| Age | Commit message (Collapse) | Author |
|---|
|
Propagation from qcacld-2.0 to qcacld-3.0.
If the module name is changed to something other than wlan in
Makefile or Kbuild, then MULTI_IF_NAME is defined to be the module name.
When MULTI_IF_NAME is defined, the names for the config files, log files,
and firmware files are prepended or appended with MULTI_IF_NAME. This
prevents file name collisions allowing multiple instances of this driver
to be loaded with different module names.
Change-Id: Id880c5fe423eb0b2a2c01677d8fa7c4a784c74df
CRs-Fixed: 946520
|
|
Release 5.2.0.2T
Change-Id: I460b0573f670874c7c261a55d5f4e5d6f2a28909
CRs-Fixed: 688141
|
|
Allow wlan_hdd_cfg80211_connect() and wpa_cli "REASSOC" command
to reassociate to same bssid by using the currently connected
channel.
CRs-Fixed: 1089293
Change-Id: Idee480dc480a137426dd3189e1ca1e542bcf053a
|
|
We want to enable the compiler's -Wmissing-prototypes switch, but
there is existing code that is generating warnings. Fix all warnings
in epping.
Change-Id: I025be90e0d2127552f26510a0aefbd9d6f3a1e61
CRs-Fixed: 1093405
|
|
We want to enable the compiler's -Wmissing-prototypes switch, but
there is existing code that is generating warnings. Fix all warnings
in core/utils.
Change-Id: Ie2d735fa1e6eba57e0fa9291bd56dbd6acdb7b00
CRs-Fixed: 1093406
|
|
qcacld-2.0 to qcacld-3.0 propagation
Add changes to send maximum number of blacklist bssid that firmware
supports to user space. Blacklist bssid information is used by driver
and firmware to avoid connection to that particular bssid.
Change-Id: I135d3b4d7723a8d4efe46dcef9efb2de6c0f558a
CRs-Fixed: 1080765
|
|
qcacld-2.0 to qcacld-3.0 propagation
Save RSSI of current connected AP when disconnection happens.
User space has to use getRSSI private IOCTL to query the RSSI value
after disconnected event.
Change-Id: I51ab69f2b0bda7c6b3a2689297ca56941471b1cc
CRs-Fixed: 910970
|
|
In function csr_remove_from_tmp_list, fix null pointer check condition
so that either local_ie is null or csr_remove_from_tmp_list failed. This
will ensure local_ie is valid before being dereferenced.
Change-Id: I91eda3ebe3d841f94f78b35d686e31b47ece8a79
CRs-Fixed: 1091486
|
|
In function lim_populate_matching_rate_set, sum of num_rates is being
checked against max array size but it does not take into account 8-bit
arithmetic overflow in calculating sum. Because of this even though
actual sum is greater than max array size, it might wrap around and be
less than max array size thus failing the condition. Perform 16-bit
arithmetic sum instead to avoid overflow.
Change-Id: Ia078e37891835540c974347ec6b5c9794300e264
CRs-Fixed: 1091486
|
|
Fix length check in csr_retrieve_wpa_ie and csr_retrieve_rsn_ie before
memcopy operation. Buffer passed to these functions is of max legnth
DOT11F_IE_RSN_MAX_LEN.
Change-Id: I87319891cf675865ba9709f5a63bf98cbd5059a2
CRs-Fixed: 1091486
|
|
In function csr_get_active_scan_entry change do while to while loop
so that localentry could be checked before entering loop and avoid
null pointer dereference.
Change-Id: I12cb84b38636ce0d97d7ddf01ad7ed7cd414e80c
CRs-Fixed: 1091486
|
|
Add check for NULL for pointer before dereferencing them.
Change-Id: Ieee249a3100a0aabf70bf79f0c81df8d8febb59b
CRs-Fixed: 1091486
|
|
TDLS connection is not established consistently, when the
system comes out of concurrency. This issue happens, when
the previous tdls connection is not cleared completely.
Add changes in the host driver to clear the stale
entries, when system comes out of concurrency.
Change-Id: I7ab7c1e424cb03e0edff9800114e01205e19d63a
CRs-Fixed: 1089497
|
|
All the TDLS action frames are blocked in the host driver, if
the active session count is more than one. Due to this TDLS
teardown action frame is blocked in the driver, when the
drive establish concurrent sessions.
Add changes in host driver to allow TDLS teardown frame,
regardless of active session count.
Change-Id: If10bacdf2419b6b66c401ab95a79e1334c95064d
CRs-Fixed: 1089443
|
|
In wlan_hdd_cfg80211_inform_bss_frame API scan result log
show function name redundantly.
