The connected profile in csr_roam_session is filled after join
success with an AP in csr_roam_process_join_res(). The connected
profile information also has the country code advertised by the
AP over its beacon in the Country Element (EID 7). When STA
roams from AP1 having country IE to AP1 which doesn't have
country IE, the driver checks if the country IE is present in
the AP2 beacon IEs. If the country code is present, new value is
copied, else the older country code value is not cleared.
This results in beacon report failure when roamed to AP2 due
to country code and op class mismatch.
Clear the country code in connected profile before checking if the
country code IE is present.
Change-Id: I503f9761ff33fb245a25b23893360389d7a0b258
CRs-Fixed: 2590117
Currently, bus bandwidth is initialized and deinitialized in
different memory domains which may cause leaks due to async bandwidth
init and deinit.
Fix is to initialize and de-initialize bus bandwidth in active domain.
Change-Id: I67cf9ecdd47c8f3ca6e9b272ca379f0cac9a6c7b
CRs-Fixed: 2568881
Don't set unload flags earlier before unregister_driver when driver
unloading to avoid runtime resume failure. And set this flags earlier
before wait_for_ops in the pld_pcie_remove to give chance SSR will be
skipped if unloading is in progress.
Change-Id: I084db32b436148932a2a90e3e1dcb1122f4303b5
CRs-Fixed: 2589413
When 5G band is disabled by set band, need SAP switch channel
to 2G. When 5G band is enabled again, need SAP switch back to
original 5G channel. When sta connecting, SAP can't switch
channel.
Merge logic of SAP channel switch for band change and for force
scc with sta, both are implemented in:
policy_mgr_check_concurrent_intf_and_restart_sap now.
After sta associate succeed or fail,
policy_mgr_check_concurrent_intf_and_restart_sap is called again
to check and try SAP CSA for band capability change.
Change-Id: I8574209aac3cabb748a8ec05050244f480e1a0e9
CRs-Fixed: 2589021
Reinitialize pcl_weight index in policy_mgr_get_channel_list
for correct connection count.
Change-Id: I96d38f1cb29014517f2c22e360db5d942eb66519
CRs-Fixed: 2589478
LFR2 also need set roam offload flag to fw:
WMI_ROAM_FW_OFFLOAD_ENABLE_FLAG of
WMI_VDEV_PARAM_ROAM_FW_OFFLOAD.
Change-Id: Idbb602b717f46f88426ef36a738efd456ac7af8b
only sets roam offload flag to fw for LFR3.
Change-Id: I0abdab998b7a7c336379ab44ca43ac2fb823eed9
CRs-Fixed: 2580519
Firmware needs maximum amsdu size for through-put optimization.
Send host configured amsdu size to firmware when vdev is created.
Change-Id: Ib292c6d9ddc828d5d0a02cf8f6d9a577c8a5c01a
CRs-Fixed: 2573857
Host still create new P2P IE for NoA attribute even if there is P2P
IE in additional IE from up layer. This change adds NoA attribute to
existing P2P IE directly.
Change-Id: I8585e09ce3d97eb2f6eb67e552659be9962913c9
CRs-Fixed: 2583887
Currently, enable_snr_monitoring doesn't be initialized properly, in
some acs scenario, hostapd will dump survey(NL80211_CMD_GET_SURVEY),
driver return error due to uninitialized enable_snr_monitoring, this
will result in acs won't be started and sap fail to start.
Fix is to remove enable_snr_monitoring from hdd_config struct,
calling ucfg_scan_is_snr_monitor_enabled() everywhere that
enable_snr_monitoring is being used.
Change-Id: I8784867683b21d9441e980a1215b2db712db381a
CRs-Fixed: 2585661
Below are the scenarios where host fails to clear roam in
progress flag:
Case 1: While processing disconnection request
Host should clear roam in progress flag irrespective of
connection state of STA.
case 2: While processing a try-disconnect request
Currently, Host waits for WLAN_WAIT_TIME_STOP_ROAM (4 sec) to
process disconnection, if firmware has already started roaming.
