qcacld-3.0: NAN Datapath security changes

This is qcacld-2.0 to qcacld-3.0 propagation.

Implement NAN Datapath security changes. This mainly involves:
1) Getting CSID and PMK parameters from user layers and passing down
   to firmware.
2) Passing CSID and SCID parameter received from firmware to user layers.

Change-Id: I25c85944abf4206f40b73f86996e9425c22df66a
CRs-Fixed: 1095382

core/hdd/src/wlan_hdd_nan_datapath.c

@@ -59,6 +59,11 @@ qca_wlan_vendor_ndp_policy[QCA_WLAN_VENDOR_ATTR_NDP_PARAMS_MAX + 1] = {
 	[QCA_WLAN_VENDOR_ATTR_NDP_INSTANCE_ID_ARRAY] = { .type = NLA_BINARY,
 					.len = NDP_NUM_INSTANCE_ID },
 	[QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_CONFIG] = { .type = NLA_U32 },
+	[QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE] = { .type = NLA_U32 },
+	[QCA_WLAN_VENDOR_ATTR_NDP_PMK] = { .type = NLA_BINARY,
+					.len = NDP_PMK_LEN },
+	[QCA_WLAN_VENDOR_ATTR_NDP_SCID] = { .type = NLA_BINARY,
+					.len = NDP_SCID_BUF_LEN },
 };
 
 /**
@@ -452,6 +457,18 @@ static int hdd_ndi_delete_req_handler(hdd_context_t *hdd_ctx,
  * @hdd_ctx: hdd context
  * @tb: parsed NL attribute list
  *
+ * tb will contain following vendor attributes:
+ * QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR
+ * QCA_WLAN_VENDOR_ATTR_NDP_TRANSACTION_ID
+ * QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL - optional
+ * QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_CONFIG
+ * QCA_WLAN_VENDOR_ATTR_NDP_SERVICE_INSTANCE_ID
+ * QCA_WLAN_VENDOR_ATTR_NDP_PEER_DISCOVERY_MAC_ADDR
+ * QCA_WLAN_VENDOR_ATTR_NDP_APP_INFO - optional
+ * QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_QOS - optional
+ * QCA_WLAN_VENDOR_ATTR_NDP_PMK - optional
+ * QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE - optional
+ *
  * Return:  0 on success or error code on failure
  */
 static int hdd_ndp_initiator_req_handler(hdd_context_t *hdd_ctx,
@@ -509,9 +526,13 @@ static int hdd_ndp_initiator_req_handler(hdd_context_t *hdd_ctx,
 		req.channel =
 			nla_get_u32(tb[QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL]);
 
-	if (tb[QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_CONFIG])
+	if (tb[QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_CONFIG]) {
 		req.channel_cfg =
 		    nla_get_u32(tb[QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_CONFIG]);
+	} else {
+		hdd_err("Channel config is unavailable");
+		return -EINVAL;
+	}
 
 	if (!tb[QCA_WLAN_VENDOR_ATTR_NDP_SERVICE_INSTANCE_ID]) {
 		hdd_err("NDP service instance ID is unavailable");
@@ -546,10 +567,30 @@ static int hdd_ndp_initiator_req_handler(hdd_context_t *hdd_ctx,
 			nla_get_u32(tb[QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_QOS]);
 	}
 
-	hdd_info("vdev_id: %d, transaction_id: %d, channel: %d, service_instance_id: %d, ndp_app_info_len: %d, peer_discovery_mac_addr: %pM",
+	if (tb[QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE] &&
+		!tb[QCA_WLAN_VENDOR_ATTR_NDP_PMK]) {
+		hdd_err("PMK cannot be absent when CSID is present.");
+		return -EINVAL;
+	}
+
+	if (tb[QCA_WLAN_VENDOR_ATTR_NDP_PMK]) {
+		req.pmk.pmk = nla_data(tb[QCA_WLAN_VENDOR_ATTR_NDP_PMK]);
+		req.pmk.pmk_len = nla_len(tb[QCA_WLAN_VENDOR_ATTR_NDP_PMK]);
+		QDF_TRACE_HEX_DUMP(QDF_MODULE_ID_HDD,
+				QDF_TRACE_LEVEL_DEBUG,
+				req.pmk.pmk, req.pmk.pmk_len);
+	}
+
+	if (tb[QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE]) {
+		req.ncs_sk_type =
+			nla_get_u32(tb[QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE]);
+
+	}
+
+	hdd_info("vdev_id: %d, transaction_id: %d, channel: %d, service_instance_id: %d, ndp_app_info_len: %d, csid: %d, peer_discovery_mac_addr: %pM",
 		req.vdev_id, req.transaction_id, req.channel,
 		req.service_instance_id, req.ndp_info.ndp_app_info_len,
-		req.peer_discovery_mac_addr.bytes);
+		req.ncs_sk_type, req.peer_discovery_mac_addr.bytes);
 	status = sme_ndp_initiator_req_handler(hal, &req);
 	if (status != QDF_STATUS_SUCCESS) {
 		hdd_err("sme_ndp_initiator_req_handler failed, status: %d",
@@ -565,6 +606,16 @@ static int hdd_ndp_initiator_req_handler(hdd_context_t *hdd_ctx,
  * @hdd_ctx: hdd context
  * @tb: parsed NL attribute list
  *
+ * tb includes following vendor attributes:
+ * QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR
+ * QCA_WLAN_VENDOR_ATTR_NDP_TRANSACTION_ID
+ * QCA_WLAN_VENDOR_ATTR_NDP_INSTANCE_ID
+ * QCA_WLAN_VENDOR_ATTR_NDP_RESPONSE_CODE
+ * QCA_WLAN_VENDOR_ATTR_NDP_APP_INFO - optional
+ * QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_QOS - optional
+ * QCA_WLAN_VENDOR_ATTR_NDP_PMK - optional
+ * QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE - optional
+ *
  * Return: 0 on success or error code on failure
  */
 static int hdd_ndp_responder_req_handler(hdd_context_t *hdd_ctx,
@@ -656,9 +707,30 @@ static int hdd_ndp_responder_req_handler(hdd_context_t *hdd_ctx,
 		hdd_info("NDP config data is unavailable");
 	}
 
