Force set peer's phymode to the phymode of current interface if first
one big then second one, then TDLS link can't select more better
phymode when DUT support VHT mode and connect to 11A mode AP.
Change-Id: Idc72e04dcdf7ead3b52effc2c06862bc9dddd732
CRs-Fixed: 2512622
If STA disconnect failed for any reason, cleanup IPA STA iface
if not already done.
Change-Id: I27ff33324bc4724e8470af9a0c434fa03e8aa5c3
CRs-Fixed: 2505563
Set hidden_ssid when restart sap on another channel, currently tested 2
methods to restart sap on another channel: 1, force-scc switch to station
channel; 2, iwpriv wlan1 setChanChange x. Both of them run into error
state: with hidden_ssid set in hostapd.conf: ignore_broadcast_ssid=1,
after channel switch, APUT reply broadcast probe request with it's SSID.
Copy pe session parameter: ssidHidden which stored user setting to next
channel vdev start.
Change-Id: I56580529e2b0db673c6b28c75094a7fd225cba77
CRs-Fixed: 2506214
Unused members of delete bss params structure are removed
and structure is re-framed.
Change-Id: Ib2e7c72e0636765341792a79aa12968a84ed4879
CRs-Fixed: 2512877
When wifi is off wlan module is closed and hence allow cfg80211
suspend/resume to pass and return success to kernel.
Change-Id: Ic7d43a690c75be1254afa97f872d5c8228f93fcc
CRs-Fixed: 2512492
Currently the function hdd_roam_deregister_tdlssta is not declared
as static when the macro FEATURE_WLAN_TDLS is not defined. This can
cause a multiple definition error.
Declare the function as static so as to avoid this build time error.
Change-Id: Id85f8bed57a7bdfbeac5722ea687066f7f74a50f
CRs-Fixed: 2511744
Currently roam channel list is directly accessed from
mac->roam.neighborRoamInfo[sessionId].cfgParams.channelInfo
in multiple APIs to set/clear.
This needs to be enhanced as as firmware supports two channel
lists(static and dynamic) for roam scan, userspace may configure
both the lists. Cleanup the APIs to accommodate both of the
channel lists. Rename the variable channelInfo of cfgParams to
specific_chan_info to suit the usage.
Change-Id: I67548bc040c2296b75b9429f5891a5251a2a88d6
CRs-Fixed: 2507157
Legacy code releases vdev start wakelock after vdev down
command sent to firmware to overcome race condition. Target_if
common code takes care for wakelocks.
Hence, do not release start wakelock in legacy code.
Change-Id: I550ffb17e2e29f3b0bad618dc9ef9463a94800aa
CRs-Fixed: 2512151
In function wlan_hdd_set_sap_csa_reason, sap_ctx pointer is
dereferenced without NULL check.
Add NULL check to avoid null pointer access.
Change-Id: I74bbfdcae6d5a06d5eaf0cd66e3ff9c3380c6bb0
CRs-Fixed: 2512034
Add configuration for gpio pin used to send strobe to wlan hw.
The host driver will latch the current time and toggle the gpio
to generate a strobe to wlan hw.
The tsf will be latched on detecting the strobe and it will be
made available in a register for sw access.
The wlan fw will read this tsf and report it to driver using tsf event.
Change-Id: I4365d97d22836ddbbd2bf9913d4f723e5a870369
CRs-Fixed: 2495152
For runtime PM if the bus is suspended driver need to consider
extra 6 sec time for bus resume.
Thus add 6 sec extra in WMI timeouts if runtime PM is supported.
Change-Id: I5515cc889a0315382bac11a33ea6f901b7af1c46
CRs-Fixed: 2507029
In case of HL, send tx completion bit in HTT tx descriptor
to receive tx completion from FW and disable DHCP indication
to FW properly.
Change-Id: Iff8e0c1f5d95c4f62af8b498552d92b57006969c
CRS-Fixed: 2506011
Replace lim functions parameter struct scheduler_msg
with struct bss_params.
Internal functions don't need param struct scheduler_msg,
wma can call lim API: lim_handle_mlm_add_bss_rsp directly
instead of post msg.
Refactor struct bss_params memory free method.
whether success or fail when handle lim add bss rsp,
struct bss_params memory need free, it is simple and
clear to free only in one place: end of
lim_handle_mlm_add_bss_rsp.
Change-Id: I2d5d647a6949b1e0bdfbbe9a4dfb390a362a75ee
CRs-Fixed: 2508876
This member renamed by another change recently, and change here
accordingly to avoid compilation issue.
Change-Id: I65903cdb5255deca4b4a83daceec178790e76501
CRs-Fixed: 2505462
Currently the host driver sets PMKSA op_flag for flush and
delete PMKSA entry as in both the cases PMK length is 0.
This is not correct because for delete PMKSA command only
the bssid and SSID will be sent to the firmware.
For the host driver to distinguish between del_pmksa and
flush pmksa, the is_flush_all flag should be used.
is_flush_all: true - Flush pmksa
is_flush_all: false - set/del pmksa based on the action flag.
Change-Id: I7eac65317a9c6904cfd08acce328a65df451269e
CRs-Fixed: 2503372
Cleanup ol_txrx_flush_cache_rx_queue to find peer
from peer_list instead of sta_id.
Change-Id: Ia737e732051f3cdad53b1a552eb273b8a05562aa
CRs-Fixed: 2508259
The mapping of sta_id to the adapter in hdd context stores the adapter
with respect to the corresponding sta_id. Currently, the mapping is not
used anywhere in the driver even though the adapters are stored in it.
As there is no usage for the mapping, remove it as a part of sta_id
cleanup effort.