Change logging API to hdd_log.
CRs-Fixed: 1090055
Change-Id: Iaf2d9c6472d7d3774c75d5ea43feba9b698edf7d
|
|
An incorrect value is used for NAN peers when reporting link layer
stats. Change the peer type mapping when reporting link layer stats
so the correct value is returned for NAN peer types.
Change-Id: I1d8fc9e1486f9ba72675bcb48744d06dd18bf004
CRs-Fixed: 1092789
|
|
Propagation from qcacld-2.0 to qcacld-3.0
When VSA frames are received with the device in OCB mode and a broadcast
destination MAC address, the frame will be propagated up to the kernel
instead of being dropped.
Change-Id: Iace313633792192803619bfdd94c83e8d9544983
CRs-Fixed: 945269
|
|
Change-Id: I55b17306cdcc6f8653e4a72e86a95320b5e27139
|
|
In function lim_send_ies_per_band, send 5G vht_caps to firmware, before
zeroing 80/160 mhz fields for 2G vht_caps.
Change-Id: I7d5d50eaa38a19a86c29b5c754e93cc9846301d5
CRs-Fixed: 1092054
|
|
This is a qcacld-2.0 to qcacld-3.0 propagation.
Currently when processing a passpoint vendor command the "num
networks" attribute is limit checked and if it exceeds a MAX value
then the command is rejected. Otherwise this value is used to
calculate the size of the buffer allocated to hold the internal
representation of the request. However later when the network
attributes are parsed there is no check to make sure the number of
networks processed does not exceed the "num networks" used to allocate
memory, and as a result a buffer overflow can occur. Address this
issue by aborting the network parsing once "num networks" records have
been parsed.
Change-Id: I38d9f19b08b42fa9a850eb70a42920fbc3b99cf6
CRs-Fixed: 1092059
|
|
Release 5.2.0.2S
Change-Id: I62c107ef92b32afed1564db69b38204999fdad8a
CRs-Fixed: 688141
|
|
propagation from qcacld-2.0 to qcacld-3.0
When SAP starts (DFS channel) on default interface and a new interface
for SAP is created, if eSAP_DFS_CHANNEL_CAC_RADAR_FOUND event is
triggered then kernel panic happens. This is because for the new
interface SAP is created but not started and due to this channel list
is NULL. Fix is to add state check for SAP interface to know if SAP is
started or not
Change-Id: If613ec3ed0afad8a66d545bcd858fe73640a0273
CRs-Fixed: 1062516
|
|
qcacld-2.0 to qcacld-3.0 propagation
IPA perf level is updated in bus_bw timer which is triggered periodly.
If do not reset the IPA perf level when this timer stopping, the ipa
perf level could be remained in a invalid state.
Change-Id: Ia817c80176790ac5f2c3e474616163fef2de38b8
CRs-Fixed: 1077401
|
|
qcacld-2.0 to qcacld-3.0 propagation
"MEMORY_DEBUG" enabled driver shows the
tpDeleteBssParams is not freed upon driver unloading
in SNS test. This commit fixes this issue by
freeing tpDeleteBssParams once no referance to it.
Change-Id: I302e24048f6d0c25dc9d191b65a1435883a6c7e7
CRs-Fixed: 985334
|
|
qcacld-2.0 to qcacld-3.0 propagation
The p2p group info or p2p IE missed in probe response is because genie
len is limited to 255 bytes. It will be fine if supplicant send down
only p2p IE. But if supplicant send down WPS ie and p2p ie in same time,
buffer is overflowed and p2p ie will not be added to frame.
CRs-Fixed: 959456
Change-Id: I8125bc186e6372f46cd1978fd82fe1b907cdaec4
|
|
propagation from qcacld-2.0 to qcacld-3.0
Start SAP with DFS channel on default interface and create new AP
interface without any operation, then terminate SAP and rmmod WLAN
driver, DUT crash since it doesn't clean up sap_dfs_cac_timer. The
solution is return cocurrent session only when state machine isn't
disconnected in sap context.
Change-Id: Iffc1d9239c303c25067da2e2d30e37648a44e599
CRs-Fixed: 1051755
|
|
qcacld-2.0 to qcacld-3.0 propagation
Roaming send fresh assoc instead of reassoc because the preauth frame
has high possibility sending on wrong channel if in MCC. Need to
trigger scan to schedule to target AP channel if DUT in MCC state.
