prima: WLAN Driver Release 3.2.0.10
diff --git a/CORE/MAC/src/pe/lim/limProcessProbeRspFrame.c b/CORE/MAC/src/pe/lim/limProcessProbeRspFrame.c
index 3d63939..fdd976a 100644
--- a/CORE/MAC/src/pe/lim/limProcessProbeRspFrame.c
+++ b/CORE/MAC/src/pe/lim/limProcessProbeRspFrame.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012, Code Aurora Forum. All rights reserved.
+ * Copyright (c) 2012, The Linux Foundation. All rights reserved.
*
* Previously licensed under the ISC license by Qualcomm Atheros, Inc.
*
@@ -85,16 +85,23 @@
tANI_U32 frameLen = 0;
tSirMacAddr currentBssId;
tpSirMacMgmtHdr pHdr;
- tSirProbeRespBeacon probeRsp;
+ tSirProbeRespBeacon *pProbeRsp;
tANI_U8 qosEnabled = false;
tANI_U8 wmeEnabled = false;
- probeRsp.ssId.length = 0;
- probeRsp.wpa.length = 0;
- probeRsp.propIEinfo.apName.length = 0;
+ if(eHAL_STATUS_SUCCESS != palAllocateMemory(pMac->hHdd,
+ (void **)&pProbeRsp, sizeof(tSirProbeRespBeacon)))
+ {
+ limLog(pMac, LOGE, FL("Unable to PAL allocate memory in limProcessProbeRspFrame\n") );
+ return;
+ }
+
+ pProbeRsp->ssId.length = 0;
+ pProbeRsp->wpa.length = 0;
+ pProbeRsp->propIEinfo.apName.length = 0;
#if (WNI_POLARIS_FW_PACKAGE == ADVANCED)
- probeRsp.propIEinfo.aniIndicator = 0;
- probeRsp.propIEinfo.wdsLength = 0;
+ pProbeRsp->propIEinfo.aniIndicator = 0;
+ pProbeRsp->propIEinfo.wdsLength = 0;
#endif
@@ -107,7 +114,10 @@
limPrintMacAddr(pMac, pHdr->sa, LOG2);)
if (limDeactivateMinChannelTimerDuringScan(pMac) != eSIR_SUCCESS)
- return;
+ {
+ palFreeMemory(pMac->hHdd, pProbeRsp);
+ return;
+ }
/**
@@ -140,18 +150,19 @@
// Get pointer to Probe Response frame body
pBody = WDA_GET_RX_MPDU_DATA(pRxPacketInfo);
- if (sirConvertProbeFrame2Struct(pMac, pBody, frameLen, &probeRsp)
+ if (sirConvertProbeFrame2Struct(pMac, pBody, frameLen, pProbeRsp)
==eSIR_FAILURE)
{
PELOG1(limLog(pMac, LOG1,
FL("PArse error ProbeResponse, length=%d\n"),
frameLen);)
+ palFreeMemory(pMac->hHdd, pProbeRsp);
return;
}
//To Support BT-AMP
if ((pMac->lim.gLimMlmState == eLIM_MLM_WT_PROBE_RESP_STATE) || //mlm state check should be global - 18th oct
(pMac->lim.gLimMlmState == eLIM_MLM_PASSIVE_SCAN_STATE))
- limCheckAndAddBssDescription(pMac, &probeRsp, pRxPacketInfo,
+ limCheckAndAddBssDescription(pMac, pProbeRsp, pRxPacketInfo,
((pMac->lim.gLimHalScanState == eLIM_HAL_SCANNING_STATE) ? eANI_BOOLEAN_TRUE : eANI_BOOLEAN_FALSE), eANI_BOOLEAN_TRUE);
else if (pMac->lim.gLimMlmState == eLIM_MLM_LEARN_STATE) //mlm state check should be global - 18th oct
{
@@ -161,11 +172,11 @@
* uncommented. Also when we tested enabling this, there is a crash as soon as the station
* comes up which needs to be fixed*/
//if (pMac->lim.gLimSystemRole == eLIM_STA_ROLE)
- // limCheckAndAddBssDescription(pMac, &probeRsp, pRxPacketInfo, eANI_BOOLEAN_TRUE);
- limCollectMeasurementData(pMac, pRxPacketInfo, &probeRsp);
+ // limCheckAndAddBssDescription(pMac, pProbeRsp, pRxPacketInfo, eANI_BOOLEAN_TRUE);
+ limCollectMeasurementData(pMac, pRxPacketInfo, pProbeRsp);
PELOG3(limLog(pMac, LOG3,
FL("Parsed WDS info in ProbeRsp frames: wdsLength=%d\n"),
- probeRsp.propIEinfo.wdsLength);)
+ pProbeRsp->propIEinfo.wdsLength);)
#endif
}
else if (psessionEntry->limMlmState ==
@@ -193,7 +204,7 @@
}
// STA in WT_JOIN_BEACON_STATE
- limCheckAndAnnounceJoinSuccess(pMac, &probeRsp, pHdr,psessionEntry);
