| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
FW can enter into suspend mode even if the BMPS is not enabled.
Hence power save check is not required in suspend request.
Change-Id: Ic2b774cea10516ea0b23141922ba1e16aa33f395
CRs-Fixed: 974918
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Due to incorrect debug level in wmi_config_debug_module_cmd
log prints are directed to kmsg.
Fix is to change debug level from info to reserved.
Change-Id: I92eff1e70f31f5d89683dcf7e171a232ca2f3bad
CRs-Fixed: 1020758
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Panic Handler runs in atomic context. To collect target ramdump, the pcie link
needs to be active. But if driver is runtime suspended and system panic's, we
can't resume the link, as the link resume API's can sleep, which causes
recursive panic's. So, skip ramdump collection if driver is runtime suspended.
Change-Id: I07b7552dd76e56facaa08def2995dfd6a8cacaac
CRs-Fixed: 1019973
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Crash_Shutdown called in kernel panic runs in atomic context,
where as PCIe API's might sleep to talk to RPM to set regulators etc.
Since we are running in atomic context we cannot do runtime resume in
crash_shutdown. The fix will be to skip any link access during crash_shutdown,
if wlan subsystem is runtime suspended. The fix is done as part of
Change-Id: I07b7552dd76e56facaa08def2995dfd6a8cacaac.
This reverts commit 81c350f3269ba76f5c1ccc667e1466f7fb603bfb.
Change-Id: I6ee8c59887ff483c0a4f07716d299d89eee4d933
CRs-Fixed: 1019973
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Release 4.0.11.87
Change-Id: Iff0dfd98e41f8bf46c208bcc43b47d57df4cf558
CRs-Fixed: 688141
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
1.Fix unitialized heap use in csrGetStatistics by initializing
pointer of struct type WLANTL_TRANSFER_STA_TYPE to zero.
2.Fix unitialized stack use in csrRoamReadTSF by initializing
variable of struct type tCsrNeighborRoamBSSInfo to zero.
Change-Id: I4211b41b5e30d414e45691a5bab4048587cc8499
CRs-Fixed: 1018486
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
1.Fix argument type mismatch with format specifier in sscanf used by
hdd_hex_string_to_u16_array.
2.Fix bitwise operation on different size by typecasting.
Change-Id: Iccec386d8d88d69ccc4eacd2031d5664ed948acc
CRs-Fixed: 1018489
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
qcacld-3.0 to qcacld-2.0 propagation
Refactor DPTRACE to add support to log DHCP, ARP and
EAPOL packets.
Change-Id: I9b80a003759c962020165c21dbe29330700c4667
CRs-Fixed: 1008087
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
nlmsg_put returns NULL if the tailroom of the skb is insufficient
to store the message header and payload. So, add a NULL check, to
avoid possible dereferencing of NULL pointer.
Change-Id: I2dade8ba5c1ddfc104a478822de3e9e543f6b1c7
CRs-Fixed: 1015267
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
When mac_ctx pointer is NULL, the log dereference the mac_ctx
pointer. So, keep alternate print statement without doing
mac_ctx pointer dereference when it is NULL.
Change-Id: I4fbfd63c0f68bd1684cff6fac411f9c790b22c03
CRs-Fixed: 1019077
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
prima to qcacld-2.0 propagation
Currently if connection is ESE and RRM beacon request is received,
eseProcessBeaconReportXmit is invoked as part of sending report which
results in error as there is no ese request. Add a check to invoke
eseProcessBeaconReportXmit only if measurement request is valid.
Change-Id: I3fe6101b888c70670a371a1eb45b47d756511b1d
CRs-Fixed: 1002305
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
prima to qcacld-2.0 propagation
Currently stats timer is started only when variable periodicity
is non-zero. During cleanup, check for variable periodicity is
not present before stopping stats timer. This results in
unnecessary assert. Add a check to stop timer only when variable
periodicity is non-zero. Also, add a change to update status
properly when staid is within permissible limits.
