Google Git
Sign in
android / kernel / msm-modules / qcacld / refs/heads/android-msm-bonito-4.9-android10-qpr2^2..refs/heads/android-msm-bonito-4.9-android10-qpr2 / .
commitd427a5666db3a8d1385faed8b4132bb4276eeca6[log] [tgz]
authorSecurityBot AutoMerger <android-nexus-securitybot@system.gserviceaccount.com>Fri Feb 07 14:21:39 2020 -0800
committerSecurityBot <android-nexus-securitybot@system.gserviceaccount.com>Fri Feb 07 14:21:40 2020 -0800
tree5a790c7dd6e64148c44fe81f86c1891fbe6920a7
parent05007d5bba53fbc4472829b39993748c1b165eb2 [diff]
parent5b726ab6296eb7d6b9fd976f3541a1a11faea9a2 [diff]
Merge android-msm-pixel-4.9-qt-qpr1 into android-msm-pixel-4.9-qt-qpr2

SBMerger: 284775313
Change-Id: Ib1be65dca032e096e4a648254bc294e1940bf83b
Signed-off-by: SecurityBot <android-nexus-securitybot@system.gserviceaccount.com>

diff --git a/core/dp/txrx/ol_rx.c b/core/dp/txrx/ol_rx.c
index 7d443be..a563d60 100644
--- a/core/dp/txrx/ol_rx.c
+++ b/core/dp/txrx/ol_rx.c

@@ -1436,9 +1436,7 @@
 	peer->keyinstalled = 0;
 
 	peer->last_assoc_rcvd = 0;
-	peer->last_disassoc_rcvd = 0;
-	peer->last_deauth_rcvd = 0;
-
+	peer->last_disassoc_deauth_rcvd = 0;
 	qdf_atomic_init(&peer->fw_pn_check);
 }
 
@@ -1447,8 +1445,7 @@
 {
 	peer->keyinstalled = 0;
 	peer->last_assoc_rcvd = 0;
-	peer->last_disassoc_rcvd = 0;
-	peer->last_deauth_rcvd = 0;
+	peer->last_disassoc_deauth_rcvd = 0;
 	ol_rx_reorder_peer_cleanup(vdev, peer);
 }
 

diff --git a/core/dp/txrx/ol_txrx_types.h b/core/dp/txrx/ol_txrx_types.h
index a678bfc..49a3d44 100644
--- a/core/dp/txrx/ol_txrx_types.h
+++ b/core/dp/txrx/ol_txrx_types.h

@@ -1369,8 +1369,7 @@
 	u_int16_t tx_pause_flag;
 #endif
 	qdf_time_t last_assoc_rcvd;
-	qdf_time_t last_disassoc_rcvd;
-	qdf_time_t last_deauth_rcvd;
+	qdf_time_t last_disassoc_deauth_rcvd;
 	qdf_atomic_t fw_create_pending;
 	qdf_timer_t peer_unmap_timer;
 };

diff --git a/core/hdd/src/wlan_hdd_cfg80211.c b/core/hdd/src/wlan_hdd_cfg80211.c
index d8efa86..94ae94f 100644
--- a/core/hdd/src/wlan_hdd_cfg80211.c
+++ b/core/hdd/src/wlan_hdd_cfg80211.c

@@ -10789,7 +10789,7 @@
 const struct nla_policy
 qca_wlan_vendor_set_connectivity_check_stats[CONNECTIVITY_STATS_SET_MAX + 1] = {
 	[STATS_PKT_INFO_TYPE] = {.type = NLA_U32 },
-	[STATS_DNS_DOMAIN_NAME] = {.type = NLA_BINARY,
+	[STATS_DNS_DOMAIN_NAME] = {.type = NLA_NUL_STRING,
 					.len = DNS_DOMAIN_NAME_MAX_LEN },
 	[STATS_SRC_PORT] = {.type = NLA_U32 },
 	[STATS_DEST_PORT] = {.type = NLA_U32 },

diff --git a/core/mac/src/pe/lim/lim_process_deauth_frame.c b/core/mac/src/pe/lim/lim_process_deauth_frame.c
index 7f654b5..46b2f93 100644
--- a/core/mac/src/pe/lim/lim_process_deauth_frame.c
+++ b/core/mac/src/pe/lim/lim_process_deauth_frame.c