-	hdd_info("vdev_id: %d, transaction_id: %d, ndp_rsp %d, ndp_instance_id: %d, ndp_app_info_len: %d",
+	if (tb[QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE] &&
+		!tb[QCA_WLAN_VENDOR_ATTR_NDP_PMK]) {
+		hdd_err("PMK cannot be absent when CSID is present.");
+		return -EINVAL;
+	}
+
+	if (tb[QCA_WLAN_VENDOR_ATTR_NDP_PMK]) {
+		req.pmk.pmk = nla_data(tb[QCA_WLAN_VENDOR_ATTR_NDP_PMK]);
+		req.pmk.pmk_len = nla_len(tb[QCA_WLAN_VENDOR_ATTR_NDP_PMK]);
+		QDF_TRACE_HEX_DUMP(QDF_MODULE_ID_HDD,
+				QDF_TRACE_LEVEL_DEBUG,
+				req.pmk.pmk, req.pmk.pmk_len);
+	}
+
+	if (tb[QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE]) {
+		req.ncs_sk_type =
+			nla_get_u32(tb[QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE]);
+
+	}
+
+	hdd_info("vdev_id: %d, transaction_id: %d, ndp_rsp %d, ndp_instance_id: %d, ndp_app_info_len: %d, csid: %d",
 		req.vdev_id, req.transaction_id, req.ndp_rsp,
-		req.ndp_instance_id, req.ndp_info.ndp_app_info_len);
+		req.ndp_instance_id, req.ndp_info.ndp_app_info_len,
+		req.ncs_sk_type);
 
 	status = sme_ndp_responder_req_handler(hdd_ctx->hHal, &req);
 	if (status != QDF_STATUS_SUCCESS) {
@@ -1307,6 +1379,8 @@ ndp_confirm_nla_failed:
  * QCA_WLAN_VENDOR_ATTR_NDP_INSTANCE_ID (4 bytes)
  * QCA_WLAN_VENDOR_ATTR_NDP_APP_INFO (ndp_app_info_len size)
  * QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_QOS (4 bytes)
+ * QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE(4 bytes)
+ * QCA_WLAN_VENDOR_ATTR_NDP_SCID(scid_len in size)
  *
  * Return: none
  */
@@ -1360,9 +1434,9 @@ static void hdd_ndp_indication_handler(hdd_adapter_t *adapter,
 		return;
 	}
 
-	data_len = (4 * sizeof(uint32_t)) + (2 * QDF_MAC_ADDR_SIZE) + IFNAMSIZ +
-		event->ndp_info.ndp_app_info_len + (8 * NLA_HDRLEN) +
-		NLMSG_HDRLEN;
+	data_len = (5 * sizeof(uint32_t)) + (2 * QDF_MAC_ADDR_SIZE) + IFNAMSIZ +
+		event->ndp_info.ndp_app_info_len + event->scid.scid_len +
+		(10 * NLA_HDRLEN) + NLMSG_HDRLEN;
 
 	/* notify response to the upper layer */
 	vendor_event = cfg80211_vendor_event_alloc(hdd_ctx->wiphy,
@@ -1416,6 +1490,24 @@ static void hdd_ndp_indication_handler(hdd_adapter_t *adapter,
 			goto ndp_indication_nla_failed;
 	}
 
+	if (event->scid.scid_len) {
+		if (nla_put_u32(vendor_event,
+				QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE,
+				event->ncs_sk_type))
+			goto ndp_indication_nla_failed;
+
+		if (nla_put(vendor_event, QCA_WLAN_VENDOR_ATTR_NDP_SCID,
+				event->scid.scid_len,
+				event->scid.scid))
+			goto ndp_indication_nla_failed;
+
+		hdd_info("csid: %d, scid_len: %d",
+			event->ncs_sk_type, event->scid.scid_len);
+
+		QDF_TRACE_HEX_DUMP(QDF_MODULE_ID_HDD, QDF_TRACE_LEVEL_DEBUG,
+				event->scid.scid, event->scid.scid_len);
+	}
+
 	cfg80211_vendor_event(vendor_event, GFP_KERNEL);
 	EXIT();
 	return;

core/hdd/src/wlan_hdd_nan_datapath.h

@@ -39,6 +39,8 @@ struct wireless_dev;
 
 #define NDP_APP_INFO_LEN 255
 #define NDP_QOS_INFO_LEN 255
+#define NDP_PMK_LEN 32
+#define NDP_SCID_BUF_LEN 256
 #define NDP_NUM_INSTANCE_ID 255
 
 #define NDP_BROADCAST_STAID           (0)
@@ -73,6 +75,9 @@ struct wireless_dev;
  * @QCA_WLAN_VENDOR_ATTR_NDP_DRV_RETURN_TYPE: Driver return status
  * @QCA_WLAN_VENDOR_ATTR_NDP_DRV_RETURN_VALUE: Driver return value
  * @QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_CONFIG: Channel config request type
+ * @QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE: Cipher Suit ID
+ * @QCA_WLAN_VENDOR_ATTR_NDP_PMK: Pairwise Master Key
+ * @QCA_WLAN_VENDOR_ATTR_NDP_SCID: Security Context ID
  */
 enum qca_wlan_vendor_attr_ndp_params {
 	QCA_WLAN_VENDOR_ATTR_NDP_PARAM_INVALID = 0,
@@ -82,6 +87,7 @@ enum qca_wlan_vendor_attr_ndp_params {
 	QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL,
 	QCA_WLAN_VENDOR_ATTR_NDP_PEER_DISCOVERY_MAC_ADDR,
 	QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR,
+	/* CONFIG_SECURITY is deprecated, use NCS_SK_TYPE/PMK/SCID instead */
 	QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_SECURITY,
 	QCA_WLAN_VENDOR_ATTR_NDP_CONFIG_QOS,
 	QCA_WLAN_VENDOR_ATTR_NDP_APP_INFO,
@@ -92,6 +98,9 @@ enum qca_wlan_vendor_attr_ndp_params {
 	QCA_WLAN_VENDOR_ATTR_NDP_DRV_RETURN_TYPE,
 	QCA_WLAN_VENDOR_ATTR_NDP_DRV_RETURN_VALUE,
 	QCA_WLAN_VENDOR_ATTR_NDP_CHANNEL_CONFIG,
+	QCA_WLAN_VENDOR_ATTR_NDP_NCS_SK_TYPE,
+	QCA_WLAN_VENDOR_ATTR_NDP_PMK,
+	QCA_WLAN_VENDOR_ATTR_NDP_SCID,
 
