In case of WMA_DEL_STA_REQ timeout for type WMA_DELETE_BSS_RSP,
directly del_bss response is posted to lim without clearing the
bits like bss_status in wma. This can later lead to failure
in del_sta_req of the self sta and self sta peer leak in the
object manager.
Hence, set the bss_status from started to stopped in case
of del_bss failure.
Change-Id: Ic68e6b7a59959392772fc2821d31a054778fe66b
CRs-Fixed: 2478379
Driver has a stats infrastructure and all the stats related
commands are using this infrastructure.
Remove legacy implementation for wakelock stats command
as part of cleanup.
Change-Id: Ie60293ae06401f841ef8dd9545587819ebe4cd4a
CRs-fixed: 2480191
Driver has a stats infrastructure and all the stats related
commands are using this infrastructure.
Remove legacy implementation for congestion stats command
as part of cleanup.
Change-Id: Ia8b919ad7cea4f47d5480b9f8e0f4636783ce6c3
CRs-Fixed: 2480246
Driver has a stats infrastructure and all the stats related
commands are using this infrastructure.
Remove legacy implementation for get rssi command as part
of cleanup.
Change-Id: I7a837d780c6a1551db0929e6ec7e73daaf479429
CRs-Fixed: 2480770
Do not configure legacy rate to FW if it is HE connection, otherwise
FW does not work.
Change-Id: I31d167ee79b7b58cabad29e65cf6834a7151093d
CRs-Fixed: 2472811
While handling WMI_MGMT_RX_EVENTID FW event, bufp should be checked before
used, because FW may indicate it as NULL.
System does not work when NULL pointer is accessed.
Change-Id: I7f87df93ee31332fa8c804cb2d7fd3a437ddf976
CRs-Fixed: 2465947
Update the scan channel list with HE capability information when
the channel list is sent to FW so that FW includes the HE capabilities
IE in the probe request frame during scan.
Change-Id: I1ad3b15e447845ac06d30e92195b5e4ab8a78d9d
CRs-Fixed: 2467024
After roaming the phy mode gets updated by FW via roam_sync event.
Update wma with the value from the roam_sync event.
Change-Id: Ie4b47ad83866f033bcd92781fdb05bd7456180f5
CRs-Fixed: 2477071
With the latest code in the following functions:
wma_add_bss_ap_mode
wma_add_bss_ibss_mode
wma_add_bss_sta_mode
wma_set_channel
hardware mode retrieval becomes unnecessary because
the DBS related config is not checked anymore.
Change-Id: I4fe03dee7148b17a6f2a40208d1cb77013db4c98
CRs-Fixed: 2478160
Add ini support for FIPS 4-way hanshake offload to firmware. FIPS
offload feature will add support to handle LFR 3.0 connection only
(auth/reassoc). If this ini is set then firmware will offload
4-way HS to supplicant. In the Roam sync indication firmware will
inform connected and not authenticated so that supplicant can take
care of 4-way HS.
Change-Id: I3da58910218ffc57094cac4c3cab4572631d9404
CRs-Fixed: 2459182
In P2P GO mode, if the P2P client device is not VHT capable and
only HT capable, but the DUT P2P GO is VHT capable and advertises
2x2 NSS and sends packets with 2x2 rates, it results in interop
issues with HT only capable P2P client devices.
When GO is operating in DBS mode, GO beacons advertise 2x2
capability but include OMN IE to indicate current operating mode
of 1x1. But here peer device is only HT capable and will not
understand OMN IE.
Check if the P2P client device is only HT capable and has
"\x00\x50\xf2\x04". Then downgrade the P2P GO operation to 1x1
nss. Modify rx mcs map value in association response to enable
only mcs 0-7.
Change-Id: I7177c5aee9a560a20c50a63886c0ee77f7d617ae
CRs-Fixed: 2464925
During roam fail, if firmware doesn't have any interface left on
2.4Ghz it moves to SMM from DBS, But doesn't inform to Host, which
assume DUT is in DBS mode and thus can send VDEV start on 2.4Ghz
without switching to DBS mode. This lead to assert in firmware.
To fix this firmware will indicate the new HW mode in ROAM INVOKE
FAIL and HO FAIL during roam. so handle the new HW mode indication
and update the host HW mode from the new HW mode indication. So
that host and firmware remain in sync
Change-Id: I854faea17c8eccf212b4efb9443b297cadca62b0
CRs-Fixed: 2473532
In wma_is_roam_in_progress function, return false if wma pointer
returned from cds_get_context is NULL.
