx->config->enableSifsBurst, + HDD_ENABLE_SIFS_BURST_DEFAULT, PDEV_CMD); if (0 != ret_val) { @@ -3574,6 +3635,35 @@ void hdd_cleanup_actionframe_no_wait(hdd_context_t *hdd_ctx, } /** + * hdd_cleanup_actionframe_all_adapters() - Clean up pending action frame + * @hdd_ctx: global hdd context + * + * This function cleans up pending action frame without waiting for + * ack on all adapters. + * + * Return: None + */ +static QDF_STATUS hdd_cleanup_actionframe_all_adapters(hdd_context_t *hdd_ctx) +{ + hdd_adapter_list_node_t *adapter_node = NULL, *next = NULL; + QDF_STATUS status; + hdd_adapter_t *adapter; + + ENTER(); + + status = hdd_get_front_adapter(hdd_ctx, &adapter_node); + while (adapter_node && QDF_IS_STATUS_SUCCESS(status)) { + adapter = adapter_node->pAdapter; + hdd_cleanup_actionframe_no_wait(hdd_ctx, adapter); + status = hdd_get_next_adapter(hdd_ctx, adapter_node, &next); + adapter_node = next; + } + + EXIT(); + return QDF_STATUS_SUCCESS; +} + +/** * hdd_station_adapter_deinit() - De-initialize the station adapter * @hdd_ctx: global hdd context * @adapter: HDD adapter @@ -4384,6 +4474,9 @@ hdd_adapter_t *hdd_open_adapter(hdd_context_t *hdd_ctx, uint8_t session_type, } INIT_WORK(&adapter->scan_block_work, wlan_hdd_cfg80211_scan_block_cb); + qdf_list_create(&adapter->blocked_scan_request_q, + CFG_MAX_SCAN_COUNT_MAX); + qdf_mutex_create(&adapter->blocked_scan_request_q_lock); cfgState = WLAN_HDD_GET_CFG_STATE_PTR(adapter); mutex_init(&cfgState->remain_on_chan_ctx_lock); @@ -4864,6 +4957,7 @@ QDF_STATUS hdd_stop_adapter(hdd_context_t *hdd_ctx, hdd_adapter_t *adapter, /* Reset WNI_CFG_PROBE_RSP Flags */ wlan_hdd_reset_prob_rspies(adapter); } + clear_bit(SOFTAP_INIT_DONE, &adapter->event_flags); qdf_mem_free(adapter->sessionCtx.ap.beacon); adapter->sessionCtx.ap.beacon = NULL; if (true == bCloseSession) @@ -4963,6 +5057,33 @@ QDF_STATUS hdd_stop_all_adapters(hdd_context_t *hdd_ctx, bool close_session) return QDF_STATUS_SUCCESS; } +#ifdef QCA_LL_LEGACY_TX_FLOW_CONTROL +/** + * hdd_adapter_abort_tx_flow() - Abort the tx flow control + * @pAdapter: pointer to hdd_adapter_t + * + * Resume tx and stop the tx flow control timer if the tx is paused and the flow + * control timer is running. This function is called by SSR to avoid the + * inconsistency of tx status before and after SSR. + * + * Return: void + */ +static void hdd_adapter_abort_tx_flow(hdd_adapter_t *adapter) +{ + if ((adapter->hdd_stats.hddTxRxStats.is_txflow_paused == TRUE) && + (QDF_TIMER_STATE_RUNNING == + qdf_mc_timer_get_current_state(&adapter->tx_flow_control_timer))) { + hdd_tx_resume_timer_expired_handler(adapter); + qdf_mc_timer_stop(&adapter->tx_flow_control_timer); + } +} +#else +static void hdd_adapter_abort_tx_flow(hdd_adapter_t *pAdapter) +{ + return; +} +#endif + QDF_STATUS hdd_reset_all_adapters(hdd_context_t *hdd_ctx) { hdd_adapter_list_node_t *adapterNode = NULL, *pNext = NULL; @@ -4983,6 +5104,8 @@ QDF_STATUS hdd_reset_all_adapters(hdd_context_t *hdd_ctx) while (NULL != adapterNode && QDF_STATUS_SUCCESS == status) { adapter = adapterNode->pAdapter; + hdd_adapter_abort_tx_flow(adapter); + if ((adapter->device_mode == QDF_STA_MODE) || (adapter->device_mode == QDF_P2P_CLIENT_MODE)) { /* Stop tdls timers */ @@ -5570,14 +5693,54 @@ void hdd_connect_result(struct net_device *dev, const u8 *bssid, #endif +#ifdef MSM_PLATFORM +/** + * hdd_stop_p2p_go() - call cfg80211 API to stop P2P GO + * @adapter: pointer to adapter + * + * This function calls cfg80211 API to stop P2P GO + * + * Return: None + */ +static void hdd_stop_p2p_go(hdd_adapter_t *adapter) +{ + hdd_debug("[SSR] send stop ap to supplicant"); + cfg80211_ap_stopped(adapter->dev, GFP_KERNEL); +} + +static inline void hdd_delete_sta(hdd_adapter_t *adapter) +{ +} +#else +static inline void hdd_stop_p2p_go(hdd_adapter_t *adapter) +{ +} + +/** + * hdd_delete_sta() - call cfg80211 API to delete STA + * @adapter: pointer to adapter + * + * This function calls cfg80211 API to delete STA + * + * Return: None + */ +static void hdd_delete_sta(hdd_adapter_t *adapter) +{ + struct qdf_mac_addr bcast_mac = QDF_MAC_ADDR_BROADCAST_INITIALIZER; + + hdd_debug("[SSR] send restart supplicant"); + /* event supplicant to restart */ + cfg80211_del_sta(adapter->dev, + (const u8 *)&bcast_mac.bytes[0], + GFP_KERNEL); +} +#endif + QDF_STATUS hdd_start_all_adapters(hdd_context_t *hdd_ctx) { hdd_adapter_list_node_t *adapterNode = NULL, *pNext = NULL; QDF_STATUS status; hdd_adapter_t *adapter; -#ifndef MSM_PLATFORM - struct qdf_mac_addr bcastMac = QDF_MAC_ADDR_BROADCAST_INITIALIZER; -#endif eConnectionState connState; ENTER(); @@ -5655,16 +5818,7 @@ QDF_STATUS hdd_start_all_adapters(hdd_context_t *hdd_ctx) break; case QDF_P2P_GO_MODE: -#ifdef MSM_PLATFORM - hdd_debug("[SSR] send stop ap to supplicant"); - cfg80211_ap_stopped(adapter->dev, GFP_KERNEL); -#else - hdd_debug("[SSR] send restart supplicant"); - /* event supplicant to restart */ - cfg80211_del_sta(adapter->dev, - (const u8 *)&bcastMac.bytes[0], - GFP_KERNEL); -#endif + hdd_delete_sta(adapter); break; case QDF_MONITOR_MODE: hdd_init_station_mode(adapter); @@ -5687,6 +5841,20 @@ get_adapter: adapterNode = pNext; } + status = hdd_get_front_adapter(hdd_ctx, &adapterNode); + while (NULL != adapterNode && QDF_STATUS_SUCCESS == status) { + adapter = adapterNode->pAdapter; + + if (!hdd_is_interface_up(adapter)) + goto get_adapter_sec; + + if (adapter->device_mode == QDF_P2P_GO_MODE) + hdd_stop_p2p_go(adapter); +get_adapter_sec: + status = hdd_get_next_adapter(hdd_ctx, adapterNode, &pNext); + adapterNode = pNext; + } + EXIT(); return QDF_STATUS_SUCCESS; @@ -6226,10 +6394,11 @@ void hdd_unregister_notifiers(hdd_context_t *hdd_ctx) */ static void hdd_exit_netlink_services(hdd_context_t *hdd_ctx) { + spectral_scan_deactivate_service(); + cnss_diag_deactivate_service(); hdd_close_cesium_nl_sock(); - ptt_sock_deactivate_svc(); - + oem_deactivate_service(); nl_srv_exit(); } @@ -6259,11 +6428,7 @@ static int hdd_init_netlink_services(hdd_context_t *hdd_ctx) goto err_nl_srv; } - ret = ptt_sock_activate_svc(); - if (ret) { - hdd_err("ptt_sock_activate_svc failed: %d", ret); - goto err_nl_srv; - } + ptt_sock_activate_svc(); ret = hdd_open_cesium_nl_sock(); if (ret) @@ -6278,14 +6443,17 @@ static int hdd_init_netlink_services(hdd_context_t *hdd_ctx) ret = spectral_scan_activate_service(); if (ret) { hdd_alert("spectral_scan_activate_service failed: %d", ret); - goto err_close_cesium; + goto err_cnss_diag; } return 0; +err_cnss_diag: + cnss_diag_deactivate_service(); err_close_cesium: hdd_close_cesium_nl_sock(); ptt_sock_deactivate_svc(); + oem_deactivate_service(); err_nl_srv: nl_srv_exit(); out: @@ -6330,6 +6498,7 @@ static int hdd_roc_context_init(hdd_context_t *hdd_ctx) { qdf_spinlock_create(&hdd_ctx->hdd_roc_req_q_lock); qdf_list_create(&hdd_ctx->hdd_roc_req_q, MAX_ROC_REQ_QUEUE_ENTRY); + qdf_idr_create(&hdd_ctx->p2p_idr); INIT_DELAYED_WORK(&hdd_ctx->roc_req_work, wlan_hdd_roc_request_dequeue); @@ -6346,6 +6515,7 @@ static int hdd_roc_context_init(hdd_context_t *hdd_ctx) */ static void hdd_roc_context_destroy(hdd_context_t *hdd_ctx) { + qdf_idr_destroy(&hdd_ctx->p2p_idr); qdf_list_destroy(&hdd_ctx->hdd_roc_req_q); qdf_spinlock_destroy(&hdd_ctx->hdd_roc_req_q_lock); } @@ -7936,8 +8106,7 @@ static void hdd_restart_sap(hdd_adapter_t *adapter, uint8_t channel) } hdd_ap_ctx->sapConfig.channel = channel; - hdd_ap_ctx->sapConfig.ch_params.ch_width = - hdd_ap_ctx->sapConfig.ch_width_orig; + hdd_ap_ctx->sapConfig.ch_params.ch_width = CH_WIDTH_MAX; hdd_debug("chan:%d width:%d", channel, hdd_ap_ctx->sapConfig.ch_width_orig); @@ -7986,13 +8155,23 @@ void hdd_unsafe_channel_restart_sap(hdd_context_t *hdd_ctxt) } found = false; - for (i = 0; i < hdd_ctxt->unsafe_channel_count; i++) { - if (adapter_temp->sessionCtx.ap.operatingChannel == - hdd_ctxt->unsafe_channel_list[i]) { - found = true; - hdd_debug("operating ch:%d is unsafe", - adapter_temp->sessionCtx.ap.operatingChannel); - break; + /* + * If STA+SAP is doing SCC & g_sta_sap_scc_on_lte_coex_chan + * is set, no need to move SAP. + */ + if (cds_is_sta_sap_scc( + adapter_temp->sessionCtx.ap.operatingChannel) && + hdd_ctxt->config->sta_sap_scc_on_lte_coex_chan) + hdd_debug("SAP is allowed on SCC channel, no need to move SAP"); + else { + for (i = 0; i < hdd_ctxt->unsafe_channel_count; i++) { + if (adapter_temp->sessionCtx.ap.operatingChannel == + hdd_ctxt->unsafe_channel_list[i]) { + found = true; + hdd_debug("operating ch:%d is unsafe", + adapter_temp->sessionCtx.ap.operatingChannel); + break; + } } } @@ -8381,53 +8560,6 @@ void hdd_indicate_mgmt_frame(tSirSmeMgmtFrameInd *frame_ind) frame_ind->rxRssi); } -static QDF_STATUS -wlan_hdd_update_dbs_scan_and_fw_mode_config(hdd_context_t *hdd_ctx) -{ - struct sir_dual_mac_config cfg = {0}; - QDF_STATUS status; - uint32_t channel_select_logic_conc; - - if (!hdd_ctx) { - hdd_err("HDD context is NULL"); - return QDF_STATUS_E_FAILURE; - } - if (!wma_is_hw_dbs_capable()) - return QDF_STATUS_SUCCESS; - - cfg.scan_config = 0; - cfg.fw_mode_config = 0; - cfg.set_dual_mac_cb = cds_soc_set_dual_mac_cfg_cb; - - channel_select_logic_conc = hdd_ctx->config-> - channel_select_logic_conc; - - if (hdd_ctx->config->dual_mac_feature_disable != - DISABLE_DBS_CXN_AND_SCAN) { - status = wma_get_updated_scan_and_fw_mode_config( - &cfg.scan_config, &cfg.fw_mode_config, - hdd_ctx->config->dual_mac_feature_disable, - channel_select_logic_conc); - - if (status != QDF_STATUS_SUCCESS) { - hdd_err("wma_get_updated_scan_and_fw_mode_config failed %d", - status); - return status; - } - } - - hdd_debug("send scan_cfg: 0x%x fw_mode_cfg: 0x%x to fw", - cfg.scan_config, cfg.fw_mode_config); - - status = sme_soc_set_dual_mac_config(hdd_ctx->hHal, cfg); - if (status != QDF_STATUS_SUCCESS) { - hdd_err("sme_soc_set_dual_mac_config failed %d", status); - return status; - } - - return QDF_STATUS_SUCCESS; -} - /** * hdd_override_ini_config - Override INI config * @hdd_ctx: HDD context @@ -8530,7 +8662,6 @@ static int hdd_context_init(hdd_context_t *hdd_ctx) hdd_ctx->max_intf_count = CSR_ROAM_SESSION_MAX; hdd_init_ll_stats_ctx(); - hdd_init_nud_stats_ctx(hdd_ctx); init_completion(&hdd_ctx->chain_rssi_context.response_event); init_completion(&hdd_ctx->mc_sus_event_var); @@ -10153,15 +10284,6 @@ static int hdd_features_init(hdd_context_t *hdd_ctx, hdd_adapter_t *adapter) ENTER(); - if (hdd_ctx->config->sifs_burst_duration) { - set_value = (SIFS_BURST_DUR_MULTIPLIER) * - hdd_ctx->config->sifs_burst_duration; - - if ((set_value > 0) && (set_value <= SIFS_BURST_DUR_MAX)) - sme_cli_set_command(0, WMI_PDEV_PARAM_BURST_DUR, - set_value, PDEV_CMD); - } - sme_set_chip_pwr_save_fail_cb(hdd_ctx->hHal, hdd_chip_pwr_save_fail_detected_cb); @@ -10271,11 +10393,6 @@ static int hdd_features_init(hdd_context_t *hdd_ctx, hdd_adapter_t *adapter) wlan_hdd_tsf_init(hdd_ctx); hdd_encrypt_decrypt_init(hdd_ctx); - status = wlan_hdd_update_dbs_scan_and_fw_mode_config(hdd_ctx); - if (!QDF_IS_STATUS_SUCCESS(status)) { - hdd_err("Failed to set dbs scan and fw mode cfg"); - goto deregister_frames; - } if (hdd_ctx->config->goptimize_chan_avoid_event) { status = sme_enable_disable_chanavoidind_event( hdd_ctx->hHal, 0); @@ -11049,23 +11166,12 @@ void hdd_wlan_update_target_info(hdd_context_t *hdd_ctx, void *context) hdd_ctx->target_type = tgt_info->target_type; } -/** - * hdd_get_nud_stats_cb() - callback api to update the stats - * received from the firmware - * @data: pointer to adapter. - * @rsp: pointer to data received from FW. - * - * This is called when wlan driver received response event for - * get arp stats to firmware. - * - * Return: None - */ -static void hdd_get_nud_stats_cb(void *data, struct rsp_stats *rsp) +void hdd_get_nud_stats_cb(void *data, struct rsp_stats *rsp, void *context) { hdd_context_t *hdd_ctx = (hdd_context_t *)data; - struct hdd_nud_stats_context *context; int status; hdd_adapter_t *adapter = NULL; + struct hdd_request *request = NULL; ENTER(); @@ -11075,12 +11181,19 @@ static void hdd_get_nud_stats_cb(void *data, struct rsp_stats *rsp) } status = wlan_hdd_validate_context(hdd_ctx); - if (0 != status) + if (status != 0) + return; + + request = hdd_request_get(context); + if (!request) { + hdd_err("obselete request"); return; + } adapter = hdd_get_adapter_by_vdev(hdd_ctx, rsp->vdev_id); if ((NULL == adapter) || (WLAN_HDD_ADAPTER_MAGIC != adapter->magic)) { hdd_err("Invalid adapter or adapter has invalid magic"); + hdd_request_put(request); return; } @@ -11108,10 +11221,8 @@ static void hdd_get_nud_stats_cb(void *data, struct rsp_stats *rsp) rsp->icmpv4_rsp_recvd; } - spin_lock(&hdd_context_lock); - context = &hdd_ctx->nud_stats_context; - qdf_event_set(&context->response_event); - spin_unlock(&hdd_context_lock); + hdd_request_complete(request); + hdd_request_put(request); EXIT(); } @@ -11165,9 +11276,6 @@ int hdd_register_cb(hdd_context_t *hdd_ctx) sme_set_rssi_threshold_breached_cb(hdd_ctx->hHal, hdd_rssi_threshold_breached); - sme_set_nud_debug_stats_cb(hdd_ctx->hHal, - hdd_get_nud_stats_cb); - status = sme_apf_offload_register_callback(hdd_ctx->hHal, hdd_get_apf_capabilities_cb); if (!QDF_IS_STATUS_SUCCESS(status)) { @@ -12567,6 +12675,7 @@ static void hdd_stop_present_mode(hdd_context_t *hdd_ctx, /* fallthrough */ case QDF_GLOBAL_MISSION_MODE: case QDF_GLOBAL_FTM_MODE: + hdd_cleanup_actionframe_all_adapters(hdd_ctx); hdd_abort_mac_scan_all_adapters(hdd_ctx); hdd_cleanup_scan_queue(hdd_ctx, NULL); @@ -12785,6 +12894,11 @@ static int con_mode_handler(const char *kmessage, const struct kernel_param *kp) if (ret) return ret; + if (!cds_wait_for_external_threads_completion(__func__)) { + hdd_warn("External threads are still active, can not change mode"); + return -EAGAIN; + } + cds_ssr_protect(__func__); ret = __con_mode_handler(kmessage, kp, hdd_ctx); cds_ssr_unprotect(__func__); diff --git a/core/hdd/src/wlan_hdd_nan_datapath.c b/core/hdd/src/wlan_hdd_nan_datapath.c index 90a72a179bc8..a2033660dfb3 100644 --- a/core/hdd/src/wlan_hdd_nan_datapath.c +++ b/core/hdd/src/wlan_hdd_nan_datapath.c @@ -59,7 +59,7 @@ qca_wlan_vendor_ndp_policy[QCA_WLAN_VENDOR_ATTR_NDP_PARAMS_MAX + 1] = { NLA_U32 }, [QCA_WLAN_VENDOR_ATTR_NDP_DRV_RETURN_VALUE] = { .type = NLA_U32 }, [QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_CONFIG] = { .type = NLA_U32 }, - [QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE] = { .type = NLA_U32 }, + [QCA_WLAN_VENDOR_ATTR_NDP_CSID] = { .type = NLA_U32 }, [QCA_WLAN_VENDOR_ATTR_NDP_PMK] = { .type = NLA_BINARY, .len = NDP_PMK_LEN }, [QCA_WLAN_VENDOR_ATTR_NDP_SCID] = { .type = NLA_BINARY, @@ -572,9 +572,9 @@ static int ndp_parse_security_params(struct nlattr **tb, return -EINVAL; } - if (tb[QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE]) { + if (tb[QCA_WLAN_VENDOR_ATTR_NDP_CSID]) { *ncs_sk_type = - nla_get_u32(tb[QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE]); + nla_get_u32(tb[QCA_WLAN_VENDOR_ATTR_NDP_CSID]); } if (tb[QCA_WLAN_VENDOR_ATTR_NDP_PMK]) { @@ -626,7 +626,7 @@ static int ndp_parse_security_params(struct nlattr **tb, * QCA_WLAN_VENDOR_ATTR_NDP_APP_INFO - optional * QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_QOS - optional * QCA_WLAN_VENDOR_ATTR_NDP_PMK - optional - * QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE - optional + * QCA_WLAN_VENDOR_ATTR_NDP_CSID - optional * QCA_WLAN_VENDOR_ATTR_NDP_PASSPHRASE - optional * QCA_WLAN_VENDOR_ATTR_NDP_SERVICE_NAME - optional * @@ -767,7 +767,7 @@ static int hdd_ndp_initiator_req_handler(hdd_context_t *hdd_ctx, * QCA_WLAN_VENDOR_ATTR_NDP_APP_INFO - optional * QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_QOS - optional * QCA_WLAN_VENDOR_ATTR_NDP_PMK - optional - * QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE - optional + * QCA_WLAN_VENDOR_ATTR_NDP_CSID - optional * * Return: 0 on success or error code on failure */ @@ -1589,7 +1589,7 @@ ndp_confirm_nla_failed: * QCA_WLAN_VENDOR_ATTR_NDP_INSTANCE_ID (4 bytes) * QCA_WLAN_VENDOR_ATTR_NDP_APP_INFO (ndp_app_info_len size) * QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_QOS (4 bytes) - * QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE(4 bytes) + * QCA_WLAN_VENDOR_ATTR_NDP_CSID(4 bytes) * QCA_WLAN_VENDOR_ATTR_NDP_SCID(scid_len in size) * * Return: none @@ -1702,7 +1702,7 @@ static void hdd_ndp_indication_handler(hdd_adapter_t *adapter, if (event->scid.scid_len) { if (nla_put_u32(vendor_event, - QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE, + QCA_WLAN_VENDOR_ATTR_NDP_CSID, event->ncs_sk_type)) goto ndp_indication_nla_failed; @@ -2391,7 +2391,7 @@ int hdd_init_nan_data_mode(struct hdd_adapter_s *adapter) ret_val = wma_cli_set_command((int)adapter->sessionId, (int)WMI_PDEV_PARAM_BURST_ENABLE, - (int)hdd_ctx->config->enableSifsBurst, + (int)HDD_ENABLE_SIFS_BURST_DEFAULT, PDEV_CMD); if (0 != ret_val) hdd_err("WMI_PDEV_PARAM_BURST_ENABLE set failed %d", ret_val); diff --git a/core/hdd/src/wlan_hdd_nan_datapath.h b/core/hdd/src/wlan_hdd_nan_datapath.h index 3e9b85477303..72516e3f80e2 100644 --- a/core/hdd/src/wlan_hdd_nan_datapath.h +++ b/core/hdd/src/wlan_hdd_nan_datapath.h @@ -61,71 +61,6 @@ struct wireless_dev; #endif /* WLAN_FEATURE_NAN_DATAPATH */ /** - * enum qca_wlan_vendor_attr_ndp_params - vendor attribute parameters - * @QCA_WLAN_VENDOR_ATTR_NDP_SUBCMD: NDP Sub command - * @QCA_WLAN_VENDOR_ATTR_NDP_TRANSACTION_ID: Transaction id reference - * @QCA_WLAN_VENDOR_ATTR_NDP_STATUS_ID: NDP status id - * @QCA_WLAN_VENDOR_ATTR_NDP_SERVICE_INSTANCE_ID: Service instance id - * @QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL: Requested channel - * @QCA_WLAN_VENDOR_ATTR_NDP_PEER_DISCOVERY_MAC_ADDR: Peer discovery mac addr - * @QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR: Iface name - * @QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_SECURITY: Security configuration - * @QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_QOS: Qos configuration - * @QCA_WLAN_VENDOR_ATTR_NDP_APP_INFO: Application info - * @QCA_WLAN_VENDOR_ATTR_NDP_INSTANCE_ID: NDP instance id - * @QCA_WLAN_VENDOR_ATTR_NDP_INSTANCE_ID_ARRAY: NDP instance id array - * @QCA_WLAN_VENDOR_ATTR_NDP_RESPONSE_CODE: Schedule response - * @QCA_WLAN_VENDOR_ATTR_NDP_NDI_MAC_ADDR: NDI mac address - * @QCA_WLAN_VENDOR_ATTR_NDP_DRV_RESPONSE_STATUS_TYPE: Driver return status - * @QCA_WLAN_VENDOR_ATTR_NDP_DRV_RETURN_VALUE: Driver return value - * @QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_CONFIG: Channel config request type - * @QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE: Cipher Suit ID - * @QCA_WLAN_VENDOR_ATTR_NDP_PMK: Pairwise Master Key - * @QCA_WLAN_VENDOR_ATTR_NDP_SCID: Security Context ID - * @QCA_WLAN_VENDOR_ATTR_NDP_PASSPHRASE - pass phrase - * @QCA_WLAN_VENDOR_ATTR_NDP_SERVICE_NAME - service name - * @QCA_WLAN_VENDOR_ATTR_NDP_SCHEDULE_UPDATE_REASON: reason for sch update - * @QCA_WLAN_VENDOR_ATTR_NDP_NSS: NSS - * @QCA_WLAN_VENDOR_ATTR_NDP_NUM_CHANNELS: num of channels - * @QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_WIDTH: channel width - * @QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_INFO: channel info struct array - */ -enum qca_wlan_vendor_attr_ndp_params { - QCA_WLAN_VENDOR_ATTR_NDP_PARAM_INVALID = 0, - QCA_WLAN_VENDOR_ATTR_NDP_SUBCMD, - QCA_WLAN_VENDOR_ATTR_NDP_TRANSACTION_ID, - QCA_WLAN_VENDOR_ATTR_NDP_SERVICE_INSTANCE_ID, - QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL, - QCA_WLAN_VENDOR_ATTR_NDP_PEER_DISCOVERY_MAC_ADDR, - QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR, - /* CONFIG_SECURITY is deprecated, use NCS_SK_TYPE/PMK/SCID instead */ - QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_SECURITY, - QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_QOS, - QCA_WLAN_VENDOR_ATTR_NDP_APP_INFO, - QCA_WLAN_VENDOR_ATTR_NDP_INSTANCE_ID, - QCA_WLAN_VENDOR_ATTR_NDP_INSTANCE_ID_ARRAY, - QCA_WLAN_VENDOR_ATTR_NDP_RESPONSE_CODE, - QCA_WLAN_VENDOR_ATTR_NDP_NDI_MAC_ADDR, - QCA_WLAN_VENDOR_ATTR_NDP_DRV_RESPONSE_STATUS_TYPE, - QCA_WLAN_VENDOR_ATTR_NDP_DRV_RETURN_VALUE, - QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_CONFIG, - QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE, - QCA_WLAN_VENDOR_ATTR_NDP_PMK, - QCA_WLAN_VENDOR_ATTR_NDP_SCID, - QCA_WLAN_VENDOR_ATTR_NDP_PASSPHRASE, - QCA_WLAN_VENDOR_ATTR_NDP_SERVICE_NAME, - QCA_WLAN_VENDOR_ATTR_NDP_SCHEDULE_UPDATE_REASON, - QCA_WLAN_VENDOR_ATTR_NDP_NSS, - QCA_WLAN_VENDOR_ATTR_NDP_NUM_CHANNELS, - QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_WIDTH, - QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_INFO, - - QCA_WLAN_VENDOR_ATTR_NDP_PARAMS_AFTER_LAST, - QCA_WLAN_VENDOR_ATTR_NDP_PARAMS_MAX = - QCA_WLAN_VENDOR_ATTR_NDP_PARAMS_AFTER_LAST - 1, -}; - -/** * enum qca_wlan_vendor_attr_ndp_cfg_security - vendor security attribute * @QCA_WLAN_VENDOR_ATTR_NDP_SECURITY_ENABLE: Security enabled */ @@ -141,38 +76,6 @@ enum qca_wlan_vendor_attr_ndp_qos { QCA_WLAN_VENDOR_ATTR_NDP_QOS_CONFIG = 1, }; -/** - * enum qca_wlan_vendor_attr_ndp_sub_cmd_value - NDP subcmd value - * @QCA_WLAN_VENDOR_ATTR_NDP_INVALID: Unused subcmd value - * @QCA_WLAN_VENDOR_ATTR_NDP_INTERFACE_CREATE: iface create - * @QCA_WLAN_VENDOR_ATTR_NDP_INTERFACE_DELETE: iface delete - * @QCA_WLAN_VENDOR_ATTR_NDP_INITIATOR_REQUEST: NDP initiator request - * @QCA_WLAN_VENDOR_ATTR_NDP_INITIATOR_RESPONSE: NDP initiator response - * @QCA_WLAN_VENDOR_ATTR_NDP_RESPONDER_REQUEST: NDP responder request - * @QCA_WLAN_VENDOR_ATTR_NDP_RESPONDER_RESPONSE: NDP responder response - * @QCA_WLAN_VENDOR_ATTR_NDP_END_REQUEST: NDP end request - * @QCA_WLAN_VENDOR_ATTR_NDP_END_RESPONSE: NDP end response - * @QCA_WLAN_VENDOR_ATTR_NDP_REQUEST_IND: NDP request indication - * @QCA_WLAN_VENDOR_ATTR_NDP_CONFIRM_IND: NDP confirm indication - * @QCA_WLAN_VENDOR_ATTR_NDP_END_IND: NDP End indication - * @QCA_WLAN_VENDOR_ATTR_NDP_SCHEDULE_UPDATE_IND: NDP schedule update indication - */ -enum qca_wlan_vendor_attr_ndp_sub_cmd_value { - QCA_WLAN_VENDOR_ATTR_NDP_INVALID = 0, - QCA_WLAN_VENDOR_ATTR_NDP_INTERFACE_CREATE = 1, - QCA_WLAN_VENDOR_ATTR_NDP_INTERFACE_DELETE = 2, - QCA_WLAN_VENDOR_ATTR_NDP_INITIATOR_REQUEST = 3, - QCA_WLAN_VENDOR_ATTR_NDP_INITIATOR_RESPONSE = 4, - QCA_WLAN_VENDOR_ATTR_NDP_RESPONDER_REQUEST = 5, - QCA_WLAN_VENDOR_ATTR_NDP_RESPONDER_RESPONSE = 6, - QCA_WLAN_VENDOR_ATTR_NDP_END_REQUEST = 7, - QCA_WLAN_VENDOR_ATTR_NDP_END_RESPONSE = 8, - QCA_WLAN_VENDOR_ATTR_NDP_REQUEST_IND = 9, - QCA_WLAN_VENDOR_ATTR_NDP_CONFIRM_IND = 10, - QCA_WLAN_VENDOR_ATTR_NDP_END_IND = 11, - QCA_WLAN_VENDOR_ATTR_NDP_SCHEDULE_UPDATE_IND = 12, -}; - /** enum nan_datapath_state - NAN datapath states * @NAN_DATA_NDI_CREATING_STATE: NDI create is in progress * @NAN_DATA_NDI_CREATED_STATE: NDI successfully crated diff --git a/core/hdd/src/wlan_hdd_oemdata.c b/core/hdd/src/wlan_hdd_oemdata.c index 5e2d62ffb2da..c51b554c276f 100644 --- a/core/hdd/src/wlan_hdd_oemdata.c +++ b/core/hdd/src/wlan_hdd_oemdata.c @@ -1062,21 +1062,19 @@ static void oem_cmd_handler(const void *data, int data_len, void *ctx, int pid) oem_request_dispatcher(msg_hdr, pid); } -/** - * oem_activate_service() - API to register the oem command handler - * @hdd_ctx: Pointer to HDD Context - * - * This API is used to register the oem app command handler. Argument - * @pAdapter is given for prototype compatibility with legacy code. - * - * Return: 0 - */ int oem_activate_service(struct hdd_context_s *hdd_ctx) { p_hdd_ctx = hdd_ctx; register_cld_cmd_cb(WLAN_NL_MSG_OEM, oem_cmd_handler, NULL); return 0; } + +int oem_deactivate_service(void) +{ + deregister_cld_cmd_cb(WLAN_NL_MSG_OEM); + return 0; +} + #else /* @@ -1143,16 +1141,6 @@ static int __oem_msg_callback(struct sk_buff *skb) return ret; } -/** - * oem_activate_service() - Activate oem message handler - * @hdd_ctx: pointer to global HDD context - * - * This function registers a handler to receive netlink message from - * an OEM application process. - * - * Return: zero on success - * On error, error number will be returned. - */ int oem_activate_service(struct hdd_context_s *hdd_ctx) { p_hdd_ctx = hdd_ctx; @@ -1160,5 +1148,12 @@ int oem_activate_service(struct hdd_context_s *hdd_ctx) /* Register the msg handler for msgs addressed to WLAN_NL_MSG_OEM */ return nl_srv_register(WLAN_NL_MSG_OEM, __oem_msg_callback); } + +int oem_deactivate_service(void) +{ + /* Deregister the msg handler for msgs addressed to WLAN_NL_MSG_OEM */ + return nl_srv_unregister(WLAN_NL_MSG_OEM, __oem_msg_callback); +} + #endif #endif diff --git a/core/hdd/src/wlan_hdd_p2p.c b/core/hdd/src/wlan_hdd_p2p.c index c3ed24ebc7ce..3f8c57821c96 100644 --- a/core/hdd/src/wlan_hdd_p2p.c +++ b/core/hdd/src/wlan_hdd_p2p.c @@ -745,8 +745,7 @@ QDF_STATUS wlan_hdd_remain_on_channel_callback(tHalHandle hHal, void *pCtx, cfg80211_remain_on_channel_expired( pRemainChanCtx->dev-> ieee80211_ptr, - pRemainChanCtx-> - cookie, + (u64)pRemainChanCtx->id, &pRemainChanCtx->chan, GFP_KERNEL); pAdapter->last_roc_ts = @@ -787,6 +786,7 @@ QDF_STATUS wlan_hdd_remain_on_channel_callback(tHalHandle hHal, void *pCtx, pRemainChanCtx->action_pkt_buff.frame_ptr = NULL; pRemainChanCtx->action_pkt_buff.frame_length = 0; } + qdf_idr_remove(&hdd_ctx->p2p_idr, pRemainChanCtx->id); } qdf_mem_free(pRemainChanCtx); mutex_unlock(&cfgState->remain_on_chan_ctx_lock); @@ -1137,6 +1137,12 @@ static int wlan_hdd_execute_remain_on_channel(hdd_adapter_t *pAdapter, duration *= P2P_ROC_DURATION_MULTIPLIER_GO_PRESENT; else duration *= P2P_ROC_DURATION_MULTIPLIER_GO_ABSENT; + + /* this is to protect too huge value if some customers + * give a higher value from supplicant + */ + if (duration > HDD_P2P_MAX_ROC_DURATION) + duration = HDD_P2P_MAX_ROC_DURATION; } hdd_prevent_suspend(WIFI_POWER_EVENT_WAKELOCK_ROC); @@ -1308,13 +1314,13 @@ static void wlan_hdd_indicate_roc_drop(hdd_adapter_t *adapter, hdd_debug("indicate roc drop to userspace"); cfg80211_ready_on_channel( adapter->dev->ieee80211_ptr, - (uintptr_t)ctx, + (u64)ctx->id, &ctx->chan, ctx->duration, GFP_KERNEL); cfg80211_remain_on_channel_expired( ctx->dev->ieee80211_ptr, - ctx->cookie, + (u64)ctx->id, &ctx->chan, GFP_KERNEL); } @@ -1467,6 +1473,7 @@ static int wlan_hdd_request_remain_on_channel(struct wiphy *wiphy, hdd_adapter_t *sta_adapter; int ret; int status = 0; + int roc_id; hdd_debug("Device_mode %s(%d)", hdd_device_mode_to_string(pAdapter->device_mode), @@ -1499,12 +1506,18 @@ static int wlan_hdd_request_remain_on_channel(struct wiphy *wiphy, return -ENOMEM; } + if (QDF_STATUS_SUCCESS != qdf_idr_alloc(&pHddCtx->p2p_idr, + pRemainChanCtx, &roc_id)) { + hdd_err("alloc id fail"); + qdf_mem_free(pRemainChanCtx); + return -EFAULT; + } qdf_mem_copy(&pRemainChanCtx->chan, chan, sizeof(struct ieee80211_channel)); pRemainChanCtx->duration = duration; pRemainChanCtx->dev = dev; - *cookie = (uintptr_t) pRemainChanCtx; - pRemainChanCtx->cookie = *cookie; + *cookie = (u64)roc_id; + pRemainChanCtx->id = roc_id; pRemainChanCtx->rem_on_chan_request = request_type; pRemainChanCtx->action_pkt_buff.freq = 0; pRemainChanCtx->action_pkt_buff.frame_ptr = NULL; @@ -1673,8 +1686,7 @@ void hdd_remain_chan_ready_handler(hdd_adapter_t *pAdapter, cfg80211_ready_on_channel( pAdapter->dev-> ieee80211_ptr, - (uintptr_t) - pRemainChanCtx, + (u64)pRemainChanCtx->id, &pRemainChanCtx->chan, pRemainChanCtx-> duration, GFP_KERNEL); @@ -1728,6 +1740,7 @@ __wlan_hdd_cfg80211_cancel_remain_on_channel(struct wiphy *wiphy, hdd_adapter_t *pAdapter = WLAN_HDD_GET_PRIV_PTR(dev); hdd_cfg80211_state_t *cfgState = WLAN_HDD_GET_CFG_STATE_PTR(pAdapter); hdd_remain_on_chan_ctx_t *pRemainChanCtx; + hdd_remain_on_chan_ctx_t *cur_ctx; hdd_context_t *pHddCtx = WLAN_HDD_GET_CTX(pAdapter); int status; int qdf_status; @@ -1752,10 +1765,17 @@ __wlan_hdd_cfg80211_cancel_remain_on_channel(struct wiphy *wiphy, if (0 != status) return status; + + if (QDF_STATUS_SUCCESS != qdf_idr_find(&pHddCtx->p2p_idr, + (int32_t)cookie, (void **)&cur_ctx)) { + hdd_debug("failed to find cookie, 0x%llx", cookie); + return -EFAULT; + } + qdf_spin_lock(&pHddCtx->hdd_roc_req_q_lock); list_for_each_safe(tmp, q, &pHddCtx->hdd_roc_req_q.anchor) { curr_roc_req = list_entry(tmp, hdd_roc_req_t, node); - if ((uintptr_t) curr_roc_req->pRemainChanCtx == cookie) { + if (curr_roc_req->pRemainChanCtx == cur_ctx) { qdf_status = qdf_list_remove_node(&pHddCtx->hdd_roc_req_q, (qdf_list_node_t *) curr_roc_req); @@ -1775,15 +1795,15 @@ __wlan_hdd_cfg80211_cancel_remain_on_channel(struct wiphy *wiphy, pRemainChanCtx = cfgState->remain_on_chan_ctx; if (pRemainChanCtx) { - hdd_debug("action_cookie = %08llx, roc cookie = %08llx, cookie = %08llx", - cfgState->action_cookie, pRemainChanCtx->cookie, + hdd_debug("action_id = %x, roc id = %x, cookie = %08llx", + cfgState->action_id, pRemainChanCtx->id, cookie); - if (pRemainChanCtx->cookie == cookie) { + if (pRemainChanCtx->id == (int32_t)cookie) { /* request to cancel on-going roc */ if (cfgState->buf) { /* Tx frame pending */ - if (cfgState->action_cookie != cookie) { + if (cfgState->action_id != (int32_t)cookie) { hdd_debug("Cookie matched with RoC cookie but not with tx cookie, indicate expired event for roc"); /* RoC was extended to accomodate the tx frame */ if (REMAIN_ON_CHANNEL_REQUEST == @@ -1792,21 +1812,21 @@ __wlan_hdd_cfg80211_cancel_remain_on_channel(struct wiphy *wiphy, cfg80211_remain_on_channel_expired( pRemainChanCtx->dev-> ieee80211_ptr, - pRemainChanCtx->cookie, + (u64)pRemainChanCtx->id, &pRemainChanCtx->chan, GFP_KERNEL); } pRemainChanCtx->rem_on_chan_request = OFF_CHANNEL_ACTION_TX; - pRemainChanCtx->cookie = - cfgState->action_cookie; + pRemainChanCtx->id = + cfgState->action_id; mutex_unlock(&cfgState-> remain_on_chan_ctx_lock); return 0; } } - } else if (cfgState->buf && cfgState->action_cookie == - cookie) { + } else if (cfgState->buf && cfgState->action_id == + (int32_t)cookie) { mutex_unlock(&cfgState->remain_on_chan_ctx_lock); hdd_debug("Cookie not matched with RoC cookie but matched with tx cookie, cleanup action frame"); /*free the buf and return 0*/ @@ -1941,6 +1961,7 @@ static int __wlan_hdd_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev, bool enb_random_mac = false; uint32_t mgmt_hdr_len = sizeof(struct ieee80211_hdr_3addr); QDF_STATUS qdf_status; + int32_t mgmt_id; ENTER(); @@ -2325,12 +2346,19 @@ send_frame: mutex_lock(&cfgState->remain_on_chan_ctx_lock); if (cfgState->remain_on_chan_ctx) { - cfgState->action_cookie = - cfgState->remain_on_chan_ctx->cookie; - *cookie = cfgState->action_cookie; + cfgState->action_id = + cfgState->remain_on_chan_ctx->id; + *cookie = cfgState->action_id; } else { - *cookie = (uintptr_t) cfgState->buf; - cfgState->action_cookie = *cookie; + if (QDF_STATUS_SUCCESS != qdf_idr_alloc( + &pHddCtx->p2p_idr, + cfgState->buf, &mgmt_id)) { + hdd_err("alloc id fail"); + goto err; + } + + *cookie = (u64)mgmt_id; + cfgState->action_id = mgmt_id; } mutex_unlock(&cfgState->remain_on_chan_ctx_lock); @@ -2423,10 +2451,16 @@ err: } return 0; err_rem_channel: - *cookie = (uintptr_t) cfgState; + if (QDF_STATUS_SUCCESS != qdf_idr_alloc(&pHddCtx->p2p_idr, + cfgState, &mgmt_id)) + mgmt_id = 0; + + *cookie = (u64)mgmt_id; cfg80211_mgmt_tx_status( pAdapter->dev->ieee80211_ptr, *cookie, buf, len, false, GFP_KERNEL); + qdf_idr_remove(&pHddCtx->p2p_idr, mgmt_id); + EXIT(); return 0; } @@ -2509,11 +2543,14 @@ int wlan_hdd_cfg80211_mgmt_tx_cancel_wait(struct wiphy *wiphy, void hdd_send_action_cnf(hdd_adapter_t *pAdapter, bool actionSendSuccess) { hdd_cfg80211_state_t *cfgState = WLAN_HDD_GET_CFG_STATE_PTR(pAdapter); + hdd_context_t *hdd_ctx = WLAN_HDD_GET_CTX(pAdapter); cfgState->actionFrmState = HDD_IDLE; - if (NULL == cfgState->buf) + if (NULL == cfgState->buf) { + qdf_idr_remove(&hdd_ctx->p2p_idr, cfgState->action_id); return; + } if (cfgState->is_go_neg_ack_received) { @@ -2526,6 +2563,7 @@ void hdd_send_action_cnf(hdd_adapter_t *pAdapter, bool actionSendSuccess) */ hdd_debug("Drop the pending ack received in cfgState->actionFrmState %d", cfgState->actionFrmState); + qdf_idr_remove(&hdd_ctx->p2p_idr, cfgState->action_id); return; } @@ -2539,10 +2577,11 @@ void hdd_send_action_cnf(hdd_adapter_t *pAdapter, bool actionSendSuccess) */ cfg80211_mgmt_tx_status( pAdapter->dev->ieee80211_ptr, - cfgState->action_cookie, + (u64)cfgState->action_id, cfgState->buf, cfgState->len, actionSendSuccess, GFP_KERNEL); + qdf_idr_remove(&hdd_ctx->p2p_idr, cfgState->action_id); qdf_mem_free(cfgState->buf); cfgState->buf = NULL; diff --git a/core/hdd/src/wlan_hdd_scan.c b/core/hdd/src/wlan_hdd_scan.c index 794a3fea1f70..87dcbaf315c1 100644 --- a/core/hdd/src/wlan_hdd_scan.c +++ b/core/hdd/src/wlan_hdd_scan.c @@ -86,6 +86,10 @@ struct nla_policy scan_policy[QCA_WLAN_VENDOR_ATTR_SCAN_MAX + 1] = { [QCA_WLAN_VENDOR_ATTR_SCAN_COOKIE] = {.type = NLA_U64}, [QCA_WLAN_VENDOR_ATTR_SCAN_IE] = {.type = NLA_BINARY, .len = MAX_DEFAULT_SCAN_IE_LEN}, + [QCA_WLAN_VENDOR_ATTR_SCAN_MAC] = {.type = NLA_UNSPEC, + .len = QDF_MAC_ADDR_SIZE}, + [QCA_WLAN_VENDOR_ATTR_SCAN_MAC_MASK] = {.type = NLA_UNSPEC, + .len = QDF_MAC_ADDR_SIZE}, }; /** @@ -774,6 +778,9 @@ static void hdd_scan_inactivity_timer_handler(unsigned long scan_req) * wlan_hdd_scan_request_enqueue() - enqueue Scan Request * @adapter: Pointer to the adapter * @scan_req: Pointer to the scan request + * @source: source of scan request either vendor or nl + * @scan_id: scan id from wma + * @timestamp: timestamp value * * Enqueue scan request in the global HDD scan list.This list * stores the active scan request information. @@ -982,8 +989,8 @@ static int __iw_set_scan(struct net_device *dev, struct iw_request_info *info, union iwreq_data *wrqu, char *extra) { hdd_adapter_t *pAdapter = WLAN_HDD_GET_PRIV_PTR(dev); - hdd_context_t *hdd_ctx = WLAN_HDD_GET_CTX(pAdapter); - hdd_wext_state_t *pwextBuf = WLAN_HDD_GET_WEXT_STATE_PTR(pAdapter); + hdd_context_t *hdd_ctx; + hdd_wext_state_t *pwextBuf; tCsrScanRequest scanRequest; QDF_STATUS status = QDF_STATUS_SUCCESS; struct iw_scan_req *scanReq = (struct iw_scan_req *)extra; @@ -996,11 +1003,18 @@ static int __iw_set_scan(struct net_device *dev, struct iw_request_info *info, ENTER_DEV(dev); + if (!pAdapter) { + hdd_err("hdd adapter is NULL"); + return -ENODEV; + } + hdd_ctx = WLAN_HDD_GET_CTX(pAdapter); ret = wlan_hdd_validate_context(hdd_ctx); if (0 != ret) return ret; + pwextBuf = WLAN_HDD_GET_WEXT_STATE_PTR(pAdapter); + /* Block All Scan during DFS operation and send null scan result */ con_sap_adapter = hdd_get_con_sap_adapter(pAdapter, true); if (con_sap_adapter && !cds_is_sta_sap_scc_allowed_on_dfs_channel()) { @@ -1085,7 +1099,14 @@ static int __iw_set_scan(struct net_device *dev, struct iw_request_info *info, scanRequest.requestType = eCSR_SCAN_REQUEST_FULL_SCAN; /* if previous genIE is not NULL, update ScanIE */ - if (0 != pwextBuf->genIE.length) { + if (pwextBuf->genIE.length) { + if (pwextBuf->genIE.length > (SIR_MAC_MAX_ADD_IE_LENGTH + 2)) { + hdd_err("genIE length exceeds max length: %d", + pwextBuf->genIE.length); + status = QDF_STATUS_E_FAILURE; + goto error; + } + memset(&pAdapter->scan_info.scanAddIE, 0, sizeof(pAdapter->scan_info.scanAddIE)); memcpy(pAdapter->scan_info.scanAddIE.addIEdata, @@ -1110,7 +1131,8 @@ static int __iw_set_scan(struct net_device *dev, struct iw_request_info *info, } hdd_update_dbs_scan_ctrl_ext_flag(hdd_ctx, &scanRequest); scanRequest.timestamp = qdf_mc_timer_get_system_time(); - wma_get_scan_id(&scanRequest.scan_id); + sme_get_scan_id(&scanRequest.scan_id); + scanRequest.scan_requestor_id = USER_SCAN_REQUESTOR_ID; pAdapter->scan_info.mScanPending = true; wlan_hdd_scan_request_enqueue(pAdapter, NULL, NL_SCAN, scanRequest.scan_id, @@ -1122,7 +1144,9 @@ static int __iw_set_scan(struct net_device *dev, struct iw_request_info *info, hdd_err("sme_scan_request fail %d!!!", status); wlan_hdd_scan_request_dequeue(hdd_ctx, scanRequest.scan_id, &req, &source, ×tamp); - pAdapter->scan_info.mScanPending = false; + /* Scan is no longer pending */ + if (!wlan_hdd_is_scan_pending(pAdapter)) + pAdapter->scan_info.mScanPending = false; goto error; } error: @@ -1269,9 +1293,10 @@ void hdd_abort_mac_scan(hdd_context_t *pHddCtx, uint8_t sessionId, /** * hdd_vendor_scan_callback() - Scan completed callback event - * @hddctx: HDD context - * @req : Scan request - * @aborted : true scan aborted false scan success + * @adapter: pointer to adapter + * @req: Scan request + * @aborted: true scan aborted false scan success + * @scan_id: Scan request unique identifier * * This function sends scan completed callback event to NL. * @@ -1279,14 +1304,14 @@ void hdd_abort_mac_scan(hdd_context_t *pHddCtx, uint8_t sessionId, */ static void hdd_vendor_scan_callback(hdd_adapter_t *adapter, struct cfg80211_scan_request *req, - bool aborted) + bool aborted, uint32_t scan_id) { - hdd_context_t *hddctx = WLAN_HDD_GET_CTX(adapter); + hdd_context_t *hdd_ctx = WLAN_HDD_GET_CTX(adapter); struct sk_buff *skb; struct nlattr *attr; int i; uint8_t scan_status; - uint64_t cookie; + u64 cookie = scan_id; ENTER(); @@ -1295,7 +1320,10 @@ static void hdd_vendor_scan_callback(hdd_adapter_t *adapter, qdf_mem_free(req); return; } - skb = cfg80211_vendor_event_alloc(hddctx->wiphy, &(adapter->wdev), + + hdd_debug("vendor scan id: %x", scan_id); + + skb = cfg80211_vendor_event_alloc(hdd_ctx->wiphy, &(adapter->wdev), SCAN_DONE_EVENT_BUF_SIZE + 4 + NLMSG_HDRLEN, QCA_NL80211_VENDOR_SUBCMD_SCAN_DONE_INDEX, GFP_KERNEL); @@ -1306,7 +1334,6 @@ static void hdd_vendor_scan_callback(hdd_adapter_t *adapter, return; } - cookie = (uintptr_t)req; attr = nla_nest_start(skb, QCA_WLAN_VENDOR_ATTR_SCAN_SSIDS); if (!attr) goto nla_put_failure; @@ -1341,8 +1368,8 @@ static void hdd_vendor_scan_callback(hdd_adapter_t *adapter, goto nla_put_failure; } if (hdd_wlan_nla_put_u64(skb, - QCA_WLAN_VENDOR_ATTR_SCAN_COOKIE, - cookie)) { + QCA_WLAN_VENDOR_ATTR_SCAN_COOKIE, + cookie)) { hdd_err("Failed to add scan cookie"); goto nla_put_failure; } @@ -1518,7 +1545,7 @@ static QDF_STATUS hdd_cfg80211_scan_done_callback(tHalHandle halHandle, if (NL_SCAN == source) hdd_cfg80211_scan_done(pAdapter, req, aborted); else - hdd_vendor_scan_callback(pAdapter, req, aborted); + hdd_vendor_scan_callback(pAdapter, req, aborted, scanId); allow_suspend: qdf_runtime_pm_allow_suspend(&hddctx->runtime_context.scan); @@ -1616,35 +1643,36 @@ static void __wlan_hdd_cfg80211_scan_block_cb(struct work_struct *work) hdd_adapter_t *adapter = container_of(work, hdd_adapter_t, scan_block_work); struct cfg80211_scan_request *request; - hdd_context_t *hdd_ctx; + struct hdd_scan_req *blocked_scan_req; + qdf_list_node_t *node = NULL; if (WLAN_HDD_ADAPTER_MAGIC != adapter->magic) { hdd_err("HDD adapter context is invalid"); return; } - hdd_ctx = WLAN_HDD_GET_CTX(adapter); - if (0 != wlan_hdd_validate_context(hdd_ctx)) - return; + qdf_mutex_acquire(&adapter->blocked_scan_request_q_lock); - request = adapter->request; - if (request) { + while (!qdf_list_empty(&adapter->blocked_scan_request_q)) { + qdf_list_remove_front(&adapter->blocked_scan_request_q, + &node); + blocked_scan_req = qdf_container_of(node, struct hdd_scan_req, + node); + request = blocked_scan_req->scan_request; request->n_ssids = 0; request->n_channels = 0; - - hdd_err("##In DFS Master mode. Scan aborted. Null result sent"); - hdd_cfg80211_scan_done(adapter, request, true); - adapter->request = NULL; + if (blocked_scan_req->source == NL_SCAN) { + hdd_err("Scan aborted. Null result sent"); + hdd_cfg80211_scan_done(adapter, request, true); + } else { + hdd_err("Vendor scan aborted. Null result sent"); + hdd_vendor_scan_callback(adapter, request, true, + blocked_scan_req->scan_id); + } + qdf_mem_free(blocked_scan_req); } - request = adapter->vendor_request; - if (request) { - request->n_ssids = 0; - request->n_channels = 0; - hdd_err("In DFS Master mode. Scan aborted. Null result sent"); - hdd_vendor_scan_callback(adapter, request, true); - adapter->vendor_request = NULL; - } + qdf_mutex_release(&adapter->blocked_scan_request_q_lock); } void wlan_hdd_cfg80211_scan_block_cb(struct work_struct *work) @@ -1909,6 +1937,43 @@ static void wlan_hdd_free_voui(tCsrScanRequest *scan_req) qdf_mem_free(scan_req->voui); } +static int +wlan_hdd_enqueue_blocked_scan_request(struct net_device *dev, + struct cfg80211_scan_request *request, + uint8_t source, uint32_t scan_id) +{ + hdd_adapter_t *adapter = WLAN_HDD_GET_PRIV_PTR(dev); + struct hdd_scan_req *blocked_scan_req = + qdf_mem_malloc(sizeof(*blocked_scan_req)); + int ret = 0; + + if (!blocked_scan_req) { + hdd_err("Failed to allocate scan_req"); + return -EINVAL; + } + + blocked_scan_req->adapter = adapter; + blocked_scan_req->scan_request = request; + blocked_scan_req->source = source; + blocked_scan_req->scan_id = scan_id; + + qdf_mutex_acquire(&adapter->blocked_scan_request_q_lock); + if (qdf_list_size(&adapter->blocked_scan_request_q) < + CFG_MAX_SCAN_COUNT_MAX) + qdf_list_insert_back(&adapter->blocked_scan_request_q, + &blocked_scan_req->node); + else + ret = -EINVAL; + qdf_mutex_release(&adapter->blocked_scan_request_q_lock); + + if (ret) { + hdd_err("Maximum number of block scan request reached!"); + qdf_mem_free(blocked_scan_req); + } + + return ret; +} + /* Define short name to use in cds_trigger_recovery */ #define SCAN_FAILURE CDS_SCAN_ATTEMPT_FAILURES @@ -1918,6 +1983,7 @@ static void wlan_hdd_free_voui(tCsrScanRequest *scan_req) * @dev: Pointer to net device * @request: Pointer to scan request * @source: scan request source(NL/Vendor scan) + * @scan_id: output pointer to hold scan_id * * This API responds to scan trigger and update cfg80211 scan database * later, scan dump command can be used to recieve scan results @@ -1926,7 +1992,7 @@ static void wlan_hdd_free_voui(tCsrScanRequest *scan_req) */ static int __wlan_hdd_cfg80211_scan(struct wiphy *wiphy, struct cfg80211_scan_request *request, - uint8_t source) + uint8_t source, uint32_t *scan_id) { struct net_device *dev = request->wdev->netdev; hdd_adapter_t *pAdapter = WLAN_HDD_GET_PRIV_PTR(dev); @@ -1976,10 +2042,14 @@ static int __wlan_hdd_cfg80211_scan(struct wiphy *wiphy, conn_info.connState) && (!pHddCtx->config->enable_connected_scan)) { hdd_info("enable_connected_scan is false, Aborting scan"); - if (NL_SCAN == source) - pAdapter->request = request; - else - pAdapter->vendor_request = request; + sme_get_scan_id(&scan_req_id); + if (wlan_hdd_enqueue_blocked_scan_request(dev, request, source, + scan_req_id)) + return -EAGAIN; + + if (scan_id) + *scan_id = scan_req_id; + schedule_work(&pAdapter->scan_block_work); return 0; } @@ -2036,10 +2106,15 @@ static int __wlan_hdd_cfg80211_scan(struct wiphy *wiphy, * startup. */ hdd_err("##In DFS Master mode. Scan aborted"); - if (NL_SCAN == source) - pAdapter->request = request; - else - pAdapter->vendor_request = request; + sme_get_scan_id(&scan_req_id); + if (wlan_hdd_enqueue_blocked_scan_request(dev, request, + source, + scan_req_id)) + return -EAGAIN; + + if (scan_id) + *scan_id = scan_req_id; + schedule_work(&pAdapter->scan_block_work); return 0; } @@ -2140,10 +2215,14 @@ static int __wlan_hdd_cfg80211_scan(struct wiphy *wiphy, if (pAdapter->device_mode == QDF_SAP_MODE && wlan_hdd_sap_skip_scan_check(pHddCtx, request)) { hdd_debug("sap scan skipped"); - if (NL_SCAN == source) - pAdapter->request = request; - else - pAdapter->vendor_request = request; + sme_get_scan_id(&scan_req_id); + if (wlan_hdd_enqueue_blocked_scan_request(dev, request, source, + scan_req_id)) + return -EAGAIN; + + if (scan_id) + *scan_id = scan_req_id; + schedule_work(&pAdapter->scan_block_work); return 0; } @@ -2406,10 +2485,20 @@ static int __wlan_hdd_cfg80211_scan(struct wiphy *wiphy, hdd_update_scan_flags(&scan_req, request); hdd_update_dbs_scan_ctrl_ext_flag(pHddCtx, &scan_req); qdf_runtime_pm_prevent_suspend(&pHddCtx->runtime_context.scan); - wma_get_scan_id(&scan_req_id); + sme_get_scan_id(&scan_req_id); scan_req.scan_id = scan_req_id; - wlan_hdd_scan_request_enqueue(pAdapter, request, source, + scan_req.scan_requestor_id = USER_SCAN_REQUESTOR_ID; + status = wlan_hdd_scan_request_enqueue(pAdapter, request, source, scan_req.scan_id, scan_req.timestamp); + if (status) { + qdf_runtime_pm_allow_suspend(&pHddCtx->runtime_context.scan); + hdd_allow_suspend(WIFI_POWER_EVENT_WAKELOCK_SCAN); + goto free_mem; + } + + if (scan_id) + *scan_id = scan_req_id; + pAdapter->scan_info.mScanPending = true; status = sme_scan_request(WLAN_HDD_GET_HAL_CTX(pAdapter), pAdapter->sessionId, &scan_req, @@ -2473,7 +2562,7 @@ int wlan_hdd_cfg80211_scan(struct wiphy *wiphy, cds_ssr_protect(__func__); ret = __wlan_hdd_cfg80211_scan(wiphy, - request, NL_SCAN); + request, NL_SCAN, NULL); cds_ssr_unprotect(__func__); return ret; } @@ -2498,7 +2587,7 @@ int wlan_hdd_cfg80211_tdls_scan(struct wiphy *wiphy, cds_ssr_protect(__func__); ret = __wlan_hdd_cfg80211_scan(wiphy, - request, source); + request, source, NULL); cds_ssr_unprotect(__func__); return ret; } @@ -2540,15 +2629,16 @@ static uint32_t wlan_hdd_get_rates(struct wiphy *wiphy, * wlan_hdd_send_scan_start_event() -API to send the scan start event * @wiphy: Pointer to wiphy * @wdev: Pointer to net device - * @cookie: scan identifier + * @scan_id: scan identifier * * Return: return 0 on success and negative error code on failure */ static int wlan_hdd_send_scan_start_event(struct wiphy *wiphy, - struct wireless_dev *wdev, uint64_t cookie) + struct wireless_dev *wdev, uint32_t scan_id) { struct sk_buff *skb; int ret; + u64 cookie = scan_id; skb = cfg80211_vendor_cmd_alloc_reply_skb(wiphy, sizeof(u64) + NLA_HDRLEN + NLMSG_HDRLEN); @@ -2697,6 +2787,7 @@ static int __wlan_hdd_cfg80211_vendor_scan(struct wiphy *wiphy, struct ieee80211_channel *chan; hdd_context_t *hdd_ctx = wiphy_priv(wiphy); int ret; + uint32_t scan_id = 0; ENTER_DEV(wdev->netdev); @@ -2813,7 +2904,7 @@ static int __wlan_hdd_cfg80211_vendor_scan(struct wiphy *wiphy, if (ie_len) nla_memcpy((void *)request->ie, - nla_data(tb[QCA_WLAN_VENDOR_ATTR_SCAN_IE]), ie_len); + tb[QCA_WLAN_VENDOR_ATTR_SCAN_IE], ie_len); for (count = 0; count < HDD_NUM_NL80211_BANDS; count++) if (wiphy->bands[count]) @@ -2866,14 +2957,16 @@ static int __wlan_hdd_cfg80211_vendor_scan(struct wiphy *wiphy, request->wiphy = wiphy; request->scan_start = jiffies; - ret = __wlan_hdd_cfg80211_scan(wiphy, request, VENDOR_SCAN); + ret = __wlan_hdd_cfg80211_scan(wiphy, request, VENDOR_SCAN, &scan_id); if (0 != ret) { hdd_err_ratelimited(HDD_SCAN_REJECT_RATE_LIMIT, "Scan Failed. Ret = %d", ret); qdf_mem_free(request); return ret; } - ret = wlan_hdd_send_scan_start_event(wiphy, wdev, (uintptr_t)request); + hdd_debug("vendor scan id: %x", scan_id); + + ret = wlan_hdd_send_scan_start_event(wiphy, wdev, scan_id); return ret; error: @@ -2907,19 +3000,17 @@ int wlan_hdd_cfg80211_vendor_scan(struct wiphy *wiphy, return ret; } /** - * wlan_hdd_get_scanid() - API to get the scan id - * from the scan cookie attribute. + * wlan_hdd_validate_scan_id() - API to validate scan id obtained from cookie * @hdd_ctx: Pointer to HDD context - * @scan_id: Pointer to scan id - * @cookie : Scan cookie attribute + * @scan_id: scan identifier * - * API to get the scan id from the scan cookie attribute - * sent from supplicant