+ limCheckAndAnnounceJoinSuccess(pMac, pProbeRsp, pHdr, psessionEntry);
}
else if(psessionEntry->limMlmState == eLIM_MLM_LINK_ESTABLISHED_STATE)
{
@@ -216,26 +227,29 @@
sirCopyMacAddr(currentBssId,psessionEntry->bssId);
if ( !palEqualMemory( pMac->hHdd,currentBssId, pHdr->bssId, sizeof(tSirMacAddr)) )
+ {
+ palFreeMemory(pMac->hHdd, pProbeRsp);
return;
+ }
if (!LIM_IS_CONNECTION_ACTIVE(psessionEntry))
{
limLog(pMac, LOGW,
FL("Received Probe Resp from AP. So it is alive!!\n"));
- if (probeRsp.HTInfo.present)
- limReceivedHBHandler(pMac, (tANI_U8)probeRsp.HTInfo.primaryChannel, psessionEntry);
+ if (pProbeRsp->HTInfo.present)
+ limReceivedHBHandler(pMac, (tANI_U8)pProbeRsp->HTInfo.primaryChannel, psessionEntry);
else
- limReceivedHBHandler(pMac, (tANI_U8)probeRsp.channelNumber, psessionEntry);
+ limReceivedHBHandler(pMac, (tANI_U8)pProbeRsp->channelNumber, psessionEntry);
}
#if defined ANI_PRODUCT_TYPE_CLIENT || defined (ANI_AP_CLIENT_SDK)
if (psessionEntry->limSystemRole == eLIM_STA_ROLE)
{
- if (probeRsp.quietIEPresent)
+ if (pProbeRsp->quietIEPresent)
{
- limUpdateQuietIEFromBeacon(pMac, &(probeRsp.quietIE), psessionEntry);
+ limUpdateQuietIEFromBeacon(pMac, &(pProbeRsp->quietIE), psessionEntry);
}
else if ((psessionEntry->gLimSpecMgmt.quietState == eLIM_QUIET_BEGIN) ||
(psessionEntry->gLimSpecMgmt.quietState == eLIM_QUIET_RUNNING))
@@ -244,10 +258,10 @@
limCancelDot11hQuiet(pMac, psessionEntry);
}
- if (probeRsp.channelSwitchPresent ||
- probeRsp.propIEinfo.propChannelSwitchPresent)
+ if (pProbeRsp->channelSwitchPresent ||
+ pProbeRsp->propIEinfo.propChannelSwitchPresent)
{
- limUpdateChannelSwitch(pMac, &probeRsp, psessionEntry);
+ limUpdateChannelSwitch(pMac, pProbeRsp, psessionEntry);
}
else if (psessionEntry->gLimSpecMgmt.dot11hChanSwState == eLIM_11H_CHANSW_RUNNING)
{
@@ -271,13 +285,13 @@
limGetWmeMode(psessionEntry, &wmeEnabled);
PELOG2(limLog(pMac, LOG2,
FL("wmeEdcaPresent: %d wmeEnabled: %d, edcaPresent: %d, qosEnabled: %d, edcaParams.qosInfo.count: %d schObject.gLimEdcaParamSetCount: %d\n"),
- probeRsp.wmeEdcaPresent, wmeEnabled, probeRsp.edcaPresent, qosEnabled,
- probeRsp.edcaParams.qosInfo.count, psessionEntry->gLimEdcaParamSetCount);)
- if (((probeRsp.wmeEdcaPresent && wmeEnabled) ||
- (probeRsp.edcaPresent && qosEnabled)) &&
- (probeRsp.edcaParams.qosInfo.count != psessionEntry->gLimEdcaParamSetCount))
+ pProbeRsp->wmeEdcaPresent, wmeEnabled, pProbeRsp->edcaPresent, qosEnabled,
+ pProbeRsp->edcaParams.qosInfo.count, psessionEntry->gLimEdcaParamSetCount);)
+ if (((pProbeRsp->wmeEdcaPresent && wmeEnabled) ||
+ (pProbeRsp->edcaPresent && qosEnabled)) &&
+ (pProbeRsp->edcaParams.qosInfo.count != psessionEntry->gLimEdcaParamSetCount))
{
- if (schBeaconEdcaProcess(pMac, &probeRsp.edcaParams, psessionEntry) != eSIR_SUCCESS)
+ if (schBeaconEdcaProcess(pMac, &pProbeRsp->edcaParams, psessionEntry) != eSIR_SUCCESS)
PELOGE(limLog(pMac, LOGE, FL("EDCA parameter processing error\n"));)
else if (pStaDs != NULL)
{
@@ -296,9 +310,10 @@
}
else if ((psessionEntry->limSystemRole == eLIM_STA_IN_IBSS_ROLE) &&
(psessionEntry->limMlmState == eLIM_MLM_BSS_STARTED_STATE))
- limHandleIBSScoalescing(pMac, &probeRsp, pRxPacketInfo,psessionEntry);
+ limHandleIBSScoalescing(pMac, pProbeRsp, pRxPacketInfo,psessionEntry);
} // if ((pMac->lim.gLimMlmState == eLIM_MLM_WT_PROBE_RESP_STATE) || ...
