On dp_aggregation sysfs store or show, wiphy is fetched
from hdd context without validation. This could result
in possible NULL hdd context dereference.
Fix is to validate the hdd context before dereference
to get wiphy.
Change-Id: I0d01f64e95c9aa3f09ccc940a64d5a25148c302e
CRs-Fixed: 2726433
SAP sends broadcast disassoc to associated stations
as part of the del station request from userspace.
hdd_softap_deauth_current_sta is sending broadcast
address to SME to send the disassoc frame instead
of associated STA address. Modified API to pass
the STA address.
Change-Id: I1645441804abef3c76f7deeff44ef929684c0bf1
CRs-Fixed: 2726960
If current msdu length - l4 header offset value is not matched with
cumulative IP length delta fetched from HW TLV, stop current fisa
aggregation.
Change-Id: Ia686a638a698d705db3c6bda58e85e4d94f323a1
CRs-Fixed: 2727291
Currently, function mlme_is_freq_present_in_list calculates
index based on chanel frequency in a loop of num_freq.
But acs_weight array can hold NUM_CHANNELS number of values.
loop index more than NUM_CHANNELS may lead to OOB read issue.
Fix is to add a validation for loop index < NUM_CHANNELS to
avoid any OOB issue.
Change-Id: I3c1d3393cd2a40147c325fea8f76b1db1a51f457
CRs-Fixed: 2727312
Currently, if fw doesn't send phy mode after roaming host itself
calculates phy mode based on band only. Host doesn't consider self
dot11 mode and returns dot11 mode based on 2g band or any other band.
Which may cause different phy modes in fw and host.
Fix: Calculate dot11 based on self dot11 mode, return dot11 mode based
on band only if self dot11 mode is not valid.
Change-Id: Ifa320e3bb8a2ae8cffc59c73501c0643dc3b65af
CRs-Fixed: 2725841
Race conditon is seen between the mode change and Wifi Off.
When mode change happens, modules are stopped and wmi handle
becomes NULL. As a part of state ctrl param write, BLM module
uses this wmi handle to send the reject ap list to FW.
Add the psoc op start protection for the ops required during
wifi off.
CRs-Fixed: 2722283
Change-Id: I8e8d9ca789dcacf201934105725e677ce9e0a031
when CSA happens, peer delete will not call
SAP de-register flow, of which may lead adapter
sta_info struct dirty. When STA interface is assigned
new peer_id, it has possibility to conflict with
dirty sta_id in adapter sta_info list. So change to
sync peer delete and notify umac to clean sta_info.
Change-Id: I1703b2b45837e0b4c0814e5c95ae7f86b510e1fc
CRs-Fixed: 2713147
Remove filling of unused dot11_mode in scan filter as the
filter logic is not present.
Change-Id: I7a484298db44033e8514a26985c63157af939ae0
CRs-Fixed: 2727064
This reverts Change-Id: I11164995061ee057dfcb3abaef2af2f2d33bfd23.
We need the override configuration in defconfig file. The reverted
change actually disabled the override mechanism. Revert this
change so that the override config will take effect.
Change-Id: I0ffcdcb112e4054dbc2961ba414371fbe5a9e1c3
CRs-Fixed: 2714158
Rename the existing roam offload states to include
WLAN_ prefix. Add 2 new states:
WLAN_ROAMING_IN_PROG - Roaming has started at firmware, this is
after candidate selection at firmware.
WLAN_ROAM_SYNCH_IN_PROG - State after handoff is complete at
firmware.
Also move the roam_offload_state enum to connection manager.
Change-Id: Ib1f38d200393849253893113172cdfc69e381fb3
CRs-Fixed: 2725387
User configures roam scan frequencies using vendor roaming sub command
QCA_WLAN_VENDOR_ROAMING_SUBCMD_CONTROL_SET. If the roam scan frequency
list type is QCA_SPECIFIC_SCAN_FREQ_LIST in user command, update specific
roam scan channel list in host and FW.
Change-Id: Ie9d30999a7cdfdd6fa4d97c64b09d9739dd39633
CRs-Fixed: 2725832
Currently wmm dscp will be called when open adapter,
as wmm dscp will send wmi cmd to fw, it is not right
place as adapter not yet started.
