summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHoa Hoang <hxhoa@fossil.com>2020-05-20 11:41:34 +0700
committerHoa Hoang <hxhoa@fossil.com>2020-05-20 11:42:37 +0700
commit207571b39e06ee3d8ff7d64d3062eb037a696532 (patch)
treeafd9142f365c606f0a26573c136c1bf325182bd1
parent23d6ef01b737eff39b15145ddb4ebf97ac5a5620 (diff)
parent1e4aec235dc4897765a9b16fd76a201c99974f25 (diff)
downloadwlan-android-msm-sole-4.9-pie-wear-mr1.tar.gz
Merge branch qcom-LW.BR.4.0.3-05400 into android-msm-common-4.9android-wear-9.0.0_r0.63android-msm-sole-4.9-pie-wear-mr1
Bug: 155037016 Change-Id: I7a6037d8c1319197493e6f30e68682f088654b36
Diffstat
-rw-r--r--CORE/HDD/inc/wlan_hdd_cfg.h6
-rw-r--r--CORE/HDD/inc/wlan_hdd_cfg80211.h25
-rw-r--r--CORE/HDD/inc/wlan_hdd_main.h11
-rw-r--r--CORE/HDD/src/wlan_hdd_assoc.c28
-rw-r--r--CORE/HDD/src/wlan_hdd_cfg.c7
-rw-r--r--CORE/HDD/src/wlan_hdd_cfg80211.c82
-rw-r--r--CORE/HDD/src/wlan_hdd_main.c362
-rw-r--r--CORE/HDD/src/wlan_hdd_wext.c36
-rw-r--r--CORE/MAC/inc/sirMacProtDef.h4
-rw-r--r--CORE/MAC/src/include/sirParams.h2
-rw-r--r--CORE/MAC/src/pe/lim/limProcessActionFrame.c46
-rw-r--r--CORE/MAC/src/pe/lim/limProcessDeauthFrame.c7
-rw-r--r--CORE/MAC/src/pe/lim/limProcessDisassocFrame.c5
-rw-r--r--CORE/MAC/src/pe/rrm/rrmApi.c14
-rw-r--r--CORE/MAC/src/pe/sch/schBeaconProcess.c4
-rw-r--r--CORE/SME/src/csr/csrApiRoam.c2
-rw-r--r--CORE/SME/src/sme_common/sme_Api.c52
-rw-r--r--CORE/SVC/src/logging/wlan_logging_sock_svc.c66
-rw-r--r--CORE/WDA/inc/wlan_qct_wda.h2
-rw-r--r--CORE/WDA/src/wlan_qct_wda.c73
20 files changed, 71 insertions, 763 deletions
diff --git a/CORE/HDD/inc/wlan_hdd_cfg.h b/CORE/HDD/inc/wlan_hdd_cfg.h
index 0884b7174..9aa245dd7 100644
--- a/CORE/HDD/inc/wlan_hdd_cfg.h
+++ b/CORE/HDD/inc/wlan_hdd_cfg.h
@@ -3002,11 +3002,6 @@ This feature requires the dependent cfg.ini "gRoamPrefer5GHz" set to 1 */
#define CFG_OPTIMIZE_CA_EVENT_ENABLE ( 1 )
#define CFG_OPTIMIZE_CA_EVENT_DEFAULT ( 0 )
-#define CFG_FWR_MEM_DUMP_NAME "gEnableFwrMemDump"
-#define CFG_FWR_MEM_DUMP_MAX ( 1 )
-#define CFG_FWR_MEM_DUMP_MIN ( 0 )
-#define CFG_FWR_MEM_DUMP_DEF ( 1 )
-
#define CFG_ACTIVE_PASSIVE_CHAN_CONV_NAME "gActivePassiveChCon"
#define CFG_ACTIVE_PASSIVE_CHAN_CONV_MIN (0)
#define CFG_ACTIVE_PASSIVE_CHAN_CONV_MAX (1)
@@ -3791,7 +3786,6 @@ typedef struct
v_U32_t linkFailTxCnt;
v_BOOL_t ignorePeerHTopMode;
v_U8_t gOptimizeCAevent;
- v_BOOL_t enableFwrMemDump;
v_U8_t gActivePassiveChCon;
v_U32_t cfgExtScanConcMode;
v_U16_t rps_mask;
diff --git a/CORE/HDD/inc/wlan_hdd_cfg80211.h b/CORE/HDD/inc/wlan_hdd_cfg80211.h
index a6f5a35d4..9d8a32e27 100644
--- a/CORE/HDD/inc/wlan_hdd_cfg80211.h
+++ b/CORE/HDD/inc/wlan_hdd_cfg80211.h
@@ -200,8 +200,6 @@ enum qca_nl80211_vendor_subcmds {
/* Get Wifi Specific Info */
QCA_NL80211_VENDOR_SUBCMD_GET_WIFI_INFO = 61,
- /* Start Wifi Memory Dump */
- QCA_NL80211_VENDOR_SUBCMD_WIFI_LOGGER_MEMORY_DUMP = 63,
/*
* APIs corresponding to the sub commands 65-68 are deprecated.
@@ -482,7 +480,6 @@ enum qca_nl80211_vendor_subcmds_index {
/*EXT TDLS*/
QCA_NL80211_VENDOR_SUBCMD_TDLS_STATE_CHANGE_INDEX,
QCA_NL80211_VENDOR_SUBCMD_NAN_INDEX,
- QCA_NL80211_VENDOR_SUBCMD_WIFI_LOGGER_MEMORY_DUMP_INDEX,
QCA_NL80211_VENDOR_SUBCMD_MONITOR_RSSI_INDEX,
QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_HOTLIST_AP_LOST_INDEX,
@@ -1642,7 +1639,6 @@ enum qca_wlan_vendor_attr_offloaded_packets
* @WIFI_LOGGER_WATCHDOG_TIMER_SUPPORTED - monitor FW health
*/
enum wifi_logger_supported_features {
- WIFI_LOGGER_MEMORY_DUMP_SUPPORTED = (1 << (0)),
WIFI_LOGGER_PER_PACKET_TX_RX_STATUS_SUPPORTED = (1 << (1)),
WIFI_LOGGER_CONNECT_EVENT_SUPPORTED = (1 << (2)),
WIFI_LOGGER_POWER_EVENT_SUPPORTED = (1 << (3)),
@@ -1813,27 +1809,6 @@ backported_cfg80211_vendor_event_alloc(struct wiphy *wiphy,
int wlan_hdd_send_hang_reason_event(hdd_context_t *hdd_ctx,
unsigned int reason);
-/**
- * enum qca_wlan_vendor_attr_memory_dump - values for memory dump attributes
- * @QCA_WLAN_VENDOR_ATTR_MEMORY_DUMP_INVALID - Invalid
- * @QCA_WLAN_VENDOR_ATTR_REQUEST_ID - Indicate request ID
- * @QCA_WLAN_VENDOR_ATTR_MEMDUMP_SIZE - Indicate size of the memory dump
- * @QCA_WLAN_VENDOR_ATTR_MEMORY_DUMP_AFTER_LAST - To keep track of the last enum
- * @QCA_WLAN_VENDOR_ATTR_MEMORY_DUMP_MAX - max value possible for this type
- *
- * enum values are used for NL attributes for data used by
- * QCA_NL80211_VENDOR_SUBCMD_WIFI_LOGGER_MEMORY_DUMP sub command.