Change-Id: Ifee8bc00c10ea995093e3f4621b94e0d81a7c32e
CRs-Fixed: 962162
|
|
qcacld-2.0 to qcacld-3.0 propagation
When SAP is running in 11ac only mode, it should reject the incoming
association requests if one of the following conditions is true:
1) VHT capability IE is missing
2) VHT capability IE is available, but present bit is cleared
Change-Id: Iad0e85a741d36dfd8727db668a4600ee3594f905
CRs-Fixed: 1084052
|
|
Propagate from qcacld-2.0 to qcacld-3.0
To support 11n only TF card on MDM. Make sure
SAP can't be started on 2.4G/5G band with 11ac
mode and STA will use HT mode when connect to 11ac AP.
Change-Id: Ia62404b34aad9e0fc79971846b151aef72f9057f
CRs-Fixed: 945912
|
|
Propagate from qcacld-2.0 to qcacld-3.0
Currently the driver does not report HT TX STBC capability
to the kernel. This prevents hostapd from starting if it
has been configured with HT TX STBC capability. To prevent
this issue correctly report the HT TX STBC capability to the
kernel.
CRs-Fixed: 1046306
Change-Id: Id182de3916f4e556dde30048776ea07b0fbfdc7d
|
|
Propagate from qcacld-2.0 to qcacld-3.0
Current value of SAP TX leakage threshold is a fixed value 310,
since different product may need different threshold, add it
into ini file now.
Change-Id: I0df8ac14f5e9e812a8ec5e5127df21eff0a8502b
CRs-Fixed: 955258
|
|
During vdev startup, firmware reports a tx rate of 0, which does not
map to a valid MCS. If the last reported tx rate from firmware does not
map to a valid MCS, default to MCS 0 when reporting link speed to
the kernel.
Change-Id: I6a2cb1cc6b328b76ed2f1ddd6ceb0f5ce7c84318
CRs-Fixed: 1091046
|
|
qcacld-2.0 to qcacld-3.0 propagation
Don't log if netlink_broadcast fails with error -ESRCH(-3) since
this error is likely to occur because of no listening process in
the user space. In this case, error logs would give a false
impression that feature is broken though feature is working fine.
Change-Id: Ia111476e44a3dce24afd6b935ff0eca06accc73a
CRs-Fixed: 989515
|
|
We want to enable the compiler's -Wmissing-prototypes switch, but
there is existing code that is generating warnings. Fix all warnings
in core/dp/htt.
Change-Id: I189ca782bdcae7d8d3a6f54acd1baf15f3f300f6
CRs-Fixed: 1091016
|
|
The following HTT debug functions are not being used:
htt_rx_print_rx_indication()
htt_rx_hash_dump_table()
Delete these obsolete functions.
Change-Id: I8f47cd9706749acdb55736edd1876813bb3177fb
CRs-Fixed: 1091016
|
|
Change "qcacld-3.0: Add changes for per NAPI or per Rx CE LRO manager"
added new functionality, including function hdd_deinit_lro_mgr(). When
the driver is built using the -Wmissing-prototypes switch, it fails
because this function is defined as global but it doesn't have a
public prototype. But in reality this function is only referenced from
within the source file where it is implemented, so change it to
static.
Change-Id: Ief49b8d10d20f740a06c8d6931bfa1274af0fab0
CRs-Fixed: 1079320
|
|
There is a race condition between ipa_w2i_cb and rt_debug_host_fill,
since the rt_debug_fill_timer starts by default.
Since we introduced this mainly to debug an OOM issue, it is better
to enable this dynamically only for debug purpose.
Change to start rt_debug_fill_timer only when the RT_DEBUG flag is
enabled in INI.
Change-Id: I4fef0b66ffef0b02c26217b6f9eff2b8a4a11bcd
CRs-fixed: 1089832
|
|
Add new regulatory domains APL15 and APL16. Also add
regulatory domains APl14_WORLD, APL15_WORLD and APL16_WORLD.
Also change reg-domain mappings for a host of countries. This
incorporates changes made 2016-10-31 to the regdomain.xls
regulatory database.
Change-Id: I12faa43bed83b7a046bba9b1921584ed5cef6f40
CRs-Fixed: 1090230
|
|
hdd_remove_passive_channels is not called outside the file.
Make it static.
Change-Id: I17ee9a398b5c88cbaa4677e43bc3a931faf3313d
CRs-Fixed: 1089927
|
|
NSS value in ADD_BSS response indicates NSS of the connection, while session
NSS value indicates self NSS capability used by FW to dynamically switch to
higher NSS opportunistically. Hence do not overwrite session NSS with ADD BSS
response NSS as that would cause DUT to get stuck in 1x1 and not upgrade to 2x2
opportunistically.