 	QCA_WLAN_VENDOR_ATTR_NDP_PARAMS_AFTER_LAST,
 	QCA_WLAN_VENDOR_ATTR_NDP_PARAMS_MAX =

core/mac/inc/sir_api.h

@@ -6418,6 +6418,28 @@ struct ndp_app_info {
 	uint8_t *ndp_app_info;
 };
 
+/**
+ * struct ndp_scid - structure to hold sceurity context identifier
+ * @scid_len: length of scid
+ * @scid: scid
+ *
+ */
+struct ndp_scid {
+	uint32_t scid_len;
+	uint8_t *scid;
+};
+
+/**
+ * struct ndp_pmk - structure to hold pairwise master key
+ * @pmk_len: length of pairwise master key
+ * @pmk: buffer containing pairwise master key
+ *
+ */
+struct ndp_pmk {
+	uint32_t pmk_len;
+	uint8_t *pmk;
+};
+
 /**
  * struct ndi_create_req - ndi create request params
  * @transaction_id: unique identifier
@@ -6463,6 +6485,8 @@ struct ndi_delete_rsp {
  * @self_ndi_mac_addr: self NDI mac address
  * @ndp_config: ndp configuration params
  * @ndp_info: ndp application info
+ * @ncs_sk_type: indicates NCS_SK_128 or NCS_SK_256
+ * @pmk: pairwise master key
  *
  */
 struct ndp_initiator_req {
@@ -6475,6 +6499,8 @@ struct ndp_initiator_req {
 	struct qdf_mac_addr self_ndi_mac_addr;
 	struct ndp_cfg ndp_config;
 	struct ndp_app_info ndp_info;
+	uint32_t ncs_sk_type;
+	struct ndp_pmk pmk;
 };
 
 /**
@@ -6506,6 +6532,8 @@ struct ndp_initiator_rsp {
  * @ndp_accept_policy: accept policy configured by the upper layer
  * @ndp_config: ndp configuration params
  * @ndp_info: ndp application info
+ * @ncs_sk_type: indicates NCS_SK_128 or NCS_SK_256
+ * @scid: security context identifier
  *
  */
 struct ndp_indication_event {
@@ -6518,6 +6546,8 @@ struct ndp_indication_event {
 	enum ndp_accept_policy policy;
 	struct ndp_cfg ndp_config;
 	struct ndp_app_info ndp_info;
+	uint32_t ncs_sk_type;
+	struct ndp_scid scid;
 };
 
 /**
@@ -6528,6 +6558,8 @@ struct ndp_indication_event {
  * @ndp_rsp: response to the ndp create request
  * @ndp_config: ndp configuration params
  * @ndp_info: ndp application info
+ * @pmk: pairwise master key
+ * @ncs_sk_type: indicates NCS_SK_128 or NCS_SK_256
  *
  */
 struct ndp_responder_req {
@@ -6537,6 +6569,8 @@ struct ndp_responder_req {
 	enum ndp_response_code ndp_rsp;
 	struct ndp_cfg ndp_config;
 	struct ndp_app_info ndp_info;
+	struct ndp_pmk pmk;
+	uint32_t ncs_sk_type;
 };
 
 /**

core/mac/src/pe/nan/nan_datapath.c

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2016 The Linux Foundation. All rights reserved.
+ * Copyright (c) 2016-2017 The Linux Foundation. All rights reserved.
  *
  * Previously licensed under the ISC license by Qualcomm Atheros, Inc.
  *
@@ -131,8 +131,9 @@ static QDF_STATUS lim_handle_ndp_indication_event(tpAniSirGlobal mac_ctx,
 	QDF_STATUS status = QDF_STATUS_SUCCESS;
 
 	lim_log(mac_ctx, LOG1,
-		FL("role: %d, vdev: %d, peer_mac_addr "MAC_ADDRESS_STR),
-		ndp_ind->role, ndp_ind->vdev_id,
+		FL("role: %d, vdev: %d, csid: %d, peer_mac_addr "
+			MAC_ADDRESS_STR),
+		ndp_ind->role, ndp_ind->vdev_id, ndp_ind->ncs_sk_type,
 		MAC_ADDR_ARRAY(ndp_ind->peer_mac_addr.bytes));
 
 	if ((ndp_ind->role == NDP_ROLE_INITIATOR) ||

core/sme/src/nan/nan_datapath_api.c

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2016 The Linux Foundation. All rights reserved.
+ * Copyright (c) 2016-2017 The Linux Foundation. All rights reserved.
  *
  * Previously licensed under the ISC license by Qualcomm Atheros, Inc.
  *
@@ -29,6 +29,46 @@
 #include "csr_internal.h"
 #include "sme_nan_datapath.h"
 