by matching scan request. + * API to validate scan id obtained from from cookie attribute + * sent from supplicant. * * Return: 0 for success, non zero for failure */ -static int wlan_hdd_get_scanid(hdd_context_t *hdd_ctx, - uint32_t *scan_id, uint64_t cookie) +static int +wlan_hdd_validate_scan_id(hdd_context_t *hdd_ctx, uint32_t scan_id) { struct hdd_scan_req *scan_req; qdf_list_node_t *node = NULL; @@ -2943,9 +3034,8 @@ static int wlan_hdd_get_scanid(hdd_context_t *hdd_ctx, node = ptr_node; scan_req = container_of(node, struct hdd_scan_req, node); - if (cookie == - (uintptr_t)(scan_req->scan_request)) { - *scan_id = scan_req->scan_id; + if (scan_id == scan_req->scan_id) { + hdd_debug("scan id: %x found", scan_id); ret = 0; break; } @@ -2976,7 +3066,7 @@ static int __wlan_hdd_vendor_abort_scan(struct wiphy *wiphy, { hdd_context_t *hdd_ctx = wiphy_priv(wiphy); struct nlattr *tb[QCA_WLAN_VENDOR_ATTR_SCAN_MAX + 1]; - uint32_t scan_id = 0; + uint32_t scan_id; uint64_t cookie; int ret; @@ -3000,7 +3090,8 @@ static int __wlan_hdd_vendor_abort_scan(struct wiphy *wiphy, return -EINVAL; cookie = nla_get_u64(tb[QCA_WLAN_VENDOR_ATTR_SCAN_COOKIE]); - ret = wlan_hdd_get_scanid(hdd_ctx, &scan_id, cookie); + scan_id = (uint32_t)cookie; + ret = wlan_hdd_validate_scan_id(hdd_ctx, scan_id); if (ret) return ret; @@ -3796,6 +3887,7 @@ void hdd_cleanup_scan_queue(hdd_context_t *hdd_ctx, hdd_adapter_t *padapter) bool aborted = true; QDF_STATUS status; hdd_adapter_list_node_t *adapter_node = NULL, *next_adapter_node = NULL; + uint32_t scan_id; if (NULL == hdd_ctx) { hdd_err("HDD context is Null"); @@ -3824,6 +3916,7 @@ void hdd_cleanup_scan_queue(hdd_context_t *hdd_ctx, hdd_adapter_t *padapter) req = hdd_scan_req->scan_request; source = hdd_scan_req->source; adapter = hdd_scan_req->adapter; + scan_id = hdd_scan_req->scan_id; if (!padapter || (padapter == adapter)) { @@ -3853,9 +3946,10 @@ void hdd_cleanup_scan_queue(hdd_context_t *hdd_ctx, hdd_adapter_t *padapter) req, aborted); else hdd_vendor_scan_callback(adapter, - req, aborted); + req, aborted, + scan_id); hdd_debug("removed Scan id: %d, req = %pK", - hdd_scan_req->scan_id, req); + scan_id, req); } qdf_mem_free(hdd_scan_req); qdf_spin_lock(&hdd_ctx->hdd_scan_req_q_lock); diff --git a/core/hdd/src/wlan_hdd_softap_tx_rx.c b/core/hdd/src/wlan_hdd_softap_tx_rx.c index af9affcda87c..11b927486171 100644 --- a/core/hdd/src/wlan_hdd_softap_tx_rx.c +++ b/core/hdd/src/wlan_hdd_softap_tx_rx.c @@ -34,6 +34,7 @@ #include <cds_utils.h> #include <wlan_hdd_regulatory.h> #include <wlan_hdd_ipa.h> +#include "wma_types.h" /* Preprocessor definitions and constants */ #undef QCA_HDD_SAP_DUMP_SK_BUFF @@ -254,6 +255,156 @@ static inline struct sk_buff *hdd_skb_orphan(hdd_adapter_t *pAdapter, #endif /* QCA_LL_LEGACY_TX_FLOW_CONTROL */ /** + * hdd_post_dhcp_ind() - Send DHCP START/STOP indication to FW + * @adapter: pointer to hdd adapter + * @sta_id: peer station ID + * @type: WMA message type + * + * Return: None + */ +QDF_STATUS hdd_post_dhcp_ind(hdd_adapter_t *adapter, + uint8_t sta_id, uint16_t type) +{ + QDF_STATUS status = QDF_STATUS_SUCCESS; + + hdd_debug("Post DHCP indication,sta_id=%d, type=%d", sta_id, type); + + if (!adapter) { + hdd_err("NULL adapter"); + return QDF_STATUS_E_FAILURE; + } + + status = wma_send_dhcp_ind(type, + adapter->device_mode, + adapter->macAddressCurrent.bytes, + adapter->aStaInfo[sta_id].macAddrSTA.bytes); + if (!QDF_IS_STATUS_SUCCESS(status)) + QDF_TRACE(QDF_MODULE_ID_HDD_SAP_DATA, QDF_TRACE_LEVEL_ERROR, + "%s: Post DHCP Ind MSG fail", __func__); + + return status; +} + +void hdd_softap_notify_dhcp_ind(void *context, struct sk_buff *netbuf) +{ + hdd_ap_ctx_t *hdd_ap_ctx; + struct qdf_mac_addr *dest_mac_addr; + uint8_t sta_id; + + hdd_adapter_t *adapter = context; + + if (!adapter) { + hdd_err("NULL adapter"); + return; + } + + hdd_ap_ctx = WLAN_HDD_GET_AP_CTX_PTR(adapter); + if (!hdd_ap_ctx) { + hdd_err("HDD sap context is NULL"); + return; + } + + dest_mac_addr = (struct qdf_mac_addr *)netbuf->data; + + if (QDF_NBUF_CB_GET_IS_BCAST(netbuf) || + QDF_NBUF_CB_GET_IS_MCAST(netbuf)) { + /* The BC/MC station ID is assigned during BSS + * starting phase. SAP will return the station ID + * used for BC/MC traffic. + */ + sta_id = hdd_ap_ctx->uBCStaId; + } else { + if (QDF_STATUS_SUCCESS != + hdd_softap_get_sta_id(adapter, + dest_mac_addr, &sta_id)) { + QDF_TRACE(QDF_MODULE_ID_HDD_SAP_DATA, + QDF_TRACE_LEVEL_INFO_HIGH, + "%s: Failed to find right station", __func__); + return; + } + } + hdd_post_dhcp_ind(adapter, sta_id, WMA_DHCP_STOP_IND); +} + +/** + * hdd_dhcp_indication() - Send DHCP START/STOP indication to FW + * @adapter: pointer to hdd adapter + * @sta_id: peer station ID + * @skb: pointer to OS packet (sk_buff) + * @dir: direction + * + * Return: true if tx completion to be notified for skb + */ +bool hdd_dhcp_indication(hdd_adapter_t *adapter, + uint8_t sta_id, + struct sk_buff *skb, + enum qdf_proto_dir dir) +{ + enum qdf_proto_subtype subtype = QDF_PROTO_INVALID; + hdd_station_info_t *hdd_sta_info; + + bool notify_tx_comp = false; + + hdd_debug("adapter=%p, sta_id=%d, dir=%d", adapter, sta_id, dir); + + if (((adapter->device_mode == QDF_SAP_MODE) || + (adapter->device_mode == QDF_P2P_GO_MODE)) && + ((dir == QDF_TX && QDF_NBUF_CB_PACKET_TYPE_DHCP == + QDF_NBUF_CB_GET_PACKET_TYPE(skb)) || + (dir == QDF_RX && qdf_nbuf_is_ipv4_dhcp_pkt(skb) == true))) { + + subtype = qdf_nbuf_get_dhcp_subtype(skb); + hdd_sta_info = &adapter->aStaInfo[sta_id]; + + hdd_debug("ENTER: type=%d, phase=%d, nego_status=%d", + subtype, + hdd_sta_info->dhcp_phase, + hdd_sta_info->dhcp_nego_status); + + switch (subtype) { + case QDF_PROTO_DHCP_DISCOVER: + if (dir != QDF_RX) + break; + if (hdd_sta_info->dhcp_nego_status == DHCP_NEGO_STOP) + hdd_post_dhcp_ind(adapter, sta_id, + WMA_DHCP_START_IND); + hdd_sta_info->dhcp_phase = DHCP_PHASE_DISCOVER; + hdd_sta_info->dhcp_nego_status = DHCP_NEGO_IN_PROGRESS; + break; + case QDF_PROTO_DHCP_OFFER: + hdd_sta_info->dhcp_phase = DHCP_PHASE_OFFER; + break; + case QDF_PROTO_DHCP_REQUEST: + if (dir != QDF_RX) + break; + if (hdd_sta_info->dhcp_nego_status == DHCP_NEGO_STOP) + hdd_post_dhcp_ind(adapter, sta_id, + WMA_DHCP_START_IND); + hdd_sta_info->dhcp_nego_status = DHCP_NEGO_IN_PROGRESS; + case QDF_PROTO_DHCP_DECLINE: + if (dir == QDF_RX) + hdd_sta_info->dhcp_phase = DHCP_PHASE_REQUEST; + break; + case QDF_PROTO_DHCP_ACK: + case QDF_PROTO_DHCP_NACK: + hdd_sta_info->dhcp_phase = DHCP_PHASE_ACK; + if (hdd_sta_info->dhcp_nego_status == + DHCP_NEGO_IN_PROGRESS) + notify_tx_comp = true; + hdd_sta_info->dhcp_nego_status = DHCP_NEGO_STOP; + break; + default: + break; + } + + hdd_debug("EXIT: phase=%d, nego_status=%d", + hdd_sta_info->dhcp_phase, + hdd_sta_info->dhcp_nego_status); + } + return notify_tx_comp; +} + +/** * __hdd_softap_hard_start_xmit() - Transmit a frame * @skb: pointer to OS packet (sk_buff) * @dev: pointer to network device @@ -275,6 +426,7 @@ static netdev_tx_t __hdd_softap_hard_start_xmit(struct sk_buff *skb, struct qdf_mac_addr *pDestMacAddress; uint8_t STAId; uint32_t num_seg; + bool notify_tx_comp = false; ++pAdapter->hdd_stats.hddTxRxStats.txXmitCalled; pAdapter->hdd_stats.hddTxRxStats.cont_txtimeout_cnt = 0; @@ -415,6 +567,10 @@ static netdev_tx_t __hdd_softap_hard_start_xmit(struct sk_buff *skb, } pAdapter->aStaInfo[STAId].last_tx_rx_ts = qdf_system_ticks(); + if (STAId != pHddApCtx->uBCStaId) + notify_tx_comp = hdd_dhcp_indication(pAdapter, + STAId, skb, QDF_TX); + hdd_event_eapol_log(skb, QDF_TX); QDF_NBUF_CB_TX_PACKET_TRACK(skb) = QDF_NBUF_TX_PKT_DATA_TRACK; QDF_NBUF_UPDATE_TX_PKT_COUNT(skb, QDF_NBUF_TX_PKT_HDD); @@ -434,7 +590,7 @@ static netdev_tx_t __hdd_softap_hard_start_xmit(struct sk_buff *skb, } if (pAdapter->tx_fn(ol_txrx_get_vdev_by_sta_id(STAId), - (qdf_nbuf_t) skb) != NULL) { + (qdf_nbuf_t)skb, notify_tx_comp) != NULL) { QDF_TRACE(QDF_MODULE_ID_HDD_SAP_DATA, QDF_TRACE_LEVEL_INFO_HIGH, "%s: Failed to send packet to txrx for staid:%d", __func__, STAId); @@ -658,6 +814,28 @@ QDF_STATUS hdd_softap_deinit_tx_rx_sta(hdd_adapter_t *pAdapter, uint8_t STAId) } /** + * hdd_softap_notify_tx_compl_cbk() - callback to notify tx completion + * @skb: pointer to skb data + * @adapter: pointer to vdev apdapter + * + * Return: None + */ +void hdd_softap_notify_tx_compl_cbk(struct sk_buff *skb, + void *context) +{ + int errno; + hdd_adapter_t *adapter = NULL; + + adapter = (hdd_adapter_t *)context; + errno = hdd_validate_adapter(adapter); + if (errno) + return; + + if (QDF_NBUF_CB_PACKET_TYPE_DHCP == QDF_NBUF_CB_GET_PACKET_TYPE(skb)) + hdd_softap_notify_dhcp_ind(context, skb); +} + +/** * hdd_softap_rx_packet_cbk() - Receive packet handler * @context: pointer to HDD context * @rxBuf: pointer to rx qdf_nbuf @@ -709,7 +887,6 @@ QDF_STATUS hdd_softap_rx_packet_cbk(void *context, qdf_nbuf_t rxBuf) skb->dev = pAdapter->dev; if (unlikely(skb->dev == NULL)) { - QDF_TRACE(QDF_MODULE_ID_HDD_SAP_DATA, QDF_TRACE_LEVEL_ERROR, "%s: ERROR!!Invalid netdevice", __func__); return QDF_STATUS_E_FAILURE; @@ -731,6 +908,8 @@ QDF_STATUS hdd_softap_rx_packet_cbk(void *context, qdf_nbuf_t rxBuf) } } + hdd_dhcp_indication(pAdapter, staid, skb, QDF_RX); + hdd_event_eapol_log(skb, QDF_RX); qdf_dp_trace_log_pkt(pAdapter->sessionId, skb, QDF_RX); DPTRACE(qdf_dp_trace(skb, @@ -876,6 +1055,7 @@ QDF_STATUS hdd_softap_register_sta(hdd_adapter_t *pAdapter, /* Register the vdev transmit and receive functions */ qdf_mem_zero(&txrx_ops, sizeof(txrx_ops)); txrx_ops.rx.rx = hdd_softap_rx_packet_cbk; + txrx_ops.tx.tx_comp = hdd_softap_notify_tx_compl_cbk; ol_txrx_vdev_register( ol_txrx_get_vdev_from_vdev_id(pAdapter->sessionId), pAdapter, &txrx_ops); diff --git a/core/hdd/src/wlan_hdd_spectral.c b/core/hdd/src/wlan_hdd_spectral.c index f02c9159bcc9..7b6735d24922 100644 --- a/core/hdd/src/wlan_hdd_spectral.c +++ b/core/hdd/src/wlan_hdd_spectral.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2017-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -434,16 +434,6 @@ static void spectral_scan_msg_handler(const void *data, int data_len, cds_ssr_unprotect(__func__); } -/** - * spectral_scan_activate_service() - API to register spectral - * scan cmd handler - * - * API to register the spectral scan command handler using new - * genl infra. Return type is zero to match with legacy - * prototype - * - * Return: 0 - */ int spectral_scan_activate_service(void) { register_cld_cmd_cb(WLAN_NL_MSG_SPECTRAL_SCAN, @@ -451,6 +441,12 @@ int spectral_scan_activate_service(void) return 0; } +int spectral_scan_deactivate_service(void) +{ + deregister_cld_cmd_cb(WLAN_NL_MSG_SPECTRAL_SCAN); + return 0; +} + #else static int spectral_scan_msg_callback(struct sk_buff *skb) { @@ -488,16 +484,6 @@ static int spectral_scan_msg_callback(struct sk_buff *skb) return 0; } -/** - * spectral_scan_activate_service() - Activate spectral scan message handler - * - * This function registers a handler to receive netlink message from - * the spectral scan application process. - * param - - * - None - * - * Return - 0 for success, non zero for failure - */ int spectral_scan_activate_service(void) { int ret; @@ -512,6 +498,23 @@ int spectral_scan_activate_service(void) return ret; } + +int spectral_scan_deactivate_service(void) +{ + int ret; + + /* + * Unregister the msg handler for msgs addressed to + * WLAN_NL_MSG_SPECTRAL_SCAN + */ + ret = nl_srv_unregister(WLAN_NL_MSG_SPECTRAL_SCAN, + spectral_scan_msg_callback); + if (ret) + hdd_err("Spectral Scan Unregistration failed"); + + return ret; +} + #endif /** diff --git a/core/hdd/src/wlan_hdd_spectralscan.h b/core/hdd/src/wlan_hdd_spectralscan.h index 552af910f045..6e61715058a3 100644 --- a/core/hdd/src/wlan_hdd_spectralscan.h +++ b/core/hdd/src/wlan_hdd_spectralscan.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2017-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -112,16 +112,24 @@ int wlan_hdd_cfg80211_spectral_scan_stop(struct wiphy *wiphy, /** * spectral_scan_activate_service() - Activate spectral scan message handler * - * This function registers a handler to receive netlink message from - * the spectral scan application process. - * param - - * - None + * This function registers a handler to receive netlink message from + * the spectral scan application process. * * Return - 0 for success, non zero for failure */ int spectral_scan_activate_service(void); /** + * spectral_scan_deactivate_service() - Deactivate spectral scan message handler + * + * This function deregisters a handler to receive netlink message from + * the spectral scan application process. + * + * Return - 0 for success, non zero for failure + */ +int spectral_scan_deactivate_service(void); + +/** * hdd_init_spectral_scan() - Initialize spectral scan config parameters * * This function initialize spectral scan configuration parameters @@ -160,6 +168,11 @@ static inline int spectral_scan_activate_service(void) return 0; } +static inline int spectral_scan_deactivate_service(void) +{ + return 0; +} + static inline void hdd_init_spectral_scan(hdd_context_t *hdd_ctx) { } diff --git a/core/hdd/src/wlan_hdd_tdls.c b/core/hdd/src/wlan_hdd_tdls.c index 351936082194..ca758c9c571a 100644 --- a/core/hdd/src/wlan_hdd_tdls.c +++ b/core/hdd/src/wlan_hdd_tdls.c @@ -288,7 +288,8 @@ void wlan_hdd_tdls_disable_offchan_and_teardown_links(hdd_context_t *hddctx, for (staidx = 0; staidx < hddctx->max_num_tdls_sta; staidx++) { - if (!hddctx->tdlsConnInfo[staidx].staId) + if (hddctx->tdlsConnInfo[staidx].staId == + HDD_WLAN_INVALID_STA_ID) continue; mutex_lock(&hddctx->tdls_lock); @@ -320,7 +321,8 @@ void wlan_hdd_tdls_disable_offchan_and_teardown_links(hdd_context_t *hddctx, hdd_roam_deregister_tdlssta(adapter, hddctx->tdlsConnInfo[staidx].staId); wlan_hdd_tdls_decrement_peer_count(adapter); - hddctx->tdlsConnInfo[staidx].staId = 0; + hddctx->tdlsConnInfo[staidx].staId = + HDD_WLAN_INVALID_STA_ID; hddctx->tdlsConnInfo[staidx].sessionId = 255; @@ -665,7 +667,7 @@ static void wlan_hdd_tdls_del_non_forced_peers(tdlsCtx_t *hdd_tdls_ctx) } else { peer->link_status = eTDLS_LINK_IDLE; peer->reason = eTDLS_LINK_UNSPECIFIED; - peer->staId = OL_TXRX_INVALID_TDLS_PEER_ID; + peer->staId = HDD_WLAN_INVALID_STA_ID; peer->discovery_attempt = 0; } } @@ -720,7 +722,8 @@ void hdd_tdls_context_init(hdd_context_t *hdd_ctx, bool ssr) hdd_debug("max_num_tdls_sta: %d", hdd_ctx->max_num_tdls_sta); for (sta_idx = 0; sta_idx < hdd_ctx->max_num_tdls_sta; sta_idx++) { - hdd_ctx->tdlsConnInfo[sta_idx].staId = 0; + hdd_ctx->tdlsConnInfo[sta_idx].staId = + HDD_WLAN_INVALID_STA_ID; hdd_ctx->tdlsConnInfo[sta_idx].sessionId = 255; qdf_mem_zero(&hdd_ctx->tdlsConnInfo[sta_idx].peerMac, QDF_MAC_ADDR_SIZE); @@ -1691,7 +1694,7 @@ static void wlan_hdd_tdls_set_mode(hdd_context_t *pHddCtx, ENTER(); - hdd_debug("mode %d", (int)tdls_mode); + hdd_debug("mode %d, source %d", (int)tdls_mode, source); if (0 != (wlan_hdd_validate_context(pHddCtx))) return; @@ -1740,7 +1743,9 @@ static void wlan_hdd_tdls_set_mode(hdd_context_t *pHddCtx, peer_update_timer) == QDF_TIMER_STATE_STOPPED)) { hdd_debug("Start timer again,source bitmap:%lu", pHddCtx->tdls_source_bitmap); + mutex_lock(&pHddCtx->tdls_lock); wlan_hdd_tdls_implicit_enable(pHddTdlsCtx); + mutex_unlock(&pHddCtx->tdls_lock); } status = hdd_get_next_adapter(pHddCtx, pAdapterNode, &pNext); @@ -1772,22 +1777,6 @@ static void wlan_hdd_tdls_set_mode(hdd_context_t *pHddCtx, return; } wlan_hdd_tdls_implicit_enable(pHddTdlsCtx); - /* tdls implicit mode is enabled, so - * enable the connection tracker - */ - pHddCtx->enable_tdls_connection_tracker - = true; - - if (tdls_mode == eTDLS_SUPPORT_EXTERNAL_CONTROL - && !pHddCtx->tdls_external_peer_count - && !pHddCtx->connected_peer_count) { - /* Disable connection tracker if tdls - * mode is external and no force peers - * were configured by application. - */ - pHddCtx->enable_tdls_connection_tracker - = false; - } } else if (eTDLS_SUPPORT_DISABLED == tdls_mode) { set_bit((unsigned long)source, @@ -1829,6 +1818,7 @@ static void wlan_hdd_tdls_set_mode(hdd_context_t *pHddCtx, pHddCtx->tdls_mode = tdls_mode; mutex_unlock(&pHddCtx->tdls_lock); + cds_set_tdls_ct_mode(pHddCtx); EXIT(); } @@ -1888,6 +1878,9 @@ int wlan_hdd_tdls_set_params(struct net_device *dev, config->rssi_trigger_threshold, config->rssi_teardown_threshold); + if (pHddCtx->tdls_mode == eTDLS_SUPPORT_NOT_ENABLED) + return -EINVAL; + wlan_hdd_tdls_set_mode(pHddCtx, req_tdls_mode, true, HDD_SET_TDLS_MODE_SOURCE_USER); @@ -1970,8 +1963,9 @@ void wlan_hdd_update_tdls_info(hdd_adapter_t *adapter, bool tdls_prohibited, goto done; } - hdd_debug("tdls_prohibited: %d, tdls_chan_swit_prohibited: %d", - tdls_prohibited, tdls_chan_swit_prohibited); + hdd_debug("tdls_prohibited: %d, tdls_chan_swit_prohibited: %d, source bitmap:%lu", + tdls_prohibited, tdls_chan_swit_prohibited, + hdd_ctx->tdls_source_bitmap); mutex_lock(&hdd_ctx->tdls_lock); @@ -1992,13 +1986,27 @@ void wlan_hdd_update_tdls_info(hdd_adapter_t *adapter, bool tdls_prohibited, /* If AP or caller indicated TDLS Prohibited then disable tdls mode */ if (tdls_prohibited) { hdd_ctx->tdls_mode = eTDLS_SUPPORT_NOT_ENABLED; + /* If the source bit is non zero then tdls mode is + * eTDLS_SUPPORT_DISABLED before changing the mode to + * eTDLS_SUPPORT_NOT_ENABlED, make the source bit to 0 + * as the wlan_hdd_tdls_set_mode is not called to + * clear the source bit, if the current mode is + * eTDLS_SUPPORT_NOT_ENABLED. + */ + hdd_ctx->tdls_source_bitmap = 0; } else { - if (false == hdd_ctx->config->fEnableTDLSImplicitTrigger) + if (false == hdd_ctx->config->fEnableTDLSImplicitTrigger) { hdd_ctx->tdls_mode = eTDLS_SUPPORT_EXPLICIT_TRIGGER_ONLY; - else if (true == hdd_ctx->config->fTDLSExternalControl) + } else if (true == hdd_ctx->config->fTDLSExternalControl) { hdd_ctx->tdls_mode = eTDLS_SUPPORT_EXTERNAL_CONTROL; - else + if (!hdd_ctx->tdls_source_bitmap && + hdd_ctx->tdls_external_peer_count) + wlan_hdd_tdls_implicit_enable(hdd_tdls_ctx); + } else { hdd_ctx->tdls_mode = eTDLS_SUPPORT_ENABLED; + if (!hdd_ctx->tdls_source_bitmap) + wlan_hdd_tdls_implicit_enable(hdd_tdls_ctx); + } } tdls_param = qdf_mem_malloc(sizeof(*tdls_param)); if (!tdls_param) { @@ -2090,8 +2098,9 @@ void wlan_hdd_update_tdls_info(hdd_adapter_t *adapter, bool tdls_prohibited, hdd_ctx->set_state_info.set_state_cnt--; } - hdd_debug("TDLS Set state cnt %d", - hdd_ctx->set_state_info.set_state_cnt); + hdd_debug("TDLS Set state cnt %d, source bitmap:%lu", + hdd_ctx->set_state_info.set_state_cnt, + hdd_ctx->tdls_source_bitmap); mutex_unlock(&hdd_ctx->tdls_lock); done: @@ -2477,7 +2486,7 @@ int wlan_hdd_tdls_reset_peer(hdd_adapter_t *pAdapter, const uint8_t *mac) wlan_hdd_tdls_set_peer_link_status(curr_peer, eTDLS_LINK_IDLE, eTDLS_LINK_UNSPECIFIED); - curr_peer->staId = OL_TXRX_INVALID_TDLS_PEER_ID; + curr_peer->staId = HDD_WLAN_INVALID_STA_ID; ret_status: return status; } @@ -2891,7 +2900,8 @@ bool wlan_hdd_tdls_check_peer_buf_capable(hdd_context_t *hdd_ctx, return false; for (staIdx = 0; staIdx < hdd_ctx->max_num_tdls_sta; staIdx++) { - if (hdd_ctx->tdlsConnInfo[staIdx].staId) { + if (hdd_ctx->tdlsConnInfo[staIdx].staId != + HDD_WLAN_INVALID_STA_ID) { curr_peer = wlan_hdd_tdls_find_all_peer(hdd_ctx, hdd_ctx->tdlsConnInfo[staIdx].peerMac.bytes); if (curr_peer) { @@ -3004,7 +3014,7 @@ void wlan_hdd_tdls_scan_done_callback(hdd_adapter_t *pAdapter) return; if (eTDLS_SUPPORT_NOT_ENABLED == pHddCtx->tdls_mode) { - hdd_debug("TDLS mode is disabled OR not enabled"); + hdd_debug("TDLS mode is not enabled don't change the tdls mode"); return; } @@ -3427,6 +3437,10 @@ __wlan_hdd_cfg80211_configure_tdls_mode(struct wiphy *wiphy, hdd_err("Invalid TDLS trigger mode"); return -EINVAL; } + if (hdd_ctx->tdls_mode == eTDLS_SUPPORT_NOT_ENABLED) { + hdd_err("TDLS mode is Not Enabled"); + return -EPERM; + } wlan_hdd_tdls_set_mode(hdd_ctx, tdls_mode, false, HDD_SET_TDLS_MODE_SOURCE_USER); @@ -5866,7 +5880,7 @@ static void wlan_hdd_tdls_idle_handler(void *user_data) v_CONTEXT_t cds_context; hdd_adapter_t *adapter; - if (!tdls_info->staId) { + if (tdls_info->staId == HDD_WLAN_INVALID_STA_ID) { hdd_err("peer (staidx %u) doesn't exists", tdls_info->staId); return; } @@ -6275,7 +6289,8 @@ static int wlan_hdd_tdls_teardown_links(hdd_context_t *hddctx, for (staidx = 0; staidx < hddctx->max_num_tdls_sta; staidx++) { - if (!hddctx->tdlsConnInfo[staidx].staId) + if (hddctx->tdlsConnInfo[staidx].staId == + HDD_WLAN_INVALID_STA_ID) continue; mutex_lock(&hddctx->tdls_lock); @@ -6392,6 +6407,10 @@ void wlan_hdd_change_tdls_mode(void *data) { hdd_context_t *hdd_ctx = (hdd_context_t *)data; + if (hdd_ctx->tdls_mode == eTDLS_SUPPORT_NOT_ENABLED) { + hdd_debug("TDLS mode is not enabled, don't change the tdls mode"); + return; + } wlan_hdd_tdls_set_mode(hdd_ctx, hdd_ctx->tdls_mode_last, false, HDD_SET_TDLS_MODE_SOURCE_P2P); } @@ -6405,6 +6424,11 @@ void hdd_tdls_notify_p2p_roc(hdd_context_t *hdd_ctx, qdf_mc_timer_stop(&hdd_ctx->tdls_source_timer); + if (eTDLS_SUPPORT_NOT_ENABLED == hdd_ctx->tdls_mode) { + hdd_debug("TDLS mode is not enabled continue with roc"); + return; + } + if (event == P2P_ROC_START) { tdls_mode = eTDLS_SUPPORT_DISABLED; wlan_hdd_tdls_set_mode(hdd_ctx, tdls_mode, false, @@ -6477,6 +6501,11 @@ void hdd_tdls_notify_hw_mode_change(bool is_dbs_hw_mode) if (!hdd_ctx) return; + if (hdd_ctx->tdls_mode == eTDLS_SUPPORT_NOT_ENABLED) { + hdd_debug("TDLS mode is not enabled continue with hw mode change"); + return; + } + if (is_dbs_hw_mode) { hdd_debug("hw mode is DBS"); wlan_hdd_tdls_set_mode(hdd_ctx, diff --git a/core/hdd/src/wlan_hdd_tx_rx.c b/core/hdd/src/wlan_hdd_tx_rx.c index b07a7aaec412..89c5ac95997e 100644 --- a/core/hdd/src/wlan_hdd_tx_rx.c +++ b/core/hdd/src/wlan_hdd_tx_rx.c @@ -1071,7 +1071,7 @@ static netdev_tx_t __hdd_hard_start_xmit(struct sk_buff *skb, } if (pAdapter->tx_fn(ol_txrx_get_vdev_by_sta_id(STAId), - (qdf_nbuf_t) skb) != NULL) { + (qdf_nbuf_t)skb, 0) != NULL) { QDF_TRACE(QDF_MODULE_ID_HDD_DATA, QDF_TRACE_LEVEL_INFO_HIGH, "%s: Failed to send packet to txrx for staid: %d", __func__, STAId); diff --git a/core/hdd/src/wlan_hdd_wext.c b/core/hdd/src/wlan_hdd_wext.c index 2d9ded6dd24f..21bb16a287fd 100644 --- a/core/hdd/src/wlan_hdd_wext.c +++ b/core/hdd/src/wlan_hdd_wext.c @@ -576,7 +576,7 @@ static const struct ccp_freq_chan_map freq_chan_map[] = { */ #define WE_SET_MAX_TX_POWER_5_0 43 #define WE_SET_PKTLOG 44 -/* Private ioctl for packet powe save */ +/* Private ioctl for packet power save */ #define WE_PPS_PAID_MATCH 45 #define WE_PPS_GID_MATCH 46 #define WE_PPS_EARLY_TIM_CLEAR 47 @@ -587,7 +587,7 @@ static const struct ccp_freq_chan_map freq_chan_map[] = { #define WE_PPS_GID_NSTS_ZERO 52 /* * <ioctl> - * rssi_chk - Chek the rssi + * rssi_chk - Check the rssi * * @INPUT: One argument as input * @@ -630,44 +630,6 @@ static const struct ccp_freq_chan_map freq_chan_map[] = { #define WE_SET_QPOWER_MAX_TX_BEFORE_WAKE 57 #define WE_SET_QPOWER_SPEC_PSPOLL_WAKE_INTERVAL 58 #define WE_SET_QPOWER_SPEC_MAX_SPEC_NODATA_PSPOLL 59 -/* - * <ioctl> - * burst_enable - Enables or disables the burst feature - * - * @INPUT: 0-Disable, 1-Enable - * - * @OUTPUT: None - * - * This IOCTL enables or disables the burst feature. - * - * @E.g: iwpriv wlan0 burst_enable 0 - * - * Supported Feature: STA - * - * Usage: Internal/External - * - * </ioctl> - */ -#define WE_SET_BURST_ENABLE 60 -/* - * <ioctl> - * burst_dur - Enables or disables the burst feature - * - * @INPUT: int 1…..int 8191 in microseconds - * - * @OUTPUT: None - * - * This IOCTL sets the burst duration. - * - * @E.g: iwpriv wlan0 burst_dur <value> - * - * Supported Feature: STA - * - * Usage: Internal/External - * - * </ioctl> - */ -#define WE_SET_BURST_DUR 61 /* GTX Commands */ /* * <ioctl> @@ -1496,47 +1458,6 @@ static const struct ccp_freq_chan_map freq_chan_map[] = { #define WE_GET_QPOWER_MAX_TX_BEFORE_WAKE 42 #define WE_GET_QPOWER_SPEC_PSPOLL_WAKE_INTERVAL 43 #define WE_GET_QPOWER_SPEC_MAX_SPEC_NODATA_PSPOLL 44 -/* - * <ioctl> - * get_burst_en - Enables or disables the burst feature - * - * @INPUT: None - * - * @OUTPUT: Enable/disable of burst feature - * wlan0 get_burst_en:1 - * - * This IOCTL enables or disables the burst feature - * - * @E.g: iwpriv wlan0 get_burst_en - * - * Supported Feature:STA - * - * Usage: Internal/External - * - * </ioctl> - */ -#define WE_GET_BURST_ENABLE 45 -/* - * <ioctl> - * get_burst_dur - Get the burst duration - * - * @INPUT: None - * - * @OUTPUT: Duration in microseconds - * wlan0 get_burst_dur:8160 - * - * This IOCTL gets the burst duration - * This command is useful if setting burst enable - * - * @E.g: iwpriv wlan0 get_burst_dur - * - * Supported Feature: STA - * - * Usage: Internal/External - * - * </ioctl> - */ -#define WE_GET_BURST_DUR 46 /* GTX Commands */ /* * <ioctl> @@ -3197,7 +3118,7 @@ static QDF_STATUS hdd_wlan_get_ibss_peer_info_all(hdd_adapter_t *pAdapter) /** * hdd_wlan_get_rts_threshold() - Get RTS threshold - * @pAdapter: adapter upon which the request was received + * @adapter: adapter upon which the request was received * @wrqu: pointer to the ioctl request * * This function retrieves the current RTS threshold value and stores @@ -3205,27 +3126,28 @@ static QDF_STATUS hdd_wlan_get_ibss_peer_info_all(hdd_adapter_t *pAdapter) * * Return: 0 if valid data was returned, non-zero on error */ -int hdd_wlan_get_rts_threshold(hdd_adapter_t *pAdapter, union iwreq_data *wrqu) +int hdd_wlan_get_rts_threshold(hdd_adapter_t *adapter, union iwreq_data *wrqu) { - tHalHandle hHal = WLAN_HDD_GET_HAL_CTX(pAdapter); + tHalHandle hal; uint32_t threshold = 0; hdd_context_t *hdd_ctx; int ret = 0; ENTER(); - if (NULL == pAdapter) { + if (!adapter) { hdd_err("Adapter is NULL"); return -EINVAL; } + hal = WLAN_HDD_GET_HAL_CTX(adapter); - hdd_ctx = WLAN_HDD_GET_CTX(pAdapter); + hdd_ctx = WLAN_HDD_GET_CTX(adapter); ret = wlan_hdd_validate_context(hdd_ctx); if (0 != ret) return ret; if (QDF_STATUS_SUCCESS != - sme_cfg_get_int(hHal, WNI_CFG_RTS_THRESHOLD, &threshold)) { + sme_cfg_get_int(hal, WNI_CFG_RTS_THRESHOLD, &threshold)) { hdd_err("Failed to get ini parameter, WNI_CFG_RTS_THRESHOLD"); return -EIO; } @@ -3251,7 +3173,6 @@ int hdd_wlan_get_rts_threshold(hdd_adapter_t *pAdapter, union iwreq_data *wrqu) int hdd_wlan_get_frag_threshold(hdd_adapter_t *pAdapter, union iwreq_data *wrqu) { - tHalHandle hHal = WLAN_HDD_GET_HAL_CTX(pAdapter); uint32_t threshold = 0, status = 0; hdd_context_t *hdd_ctx; @@ -3267,7 +3188,9 @@ int hdd_wlan_get_frag_threshold(hdd_adapter_t *pAdapter, if (0 != status) return status; - if (sme_cfg_get_int(hHal, WNI_CFG_FRAGMENTATION_THRESHOLD, &threshold) + if (sme_cfg_get_int(WLAN_HDD_GET_HAL_CTX(pAdapter), + WNI_CFG_FRAGMENTATION_THRESHOLD, + &threshold) != QDF_STATUS_SUCCESS) { hdd_err("WNI_CFG_FRAGMENTATION_THRESHOLD failed"); return -EIO; @@ -4756,7 +4679,8 @@ static int __iw_set_bitrate(struct net_device *dev, hdd_adapter_t *pAdapter = WLAN_HDD_GET_PRIV_PTR(dev); hdd_wext_state_t *pWextState; hdd_station_ctx_t *pHddStaCtx = WLAN_HDD_GET_STATION_CTX_PTR(pAdapter); - uint8_t supp_rates[WNI_CFG_SUPPORTED_RATES_11A_LEN]; + uint8_t supp_rates[WNI_CFG_SUPPORTED_RATES_11A_LEN + + WNI_CFG_SUPPORTED_RATES_11B_LEN]; uint32_t a_len = WNI_CFG_SUPPORTED_RATES_11A_LEN; uint32_t b_len = WNI_CFG_SUPPORTED_RATES_11B_LEN; uint32_t i, rate; @@ -4792,7 +4716,8 @@ static int __iw_set_bitrate(struct net_device *dev, &a_len) == QDF_STATUS_SUCCESS) && (sme_cfg_get_str(WLAN_HDD_GET_HAL_CTX(pAdapter), - WNI_CFG_SUPPORTED_RATES_11B, supp_rates, + WNI_CFG_SUPPORTED_RATES_11B, + supp_rates + a_len, &b_len) == QDF_STATUS_SUCCESS)) { for (i = 0; i < (b_len + a_len); ++i) { /* supported rates returned is double @@ -7956,29 +7881,6 @@ static int __iw_setint_getnone(struct net_device *dev, break; } - case WE_SET_BURST_ENABLE: - { - hdd_debug("SET Burst enable val %d", set_value); - if ((set_value == 0) || (set_value == 1)) { - ret = wma_cli_set_command(pAdapter->sessionId, - WMI_PDEV_PARAM_BURST_ENABLE, - set_value, PDEV_CMD); - } else - ret = -EINVAL; - break; - } - case WE_SET_BURST_DUR: - { - hdd_debug("SET Burst duration val %d", set_value); - if ((set_value > 0) && (set_value <= 102400)) - ret = wma_cli_set_command(pAdapter->sessionId, - WMI_PDEV_PARAM_BURST_DUR, - set_value, PDEV_CMD); - else - ret = -EINVAL; - break; - } - case WE_SET_TX_CHAINMASK: { hdd_debug("WMI_PDEV_PARAM_TX_CHAIN_MASK val %d", @@ -9042,23 +8944,6 @@ static int __iw_setnone_getint(struct net_device *dev, break; } - case WE_GET_BURST_ENABLE: - { - hdd_debug("GET Burst enable value"); - *value = wma_cli_get_command(pAdapter->sessionId, - WMI_PDEV_PARAM_BURST_ENABLE, - PDEV_CMD); - break; - } - case WE_GET_BURST_DUR: - { - hdd_debug("GET Burst Duration value"); - *value = wma_cli_get_command(pAdapter->sessionId, - WMI_PDEV_PARAM_BURST_DUR, - PDEV_CMD); - break; - } - case WE_GET_TX_CHAINMASK: { hdd_debug("GET WMI_PDEV_PARAM_TX_CHAIN_MASK"); @@ -10102,10 +9987,10 @@ static int iw_get_policy_manager_ut_ops(hdd_context_t *hdd_ctx, { hdd_debug("<iwpriv wlan0 pm_clist> is called"); if ((apps_args[0] < 0) || (apps_args[1] < 0) || - (apps_args[2] < 0) || (apps_args[3] < 0) || - (apps_args[4] < 0) || (apps_args[5] < 0) || - (apps_args[6] < 0) || (apps_args[7] < 0)) { - hdd_err("Invalid input params recieved for the IOCTL"); + (apps_args[2] < 0) || (apps_args[3] < 0) || + (apps_args[4] < 0) || (apps_args[5] < 0) || + (apps_args[6] < 0) || (apps_args[7] < 0)) { + hdd_err("Invalid input params received for the IOCTL"); return 0; } cds_incr_connection_count_utfw(apps_args[0], @@ -10119,7 +10004,7 @@ static int iw_get_policy_manager_ut_ops(hdd_context_t *hdd_ctx, { hdd_debug("<iwpriv wlan0 pm_dlist> is called"); if ((apps_args[0] < 0) || (apps_args[1] < 0)) { - hdd_err("Invalid input params recieved for the IOCTL"); + hdd_err("Invalid input params received for the IOCTL"); return 0; } @@ -10132,10 +10017,10 @@ static int iw_get_policy_manager_ut_ops(hdd_context_t *hdd_ctx, { hdd_debug("<iwpriv wlan0 pm_ulist> is called"); if ((apps_args[0] < 0) || (apps_args[1] < 0) || - (apps_args[2] < 0) || (apps_args[3] < 0) || - (apps_args[4] < 0) || (apps_args[5] < 0) || - (apps_args[6] < 0) || (apps_args[7] < 0)) { - hdd_err("Invalid input params recieved for the IOCTL"); + (apps_args[2] < 0) || (apps_args[3] < 0) || + (apps_args[4] < 0) || (apps_args[5] < 0) || + (apps_args[6] < 0) || (apps_args[7] < 0)) { + hdd_err("Invalid input params received for the IOCTL"); return 0; } cds_update_connection_info_utfw(apps_args[0], @@ -10149,7 +10034,7 @@ static int iw_get_policy_manager_ut_ops(hdd_context_t *hdd_ctx, { hdd_debug("<iwpriv wlan0 pm_dbs> is called"); if (apps_args[0] < 0) { - hdd_err("Invalid input param recieved for the IOCTL"); + hdd_err("Invalid input param received for the IOCTL"); return 0; } @@ -10175,7 +10060,7 @@ static int iw_get_policy_manager_ut_ops(hdd_context_t *hdd_ctx, hdd_debug("<iwpriv wlan0 pm_pcl> is called"); if (apps_args[0] < 0) { - hdd_err("Invalid input param recieved for the IOCTL"); + hdd_err("Invalid input param received for the IOCTL"); return 0; } cds_get_pcl(apps_args[0], @@ -10222,7 +10107,7 @@ static int iw_get_policy_manager_ut_ops(hdd_context_t *hdd_ctx, hdd_debug("<iwpriv wlan0 pm_query_action> is called"); if (apps_args[0] < 0) { - hdd_err("Invalid input params recieved for the IOCTL"); + hdd_err("Invalid input params received for the IOCTL"); return 0; } @@ -10239,8 +10124,8 @@ static int iw_get_policy_manager_ut_ops(hdd_context_t *hdd_ctx, hdd_debug("<iwpriv wlan0 pm_query_allow> is called"); if ((apps_args[0] < 0) || (apps_args[1] < 0) || - (apps_args[2] < 0)) { - hdd_err("Invalid input params recieved for the IOCTL"); + (apps_args[2] < 0)) { + hdd_err("Invalid input params received for the IOCTL"); return 0; } allow = cds_allow_concurrency( @@ -11384,6 +11269,38 @@ int wlan_hdd_set_filter(hdd_context_t *hdd_ctx, } /** + * validate_packet_filter_params_size() - Validate the size of the params rcvd + * @priv_data: Pointer to the priv data from user space + * @request: Pointer to the struct containing the copied data from user space + * + * Return: False on invalid length, true otherwise + */ +static bool validate_packet_filter_params_size(struct pkt_filter_cfg *request, + uint16_t length) +{ + int max_params_size, rcvd_params_size; + + max_params_size = HDD_MAX_CMP_PER_PACKET_FILTER * + sizeof(struct pkt_filter_param_cfg); + + if (length < sizeof(struct pkt_filter_cfg) - max_params_size) { + hdd_err("Less than minimum number of arguments needed"); + return false; + } + + rcvd_params_size = request->num_params * + sizeof(struct pkt_filter_param_cfg); + + if (length != sizeof(struct pkt_filter_cfg) - + max_params_size + rcvd_params_size) { + hdd_err("Arguments do not match the number of params provided"); + return false; + } + + return true; +} + +/** * __iw_set_packet_filter_params() - set packet filter parameters in target * @dev: Pointer to netdev * @info: Pointer to iw request info @@ -11419,8 +11336,7 @@ static int __iw_set_packet_filter_params(struct net_device *dev, return -EINVAL; } - if ((NULL == priv_data.pointer) || (0 == priv_data.length) || - priv_data.length < sizeof(struct pkt_filter_cfg)) { + if ((NULL == priv_data.pointer) || (0 == priv_data.length)) { hdd_err("invalid priv data %pK or invalid priv data length %d", priv_data.pointer, priv_data.length); return -EINVAL; @@ -11440,11 +11356,18 @@ static int __iw_set_packet_filter_params(struct net_device *dev, /* copy data using copy_from_user */ request = mem_alloc_copy_from_user_helper(priv_data.pointer, priv_data.length); + if (NULL == request) { hdd_err("mem_alloc_copy_from_user_helper fail"); return -ENOMEM; } + if (!validate_packet_filter_params_size(request, priv_data.length)) { + hdd_err("Invalid priv data length %d", priv_data.length); + qdf_mem_free(request); + return -EINVAL; + } + if (request->filter_action == HDD_RCV_FILTER_SET) hdd_ctx->user_configured_pkt_filter_rules |= 1 << request->filter_id; @@ -12741,16 +12664,6 @@ static const struct iw_priv_args we_private_args[] = { 0, "amsdu"}, - {WE_SET_BURST_ENABLE, - IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, - 0, - "burst_enable"}, - - {WE_SET_BURST_DUR, - IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, - 0, - "burst_dur"}, - {WE_SET_TXPOW_2G, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, 0, @@ -13093,16 +13006,6 @@ static const struct iw_priv_args we_private_args[] = { IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, "get_amsdu"}, - {WE_GET_BURST_ENABLE, - 0, - IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, - "get_burst_en"}, - - {WE_GET_BURST_DUR, - 0, - IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, - "get_burst_dur"}, - {WE_GET_TXPOW_2G, 0, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, diff --git a/core/mac/inc/qwlan_version.h b/core/mac/inc/qwlan_version.h index ab2188edf863..04f7d4afb774 100644 --- a/core/mac/inc/qwlan_version.h +++ b/core/mac/inc/qwlan_version.h @@ -32,9 +32,9 @@ #define QWLAN_VERSION_MAJOR 5 #define QWLAN_VERSION_MINOR 1 #define QWLAN_VERSION_PATCH 1 -#define QWLAN_VERSION_EXTRA "V" -#define QWLAN_VERSION_BUILD 57 +#define QWLAN_VERSION_EXTRA "W" +#define QWLAN_VERSION_BUILD 60 -#define QWLAN_VERSIONSTR "5.1.1.57V" +#define QWLAN_VERSIONSTR "5.1.1.60W" #endif /* QWLAN_VERSION_H */ diff --git a/core/mac/inc/sir_api.h b/core/mac/inc/sir_api.h index 313dae998639..a25235311cc5 100644 --- a/core/mac/inc/sir_api.h +++ b/core/mac/inc/sir_api.h @@ -940,6 +940,7 @@ typedef struct sSirSmeScanReq { uint8_t dot11mode; tSirScanType scanType; uint32_t scan_id; + uint32_t scan_requestor_id; /** * minChannelTime. Not used if scanType is passive. * 0x0 - Dont Use min channel timer. Only max channel timeout will used. @@ -1340,6 +1341,7 @@ typedef struct sSirSmeJoinReq { bool supported_nss_1x1; uint8_t vdev_nss; uint8_t nss; + bool nss_forced_1x1; tSirBssDescription bssDescription; /* * WARNING: Pls make bssDescription as last variable in struct @@ -1753,6 +1755,7 @@ typedef struct sSirSmeDisassocInd { typedef struct sSirSmeDisassocCnf { uint16_t messageType; /* eWNI_SME_DISASSOC_CNF */ uint16_t length; + uint8_t sme_session_id; tSirResultCodes statusCode; struct qdf_mac_addr bssid; struct qdf_mac_addr peer_macaddr; @@ -2886,12 +2889,8 @@ typedef struct sSirUpdateAPWPARSNIEsReq { #define SIR_ROAM_SCAN_MAX_PB_REQ_SIZE 450 /* Occupied channel list remains static */ #define CHANNEL_LIST_STATIC 1 -/* Occupied channel list can be learnt after init */ -#define CHANNEL_LIST_DYNAMIC_INIT 2 -/* Occupied channel list can be learnt after flush */ -#define CHANNEL_LIST_DYNAMIC_FLUSH 3 -/* Occupied channel list can be learnt after update */ -#define CHANNEL_LIST_DYNAMIC_UPDATE 4 +/* Occupied channel list can be dynamic */ +#define CHANNEL_LIST_DYNAMIC 2 #define SIR_ROAM_SCAN_24G_DEFAULT_CH 1 #define SIR_ROAM_SCAN_5G_DEFAULT_CH 36 #define SIR_ROAM_SCAN_RESERVED_BYTES 61 @@ -4282,6 +4281,7 @@ typedef struct sAniHandoffReq { #define USER_SCAN_REQUESTOR_ID 0xA000 #define ROC_SCAN_REQUESTOR_ID 0xB000 #define PREAUTH_REQUESTOR_ID 0xC000 +#define ACS_SCAN_REQUESTOR_ID 0xD000 typedef struct sSirScanOffloadReq { uint8_t sessionId; @@ -8297,11 +8297,15 @@ struct action_frame_random_filter { /** * struct chain_rssi_result - chain rssi result + * num_chains_valid: chains vaild number * @chain_rssi: chain rssi result + * @ant_id: antenna id */ struct chain_rssi_result { - #define CHAIN_RSSI_NUM 8 - uint32_t chain_rssi[CHAIN_RSSI_NUM]; + #define CHAIN_MAX_NUM 8 + uint32_t num_chains_valid; + uint32_t chain_rssi[CHAIN_MAX_NUM]; + uint32_t ant_id[CHAIN_MAX_NUM]; }; /** diff --git a/core/mac/src/cfg/cfgUtil/dot11f.frms b/core/mac/src/cfg/cfgUtil/dot11f.frms index 64748a7d5a38..e9a7334de603 100644 --- a/core/mac/src/cfg/cfgUtil/dot11f.frms +++ b/core/mac/src/cfg/cfgUtil/dot11f.frms @@ -1588,6 +1588,23 @@ IE BeaconReportFrmBody (EID_BCN_REPORT_FRAME_BODY) reportedFields[0..224]; } +const EID_BCN_REPORT_FRAME_BODY_FRAGMENT_ID = 2; +IE beacon_report_frm_body_fragment_id (EID_BCN_REPORT_FRAME_BODY_FRAGMENT_ID) +{ + // Data + { + beacon_report_id: 8; + fragment_id_number: 7; + more_fragments: 1; + } +} + +const EID_BCN_REPORT_LAST_BEACON_REPORT_INDICATION = 164; +IE last_beacon_report_indication (EID_BCN_REPORT_LAST_BEACON_REPORT_INDICATION) +{ + last_fragment, 1; +} + IE MeasurementReport (EID_MEAS_REPORT) // 7.3.2.22 { token, 1; @@ -1654,6 +1671,8 @@ IE MeasurementReport (EID_MEAS_REPORT) // 7.3.2.22 antenna_id, 1; parent_TSF, 4; OPTIE BeaconReportFrmBody; + OPTIE beacon_report_frm_body_fragment_id; + OPTIE last_beacon_report_indication; //IE vendor_specific } }; @@ -2746,6 +2765,7 @@ IE MeasurementRequest (EID_MEAS_REQUEST) // 7.3.2.21 OPTIE BcnReportingDetail; OPTIE RequestedInfo; OPTIE APChannelReport[0..2]; + OPTIE last_beacon_report_indication; //OPTIONAL vendor_specific[1..239]; } lci (measurement_type IS 8) diff --git a/core/mac/src/cfg/cfg_api.c b/core/mac/src/cfg/cfg_api.c index 265b22779702..0f70fbed505f 100644 --- a/core/mac/src/cfg/cfg_api.c +++ b/core/mac/src/cfg/cfg_api.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -937,3 +937,34 @@ uint8_t *cfg_get_vendor_ie_ptr_from_oui(tpAniSirGlobal mac_ctx, return NULL; } +uint8_t *wlan_cfg_get_ie_ptr(uint8_t *p_ie, int length, uint8_t eid, + enum size_of_len_field size_of_len_field) +{ + int left = length; + uint8_t *ptr = p_ie; + uint8_t elem_id; + uint16_t elem_len; + + while (left >= (size_of_len_field + 1)) { + elem_id = ptr[0]; + if (size_of_len_field == TWO_BYTE) + elem_len = ((uint16_t)ptr[1]) | (ptr[2] << 8); + else + elem_len = ptr[1]; + + left -= (size_of_len_field + 1); + if (elem_len > left) { + pe_err("Invalid IEs eid: %d elem_len: %d left: %d", + eid, elem_len, left); + return NULL; + } + + if (elem_id == eid) + return ptr; + + left -= elem_len; + ptr += (elem_len + (size_of_len_field + 1)); + } + return NULL; +} + diff --git a/core/mac/src/include/cfg_api.h b/core/mac/src/include/cfg_api.h index 7d7d3f2433ea..2050b0c53245 100644 --- a/core/mac/src/include/cfg_api.h +++ b/core/mac/src/include/cfg_api.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011-2012, 2015-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011-2012, 2015-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -119,4 +119,20 @@ uint8_t *cfg_get_vendor_ie_ptr_from_oui(tpAniSirGlobal mac_ctx, uint8_t *ie, uint16_t ie_len); +/** + * wlan_cfg_get_ie_ptr() - to get IE ptr corresponding + * to a particular eid + * @p_ie: ptr to complete IE of beacon/probe response + * @length: complete IE length + * @eid: IE id + * @size_of_len_field: ONE_BYTE/TWO_BYTE + * + * This function is called to get IE ptr corresponding + * to a particular eid + * + * @Return: ptr to IE + */ +uint8_t *wlan_cfg_get_ie_ptr(uint8_t *p_ie, int length, uint8_t eid, + enum size_of_len_field size_of_len_field); + #endif /* __CFGAPI_H */ diff --git a/core/mac/src/include/cfg_global.h b/core/mac/src/include/cfg_global.h index aea692245956..c4b5200a6ea3 100644 --- a/core/mac/src/include/cfg_global.h +++ b/core/mac/src/include/cfg_global.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011-2015 The Linux Foundation. All rights reserved. + * Copyright (c) 2011-2015, 2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -84,4 +84,14 @@ typedef struct sAniSirCfg { uint32_t *gParamList; } tAniSirCfg, *tpAniSirCfg; +/** + * enum size_of_len_field: IE length size + * @ONE_BYTE: one byte IE length + * @TWO_BYTE: two byte IE length + */ +enum size_of_len_field { + ONE_BYTE = 1, + TWO_BYTE = 2 +}; + #endif diff --git a/core/mac/src/include/dot11f.h b/core/mac/src/include/dot11f.h index cdd8175a742b..aac7e935635b 100644 --- a/core/mac/src/include/dot11f.h +++ b/core/mac/src/include/dot11f.h @@ -26,7 +26,7 @@ * * * This file was automatically generated by 'framesc' - * Thu May 10 17:00:57 2018 from the following file(s): + * Tue Jun 5 17:04:23 2018 from the following file(s): * * dot11f.frms * @@ -3890,6 +3890,86 @@ uint32_t dot11f_get_packed_ie_azimuth_req( }; /* End extern "C". */ #endif /* C++ */ +/* EID 2 (0x02) */ +typedef struct sDot11fIEbeacon_report_frm_body_fragment_id { + uint8_t present; + uint16_t beacon_report_id:8; + uint16_t fragment_id_number:7; + uint16_t more_fragments:1; +} tDot11fIEbeacon_report_frm_body_fragment_id; + +#define DOT11F_EID_BEACON_REPORT_FRM_BODY_FRAGMENT_ID (2) + +/* N.B. These #defines do *not* include the EID & length */ +#define DOT11F_IE_BEACON_REPORT_FRM_BODY_FRAGMENT_ID_MIN_LEN (2) + +#define DOT11F_IE_BEACON_REPORT_FRM_BODY_FRAGMENT_ID_MAX_LEN (2) + +#ifdef __cplusplus +extern "C" { +#endif /* C++ */ +__must_check uint32_t dot11f_unpack_ie_beacon_report_frm_body_fragment_id( + tpAniSirGlobal, + uint8_t *, + uint8_t, + tDot11fIEbeacon_report_frm_body_fragment_id*, + bool); + +uint32_t dot11f_pack_ie_beacon_report_frm_body_fragment_id( + tpAniSirGlobal, + tDot11fIEbeacon_report_frm_body_fragment_id *, + uint8_t *, + uint32_t, + uint32_t*); + +uint32_t dot11f_get_packed_ie_beacon_report_frm_body_fragment_id( + tpAniSirGlobal, + tDot11fIEbeacon_report_frm_body_fragment_id *, + uint32_t*); + +#ifdef __cplusplus +}; /* End extern "C". */ +#endif /* C++ */ + +/* EID 164 (0xa4) */ +typedef struct sDot11fIElast_beacon_report_indication { + uint8_t present; + uint8_t last_fragment; +} tDot11fIElast_beacon_report_indication; + +#define DOT11F_EID_LAST_BEACON_REPORT_INDICATION (164) + +/* N.B. These #defines do *not* include the EID & length */ +#define DOT11F_IE_LAST_BEACON_REPORT_INDICATION_MIN_LEN (1) + +#define DOT11F_IE_LAST_BEACON_REPORT_INDICATION_MAX_LEN (1) + +#ifdef __cplusplus +extern "C" { +#endif /* C++ */ +__must_check uint32_t dot11f_unpack_ie_last_beacon_report_indication( + tpAniSirGlobal, + uint8_t *, + uint8_t, + tDot11fIElast_beacon_report_indication*, + bool); + +uint32_t dot11f_pack_ie_last_beacon_report_indication( + tpAniSirGlobal, + tDot11fIElast_beacon_report_indication *, + uint8_t *, + uint32_t, + uint32_t*); + +uint32_t dot11f_get_packed_ie_last_beacon_report_indication( + tpAniSirGlobal, + tDot11fIElast_beacon_report_indication *, + uint32_t*); + +#ifdef __cplusplus +}; /* End extern "C". */ +#endif /* C++ */ + /* EID 4 (0x04) */ typedef struct sDot11fIEmax_age { uint8_t present; @@ -5361,6 +5441,8 @@ typedef struct sDot11fIEMeasurementReport { uint8_t antenna_id; uint32_t parent_TSF; tDot11fIEBeaconReportFrmBody BeaconReportFrmBody; + tDot11fIEbeacon_report_frm_body_fragment_id beacon_report_frm_body_fragment_id; + tDot11fIElast_beacon_report_indication last_beacon_report_indication; } Beacon; /* type = 5 */ } report; } tDot11fIEMeasurementReport; @@ -5438,6 +5520,7 @@ typedef struct sDot11fIEMeasurementRequest { tDot11fIERequestedInfo RequestedInfo; uint16_t num_APChannelReport; tDot11fIEAPChannelReport APChannelReport[2]; + tDot11fIElast_beacon_report_indication last_beacon_report_indication; } Beacon; /* measurement_type = 5 */ struct { uint8_t loc_subject; diff --git a/core/mac/src/include/parser_api.h b/core/mac/src/include/parser_api.h index 09fc3ad5472a..9f80d000b3a2 100644 --- a/core/mac/src/include/parser_api.h +++ b/core/mac/src/include/parser_api.h @@ -795,10 +795,21 @@ populate_dot11f_ext_supp_rates(tpAniSirGlobal pMac, uint8_t nChannelNum, tDot11fIEExtSuppRates *pDot11f, tpPESession psessionEntry); +/** + * populate_dot11f_beacon_report() - Populate the Beacon Report IE + * @pMac: Pointer to the global MAC context + * @pDot11f: Pointer to the measurement report structure + * @pBeaconReport: Pointer to the Beacon Report structure + * @last_beacon_report_params: Last Beacon Report indication params + * + * Return: Ret Status + */ tSirRetStatus populate_dot11f_beacon_report(tpAniSirGlobal pMac, tDot11fIEMeasurementReport *pDot11f, - tSirMacBeaconReport *pBeaconReport); + tSirMacBeaconReport *pBeaconReport, + struct rrm_beacon_report_last_beacon_params + *last_beacon_report_params); /** * \brief Populate a tDot11fIEExtSuppRates diff --git a/core/mac/src/pe/include/lim_session.h b/core/mac/src/pe/include/lim_session.h index cafda29420c2..beec2735af59 100644 --- a/core/mac/src/pe/include/lim_session.h +++ b/core/mac/src/pe/include/lim_session.h @@ -470,6 +470,7 @@ typedef struct sPESession /* Added to Support BT-AMP */ /* flag to indicate country code in beacon */ uint8_t country_info_present; uint8_t nss; + bool nss_forced_1x1; bool add_bss_failed; /* To hold OBSS Scan IE Parameters */ struct obss_scanparam obss_ht40_scanparam; diff --git a/core/mac/src/pe/include/rrm_global.h b/core/mac/src/pe/include/rrm_global.h index d5a56c11485b..fe4ac201b9a6 100644 --- a/core/mac/src/pe/include/rrm_global.h +++ b/core/mac/src/pe/include/rrm_global.h @@ -153,12 +153,27 @@ typedef struct sRRMReq { union { struct { uint8_t reportingDetail; + uint8_t last_beacon_report_indication; tRRMBeaconReportRequestedIes reqIes; } Beacon; } request; uint8_t sendEmptyBcnRpt; } tRRMReq, *tpRRMReq; +/** + * rrm_beacon_report_last_beacon_params - Last Beacon Report Indication params + * @last_beacon_ind: flag for whether last beacon indication is required + * @report_id: Report ID of the corresponding Beacon Report Request + * @frag_id: Current fragment's Fragment ID + * @num_frags: Total number of fragments in the Beacon Report + */ +struct rrm_beacon_report_last_beacon_params { + uint8_t last_beacon_ind; + uint8_t report_id; + uint8_t frag_id; + uint8_t num_frags; +}; + typedef struct sRRMCaps { uint8_t LinkMeasurement:1; uint8_t NeighborRpt:1; diff --git a/core/mac/src/pe/include/sch_global.h b/core/mac/src/pe/include/sch_global.h index d4245a00f58f..dc90b0ed8a42 100644 --- a/core/mac/src/pe/include/sch_global.h +++ b/core/mac/src/pe/include/sch_global.