@@ -510,18 +510,20 @@
 	}
 
 	if ((sta_ds->mlmStaContext.mlmState == eLIM_MLM_WT_DEL_STA_RSP_STATE) ||
-	    (sta_ds->mlmStaContext.mlmState == eLIM_MLM_WT_DEL_BSS_RSP_STATE)) {
+	    (sta_ds->mlmStaContext.mlmState == eLIM_MLM_WT_DEL_BSS_RSP_STATE) ||
+	    sta_ds->sta_deletion_in_progress) {
 		/**
 		 * Already in the process of deleting context for the peer
 		 * and received Deauthentication frame. Log and Ignore.
 		 */
-		pe_err("received Deauth frame from peer that is in state %X, addr "
-			MAC_ADDRESS_STR, sta_ds->mlmStaContext.mlmState,
-			MAC_ADDR_ARRAY(addr));
+		pe_debug("Deletion is in progress (%d) for peer:%pM in mlmState %d",
+			 sta_ds->sta_deletion_in_progress, addr,
+			 sta_ds->mlmStaContext.mlmState);
 		return;
 	}
 	sta_ds->mlmStaContext.disassocReason = (tSirMacReasonCodes) rc;
 	sta_ds->mlmStaContext.cleanupTrigger = eLIM_PEER_ENTITY_DEAUTH;
+	sta_ds->sta_deletion_in_progress = true;
 
 	/* / Issue Deauth Indication to SME. */
 	qdf_mem_copy((uint8_t *) &mlmDeauthInd.peerMacAddr,

diff --git a/core/mac/src/pe/lim/lim_process_disassoc_frame.c b/core/mac/src/pe/lim/lim_process_disassoc_frame.c
index e36ecc9..4742b88 100644
--- a/core/mac/src/pe/lim/lim_process_disassoc_frame.c
+++ b/core/mac/src/pe/lim/lim_process_disassoc_frame.c

@@ -290,16 +290,18 @@
 	}
 
 	if ((pStaDs->mlmStaContext.mlmState == eLIM_MLM_WT_DEL_STA_RSP_STATE) ||
-	    (pStaDs->mlmStaContext.mlmState == eLIM_MLM_WT_DEL_BSS_RSP_STATE)) {
+	    (pStaDs->mlmStaContext.mlmState == eLIM_MLM_WT_DEL_BSS_RSP_STATE) ||
+	    pStaDs->sta_deletion_in_progress) {
 		/**
 		 * Already in the process of deleting context for the peer
 		 * and received Disassociation frame. Log and Ignore.
 		 */
-		pe_err("received Disassoc frame in state: %d from"
-			MAC_ADDRESS_STR, pStaDs->mlmStaContext.mlmState,
-			MAC_ADDR_ARRAY(pHdr->sa));
+		pe_debug("Deletion is in progress (%d) for peer:%pM in mlmState %d",
+			 pStaDs->sta_deletion_in_progress, pHdr->sa,
+			 pStaDs->mlmStaContext.mlmState);
 		return;
 	}
+	pStaDs->sta_deletion_in_progress = true;
 	lim_disassoc_tdls_peers(pMac, psessionEntry, pHdr->sa);
 	if (pStaDs->mlmStaContext.mlmState != eLIM_MLM_LINK_ESTABLISHED_STATE) {
 		/**

diff --git a/core/sme/src/csr/csr_api_roam.c b/core/sme/src/csr/csr_api_roam.c
index a137c90..1c924e0 100644
--- a/core/sme/src/csr/csr_api_roam.c
+++ b/core/sme/src/csr/csr_api_roam.c