Change-Id: Idf0fcc7f118aaae29dae26f0176b3093f47bd865
CRs-Fixed: 939678
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
prima to qcacld-2.0 propagation
In CCX, BSS description is sent as part of beacon report. If BSS
description has random values, it leads to CCX certification failure.
Fix this by resetting memory allocated with zero. Also, reset memory
allocated to send beacon report to avoid this issue.
Change-Id: I445942b64ca9f382f8d24ca19665d6bda2341a80
CRs-Fixed: 931441
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Prevent Null pointer access during tdls exit.
Change-Id: I76f5896ae4c51d4816cc0389151e1e27b07d2193
CRs-Fixed: 1017282
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Currently, If SSR re-init get failed then host raise VOS_BUG.
In this type of cases, OEM might prefer not to crash the device
instead want wlan recovery using driver unload followed by load.
Change-Id: If433aae949326af6a20df2190dd7356f211c4103
CRs-Fixed: 1017278
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Send host timestamp to firmware, so that firmware can print the
logs timestamp in sync with host.
Change-Id: Ia26d06faa7878fcb198186b60b07ab66bff99e54
CRs-Fixed: 1014605
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Release 4.0.11.86
Change-Id: Icdfed83e93fefed6cc7096461f38f4a6365ebaf5
CRs-Fixed: 688141
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Add support to get per chain rssi from fw through the
already existing WMI command WMI_REQUEST_STATS_CMDID
and then store it in the station_info structure defined
by cfg80211.
Change-Id: Id50c96dd322b5ca4db34cf2df901730d8b103251
CRs-Fixed: 1005367
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
WMI changes for per_chain_RSSI stats
Change-Id: If23531dd3c1c221a0b421ce25466790c05be1400
CRs-Fixed: 865207
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Add WMI defs for weighted slow diversity
Change-Id: I6949546fa35fc0913274dcc18bf86958f15911b3
CRs-Fixed: 865207
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Define 2 sub-CCKM auth types
Deprecate WOW_NAN_RTT event and reason, and use their values
for WOW_OEM_RESPONSE
Change-Id: I0db10a599f4bbbdf23e5968fa5dab59b722efa30
CRs-Fixed: 865207
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Fix union in WMI_MAC_PHY_CAPABILITIES
WMI changes to control transmit power for beacon frames
Change-Id: I4acd731ec8850766d4d47715ff78b813281d0b6a
CRs-Fixed: 865207
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Regardless of phy mode in ini, 5Ghz band is configured to wiphy
which was leading to scan on 5ghz even though phy mode was set to
11b/g.
Fix will ensure to configure 5Ghz band if ini supports for 5ghz.
Change-Id: Ie7735b06ca5ae370077c962a645296ba054ac5d4
CRs-Fixed: 1018993
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
prima to qcacld-2.0 propagation
During Reinit, driver sends the FW download request and
if request is timed out then the timercallback is
executed in WD thread.
Currently userdata is passed as NULL if timercallback is
executed in WD thread.
Update code to pass the correct userdata in timer
callback when it is called in WD thread context.
Change-Id: I10a9cf8c53ded7d9db4bff0761f7b86a9021011a
CRs-Fixed: 961502
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Indicate disconnect event to nl80211 and thereby to the supplicant
by invoking cfg80211_disconnect upon disconnect as kernel 3.11 onward
releases will not indicate the same to upper layers.
Call to cfg80211_disconnect also signifies whether disconnect is
triggered by the supplicant or received from the AP by setting the
"from_ap" flag accordingly.
Change-Id: I55028533ebbf03910755da1b35c2fa57d97ce43b
CRs-Fixed: 1016872
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Currently ICMP counter is incremented only for IPV4 multicast packets.
But ICMP count includes total unicast/multicast/broadcast ICMP packets.
Add changes to update ICMP counter for unicast/multicast/broadcast
ICMP packets.
Change-Id: I00f9fb0c8231fd69f6c108ced8028eb19315006e
CRs-Fixed: 1020079
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Previously, when Host receives channel avoidance indication it
calls netif_carrier_off() and as part of carrier clear framework
used to receive an indication and thereby it performs SAP restart,
so that SAP comes in safe channel. But in latest code, framework
doesn't receive any indication as part of carrier clear, causing
SAP not to restart and thereby operate on unsafe channel.