Move wmm dscp init to hdd_wmm_adapter_init, which
adapter vdev has been created.
Change-Id: I41b5e79d0b28ead9c449612ca2d2ed7529b3495f
CRs-Fixed: 2725883
There is possible dfs cac timer start on p2pgo,
then ssr happens, which cause timer leak.
Clean up dfs cac timer when stop adapter.
Change-Id: I8fe67420196ac752941476312caa7a80f2b3e264
CRs-Fixed: 2720896
NAN protocol runs in firmware and controlled by framework.
Framework configures multiple NAN discovery params while enabling
NAN. Framework configurations would be based on the framework
constraints or realtime scenarios like resource(memory/power/..)
consumption. But some of these params might need to be controlled
explicitly based on the usage.
NAN DW is one such parameter, which is configured as 4 seconds
when the device is in sync role and the screen is off. But
for some usecases, this param might have to be 512ms always
irrespective of screen off/on for some targets. Add an ini param
"nan_feature_config" to set a bit to indicate firmware whether to
honor framework configured DW value or the firmware default value.
Send the vdev param on NAN supported vdev by setting the "bit 0"
to indicate firmware to allow framework configured DW value.
If this bit is not set, firmware shall consider its default value.
Change-Id: I0476bca2bbe676beccfff207f5b4ea31e89031e2
CRs-Fixed: 2721970
Currently in the driver, there is no limit on how many number of times
get_tx_power can be requested by the userspace. This can lead to
potential issues where the firmware crashes due to excessive stats
request.
Add a time based rate limiting logic wherein the function call only
sends request to the firmware once in three seconds. In other cases, it
returns the cached value present in the adapter.
Change-Id: I65f23135d88c66e6438484715dafce3def14ddb3
CRs-Fixed: 2717633
Data stall info received as part of wmi debug msg flush
event is parsed for all reasons. Since fw populates this
info only when the reason is data_stall_trigger, in all
other cases this info would be garbage values and is sent
to userspace.
Fix is to parse data stall info only for the appropriate
trigger reason.
Change-Id: I70004e5825e67df375e9bc14c2db2a398d860c97
CRs-Fixed: 2724248
Refine FISA aggregation as below,
(1) add aggregate count checking, if current msdu aggregate count
is not equal to last msdu aggregate count + 1, stop current fisa
flow aggregation.
(2) only if current msdu cumultive ip length is > last
msdu cumultive ip length and <= last msdu cumultive ip length
+ 1478, then continue the FISA aggregation.
(3) support variable GSO size UDP aggregation.
Change-Id: Ie86b46c09b1cd8ca5a5c7ad3c1349d4e0d876203
CRs-Fixed: 2724215
For FILS pmksa caching, the STA can use the PMKSA cached as
part of the full 802.1x connection. When FILS PMKSA caching
is used, the supplicant might not send the ERP keys in the
connect request. So add support to allow connection when
ERP keys are not received in connect request but FILS
PMK is present in the cache.
If the PMK cache lookup is successful for the bssid,
use pmksa caching to associate, else fallback to full 802.1x
to associate to the BSS.
Change-Id: I9fa67ee5978b7199da1cb638f7f321baed6e5913
CRs-Fixed: 2710402
Pointer 'hif_ctx' returned from call to function 'cds_get_context'
may be NULL. Check for NULL pointer before de-referencing it.
Change-Id: I9d34d877783b35829faf2049c3c8c43519e12914
CRs-Fixed: 2726468
It resets connecting TDLS peer to idle state, and then won't send
peer delete command to FW, which cause FW break down. So check link
status and avoid to reset connecting TDLS peer to idle state.
Change-Id: I8e8c883c6a517d516f496790350324a4257c9325
CRs-Fixed: 2726207
Some of the post processing tools need high resolution timestamps in the
build tag to differentiate WLAN driver modules in the same build. Add
current time with nanoseconds rounded to the first 6 digits, which is
microseconds. Also fix the 'date' command format.
e.g. date -u +'%F %T.%N %Z'
2020-06-25T17:40:43.919224370 UTC
Change-Id: Ie2a8af4dad2aead5738a4c710a201fe9674999f7
CRs-Fixed: 2719008
Send Vdev pcl command on both connected STA vdev when sta+sta
roaming is enabled. Handle below cases:
1. When 1st STA is connected send PDEV pcl command for the
first sta. Set pcl_vdev_cmd_active false.
