qcacld-2.0 to qcacld-3.0 propagation
Update common WMI commands to merge firmware init of MCL and
WIN SWOL update
Change-Id: I732a70be17d451654f3fbbe6db84f62de6438862
CRs-fixed: 865207
qcacld-2.0 to qcacld-3.0 propagation
Line 118: CID 50610 (#3 of 3): Out-of-bounds access (OVERRUN)
Line 200: CID 50680 (#1 of 1): Out-of-bounds read (OVERRUN)
Line 367: CID 50732 (#1 of 1): Out-of-bounds write (OVERRUN)
add TID validation check in RX_IND to avoid tid >19 scenario.
Change-Id: I32a3339902e231a8193fb8ee984ef029e24bc7e5
CRs-Fixed: 836067
Propagation from qcacld 2.0 to qcacld 3.0
Due to a race condition, vdev is getting deleted in
ol_txrx_vdev_detach and after that in
ol_txrx_peer_unref_delete, as vdev->delete.pending
is not equal to 0 as it is some garbage value, vdev
is getting deleted again causing crash.
This fix release the lock after checking
vdev->delete.pending so that before vdev gets deleted
in ol_txrx_vdev_detach, this check has been made and as
vdev->delete.pending is 0, it will not delete the
vdev in ol_txrx_peer_unref_delete and so vdev will be
deleted only once.
Change-Id: I4a7362b0e226c66ccb7c72243276d77e8df60b20
CRs-Fixed: 949397
Propagation from qcacld 2.0 to qcacld 3.0
The atomic variables are of integer type but "cdf_atomic_read",
"cdf_atomic_dec_and_test" and "cdf_atomic_inc_return" APIs
have return type of unsigned int. Because of this, these APIs
return positive value even when it is negative.
This fix change the return value of "cdf_atomic_read",
"cdf_atomic_dec_and_test" and "cdf_atomic_inc_return" APIs
from unsigned int to int so that negative value remains negative.
Change-Id: I9c4077547e1e1370bbb401af77b248944cdf25fa
CRs-Fixed: 902636
qcacld-2.0 to qcacld-3.0 propagation
Extended Supported Rates are filled in Assoc req based on the
dot11mode and in Case dot11mode is 11A it's not filled.
Some AP have Basic rate in Extended Rate set in 11A mode.
Thus AP reject the association as Driver does not sent the extended
rate set in 11A mode.
Removed the dot11mode dependency for Extended Supported Rates.
With this change if AP have Extended Supported Rates driver will
add the Extended Supported Rates IE in Assoc req.
Change-Id: Ibd1c98a7cfae46988ff4434579edde7d4222841d
CRs-Fixed: 903270
qcacld-2.0 to qcacld-3.0 propagation
If preauth is in progress with too many APs in the roamable AP
list and at the same time disconnect is received from supplicant as
part of unload, the deauth req will be queued in sme pending list
till csr completes the preauth process.
Now as part of unload, driver may purge the sme pending command list
and with it the disconnect command may also get removed if preauth
takes too much time.
This will lead to DEL BSS missing before HAL STOP and thus crash.
To avoid this abort the preauth process once disconnect is received.
Change-Id: I1c35f0c7e38295cfadafdad69f0b9a99ba61404c
CRs-Fixed: 942579
Replace tSirMacAddr with cdf_mac_addr in tSmeIbssPeerInd and
tSirIbssPeerInactivityInd.
Change-Id: Ie83aa414e312431aeb7f730a3f8027ea960acc36
CRs-Fixed: 898864
Replace tSirMacAddr with cdf_mac_addr in sSmeMaxAssocInd and
tSirSmeGetAssocSTAsReq.
Change-Id: Ie36a22b5ee5c823833981b51ef91525f6c6af692
CRs-Fixed: 898864
qcacld-2.0 to qcacld-3.0 propagation
Currently while populating 11a and 11b rates, there is
no bound check for rateset array. This can result in buffer
overflow. As a part of fix add bound check to avoid any
buffer overflow for the rateset.
CRs-fixed: 798054
Change-Id: Ib42f5de642ad54d5c2a1ccdab37d88928b98af01
FW needs the debug mode from WLAN INI file. After parsing INI file,
WLAN driver passes the mode value to platform driver, which uses
QMI message to exchange information with FW.
Change-Id: Ifd01b18bcfafad2344196d80ab17c605cca35972
CRs-Fixed: 942237
In LFR3 reassoc frame is sent by firmware and host or supplicant is not aware
of its content. Because of this supplicant does not have complete information
to perform EAP exchange with authenticator if fresh EAP exchange is requested.
To fix this:
1) Take the reassoc req frame passed by firmware and save that to pe session
This frame will then be passed to supplicant through usual path.
2) In case of FT connection, do not pass key replay counter attribute to
supplicant.