In case if Host doesn't receive roam completion indication from
fw, Host set connection state to not connected and fails to clear
roaming in progress flag. This results host refuses all further
connection request with reason connection in progress.
Fix is to clear roaming_in_progress flag in both cases.
Change-Id: I45d9771bcd546d8914321e3be1a6d0ce6566cdac
CRs-Fixed: 2588803
When SSR sap restart, vdev objmgr object will recreate new, if put set
vdev crypto pararams in wlan_hdd_cfg80211_start_bss(), it will not be
invoked by SSR sap restart procedure, so there is no crypto pararams in
vdev and lead to association failure when compare crypto pararams.
Move back set vdev crypto pararams to wlansap_start_bss so sap start
and restart will both invoke it.
Change-Id: I56656ffacbe153fbe73fb6e474048e055cb6a153
CRs-Fixed: 2584138
When radar is injected at +/-30MHz separation from center frequency
in VHT 80MHz mode incorrect pulse duration is reported in the radar
summary reports and lead to decreased radar probablity detection.
Fix the issue by capturing pulses with such characteristics and
modify them to fit within the valid phyerror pulse duration range.
Change-Id: Ic6314a372d6909448fbe4eb694c41736d1719712
CRs-Fixed: 2577632
Currently, ch_width of session is checked without validating
session which may lead to NULL pointer derefrence.
validate session_entry before accessing element of
pe_session
Change-Id: I1f785555fa77a0c588e9b5245ad513fe059974d0
CRs-Fixed: 2585928
1. Update pAddBssParams->ch_width to 160Mhz ch width value
based on VHT operation IE's ch width, channel segment 0
and channel segment 1 fields.
2. Report link rate information to OS for 160Mhz based on
rate flag TX_RATE_VHT160.
The change will fix the incorrect bandwdith reported by
IW commmand (iw wlan0 link) when STA is connected to AP
in VHT160 mode.
Change-Id: I698b12da825619e8e8f28f0cf4ea1ccf2e7072e6
CRs-Fixed: 2585986
Update tx rate flags to include 160Mhz bandwidth in
wma_set_bss_rate_flags_he.
Add HE 160 mcs to rate mapping for nss 1 and nss 2.
This change will fix incorrect bandwidth report via
IW command: iw wlan0 link.
Change-Id: Idd1adc4f2783b86a2a837999ea87bb38c813f213
CRs-Fixed: 2585078
Currently use of comamnd QCA_NL80211_VENDOR_SUBCMD_OEM_DATA
is to pass data blobs from Application to FW but there is
no mechanism to send the data blobs from FW to Application.
To meet the above requirement update the usage of existing
OEM DATA command to use it as a vendor event as well to
send data blob from host to Application.
Change-Id: I502312f25d2754984b86e1cc4e011800a5d4b58a
CRs-Fixed: 2573464
with a new change I9b2b1ead3b4502022aeefc08359037457bb051f9 added for
to switch from 2.4g from 5g when an indication is received, During the
driver re-initliazation also this function is getting invoked and trying
access freed memory resulting in null pointer deference.
Donot process the function wlansap_set_band_csa when the driver is
recovering.
Change-Id: Iab67d5b77ffc98166bf421ff30bcf641e37fef6a
CRs-Fixed: 2587706
Whenever there is a process waiting on a response from firmware it has the
option of using either a qdf_event or a linux completion event.
The primary difference between these is that if there is an SSR all
qdf_events are immediately completed whereas Linux completion events are
only completed by the normal flow of code.
With new upcoming changes SSR processing will take the normal path for
releasing all of its resources, and the qdf_session_close_event is used for
synchronization.
If we define this as a qdf_event, it will be completed when the SSR begins,
defeating its purpose.
Therefore change this to be a Linux completion event.
Change-Id: Ia6fe504e2a2d01f12c3d3446fffc2fc397566966
CRs-Fixed: 2586190
Currently, after FINAL_BMISS detection, FW does channel map
based partial scan followed by one full scan if no candidate
found in partial scan to ROAM to another available AP without
disconnection. This results in additional delay by HOST in
issuing disconnection after a heartbeat failure.