2. When 2nd STA comes up, Set pcl_vdev_cmd_active to true,
send vdev PCL for 1st sta before enabling roaming(disabled
as part of the connect on 2nd STA).
3. For second STA force dbs connection when
enable_dual_sta_roam_offload ini is enabled. Set the channels
of the 1st connected STA band as invalid and remove these
channels from the scan filter.
4. On disconnection of 2nd STA connection, clear the vdev
PCL sent for 1st STA and then send PDEV pcl command.
Also make changes to send set PCL command after roam init
is done before RSO start is done at firmware to avoid assert.
Post set pcl command from sme/csr through lim/wma/wmi to avoid
the above condition.
Disable roaming on the vdev before sending set PCL command to
avoid roaming on undesirable band & channels.
Change-Id: I6bd869015b7248fe5c5c90b6e2fa0174995be197
CRs-Fixed: 2725360
A new capability OCVC (Operating Channel Validation Capable) bit in RSN
capabilities provides mutual verification between peers (e.g., AP and
STA) of the current operating channel during security-related exchanges
and channel switches to defend against multi-channel MITM attacks.
FW enables OCV feature only if AP and STA both support it, hence update
RSN intersect capability to FW.
Change-Id: Iedc67287ae6c56c1d609ae599fbb591cdfcb4aa8
CRs-Fixed: 2721176
During TDLS if SSR occurs then wlan driver is not deleting the tdls host
peer.This lead to tdls peer leak, vdev and pdev ref leak. As pdev is not
deleted after SSR new pdev create fails.
Fix is to remove tdls peer information from host driver during ssr
Change-ID: I9f4c2026821a166fbf38f658c75d93e7409141cc
CRs-Fixed: 2726083
Enable compilation of the connection manager roam files with
Kbuild changes.
Add new API to store and retrieve the firmware scan channels at
mlme. Also add initial support to post SET_PCL command through
lim, so that it is not sent before ROAM init command.
Add changes to restrict connection of the 2nd STA to
channels on the other band of the 1st STA connected band.
This is done by filling only the allowed band channels in
the scan filters for the 2nd STA connection. If only
1 STA is active, it is allowed to connect on any band.
Add header gaurds for missed header files:
wlan_cm_tgt_if_tx_api.h
target_if_cm_roam_offload.h
Change-Id: Id2bce12b9663ed635ea46164169b088461aab870
CRs-Fixed: 2720341
Do not compile ol_txrx_event.c if set CONFIG_REMOVE_PKT_LOG=y
and CONFIG_WDI_EVENT_ENABLE=n with Hasting
Change-Id: I475e1d4bda818cdef66d961cb95d0193b27029f6
Use sync wake when trying to awake device for register
accessing.
This can avoid device re-enter low power mode after
device_wake asserted.
Change-Id: I9ce421be0ecdf05a26388732cc8e15154c57a47a
CRs-Fixed: 2703608
it will always return here if find vdev in wma_find_vdev_id_by_addr,
as default value of ret is failure.
Separate lookup vdev for sap/sta mode and check return value.
Change-Id: Ic94c6b25d2a02f9e66ed469bec4cf297d696e2a8
CRs-Fixed: 2721825
Currently for get channel list command host driver is using
channel number based APIs to get the channels state which may
result in incorrect state for some of the channels of 4.9GHz
channels as 4.9GHz channels are overlapping with the 2.4 GHz
channels.
To address above issue use the frequency based apis to get the
channel state.
Change-Id: I3d36c5aa73e42f6a6e4d82e1b7f35412b0c600c2
CRs-Fixed: 2721078
Incorrect phy mode sent to firmware as part of the
TDLS connection peer assoc command.
VHT phymode representation for 2G and 5G is different
and host is sending 5G VHT phymode as part of the 2G
TDLS connection peer_assoc command to firmware.
Modified phymode generation logic at WMA for TDLS
connection to populate 'WLAN_PHYMODE_11AC_VHT20_2G'
phymode.
Change-Id: I7867df7f013bc05a182e33495181a099332d1fd5
CRs-Fixed: 2719278