Change-Id: I51dd8004c910b45c7f25e9cd140448e592b096b3
CRs-Fixed: 943711
Get rrm capab from mac_ctx in function sme_get_config_param().
This ensures that subsequent calls to this function will correctly
update rrm config.
Change-Id: Iddaae66b94ccaa127f08fd0a897bc986a959a0eb
CRs-Fixed: 955114
In case prefer 5 GHz preference is set, move the 5GHz channels ahead
of 2GHz channels in channel list as used in Early Stop Roaming Scan
feature. This ensures that while roaming, when these features are
enabled DUT will scan 5 GHz channels first and roam if a candidate
AP is found.
Change-Id: I96d997560a3eca5fd378aa3ed78c5766d097cafd
CRs-Fixed: 951959
qcacld-2.0 to qcacld-3.0 propagation
We suspect that the firmware indicator interrupt is being dropped when
the firmware indicator interrupt is disabled. Check the firmware indicator
after reenabling the firmware indicator interrupt.
Change-Id: I600bd9dfae99ab96dfaf7e3448cef9128f8b7357
CRs-Fixed: 925315
Initialization of completion_freeq_lock was removed as part of
removing the completion thread. The lock still protects the
variable num_sends_allowed for copy engines used for sending.
Change-Id: Ia52d2c1b839d2ccfedbd175f1b8f60f953d08203
CRs-Fixed: 951563
Since the wmi tx copy engine's completions can be
processed in both its tasklet context and through
ce_per_engine_servicereap on a polled basis, we
wish to be able to distinguish the when each is used.
Change-Id: I5892eeeab4e1c7e4c35b958d98db7ad0293ec24f
CRs-Fixed: 951569
qcacld-2.0 to qcacld-3.0 propagation.
This fix ensures that a response message is sent back to SME if
a DelBSS/DelSta failure is returned by firmware, without which SME
command can get stuck.
Change-Id: I42425809ef93d447af0b34aee05e601e30a18ccc
CRs-Fixed: 810491
qcacld-2.0 to qcacld-3.0 propagation
WMI changes to add reassoc_req_frame in wmi_roam_synch_event
add WMI_INIT flag for special WOW platform that no need pcie reset
Change-Id: Ica7653166239e5590d1daa62ec46971d8c905915
CRs-fixed: 865207
qcacld-2.0 to qcacld-3.0 propagation
WMI event update to add dd_profile field to RC_TX_RATE_SCHEDULE
and WMI_SCAN_EVENT_FOREIGN_CHANNEL_EXIT
Change-Id: Ic9ba6dd82b2c6ea3d8894665270838a93a702f38
CRs-fixed: 865207
qcacld-2.0 to qcacld-3.0 propagation
Update for green AP feature related WMI TLVs and debug log ids
Change-Id: I1e7463ee201572ec6bd4cdcb681524fa1c68c82a
CRs-fixed: 865207
qcacld-2.0 to qcacld-3.0 propagation
This change introduces 4 ini parameters to configure to firmware
- gEenableEGAP: forcely overwrite firmware feature capb
- gEGAPInactTime: inactivity timeout value
- gEGAPWaitTime: wait timeout value before enter EGAP mode
- gEGAPFeatures: the feature flag firmware would support
WMI_AP_PS_EGAP_F_ENABLE_PHYERR_DETECTION 0x1
WMI_AP_PS_EGAP_F_ENABLE_PWRSAVE_BY_PS_STATE 0x2
WMI_AP_PS_EGAP_F_ENABLE_PWRSAVE_BY_INACTIVITY 0x4
Integrate the hdd_wlan_kick_green_ap to execute the Green AP
and EGAP features, depending on the ini and also the tgt_cfg
capability flag,
Change-Id: Ic5db3990aa0a028ed700f6e2f60a11e75c0f1ed1
CRs-fixed: 929063
qcacld-2.0 to qcacld-3.0 propagation
The firmware reports the Enhanced Green AP (EGAP) service
(EGAP_SERVICE) feature flag to indicate the support of EGAP
feature.
The EGAP is to offload the legacy Green AP feature to firmware
in order to aggressively enable the Green AP other than wait
for host control latency.
Add the knob to hold the EGAP infomation when firmware support
it, also populate the information up to hdd target config.
And then add a SME interface to allow hdd layer to configure
the EGAP configuration.
Change-Id: I9be927369e7cf07731f8e9ba49d65224e05c340b
CRs-fixed: 929063
The condition #ifdef WLAN_FEATURE_LFR is used to include some of
the roaming code. It has been defined for all the recent driver
builds. Roaming code underneath is permanent part of the driver.
Remove #ifdef FEATURE_WLAN_LFR compiler flag from SME so that the code
will always be compiled in.