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2014 The Linux Foundation. All rights reserved. + * Copyright (c) 2013-2014, 2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -95,6 +95,10 @@ struct schMisc { uint16_t p2pIeOffset; + /* CSA and ECSA Switch Count Offsets to be sent to FW */ + uint32_t csa_count_offset; + uint32_t ecsa_count_offset; + }; /* ****************** MISC defs ********************************* */ diff --git a/core/mac/src/pe/lim/lim_p2p.c b/core/mac/src/pe/lim/lim_p2p.c index 43351cd3ffa9..59a18feac556 100644 --- a/core/mac/src/pe/lim/lim_p2p.c +++ b/core/mac/src/pe/lim/lim_p2p.c @@ -641,7 +641,7 @@ void lim_send_p2p_action_frame(tpAniSirGlobal mac_ctx, if (NULL != p2p_ie) { /* extract the presence of NoA attribute inside * P2P IE */ - presence_noa_attr = lim_get_ie_ptr_new(mac_ctx, + presence_noa_attr = wlan_cfg_get_ie_ptr( p2p_ie + SIR_P2P_IE_HEADER_LEN, p2p_ie[1], SIR_P2P_NOA_ATTR, TWO_BYTE); } diff --git a/core/mac/src/pe/lim/lim_process_action_frame.c b/core/mac/src/pe/lim/lim_process_action_frame.c index 8dce8b910d69..a70c1a7dfdf0 100644 --- a/core/mac/src/pe/lim/lim_process_action_frame.c +++ b/core/mac/src/pe/lim/lim_process_action_frame.c @@ -1647,7 +1647,7 @@ static void lim_process_action_vendor_specific(tpAniSirGlobal mac_ctx, mac_hdr = WMA_GET_RX_MAC_HEADER(pkt_info); frame_len = WMA_GET_RX_PAYLOAD_LEN(pkt_info); - if (frame_len < sizeof(action_hdr)) { + if (frame_len < sizeof(*action_hdr)) { pe_debug("Received action frame of invalid len %d", frame_len); return; } @@ -1696,11 +1696,17 @@ void lim_process_action_frame(tpAniSirGlobal mac_ctx, #endif tpSirMacMgmtHdr mac_hdr = NULL; int8_t rssi; - uint32_t frame_len; + uint32_t frame_len = WMA_GET_RX_PAYLOAD_LEN(rx_pkt_info); tpSirMacVendorSpecificFrameHdr vendor_specific; uint8_t oui[] = { 0x00, 0x00, 0xf0 }; tpSirMacVendorSpecificPublicActionFrameHdr pub_action; + if (frame_len < sizeof(*action_hdr)) { + pe_debug("frame_len %d less than Action Frame Hdr size", + frame_len); + return; + } + #ifdef WLAN_FEATURE_11W if (lim_is_robust_mgmt_action_frame(action_hdr->category) && lim_drop_unprotected_action_frame(mac_ctx, session, @@ -1708,8 +1714,6 @@ void lim_process_action_frame(tpAniSirGlobal mac_ctx, return; #endif - frame_len = WMA_GET_RX_PAYLOAD_LEN(rx_pkt_info); - switch (action_hdr->category) { case SIR_MAC_ACTION_QOS_MGMT: if ((session->limQosEnabled) || @@ -1902,10 +1906,14 @@ void lim_process_action_frame(tpAniSirGlobal mac_ctx, case SIR_MAC_ACTION_VENDOR_SPECIFIC_CATEGORY: vendor_specific = (tpSirMacVendorSpecificFrameHdr) action_hdr; mac_hdr = NULL; - frame_len = 0; mac_hdr = WMA_GET_RX_MAC_HEADER(rx_pkt_info); - frame_len = WMA_GET_RX_PAYLOAD_LEN(rx_pkt_info); + + if (frame_len < sizeof(*vendor_specific)) { + pe_debug("frame len %d less than Vendor Specific Hdr len", + frame_len); + return; + } /* Check if it is a vendor specific action frame. */ if (LIM_IS_STA_ROLE(session) && @@ -1942,7 +1950,6 @@ void lim_process_action_frame(tpAniSirGlobal mac_ctx, break; case SIR_MAC_ACTION_PUBLIC_USAGE: mac_hdr = WMA_GET_RX_MAC_HEADER(rx_pkt_info); - frame_len = WMA_GET_RX_PAYLOAD_LEN(rx_pkt_info); switch (action_hdr->actionID) { case SIR_MAC_ACTION_EXT_CHANNEL_SWITCH_ID: lim_process_ext_channel_switch_action_frame(mac_ctx, @@ -2031,10 +2038,8 @@ void lim_process_action_frame(tpAniSirGlobal mac_ctx, break; case SIR_MAC_ACTION_FST: { tpSirMacMgmtHdr hdr; - uint32_t frame_len; hdr = WMA_GET_RX_MAC_HEADER(rx_pkt_info); - frame_len = WMA_GET_RX_PAYLOAD_LEN(rx_pkt_info); pe_debug("Received FST MGMT action frame"); /* Forward to the SME to HDD */ @@ -2057,7 +2062,6 @@ void lim_process_action_frame(tpAniSirGlobal mac_ctx, case SIR_MAC_PDPA_GAS_COMEBACK_REQ: case SIR_MAC_PDPA_GAS_COMEBACK_RSP: mac_hdr = WMA_GET_RX_MAC_HEADER(rx_pkt_info); - frame_len = WMA_GET_RX_PAYLOAD_LEN(rx_pkt_info); rssi = WMA_GET_RX_RSSI_NORMALIZED(rx_pkt_info); lim_send_sme_mgmt_frame_ind(mac_ctx, mac_hdr->fc.subType, (uint8_t *) mac_hdr, @@ -2107,6 +2111,12 @@ void lim_process_action_frame_no_session(tpAniSirGlobal pMac, uint8_t *pBd) pe_debug("Received a Action frame -- no session"); + if (frame_len < sizeof(*action_hdr)) { + pe_debug("frame_len %d less than action frame header len", + frame_len); + return; + } + switch (action_hdr->category) { case SIR_MAC_ACTION_PUBLIC_USAGE: switch (action_hdr->actionID) { diff --git a/core/mac/src/pe/lim/lim_process_assoc_req_frame.c b/core/mac/src/pe/lim/lim_process_assoc_req_frame.c index 668196712b7f..eb1b8c7d1af9 100644 --- a/core/mac/src/pe/lim/lim_process_assoc_req_frame.c +++ b/core/mac/src/pe/lim/lim_process_assoc_req_frame.c @@ -1843,7 +1843,8 @@ void lim_process_assoc_req_frame(tpAniSirGlobal mac_ctx, uint8_t *rx_pkt_info, LIM_ACCESS_POLICY_RESPOND_IF_IE_IS_PRESENT)) { if (!cfg_get_vendor_ie_ptr_from_oui(mac_ctx, &session->access_policy_vendor_ie[2], - 3, frm_body + LIM_ASSOC_REQ_IE_OFFSET, frame_len)) { + 3, frm_body + LIM_ASSOC_REQ_IE_OFFSET, + frame_len - LIM_ASSOC_REQ_IE_OFFSET)) { pe_err("Vendor ie not present and access policy is %x, Rejected association", session->access_policy); lim_send_assoc_rsp_mgmt_frame(mac_ctx, diff --git a/core/mac/src/pe/lim/lim_process_auth_frame.c b/core/mac/src/pe/lim/lim_process_auth_frame.c index 884656ef2b2a..8948bda446af 100644 --- a/core/mac/src/pe/lim/lim_process_auth_frame.c +++ b/core/mac/src/pe/lim/lim_process_auth_frame.c @@ -97,12 +97,12 @@ static void lim_process_auth_shared_system_algo(tpAniSirGlobal mac_ctx, tpSirMacMgmtHdr mac_hdr, tSirMacAuthFrameBody *rx_auth_frm_body, tSirMacAuthFrameBody *auth_frame, - uint8_t *challenge_txt_arr, tpPESession pe_session) { uint32_t val; - uint8_t cfg_privacy_opt_imp, *challenge; + uint8_t cfg_privacy_opt_imp; struct tLimPreAuthNode *auth_node; + uint8_t challenge_txt_arr[SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH] = {0}; pe_debug("=======> eSIR_SHARED_KEY"); if (LIM_IS_AP_ROLE(pe_session)) @@ -183,19 +183,39 @@ static void lim_process_auth_shared_system_algo(tpAniSirGlobal mac_ctx, lim_delete_pre_auth_node(mac_ctx, mac_hdr->sa); return; } - lim_activate_auth_rsp_timer(mac_ctx, auth_node); - auth_node->fTimerStarted = 1; + /* * get random bytes and use as challenge text. - * If it fails we already have random stack bytes. */ - if (!QDF_IS_STATUS_SUCCESS(cds_rand_get_bytes(0, - (uint8_t *) challenge_txt_arr, - SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH))) + get_random_bytes(challenge_txt_arr, + SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH); + qdf_mem_zero(auth_node->challengeText, + SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH); + if (!qdf_mem_cmp(challenge_txt_arr, + auth_node->challengeText, + SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH)) { pe_err("Challenge text preparation failed"); - challenge = auth_node->challengeText; - qdf_mem_copy(challenge, (uint8_t *)challenge_txt_arr, - sizeof(challenge_txt_arr)); + lim_print_mac_addr(mac_ctx, mac_hdr->sa, LOGW); + auth_frame->authAlgoNumber = + rx_auth_frm_body->authAlgoNumber; + auth_frame->authTransactionSeqNumber = + rx_auth_frm_body->authTransactionSeqNumber + 1; + auth_frame->authStatusCode = eSIR_MAC_TRY_AGAIN_LATER; + lim_send_auth_mgmt_frame(mac_ctx, + auth_frame, + mac_hdr->sa, + LIM_NO_WEP_IN_FC, + pe_session); + lim_delete_pre_auth_node(mac_ctx, mac_hdr->sa); + return; + } + + lim_activate_auth_rsp_timer(mac_ctx, auth_node); + auth_node->fTimerStarted = 1; + + qdf_mem_copy(auth_node->challengeText, + challenge_txt_arr, + sizeof(challenge_txt_arr)); /* * Sending Authenticaton frame with challenge. */ @@ -303,7 +323,6 @@ static void lim_process_auth_frame_type1(tpAniSirGlobal mac_ctx, { tpDphHashNode sta_ds_ptr = NULL; struct tLimPreAuthNode *auth_node; - uint8_t challenge_txt_arr[SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH]; uint32_t maxnum_preauth; uint16_t associd = 0; @@ -489,8 +508,7 @@ static void lim_process_auth_frame_type1(tpAniSirGlobal mac_ctx, case eSIR_SHARED_KEY: lim_process_auth_shared_system_algo(mac_ctx, mac_hdr, - rx_auth_frm_body, auth_frame, - challenge_txt_arr, pe_session); + rx_auth_frm_body, auth_frame, pe_session); break; default: pe_err("rx Auth frm for unsupported auth algo %d " @@ -1158,6 +1176,10 @@ lim_process_auth_frame(tpAniSirGlobal mac_ctx, uint8_t *rx_pkt_info, body_ptr = WMA_GET_RX_MPDU_DATA(rx_pkt_info); + if (frame_len < 2) { + pe_err("invalid frame len: %d", frame_len); + return; + } auth_alg = *(uint16_t *) body_ptr; pe_debug("auth_alg %d ", auth_alg); @@ -1206,6 +1228,11 @@ lim_process_auth_frame(tpAniSirGlobal mac_ctx, uint8_t *rx_pkt_info, mac_hdr->sa, pe_session, false); goto free; } + + if (frame_len < 4) { + pe_err("invalid frame len: %d", frame_len); + goto free; + } /* Extract key ID from IV (most 2 bits of 4th byte of IV) */ key_id = (*(body_ptr + 3)) >> 6; diff --git a/core/mac/src/pe/lim/lim_process_deauth_frame.c b/core/mac/src/pe/lim/lim_process_deauth_frame.c index ac38ecb88e00..1dac3953a249 100644 --- a/core/mac/src/pe/lim/lim_process_deauth_frame.c +++ b/core/mac/src/pe/lim/lim_process_deauth_frame.c @@ -75,6 +75,11 @@ lim_process_deauth_frame(tpAniSirGlobal pMac, uint8_t *pRxPacketInfo, pBody = WMA_GET_RX_MPDU_DATA(pRxPacketInfo); frame_rssi = (int32_t)WMA_GET_RX_RSSI_NORMALIZED(pRxPacketInfo); + frameLen = WMA_GET_RX_PAYLOAD_LEN(pRxPacketInfo); + if (frameLen < sizeof(reasonCode)) { + pe_err("Deauth Frame length invalid %d", frameLen); + return ; + } if (LIM_IS_STA_ROLE(psessionEntry) && ((eLIM_SME_WT_DISASSOC_STATE == psessionEntry->limSmeState) || @@ -126,7 +131,6 @@ lim_process_deauth_frame(tpAniSirGlobal pMac, uint8_t *pRxPacketInfo, /* If the frame received is unprotected, forward it to the supplicant to initiate */ /* an SA query */ - frameLen = WMA_GET_RX_PAYLOAD_LEN(pRxPacketInfo); /* send the unprotected frame indication to SME */ lim_send_sme_unprotected_mgmt_frame_ind(pMac, pHdr->fc.subType, diff --git a/core/mac/src/pe/lim/lim_process_disassoc_frame.c b/core/mac/src/pe/lim/lim_process_disassoc_frame.c index 8a5901174362..2819fa18bdda 100644 --- a/core/mac/src/pe/lim/lim_process_disassoc_frame.c +++ b/core/mac/src/pe/lim/lim_process_disassoc_frame.c @@ -68,13 +68,12 @@ lim_process_disassoc_frame(tpAniSirGlobal pMac, uint8_t *pRxPacketInfo, uint16_t aid, reasonCode; tpSirMacMgmtHdr pHdr; tpDphHashNode pStaDs; -#ifdef WLAN_FEATURE_11W - uint32_t frameLen; -#endif + uint32_t frame_len; int32_t frame_rssi; pHdr = WMA_GET_RX_MAC_HEADER(pRxPacketInfo); pBody = WMA_GET_RX_MPDU_DATA(pRxPacketInfo); + frame_len = WMA_GET_RX_PAYLOAD_LEN(pRxPacketInfo); frame_rssi = (int32_t)WMA_GET_RX_RSSI_NORMALIZED(pRxPacketInfo); @@ -128,11 +127,10 @@ lim_process_disassoc_frame(tpAniSirGlobal pMac, uint8_t *pRxPacketInfo, /* If the frame received is unprotected, forward it to the supplicant to initiate */ /* an SA query */ - frameLen = WMA_GET_RX_PAYLOAD_LEN(pRxPacketInfo); /* send the unprotected frame indication to SME */ lim_send_sme_unprotected_mgmt_frame_ind(pMac, pHdr->fc.subType, (uint8_t *) pHdr, - (frameLen + + (frame_len + sizeof(tSirMacMgmtHdr)), psessionEntry->smeSessionId, psessionEntry); @@ -140,6 +138,11 @@ lim_process_disassoc_frame(tpAniSirGlobal pMac, uint8_t *pRxPacketInfo, } #endif + if (frame_len < 2) { + pe_err("frame len less than 2"); + return; + } + /* Get reasonCode from Disassociation frame body */ reasonCode = sir_read_u16(pBody); diff --git a/core/mac/src/pe/lim/lim_process_fils.c b/core/mac/src/pe/lim/lim_process_fils.c index 0056b5ab2876..4877816d63c0 100644 --- a/core/mac/src/pe/lim/lim_process_fils.c +++ b/core/mac/src/pe/lim/lim_process_fils.c @@ -349,6 +349,13 @@ static uint32_t lim_process_fils_eap_tlv(tpPESession pe_session, pe_debug("tlv type %x len %u total %u", tlv->type, tlv->length, data_len); + + if (tlv->length > (data_len - 2)) { + pe_err("tlv len %d greater data_len %d", + tlv->length, data_len); + return 0; + } + switch (tlv->type) { case SIR_FILS_EAP_TLV_KEYNAME_NAI: auth_info->keyname = qdf_mem_malloc(tlv->length); diff --git a/core/mac/src/pe/lim/lim_process_message_queue.c b/core/mac/src/pe/lim/lim_process_message_queue.c index 3d956c86fee0..789906a30ba8 100644 --- a/core/mac/src/pe/lim/lim_process_message_queue.c +++ b/core/mac/src/pe/lim/lim_process_message_queue.c @@ -1349,16 +1349,18 @@ static void lim_process_messages(tpAniSirGlobal mac_ctx, tpSirMsgQ msg) tSirMbMsgP2p *p2p_msg = NULL; tSirSetActiveModeSetBncFilterReq *bcn_filter_req = NULL; - if (ANI_DRIVER_TYPE(mac_ctx) == QDF_DRIVER_TYPE_MFG) { - qdf_mem_free(msg->bodyptr); - msg->bodyptr = NULL; - return; - } if (msg == NULL) { pe_err("Message pointer is Null"); QDF_ASSERT(0); return; } + + if (ANI_DRIVER_TYPE(mac_ctx) == QDF_DRIVER_TYPE_MFG) { + qdf_mem_free(msg->bodyptr); + msg->bodyptr = NULL; + return; + } + #ifdef WLAN_DEBUG mac_ctx->lim.numTot++; #endif diff --git a/core/mac/src/pe/lim/lim_process_mlm_req_messages.c b/core/mac/src/pe/lim/lim_process_mlm_req_messages.c index 2ec5a8a8c658..b86b8f8e0d50 100644 --- a/core/mac/src/pe/lim/lim_process_mlm_req_messages.c +++ b/core/mac/src/pe/lim/lim_process_mlm_req_messages.c @@ -556,7 +556,7 @@ lim_mlm_add_bss(tpAniSirGlobal mac_ctx, addbss_param->rateSet.numRates = SIR_MAC_RATESET_EID_MAX; } qdf_mem_copy(addbss_param->rateSet.rate, mlm_start_req->rateSet.rate, - mlm_start_req->rateSet.numRates); + addbss_param->rateSet.numRates); addbss_param->nwType = mlm_start_req->nwType; addbss_param->htCapable = mlm_start_req->htCapable; diff --git a/core/mac/src/pe/lim/lim_process_sme_req_messages.c b/core/mac/src/pe/lim/lim_process_sme_req_messages.c index 2d25981f30be..0fad542d3825 100644 --- a/core/mac/src/pe/lim/lim_process_sme_req_messages.c +++ b/core/mac/src/pe/lim/lim_process_sme_req_messages.c @@ -1287,7 +1287,7 @@ static QDF_STATUS lim_send_hal_start_scan_offload_req(tpAniSirGlobal pMac, pScanOffloadReq->sessionId = pScanReq->sessionId; pScanOffloadReq->scan_id = pScanReq->scan_id; - pScanOffloadReq->scan_requestor_id = USER_SCAN_REQUESTOR_ID; + pScanOffloadReq->scan_requestor_id = pScanReq->scan_requestor_id; pScanOffloadReq->scan_adaptive_dwell_mode = pScanReq->scan_adaptive_dwell_mode; pScanOffloadReq->scan_ctrl_flags_ext = @@ -1531,7 +1531,6 @@ __lim_process_sme_join_req(tpAniSirGlobal mac_ctx, uint32_t *msg_buf) uint16_t ie_len; uint8_t *vendor_ie; tSirBssDescription *bss_desc; - struct vdev_type_nss *vdev_type_nss; if (!mac_ctx || !msg_buf) { QDF_TRACE(QDF_MODULE_ID_PE, QDF_TRACE_LEVEL_ERROR, @@ -1727,15 +1726,6 @@ __lim_process_sme_join_req(tpAniSirGlobal mac_ctx, uint32_t *msg_buf) sme_join_req->force_24ghz_in_ht20); /* Copy The channel Id to the session Table */ session->currentOperChannel = bss_desc->channelId; - if (IS_5G_CH(session->currentOperChannel)) - vdev_type_nss = &mac_ctx->vdev_type_nss_5g; - else - vdev_type_nss = &mac_ctx->vdev_type_nss_2g; - if (session->pePersona == QDF_P2P_CLIENT_MODE) - session->vdev_nss = vdev_type_nss->p2p_cli; - else - session->vdev_nss = vdev_type_nss->sta; - session->nss = session->vdev_nss; session->vhtCapability = IS_DOT11_MODE_VHT(session->dot11mode); if (session->vhtCapability) { @@ -1889,6 +1879,12 @@ __lim_process_sme_join_req(tpAniSirGlobal mac_ctx, uint32_t *msg_buf) session->supported_nss_1x1 = sme_join_req->supported_nss_1x1; session->vdev_nss = sme_join_req->vdev_nss; session->nss = sme_join_req->nss; + session->nss_forced_1x1 = sme_join_req->nss_forced_1x1; + + pe_debug("nss %d, vdev_nss %d, supported_nss_1x1 %d", + session->nss, + session->vdev_nss, + session->supported_nss_1x1); mlm_join_req->bssDescription.length = session->pLimJoinReq->bssDescription.length; @@ -2146,6 +2142,7 @@ static void __lim_process_sme_reassoc_req(tpAniSirGlobal mac_ctx, session_entry->supported_nss_1x1 = reassoc_req->supported_nss_1x1; session_entry->vdev_nss = reassoc_req->vdev_nss; session_entry->nss = reassoc_req->nss; + session_entry->nss_forced_1x1 = reassoc_req->nss_forced_1x1; pe_debug("vhtCapability: %d su_beam_formee: %d su_tx_bformer %d", session_entry->vhtCapability, @@ -2602,7 +2599,7 @@ static void __lim_process_sme_disassoc_cnf(tpAniSirGlobal pMac, uint32_t *pMsgBu if (psessionEntry == NULL) { pe_err("session does not exist for given bssId"); status = lim_prepare_disconnect_done_ind(pMac, &msg, - CSR_SESSION_ID_INVALID, + smeDisassocCnf.sme_session_id, eSIR_SME_INVALID_SESSION, NULL); if (QDF_IS_STATUS_SUCCESS(status)) @@ -2614,7 +2611,8 @@ static void __lim_process_sme_disassoc_cnf(tpAniSirGlobal pMac, uint32_t *pMsgBu if (!lim_is_sme_disassoc_cnf_valid(pMac, &smeDisassocCnf, psessionEntry)) { pe_err("received invalid SME_DISASSOC_CNF message"); - status = lim_prepare_disconnect_done_ind(pMac, &msg, sessionId, + status = lim_prepare_disconnect_done_ind(pMac, &msg, + psessionEntry->smeSessionId, eSIR_SME_INVALID_PARAMETERS, &smeDisassocCnf.bssid.bytes[0]); if (QDF_IS_STATUS_SUCCESS(status)) @@ -2645,10 +2643,10 @@ static void __lim_process_sme_disassoc_cnf(tpAniSirGlobal pMac, uint32_t *pMsgBu lim_print_sme_state(pMac, LOGE, psessionEntry->limSmeState); status = lim_prepare_disconnect_done_ind(pMac, &msg, - sessionId, - eSIR_SME_INVALID_STATE, - &smeDisassocCnf.bssid. - bytes[0]); + psessionEntry->smeSessionId, + eSIR_SME_INVALID_STATE, + &smeDisassocCnf.bssid. + bytes[0]); if (QDF_IS_STATUS_SUCCESS(status)) lim_send_sme_disassoc_deauth_ntf(pMac, QDF_STATUS_SUCCESS, @@ -2665,7 +2663,8 @@ static void __lim_process_sme_disassoc_cnf(tpAniSirGlobal pMac, uint32_t *pMsgBu default: /* eLIM_UNKNOWN_ROLE */ pe_err("received unexpected SME_DISASSOC_CNF role %d", GET_LIM_SYSTEM_ROLE(psessionEntry)); - status = lim_prepare_disconnect_done_ind(pMac, &msg, sessionId, + status = lim_prepare_disconnect_done_ind(pMac, &msg, + psessionEntry->smeSessionId, eSIR_SME_INVALID_STATE, &smeDisassocCnf.bssid.bytes[0]); if (QDF_IS_STATUS_SUCCESS(status)) @@ -2686,7 +2685,7 @@ static void __lim_process_sme_disassoc_cnf(tpAniSirGlobal pMac, uint32_t *pMsgBu MAC_ADDRESS_STR, MAC_ADDR_ARRAY(smeDisassocCnf.peer_macaddr.bytes)); status = lim_prepare_disconnect_done_ind(pMac, &msg, - sessionId, + psessionEntry->smeSessionId, eSIR_SME_INVALID_PARAMETERS, &smeDisassocCnf.bssid.bytes[0]); if (QDF_IS_STATUS_SUCCESS(status)) @@ -2704,9 +2703,9 @@ static void __lim_process_sme_disassoc_cnf(tpAniSirGlobal pMac, uint32_t *pMsgBu MAC_ADDR_ARRAY(smeDisassocCnf.peer_macaddr.bytes), pStaDs->mlmStaContext.mlmState); status = lim_prepare_disconnect_done_ind(pMac, &msg, - CSR_SESSION_ID_INVALID, - eSIR_SME_SUCCESS, - NULL); + psessionEntry->smeSessionId, + eSIR_SME_SUCCESS, + NULL); if (QDF_IS_STATUS_SUCCESS(status)) lim_send_sme_disassoc_deauth_ntf(pMac, QDF_STATUS_SUCCESS, @@ -4874,9 +4873,9 @@ static void lim_set_pdev_ht_ie(tpAniSirGlobal mac_ctx, uint8_t pdev_id, ie_params->ie_len); if (NSS_1x1_MODE == i) { - p_ie = lim_get_ie_ptr_new(mac_ctx, ie_params->ie_ptr, - ie_params->ie_len, - DOT11F_EID_HTCAPS, ONE_BYTE); + p_ie = wlan_cfg_get_ie_ptr(ie_params->ie_ptr, + ie_params->ie_len, + DOT11F_EID_HTCAPS, ONE_BYTE); if (NULL == p_ie) { qdf_mem_free(ie_params->ie_ptr); qdf_mem_free(ie_params); @@ -4948,9 +4947,10 @@ static void lim_set_pdev_vht_ie(tpAniSirGlobal mac_ctx, uint8_t pdev_id, ie_params->ie_len); if (NSS_1x1_MODE == i) { - p_ie = lim_get_ie_ptr_new(mac_ctx, ie_params->ie_ptr, - ie_params->ie_len, - DOT11F_EID_VHTCAPS, ONE_BYTE); + p_ie = wlan_cfg_get_ie_ptr(ie_params->ie_ptr, + ie_params->ie_len, + DOT11F_EID_VHTCAPS, + ONE_BYTE); if (NULL == p_ie) { qdf_mem_free(ie_params->ie_ptr); qdf_mem_free(ie_params); diff --git a/core/mac/src/pe/lim/lim_process_tdls.c b/core/mac/src/pe/lim/lim_process_tdls.c index 9d7b2897e39f..686646ad51c6 100644 --- a/core/mac/src/pe/lim/lim_process_tdls.c +++ b/core/mac/src/pe/lim/lim_process_tdls.c @@ -3044,8 +3044,8 @@ tSirRetStatus lim_process_sme_tdls_del_sta_req(tpAniSirGlobal pMac, goto lim_tdls_del_sta_error; } - lim_tdls_del_sta(pMac, pDelStaReq->peermac, psessionEntry, true); - return eSIR_SUCCESS; + if (lim_tdls_del_sta(pMac, pDelStaReq->peermac, psessionEntry, true)) + return eSIR_SUCCESS; lim_tdls_del_sta_error: lim_send_sme_tdls_del_sta_rsp(pMac, psessionEntry->smeSessionId, diff --git a/core/mac/src/pe/lim/lim_send_management_frames.c b/core/mac/src/pe/lim/lim_send_management_frames.c index 55b87bfeed44..abfaeb83ee09 100644 --- a/core/mac/src/pe/lim/lim_send_management_frames.c +++ b/core/mac/src/pe/lim/lim_send_management_frames.c @@ -1893,8 +1893,7 @@ lim_send_assoc_req_mgmt_frame(tpAniSirGlobal mac_ctx, if (pe_session->beacon && pe_session->bcnLen > ie_offset) { bcn_ie = pe_session->beacon + ie_offset; bcn_ie_len = pe_session->bcnLen - ie_offset; - p_ext_cap = lim_get_ie_ptr_new(mac_ctx, - bcn_ie, + p_ext_cap = wlan_cfg_get_ie_ptr(bcn_ie, bcn_ie_len, DOT11F_EID_EXTCAP, ONE_BYTE); @@ -4136,34 +4135,15 @@ returnAfterError: return statusCode; } /* End lim_send_link_report_action_frame. */ -/** - * \brief Send a Beacon Report Action frame - * - * - * \param pMac Pointer to the global MAC structure - * - * \param dialog_token dialog token to be used in the action frame. - * - * \param num_report number of reports in pRRMReport. - * - * \param pRRMReport Address of a tSirMacRadioMeasureReport. - * - * \param peer mac address of peer station. - * - * \param psessionEntry address of session entry. - * - * \return eSIR_SUCCESS on success, eSIR_FAILURE else - * - * - */ - tSirRetStatus lim_send_radio_measure_report_action_frame(tpAniSirGlobal pMac, - uint8_t dialog_token, - uint8_t num_report, - tpSirMacRadioMeasureReport pRRMReport, - tSirMacAddr peer, - tpPESession psessionEntry) + uint8_t dialog_token, + uint8_t num_report, + struct rrm_beacon_report_last_beacon_params + *last_beacon_report_params, + tpSirMacRadioMeasureReport pRRMReport, + tSirMacAddr peer, + tpPESession psessionEntry) { tSirRetStatus statusCode = eSIR_SUCCESS; uint8_t *pFrame; @@ -4209,9 +4189,10 @@ lim_send_radio_measure_report_action_frame(tpAniSirGlobal pMac, switch (pRRMReport[i].type) { case SIR_MAC_RRM_BEACON_TYPE: populate_dot11f_beacon_report(pMac, - &frm->MeasurementReport[i], - &pRRMReport[i].report. - beaconReport); + &frm->MeasurementReport[i], + &pRRMReport[i].report. + beaconReport, + last_beacon_report_params); frm->MeasurementReport[i].incapable = pRRMReport[i].incapable; frm->MeasurementReport[i].refused = diff --git a/core/mac/src/pe/lim/lim_send_sme_rsp_messages.c b/core/mac/src/pe/lim/lim_send_sme_rsp_messages.c index 2a7e43151dec..8a0257fb405a 100644 --- a/core/mac/src/pe/lim/lim_send_sme_rsp_messages.c +++ b/core/mac/src/pe/lim/lim_send_sme_rsp_messages.c @@ -1360,8 +1360,8 @@ QDF_STATUS lim_prepare_disconnect_done_ind(tpAniSirGlobal mac_ctx, sir_sme_dis_ind->length = sizeof(*sir_sme_dis_ind); sir_sme_dis_ind->session_id = session_id; if (peer_mac_addr) - qdf_mem_copy(&sir_sme_dis_ind->peer_mac, - &peer_mac_addr, ETH_ALEN); + qdf_mem_copy(sir_sme_dis_ind->peer_mac, + peer_mac_addr, ETH_ALEN); /* * Instead of sending deauth reason code as 505 which is @@ -2205,6 +2205,12 @@ void lim_handle_csa_offload_msg(tpAniSirGlobal mac_ctx, tpSirMsgQ msg) return; } + csa_offload_ind = qdf_mem_malloc(sizeof(tSmeCsaOffloadInd)); + if (NULL == csa_offload_ind) { + pe_err("memalloc fail eWNI_SME_CSA_OFFLOAD_EVENT"); + goto err; + } + session_entry = pe_find_session_by_bssid(mac_ctx, csa_params->bssId, &session_id); @@ -2403,12 +2409,15 @@ void lim_handle_csa_offload_msg(tpAniSirGlobal mac_ctx, tpSirMsgQ msg) goto err; } + if (CDS_IS_CHANNEL_24GHZ(csa_params->channel) && + (session_entry->dot11mode == WNI_CFG_DOT11_MODE_11A)) + session_entry->dot11mode = WNI_CFG_DOT11_MODE_11G; + else if (CDS_IS_CHANNEL_5GHZ(csa_params->channel) && + ((session_entry->dot11mode == WNI_CFG_DOT11_MODE_11G) || + (session_entry->dot11mode == WNI_CFG_DOT11_MODE_11G_ONLY))) + session_entry->dot11mode = WNI_CFG_DOT11_MODE_11A; + lim_prepare_for11h_channel_switch(mac_ctx, session_entry); - csa_offload_ind = qdf_mem_malloc(sizeof(tSmeCsaOffloadInd)); - if (NULL == csa_offload_ind) { - pe_err("memalloc fail eWNI_SME_CSA_OFFLOAD_EVENT"); - goto err; - } csa_offload_ind->mesgType = eWNI_SME_CSA_OFFLOAD_EVENT; csa_offload_ind->mesgLen = sizeof(tSmeCsaOffloadInd); diff --git a/core/mac/src/pe/lim/lim_types.h b/core/mac/src/pe/lim/lim_types.h index 27e8f6d7ef80..df1316cf3fde 100644 --- a/core/mac/src/pe/lim/lim_types.h +++ b/core/mac/src/pe/lim/lim_types.h @@ -578,11 +578,28 @@ tSirRetStatus lim_send_neighbor_report_request_frame(tpAniSirGlobal, tSirMacAddr, tpPESession); tSirRetStatus lim_send_link_report_action_frame(tpAniSirGlobal, tpSirMacLinkReport, tSirMacAddr, tpPESession); -tSirRetStatus lim_send_radio_measure_report_action_frame(tpAniSirGlobal, uint8_t, - uint8_t, - tpSirMacRadioMeasureReport, - tSirMacAddr, tpPESession); +/** + * lim_send_radio_measure_report_action_frame - Send RRM report action frame + * @pMac: pointer to global MAC context + * @dialog_token: Dialog token to be used in the action frame + * @num_report: number of reports in pRRMReport + * @last_beacon_report_params: Last Beacon Report indication params + * @pRRMReport: Pointer to the RRM report structure + * @peer: MAC address of the peer + * @psessionEntry: Pointer to the PE session entry + * + * Return: Ret Status + */ +tSirRetStatus +lim_send_radio_measure_report_action_frame(tpAniSirGlobal pMac, + uint8_t dialog_token, + uint8_t num_report, + struct rrm_beacon_report_last_beacon_params + *last_beacon_report_params, + tpSirMacRadioMeasureReport pRRMReport, + tSirMacAddr peer, + tpPESession psessionEntry); #ifdef FEATURE_WLAN_TDLS void lim_init_tdls_data(tpAniSirGlobal, tpPESession); diff --git a/core/mac/src/pe/lim/lim_utils.c b/core/mac/src/pe/lim/lim_utils.c index fe29a7608056..19f883b4f9a6 100644 --- a/core/mac/src/pe/lim/lim_utils.c +++ b/core/mac/src/pe/lim/lim_utils.c @@ -5678,38 +5678,6 @@ void lim_diag_event_report(tpAniSirGlobal pMac, uint16_t eventType, #endif /* FEATURE_WLAN_DIAG_SUPPORT */ -uint8_t *lim_get_ie_ptr_new(tpAniSirGlobal pMac, uint8_t *pIes, int length, - uint8_t eid, eSizeOfLenField size_of_len_field) -{ - int left = length; - uint8_t *ptr = pIes; - uint8_t elem_id; - uint16_t elem_len; - - while (left >= (size_of_len_field + 1)) { - elem_id = ptr[0]; - if (size_of_len_field == TWO_BYTE) { - elem_len = ((uint16_t) ptr[1]) | (ptr[2] << 8); - } else { - elem_len = ptr[1]; - } - - left -= (size_of_len_field + 1); - if (elem_len > left) { - pe_err("Invalid IEs eid: %d elem_len: %d left: %d", - eid, elem_len, left); - return NULL; - } - if (elem_id == eid) { - return ptr; - } - - left -= elem_len; - ptr += (elem_len + (size_of_len_field + 1)); - } - return NULL; -} - /* Returns length of P2P stream and Pointer ie passed to this function is filled with noa stream */ uint8_t lim_build_p2p_ie(tpAniSirGlobal pMac, uint8_t *ie, uint8_t *data, @@ -6097,8 +6065,8 @@ void lim_set_ht_caps(tpAniSirGlobal p_mac, tpPESession p_session_entry, tDot11fIEHTCaps dot11_ht_cap = {0,}; populate_dot11f_ht_caps(p_mac, p_session_entry, &dot11_ht_cap); - p_ie = lim_get_ie_ptr_new(p_mac, p_ie_start, num_bytes, - DOT11F_EID_HTCAPS, ONE_BYTE); + p_ie = wlan_cfg_get_ie_ptr(p_ie_start, num_bytes, + DOT11F_EID_HTCAPS, ONE_BYTE); pe_debug("p_ie: %pK dot11_ht_cap.supportedMCSSet[0]: 0x%x", p_ie, dot11_ht_cap.supportedMCSSet[0]); if (p_ie) { @@ -6172,8 +6140,8 @@ void lim_set_vht_caps(tpAniSirGlobal p_mac, tpPESession p_session_entry, tDot11fIEVHTCaps dot11_vht_cap; populate_dot11f_vht_caps(p_mac, p_session_entry, &dot11_vht_cap); - p_ie = lim_get_ie_ptr_new(p_mac, p_ie_start, num_bytes, - DOT11F_EID_VHTCAPS, ONE_BYTE); + p_ie = wlan_cfg_get_ie_ptr(p_ie_start, num_bytes, + DOT11F_EID_VHTCAPS, ONE_BYTE); if (p_ie) { tSirMacVHTCapabilityInfo *vht_cap = @@ -6573,7 +6541,7 @@ QDF_STATUS lim_send_ext_cap_ie(tpAniSirGlobal mac_ctx, */ tSirRetStatus lim_strip_ie(tpAniSirGlobal mac_ctx, uint8_t *addn_ie, uint16_t *addn_ielen, - uint8_t eid, eSizeOfLenField size_of_len_field, + uint8_t eid, enum size_of_len_field size_of_len_field, uint8_t *oui, uint8_t oui_length, uint8_t *extracted_ie, uint32_t eid_max_len) { diff --git a/core/mac/src/pe/lim/lim_utils.h b/core/mac/src/pe/lim/lim_utils.h index 46b2ea676d45..f92382176e4d 100644 --- a/core/mac/src/pe/lim/lim_utils.h +++ b/core/mac/src/pe/lim/lim_utils.h @@ -36,10 +36,6 @@ #include "lim_scan_result_utils.h" #include "lim_timer_utils.h" #include "lim_trace.h" -typedef enum { - ONE_BYTE = 1, - TWO_BYTE = 2 -} eSizeOfLenField; #define LIM_STA_ID_MASK 0x00FF #define LIM_AID_MASK 0xC000 @@ -456,9 +452,6 @@ tpPESession lim_is_ibss_session_active(tpAniSirGlobal pMac); tpPESession lim_is_ap_session_active(tpAniSirGlobal pMac); void lim_handle_heart_beat_failure_timeout(tpAniSirGlobal pMac); -uint8_t *lim_get_ie_ptr_new(tpAniSirGlobal pMac, uint8_t *pIes, int length, - uint8_t eid, eSizeOfLenField size_of_len_field); - #define limGetWscIEPtr(pMac, ie, ie_len) \ cfg_get_vendor_ie_ptr_from_oui(pMac, SIR_MAC_WSC_OUI, \ SIR_MAC_WSC_OUI_SIZE, ie, ie_len) @@ -753,7 +746,7 @@ void lim_send_set_dtim_period(tpAniSirGlobal mac_ctx, uint8_t dtim_period, tSirRetStatus lim_strip_ie(tpAniSirGlobal mac_ctx, uint8_t *addn_ie, uint16_t *addn_ielen, - uint8_t eid, eSizeOfLenField size_of_len_field, + uint8_t eid, enum size_of_len_field size_of_len_field, uint8_t *oui, uint8_t out_len, uint8_t *extracted_ie, uint32_t eid_max_len); bool lim_get_rx_ldpc(tpAniSirGlobal mac_ctx, enum channel_enum ch, diff --git a/core/mac/src/pe/rrm/rrm_api.c b/core/mac/src/pe/rrm/rrm_api.c index f06bd2910582..03fd19734256 100644 --- a/core/mac/src/pe/rrm/rrm_api.c +++ b/core/mac/src/pe/rrm/rrm_api.c @@ -560,6 +560,19 @@ rrm_process_beacon_report_req(tpAniSirGlobal pMac, present ? pBeaconReq->measurement_request.Beacon.BcnReportingDetail. reportingDetail : BEACON_REPORTING_DETAIL_ALL_FF_IE; + if (pBeaconReq->measurement_request.Beacon. + last_beacon_report_indication.present) { + pCurrentReq->request.Beacon.last_beacon_report_indication = + pBeaconReq->measurement_request.Beacon. + last_beacon_report_indication.last_fragment; + pe_debug("Last Beacon Report in request = %d", + pCurrentReq->request.Beacon. + last_beacon_report_indication); + } else { + pCurrentReq->request.Beacon.last_beacon_report_indication = 0; + pe_debug("Last Beacon report not present in request"); + } + if (pBeaconReq->measurement_request.Beacon.RequestedInfo.present) { pCurrentReq->request.Beacon.reqIes.pElementIds = qdf_mem_malloc(sizeof(uint8_t) * @@ -758,6 +771,7 @@ rrm_process_beacon_report_xmit(tpAniSirGlobal mac_ctx, tpSirBssDescription bss_desc; tpRRMReq curr_req = mac_ctx->rrm.rrmPEContext.pCurrentReq; tpPESession session_entry; + struct rrm_beacon_report_last_beacon_params last_beacon_report_params; uint8_t session_id, counter; uint8_t bss_desc_count = 0; uint8_t report_index = 0; @@ -874,22 +888,41 @@ rrm_process_beacon_report_xmit(tpAniSirGlobal mac_ctx, break; } } + + qdf_mem_zero(&last_beacon_report_params, + sizeof(last_beacon_report_params)); /* * Each frame can hold RADIO_REPORTS_MAX_IN_A_FRAME reports. * Multiple frames may be sent if bss_desc_count is larger. + * Count the total number of frames to be sent first */ + + last_beacon_report_params.last_beacon_ind = + curr_req->request.Beacon.last_beacon_report_indication; + last_beacon_report_params.num_frags = + (bss_desc_count / RADIO_REPORTS_MAX_IN_A_FRAME); + if (bss_desc_count % RADIO_REPORTS_MAX_IN_A_FRAME) + last_beacon_report_params.num_frags++; + + pe_debug("last_beacon_report_ind required %d num_frags %d bss_count %d", + last_beacon_report_params.last_beacon_ind, + last_beacon_report_params.num_frags, + bss_desc_count); + while (report_index < bss_desc_count) { int m_count; m_count = QDF_MIN((bss_desc_count - report_index), RADIO_REPORTS_MAX_IN_A_FRAME); - pe_debug("Sending Action frame with %d bss info", - m_count); + pe_debug("Sending Action frame with %d bss info frag_id %d", + m_count, last_beacon_report_params.frag_id); lim_send_radio_measure_report_action_frame(mac_ctx, curr_req->dialog_token, m_count, + &last_beacon_report_params, &report[report_index], beacon_xmit_ind->bssId, session_entry); report_index += m_count; + last_beacon_report_params.frag_id++; } curr_req->sendEmptyBcnRpt = false; } @@ -941,8 +974,11 @@ static void rrm_process_beacon_request_failure(tpAniSirGlobal pMac, return; } - lim_send_radio_measure_report_action_frame(pMac, pCurrentReq->dialog_token, 1, - pReport, peer, pSessionEntry); + lim_send_radio_measure_report_action_frame(pMac, + pCurrentReq->dialog_token, + 1, NULL, + pReport, peer, + pSessionEntry); qdf_mem_free(pReport); return; @@ -1095,8 +1131,8 @@ rrm_process_radio_measurement_request(tpAniSirGlobal mac_ctx, report->incapable = 1; num_report = 1; lim_send_radio_measure_report_action_frame(mac_ctx, - rrm_req->DialogToken.token, num_report, report, peer, - session_entry); + rrm_req->DialogToken.token, num_report, NULL, + report, peer, session_entry); qdf_mem_free(report); return eSIR_FAILURE; } @@ -1148,8 +1184,8 @@ rrm_process_radio_measurement_request(tpAniSirGlobal mac_ctx, end: if (report) { lim_send_radio_measure_report_action_frame(mac_ctx, - rrm_req->DialogToken.token, num_report, report, - peer, session_entry); + rrm_req->DialogToken.token, num_report, NULL, + report, peer, session_entry); qdf_mem_free(report); } return status; diff --git a/core/mac/src/pe/sch/sch_api.c b/core/mac/src/pe/sch/sch_api.c index 8790226a02ee..87f40199552d 100644 --- a/core/mac/src/pe/sch/sch_api.c +++ b/core/mac/src/pe/sch/sch_api.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -214,6 +214,15 @@ tSirRetStatus sch_send_beacon_req(tpAniSirGlobal pMac, uint8_t *beaconPayload, beaconParams->timIeOffset = 0; } else { beaconParams->timIeOffset = psessionEntry->schBeaconOffsetBegin; + if (psessionEntry->dfsIncludeChanSwIe) { + beaconParams->csa_count_offset = + pMac->sch.schObject.csa_count_offset; + beaconParams->ecsa_count_offset = + pMac->sch.schObject.ecsa_count_offset; + pe_debug("csa_count_offset %d ecsa_count_offset %d", + beaconParams->csa_count_offset, + beaconParams->ecsa_count_offset); + } } /* p2pIeOffset should be atleast greater than timIeOffset */ diff --git a/core/mac/src/pe/sch/sch_beacon_gen.c b/core/mac/src/pe/sch/sch_beacon_gen.c index 2d9f20ba7a06..dbdabeb606ee 100644 --- a/core/mac/src/pe/sch/sch_beacon_gen.c +++ b/core/mac/src/pe/sch/sch_beacon_gen.c @@ -42,6 +42,9 @@ #include "parser_api.h" +/* Offset of Channel Switch count field in CSA/ECSA IE */ +#define SCH_CSA_SWITCH_COUNT_OFFSET 2; +#define SCH_ECSA_SWITCH_COUNT_OFFSET 3; const uint8_t p2p_oui[] = { 0x50, 0x6F, 0x9A, 0x9 }; @@ -152,6 +155,53 @@ sch_append_addn_ie(tpAniSirGlobal mac_ctx, tpPESession session, } /** + * sch_get_csa_ecsa_count_offset() - get the offset of Switch count field + * @ie: pointer to the beggining of IEs in the beacon frame buffer + * @ie_len: length of the IEs in the buffer + * @csa_count_offset: pointer to the csa_count_offset variable in the caller + * @ecsa_count_offset: pointer to the ecsa_count_offset variable in the caller + * + * Gets the offset of the switch count field in the CSA/ECSA IEs from the start + * of the IEs buffer. + * + * Return: None + */ +static void sch_get_csa_ecsa_count_offset(uint8_t *ie, uint32_t ie_len, + uint32_t *csa_count_offset, + uint32_t *ecsa_count_offset) +{ + uint8_t *ptr = ie; + uint8_t elem_id; + uint16_t elem_len; + uint32_t offset = 0; + + /* IE is not present */ + if (!ie_len) + return; + + while (ie_len >= 2) { + elem_id = ptr[0]; + elem_len = ptr[1]; + ie_len -= 2; + offset += 2; + + if (elem_id == DOT11F_EID_CHANSWITCHANN && + elem_len == 3) + *csa_count_offset = offset + + SCH_CSA_SWITCH_COUNT_OFFSET; + + if (elem_id == DOT11F_EID_EXT_CHAN_SWITCH_ANN && + elem_len == 4) + *ecsa_count_offset = offset + + SCH_ECSA_SWITCH_COUNT_OFFSET; + + ie_len -= elem_len; + offset += elem_len; + ptr += (elem_len + 2); + } +} + +/** * sch_set_fixed_beacon_fields() - sets the fixed params in beacon frame * @mac_ctx: mac global context * @session: pe session entry @@ -178,6 +228,8 @@ sch_set_fixed_beacon_fields(tpAniSirGlobal mac_ctx, tpPESession session) uint32_t extra_ie_len = 0; uint16_t extra_ie_offset = 0; uint16_t p2p_ie_offset = 0; + uint32_t csa_count_offset = 0; + uint32_t ecsa_count_offset = 0; tSirRetStatus status = eSIR_SUCCESS; bool is_vht_enabled = false; uint16_t addn_ielen = 0; @@ -525,6 +577,26 @@ sch_set_fixed_beacon_fields(tpAniSirGlobal mac_ctx, tpPESession session) n_status); } + /* Fill the CSA/ECSA count offsets if the IEs are present */ + if (session->dfsIncludeChanSwIe) + sch_get_csa_ecsa_count_offset(session->pSchBeaconFrameEnd, + n_bytes, + &csa_count_offset, + &ecsa_count_offset); + + if (csa_count_offset) + mac_ctx->sch.schObject.csa_count_offset = + session->schBeaconOffsetBegin + TIM_IE_SIZE + + csa_count_offset; + if (ecsa_count_offset) + mac_ctx->sch.schObject.ecsa_count_offset = + session->schBeaconOffsetBegin + TIM_IE_SIZE + + ecsa_count_offset; + + pe_debug("csa_count_offset %d ecsa_count_offset %d", + mac_ctx->sch.schObject.csa_count_offset, + mac_ctx->sch.schObject.ecsa_count_offset); + extra_ie = session->pSchBeaconFrameEnd + n_bytes; extra_ie_offset = n_bytes; diff --git a/core/mac/src/pe/sch/sch_beacon_process.c b/core/mac/src/pe/sch/sch_beacon_process.c index 58a6e6095bb2..e0ccf28dbbc2 100644 --- a/core/mac/src/pe/sch/sch_beacon_process.c +++ b/core/mac/src/pe/sch/sch_beacon_process.c @@ -483,6 +483,10 @@ static void update_nss(tpAniSirGlobal mac_ctx, tpDphHashNode sta_ds, tpSirMacMgmtHdr mgmt_hdr) { if (sta_ds->vhtSupportedRxNss != (beacon->OperatingMode.rxNSS + 1)) { + if (session_entry->nss_forced_1x1) { + pe_debug("Not Updating NSS for special AP"); + return; + } sta_ds->vhtSupportedRxNss = beacon->OperatingMode.rxNSS + 1; lim_set_nss_change(mac_ctx, session_entry, diff --git a/core/mac/src/sys/legacy/src/utils/src/dot11f.c b/core/mac/src/sys/legacy/src/utils/src/dot11f.c index 2f1f3549175d..ee772e76742d 100644 --- a/core/mac/src/sys/legacy/src/utils/src/dot11f.c +++ b/core/mac/src/sys/legacy/src/utils/src/dot11f.c @@ -24,7 +24,7 @@ * * * This file was automatically generated by 'framesc' - * Thu May 10 17:00:57 2018 from the following file(s): + * Tue Jun 5 17:04:23 2018 from the following file(s): * * dot11f.frms * @@ -815,8 +815,10 @@ uint32_t dot11f_unpack_tlv_authorized_ma_cs(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 6)) + if (unlikely(tlvlen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->mac, pBuf, 6); pBuf += 6; @@ -839,8 +841,10 @@ uint32_t dot11f_unpack_tlv_version2(tpAniSirGlobal pCtx, uint32_t status = DOT11F_PARSE_SUCCESS; uint8_t tmp5__; pDst->present = 1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp5__ = *pBuf; pBuf += 1; @@ -899,14 +903,18 @@ uint32_t dot11f_unpack_tlv_extended_listen_timing(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 2)) + if (unlikely(tlvlen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->availibilityPeriod, pBuf, 0); pBuf += 2; tlvlen -= (uint8_t)2; - if (unlikely(tlvlen < 2)) + if (unlikely(tlvlen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->availibilityInterval, pBuf, 0); pBuf += 2; @@ -925,20 +933,26 @@ uint32_t dot11f_unpack_tlv_listen_channel(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 3)) + if (unlikely(tlvlen < 3)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->countryString, pBuf, 3); pBuf += 3; tlvlen -= (uint8_t)3; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->regulatoryClass = *pBuf; pBuf += 1; tlvlen -= (uint8_t)1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->channel = *pBuf; pBuf += 1; @@ -1029,14 +1043,18 @@ uint32_t dot11f_unpack_tlv_notice_of_absence(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->index = *pBuf; pBuf += 1; tlvlen -= (uint8_t)1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->CTSWindowOppPS = *pBuf; pBuf += 1; @@ -1064,20 +1082,26 @@ uint32_t dot11f_unpack_tlv_operating_channel(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 3)) + if (unlikely(tlvlen < 3)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->countryString, pBuf, 3); pBuf += 3; tlvlen -= (uint8_t)3; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->regulatoryClass = *pBuf; pBuf += 1; tlvlen -= (uint8_t)1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->channel = *pBuf; pBuf += 1; @@ -1096,14 +1120,18 @@ uint32_t dot11f_unpack_tlv_p2_p_capability(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->deviceCapability = *pBuf; pBuf += 1; tlvlen -= (uint8_t)1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->groupCapability = *pBuf; pBuf += 1; @@ -1122,8 +1150,10 @@ uint32_t dot11f_unpack_tlv_p2_p_device_id(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 6)) + if (unlikely(tlvlen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->P2PDeviceAddress, pBuf, 6); pBuf += 6; @@ -1149,20 +1179,26 @@ uint32_t dot11f_unpack_tlv_p2_p_device_info(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 6)) + if (unlikely(tlvlen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->P2PDeviceAddress, pBuf, 6); pBuf += 6; tlvlen -= (uint8_t)6; - if (unlikely(tlvlen < 2)) + if (unlikely(tlvlen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->configMethod, pBuf, 0); pBuf += 2; tlvlen -= (uint8_t)2; - if (unlikely(tlvlen < 8)) + if (unlikely(tlvlen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->primaryDeviceType, pBuf, 8); pBuf += 8; @@ -1209,20 +1245,26 @@ uint32_t dot11f_unpack_tlv_primary_device_type(tpAniSirGlobal pCtx, uint32_t status = DOT11F_PARSE_SUCCESS; (void)pBuf; (void)tlvlen; /* Shutup the compiler */ pDst->present = 1; - if (unlikely(tlvlen < 2)) + if (unlikely(tlvlen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->primary_category, pBuf, 1); pBuf += 2; tlvlen -= (uint8_t)2; - if (unlikely(tlvlen < 4)) + if (unlikely(tlvlen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->oui, pBuf, 4); pBuf += 4; tlvlen -= (uint8_t)4; - if (unlikely(tlvlen < 2)) + if (unlikely(tlvlen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->sub_category, pBuf, 1); pBuf += 2; @@ -1244,20 +1286,26 @@ uint32_t dot11f_unpack_tlv_request_device_type(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 2)) + if (unlikely(tlvlen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->primary_category, pBuf, 1); pBuf += 2; tlvlen -= (uint8_t)2; - if (unlikely(tlvlen < 4)) + if (unlikely(tlvlen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->oui, pBuf, 4); pBuf += 4; tlvlen -= (uint8_t)4; - if (unlikely(tlvlen < 2)) + if (unlikely(tlvlen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->sub_category, pBuf, 1); pBuf += 2; @@ -1311,8 +1359,10 @@ uint32_t dot11f_unpack_tlv_uuid_e(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 16)) + if (unlikely(tlvlen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->uuid, pBuf, 16); pBuf += 16; @@ -1331,8 +1381,10 @@ uint32_t dot11f_unpack_tlv_uuid_r(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 16)) + if (unlikely(tlvlen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->uuid, pBuf, 16); pBuf += 16; @@ -1365,8 +1417,10 @@ uint32_t dot11f_unpack_tlv_vendor_extension(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 3)) + if (unlikely(tlvlen < 3)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->vendorId, pBuf, 3); pBuf += 3; @@ -1392,8 +1446,10 @@ uint32_t dot11f_unpack_tlv_version(tpAniSirGlobal pCtx, uint32_t status = DOT11F_PARSE_SUCCESS; uint8_t tmp6__; pDst->present = 1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp6__ = *pBuf; pBuf += 1; @@ -1432,8 +1488,10 @@ uint32_t dot11f_unpack_tlv_non_prefferd_chan_rep(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->oper_class = *pBuf; pBuf += 1; @@ -1462,8 +1520,10 @@ uint32_t dot11f_unpack_tlv_oce_cap(tpAniSirGlobal pCtx, uint32_t status = DOT11F_PARSE_SUCCESS; uint8_t tmp7__; pDst->present = 1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp7__ = *pBuf; pBuf += 1; @@ -1487,8 +1547,10 @@ uint32_t dot11f_unpack_tlv_reduced_wan_metrics(tpAniSirGlobal pCtx, uint32_t status = DOT11F_PARSE_SUCCESS; uint8_t tmp8__; pDst->present = 1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp8__ = *pBuf; pBuf += 1; @@ -1509,14 +1571,18 @@ uint32_t dot11f_unpack_tlv_rssi_assoc_rej(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->delta_rssi = *pBuf; pBuf += 1; tlvlen -= (uint8_t)1; - if (unlikely(tlvlen < 1)) + if (unlikely(tlvlen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->retry_delay = *pBuf; pBuf += 1; @@ -1541,8 +1607,10 @@ uint32_t dot11f_unpack_tlv_p2_p_interface(tpAniSirGlobal pCtx, { uint32_t status = DOT11F_PARSE_SUCCESS; pDst->present = 1; - if (unlikely(tlvlen < 6)) + if (unlikely(tlvlen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->P2PDeviceAddress, pBuf, 6); pBuf += 6; @@ -1569,22 +1637,28 @@ uint32_t dot11f_unpack_ie_gtk(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &tmp9__, pBuf, 0); pBuf += 2; ielen -= 2; pDst->keyId = tmp9__ >> 0 & 0x3; pDst->reserved = tmp9__ >> 2 & 0x3feb; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->keyLength = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->RSC, pBuf, 8); pBuf += 8; @@ -1614,26 +1688,34 @@ uint32_t dot11f_unpack_ie_igtk(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->keyID, pBuf, 2); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->IPN, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->keyLength = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 24)) + if (unlikely(ielen < 24)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->key, pBuf, 24); (void)pCtx; @@ -1679,8 +1761,10 @@ uint32_t dot11f_unpack_ie_r1_kh_id(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->PMK_R1_ID, pBuf, 6); (void)pCtx; @@ -1701,8 +1785,10 @@ uint32_t dot11f_unpack_ie_ap_channel_report(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->regulatoryClass = *pBuf; pBuf += 1; @@ -1732,8 +1818,10 @@ uint32_t dot11f_unpack_ie_bcn_reporting_detail(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->reportingDetail = *pBuf; (void)pCtx; @@ -1779,14 +1867,18 @@ uint32_t dot11f_unpack_ie_beacon_reporting(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->reportingCondition = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->threshold = *pBuf; (void)pCtx; @@ -1807,8 +1899,10 @@ uint32_t dot11f_unpack_ie_condensed_country_str(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->countryStr, pBuf, 2); (void)pCtx; @@ -1829,8 +1923,10 @@ uint32_t dot11f_unpack_ie_measurement_pilot(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurementPilot = *pBuf; pBuf += 1; @@ -1855,8 +1951,10 @@ uint32_t dot11f_unpack_ie_multi_bssid(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->maxBSSIDIndicator = *pBuf; pBuf += 1; @@ -1881,20 +1979,26 @@ uint32_t dot11f_unpack_ie_ric_data(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->Identifier = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->resourceDescCount = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->statusCode, pBuf, 0); (void)pCtx; @@ -1915,8 +2019,10 @@ uint32_t dot11f_unpack_ie_ric_descriptor(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->resourceType = *pBuf; pBuf += 1; @@ -1946,8 +2052,10 @@ uint32_t dot11f_unpack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp10__ = *pBuf; pBuf += 1; @@ -1960,8 +2068,10 @@ uint32_t dot11f_unpack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, pDst->BeaconActive = tmp10__ >> 5 & 0x1; pDst->BeaconTable = tmp10__ >> 6 & 0x1; pDst->BeaconRepCond = tmp10__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp11__ = *pBuf; pBuf += 1; @@ -1974,8 +2084,10 @@ uint32_t dot11f_unpack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, pDst->LCIAzimuth = tmp11__ >> 5 & 0x1; pDst->TCMCapability = tmp11__ >> 6 & 0x1; pDst->triggeredTCM = tmp11__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp12__ = *pBuf; pBuf += 1; @@ -1984,8 +2096,10 @@ uint32_t dot11f_unpack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, pDst->RRMMIBEnabled = tmp12__ >> 1 & 0x1; pDst->operatingChanMax = tmp12__ >> 2 & 0x7; pDst->nonOperatinChanMax = tmp12__ >> 5 & 0x7; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp13__ = *pBuf; pBuf += 1; @@ -1996,8 +2110,10 @@ uint32_t dot11f_unpack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, pDst->RCPIMeasurement = tmp13__ >> 5 & 0x1; pDst->RSNIMeasurement = tmp13__ >> 6 & 0x1; pDst->BssAvgAccessDelay = tmp13__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp14__ = *pBuf; pDst->BSSAvailAdmission = tmp14__ >> 0 & 0x1; @@ -2071,8 +2187,10 @@ uint32_t dot11f_unpack_ie_schedule(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &tmp15__, pBuf, 0); pBuf += 2; @@ -2081,26 +2199,34 @@ uint32_t dot11f_unpack_ie_schedule(tpAniSirGlobal pCtx, pDst->tsid = tmp15__ >> 1 & 0xf; pDst->direction = tmp15__ >> 5 & 0x3; pDst->reserved = tmp15__ >> 7 & 0x1ff; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->service_start_time, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->service_interval, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->max_service_dur, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->spec_interval, pBuf, 0); (void)pCtx; @@ -2121,124 +2247,162 @@ uint32_t dot11f_unpack_ie_tclas(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->user_priority = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->classifier_type = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->classifier_mask = *pBuf; pBuf += 1; ielen -= (uint8_t)1; switch (pDst->classifier_type) { case 0: - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.EthParams.source, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.EthParams.dest, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.EthParams.type, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; break; case 1: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->info.IpParams.version = *pBuf; pBuf += 1; ielen -= (uint8_t)1; switch (pDst->info.IpParams.version) { case 4: - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV4Params.source, pBuf, 4); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV4Params.dest, pBuf, 4); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.IpParams.params.IpV4Params.src_port, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.IpParams.params.IpV4Params.dest_port, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->info.IpParams.params.IpV4Params.DSCP = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->info.IpParams.params.IpV4Params.proto = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->info.IpParams.params.IpV4Params.reserved = *pBuf; pBuf += 1; ielen -= (uint8_t)1; break; case 6: - if (unlikely(ielen < 16)) + if (unlikely(ielen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV6Params.source, pBuf, 16); pBuf += 16; ielen -= (uint8_t)16; - if (unlikely(ielen < 16)) + if (unlikely(ielen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV6Params.dest, pBuf, 16); pBuf += 16; ielen -= (uint8_t)16; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.IpParams.params.IpV6Params.src_port, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.IpParams.params.IpV6Params.dest_port, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 3)) + if (unlikely(ielen < 3)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV6Params.flow_label, pBuf, 3); pBuf += 3; @@ -2247,8 +2411,10 @@ uint32_t dot11f_unpack_ie_tclas(tpAniSirGlobal pCtx, } break; case 2: - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.Params8021dq.tag_type, pBuf, 0); pBuf += 2; @@ -2276,8 +2442,10 @@ uint32_t dot11f_unpack_ie_ts_delay(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->delay, pBuf, 0); (void)pCtx; @@ -2298,14 +2466,18 @@ uint32_t dot11f_unpack_ie_tsf_info(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->TsfOffset, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->BeaconIntvl, pBuf, 0); (void)pCtx; @@ -2329,8 +2501,10 @@ uint32_t dot11f_unpack_ie_tspec(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &tmp16__, pBuf, 0); pBuf += 2; @@ -2343,102 +2517,134 @@ uint32_t dot11f_unpack_ie_tspec(tpAniSirGlobal pCtx, pDst->psb = tmp16__ >> 10 & 0x1; pDst->user_priority = tmp16__ >> 11 & 0x7; pDst->tsinfo_ack_pol = tmp16__ >> 14 & 0x3; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp17__ = *pBuf; pBuf += 1; ielen -= 1; pDst->schedule = tmp17__ >> 0 & 0x1; pDst->unused = tmp17__ >> 1 & 0x7f; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &tmp18__, pBuf, 0); pBuf += 2; ielen -= 2; pDst->size = tmp18__ >> 0 & 0x7fff; pDst->fixed = tmp18__ >> 15 & 0x1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->max_msdu_size, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->min_service_int, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->max_service_int, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->inactivity_int, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->suspension_int, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->service_start_time, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->min_data_rate, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->mean_data_rate, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->peak_data_rate, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->burst_size, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->delay_bound, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->min_phy_rate, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->surplus_bw_allowance, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->medium_time, pBuf, 0); (void)pCtx; @@ -2462,8 +2668,10 @@ uint32_t dot11f_unpack_ie_vht_caps(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &tmp19__, pBuf, 0); pBuf += 4; @@ -2488,28 +2696,36 @@ uint32_t dot11f_unpack_ie_vht_caps(tpAniSirGlobal pCtx, pDst->rxAntPattern = tmp19__ >> 28 & 0x1; pDst->txAntPattern = tmp19__ >> 29 & 0x1; pDst->reserved1 = tmp19__ >> 30 & 0x3; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->rxMCSMap, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &tmp20__, pBuf, 0); pBuf += 2; ielen -= 2; pDst->rxHighSupDataRate = tmp20__ >> 0 & 0x1fff; pDst->reserved2 = tmp20__ >> 13 & 0x7; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->txMCSMap, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &tmp21__, pBuf, 0); pDst->txSupDataRate = tmp21__ >> 0 & 0x1fff; @@ -2532,26 +2748,34 @@ uint32_t dot11f_unpack_ie_vht_operation(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->chanWidth = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->chanCenterFreqSeg1 = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->chanCenterFreqSeg2 = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->basicMCSSet, pBuf, 0); (void)pCtx; @@ -2573,8 +2797,10 @@ uint32_t dot11f_unpack_ie_wmm_schedule(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; pBuf += 1; @@ -2583,8 +2809,10 @@ uint32_t dot11f_unpack_ie_wmm_schedule(tpAniSirGlobal pCtx, pDst->present = 0; return status | DOT11F_BAD_FIXED_VALUE; } - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &tmp22__, pBuf, 0); pBuf += 2; @@ -2593,26 +2821,34 @@ uint32_t dot11f_unpack_ie_wmm_schedule(tpAniSirGlobal pCtx, pDst->tsid = tmp22__ >> 1 & 0xf; pDst->direction = tmp22__ >> 5 & 0x3; pDst->reserved = tmp22__ >> 7 & 0x1ff; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->service_start_time, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->service_interval, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->max_service_dur, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->spec_interval, pBuf, 0); (void)pCtx; @@ -2633,8 +2869,10 @@ uint32_t dot11f_unpack_ie_wmmtclas(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; pBuf += 1; @@ -2643,124 +2881,162 @@ uint32_t dot11f_unpack_ie_wmmtclas(tpAniSirGlobal pCtx, pDst->present = 0; return status | DOT11F_BAD_FIXED_VALUE; } - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->user_priority = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->classifier_type = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->classifier_mask = *pBuf; pBuf += 1; ielen -= (uint8_t)1; switch (pDst->classifier_type) { case 0: - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.EthParams.source, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.EthParams.dest, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.EthParams.type, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; break; case 1: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->info.IpParams.version = *pBuf; pBuf += 1; ielen -= (uint8_t)1; switch (pDst->info.IpParams.version) { case 4: - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV4Params.source, pBuf, 4); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV4Params.dest, pBuf, 4); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.IpParams.params.IpV4Params.src_port, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.IpParams.params.IpV4Params.dest_port, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->info.IpParams.params.IpV4Params.DSCP = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->info.IpParams.params.IpV4Params.proto = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->info.IpParams.params.IpV4Params.reserved = *pBuf; pBuf += 1; ielen -= (uint8_t)1; break; case 6: - if (unlikely(ielen < 16)) + if (unlikely(ielen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV6Params.source, pBuf, 16); pBuf += 16; ielen -= (uint8_t)16; - if (unlikely(ielen < 16)) + if (unlikely(ielen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV6Params.dest, pBuf, 16); pBuf += 16; ielen -= (uint8_t)16; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.IpParams.params.IpV6Params.src_port, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.IpParams.params.IpV6Params.dest_port, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 3)) + if (unlikely(ielen < 3)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->info.IpParams.params.IpV6Params.flow_label, pBuf, 3); pBuf += 3; @@ -2769,8 +3045,10 @@ uint32_t dot11f_unpack_ie_wmmtclas(tpAniSirGlobal pCtx, } break; case 2: - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->info.Params8021dq.tag_type, pBuf, 0); pBuf += 2; @@ -2795,8 +3073,10 @@ uint32_t dot11f_unpack_ie_wmmtclasproc(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; pBuf += 1; @@ -2805,8 +3085,10 @@ uint32_t dot11f_unpack_ie_wmmtclasproc(tpAniSirGlobal pCtx, pDst->present = 0; return status | DOT11F_BAD_FIXED_VALUE; } - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->processing = *pBuf; (void)pCtx; @@ -2827,8 +3109,10 @@ uint32_t dot11f_unpack_ie_wmmts_delay(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; pBuf += 1; @@ -2837,8 +3121,10 @@ uint32_t dot11f_unpack_ie_wmmts_delay(tpAniSirGlobal pCtx, pDst->present = 0; return status | DOT11F_BAD_FIXED_VALUE; } - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->delay, pBuf, 0); (void)pCtx; @@ -2862,8 +3148,10 @@ uint32_t dot11f_unpack_ie_wmmtspec(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; pBuf += 1; @@ -2872,8 +3160,10 @@ uint32_t dot11f_unpack_ie_wmmtspec(tpAniSirGlobal pCtx, pDst->present = 0; return status | DOT11F_BAD_FIXED_VALUE; } - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &tmp23__, pBuf, 0); pBuf += 2; @@ -2886,102 +3176,134 @@ uint32_t dot11f_unpack_ie_wmmtspec(tpAniSirGlobal pCtx, pDst->psb = tmp23__ >> 10 & 0x1; pDst->user_priority = tmp23__ >> 11 & 0x7; pDst->tsinfo_ack_pol = tmp23__ >> 14 & 0x3; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } tmp24__ = *pBuf; pBuf += 1; ielen -= 1; pDst->tsinfo_rsvd = tmp24__ >> 0 & 0x7f; pDst->burst_size_defn = tmp24__ >> 7 & 0x1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &tmp25__, pBuf, 0); pBuf += 2; ielen -= 2; pDst->size = tmp25__ >> 0 & 0x7fff; pDst->fixed = tmp25__ >> 15 & 0x1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->max_msdu_size, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->min_service_int, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->max_service_int, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->inactivity_int, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->suspension_int, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->service_start_time, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->min_data_rate, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->mean_data_rate, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->peak_data_rate, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->burst_size, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->delay_bound, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->min_phy_rate, pBuf, 0); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->surplus_bw_allowance, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->medium_time, pBuf, 0); (void)pCtx; @@ -3002,20 +3324,26 @@ uint32_t dot11f_unpack_ie_wider_bw_chan_switch_ann(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->newChanWidth = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->newCenterChanFreq0 = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->newCenterChanFreq1 = *pBuf; (void)pCtx; @@ -3036,8 +3364,10 @@ uint32_t dot11f_unpack_ie_azimuth_req(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->request = *pBuf; (void)pCtx; @@ -3047,6 +3377,58 @@ uint32_t dot11f_unpack_ie_azimuth_req(tpAniSirGlobal pCtx, #define SigIeazimuth_req (0x001f) +uint32_t dot11f_unpack_ie_beacon_report_frm_body_fragment_id(tpAniSirGlobal pCtx, + uint8_t *pBuf, + uint8_t ielen, + tDot11fIEbeacon_report_frm_body_fragment_id *pDst, + bool append_ie) +{ + uint32_t status = DOT11F_PARSE_SUCCESS; + uint16_t tmp26__; + (void) pBuf; (void)ielen; /* Shutup the compiler */ + if (pDst->present) + status = DOT11F_DUPLICATE_IE; + pDst->present = 1; + if (unlikely(ielen < 2)) { + pDst->present = 0; + return DOT11F_INCOMPLETE_IE; + } + + framesntohs(pCtx, &tmp26__, pBuf, 0); + pDst->beacon_report_id = tmp26__ >> 0 & 0xff; + pDst->fragment_id_number = tmp26__ >> 8 & 0x7f; + pDst->more_fragments = tmp26__ >> 15 & 0x1; + (void)pCtx; + return status; +} /* End dot11f_unpack_ie_beacon_report_frm_body_fragment_id. */ + +#define SigIebeacon_report_frm_body_fragment_id (0x0020) + + +uint32_t dot11f_unpack_ie_last_beacon_report_indication(tpAniSirGlobal pCtx, + uint8_t *pBuf, + uint8_t ielen, + tDot11fIElast_beacon_report_indication *pDst, + bool append_ie) +{ + uint32_t status = DOT11F_PARSE_SUCCESS; + (void) pBuf; (void)ielen; /* Shutup the compiler */ + if (pDst->present) + status = DOT11F_DUPLICATE_IE; + pDst->present = 1; + if (unlikely(ielen < 1)) { + pDst->present = 0; + return DOT11F_INCOMPLETE_IE; + } + + pDst->last_fragment = *pBuf; + (void)pCtx; + return status; +} /* End dot11f_unpack_ie_last_beacon_report_indication. */ + +#define SigIelast_beacon_report_indication (0x0021) + + uint32_t dot11f_unpack_ie_max_age(tpAniSirGlobal pCtx, uint8_t *pBuf, uint8_t ielen, @@ -3058,15 +3440,17 @@ uint32_t dot11f_unpack_ie_max_age(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->max_age, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_max_age. */ -#define SigIemax_age (0x0020) +#define SigIemax_age (0x0022) static const tFFDefn FFS_neighbor_rpt[] = { @@ -3103,61 +3487,75 @@ uint32_t dot11f_unpack_ie_neighbor_rpt(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp26__; uint8_t tmp27__; + uint8_t tmp28__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->bssid, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp26__ = *pBuf; + tmp27__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->APReachability = tmp26__ >> 0 & 0x3; - pDst->Security = tmp26__ >> 2 & 0x1; - pDst->KeyScope = tmp26__ >> 3 & 0x1; - pDst->SpecMgmtCap = tmp26__ >> 4 & 0x1; - pDst->QosCap = tmp26__ >> 5 & 0x1; - pDst->apsd = tmp26__ >> 6 & 0x1; - pDst->rrm = tmp26__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->APReachability = tmp27__ >> 0 & 0x3; + pDst->Security = tmp27__ >> 2 & 0x1; + pDst->KeyScope = tmp27__ >> 3 & 0x1; + pDst->SpecMgmtCap = tmp27__ >> 4 & 0x1; + pDst->QosCap = tmp27__ >> 5 & 0x1; + pDst->apsd = tmp27__ >> 6 & 0x1; + pDst->rrm = tmp27__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp27__ = *pBuf; + tmp28__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->DelayedBA = tmp27__ >> 0 & 0x1; - pDst->ImmBA = tmp27__ >> 1 & 0x1; - pDst->MobilityDomain = tmp27__ >> 2 & 0x1; - pDst->reserved = tmp27__ >> 3 & 0x1f; - if (unlikely(ielen < 2)) + pDst->DelayedBA = tmp28__ >> 0 & 0x1; + pDst->ImmBA = tmp28__ >> 1 & 0x1; + pDst->MobilityDomain = tmp28__ >> 2 & 0x1; + pDst->reserved = tmp28__ >> 3 & 0x1f; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->reserved1, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->regulatoryClass = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->channel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->PhyType = *pBuf; pBuf += 1; @@ -3174,7 +3572,7 @@ uint32_t dot11f_unpack_ie_neighbor_rpt(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_neighbor_rpt. */ -#define SigIeneighbor_rpt (0x0021) +#define SigIeneighbor_rpt (0x0023) uint32_t dot11f_unpack_ie_req_mac_addr(tpAniSirGlobal pCtx, @@ -3188,15 +3586,17 @@ uint32_t dot11f_unpack_ie_req_mac_addr(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->addr, pBuf, 6); (void)pCtx; return status; } /* End dot11f_unpack_ie_req_mac_addr. */ -#define SigIereq_mac_addr (0x0022) +#define SigIereq_mac_addr (0x0024) uint32_t dot11f_unpack_ie_tgt_mac_addr(tpAniSirGlobal pCtx, @@ -3210,15 +3610,17 @@ uint32_t dot11f_unpack_ie_tgt_mac_addr(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->addr, pBuf, 6); (void)pCtx; return status; } /* End dot11f_unpack_ie_tgt_mac_addr. */ -#define SigIetgt_mac_addr (0x0023) +#define SigIetgt_mac_addr (0x0025) uint32_t dot11f_unpack_ie_vht_transmit_power_env(tpAniSirGlobal pCtx, @@ -3243,7 +3645,7 @@ uint32_t dot11f_unpack_ie_vht_transmit_power_env(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_vht_transmit_power_env. */ -#define SigIevht_transmit_power_env (0x0024) +#define SigIevht_transmit_power_env (0x0026) uint32_t dot11f_unpack_ie_aid(tpAniSirGlobal pCtx, @@ -3257,15 +3659,17 @@ uint32_t dot11f_unpack_ie_aid(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->assocId, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_aid. */ -#define SigIeAID (0x0025) +#define SigIeAID (0x0027) uint32_t dot11f_unpack_ie_cf_params(tpAniSirGlobal pCtx, @@ -3279,33 +3683,41 @@ uint32_t dot11f_unpack_ie_cf_params(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->cfp_count = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->cfp_period = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->cfp_maxduration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->cfp_durremaining, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_cf_params. */ -#define SigIeCFParams (0x0026) +#define SigIeCFParams (0x0028) uint32_t dot11f_unpack_ie_challenge_text(tpAniSirGlobal pCtx, @@ -3330,7 +3742,7 @@ uint32_t dot11f_unpack_ie_challenge_text(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_challenge_text. */ -#define SigIeChallengeText (0x0027) +#define SigIeChallengeText (0x0029) uint32_t dot11f_unpack_ie_chan_switch_ann(tpAniSirGlobal pCtx, @@ -3344,27 +3756,33 @@ uint32_t dot11f_unpack_ie_chan_switch_ann(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->switchMode = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->newChannel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->switchCount = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_chan_switch_ann. */ -#define SigIeChanSwitchAnn (0x0028) +#define SigIeChanSwitchAnn (0x002a) static const tFFDefn FFS_ChannelSwitchWrapper[] = { @@ -3406,7 +3824,7 @@ uint32_t dot11f_unpack_ie_channel_switch_wrapper(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_channel_switch_wrapper. */ -#define SigIeChannelSwitchWrapper (0x0029) +#define SigIeChannelSwitchWrapper (0x002b) uint32_t dot11f_unpack_ie_country(tpAniSirGlobal pCtx, @@ -3420,8 +3838,10 @@ uint32_t dot11f_unpack_ie_country(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 3)) + if (unlikely(ielen < 3)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->country, pBuf, 3); pBuf += 3; @@ -3442,10 +3862,10 @@ uint32_t dot11f_unpack_ie_country(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_country. */ -#define SigIeCountry (0x002a) +#define SigIeCountry (0x002c) -#define SigIeDSParams (0x002b) +#define SigIeDSParams (0x002d) uint32_t dot11f_unpack_ie_edca_param_set(tpAniSirGlobal pCtx, @@ -3455,7 +3875,6 @@ uint32_t dot11f_unpack_ie_edca_param_set(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp28__; uint8_t tmp29__; uint8_t tmp30__; uint8_t tmp31__; @@ -3463,121 +3882,150 @@ uint32_t dot11f_unpack_ie_edca_param_set(tpAniSirGlobal pCtx, uint8_t tmp33__; uint8_t tmp34__; uint8_t tmp35__; + uint8_t tmp36__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->qos = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->reserved = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp28__ = *pBuf; + tmp29__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acbe_aifsn = tmp28__ >> 0 & 0xf; - pDst->acbe_acm = tmp28__ >> 4 & 0x1; - pDst->acbe_aci = tmp28__ >> 5 & 0x3; - pDst->unused1 = tmp28__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->acbe_aifsn = tmp29__ >> 0 & 0xf; + pDst->acbe_acm = tmp29__ >> 4 & 0x1; + pDst->acbe_aci = tmp29__ >> 5 & 0x3; + pDst->unused1 = tmp29__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp29__ = *pBuf; + tmp30__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acbe_acwmin = tmp29__ >> 0 & 0xf; - pDst->acbe_acwmax = tmp29__ >> 4 & 0xf; - if (unlikely(ielen < 2)) + pDst->acbe_acwmin = tmp30__ >> 0 & 0xf; + pDst->acbe_acwmax = tmp30__ >> 4 & 0xf; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->acbe_txoplimit, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp30__ = *pBuf; + tmp31__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acbk_aifsn = tmp30__ >> 0 & 0xf; - pDst->acbk_acm = tmp30__ >> 4 & 0x1; - pDst->acbk_aci = tmp30__ >> 5 & 0x3; - pDst->unused2 = tmp30__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->acbk_aifsn = tmp31__ >> 0 & 0xf; + pDst->acbk_acm = tmp31__ >> 4 & 0x1; + pDst->acbk_aci = tmp31__ >> 5 & 0x3; + pDst->unused2 = tmp31__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp31__ = *pBuf; + tmp32__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acbk_acwmin = tmp31__ >> 0 & 0xf; - pDst->acbk_acwmax = tmp31__ >> 4 & 0xf; - if (unlikely(ielen < 2)) + pDst->acbk_acwmin = tmp32__ >> 0 & 0xf; + pDst->acbk_acwmax = tmp32__ >> 4 & 0xf; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->acbk_txoplimit, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp32__ = *pBuf; + tmp33__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acvi_aifsn = tmp32__ >> 0 & 0xf; - pDst->acvi_acm = tmp32__ >> 4 & 0x1; - pDst->acvi_aci = tmp32__ >> 5 & 0x3; - pDst->unused3 = tmp32__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->acvi_aifsn = tmp33__ >> 0 & 0xf; + pDst->acvi_acm = tmp33__ >> 4 & 0x1; + pDst->acvi_aci = tmp33__ >> 5 & 0x3; + pDst->unused3 = tmp33__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp33__ = *pBuf; + tmp34__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acvi_acwmin = tmp33__ >> 0 & 0xf; - pDst->acvi_acwmax = tmp33__ >> 4 & 0xf; - if (unlikely(ielen < 2)) + pDst->acvi_acwmin = tmp34__ >> 0 & 0xf; + pDst->acvi_acwmax = tmp34__ >> 4 & 0xf; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->acvi_txoplimit, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp34__ = *pBuf; + tmp35__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acvo_aifsn = tmp34__ >> 0 & 0xf; - pDst->acvo_acm = tmp34__ >> 4 & 0x1; - pDst->acvo_aci = tmp34__ >> 5 & 0x3; - pDst->unused4 = tmp34__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->acvo_aifsn = tmp35__ >> 0 & 0xf; + pDst->acvo_acm = tmp35__ >> 4 & 0x1; + pDst->acvo_aci = tmp35__ >> 5 & 0x3; + pDst->unused4 = tmp35__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp35__ = *pBuf; + tmp36__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acvo_acwmin = tmp35__ >> 0 & 0xf; - pDst->acvo_acwmax = tmp35__ >> 4 & 0xf; - if (unlikely(ielen < 2)) + pDst->acvo_acwmin = tmp36__ >> 0 & 0xf; + pDst->acvo_acwmax = tmp36__ >> 4 & 0xf; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->acvo_txoplimit, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_edca_param_set. */ -#define SigIeEDCAParamSet (0x002c) +#define SigIeEDCAParamSet (0x002e) uint32_t dot11f_unpack_ie_erp_info(tpAniSirGlobal pCtx, @@ -3587,24 +4035,26 @@ uint32_t dot11f_unpack_ie_erp_info(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp36__; + uint8_t tmp37__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp36__ = *pBuf; - pDst->non_erp_present = tmp36__ >> 0 & 0x1; - pDst->use_prot = tmp36__ >> 1 & 0x1; - pDst->barker_preamble = tmp36__ >> 2 & 0x1; - pDst->unused = tmp36__ >> 3 & 0x1f; + tmp37__ = *pBuf; + pDst->non_erp_present = tmp37__ >> 0 & 0x1; + pDst->use_prot = tmp37__ >> 1 & 0x1; + pDst->barker_preamble = tmp37__ >> 2 & 0x1; + pDst->unused = tmp37__ >> 3 & 0x1f; (void)pCtx; return status; } /* End dot11f_unpack_ie_erp_info. */ -#define SigIeERPInfo (0x002d) +#define SigIeERPInfo (0x002f) uint32_t dot11f_unpack_ie_ese_cckm_opaque(tpAniSirGlobal pCtx, @@ -3629,7 +4079,7 @@ uint32_t dot11f_unpack_ie_ese_cckm_opaque(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_ese_cckm_opaque. */ -#define SigIeESECckmOpaque (0x002e) +#define SigIeESECckmOpaque (0x0030) uint32_t dot11f_unpack_ie_ese_rad_mgmt_cap(tpAniSirGlobal pCtx, @@ -3639,28 +4089,32 @@ uint32_t dot11f_unpack_ie_ese_rad_mgmt_cap(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp37__; + uint8_t tmp38__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->mgmt_state = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp37__ = *pBuf; - pDst->mbssid_mask = tmp37__ >> 0 & 0x7; - pDst->reserved = tmp37__ >> 3 & 0x1f; + tmp38__ = *pBuf; + pDst->mbssid_mask = tmp38__ >> 0 & 0x7; + pDst->reserved = tmp38__ >> 3 & 0x1f; (void)pCtx; return status; } /* End dot11f_unpack_ie_ese_rad_mgmt_cap. */ -#define SigIeESERadMgmtCap (0x002f) +#define SigIeESERadMgmtCap (0x0031) uint32_t dot11f_unpack_ie_ese_traf_strm_met(tpAniSirGlobal pCtx, @@ -3674,27 +4128,33 @@ uint32_t dot11f_unpack_ie_ese_traf_strm_met(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->tsid = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->state = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->msmt_interval, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_ese_traf_strm_met. */ -#define SigIeESETrafStrmMet (0x0030) +#define SigIeESETrafStrmMet (0x0032) uint32_t dot11f_unpack_ie_ese_traf_strm_rate_set(tpAniSirGlobal pCtx, @@ -3708,8 +4168,10 @@ uint32_t dot11f_unpack_ie_ese_traf_strm_rate_set(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->tsid = *pBuf; pBuf += 1; @@ -3725,7 +4187,7 @@ uint32_t dot11f_unpack_ie_ese_traf_strm_rate_set(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_ese_traf_strm_rate_set. */ -#define SigIeESETrafStrmRateSet (0x0031) +#define SigIeESETrafStrmRateSet (0x0033) uint32_t dot11f_unpack_ie_ese_txmit_power(tpAniSirGlobal pCtx, @@ -3739,21 +4201,25 @@ uint32_t dot11f_unpack_ie_ese_txmit_power(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->power_limit = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->reserved = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_ese_txmit_power. */ -#define SigIeESETxmitPower (0x0032) +#define SigIeESETxmitPower (0x0034) uint32_t dot11f_unpack_ie_ese_version(tpAniSirGlobal pCtx, @@ -3767,15 +4233,17 @@ uint32_t dot11f_unpack_ie_ese_version(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_ese_version. */ -#define SigIeESEVersion (0x0033) +#define SigIeESEVersion (0x0035) uint32_t dot11f_unpack_ie_ESP_information(tpAniSirGlobal pCtx, @@ -3800,7 +4268,7 @@ uint32_t dot11f_unpack_ie_ESP_information(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_ESP_information. */ -#define SigIeESP_information (0x0034) +#define SigIeESP_information (0x0036) uint32_t dot11f_unpack_ie_ext_cap(tpAniSirGlobal pCtx, @@ -3830,7 +4298,7 @@ endUnpackIeExtCap: return status; } /* End dot11f_unpack_ie_ext_cap. */ -#define SigIeExtCap (0x0035) +#define SigIeExtCap (0x0037) uint32_t dot11f_unpack_ie_ext_supp_rates(tpAniSirGlobal pCtx, @@ -3863,7 +4331,7 @@ uint32_t dot11f_unpack_ie_ext_supp_rates(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_ext_supp_rates. */ -#define SigIeExtSuppRates (0x0036) +#define SigIeExtSuppRates (0x0038) uint32_t dot11f_unpack_ie_fh_param_set(tpAniSirGlobal pCtx, @@ -3877,33 +4345,41 @@ uint32_t dot11f_unpack_ie_fh_param_set(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->dwell_time, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->hop_set = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->hop_pattern = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->hop_index = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_fh_param_set. */ -#define SigIeFHParamSet (0x0037) +#define SigIeFHParamSet (0x0039) uint32_t dot11f_unpack_ie_fh_params(tpAniSirGlobal pCtx, @@ -3917,21 +4393,25 @@ uint32_t dot11f_unpack_ie_fh_params(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->radix = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->nchannels = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_fh_params. */ -#define SigIeFHParams (0x0038) +#define SigIeFHParams (0x003a) uint32_t dot11f_unpack_ie_fh_patt_table(tpAniSirGlobal pCtx, @@ -3945,26 +4425,34 @@ uint32_t dot11f_unpack_ie_fh_patt_table(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->flag = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->nsets = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->modulus = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->offset = *pBuf; pBuf += 1; @@ -3980,7 +4468,7 @@ uint32_t dot11f_unpack_ie_fh_patt_table(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_fh_patt_table. */ -#define SigIeFHPattTable (0x0039) +#define SigIeFHPattTable (0x003b) static const tFFDefn FFS_FTInfo[] = { @@ -4009,33 +4497,41 @@ uint32_t dot11f_unpack_ie_ft_info(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint16_t tmp38__; + uint16_t tmp39__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - framesntohs(pCtx, &tmp38__, pBuf, 0); + framesntohs(pCtx, &tmp39__, pBuf, 0); pBuf += 2; ielen -= 2; - pDst->reserved = tmp38__ >> 0 & 0xff; - pDst->IECount = tmp38__ >> 8 & 0xff; - if (unlikely(ielen < 16)) + pDst->reserved = tmp39__ >> 0 & 0xff; + pDst->IECount = tmp39__ >> 8 & 0xff; + if (unlikely(ielen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->MIC, pBuf, 16); pBuf += 16; ielen -= (uint8_t)16; - if (unlikely(ielen < 32)) + if (unlikely(ielen < 32)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->Anonce, pBuf, 32); pBuf += 32; ielen -= (uint8_t)32; - if (unlikely(ielen < 32)) + if (unlikely(ielen < 32)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->Snonce, pBuf, 32); pBuf += 32; @@ -4052,7 +4548,7 @@ uint32_t dot11f_unpack_ie_ft_info(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_ft_info. */ -#define SigIeFTInfo (0x003a) +#define SigIeFTInfo (0x003c) uint32_t dot11f_unpack_ie_ht_caps(tpAniSirGlobal pCtx, @@ -4062,97 +4558,109 @@ uint32_t dot11f_unpack_ie_ht_caps(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint16_t tmp39__; - uint8_t tmp40__; - uint16_t tmp41__; - uint32_t tmp42__; - uint8_t tmp43__; + uint16_t tmp40__; + uint8_t tmp41__; + uint16_t tmp42__; + uint32_t tmp43__; + uint8_t tmp44__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - framesntohs(pCtx, &tmp39__, pBuf, 0); + framesntohs(pCtx, &tmp40__, pBuf, 0); pBuf += 2; ielen -= 2; - pDst->advCodingCap = tmp39__ >> 0 & 0x1; - pDst->supportedChannelWidthSet = tmp39__ >> 1 & 0x1; - pDst->mimoPowerSave = tmp39__ >> 2 & 0x3; - pDst->greenField = tmp39__ >> 4 & 0x1; - pDst->shortGI20MHz = tmp39__ >> 5 & 0x1; - pDst->shortGI40MHz = tmp39__ >> 6 & 0x1; - pDst->txSTBC = tmp39__ >> 7 & 0x1; - pDst->rxSTBC = tmp39__ >> 8 & 0x3; - pDst->delayedBA = tmp39__ >> 10 & 0x1; - pDst->maximalAMSDUsize = tmp39__ >> 11 & 0x1; - pDst->dsssCckMode40MHz = tmp39__ >> 12 & 0x1; - pDst->psmp = tmp39__ >> 13 & 0x1; - pDst->stbcControlFrame = tmp39__ >> 14 & 0x1; - pDst->lsigTXOPProtection = tmp39__ >> 15 & 0x1; - if (unlikely(ielen < 1)) - return DOT11F_INCOMPLETE_IE; - - tmp40__ = *pBuf; + pDst->advCodingCap = tmp40__ >> 0 & 0x1; + pDst->supportedChannelWidthSet = tmp40__ >> 1 & 0x1; + pDst->mimoPowerSave = tmp40__ >> 2 & 0x3; + pDst->greenField = tmp40__ >> 4 & 0x1; + pDst->shortGI20MHz = tmp40__ >> 5 & 0x1; + pDst->shortGI40MHz = tmp40__ >> 6 & 0x1; + pDst->txSTBC = tmp40__ >> 7 & 0x1; + pDst->rxSTBC = tmp40__ >> 8 & 0x3; + pDst->delayedBA = tmp40__ >> 10 & 0x1; + pDst->maximalAMSDUsize = tmp40__ >> 11 & 0x1; + pDst->dsssCckMode40MHz = tmp40__ >> 12 & 0x1; + pDst->psmp = tmp40__ >> 13 & 0x1; + pDst->stbcControlFrame = tmp40__ >> 14 & 0x1; + pDst->lsigTXOPProtection = tmp40__ >> 15 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; + return DOT11F_INCOMPLETE_IE; + } + + tmp41__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->maxRxAMPDUFactor = tmp40__ >> 0 & 0x3; - pDst->mpduDensity = tmp40__ >> 2 & 0x7; - pDst->reserved1 = tmp40__ >> 5 & 0x7; - if (unlikely(ielen < 16)) + pDst->maxRxAMPDUFactor = tmp41__ >> 0 & 0x3; + pDst->mpduDensity = tmp41__ >> 2 & 0x7; + pDst->reserved1 = tmp41__ >> 5 & 0x7; + if (unlikely(ielen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->supportedMCSSet, pBuf, 16); pBuf += 16; ielen -= (uint8_t)16; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - framesntohs(pCtx, &tmp41__, pBuf, 0); + framesntohs(pCtx, &tmp42__, pBuf, 0); pBuf += 2; ielen -= 2; - pDst->pco = tmp41__ >> 0 & 0x1; - pDst->transitionTime = tmp41__ >> 1 & 0x3; - pDst->reserved2 = tmp41__ >> 3 & 0x1f; - pDst->mcsFeedback = tmp41__ >> 8 & 0x3; - pDst->reserved3 = tmp41__ >> 10 & 0x3f; - if (unlikely(ielen < 4)) + pDst->pco = tmp42__ >> 0 & 0x1; + pDst->transitionTime = tmp42__ >> 1 & 0x3; + pDst->reserved2 = tmp42__ >> 3 & 0x1f; + pDst->mcsFeedback = tmp42__ >> 8 & 0x3; + pDst->reserved3 = tmp42__ >> 10 & 0x3f; + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - framesntohl(pCtx, &tmp42__, pBuf, 0); + framesntohl(pCtx, &tmp43__, pBuf, 0); pBuf += 4; ielen -= 4; - pDst->txBF = tmp42__ >> 0 & 0x1; - pDst->rxStaggeredSounding = tmp42__ >> 1 & 0x1; - pDst->txStaggeredSounding = tmp42__ >> 2 & 0x1; - pDst->rxZLF = tmp42__ >> 3 & 0x1; - pDst->txZLF = tmp42__ >> 4 & 0x1; - pDst->implicitTxBF = tmp42__ >> 5 & 0x1; - pDst->calibration = tmp42__ >> 6 & 0x3; - pDst->explicitCSITxBF = tmp42__ >> 8 & 0x1; - pDst->explicitUncompressedSteeringMatrix = tmp42__ >> 9 & 0x1; - pDst->explicitBFCSIFeedback = tmp42__ >> 10 & 0x7; - pDst->explicitUncompressedSteeringMatrixFeedback = tmp42__ >> 13 & 0x7; - pDst->explicitCompressedSteeringMatrixFeedback = tmp42__ >> 16 & 0x7; - pDst->csiNumBFAntennae = tmp42__ >> 19 & 0x3; - pDst->uncompressedSteeringMatrixBFAntennae = tmp42__ >> 21 & 0x3; - pDst->compressedSteeringMatrixBFAntennae = tmp42__ >> 23 & 0x3; - pDst->reserved4 = tmp42__ >> 25 & 0x7f; - if (unlikely(ielen < 1)) - return DOT11F_INCOMPLETE_IE; - - tmp43__ = *pBuf; + pDst->txBF = tmp43__ >> 0 & 0x1; + pDst->rxStaggeredSounding = tmp43__ >> 1 & 0x1; + pDst->txStaggeredSounding = tmp43__ >> 2 & 0x1; + pDst->rxZLF = tmp43__ >> 3 & 0x1; + pDst->txZLF = tmp43__ >> 4 & 0x1; + pDst->implicitTxBF = tmp43__ >> 5 & 0x1; + pDst->calibration = tmp43__ >> 6 & 0x3; + pDst->explicitCSITxBF = tmp43__ >> 8 & 0x1; + pDst->explicitUncompressedSteeringMatrix = tmp43__ >> 9 & 0x1; + pDst->explicitBFCSIFeedback = tmp43__ >> 10 & 0x7; + pDst->explicitUncompressedSteeringMatrixFeedback = tmp43__ >> 13 & 0x7; + pDst->explicitCompressedSteeringMatrixFeedback = tmp43__ >> 16 & 0x7; + pDst->csiNumBFAntennae = tmp43__ >> 19 & 0x3; + pDst->uncompressedSteeringMatrixBFAntennae = tmp43__ >> 21 & 0x3; + pDst->compressedSteeringMatrixBFAntennae = tmp43__ >> 23 & 0x3; + pDst->reserved4 = tmp43__ >> 25 & 0x7f; + if (unlikely(ielen < 1)) { + pDst->present = 0; + return DOT11F_INCOMPLETE_IE; + } + + tmp44__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->antennaSelection = tmp43__ >> 0 & 0x1; - pDst->explicitCSIFeedbackTx = tmp43__ >> 1 & 0x1; - pDst->antennaIndicesFeedbackTx = tmp43__ >> 2 & 0x1; - pDst->explicitCSIFeedback = tmp43__ >> 3 & 0x1; - pDst->antennaIndicesFeedback = tmp43__ >> 4 & 0x1; - pDst->rxAS = tmp43__ >> 5 & 0x1; - pDst->txSoundingPPDUs = tmp43__ >> 6 & 0x1; - pDst->reserved5 = tmp43__ >> 7 & 0x1; + pDst->antennaSelection = tmp44__ >> 0 & 0x1; + pDst->explicitCSIFeedbackTx = tmp44__ >> 1 & 0x1; + pDst->antennaIndicesFeedbackTx = tmp44__ >> 2 & 0x1; + pDst->explicitCSIFeedback = tmp44__ >> 3 & 0x1; + pDst->antennaIndicesFeedback = tmp44__ >> 4 & 0x1; + pDst->rxAS = tmp44__ >> 5 & 0x1; + pDst->txSoundingPPDUs = tmp44__ >> 6 & 0x1; + pDst->reserved5 = tmp44__ >> 7 & 0x1; pDst->num_rsvd = (uint8_t)(ielen); if (ielen > 32) { pDst->present = 0; @@ -4164,7 +4672,7 @@ uint32_t dot11f_unpack_ie_ht_caps(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_ht_caps. */ -#define SigIeHTCaps (0x003b) +#define SigIeHTCaps (0x003d) uint32_t dot11f_unpack_ie_ht_info(tpAniSirGlobal pCtx, @@ -4174,56 +4682,66 @@ uint32_t dot11f_unpack_ie_ht_info(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp44__; - uint16_t tmp45__; + uint8_t tmp45__; uint16_t tmp46__; + uint16_t tmp47__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->primaryChannel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp44__ = *pBuf; + tmp45__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->secondaryChannelOffset = tmp44__ >> 0 & 0x3; - pDst->recommendedTxWidthSet = tmp44__ >> 2 & 0x1; - pDst->rifsMode = tmp44__ >> 3 & 0x1; - pDst->controlledAccessOnly = tmp44__ >> 4 & 0x1; - pDst->serviceIntervalGranularity = tmp44__ >> 5 & 0x7; - if (unlikely(ielen < 2)) + pDst->secondaryChannelOffset = tmp45__ >> 0 & 0x3; + pDst->recommendedTxWidthSet = tmp45__ >> 2 & 0x1; + pDst->rifsMode = tmp45__ >> 3 & 0x1; + pDst->controlledAccessOnly = tmp45__ >> 4 & 0x1; + pDst->serviceIntervalGranularity = tmp45__ >> 5 & 0x7; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - framesntohs(pCtx, &tmp45__, pBuf, 0); + framesntohs(pCtx, &tmp46__, pBuf, 0); pBuf += 2; ielen -= 2; - pDst->opMode = tmp45__ >> 0 & 0x3; - pDst->nonGFDevicesPresent = tmp45__ >> 2 & 0x1; - pDst->transmitBurstLimit = tmp45__ >> 3 & 0x1; - pDst->obssNonHTStaPresent = tmp45__ >> 4 & 0x1; - pDst->reserved = tmp45__ >> 5 & 0x7ff; - if (unlikely(ielen < 2)) + pDst->opMode = tmp46__ >> 0 & 0x3; + pDst->nonGFDevicesPresent = tmp46__ >> 2 & 0x1; + pDst->transmitBurstLimit = tmp46__ >> 3 & 0x1; + pDst->obssNonHTStaPresent = tmp46__ >> 4 & 0x1; + pDst->reserved = tmp46__ >> 5 & 0x7ff; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - framesntohs(pCtx, &tmp46__, pBuf, 0); + framesntohs(pCtx, &tmp47__, pBuf, 0); pBuf += 2; ielen -= 2; - pDst->basicSTBCMCS = tmp46__ >> 0 & 0x7f; - pDst->dualCTSProtection = tmp46__ >> 7 & 0x1; - pDst->secondaryBeacon = tmp46__ >> 8 & 0x1; - pDst->lsigTXOPProtectionFullSupport = tmp46__ >> 9 & 0x1; - pDst->pcoActive = tmp46__ >> 10 & 0x1; - pDst->pcoPhase = tmp46__ >> 11 & 0x1; - pDst->reserved2 = tmp46__ >> 12 & 0xf; - if (unlikely(ielen < 16)) + pDst->basicSTBCMCS = tmp47__ >> 0 & 0x7f; + pDst->dualCTSProtection = tmp47__ >> 7 & 0x1; + pDst->secondaryBeacon = tmp47__ >> 8 & 0x1; + pDst->lsigTXOPProtectionFullSupport = tmp47__ >> 9 & 0x1; + pDst->pcoActive = tmp47__ >> 10 & 0x1; + pDst->pcoPhase = tmp47__ >> 11 & 0x1; + pDst->reserved2 = tmp47__ >> 12 & 0xf; + if (unlikely(ielen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->basicMCSSet, pBuf, 16); pBuf += 16; @@ -4239,7 +4757,7 @@ uint32_t dot11f_unpack_ie_ht_info(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_ht_info. */ -#define SigIeHTInfo (0x003c) +#define SigIeHTInfo (0x003e) uint32_t dot11f_unpack_ie_ibss_params(tpAniSirGlobal pCtx, @@ -4253,15 +4771,17 @@ uint32_t dot11f_unpack_ie_ibss_params(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->atim, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_ibss_params. */ -#define SigIeIBSSParams (0x003d) +#define SigIeIBSSParams (0x003f) uint32_t dot11f_unpack_ie_link_identifier(tpAniSirGlobal pCtx, @@ -4275,27 +4795,33 @@ uint32_t dot11f_unpack_ie_link_identifier(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->bssid, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->InitStaAddr, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->RespStaAddr, pBuf, 6); (void)pCtx; return status; } /* End dot11f_unpack_ie_link_identifier. */ -#define SigIeLinkIdentifier (0x003e) +#define SigIeLinkIdentifier (0x0040) static const tTLVDefn TLVS_MBO_IE[] = { @@ -4358,7 +4884,7 @@ uint32_t dot11f_unpack_ie_MBO_IE(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_MBO_IE. */ -#define SigIeMBO_IE (0x003f) +#define SigIeMBO_IE (0x0041) static const tFFDefn FFS_reportBeacon[] = { @@ -4371,6 +4897,18 @@ static const tIEDefn IES_reportBeacon[] = { offsetof(tDot11fIEBeaconReportFrmBody, present), 0, "BeaconReportFrmBody", 0, 2, 226, SigIeBeaconReportFrmBody, {0, 0, 0, 0, 0}, 0, DOT11F_EID_BEACONREPORTFRMBODY, 0, 0, }, + { offsetof(tDot11fIEMeasurementReport, + report.Beacon.beacon_report_frm_body_fragment_id), + offsetof(tDot11fIEbeacon_report_frm_body_fragment_id, present), 0, + "beacon_report_frm_body_fragment_id", + 0, 4, 4, SigIebeacon_report_frm_body_fragment_id, {0, 0, 0, 0, 0}, + 0, DOT11F_EID_BEACON_REPORT_FRM_BODY_FRAGMENT_ID, 0, 0, }, + { offsetof(tDot11fIEMeasurementReport, + report.Beacon.last_beacon_report_indication), + offsetof(tDot11fIElast_beacon_report_indication, present), 0, + "last_beacon_report_indication", + 0, 3, 3, SigIelast_beacon_report_indication, {0, 0, 0, 0, 0}, + 0, DOT11F_EID_LAST_BEACON_REPORT_INDICATION, 0, 0, }, {0, 0, 0, NULL, 0, 0, 0, 0, {0, 0, 0, 0, 0}, 0, 0xff, 0, }, }; @@ -4381,31 +4919,37 @@ uint32_t dot11f_unpack_ie_measurement_report(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp47__; uint8_t tmp48__; uint8_t tmp49__; + uint8_t tmp50__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->token = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp47__ = *pBuf; + tmp48__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->late = tmp47__ >> 0 & 0x1; - pDst->incapable = tmp47__ >> 1 & 0x1; - pDst->refused = tmp47__ >> 2 & 0x1; - pDst->unused = tmp47__ >> 3 & 0x1f; - if (unlikely(ielen < 1)) + pDst->late = tmp48__ >> 0 & 0x1; + pDst->incapable = tmp48__ >> 1 & 0x1; + pDst->refused = tmp48__ >> 2 & 0x1; + pDst->unused = tmp48__ >> 3 & 0x1f; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->type = *pBuf; pBuf += 1; @@ -4415,190 +4959,248 @@ uint32_t dot11f_unpack_ie_measurement_report(tpAniSirGlobal pCtx, } else { switch (pDst->type) { case 0: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.Basic.channel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohq(pCtx, &pDst->report.Basic.meas_start_time, pBuf, 0); pBuf += 8; ielen -= (uint8_t)8; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->report.Basic.meas_duration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp48__ = *pBuf; + tmp49__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->report.Basic.bss = tmp48__ >> 0 & 0x1; - pDst->report.Basic.ofdm_preamble = tmp48__ >> 1 & 0x1; - pDst->report.Basic.unid_signal = tmp48__ >> 2 & 0x1; - pDst->report.Basic.rader = tmp48__ >> 3 & 0x1; - pDst->report.Basic.unmeasured = tmp48__ >> 4 & 0x1; - pDst->report.Basic.unused = tmp48__ >> 5 & 0x7; + pDst->report.Basic.bss = tmp49__ >> 0 & 0x1; + pDst->report.Basic.ofdm_preamble = tmp49__ >> 1 & 0x1; + pDst->report.Basic.unid_signal = tmp49__ >> 2 & 0x1; + pDst->report.Basic.rader = tmp49__ >> 3 & 0x1; + pDst->report.Basic.unmeasured = tmp49__ >> 4 & 0x1; + pDst->report.Basic.unused = tmp49__ >> 5 & 0x7; break; case 1: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.CCA.channel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohq(pCtx, &pDst->report.CCA.meas_start_time, pBuf, 0); pBuf += 8; ielen -= (uint8_t)8; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->report.CCA.meas_duration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.CCA.cca_busy_fraction = *pBuf; pBuf += 1; ielen -= (uint8_t)1; break; case 2: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.RPIHistogram.channel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohq(pCtx, &pDst->report.RPIHistogram.meas_start_time, pBuf, 0); pBuf += 8; ielen -= (uint8_t)8; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->report.RPIHistogram.meas_duration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.RPIHistogram.rpi0_density = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.RPIHistogram.rpi1_density = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.RPIHistogram.rpi2_density = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.RPIHistogram.rpi3_density = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.RPIHistogram.rpi4_density = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.RPIHistogram.rpi5_density = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.RPIHistogram.rpi6_density = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.RPIHistogram.rpi7_density = *pBuf; pBuf += 1; ielen -= (uint8_t)1; break; case 5: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.Beacon.regClass = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.Beacon.channel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohq(pCtx, &pDst->report.Beacon.meas_start_time, pBuf, 0); pBuf += 8; ielen -= (uint8_t)8; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->report.Beacon.meas_duration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp49__ = *pBuf; + tmp50__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->report.Beacon.condensed_PHY = tmp49__ >> 0 & 0x7f; - pDst->report.Beacon.reported_frame_type = tmp49__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->report.Beacon.condensed_PHY = tmp50__ >> 0 & 0x7f; + pDst->report.Beacon.reported_frame_type = tmp50__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.Beacon.RCPI = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.Beacon.RSNI = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->report.Beacon.BSSID, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->report.Beacon.antenna_id = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->report.Beacon.parent_TSF, pBuf, 0); pBuf += 4; @@ -4617,7 +5219,7 @@ uint32_t dot11f_unpack_ie_measurement_report(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_measurement_report. */ -#define SigIeMeasurementReport (0x0040) +#define SigIeMeasurementReport (0x0042) static const tFFDefn FFS_measurement_requestBeacon[] = { @@ -4647,6 +5249,12 @@ static const tIEDefn IES_measurement_requestBeacon[] = { measurement_request.Beacon.APChannelReport), offsetof(tDot11fIEAPChannelReport, present), offsetof(tDot11fIEMeasurementRequest, measurement_request.Beacon.num_APChannelReport), "APChannelReport", 2, 3, 53, SigIeAPChannelReport, {0, 0, 0, 0, 0}, 0, DOT11F_EID_APCHANNELREPORT, 0, 0, }, + { offsetof(tDot11fIEMeasurementRequest, + measurement_request.Beacon.last_beacon_report_indication), + offsetof(tDot11fIElast_beacon_report_indication, present), 0, + "last_beacon_report_indication", + 0, 3, 3, SigIelast_beacon_report_indication, {0, 0, 0, 0, 0}, + 0, DOT11F_EID_LAST_BEACON_REPORT_INDICATION, 0, 0, }, {0, 0, 0, NULL, 0, 0, 0, 0, {0, 0, 0, 0, 0}, 0, 0xff, 0, }, }; @@ -4697,129 +5305,165 @@ uint32_t dot11f_unpack_ie_measurement_request(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp50__; + uint8_t tmp51__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_token = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp50__ = *pBuf; + tmp51__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->parallel = tmp50__ >> 0 & 0x1; - pDst->enable = tmp50__ >> 1 & 0x1; - pDst->request = tmp50__ >> 2 & 0x1; - pDst->report = tmp50__ >> 3 & 0x1; - pDst->durationMandatory = tmp50__ >> 4 & 0x1; - pDst->unused = tmp50__ >> 5 & 0x7; - if (unlikely(ielen < 1)) + pDst->parallel = tmp51__ >> 0 & 0x1; + pDst->enable = tmp51__ >> 1 & 0x1; + pDst->request = tmp51__ >> 2 & 0x1; + pDst->report = tmp51__ >> 3 & 0x1; + pDst->durationMandatory = tmp51__ >> 4 & 0x1; + pDst->unused = tmp51__ >> 5 & 0x7; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_type = *pBuf; pBuf += 1; ielen -= (uint8_t)1; switch (pDst->measurement_type) { case 0: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_request.Basic.channel_no = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->measurement_request.Basic.meas_start_time, pBuf, 8); pBuf += 8; ielen -= (uint8_t)8; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->measurement_request.Basic.meas_duration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; break; case 1: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_request.CCA.channel_no = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->measurement_request.CCA.meas_start_time, pBuf, 8); pBuf += 8; ielen -= (uint8_t)8; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->measurement_request.CCA.meas_duration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; break; case 2: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_request.RPIHistogram.channel_no = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->measurement_request.RPIHistogram.meas_start_time, pBuf, 8); pBuf += 8; ielen -= (uint8_t)8; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->measurement_request.RPIHistogram.meas_duration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; break; case 5: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_request.Beacon.regClass = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_request.Beacon.channel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->measurement_request.Beacon.randomization, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->measurement_request.Beacon.meas_duration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_request.Beacon.meas_mode = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->measurement_request.Beacon.BSSID, pBuf, 6); pBuf += 6; @@ -4833,8 +5477,10 @@ uint32_t dot11f_unpack_ie_measurement_request(tpAniSirGlobal pCtx, sizeof(*pDst), append_ie); break; case 8: - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_request.lci.loc_subject = *pBuf; pBuf += 1; @@ -4848,14 +5494,18 @@ uint32_t dot11f_unpack_ie_measurement_request(tpAniSirGlobal pCtx, sizeof(*pDst), append_ie); break; case 16: - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->measurement_request.ftmrr.random_interval, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->measurement_request.ftmrr.min_ap_count = *pBuf; pBuf += 1; @@ -4873,7 +5523,7 @@ uint32_t dot11f_unpack_ie_measurement_request(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_measurement_request. */ -#define SigIeMeasurementRequest (0x0041) +#define SigIeMeasurementRequest (0x0043) uint32_t dot11f_unpack_ie_mobility_domain(tpAniSirGlobal pCtx, @@ -4883,29 +5533,33 @@ uint32_t dot11f_unpack_ie_mobility_domain(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp51__; + uint8_t tmp52__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->MDID, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp51__ = *pBuf; - pDst->overDSCap = tmp51__ >> 0 & 0x1; - pDst->resourceReqCap = tmp51__ >> 1 & 0x1; - pDst->reserved = tmp51__ >> 2 & 0x3f; + tmp52__ = *pBuf; + pDst->overDSCap = tmp52__ >> 0 & 0x1; + pDst->resourceReqCap = tmp52__ >> 1 & 0x1; + pDst->reserved = tmp52__ >> 2 & 0x3f; (void)pCtx; return status; } /* End dot11f_unpack_ie_mobility_domain. */ -#define SigIeMobilityDomain (0x0042) +#define SigIeMobilityDomain (0x0044) static const tFFDefn FFS_NeighborReport[] = { @@ -4942,61 +5596,75 @@ uint32_t dot11f_unpack_ie_neighbor_report(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp52__; uint8_t tmp53__; + uint8_t tmp54__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->bssid, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp52__ = *pBuf; + tmp53__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->APReachability = tmp52__ >> 0 & 0x3; - pDst->Security = tmp52__ >> 2 & 0x1; - pDst->KeyScope = tmp52__ >> 3 & 0x1; - pDst->SpecMgmtCap = tmp52__ >> 4 & 0x1; - pDst->QosCap = tmp52__ >> 5 & 0x1; - pDst->apsd = tmp52__ >> 6 & 0x1; - pDst->rrm = tmp52__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->APReachability = tmp53__ >> 0 & 0x3; + pDst->Security = tmp53__ >> 2 & 0x1; + pDst->KeyScope = tmp53__ >> 3 & 0x1; + pDst->SpecMgmtCap = tmp53__ >> 4 & 0x1; + pDst->QosCap = tmp53__ >> 5 & 0x1; + pDst->apsd = tmp53__ >> 6 & 0x1; + pDst->rrm = tmp53__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp53__ = *pBuf; + tmp54__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->DelayedBA = tmp53__ >> 0 & 0x1; - pDst->ImmBA = tmp53__ >> 1 & 0x1; - pDst->MobilityDomain = tmp53__ >> 2 & 0x1; - pDst->reserved = tmp53__ >> 3 & 0x1f; - if (unlikely(ielen < 2)) + pDst->DelayedBA = tmp54__ >> 0 & 0x1; + pDst->ImmBA = tmp54__ >> 1 & 0x1; + pDst->MobilityDomain = tmp54__ >> 2 & 0x1; + pDst->reserved = tmp54__ >> 3 & 0x1f; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->reserved1, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->regulatoryClass = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->channel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->PhyType = *pBuf; pBuf += 1; @@ -5013,7 +5681,7 @@ uint32_t dot11f_unpack_ie_neighbor_report(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_neighbor_report. */ -#define SigIeNeighborReport (0x0043) +#define SigIeNeighborReport (0x0045) uint32_t dot11f_unpack_ie_obss_scan_parameters(tpAniSirGlobal pCtx, @@ -5027,51 +5695,65 @@ uint32_t dot11f_unpack_ie_obss_scan_parameters(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->obssScanPassiveDwell, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->obssScanActiveDwell, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->bssChannelWidthTriggerScanInterval, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->obssScanPassiveTotalPerChannel, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->obssScanActiveTotalPerChannel, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->bssWidthChannelTransitionDelayFactor, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->obssScanActivityThreshold, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_obss_scan_parameters. */ -#define SigIeOBSSScanParameters (0x0044) +#define SigIeOBSSScanParameters (0x0046) uint32_t dot11f_unpack_ie_operating_mode(tpAniSirGlobal pCtx, @@ -5081,24 +5763,26 @@ uint32_t dot11f_unpack_ie_operating_mode(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp54__; + uint8_t tmp55__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp54__ = *pBuf; - pDst->chanWidth = tmp54__ >> 0 & 0x3; - pDst->reserved = tmp54__ >> 2 & 0x3; - pDst->rxNSS = tmp54__ >> 4 & 0x7; - pDst->rxNSSType = tmp54__ >> 7 & 0x1; + tmp55__ = *pBuf; + pDst->chanWidth = tmp55__ >> 0 & 0x3; + pDst->reserved = tmp55__ >> 2 & 0x3; + pDst->rxNSS = tmp55__ >> 4 & 0x7; + pDst->rxNSSType = tmp55__ >> 7 & 0x1; (void)pCtx; return status; } /* End dot11f_unpack_ie_operating_mode. */ -#define SigIeOperatingMode (0x0045) +#define SigIeOperatingMode (0x0047) static const tTLVDefn TLVS_P2PAssocReq[] = { @@ -5130,7 +5814,7 @@ uint32_t dot11f_unpack_ie_p2_p_assoc_req(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_p2_p_assoc_req. */ -#define SigIeP2PAssocReq (0x0046) +#define SigIeP2PAssocReq (0x0048) static const tTLVDefn TLVS_P2PAssocRes[] = { @@ -5159,7 +5843,7 @@ uint32_t dot11f_unpack_ie_p2_p_assoc_res(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_p2_p_assoc_res. */ -#define SigIeP2PAssocRes (0x0047) +#define SigIeP2PAssocRes (0x0049) static const tTLVDefn TLVS_P2PBeacon[] = { @@ -5191,7 +5875,7 @@ uint32_t dot11f_unpack_ie_p2_p_beacon(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_p2_p_beacon. */ -#define SigIeP2PBeacon (0x0048) +#define SigIeP2PBeacon (0x004a) static const tTLVDefn TLVS_P2PBeaconProbeRes[] = { @@ -5233,7 +5917,7 @@ uint32_t dot11f_unpack_ie_p2_p_beacon_probe_res(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_p2_p_beacon_probe_res. */ -#define SigIeP2PBeaconProbeRes (0x0049) +#define SigIeP2PBeaconProbeRes (0x004b) static const tTLVDefn TLVS_P2PDeAuth[] = { @@ -5259,7 +5943,7 @@ uint32_t dot11f_unpack_ie_p2_p_de_auth(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_p2_p_de_auth. */ -#define SigIeP2PDeAuth (0x004a) +#define SigIeP2PDeAuth (0x004c) static const tTLVDefn TLVS_P2PDisAssoc[] = { @@ -5285,7 +5969,7 @@ uint32_t dot11f_unpack_ie_p2_p_dis_assoc(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_p2_p_dis_assoc. */ -#define SigIeP2PDisAssoc (0x004b) +#define SigIeP2PDisAssoc (0x004d) uint32_t dot11f_unpack_ie_p2_pie_opaque(tpAniSirGlobal pCtx, @@ -5310,7 +5994,7 @@ uint32_t dot11f_unpack_ie_p2_pie_opaque(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_p2_pie_opaque. */ -#define SigIeP2PIEOpaque (0x004c) +#define SigIeP2PIEOpaque (0x004e) static const tTLVDefn TLVS_P2PProbeReq[] = { @@ -5349,7 +6033,7 @@ uint32_t dot11f_unpack_ie_p2_p_probe_req(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_p2_p_probe_req. */ -#define SigIeP2PProbeReq (0x004d) +#define SigIeP2PProbeReq (0x004f) static const tTLVDefn TLVS_P2PProbeRes[] = { @@ -5388,7 +6072,7 @@ uint32_t dot11f_unpack_ie_p2_p_probe_res(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_p2_p_probe_res. */ -#define SigIeP2PProbeRes (0x004e) +#define SigIeP2PProbeRes (0x0050) uint32_t dot11f_unpack_ie_pti_control(tpAniSirGlobal pCtx, @@ -5402,21 +6086,25 @@ uint32_t dot11f_unpack_ie_pti_control(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->tid = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->sequence_control, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_pti_control. */ -#define SigIePTIControl (0x004f) +#define SigIePTIControl (0x0051) uint32_t dot11f_unpack_ie_pu_buffer_status(tpAniSirGlobal pCtx, @@ -5426,25 +6114,27 @@ uint32_t dot11f_unpack_ie_pu_buffer_status(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp55__; + uint8_t tmp56__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp55__ = *pBuf; - pDst->ac_bk_traffic_aval = tmp55__ >> 0 & 0x1; - pDst->ac_be_traffic_aval = tmp55__ >> 1 & 0x1; - pDst->ac_vi_traffic_aval = tmp55__ >> 2 & 0x1; - pDst->ac_vo_traffic_aval = tmp55__ >> 3 & 0x1; - pDst->reserved = tmp55__ >> 4 & 0xf; + tmp56__ = *pBuf; + pDst->ac_bk_traffic_aval = tmp56__ >> 0 & 0x1; + pDst->ac_be_traffic_aval = tmp56__ >> 1 & 0x1; + pDst->ac_vi_traffic_aval = tmp56__ >> 2 & 0x1; + pDst->ac_vo_traffic_aval = tmp56__ >> 3 & 0x1; + pDst->reserved = tmp56__ >> 4 & 0xf; (void)pCtx; return status; } /* End dot11f_unpack_ie_pu_buffer_status. */ -#define SigIePUBufferStatus (0x0050) +#define SigIePUBufferStatus (0x0052) uint32_t dot11f_unpack_ie_power_caps(tpAniSirGlobal pCtx, @@ -5458,21 +6148,25 @@ uint32_t dot11f_unpack_ie_power_caps(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->minTxPower = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->maxTxPower = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_power_caps. */ -#define SigIePowerCaps (0x0051) +#define SigIePowerCaps (0x0053) uint32_t dot11f_unpack_ie_power_constraints(tpAniSirGlobal pCtx, @@ -5486,15 +6180,17 @@ uint32_t dot11f_unpack_ie_power_constraints(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->localPowerConstraints = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_power_constraints. */ -#define SigIePowerConstraints (0x0052) +#define SigIePowerConstraints (0x0054) uint32_t dot11f_unpack_ie_qbss_load(tpAniSirGlobal pCtx, @@ -5508,27 +6204,33 @@ uint32_t dot11f_unpack_ie_qbss_load(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->stacount, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->chautil = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->avail, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_qbss_load. */ -#define SigIeQBSSLoad (0x0053) +#define SigIeQBSSLoad (0x0055) uint32_t dot11f_unpack_ie_QCN_IE(tpAniSirGlobal pCtx, @@ -5542,15 +6244,17 @@ uint32_t dot11f_unpack_ie_QCN_IE(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->version, pBuf, 4); (void)pCtx; return status; } /* End dot11f_unpack_ie_QCN_IE. */ -#define SigIeQCN_IE (0x0054) +#define SigIeQCN_IE (0x0056) uint32_t dot11f_unpack_ie_QComVendorIE(tpAniSirGlobal pCtx, @@ -5564,21 +6268,25 @@ uint32_t dot11f_unpack_ie_QComVendorIE(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->type = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->channel = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_QComVendorIE. */ -#define SigIeQComVendorIE (0x0055) +#define SigIeQComVendorIE (0x0057) uint32_t dot11f_unpack_ie_qos_caps_ap(tpAniSirGlobal pCtx, @@ -5588,25 +6296,27 @@ uint32_t dot11f_unpack_ie_qos_caps_ap(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp56__; + uint8_t tmp57__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp56__ = *pBuf; - pDst->count = tmp56__ >> 0 & 0xf; - pDst->qack = tmp56__ >> 4 & 0x1; - pDst->qreq = tmp56__ >> 5 & 0x1; - pDst->txopreq = tmp56__ >> 6 & 0x1; - pDst->reserved = tmp56__ >> 7 & 0x1; + tmp57__ = *pBuf; + pDst->count = tmp57__ >> 0 & 0xf; + pDst->qack = tmp57__ >> 4 & 0x1; + pDst->qreq = tmp57__ >> 5 & 0x1; + pDst->txopreq = tmp57__ >> 6 & 0x1; + pDst->reserved = tmp57__ >> 7 & 0x1; (void)pCtx; return status; } /* End dot11f_unpack_ie_qos_caps_ap. */ -#define SigIeQOSCapsAp (0x0056) +#define SigIeQOSCapsAp (0x0058) uint32_t dot11f_unpack_ie_qos_caps_station(tpAniSirGlobal pCtx, @@ -5616,27 +6326,29 @@ uint32_t dot11f_unpack_ie_qos_caps_station(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp57__; + uint8_t tmp58__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp57__ = *pBuf; - pDst->acvo_uapsd = tmp57__ >> 0 & 0x1; - pDst->acvi_uapsd = tmp57__ >> 1 & 0x1; - pDst->acbk_uapsd = tmp57__ >> 2 & 0x1; - pDst->acbe_uapsd = tmp57__ >> 3 & 0x1; - pDst->qack = tmp57__ >> 4 & 0x1; - pDst->max_sp_length = tmp57__ >> 5 & 0x3; - pDst->more_data_ack = tmp57__ >> 7 & 0x1; + tmp58__ = *pBuf; + pDst->acvo_uapsd = tmp58__ >> 0 & 0x1; + pDst->acvi_uapsd = tmp58__ >> 1 & 0x1; + pDst->acbk_uapsd = tmp58__ >> 2 & 0x1; + pDst->acbe_uapsd = tmp58__ >> 3 & 0x1; + pDst->qack = tmp58__ >> 4 & 0x1; + pDst->max_sp_length = tmp58__ >> 5 & 0x3; + pDst->more_data_ack = tmp58__ >> 7 & 0x1; (void)pCtx; return status; } /* End dot11f_unpack_ie_qos_caps_station. */ -#define SigIeQOSCapsStation (0x0057) +#define SigIeQOSCapsStation (0x0059) uint32_t dot11f_unpack_ie_qos_map_set(tpAniSirGlobal pCtx, @@ -5661,7 +6373,7 @@ uint32_t dot11f_unpack_ie_qos_map_set(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_qos_map_set. */ -#define SigIeQosMapSet (0x0058) +#define SigIeQosMapSet (0x005a) uint32_t dot11f_unpack_ie_quiet(tpAniSirGlobal pCtx, @@ -5675,33 +6387,41 @@ uint32_t dot11f_unpack_ie_quiet(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->count = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->period = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->duration, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->offset, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_quiet. */ -#define SigIeQuiet (0x0059) +#define SigIeQuiet (0x005b) uint32_t dot11f_unpack_ie_rcpiie(tpAniSirGlobal pCtx, @@ -5715,15 +6435,17 @@ uint32_t dot11f_unpack_ie_rcpiie(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->rcpi = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_rcpiie. */ -#define SigIeRCPIIE (0x005a) +#define SigIeRCPIIE (0x005c) static const tFFDefn FFS_RICDataDesc[] = { @@ -5799,7 +6521,7 @@ uint32_t dot11f_unpack_ie_ric_data_desc(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_ric_data_desc. */ -#define SigIeRICDataDesc (0x005b) +#define SigIeRICDataDesc (0x005d) uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, @@ -5816,8 +6538,10 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->version, pBuf, 0); pBuf += 2; @@ -5840,12 +6564,9 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, return 0U; } else { pDst->gp_cipher_suite_present = 1; - if (unlikely(ielen < 4)) - return DOT11F_INCOMPLETE_IE; - - if (ielen < 4) { + if (unlikely(ielen < 4)) { pDst->present = 0; - return DOT11F_SKIPPED_BAD_IE; + return DOT11F_INCOMPLETE_IE; } DOT11F_MEMCPY(pCtx, pDst->gp_cipher_suite, pBuf, 4); @@ -5863,20 +6584,19 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, pDst->pmkid_count = 0U; return 0U; } else { - if (unlikely(ielen < 2)) - return DOT11F_INCOMPLETE_IE; - - if (ielen < 2) { + if (unlikely(ielen < 2)) { pDst->present = 0; - return DOT11F_SKIPPED_BAD_IE; + return DOT11F_INCOMPLETE_IE; } framesntohs(pCtx, &pDst->pwise_cipher_suite_count, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; } - if (unlikely(ielen < pDst->pwise_cipher_suite_count * 4)) + if (unlikely(ielen < pDst->pwise_cipher_suite_count * 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } if (!pDst->pwise_cipher_suite_count || pDst->pwise_cipher_suite_count > 6) { @@ -5884,11 +6604,6 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, return DOT11F_SKIPPED_BAD_IE; } - if (ielen < pDst->pwise_cipher_suite_count * 4) { - pDst->present = 0; - return DOT11F_SKIPPED_BAD_IE; - } - DOT11F_MEMCPY(pCtx, pDst->pwise_cipher_suites, pBuf, (pDst->pwise_cipher_suite_count * 4)); pBuf += (pDst->pwise_cipher_suite_count * 4); ielen -= (pDst->pwise_cipher_suite_count * 4); @@ -5900,20 +6615,19 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, pDst->pmkid_count = 0U; return 0U; } else { - if (unlikely(ielen < 2)) - return DOT11F_INCOMPLETE_IE; - - if (ielen < 2) { + if (unlikely(ielen < 2)) { pDst->present = 0; - return DOT11F_SKIPPED_BAD_IE; + return DOT11F_INCOMPLETE_IE; } framesntohs(pCtx, &pDst->akm_suite_cnt, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; } - if (unlikely(ielen < pDst->akm_suite_cnt * 4)) + if (unlikely(ielen < pDst->akm_suite_cnt * 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } if (!pDst->akm_suite_cnt || pDst->akm_suite_cnt > 6) { @@ -5921,11 +6635,6 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, return DOT11F_SKIPPED_BAD_IE; } - if (ielen < pDst->akm_suite_cnt * 4) { - pDst->present = 0; - return DOT11F_SKIPPED_BAD_IE; - } - DOT11F_MEMCPY(pCtx, pDst->akm_suite, pBuf, (pDst->akm_suite_cnt * 4)); pBuf += (pDst->akm_suite_cnt * 4); ielen -= (pDst->akm_suite_cnt * 4); @@ -5936,12 +6645,9 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, return 0U; } else { pDst->RSN_Cap_present = 1; - if (unlikely(ielen < 2)) - return DOT11F_INCOMPLETE_IE; - - if (ielen < 2) { + if (unlikely(ielen < 2)) { pDst->present = 0; - return DOT11F_SKIPPED_BAD_IE; + return DOT11F_INCOMPLETE_IE; } DOT11F_MEMCPY(pCtx, pDst->RSN_Cap, pBuf, 2); @@ -5954,27 +6660,21 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, pDst->pmkid_count = 0U; return 0U; } else { - if (unlikely(ielen < 2)) - return DOT11F_INCOMPLETE_IE; - - if (ielen < 2) { + if (unlikely(ielen < 2)) { pDst->present = 0; - return DOT11F_SKIPPED_BAD_IE; + return DOT11F_INCOMPLETE_IE; } framesntohs(pCtx, &pDst->pmkid_count, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; } - if (unlikely(ielen < pDst->pmkid_count * 16)) - return DOT11F_INCOMPLETE_IE; - - if (pDst->pmkid_count > 4) { + if (unlikely(ielen < pDst->pmkid_count * 16)) { pDst->present = 0; - return DOT11F_SKIPPED_BAD_IE; + return DOT11F_INCOMPLETE_IE; } - if (ielen < pDst->pmkid_count * 16) { + if (pDst->pmkid_count > 4) { pDst->present = 0; return DOT11F_SKIPPED_BAD_IE; } @@ -5986,12 +6686,9 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, return 0U; } else { pDst->gp_mgmt_cipher_suite_present = 1; - if (unlikely(ielen < 4)) - return DOT11F_INCOMPLETE_IE; - - if (ielen < 4) { + if (unlikely(ielen < 4)) { pDst->present = 0; - return DOT11F_SKIPPED_BAD_IE; + return DOT11F_INCOMPLETE_IE; } DOT11F_MEMCPY(pCtx, pDst->gp_mgmt_cipher_suite, pBuf, 4); @@ -6000,7 +6697,7 @@ uint32_t dot11f_unpack_ie_rsn(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_rsn. */ -#define SigIeRSN (0x005c) +#define SigIeRSN (0x005e) uint32_t dot11f_unpack_ie_rsniie(tpAniSirGlobal pCtx, @@ -6014,15 +6711,17 @@ uint32_t dot11f_unpack_ie_rsniie(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->rsni = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_rsniie. */ -#define SigIeRSNIIE (0x005d) +#define SigIeRSNIIE (0x005f) uint32_t dot11f_unpack_ie_rsn_opaque(tpAniSirGlobal pCtx, @@ -6047,7 +6746,7 @@ uint32_t dot11f_unpack_ie_rsn_opaque(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_rsn_opaque. */ -#define SigIeRSNOpaque (0x005e) +#define SigIeRSNOpaque (0x0060) uint32_t dot11f_unpack_ie_supp_channels(tpAniSirGlobal pCtx, @@ -6072,7 +6771,7 @@ uint32_t dot11f_unpack_ie_supp_channels(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_supp_channels. */ -#define SigIeSuppChannels (0x005f) +#define SigIeSuppChannels (0x0061) uint32_t dot11f_unpack_ie_supp_operating_classes(tpAniSirGlobal pCtx, @@ -6097,7 +6796,7 @@ uint32_t dot11f_unpack_ie_supp_operating_classes(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_supp_operating_classes. */ -#define SigIeSuppOperatingClasses (0x0060) +#define SigIeSuppOperatingClasses (0x0062) uint32_t dot11f_unpack_ie_supp_rates(tpAniSirGlobal pCtx, @@ -6130,7 +6829,7 @@ uint32_t dot11f_unpack_ie_supp_rates(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_supp_rates. */ -#define SigIeSuppRates (0x0061) +#define SigIeSuppRates (0x0063) uint32_t dot11f_unpack_ie_tim(tpAniSirGlobal pCtx, @@ -6144,20 +6843,26 @@ uint32_t dot11f_unpack_ie_tim(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->dtim_count = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->dtim_period = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->bmpctl = *pBuf; pBuf += 1; @@ -6173,7 +6878,7 @@ uint32_t dot11f_unpack_ie_tim(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_tim. */ -#define SigIeTIM (0x0062) +#define SigIeTIM (0x0064) uint32_t dot11f_unpack_ie_tpc_report(tpAniSirGlobal pCtx, @@ -6187,21 +6892,25 @@ uint32_t dot11f_unpack_ie_tpc_report(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->tx_power = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->link_margin = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_tpc_report. */ -#define SigIeTPCReport (0x0063) +#define SigIeTPCReport (0x0065) uint32_t dot11f_unpack_ie_tpc_request(tpAniSirGlobal pCtx, @@ -6219,7 +6928,7 @@ uint32_t dot11f_unpack_ie_tpc_request(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_tpc_request. */ -#define SigIeTPCRequest (0x0064) +#define SigIeTPCRequest (0x0066) uint32_t dot11f_unpack_ie_time_advertisement(tpAniSirGlobal pCtx, @@ -6233,27 +6942,33 @@ uint32_t dot11f_unpack_ie_time_advertisement(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->timing_capabilities = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 10)) + if (unlikely(ielen < 10)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->time_value, pBuf, 10); pBuf += 10; ielen -= (uint8_t)10; - if (unlikely(ielen < 5)) + if (unlikely(ielen < 5)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->time_error, pBuf, 5); (void)pCtx; return status; } /* End dot11f_unpack_ie_time_advertisement. */ -#define SigIeTimeAdvertisement (0x0065) +#define SigIeTimeAdvertisement (0x0067) uint32_t dot11f_unpack_ie_timeout_interval(tpAniSirGlobal pCtx, @@ -6267,21 +6982,25 @@ uint32_t dot11f_unpack_ie_timeout_interval(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->timeoutType = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohl(pCtx, &pDst->timeoutValue, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_timeout_interval. */ -#define SigIeTimeoutInterval (0x0066) +#define SigIeTimeoutInterval (0x0068) uint32_t dot11f_unpack_ie_vht_ext_bss_load(tpAniSirGlobal pCtx, @@ -6295,39 +7014,49 @@ uint32_t dot11f_unpack_ie_vht_ext_bss_load(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->muMIMOCapStaCount = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->ssUnderUtil = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->FortyMHzUtil = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->EightyMHzUtil = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->OneSixtyMHzUtil = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_vht_ext_bss_load. */ -#define SigIeVHTExtBssLoad (0x0067) +#define SigIeVHTExtBssLoad (0x0069) uint32_t dot11f_unpack_ie_vendor1_ie(tpAniSirGlobal pCtx, @@ -6345,7 +7074,7 @@ uint32_t dot11f_unpack_ie_vendor1_ie(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_vendor1_ie. */ -#define SigIeVendor1IE (0x0068) +#define SigIeVendor1IE (0x006a) uint32_t dot11f_unpack_ie_vendor3_ie(tpAniSirGlobal pCtx, @@ -6363,7 +7092,7 @@ uint32_t dot11f_unpack_ie_vendor3_ie(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_vendor3_ie. */ -#define SigIeVendor3IE (0x0069) +#define SigIeVendor3IE (0x006b) uint32_t dot11f_unpack_ie_wapi(tpAniSirGlobal pCtx, @@ -6373,13 +7102,15 @@ uint32_t dot11f_unpack_ie_wapi(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint16_t tmp58__; + uint16_t tmp59__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->version, pBuf, 0); pBuf += 2; @@ -6388,14 +7119,18 @@ uint32_t dot11f_unpack_ie_wapi(tpAniSirGlobal pCtx, pDst->present = 0; return status | DOT11F_BAD_FIXED_VALUE; } - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->akm_suite_count, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < pDst->akm_suite_count * 4)) + if (unlikely(ielen < pDst->akm_suite_count * 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } if (pDst->akm_suite_count > 4) { pDst->present = 0; @@ -6405,14 +7140,18 @@ uint32_t dot11f_unpack_ie_wapi(tpAniSirGlobal pCtx, DOT11F_MEMCPY(pCtx, pDst->akm_suites, pBuf, (pDst->akm_suite_count * 4)); pBuf += (pDst->akm_suite_count * 4); ielen -= (pDst->akm_suite_count * 4); - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->unicast_cipher_suite_count, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < pDst->unicast_cipher_suite_count * 4)) + if (unlikely(ielen < pDst->unicast_cipher_suite_count * 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } if (pDst->unicast_cipher_suite_count > 4) { pDst->present = 0; @@ -6422,33 +7161,41 @@ uint32_t dot11f_unpack_ie_wapi(tpAniSirGlobal pCtx, DOT11F_MEMCPY(pCtx, pDst->unicast_cipher_suites, pBuf, (pDst->unicast_cipher_suite_count * 4)); pBuf += (pDst->unicast_cipher_suite_count * 4); ielen -= (pDst->unicast_cipher_suite_count * 4); - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->multicast_cipher_suite, pBuf, 4); pBuf += 4; ielen -= (uint8_t)4; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - framesntohs(pCtx, &tmp58__, pBuf, 0); + framesntohs(pCtx, &tmp59__, pBuf, 0); pBuf += 2; ielen -= 2; - pDst->preauth = tmp58__ >> 0 & 0x1; - pDst->reserved = tmp58__ >> 1 & 0x7fff; + pDst->preauth = tmp59__ >> 0 & 0x1; + pDst->reserved = tmp59__ >> 1 & 0x7fff; if (!ielen) { pDst->bkid_count = 0U; return 0U; } else { - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->bkid_count, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; } - if (unlikely(ielen < pDst->bkid_count * 16)) + if (unlikely(ielen < pDst->bkid_count * 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } if (pDst->bkid_count > 4) { pDst->present = 0; @@ -6460,7 +7207,7 @@ uint32_t dot11f_unpack_ie_wapi(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wapi. */ -#define SigIeWAPI (0x006a) +#define SigIeWAPI (0x006c) uint32_t dot11f_unpack_ie_wapi_opaque(tpAniSirGlobal pCtx, @@ -6485,7 +7232,7 @@ uint32_t dot11f_unpack_ie_wapi_opaque(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wapi_opaque. */ -#define SigIeWAPIOpaque (0x006b) +#define SigIeWAPIOpaque (0x006d) uint32_t dot11f_unpack_ie_wfatpc(tpAniSirGlobal pCtx, @@ -6499,21 +7246,25 @@ uint32_t dot11f_unpack_ie_wfatpc(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->txPower = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->linkMargin = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_wfatpc. */ -#define SigIeWFATPC (0x006c) +#define SigIeWFATPC (0x006e) uint32_t dot11f_unpack_ie_wfdie_opaque(tpAniSirGlobal pCtx, @@ -6538,7 +7289,7 @@ uint32_t dot11f_unpack_ie_wfdie_opaque(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wfdie_opaque. */ -#define SigIeWFDIEOpaque (0x006d) +#define SigIeWFDIEOpaque (0x006f) uint32_t dot11f_unpack_ie_wmm_caps(tpAniSirGlobal pCtx, @@ -6548,13 +7299,15 @@ uint32_t dot11f_unpack_ie_wmm_caps(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp59__; + uint8_t tmp60__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; pBuf += 1; @@ -6563,20 +7316,22 @@ uint32_t dot11f_unpack_ie_wmm_caps(tpAniSirGlobal pCtx, pDst->present = 0; return status | DOT11F_BAD_FIXED_VALUE; } - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp59__ = *pBuf; - pDst->reserved = tmp59__ >> 0 & 0xf; - pDst->qack = tmp59__ >> 4 & 0x1; - pDst->queue_request = tmp59__ >> 5 & 0x1; - pDst->txop_request = tmp59__ >> 6 & 0x1; - pDst->more_ack = tmp59__ >> 7 & 0x1; + tmp60__ = *pBuf; + pDst->reserved = tmp60__ >> 0 & 0xf; + pDst->qack = tmp60__ >> 4 & 0x1; + pDst->queue_request = tmp60__ >> 5 & 0x1; + pDst->txop_request = tmp60__ >> 6 & 0x1; + pDst->more_ack = tmp60__ >> 7 & 0x1; (void)pCtx; return status; } /* End dot11f_unpack_ie_wmm_caps. */ -#define SigIeWMMCaps (0x006e) +#define SigIeWMMCaps (0x0070) uint32_t dot11f_unpack_ie_wmm_info_ap(tpAniSirGlobal pCtx, @@ -6586,29 +7341,33 @@ uint32_t dot11f_unpack_ie_wmm_info_ap(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp60__; + uint8_t tmp61__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp60__ = *pBuf; - pDst->param_set_count = tmp60__ >> 0 & 0xf; - pDst->reserved = tmp60__ >> 4 & 0x7; - pDst->uapsd = tmp60__ >> 7 & 0x1; + tmp61__ = *pBuf; + pDst->param_set_count = tmp61__ >> 0 & 0xf; + pDst->reserved = tmp61__ >> 4 & 0x7; + pDst->uapsd = tmp61__ >> 7 & 0x1; (void)pCtx; return status; } /* End dot11f_unpack_ie_wmm_info_ap. */ -#define SigIeWMMInfoAp (0x006f) +#define SigIeWMMInfoAp (0x0071) uint32_t dot11f_unpack_ie_wmm_info_station(tpAniSirGlobal pCtx, @@ -6618,33 +7377,37 @@ uint32_t dot11f_unpack_ie_wmm_info_station(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp61__; + uint8_t tmp62__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp61__ = *pBuf; - pDst->acvo_uapsd = tmp61__ >> 0 & 0x1; - pDst->acvi_uapsd = tmp61__ >> 1 & 0x1; - pDst->acbk_uapsd = tmp61__ >> 2 & 0x1; - pDst->acbe_uapsd = tmp61__ >> 3 & 0x1; - pDst->reserved1 = tmp61__ >> 4 & 0x1; - pDst->max_sp_length = tmp61__ >> 5 & 0x3; - pDst->reserved2 = tmp61__ >> 7 & 0x1; + tmp62__ = *pBuf; + pDst->acvo_uapsd = tmp62__ >> 0 & 0x1; + pDst->acvi_uapsd = tmp62__ >> 1 & 0x1; + pDst->acbk_uapsd = tmp62__ >> 2 & 0x1; + pDst->acbe_uapsd = tmp62__ >> 3 & 0x1; + pDst->reserved1 = tmp62__ >> 4 & 0x1; + pDst->max_sp_length = tmp62__ >> 5 & 0x3; + pDst->reserved2 = tmp62__ >> 7 & 0x1; (void)pCtx; return status; } /* End dot11f_unpack_ie_wmm_info_station. */ -#define SigIeWMMInfoStation (0x0070) +#define SigIeWMMInfoStation (0x0072) uint32_t dot11f_unpack_ie_wmm_params(tpAniSirGlobal pCtx, @@ -6654,7 +7417,6 @@ uint32_t dot11f_unpack_ie_wmm_params(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp62__; uint8_t tmp63__; uint8_t tmp64__; uint8_t tmp65__; @@ -6662,12 +7424,15 @@ uint32_t dot11f_unpack_ie_wmm_params(tpAniSirGlobal pCtx, uint8_t tmp67__; uint8_t tmp68__; uint8_t tmp69__; + uint8_t tmp70__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->version = *pBuf; pBuf += 1; @@ -6676,117 +7441,145 @@ uint32_t dot11f_unpack_ie_wmm_params(tpAniSirGlobal pCtx, pDst->present = 0; return status | DOT11F_BAD_FIXED_VALUE; } - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->qosInfo = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->reserved2 = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp62__ = *pBuf; + tmp63__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acbe_aifsn = tmp62__ >> 0 & 0xf; - pDst->acbe_acm = tmp62__ >> 4 & 0x1; - pDst->acbe_aci = tmp62__ >> 5 & 0x3; - pDst->unused1 = tmp62__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->acbe_aifsn = tmp63__ >> 0 & 0xf; + pDst->acbe_acm = tmp63__ >> 4 & 0x1; + pDst->acbe_aci = tmp63__ >> 5 & 0x3; + pDst->unused1 = tmp63__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp63__ = *pBuf; + tmp64__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acbe_acwmin = tmp63__ >> 0 & 0xf; - pDst->acbe_acwmax = tmp63__ >> 4 & 0xf; - if (unlikely(ielen < 2)) + pDst->acbe_acwmin = tmp64__ >> 0 & 0xf; + pDst->acbe_acwmax = tmp64__ >> 4 & 0xf; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->acbe_txoplimit, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp64__ = *pBuf; + tmp65__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acbk_aifsn = tmp64__ >> 0 & 0xf; - pDst->acbk_acm = tmp64__ >> 4 & 0x1; - pDst->acbk_aci = tmp64__ >> 5 & 0x3; - pDst->unused2 = tmp64__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->acbk_aifsn = tmp65__ >> 0 & 0xf; + pDst->acbk_acm = tmp65__ >> 4 & 0x1; + pDst->acbk_aci = tmp65__ >> 5 & 0x3; + pDst->unused2 = tmp65__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp65__ = *pBuf; + tmp66__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acbk_acwmin = tmp65__ >> 0 & 0xf; - pDst->acbk_acwmax = tmp65__ >> 4 & 0xf; - if (unlikely(ielen < 2)) + pDst->acbk_acwmin = tmp66__ >> 0 & 0xf; + pDst->acbk_acwmax = tmp66__ >> 4 & 0xf; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->acbk_txoplimit, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp66__ = *pBuf; + tmp67__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acvi_aifsn = tmp66__ >> 0 & 0xf; - pDst->acvi_acm = tmp66__ >> 4 & 0x1; - pDst->acvi_aci = tmp66__ >> 5 & 0x3; - pDst->unused3 = tmp66__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->acvi_aifsn = tmp67__ >> 0 & 0xf; + pDst->acvi_acm = tmp67__ >> 4 & 0x1; + pDst->acvi_aci = tmp67__ >> 5 & 0x3; + pDst->unused3 = tmp67__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp67__ = *pBuf; + tmp68__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acvi_acwmin = tmp67__ >> 0 & 0xf; - pDst->acvi_acwmax = tmp67__ >> 4 & 0xf; - if (unlikely(ielen < 2)) + pDst->acvi_acwmin = tmp68__ >> 0 & 0xf; + pDst->acvi_acwmax = tmp68__ >> 4 & 0xf; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->acvi_txoplimit, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp68__ = *pBuf; + tmp69__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acvo_aifsn = tmp68__ >> 0 & 0xf; - pDst->acvo_acm = tmp68__ >> 4 & 0x1; - pDst->acvo_aci = tmp68__ >> 5 & 0x3; - pDst->unused4 = tmp68__ >> 7 & 0x1; - if (unlikely(ielen < 1)) + pDst->acvo_aifsn = tmp69__ >> 0 & 0xf; + pDst->acvo_acm = tmp69__ >> 4 & 0x1; + pDst->acvo_aci = tmp69__ >> 5 & 0x3; + pDst->unused4 = tmp69__ >> 7 & 0x1; + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp69__ = *pBuf; + tmp70__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->acvo_acwmin = tmp69__ >> 0 & 0xf; - pDst->acvo_acwmax = tmp69__ >> 4 & 0xf; - if (unlikely(ielen < 2)) + pDst->acvo_acwmin = tmp70__ >> 0 & 0xf; + pDst->acvo_acwmax = tmp70__ >> 4 & 0xf; + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->acvo_txoplimit, pBuf, 0); (void)pCtx; return status; } /* End dot11f_unpack_ie_wmm_params. */ -#define SigIeWMMParams (0x0071) +#define SigIeWMMParams (0x0073) uint32_t dot11f_unpack_ie_wpa(tpAniSirGlobal pCtx, @@ -6800,8 +7593,10 @@ uint32_t dot11f_unpack_ie_wpa(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->version, pBuf, 0); pBuf += 2; @@ -6817,8 +7612,10 @@ uint32_t dot11f_unpack_ie_wpa(tpAniSirGlobal pCtx, return 0U; } else { pDst->multicast_cipher_present = 1U; - if (unlikely(ielen < 4)) + if (unlikely(ielen < 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->multicast_cipher, pBuf, 4); pBuf += 4; @@ -6829,15 +7626,19 @@ uint32_t dot11f_unpack_ie_wpa(tpAniSirGlobal pCtx, pDst->auth_suite_count = 0U; return 0U; } else { - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->unicast_cipher_count, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; } - if (unlikely(ielen < pDst->unicast_cipher_count * 4)) + if (unlikely(ielen < pDst->unicast_cipher_count * 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } if (pDst->unicast_cipher_count > 4) { pDst->present = 0; @@ -6851,15 +7652,19 @@ uint32_t dot11f_unpack_ie_wpa(tpAniSirGlobal pCtx, pDst->auth_suite_count = 0U; return 0U; } else { - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->auth_suite_count, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; } - if (unlikely(ielen < pDst->auth_suite_count * 4)) + if (unlikely(ielen < pDst->auth_suite_count * 4)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } if (pDst->auth_suite_count > 4) { pDst->present = 0; @@ -6872,8 +7677,10 @@ uint32_t dot11f_unpack_ie_wpa(tpAniSirGlobal pCtx, if (!ielen) { return 0U; } else { - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->caps, pBuf, 0); } @@ -6881,7 +7688,7 @@ uint32_t dot11f_unpack_ie_wpa(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wpa. */ -#define SigIeWPA (0x0072) +#define SigIeWPA (0x0074) uint32_t dot11f_unpack_ie_wpa_opaque(tpAniSirGlobal pCtx, @@ -6906,7 +7713,7 @@ uint32_t dot11f_unpack_ie_wpa_opaque(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wpa_opaque. */ -#define SigIeWPAOpaque (0x0073) +#define SigIeWPAOpaque (0x0075) static const tTLVDefn TLVS_WSC[] = { @@ -6997,7 +7804,7 @@ uint32_t dot11f_unpack_ie_wsc(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wsc. */ -#define SigIeWSC (0x0074) +#define SigIeWSC (0x0076) static const tTLVDefn TLVS_WscAssocReq[] = { @@ -7029,7 +7836,7 @@ uint32_t dot11f_unpack_ie_wsc_assoc_req(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wsc_assoc_req. */ -#define SigIeWscAssocReq (0x0075) +#define SigIeWscAssocReq (0x0077) static const tTLVDefn TLVS_WscAssocRes[] = { @@ -7061,7 +7868,7 @@ uint32_t dot11f_unpack_ie_wsc_assoc_res(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wsc_assoc_res. */ -#define SigIeWscAssocRes (0x0076) +#define SigIeWscAssocRes (0x0078) static const tTLVDefn TLVS_WscBeacon[] = { @@ -7114,7 +7921,7 @@ uint32_t dot11f_unpack_ie_wsc_beacon(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wsc_beacon. */ -#define SigIeWscBeacon (0x0077) +#define SigIeWscBeacon (0x0079) static const tTLVDefn TLVS_WscBeaconProbeRes[] = { @@ -7192,7 +7999,7 @@ uint32_t dot11f_unpack_ie_wsc_beacon_probe_res(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wsc_beacon_probe_res. */ -#define SigIeWscBeaconProbeRes (0x0078) +#define SigIeWscBeaconProbeRes (0x007a) uint32_t dot11f_unpack_ie_wsc_ie_opaque(tpAniSirGlobal pCtx, @@ -7217,7 +8024,7 @@ uint32_t dot11f_unpack_ie_wsc_ie_opaque(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wsc_ie_opaque. */ -#define SigIeWscIEOpaque (0x0079) +#define SigIeWscIEOpaque (0x007b) static const tTLVDefn TLVS_WscProbeReq[] = { @@ -7290,7 +8097,7 @@ uint32_t dot11f_unpack_ie_wsc_probe_req(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wsc_probe_req. */ -#define SigIeWscProbeReq (0x007a) +#define SigIeWscProbeReq (0x007c) static const tTLVDefn TLVS_WscProbeRes[] = { @@ -7368,7 +8175,7 @@ uint32_t dot11f_unpack_ie_wsc_probe_res(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wsc_probe_res. */ -#define SigIeWscProbeRes (0x007b) +#define SigIeWscProbeRes (0x007d) static const tTLVDefn TLVS_WscReassocRes[] = { @@ -7400,7 +8207,7 @@ uint32_t dot11f_unpack_ie_wsc_reassoc_res(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_wsc_reassoc_res. */ -#define SigIeWscReassocRes (0x007c) +#define SigIeWscReassocRes (0x007e) uint32_t dot11f_unpack_ie_dh_parameter_element(tpAniSirGlobal pCtx, @@ -7414,8 +8221,10 @@ uint32_t dot11f_unpack_ie_dh_parameter_element(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->group, pBuf, 2); pBuf += 2; @@ -7426,7 +8235,7 @@ uint32_t dot11f_unpack_ie_dh_parameter_element(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_dh_parameter_element. */ -#define SigIedh_parameter_element (0x007d) +#define SigIedh_parameter_element (0x007f) uint32_t dot11f_unpack_ie_ext_chan_switch_ann(tpAniSirGlobal pCtx, @@ -7440,33 +8249,41 @@ uint32_t dot11f_unpack_ie_ext_chan_switch_ann(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->switch_mode = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->new_reg_class = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->new_channel = *pBuf; pBuf += 1; ielen -= (uint8_t)1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->switch_count = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_ext_chan_switch_ann. */ -#define SigIeext_chan_switch_ann (0x007e) +#define SigIeext_chan_switch_ann (0x0080) uint32_t dot11f_unpack_ie_fils_assoc_delay_info(tpAniSirGlobal pCtx, @@ -7480,15 +8297,17 @@ uint32_t dot11f_unpack_ie_fils_assoc_delay_info(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->assoc_delay_info = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_fils_assoc_delay_info. */ -#define SigIefils_assoc_delay_info (0x007f) +#define SigIefils_assoc_delay_info (0x0081) uint32_t dot11f_unpack_ie_fils_hlp_container(tpAniSirGlobal pCtx, @@ -7502,14 +8321,18 @@ uint32_t dot11f_unpack_ie_fils_hlp_container(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->dest_mac, pBuf, 6); pBuf += 6; ielen -= (uint8_t)6; - if (unlikely(ielen < 6)) + if (unlikely(ielen < 6)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->src_mac, pBuf, 6); pBuf += 6; @@ -7520,7 +8343,7 @@ uint32_t dot11f_unpack_ie_fils_hlp_container(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_fils_hlp_container. */ -#define SigIefils_hlp_container (0x0080) +#define SigIefils_hlp_container (0x0082) uint32_t dot11f_unpack_ie_fils_indication(tpAniSirGlobal pCtx, @@ -7530,33 +8353,35 @@ uint32_t dot11f_unpack_ie_fils_indication(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint16_t tmp70__; + uint16_t tmp71__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - framesntohs(pCtx, &tmp70__, pBuf, 0); + framesntohs(pCtx, &tmp71__, pBuf, 0); pBuf += 2; ielen -= 2; - pDst->public_key_identifiers_cnt = tmp70__ >> 0 & 0x7; - pDst->realm_identifiers_cnt = tmp70__ >> 3 & 0x7; - pDst->is_ip_config_supported = tmp70__ >> 6 & 0x1; - pDst->is_cache_id_present = tmp70__ >> 7 & 0x1; - pDst->is_hessid_present = tmp70__ >> 8 & 0x1; - pDst->is_fils_sk_auth_supported = tmp70__ >> 9 & 0x1; - pDst->is_fils_sk_auth_pfs_supported = tmp70__ >> 10 & 0x1; - pDst->is_pk_auth_supported = tmp70__ >> 11 & 0x1; - pDst->reserved = tmp70__ >> 12 & 0xf; + pDst->public_key_identifiers_cnt = tmp71__ >> 0 & 0x7; + pDst->realm_identifiers_cnt = tmp71__ >> 3 & 0x7; + pDst->is_ip_config_supported = tmp71__ >> 6 & 0x1; + pDst->is_cache_id_present = tmp71__ >> 7 & 0x1; + pDst->is_hessid_present = tmp71__ >> 8 & 0x1; + pDst->is_fils_sk_auth_supported = tmp71__ >> 9 & 0x1; + pDst->is_fils_sk_auth_pfs_supported = tmp71__ >> 10 & 0x1; + pDst->is_pk_auth_supported = tmp71__ >> 11 & 0x1; + pDst->reserved = tmp71__ >> 12 & 0xf; pDst->num_variable_data = (uint8_t)(ielen); DOT11F_MEMCPY(pCtx, pDst->variable_data, pBuf, (ielen)); (void)pCtx; return status; } /* End dot11f_unpack_ie_fils_indication. */ -#define SigIefils_indication (0x0081) +#define SigIefils_indication (0x0083) uint32_t dot11f_unpack_ie_fils_kde(tpAniSirGlobal pCtx, @@ -7570,8 +8395,10 @@ uint32_t dot11f_unpack_ie_fils_kde(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->key_rsc, pBuf, 8); pBuf += 8; @@ -7582,7 +8409,7 @@ uint32_t dot11f_unpack_ie_fils_kde(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_fils_kde. */ -#define SigIefils_kde (0x0082) +#define SigIefils_kde (0x0084) uint32_t dot11f_unpack_ie_fils_key_confirmation(tpAniSirGlobal pCtx, @@ -7602,7 +8429,7 @@ uint32_t dot11f_unpack_ie_fils_key_confirmation(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_fils_key_confirmation. */ -#define SigIefils_key_confirmation (0x0083) +#define SigIefils_key_confirmation (0x0085) uint32_t dot11f_unpack_ie_fils_nonce(tpAniSirGlobal pCtx, @@ -7616,15 +8443,17 @@ uint32_t dot11f_unpack_ie_fils_nonce(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 16)) + if (unlikely(ielen < 16)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->nonce, pBuf, 16); (void)pCtx; return status; } /* End dot11f_unpack_ie_fils_nonce. */ -#define SigIefils_nonce (0x0084) +#define SigIefils_nonce (0x0086) uint32_t dot11f_unpack_ie_fils_public_key(tpAniSirGlobal pCtx, @@ -7638,8 +8467,10 @@ uint32_t dot11f_unpack_ie_fils_public_key(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->key_type = *pBuf; pBuf += 1; @@ -7650,7 +8481,7 @@ uint32_t dot11f_unpack_ie_fils_public_key(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_fils_public_key. */ -#define SigIefils_public_key (0x0085) +#define SigIefils_public_key (0x0087) uint32_t dot11f_unpack_ie_fils_session(tpAniSirGlobal pCtx, @@ -7664,15 +8495,17 @@ uint32_t dot11f_unpack_ie_fils_session(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 