Change-Id: I0a3447f038a45ea93e769142cb5883a3f39c0991
CRs-Fixed: 2475071
In monitor mode even if vdev start fails, vdev up is sent, which
leads to assert.
Fix is to move the vdev state machine to init state on vdev start
failure and not to send vdev up.
Change-Id: I89e6294329ba0541d0d86c5728ce36898a199659
CRs-Fixed: 2475370
Linux coding guidelines don't allow use of camel case identifiers.
So rename selfMacAddr to self_mac_addr to be in compliance.
Change-Id: Id70e00744883f9fd797da8d4bb1cf4f65c8aa9ff
CRs-Fixed: 2463827
Memory pointed by stakeyparams is not made NULL after
freeing in wma_set_stakey. This results in double free
during wma_add_bss_sta.
Change-Id: Ifa24d536e116be60f572d9926a511f9f498e6696
CRs-Fixed: 2463399
Add string for page fault wake up reason such that wake up
reason is logged properly.
Change-Id: I0f7138f730f5b9ca66f1d524d5d1868a99ccd88f
CRs-Fixed: 2471522
Propagation from qcacld2.0 to qcacld3.0.
The WMI CMD and EVENT of "get antenna isolation" are already defined,
but not used before in qcacld3.0.
Now, The host driver uses vendor command to get this information
instead of iwpriv command in qcacld-2.0.
The attribution of this feature is already defined in file
"qca_vendor.h". The name is "QCA_WLAN_VENDOR_ATTR_ANTENNA_ISOLATION".
So host driver will use vendor command
"QCA_NL80211_VENDOR_SUBCMD_GET_HW_CAPABILITY" to get the information
from lower layer.
Change-Id: I915768f622ddc9a70a95ce4fe952f19917a8f901
CRs-Fixed: 2447360
During dynamic request voting(DRV) suspend PCIe link
is in L1SS sleep state such that target can do page
faults without waking up APPS and hence add debug
assert on page fault wake ups if target triggered
a page fault wake up during DRV wow suspend.
Change-Id: I130a9a568b7007366fe582bd2e231c9fca324368
CRs-Fixed: 2467471
Set the max_station config correctly at wma_open instead of using
the default value.
Change-Id: I63cd05462351359fbdcaae03dbdff940817b9bde
CRs-Fixed: 2468829
Cleanup CONFIG_MCL in peer_assoc_params and use common
flags and api to populate peer_flags in wmi peer assoc
command.
Change-Id: Ib06409c89ee519d8139b52158c8c907dc336beca
CRs-Fixed: 2467182
eCsrAuthType is the enum of AKMs to be used during connection.
So the name eCsrAuthType is misleading as akm and auth algo are
different.
Also the Linux Coding Style doesn't allow mixed-case names and
so-called Hungarian notation, so rename the enum eCsrAuthType to
be compliant.
Change-Id: I35e18d1f84babd0ef2928ae9d7258028d4c9b3c5
CRs-Fixed: 2463813
In the memory allocated for del_sta_params, set_link_params and
del_bss_params is not freed if the malloc for add_sta_params
fails. This causes memory leak in wma_roam_update_vdev.
Also in wma_extscan_operations_event_handler, oprn_ind is not
freed in case of failure.
Free the memory allocated for del_sta_params, set_link_params,
del_bss_params, oprn_ind during every return.
Change-Id: I727cc734943a2abcc2cfeca3285af13eb68cfe44
CRs-Fixed: 2464098
Currently in these APIs, driver has a potential mem leak if
the code deviates from the success path:-
1. sme_ap_disable_intra_bss_fwd, param pSapDisableIntraFwd
was not freed in case of mutex acquire gets fail.
2. sme_set_wisa_params, param cds_msg_wisa_params was not freed
in case of mutex cquire fail, and in case of msg failed to
post to scheduler.
3. sme_update_sta_inactivity_timeout, param inactivity_time was
not freed in any case, and has to be freed after use.
4. wma_del_tdls_sta, param peerStateParams needs to be freed
in every failure case, in which the driver sends a del rsp in
error case.
Change-Id: Ibb6061dc399c0f408e7469e91d8084c82786a561
CRs-Fixed: 2466435
Add NULL validaiton check for WMA global context
to avoid possible NULL pointer dereference.
