Platform driver is still doing MHI cleanup at the current location of
clearing the recovery flag. Clear it after platform driver callback.
Change-Id: Ifa81950790fa3d2704ed1aed85301a99c6383470
CRs-Fixed: 2526873
Currently the driver does undo acs which clears away
the acs cfg ch list, master ch list, and sap_ctx->ch_list
before the ACS is complete (race condition), which can
lead to pointer access after free.
Fix is to wait for ACS complete event, and then clear away
the above mentioned ch lists.
Change-Id: I55de1e94d1fc3ebb99891465131de11ea3204778
CRs-Fixed: 2519650
NAN_NDP+SAP concurrency is not supported. Disable all NAN_NDP
sessions on SAP startup.
Change-Id: I73284ef4f820dd15df808b9c44da5f09c6b5db26
CRs-fixed: 2524112
If wma ready event timeout, and pdev has been created but not
yet finished wmi_ready, so it will cause pdev object leak.
Fix is to release pdev without checking if wmi ready here.
Change-Id: Ib03a7a2733cd399064d68e4cb5ff8f699be62024
CRs-Fixed: 2525749
Currently the driver flushes the scan entry in the scan
db for the BSSID which it was connected to in deauth, disassoc
and lostlink case.
In case of disassoc, and deauth, ap is still alive, hence
there is a chance for connection, but in lostlink case
there is no chance as the AP is switched off.
So if the supplicant finds the scan result in the scan
cache, it would try connect with this, but since the AP is not
present, and cannot service anymore, it would result to a
failed connect attempt.
After several failure attempts, supplicant would blacklist the
AP for some time.
If the AP is alive again, the DUT cannot connect to it since
it is blacklisted. Hence this situation leads to blacklisting
a AP which did not send any assoc reject, and can service the
DUT.
Fix is to clear the scan cache so that supplicant cannot try to
send connect request for this AP to the driver, hence there
would be no point to blacklist the AP.
This would ensure the wireless connection with this AP in
future.
Change-Id: I14fb36ef588856750917d83c32644b135186def9
CRs-Fixed: 2525539
CONFIG_LEGACY_CHAN_ENUM has been removed. That macro needs channel number
based enumeration. Use channel frequency going forward. So change to
frequency based channel enumeration.
Change-Id: I234eb070a6dcfaf3325bbd523c19188d5b2bbd24
CRs-Fixed: 2513098
In __iw_set_pno if memory allocation for data fails the vdev ref is
not released. Also the osif code uses WLAN_LEGACY_MAC_ID instead of
WLAN_OSIF_ID to take the vdev ref.
Fix the vdev ref leak and use WLAN_OSIF_ID to take vdev ref in
__iw_set_pno.
Change-Id: Ibb7e10ad51e36bbbcf4238aa099e2a05818ea1c1
CRs-Fixed: 2525960
When WMI_IFACE_LINK_STATS_EVENTID is received, WMA layer should
check FW service bit to confirm if HW db2dbm conversion is
enabled or not, or the final results indicated to HDD layer
will be inaccurate.
Add FW service bit checking to make sure db2dbm conversion is
done by driver when HW doesn't support it.
Change-Id: Id369999e4d5a6805200de82d1e8caf3121582c40
CRs-Fixed: 2506620
It need rx chainmask to select noise floor when start spectral gen3
scan and rx data by DMA. So set rx chainmask before start spectral
scan.
Change-Id: I63efd8f5384537b5697ba809bb05fdd17e243210
CRs-Fixed: 2519366
Spectral tool is required to compatible with different version of
spectral, so add version information in SPECTRAL_SCAN_REGISTER_RSP.
Change-Id: Id766d95463e511209c752a428761fe7f1380c53e
CRs-Fixed: 2495259
Currently the driver is not included the VHT capability
on 2.4ghz band if gEnableVhtFor24GHzBand ini is enabled.
As a result the driver is not advertising the VHT support
on 2.4ghz band in wiphy per band info even gEnableVhtFor24GHzBand
ini is enabled.
To resolve this, add VHT capability in the wiphy for 2.4ghz
Change-Id: If36b0ad9bf546e54542485637a99c1ee82b1850e
CRs-Fixed: 2495337
Printing the tx queue stats on to the console in
the timer context causes a watchdog bark due to
excessive logging.
Reduce the log level for the stats dumping
from timer context.
CRs-Fixed: 2522067
Change-Id: Ic8162fabf552f6e5103427298229385d68dbbfbb
Pointer hdd_ctx returned from the call to function cds_get_context may be
NULL and will be dereferenced. Move the recording of timing of runtime
PM operations to after validation of hdd_ctx.
Change-Id: I5da02c3fdb695be25bf0b59f4fe33e599e751d03
CRs-Fixed: 2524971
Currently the driver does not check if the state
is key exchange in progress and suspends wlan
before set-key happens which further results in
FW also in wake up state.
This would result in delayed EAP exchange, and also
in power loss.