8)) + if (unlikely(ielen < 8)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } DOT11F_MEMCPY(pCtx, pDst->session, pBuf, 8); (void)pCtx; return status; } /* End dot11f_unpack_ie_fils_session. */ -#define SigIefils_session (0x0086) +#define SigIefils_session (0x0088) uint32_t dot11f_unpack_ie_fils_wrapped_data(tpAniSirGlobal pCtx, @@ -7692,7 +8525,7 @@ uint32_t dot11f_unpack_ie_fils_wrapped_data(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_fils_wrapped_data. */ -#define SigIefils_wrapped_data (0x0087) +#define SigIefils_wrapped_data (0x0089) uint32_t dot11f_unpack_ie_fragment_ie(tpAniSirGlobal pCtx, @@ -7712,7 +8545,7 @@ uint32_t dot11f_unpack_ie_fragment_ie(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_fragment_ie. */ -#define SigIefragment_ie (0x0088) +#define SigIefragment_ie (0x008a) uint32_t dot11f_unpack_ie_hs20vendor_ie(tpAniSirGlobal pCtx, @@ -7722,36 +8555,42 @@ uint32_t dot11f_unpack_ie_hs20vendor_ie(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp71__; + uint8_t tmp72__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp71__ = *pBuf; + tmp72__ = *pBuf; pBuf += 1; ielen -= 1; - pDst->dgaf_dis = tmp71__ >> 0 & 0x1; - pDst->hs_id_present = tmp71__ >> 1 & 0x3; - pDst->reserved = tmp71__ >> 3 & 0x1; - pDst->release_num = tmp71__ >> 4 & 0xf; + pDst->dgaf_dis = tmp72__ >> 0 & 0x1; + pDst->hs_id_present = tmp72__ >> 1 & 0x3; + pDst->reserved = tmp72__ >> 3 & 0x1; + pDst->release_num = tmp72__ >> 4 & 0xf; if (!ielen) { return 0U; } else { switch (pDst->hs_id_present) { case 1: - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->hs_id.pps_mo.pps_mo_id, pBuf, 0); pBuf += 2; ielen -= (uint8_t)2; break; case 2: - if (unlikely(ielen < 2)) + if (unlikely(ielen < 2)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } framesntohs(pCtx, &pDst->hs_id.anqp_domain.anqp_domain_id, pBuf, 0); pBuf += 2; @@ -7763,7 +8602,7 @@ uint32_t dot11f_unpack_ie_hs20vendor_ie(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_hs20vendor_ie. */ -#define SigIehs20vendor_ie (0x0089) +#define SigIehs20vendor_ie (0x008b) uint32_t dot11f_unpack_ie_ht2040_bss_coexistence(tpAniSirGlobal pCtx, @@ -7773,26 +8612,28 @@ uint32_t dot11f_unpack_ie_ht2040_bss_coexistence(tpAniSirGlobal pCtx, bool append_ie) { uint32_t status = DOT11F_PARSE_SUCCESS; - uint8_t tmp72__; + uint8_t tmp73__; (void) pBuf; (void)ielen; /* Shutup the compiler */ if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } - tmp72__ = *pBuf; - pDst->info_request = tmp72__ >> 0 & 0x1; - pDst->forty_mhz_intolerant = tmp72__ >> 1 & 0x1; - pDst->twenty_mhz_bsswidth_req = tmp72__ >> 2 & 0x1; - pDst->obss_scan_exemption_req = tmp72__ >> 3 & 0x1; - pDst->obss_scan_exemption_grant = tmp72__ >> 4 & 0x1; - pDst->unused = tmp72__ >> 5 & 0x7; + tmp73__ = *pBuf; + pDst->info_request = tmp73__ >> 0 & 0x1; + pDst->forty_mhz_intolerant = tmp73__ >> 1 & 0x1; + pDst->twenty_mhz_bsswidth_req = tmp73__ >> 2 & 0x1; + pDst->obss_scan_exemption_req = tmp73__ >> 3 & 0x1; + pDst->obss_scan_exemption_grant = tmp73__ >> 4 & 0x1; + pDst->unused = tmp73__ >> 5 & 0x7; (void)pCtx; return status; } /* End dot11f_unpack_ie_ht2040_bss_coexistence. */ -#define SigIeht2040_bss_coexistence (0x008a) +#define SigIeht2040_bss_coexistence (0x008c) uint32_t dot11f_unpack_ie_ht2040_bss_intolerant_report(tpAniSirGlobal pCtx, @@ -7806,8 +8647,10 @@ uint32_t dot11f_unpack_ie_ht2040_bss_intolerant_report(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->operating_class = *pBuf; pBuf += 1; @@ -7823,7 +8666,7 @@ uint32_t dot11f_unpack_ie_ht2040_bss_intolerant_report(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_ht2040_bss_intolerant_report. */ -#define SigIeht2040_bss_intolerant_report (0x008b) +#define SigIeht2040_bss_intolerant_report (0x008d) uint32_t dot11f_unpack_ie_osen_ie(tpAniSirGlobal pCtx, @@ -7843,7 +8686,7 @@ uint32_t dot11f_unpack_ie_osen_ie(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_osen_ie. */ -#define SigIeosen_ie (0x008c) +#define SigIeosen_ie (0x008e) uint32_t dot11f_unpack_ie_sec_chan_offset_ele(tpAniSirGlobal pCtx, @@ -7857,15 +8700,17 @@ uint32_t dot11f_unpack_ie_sec_chan_offset_ele(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->secondaryChannelOffset = *pBuf; (void)pCtx; return status; } /* End dot11f_unpack_ie_sec_chan_offset_ele. */ -#define SigIesec_chan_offset_ele (0x008d) +#define SigIesec_chan_offset_ele (0x008f) static const tFFDefn FFS_vendor_vht_ie[] = { @@ -7894,8 +8739,10 @@ uint32_t dot11f_unpack_ie_vendor_vht_ie(tpAniSirGlobal pCtx, if (pDst->present) status = DOT11F_DUPLICATE_IE; pDst->present = 1; - if (unlikely(ielen < 1)) + if (unlikely(ielen < 1)) { + pDst->present = 0; return DOT11F_INCOMPLETE_IE; + } pDst->sub_type = *pBuf; pBuf += 1; @@ -7912,7 +8759,7 @@ uint32_t dot11f_unpack_ie_vendor_vht_ie(tpAniSirGlobal pCtx, return status; } /* End dot11f_unpack_ie_vendor_vht_ie. */ -#define SigIevendor_vht_ie (0x008e) +#define SigIevendor_vht_ie (0x0090) static const tFFDefn FFS_AddTSRequest[] = { @@ -11574,6 +12421,26 @@ static uint32_t unpack_core(tpAniSirGlobal pCtx, countOffset), append_ie); break; + case SigIebeacon_report_frm_body_fragment_id: + status |= + dot11f_unpack_ie_beacon_report_frm_body_fragment_id( + pCtx, pBufRemaining, len, + (tDot11fIEbeacon_report_frm_body_fragment_id *) + (pFrm + pIe->offset + + sizeof(tDot11fIEbeacon_report_frm_body_fragment_id) * + countOffset), + append_ie); + break; + case SigIelast_beacon_report_indication: + status |= + dot11f_unpack_ie_last_beacon_report_indication( + pCtx, pBufRemaining, len, + (tDot11fIElast_beacon_report_indication *) + (pFrm + pIe->offset + + sizeof(tDot11fIElast_beacon_report_indication) * + countOffset), + append_ie); + break; case SigIemax_age: status |= dot11f_unpack_ie_max_age( @@ -12160,7 +13027,7 @@ static uint32_t unpack_core(tpAniSirGlobal pCtx, append_ie); break; case SigIeRICDataDesc: - /* reset the pointers back since this is a container IE and it doesnt have its own EID and Len. */ + /* reset the pointers back since this is a container IE and it doesn't have its own EID and Len. */ pBufRemaining -= 2; nBufRemaining += 2; if (pIe && pIe->noui) { @@ -14734,6 +15601,20 @@ static uint32_t get_packed_size_core(tpAniSirGlobal pCtx, (pFrm + pIe->offset + offset * i))-> present; break; + case SigIebeacon_report_frm_body_fragment_id: + offset = sizeof(tDot11fIEbeacon_report_frm_body_fragment_id); + byteCount = 2; + pIePresent = ((tDot11fIEbeacon_report_frm_body_fragment_id *) + (pFrm + pIe->offset + offset * i))-> + present; + break; + case SigIelast_beacon_report_indication: + offset = sizeof(tDot11fIElast_beacon_report_indication); + byteCount = 1; + pIePresent = ((tDot11fIElast_beacon_report_indication *) + (pFrm + pIe->offset + offset * i))-> + present; + break; case SigIemax_age: offset = sizeof(tDot11fIEmax_age); byteCount = 2; @@ -15189,7 +16070,7 @@ static uint32_t get_packed_size_core(tpAniSirGlobal pCtx, break; case SigIeRICDataDesc: offset = sizeof(tDot11fIERICDataDesc); - pnNeeded -= 2 ; /* Subtract the length and Oui as this is our container IE to group Ies and it doesnt have its own length and OUI. */ + pnNeeded -= 2 ; /* Subtract the length and Oui as this is our container IE to group Ies and it doesn't have its own length and OUI. */ status |= dot11f_get_packed_ieric_data_desc( pCtx, (tDot11fIERICDataDesc *) @@ -15943,25 +16824,25 @@ void dot11f_pack_ff_capabilities(tpAniSirGlobal pCtx, tDot11fFfCapabilities *pSrc, uint8_t *pBuf) { - uint16_t tmp73__; - tmp73__ = 0U; - tmp73__ |= (pSrc->ess << 0); - tmp73__ |= (pSrc->ibss << 1); - tmp73__ |= (pSrc->cfPollable << 2); - tmp73__ |= (pSrc->cfPollReq << 3); - tmp73__ |= (pSrc->privacy << 4); - tmp73__ |= (pSrc->shortPreamble << 5); - tmp73__ |= (pSrc->pbcc << 6); - tmp73__ |= (pSrc->channelAgility << 7); - tmp73__ |= (pSrc->spectrumMgt << 8); - tmp73__ |= (pSrc->qos << 9); - tmp73__ |= (pSrc->shortSlotTime << 10); - tmp73__ |= (pSrc->apsd << 11); - tmp73__ |= (pSrc->rrm << 12); - tmp73__ |= (pSrc->dsssOfdm << 13); - tmp73__ |= (pSrc->delayedBA << 14); - tmp73__ |= (pSrc->immediateBA << 15); - frameshtons(pCtx, pBuf, tmp73__, 0); + uint16_t tmp74__; + tmp74__ = 0U; + tmp74__ |= (pSrc->ess << 0); + tmp74__ |= (pSrc->ibss << 1); + tmp74__ |= (pSrc->cfPollable << 2); + tmp74__ |= (pSrc->cfPollReq << 3); + tmp74__ |= (pSrc->privacy << 4); + tmp74__ |= (pSrc->shortPreamble << 5); + tmp74__ |= (pSrc->pbcc << 6); + tmp74__ |= (pSrc->channelAgility << 7); + tmp74__ |= (pSrc->spectrumMgt << 8); + tmp74__ |= (pSrc->qos << 9); + tmp74__ |= (pSrc->shortSlotTime << 10); + tmp74__ |= (pSrc->apsd << 11); + tmp74__ |= (pSrc->rrm << 12); + tmp74__ |= (pSrc->dsssOfdm << 13); + tmp74__ |= (pSrc->delayedBA << 14); + tmp74__ |= (pSrc->immediateBA << 15); + frameshtons(pCtx, pBuf, tmp74__, 0); (void)pCtx; } /* End dot11f_pack_ff_capabilities. */ @@ -16025,13 +16906,13 @@ void dot11f_pack_ff_operating_mode(tpAniSirGlobal pCtx, tDot11fFfOperatingMode *pSrc, uint8_t *pBuf) { - uint8_t tmp74__; - tmp74__ = 0U; - tmp74__ |= (pSrc->chanWidth << 0); - tmp74__ |= (pSrc->reserved << 2); - tmp74__ |= (pSrc->rxNSS << 4); - tmp74__ |= (pSrc->rxNSSType << 7); - *pBuf = tmp74__; + uint8_t tmp75__; + tmp75__ = 0U; + tmp75__ |= (pSrc->chanWidth << 0); + tmp75__ |= (pSrc->reserved << 2); + tmp75__ |= (pSrc->rxNSS << 4); + tmp75__ |= (pSrc->rxNSSType << 7); + *pBuf = tmp75__; (void)pCtx; } /* End dot11f_pack_ff_operating_mode. */ @@ -16071,12 +16952,12 @@ void dot11f_pack_ff_sm_power_mode_set(tpAniSirGlobal pCtx, tDot11fFfSMPowerModeSet *pSrc, uint8_t *pBuf) { - uint8_t tmp75__; - tmp75__ = 0U; - tmp75__ |= (pSrc->PowerSave_En << 0); - tmp75__ |= (pSrc->Mode << 1); - tmp75__ |= (pSrc->reserved << 2); - *pBuf = tmp75__; + uint8_t tmp76__; + tmp76__ = 0U; + tmp76__ |= (pSrc->PowerSave_En << 0); + tmp76__ |= (pSrc->Mode << 1); + tmp76__ |= (pSrc->reserved << 2); + *pBuf = tmp76__; (void)pCtx; } /* End dot11f_pack_ff_sm_power_mode_set. */ @@ -16116,19 +16997,19 @@ void dot11f_pack_ff_ts_info(tpAniSirGlobal pCtx, tDot11fFfTSInfo *pSrc, uint8_t *pBuf) { - uint32_t tmp76__; - tmp76__ = 0U; - tmp76__ |= (pSrc->traffic_type << 0); - tmp76__ |= (pSrc->tsid << 1); - tmp76__ |= (pSrc->direction << 5); - tmp76__ |= (pSrc->access_policy << 7); - tmp76__ |= (pSrc->aggregation << 9); - tmp76__ |= (pSrc->psb << 10); - tmp76__ |= (pSrc->user_priority << 11); - tmp76__ |= (pSrc->tsinfo_ack_pol << 14); - tmp76__ |= (pSrc->schedule << 16); - tmp76__ |= (pSrc->unused << 17); - frameshtonl(pCtx, pBuf, tmp76__, 0); + uint32_t tmp77__; + tmp77__ = 0U; + tmp77__ |= (pSrc->traffic_type << 0); + tmp77__ |= (pSrc->tsid << 1); + tmp77__ |= (pSrc->direction << 5); + tmp77__ |= (pSrc->access_policy << 7); + tmp77__ |= (pSrc->aggregation << 9); + tmp77__ |= (pSrc->psb << 10); + tmp77__ |= (pSrc->user_priority << 11); + tmp77__ |= (pSrc->tsinfo_ack_pol << 14); + tmp77__ |= (pSrc->schedule << 16); + tmp77__ |= (pSrc->unused << 17); + frameshtonl(pCtx, pBuf, tmp77__, 0); (void)pCtx; } /* End dot11f_pack_ff_ts_info. */ @@ -16184,13 +17065,13 @@ void dot11f_pack_ff_ext_chan_switch_ann_action(tpAniSirGlobal pCtx, tDot11fFfext_chan_switch_ann_action *pSrc, uint8_t *pBuf) { - uint32_t tmp77__; - tmp77__ = 0U; - tmp77__ |= (pSrc->switch_mode << 0); - tmp77__ |= (pSrc->op_class << 8); - tmp77__ |= (pSrc->new_channel << 16); - tmp77__ |= (pSrc->switch_count << 24); - frameshtonl(pCtx, pBuf, tmp77__, 0); + uint32_t tmp78__; + tmp78__ = 0U; + tmp78__ |= (pSrc->switch_mode << 0); + tmp78__ |= (pSrc->op_class << 8); + tmp78__ |= (pSrc->new_channel << 16); + tmp78__ |= (pSrc->switch_count << 24); + frameshtonl(pCtx, pBuf, tmp78__, 0); (void)pCtx; } /* End dot11f_pack_ff_ext_chan_switch_ann_action. */ @@ -16277,7 +17158,7 @@ uint32_t dot11f_pack_tlv_version2(tpAniSirGlobal pCtx, uint8_t *pTlvLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp78__; + uint8_t tmp79__; nNeeded += 3; if (nNeeded > nBuf) return DOT11F_BUFFER_OVERFLOW; @@ -16286,13 +17167,13 @@ uint32_t dot11f_pack_tlv_version2(tpAniSirGlobal pCtx, pBuf += 1; *pnConsumed += 1; pTlvLen = pBuf; pBuf += 1; *pnConsumed += 1; - tmp78__ = 0U; - tmp78__ |= (pSrc->minor << 0); - tmp78__ |= (pSrc->major << 4); + tmp79__ = 0U; + tmp79__ |= (pSrc->minor << 0); + tmp79__ |= (pSrc->major << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp78__; + *pBuf = tmp79__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -17249,7 +18130,7 @@ uint32_t dot11f_pack_tlv_version(tpAniSirGlobal pCtx, uint8_t *pTlvLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp79__; + uint8_t tmp80__; nNeeded += 5; if (nNeeded > nBuf) return DOT11F_BUFFER_OVERFLOW; @@ -17258,13 +18139,13 @@ uint32_t dot11f_pack_tlv_version(tpAniSirGlobal pCtx, pBuf += 2; *pnConsumed += 2; pTlvLen = pBuf; pBuf += 2; *pnConsumed += 2; - tmp79__ = 0U; - tmp79__ |= (pSrc->minor << 0); - tmp79__ |= (pSrc->major << 4); + tmp80__ = 0U; + tmp80__ |= (pSrc->minor << 0); + tmp80__ |= (pSrc->major << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp79__; + *pBuf = tmp80__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -17493,7 +18374,7 @@ uint32_t dot11f_pack_tlv_oce_cap(tpAniSirGlobal pCtx, uint8_t *pTlvLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp80__; + uint8_t tmp81__; nNeeded += 3; if (nNeeded > nBuf) return DOT11F_BUFFER_OVERFLOW; @@ -17502,15 +18383,15 @@ uint32_t dot11f_pack_tlv_oce_cap(tpAniSirGlobal pCtx, pBuf += 1; *pnConsumed += 1; pTlvLen = pBuf; pBuf += 1; *pnConsumed += 1; - tmp80__ = 0U; - tmp80__ |= (pSrc->oce_release << 0); - tmp80__ |= (pSrc->is_sta_cfon << 3); - tmp80__ |= (pSrc->non_oce_ap_present << 4); - tmp80__ |= (pSrc->reserved << 5); + tmp81__ = 0U; + tmp81__ |= (pSrc->oce_release << 0); + tmp81__ |= (pSrc->is_sta_cfon << 3); + tmp81__ |= (pSrc->non_oce_ap_present << 4); + tmp81__ |= (pSrc->reserved << 5); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp80__; + *pBuf = tmp81__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -17532,7 +18413,7 @@ uint32_t dot11f_pack_tlv_reduced_wan_metrics(tpAniSirGlobal pCtx, uint8_t *pTlvLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp81__; + uint8_t tmp82__; nNeeded += 3; if (nNeeded > nBuf) return DOT11F_BUFFER_OVERFLOW; @@ -17541,13 +18422,13 @@ uint32_t dot11f_pack_tlv_reduced_wan_metrics(tpAniSirGlobal pCtx, pBuf += 1; *pnConsumed += 1; pTlvLen = pBuf; pBuf += 1; *pnConsumed += 1; - tmp81__ = 0U; - tmp81__ |= (pSrc->downlink_av_cap << 0); - tmp81__ |= (pSrc->uplink_av_cap << 4); + tmp82__ = 0U; + tmp82__ |= (pSrc->downlink_av_cap << 0); + tmp82__ |= (pSrc->uplink_av_cap << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp81__; + *pBuf = tmp82__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -17717,7 +18598,7 @@ uint32_t dot11f_pack_ie_gtk(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint16_t tmp82__; + uint16_t tmp83__; nNeeded += (pSrc->num_key + 11); while (pSrc->present) { if (nNeeded > nBuf) @@ -17726,13 +18607,13 @@ uint32_t dot11f_pack_ie_gtk(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp82__ = 0U; - tmp82__ |= (pSrc->keyId << 0); - tmp82__ |= (pSrc->reserved << 2); + tmp83__ = 0U; + tmp83__ |= (pSrc->keyId << 0); + tmp83__ |= (pSrc->reserved << 2); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp82__, 0); + frameshtons(pCtx, pBuf, tmp83__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; @@ -18141,11 +19022,11 @@ uint32_t dot11f_pack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp83__; uint8_t tmp84__; uint8_t tmp85__; uint8_t tmp86__; uint8_t tmp87__; + uint8_t tmp88__; nNeeded += 5; while (pSrc->present) { if (nNeeded > nBuf) @@ -18154,31 +19035,15 @@ uint32_t dot11f_pack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp83__ = 0U; - tmp83__ |= (pSrc->LinkMeasurement << 0); - tmp83__ |= (pSrc->NeighborRpt << 1); - tmp83__ |= (pSrc->parallel << 2); - tmp83__ |= (pSrc->repeated << 3); - tmp83__ |= (pSrc->BeaconPassive << 4); - tmp83__ |= (pSrc->BeaconActive << 5); - tmp83__ |= (pSrc->BeaconTable << 6); - tmp83__ |= (pSrc->BeaconRepCond << 7); - if (unlikely(nBuf < 1)) - return DOT11F_INCOMPLETE_IE; - - *pBuf = tmp83__; - *pnConsumed += 1; - pBuf += 1; - nBuf -= 1 ; tmp84__ = 0U; - tmp84__ |= (pSrc->FrameMeasurement << 0); - tmp84__ |= (pSrc->ChannelLoad << 1); - tmp84__ |= (pSrc->NoiseHistogram << 2); - tmp84__ |= (pSrc->statistics << 3); - tmp84__ |= (pSrc->LCIMeasurement << 4); - tmp84__ |= (pSrc->LCIAzimuth << 5); - tmp84__ |= (pSrc->TCMCapability << 6); - tmp84__ |= (pSrc->triggeredTCM << 7); + tmp84__ |= (pSrc->LinkMeasurement << 0); + tmp84__ |= (pSrc->NeighborRpt << 1); + tmp84__ |= (pSrc->parallel << 2); + tmp84__ |= (pSrc->repeated << 3); + tmp84__ |= (pSrc->BeaconPassive << 4); + tmp84__ |= (pSrc->BeaconActive << 5); + tmp84__ |= (pSrc->BeaconTable << 6); + tmp84__ |= (pSrc->BeaconRepCond << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; @@ -18187,10 +19052,14 @@ uint32_t dot11f_pack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, pBuf += 1; nBuf -= 1 ; tmp85__ = 0U; - tmp85__ |= (pSrc->APChanReport << 0); - tmp85__ |= (pSrc->RRMMIBEnabled << 1); - tmp85__ |= (pSrc->operatingChanMax << 2); - tmp85__ |= (pSrc->nonOperatinChanMax << 5); + tmp85__ |= (pSrc->FrameMeasurement << 0); + tmp85__ |= (pSrc->ChannelLoad << 1); + tmp85__ |= (pSrc->NoiseHistogram << 2); + tmp85__ |= (pSrc->statistics << 3); + tmp85__ |= (pSrc->LCIMeasurement << 4); + tmp85__ |= (pSrc->LCIAzimuth << 5); + tmp85__ |= (pSrc->TCMCapability << 6); + tmp85__ |= (pSrc->triggeredTCM << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; @@ -18199,12 +19068,10 @@ uint32_t dot11f_pack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, pBuf += 1; nBuf -= 1 ; tmp86__ = 0U; - tmp86__ |= (pSrc->MeasurementPilot << 0); - tmp86__ |= (pSrc->MeasurementPilotEnabled << 3); - tmp86__ |= (pSrc->NeighborTSFOffset << 4); - tmp86__ |= (pSrc->RCPIMeasurement << 5); - tmp86__ |= (pSrc->RSNIMeasurement << 6); - tmp86__ |= (pSrc->BssAvgAccessDelay << 7); + tmp86__ |= (pSrc->APChanReport << 0); + tmp86__ |= (pSrc->RRMMIBEnabled << 1); + tmp86__ |= (pSrc->operatingChanMax << 2); + tmp86__ |= (pSrc->nonOperatinChanMax << 5); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; @@ -18213,16 +19080,30 @@ uint32_t dot11f_pack_ie_rrm_enabled_cap(tpAniSirGlobal pCtx, pBuf += 1; nBuf -= 1 ; tmp87__ = 0U; - tmp87__ |= (pSrc->BSSAvailAdmission << 0); - tmp87__ |= (pSrc->AntennaInformation << 1); - tmp87__ |= (pSrc->fine_time_meas_rpt << 2); - tmp87__ |= (pSrc->lci_capability << 3); - tmp87__ |= (pSrc->reserved << 4); + tmp87__ |= (pSrc->MeasurementPilot << 0); + tmp87__ |= (pSrc->MeasurementPilotEnabled << 3); + tmp87__ |= (pSrc->NeighborTSFOffset << 4); + tmp87__ |= (pSrc->RCPIMeasurement << 5); + tmp87__ |= (pSrc->RSNIMeasurement << 6); + tmp87__ |= (pSrc->BssAvgAccessDelay << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; *pBuf = tmp87__; *pnConsumed += 1; + pBuf += 1; + nBuf -= 1 ; + tmp88__ = 0U; + tmp88__ |= (pSrc->BSSAvailAdmission << 0); + tmp88__ |= (pSrc->AntennaInformation << 1); + tmp88__ |= (pSrc->fine_time_meas_rpt << 2); + tmp88__ |= (pSrc->lci_capability << 3); + tmp88__ |= (pSrc->reserved << 4); + if (unlikely(nBuf < 1)) + return DOT11F_INCOMPLETE_IE; + + *pBuf = tmp88__; + *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; break; @@ -18301,7 +19182,7 @@ uint32_t dot11f_pack_ie_schedule(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint16_t tmp88__; + uint16_t tmp89__; nNeeded += 14; while (pSrc->present) { if (nNeeded > nBuf) @@ -18310,15 +19191,15 @@ uint32_t dot11f_pack_ie_schedule(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp88__ = 0U; - tmp88__ |= (pSrc->aggregation << 0); - tmp88__ |= (pSrc->tsid << 1); - tmp88__ |= (pSrc->direction << 5); - tmp88__ |= (pSrc->reserved << 7); + tmp89__ = 0U; + tmp89__ |= (pSrc->aggregation << 0); + tmp89__ |= (pSrc->tsid << 1); + tmp89__ |= (pSrc->direction << 5); + tmp89__ |= (pSrc->reserved << 7); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp88__, 0); + frameshtons(pCtx, pBuf, tmp89__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; @@ -18545,9 +19426,9 @@ uint32_t dot11f_pack_ie_tspec(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint16_t tmp89__; - uint8_t tmp90__; - uint16_t tmp91__; + uint16_t tmp90__; + uint8_t tmp91__; + uint16_t tmp92__; nNeeded += 55; while (pSrc->present) { if (nNeeded > nBuf) @@ -18556,39 +19437,39 @@ uint32_t dot11f_pack_ie_tspec(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp89__ = 0U; - tmp89__ |= (pSrc->traffic_type << 0); - tmp89__ |= (pSrc->tsid << 1); - tmp89__ |= (pSrc->direction << 5); - tmp89__ |= (pSrc->access_policy << 7); - tmp89__ |= (pSrc->aggregation << 9); - tmp89__ |= (pSrc->psb << 10); - tmp89__ |= (pSrc->user_priority << 11); - tmp89__ |= (pSrc->tsinfo_ack_pol << 14); + tmp90__ = 0U; + tmp90__ |= (pSrc->traffic_type << 0); + tmp90__ |= (pSrc->tsid << 1); + tmp90__ |= (pSrc->direction << 5); + tmp90__ |= (pSrc->access_policy << 7); + tmp90__ |= (pSrc->aggregation << 9); + tmp90__ |= (pSrc->psb << 10); + tmp90__ |= (pSrc->user_priority << 11); + tmp90__ |= (pSrc->tsinfo_ack_pol << 14); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp89__, 0); + frameshtons(pCtx, pBuf, tmp90__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; - tmp90__ = 0U; - tmp90__ |= (pSrc->schedule << 0); - tmp90__ |= (pSrc->unused << 1); + tmp91__ = 0U; + tmp91__ |= (pSrc->schedule << 0); + tmp91__ |= (pSrc->unused << 1); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp90__; + *pBuf = tmp91__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp91__ = 0U; - tmp91__ |= (pSrc->size << 0); - tmp91__ |= (pSrc->fixed << 15); + tmp92__ = 0U; + tmp92__ |= (pSrc->size << 0); + tmp92__ |= (pSrc->fixed << 15); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp91__, 0); + frameshtons(pCtx, pBuf, tmp92__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; @@ -18652,9 +19533,9 @@ uint32_t dot11f_pack_ie_vht_caps(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint32_t tmp92__; - uint16_t tmp93__; + uint32_t tmp93__; uint16_t tmp94__; + uint16_t tmp95__; nNeeded += 12; while (pSrc->present) { if (nNeeded > nBuf) @@ -18663,57 +19544,57 @@ uint32_t dot11f_pack_ie_vht_caps(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp92__ = 0U; - tmp92__ |= (pSrc->maxMPDULen << 0); - tmp92__ |= (pSrc->supportedChannelWidthSet << 2); - tmp92__ |= (pSrc->ldpcCodingCap << 4); - tmp92__ |= (pSrc->shortGI80MHz << 5); - tmp92__ |= (pSrc->shortGI160and80plus80MHz << 6); - tmp92__ |= (pSrc->txSTBC << 7); - tmp92__ |= (pSrc->rxSTBC << 8); - tmp92__ |= (pSrc->suBeamFormerCap << 11); - tmp92__ |= (pSrc->suBeamformeeCap << 12); - tmp92__ |= (pSrc->csnofBeamformerAntSup << 13); - tmp92__ |= (pSrc->numSoundingDim << 16); - tmp92__ |= (pSrc->muBeamformerCap << 19); - tmp92__ |= (pSrc->muBeamformeeCap << 20); - tmp92__ |= (pSrc->vhtTXOPPS << 21); - tmp92__ |= (pSrc->htcVHTCap << 22); - tmp92__ |= (pSrc->maxAMPDULenExp << 23); - tmp92__ |= (pSrc->vhtLinkAdaptCap << 26); - tmp92__ |= (pSrc->rxAntPattern << 28); - tmp92__ |= (pSrc->txAntPattern << 29); - tmp92__ |= (pSrc->reserved1 << 30); + tmp93__ = 0U; + tmp93__ |= (pSrc->maxMPDULen << 0); + tmp93__ |= (pSrc->supportedChannelWidthSet << 2); + tmp93__ |= (pSrc->ldpcCodingCap << 4); + tmp93__ |= (pSrc->shortGI80MHz << 5); + tmp93__ |= (pSrc->shortGI160and80plus80MHz << 6); + tmp93__ |= (pSrc->txSTBC << 7); + tmp93__ |= (pSrc->rxSTBC << 8); + tmp93__ |= (pSrc->suBeamFormerCap << 11); + tmp93__ |= (pSrc->suBeamformeeCap << 12); + tmp93__ |= (pSrc->csnofBeamformerAntSup << 13); + tmp93__ |= (pSrc->numSoundingDim << 16); + tmp93__ |= (pSrc->muBeamformerCap << 19); + tmp93__ |= (pSrc->muBeamformeeCap << 20); + tmp93__ |= (pSrc->vhtTXOPPS << 21); + tmp93__ |= (pSrc->htcVHTCap << 22); + tmp93__ |= (pSrc->maxAMPDULenExp << 23); + tmp93__ |= (pSrc->vhtLinkAdaptCap << 26); + tmp93__ |= (pSrc->rxAntPattern << 28); + tmp93__ |= (pSrc->txAntPattern << 29); + tmp93__ |= (pSrc->reserved1 << 30); if (unlikely(nBuf < 4)) return DOT11F_INCOMPLETE_IE; - frameshtonl(pCtx, pBuf, tmp92__, 0); + frameshtonl(pCtx, pBuf, tmp93__, 0); *pnConsumed += 4; pBuf += 4; nBuf -= 4 ; frameshtons(pCtx, pBuf, pSrc->rxMCSMap, 0); *pnConsumed += 2; pBuf += 2; - tmp93__ = 0U; - tmp93__ |= (pSrc->rxHighSupDataRate << 0); - tmp93__ |= (pSrc->reserved2 << 13); + tmp94__ = 0U; + tmp94__ |= (pSrc->rxHighSupDataRate << 0); + tmp94__ |= (pSrc->reserved2 << 13); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp93__, 0); + frameshtons(pCtx, pBuf, tmp94__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; frameshtons(pCtx, pBuf, pSrc->txMCSMap, 0); *pnConsumed += 2; pBuf += 2; - tmp94__ = 0U; - tmp94__ |= (pSrc->txSupDataRate << 0); - tmp94__ |= (pSrc->reserved3 << 13); + tmp95__ = 0U; + tmp95__ |= (pSrc->txSupDataRate << 0); + tmp95__ |= (pSrc->reserved3 << 13); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp94__, 0); + frameshtons(pCtx, pBuf, tmp95__, 0); *pnConsumed += 2; /* fieldsEndFlag = 1 */ nBuf -= 2 ; @@ -18773,7 +19654,7 @@ uint32_t dot11f_pack_ie_wmm_schedule(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint16_t tmp95__; + uint16_t tmp96__; nNeeded += 15; while (pSrc->present) { if (nNeeded > nBuf) @@ -18795,15 +19676,15 @@ uint32_t dot11f_pack_ie_wmm_schedule(tpAniSirGlobal pCtx, *pBuf = pSrc->version; *pnConsumed += 1; pBuf += 1; - tmp95__ = 0U; - tmp95__ |= (pSrc->aggregation << 0); - tmp95__ |= (pSrc->tsid << 1); - tmp95__ |= (pSrc->direction << 5); - tmp95__ |= (pSrc->reserved << 7); + tmp96__ = 0U; + tmp96__ |= (pSrc->aggregation << 0); + tmp96__ |= (pSrc->tsid << 1); + tmp96__ |= (pSrc->direction << 5); + tmp96__ |= (pSrc->reserved << 7); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp95__, 0); + frameshtons(pCtx, pBuf, tmp96__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; @@ -19037,9 +19918,9 @@ uint32_t dot11f_pack_ie_wmmtspec(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint16_t tmp96__; - uint8_t tmp97__; - uint16_t tmp98__; + uint16_t tmp97__; + uint8_t tmp98__; + uint16_t tmp99__; nNeeded += 38; while (pSrc->present) { if (nNeeded > nBuf) @@ -19061,39 +19942,39 @@ uint32_t dot11f_pack_ie_wmmtspec(tpAniSirGlobal pCtx, *pBuf = pSrc->version; *pnConsumed += 1; pBuf += 1; - tmp96__ = 0U; - tmp96__ |= (pSrc->traffic_type << 0); - tmp96__ |= (pSrc->tsid << 1); - tmp96__ |= (pSrc->direction << 5); - tmp96__ |= (pSrc->access_policy << 7); - tmp96__ |= (pSrc->aggregation << 9); - tmp96__ |= (pSrc->psb << 10); - tmp96__ |= (pSrc->user_priority << 11); - tmp96__ |= (pSrc->tsinfo_ack_pol << 14); + tmp97__ = 0U; + tmp97__ |= (pSrc->traffic_type << 0); + tmp97__ |= (pSrc->tsid << 1); + tmp97__ |= (pSrc->direction << 5); + tmp97__ |= (pSrc->access_policy << 7); + tmp97__ |= (pSrc->aggregation << 9); + tmp97__ |= (pSrc->psb << 10); + tmp97__ |= (pSrc->user_priority << 11); + tmp97__ |= (pSrc->tsinfo_ack_pol << 14); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp96__, 0); + frameshtons(pCtx, pBuf, tmp97__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; - tmp97__ = 0U; - tmp97__ |= (pSrc->tsinfo_rsvd << 0); - tmp97__ |= (pSrc->burst_size_defn << 7); + tmp98__ = 0U; + tmp98__ |= (pSrc->tsinfo_rsvd << 0); + tmp98__ |= (pSrc->burst_size_defn << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp97__; + *pBuf = tmp98__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp98__ = 0U; - tmp98__ |= (pSrc->size << 0); - tmp98__ |= (pSrc->fixed << 15); + tmp99__ = 0U; + tmp99__ |= (pSrc->size << 0); + tmp99__ |= (pSrc->fixed << 15); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp98__, 0); + frameshtons(pCtx, pBuf, tmp99__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; @@ -19212,6 +20093,73 @@ uint32_t dot11f_pack_ie_azimuth_req(tpAniSirGlobal pCtx, return DOT11F_PARSE_SUCCESS; } /* End dot11f_pack_ie_azimuth_req. */ +uint32_t dot11f_pack_ie_beacon_report_frm_body_fragment_id(tpAniSirGlobal pCtx, + tDot11fIEbeacon_report_frm_body_fragment_id *pSrc, + uint8_t *pBuf, + uint32_t nBuf, + uint32_t *pnConsumed) +{ + uint8_t *pIeLen = 0; + uint32_t nConsumedOnEntry = *pnConsumed; + uint32_t nNeeded = 0U; + uint16_t tmp100__; + nNeeded += 2; + while (pSrc->present) { + if (nNeeded > nBuf) + return DOT11F_BUFFER_OVERFLOW; + *pBuf = 2; + ++pBuf; ++(*pnConsumed); + pIeLen = pBuf; + ++pBuf; ++(*pnConsumed); + tmp100__ = 0U; + tmp100__ |= (pSrc->beacon_report_id << 0); + tmp100__ |= (pSrc->fragment_id_number << 8); + tmp100__ |= (pSrc->more_fragments << 15); + if (unlikely(nBuf < 2)) + return DOT11F_INCOMPLETE_IE; + + frameshtons(pCtx, pBuf, tmp100__, 0); + *pnConsumed += 2; + /* fieldsEndFlag = 1 */ + nBuf -= 2 ; + break; + } + (void)pCtx; + if (pIeLen) { + *pIeLen = *pnConsumed - nConsumedOnEntry - 2; + } + return DOT11F_PARSE_SUCCESS; +} /* End dot11f_pack_ie_beacon_report_frm_body_fragment_id. */ + +uint32_t dot11f_pack_ie_last_beacon_report_indication(tpAniSirGlobal pCtx, + tDot11fIElast_beacon_report_indication *pSrc, + uint8_t *pBuf, + uint32_t nBuf, + uint32_t *pnConsumed) +{ + uint8_t *pIeLen = 0; + uint32_t nConsumedOnEntry = *pnConsumed; + uint32_t nNeeded = 0U; + nNeeded += 1; + while (pSrc->present) { + if (nNeeded > nBuf) + return DOT11F_BUFFER_OVERFLOW; + *pBuf = 164; + ++pBuf; ++(*pnConsumed); + pIeLen = pBuf; + ++pBuf; ++(*pnConsumed); + *pBuf = pSrc->last_fragment; + *pnConsumed += 1; + /* fieldsEndFlag = 1 */ + break; + } + (void)pCtx; + if (pIeLen) { + *pIeLen = *pnConsumed - nConsumedOnEntry - 2; + } + return DOT11F_PARSE_SUCCESS; +} /* End dot11f_pack_ie_last_beacon_report_indication. */ + uint32_t dot11f_pack_ie_max_age(tpAniSirGlobal pCtx, tDot11fIEmax_age *pSrc, uint8_t *pBuf, @@ -19250,8 +20198,8 @@ uint32_t dot11f_pack_ie_neighbor_rpt(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp99__; - uint8_t tmp100__; + uint8_t tmp101__; + uint8_t tmp102__; uint32_t status = DOT11F_PARSE_SUCCESS; status = dot11f_get_packed_ie_neighbor_rpt(pCtx, pSrc, &nNeeded); if (!DOT11F_SUCCEEDED(status)) @@ -19266,30 +20214,30 @@ uint32_t dot11f_pack_ie_neighbor_rpt(tpAniSirGlobal pCtx, DOT11F_MEMCPY(pCtx, pBuf, pSrc->bssid, 6); *pnConsumed += 6; pBuf += 6; - tmp99__ = 0U; - tmp99__ |= (pSrc->APReachability << 0); - tmp99__ |= (pSrc->Security << 2); - tmp99__ |= (pSrc->KeyScope << 3); - tmp99__ |= (pSrc->SpecMgmtCap << 4); - tmp99__ |= (pSrc->QosCap << 5); - tmp99__ |= (pSrc->apsd << 6); - tmp99__ |= (pSrc->rrm << 7); + tmp101__ = 0U; + tmp101__ |= (pSrc->APReachability << 0); + tmp101__ |= (pSrc->Security << 2); + tmp101__ |= (pSrc->KeyScope << 3); + tmp101__ |= (pSrc->SpecMgmtCap << 4); + tmp101__ |= (pSrc->QosCap << 5); + tmp101__ |= (pSrc->apsd << 6); + tmp101__ |= (pSrc->rrm << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp99__; + *pBuf = tmp101__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp100__ = 0U; - tmp100__ |= (pSrc->DelayedBA << 0); - tmp100__ |= (pSrc->ImmBA << 1); - tmp100__ |= (pSrc->MobilityDomain << 2); - tmp100__ |= (pSrc->reserved << 3); + tmp102__ = 0U; + tmp102__ |= (pSrc->DelayedBA << 0); + tmp102__ |= (pSrc->ImmBA << 1); + tmp102__ |= (pSrc->MobilityDomain << 2); + tmp102__ |= (pSrc->reserved << 3); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp100__; + *pBuf = tmp102__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -19652,14 +20600,14 @@ uint32_t dot11f_pack_ie_edca_param_set(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp101__; - uint8_t tmp102__; uint8_t tmp103__; uint8_t tmp104__; uint8_t tmp105__; uint8_t tmp106__; uint8_t tmp107__; uint8_t tmp108__; + uint8_t tmp109__; + uint8_t tmp110__; nNeeded += 18; while (pSrc->present) { if (nNeeded > nBuf) @@ -19674,100 +20622,100 @@ uint32_t dot11f_pack_ie_edca_param_set(tpAniSirGlobal pCtx, *pBuf = pSrc->reserved; *pnConsumed += 1; pBuf += 1; - tmp101__ = 0U; - tmp101__ |= (pSrc->acbe_aifsn << 0); - tmp101__ |= (pSrc->acbe_acm << 4); - tmp101__ |= (pSrc->acbe_aci << 5); - tmp101__ |= (pSrc->unused1 << 7); + tmp103__ = 0U; + tmp103__ |= (pSrc->acbe_aifsn << 0); + tmp103__ |= (pSrc->acbe_acm << 4); + tmp103__ |= (pSrc->acbe_aci << 5); + tmp103__ |= (pSrc->unused1 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp101__; + *pBuf = tmp103__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp102__ = 0U; - tmp102__ |= (pSrc->acbe_acwmin << 0); - tmp102__ |= (pSrc->acbe_acwmax << 4); + tmp104__ = 0U; + tmp104__ |= (pSrc->acbe_acwmin << 0); + tmp104__ |= (pSrc->acbe_acwmax << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp102__; + *pBuf = tmp104__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; frameshtons(pCtx, pBuf, pSrc->acbe_txoplimit, 0); *pnConsumed += 2; pBuf += 2; - tmp103__ = 0U; - tmp103__ |= (pSrc->acbk_aifsn << 0); - tmp103__ |= (pSrc->acbk_acm << 4); - tmp103__ |= (pSrc->acbk_aci << 5); - tmp103__ |= (pSrc->unused2 << 7); + tmp105__ = 0U; + tmp105__ |= (pSrc->acbk_aifsn << 0); + tmp105__ |= (pSrc->acbk_acm << 4); + tmp105__ |= (pSrc->acbk_aci << 5); + tmp105__ |= (pSrc->unused2 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp103__; + *pBuf = tmp105__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp104__ = 0U; - tmp104__ |= (pSrc->acbk_acwmin << 0); - tmp104__ |= (pSrc->acbk_acwmax << 4); + tmp106__ = 0U; + tmp106__ |= (pSrc->acbk_acwmin << 0); + tmp106__ |= (pSrc->acbk_acwmax << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp104__; + *pBuf = tmp106__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; frameshtons(pCtx, pBuf, pSrc->acbk_txoplimit, 0); *pnConsumed += 2; pBuf += 2; - tmp105__ = 0U; - tmp105__ |= (pSrc->acvi_aifsn << 0); - tmp105__ |= (pSrc->acvi_acm << 4); - tmp105__ |= (pSrc->acvi_aci << 5); - tmp105__ |= (pSrc->unused3 << 7); + tmp107__ = 0U; + tmp107__ |= (pSrc->acvi_aifsn << 0); + tmp107__ |= (pSrc->acvi_acm << 4); + tmp107__ |= (pSrc->acvi_aci << 5); + tmp107__ |= (pSrc->unused3 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp105__; + *pBuf = tmp107__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp106__ = 0U; - tmp106__ |= (pSrc->acvi_acwmin << 0); - tmp106__ |= (pSrc->acvi_acwmax << 4); + tmp108__ = 0U; + tmp108__ |= (pSrc->acvi_acwmin << 0); + tmp108__ |= (pSrc->acvi_acwmax << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp106__; + *pBuf = tmp108__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; frameshtons(pCtx, pBuf, pSrc->acvi_txoplimit, 0); *pnConsumed += 2; pBuf += 2; - tmp107__ = 0U; - tmp107__ |= (pSrc->acvo_aifsn << 0); - tmp107__ |= (pSrc->acvo_acm << 4); - tmp107__ |= (pSrc->acvo_aci << 5); - tmp107__ |= (pSrc->unused4 << 7); + tmp109__ = 0U; + tmp109__ |= (pSrc->acvo_aifsn << 0); + tmp109__ |= (pSrc->acvo_acm << 4); + tmp109__ |= (pSrc->acvo_aci << 5); + tmp109__ |= (pSrc->unused4 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp107__; + *pBuf = tmp109__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp108__ = 0U; - tmp108__ |= (pSrc->acvo_acwmin << 0); - tmp108__ |= (pSrc->acvo_acwmax << 4); + tmp110__ = 0U; + tmp110__ |= (pSrc->acvo_acwmin << 0); + tmp110__ |= (pSrc->acvo_acwmax << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp108__; + *pBuf = tmp110__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -19792,7 +20740,7 @@ uint32_t dot11f_pack_ie_erp_info(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp109__; + uint8_t tmp111__; nNeeded += 1; while (pSrc->present) { if (nNeeded > nBuf) @@ -19801,15 +20749,15 @@ uint32_t dot11f_pack_ie_erp_info(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp109__ = 0U; - tmp109__ |= (pSrc->non_erp_present << 0); - tmp109__ |= (pSrc->use_prot << 1); - tmp109__ |= (pSrc->barker_preamble << 2); - tmp109__ |= (pSrc->unused << 3); + tmp111__ = 0U; + tmp111__ |= (pSrc->non_erp_present << 0); + tmp111__ |= (pSrc->use_prot << 1); + tmp111__ |= (pSrc->barker_preamble << 2); + tmp111__ |= (pSrc->unused << 3); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp109__; + *pBuf = tmp111__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -19868,7 +20816,7 @@ uint32_t dot11f_pack_ie_ese_rad_mgmt_cap(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp110__; + uint8_t tmp112__; nNeeded += 2; while (pSrc->present) { if (nNeeded > nBuf) @@ -19888,13 +20836,13 @@ uint32_t dot11f_pack_ie_ese_rad_mgmt_cap(tpAniSirGlobal pCtx, *pBuf = pSrc->mgmt_state; *pnConsumed += 1; pBuf += 1; - tmp110__ = 0U; - tmp110__ |= (pSrc->mbssid_mask << 0); - tmp110__ |= (pSrc->reserved << 3); + tmp112__ = 0U; + tmp112__ |= (pSrc->mbssid_mask << 0); + tmp112__ |= (pSrc->reserved << 3); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp110__; + *pBuf = tmp112__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -20276,7 +21224,7 @@ uint32_t dot11f_pack_ie_ft_info(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint16_t tmp111__; + uint16_t tmp113__; uint32_t status = DOT11F_PARSE_SUCCESS; status = dot11f_get_packed_ieft_info(pCtx, pSrc, &nNeeded); if (!DOT11F_SUCCEEDED(status)) @@ -20288,13 +21236,13 @@ uint32_t dot11f_pack_ie_ft_info(tpAniSirGlobal pCtx, ++pBuf; --nBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; --nBuf; ++(*pnConsumed); - tmp111__ = 0U; - tmp111__ |= (pSrc->reserved << 0); - tmp111__ |= (pSrc->IECount << 8); + tmp113__ = 0U; + tmp113__ |= (pSrc->reserved << 0); + tmp113__ |= (pSrc->IECount << 8); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp111__, 0); + frameshtons(pCtx, pBuf, tmp113__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; @@ -20332,11 +21280,11 @@ uint32_t dot11f_pack_ie_ht_caps(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint16_t tmp112__; - uint8_t tmp113__; uint16_t tmp114__; - uint32_t tmp115__; - uint8_t tmp116__; + uint8_t tmp115__; + uint16_t tmp116__; + uint32_t tmp117__; + uint8_t tmp118__; nNeeded += (pSrc->num_rsvd + 26); while (pSrc->present) { if (nNeeded > nBuf) @@ -20345,92 +21293,92 @@ uint32_t dot11f_pack_ie_ht_caps(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp112__ = 0U; - tmp112__ |= (pSrc->advCodingCap << 0); - tmp112__ |= (pSrc->supportedChannelWidthSet << 1); - tmp112__ |= (pSrc->mimoPowerSave << 2); - tmp112__ |= (pSrc->greenField << 4); - tmp112__ |= (pSrc->shortGI20MHz << 5); - tmp112__ |= (pSrc->shortGI40MHz << 6); - tmp112__ |= (pSrc->txSTBC << 7); - tmp112__ |= (pSrc->rxSTBC << 8); - tmp112__ |= (pSrc->delayedBA << 10); - tmp112__ |= (pSrc->maximalAMSDUsize << 11); - tmp112__ |= (pSrc->dsssCckMode40MHz << 12); - tmp112__ |= (pSrc->psmp << 13); - tmp112__ |= (pSrc->stbcControlFrame << 14); - tmp112__ |= (pSrc->lsigTXOPProtection << 15); + tmp114__ = 0U; + tmp114__ |= (pSrc->advCodingCap << 0); + tmp114__ |= (pSrc->supportedChannelWidthSet << 1); + tmp114__ |= (pSrc->mimoPowerSave << 2); + tmp114__ |= (pSrc->greenField << 4); + tmp114__ |= (pSrc->shortGI20MHz << 5); + tmp114__ |= (pSrc->shortGI40MHz << 6); + tmp114__ |= (pSrc->txSTBC << 7); + tmp114__ |= (pSrc->rxSTBC << 8); + tmp114__ |= (pSrc->delayedBA << 10); + tmp114__ |= (pSrc->maximalAMSDUsize << 11); + tmp114__ |= (pSrc->dsssCckMode40MHz << 12); + tmp114__ |= (pSrc->psmp << 13); + tmp114__ |= (pSrc->stbcControlFrame << 14); + tmp114__ |= (pSrc->lsigTXOPProtection << 15); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp112__, 0); + frameshtons(pCtx, pBuf, tmp114__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; - tmp113__ = 0U; - tmp113__ |= (pSrc->maxRxAMPDUFactor << 0); - tmp113__ |= (pSrc->mpduDensity << 2); - tmp113__ |= (pSrc->reserved1 << 5); + tmp115__ = 0U; + tmp115__ |= (pSrc->maxRxAMPDUFactor << 0); + tmp115__ |= (pSrc->mpduDensity << 2); + tmp115__ |= (pSrc->reserved1 << 5); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp113__; + *pBuf = tmp115__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; DOT11F_MEMCPY(pCtx, pBuf, pSrc->supportedMCSSet, 16); *pnConsumed += 16; pBuf += 16; - tmp114__ = 0U; - tmp114__ |= (pSrc->pco << 0); - tmp114__ |= (pSrc->transitionTime << 1); - tmp114__ |= (pSrc->reserved2 << 3); - tmp114__ |= (pSrc->mcsFeedback << 8); - tmp114__ |= (pSrc->reserved3 << 10); + tmp116__ = 0U; + tmp116__ |= (pSrc->pco << 0); + tmp116__ |= (pSrc->transitionTime << 1); + tmp116__ |= (pSrc->reserved2 << 3); + tmp116__ |= (pSrc->mcsFeedback << 8); + tmp116__ |= (pSrc->reserved3 << 10); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp114__, 0); + frameshtons(pCtx, pBuf, tmp116__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; - tmp115__ = 0U; - tmp115__ |= (pSrc->txBF << 0); - tmp115__ |= (pSrc->rxStaggeredSounding << 1); - tmp115__ |= (pSrc->txStaggeredSounding << 2); - tmp115__ |= (pSrc->rxZLF << 3); - tmp115__ |= (pSrc->txZLF << 4); - tmp115__ |= (pSrc->implicitTxBF << 5); - tmp115__ |= (pSrc->calibration << 6); - tmp115__ |= (pSrc->explicitCSITxBF << 8); - tmp115__ |= (pSrc->explicitUncompressedSteeringMatrix << 9); - tmp115__ |= (pSrc->explicitBFCSIFeedback << 10); - tmp115__ |= (pSrc->explicitUncompressedSteeringMatrixFeedback << 13); - tmp115__ |= (pSrc->explicitCompressedSteeringMatrixFeedback << 16); - tmp115__ |= (pSrc->csiNumBFAntennae << 19); - tmp115__ |= (pSrc->uncompressedSteeringMatrixBFAntennae << 21); - tmp115__ |= (pSrc->compressedSteeringMatrixBFAntennae << 23); - tmp115__ |= (pSrc->reserved4 << 25); + tmp117__ = 0U; + tmp117__ |= (pSrc->txBF << 0); + tmp117__ |= (pSrc->rxStaggeredSounding << 1); + tmp117__ |= (pSrc->txStaggeredSounding << 2); + tmp117__ |= (pSrc->rxZLF << 3); + tmp117__ |= (pSrc->txZLF << 4); + tmp117__ |= (pSrc->implicitTxBF << 5); + tmp117__ |= (pSrc->calibration << 6); + tmp117__ |= (pSrc->explicitCSITxBF << 8); + tmp117__ |= (pSrc->explicitUncompressedSteeringMatrix << 9); + tmp117__ |= (pSrc->explicitBFCSIFeedback << 10); + tmp117__ |= (pSrc->explicitUncompressedSteeringMatrixFeedback << 13); + tmp117__ |= (pSrc->explicitCompressedSteeringMatrixFeedback << 16); + tmp117__ |= (pSrc->csiNumBFAntennae << 19); + tmp117__ |= (pSrc->uncompressedSteeringMatrixBFAntennae << 21); + tmp117__ |= (pSrc->compressedSteeringMatrixBFAntennae << 23); + tmp117__ |= (pSrc->reserved4 << 25); if (unlikely(nBuf < 4)) return DOT11F_INCOMPLETE_IE; - frameshtonl(pCtx, pBuf, tmp115__, 0); + frameshtonl(pCtx, pBuf, tmp117__, 0); *pnConsumed += 4; pBuf += 4; nBuf -= 4 ; - tmp116__ = 0U; - tmp116__ |= (pSrc->antennaSelection << 0); - tmp116__ |= (pSrc->explicitCSIFeedbackTx << 1); - tmp116__ |= (pSrc->antennaIndicesFeedbackTx << 2); - tmp116__ |= (pSrc->explicitCSIFeedback << 3); - tmp116__ |= (pSrc->antennaIndicesFeedback << 4); - tmp116__ |= (pSrc->rxAS << 5); - tmp116__ |= (pSrc->txSoundingPPDUs << 6); - tmp116__ |= (pSrc->reserved5 << 7); + tmp118__ = 0U; + tmp118__ |= (pSrc->antennaSelection << 0); + tmp118__ |= (pSrc->explicitCSIFeedbackTx << 1); + tmp118__ |= (pSrc->antennaIndicesFeedbackTx << 2); + tmp118__ |= (pSrc->explicitCSIFeedback << 3); + tmp118__ |= (pSrc->antennaIndicesFeedback << 4); + tmp118__ |= (pSrc->rxAS << 5); + tmp118__ |= (pSrc->txSoundingPPDUs << 6); + tmp118__ |= (pSrc->reserved5 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp116__; + *pBuf = tmp118__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -20455,9 +21403,9 @@ uint32_t dot11f_pack_ie_ht_info(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp117__; - uint16_t tmp118__; - uint16_t tmp119__; + uint8_t tmp119__; + uint16_t tmp120__; + uint16_t tmp121__; nNeeded += (pSrc->num_rsvd + 22); while (pSrc->present) { if (nNeeded > nBuf) @@ -20469,44 +21417,44 @@ uint32_t dot11f_pack_ie_ht_info(tpAniSirGlobal pCtx, *pBuf = pSrc->primaryChannel; *pnConsumed += 1; pBuf += 1; - tmp117__ = 0U; - tmp117__ |= (pSrc->secondaryChannelOffset << 0); - tmp117__ |= (pSrc->recommendedTxWidthSet << 2); - tmp117__ |= (pSrc->rifsMode << 3); - tmp117__ |= (pSrc->controlledAccessOnly << 4); - tmp117__ |= (pSrc->serviceIntervalGranularity << 5); + tmp119__ = 0U; + tmp119__ |= (pSrc->secondaryChannelOffset << 0); + tmp119__ |= (pSrc->recommendedTxWidthSet << 2); + tmp119__ |= (pSrc->rifsMode << 3); + tmp119__ |= (pSrc->controlledAccessOnly << 4); + tmp119__ |= (pSrc->serviceIntervalGranularity << 5); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp117__; + *pBuf = tmp119__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp118__ = 0U; - tmp118__ |= (pSrc->opMode << 0); - tmp118__ |= (pSrc->nonGFDevicesPresent << 2); - tmp118__ |= (pSrc->transmitBurstLimit << 3); - tmp118__ |= (pSrc->obssNonHTStaPresent << 4); - tmp118__ |= (pSrc->reserved << 5); + tmp120__ = 0U; + tmp120__ |= (pSrc->opMode << 0); + tmp120__ |= (pSrc->nonGFDevicesPresent << 2); + tmp120__ |= (pSrc->transmitBurstLimit << 3); + tmp120__ |= (pSrc->obssNonHTStaPresent << 4); + tmp120__ |= (pSrc->reserved << 5); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp118__, 0); + frameshtons(pCtx, pBuf, tmp120__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; - tmp119__ = 0U; - tmp119__ |= (pSrc->basicSTBCMCS << 0); - tmp119__ |= (pSrc->dualCTSProtection << 7); - tmp119__ |= (pSrc->secondaryBeacon << 8); - tmp119__ |= (pSrc->lsigTXOPProtectionFullSupport << 9); - tmp119__ |= (pSrc->pcoActive << 10); - tmp119__ |= (pSrc->pcoPhase << 11); - tmp119__ |= (pSrc->reserved2 << 12); + tmp121__ = 0U; + tmp121__ |= (pSrc->basicSTBCMCS << 0); + tmp121__ |= (pSrc->dualCTSProtection << 7); + tmp121__ |= (pSrc->secondaryBeacon << 8); + tmp121__ |= (pSrc->lsigTXOPProtectionFullSupport << 9); + tmp121__ |= (pSrc->pcoActive << 10); + tmp121__ |= (pSrc->pcoPhase << 11); + tmp121__ |= (pSrc->reserved2 << 12); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp119__, 0); + frameshtons(pCtx, pBuf, tmp121__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; @@ -20646,9 +21594,9 @@ uint32_t dot11f_pack_ie_measurement_report(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp120__; - uint8_t tmp121__; uint8_t tmp122__; + uint8_t tmp123__; + uint8_t tmp124__; uint32_t status = DOT11F_PARSE_SUCCESS; status = dot11f_get_packed_ie_measurement_report(pCtx, pSrc, &nNeeded); if (!DOT11F_SUCCEEDED(status)) @@ -20663,15 +21611,15 @@ uint32_t dot11f_pack_ie_measurement_report(tpAniSirGlobal pCtx, *pBuf = pSrc->token; *pnConsumed += 1; pBuf += 1; - tmp120__ = 0U; - tmp120__ |= (pSrc->late << 0); - tmp120__ |= (pSrc->incapable << 1); - tmp120__ |= (pSrc->refused << 2); - tmp120__ |= (pSrc->unused << 3); + tmp122__ = 0U; + tmp122__ |= (pSrc->late << 0); + tmp122__ |= (pSrc->incapable << 1); + tmp122__ |= (pSrc->refused << 2); + tmp122__ |= (pSrc->unused << 3); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp120__; + *pBuf = tmp122__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -20690,17 +21638,17 @@ uint32_t dot11f_pack_ie_measurement_report(tpAniSirGlobal pCtx, frameshtons(pCtx, pBuf, pSrc->report.Basic.meas_duration, 0); *pnConsumed += 2; pBuf += 2; - tmp121__ = 0U; - tmp121__ |= (pSrc->report.Basic.bss << 0); - tmp121__ |= (pSrc->report.Basic.ofdm_preamble << 1); - tmp121__ |= (pSrc->report.Basic.unid_signal << 2); - tmp121__ |= (pSrc->report.Basic.rader << 3); - tmp121__ |= (pSrc->report.Basic.unmeasured << 4); - tmp121__ |= (pSrc->report.Basic.unused << 5); + tmp123__ = 0U; + tmp123__ |= (pSrc->report.Basic.bss << 0); + tmp123__ |= (pSrc->report.Basic.ofdm_preamble << 1); + tmp123__ |= (pSrc->report.Basic.unid_signal << 2); + tmp123__ |= (pSrc->report.Basic.rader << 3); + tmp123__ |= (pSrc->report.Basic.unmeasured << 4); + tmp123__ |= (pSrc->report.Basic.unused << 5); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp121__; + *pBuf = tmp123__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -20767,13 +21715,13 @@ uint32_t dot11f_pack_ie_measurement_report(tpAniSirGlobal pCtx, frameshtons(pCtx, pBuf, pSrc->report.Beacon.meas_duration, 0); *pnConsumed += 2; pBuf += 2; - tmp122__ = 0U; - tmp122__ |= (pSrc->report.Beacon.condensed_PHY << 0); - tmp122__ |= (pSrc->report.Beacon.reported_frame_type << 7); + tmp124__ = 0U; + tmp124__ |= (pSrc->report.Beacon.condensed_PHY << 0); + tmp124__ |= (pSrc->report.Beacon.reported_frame_type << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp122__; + *pBuf = tmp124__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -20822,7 +21770,7 @@ uint32_t dot11f_pack_ie_measurement_request(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp123__; + uint8_t tmp125__; uint32_t status = DOT11F_PARSE_SUCCESS; status = dot11f_get_packed_ie_measurement_request(pCtx, pSrc, &nNeeded); if (!DOT11F_SUCCEEDED(status)) @@ -20837,17 +21785,17 @@ uint32_t dot11f_pack_ie_measurement_request(tpAniSirGlobal pCtx, *pBuf = pSrc->measurement_token; *pnConsumed += 1; pBuf += 1; - tmp123__ = 0U; - tmp123__ |= (pSrc->parallel << 0); - tmp123__ |= (pSrc->enable << 1); - tmp123__ |= (pSrc->request << 2); - tmp123__ |= (pSrc->report << 3); - tmp123__ |= (pSrc->durationMandatory << 4); - tmp123__ |= (pSrc->unused << 5); + tmp125__ = 0U; + tmp125__ |= (pSrc->parallel << 0); + tmp125__ |= (pSrc->enable << 1); + tmp125__ |= (pSrc->request << 2); + tmp125__ |= (pSrc->report << 3); + tmp125__ |= (pSrc->durationMandatory << 4); + tmp125__ |= (pSrc->unused << 5); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp123__; + *pBuf = tmp125__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -20961,7 +21909,7 @@ uint32_t dot11f_pack_ie_mobility_domain(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp124__; + uint8_t tmp126__; nNeeded += 3; while (pSrc->present) { if (nNeeded > nBuf) @@ -20973,14 +21921,14 @@ uint32_t dot11f_pack_ie_mobility_domain(tpAniSirGlobal pCtx, frameshtons(pCtx, pBuf, pSrc->MDID, 0); *pnConsumed += 2; pBuf += 2; - tmp124__ = 0U; - tmp124__ |= (pSrc->overDSCap << 0); - tmp124__ |= (pSrc->resourceReqCap << 1); - tmp124__ |= (pSrc->reserved << 2); + tmp126__ = 0U; + tmp126__ |= (pSrc->overDSCap << 0); + tmp126__ |= (pSrc->resourceReqCap << 1); + tmp126__ |= (pSrc->reserved << 2); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp124__; + *pBuf = tmp126__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -21002,8 +21950,8 @@ uint32_t dot11f_pack_ie_neighbor_report(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp125__; - uint8_t tmp126__; + uint8_t tmp127__; + uint8_t tmp128__; uint32_t status = DOT11F_PARSE_SUCCESS; status = dot11f_get_packed_ie_neighbor_report(pCtx, pSrc, &nNeeded); if (!DOT11F_SUCCEEDED(status)) @@ -21018,30 +21966,30 @@ uint32_t dot11f_pack_ie_neighbor_report(tpAniSirGlobal pCtx, DOT11F_MEMCPY(pCtx, pBuf, pSrc->bssid, 6); *pnConsumed += 6; pBuf += 6; - tmp125__ = 0U; - tmp125__ |= (pSrc->APReachability << 0); - tmp125__ |= (pSrc->Security << 2); - tmp125__ |= (pSrc->KeyScope << 3); - tmp125__ |= (pSrc->SpecMgmtCap << 4); - tmp125__ |= (pSrc->QosCap << 5); - tmp125__ |= (pSrc->apsd << 6); - tmp125__ |= (pSrc->rrm << 7); + tmp127__ = 0U; + tmp127__ |= (pSrc->APReachability << 0); + tmp127__ |= (pSrc->Security << 2); + tmp127__ |= (pSrc->KeyScope << 3); + tmp127__ |= (pSrc->SpecMgmtCap << 4); + tmp127__ |= (pSrc->QosCap << 5); + tmp127__ |= (pSrc->apsd << 6); + tmp127__ |= (pSrc->rrm << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp125__; + *pBuf = tmp127__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp126__ = 0U; - tmp126__ |= (pSrc->DelayedBA << 0); - tmp126__ |= (pSrc->ImmBA << 1); - tmp126__ |= (pSrc->MobilityDomain << 2); - tmp126__ |= (pSrc->reserved << 3); + tmp128__ = 0U; + tmp128__ |= (pSrc->DelayedBA << 0); + tmp128__ |= (pSrc->ImmBA << 1); + tmp128__ |= (pSrc->MobilityDomain << 2); + tmp128__ |= (pSrc->reserved << 3); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp126__; + *pBuf = tmp128__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -21129,7 +22077,7 @@ uint32_t dot11f_pack_ie_operating_mode(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp127__; + uint8_t tmp129__; nNeeded += 1; while (pSrc->present) { if (nNeeded > nBuf) @@ -21138,15 +22086,15 @@ uint32_t dot11f_pack_ie_operating_mode(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp127__ = 0U; - tmp127__ |= (pSrc->chanWidth << 0); - tmp127__ |= (pSrc->reserved << 2); - tmp127__ |= (pSrc->rxNSS << 4); - tmp127__ |= (pSrc->rxNSSType << 7); + tmp129__ = 0U; + tmp129__ |= (pSrc->chanWidth << 0); + tmp129__ |= (pSrc->reserved << 2); + tmp129__ |= (pSrc->rxNSS << 4); + tmp129__ |= (pSrc->rxNSSType << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp127__; + *pBuf = tmp129__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -21621,7 +22569,7 @@ uint32_t dot11f_pack_ie_pu_buffer_status(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp128__; + uint8_t tmp130__; nNeeded += 1; while (pSrc->present) { if (nNeeded > nBuf) @@ -21630,16 +22578,16 @@ uint32_t dot11f_pack_ie_pu_buffer_status(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp128__ = 0U; - tmp128__ |= (pSrc->ac_bk_traffic_aval << 0); - tmp128__ |= (pSrc->ac_be_traffic_aval << 1); - tmp128__ |= (pSrc->ac_vi_traffic_aval << 2); - tmp128__ |= (pSrc->ac_vo_traffic_aval << 3); - tmp128__ |= (pSrc->reserved << 4); + tmp130__ = 0U; + tmp130__ |= (pSrc->ac_bk_traffic_aval << 0); + tmp130__ |= (pSrc->ac_be_traffic_aval << 1); + tmp130__ |= (pSrc->ac_vi_traffic_aval << 2); + tmp130__ |= (pSrc->ac_vo_traffic_aval << 3); + tmp130__ |= (pSrc->reserved << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp128__; + *pBuf = tmp130__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -21832,7 +22780,7 @@ uint32_t dot11f_pack_ie_qos_caps_ap(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp129__; + uint8_t tmp131__; nNeeded += 1; while (pSrc->present) { if (nNeeded > nBuf) @@ -21841,16 +22789,16 @@ uint32_t dot11f_pack_ie_qos_caps_ap(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp129__ = 0U; - tmp129__ |= (pSrc->count << 0); - tmp129__ |= (pSrc->qack << 4); - tmp129__ |= (pSrc->qreq << 5); - tmp129__ |= (pSrc->txopreq << 6); - tmp129__ |= (pSrc->reserved << 7); + tmp131__ = 0U; + tmp131__ |= (pSrc->count << 0); + tmp131__ |= (pSrc->qack << 4); + tmp131__ |= (pSrc->qreq << 5); + tmp131__ |= (pSrc->txopreq << 6); + tmp131__ |= (pSrc->reserved << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp129__; + *pBuf = tmp131__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -21872,7 +22820,7 @@ uint32_t dot11f_pack_ie_qos_caps_station(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp130__; + uint8_t tmp132__; nNeeded += 1; while (pSrc->present) { if (nNeeded > nBuf) @@ -21881,18 +22829,18 @@ uint32_t dot11f_pack_ie_qos_caps_station(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp130__ = 0U; - tmp130__ |= (pSrc->acvo_uapsd << 0); - tmp130__ |= (pSrc->acvi_uapsd << 1); - tmp130__ |= (pSrc->acbk_uapsd << 2); - tmp130__ |= (pSrc->acbe_uapsd << 3); - tmp130__ |= (pSrc->qack << 4); - tmp130__ |= (pSrc->max_sp_length << 5); - tmp130__ |= (pSrc->more_data_ack << 7); + tmp132__ = 0U; + tmp132__ |= (pSrc->acvo_uapsd << 0); + tmp132__ |= (pSrc->acvi_uapsd << 1); + tmp132__ |= (pSrc->acbk_uapsd << 2); + tmp132__ |= (pSrc->acbe_uapsd << 3); + tmp132__ |= (pSrc->qack << 4); + tmp132__ |= (pSrc->max_sp_length << 5); + tmp132__ |= (pSrc->more_data_ack << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp130__; + *pBuf = tmp132__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -22533,7 +23481,7 @@ uint32_t dot11f_pack_ie_wapi(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint16_t tmp131__; + uint16_t tmp133__; uint32_t status = DOT11F_PARSE_SUCCESS; status = dot11f_get_packed_iewapi(pCtx, pSrc, &nNeeded); if (!DOT11F_SUCCEEDED(status)) @@ -22563,13 +23511,13 @@ uint32_t dot11f_pack_ie_wapi(tpAniSirGlobal pCtx, DOT11F_MEMCPY(pCtx, pBuf, pSrc->multicast_cipher_suite, 4); *pnConsumed += 4; pBuf += 4; - tmp131__ = 0U; - tmp131__ |= (pSrc->preauth << 0); - tmp131__ |= (pSrc->reserved << 1); + tmp133__ = 0U; + tmp133__ |= (pSrc->preauth << 0); + tmp133__ |= (pSrc->reserved << 1); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp131__, 0); + frameshtons(pCtx, pBuf, tmp133__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; @@ -22709,7 +23657,7 @@ uint32_t dot11f_pack_ie_wmm_caps(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp132__; + uint8_t tmp134__; nNeeded += 2; while (pSrc->present) { if (nNeeded > nBuf) @@ -22731,16 +23679,16 @@ uint32_t dot11f_pack_ie_wmm_caps(tpAniSirGlobal pCtx, *pBuf = pSrc->version; *pnConsumed += 1; pBuf += 1; - tmp132__ = 0U; - tmp132__ |= (pSrc->reserved << 0); - tmp132__ |= (pSrc->qack << 4); - tmp132__ |= (pSrc->queue_request << 5); - tmp132__ |= (pSrc->txop_request << 6); - tmp132__ |= (pSrc->more_ack << 7); + tmp134__ = 0U; + tmp134__ |= (pSrc->reserved << 0); + tmp134__ |= (pSrc->qack << 4); + tmp134__ |= (pSrc->queue_request << 5); + tmp134__ |= (pSrc->txop_request << 6); + tmp134__ |= (pSrc->more_ack << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp132__; + *pBuf = tmp134__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -22762,7 +23710,7 @@ uint32_t dot11f_pack_ie_wmm_info_ap(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp133__; + uint8_t tmp135__; nNeeded += 2; while (pSrc->present) { if (nNeeded > nBuf) @@ -22784,14 +23732,14 @@ uint32_t dot11f_pack_ie_wmm_info_ap(tpAniSirGlobal pCtx, *pBuf = pSrc->version; *pnConsumed += 1; pBuf += 1; - tmp133__ = 0U; - tmp133__ |= (pSrc->param_set_count << 0); - tmp133__ |= (pSrc->reserved << 4); - tmp133__ |= (pSrc->uapsd << 7); + tmp135__ = 0U; + tmp135__ |= (pSrc->param_set_count << 0); + tmp135__ |= (pSrc->reserved << 4); + tmp135__ |= (pSrc->uapsd << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp133__; + *pBuf = tmp135__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -22813,7 +23761,7 @@ uint32_t dot11f_pack_ie_wmm_info_station(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp134__; + uint8_t tmp136__; nNeeded += 2; while (pSrc->present) { if (nNeeded > nBuf) @@ -22835,18 +23783,18 @@ uint32_t dot11f_pack_ie_wmm_info_station(tpAniSirGlobal pCtx, *pBuf = pSrc->version; *pnConsumed += 1; pBuf += 1; - tmp134__ = 0U; - tmp134__ |= (pSrc->acvo_uapsd << 0); - tmp134__ |= (pSrc->acvi_uapsd << 1); - tmp134__ |= (pSrc->acbk_uapsd << 2); - tmp134__ |= (pSrc->acbe_uapsd << 3); - tmp134__ |= (pSrc->reserved1 << 4); - tmp134__ |= (pSrc->max_sp_length << 5); - tmp134__ |= (pSrc->reserved2 << 7); + tmp136__ = 0U; + tmp136__ |= (pSrc->acvo_uapsd << 0); + tmp136__ |= (pSrc->acvi_uapsd << 1); + tmp136__ |= (pSrc->acbk_uapsd << 2); + tmp136__ |= (pSrc->acbe_uapsd << 3); + tmp136__ |= (pSrc->reserved1 << 4); + tmp136__ |= (pSrc->max_sp_length << 5); + tmp136__ |= (pSrc->reserved2 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp134__; + *pBuf = tmp136__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -22868,14 +23816,14 @@ uint32_t dot11f_pack_ie_wmm_params(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp135__; - uint8_t tmp136__; uint8_t tmp137__; uint8_t tmp138__; uint8_t tmp139__; uint8_t tmp140__; uint8_t tmp141__; uint8_t tmp142__; + uint8_t tmp143__; + uint8_t tmp144__; nNeeded += 19; while (pSrc->present) { if (nNeeded > nBuf) @@ -22903,100 +23851,100 @@ uint32_t dot11f_pack_ie_wmm_params(tpAniSirGlobal pCtx, *pBuf = pSrc->reserved2; *pnConsumed += 1; pBuf += 1; - tmp135__ = 0U; - tmp135__ |= (pSrc->acbe_aifsn << 0); - tmp135__ |= (pSrc->acbe_acm << 4); - tmp135__ |= (pSrc->acbe_aci << 5); - tmp135__ |= (pSrc->unused1 << 7); + tmp137__ = 0U; + tmp137__ |= (pSrc->acbe_aifsn << 0); + tmp137__ |= (pSrc->acbe_acm << 4); + tmp137__ |= (pSrc->acbe_aci << 5); + tmp137__ |= (pSrc->unused1 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp135__; + *pBuf = tmp137__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp136__ = 0U; - tmp136__ |= (pSrc->acbe_acwmin << 0); - tmp136__ |= (pSrc->acbe_acwmax << 4); + tmp138__ = 0U; + tmp138__ |= (pSrc->acbe_acwmin << 0); + tmp138__ |= (pSrc->acbe_acwmax << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp136__; + *pBuf = tmp138__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; frameshtons(pCtx, pBuf, pSrc->acbe_txoplimit, 0); *pnConsumed += 2; pBuf += 2; - tmp137__ = 0U; - tmp137__ |= (pSrc->acbk_aifsn << 0); - tmp137__ |= (pSrc->acbk_acm << 4); - tmp137__ |= (pSrc->acbk_aci << 5); - tmp137__ |= (pSrc->unused2 << 7); + tmp139__ = 0U; + tmp139__ |= (pSrc->acbk_aifsn << 0); + tmp139__ |= (pSrc->acbk_acm << 4); + tmp139__ |= (pSrc->acbk_aci << 5); + tmp139__ |= (pSrc->unused2 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp137__; + *pBuf = tmp139__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp138__ = 0U; - tmp138__ |= (pSrc->acbk_acwmin << 0); - tmp138__ |= (pSrc->acbk_acwmax << 4); + tmp140__ = 0U; + tmp140__ |= (pSrc->acbk_acwmin << 0); + tmp140__ |= (pSrc->acbk_acwmax << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp138__; + *pBuf = tmp140__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; frameshtons(pCtx, pBuf, pSrc->acbk_txoplimit, 0); *pnConsumed += 2; pBuf += 2; - tmp139__ = 0U; - tmp139__ |= (pSrc->acvi_aifsn << 0); - tmp139__ |= (pSrc->acvi_acm << 4); - tmp139__ |= (pSrc->acvi_aci << 5); - tmp139__ |= (pSrc->unused3 << 7); + tmp141__ = 0U; + tmp141__ |= (pSrc->acvi_aifsn << 0); + tmp141__ |= (pSrc->acvi_acm << 4); + tmp141__ |= (pSrc->acvi_aci << 5); + tmp141__ |= (pSrc->unused3 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp139__; + *pBuf = tmp141__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp140__ = 0U; - tmp140__ |= (pSrc->acvi_acwmin << 0); - tmp140__ |= (pSrc->acvi_acwmax << 4); + tmp142__ = 0U; + tmp142__ |= (pSrc->acvi_acwmin << 0); + tmp142__ |= (pSrc->acvi_acwmax << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp140__; + *pBuf = tmp142__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; frameshtons(pCtx, pBuf, pSrc->acvi_txoplimit, 0); *pnConsumed += 2; pBuf += 2; - tmp141__ = 0U; - tmp141__ |= (pSrc->acvo_aifsn << 0); - tmp141__ |= (pSrc->acvo_acm << 4); - tmp141__ |= (pSrc->acvo_aci << 5); - tmp141__ |= (pSrc->unused4 << 7); + tmp143__ = 0U; + tmp143__ |= (pSrc->acvo_aifsn << 0); + tmp143__ |= (pSrc->acvo_acm << 4); + tmp143__ |= (pSrc->acvo_aci << 5); + tmp143__ |= (pSrc->unused4 << 7); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp141__; + *pBuf = tmp143__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; - tmp142__ = 0U; - tmp142__ |= (pSrc->acvo_acwmin << 0); - tmp142__ |= (pSrc->acvo_acwmax << 4); + tmp144__ = 0U; + tmp144__ |= (pSrc->acvo_acwmin << 0); + tmp144__ |= (pSrc->acvo_acwmax << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp142__; + *pBuf = tmp144__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -23693,7 +24641,7 @@ uint32_t dot11f_pack_ie_fils_indication(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint16_t tmp143__; + uint16_t tmp145__; nNeeded += (pSrc->num_variable_data + 2); while (pSrc->present) { if (nNeeded > nBuf) @@ -23702,20 +24650,20 @@ uint32_t dot11f_pack_ie_fils_indication(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp143__ = 0U; - tmp143__ |= (pSrc->public_key_identifiers_cnt << 0); - tmp143__ |= (pSrc->realm_identifiers_cnt << 3); - tmp143__ |= (pSrc->is_ip_config_supported << 6); - tmp143__ |= (pSrc->is_cache_id_present << 7); - tmp143__ |= (pSrc->is_hessid_present << 8); - tmp143__ |= (pSrc->is_fils_sk_auth_supported << 9); - tmp143__ |= (pSrc->is_fils_sk_auth_pfs_supported << 10); - tmp143__ |= (pSrc->is_pk_auth_supported << 11); - tmp143__ |= (pSrc->reserved << 12); + tmp145__ = 0U; + tmp145__ |= (pSrc->public_key_identifiers_cnt << 0); + tmp145__ |= (pSrc->realm_identifiers_cnt << 3); + tmp145__ |= (pSrc->is_ip_config_supported << 6); + tmp145__ |= (pSrc->is_cache_id_present << 7); + tmp145__ |= (pSrc->is_hessid_present << 8); + tmp145__ |= (pSrc->is_fils_sk_auth_supported << 9); + tmp145__ |= (pSrc->is_fils_sk_auth_pfs_supported << 10); + tmp145__ |= (pSrc->is_pk_auth_supported << 11); + tmp145__ |= (pSrc->reserved << 12); if (unlikely(nBuf < 2)) return DOT11F_INCOMPLETE_IE; - frameshtons(pCtx, pBuf, tmp143__, 0); + frameshtons(pCtx, pBuf, tmp145__, 0); *pnConsumed += 2; pBuf += 2; nBuf -= 2 ; @@ -23961,7 +24909,7 @@ uint32_t dot11f_pack_ie_hs20vendor_ie(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp144__; + uint8_t tmp146__; uint32_t status = DOT11F_PARSE_SUCCESS; status = dot11f_get_packed_ie_hs20vendor_ie(pCtx, pSrc, &nNeeded); if (!DOT11F_SUCCEEDED(status)) @@ -23981,15 +24929,15 @@ uint32_t dot11f_pack_ie_hs20vendor_ie(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); *pBuf = 0x10; ++pBuf; ++(*pnConsumed); - tmp144__ = 0U; - tmp144__ |= (pSrc->dgaf_dis << 0); - tmp144__ |= (pSrc->hs_id_present << 1); - tmp144__ |= (pSrc->reserved << 3); - tmp144__ |= (pSrc->release_num << 4); + tmp146__ = 0U; + tmp146__ |= (pSrc->dgaf_dis << 0); + tmp146__ |= (pSrc->hs_id_present << 1); + tmp146__ |= (pSrc->reserved << 3); + tmp146__ |= (pSrc->release_num << 4); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp144__; + *pBuf = tmp146__; *pnConsumed += 1; pBuf += 1; nBuf -= 1 ; @@ -24027,7 +24975,7 @@ uint32_t dot11f_pack_ie_ht2040_bss_coexistence(tpAniSirGlobal pCtx, uint8_t *pIeLen = 0; uint32_t nConsumedOnEntry = *pnConsumed; uint32_t nNeeded = 0U; - uint8_t tmp145__; + uint8_t tmp147__; nNeeded += 1; while (pSrc->present) { if (nNeeded > nBuf) @@ -24036,17 +24984,17 @@ uint32_t dot11f_pack_ie_ht2040_bss_coexistence(tpAniSirGlobal pCtx, ++pBuf; ++(*pnConsumed); pIeLen = pBuf; ++pBuf; ++(*pnConsumed); - tmp145__ = 0U; - tmp145__ |= (pSrc->info_request << 0); - tmp145__ |= (pSrc->forty_mhz_intolerant << 1); - tmp145__ |= (pSrc->twenty_mhz_bsswidth_req << 2); - tmp145__ |= (pSrc->obss_scan_exemption_req << 3); - tmp145__ |= (pSrc->obss_scan_exemption_grant << 4); - tmp145__ |= (pSrc->unused << 5); + tmp147__ = 0U; + tmp147__ |= (pSrc->info_request << 0); + tmp147__ |= (pSrc->forty_mhz_intolerant << 1); + tmp147__ |= (pSrc->twenty_mhz_bsswidth_req << 2); + tmp147__ |= (pSrc->obss_scan_exemption_req << 3); + tmp147__ |= (pSrc->obss_scan_exemption_grant << 4); + tmp147__ |= (pSrc->unused << 5); if (unlikely(nBuf < 1)) return DOT11F_INCOMPLETE_IE; - *pBuf = tmp145__; + *pBuf = tmp147__; *pnConsumed += 1; /* fieldsEndFlag = 1 */ nBuf -= 1 ; @@ -25402,6 +26350,22 @@ static uint32_t pack_core(tpAniSirGlobal pCtx, sizeof(tDot11fIEazimuth_req) * i), pBufRemaining, nBufRemaining, &len); break; + case SigIebeacon_report_frm_body_fragment_id: + status |= + dot11f_pack_ie_beacon_report_frm_body_fragment_id( + pCtx, (tDot11fIEbeacon_report_frm_body_fragment_id *) + (pSrc + pIe->offset + + sizeof(tDot11fIEbeacon_report_frm_body_fragment_id) * i), + pBufRemaining, nBufRemaining, &len); + break; + case SigIelast_beacon_report_indication: + status |= + dot11f_pack_ie_last_beacon_report_indication( + pCtx, (tDot11fIElast_beacon_report_indication *) + (pSrc + pIe->offset + + sizeof(tDot11fIElast_beacon_report_indication) * i), + pBufRemaining, nBufRemaining, &len); + break; case SigIemax_age: status |= dot11f_pack_ie_max_age( diff --git a/core/mac/src/sys/legacy/src/utils/src/parser_api.c b/core/mac/src/sys/legacy/src/utils/src/parser_api.c index 3dce90cd9ea5..19015541b19d 100644 --- a/core/mac/src/sys/legacy/src/utils/src/parser_api.c +++ b/core/mac/src/sys/legacy/src/utils/src/parser_api.c @@ -294,7 +294,7 @@ populate_dot11f_chan_switch_wrapper(tpAniSirGlobal pMac, /* * Add the VHT Transmit power Envelope Sublement. */ - ie_ptr = lim_get_ie_ptr_new(pMac, + ie_ptr = wlan_cfg_get_ie_ptr( psessionEntry->addIeParams.probeRespBCNData_buff, psessionEntry->addIeParams.probeRespBCNDataLen, DOT11F_EID_VHT_TRANSMIT_POWER_ENV, ONE_BYTE); @@ -3205,8 +3205,7 @@ sir_convert_assoc_resp_frame2_struct(tpAniSirGlobal pMac, for (cnt = 0; cnt < ar->num_WMMTSPEC; cnt++) { qdf_mem_copy(&pAssocRsp->TSPECInfo[cnt], &ar->WMMTSPEC[cnt], - (sizeof(tDot11fIEWMMTSPEC) * - ar->num_WMMTSPEC)); + sizeof(tDot11fIEWMMTSPEC)); } pAssocRsp->tspecPresent = true; } @@ -5943,8 +5942,10 @@ tSirRetStatus populate_dot11f_wfatpc(tpAniSirGlobal pMac, } tSirRetStatus populate_dot11f_beacon_report(tpAniSirGlobal pMac, - tDot11fIEMeasurementReport *pDot11f, - tSirMacBeaconReport *pBeaconReport) + tDot11fIEMeasurementReport *pDot11f, + tSirMacBeaconReport *pBeaconReport, + struct rrm_beacon_report_last_beacon_params + *last_beacon_report_params) { pDot11f->report.Beacon.regClass = pBeaconReport->regClass; @@ -5972,6 +5973,36 @@ tSirRetStatus populate_dot11f_beacon_report(tpAniSirGlobal pMac, pBeaconReport->numIes; } + if (last_beacon_report_params && + last_beacon_report_params->last_beacon_ind) { + pe_debug("Including Last Beacon Report in RRM Frame, report_id %d, frag_id %d", + last_beacon_report_params->report_id, + last_beacon_report_params->frag_id); + pDot11f->report.Beacon.beacon_report_frm_body_fragment_id. + present = 1; + pDot11f->report.Beacon.beacon_report_frm_body_fragment_id. + beacon_report_id = last_beacon_report_params->report_id; + pDot11f->report.Beacon.beacon_report_frm_body_fragment_id. + fragment_id_number = last_beacon_report_params->frag_id; + + pDot11f->report.Beacon.last_beacon_report_indication.present = 1; + + if (last_beacon_report_params->frag_id == + (last_beacon_report_params->num_frags - 1)) { + pDot11f->report.Beacon. + beacon_report_frm_body_fragment_id. + more_fragments = 0; + pDot11f->report.Beacon.last_beacon_report_indication. + last_fragment = 1; + pe_debug("Last Fragment"); + } else { + pDot11f->report.Beacon. + beacon_report_frm_body_fragment_id. + more_fragments = 1; + pDot11f->report.Beacon.last_beacon_report_indication. + last_fragment = 0; + } + } return eSIR_SUCCESS; } diff --git a/core/pld/src/pld_sdio.c b/core/pld/src/pld_sdio.c index a05b47480b64..5897d3e24a07 100644 --- a/core/pld/src/pld_sdio.c +++ b/core/pld/src/pld_sdio.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2016-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -51,15 +51,16 @@ static int pld_sdio_probe(struct sdio_func *sdio_func, const struct sdio_device_id *id) { struct pld_context *pld_context; - struct device *dev = &sdio_func->dev; - int ret = 0; + struct device *dev; + int ret; pld_context = pld_get_global_context(); - if (!pld_context) { + if (!pld_context || !sdio_func) { ret = -ENODEV; goto out; } + dev = &sdio_func->dev; ret = pld_add_dev(pld_context, dev, PLD_BUS_TYPE_SDIO); if (ret) goto out; diff --git a/core/sap/inc/sap_api.h b/core/sap/inc/sap_api.h index 228f7e3afa81..23ea7b3e0ef6 100644 --- a/core/sap/inc/sap_api.h +++ b/core/sap/inc/sap_api.h @@ -227,6 +227,7 @@ typedef enum { typedef struct sap_StartBssCompleteEvent_s { uint8_t status; uint8_t operatingChannel; + enum phy_ch_width ch_width; uint16_t staId; /* self StaID */ uint8_t sessionId; /* SoftAP SME session ID */ } tSap_StartBssCompleteEvent; diff --git a/core/sap/src/sap_api_link_cntl.c b/core/sap/src/sap_api_link_cntl.c index a26567362648..4bc0477f7581 100644 --- a/core/sap/src/sap_api_link_cntl.c +++ b/core/sap/src/sap_api_link_cntl.c @@ -1072,7 +1072,7 @@ wlansap_roam_callback(void *ctx, tCsrRoamInfo *csr_roam_info, uint32_t roamId, QDF_TRACE_LEVEL_ERROR, FL("sapdfs: no available channel for sapctx[%pK], StopBss"), pSapContext); - sap_signal_hdd_event(sap_ctx, NULL, + sap_signal_hdd_event(pSapContext, NULL, eSAP_STOP_BSS_DUE_TO_NO_CHNL, (void *) eSAP_STATUS_SUCCESS); } diff --git a/core/sap/src/sap_ch_select.c b/core/sap/src/sap_ch_select.c index 041f0de646aa..ef4ad35b393e 100644 --- a/core/sap/src/sap_ch_select.c +++ b/core/sap/src/sap_ch_select.c @@ -643,8 +643,9 @@ static bool sap_chan_sel_init(tHalHandle halHandle, /* Allocate memory for weight computation of 2.4GHz */ pSpectCh = - (tSapSpectChInfo *) qdf_mem_malloc((pSpectInfoParams->numSpectChans) - * sizeof(*pSpectCh)); + (tSapSpectChInfo *)qdf_mem_malloc( + (pSpectInfoParams->numSpectChans) * + sizeof(*pSpectCh)); if (pSpectCh == NULL) { QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_ERROR, @@ -673,9 +674,18 @@ static bool sap_chan_sel_init(tHalHandle halHandle, channelnum++, pChans++, pSpectCh++) { chSafe = true; + pSpectCh->chNum = *pChans; + /* Initialise for all channels */ + pSpectCh->rssiAgr = SOFTAP_MIN_RSSI; + /* Initialise 20MHz for all the Channels */ + pSpectCh->channelWidth = SOFTAP_HT20_CHANNELWIDTH; + /* Initialise max ACS weight for all channels */ + pSpectCh->weight = SAP_ACS_WEIGHT_MAX; + /* check if the channel is in NOL blacklist */ - if (sap_dfs_is_channel_in_nol_list(pSapCtx, *pChans, - PHY_SINGLE_CHANNEL_CENTERED)) { + if (sap_dfs_is_channel_in_nol_list( + pSapCtx, *pChans, + PHY_SINGLE_CHANNEL_CENTERED)) { QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_INFO_HIGH, "In %s, Ch %d is in NOL list", __func__, *pChans); @@ -725,12 +735,7 @@ static bool sap_chan_sel_init(tHalHandle halHandle, continue; if (true == chSafe) { - pSpectCh->chNum = *pChans; pSpectCh->valid = true; - pSpectCh->rssiAgr = SOFTAP_MIN_RSSI; /* Initialise for all channels */ - pSpectCh->channelWidth = SOFTAP_HT20_CHANNELWIDTH; /* Initialise 20MHz for all the Channels */ - /* Initialise max ACS weight for all channels */ - pSpectCh->weight = SAP_ACS_WEIGHT_MAX; for (chan_num = 0; chan_num < pSapCtx->num_of_channel; chan_num++) { if (pSpectCh->chNum != @@ -1724,9 +1729,12 @@ static void sap_compute_spect_weight(tSapChSelSpectInfo *pSpectInfoParams, */ rssi = (int8_t) pSpectCh->rssiAgr; - if (ch_in_pcl(sap_ctx, chn_num)) + if (ch_in_pcl(sap_ctx, pSpectCh->chNum)) rssi -= PCL_RSSI_DISCOUNT; + if (rssi < SOFTAP_MIN_RSSI) + rssi = SOFTAP_MIN_RSSI; + if (pSpectCh->weight == SAP_ACS_WEIGHT_MAX) goto debug_info; @@ -1743,9 +1751,9 @@ static void sap_compute_spect_weight(tSapChSelSpectInfo *pSpectInfoParams, debug_info: /* ------ Debug Info ------ */ QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_INFO_HIGH, - "In %s, Chan=%d Weight= %d rssiAgr=%d bssCount=%d", + "In %s, Chan=%d Weight= %d rssiAgr=%d, rssi_pcl_discount: %d, bssCount=%d", __func__, pSpectCh->chNum, pSpectCh->weight, - pSpectCh->rssiAgr, pSpectCh->bssCount); + pSpectCh->rssiAgr, rssi, pSpectCh->bssCount); /* ------ Debug Info ------ */ pSpectCh++; } diff --git a/core/sap/src/sap_fsm.c b/core/sap/src/sap_fsm.c index da4ed69d8dd8..0e3926128777 100644 --- a/core/sap/src/sap_fsm.c +++ b/core/sap/src/sap_fsm.c @@ -2485,6 +2485,7 @@ QDF_STATUS sap_goto_channel_sel(ptSapContext sap_context, #endif wma_get_scan_id(&scan_req_id); scan_request.scan_id = scan_req_id; + scan_request.scan_requestor_id = ACS_SCAN_REQUESTOR_ID; /* Set requestType to Full scan */ QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_INFO_HIGH, FL("calling sme_scan_request")); @@ -2991,6 +2992,7 @@ QDF_STATUS sap_signal_hdd_event(ptSapContext sap_ctx, bss_complete->staId); bss_complete->operatingChannel = (uint8_t) sap_ctx->channel; + bss_complete->ch_width = sap_ctx->ch_params.ch_width; bss_complete->sessionId = sap_ctx->sessionId; break; case eSAP_DFS_CAC_START: diff --git a/core/sap/src/sap_module.c b/core/sap/src/sap_module.c index 3d8cc9248fea..2f437148a32f 100644 --- a/core/sap/src/sap_module.c +++ b/core/sap/src/sap_module.c @@ -224,6 +224,11 @@ void wlansap_context_put(ptSapContext ctx) for (i = 0; i < SAP_MAX_NUM_SESSION; i++) { if (gp_sap_ctx[i] == ctx) { if (qdf_atomic_dec_and_test(&sap_ctx_ref_count[i])) { + if (ctx->channelList) { + qdf_mem_free(ctx->channelList); + ctx->channelList = NULL; + ctx->num_of_channel = 0; + } qdf_mem_free(ctx); gp_sap_ctx[i] = NULL; QDF_TRACE(QDF_MODULE_ID_SAP, @@ -1648,13 +1653,13 @@ static QDF_STATUS wlansap_update_csa_channel_params(ptSapContext sap_context, mac_ctx->sap.SapDfsInfo.new_chanWidth = 0; } else { - - if (sap_context->ch_width_orig >= CH_WIDTH_80MHZ) + if (sap_context->csr_roamProfile.phyMode == + eCSR_DOT11_MODE_11ac || + sap_context->csr_roamProfile.phyMode == + eCSR_DOT11_MODE_11ac_ONLY) bw = BW80; - else if (sap_context->ch_width_orig == CH_WIDTH_40MHZ) - bw = BW40_HIGH_PRIMARY; else - bw = BW20; + bw = BW40_HIGH_PRIMARY; for (; bw >= BW20; bw--) { uint16_t op_class; diff --git a/core/sme/inc/csr_api.h b/core/sme/inc/csr_api.h index da137e2373cd..09804ac7e941 100644 --- a/core/sme/inc/csr_api.h +++ b/core/sme/inc/csr_api.h @@ -300,6 +300,7 @@ typedef struct tagCsrScanRequest { bool skipDfsChnlInP2pSearch; bool bcnRptReqScan; /* is Scan issued by Beacon Report Request */ uint32_t scan_id; + uint32_t scan_requestor_id; uint32_t timestamp; bool enable_scan_randomization; diff --git a/core/sme/inc/csr_internal.h b/core/sme/inc/csr_internal.h index 9d9753c5a404..c73d7b0530f8 100644 --- a/core/sme/inc/csr_internal.h +++ b/core/sme/inc/csr_internal.h @@ -1042,6 +1042,7 @@ typedef struct tagCsrRoamSession { bool supported_nss_1x1; uint8_t vdev_nss; uint8_t nss; + bool nss_forced_1x1; bool disable_hi_rssi; bool dhcp_done; uint8_t disconnect_reason; diff --git a/core/sme/inc/sme_api.h b/core/sme/inc/sme_api.h index a9d44073ab86..5c580a106734 100644 --- a/core/sme/inc/sme_api.h +++ b/core/sme/inc/sme_api.h @@ -420,6 +420,18 @@ QDF_STATUS sme_roam_set_pmkid_cache(tHalHandle hHal, uint8_t sessionId, tPmkidCacheInfo *pPMKIDCache, uint32_t numItems, bool update_entire_cache); + +/** + * sme_get_pmk_info(): A wrapper function to request CSR to save PMK + * @hal: Global structure + * @session_id: SME session_id + * @pmk_cache: pointer to a structure of pmk + * + * Return: none + */ +void sme_get_pmk_info(tHalHandle hal, uint8_t session_id, + tPmkidCacheInfo *pmk_cache); + #ifdef WLAN_FEATURE_ROAM_OFFLOAD QDF_STATUS sme_roam_set_psk_pmk(tHalHandle hHal, uint8_t sessionId, uint8_t *pPSK_PMK, size_t pmk_len); @@ -1733,7 +1745,8 @@ QDF_STATUS sme_get_nud_debug_stats(tHalHandle hal, struct get_arp_stats_params *get_stats_param); QDF_STATUS sme_set_nud_debug_stats_cb(tHalHandle hal, - void (*cb)(void *, struct rsp_stats *)); + void (*cb)(void *, struct rsp_stats *, void *context), + void *context); #ifdef WLAN_FEATURE_UDP_RESPONSE_OFFLOAD @@ -2269,6 +2282,14 @@ QDF_STATUS sme_get_roam_scan_stats(tHalHandle hal, roam_scan_stats_cb cb, void *context, uint32_t vdev_id); +/** + * sme_get_scan_id() - Sme wrapper to get scan ID + * @scan_id: output pointer to hold scan_id + * + * Return: QDF_STATUS + */ +QDF_STATUS sme_get_scan_id(uint32_t *scan_id); + /* * sme_validate_channel_list() - Validate the given channel list * @hal: handle to global hal context diff --git a/core/sme/inc/sme_internal.h b/core/sme/inc/sme_internal.h index 00538791e003..3c88d387cdee 100644 --- a/core/sme/inc/sme_internal.h +++ b/core/sme/inc/sme_internal.h @@ -265,7 +265,8 @@ typedef struct tagSmeStruct { struct sir_lost_link_info *lost_link_info); void (*rso_cmd_status_cb)(void *hdd_context, struct rso_cmd_status *rso_status); - void (*get_arp_stats_cb)(void *, struct rsp_stats *); + void *get_arp_stats_context; + void (*get_arp_stats_cb)(void *, struct rsp_stats *, void *); void (*bt_activity_info_cb)(void *context, uint32_t bt_activity); void (*chip_power_save_fail_cb)(void *, struct chip_pwr_save_fail_detected_params *); diff --git a/core/sme/src/common/sme_api.c b/core/sme/src/common/sme_api.c index 0f8f5c47a097..90a656c91498 100644 --- a/core/sme/src/common/sme_api.c +++ b/core/sme/src/common/sme_api.c @@ -4490,6 +4490,18 @@ QDF_STATUS sme_roam_del_pmkid_from_cache(tHalHandle hHal, uint8_t sessionId, return status; } +void sme_get_pmk_info(tHalHandle hal, uint8_t session_id, + tPmkidCacheInfo *pmk_cache) +{ + tpAniSirGlobal mac_ctx = PMAC_STRUCT(hal); + QDF_STATUS status = sme_acquire_global_lock(&mac_ctx->sme); + + if (QDF_IS_STATUS_SUCCESS(status)) { + if (CSR_IS_SESSION_VALID(mac_ctx, session_id)) + csr_get_pmk_info(mac_ctx, session_id, pmk_cache); + sme_release_global_lock(&mac_ctx->sme); + } +} #ifdef WLAN_FEATURE_ROAM_OFFLOAD /** * sme_roam_set_psk_pmk() - A wrapper function to request CSR to save PSK/PMK @@ -15835,13 +15847,15 @@ QDF_STATUS sme_set_rssi_threshold_breached_cb(tHalHandle h_hal, * sme_set_nud_debug_stats_cb() - set nud debug stats callback * @hal: global hal handle * @cb: callback function pointer + * @context: callback context * - * This function stores nud debug stats callback function. + * This function stores nud debug stats callback function and context * * Return: QDF_STATUS enumeration. */ QDF_STATUS sme_set_nud_debug_stats_cb(tHalHandle hal, - void (*cb)(void *, struct rsp_stats *)) + void (*cb)(void *, struct rsp_stats *, void *), + void *context) { QDF_STATUS status = QDF_STATUS_SUCCESS; tpAniSirGlobal mac; @@ -15862,6 +15876,7 @@ QDF_STATUS sme_set_nud_debug_stats_cb(tHalHandle hal, } mac->sme.get_arp_stats_cb = cb; + mac->sme.get_arp_stats_context = context; sme_release_global_lock(&mac->sme); return status; } @@ -19466,3 +19481,8 @@ bool sme_validate_channel_list(tHalHandle hal, } return true; } + +QDF_STATUS sme_get_scan_id(uint32_t *scan_id) +{ + return wma_get_scan_id(scan_id); +} diff --git a/core/sme/src/csr/csr_api_roam.c b/core/sme/src/csr/csr_api_roam.c index 5d8a575274de..4fd0aed708ee 100644 --- a/core/sme/src/csr/csr_api_roam.c +++ b/core/sme/src/csr/csr_api_roam.c @@ -109,6 +109,43 @@ /* Static Type declarations */ static tCsrRoamSession csr_roam_roam_session[CSR_ROAM_SESSION_MAX]; +/** + * csr_get_ielen_from_bss_description() - to get IE length + * from tSirBssDescription structure + * @pBssDescr: pBssDescr + * + * This function is called in various places to get IE length + * from tSirBssDescription structure + * + * @Return: total IE length + */ +static inline uint16_t +csr_get_ielen_from_bss_description(tpSirBssDescription pBssDescr) +{ + uint16_t ielen; + + if (!pBssDescr) + return 0; + + /* + * Length of BSS desription is without length of + * length itself and length of pointer + * that holds ieFields + * + * <------------sizeof(tSirBssDescription)--------------------> + * +--------+---------------------------------+---------------+ + * | length | other fields | pointer to IEs| + * +--------+---------------------------------+---------------+ + * ^ + * ieFields + */ + + ielen = (uint16_t)(pBssDescr->length + sizeof(pBssDescr->length) - + GET_FIELD_OFFSET(tSirBssDescription, ieFields)); + + return ielen; +} + #ifdef WLAN_FEATURE_SAE /** * csr_sae_callback - Update SAE info to CSR roam session @@ -2203,7 +2240,7 @@ csr_fetch_ch_lst_from_received_list(tpAniSirGlobal mac_ctx, ch_lst++; } req_buf->ConnectedNetwork.ChannelCount = num_channels; - req_buf->ChannelCacheType = CHANNEL_LIST_DYNAMIC_UPDATE; + req_buf->ChannelCacheType = CHANNEL_LIST_DYNAMIC; sme_debug("ChannelCacheType %dChannelCount %d", req_buf->ChannelCacheType, num_channels); } @@ -11773,6 +11810,8 @@ csr_roam_chk_lnk_swt_ch_ind(tpAniSirGlobal mac_ctx, tSirSmeRsp *msg_ptr) QDF_STATUS status; tpSirSmeSwitchChannelInd pSwitchChnInd; tCsrRoamInfo roamInfo; + tSirMacDsParamSetIE *ds_params_ie; + tDot11fIEHTInfo *ht_info_ie; /* in case of STA, the SWITCH_CHANNEL originates from its AP */ sme_debug("eWNI_SME_SWITCH_CHL_IND from SME"); @@ -11795,6 +11834,29 @@ csr_roam_chk_lnk_swt_ch_ind(tpAniSirGlobal mac_ctx, tSirSmeRsp *msg_ptr) (uint8_t) pSwitchChnInd->newChannelId; } + ds_params_ie = (tSirMacDsParamSetIE *)wlan_cfg_get_ie_ptr( + (uint8_t *)session->pConnectBssDesc-> + ieFields, + csr_get_ielen_from_bss_description( + session->pConnectBssDesc), + DOT11F_EID_DSPARAMS, ONE_BYTE); + if (ds_params_ie) + ds_params_ie->channelNumber = + (uint8_t)pSwitchChnInd->newChannelId; + + ht_info_ie = (tDot11fIEHTInfo *)wlan_cfg_get_ie_ptr( + (uint8_t *)session->pConnectBssDesc-> + ieFields, + csr_get_ielen_from_bss_description( + session->pConnectBssDesc), + DOT11F_EID_HTINFO, ONE_BYTE); + if (ht_info_ie) { + ht_info_ie->primaryChannel = + (uint8_t)pSwitchChnInd->newChannelId; + ht_info_ie->secondaryChannelOffset = + pSwitchChnInd->chan_params.sec_ch_offset; + } + qdf_mem_set(&roamInfo, sizeof(tCsrRoamInfo), 0); roamInfo.chan_info.chan_id = pSwitchChnInd->newChannelId; roamInfo.chan_info.ch_width = @@ -14380,6 +14442,24 @@ static void csr_roam_update_connected_profile_from_new_bss(tpAniSirGlobal pMac, } } +void csr_get_pmk_info(tpAniSirGlobal mac_ctx, uint8_t session_id, + tPmkidCacheInfo *pmk_cache) +{ + tCsrRoamSession *session = NULL; + + if (!mac_ctx) { + sme_err("Mac_ctx is NULL"); + return; + } + session = CSR_GET_SESSION(mac_ctx, session_id); + if (!session) { + sme_err("session %d not found", session_id); + return; + } + qdf_mem_copy(pmk_cache->pmk, session->psk_pmk, + sizeof(session->psk_pmk)); + pmk_cache->pmk_len = session->pmk_len; +} #ifdef WLAN_FEATURE_ROAM_OFFLOAD QDF_STATUS csr_roam_set_psk_pmk(tpAniSirGlobal pMac, uint32_t sessionId, uint8_t *pPSK_PMK, size_t pmk_len) @@ -15542,54 +15622,6 @@ csr_check_vendor_ap_3_present(tpAniSirGlobal mac_ctx, uint8_t *ie, } /** - * csr_get_ielen_from_bss_description() - * - ***FUNCTION: - * This function is called in various places to get IE length - * from tSirBssDescription structure - * number being scanned. - * - ***PARAMS: - * - ***LOGIC: - * - ***ASSUMPTIONS: - * NA - * - ***NOTE: - * NA - * - * @param pBssDescr - * @return Total IE length - */ -static inline uint16_t -csr_get_ielen_from_bss_description(tpSirBssDescription pBssDescr) -{ - uint16_t ielen; - - if (!pBssDescr) - return 0; - - /* - * Length of BSS desription is without length of - * length itself and length of pointer - * that holds ieFields - * - * <------------sizeof(tSirBssDescription)--------------------> - * +--------+---------------------------------+---------------+ - * | length | other fields | pointer to IEs| - * +--------+---------------------------------+---------------+ - * ^ - * ieFields - */ - - ielen = (uint16_t)(pBssDescr->length + sizeof(pBssDescr->length) - - GET_FIELD_OFFSET(tSirBssDescription, ieFields)); - - return ielen; -} - -/** * The communication between HDD and LIM is thru mailbox (MB). * Both sides will access the data structure "tSirSmeJoinReq". * The rule is, while the components of "tSirSmeJoinReq" can be accessed in the @@ -15627,6 +15659,7 @@ QDF_STATUS csr_send_join_req_msg(tpAniSirGlobal pMac, uint32_t sessionId, enum hw_mode_dbs_capab hw_mode_to_use; tDot11fIEVHTCaps *vht_caps = NULL; bool is_vendor_ap_present; + struct vdev_type_nss *vdev_type_nss; if (!pSession) { sme_err("session %d not found", sessionId); @@ -15726,6 +15759,29 @@ QDF_STATUS csr_send_join_req_msg(tpAniSirGlobal pMac, uint32_t sessionId, ucDot11Mode = WNI_CFG_DOT11_MODE_11N; } + if (IS_5G_CH(pBssDescription->channelId)) + vdev_type_nss = &pMac->vdev_type_nss_5g; + else + vdev_type_nss = &pMac->vdev_type_nss_2g; + if (pSession->pCurRoamProfile->csrPersona == + QDF_P2P_CLIENT_MODE) + pSession->vdev_nss = vdev_type_nss->p2p_cli; + else + pSession->vdev_nss = vdev_type_nss->sta; + pSession->nss = pSession->vdev_nss; + + if (pSession->nss > csr_get_nss_supported_by_sta_and_ap( + &pIes->VHTCaps, + &pIes->HTCaps, ucDot11Mode)) { + pSession->nss = csr_get_nss_supported_by_sta_and_ap( + &pIes->VHTCaps, &pIes->HTCaps, + ucDot11Mode); + pSession->vdev_nss = pSession->nss; + } + + if (pSession->nss == 1) + pSession->supported_nss_1x1 = true; + ieLen = csr_get_ielen_from_bss_description(pBssDescription); is_vendor_ap_present = csr_check_vendor_ap_present( pMac, pBssDescription, @@ -15743,6 +15799,7 @@ QDF_STATUS csr_send_join_req_msg(tpAniSirGlobal pMac, uint32_t sessionId, pSession->supported_nss_1x1 = true; pSession->vdev_nss = 1; pSession->nss = 1; + pSession->nss_forced_1x1 = true; sme_debug("For special ap, NSS: %d", pSession->nss); } @@ -15763,18 +15820,6 @@ QDF_STATUS csr_send_join_req_msg(tpAniSirGlobal pMac, uint32_t sessionId, VDEV_CMD); } - if (pSession->nss > csr_get_nss_supported_by_sta_and_ap( - &pIes->VHTCaps, - &pIes->HTCaps, ucDot11Mode)) { - pSession->nss = csr_get_nss_supported_by_sta_and_ap( - &pIes->VHTCaps, &pIes->HTCaps, - ucDot11Mode); - pSession->vdev_nss = pSession->nss; - } - - if (pSession->nss == 1) - pSession->supported_nss_1x1 = true; - /* * If Switch to 11N WAR is set for current AP, change dot11 * mode to 11N. @@ -15794,10 +15839,12 @@ QDF_STATUS csr_send_join_req_msg(tpAniSirGlobal pMac, uint32_t sessionId, csr_join_req->supported_nss_1x1 = pSession->supported_nss_1x1; csr_join_req->vdev_nss = pSession->vdev_nss; csr_join_req->nss = pSession->nss; + csr_join_req->nss_forced_1x1 = pSession->nss_forced_1x1; csr_join_req->dot11mode = (uint8_t) ucDot11Mode; - sme_debug("dot11mode=%d, uCfgDot11Mode=%d", - csr_join_req->dot11mode, - pSession->bssParams.uCfgDot11Mode); + sme_debug("dot11mode=%d, uCfgDot11Mode=%d, nss=%d", + csr_join_req->dot11mode, + pSession->bssParams.uCfgDot11Mode, + csr_join_req->nss); #ifdef FEATURE_WLAN_MCC_TO_SCC_SWITCH csr_join_req->cc_switch_mode = pMac->roam.configParam.cc_switch_mode; @@ -16731,6 +16778,7 @@ QDF_STATUS csr_send_mb_disassoc_cnf_msg(tpAniSirGlobal pMac, status = QDF_STATUS_SUCCESS; if (!QDF_IS_STATUS_SUCCESS(status)) break; + pMsg->sme_session_id = pDisassocInd->sessionId; pMsg->messageType = eWNI_SME_DISASSOC_CNF; pMsg->statusCode = eSIR_SME_SUCCESS; pMsg->length = sizeof(tSirSmeDisassocCnf); @@ -16771,6 +16819,7 @@ QDF_STATUS csr_send_mb_deauth_cnf_msg(tpAniSirGlobal pMac, pMsg->messageType = eWNI_SME_DEAUTH_CNF; pMsg->statusCode = eSIR_SME_SUCCESS; pMsg->length = sizeof(tSirSmeDeauthCnf); + pMsg->sme_session_id = pDeauthInd->sessionId; qdf_copy_macaddr(&pMsg->bssid, &pDeauthInd->bssid); status = QDF_STATUS_SUCCESS; if (!QDF_IS_STATUS_SUCCESS(status)) { @@ -19140,21 +19189,7 @@ csr_fetch_ch_lst_from_occupied_lst(tpAniSirGlobal mac_ctx, ch_lst++; } req_buf->ConnectedNetwork.ChannelCount = num_channels; - /* - * If the profile changes as to what it was earlier, inform the FW - * through FLUSH as ChannelCacheType in which case, the FW will flush - * the occupied channels for the earlier profile and try to learn them - * afresh - */ - if (reason == REASON_FLUSH_CHANNEL_LIST) - req_buf->ChannelCacheType = CHANNEL_LIST_DYNAMIC_FLUSH; - else { - if (csr_neighbor_roam_is_new_connected_profile(mac_ctx, - session_id)) - req_buf->ChannelCacheType = CHANNEL_LIST_DYNAMIC_INIT; - else - req_buf->ChannelCacheType = CHANNEL_LIST_DYNAMIC_UPDATE; - } + req_buf->ChannelCacheType = CHANNEL_LIST_DYNAMIC; sme_debug("ChannelCacheType %dChannelCount %d", req_buf->ChannelCacheType, num_channels); } @@ -19258,7 +19293,7 @@ csr_fetch_valid_ch_lst(tpAniSirGlobal mac_ctx, } req_buf->ValidChannelCount = num_channels; - req_buf->ChannelCacheType = CHANNEL_LIST_DYNAMIC_UPDATE; + req_buf->ChannelCacheType = CHANNEL_LIST_DYNAMIC; req_buf->ConnectedNetwork.ChannelCount = num_channels; sme_debug("ChannelCacheType %dChannelCount %d", req_buf->ChannelCacheType, num_channels); @@ -21341,7 +21376,7 @@ QDF_STATUS csr_roam_channel_change_req(tpAniSirGlobal pMac, pMsg->sec_ch_offset = ch_params->sec_ch_offset; pMsg->ch_width = profile->ch_params.ch_width; pMsg->dot11mode = csr_translate_to_wni_cfg_dot11_mode(pMac, - pMac->roam.configParam.uCfgDot11Mode); + param.uCfgDot11Mode); if (IS_24G_CH(pMsg->targetChannel) && (false == pMac->roam.configParam.enableVhtFor24GHz) && (WNI_CFG_DOT11_MODE_11AC == pMsg->dot11mode || diff --git a/core/sme/src/csr/csr_api_scan.c b/core/sme/src/csr/csr_api_scan.c index a948c0030a11..7591dc0a9519 100644 --- a/core/sme/src/csr/csr_api_scan.c +++ b/core/sme/src/csr/csr_api_scan.c @@ -2062,7 +2062,7 @@ static int32_t csr_calculate_congestion_score(tpAniSirGlobal mac_ctx, bss_score_params->rssi_score.good_rssi_threshold * (-1); /* For bad zone rssi get score from last index */ - if (bss_info->rssi < good_rssi_threshold) + if (bss_info->rssi <= good_rssi_threshold) return csr_get_score_for_index( bss_score_params->esp_qbss_scoring.num_slot, bss_score_params->weight_cfg. @@ -6031,6 +6031,7 @@ static QDF_STATUS csr_send_mb_scan_req(tpAniSirGlobal pMac, uint16_t sessionId, } pMsg->p2pSearch = pScanReq->p2pSearch; pMsg->scan_id = pScanReq->scan_id; + pMsg->scan_requestor_id = pScanReq->scan_requestor_id; pMsg->enable_scan_randomization = pScanReq->enable_scan_randomization; @@ -6644,6 +6645,7 @@ QDF_STATUS csr_scan_copy_request(tpAniSirGlobal mac_ctx, dst_req->skipDfsChnlInP2pSearch = src_req->skipDfsChnlInP2pSearch; dst_req->scan_id = src_req->scan_id; + dst_req->scan_requestor_id = src_req->scan_requestor_id; dst_req->timestamp = src_req->timestamp; status = csr_scan_copy_ie_whitelist_attrs(dst_req, src_req); diff --git a/core/sme/src/csr/csr_cmd_process.c b/core/sme/src/csr/csr_cmd_process.c index f118ffedc6b9..b762f5904dad 100644 --- a/core/sme/src/csr/csr_cmd_process.c +++ b/core/sme/src/csr/csr_cmd_process.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -110,7 +110,9 @@ QDF_STATUS csr_msg_processor(tpAniSirGlobal mac_ctx, void *msg_buf) * due to failure or finding the condition meets both * SAP and infra/IBSS requirement. */ - if (eWNI_SME_SETCONTEXT_RSP == sme_rsp->messageType) { + if (eWNI_SME_SETCONTEXT_RSP == sme_rsp->messageType || + eWNI_SME_DISCONNECT_DONE_IND == + sme_rsp->messageType) { sme_warn("handling msg 0x%X CSR state is %d", sme_rsp->messageType, cur_state); csr_roam_check_for_link_status_change(mac_ctx, diff --git a/core/sme/src/csr/csr_inside_api.h b/core/sme/src/csr/csr_inside_api.h index eff2123500d6..5f9edf88c93c 100644 --- a/core/sme/src/csr/csr_inside_api.h +++ b/core/sme/src/csr/csr_inside_api.h @@ -926,6 +926,20 @@ QDF_STATUS csr_roam_set_pmkid_cache(tpAniSirGlobal pMac, uint32_t sessionId, tPmkidCacheInfo *pPMKIDCache, uint32_t numItems, bool update_entire_cache); +/* + * csr_get_pmk_info(): store PMK in pmk_cache + * @mac_ctx: pointer to global structure for MAC + * @session_id: Sme session id + * @pmk_cache: pointer to a structure of Pmk + * + * This API gets the PMK from the session and + * stores it in the pmk_cache + * + * Return: none + */ +void csr_get_pmk_info(tpAniSirGlobal mac_ctx, uint8_t session_id, + tPmkidCacheInfo *pmk_cache); + #ifdef WLAN_FEATURE_ROAM_OFFLOAD /* * csr_roam_set_psk_pmk() - diff --git a/core/sme/src/csr/csr_util.c b/core/sme/src/csr/csr_util.c index febf16cd208b..49a5316d19c1 100644 --- a/core/sme/src/csr/csr_util.c +++ b/core/sme/src/csr/csr_util.c @@ -876,10 +876,7 @@ uint16_t csr_check_concurrent_channel_overlap(tpAniSirGlobal mac_ctx, if (intf_ch && sap_ch != intf_ch && cc_switch_mode != QDF_MCC_TO_SCC_SWITCH_FORCE && - cc_switch_mode != - QDF_MCC_TO_SCC_SWITCH_FORCE_WITHOUT_DISCONNECTION && - cc_switch_mode != - QDF_MCC_TO_SCC_SWITCH_WITH_FAVORITE_CHANNEL) { + !cds_is_force_scc()) { sap_lfreq = sap_cfreq - sap_hbw; sap_hfreq = sap_cfreq + sap_hbw; intf_lfreq = intf_cfreq - intf_hbw; @@ -898,15 +895,15 @@ uint16_t csr_check_concurrent_channel_overlap(tpAniSirGlobal mac_ctx, (intf_hfreq > sap_lfreq && intf_hfreq < sap_hfreq)))) intf_ch = 0; } else if (intf_ch && sap_ch != intf_ch && - ((cc_switch_mode == QDF_MCC_TO_SCC_SWITCH_FORCE) || - (cc_switch_mode == - QDF_MCC_TO_SCC_SWITCH_FORCE_WITHOUT_DISCONNECTION) || - (cc_switch_mode == - QDF_MCC_TO_SCC_SWITCH_WITH_FAVORITE_CHANNEL))) { + (cc_switch_mode == QDF_MCC_TO_SCC_SWITCH_FORCE || + cds_is_force_scc())) { if (!