| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Stale scan entries are updated to NL because
scan results are not aged out in PNO complete
handler.
Fix is to age out scan results after receiving
PNO complete notification at CSR.
Change-Id: Ia4848d53e26369678f44ac174c7def6fc8112b9a
CRs-Fixed: 2050944
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Release 4.0.11.205M
Change-Id: I60d80d0085342e1f71fd1da490639b2a1170329d
CRs-Fixed: 774533
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Gcc 6 introduces some stricter checking for indentation,
causing warnings of misleading-indentation, which are
treated as build errors when CLD2.0 drivers are compiled.
Fix all the identation warnings under qcacld-2.0.
Change-Id: Ib25d8e71f4104b66fb2760ad2c4ace4e3d587e7f
CRs-Fixed: 2056446
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Release 4.0.11.205L
Change-Id: I091d200b89618871060a03c417132d3156b7ab3f
CRs-Fixed: 774533
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
prima to qcacld-2.0 propagation
In the current code, there is no log of rssi value in wlan_hdd_get_rssi.
To fix this, add print for rssi.
Change-Id: I7db04c7defd26d2cd9792e96805ff524d88bb9b4
CRs-Fixed: 2045189
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Release 4.0.11.205K
Change-Id: I8faea318e30f913c3f57b1ecff7262f36ea660ba
CRs-Fixed: 774533
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Currently elem_len is not checked against WPS_OUI_TYPE_SIZE
before it uses the buffer for memcmp, this may cause the buffer
overread.
To fix this add the proper comparision logic before the API uses
the buffer.
Change-Id: I9ba63543a529fb88932500be39045fcc19509863
CRs-Fixed: 2042583
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Release 4.0.11.205J
Change-Id: I277118b28eb05cf0667114b7959724fdaf08a8c5
CRs-Fixed: 774533
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Release 4.0.11.205I
Change-Id: I89de55e6b75303058c0d8b743ac07eb6eeea4d97
CRs-Fixed: 688141
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Release 4.0.11.205H
Change-Id: Ifce12232a876d3559086853f8a248697f2be6a7c
CRs-Fixed: 688141
|
| | |\ \ \ \
| | | | | |
| | | | | |
| | | | | | |
wlan-cld2.driver.lnx.1.0-dev
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
In dphInitStaState function, it will implicitly assume that, the last
member of structure tDphHashNode is *next* pointer, which is fragile and
risky.
Save the *next* pointer in local variant and restore after whole
structure zeroed.
This will need additional CPU ticks but eliminate the risk.
CRs-Fixed: 2055505
Change-Id: I6baf3eddea965eda4e7f7ca88fef54709964febc
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
New MAC counters are added to count MPDUs received and transferred
on each antenna.
Change-Id: Ia7fbf7642922f006882619848459192dcfca3c40
CRs-Fixed: 2043156
|
| | |\ \ \ \
| | | | | |
| | | | | |
| | | | | | |
wlan-cld2.driver.lnx.1.0-dev
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
If the TDLS links exists and SAP comes up, there is a chance
that the peer is created for SAP before deleting TDLS peers,
thus leading to crash.
The fix is to teardown the TDLS links before starting hostapd
or starting the association process to avoid TDLS in concurrency
case.
Change-Id: I06c0d4f8965d3a1e614e8bd89f2d6af0a504fa9e
CRs-Fixed: 2056845
|
| | |\ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | | |
into wlan-cld2.driver.lnx.1.0-dev
|
| | | |/ / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This reverts commit I99291a6b5a3c9faad314f40ab7353626bb7762fb.
Change-Id: Icd1fc7256d5ba7aafd3c1c0bbc2d564a7210a37f
CRs-Fixed: 2057542
|
| | |\ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | | |
wlan-cld2.driver.lnx.1.0-dev
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
The driver will drop the TX packet if remaining depth of the sending queue
is less than 2. This will casue the memory leak, credits missing and TCP stall
issue when running the iperf test.
The fix is to add back current packet before return, which just be dequeued.
Change-Id: I9e0c69c16e9562afd627d0fc222a9fbd475c468c
CRs-Fixed: 2056195
|
| | |\ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | | |
wlan-cld2.driver.lnx.1.0-dev
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Add changes to validate BA tid in delBA params before accessing
it.