- */
-enum qca_wlan_vendor_attr_memory_dump {
- QCA_WLAN_VENDOR_ATTR_MEMORY_DUMP_INVALID = 0,
- QCA_WLAN_VENDOR_ATTR_REQUEST_ID = 1,
- QCA_WLAN_VENDOR_ATTR_MEMDUMP_SIZE = 2,
-
- QCA_WLAN_VENDOR_ATTR_MEMORY_DUMP_AFTER_LAST,
- QCA_WLAN_VENDOR_ATTR_MEMORY_DUMP_MAX =
- QCA_WLAN_VENDOR_ATTR_MEMORY_DUMP_AFTER_LAST - 1,
-};
-
#if defined(CFG80211_DISCONNECTED_V2) || \
(LINUX_VERSION_CODE >= KERNEL_VERSION(4, 2, 0))
static inline void wlan_hdd_cfg80211_indicate_disconnect(struct net_device *dev,
diff --git a/CORE/HDD/inc/wlan_hdd_main.h b/CORE/HDD/inc/wlan_hdd_main.h
index df103dc20..3e3f267c8 100644
--- a/CORE/HDD/inc/wlan_hdd_main.h
+++ b/CORE/HDD/inc/wlan_hdd_main.h
@@ -1485,8 +1485,6 @@ struct hdd_fw_mem_dump_req_ctx {
*/
typedef void (*hdd_fw_mem_dump_req_cb)(void *context);
-int memdump_init(void);
-int memdump_deinit(void);
void wlan_hdd_fw_mem_dump_cb(void *,tAniFwrDumpRsp *);
int wlan_hdd_fw_mem_dump_req(hdd_context_t * pHddCtx);
void wlan_hdd_fw_mem_dump_req_cb(void *context);
@@ -2369,15 +2367,6 @@ int hdd_parse_disable_chan_cmd(hdd_adapter_t *adapter, tANI_U8 *ptr);
int hdd_get_disable_ch_list(hdd_context_t *hdd_ctx, tANI_U8 *buf,
uint32_t buf_len);
-/**
- * hdd_is_memdump_supported() - to check if memdump feature support
- *
- * This function is used to check if memdump feature is supported in
- * the host driver
- *
- * Return: true if supported and false otherwise
- */
-bool hdd_is_memdump_supported(void);
/**
* hdd_is_cli_iface_up() - check if there is any cli iface up
diff --git a/CORE/HDD/src/wlan_hdd_assoc.c b/CORE/HDD/src/wlan_hdd_assoc.c
index f7ce1b848..389909fac 100644
--- a/CORE/HDD/src/wlan_hdd_assoc.c
+++ b/CORE/HDD/src/wlan_hdd_assoc.c
@@ -897,10 +897,10 @@ static void hdd_SendFTAssocResponse(struct net_device *dev, hdd_adapter_t *pAdap
unsigned int len = 0;
u8 *pFTAssocRsp = NULL;
- if (pCsrRoamInfo->nAssocRspLength == 0)
+ if (pCsrRoamInfo->nAssocRspLength < FT_ASSOC_RSP_IES_OFFSET)
{
hddLog(LOGE,
- "%s: pCsrRoamInfo->nAssocRspLength=%d",
+ "%s: Invalid assoc rsp length %d",
__func__, (int)pCsrRoamInfo->nAssocRspLength);
return;
}
@@ -919,6 +919,16 @@ static void hdd_SendFTAssocResponse(struct net_device *dev, hdd_adapter_t *pAdap
(unsigned int)pFTAssocRsp[0],
(unsigned int)pFTAssocRsp[1]);
+ /* Send the Assoc Resp, the supplicant needs this for initial Auth. */
+ len = pCsrRoamInfo->nAssocRspLength - FT_ASSOC_RSP_IES_OFFSET;
+ if (len > IW_GENERIC_IE_MAX) {
+ hddLog(LOGE,
+ "%s: Invalid assoc rsp length %d",
+ __func__, (int)pCsrRoamInfo->nAssocRspLength);
+ return;
+ }
+ wrqu.data.length = len;
+
// We need to send the IEs to the supplicant.
buff = kmalloc(IW_GENERIC_IE_MAX, GFP_ATOMIC);
if (buff == NULL)
@@ -927,9 +937,6 @@ static void hdd_SendFTAssocResponse(struct net_device *dev, hdd_adapter_t *pAdap
return;
}
- // Send the Assoc Resp, the supplicant needs this for initial Auth.
- len = pCsrRoamInfo->nAssocRspLength - FT_ASSOC_RSP_IES_OFFSET;
- wrqu.data.length = len;
memset(buff, 0, IW_GENERIC_IE_MAX);
memcpy(buff, pFTAssocRsp, len);
wireless_send_event(dev, IWEVASSOCRESPIE, &wrqu, buff);
@@ -2169,8 +2176,10 @@ static void hdd_SendReAssocEvent(struct net_device *dev, hdd_adapter_t *pAdapter
goto done;
}
- if (pCsrRoamInfo->nAssocRspLength == 0) {
- hddLog(LOGE, "%s: Invalid assoc response length", __func__);
+ if (pCsrRoamInfo->nAssocRspLength < FT_ASSOC_RSP_IES_OFFSET) {
+
+ hddLog(LOGE, "%s: Invalid assoc response length %d",
+ __func__, pCsrRoamInfo->nAssocRspLength);
goto done;
}
@@ -2187,6 +2196,11 @@ static void hdd_SendReAssocEvent(struct net_device *dev, hdd_adapter_t *pAdapter
// Send the Assoc Resp, the supplicant needs this for initial Auth.
len = pCsrRoamInfo->nAssocRspLength - FT_ASSOC_RSP_IES_OFFSET;
+ if (len > IW_GENERIC_IE_MAX) {
+ hddLog(LOGE, "%s: Invalid assoc response length %d",
+ __func__, pCsrRoamInfo->nAssocRspLength);
+ goto done;
+ }
rspRsnLength = len;
memcpy(rspRsnIe, pFTAssocRsp, len);
memset(rspRsnIe + len, 0, IW_GENERIC_IE_MAX - len);
diff --git a/CORE/HDD/src/wlan_hdd_cfg.c b/CORE/HDD/src/wlan_hdd_cfg.c
index 6a2e23a79..7d19f1231 100644
--- a/CORE/HDD/src/wlan_hdd_cfg.c
+++ b/CORE/HDD/src/wlan_hdd_cfg.c
@@ -3592,13 +3592,6 @@ REG_VARIABLE( CFG_EXTSCAN_ENABLE, WLAN_PARAM_Integer,
CFG_OPTIMIZE_CA_EVENT_DISABLE,
CFG_OPTIMIZE_CA_EVENT_ENABLE ),
- REG_VARIABLE(CFG_FWR_MEM_DUMP_NAME, WLAN_PARAM_Integer,
- hdd_config_t,enableFwrMemDump,
- VAR_FLAGS_OPTIONAL | VAR_FLAGS_RANGE_CHECK_ASSUME_DEFAULT,
- CFG_FWR_MEM_DUMP_DEF,
- CFG_FWR_MEM_DUMP_MIN,
- CFG_FWR_MEM_DUMP_MAX),
-
REG_VARIABLE( CFG_ACTIVE_PASSIVE_CHAN_CONV_NAME, WLAN_PARAM_Integer,
hdd_config_t, gActivePassiveChCon,
VAR_FLAGS_OPTIONAL | VAR_FLAGS_RANGE_CHECK_ASSUME_DEFAULT,
diff --git a/CORE/HDD/src/wlan_hdd_cfg80211.c b/CORE/HDD/src/wlan_hdd_cfg80211.c
index ed91e8500..ac398e028 100644
--- a/CORE/HDD/src/wlan_hdd_cfg80211.c
+++ b/CORE/HDD/src/wlan_hdd_cfg80211.c
@@ -6385,71 +6385,6 @@ wlan_hdd_cfg80211_get_concurrency_matrix(struct wiphy *wiphy,
return ret;
}
-
-static int
-__wlan_hdd_cfg80211_get_fw_mem_dump(struct wiphy *wiphy,
- struct wireless_dev *wdev,
- const void *data, int data_len)
-{
- hdd_context_t *pHddCtx = wiphy_priv(wiphy);
- int ret;
- ENTER();
-
- ret = wlan_hdd_validate_context(pHddCtx);
- if (0 != ret)
- {
- return ret;
- }
-
- if( !pHddCtx->cfg_ini->enableFwrMemDump ||
- (FALSE == sme_IsFeatureSupportedByFW(MEMORY_DUMP_SUPPORTED)))
- {
- hddLog(VOS_TRACE_LEVEL_INFO, FL("FW dump Logging not supported"));
- return -EOPNOTSUPP;
- }
- /*call common API for FW mem dump req*/
- ret = wlan_hdd_fw_mem_dump_req(pHddCtx);
-
- if (!ret)
- {
- /*indicate to userspace the status of fw mem dump */
- wlan_indicate_mem_dump_complete(true);
- }
- else
- {
- /*else send failure to userspace */
- wlan_indicate_mem_dump_complete(false);
- }
- EXIT();
- return ret;
-}
-
-/**
- * wlan_hdd_cfg80211_get_fw_mem_dump() - Get FW memory dump
- * @wiphy: pointer to wireless wiphy structure.