Change-Id: I1cf0bcf574d397eb712ca0e1c39dcf848b9c5328
CRs-Fixed: 2423998
In LFR2 scenario, STA roams to IOT AP with which max nss
capability is advertised because ini configured vendor OUI
and data for max nss is found in AP's beacons or probe
responses. On receiving association response with reduced
nss, nss is not updated as part of add_sta. This is resulting
in incorrect nss to be sent in peer_assoc command.
Fix is to update MCS set so that appropriate nss is sent in
peer_assoc command.
Change-Id: Id137a09f24063c8260c21eda6cd74cbb571b9129
CRs-Fixed: 2464318
Add support for roaming in case the driver
detects a nud failure. The STA then would roam
to another BSSID, else if the roaming gets failed
the STA would remain connected to the same BSSID
as connected before.
Change-Id: Idbc99b0ce2f9cacd97564dd8cf9892120958eda2
CRs-Fixed: 2461675
Link BLM exposed APIs to the following:-
1. csr_get_scan_result:- Link this API with filter bssids in
the reject ap list maintained by the blacklist mgr.
2. lim_assoc_rej_add_to_rssi_based_reject_list:- Link this API
with the the blacklist mgr add bssid to reject list to add the
OCE and BTM related assoc rejects.
3. Userspace avoid list parsing logic for the userspace to set
the BSSID as avoided.
Change-Id: Id51ffb80cea3f845fefe14db25d0f7acda6ea0f3
CRs-Fixed: 2461281
The linux coding style forbids use of typedef unless clearly
some rules are met. The tSirBssDescription doesn't match any of
those criteria, so replace it with underlying structure
bss_description.
Change-Id: I36ad517325117cf04d499c7c472ca6ef5921a85d
CRs-Fixed: 2459769
The Linux Coding Style doesn't allow mixed-case names so rename
bssIdx in struct pe_session to be in compliance.
Change-Id: Idf2df6cb4ca30e4fdae74b8fb39445bb878003c5
CRs-Fixed: 2459768
The Linux Coding Style doesn't allow mixed-case names so rename
eSirBssType in struct pe_session to be in compliance.
Change-Id: Iafe6649a130c77064180c67fb1385d2d7a763370
CRs-Fixed: 2459767
In hdd_vdev_destroy, if policy_mgr_check_and_stop_opportunistic_timer
decides to move to single mac mode and while sending the HW mode change
the target goes down, this leads to timeout of the HW mode change req in
WMA layer which is 2 sec and in serialization its 4 sec, but
policy_mgr_check_and_stop_opportunistic_timer timeout in 1 sec and proceed
to sme_close_session and wait for it to complete.
sme_close_session queue WLAN_SER_CMD_DEL_STA_SESSION to serialization but
it remains in pending queue, behind HW mode change req.
Now due to SSR the wait event for sme_close_session is set and thus
hdd_vdev_destroy logically deletes the vdev.
Now on WMA timeout the HW mode change try to remove the request from
serialization which it fails to remove as it fails to get ref for vdev
with vdev being logically deleted.
Thus WLAN_SER_CMD_DEL_STA_SESSION is not processed and is flushed in
hdd_wlan_shutdown.
Thus as SSR WLAN_SER_CMD_DEL_STA_SESSION is flushed from serialization
queue, the wma_vdev_detach() is not called for that vdev and thus the
peer attached to the vdev are not deleted and wma vdev ref is also not
released, this lead vdev/peer ref leak.
To fix this update the wait timeout in
policy_mgr_check_and_stop_opportunistic_timer with proper value higher
than the serialization timeout for the HW mode change request. ALso
set the wait event in policy_mgr_pdev_set_hw_mode_cb in failure cases
as well to avoid timeout in case of hw mode change failures.
Also release pending peer and vdef refs in wma_wmi_service_close.
Change-Id: I5ddf8263b0dbf889be506332a67f5e18c1bfb111
CRs-Fixed: 2458034
When FILS authentication is performed, the key confirmation is
performed as part of the FILS exchange using association frames.
Hence, no additional 4-way handshake is necessary. But still the
host driver sets the WMI_PEER_NEED_PTK_4_WAY flag as part of
peer_assoc command. So firmware expects setting key command after
4-Way handshake is completed. But host sends the set key command
before M4 in this case, which results in firmware assert.
Don't set WMI_PEER_NEED_PTK_4_WAY for FILS connection.