CRs-Fixed: 936683
Change-Id: I86b9e3dee6b92c89a54de6df769800c31fc3ad17
The condition #ifdef WLAN_FEATURE_NEIGHBOR_ROAMING is used to include
some of the roaming code. It has been defined for all the recent driver
builds. Roaming code underneath is permanent part of the driver.
Remove #ifdef WLAN_FEATURE_NEIGHBOR_ROAMING compiler flag from SME
and CSR so that the code will always be compiled in.
CRs-Fixed: 936683
Change-Id: I63a43b7cfd9360341d4ac4126cbf9fc8ac89071a
The condition #ifdef WLAN_FEATURE_NEIGHBOR_ROAMING is used to include
some of the roaming code. It has been defined for all the recent driver
builds. Roaming code underneath is permanent part of the driver.
Remove #ifdef WLAN_FEATURE_NEIGHBOR_ROAMING compiler flag from HDD so
that the code will always be compiled in.
CRs-Fixed: 936683
Change-Id: I777d48f26aea36383747281bd4fef2eadc7beefb
qcacld-2.0 to qcacld-3.0 propagation
The preauth session is not deleted if the deauth is from host
(eCsrForcedDeauth).
Adds the check to delete the preauth session and stop the
preAuthReassocIntvlTimer timer, in case of deauth from host.
Change-Id: I181344b0f3a41ff5c3a77f30b4c8cf80557c23b5
CRs-fixed: 649521
qcacld-2.0 to qcacld-3.0 propagation
Set TX_USAGE flag for default key (BSS key) when using WEP40 or
WEP140 encryption in AP mode.
Change-Id: Icb4411410d84b05a47f193ffbd632445f736246e
CRs-Fixed: 940725
qcacld-2.0 to qcacld-3.0 propagation
if AP has RSN IE and supports AES, driver goes on to check
WPA IE and if it contains only TKIP in unicast cipher, it
sets cbmode to 0 (20Mhz).
Added a check to ignore the WPA IE if RSN IE is present and take
decision on cbmode with respect to RSN IE only.
Change-Id: I4eaf8a2d6a9f3a43e74e606045af995fbaa800ad
CRs-Fixed: 739345
qcacld-2.0 to qcacld-3.0 propagation
In limSendSmeJoinReassocRsp API, assoc req, assoc rsp, ricData, tspecIes
are sent to SME layer if corresponding pointer in psessionEntry is
not NULL. There is bug here where the pointer is NULL but the length is
non zero. Because of this data is copied at incorrect offset and data
at SME layer is not at right offset leading to corrupted IE in
next re-assoc request.
Fix this by making length as zero whenever we free the data.
Change-Id: I4ba4ff49e56bc2f2758d869eae8ff9370b0c0489
CRs-Fixed: 932712
qcacld-2.0 to qcacld-3.0 propagation
Before transmitting the tdls mgmt frames the STA should be
connected to AP and it should be in authenticated state.
Change-Id: Id79d4e6ad55a6b80e2fac2369f48bedf6551bcd6
CRs-Fixed: 893784
qcacld-2.0 to qcacld-3.0 propagation
Currently, MTRACE logs are not captured for the events posted
from SME to HDD. So, add missing MTRACE log in hdd_smeRoamCallback()
and also add missing eRoamCmdStatus enums in get_eRoamCmdStatus_str().
Change-Id: I26ef8c651b7b873939341b643056ff977a40ea19
CRs-Fixed: 855875
qcacld-2.0 to qcacld-3.0 propagation
As a part of logging enhancement,to make logs more
interactive, changed pmcstate,scanType etc from
numerical values to human readable string in
Protocol stack.
Change-Id: I589088c2c5fd0afa106a1d0773a2ff525b0dd083
CRs-Fixed: 638916
qcacld-2.0 to qcacld-3.0 propagation
Currently for sta mode while sending management
frames such as auth, assoc, reasssoc,deauth,
diassoc driver sends selfStaId. This results
in frames going on the air with the self data
rate and not the data rate supported by peer.
As a part of fix, make sure that the peerStaId is
used for sending above management frames.
Change-Id: Ia368ff13aed1002600f5fb3ad55c3d20106d586a
CRs-Fixed: 826260
qcacld-2.0 to qcacld-3.0 propagation
Even though ADD_BSS fails the driver tries to send DEL BSS to
firmware which will crash upon receiving DEL BSS.
To avoid this crash do not send DEL BSS to Firmware if ADD BSS
fails and just do cleanup.
Change-Id: Ieabf241c8277ae76bb5f491f9d8a2b783d8ea47e
CRs-Fixed: 929249
Qcacld-2.0 to qcacld-3.0 propagation.
This fix contains the following changes
1. Ensure rx mgmt packet is freed in all cases.
2. Fail preauth if the pre-auth response timer
failed to start.
3. Correct some logging and remove unnecessary code.
Change-Id: Icd3a12ba8878de5bad7ff1125ba8be123dfae4eb
CRs-Fixed: 808756