- * @wdev: pointer to wireless_dev structure.
- * @data: Pointer to the NL data.
- * @data_len:Length of @data
- *
- * This is called when wlan driver needs to get the firmware memory dump
- * via vendor specific command.
- *
- * Return: 0 on success, error number otherwise.
- */
-
-static int
-wlan_hdd_cfg80211_get_fw_mem_dump(struct wiphy *wiphy,
- struct wireless_dev *wdev,
- const void *data, int data_len)
-{
- int ret = 0;
- vos_ssr_protect(__func__);
- ret = __wlan_hdd_cfg80211_get_fw_mem_dump(wiphy, wdev, data,
- data_len);
- vos_ssr_unprotect(__func__);
- return ret;
-}
-
static const struct
nla_policy
qca_wlan_vendor_wifi_logger_start_policy
@@ -8576,9 +8511,6 @@ __wlan_hdd_cfg80211_get_logger_supp_feature(struct wiphy *wiphy,
features = 0;
- if (hdd_is_memdump_supported())
- features |= WIFI_LOGGER_MEMORY_DUMP_SUPPORTED;
-
if (hdd_ctx->cfg_ini->wlanLoggingEnable &&
hdd_ctx->cfg_ini->enableFatalEvent &&
hdd_ctx->is_fatal_event_log_sup) {
@@ -8789,14 +8721,6 @@ const struct wiphy_vendor_command hdd_wiphy_vendor_commands[] =
},
{
.info.vendor_id = QCA_NL80211_VENDOR_ID,
- .info.subcmd = QCA_NL80211_VENDOR_SUBCMD_WIFI_LOGGER_MEMORY_DUMP,
- .flags = WIPHY_VENDOR_CMD_NEED_WDEV |
- WIPHY_VENDOR_CMD_NEED_NETDEV |
- WIPHY_VENDOR_CMD_NEED_RUNNING,
- .doit = wlan_hdd_cfg80211_get_fw_mem_dump
- },
- {
- .info.vendor_id = QCA_NL80211_VENDOR_ID,
.info.subcmd = QCA_NL80211_VENDOR_SUBCMD_SETBAND,
.flags = WIPHY_VENDOR_CMD_NEED_WDEV |
WIPHY_VENDOR_CMD_NEED_NETDEV |
@@ -8991,12 +8915,6 @@ struct nl80211_vendor_cmd_info wlan_hdd_cfg80211_vendor_events[] =
.vendor_id = QCA_NL80211_VENDOR_ID,
.subcmd = QCA_NL80211_VENDOR_SUBCMD_TDLS_STATE
},
- [QCA_NL80211_VENDOR_SUBCMD_WIFI_LOGGER_MEMORY_DUMP_INDEX] = {
- .vendor_id = QCA_NL80211_VENDOR_ID,
- .subcmd = QCA_NL80211_VENDOR_SUBCMD_WIFI_LOGGER_MEMORY_DUMP
- },
-
-
[QCA_NL80211_VENDOR_SUBCMD_NAN_INDEX] = {
.vendor_id = QCA_NL80211_VENDOR_ID,
.subcmd = QCA_NL80211_VENDOR_SUBCMD_NAN
diff --git a/CORE/HDD/src/wlan_hdd_main.c b/CORE/HDD/src/wlan_hdd_main.c
index 13c0421d5..9462aa76b 100644
--- a/CORE/HDD/src/wlan_hdd_main.c
+++ b/CORE/HDD/src/wlan_hdd_main.c
@@ -12449,7 +12449,6 @@ void hdd_wlan_exit(hdd_context_t *pHddCtx)
hdd_close_tx_queues(pHddCtx);
wlan_free_fwr_mem_dump_buffer();
- memdump_deinit();
#ifdef WLAN_LOGGING_SOCK_SVC_ENABLE
if (pHddCtx->cfg_ini->wlanLoggingEnable)
@@ -13183,11 +13182,10 @@ void hdd_init_frame_logging(hdd_context_t* pHddCtx)
return;
}
- hddLog(VOS_TRACE_LEVEL_INFO, "%s: Configuring %s %s %s %s Logging",__func__,
+ hddLog(VOS_TRACE_LEVEL_INFO, "%s: Configuring %s %s %s Logging",__func__,
pHddCtx->cfg_ini->enableFWLogging?"FW Log,":"",
pHddCtx->cfg_ini->enableContFWLogging ? "Cont FW log,":"",
- pHddCtx->cfg_ini->enableMgmtLogging ? "Mgmt Pkt Log":"",
- pHddCtx->cfg_ini->enableFwrMemDump ? "Fw Mem dump":"");
+ pHddCtx->cfg_ini->enableMgmtLogging ? "Mgmt Pkt Log":"");
if (pHddCtx->cfg_ini->enableFWLogging ||
pHddCtx->cfg_ini->enableContFWLogging)
@@ -13203,11 +13201,6 @@ void hdd_init_frame_logging(hdd_context_t* pHddCtx)
{
wlanFWLoggingInitParam.enableFlag |= WLAN_BMUHW_TRACE_LOG_EN;
}
- if(pHddCtx->cfg_ini->enableFwrMemDump &&
- (TRUE == sme_IsFeatureSupportedByFW(MEMORY_DUMP_SUPPORTED)))
- {
- wlanFWLoggingInitParam.enableFlag |= WLAN_FW_MEM_DUMP_EN;
- }
if( wlanFWLoggingInitParam.enableFlag == 0 )
{
hddLog(VOS_TRACE_LEVEL_ERROR, "%s: Logging not enabled", __func__);
@@ -14151,9 +14144,7 @@ int hdd_wlan_startup(struct device *dev )
if (pHddCtx->cfg_ini->wlanLoggingEnable &&
(pHddCtx->cfg_ini->enableFWLogging ||
pHddCtx->cfg_ini->enableMgmtLogging ||
- pHddCtx->cfg_ini->enableContFWLogging ||
- pHddCtx->cfg_ini->enableFwrMemDump )
- )
+ pHddCtx->cfg_ini->enableContFWLogging))
{
hdd_init_frame_logging(pHddCtx);
}
@@ -14292,8 +14283,6 @@ int hdd_wlan_startup(struct device *dev )
{
hddLog(VOS_TRACE_LEVEL_INFO, FL("Registered IPv4 notifier"));
}
- /*Fw mem dump procfs initialization*/
- memdump_init();
hdd_dp_util_send_rps_ind(pHddCtx);
pHddCtx->is_ap_mode_wow_supported =
@@ -16235,343 +16224,6 @@ int hdd_sta_id_find_from_mac_addr(hdd_adapter_t *pAdapter,
return sta_id;
}
-/*FW memory dump feature*/
-/**
- * This structure hold information about the /proc file
- *
- */
-static struct proc_dir_entry *proc_file, *proc_dir;
-
-/**
- * memdump_read() - perform read operation in memory dump proc file
- *
- * @file - handle for the proc file.
- * @buf - pointer to user space buffer.
- * @count - number of bytes to be read.
- * @pos - offset in the from buffer.
- *
- * This function performs read operation for the memory dump proc file.
- *
- * Return: number of bytes read on success, error code otherwise.