CRs-Fixed: 2044049
Change-Id: I6e98189ccd1710d9928bc1f585061bd9ff414c49
|
| | |\ \ \ \ \ \ \
| | |_|_|/ / / /
| |/| | | | | |
| | | | | | | | |
wlan-cld2.driver.lnx.1.0-dev
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Increase bus request number from 64 to 105 according to the total credits
from target, which can improve the iperf TX traffic stop during p2p test,
since the reduced tx completion is removed after enabling the new PTP
feature.
Change-Id: Ic3bb5cea72bcc6a8d3dfd910294efd871fe7e938
CRs-Fixed: 2054177
|
| | |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
wlan-cld2.driver.lnx.1.0-dev
|
| | | | |_|/ / / /
| | |/| | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
An incorrect IE length can overflow the remaining length variable
and make IE parsing logic perform a buffer over-read.
Check on IE length to avoid buffer over-read.
Change-Id: I20ef6a0136c7a5b602ad15a2fb725f20807b81d0
CRs-Fixed: 2033195
|
| | |\ \ \ \ \ \ \
| | |/ / / / / /
| |/| | | | | |
| | | | | | | | |
wlan-cld2.driver.lnx.1.0-dev
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Add changes to drop assoc request and return error if RSNIE or
WPAIE parsing fail during parsing of assoc request.
CRs-Fixed: 2046578
Change-Id: I88d779399c2eba5d33c30144bf9600a1f3a00b77
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
prima to qcacld-2.0 propagation
Currently roam disable is allowed using SETROAMMODE even if roaming
is in progress. This can cause mess in state machine as driver falls
back to LFR-1.0 and can result in crash. Add pending_roam_disable to
mark pending of roam disable when roaming is in progress and allow
preauth/reassoc to go if preauth/reassoc in progress.
With this fix, driver takes following actions.
1. If pending_roam_disable is pending after preauth failure,
driver does not proceed for further preauth and disables roaming.
2. If pending_roam_disable is pending after reassoc completion,
driver updates CSR with new AP information and disables roaming.
Change-Id: I9cfcbd21db046d399c2cdc78b1678d3773aea2cd
CRs-Fixed: 2045775
|
| | |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
wlan-cld2.driver.lnx.1.0-dev
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
prima to qcacld-2.0 propagation
Currently dot11mode is not updated properly for roamable AP. This can
result in incorrect data rates. Update dot11mode to fix this.
Change-Id: I644f685fc2c0e041b308017ed3206d56c9c57fe9
CRs-Fixed: 2047070
|
| | |\ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
wlan-cld2.driver.lnx.1.0-dev
|
| | | | |_|_|/ / / /
| | |/| | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
In get oui ie command API, ie pointer read out
of boundary.
Return NULL if ie length is less than oui size.
CRs-Fixed: 2050899
Change-Id: I99291a6b5a3c9faad314f40ab7353626bb7762fb
|
| | |/ / / / / / /
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
improper validation of
QCA_WLAN_VENDOR_ATTR_EXTSCAN_GET_VALID_CHANNELS_CONFIG_PARAM_MAX_CHANNELS.
validate QCA_WLAN_VENDOR_ATTR_EXTSCAN_GET_VALID_CHANNELS_CONFIG_PARAM_MAX_CHANNELS.
CRs-Fixed: 2051450
Change-Id: I16e5808492b5b35dc8b646af45d6ac6d65561804
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
improper validation of
QCA_WLAN_VENDOR_ATTR_EXTSCAN_BSSID_HOTLIST_PARAMS_LOST_AP_SAMPLE_SIZE
results in assigning an unchecked user-controller value.
This can lead to buffer overflow.
validate QCA_WLAN_VENDOR_ATTR_EXTSCAN_BSSID_HOTLIST_PARAMS_LOST_AP_SAMPLE_SIZE.
CRs-Fixed: 2045470
Change-Id: I7c33b6d78054672e9effbe9100c29e5604c250c6
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
WPA RSN IE is copied from source without a check on the given IE length.
A malicious IE length can cause buffer overflow.
Add maximum bound check on WPA RSN IE length.