Hence, when Host receives channel avoidance indication, do STOP/START BSS,
so that SAP comes in safe channel.
Change-Id: I05a57d7f64c9f775afb7f591f1b6e08ae7cfdfaa
CRs-Fixed: 1015265
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
prima to qcacld-2.0 propagation
When SET_BSSKEY request comes first and then SET_STAKEY, variable
hdd_ReassocScenario is made false during SET_BSSKEY response. Because
of this, hdd_set_pwrparams API is not invoked to send power parameters
to FW. Hence, DTIM is switched from DTIM3 to DTIM1 during roaming.
Fix this by modifying hdd_ReassocScenario to false only during SET_STAKEY
response.
Change-Id: I6c3d6a4798f1537d66612472240a778949c62015
CRs-Fixed: 879769
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
prima to qcacld-2.0 propagation
Currently, driver starts traffic timer for a period of 8secs after
successful connection to allow for key completion and DHCP. As there
is no DHCP during roaming, this delay is not required. So, stop this
timer during roaming and start a timer of minimal duration to allow
STA to enter power save immediately after key completion.
Change-Id: I6c6111fc1aacb524da463914d357710a7f125f4a
CRs-Fixed: 868916
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
When the host driver operates in AP modes(SAP/P2P), FW should not drop
the HT action frames. It should send it to host for processing. Update
the FW with the allowed action frames (include HT action) in WOW mode
when the host starts SAP/GO session and reset when there are no SAP/GO
session.
Change-Id: Iae5420114ba7cfa2f98dc6c346d99d2f820c8503
CRs-Fixed: 1018376
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
While doing ACS, driver opens SME session and closes once
the scan is done. If scan happens for AP1 then ACS SKIP SCAN
flag will be set. For AP2 there is no need to open sme session
as anyway based on this flag scan is skipped
Check if it is ACS Skip scan and dont open/close SME session.
Change-Id: I92049ee9e430262d38d3ad55806ee29b6042e68e
CRs-Fixed: 1019083
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Due to incorrect debug level in wmi_config_debug_module_cmd
log prints are directed to kmsg.
Fix is to change debug level from error to info.
Change-Id: I2e2fbb1fd514c6dbc8b97895a3bb01998b1a0072
CRs-Fixed: 1019620
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
prima to qcacld-2.0 propagation
Function wlan_hdd_tdls_connection_callback takes few milliseconds
to complete its functionality which can effect roaming delay.
Move this functionality after enabling queues to reduce roaming delay.
Change-Id: I78d7b4deadb6cccdfd81f8431b6dd7c013e05340
CRs-Fixed: 978673
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
prima to qcacld-2.0 propagation
When abort scan is requested in between finish scan request and its
response, variable abortScan is set in limProcessAbortScanInd which
is not cleared even after the completion of current scan. Because of
this, next scan is aborted during limProcessInitScanRsp. Fix this by
clearing variable abortScan if it is set during limProcessFinishScanRsp.
Change-Id: If1f85bf82aff2e4f877d6c53a30d8c218ce541e4
CRs-Fixed: 882723
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
prima to qcacld-2.0 propagation
When deauth/disassoc is received from peer at the same time when
cleanup in progress because of disconnect from supplicant, there
is a chance that pHashTable can be NULL. Memory pointed by
pHashTable is freed during peDeleteSession, which is called during
cleanup. In dphLookupHashEntry, pHashTable is referenced without
any NULL check, which can lead to crash. Fix this by validating
pHashTable for NULL check.
Add a NULL check in _limProcessOperatingModeActionFrame before
referencing sta context to resolve potential KW issue.
Change-Id: I74d5c739cade19941320ee02eddc09e4fc74b105
CRs-Fixed: 898375
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Release 4.0.11.85
Change-Id: Ib218abc1d045fc18b0c87c13c74c14b23fbe676a
CRs-Fixed: 688141
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Host should not allow roaming if bssid is set in connect request
and hence RSO_START should not be sent.