+/**
+ * csr_free_ndp_initiator_req() - free resouces from sme command for ndp
+ * initiator request
+ * @cmd: sme command msg
+ *
+ * Return: None
+ */
+static void csr_free_ndp_initiator_req(tSmeCmd *cmd)
+{
+	qdf_mem_free(cmd->u.initiator_req.ndp_config.ndp_cfg);
+	cmd->u.initiator_req.ndp_config.ndp_cfg = NULL;
+	cmd->u.initiator_req.ndp_config.ndp_cfg_len = 0;
+	qdf_mem_free(cmd->u.initiator_req.ndp_info.ndp_app_info);
+	cmd->u.initiator_req.ndp_info.ndp_app_info = NULL;
+	cmd->u.initiator_req.ndp_info.ndp_app_info_len = 0;
+	qdf_mem_free(cmd->u.initiator_req.pmk.pmk);
+	cmd->u.initiator_req.pmk.pmk = NULL;
+	cmd->u.initiator_req.pmk.pmk_len = 0;
+}
+
+/**
+ * csr_free_ndp_responder_req() - free resouces from sme command for ndp
+ * responder request
+ * @cmd: sme command msg
+ *
+ * Return: None
+ */
+static void csr_free_ndp_responder_req(tSmeCmd *cmd)
+{
+	qdf_mem_free(cmd->u.responder_req.ndp_config.ndp_cfg);
+	cmd->u.responder_req.ndp_config.ndp_cfg = NULL;
+	cmd->u.responder_req.ndp_config.ndp_cfg_len = 0;
+	qdf_mem_free(cmd->u.responder_req.ndp_info.ndp_app_info);
+	cmd->u.responder_req.ndp_info.ndp_app_info = NULL;
+	cmd->u.responder_req.ndp_info.ndp_app_info_len = 0;
+	qdf_mem_free(cmd->u.responder_req.pmk.pmk);
+	cmd->u.responder_req.pmk.pmk = NULL;
+	cmd->u.responder_req.pmk.pmk_len = 0;
+}
+
 /**
  * sme_ndp_initiator_req_handler() - ndp initiator req handler
  * @hal: hal handle
@@ -67,12 +107,13 @@ QDF_STATUS sme_ndp_initiator_req_handler(tHalHandle hal,
 	/* pointers copied as part of above operation are to be overwritten */
 	cmd->u.initiator_req.ndp_info.ndp_app_info = NULL;
 	cmd->u.initiator_req.ndp_config.ndp_cfg = NULL;
+	cmd->u.initiator_req.pmk.pmk = NULL;
 
 	if (req_params->ndp_info.ndp_app_info_len) {
 		cmd->u.initiator_req.ndp_info.ndp_app_info =
 			qdf_mem_malloc(req_params->ndp_info.ndp_app_info_len);
 		if (NULL == cmd->u.initiator_req.ndp_info.ndp_app_info) {
-			csr_release_command_roam(mac_ctx, cmd);
+			csr_release_ndp_initiator_req(mac_ctx, cmd);
 			sme_release_global_lock(&mac_ctx->sme);
 			return QDF_STATUS_E_NOMEM;
 		}
@@ -85,11 +126,8 @@ QDF_STATUS sme_ndp_initiator_req_handler(tHalHandle hal,
 		cmd->u.initiator_req.ndp_config.ndp_cfg =
 			qdf_mem_malloc(req_params->ndp_config.ndp_cfg_len);
 		if (NULL == cmd->u.initiator_req.ndp_config.ndp_cfg) {
-			csr_release_command_roam(mac_ctx, cmd);
+			csr_release_ndp_initiator_req(mac_ctx, cmd);
 			sme_release_global_lock(&mac_ctx->sme);
-			qdf_mem_free(
-				cmd->u.initiator_req.ndp_info.ndp_app_info);
-			cmd->u.initiator_req.ndp_info.ndp_app_info_len = 0;
 			return QDF_STATUS_E_NOMEM;
 		}
 		qdf_mem_copy(cmd->u.initiator_req.ndp_config.ndp_cfg,
@@ -97,6 +135,18 @@ QDF_STATUS sme_ndp_initiator_req_handler(tHalHandle hal,
 			req_params->ndp_config.ndp_cfg_len);
 	}
 
+	if (req_params->pmk.pmk_len) {
+		cmd->u.initiator_req.pmk.pmk =
+			qdf_mem_malloc(req_params->pmk.pmk_len);
+		if (NULL == cmd->u.initiator_req.pmk.pmk) {
+			csr_release_ndp_initiator_req(mac_ctx, cmd);
+			sme_release_global_lock(&mac_ctx->sme);
+			return QDF_STATUS_E_NOMEM;
+		}
+		qdf_mem_copy(cmd->u.initiator_req.pmk.pmk,
+			     req_params->pmk.pmk, req_params->pmk.pmk_len);
+	}
+
 	status = csr_queue_sme_command(mac_ctx, cmd, true);
 	if (QDF_STATUS_SUCCESS != status) {
 		sms_log(mac_ctx, LOGE, FL("SME enqueue failed, status:%d"),
@@ -149,11 +199,13 @@ QDF_STATUS sme_ndp_responder_req_handler(tHalHandle hal,
 	 */
 	cmd->u.responder_req.ndp_info.ndp_app_info = NULL;
 	cmd->u.responder_req.ndp_config.ndp_cfg = NULL;
+	cmd->u.responder_req.pmk.pmk = NULL;
 
 	if (req_params->ndp_info.ndp_app_info_len) {
 		cmd->u.responder_req.ndp_info.ndp_app_info =
 			qdf_mem_malloc(req_params->ndp_info.ndp_app_info_len);
 		if (NULL == cmd->u.responder_req.ndp_info.ndp_app_info) {
+			csr_release_ndp_responder_req(mac_ctx, cmd);
 			sme_release_global_lock(&mac_ctx->sme);
 			return QDF_STATUS_E_NOMEM;
 		}
@@ -166,10 +218,8 @@ QDF_STATUS sme_ndp_responder_req_handler(tHalHandle hal,
 		cmd->u.responder_req.ndp_config.ndp_cfg =
 			qdf_mem_malloc(req_params->ndp_config.ndp_cfg_len);
 		if (NULL == cmd->u.responder_req.ndp_config.ndp_cfg) {
+			csr_release_ndp_responder_req(mac_ctx, cmd);
 			sme_release_global_lock(&mac_ctx->sme);
-			qdf_mem_free(
-				cmd->u.responder_req.ndp_info.ndp_app_info);
-			cmd->u.responder_req.ndp_info.ndp_app_info_len = 0;
 			return QDF_STATUS_E_NOMEM;
 		}
 		qdf_mem_copy(cmd->u.responder_req.ndp_config.ndp_cfg,
@@ -177,12 +227,25 @@ QDF_STATUS sme_ndp_responder_req_handler(tHalHandle hal,
 			req_params->ndp_config.ndp_cfg_len);
 	}
 