Change-Id: Ie4849a1ccd645ef477a90afa09ef8172048e0a86
CRs-Fixed: 1090245
|
|
While trying to enable the -Wmissing-prototypes compiler switch the
following obsolete APIs were uncovered in csr_api_roam.c:
csr_roam_get_phy_mode_from_dot11_mode()
csr_get_htcb_state_from_vhtcb_state()
csr_is_command_waiting()
Since these are obsolete, remove them.
Change-Id: If9c5efb6043ccbe874d3f7f41c4ebc1c3dc9675f
CRs-Fixed: 1085761
|
|
Release 5.2.0.2R
Change-Id: I05cf179be4cfd9b851e671887b40368fd75ceda2
CRs-Fixed: 688141
|
|
This is a qcacld-2.0 to qcacld-3.0 propagation.
Currently when processing the "set passpoint list" vendor command the
"number of networks" parameter is not limit checked. This value is
subsequently used to calculate the size of a buffer. Add a limit check
to ensure that an appropriately sized buffer is always allocated.
Change-Id: Ibc2346b8a62898fc47e2d1efe457c57c08b0cada
CRs-Fixed: 1091940
|
|
This is a qcacld-2.0 to qcacld-3.0 propagation.
Currently when processing an EXTSCAN vendor command the "num buckets"
attribute is limit checked and if it exceeds a MAX value then a
warning message is issued. But beyond that the "num buckets" attribute
is not used. Instead when the buckets are actually parsed the number
of buckets is calculated dynamically based upon the number of
attributes present in the request. Unfortunately when the bucket
attributes are parsed there is no check to make sure the number of
buckets processed does not exceed the MAX value, and as a result a
buffer overflow can occur. Address this issue by aborting the bucket
parsing once the expected number of records have been parsed.
Change-Id: Ic260dd65dc99118afbb8042d102acb5b26d1e123
CRs-Fixed: 1087797
|
|
This is a qcacld-2.0 to qcacld-3.0 propagation.
Currently when processing an EPNO vendor command the "num networks"
attribute is limit checked and if it exceeds a MAX value then it is
reset to that MAX value. This value is then used to calculate the size
of the buffer allocated to hold the internal representation of the
request. However later when the network attributes are parsed there is
no check to make sure the number of networks processed does not exceed
the (possibly modified) "num networks" used to allocate memory, and as
a result a buffer overflow can occur. Address this issue by aborting
the network parsing once "num networks" records have been parsed.
Change-Id: I6e5f321d23471d082bb000ad0422ea9baa76577a
CRs-Fixed: 1087807
|
|
This is a qcacld-2.0 to qcacld-3.0 propagation.
Currently there is a single wlan_hdd_extscan_config_policy which
contains entries for both EXTSCAN and PNO attributes. However the
EXTSCAN and PNO attributes have separate and overlapping
assignments. Therefore one policy cannot be used by both types of
commands. In addition, when parsing nested PNO attributes the policy
is not used, and hence no checking is performed on the nested
data. This can result in a buffer overflow.
To address these issues introduce a new policy for PNO vendor
commands, and use that policy both when parsing the initial command
and when parsing the nested attributes. Furthermore add a zero length
SSID check to prevent underflow.
Change-Id: I92c8fc7ca1c44971502ea68b5486a2b3ae941cc5
CRs-Fixed: 1087209
|
|
In function wma_roam_scan_offload_mode, set qos_enabled to true if
qos_caps is a non zero value. Otherwise firmware will not be able
to get correct qos_caps value.
Change-Id: I3bdf43594f68cb0780f2947fff9db723644b5dac
CRs-Fixed: 1092258
|
|
Peer type in the link layer stats is being reported as wmi_peer_type
values. Map these values to wifi peer types before reporting link
layer stats to kernel.
Change-Id: I1b86cd030ff8e40296cd99b3a6ceb1168b96ba78
CRs-Fixed: 1091553
|
|
Add support to disable/configure the auto BMPS timer using INI
configuration.
The default value for the auto BMPS timer was set to 20 sec and
when the connection is established from cmd line, DUT enters into
power save once the timeout happens which can lead to issue in
DHCP completion. Framework disables the power save during DHCP and
enables it when DHCP is done, hence disable the auto BMPS timer by
default and provide the INI configuration to configure it.
Change-Id: I9732f915dd0fb552dd4943b70a6026a7a2bc80a0
CRs-Fixed: 1092305
|
|
SessionId validation check is not present in the
sme_sta_in_middle_of_roaming.
Remove duplicate sme_sta_in_middle_of_roaming API to
get roaming status instead use sme_neighbor_middle_of_roaming
API.
Change-Id: Ia8d02f93630297239454bfac37e902eccb92d761
CRs-Fixed: 1091051
|
