Merge "Release 5.2.0.34Z" into wlan-cld3.driver.lnx.2.0-dev
diff --git a/core/hdd/inc/wlan_hdd_ftm.h b/core/hdd/inc/wlan_hdd_ftm.h
index 32279b0..132cd30 100644
--- a/core/hdd/inc/wlan_hdd_ftm.h
+++ b/core/hdd/inc/wlan_hdd_ftm.h
@@ -41,20 +41,6 @@
#include "qdf_types.h"
#include <wlan_ptt_sock_svc.h>
-enum wlan_hdd_ftm_state {
- WLAN_FTM_INITIALIZED,
- WLAN_FTM_STOPPED,
- WLAN_FTM_STARTED,
-};
-
-/**
- * struct wlan_hdd_ftm_status - FTM status
- * @ftm_state: The current state of the FTM process
- */
-struct wlan_hdd_ftm_status {
- enum wlan_hdd_ftm_state ftm_state;
-};
-
int hdd_update_cds_config_ftm(hdd_context_t *hdd_ctx);
void hdd_ftm_mc_process_msg(void *message);
#if defined(QCA_WIFI_FTM)
diff --git a/core/hdd/inc/wlan_hdd_main.h b/core/hdd/inc/wlan_hdd_main.h
index 98d43c5..c9079ad 100644
--- a/core/hdd/inc/wlan_hdd_main.h
+++ b/core/hdd/inc/wlan_hdd_main.h
@@ -1370,8 +1370,6 @@
/** Config values read from qcom_cfg.ini file */
struct hdd_config *config;
- struct wlan_hdd_ftm_status ftm;
-
/* Completion variable to indicate Mc Thread Suspended */
struct completion mc_sus_event_var;
diff --git a/core/hdd/src/wlan_hdd_driver_ops.c b/core/hdd/src/wlan_hdd_driver_ops.c
index f2d09a5..d18c628 100644
--- a/core/hdd/src/wlan_hdd_driver_ops.c
+++ b/core/hdd/src/wlan_hdd_driver_ops.c
@@ -236,8 +236,6 @@
if (!QDF_IS_STATUS_SUCCESS(status)) {
hdd_err("hif_enable failed status: %d, reinit: %d",
status, reinit);
- if (!cds_is_fw_down())
- QDF_BUG(0);
ret = qdf_status_to_os_return(status);
goto err_hif_close;
diff --git a/core/mac/inc/sir_mac_prot_def.h b/core/mac/inc/sir_mac_prot_def.h
index 5487dc3..60b8417 100644
--- a/core/mac/inc/sir_mac_prot_def.h
+++ b/core/mac/inc/sir_mac_prot_def.h
@@ -548,7 +548,6 @@
#define SIR_MAC_AUTH_ALGO_OFFSET 0
#define SIR_MAC_AUTH_XACT_SEQNUM_OFFSET 2
#define SIR_MAC_AUTH_STATUS_CODE_OFFSET 4
-#define SIR_MAC_AUTH_CHALLENGE_OFFSET 6
/* / Transaction sequence number definitions (used in Authentication frames) */
#define SIR_MAC_AUTH_FRAME_1 1
@@ -565,6 +564,11 @@
#define SIR_MAC_WEP_IV_LENGTH 4
#define SIR_MAC_WEP_ICV_LENGTH 4
+/* 2 bytes each for auth algo number, transaction number and status code */
+#define SIR_MAC_AUTH_FRAME_INFO_LEN 6
+/* 2 bytes for ID and length + SIR_MAC_AUTH_CHALLENGE_LENGTH */
+#define SIR_MAC_AUTH_CHALLENGE_BODY_LEN (2 + SIR_MAC_AUTH_CHALLENGE_LENGTH)
+
/* / MAX key length when ULA is used */
#define SIR_MAC_MAX_KEY_LENGTH 32
diff --git a/core/mac/src/pe/lim/lim_security_utils.h b/core/mac/src/pe/lim/lim_security_utils.h
index c3410ea..3dc6a93 100644
--- a/core/mac/src/pe/lim/lim_security_utils.h
+++ b/core/mac/src/pe/lim/lim_security_utils.h
@@ -39,9 +39,11 @@
#define __LIM_SECURITY_UTILS_H
#include "sir_mac_prot_def.h" /* for tSirMacAuthFrameBody */
-#define LIM_ENCR_AUTH_BODY_LEN (sizeof(tSirMacAuthFrameBody) + \
+#define LIM_ENCR_AUTH_BODY_LEN (SIR_MAC_AUTH_FRAME_INFO_LEN + \
+ SIR_MAC_AUTH_CHALLENGE_BODY_LEN + \
SIR_MAC_WEP_IV_LENGTH + \
SIR_MAC_WEP_ICV_LENGTH)
+
struct tLimPreAuthNode;
uint8_t lim_is_auth_algo_supported(tpAniSirGlobal, tAniAuthType, tpPESession);
diff --git a/core/mac/src/pe/lim/lim_send_management_frames.c b/core/mac/src/pe/lim/lim_send_management_frames.c
index 15b8355..7944fbc 100644
--- a/core/mac/src/pe/lim/lim_send_management_frames.c
+++ b/core/mac/src/pe/lim/lim_send_management_frames.c
@@ -2096,6 +2096,7 @@
uint8_t tx_flag = 0;
uint8_t sme_sessionid = 0;
uint16_t ft_ies_length = 0;
+ bool challenge_req = false;
if (NULL == session) {
pe_err("Error: psession Entry is NULL");
@@ -2117,8 +2118,8 @@
pe_debug("Sending encrypted auth frame to " MAC_ADDRESS_STR,
MAC_ADDR_ARRAY(peer_addr));
- frame_len = sizeof(tSirMacMgmtHdr) + LIM_ENCR_AUTH_BODY_LEN;
body_len = LIM_ENCR_AUTH_BODY_LEN;
+ frame_len = sizeof(tSirMacMgmtHdr) + body_len;
goto alloc_packet;
}
@@ -2140,9 +2141,8 @@
* and status code.