+	if (req_params->pmk.pmk_len) {
+		cmd->u.responder_req.pmk.pmk =
+			qdf_mem_malloc(req_params->pmk.pmk_len);
+		if (NULL == cmd->u.responder_req.pmk.pmk) {
+			csr_release_ndp_responder_req(mac_ctx, cmd);
+			sme_release_global_lock(&mac_ctx->sme);
+			return QDF_STATUS_E_NOMEM;
+		}
+		qdf_mem_copy(cmd->u.responder_req.pmk.pmk,
+			     req_params->pmk.pmk, req_params->pmk.pmk_len);
+	}
+
 	status = csr_queue_sme_command(mac_ctx, cmd, true);
 	if (QDF_STATUS_SUCCESS != status) {
 		sms_log(mac_ctx, LOGE,
 			FL("SME enqueue failed, status:%d"), status);
 		csr_release_ndp_responder_req(mac_ctx, cmd);
 	}
+
 	sme_release_global_lock(&mac_ctx->sme);
 	return status;
 }
@@ -410,14 +473,17 @@ QDF_STATUS csr_process_ndp_initiator_request(tpAniSirGlobal mac_ctx,
 
 	if (NULL == cmd) {
 		sms_log(mac_ctx, LOGE, FL("Invalid req_params"));
-		return QDF_STATUS_E_INVAL;
+		status = QDF_STATUS_E_INVAL;
+		goto sme_initiator_req_failed;
 	}
 	req = &cmd->u.initiator_req;
 
 	msg_len = sizeof(*lim_msg);
 	lim_msg = qdf_mem_malloc(msg_len);
-	if (NULL == lim_msg)
-		return QDF_STATUS_E_NOMEM;
+	if (NULL == lim_msg) {
+		status = QDF_STATUS_E_NOMEM;
+		goto sme_initiator_req_failed;
+	}
 
 	lim_msg->msg_type = eWNI_SME_NDP_INITIATOR_REQ;
 	lim_msg->msg_len = msg_len;
@@ -434,18 +500,13 @@ QDF_STATUS csr_process_ndp_initiator_request(tpAniSirGlobal mac_ctx,
 		MAC_ADDR_ARRAY(self_mac_addr));
 
 	status = cds_send_mb_message_to_mac(lim_msg);
-	if (status != QDF_STATUS_SUCCESS) {
-		/*
-		 * If fail, free up the ndp_cfg and ndp_app_info
-		 * allocated in sme.
-		 */
-		qdf_mem_free(cmd->u.initiator_req.ndp_info.ndp_app_info);
-		qdf_mem_free(cmd->u.initiator_req.ndp_config.ndp_cfg);
-		cmd->u.initiator_req.ndp_info.ndp_app_info_len = 0;
-		cmd->u.initiator_req.ndp_config.ndp_cfg_len = 0;
-		cmd->u.initiator_req.ndp_config.ndp_cfg = NULL;
-		cmd->u.initiator_req.ndp_info.ndp_app_info = NULL;
-	}
+	if (status != QDF_STATUS_SUCCESS)
+		csr_free_ndp_initiator_req(cmd);
+
+sme_initiator_req_failed:
+	/* If fail, free up resources allocated in sme. */
+	if (status != QDF_STATUS_SUCCESS)
+		csr_free_ndp_initiator_req(cmd);
 	return status;
 }
 
@@ -480,9 +541,9 @@ QDF_STATUS csr_process_ndp_responder_request(tpAniSirGlobal mac_ctx,
 	lim_msg->msg_type = eWNI_SME_NDP_RESPONDER_REQ;
 	lim_msg->msg_len = msg_len;
 	/*
-	 * following is being copied from p_cmd->u.initiator_req,
+	 * following is being copied from p_cmd->u.responder_req,
 	 * no need to perform deep copy, as we are going to use memory
-	 * allocated at SME in p_cmd->u.initiator_req and pass it all the way
+	 * allocated at SME in p_cmd->u.responder_req and pass it all the way
 	 * to WMA.
 	 */
 	qdf_mem_copy(&lim_msg->req, &cmd->u.responder_req,
@@ -497,18 +558,9 @@ QDF_STATUS csr_process_ndp_responder_request(tpAniSirGlobal mac_ctx,
 	status = cds_send_mb_message_to_mac(lim_msg);
 
 free_config:
-	if (status != QDF_STATUS_SUCCESS) {
-		/*
-		 * If fail, free up the ndp_cfg and ndp_app_info
-		 * allocated in sme.
-		 */
-		qdf_mem_free(cmd->u.responder_req.ndp_info.ndp_app_info);
-		qdf_mem_free(cmd->u.responder_req.ndp_config.ndp_cfg);
-		cmd->u.responder_req.ndp_info.ndp_app_info_len = 0;
-		cmd->u.responder_req.ndp_config.ndp_cfg_len = 0;
-		cmd->u.responder_req.ndp_config.ndp_cfg = NULL;
-		cmd->u.responder_req.ndp_info.ndp_app_info = NULL;
-	}
+	/* If fail, free up the ndp_cfg and ndp_app_info allocated in sme. */
+	if (status != QDF_STATUS_SUCCESS)
+		csr_free_ndp_responder_req(cmd);
 	return status;
 }
 
@@ -701,11 +753,11 @@ void sme_ndp_msg_processor(tpAniSirGlobal mac_ctx, cds_msg_t *msg)
 		}
 		break;
 	case eWNI_SME_NDP_INDICATION:
+		qdf_mem_free(roam_info.ndp.ndp_indication_params.scid.scid);
 		qdf_mem_free(
-			roam_info.ndp.ndp_indication_params.ndp_config.ndp_cfg);
+		    roam_info.ndp.ndp_indication_params.ndp_config.ndp_cfg);
 		qdf_mem_free(
-			roam_info.ndp.ndp_indication_params.
-				ndp_info.ndp_app_info);
+		    roam_info.ndp.ndp_indication_params.ndp_info.ndp_app_info);
 		break;
 	case eWNI_SME_NDP_END_RSP:
 		if (cmd &&
@@ -733,6 +785,7 @@ void sme_ndp_msg_processor(tpAniSirGlobal mac_ctx, cds_msg_t *msg)
 