Change-Id: I26590a69e61d82f723a83eb3f9f24c42afa6c5a2
CRs-Fixed: 2511767
As part of the tdls vdev creation, tdls osif memory is allocated
and not freed in the error condition, which can result in the
memory leak.
Free the tdls osif memory in the error condition
Change-Id: I084b14c4277be3e88142e3eaaabcf3293a15f220
CRs-Fixed: 2507609
The sap unsafe channel restart process include two subprocesses: CSA ie
update and channel switch, but CSA ie update request using
mac->sap.SapDfsInfo to save target channel switch parameters, which
would be overwritten by 2nd sap restart at same time. For example:
SAP1 on chan 1 and SAP2 on chan 36, then lte coex mark chan 1 and
chan 36 as unsafe channels, now SAP1 and SAP2 would switch to same
channel, but actually they can be on different channels doing DBS.
To fix it, one option is save the target channel switch parameters to
different session, but looks it may introduce a lot of code change,
because the logic is shared with DFS/concurrency. So the simple option
is making sap unsafe channel restart execute once at same time.
Change-Id: Ieaab3007fb6e79a9741f892e86771d2f52c03e3c
CRs-Fixed: 2504867
If g_sta_sap_scc_on_lte_coex_chan != 0, the SAP and
STA SCC on unsafe channel is allowed.
The change keeps the unsafe channel in SAP channel
list if STA is active on the channel.
Change-Id: I328841df611a000b1c4d4d09618a4035f0b7fba6
CRs-Fixed: 2509730
Refactor vdev stop and down code to target_if common code.
Remove legacy code for vdev stop and down.
Change-Id: I4ab0743d39a3b37816ab9f18e8850cadf1335c15
CRs-Fixed: 2506649
This reverts commit I04631ffd611d6ded318ddfb65b2dfeba479c9bdc.
Currently, for all the peers cleanup is done in lim and wma layers
to remove this peers. The original change is deleting the ndi
peer in HDD, and can lead to memory overwrites.
Hence reverting the change.
Change-Id: Id0083c3d1612f0fdccb6fca2c9cc4c03f607a139
CRs-Fixed: 2507142
In function csr_check_concurrent_channel_overlap, local
variable intf_ch is defined as uint16_t, but its pointer
is casted to uint32_t * before invoking
policy_mgr_get_sap_mandatory_channel, which will do
32-bit memory write and causes a stack memory over-
writing.
Call Trace:
dump_stack+0x46/0x59
print_address_description+0x66/0x22b
kasan_report+0x21f/0x245
policy_mgr_get_sap_mandatory_channel+0x1fd/0x258 [wlan]
csr_check_concurrent_channel_overlap+0xf84/0x10d2 [wlan]
sme_check_concurrent_channel_overlap+0xaa/0xf0 [wlan]
wlansap_check_cc_intf+0x102/0x124 [wlan]
wlan_hdd_get_channel_for_sap_restart+0x506/0x8f8 [wlan]
policy_mgr_check_sta_ap_concurrent_ch_intf+0x35e/0x425[wlan]
process_one_work+0x2cc/0x53b
worker_thread+0x357/0x490
Change the type of the 2nd parameter to uint16_t within
function policy_mgr_get_sap_mandatory_channel, so only
16-bit memory writing will take place.
Change-Id: If514a394e65d005a1fe025c0e753bf7440dd5dde
CRs-Fixed: 2508798
Direct buffer tx component initializes in target_if_init, which cause
platform assert since g_umac_glb_obj is NULL. So change the order to
avoid NULL pointer access.
Change-Id: I348775d08ccc478caef605c2ae8d1b6d65d77eb2
CRs-Fixed: 2497809
Avoid compiling ol_rx_reorder.c and ol_rx_reorder_timeout.c
for low latency and only compile for high latency
data path.
Change-Id: I1f3819fa093766abba87e5dc6dc44e6d2188740b
CRs-Fixed: 2506005
In "Change-Id: I2896f7704ffb809214c5b08756c4b8673307fd9e", parameter
type of hif_get_hal_handle changed from void to hif_opaque_softc,
which cause compilation failure in wma_init_dbr_params.
Change-Id: Idbb591bb1ea1507661882fe48b18eaaffcac164d
CRs-Fixed: 2504894
Support monitor mode enablement by changing driver mode, and also
remove the support that enable monitor mode with insmod parameter
"con_mode_monitor = 4", use "con_mode = 4" instead.
enable monitor mode steps for reference:
(1) change driver mode
a. svc wifi disable
b. echo 4 > /sys/module/wlan/parameters/con_mode
c. ifconfig wlan0 up
d. iwpriv wlan0 setMonChan 11 0
(2) insmod with kernal parameter way
a. insmod /vendor/lib/modules/qca_cld3_wlan.ko con_mode=4
b. ifconfig wlan0 up
c. iwpriv wlan0 setMonChan 11 0
Change-Id: Ie615533d060261d545b3b92bea9916099ccccadd
CRs-Fixed: 2494158
Presently in the driver, in function hdd_objmgr_create_and_store_vdev
the vdev object is created and stored. In case the creation of the vdev
fails due to some reason, the corresponding error condition tries to
free the osif_priv pointer. This osif_free pointer is actually already
freed as a part of vdev_obj_delete -> vdev_release_ref -> vdev_obj_free.
As this is already freed, a possible double free scenario can occur in
the original error handling scenario.
To avoid this scenario, do not free the osif_priv pointer in the error
handling as it is already taken care in the caller.
Change-Id: I7fc7be187ce1e303c81da885a75c600a7b6c4b3e
CRs-Fixed: 2507432
