Currently in unpack_tlv_core(), nBufRemaining is validated
after calling framesntohs API. Since, framesntohs() copies
pIn address to pOut address with length = 2 bytes as below.
DOT11F_MEMCPY(pCtx, (uint16_t *)pOut, pIn, 2);
which could cause OOB issue if pIn contains less than 2 bytes.
Fix is to validate the nBufRemaining size before calling
framesntohs().
Change-Id: I3ead03ec948282a410ddba5b01f82ca31d3d9199
CRs-Fixed: 3042282
WEP AP advertises HT40 capability unexpected, DUT needs to use 20Mhz
channel bandwidth to connect to AP.
Add override "cbmode" to 20Mhz for dot11mode A/B/G.
Change-Id: Ic73ff7ca721ff2f10327b1d8d500b8d0ef384de1
CRs-Fixed: 3043993
Update operational rates set, extended operational rates set
and MCS based rates set in VDEV MLME legacy priv object on
connect success.
Refine the APIs for fetching these rates.
Change-Id: I7697b3d2e26e2fc565a2e672afe19f255af89d7e
CRs-Fixed: 3044036
Fix few missing attribute in below connectivity events:
QCA_WLAN_VENDOR_DIAG_EVENT_TYPE_EAP_RESPONSE
QCA_WLAN_VENDOR_DIAG_EVENT_TYPE_ROAM_SCORE_CURR_AP
Also send the roam candidate info properly to userspace.
Change-Id: Ia9c4f095316adf8f40294f1e119cad648749bb72
CRs-Fixed: 3037650
Currently, if AP sends ADDTS response for an AC with
medium time as 0 host treats it as ADD TS failure.
For the UAPSD scenario, no need to check Tspec medium
time if ACM is not enabled in AP.
Change-Id: I9a769e7fc2f675c07f91d934014338a6d311c791
CRs-Fixed: 3039433
During wma_pdev_hw_mode_transition_evt_handler()
get the freq range from mac_freq_mapping[] present in
wmi_pdev_hw_mode_transition_event_fixed_param and pass
till policy_mgr_hw_mode_transition_cb() and update
cur_mac_freq_range[MAX_MAC] from it. if no freq range
provided (legacy chipsets) then use
freq_range_caps[MODE_HW_MAX][MAX_MAC] to fill the
range depending on the new HW mode.
Change-Id: I145d48052ce37724b0f697c19a1041f5a908cb54
CRs-Fixed: 3044976
Fill the management frame data and enqueue the filled record to the logging
queue.
Frame sequence number, peer rssi, tx_status, authentiation algo,
authentication frame transaction sequence number will be filled to the
log record.
Change-Id: I069b7816fdc52eeed964d6586c52b58d1a5d5cd4
CRs-Fixed: 3030075
Don't populate the MLO IE in the assoc req in legacy connections.
Don't create the MLO partner peer in legacy connections.
Change-Id: Id34662608a65ba9b85871d328099849c578f1585
CRs-fixed: 3038615
Currently lim_process_probe_req_frame_multiple_bss sends probe
response for all AP sessions. If probe request is received on 2g
and 2 AP sessions are present then probe response will be sent
for both AP's operating frequencies which is not desired and
can cause delay to send probe response on required frequency.
Fix is to check probe request frequency and vdev operating freq
if both frequencies are same then only send probe response.
Change-Id: I8df0b0e78a5f9a586567dbe4b1d496f6cee04ff8
CRs-Fixed: 3042791
STA connection with OWE transition mode SSID fails due to join
failure timeout. Since, it is OWE transition mode, STA needs probe
response for join success.
The scan table entry of the candidate BSSID is sent in the join request.
This entry is used to create session and to send probe request to AP.
In case of OWE transition mode, the beacon carries wildcard SSID.
Therefore, the scan table entry also has wildcard ssid. Also,
during the candidate selection, scm_ignore_ssid_check_for_owe check
allows even entries with wildcard SSIDs to be selected as candiates
for OWE transition mode.
The join request with Wildcard SSID in the scan entry is used by LIM
to create session, as well as to send probe request.Therefore,
the AP doesn't respond to the probe request with wildcard ssid
leading to join failure timeout.
This change adds ssid from connect request to the cm_vdev_join_req,
which can be used by LIM to create session and to send probe request
whenever the SSID in scan entry is wildcard.
Change-Id: I02e19e16f2620b5568fbff82ff29d394ab9ee00d
CRs-Fixed: 3041073