- */
-static ssize_t memdump_read(struct file *file, char __user *buf,
- size_t count, loff_t *pos)
-{
- int status;
- hdd_context_t *hdd_ctx = (hdd_context_t *)PDE_DATA(file_inode(file));
- size_t ret_count;
- loff_t bytes_left;
- ENTER();
-
- hddLog(LOG1, FL("Read req for size:%zu pos:%llu"), count, *pos);
- status = wlan_hdd_validate_context(hdd_ctx);
- if (0 != status) {
- return -EINVAL;
- }
-
- if (!wlan_fwr_mem_dump_test_and_set_read_allowed_bit()) {
- hddLog(LOGE, FL("Current mem dump request timed out/failed"));
- return -EINVAL;
- }
-
- /* run fs_read_handler in an atomic context*/
- vos_ssr_protect(__func__);
- ret_count = wlan_fwr_mem_dump_fsread_handler( buf, count, pos, &bytes_left);
- if(bytes_left == 0)
- {
- /*Free the fwr mem dump buffer */
- wlan_free_fwr_mem_dump_buffer();
- wlan_set_fwr_mem_dump_state(FW_MEM_DUMP_IDLE);
- ret_count=0;
- }
- /*if SSR/unload code is waiting for memdump_read to finish,signal it*/
- vos_ssr_unprotect(__func__);
- EXIT();
- return ret_count;
-}
-
-/**
- * struct memdump_fops - file operations for memory dump feature
- * @read - read function for memory dump operation.
- *
- * This structure initialize the file operation handle for memory
- * dump feature
- */
-static const struct file_operations memdump_fops = {
- read: memdump_read
-};
-
-struct fw_mem_dump_priv {
- uint32_t status;
-};
-
-/*
-* wlan_hdd_fw_mem_dump_cb : callback for Fw mem dump request
-* To be passed by HDD to WDA and called upon receiving of response
-* from firmware
-* @fwMemDumpReqContext : memory dump request context
-* @dump_rsp : dump response from HAL
-* Returns none
-*/
-void wlan_hdd_fw_mem_dump_cb(void *context,
- tAniFwrDumpRsp *dump_rsp)
-{
- struct hdd_request *request;
- struct fw_mem_dump_priv *priv;
-
- request = hdd_request_get(context);
- if (!request) {
- hddLog(VOS_TRACE_LEVEL_ERROR, FL("Obsolete request"));
- return;
- }
-
- ENTER();
-
- priv = hdd_request_priv(request);
- priv->status = dump_rsp->dump_status;
-
- /* report the status to requesting function and free mem.*/
- if (dump_rsp->dump_status != eHAL_STATUS_SUCCESS) {
- hddLog(LOGE, FL("fw dump request declined by fwr"));
- //set the request completion variable
- hdd_request_complete(request);
- //Free the allocated fwr dump
- wlan_free_fwr_mem_dump_buffer();
- wlan_set_fwr_mem_dump_state(FW_MEM_DUMP_IDLE);
- } else {
- hddLog(LOG1, FL("fw dump request accepted by fwr"));
- /* register the HDD callback which will be called by SVC */
- wlan_set_svc_fw_mem_dump_req_cb(
- (void*)wlan_hdd_fw_mem_dump_req_cb,
- context);
- }
-
- hdd_request_put(request);
-
- EXIT();
-}
-
-/**
- * memdump_procfs_remove() - Remove file/dir under procfs for memory dump
- *
- * This function removes file/dir under proc file system that was
- * processing firmware memory dump
- *
- * Return: None
- */
-static void memdump_procfs_remove(void)
-{
- remove_proc_entry(PROCFS_MEMDUMP_NAME, proc_dir);
- hddLog(LOG1 , FL("/proc/%s/%s removed\n"),
- PROCFS_MEMDUMP_DIR, PROCFS_MEMDUMP_NAME);
- remove_proc_entry(PROCFS_MEMDUMP_DIR, NULL);
- hddLog(LOG1 , FL("/proc/%s removed\n"), PROCFS_MEMDUMP_DIR);
-}
-
-/**
- * memdump_procfs_init() - Initialize procfs for memory dump
- *
- * @vos_ctx - Global vos context.
- *
- * This function create file under proc file system to be used later for
- * processing firmware memory dump
- *
- * Return: 0 on success, error code otherwise.
- */
-static int memdump_procfs_init(void *vos_ctx)
-{
- hdd_context_t *hdd_ctx;
-
- hdd_ctx = vos_get_context(VOS_MODULE_ID_HDD, vos_ctx);
- if (!hdd_ctx) {
- hddLog(LOGE , FL("Invalid HDD context"));
- return -EINVAL;
- }
-
- proc_dir = proc_mkdir(PROCFS_MEMDUMP_DIR, NULL);
- if (proc_dir == NULL) {
- remove_proc_entry(PROCFS_MEMDUMP_DIR, NULL);
- hddLog(LOGE , FL("Error: Could not initialize /proc/%s"),
- PROCFS_MEMDUMP_DIR);
- return -ENOMEM;
- }
-
- proc_file = proc_create_data(PROCFS_MEMDUMP_NAME,
- S_IRUSR | S_IWUSR, proc_dir,
- &memdump_fops, hdd_ctx);
- if (proc_file == NULL) {
- remove_proc_entry(PROCFS_MEMDUMP_NAME, proc_dir);
- hddLog(LOGE , FL("Error: Could not initialize /proc/%s"),
- PROCFS_MEMDUMP_NAME);
- return -ENOMEM;
- }
-
- hddLog(LOG1 , FL("/proc/%s/%s created"),
- PROCFS_MEMDUMP_DIR, PROCFS_MEMDUMP_NAME);
-
- return 0;
-}
-
-/**
- * memdump_init() - Initialization function for memory dump feature
- *
- * This function creates proc file for memdump feature and registers
- * HDD callback function with SME.
- *
- * Return - 0 on success, error otherwise
- */
-int memdump_init(void)
-{
- hdd_context_t *hdd_ctx;
- void *vos_ctx;
- int status = 0;
-
- vos_ctx = vos_get_global_context(VOS_MODULE_ID_SYS, NULL);
- if (!vos_ctx) {
- hddLog(LOGE, FL("Invalid VOS context"));
- return -EINVAL;
- }
-
- hdd_ctx = vos_get_context(VOS_MODULE_ID_HDD, vos_ctx);
- if (!hdd_ctx) {
- hddLog(LOGE , FL("Invalid HDD context"));
- return -EINVAL;
- }
-
- status = memdump_procfs_init(vos_ctx);
- if (status) {
- hddLog(LOGE , FL("Failed to create proc file"));
- return status;
- }
-
- return 0;
-}
-
-/**
- * memdump_deinit() - De initialize memdump feature
- *
- * This function removes proc file created for memdump feature.