 /**
  * csr_release_ndp_initiator_req() - free resouces from sme command for ndp
+ * and release the cmd
  * initiator request
  * @mac_ctx: Global MAC context
  * @cmd: sme command msg
@@ -741,19 +794,13 @@ void sme_ndp_msg_processor(tpAniSirGlobal mac_ctx, cds_msg_t *msg)
  */
 void csr_release_ndp_initiator_req(tpAniSirGlobal mac_ctx, tSmeCmd *cmd)
 {
-	qdf_mem_free(cmd->u.initiator_req.ndp_config.ndp_cfg);
-	cmd->u.initiator_req.ndp_config.ndp_cfg = NULL;
-	cmd->u.initiator_req.ndp_config.ndp_cfg_len = 0;
-	qdf_mem_free(cmd->u.initiator_req.ndp_info.ndp_app_info);
-	cmd->u.initiator_req.ndp_info.ndp_app_info = NULL;
-	cmd->u.initiator_req.ndp_info.ndp_app_info_len = 0;
+	csr_free_ndp_initiator_req(cmd);
 	sme_release_command(mac_ctx, cmd);
 }
 
-
 /**
  * csr_release_ndp_responder_req() - free resouces from sme command for ndp
- * responder request
+ * responder request and release the command
  * @mac_ctx: Global MAC context
  * @cmd: sme command msg
  *
@@ -761,16 +808,10 @@ void csr_release_ndp_initiator_req(tpAniSirGlobal mac_ctx, tSmeCmd *cmd)
  */
 void csr_release_ndp_responder_req(tpAniSirGlobal mac_ctx, tSmeCmd *cmd)
 {
-	qdf_mem_free(cmd->u.responder_req.ndp_config.ndp_cfg);
-	cmd->u.responder_req.ndp_config.ndp_cfg = NULL;
-	cmd->u.responder_req.ndp_config.ndp_cfg_len = 0;
-	qdf_mem_free(cmd->u.responder_req.ndp_info.ndp_app_info);
-	cmd->u.responder_req.ndp_info.ndp_app_info = NULL;
-	cmd->u.responder_req.ndp_info.ndp_app_info_len = 0;
+	csr_free_ndp_responder_req(cmd);
 	sme_release_command(mac_ctx, cmd);
 }
 
-
 /**
  * csr_release_ndp_data_end_req() - free resouces from sme command for ndp
  * data end request

core/wma/src/wma_nan_datapath.c

@@ -47,15 +47,15 @@ QDF_STATUS wma_handle_ndp_initiator_req(tp_wma_handle wma_handle, void *req)
 	QDF_STATUS status;
 	int ret;
 	uint16_t len;
-	uint32_t vdev_id, ndp_cfg_len, ndp_app_info_len;
+	uint32_t vdev_id, ndp_cfg_len, ndp_app_info_len, pmk_len;
 	struct ndp_initiator_rsp ndp_rsp = {0};
-	uint8_t *cfg_info, *app_info;
 	void *vdev;
 	wmi_buf_t buf;
 	wmi_ndp_initiator_req_fixed_param *cmd;
 	cds_msg_t pe_msg = {0};
 	struct ndp_initiator_req *ndp_req = req;
 	wmi_channel *ch_tlv;
+	uint8_t *tlv_ptr;
 
 	if (NULL == ndp_req) {
 		WMA_LOGE(FL("Invalid ndp_req."));
@@ -79,9 +79,11 @@ QDF_STATUS wma_handle_ndp_initiator_req(tp_wma_handle wma_handle, void *req)
 	 */
 	ndp_cfg_len = qdf_roundup(ndp_req->ndp_config.ndp_cfg_len, 4);
 	ndp_app_info_len = qdf_roundup(ndp_req->ndp_info.ndp_app_info_len, 4);
+	pmk_len = qdf_roundup(ndp_req->pmk.pmk_len, 4);
 	/* allocated memory for fixed params as well as variable size data */
-	len = sizeof(*cmd) + ndp_cfg_len + ndp_app_info_len +
-		(2 * WMI_TLV_HDR_SIZE) + sizeof(*ch_tlv);
+	len = sizeof(*cmd) + sizeof(*ch_tlv) + (3 * WMI_TLV_HDR_SIZE)
+		+ ndp_cfg_len + ndp_app_info_len + pmk_len;
+
 	buf = wmi_buf_alloc(wma_handle->wmi_handle, len);
 	if (!buf) {
 		WMA_LOGE(FL("wmi_buf_alloc failed"));
@@ -101,6 +103,8 @@ QDF_STATUS wma_handle_ndp_initiator_req(tp_wma_handle wma_handle, void *req)
 	cmd->ndp_cfg_len = ndp_req->ndp_config.ndp_cfg_len;
 	cmd->ndp_app_info_len = ndp_req->ndp_info.ndp_app_info_len;
 	cmd->ndp_channel_cfg = ndp_req->channel_cfg;
+	cmd->nan_pmk_len = ndp_req->pmk.pmk_len;
+	cmd->nan_csid = ndp_req->ncs_sk_type;
 
 	ch_tlv = (wmi_channel *)&cmd[1];
 	WMITLV_SET_HDR(ch_tlv, WMITLV_TAG_STRUC_wmi_channel,
@@ -108,21 +112,26 @@ QDF_STATUS wma_handle_ndp_initiator_req(tp_wma_handle wma_handle, void *req)
 	ch_tlv->mhz = ndp_req->channel;
 	ch_tlv->band_center_freq1 =
 		cds_chan_to_freq(cds_freq_to_chan(ndp_req->channel));
+	tlv_ptr = (uint8_t *)&ch_tlv[1];
+
+	WMITLV_SET_HDR(tlv_ptr, WMITLV_TAG_ARRAY_BYTE, ndp_cfg_len);
+	qdf_mem_copy(&tlv_ptr[WMI_TLV_HDR_SIZE],
+		     ndp_req->ndp_config.ndp_cfg, cmd->ndp_cfg_len);
+	tlv_ptr = tlv_ptr + WMI_TLV_HDR_SIZE + ndp_cfg_len;
 
