Prepare to replace channel id with channel frequency of struct
bss_description, first cleanup reference of channel id of struct
bss_description in csr_api_roam.c, use channel frequency instead.
Change-Id: If584dcbd5a6c1718af1902799e1f679898ef3585
CRs-Fixed: 2491396
Add op_freq in tagCsrRoamConnectedProfile. Finally remove
operationChannel from tagCsrRoamConnectedProfile in next
few changes.
Change-Id: Ie9be4b59483412866d915448b33f8cb6cc9e2d7c
CRs-Fixed: 2489893
Currently btm offload command is sent to FW as part of RSO Start
for all type of roam req reason and btm offload disable command is
sent to the FW as part of RSO STOP. In case of STA+STA concurrency
case, while btm offload is enabled for the 2nd
STA after UPDATE_CFG sent for STA1, the FW asserts because it has btm
offload enabled for STA 1 while UPDATE_CFG and has not deconfigured
it yet. Send btm offload enable command as part of RSO Start in case
of roam_req->reason == REASON_CTX_INIT only to the FW so that it
configures btm for the currently enabled STA only in case of INIT
and re-configures for the second STA without assertion.
Change-Id: Ib146072c7cd0543ea82122702d6585d1d2a2e2d1
CRs-Fixed: 2493122
Add op_freq in csr_roam_profile. Finally remove
operationChannel from csr_roam_profile in next
few changes.
Change-Id: I7a3d7fe7e77b18424f487429aaa19ca1a97b8aba
CRs-Fixed: 2489914
Prepare to replace channel id with channel frequency of struct
bss_description, first cleanup reference of channel id of struct
bss_description in lim_api.c csr_api_scan.c csr_host_scan_roam.c
csr_roam_preauth.c csr_util.c, use channel frequency instead.
Change-Id: I86864c73c429c52399819532cd9b957f66ed94f0
CRs-Fixed: 2491406
Replace channel ID(rx_channel) with channel frequency(
rx_freq) in struct bss_description.
Remove a few camel cases in function
lim_collect_bss_description.
Change-Id: Ic6051fa62d2fe0aa10a6d2a3568aeff75daa813f
CRs-Fixed: 2492155
2G active dwell time parameter is not updated as per
requested duration value from 11k supported AP.
Updated 2G active dwell time scan request parameter
with the beacon measurement requested duration.
Change-Id: I93ab71aea3317e21dab4eccce8c698a6fe3a366d
CRs-Fixed: 2487725
Replace channel ID(channelId) with channel frequency(
chan_freq) in struct bss_description.
Add code for chan_freq's value population in the same
struct wherever channelId's value population occures.
Remove a few camel cases detected by checkpatch.
Change-Id: I84d193b67f642df310997865ec6e1b62e3518f98
CRs-Fixed: 2488826
This command is used to send OEM data binary blobs
from application/service to firmware.
Change-Id: I0b5d7dd5a030b70e59c8581fb51d99079b38385f
CRs-Fixed: 2477332
In DBS, LFR 2.0 takes more time to complete the roaming sequence
due to DBS config changes through policy manager. If roaming is
in progress and cfg80211 issues disconnect, disconnect handler is
supposed to wait for 4 sec before processing. In some DBS scenarios,
4 sec wait timer can expire and disconnect proceed for clean up
before the roaming sequence can complete, results in race condition.
Thus adding CSR state check before proceeding with LFR issue connect.
Change-Id: I794c6bf3f749bba9c339fd18b5202d50091b73a7
CRs-Fixed: 2481706
When the set key timeout occurs and there is a disconnect
triggered from userspace during the set key timeout, then the
disconnect proceeds to free the roam_profile for the csr
session. And when the set key timeout handler
csr_roam_wait_for_key_time_out_handler() is invoked, it tries
to access the roam profile from csr_roam_link_up()->
csr_neighbor_roam_info_ctx_init(). This results in a race between the
supplicant thread and scheduler thread.
Acquire sme global lock before call to csr_roam_link_up() to avoid
this deadlock.
Change-Id: I1dd0bec7afa191648d064a1935a33d9612bb89bc
CRs-Fixed: 2486186
The SAP channel change can be called in scheduler thread and thus
waiting for hw mode change in scheduler thread will always lead to
timeout and thus channel switch failure.
Fix is to avoid wait and continue channel switch after hw mode
change is completed.