- *
- * Return: None
- */
-int memdump_deinit(void)
-{
- hdd_context_t *hdd_ctx;
- void *vos_ctx;
-
- vos_ctx = vos_get_global_context(VOS_MODULE_ID_SYS, NULL);
- if (!vos_ctx) {
- hddLog(LOGE, FL("Invalid VOS context"));
- return -EINVAL;
- }
-
- hdd_ctx = vos_get_context(VOS_MODULE_ID_HDD, vos_ctx);
- if(!hdd_ctx) {
- hddLog(LOGE , FL("Invalid HDD context"));
- return -EINVAL;
- }
-
- memdump_procfs_remove();
- return 0;
-}
-
-/**
- * wlan_hdd_fw_mem_dump_req(pHddCtx) - common API(cfg80211/ioctl) for requesting fw mem dump to SME
- * Return: HAL status
- */
-
-int wlan_hdd_fw_mem_dump_req(hdd_context_t * pHddCtx)
-{
- tAniFwrDumpReq fw_mem_dump_req={0};
- eHalStatus status = eHAL_STATUS_FAILURE;
- int ret=0, dump_status;
- void *cookie;
- struct hdd_request *request;
- struct fw_mem_dump_priv *priv;
- static const struct hdd_request_params params = {
- .priv_size = sizeof(*priv),
- .timeout_ms = FW_MEM_DUMP_TIMEOUT_MS,
- };
-
- ENTER();
-
- /*Check whether a dump request is already going on
- *Caution this function will free previously held memory if new dump request is allowed*/
- if (!wlan_fwr_mem_dump_test_and_set_write_allowed_bit()) {
- hddLog(LOGE, FL("Fw memdump already in progress"));
- return -EBUSY;
- }
- //Allocate memory for fw mem dump buffer
- ret = wlan_fwr_mem_dump_buffer_allocation();
- if(ret == -EFAULT)
- {
- hddLog(LOGE, FL("Fwr mem dump not supported by FW"));
- return ret;
- }
- if (0 != ret) {
- hddLog(LOGE, FL("Fwr mem Allocation failed"));
- return -ENOMEM;
- }
-
- request = hdd_request_alloc(&params);
- if (!request) {
- hddLog(VOS_TRACE_LEVEL_ERROR, FL("Request allocation failure"));
- return VOS_STATUS_E_NOMEM;
- }
- cookie = hdd_request_cookie(request);
-
- fw_mem_dump_req.fwMemDumpReqCallback = wlan_hdd_fw_mem_dump_cb;
- fw_mem_dump_req.fwMemDumpReqContext = cookie;
- status = sme_FwMemDumpReq(pHddCtx->hHal, &fw_mem_dump_req);
- if(eHAL_STATUS_SUCCESS != status)
- {
- hddLog(VOS_TRACE_LEVEL_ERROR,
- "%s: fw_mem_dump_req failed ", __func__);
- wlan_free_fwr_mem_dump_buffer();
- ret = -EFAULT;
- goto cleanup;
- }
- /*wait for fw mem dump completion to send event to userspace*/
- ret = hdd_request_wait_for_response(request);
- if (ret)
- {
- hddLog(VOS_TRACE_LEVEL_ERROR,
- "%s: fw_mem_dump_req timeout %d ", __func__,ret);
- ret = -ETIMEDOUT;
- }else {
- priv = hdd_request_priv(request);
- dump_status = priv->status;
- }
-cleanup:
- hdd_request_put(request);
- if(!ret && !dump_status)
- ret = -EFAULT;
-
- EXIT();
- return ret;
-}
-
-/**
- * HDD callback which will be called by SVC to indicate mem dump completion.
- */
-void wlan_hdd_fw_mem_dump_req_cb(void *context)
-{
- struct hdd_request *request;
- struct fw_mem_dump_priv *priv;
-
- request = hdd_request_get(context);
- if (!request) {
- hddLog(VOS_TRACE_LEVEL_ERROR, FL("Obsolete request"));
- return;
- }
-
- priv = hdd_request_priv(request);
- priv->status = true;
-
- hdd_request_complete(request);
- hdd_request_put(request);
-}
-
void hdd_initialize_adapter_common(hdd_adapter_t *pAdapter)
{
if (NULL == pAdapter)
@@ -18437,14 +18089,6 @@ void wlan_hdd_tsf_init(hdd_adapter_t *adapter)
#endif
-bool hdd_is_memdump_supported(void)
-{
-#ifdef WLAN_FEATURE_MEMDUMP
- return true;
-#endif
- return false;
-}
-
bool hdd_is_cli_iface_up(hdd_context_t *hdd_ctx)
{
hdd_adapter_list_node_t *adapter_node = NULL, *next = NULL;
diff --git a/CORE/HDD/src/wlan_hdd_wext.c b/CORE/HDD/src/wlan_hdd_wext.c
index 41ba21f4a..a306d505a 100644
--- a/CORE/HDD/src/wlan_hdd_wext.c
+++ b/CORE/HDD/src/wlan_hdd_wext.c
@@ -426,9 +426,6 @@ int hdd_validate_mcc_config(hdd_adapter_t *pAdapter, v_UINT_t staId,
#ifdef WLAN_FEATURE_PACKET_FILTERING
int wlan_hdd_set_filter(hdd_adapter_t *pAdapter, tpPacketFilterCfg pRequest);
#endif
-static int get_fwr_memdump(struct net_device *,
- struct iw_request_info *,
- union iwreq_data *, char *);
/**---------------------------------------------------------------------------
\brief mem_alloc_copy_from_user_helper -
@@ -7597,13 +7594,6 @@ static int __iw_setnone_getnone(struct net_device *dev,
TRUE, TRUE);
break;
}
- case WE_GET_FW_MEMDUMP:
- {
- VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_INFO,
- "FW_MEM_DUMP requested ");
- get_fwr_memdump(dev,info,wrqu,extra);
- break;
- }
default:
{
hddLog(LOGE, "%s: unknown ioctl %d", __func__, sub_cmd);
@@ -10537,32 +10527,6 @@ static int iw_set_band_config(struct net_device *dev,
return ret;
}
-static int get_fwr_memdump(struct net_device *dev,
- struct iw_request_info *info,
- union iwreq_data *wrqu, char *extra)
-{
- hdd_adapter_t *pAdapter = WLAN_HDD_GET_PRIV_PTR(dev);
- hdd_context_t *pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
- int ret;
- ENTER();
- // HddCtx sanity
- ret = wlan_hdd_validate_context(pHddCtx);
- if (0 != ret)
- {
- return ret;
- }
- if( !pHddCtx->cfg_ini->enableFwrMemDump ||
- (FALSE == sme_IsFeatureSupportedByFW(MEMORY_DUMP_SUPPORTED)))
- {
- hddLog(VOS_TRACE_LEVEL_INFO, FL("FW dump Logging not supported"));
- return -EINVAL;
- }
- ret = wlan_hdd_fw_mem_dump_req(pHddCtx);
-
- EXIT();
- return ret;
-}
-
static int __iw_set_power_params_priv(struct net_device *dev,
struct iw_request_info *info,
union iwreq_data *wrqu, char *extra)
diff --git a/CORE/MAC/inc/sirMacProtDef.h b/CORE/MAC/inc/sirMacProtDef.h
index 930f29dd8..ac66b75da 100644
--- a/CORE/MAC/inc/sirMacProtDef.h
+++ b/CORE/MAC/inc/sirMacProtDef.h
@@ -1100,11 +1100,11 @@ typedef __ani_attr_pre_packed struct sSirMacRateSet
tANI_U8 rate[SIR_MAC_RATESET_EID_MAX];
} __ani_attr_packed tSirMacRateSet;
-
+//Reserve 1 byte for NULL character in the SSID name field to print in %s
typedef __ani_attr_pre_packed struct sSirMacSSid
{
tANI_U8 length;
- tANI_U8 ssId[32];
+ tANI_U8 ssId[SIR_MAC_MAX_SSID_LENGTH + 1];
} __ani_attr_packed tSirMacSSid;
typedef __ani_attr_pre_packed struct sSirMacWpaInfo
diff --git a/CORE/MAC/src/include/sirParams.h b/CORE/MAC/src/include/sirParams.h
index e834dc8d1..497323c1f 100644
--- a/CORE/MAC/src/include/sirParams.h
+++ b/CORE/MAC/src/include/sirParams.h
@@ -765,7 +765,7 @@ typedef struct sSirMbMsgP2p
#define SIR_HAL_SEND_LOG_DONE_IND (SIR_HAL_ITC_MSG_TYPES_BEGIN + 272)
#define SIR_HAL_LOST_LINK_PARAMS_IND (SIR_HAL_ITC_MSG_TYPES_BEGIN + 273)
#define SIR_HAL_SEND_FREQ_RANGE_CONTROL_IND (SIR_HAL_ITC_MSG_TYPES_BEGIN + 274)
-#define SIR_HAL_FW_MEM_DUMP_REQ (SIR_HAL_ITC_MSG_TYPES_BEGIN + 275)
+/* FW Memory Dump feature is deprecated */
#define SIR_HAL_RSSI_MON_START_REQ (SIR_HAL_ITC_MSG_TYPES_BEGIN + 276)
#define SIR_HAL_RSSI_MON_STOP_REQ (SIR_HAL_ITC_MSG_TYPES_BEGIN + 277)
#define SIR_HAL_HIGH_PRIORITY_DATA_INFO_IND (SIR_HAL_ITC_MSG_TYPES_BEGIN + 278)
diff --git a/CORE/MAC/src/pe/lim/limProcessActionFrame.c b/CORE/MAC/src/pe/lim/limProcessActionFrame.c
index db24aacea..0329b1a2c 100644
--- a/CORE/MAC/src/pe/lim/limProcessActionFrame.c
+++ b/CORE/MAC/src/pe/lim/limProcessActionFrame.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012-2017, 2019 The Linux Foundation. All rights reserved.