Scenario:-
1. Turn on STA and try to connect to enterprise network
2. Turn off display.
Here the display turn off would trigger APPS suspend
while the STA is trying to connect, and authenticate
and since there is no check in driver to prevent
suspend in set key in progress state, it would result
in a FW assert, as the expectation of FW is to allow
suspend only after set key has been done.
Fix is to prevent WLAN-suspend in case of connection
in progress, and allow suspend only in connected
and authenticated state.
Change-Id: Ic173116f7ba424005d938a43c75831a6a4dc874c
CRs-Fixed: 2512866
Initialize mic work for QDF_FTM_MODE in
hdd_open_adapter to avoid touching uninitialized
lock in hdd_mic_flush_work as part of hdd_stop_adapter.
Change-Id: I280de93b2408acba4da363ecd292f811f6301d31
CRs-Fixed: 2523654
To pass WFA 11N 4.2.25 case, it's needed to enable legacy mode
SIFS burst. So add INI to make SIFS burst mode configurable.
Change-Id: I740fe33a7ae0d9b558aa3b3aeee434f482ed24cb
CRs-Fixed: 2486171
Currently, the connection_in_progress flag in hdd_ctx is not reset
as part of SSR this can lead to scan reject after SSR.
Change-Id: Icc7889eb3140f02dd100d05e812d5573ebcae63c
CRs-Fixed: 2516937
In function hdd_softap_set_channel_change, vdev is passed to
function wlan_vdev_mlme_get_opmode without taking reference.
This can lead to NULL pointer access.
Change-Id: Ibbc58a1e7a4be0e0e34982b99541a63cd77e0480
CRs-Fixed: 2518560
Local peer_id is being cleaned up across DP, HDD and PS/WMA.
So, any references to local peer_id/sta_id will be replaced
by peer mac address and all interactions between the layers
will be based on peer mac address.
This change invloves updating the vdev_id for the network buffer list
in hdd_rx_pkt_thread_enqueue_cbk for later use in
dp_rx_thread_process_nbufq.
Change-Id: Ibaf5c10a7fe77772d2eea2a10398e0116fdd0344
CRs-Fixed: 2522201
While filling the QCN IE the IE length filled is 11 while actual
length is 8 and thus this lead to improper IE length in scan
additional ie while copying the default_scan_ies.
So fix the QCN IE length and add check for improper IE length check
while copying IE in scan additional ie.
Change-Id: I372af8c206d8f7ce0e93bc9c0fb14e222c6eb87e
CRs-Fixed: 2522208
Add a wait for PM freeze when wifi is turning on to make sure file system
and QMI are still accessible before attempting to download the FW and
trigger a QMI handshake with FW.
Change-Id: Ia2f3dc28abb9cab4b5dd8038ea02ac016eb74bbb
CRs-Fixed: 2521009
Time stamp for profiling system level power issues is currently using
qdf_get_system_timestamp(), which measures in milliseconds. To get more
fine granular data, use qdf_get_log_timestamp_usecs() to measure in
microseconds instead.
Change-Id: I920d0ec7c90ab602cbdc0d1efdb6061d6a72c122
CRs-Fixed: 2520939
Use QCS40X instead of QCS405 in config files. Kernel defconfig files for
QCS405 and QCS403 has been separated recently, and the arch has been
changed between these two chips. But all QCS related features and changes
in cld should all be included, so use CONFIG_ARCH_QCS40X to replace
CONFIG_ARCH_QCS405.
Change-Id: I6f0837bb3d3f1530aea5b2d4912741beb8c313bd
CRs-Fixed: 2519267
Return -EAGAIN from idle shutdown callback API if system suspend is
ongoing such that cnss driver does not turn off suspend the PCIe link
and psoc idle shutdown can be re-tried later.
Change-Id: If859abb70c18d03c2e73a8c589a4e138b98cb996
CRs-Fixed: 2518448
Add support to advertise the VHT MCS 10&11 support using vendor
specific IE to enable the MCS 10 and 11 support in VHT mode.
Change-Id: I2d197dcce20ab4aec617ca8a7f4a54b438fae635
CRs-Fixed: 2465662
In hdd_dis_connect_handler, roam_info is checked
for NULL in if(roam_info && roam_info->disconnect_ies),
but roam_info may be null pointer and is explicitly
dereferenced later. Add null pointer check before
it is dereferenced again.
Change-Id: I51f731323f01ddc657c57d20d8c63317400c92ab
CRs-Fixed: 2518450
FW sends regdb and bdf regdb version as a part of service ready event.
Extract the versions and populate it to HDD layer.
Change-Id: I2c9a40832361381c66a482d93ef5721fa7d6ffe4
CRs-Fixed: 2486984
There is possible excessive log in hdd_rx_packet_cbk when
receiving arp pkt. so lower log level from info to debug.
Change-Id: If7fbe1f86e98ca22172f9b21205b7215c435988b
CRs-Fixed: 2511832
Add timing profiling log for runtime PM operations such that we can
know how much time each operation is taking.
Change-Id: Iad2aca8e8bb2f0dadc14d24e3a5c2b03938df9df
CRs-Fixed: 2518935
The TSF deviation is more than 100ns when the capture interval is 100sec.