Add changes to not send RSO_START if bssid set in connect request.
Change-Id: I1037c60837a90472fee312e8654197ea7f68702e
CRs-Fixed: 1016886
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Currently host driver sends 11P channels to FW as part of update
channel list.
Add changes to remove 11P channels from update channel list and
return from PNO scan when channel list is empty.
Change-Id: I7411348d9f44fa4e9a713224ce708eeeae42640e
CRs-Fixed: 1019078
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
In case of RuntimePM, FW is not able to send other AP's beacons
to host causing non updation of HT protection bit in the IEs,
Which is a voilation of Wifi certification.
Add changes to disable runtime PM for SAP mode if OBSS protection
is enabled in config ini file.
Change-Id: I2589b8fb020c7804c8576541155eac9ac630f2af
CRs-Fixed: 1012545
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
If ll stats provided by FW has more than one peer then
Driver is allocating memory for all the peers but copying stats
for only first peer before sending it to upper layer.
Fix the issue to copy stats for all the peers.
Change-Id: I91b14377acfed6ccdde4315c4796ef1adbfd18c3
CRs-Fixed: 1018539
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
prima to qcacld-2.0 propagation
Out of bound access is reported by kernel address
sanitizer (KASAN) tool.
=================================================================
BUG: KASAN: slab-out-of-bounds in memcpy+0x28/0x54 at addr
ffffffc03f9b1f94
Read of size 1024 by task WifiLogger_app/662
=================================================================
page dumped because: kasan: bad access detected
-----------------------------------------------------------------
[<ffffffc00008c80c>] dump_backtrace+0x0/0x284
[<ffffffc00008caa0>] show_stack+0x10/0x1c
[<ffffffc001e98084>] dump_stack+0x74/0xfc
[<ffffffc0002f2fac>] print_trailer+0x150/0x164
[<ffffffc0002f3374>] object_err+0x38/0x4c
[<ffffffc0002f88ac>] kasan_report+0x34c/0x504
[<ffffffc0002f7b74>] __asan_loadN+0x20/0x14c
[<ffffffc0002f8078>] memcpy+0x24/0x54
[<ffffffbffc3958ec>] vos_mem_copy+0x68/0x7c [wlan]
[<ffffffbffc307648>] wlan_logging_proc_sock_rx_msg+0x39c/0x3f0 [wlan]
[<ffffffbffc3042f0>] nl_srv_rcv+0x1c0/0x218 [wlan]
[<ffffffc001a28b20>] netlink_unicast+0x3b0/0x4c0
[<ffffffc001a2975c>] netlink_sendmsg+0xa2c/0xb30
[<ffffffc00196b658>] sock_sendmsg+0x1d4/0x22c
[<ffffffc001970278>] SyS_sendto+0x194/0x224
================================================================
There is possibility of out of bound memory access, if user sends
a netlink packet with message length greater than skb data_len.
Don't process netlink packet if message length is greater than
skb data_len.
Change-Id: Ice6492aa191da0af3fe4fc9b58dfddcb2a59d6d0
CRs-Fixed: 975923
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
qcacld-3.0 to qcacld-2.0 propagation
This is for FR23278: Runtime configuration of softAP Tx power.
The value that send by the vendor command will set the power levels
as below:
0 --- no scaling, 100%
1 --- 50% of max power
2 --- 25% of max power
3 --- 12% of max power
4 --- minimum power
Another vendor command is to decrease the power by actual db value.
CRs-fixed: 941772
Change-Id: I61d48299b4af361c214e2ab8bb1fa848161431de
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
When network interface is brought down, the adapter is deinitialized
and HDD TDLS context is cleaned up in hdd_tdls_exit(). This context
is not reinitialized when the interface is brought up again. Therefore
subsequent TDLS operations throw up errors to the wpa_supplicant.