Change-Id: I951fab6c95ff2a84d6a619859295b830685fac4e
CRs-Fixed: 2484147
In SAP mode when driver receives deauth and disassoc commands
for any sta, this command is getting queued in to sme command
queue in pending list with low priority, it means these
commands will be inserted at the tail of the queue. These
commands have timeout of 30 seconds. If any command is in active
list with high priority and higher timeout that command will not
let the deauth and disassoc commands to process and these commands
will get timeout. This will result in failure of disassoc and
deauth commands.
For example if driver operates in STA+SAP mode and sta issues
a connect request to some AP, in connect path driver tries to
move to single mac mode(SMM) and issues the command for the same.
SMM command is pushed in sme queue and now if SAP issues a
disconnect command for some connected station this command is
pushed after the SMM command. Since connection for STA is still
going on so SMM command does not process as it is waiting for
key. And wait-for-key timeout is around 120 seconds, SMM command
can not execute until wait-for-key timeout occures which results
timeout of the SAP issued disconnect command which is behind the
SMM command in the sme_command queue.
To resolve above issue change the priority of the disassoc and
deauth commands to high priority which will allow to push these
commands to the front of the sme_command queue and since these
comands does not wait for wait-for-key timeout, theses commands
will get a chance to execute.
Change-Id: I613bbd11b9172902dd8828fa04c778b4cfe6be14
CRs-Fixed: 2484608
Driver has a stats infrastructure and all the stats related
commands are using this infrastructure and for this
target_if_mc_cp_stats_stats_event_handler is getting used.
Remove legacy implementation of stats event handler
wma_stats_event_handler and related APIs.
With this change remove unused structures also.
Change-Id: I9a892b5f7486a406654256fc2cc8177f2fafe790
CRs-Fixed: 2481937
AP may send IEs in deauth/disassoc frames as part of disconnection.
Extract the same and forward to kernel through
cfg80211_disconnected().
Change-Id: I4ef339dcd1ecff64d6bed1de35621ecce5d8030a
CRs-Fixed: 2481912
Application sends disconnect IEs to driver through vendor command
SET_WIFI_CONFIGURATION by embeding in the attribute
QCA_WLAN_VENDOR_ATTR_DISCONNECT_IES. Extract the same and validate
to make sure it's not more than maximum IE length that can be
accomodated in deauth/disassoc frame. Cache the extracted IEs
in mlme vdev object.
Change-Id: I6c95aa1d4d8ef7d8ed3ad5be8832ef1f45c26a2f
CRs-Fixed: 2481908
Driver has a stats infrastructure and all the stats related
commands are using this infrastructure.
Remove legacy implementation for get station stats api
as part of cleanup.
Change-Id: Iadc7fceccec32e7a27c29872fb13c03f79208965
CRs-Fixed: 2480770
Currently the driver sends the update cfg RSO command to the
FW, which updates the channel list to which the FW should roam
to find other BSSIDs.
Before the connection is established all the channels are sent
to the FW, but after the connection is established only few
channels are present which reduces the scan time, and reconnection
time to the new BSSID.
But when the FW gets the new channel list as part of RSO after
th connection, it appends the new channels with the previous
list that it received, and hence scans all the channels when
roaming happens, which in turn consumes power, and reduces battery
life with no extra advantage.
Fix is to reject the update cfg command in the disconnected state
as whatever updates are done are cached in the driver, and are
always sent to the FW after the connection is established.
There is no point to send the updated cfg params everytime,
if the driver already sends the command just after the connection.
Change-Id: I19caf194edc1dc038abdfb5b03e69afba48ffc89
CRs-Fixed: 2469350
Driver has a stats infrastructure and all the stats related
commands are using this infrastructure.
Remove legacy implementation for congestion stats command
as part of cleanup.
Change-Id: Ia8b919ad7cea4f47d5480b9f8e0f4636783ce6c3
CRs-Fixed: 2480246
Driver has a stats infrastructure and all the stats related
commands are using this infrastructure.
Remove legacy implementation for get rssi command as part
of cleanup.
Change-Id: I7a837d780c6a1551db0929e6ec7e73daaf479429
CRs-Fixed: 2480770
Update the scan channel list with HE capability information when
the channel list is sent to FW so that FW includes the HE capabilities
IE in the probe request frame during scan.
Change-Id: I1ad3b15e447845ac06d30e92195b5e4ab8a78d9d
CRs-Fixed: 2467024
If memory pNewBssDescriptor is allocated successfully, it should not
return, otherwise there is memory leak.
Return if memory pNewBssDescriptor allocation fails.
Change-Id: Ibe906abe890630efa1ea5dafaef40afc2822158e
CRs-Fixed: 2476403
Fix out of bound issue in get pcl API where the
num of channels in the valid channel list can be
greater than the pcl list size, and can lead to
out of bound access.