Lower the interval to 1sec to keep the drift within limit of 100us.
Change-Id: I2a6f7bf2d06d5d67854cbab6b582009f2cec39bf
CRs-Fixed: 2515981
Check napi_gro_recevie result before do napi_gro_flush when bus
bandwidth is idle (<18 Mbps), only if napi_gro_recevie result is
not GRO_DROP and GRO_NORMAL then do napi_gro_flush for each RX packet.
Change-Id: I8cd75fb680ad4cb13f8d8677136f51c5a0548b6d
CRs-Fixed: 2515794
This reverts change-id Ie40db69a24dc1e0b86f140ca1aad91bd3b10e95e.
The reverted changes was causing regression, that optional
firmware not loadable even it exists.
Change-Id: I02a45e9be635e4ce0787f0a24480e42129c59874
CRs-Fixed: 2516015
Currently the sap ctx's channel list is not freed
as part of undo acs, and hence can lead to mem leak
when the do acs and SSR is triggered in parallel.
Scenario:-
1. Turn on SAP
2. Do SSR in parallel
3. Unload WLAN
Fix is to clear the channel list as part of undo
acs.
Change-Id: Ie8dcace1d32aeec2621e785d793290d70c194f62
CRs-Fixed: 2511752
a. when T-put < 18Mbps, do GRO/GRO flush for each RX packet.
b. when T-put can kept stable (18Mbps ~ 60 Mbps) last >= 1 second ,
skip GRO flush logic.
Change-Id: Ic8075f10f72b479c6941d7ac12a71fd90f945094
CRs-Fixed: 2509672
Reduce the log level from err or info to debug so that logs
are not printed on console.
Change-Id: I0d33c2a8f5b4bb4974656ac0d1eb6713a74cb5f4
CRs-Fixed: 2516281
MPTA helper and Coex configuration features are not included
after latest system compilation updating. Modify configure
file qcs40x.snoc.perf_defconfig to include them.
Change-Id: I8ecad6c84bd4ca2d8e1b69f0cea14b61b2545ca3
CRs-Fixed: 2511723
When driver receives the command to disable the channels
it maintains a list of the channels which are disabled.
During SAP stop, driver restores the disabled channels
but it is not freeing the cache list. Now when again the
command is issued to disable the channels, driver is not
processing this command as it still has the channels in its
cached list which were disabled during previous command.
This results into failure of current command and all the
subsequent commands to disable the channels until the
cache list is not cleared with set_disable_channel_list
command with empty channel list.
To address above issue, clear the cache channel list
as soon as driver restores the channels on stop bss.
Change-Id: I6b8c7ba250ef38b892ab83621add45fbfc09a2cd
CRs-fixed: 2496642
Vdev_id and ENABLE_ROAM_TRIGGERS_ALL are passed to
hdd_send_roam_triggers_to_sme in reverse order. Pass them in
correct the order.
Change-Id: I79d2a843ee9f237620d31dbf91e3c57750e66e88
CRs-Fixed: 2514476
As per current implementation, hdd_mic_flush_work makes a call
to qdf_flush_work irrespective of whether the work is initialized
or not.
Since flush_work() without INIT_WORK() is erroneous, ignore the call
to flush_work if work is not initialized.
Change-Id: Ib96439e1416188e643935a4ddaa13671d221c1e2
CRs-Fixed: 2514424
Currently, as part of ndi_delete broadcast sta id is set
to invalid. But set this sta id to invalid as part of
ndi delete response from FW.
Change-Id: I4df843c4bce1c06b5c62cfd932b681e3320e5341
CRs-Fixed: 2513607
QCA_ATTR_ROAM_CONTROL_SCAN_FREQ_LIST is a nested attribute which
carries frequencies as sub attributes. Validate the size of each
sub attribute to make sure it's of size uint32_t. Extract the
frequencies if all are of valid size. Return failure if an
invalid length attribute is found.
Change-Id: I1743c2dbef640b28b78504a548edbb70f4f29e49
CRs-Fixed: 2513822
Scan period is configured through the DRIVER command
SETROAMSCANPERIOD currently. Add provision to set the same through
the roam subcmd and the attr QCA_ATTR_ROAM_CONTROL_SCAN_PERIOD
Change-Id: I3dd56f56ac8bc4ba48a88f8df292e9d4d5545fed
CRs-Fixed: 2509656
Use "client mac address" in bootp protocol to get
station id to handle scenarion when
DHCP exchanges(discover/offer/request/ack) happens
with broadcast address as destination address.
Change-Id: Ie233b2ffed1533f0a45fded199bb09649e48b4dd
CRs-Fixed: 2506023
Userspace may query for current configured full roam scan period
through the vendor cmd QCA_WLAN_VENDOR_ROAMING_SUBCMD_CONTROL_GET
and the attribute QCA_ATTR_ROAM_CONTROL_FULL_SCAN_PERIOD.
Fill the full scan period in the same attribute and send as reply
Change-Id: I0ab8b3d7b469515244ce27accc852c6d93514b2d
CRs-Fixed: 2508804
