Home Explore Help
Sign In
samsung-sm8650
/
android_kernel_samsung_sm8650-modules
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

qcacld-3.0: Fix Invalid 6G HE OP IE

1. Zero local variable "he_ops" before intersect with user IE.
2. If csr_check_and_validate_6g_ap fails, use "break" to
free memory in end of function csr_send_join_req_msg.
3. Remove co_located_bss checking for 6GHz AP. co_located_bss
can be valid for 6GHz AP.

Change-Id: I4b521eead6e09db860b5e21c21882f14a1be8576
CRs-Fixed: 2563923
Liangwei Dong 5 years ago
parent
a97115fcf9
commit
9f67bd28c8
2 changed files with 5 additions and 4 deletions
Split View Show Diff Stats
  1. 1 1
      core/mac/src/pe/lim/lim_utils.c
  2. 4 3
      core/sme/src/csr/csr_api_roam.c

+ 1 - 1
core/mac/src/pe/lim/lim_utils.c
View File 

@@ -6774,7 +6774,7 @@ void lim_decide_he_op(struct mac_context *mac_ctx, uint32_t *mlme_he_ops,
 
 	uint32_t val;
 
 	uint8_t color;
 
 	struct he_ops_network_endian *he_ops_from_ie;
 
-	tDot11fIEhe_op he_ops;
 
+	tDot11fIEhe_op he_ops = {0};
 
 	struct add_ie_params *add_ie = &session->add_ie_params;
 
 	uint8_t extracted_buff[DOT11F_IE_HE_OP_MAX_LEN + 2];
 
 	QDF_STATUS status;

+ 4 - 3
core/sme/src/csr/csr_api_roam.c
View File 

@@ -15575,8 +15575,9 @@ static QDF_STATUS csr_check_and_validate_6g_ap(struct mac_context *mac_ctx,
 
 	if (!wlan_reg_is_6ghz_chan_freq(bss->chan_freq))
 
 		return QDF_STATUS_SUCCESS;
 
 
-	if (!he_op->oper_info_6g_present || he_op->co_located_bss) {
 
-		sme_err("Invalid 6GHZ AP BSS description IE");
 
+	if (!he_op->oper_info_6g_present) {
 
+		sme_err("%pM Invalid 6GHZ AP BSS description IE",
 
+			bss->bssId);
 
 		return QDF_STATUS_E_INVAL;
 
 	}
 
 
@@ -15691,7 +15692,7 @@ QDF_STATUS csr_send_join_req_msg(struct mac_context *mac, uint32_t sessionId,
 
 		status = csr_check_and_validate_6g_ap(mac, pBssDescription,
 
 						      csr_join_req, pIes);
 
 		if (!QDF_IS_STATUS_SUCCESS(status))
 
-			return status;
 
+			break;
 
 
 		csr_join_req->messageType = messageType;
 
 		csr_join_req->length = msgLen;