Currently, when adding duplicate sessions to an array that holds
session information, no check is performed to avoid going out of
bounds. Add a check to confirm that the index is not out of bounds.
Change-Id: Ib7abcc5347ba49a8c787ec32e8519a11085456d9
Signed-off-by: quic_anane <quic_anane@quicinc.com>
The init func of rxtx-rx1 virt dailink should
be same with rxtx-rx1 dailink.
Change-Id: I62008bfb742d6c6b818b1b4dbce6d521229d0369
Signed-off-by: Faiz Kuchay <quic_fkuchay@quicinc.com>
Current code passes in mbox_msg max buffer
size to mailbox api rather than actual string
length. Resulting in KASAN detecting an out of
bound issue. Fix this by calculating the string
length, and passing that in.
CRs-Fixed: 3876948
Change-Id: I7d9be5466ca5bec81e181f47e278205d6d9a64ce
Currently while calculating skb length for usable
channel list host doesn't consider space needed for
each nla_nest_start. Hence sometime seeing failure
in filling skb because less memory gets allocated.
To address this issue, add NLMSG_HDRLEN size for each
nest.
Change-Id: If630a48bb30e491651c775f5ffdb957626fdbfd9
CRs-Fixed: 3877033
When MSDU fails for checksum validation, do not aggregate those
packets and make sure current flow is flushed. Since checksum
failure packet data is not trust worthy it is not advisable to
build aggregated skb on top of checksum failure packets.
Change-Id: I09d8c4aeb656e6b0b5d268a60d72147534f2a2ab
CRs-Fixed: 3805053
1. Check if STA is present with MLD address,
this can happen if STA is non ML, so MLD address will be used as
address for connected STA.
2. Check if STA present with same MLD address as current SA,
this can happen if SAP is ML, so the MLD address will be
used as SA address for connected STA.
Change-Id: Id3f64a8937c257ea503a0e847f16e2b251b4ef81
CRs-Fixed: 3871110
Positive return value from mbox_send_message() should be
treated as success, which indicate the index of
free mbox buffer obtained.
Change-Id: I59b47a3a711468ef233b43c1191217f1f6911c1f
CRs-Fixed: 3878630
This patch overrides the fal10 veto for the milos target.
Change-Id: I82310b63ff89aa44c03b97e4e7b6e87ac5c4569a
Signed-off-by: Akash Gajjar <quic_agajjar@quicinc.com>
Disable IRQ wake, it should not wakeup system
during touch-offload.
Change-Id: I0d493faec4569a8a006f7ca375bf460bf207b389
Signed-off-by: Zhenbin Tan <quic_zhentan@quicinc.com>
Current code uses strcpy() to copy strings, which has a problem with potential buffer overflows if the source string is longer than the destination buffer. We can improve this by using memcpy() with a specified length, because it allows us to control the number of bytes copied and thus prevent buffer overflows.
Change-Id: I9dd5da343bfd63e4e031a66fa26b103e3da573e0
Signed-off-by: mingzh <quic_mingzh@quicinc.com>
Add changes to include qseed inefficiency factor during mdp
core clock calculation. This calculated value is sent to
mmrm driver to set with reserve only flag.
Change-Id: If19356ba36e7f9155fdfeeadead9260d1c56dc6b
Signed-off-by: Jayaprakash Madisetty <quic_jmadiset@quicinc.com>
Tasklet must be stopped after stopping HW. In current implementation
we are stopping same tasklet both in CSID and IFE/TFE stop call. This
change adds to stop both csid and ife/tfe HW first and then stopping
tasklet.
CRs-Fixed: 3855774
Change-Id: I93de831c45d2f61142db300140e36c17e0dd9b31
Signed-off-by: Yash Upadhyay <quic_yupadhya@quicinc.com>
Currently, stale cdp_soc member in dp_ctx is being accessed
when interface is being added after wlan is detached during
idle shutdown.
To fix this, set cdp_soc NULL in dp_ctx when wlan is detaching.
Change-Id: I922f92cb7ba22bf84f39a44b6d78cd4b36bea058
CRs-Fixed: 3872183
Add support to check if IPA and WLAN share a common dma pool
and based on that take descision to map the rx buffers or not
in IPA use case scenarios
Change-Id: I5d684db1cffc9f04b962cf7bdf0305b7d5e1df23
CRs-Fixed: 3878739
During cnss unload or error quit, cnss_dms_deinit() is called to
perform dms client deinit. When dms sever quit, modem also send event
to cnss to schedule dms client restart with dms_del_server(). The two
processes are asynchronous so qmi_handle_release() may be entered
twice and cause qmi->sock to be used after free.
To avoid this race condition, call cnss_cancel_dms_work() before
cnss_dms_deinit() to guarantee the two processes not run concurrently.
Change-Id: I291c1d0bdead190549dcbbb2c4b7aa65a68196d7
CRs-Fixed: 3875961
Check if clk is enabled before disabling it to avoid
warning log during adsp SSR.
Change-Id: I916af6f9efacfe3d08e0b05dcc0c6023944369d2
Signed-off-by: sarath varma ganapathiraju <quic_ganavarm@quicinc.com>
Reduce the OUI length to 2 bytes for vendor IE to include
just the OUI and the type and omit the body as it is not
mandatory.
CRs-Fixed: 3842063
Change-Id: I42f1b2d6c57da82f859b9917a1e5229273f75263
This change enables the uidle feature support for milos target.
Change-Id: I3f8633b623d69467010639b48e47a2455f64c55b
Signed-off-by: Akash Gajjar <quic_agajjar@quicinc.com>
This change reverts the hard-coded downgrade of non-ML
APs to 11ax from I9471c5b211f9480877c9c2475eaef93071b82734.
Instead, do not send ML-probe or ML IE in assoc request, if
the AP does not support MLO. This keeps the connection as
11be.
Also, cleanup the unused variables in bss description and
keep it 4-bytes aligned.
Change-Id: I1aa681ecce04615f88d563c07d9c7e2ef10c1b92
CRs-Fixed: 3857042
In the api cm_roam_mgmt_frame_event(), the received frame info
is differentiated between legacy and MLO AP on the basis whether
the current vdev is a ML vdev or not. This results in undesired
logging of result during MLo to legacy AP roam failure case as
the vdev is still the ML vdev as it is maintaining the current
connection with the ML AP while the frame info data received
from FW is for legacy AP.
Add a band check when processing the roam frame info data
received from the FW as band info in roam frame data follows
the following format:
1. 0: if the FW tried to roam to a legacy AP
2. when tried to a MLO AP, it will represent the link it forms
association. The format as follows:
* BIT 0: When it is associated on 2 GHz link
* BIT 1: When it is associated on 5 GHz link
* BIT 2: when it is associated on 6 GHz link
Change-Id: I7854ef368776ba11d4cdc8aca28ac86c8c2f4efa
CRs-Fixed: 3866223