Change-Id: I13451bd7592d5836c16cd648235f691b11aafb15
CRs-Fixed: 2458097
Host need to fill netbuf with qtime instead of tsf. So
host need to add tsf64 enable/disable related functions
and definitions to sync with FW.
The tsf64_time is new added to fw/host structure, so host
need to add parse functions to get tsf64_time from tx_desc.
Change-Id: Ieea0d8f905eb57629d279f8da0e811857b760b1f
CRs-Fixed: 2444456
This change I29209576622bc2495a7ce3064e82efca2e70d19a was to fix a
memory leak, but ibss creating peer pass a pointer on stack to
wma_set_stakey API, it makes a regression.
Fix it by passing all pointer from heap to wma_set_stakey API.
Change-Id: I178e4b6a15aa24faae78d9846427b3292d11a1a4
CRs-Fixed: 2455529
Currently, host sends 11k offload command to FW as part of RSO Start
and 11k offload disables to FW during RSO Stop. In case of STA+STA
concurrency, Host sends vdev_stop before 11k_deconfig for
currently enabled STA results to assert in FW.
In order to configure 11k for second STA without assertion, Driver
should de-config 11k for currently enabled STA before vdev stop/delete.
Fix is to configure 11k while start roaming and de-configure 11k
while stop roaming irrespective of the reason for roaming STOP.
Change-Id: I0915d8a0141194c331eb59ba0f2dfa9c8995628a
CRs-Fixed: 2449431
If calling lim_send_set_sta_key_req with sendRsp==false, it didn't free
the tpSetStaKeyParams memory allocated in this function. This scenario
is possible hit when station key update during roaming before new bss
adding.
Change-Id: I29209576622bc2495a7ce3064e82efca2e70d19a
CRs-Fixed: 2452108
VDEV UP command doesn't include right MBSSID information, it will
cause data stall issue and so on.
Fix is to provide right MBSSID information with VDEV UP command.
Change-Id: I0201722c14dee1b01b8dacc7e3095301fb02fd3a
CRs-Fixed: 2434405
In wma_start_extscan, it will always return error due to an
incorrect conditional statement.
Change-Id: Iddb81e34a59ff541d4a17e45b8eca13e704fb89d
CRs-Fixed: 2450704
In wma_stats_event_handler several fields lengths are added
together to check against param_buf->num_data (the overall
length of the buffer).
The problem is that num_pdev_stats, num_vdev_stats and
num_peer_stats represent the number of structures of each
type rather than the total number of bytes.
Therefore update the logic to compare the expected size of
the entire payload to the actual payload.
Change-Id: I94af679480e62a61d4b25a1f370b2f199985f874
CRs-Fixed: 2429010
Adaptive 11r feature that enables the AP to support FT-AKM
without configuring the FT-AKM in the network. The AP will
advertise non-FT akm with a vendor specific IE having Adaptive
11r bit set to 1 in the IE data. The AP also advertises the
MDE in beacon/probe response.
The STA should check the adaptive 11r capability if the AP
advertises MDE in beacon/probe and adaptive 11r capability in
vendor specific IE. If adaptive 11r capability is found,
STA should advertise the FT equivalent of the non-FT AKM.
Introdue a compile time flag WLAN_ADAPTIVE_11R_ENABLED to
enable/disable adaptive 11r support.
If the AP is adaptive 11r capable, set the is_adaptive_11r_ap
flag in bss descrtiptor. This flag will be sent in join request
and populated to pe_session. Also mark the CSR session as
adaptive 11r session based on this flag.
Add changes to check for the adaptive 11r service capability
advertised by firmware. If the host driver connects to adaptive
11r AP, enable RSO only if the firmware advertises adaptive
11r capability, else RSO should be disabled.
If the connection is adaptive 11r connection and if the adaptive
11r ini is enabled, set the adaptive_11r flag in
wmi_roam_11r_offload_tlv_param sent over the wmi command
WMI_ROAM_SCAN_MODE to the firmware. This will enable firmware to
filter the adaptive 11r AP from roam scan results.
Change-Id: If27a2393e3f4bb68942f5ebcec0135f57627f16b
CRs-Fixed: 2437988
If CRYPTO_SET_KEY_CONVERGED is enabled, the iface->key.key_cipher
is not set but is used to process multicast and broadcast
management frame.
Set iface->key.key_cipher with proper value when
CRYPTO_SET_KEY_CONVERGED is enabled.
Change-Id: I67d8bfe2210f4aad499830c4339de10c620d604d
CRs-Fixed: 2444420