Fix this by initializing the TDLS HDD context in the add_station
callback which is called when a TDLS peer is added by wpa_supplicant
Change-Id: I9d1a7bb63a921b3d8d1c25d2e77d4a7632a301d3
CRs-Fixed: 1014544
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
prima to qcacld-2.0 propagation
Out of bound access is reported by kernel address
sanitizer (KASan) tool.
=================================================================
BUG: KASAN: slab-out-of-bounds in csrScanSmeScanResponse+0x148/0x35c
[wlan] at addr ffffffc01745b208
Read of size 4 by task VosMCThread/32563
=================================================================
BUG kmalloc-128 (Tainted: P B W O ): kasan: bad access detected
----------------------------------------------------------------------
[<ffffffc00008c80c>] dump_backtrace+0x0/0x284
[<ffffffc00008caa0>] show_stack+0x10/0x1c
[<ffffffc001e992fc>] dump_stack+0x74/0xfc
[<ffffffc0002f3094>] print_trailer+0x150/0x164
[<ffffffc0002f345c>] object_err+0x38/0x4c
[<ffffffc0002f8994>] kasan_report+0x34c/0x504
[<ffffffc0002f8ba0>] __asan_report_load4_noabort+0x14/0x20
[<ffffffbffc2adea8>] csrScanSmeScanResponse+0x144/0x35c [wlan]
[<ffffffbffc2ae1b0>] csrScanningStateMsgProcessor+0xf0/0x6e4 [wlan]
[<ffffffbffc2b6e10>] csrMsgProcessor+0x1f8/0x2c8 [wlan]
[<ffffffbffc252ff0>] sme_ProcessMsg+0x1024/0x115c [wlan]
[<ffffffbffc3a29d0>] VosMCThread+0x798/0x950 [wlan]
[<ffffffc0000f1f24>] kthread+0x22c/0x240
=================================================================
Improper type-casting of a buffer leads to out of bound access
of a buffer which may result in kernel panic.
To mitigate this issue typecast a buffer as per the caller function.
Change-Id: I7861ead27dff6b8dd45fbeafae8cf4c6f1ca4523
CRs-Fixed: 972671
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Release 4.0.11.84
Change-Id: I5675c27286437d89c0e924b1fc4e86168011121e
CRs-Fixed: 688141
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
For 9379 usb interface chip, change uart enable pin from 6 to 19.
Change-Id: I54c8d9a321c91b2735300ffba22eadafdb9de106
CRs-Fixed: 1017191
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This reverts commit Ia00abb73efbb1425ef9a3862c1ea2a88506ffd9a
"qcacld-2.0: Allow power save to be controlled by iw command".
This change is causing the regression in P2P power cert case.
Also this change is no longer needed as the original issue is
fixed by commit I5fd939b0642d25b3a75d74ed3c7878f68d8d14d6
"qcacld-2.0: Allow power save to be controlled by iw command".
Change-Id: I5c3874fddfbbfc66dd7cd8f8825af92620c16d2d
CRs-Fixed: 1017801
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
AP mode will disconnect to STA when receive disassociate with invalid
reason code, and STA mode will disconnect to AP when receive deauth
with invalid reason code, but won't process disassociate with invalid
reason code in STA mode. Update code so STA will disconnect from AP
when it receives a disassociate with an invalid reason code.
Change-Id: Icebc46062b1ea4b7f5affa171f760123dbb9fcb7
CRs-Fixed: 1015244
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
prima to qcacld-2.0 propagation
When supplicant issues enable/disable firmware based roaming on the
basis of the Bssid modification in network block (e.g. AutoJoin modify
Network Block), that time middle-ware will issue this pvt cmd to Driver.
Driver need to disable/enable firmware roaming.
(in our current design we can enable firmware roaming by offload scan
to firmware so firmware can scan and find candidate ap when rssi threshold
meet the criteria, same way driver can stop firmware roaming by stop
offload scan to firmware).
Change-Id: I378917d9d56c4d3ef13bfe8c3bf62adc6d5e7aa6
CRs-Fixed: 1012420
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Release 4.0.11.83
Change-Id: I772d1f93d27b5fc2df9badbed87635b83351b300
CRs-Fixed: 688141
|