*/
- frame_len = sizeof(tSirMacMgmtHdr) +
- SIR_MAC_AUTH_CHALLENGE_OFFSET;
- body_len = SIR_MAC_AUTH_CHALLENGE_OFFSET;
+ body_len = SIR_MAC_AUTH_FRAME_INFO_LEN;
+ frame_len = sizeof(tSirMacMgmtHdr) + body_len;
if (auth_frame->authAlgoNumber == eSIR_FT_AUTH) {
if (NULL != session->ftPEContext.pFTPreAuthReq &&
@@ -2172,9 +2172,8 @@
* transaction number and status code.
*/
- frame_len = sizeof(tSirMacMgmtHdr) +
- SIR_MAC_AUTH_CHALLENGE_OFFSET;
- body_len = SIR_MAC_AUTH_CHALLENGE_OFFSET;
+ body_len = SIR_MAC_AUTH_FRAME_INFO_LEN;
+ frame_len = sizeof(tSirMacMgmtHdr) + body_len;
} else {
/*
* Shared Key algorithm with challenge text
@@ -2187,9 +2186,10 @@
* for challenge text.
*/
- frame_len = sizeof(tSirMacMgmtHdr) +
- sizeof(tSirMacAuthFrame);
- body_len = sizeof(tSirMacAuthFrameBody);
+ challenge_req = true;
+ body_len = SIR_MAC_AUTH_FRAME_INFO_LEN +
+ SIR_MAC_AUTH_CHALLENGE_BODY_LEN;
+ frame_len = sizeof(tSirMacMgmtHdr) + body_len;
}
break;
@@ -2203,9 +2203,8 @@
* status code.
*/
- frame_len = sizeof(tSirMacMgmtHdr) +
- SIR_MAC_AUTH_CHALLENGE_OFFSET;
- body_len = SIR_MAC_AUTH_CHALLENGE_OFFSET;
+ body_len = SIR_MAC_AUTH_FRAME_INFO_LEN;
+ frame_len = sizeof(tSirMacMgmtHdr) + body_len;
break;
case SIR_MAC_AUTH_FRAME_4:
@@ -2216,9 +2215,8 @@
* status code.
*/
- frame_len = sizeof(tSirMacMgmtHdr) +
- SIR_MAC_AUTH_CHALLENGE_OFFSET;
- body_len = SIR_MAC_AUTH_CHALLENGE_OFFSET;
+ body_len = SIR_MAC_AUTH_FRAME_INFO_LEN;
+ frame_len = sizeof(tSirMacMgmtHdr) + body_len;
break;
default:
@@ -2274,11 +2272,29 @@
sir_swap_u16if_needed(auth_frame->authStatusCode);
body += sizeof(uint16_t);
body_len -= sizeof(uint16_t);
- if (body_len <= (sizeof(auth_frame->type) +
- sizeof(auth_frame->length) +
- sizeof(auth_frame->challengeText)))
- qdf_mem_copy(body, (uint8_t *) &auth_frame->type,
- body_len);
+
+ if (challenge_req) {
+ if (body_len < SIR_MAC_AUTH_CHALLENGE_BODY_LEN) {
+ qdf_mem_copy(body, (uint8_t *)&auth_frame->type,
+ body_len);
+ pe_err("Incomplete challenge info: length: %d, expected: %d",
+ body_len,
+ SIR_MAC_AUTH_CHALLENGE_BODY_LEN);
+ body += body_len;
+ body_len = 0;
+ } else {
+ /* copy challenge IE id, len, challenge text */
+ *body = auth_frame->type;
+ body++;
+ *body = auth_frame->length;
+ body++;
+ qdf_mem_copy(body, auth_frame->challengeText,
+ SIR_MAC_AUTH_CHALLENGE_LENGTH);
+ body += SIR_MAC_AUTH_CHALLENGE_LENGTH;
+
+ body_len -= SIR_MAC_AUTH_CHALLENGE_BODY_LEN;
+ }
+ }
if ((auth_frame->authAlgoNumber == eSIR_FT_AUTH) &&
(auth_frame->authTransactionSeqNumber ==