Change-Id: Id3d34ff66c712bf310ae2689c43ce873f5c87fca
CRs-Fixed: 2475705
wpa_supplicant sends connect request with open auth and pmkid
when PMK caching is enabled and if it has PMK/PMKID cached.
Set rsn_auth_type to SAE when connect request has AKM as SAE
auth_type as open.
Set negotiated auth type to OPEN in SAE with pmk cache case as
open authentication going to happen. Similar fix is applicable
for FT-SAE. Handle the same.
Change-Id: I9ccc419bd439702041840b0194bb0622d7856255
CRs-Fixed: 2467813
Processing beacon request may fail due to
some reason.
In Ie07dbb1f45803cf93b45df2173f0ad064a194cb3,
sta fails to send empty beacon report to
AP and frees current rrm beacon request structure
because it doesn't find matched session by bssid
in rrm_process_beacon_report_xmit.
Copy bssid of beacon request to rrm session then
sta can send empty beacon.
Change-Id: I962d058d5e3f8f85194f4197c5ff8c061d56f60c
CRs-Fixed: 2472377
Fix the logic to not to advertise twt requester for SAP &
twt responder for STA.
Change-Id: I153f7c52d0107c75f7c59b4c880bb4aa0757356b
CRs-Fixed: 2473541
Linux coding guidelines don't allow use of camel case identifiers.
So rename selfMacAddr to self_mac_addr to be in compliance.
Change-Id: Id70e00744883f9fd797da8d4bb1cf4f65c8aa9ff
CRs-Fixed: 2463827
Disable LFR2 in cld-3.2 mainline as roaming is offloaded
to firmware in LFR3. Also fix linker issues with lfr2 disabled.
Featurize LFR2 properly with adding correct header files
and bringing LFR2 only functions under WLAN_FEATURE_HOST_ROAM
compile time flag.
Change-Id: Iac81b693feaab503d371753a4d16cc3e70df2a87
CRs-Fixed: 2459786
Optionally set by userspace to request the driver not to resume
beacon reporting after a pause is completed, when the
QCA_WLAN_VENDOR_ATTR_BEACON_REPORTING_OP_TYPE is set to
QCA_WLAN_VENDOR_BEACON_REPORTING_OP_START.
If this flag is set, the driver will not resume beacon reporting
after beacon reporting pause is completed. Userspace has to
send QCA_WLAN_VENDOR_BEACON_REPORTING_OP_START command again in order
to initiate beacon reporting again.
If this flag is set in the recent
QCA_WLAN_VENDOR_BEACON_REPORTING_OP_START command, then in the
subsequent QCA_WLAN_VENDOR_BEACON_REPORTING_OP_PAUSE event (if any)
the QCA_WLAN_VENDOR_ATTR_BEACON_REPORTING_AUTO_RESUMES shall not be
set by the driver.
Change-Id: I371a218cb513dcb077b7df675c549818c2b657b2
CRs-Fixed: 2466480
In order to process QCA_NL80211_VENDOR_SUBCMD_BEACON_REPORTING
vendor command, driver sends remove beacon filter cmd to fw to
allow fw to send all beacons of connected AP to driver.
But in some cases fw may wakeup host in wow mode.
To avoid these cases, with this change beacon reporting feature
will use WMI_VDEV_PARAM_NTH_BEACON_TO_HOST
command to FW instead of WMI_RMV_BCN_FILTER_CMDID
With WMI_VDEV_PARAM_NTH_BEACON_TO_HOST, in case of active reporting,
fw should send all beacons of connected AP to HOST
and also no wakeup of driver should happen in wow mode.
Change-Id: I9d0e255a6d4accb523bf4613146574239e7e0d09
CRs-Fixed: 2471627
Command timeouts for VDEV stop and PEER assoc/delete is 2 sec, which
doesn't consider delays in scheduling.
To consider scheduling delays set these values to 4 sec and change
the serialization and HDD timeouts accordingly.
Change-Id: Ifc8ca857727a7e73bbae586c0728816024f1c687
CRs-Fixed: 2472122
Propagation from qcacld2.0 to qcacld3.0.
The WMI CMD and EVENT of "get antenna isolation" are already defined,
but not used before in qcacld3.0.
Now, The host driver uses vendor command to get this information
instead of iwpriv command in qcacld-2.0.
The attribution of this feature is already defined in file
"qca_vendor.h". The name is "QCA_WLAN_VENDOR_ATTR_ANTENNA_ISOLATION".
So host driver will use vendor command
"QCA_NL80211_VENDOR_SUBCMD_GET_HW_CAPABILITY" to get the information
from lower layer.