+ * Copyright (c) 2012-2017, 2019-2020 The Linux Foundation. All rights reserved.
*
* Previously licensed under the ISC license by Qualcomm Atheros, Inc.
*
@@ -2386,9 +2386,17 @@ limProcessActionFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo,tpPESession ps
{
tANI_U8 *pBody = WDA_GET_RX_MPDU_DATA(pRxPacketInfo);
tpSirMacActionFrameHdr pActionHdr = (tpSirMacActionFrameHdr) pBody;
-#ifdef WLAN_FEATURE_11W
+ tANI_U8 frameLen = WDA_GET_RX_PAYLOAD_LEN(pRxPacketInfo);
tpSirMacMgmtHdr pHdr = WDA_GET_RX_MAC_HEADER(pRxPacketInfo);
+ if (frameLen < sizeof(*pActionHdr)) {
+ limLog(pMac, LOGE,
+ FL("frame_len %d less than Action Frame Hdr size"),
+ frameLen);
+ return;
+ }
+
+#ifdef WLAN_FEATURE_11W
if (lim_is_robust_mgmt_action_frame(pActionHdr->category) &&
limDropUnprotectedActionFrame(pMac, psessionEntry, pHdr,
pActionHdr->category)) {
@@ -2555,9 +2563,7 @@ limProcessActionFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo,tpPESession ps
case SIR_MAC_WNM_NOTIF_REQUEST:
case SIR_MAC_WNM_NOTIF_RESPONSE:
{
- tpSirMacMgmtHdr pHdr;
tANI_S8 rssi = WDA_GET_RX_RSSI_DB(pRxPacketInfo);
- pHdr = WDA_GET_RX_MAC_HEADER(pRxPacketInfo);
/* Forward to the SME to HDD to wpa_supplicant */
limSendSmeMgmtFrameInd(pMac, psessionEntry->smeSessionId,
pRxPacketInfo,
@@ -2605,10 +2611,13 @@ limProcessActionFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo,tpPESession ps
case SIR_MAC_ACTION_VENDOR_SPECIFIC_CATEGORY:
{
tpSirMacVendorSpecificFrameHdr pVendorSpecific = (tpSirMacVendorSpecificFrameHdr) pActionHdr;
- tpSirMacMgmtHdr pHdr;
tANI_U8 Oui[] = { 0x00, 0x00, 0xf0 };
- pHdr = WDA_GET_RX_MAC_HEADER(pRxPacketInfo);
+ if(frameLen < sizeof(*pVendorSpecific)) {
+ limLog(pMac, LOGE,
+ FL("frame len %d less than Vendor Specific Hdr len"), frameLen);
+ break;
+ }
//Check if it is a vendor specific action frame.
if ((eLIM_STA_ROLE == psessionEntry->limSystemRole) &&
@@ -2697,14 +2706,10 @@ limProcessActionFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo,tpPESession ps
{
tpSirMacVendorSpecificPublicActionFrameHdr pPubAction = (tpSirMacVendorSpecificPublicActionFrameHdr) pActionHdr;
tANI_U8 P2POui[] = { 0x50, 0x6F, 0x9A, 0x09 };
- tANI_U32 frameLen;
-
- frameLen = WDA_GET_RX_PAYLOAD_LEN(pRxPacketInfo);
- if (frameLen < sizeof(pActionHdr)) {
+ if (frameLen < sizeof(*pActionHdr)) {
limLog(pMac, LOG1,
- FL("Received action frame of invalid len %d"),
- frameLen);
+ FL("Received action frame of invalid len %d"), frameLen);
break;
}
@@ -2841,9 +2846,16 @@ limProcessActionFrameNoSession(tpAniSirGlobal pMac, tANI_U8 *pBd)
{
tANI_U8 *pBody = WDA_GET_RX_MPDU_DATA(pBd);
tpSirMacVendorSpecificPublicActionFrameHdr pActionHdr = (tpSirMacVendorSpecificPublicActionFrameHdr) pBody;
+ tANI_U32 frameLen = WDA_GET_RX_PAYLOAD_LEN(pBd);
limLog( pMac, LOG1, "Received a Action frame -- no session");
+ if (frameLen < sizeof(*pActionHdr)) {
+ limLog(pMac, LOGE,
+ FL("Received action frame of invalid len %d"), frameLen);
+ return;
+ }
+
switch ( pActionHdr->category )
{
case SIR_MAC_ACTION_PUBLIC_USAGE:
@@ -2851,16 +2863,6 @@ limProcessActionFrameNoSession(tpAniSirGlobal pMac, tANI_U8 *pBd)
case SIR_MAC_ACTION_VENDOR_SPECIFIC:
{
tANI_U8 P2POui[] = { 0x50, 0x6F, 0x9A, 0x09 };
- tANI_U32 frameLen;
-
- frameLen = WDA_GET_RX_PAYLOAD_LEN(pBd);
-
- if (frameLen < sizeof(pActionHdr)) {
- limLog(pMac, LOG1,
- FL("Received action frame of invalid len %d"),
- frameLen);
- break;
- }
//Check if it is a P2P public action frame.
if (vos_mem_compare(pActionHdr->Oui, P2POui, 4))
diff --git a/CORE/MAC/src/pe/lim/limProcessDeauthFrame.c b/CORE/MAC/src/pe/lim/limProcessDeauthFrame.c
index 8554e612b..49d5651a2 100644
--- a/CORE/MAC/src/pe/lim/limProcessDeauthFrame.c
+++ b/CORE/MAC/src/pe/lim/limProcessDeauthFrame.c
@@ -470,7 +470,8 @@ limProcessDeauthFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo, tpPESession p
}
if ((pStaDs->mlmStaContext.mlmState == eLIM_MLM_WT_DEL_STA_RSP_STATE) ||
- (pStaDs->mlmStaContext.mlmState == eLIM_MLM_WT_DEL_BSS_RSP_STATE))
+ (pStaDs->mlmStaContext.mlmState == eLIM_MLM_WT_DEL_BSS_RSP_STATE) ||
+ pStaDs->sta_deletion_in_progress)
{
/**
* Already in the process of deleting context for the peer
@@ -479,13 +480,15 @@ limProcessDeauthFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo, tpPESession p
PELOGE(limLog(pMac, LOGE,
FL("received Deauth frame from peer that is in state %d, addr "
MAC_ADDRESS_STR", isDisassocDeauthInProgress : %d\n"),
+
pStaDs->mlmStaContext.mlmState,MAC_ADDR_ARRAY(pHdr->sa),
pStaDs->isDisassocDeauthInProgress);)
+
return;
}
pStaDs->mlmStaContext.disassocReason = (tSirMacReasonCodes)reasonCode;
pStaDs->mlmStaContext.cleanupTrigger = eLIM_PEER_ENTITY_DEAUTH;
-
+ pStaDs->sta_deletion_in_progress = true;
/* send the LOST_LINK_PARAMS_IND to SME*/
limUpdateLostLinkParams(pMac, psessionEntry, pRxPacketInfo);
diff --git a/CORE/MAC/src/pe/lim/limProcessDisassocFrame.c b/CORE/MAC/src/pe/lim/limProcessDisassocFrame.c
index 1985c21d7..fb8dcc597 100644
--- a/CORE/MAC/src/pe/lim/limProcessDisassocFrame.c
+++ b/CORE/MAC/src/pe/lim/limProcessDisassocFrame.c
@@ -292,7 +292,8 @@ limProcessDisassocFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo, tpPESession
}
if ((pStaDs->mlmStaContext.mlmState == eLIM_MLM_WT_DEL_STA_RSP_STATE) ||
- (pStaDs->mlmStaContext.mlmState == eLIM_MLM_WT_DEL_BSS_RSP_STATE))
+ (pStaDs->mlmStaContext.mlmState == eLIM_MLM_WT_DEL_BSS_RSP_STATE) ||
+ pStaDs->sta_deletion_in_progress)
{
/**
* Already in the process of deleting context for the peer
@@ -306,7 +307,7 @@ limProcessDisassocFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo, tpPESession
return;
}
-
+ pStaDs->sta_deletion_in_progress = true;
if (pStaDs->mlmStaContext.mlmState != eLIM_MLM_LINK_ESTABLISHED_STATE)
{
/**
diff --git a/CORE/MAC/src/pe/rrm/rrmApi.c b/CORE/MAC/src/pe/rrm/rrmApi.c
index a39706980..ae5c5d765 100644
--- a/CORE/MAC/src/pe/rrm/rrmApi.c
+++ b/CORE/MAC/src/pe/rrm/rrmApi.c
@@ -678,7 +678,8 @@ rrmFillBeaconIes( tpAniSirGlobal pMac,
tANI_U8 *eids, tANI_U8 numEids,
tpSirBssDescription pBssDesc )
{
- tANI_U8 len, *pBcnIes, BcnNumIes, count = 0, i;
+ tANI_U8 len, *pBcnIes, count = 0, i;
+ tANI_U16 BcnNumIes = 0;
if( (pIes == NULL) || (pNumIes == NULL) || (pBssDesc == NULL) )
{
@@ -703,12 +704,19 @@ rrmFillBeaconIes( tpAniSirGlobal pMac,
*((tANI_U16*)pIes) = pBssDesc->capabilityInfo;
*pNumIes+=sizeof(tANI_U16); pIes+=sizeof(tANI_U16);
- while ( BcnNumIes > 0 )
+ while ( BcnNumIes >= 2 )
{
- len = *(pBcnIes + 1) + 2; //element id + length.