Add INI support (bmiss_skip_full_scan) to allow FW to decide
whether firmware does channel map based partial scan or partial
scan followed by full scan in case no candidate is found in
partial scan after final BMISS.
Change-Id: I48f9bb43bb7933e9ff173f618586ea5986530dcd
CRs-Fixed: 2578848
pm_freezing check to abort system suspend during psoc idle
restart is not working and hence remove pm_freezing check.
Correct fix(change Ib89eca5014729f6a2103e14c6f46540d1406a5a0)
to reliably abort system suspend by calling qdf system awake
api during psoc idle restart is already present so pm_freezing
check is no longer needed.
Change-Id: Ifb56a2a9858378508ef9e583bdd15e63c26d9ba6
CRs-Fixed: 2587453
Change max value of tx_bf_cap to 4294967295 from -1
which is misconfigured. 4294967295 corresponds to
0xFFFFFFFF which is max value for 32 bit unsigned
int since this CFG item is getting used as part of
4 byte dot11f HT capability population.
Change-Id: Ifd0fea080dd9eb1f6995af0df20c68e3f73b891a
CRs-Fixed: 2581060
Currently, the hdd_update_connect_params_fils_info() function blindly
trusts the size and copies into the fils_info->r_rk buffer, putting it
at risk of buffer overflow. Add a check to make sure the buffer passed
in to be copied to fils_info->r_rk is of the proper length.
Change-Id: I9ad2405ca1acd83591bea2aa43406909ad1c58e4
CRs-Fixed: 2580776
For cdp_hl_fc_set_td_limit() API, use channel frequency instead of
channel number.
Change-Id: Ic053be33ac7c7cbd2543b0208a1184b3f20a4346
CRs-fixed: 2565734
Set seg1 frequency segment in case of 5ghz 160Mhz as
the primary centre channel frequency of 160Mhz band.
Change-Id: Id541419c084d8cdf2a22e84170dbe68d731f5ad0
CRs-Fixed: 2587220
When host sends ft assoc response to supplicant, it
allocates a buffer of fixed size and copies a variable
length of assoc response IEs to this fixed sized buffer.
There is a possibility of OOB write to the allocated buffer
if the assoc response IEs length is greater than the
allocated buffer size.
To avoid above issue validate the assoc response IEs length
with the allocated buffer size before data copy to the buffer.
Change-ID: Ife9c2071a8cc4a2918b9f349f4024478f94b2d78
CRs-Fixed: 2575144
Issue happen when:
thread1:
rmmod driver, wlan_hdd_pld_remove which will get psoc trans.
then try to get rntl_lock in hdd_unregister_wext;
thread2:
trigger iw del interface, cfgops in kernel will get get rtnl_lock,
in wlan_hdd_del_virtual_intf, vdev trans will be blocked by psoc
trans in thread1. as thread1 it is also waiting for rtnl_lock, so
both thread will be stuck.
Fix is:
In psoc trans, vdev trans and vdev ops is not allowed, which should
return directly.
Change-Id: I9cbd04bac438bb9483b4e89e73801fe71859e139
CRs-Fixed: 2583675
Fix compile issues when some features are disabled, the features are:
BUILD_DEBUG_VERSION
CONFIG_CP_STATS
CONFIG_HOST_OPCLASS
CONFIG_FEATURE_ROAM_DEBUG
There are some other features depends on each other, so enabled features to
qcs40x.snoc.perf_defconfig, the features are:
CONFIG_WLAN_FEATURE_FILS
CONFIG_WMI_ROAM_SUPPORT
CONFIG_WMI_STA_SUPPORT
CONFIG_REG_CLIENT
CONFIG_WLAN_FEATURE_DP_BUS_BANDWIDTH
CONFIG_WMI_CONCURRENCY_SUPPORT
CONFIG_LL_DP_SUPPORT
Change-Id: I6fa1eacb79576a955e593dbb9ac52083742275e3
CRs-Fixed: 2354496