((intf_ch <= 14 && sap_ch <= 14) || (intf_ch > 14 && sap_ch > 14))) { if (wma_is_hw_dbs_capable()) intf_ch = 0; + else if (cc_switch_mode == + QDF_MCC_TO_SCC_WITH_PREFERRED_BAND) + intf_ch = 0; } else if (cc_switch_mode == QDF_MCC_TO_SCC_SWITCH_WITH_FAVORITE_CHANNEL) { diff --git a/core/sme/src/rrm/sme_rrm.c b/core/sme/src/rrm/sme_rrm.c index be4a6cd4f2f1..35890bded9f3 100644 --- a/core/sme/src/rrm/sme_rrm.c +++ b/core/sme/src/rrm/sme_rrm.c @@ -26,6 +26,7 @@ #include "sme_inside.h" #include "sme_api.h" #include "cfg_api.h" +#include "cds_regdomain.h" #ifdef FEATURE_WLAN_DIAG_SUPPORT #include "host_diag_core_event.h" @@ -414,6 +415,7 @@ static QDF_STATUS sme_rrm_send_scan_result(tpAniSirGlobal mac_ctx, tpRrmSMEContext rrm_ctx = &mac_ctx->rrm.rrmSmeContext; uint32_t session_id; tCsrRoamInfo *roam_info; + tSirScanType scan_type; qdf_mem_zero(&filter, sizeof(filter)); qdf_mem_zero(scanresults_arr, @@ -510,11 +512,41 @@ static QDF_STATUS sme_rrm_send_scan_result(tpAniSirGlobal mac_ctx, goto rrm_send_scan_results_done; } + if (eRRM_MSG_SOURCE_ESE_UPLOAD == rrm_ctx->msgSource || + eRRM_MSG_SOURCE_LEGACY_ESE == rrm_ctx->msgSource) + scan_type = rrm_ctx->measMode[rrm_ctx->currentIndex]; + else + scan_type = rrm_ctx->measMode[0]; + while (scan_results) { + /* + * In passive scan, sta listens beacon. Connected AP beacon + * is offloaded to firmware. Firmware will discard + * connected AP beacon except that special IE exists. + * Connected AP beacon will not be sent to host. Hence, timer + * of connected AP in scan results is not updated and can + * not meet "pScanResult->timer >= RRM_scan_timer". + */ + tCsrRoamSession *session; + uint8_t is_conn_bss_found = false; + + if (scan_type == eSIR_PASSIVE_SCAN) { + session = CSR_GET_SESSION(mac_ctx, session_id); + if (csr_is_conn_state_connected_infra(mac_ctx, + session_id) && + (NULL != session->pConnectBssDesc) && + (csr_is_duplicate_bss_description(mac_ctx, + &scan_results->BssDescriptor, + session->pConnectBssDesc))) { + is_conn_bss_found = true; + sme_debug("Connected BSS in scan results"); + } + } next_result = sme_scan_result_get_next(mac_ctx, result_handle); sme_debug("Scan res timer:%lu, rrm scan timer:%llu", scan_results->timer, rrm_scan_timer); - if (scan_results->timer >= rrm_scan_timer) { + if ((scan_results->timer >= rrm_scan_timer) || + (is_conn_bss_found == true)) { roam_info->pBssDesc = &scan_results->BssDescriptor; csr_roam_call_callback(mac_ctx, session_id, roam_info, 0, eCSR_ROAM_UPDATE_SCAN_RESULT, @@ -759,6 +791,7 @@ static QDF_STATUS sme_rrm_issue_scan_req(tpAniSirGlobal mac_ctx) scan_req.requestType = eCSR_SCAN_RRM; wma_get_scan_id(&scan_req_id); scan_req.scan_id = scan_req_id; + scan_req.scan_requestor_id = USER_SCAN_REQUESTOR_ID; status = sme_scan_request(mac_ctx, (uint8_t) session_id, &scan_req, &sme_rrm_scan_request_callback, NULL); @@ -833,6 +866,7 @@ QDF_STATUS sme_rrm_process_beacon_report_req_ind(tpAniSirGlobal pMac, tpSirBeaconReportReqInd pBeaconReq = (tpSirBeaconReportReqInd) pMsgBuf; tpRrmSMEContext pSmeRrmContext = &pMac->rrm.rrmSmeContext; uint32_t len = 0, i = 0; + uint8_t temp = 0; sme_debug("Received Beacon report request ind Channel = %d", pBeaconReq->channelInfo.channelNum); @@ -850,7 +884,19 @@ QDF_STATUS sme_rrm_process_beacon_report_req_ind(tpAniSirGlobal pMac, } csr_get_cfg_valid_channels(pMac, pSmeRrmContext->channelList. ChannelList, &len); - pSmeRrmContext->channelList.numOfChannels = (uint8_t) len; + + for (i = 0; i < len; i++) { + if (cds_reg_dmn_get_opclass_from_channel( + pMac->scan.countryCodeCurrent, + pSmeRrmContext->channelList.ChannelList[i], + BWALL) == + pBeaconReq->channelInfo.regulatoryClass) { + pSmeRrmContext->channelList.ChannelList[temp] = + pSmeRrmContext->channelList.ChannelList[i]; + temp++; + } + } + pSmeRrmContext->channelList.numOfChannels = (uint8_t) temp; } else { len = 0; pSmeRrmContext->channelList.numOfChannels = 0; diff --git a/core/utils/fwlog/dbglog_host.c b/core/utils/fwlog/dbglog_host.c index 04d92c3f0f00..7e5257faf48c 100644 --- a/core/utils/fwlog/dbglog_host.c +++ b/core/utils/fwlog/dbglog_host.c @@ -4237,20 +4237,18 @@ static void cnss_diag_cmd_handler(const void *data, int data_len, return; } -/** - * cnss_diag_activate_service() - API to register CNSS diag cmd handler - * - * API to register the CNSS diag command handler using new genl infra. - * Return type is zero to match with legacy prototype - * - * Return: 0 - */ int cnss_diag_activate_service(void) { register_cld_cmd_cb(WLAN_NL_MSG_CNSS_DIAG, cnss_diag_cmd_handler, NULL); return 0; } +int cnss_diag_deactivate_service(void) +{ + deregister_cld_cmd_cb(WLAN_NL_MSG_CNSS_DIAG); + return 0; +} + #else /** @@ -4282,30 +4280,35 @@ static int cnss_diag_msg_callback(struct sk_buff *skb) return 0; } -/** - * brief cnss_diag_activate_service() - Activate cnss_diag message handler - * - * This function registers a handler to receive netlink message from - * an cnss-diag application process. - * - * param - - * - None - * - * return - 0 for success, non zero for failure - */ int cnss_diag_activate_service(void) { - int ret = 0; + int ret; /* Register the msg handler for msgs addressed to WLAN_NL_MSG_OEM */ ret = nl_srv_register(WLAN_NL_MSG_CNSS_DIAG, cnss_diag_msg_callback); - if (ret) { + if (ret) AR_DEBUG_PRINTF(ATH_DEBUG_ERR, ("CNSS-DIAG Registration failed")); - return ret; - } - return 0; + + return ret; } + +int cnss_diag_deactivate_service(void) +{ + int ret; + + /* + * Deregister the msg handler for msgs addressed to + * WLAN_NL_MSG_CNSS_DIAG + */ + ret = nl_srv_unregister(WLAN_NL_MSG_CNSS_DIAG, cnss_diag_msg_callback); + if (ret) + AR_DEBUG_PRINTF(ATH_DEBUG_ERR, + ("CNSS-DIAG Registration failed")); + + return ret; +} + #endif static A_BOOL diff --git a/core/utils/fwlog/dbglog_host.h b/core/utils/fwlog/dbglog_host.h index fe4617acc2c4..be6c1ddc267b 100644 --- a/core/utils/fwlog/dbglog_host.h +++ b/core/utils/fwlog/dbglog_host.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, 2014-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2011, 2014-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -159,9 +159,26 @@ dbglog_parse_debug_logs(ol_scn_t scn, u_int8_t *datap, u_int32_t len); -/** Register the cnss_diag activate with the wlan driver */ +/** + * cnss_diag_activate_service() - API to register CNSS diag cmd handler + * + * API to register the handler for the NL message received from cnss_diag + * application. + * + * Return: 0 + */ int cnss_diag_activate_service(void); +/** + * cnss_diag_deactivate_service() - API to deregister CNSS diag cmd handler + * + * API to deregister the handler for the NL message received from cnss_diag + * application. + * + * Return: 0 + */ +int cnss_diag_deactivate_service(void); + #ifdef __cplusplus } #endif diff --git a/core/utils/pktlog/pktlog_ac.c b/core/utils/pktlog/pktlog_ac.c index 052b87bea2bf..595f2217dcd9 100644 --- a/core/utils/pktlog/pktlog_ac.c +++ b/core/utils/pktlog/pktlog_ac.c @@ -390,21 +390,21 @@ int __pktlog_enable(struct hif_opaque_softc *scn, int32_t log_state, int error; if (!scn) { - printk("%s: Invalid scn context\n", __func__); + qdf_print("%s: Invalid scn context\n", __func__); ASSERT(0); return -1; } txrx_pdev = cds_get_context(QDF_MODULE_ID_TXRX); if (!txrx_pdev) { - printk("%s: Invalid txrx_pdev context\n", __func__); + qdf_print("%s: Invalid txrx_pdev context\n", __func__); ASSERT(0); return -1; } pl_dev = txrx_pdev->pl_dev; if (!pl_dev) { - printk("%s: Invalid pktlog context\n", __func__); + qdf_print("%s: Invalid pktlog context\n", __func__); ASSERT(0); return -1; } @@ -442,8 +442,8 @@ int __pktlog_enable(struct hif_opaque_softc *scn, int32_t log_state, if (!pl_info->buf) { pl_info->curr_pkt_state = PKTLOG_OPR_NOT_IN_PROGRESS; - printk("%s: pktlog buf alloc failed\n", - __func__); + qdf_print("%s: pktlog buf alloc failed\n", + __func__); ASSERT(0); return -1; } @@ -469,20 +469,29 @@ int __pktlog_enable(struct hif_opaque_softc *scn, int32_t log_state, if (log_state != 0) { /* WDI subscribe */ - if ((!pl_dev->is_pktlog_cb_subscribed) && - wdi_pktlog_subscribe(txrx_pdev, log_state)) { - pl_info->curr_pkt_state = PKTLOG_OPR_NOT_IN_PROGRESS; - printk("Unable to subscribe to the WDI %s\n", __func__); - return -1; + if (!pl_dev->is_pktlog_cb_subscribed) { + error = wdi_pktlog_subscribe(txrx_pdev, log_state); + if (error) { + pl_info->curr_pkt_state = + PKTLOG_OPR_NOT_IN_PROGRESS; + qdf_print("Unable to subscribe to the WDI %s\n", + __func__); + return -EINVAL; + } + } else { + qdf_print("Unable to subscribe %d to the WDI %s\n", + log_state, __func__); + return -EINVAL; } - pl_dev->is_pktlog_cb_subscribed = true; + /* WMI command to enable pktlog on the firmware */ if (pktlog_enable_tgt(scn, log_state, ini_triggered, user_triggered)) { pl_info->curr_pkt_state = PKTLOG_OPR_NOT_IN_PROGRESS; - printk("Device cannot be enabled, %s\n", __func__); + qdf_print("Device cannot be enabled, %s\n", __func__); return -1; } + pl_dev->is_pktlog_cb_subscribed = true; if (is_iwpriv_command == 0) pl_dev->vendor_cmd_send = true; diff --git a/core/utils/ptt/inc/wlan_ptt_sock_svc.h b/core/utils/ptt/inc/wlan_ptt_sock_svc.h index 0ff8e26d8137..d476ae35226f 100644 --- a/core/utils/ptt/inc/wlan_ptt_sock_svc.h +++ b/core/utils/ptt/inc/wlan_ptt_sock_svc.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2017 The Linux Foundation. All rights reserved. + * Copyright (c) 2012-2018 The Linux Foundation. All rights reserved. * * Permission to use, copy, modify, and/or distribute this software for * any purpose with or without fee is hereby granted, provided that the @@ -88,12 +88,34 @@ * Payload : LEN_PAYLOAD bytes */ #ifdef PTT_SOCK_SVC_ENABLE -int ptt_sock_activate_svc(void); + +/** + * ptt_sock_activate_svc() - API to register PTT/PUMAC command handlers + * + * API to register the handler for PTT/PUMAC NL messages. + * + * Return: None + */ +void ptt_sock_activate_svc(void); + +/** + * ptt_sock_deactivate_svc() - API to deregister PTT/PUMAC command handlers + * + * API to deregister the handler for PTT/PUMAC NL messages. + * + * Return: None + */ void ptt_sock_deactivate_svc(void); int ptt_sock_send_msg_to_app(tAniHdr *wmsg, int radio, int src_mod, int pid); #else -static inline int ptt_sock_activate_svc(void) { return 0; } -static inline void ptt_sock_deactivate_svc(void) { return; } +static inline void ptt_sock_activate_svc(void) +{ +} + +static inline void ptt_sock_deactivate_svc(void) +{ +} + static inline int ptt_sock_send_msg_to_app(tAniHdr *wmsg, int radio, int src_mod, int pid) { diff --git a/core/utils/ptt/src/wlan_ptt_sock_svc.c b/core/utils/ptt/src/wlan_ptt_sock_svc.c index 32b66cec0309..413b0f062df0 100644 --- a/core/utils/ptt/src/wlan_ptt_sock_svc.c +++ b/core/utils/ptt/src/wlan_ptt_sock_svc.c @@ -306,52 +306,30 @@ static void ptt_cmd_handler(const void *data, int data_len, void *ctx, int pid) } } -/** - * ptt_sock_activate_svc() - API to register PTT/PUMAC command handler - * - * API to register the PTT/PUMAC command handlers. Argument @pAdapter - * is sent for prototype compatibility between new genl and legacy - * implementation - * - * Return: 0 - */ -int ptt_sock_activate_svc(void) +void ptt_sock_activate_svc(void) { register_cld_cmd_cb(ANI_NL_MSG_PUMAC, ptt_cmd_handler, NULL); register_cld_cmd_cb(ANI_NL_MSG_PTT, ptt_cmd_handler, NULL); - return 0; } -/** - * ptt_sock_deactivate_svc() - Dummy API to deactivate PTT service - * - * Return: Void - */ void ptt_sock_deactivate_svc(void) { + deregister_cld_cmd_cb(ANI_NL_MSG_PTT); + deregister_cld_cmd_cb(ANI_NL_MSG_PUMAC); } #else -/** - * ptt_sock_activate_svc() - activate PTT service - * - * Return: 0 - */ -int ptt_sock_activate_svc(void) +void ptt_sock_activate_svc(void) { ptt_pid = INVALID_PID; nl_srv_register(ANI_NL_MSG_PUMAC, ptt_sock_rx_nlink_msg); nl_srv_register(ANI_NL_MSG_PTT, ptt_sock_rx_nlink_msg); - return 0; } -/** - * ptt_sock_deactivate_svc() - deactivate PTT service - * - * Return: Void - */ void ptt_sock_deactivate_svc(void) { + nl_srv_unregister(ANI_NL_MSG_PTT, ptt_sock_rx_nlink_msg); + nl_srv_unregister(ANI_NL_MSG_PUMAC, ptt_sock_rx_nlink_msg); ptt_pid = INVALID_PID; } #endif diff --git a/core/wma/inc/wma.h b/core/wma/inc/wma.h index eee3f93f0ad2..0b69941a8455 100644 --- a/core/wma/inc/wma.h +++ b/core/wma/inc/wma.h @@ -421,7 +421,6 @@ enum ds_mode { #define WMA_DEFAULT_QPOWER_MAX_PSPOLL_BEFORE_WAKE 1 #define WMA_DEFAULT_QPOWER_TX_WAKE_THRESHOLD 2 -#define WMA_DEFAULT_SIFS_BURST_DURATION 8160 #define WMA_VHT_PPS_PAID_MATCH 1 #define WMA_VHT_PPS_GID_MATCH 2 @@ -827,8 +826,6 @@ typedef struct { * @rxchainmask: rx chain mask * @txpow2g: tx power limit for 2GHz * @txpow5g: tx power limit for 5GHz - * @burst_enable: is burst enable/disable - * @burst_dur: burst duration * * This structure stores pdev parameters. * Some of these parameters are set in fw and some @@ -846,8 +843,6 @@ typedef struct { uint32_t rxchainmask; uint32_t txpow2g; uint32_t txpow5g; - uint32_t burst_enable; - uint32_t burst_dur; } pdev_cli_config_t; /** @@ -1041,6 +1036,7 @@ struct roam_synch_frame_ind { * @aid: association id * @rmfEnabled: Robust Management Frame (RMF) enabled/disabled * @key: GTK key + * @ucast_key_cipher: unicast cipher key * @uapsd_cached_val: uapsd cached value * @stats_rsp: stats response * @fw_stats_set: fw stats value @@ -1117,6 +1113,7 @@ struct wma_txrx_node { uint8_t rmfEnabled; #ifdef WLAN_FEATURE_11W wma_igtk_key_t key; + uint32_t ucast_key_cipher; #endif /* WLAN_FEATURE_11W */ uint32_t uapsd_cached_val; tAniGetPEStatsRsp *stats_rsp; diff --git a/core/wma/inc/wma_api.h b/core/wma/inc/wma_api.h index 43d99abe1093..2de08c97638f 100644 --- a/core/wma/inc/wma_api.h +++ b/core/wma/inc/wma_api.h @@ -572,4 +572,15 @@ bool wma_dual_beacon_on_single_mac_mcc_capable(void); */ void wma_cleanup_vdev_resp_and_hold_req(void *priv); +/** + * wma_send_dhcp_ind() - Send DHCP Start/Stop Indication to FW. + * @type - WMA message type. + * @device_mode - mode(AP, SAP etc) of the device. + * @mac_addr - MAC address of the adapter. + * @sta_mac_addr - MAC address of the peer station. + * + * Return: QDF_STATUS. + */ +QDF_STATUS wma_send_dhcp_ind(uint16_t type, uint8_t device_mode, + uint8_t *mac_addr, uint8_t *sta_mac_addr); #endif diff --git a/core/wma/inc/wma_if.h b/core/wma/inc/wma_if.h index e2d8b476a26a..e4ea2849c827 100644 --- a/core/wma/inc/wma_if.h +++ b/core/wma/inc/wma_if.h @@ -714,6 +714,8 @@ typedef struct sBeaconGenParams { * @beaconLength: beacon length of template * @timIeOffset: TIM IE offset * @p2pIeOffset: P2P IE offset + * @csa_count_offset: Offset of Switch count field in CSA IE + * @ecsa_count_offset: Offset of Switch count field in ECSA IE */ typedef struct { tSirMacAddr bssId; @@ -721,6 +723,8 @@ typedef struct { uint32_t beaconLength; uint32_t timIeOffset; uint16_t p2pIeOffset; + uint32_t csa_count_offset; + uint32_t ecsa_count_offset; } tSendbeaconParams, *tpSendbeaconParams; /** diff --git a/core/wma/inc/wma_internal.h b/core/wma/inc/wma_internal.h index 5931bc42faaf..2594a8aaea97 100644 --- a/core/wma/inc/wma_internal.h +++ b/core/wma/inc/wma_internal.h @@ -1506,9 +1506,9 @@ int wma_fill_beacon_interval_reset_req(tp_wma_handle wma, uint8_t vdev_id, uint16_t beacon_interval, uint32_t timeout); /** - * wma_peer_ant_info_evt_handler - event handler to handle antenna info + * wma_pdev_div_info_evt_handler - event handler to handle antenna info * @handle: the wma handle - * @event: buffer with event + * @event_buf: buffer with event * @len: buffer length * * This function receives antenna info from firmware and passes the event @@ -1516,7 +1516,7 @@ int wma_fill_beacon_interval_reset_req(tp_wma_handle wma, uint8_t vdev_id, * * Return: 0 on success */ -int wma_peer_ant_info_evt_handler(void *handle, u_int8_t *event, +int wma_pdev_div_info_evt_handler(void *handle, u_int8_t *event_buf, u_int32_t len); /** diff --git a/core/wma/src/wma_data.c b/core/wma/src/wma_data.c index f199e29c7fe5..8321c3a2f598 100644 --- a/core/wma/src/wma_data.c +++ b/core/wma/src/wma_data.c @@ -2670,11 +2670,20 @@ QDF_STATUS wma_tx_packet(void *wma_context, void *tx_frame, uint16_t frmLen, if (!IEEE80211_IS_BROADCAST(wh->i_addr1) && !IEEE80211_IS_MULTICAST(wh->i_addr1)) { if (pFc->wep) { + uint8_t mic_len, hdr_len; + /* Allocate extra bytes for privacy header and * trailer */ - newFrmLen = frmLen + IEEE80211_CCMP_HEADERLEN + - IEEE80211_CCMP_MICLEN; + if (iface->ucast_key_cipher == + WMI_CIPHER_AES_GCM) { + hdr_len = WLAN_IEEE80211_GCMP_HEADERLEN; + mic_len = WLAN_IEEE80211_GCMP_MICLEN; + } else { + hdr_len = IEEE80211_CCMP_HEADERLEN; + mic_len = IEEE80211_CCMP_MICLEN; + } + newFrmLen = frmLen + hdr_len + mic_len; qdf_status = cds_packet_alloc((uint16_t) newFrmLen, (void **)&pFrame, @@ -2697,7 +2706,7 @@ QDF_STATUS wma_tx_packet(void *wma_context, void *tx_frame, uint16_t frmLen, qdf_mem_set(pFrame, newFrmLen, 0); qdf_mem_copy(pFrame, wh, sizeof(*wh)); qdf_mem_copy(pFrame + sizeof(*wh) + - IEEE80211_CCMP_HEADERLEN, + hdr_len, pData + sizeof(*wh), frmLen - sizeof(*wh)); diff --git a/core/wma/src/wma_dev_if.c b/core/wma/src/wma_dev_if.c index 8af9c5bf7f61..d1d8eb49b810 100644 --- a/core/wma/src/wma_dev_if.c +++ b/core/wma/src/wma_dev_if.c @@ -653,6 +653,19 @@ QDF_STATUS wma_vdev_detach(tp_wma_handle wma_handle, struct wma_txrx_node *iface = &wma_handle->interfaces[vdev_id]; struct wma_target_req *req_msg; + if (!iface->handle || (!cds_is_target_ready())) { + WMA_LOGE("handle of vdev_id %d is NULL vdev is already freed or target is not ready", + vdev_id); + pdel_sta_self_req_param->status = status; + if (generateRsp) { + wma_send_del_sta_self_resp(pdel_sta_self_req_param); + } else { + qdf_mem_free(pdel_sta_self_req_param); + pdel_sta_self_req_param = NULL; + } + return status; + } + if (qdf_atomic_read(&iface->bss_status) == WMA_BSS_STATUS_STARTED) { req_msg = wma_find_vdev_req(wma_handle, vdev_id, WMA_TARGET_REQ_TYPE_VDEV_STOP, false); @@ -668,19 +681,6 @@ QDF_STATUS wma_vdev_detach(tp_wma_handle wma_handle, } iface->is_del_sta_defered = false; - if (!iface->handle) { - WMA_LOGE("handle of vdev_id %d is NULL vdev is already freed", - vdev_id); - pdel_sta_self_req_param->status = status; - if (generateRsp) { - wma_send_del_sta_self_resp(pdel_sta_self_req_param); - } else { - qdf_mem_free(pdel_sta_self_req_param); - pdel_sta_self_req_param = NULL; - } - return status; - } - if (iface->type == WMI_VDEV_TYPE_STA) wma_pno_stop(wma_handle, vdev_id); @@ -1915,6 +1915,16 @@ int wma_vdev_stop_resp_handler(void *handle, uint8_t *cmd_param_info, /* vdev in stopped state, no more waiting for key */ iface->is_waiting_for_key = false; + /* + * Reset the rmfEnabled as there might be MGMT action frames + * sent on this vdev before the next session is established. + */ + if (iface->rmfEnabled) { + iface->rmfEnabled = 0; + WMA_LOGD(FL("Reset rmfEnabled for vdev %d"), + resp_event->vdev_id); + } + wma_release_wakelock(&iface->vdev_stop_wakelock); req_msg = wma_find_vdev_req(wma, resp_event->vdev_id, @@ -2030,6 +2040,7 @@ int wma_vdev_stop_resp_handler(void *handle, uint8_t *cmd_param_info, wma_send_msg(wma, WMA_SET_LINK_STATE_RSP, (void *)params, 0); } + free_req_msg: qdf_mc_timer_destroy(&req_msg->event_timeout); qdf_mem_free(req_msg); @@ -3755,6 +3766,7 @@ static void wma_add_bss_ap_mode(tp_wma_handle wma, tpAddBssParams add_bss) req.vdev_id = vdev_id; req.chan = add_bss->currentOperChannel; req.chan_width = add_bss->ch_width; + req.dot11_mode = add_bss->dot11_mode; if (add_bss->ch_width == CH_WIDTH_10MHZ) req.is_half_rate = 1; diff --git a/core/wma/src/wma_features.c b/core/wma/src/wma_features.c index eeb1c085c7b3..97b31fe3ae97 100644 --- a/core/wma/src/wma_features.c +++ b/core/wma/src/wma_features.c @@ -11004,7 +11004,8 @@ int wma_get_arp_stats_handler(void *handle, uint8_t *data, connect_stats_event->icmpv4_rsp_recvd); } - mac->sme.get_arp_stats_cb(mac->hHdd, &rsp); + mac->sme.get_arp_stats_cb(mac->hHdd, &rsp, + mac->sme.get_arp_stats_context); EXIT(); @@ -11321,46 +11322,51 @@ int wma_chan_info_event_handler(void *handle, u_int8_t *event_buf, return 0; } -int wma_peer_ant_info_evt_handler(void *handle, u_int8_t *event, +int wma_pdev_div_info_evt_handler(void *handle, u_int8_t *event_buf, u_int32_t len) { - wmi_peer_antdiv_info *peer_ant_info; - WMI_PEER_ANTDIV_INFO_EVENTID_param_tlvs *param_buf; - wmi_peer_antdiv_info_event_fixed_param *fix_param; + WMI_PDEV_DIV_RSSI_ANTID_EVENTID_param_tlvs *param_buf; + wmi_pdev_div_rssi_antid_event_fixed_param *event; struct chain_rssi_result chain_rssi_result; - u_int32_t chain_index; + u_int32_t i; + u_int8_t macaddr[IEEE80211_ADDR_LEN]; tpAniSirGlobal pmac = (tpAniSirGlobal)cds_get_context( QDF_MODULE_ID_PE); if (!pmac) { - WMA_LOGE("%s: Invalid pmac", __func__); + WMA_LOGE(FL("Invalid pmac")); return -EINVAL; } - param_buf = (WMI_PEER_ANTDIV_INFO_EVENTID_param_tlvs *) event; + param_buf = (WMI_PDEV_DIV_RSSI_ANTID_EVENTID_param_tlvs *) event_buf; if (!param_buf) { - WMA_LOGE("Invalid peer_ant_info event buffer"); + WMA_LOGE(FL("Invalid rssi antid event buffer")); return -EINVAL; } - fix_param = param_buf->fixed_param; - peer_ant_info = param_buf->peer_info; - WMA_LOGD(FL("num_peers=%d\tvdev_id=%d\n"), - fix_param->num_peers, fix_param->vdev_id); - WMA_LOGD(FL("peer_ant_info: %pK\n"), peer_ant_info); - - if (!peer_ant_info) { - WMA_LOGE("Invalid peer_ant_info ptr\n"); + event = param_buf->fixed_param; + if (!event) { + WMA_LOGE(FL("Invalid fixed param")); return -EINVAL; } - for (chain_index = 0; chain_index < CHAIN_RSSI_NUM; chain_index++) - WMA_LOGD(FL("chain%d rssi: %x\n"), chain_index, - peer_ant_info->chain_rssi[chain_index]); + WMI_MAC_ADDR_TO_CHAR_ARRAY(&event->macaddr, macaddr); + WMA_LOGD(FL("macaddr: " MAC_ADDRESS_STR), MAC_ADDR_ARRAY(macaddr)); + + WMA_LOGD(FL("num_chains_valid: %d"), event->num_chains_valid); + chain_rssi_result.num_chains_valid = event->num_chains_valid; + + for (i = 0; i < CHAIN_MAX_NUM; i++) + WMA_LOGD(FL("chain_rssi: %d"), event->chain_rssi[i]); + qdf_mem_copy(chain_rssi_result.chain_rssi, event->chain_rssi, + sizeof(event->chain_rssi)); + for (i = 0; i < event->num_chains_valid; i++) + chain_rssi_result.chain_rssi[i] += WMA_TGT_NOISE_FLOOR_DBM; - qdf_mem_copy(chain_rssi_result.chain_rssi, - peer_ant_info->chain_rssi, - sizeof(peer_ant_info->chain_rssi)); + for (i = 0; i < CHAIN_MAX_NUM; i++) + WMA_LOGD(FL("ant_id: %d"), event->ant_id[i]); + qdf_mem_copy(chain_rssi_result.ant_id, event->ant_id, + sizeof(event->ant_id)); pmac->sme.pchain_rssi_ind_cb(pmac->hHdd, &chain_rssi_result); @@ -11529,3 +11535,44 @@ bool wma_dual_beacon_on_single_mac_mcc_capable(void) return false; } } + +/** + * wma_send_dhcp_ind() - Send DHCP Start/Stop Indication to FW. + * @type - WMA message type. + * @device_mode - mode(AP, SAP etc) of the device. + * @mac_addr - MAC address of the adapter. + * @sta_mac_addr - MAC address of the peer station. + * + * Return: QDF_STATUS. + */ +QDF_STATUS wma_send_dhcp_ind(uint16_t type, uint8_t device_mode, + uint8_t *mac_addr, uint8_t *peer_mac_addr) +{ + QDF_STATUS qdf_status = QDF_STATUS_SUCCESS; + tAniDHCPInd *msg; + + msg = (tAniDHCPInd *) qdf_mem_malloc(sizeof(tAniDHCPInd)); + if (NULL == msg) { + QDF_TRACE(QDF_MODULE_ID_WMA, QDF_TRACE_LEVEL_ERROR, + "%s: Not able to allocate memory for dhcp ind", + __func__); + return QDF_STATUS_E_NOMEM; + } + msg->msgType = type; + msg->msgLen = (uint16_t) sizeof(tAniDHCPInd); + msg->device_mode = device_mode; + qdf_mem_copy(msg->adapterMacAddr.bytes, mac_addr, QDF_MAC_ADDR_SIZE); + qdf_mem_copy(msg->peerMacAddr.bytes, peer_mac_addr, QDF_MAC_ADDR_SIZE); + + qdf_status = wma_process_dhcp_ind(cds_get_context(QDF_MODULE_ID_WMA), + (tAniDHCPInd *)msg); + if (!QDF_IS_STATUS_SUCCESS(qdf_status)) { + QDF_TRACE(QDF_MODULE_ID_WMA, QDF_TRACE_LEVEL_ERROR, + "%s: Failed to send DHCP indication", __func__); + qdf_status = QDF_STATUS_E_FAILURE; + } + + qdf_mem_free(msg); + + return qdf_status; +} diff --git a/core/wma/src/wma_main.c b/core/wma/src/wma_main.c index 6f2c77f1db58..73603727f412 100644 --- a/core/wma/src/wma_main.c +++ b/core/wma/src/wma_main.c @@ -384,12 +384,6 @@ int wma_cli_get_command(int vdev_id, int param_id, int vpdev) case WMI_PDEV_PARAM_TXPOWER_LIMIT5G: ret = wma->pdevconfig.txpow5g; break; - case WMI_PDEV_PARAM_BURST_ENABLE: - ret = wma->pdevconfig.burst_enable; - break; - case WMI_PDEV_PARAM_BURST_DUR: - ret = wma->pdevconfig.burst_dur; - break; default: WMA_LOGE("Invalid cli_get pdev command/Not yet implemented 0x%x", param_id); @@ -1504,18 +1498,6 @@ static void wma_process_cli_set_cmd(tp_wma_handle wma, case WMI_PDEV_PARAM_RX_CHAIN_MASK: wma->pdevconfig.rxchainmask = privcmd->param_value; break; - case WMI_PDEV_PARAM_BURST_ENABLE: - wma->pdevconfig.burst_enable = privcmd->param_value; - if ((wma->pdevconfig.burst_enable == 1) && - (wma->pdevconfig.burst_dur == 0)) - wma->pdevconfig.burst_dur = - WMA_DEFAULT_SIFS_BURST_DURATION; - else if (wma->pdevconfig.burst_enable == 0) - wma->pdevconfig.burst_dur = 0; - break; - case WMI_PDEV_PARAM_BURST_DUR: - wma->pdevconfig.burst_dur = privcmd->param_value; - break; case WMI_PDEV_PARAM_TXPOWER_LIMIT2G: wma->pdevconfig.txpow2g = privcmd->param_value; if ((pMac->roam.configParam.bandCapability == @@ -2879,8 +2861,8 @@ QDF_STATUS wma_open(void *cds_context, wma_ndp_register_all_event_handlers(wma_handle); wmi_unified_register_event_handler(wma_handle->wmi_handle, - WMI_PEER_ANTDIV_INFO_EVENTID, - wma_peer_ant_info_evt_handler, + WMI_PDEV_DIV_RSSI_ANTID_EVENTID, + wma_pdev_div_info_evt_handler, WMA_RX_SERIALIZER_CTX); wmi_unified_register_event_handler(wma_handle->wmi_handle, @@ -3172,6 +3154,11 @@ static int wma_pdev_set_hw_mode_resp_evt_handler(void *handle, QDF_BUG(0); goto fail; } + if (vdev_id >= wma->max_bssid) { + WMA_LOGE("%s: vdev_id: %d is invalid, max_bssid: %d", + __func__, vdev_id, wma->max_bssid); + goto fail; + } mac_id = WMA_PDEV_TO_MAC_MAP(vdev_mac_entry[i].pdev_id); WMA_LOGE("%s: vdev_id:%d mac_id:%d", @@ -3260,6 +3247,11 @@ void wma_process_pdev_hw_mode_trans_ind(void *handle, QDF_BUG(0); return; } + if (vdev_id >= wma->max_bssid) { + WMA_LOGE("%s: vdev_id: %d is invalid, max_bssid: %d", + __func__, vdev_id, wma->max_bssid); + return; + } mac_id = WMA_PDEV_TO_MAC_MAP(vdev_mac_entry[i].pdev_id); @@ -4282,6 +4274,9 @@ static inline void wma_update_target_services(tp_wma_handle wh, /* Enable WOW */ g_fw_wlan_feat_caps |= (1 << WOW); + if (WMI_SERVICE_IS_ENABLED(wh->wmi_service_bitmap, WMI_SERVICE_NLO)) + g_fw_wlan_feat_caps |= (1 << PNO); + /* ARP offload */ cfg->arp_offload = WMI_SERVICE_IS_ENABLED(wh->wmi_service_bitmap, WMI_SERVICE_ARPNS_OFFLOAD); @@ -7145,9 +7140,9 @@ wma_process_action_frame_random_mac(tp_wma_handle wma_handle, static QDF_STATUS wma_get_chain_rssi(tp_wma_handle wma_handle, struct get_chain_rssi_req_params *req_params) { - wmi_peer_antdiv_info_req_cmd_fixed_param *cmd; + wmi_pdev_div_get_rssi_antid_fixed_param *cmd; wmi_buf_t wmi_buf; - uint32_t len = sizeof(wmi_peer_antdiv_info_req_cmd_fixed_param); + uint32_t len = sizeof(wmi_pdev_div_get_rssi_antid_fixed_param); u_int8_t *buf_ptr; if (!wma_handle) { @@ -7163,16 +7158,16 @@ static QDF_STATUS wma_get_chain_rssi(tp_wma_handle wma_handle, buf_ptr = (u_int8_t *)wmi_buf_data(wmi_buf); - cmd = (wmi_peer_antdiv_info_req_cmd_fixed_param *)buf_ptr; + cmd = (wmi_pdev_div_get_rssi_antid_fixed_param *)buf_ptr; WMITLV_SET_HDR(&cmd->tlv_header, WMITLV_TAG_STRUC_wmi_peer_antdiv_info_req_cmd_fixed_param, - WMITLV_GET_STRUCT_TLVLEN(wmi_peer_antdiv_info_req_cmd_fixed_param)); - cmd->vdev_id = req_params->session_id; + WMITLV_GET_STRUCT_TLVLEN(wmi_pdev_div_get_rssi_antid_fixed_param)); + cmd->pdev_id = 0; WMI_CHAR_ARRAY_TO_MAC_ADDR(req_params->peer_macaddr.bytes, - &cmd->peer_mac_address); + &cmd->macaddr); if (wmi_unified_cmd_send(wma_handle->wmi_handle, wmi_buf, len, - WMI_PEER_ANTDIV_INFO_REQ_CMDID)) { + WMI_PDEV_DIV_GET_RSSI_ANTID_CMDID)) { WMA_LOGE(FL("failed to send get chain rssi command")); wmi_buf_free(wmi_buf); return QDF_STATUS_E_FAILURE; @@ -7934,6 +7929,7 @@ QDF_STATUS wma_mc_process_msg(void *cds_context, cds_msg_t *msg) case WMA_RESET_PASSPOINT_LIST_REQ: wma_reset_passpoint_network_list(wma_handle, (struct wifi_passpoint_req *)msg->bodyptr); + qdf_mem_free(msg->bodyptr); break; #endif /* FEATURE_WLAN_EXTSCAN */ case WMA_SET_SCAN_MAC_OUI_REQ: diff --git a/core/wma/src/wma_mgmt.c b/core/wma/src/wma_mgmt.c index 09cef7c2cdc9..2c0c3ebb2a68 100644 --- a/core/wma/src/wma_mgmt.c +++ b/core/wma/src/wma_mgmt.c @@ -1712,10 +1712,11 @@ static QDF_STATUS wma_setup_install_key_cmd(tp_wma_handle wma_handle, params.key_len = key_params->key_len; #ifdef WLAN_FEATURE_11W + iface = &wma_handle->interfaces[key_params->vdev_id]; + if ((key_params->key_type == eSIR_ED_AES_128_CMAC) || (key_params->key_type == eSIR_ED_AES_GMAC_128) || (key_params->key_type == eSIR_ED_AES_GMAC_256)) { - iface = &wma_handle->interfaces[key_params->vdev_id]; if (iface) { iface->key.key_length = key_params->key_len; iface->key.key_cipher = params.key_cipher; @@ -1729,6 +1730,9 @@ static QDF_STATUS wma_setup_install_key_cmd(tp_wma_handle wma_handle, CMAC_IPN_LEN); } } + + if (key_params->unicast && iface) + iface->ucast_key_cipher = params.key_cipher; #endif /* WLAN_FEATURE_11W */ WMA_LOGD("Key setup : vdev_id %d key_idx %d key_type %d key_len %d", @@ -2374,6 +2378,14 @@ static QDF_STATUS wma_unified_bcn_tmpl_send(tp_wma_handle wma, params.tmpl_len = tmpl_len; params.frm = frm; params.tmpl_len_aligned = tmpl_len_aligned; + if (bcn_info->csa_count_offset && + (bcn_info->csa_count_offset > bytes_to_strip)) + params.csa_count_offset = + bcn_info->csa_count_offset - bytes_to_strip; + if (bcn_info->ecsa_count_offset && + (bcn_info->ecsa_count_offset > bytes_to_strip)) + params.ecsa_count_offset = + bcn_info->ecsa_count_offset - bytes_to_strip; ret = wmi_unified_beacon_send_cmd(wma->wmi_handle, ¶ms); @@ -3340,6 +3352,7 @@ int wma_process_rmf_frame(tp_wma_handle wma_handle, { uint8_t *orig_hdr; uint8_t *ccmp; + uint8_t mic_len, hdr_len; if ((wh)->i_fc[1] & IEEE80211_FC1_WEP) { if (IEEE80211_IS_BROADCAST(wh->i_addr1) || @@ -3366,15 +3379,22 @@ int wma_process_rmf_frame(tp_wma_handle wma_handle, return -EINVAL; } + if (iface->ucast_key_cipher == WMI_CIPHER_AES_GCM) { + hdr_len = WLAN_IEEE80211_GCMP_HEADERLEN; + mic_len = WLAN_IEEE80211_GCMP_MICLEN; + } else { + hdr_len = IEEE80211_CCMP_HEADERLEN; + mic_len = IEEE80211_CCMP_MICLEN; + } /* Strip privacy headers (and trailer) * for a received frame */ qdf_mem_move(orig_hdr + - IEEE80211_CCMP_HEADERLEN, wh, + hdr_len, wh, sizeof(*wh)); qdf_nbuf_pull_head(wbuf, - IEEE80211_CCMP_HEADERLEN); - qdf_nbuf_trim_tail(wbuf, IEEE80211_CCMP_MICLEN); + hdr_len); + qdf_nbuf_trim_tail(wbuf, mic_len); /* * CCMP header has been pulled off * reinitialize the start pointer of mac header @@ -3496,37 +3516,33 @@ static bool wma_is_pkt_drop_candidate(tp_wma_handle wma_handle, } switch (subtype) { - case SIR_MAC_MGMT_ASSOC_REQ: - if (peer->last_assoc_rcvd) { - if (qdf_get_system_timestamp() - peer->last_assoc_rcvd < - WMA_MGMT_FRAME_DETECT_DOS_TIMER) { - WMA_LOGD(FL("Dropping Assoc Req received")); - should_drop = true; - } + case IEEE80211_FC0_SUBTYPE_ASSOC_REQ: + if (peer->last_assoc_rcvd && + qdf_system_time_before(qdf_get_system_timestamp(), + peer->last_assoc_rcvd + WMA_MGMT_FRAME_DETECT_DOS_TIMER)) { + WMA_LOGD(FL("Dropping Assoc Req as it is received after %d ms of last frame. Allow it only after %d ms"), + (int) (qdf_get_system_timestamp() - + peer->last_assoc_rcvd), + WMA_MGMT_FRAME_DETECT_DOS_TIMER); + should_drop = true; + break; } peer->last_assoc_rcvd = qdf_get_system_timestamp(); break; - case SIR_MAC_MGMT_DISASSOC: - if (peer->last_disassoc_rcvd) { - if (qdf_get_system_timestamp() - - peer->last_disassoc_rcvd < - WMA_MGMT_FRAME_DETECT_DOS_TIMER) { - WMA_LOGI(FL("Dropping DisAssoc received")); - should_drop = true; - } - } - peer->last_disassoc_rcvd = qdf_get_system_timestamp(); - break; - case SIR_MAC_MGMT_DEAUTH: - if (peer->last_deauth_rcvd) { - if (qdf_get_system_timestamp() - - peer->last_deauth_rcvd < - WMA_MGMT_FRAME_DETECT_DOS_TIMER) { - WMA_LOGI(FL("Dropping Deauth received")); - should_drop = true; - } + case IEEE80211_FC0_SUBTYPE_DISASSOC: + case IEEE80211_FC0_SUBTYPE_DEAUTH: + if (peer->last_disassoc_deauth_rcvd && + qdf_system_time_before(qdf_get_system_timestamp(), + peer->last_disassoc_deauth_rcvd + + WMA_MGMT_FRAME_DETECT_DOS_TIMER)) { + WMA_LOGD(FL("Dropping subtype %x frame as it is received after %d ms of last frame. Allow it only after %d ms"), + subtype, (int) (qdf_get_system_timestamp() - + peer->last_disassoc_deauth_rcvd), + WMA_MGMT_FRAME_DETECT_DOS_TIMER); + should_drop = true; + break; } - peer->last_deauth_rcvd = qdf_get_system_timestamp(); + peer->last_disassoc_deauth_rcvd = qdf_get_system_timestamp(); break; default: break; @@ -3707,6 +3723,9 @@ static int wma_mgmt_rx_process(void *handle, uint8_t *data, qdf_nbuf_put_tail(wbuf, hdr->buf_len); qdf_nbuf_set_protocol(wbuf, ETH_P_CONTROL); wh = (struct ieee80211_frame *)qdf_nbuf_data(wbuf); + qdf_mem_zero(((uint8_t *)wh + hdr->buf_len), roundup(hdr->buf_len + + RESERVE_BYTES, 4) - + hdr->buf_len); rx_pkt->pkt_meta.mpdu_hdr_ptr = qdf_nbuf_data(wbuf); rx_pkt->pkt_meta.mpdu_data_ptr = rx_pkt->pkt_meta.mpdu_hdr_ptr + diff --git a/core/wma/src/wma_nan_datapath.c b/core/wma/src/wma_nan_datapath.c index 1cf32838fad8..fb0a6cc81c04 100644 --- a/core/wma/src/wma_nan_datapath.c +++ b/core/wma/src/wma_nan_datapath.c @@ -462,6 +462,7 @@ static int wma_ndp_indication_event_handler(void *handle, uint8_t *event_info, wmi_ndp_indication_event_fixed_param *fixed_params; struct ndp_indication_event ind_event = {0}; tp_wma_handle wma_handle = handle; + size_t total_array_len; event = (WMI_NDP_INDICATION_EVENTID_param_tlvs *)event_info; fixed_params = @@ -480,6 +481,38 @@ static int wma_ndp_indication_event_handler(void *handle, uint8_t *event_info, return -EINVAL; } + if (fixed_params->nan_scid_len > event->num_ndp_scid) { + WMA_LOGE(FL("Invalid nan_scid_len: %d"), + fixed_params->nan_scid_len); + return -EINVAL; + } + + if (fixed_params->ndp_cfg_len > + (WMI_SVC_MSG_MAX_SIZE - sizeof(*fixed_params))) { + WMA_LOGE("%s: excess wmi buffer: ndp_cfg_len %d", + __func__, fixed_params->ndp_cfg_len); + return -EINVAL; + } + + total_array_len = fixed_params->ndp_cfg_len + + sizeof(*fixed_params); + + if (fixed_params->ndp_app_info_len > + (WMI_SVC_MSG_MAX_SIZE - total_array_len)) { + WMA_LOGE("%s: excess wmi buffer: ndp_cfg_len %d", + __func__, fixed_params->ndp_app_info_len); + return -EINVAL; + } + + total_array_len += fixed_params->ndp_app_info_len; + + if (fixed_params->nan_scid_len > + (WMI_SVC_MSG_MAX_SIZE - total_array_len)) { + WMA_LOGE("%s: excess wmi buffer: ndp_cfg_len %d", + __func__, fixed_params->nan_scid_len); + return -EINVAL; + } + ind_event.vdev_id = fixed_params->vdev_id; ind_event.service_instance_id = fixed_params->service_instance_id; ind_event.ndp_instance_id = fixed_params->ndp_instance_id; @@ -515,15 +548,6 @@ static int wma_ndp_indication_event_handler(void *handle, uint8_t *event_info, ind_event.ncs_sk_type = fixed_params->nan_csid; ind_event.scid.scid_len = fixed_params->nan_scid_len; - if (fixed_params->ndp_cfg_len > event->num_ndp_cfg || - fixed_params->ndp_app_info_len > event->num_ndp_app_info || - fixed_params->nan_scid_len > event->num_ndp_scid) { - WMA_LOGD(FL("Invalid ndp_cfg_len: %d, ndp_app_info_len: %d, nan_scid_len: %d"), - fixed_params->ndp_cfg_len, - fixed_params->ndp_app_info_len, - fixed_params->nan_scid_len); - return -EINVAL; - } if (ind_event.ndp_config.ndp_cfg_len) { ind_event.ndp_config.ndp_cfg = qdf_mem_malloc(fixed_params->ndp_cfg_len); diff --git a/core/wma/src/wma_scan_roam.c b/core/wma/src/wma_scan_roam.c index 0a32d4fc8237..71e90cd43e3a 100644 --- a/core/wma/src/wma_scan_roam.c +++ b/core/wma/src/wma_scan_roam.c @@ -230,6 +230,8 @@ QDF_STATUS wma_get_buf_start_scan_cmd(tp_wma_handle wma_handle, if (PREAUTH_REQUESTOR_ID == cmd->scan_req_id) cmd->scan_priority = WMI_SCAN_PRIORITY_VERY_HIGH; + else if (ACS_SCAN_REQUESTOR_ID == cmd->scan_req_id) + cmd->scan_priority = WMI_SCAN_PRIORITY_HIGH; /* Set the scan events which the driver is intereseted to receive */ /* TODO: handle all the other flags also */ diff --git a/core/wma/src/wma_utils.c b/core/wma/src/wma_utils.c index 3a39569150b2..c3fe6290a18a 100644 --- a/core/wma/src/wma_utils.c +++ b/core/wma/src/wma_utils.c @@ -160,7 +160,7 @@ void wma_swap_bytes(void *pv, uint32_t n) * Return: the found rate or 0 otherwise */ static inline uint16_t wma_mcs_rate_match(uint16_t match_rate, bool *is_sgi, - uint8_t nss, uint16_t nss1_rate, + uint8_t *nss, uint16_t nss1_rate, uint16_t nss1_srate, uint16_t nss2_rate, uint16_t nss2_srate) @@ -170,13 +170,15 @@ static inline uint16_t wma_mcs_rate_match(uint16_t match_rate, bool *is_sgi, nss2_srate); if (match_rate == nss1_rate) { + *nss = 1; return nss1_rate; } else if (match_rate == nss1_srate) { *is_sgi = true; + *nss = 1; return nss1_srate; - } else if (nss == 2 && match_rate == nss2_rate) + } else if (*nss == 2 && match_rate == nss2_rate) return nss2_rate; - else if (nss == 2 && match_rate == nss2_srate) { + else if (*nss == 2 && match_rate == nss2_srate) { *is_sgi = true; return nss2_srate; } else @@ -193,14 +195,14 @@ static inline uint16_t wma_mcs_rate_match(uint16_t match_rate, bool *is_sgi, * Return: return mcs index */ static uint8_t wma_get_mcs_idx(uint16_t maxRate, uint8_t rate_flags, - uint8_t nss, uint8_t *mcsRateFlag) + uint8_t *nss, uint8_t *mcsRateFlag) { uint8_t index = 0; uint16_t match_rate = 0; bool is_sgi = false; WMA_LOGD("%s rate:%d rate_flgs: 0x%x, nss: %d", - __func__, maxRate, rate_flags, nss); + __func__, maxRate, rate_flags, *nss); *mcsRateFlag = rate_flags; *mcsRateFlag &= ~eHAL_TX_RATE_SGI; @@ -254,7 +256,7 @@ static uint8_t wma_get_mcs_idx(uint16_t maxRate, uint8_t rate_flags, mcs_nss2[index].ht40_rate[1]); if (match_rate) { *mcsRateFlag = eHAL_TX_RATE_HT40; - if (nss == 2) + if (*nss == 2) index += MAX_HT_MCS_IDX; goto rate_found; } @@ -269,7 +271,7 @@ static uint8_t wma_get_mcs_idx(uint16_t maxRate, uint8_t rate_flags, mcs_nss2[index].ht20_rate[1]); if (match_rate) { *mcsRateFlag = eHAL_TX_RATE_HT20; - if (nss == 2) + if (*nss == 2) index += MAX_HT_MCS_IDX; goto rate_found; } @@ -1271,7 +1273,7 @@ static int wma_unified_link_peer_stats_event_handler(void *handle, size_t peer_info_size, peer_stats_size, rate_stats_size; size_t link_stats_results_size; bool excess_data = false; - uint32_t buf_len; + uint32_t buf_len = 0; tpAniSirGlobal pMac = cds_get_context(QDF_MODULE_ID_PE); @@ -1340,7 +1342,7 @@ static int wma_unified_link_peer_stats_event_handler(void *handle, } while (0); if (excess_data || - (sizeof(*fixed_param) > WMI_SVC_MSG_MAX_SIZE - buf_len)) { + (buf_len > WMI_SVC_MSG_MAX_SIZE - sizeof(*fixed_param))) { WMA_LOGE("excess wmi buffer: rates:%d, peers:%d", peer_stats->num_rates, fixed_param->num_peers); return -EINVAL; @@ -2712,6 +2714,7 @@ static void wma_update_peer_stats(tp_wma_handle wma, struct wma_txrx_node *node; uint8_t *stats_buf, vdev_id, macaddr[IEEE80211_ADDR_LEN], mcsRateFlags; uint32_t temp_mask; + uint8_t nss; WMI_MAC_ADDR_TO_CHAR_ARRAY(&peer_stats->peer_macaddr, &macaddr[0]); if (!wma_find_vdev_by_bssid(wma, macaddr, &vdev_id)) @@ -2740,12 +2743,13 @@ static void wma_update_peer_stats(tp_wma_handle wma, classa_stats->tx_rate_flags = node->rate_flags; if (!(node->rate_flags & eHAL_TX_RATE_LEGACY)) { + nss = node->nss; classa_stats->mcs_index = wma_get_mcs_idx( (peer_stats->peer_tx_rate / 100), node->rate_flags, - node->nss, &mcsRateFlags); - classa_stats->nss = node->nss; + &nss, &mcsRateFlags); + classa_stats->nss = nss; classa_stats->mcs_rate_flags = mcsRateFlags; } /* FW returns tx power in intervals of 0.5 dBm @@ -3177,7 +3181,7 @@ int wma_stats_event_handler(void *handle, uint8_t *cmd_param_info, } while (0); if (excess_data || - (sizeof(*event) > WMI_SVC_MSG_MAX_SIZE - buf_len)) { + (buf_len > WMI_SVC_MSG_MAX_SIZE - sizeof(*event))) { WMA_LOGE("excess wmi buffer: stats pdev %d vdev %d peer %d", event->num_pdev_stats, event->num_vdev_stats, event->num_peer_stats); diff --git a/uapi/linux/qca_vendor.h b/uapi/linux/qca_vendor.h index 6b167af35420..bbbd831a6209 100644 --- a/uapi/linux/qca_vendor.h +++ b/uapi/linux/qca_vendor.h @@ -3338,6 +3338,12 @@ enum qca_wlan_vendor_attr_config { */ QCA_WLAN_VENDOR_ATTR_CONFIG_RSN_IE = 56, + /* + * 8-bit unsigned value to trigger green Tx power saving. + * 1-Enable, 0-Disable + */ + QCA_WLAN_VENDOR_ATTR_CONFIG_GTX = 57, + QCA_WLAN_VENDOR_ATTR_CONFIG_AFTER_LAST, QCA_WLAN_VENDOR_ATTR_CONFIG_MAX = QCA_WLAN_VENDOR_ATTR_CONFIG_AFTER_LAST - 1, @@ -3486,6 +3492,132 @@ enum qca_wlan_vendor_attr_rssi_monitoring { }; /** + * enum qca_wlan_vendor_attr_ndp_params - Used by the vendor command + * QCA_NL80211_VENDOR_SUBCMD_NDP. + * @QCA_WLAN_VENDOR_ATTR_NDP_PARAM_INVALID + * @QCA_WLAN_VENDOR_ATTR_NDP_SUBCMD: sub commands values in qca_wlan_ndp_sub_cmd + * @QCA_WLAN_VENDOR_ATTR_NDP_TRANSACTION_ID: + * @QCA_WLAN_VENDOR_ATTR_NDP_SERVICE_INSTANCE_ID: indicats a service info + * @QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL: channel frequency in MHz + * @QCA_WLAN_VENDOR_ATTR_NDP_PEER_DISCOVERY_MAC_ADDR: Interface Discovery MAC + * address + * @QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR: Interface name on which NDP is being + * created + * @QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_SECURITY: CONFIG_SECURITY is deprecated, use + * NCS_SK_TYPE/PMK/SCID instead + * @QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_QOS: value for QoS + * @QCA_WLAN_VENDOR_ATTR_NDP_APP_INFO: app info + * @QCA_WLAN_VENDOR_ATTR_NDP_INSTANCE_ID: NDP instance Id + * @QCA_WLAN_VENDOR_ATTR_NDP_INSTANCE_ID_ARRAY: Array of instance Ids + * @QCA_WLAN_VENDOR_ATTR_NDP_RESPONSE_CODE: initiator/responder NDP response + * code: accept/reject + * @QCA_WLAN_VENDOR_ATTR_NDP_NDI_MAC_ADDR: NDI MAC address + * @QCA_WLAN_VENDOR_ATTR_NDP_DRV_RESPONSE_STATUS_TYPE: errors types returned by + * driver + * @QCA_WLAN_VENDOR_ATTR_NDP_DRV_RETURN_VALUE: value error values returned by + * driver + * @QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_CONFIG: Channel setup configuration + * @QCA_WLAN_VENDOR_ATTR_NDP_CSID: Cipher Suite Shared Key Type + * @QCA_WLAN_VENDOR_ATTR_NDP_PMK: PMK_INFO + * @QCA_WLAN_VENDOR_ATTR_NDP_SCID: Security Context Identifier that contains the + * PMKID + * @QCA_WLAN_VENDOR_ATTR_NDP_PASSPHRASE: passphrase + * @QCA_WLAN_VENDOR_ATTR_NDP_SERVICE_NAME: service name + * @QCA_WLAN_VENDOR_ATTR_NDP_SCHEDULE_UPDATE_REASON: bitmap indicating schedule + * update: + * BIT_0: NSS Update + * BIT_1: Channel list update + * @QCA_WLAN_VENDOR_ATTR_NDP_NSS: nss + * @QCA_WLAN_VENDOR_ATTR_NDP_NUM_CHANNELS: NUMBER NDP CHANNEL + * @QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_WIDTH: CHANNEL BANDWIDTH: + * 0:20 MHz, + * 1:40 MHz, + * 2:80 MHz, + * 3:160 MHz + * @QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_INFO: Array of channel/band width + * @QCA_WLAN_VENDOR_ATTR_NDP_IPV6_ADDR: IPv6 address used by NDP, 16 bytes array + * @QCA_WLAN_VENDOR_ATTR_NDP_TRANSPORT_PORT: Unsigned 16-bit value indicating + * transport port used by NDP. + * QCA_WLAN_VENDOR_ATTR_NDP_TRANSPORT_PROTOCOL: Unsigned 8-bit value indicating + * protocol used by NDP and assigned by the Internet Assigned Numbers Authority + * as per: www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml + * @QCA_WLAN_VENDOR_ATTR_NDP_PARAMS_AFTER_LAST: id after last valid attribute + * @QCA_WLAN_VENDOR_ATTR_NDP_PARAMS_MAX: max value of this enum type + */ +enum qca_wlan_vendor_attr_ndp_params { + QCA_WLAN_VENDOR_ATTR_NDP_PARAM_INVALID = 0, + QCA_WLAN_VENDOR_ATTR_NDP_SUBCMD = 1, + QCA_WLAN_VENDOR_ATTR_NDP_TRANSACTION_ID = 2, + QCA_WLAN_VENDOR_ATTR_NDP_SERVICE_INSTANCE_ID = 3, + QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL = 4, + QCA_WLAN_VENDOR_ATTR_NDP_PEER_DISCOVERY_MAC_ADDR = 5, + QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR = 6, + QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_SECURITY = 7, + QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_QOS = 8, + QCA_WLAN_VENDOR_ATTR_NDP_APP_INFO = 9, + QCA_WLAN_VENDOR_ATTR_NDP_INSTANCE_ID = 10, + QCA_WLAN_VENDOR_ATTR_NDP_INSTANCE_ID_ARRAY = 11, + QCA_WLAN_VENDOR_ATTR_NDP_RESPONSE_CODE = 12, + QCA_WLAN_VENDOR_ATTR_NDP_NDI_MAC_ADDR = 13, + QCA_WLAN_VENDOR_ATTR_NDP_DRV_RESPONSE_STATUS_TYPE = 14, + QCA_WLAN_VENDOR_ATTR_NDP_DRV_RETURN_VALUE = 15, + QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_CONFIG = 16, + QCA_WLAN_VENDOR_ATTR_NDP_CSID = 17, + QCA_WLAN_VENDOR_ATTR_NDP_PMK = 18, + QCA_WLAN_VENDOR_ATTR_NDP_SCID = 19, + QCA_WLAN_VENDOR_ATTR_NDP_PASSPHRASE = 20, + QCA_WLAN_VENDOR_ATTR_NDP_SERVICE_NAME = 21, + QCA_WLAN_VENDOR_ATTR_NDP_SCHEDULE_UPDATE_REASON = 22, + QCA_WLAN_VENDOR_ATTR_NDP_NSS = 23, + QCA_WLAN_VENDOR_ATTR_NDP_NUM_CHANNELS = 24, + QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_WIDTH = 25, + QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_INFO = 26, + QCA_WLAN_VENDOR_ATTR_NDP_IPV6_ADDR = 27, + QCA_WLAN_VENDOR_ATTR_NDP_TRANSPORT_PORT = 28, + QCA_WLAN_VENDOR_ATTR_NDP_TRANSPORT_PROTOCOL = 29, + + /* keep last */ + QCA_WLAN_VENDOR_ATTR_NDP_PARAMS_AFTER_LAST, + QCA_WLAN_VENDOR_ATTR_NDP_PARAMS_MAX = + QCA_WLAN_VENDOR_ATTR_NDP_PARAMS_AFTER_LAST - 1, +}; + +/** + * enum qca_wlan_ndp_sub_cmd - NDP sub comands types for + * QCA_NL80211_VENDOR_SUBCMD_NDP. + * @QCA_WLAN_VENDOR_ATTR_NDP_INVALID: invalid value + * @QCA_WLAN_VENDOR_ATTR_NDP_INTERFACE_CREATE: create a ndi + * @QCA_WLAN_VENDOR_ATTR_NDP_INTERFACE_DELETE: delete a ndi + * @QCA_WLAN_VENDOR_ATTR_NDP_INITIATOR_REQUEST: initiate a ndp session + * @QCA_WLAN_VENDOR_ATTR_NDP_INITIATOR_RESPONSE: response for above + * @QCA_WLAN_VENDOR_ATTR_NDP_RESPONDER_REQUEST: respond to ndp session + * @QCA_WLAN_VENDOR_ATTR_NDP_RESPONDER_RESPONSE: response for above + * @QCA_WLAN_VENDOR_ATTR_NDP_END_REQUEST: initiate a ndp end + * @QCA_WLAN_VENDOR_ATTR_NDP_END_RESPONSE: response for above + * @QCA_WLAN_VENDOR_ATTR_NDP_REQUEST_IND: notify the peer about the end request + * @QCA_WLAN_VENDOR_ATTR_NDP_CONFIRM_IND: confirm the ndp session is complete + * @QCA_WLAN_VENDOR_ATTR_NDP_END_IND: indicate the peer about the end request + * being received + * @QCA_WLAN_VENDOR_ATTR_NDP_SCHEDULE_UPDATE_IND: indicate the peer of schedule + * update + */ +enum qca_wlan_ndp_sub_cmd { + QCA_WLAN_VENDOR_ATTR_NDP_INVALID = 0, + QCA_WLAN_VENDOR_ATTR_NDP_INTERFACE_CREATE = 1, + QCA_WLAN_VENDOR_ATTR_NDP_INTERFACE_DELETE = 2, + QCA_WLAN_VENDOR_ATTR_NDP_INITIATOR_REQUEST = 3, + QCA_WLAN_VENDOR_ATTR_NDP_INITIATOR_RESPONSE = 4, + QCA_WLAN_VENDOR_ATTR_NDP_RESPONDER_REQUEST = 5, + QCA_WLAN_VENDOR_ATTR_NDP_RESPONDER_RESPONSE = 6, + QCA_WLAN_VENDOR_ATTR_NDP_END_REQUEST = 7, + QCA_WLAN_VENDOR_ATTR_NDP_END_RESPONSE = 8, + QCA_WLAN_VENDOR_ATTR_NDP_REQUEST_IND = 9, + QCA_WLAN_VENDOR_ATTR_NDP_CONFIRM_IND = 10, + QCA_WLAN_VENDOR_ATTR_NDP_END_IND = 11, + QCA_WLAN_VENDOR_ATTR_NDP_SCHEDULE_UPDATE_IND = 12 +}; + +/** * qca_wlan_vendor_external_acs_event_chan_info_attr: Represents per channel * information. These attributes are sent as part of * QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_CHAN_INFO. Each set of the following |