+ len = *(pBcnIes + 1); //element id + length.
+ len += 2;
limLog( pMac, LOG3, "EID = %d, len = %d total = %d",
*pBcnIes, *(pBcnIes+1), len );
+ if (BcnNumIes < len || len <= 2) {
+ limLog(pMac, LOGE, "RRM: Invalid IE len:%d exp_len:%d",
+ len, BcnNumIes);
+ break;
+ }
+
i = 0;
do
{
diff --git a/CORE/MAC/src/pe/sch/schBeaconProcess.c b/CORE/MAC/src/pe/sch/schBeaconProcess.c
index ef899bd9f..2dc4a1fd7 100644
--- a/CORE/MAC/src/pe/sch/schBeaconProcess.c
+++ b/CORE/MAC/src/pe/sch/schBeaconProcess.c
@@ -759,10 +759,6 @@ void schBeaconProcess(tpAniSirGlobal pMac, tANI_U8* pRxPacketInfo, tpPESession p
return;
}
- if (beaconStruct.ssidPresent)
- {
- beaconStruct.ssId.ssId[beaconStruct.ssId.length] = 0;
- }
/*
* First process the beacon in the context of any existing AP or BTAP session.
diff --git a/CORE/SME/src/csr/csrApiRoam.c b/CORE/SME/src/csr/csrApiRoam.c
index 604f7adb1..3d4a492b5 100644
--- a/CORE/SME/src/csr/csrApiRoam.c
+++ b/CORE/SME/src/csr/csrApiRoam.c
@@ -9749,7 +9749,7 @@ tANI_BOOLEAN csrRoamIssueWmStatusChange( tpAniSirGlobal pMac, tANI_U32 sessionId
pSmeRsp,
sizeof( pCommand->u.wmStatusChangeCmd.u.DeauthIndMsg ));
}
- if( HAL_STATUS_SUCCESS( csrQueueSmeCommand(pMac, pCommand, eANI_BOOLEAN_TRUE) ) )
+ if( HAL_STATUS_SUCCESS( csrQueueSmeCommand(pMac, pCommand, eANI_BOOLEAN_FALSE) ) )
{
fCommandQueued = eANI_BOOLEAN_TRUE;
}
diff --git a/CORE/SME/src/sme_common/sme_Api.c b/CORE/SME/src/sme_common/sme_Api.c
index f8dda401e..2a3b6ad94 100644
--- a/CORE/SME/src/sme_common/sme_Api.c
+++ b/CORE/SME/src/sme_common/sme_Api.c
@@ -14369,58 +14369,6 @@ eHalStatus sme_DeleteAllTDLSPeers(tHalHandle hHal, uint8_t sessionId)
return status;
}
-
-/**
- * sme_FwMemDumpReq() - Send Fwr mem Dump Request
- * @hal: HAL pointer
- *
- * Return: eHalStatus
- */
-
-eHalStatus sme_FwMemDumpReq(tHalHandle hHal, tAniFwrDumpReq *recv_req)
-{
-
- eHalStatus status = eHAL_STATUS_SUCCESS;
- tpAniSirGlobal pMac = PMAC_STRUCT(hHal);
- vos_msg_t msg;
- tAniFwrDumpReq * send_req;
-
- send_req = vos_mem_malloc(sizeof(*send_req));
- if(!send_req) {
- VOS_TRACE(VOS_MODULE_ID_SME, VOS_TRACE_LEVEL_ERROR,
- FL("Mem allo failed for FW_MEM_DUMP"));
- return eHAL_STATUS_FAILURE;
- }
-
- send_req->fwMemDumpReqCallback = recv_req->fwMemDumpReqCallback;
- send_req->fwMemDumpReqContext = recv_req->fwMemDumpReqContext;
-
- if (eHAL_STATUS_SUCCESS == sme_AcquireGlobalLock(&pMac->sme))
- {
- msg.bodyptr = send_req;
- msg.type = WDA_FW_MEM_DUMP_REQ;
- msg.reserved = 0;
-
- if (VOS_STATUS_SUCCESS != vos_mq_post_message(VOS_MODULE_ID_WDA, &msg))
- {
- VOS_TRACE(VOS_MODULE_ID_SME, VOS_TRACE_LEVEL_ERROR,
- FL("Not able to post WDA_FW_MEM_DUMP"));
- vos_mem_free(send_req);
- status = eHAL_STATUS_FAILURE;
- }
- sme_ReleaseGlobalLock(&pMac->sme);
- }
- else
- {
- VOS_TRACE(VOS_MODULE_ID_SME, VOS_TRACE_LEVEL_ERROR,
- FL("Failed to acquire SME Global Lock"));
- vos_mem_free(send_req);
- status = eHAL_STATUS_FAILURE;
- }
-
- return status;
-}
-
eHalStatus sme_set_wificonfig_params(tHalHandle hHal, tSetWifiConfigParams *req)
{
eHalStatus status = eHAL_STATUS_SUCCESS;
diff --git a/CORE/SVC/src/logging/wlan_logging_sock_svc.c b/CORE/SVC/src/logging/wlan_logging_sock_svc.c
index 33aa94c5b..4ec5b3d64 100644
--- a/CORE/SVC/src/logging/wlan_logging_sock_svc.c
+++ b/CORE/SVC/src/logging/wlan_logging_sock_svc.c
@@ -2155,73 +2155,7 @@ void wlan_store_fwr_mem_dump_size(uint32 dump_size)
gwlan_logging.fw_mem_dump_ctx.fw_dump_max_size = dump_size;
spin_unlock_irqrestore(&gwlan_logging.fw_mem_dump_ctx.fw_mem_dump_lock, flags);
}
-/**
- * wlan_indicate_mem_dump_complete() - When H2H for mem
- * dump finish invoke the handler.
- *
- * This is a handler used to indicate user space about the
- * availability for firmware memory dump via vendor event.