+ palFreeMemory(pMac->hHdd, pProbeRsp);
// Ignore Probe Response frame in all other states
return;
} /*** end limProcessProbeRspFrame() ***/
@@ -310,14 +325,21 @@
tANI_U8 *pBody;
tANI_U32 frameLen = 0;
tpSirMacMgmtHdr pHdr;
- tSirProbeRespBeacon probeRsp;
+ tSirProbeRespBeacon *pProbeRsp;
- probeRsp.ssId.length = 0;
- probeRsp.wpa.length = 0;
- probeRsp.propIEinfo.apName.length = 0;
+ if(eHAL_STATUS_SUCCESS != palAllocateMemory(pMac->hHdd,
+ (void **)&pProbeRsp, sizeof(tSirProbeRespBeacon)))
+ {
+ limLog(pMac, LOGE, FL("Unable to PAL allocate memory in limProcessProbeRspFrameNoSession\n") );
+ return;
+ }
+
+ pProbeRsp->ssId.length = 0;
+ pProbeRsp->wpa.length = 0;
+ pProbeRsp->propIEinfo.apName.length = 0;
#if (WNI_POLARIS_FW_PACKAGE == ADVANCED)
- probeRsp.propIEinfo.aniIndicator = 0;
- probeRsp.propIEinfo.wdsLength = 0;
+ pProbeRsp->propIEinfo.aniIndicator = 0;
+ pProbeRsp->propIEinfo.wdsLength = 0;
#endif
@@ -330,7 +352,10 @@
limPrintMacAddr(pMac, pHdr->sa, LOG2);
if (limDeactivateMinChannelTimerDuringScan(pMac) != eSIR_SUCCESS)
+ {
+ palFreeMemory(pMac->hHdd, pProbeRsp);
return;
+ }
/* Since there is no psessionEntry, PE cannot be in the following states:
* - eLIM_MLM_WT_JOIN_BEACON_STATE
@@ -350,15 +375,16 @@
// Get pointer to Probe Response frame body
pBody = WDA_GET_RX_MPDU_DATA(pRxPacketInfo);
- if (sirConvertProbeFrame2Struct(pMac, pBody, frameLen, &probeRsp) == eSIR_FAILURE)
+ if (sirConvertProbeFrame2Struct(pMac, pBody, frameLen, pProbeRsp) == eSIR_FAILURE)
{
limLog(pMac, LOG1, FL("Parse error ProbeResponse, length=%d\n"), frameLen);
+ palFreeMemory(pMac->hHdd, pProbeRsp);
return;
}
if( (pMac->lim.gLimMlmState == eLIM_MLM_WT_PROBE_RESP_STATE) ||
(pMac->lim.gLimMlmState == eLIM_MLM_PASSIVE_SCAN_STATE) )
- limCheckAndAddBssDescription(pMac, &probeRsp, pRxPacketInfo, eANI_BOOLEAN_TRUE, eANI_BOOLEAN_TRUE);
+ limCheckAndAddBssDescription(pMac, pProbeRsp, pRxPacketInfo, eANI_BOOLEAN_TRUE, eANI_BOOLEAN_TRUE);
else if (pMac->lim.gLimMlmState == eLIM_MLM_LEARN_STATE)
{
#if defined(ANI_PRODUCT_TYPE_AP) && (WNI_POLARIS_FW_PACKAGE == ADVANCED)
@@ -367,13 +393,14 @@
* uncommented. Also when we tested enabling this, there is a crash as soon as the station
* comes up which needs to be fixed*/
//if (pMac->lim.gLimSystemRole == eLIM_STA_ROLE)
- // limCheckAndAddBssDescription(pMac, &probeRsp, pRxPacketInfo, eANI_BOOLEAN_TRUE);
- limCollectMeasurementData(pMac, pRxPacketInfo, &probeRsp);
+ // limCheckAndAddBssDescription(pMac, pProbeRsp, pRxPacketInfo, eANI_BOOLEAN_TRUE);
+ limCollectMeasurementData(pMac, pRxPacketInfo, pProbeRsp);
limLog(pMac, LOG3,
FL("Parsed WDS info in ProbeRsp frames: wdsLength=%d\n"),
- probeRsp.propIEinfo.wdsLength);
+ pProbeRsp->propIEinfo.wdsLength);
#endif
}
}
+ palFreeMemory(pMac->hHdd, pProbeRsp);
return;
} /*** end limProcessProbeRspFrameNew() ***/