Change-Id: Id159d307e8f9c1de720d4553a7c29f23cbd28571
CRs-Fixed: 2033213
|
| | |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
into wlan-cld2.driver.lnx.1.0-dev
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
extn capabilities can be controlled by user, which can
be sent greater than the max supported value. This results
in stack overflow in change station command.
Add check to validate extn capability param given by user
and if it exceeds max supported value, set it to max supported
value.
CRs-Fixed: 2044820
Change-Id: I531799dd06c41069e85ad969de6182363dbf9f05
|
| | |/ / / / / / /
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
If unload driver during SSR, SSR reinit will
be ignored due to unload is in progress, then
SSR timer won't be canceled and it will expire,
which will cause a VOS_BUG(kernel crash).
To fix this issue, ignore reinit only when
it's in loading/unloading progress and
not in SSR progress.
Change-Id: I0f9e47bcb4a01b431990e642a80ab0f2699dd1fb
CRs-Fixed: 2043974
|
| | |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
wlan-cld2.driver.lnx.1.0-dev
|
| | | | |_|/ / / /
| | |/| | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
In monitor mode, use iwpriv command setMonChan to switch channel
width to 5/10M. The second parameter of setMonChan means channel
width, if it's 4, the monitor device will switch to 5M, while 5
switch to 10M.
Change-Id: I416ec856b60dcf10d7a738d61e05c75479afc670
CRs-Fixed: 2046554
|
| | |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
wlan-cld2.driver.lnx.1.0-dev
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
When SSR is in progress, if driver wants to deliver log
to userspace, it will be rejected and error level log as below
will be output to serial and frequence is ~30ms.
"<6> R0: [wlan_logging_th][06:56:16.581860] wlan: [22078:E :VOS]
vos_get_log_indicator: 2870: In LoadUnload: 0 LogP: 1 ReInit: 0 "
Log output to serial in such frequence will trigger watchdog bite,
so adjust log level to avoid above issue.
Change-Id: I65d214a088cbc6269b54ba289d17998c395c7a04
CRs-Fixed: 2002591
|
| | |\ \ \ \ \ \ \ \
| | |_|/ / / / / /
| |/| | | | | | |
| | | | | | | | | |
into wlan-cld2.driver.lnx.1.0-dev
|
| | | |/ / / / / /
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
qcacld-3.0 to qcacld-2.0 Propagation.
NLA attribute
QCA_WLAN_VENDOR_ATTR_PNO_SET_LIST_PARAM_EPNO_NETWORKS_LIST
used without validation.
validate NLA attribute.
CRs-Fixed: 2048343
Change-Id: I4da7dbe44325b0ed6346b363b71b558250996f8c
|
| | |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
wlan-cld2.driver.lnx.1.0-dev
|
| | | | |/ / / / /
| | |/| | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
propagation from prima to qcacld-2.0
This is IOT issue with the AP who has 5G prefer feature.
The AP rejects with eSIR_MAC_MAX_ASSOC_STA_REACHED_STATUS
in AUTH frame when the 2.4G STA tries AUTH process for
the first 2 times. If STA tries the 3rd time in 2.4G,
then the AUTH process will success.
Change-Id: I8afa43cb9728f73172f543bfb9aac65b0b225aa2
CRs-Fixed: 1111136
|
| | |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
wlan-cld2.driver.lnx.1.0-dev
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
There is a design limitation of our solution. Driver
sends regulatory_hint_user for both user-space and
11d country to kernel. So when wiphy re-registration
happens, kernel tells the source as USER even for 11d.
And per driver logic the 11d needs to be disabled
if INI gCountryCodePriority is set.
To mitigate this issue, storing the country source
in the platform driver.
CRs-Fixed: 2034305
Change-Id: Ib245d1db47955a8f70ec7444fa2996390ee3a3fc
|
| | |\ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
wlan-cld2.driver.lnx.1.0-dev
|
| | | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
prima to qcacld-2.0 propagation
Currently broadcast action frames are dropped in
__hdd_indicate_mgmt_frame(), host tries to get pAdapter using
destination mac address and returns from function as pAdpater is NULL.
Add changes to use existing pAdapter when destination address
of received packet is broadcast.
Change-Id: I9a149116b9a3ec9b4abef4808849876069f2e13c
CRs-Fixed: 2045740
|