Change-Id: I915768f622ddc9a70a95ce4fe952f19917a8f901
CRs-Fixed: 2447360
pScanFilter->BSSIDs.numOfBSSIDs is allocated as part
of function csr_neighbor_roam_prepare_scan_profile_filter
and this memory is not freed in error cases.
Hence free the allocated memory of pScanFilter->BSSIDs.numOfBSSIDs
in error cases before returning from function
csr_neighbor_roam_prepare_scan_profile_filter.
Change-Id: I411dba7ead796f84994e633a387730de6ee4d579
CRs-Fixed: 2464822
Set BSSID state as disconnected when roaming is successful
so that blacklist manager can clear the AP info if the
nud failure did not come for blacklist reset time value.
Change-Id: Ie602c02d7a43b46daa7f1b1f85cd98628da91280
CRs-Fixed: 2467319
eCsrAuthType is the enum of AKMs to be used during connection.
So the name eCsrAuthType is misleading as akm and auth algo are
different.
Also the Linux Coding Style doesn't allow mixed-case names and
so-called Hungarian notation, so rename the enum eCsrAuthType to
be compliant.
Change-Id: I35e18d1f84babd0ef2928ae9d7258028d4c9b3c5
CRs-Fixed: 2463813
The Linux Coding Style doesn't allow mixed-case names and
so-called Hungarian notation, so rename the pMsgBuf to be
compliant.
Change-Id: Ia28e9e8ce69c7fbb6853278ccdb12e722ec24e06
CRs-Fixed: 2463442
The Linux Coding Style doesn't allow mixed-case names and
so-called camelcase notation, so rename the statusCode to be
compliant with the coding style.
Change-Id: I98e0af710401a9718bdc1402617253eb970c5861
CRs-Fixed: 2463825
The Linux Coding Style doesn't allow mixed-case names and
so-called Hungarian notation, so rename the identifier pBssDesc
to be compliant.
Change-Id: I0980de75bbaaeb1eee9321621da1f3ff90e09188
CRs-Fixed: 2463446
Validate the CSR session before accessing it as the session can be
NULL for invalid session id.
Change-Id: I090d75a44bb9e78cbf7f10ac08ccad9f664e6e06
CRs-Fixed: 2462598
Currently in these APIs, driver has a potential mem leak if
the code deviates from the success path:-
1. sme_ap_disable_intra_bss_fwd, param pSapDisableIntraFwd
was not freed in case of mutex acquire gets fail.
2. sme_set_wisa_params, param cds_msg_wisa_params was not freed
in case of mutex cquire fail, and in case of msg failed to
post to scheduler.
3. sme_update_sta_inactivity_timeout, param inactivity_time was
not freed in any case, and has to be freed after use.
4. wma_del_tdls_sta, param peerStateParams needs to be freed
in every failure case, in which the driver sends a del rsp in
error case.
Change-Id: Ibb6061dc399c0f408e7469e91d8084c82786a561
CRs-Fixed: 2466435
Free Dynamic allocated memory in following scenarios:
1. In __lim_ext_scan_forward_bcn_probe_rsp()
Free dynamic allocated memory for result in failure case
2. In sme_oem_data_req()
Free dynamic allocated memory for oem_data_req in failure case.
3. In sme_notify_ht2040_mode()
Free dynamic allocated memory for pHtOpMode in default case.
4. In sme_send_rate_update_ind()
Free dynamic allocated memory for rate_upd if mutex acquire
fails.
5. In sme_txpower_limit()
Free dynamic allocated memory tx_power_limit rate_upd if mutex
acquire fails.
Change-Id: I5deccb5ac10f69ad00ea860f43c821ee7e90c71e
CRs-Fixed: 2465786
As a SAP, there are two paths to deauthenticate peer STA as:
1. Deauth issued from south bound interface (peer sending deauth etc)
2. Used issued deauth from upper layer (via hostapd_cli)
We have a race condition when deauth comes for the same peer from both
the ways resulting into process one after another.
This is happening since no check is being done at north bound interface
before issuing deauth request to SME.
Adding a check validate if deauth already in-progress for the mentioned
peer before issuing deauth req.
Change-Id: I2050cf5558dbdf6d656694c39e9f1e461e17bf01
CRs-Fixed: 2459967
Failed to set the RRM scan dwelltime below 40ms.
Modified RRM scan request API to accept active dwelltime
below 40ms and 110ms for passive scan.
Change-Id: I0a1030c6c719950c08db0bc164623556b187fe9d
CRs-Fixed: 2454281