- *
- * Return: None
- */
-void wlan_indicate_mem_dump_complete(bool status )
-{
- hdd_context_t *hdd_ctx;
- void *vos_ctx;
- int ret;
- struct sk_buff *skb = NULL;
- vos_ctx = vos_get_global_context(VOS_MODULE_ID_SYS, NULL);
- if (!vos_ctx) {
- pr_err("Invalid VOS context");
- return;
- }
-
- hdd_ctx = vos_get_context(VOS_MODULE_ID_HDD, vos_ctx);
- if(!hdd_ctx) {
- pr_err("Invalid HDD context");
- return;
- }
-
- ret = wlan_hdd_validate_context(hdd_ctx);
- if (0 != ret) {
- pr_err("HDD context is not valid");
- return;
- }
-
- skb = cfg80211_vendor_cmd_alloc_reply_skb(hdd_ctx->wiphy,
- sizeof(uint32_t) + NLA_HDRLEN + NLMSG_HDRLEN);
-
- if (!skb) {
- pr_err("cfg80211_vendor_event_alloc failed");
- return;
- }
- if(status)
- {
- if (nla_put_u32(skb, QCA_WLAN_VENDOR_ATTR_MEMDUMP_SIZE,
- gwlan_logging.fw_mem_dump_ctx.fw_dump_max_size)) {
- pr_err("nla put fail");
- goto nla_put_failure;
- }
- }
- else
- {
- pr_err("memdump failed.Returning size 0 to user");
- if (nla_put_u32(skb, QCA_WLAN_VENDOR_ATTR_MEMDUMP_SIZE,
- 0)) {
- pr_err("nla put fail");
- goto nla_put_failure;
- }
- }
- /*indicate mem dump complete*/
- cfg80211_vendor_cmd_reply(skb);
- pr_info("Memdump event sent successfully to user space : recvd size %d",(int)(gwlan_logging.fw_mem_dump_ctx.fw_dump_current_loc - gwlan_logging.fw_mem_dump_ctx.fw_dump_start_loc));
- return;
-
-nla_put_failure:
- kfree_skb(skb);
- return;
-}
#ifdef FEATURE_WLAN_DIAG_SUPPORT
/**
* wlan_report_log_completion() - Report bug report completion to userspace
diff --git a/CORE/WDA/inc/wlan_qct_wda.h b/CORE/WDA/inc/wlan_qct_wda.h
index db75533c9..5048fa75d 100644
--- a/CORE/WDA/inc/wlan_qct_wda.h
+++ b/CORE/WDA/inc/wlan_qct_wda.h
@@ -1364,8 +1364,6 @@ eHalStatus WDA_SetRegDomain(void * clientCtxt, v_REGDOMAIN_t regId,
#define WDA_HIGH_PRIORITY_DATA_INFO_IND SIR_HAL_HIGH_PRIORITY_DATA_INFO_IND
#endif /* WLAN_FEATURE_EXTSCAN */
-#define WDA_FW_MEM_DUMP_REQ SIR_HAL_FW_MEM_DUMP_REQ
-
#define WDA_WIFI_CONFIG_REQ SIR_HAL_WIFI_CONFIG_PARAMS
#define WDA_ANTENNA_DIVERSITY_SELECTION_REQ SIR_HAL_ANTENNA_DIVERSITY_SELECTION_REQ
diff --git a/CORE/WDA/src/wlan_qct_wda.c b/CORE/WDA/src/wlan_qct_wda.c
index f50075736..23e72de6b 100644
--- a/CORE/WDA/src/wlan_qct_wda.c
+++ b/CORE/WDA/src/wlan_qct_wda.c
@@ -278,10 +278,6 @@ VOS_STATUS
WDA_ProcessSetRtsCtsHTVhtInd(tWDA_CbContext *pWDA,
tANI_U32 val);
-VOS_STATUS
-WDA_ProcessFwrMemDumpReq(tWDA_CbContext *pWDA,
- tAniFwrDumpReq* pFwrMemDumpReq);
-
VOS_STATUS WDA_ProcessMonStartReq( tWDA_CbContext *pWDA, void* wdaRequest);
VOS_STATUS WDA_ProcessMonStopReq( tWDA_CbContext *pWDA, void* wdaRequest);
VOS_STATUS WDA_ProcessEnableDisableCAEventInd(tWDA_CbContext *pWDA, tANI_U8 val);
@@ -15911,70 +15907,6 @@ VOS_STATUS WDA_ProcessSetSpoofMacAddrReq(tWDA_CbContext *pWDA,
return ;
}
-VOS_STATUS WDA_ProcessFwrMemDumpReq(tWDA_CbContext * pWDA,
- tAniFwrDumpReq* pFwrMemDumpReq)
-{
- VOS_STATUS status = VOS_STATUS_SUCCESS;
- WDI_Status wstatus;
- WDI_FwrMemDumpReqType * pWdiFwrMemDumpReq;
- tWDA_ReqParams *pWdaParams ;
-
- VOS_TRACE( VOS_MODULE_ID_WDA, VOS_TRACE_LEVEL_INFO,
- "------> %s " ,__func__);
- /* Sanity Check*/
- if(NULL == pFwrMemDumpReq)
- {
- VOS_TRACE( VOS_MODULE_ID_WDA, VOS_TRACE_LEVEL_ERROR,
- "%s: pFwrMemDumpReq received NULL", __func__);
- VOS_ASSERT(0) ;
- return VOS_STATUS_E_FAULT;
- }
-
- pWdiFwrMemDumpReq = (WDI_FwrMemDumpReqType *)vos_mem_malloc(sizeof(WDI_FwrMemDumpReqType));
- if(NULL == pWdiFwrMemDumpReq)
- {
- VOS_TRACE( VOS_MODULE_ID_WDA, VOS_TRACE_LEVEL_ERROR,
- "%s: pWdiFwrMemDumpReq Alloc Failure", __func__);
- VOS_ASSERT(0);
- return VOS_STATUS_E_NOMEM;
- }
-
- pWdaParams = (tWDA_ReqParams *)vos_mem_malloc(sizeof(tWDA_ReqParams)) ;
- if(NULL == pWdaParams)
- {
- VOS_TRACE( VOS_MODULE_ID_WDA, VOS_TRACE_LEVEL_ERROR,
- "%s: pWdaParams Alloc Failure", __func__);
- VOS_ASSERT(0);
- vos_mem_free(pWdiFwrMemDumpReq);
- return VOS_STATUS_E_NOMEM;
- }
-
- /* Store Params pass it to WDI */
- pWdaParams->wdaWdiApiMsgParam = (void *)pWdiFwrMemDumpReq;
- pWdaParams->pWdaContext = pWDA;
- /* Store param pointer as passed in by caller */
- pWdaParams->wdaMsgParam = pFwrMemDumpReq;
-
- wstatus = WDI_FwrMemDumpReq(pWdiFwrMemDumpReq,
- (WDI_FwrMemDumpCb)WDA_FwrMemDumpRespCallback,
- pWdaParams);
-
- if(IS_WDI_STATUS_FAILURE(wstatus))
- {
- VOS_TRACE( VOS_MODULE_ID_WDA, VOS_TRACE_LEVEL_ERROR,
- FL("Fwr Mem Dump Req failed, free all the memory"));
- status = CONVERT_WDI2VOS_STATUS(wstatus);
- vos_mem_free(pWdaParams->wdaWdiApiMsgParam) ;
- pWdaParams->wdaWdiApiMsgParam = NULL;
- vos_mem_free(pWdaParams->wdaMsgParam);
- pWdaParams->wdaMsgParam = NULL;
- vos_mem_free(pWdaParams);
- }
-
- return status;
-
-}
-
/**
* wda_process_set_allowed_action_frames_ind() - Set allowed action frames to FW
*
@@ -17533,11 +17465,6 @@ VOS_STATUS WDA_McProcessMsg( v_CONTEXT_t pVosContext, vos_msg_t *pMsg )
WDA_ProcessSetPowerParamsReq(pWDA, (tSirSetPowerParamsReq *)pMsg->bodyptr);
break;
}
- case WDA_FW_MEM_DUMP_REQ:
- {
- WDA_ProcessFwrMemDumpReq(pWDA, (tAniFwrDumpReq*)pMsg->bodyptr);
- break;
- }
#ifdef WLAN_FEATURE_GTK_OFFLOAD
case WDA_GTK_OFFLOAD_REQ:
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-04 15:40:31 +0000