-	cfg_info = (uint8_t *)&ch_tlv[1];
-	WMITLV_SET_HDR(cfg_info, WMITLV_TAG_ARRAY_BYTE, ndp_cfg_len);
-	qdf_mem_copy(&cfg_info[WMI_TLV_HDR_SIZE], ndp_req->ndp_config.ndp_cfg,
-		     cmd->ndp_cfg_len);
+	WMITLV_SET_HDR(tlv_ptr, WMITLV_TAG_ARRAY_BYTE, ndp_app_info_len);
+	qdf_mem_copy(&tlv_ptr[WMI_TLV_HDR_SIZE],
+		     ndp_req->ndp_info.ndp_app_info, cmd->ndp_app_info_len);
+	tlv_ptr = tlv_ptr + WMI_TLV_HDR_SIZE + ndp_app_info_len;
 
-	app_info = &cfg_info[WMI_TLV_HDR_SIZE + ndp_cfg_len];
-	WMITLV_SET_HDR(app_info, WMITLV_TAG_ARRAY_BYTE, ndp_app_info_len);
-	qdf_mem_copy(&app_info[WMI_TLV_HDR_SIZE],
-		     ndp_req->ndp_info.ndp_app_info,
-		     cmd->ndp_app_info_len);
+	WMITLV_SET_HDR(tlv_ptr, WMITLV_TAG_ARRAY_BYTE, pmk_len);
+	qdf_mem_copy(&tlv_ptr[WMI_TLV_HDR_SIZE], ndp_req->pmk.pmk,
+		     cmd->nan_pmk_len);
+	tlv_ptr = tlv_ptr + WMI_TLV_HDR_SIZE + pmk_len;
 
-	WMA_LOGE(FL("vdev_id = %d, transaction_id: %d, service_instance_id, %d channel: %d"),
+	WMA_LOGE(FL("vdev_id = %d, transaction_id: %d, service_instance_id: %d, ch: %d, ch_cfg: %d, csid: %d"),
 		cmd->vdev_id, cmd->transaction_id, cmd->service_instance_id,
-		ch_tlv->mhz);
+		ch_tlv->mhz, cmd->ndp_channel_cfg, cmd->nan_csid);
 	WMA_LOGE(FL("peer mac addr: mac_addr31to0: 0x%x, mac_addr47to32: 0x%x"),
 		cmd->peer_discovery_mac_addr.mac_addr31to0,
 		cmd->peer_discovery_mac_addr.mac_addr47to32);
@@ -137,8 +146,12 @@ QDF_STATUS wma_handle_ndp_initiator_req(tp_wma_handle wma_handle, void *req)
 			   ndp_req->ndp_info.ndp_app_info,
 			   ndp_req->ndp_info.ndp_app_info_len);
 
+	WMA_LOGE(FL("pmk len: %d"), cmd->nan_pmk_len);
+	QDF_TRACE_HEX_DUMP(QDF_MODULE_ID_WMA, QDF_TRACE_LEVEL_DEBUG,
+			   ndp_req->pmk.pmk, cmd->nan_pmk_len);
 	WMA_LOGE(FL("sending WMI_NDP_INITIATOR_REQ_CMDID(0x%X)"),
 		WMI_NDP_INITIATOR_REQ_CMDID);
+
 	ret = wmi_unified_cmd_send(wma_handle->wmi_handle, buf, len,
 				   WMI_NDP_INITIATOR_REQ_CMDID);
 	if (ret < 0) {
@@ -180,8 +193,8 @@ QDF_STATUS wma_handle_ndp_responder_req(tp_wma_handle wma_handle,
 {
 	wmi_buf_t buf;
 	void *vdev;
-	uint32_t vdev_id = 0, ndp_cfg_len, ndp_app_info_len;
-	uint8_t *cfg_info, *app_info;
+	uint32_t vdev_id = 0, ndp_cfg_len, ndp_app_info_len, pmk_len;
+	uint8_t *tlv_ptr;
 	int ret;
 	wmi_ndp_responder_req_fixed_param *cmd;
 	uint16_t len;
@@ -215,11 +228,12 @@ QDF_STATUS wma_handle_ndp_responder_req(tp_wma_handle wma_handle,
 	 * round up ndp_cfg_len and ndp_app_info_len to 4 bytes
 	 */
 	ndp_cfg_len = qdf_roundup(req_params->ndp_config.ndp_cfg_len, 4);
-	ndp_app_info_len =
-		qdf_roundup(req_params->ndp_info.ndp_app_info_len, 4);
+	ndp_app_info_len = qdf_roundup(req_params->ndp_info.ndp_app_info_len, 4);
+	pmk_len = qdf_roundup(req_params->pmk.pmk_len, 4);
 	/* allocated memory for fixed params as well as variable size data */
-	len = sizeof(*cmd) + ndp_cfg_len + ndp_app_info_len +
-		(2 * WMI_TLV_HDR_SIZE);
+	len = sizeof(*cmd) + 3*WMI_TLV_HDR_SIZE + ndp_cfg_len + ndp_app_info_len
+		+ pmk_len;
+
 	buf = wmi_buf_alloc(wma_handle->wmi_handle, len);
 	if (!buf) {
 		WMA_LOGE(FL("wmi_buf_alloc failed"));
@@ -237,19 +251,29 @@ QDF_STATUS wma_handle_ndp_responder_req(tp_wma_handle wma_handle,
 
 	cmd->ndp_cfg_len = req_params->ndp_config.ndp_cfg_len;
 	cmd->ndp_app_info_len = req_params->ndp_info.ndp_app_info_len;
+	cmd->nan_pmk_len = req_params->pmk.pmk_len;
+	cmd->nan_csid = req_params->ncs_sk_type;
+
+	tlv_ptr = (uint8_t *)&cmd[1];
 
-	cfg_info = (uint8_t *)&cmd[1];
-	/* WMI command expects 4 byte alligned len */
-	WMITLV_SET_HDR(cfg_info, WMITLV_TAG_ARRAY_BYTE, ndp_cfg_len);
-	qdf_mem_copy(&cfg_info[WMI_TLV_HDR_SIZE],
-		     req_params->ndp_config.ndp_cfg, cmd->ndp_cfg_len);
+	WMITLV_SET_HDR(tlv_ptr, WMITLV_TAG_ARRAY_BYTE, ndp_cfg_len);
+	qdf_mem_copy(&tlv_ptr[WMI_TLV_HDR_SIZE],
+		req_params->ndp_config.ndp_cfg, cmd->ndp_cfg_len);
+	tlv_ptr = tlv_ptr + WMI_TLV_HDR_SIZE + ndp_cfg_len;
 