@@ -11348,7 +11348,7 @@
 					    DeauthIndMsg));
 		}
 		if (QDF_IS_STATUS_SUCCESS
-			    (csr_queue_sme_command(pMac, pCommand, true))) {
+			    (csr_queue_sme_command(pMac, pCommand, false))) {
 			fCommandQueued = true;
 		} else {
 			sme_err(" fail to send message ");

diff --git a/core/wma/src/wma_mgmt.c b/core/wma/src/wma_mgmt.c
index 784b553..fbd7be2 100644
--- a/core/wma/src/wma_mgmt.c
+++ b/core/wma/src/wma_mgmt.c

@@ -3537,37 +3537,33 @@
 	}
 
 	switch (subtype) {
-	case SIR_MAC_MGMT_ASSOC_REQ:
-		if (peer->last_assoc_rcvd) {
-			if (qdf_get_system_timestamp() - peer->last_assoc_rcvd <
-					WMA_MGMT_FRAME_DETECT_DOS_TIMER) {
-				WMA_LOGD(FL("Dropping Assoc Req received"));
-				should_drop = true;
-			}
+	case IEEE80211_FC0_SUBTYPE_ASSOC_REQ:
+		if (peer->last_assoc_rcvd &&
+		    qdf_system_time_before(qdf_get_system_timestamp(),
+		    peer->last_assoc_rcvd + WMA_MGMT_FRAME_DETECT_DOS_TIMER)) {
+			WMA_LOGD(FL("Dropping Assoc Req as it is received after %d ms of last frame. Allow it only after %d ms"),
+				 (int) (qdf_get_system_timestamp() -
+				  peer->last_assoc_rcvd),
+				  WMA_MGMT_FRAME_DETECT_DOS_TIMER);
+			should_drop = true;
+			break;
 		}
 		peer->last_assoc_rcvd = qdf_get_system_timestamp();
 		break;
-	case SIR_MAC_MGMT_DISASSOC:
-		if (peer->last_disassoc_rcvd) {
-			if (qdf_get_system_timestamp() -
-					peer->last_disassoc_rcvd <
-					WMA_MGMT_FRAME_DETECT_DOS_TIMER) {
-				WMA_LOGI(FL("Dropping DisAssoc received"));
-				should_drop = true;
-			}
+	case IEEE80211_FC0_SUBTYPE_DISASSOC:
+	case IEEE80211_FC0_SUBTYPE_DEAUTH:
+		if (peer->last_disassoc_deauth_rcvd &&
+		    qdf_system_time_before(qdf_get_system_timestamp(),
+		    peer->last_disassoc_deauth_rcvd +
+		    WMA_MGMT_FRAME_DETECT_DOS_TIMER)) {
+			WMA_LOGD(FL("Dropping subtype %x frame as it is received after %d ms of last frame. Allow it only after %d ms"),
+				 subtype, (int) (qdf_get_system_timestamp() -
+				 peer->last_disassoc_deauth_rcvd),
+				 WMA_MGMT_FRAME_DETECT_DOS_TIMER);
+			should_drop = true;
+			break;
 		}
-		peer->last_disassoc_rcvd = qdf_get_system_timestamp();
-		break;
-	case SIR_MAC_MGMT_DEAUTH:
-		if (peer->last_deauth_rcvd) {
-			if (qdf_get_system_timestamp() -
-					peer->last_deauth_rcvd <
-					WMA_MGMT_FRAME_DETECT_DOS_TIMER) {
-				WMA_LOGI(FL("Dropping Deauth received"));
-				should_drop = true;
-			}
-		}
-		peer->last_deauth_rcvd = qdf_get_system_timestamp();
+		peer->last_disassoc_deauth_rcvd = qdf_get_system_timestamp();
 		break;
 	default:
 		break;