-	app_info = &cfg_info[WMI_TLV_HDR_SIZE + ndp_cfg_len];
-	/* WMI command expects 4 byte alligned len */
-	WMITLV_SET_HDR(app_info, WMITLV_TAG_ARRAY_BYTE, ndp_app_info_len);
-	qdf_mem_copy(&app_info[WMI_TLV_HDR_SIZE],
+	WMITLV_SET_HDR(tlv_ptr, WMITLV_TAG_ARRAY_BYTE, ndp_app_info_len);
+	qdf_mem_copy(&tlv_ptr[WMI_TLV_HDR_SIZE],
 		     req_params->ndp_info.ndp_app_info,
 		     req_params->ndp_info.ndp_app_info_len);
+	tlv_ptr = tlv_ptr + WMI_TLV_HDR_SIZE + ndp_app_info_len;
+
+	WMITLV_SET_HDR(tlv_ptr, WMITLV_TAG_ARRAY_BYTE, pmk_len);
+	qdf_mem_copy(&tlv_ptr[WMI_TLV_HDR_SIZE], req_params->pmk.pmk,
+		     cmd->nan_pmk_len);
+	tlv_ptr = tlv_ptr + WMI_TLV_HDR_SIZE + pmk_len;
+
+	WMA_LOGE(FL("vdev_id = %d, transaction_id: %d, csid: %d"),
+		cmd->vdev_id, cmd->transaction_id, cmd->nan_csid);
 
 	WMA_LOGD(FL("ndp_config len: %d"),
 		req_params->ndp_config.ndp_cfg_len);
@@ -263,6 +287,12 @@ QDF_STATUS wma_handle_ndp_responder_req(tp_wma_handle wma_handle,
 			req_params->ndp_info.ndp_app_info,
 			req_params->ndp_info.ndp_app_info_len);
 
+	WMA_LOGE(FL("pmk len: %d"), cmd->nan_pmk_len);
+	QDF_TRACE_HEX_DUMP(QDF_MODULE_ID_WMA, QDF_TRACE_LEVEL_DEBUG,
+			   req_params->pmk.pmk, cmd->nan_pmk_len);
+
+	WMA_LOGE(FL("sending WMI_NDP_RESPONDER_REQ_CMDID(0x%X)"),
+		WMI_NDP_RESPONDER_REQ_CMDID);
 	ret = wmi_unified_cmd_send(wma_handle->wmi_handle, buf, len,
 				   WMI_NDP_RESPONDER_REQ_CMDID);
 	if (ret < 0) {
@@ -398,11 +428,14 @@ static int wma_ndp_indication_event_handler(void *handle, uint8_t *event_info,
 	WMI_MAC_ADDR_TO_CHAR_ARRAY(&fixed_params->peer_discovery_mac_addr,
 				ind_event.peer_discovery_mac_addr.bytes);
 
-	WMA_LOGD(FL("WMI_NDP_INDICATION_EVENTID(0x%X) received. vdev %d, service_instance %d, ndp_instance %d, role %d, policy %d, peer_mac_addr: %pM, peer_disc_mac_addr: %pM"),
+	WMA_LOGD(FL("WMI_NDP_INDICATION_EVENTID(0x%X) received. vdev %d, \n"
+		"service_instance %d, ndp_instance %d, role %d, policy %d, \n"
+		"csid: %d, scid_len: %d, peer_mac_addr: %pM, peer_disc_mac_addr: %pM"),
 		 WMI_NDP_INDICATION_EVENTID, fixed_params->vdev_id,
 		 fixed_params->service_instance_id,
 		 fixed_params->ndp_instance_id, fixed_params->self_ndp_role,
 		 fixed_params->accept_policy,
+		 fixed_params->nan_csid, fixed_params->nan_scid_len,
 		 ind_event.peer_mac_addr.bytes,
 		 ind_event.peer_discovery_mac_addr.bytes);
 
@@ -416,6 +449,8 @@ static int wma_ndp_indication_event_handler(void *handle, uint8_t *event_info,
 
 	ind_event.ndp_config.ndp_cfg_len = fixed_params->ndp_cfg_len;
 	ind_event.ndp_info.ndp_app_info_len = fixed_params->ndp_app_info_len;
+	ind_event.ncs_sk_type = fixed_params->nan_csid;
+	ind_event.scid.scid_len = fixed_params->nan_scid_len;
 
 	if (ind_event.ndp_config.ndp_cfg_len) {
 		ind_event.ndp_config.ndp_cfg =
@@ -441,6 +476,22 @@ static int wma_ndp_indication_event_handler(void *handle, uint8_t *event_info,
 			     ind_event.ndp_info.ndp_app_info_len);
 	}
 
+	if (ind_event.scid.scid_len) {
+		ind_event.scid.scid =
+			qdf_mem_malloc(ind_event.scid.scid_len);
+		if (NULL == ind_event.scid.scid) {
+			WMA_LOGE(FL("malloc failed"));
+			qdf_mem_free(ind_event.ndp_config.ndp_cfg);
+			qdf_mem_free(ind_event.ndp_info.ndp_app_info);
+			return QDF_STATUS_E_NOMEM;
+		}
+		qdf_mem_copy(ind_event.scid.scid,
+			     event->ndp_scid, ind_event.scid.scid_len);
+		WMA_LOGD(FL("scid hex dump:"));
+		QDF_TRACE_HEX_DUMP(QDF_MODULE_ID_WMA, QDF_TRACE_LEVEL_DEBUG,
+			ind_event.scid.scid, ind_event.scid.scid_len);
+	}
+
 	pe_msg.type = SIR_HAL_NDP_INDICATION;
 	pe_msg.bodyptr = &ind_event;
 	return wma_handle->pe_ndp_event_handler(wma_handle->mac_context,