When WMI_ROAM_STATS_EVENTID is received, the driver copies the
roam scan candidate AP data from the event to destination
buffer. This num_ap count is used directly to fill the diag
buffer. When the number of candidates sent by the firmware
is greater than MAX_ROAM_CANDIDATE_AP(8), corruption of the
destination scan->ap buffer occurs.
Validate the number of APs before filling the diag event.
Change-Id: I5258bc0d4ce0108cbc5195aa464afd498ae9fbf9
CRs-Fixed: 2598513
If there are still RX packets pending in the napi gro_hash list, do RX GRO
flush after flushing the RX thread pending packets when detach the vdev to
avoid net_device might be invalid later which has been stored already in
the pending skb.
Change-Id: Iff0a5cf49c87b91b8cae3dbcb541d1cf0bc480a6
CRs-Fixed: 2598149
Modify sme_enable_sta_ps_check() to take power save mode
parameter as new argument.During certification WMMAC test
cases failed due to recent change of saving user power save
configuration. The uapsd auto trigger cmd could not be send
due to user power save configuration.
Apply the user power save configuration in conjunction with
power save mode.
Change-Id: I79bdfc3f4d168df23415bfb3418913de7a45886a
CRs-Fixed: 2592560
Scenario:-
1. Turn on SAP and STA on 2.4ghz and 5ghz
2. Turn off SAP
3. Turn off STA
4. Turn on SAP on 2.4ghz
Issue:-
In the start ap function, the driver calls
the stop opportunistic timer and calls the handler
to goto SMM mode.
After this, the SAP checks whether it requires the
DBS or not and then requests for DBS also, but since
the driver is already in DBS mode this command gets
rejected, so there would be 2 commands in the serialization
queue which would be SMM and start AP, which would lead to
a crash as SMM is sent before a connection on 2.4ghz as
Hastings is not capable to start a vdev in 2.4ghz without
DBS mode.
Fix:-
1.Not allow SMM if the current connection requires DBS
2. Check the HW capabilty in the active command only and
not before that to protect the reliability of hw mode.
Change-Id: I1c0c05ea05ba14d1556af2612daa3de2ffcba367
CRs-Fixed: 2587508
During mdm SAP+SAP+SAP case, if 5G band is disabled for modem
N79 band, need all 5G SAP switch to 2G to force scc.
when 5G band is re-enabled, all 5G SAP can switch back to 5G.
Change-Id: Ief7d7c85a7881885bd95c8af6be8d4e428d07041
CRs-Fixed: 2597602
Enable DP Bus Bandwidth feature in WHUNT config, this helps to
execute and detect issues in Bus Bandwidth feature code path.
Change-Id: Id4376236b77661519667c40c427c50af436a9dc2
CRs-Fixed: 2597300
6Ghz SAP needs to send either a probe response or fils
discovery at every 20ms.
Add a new ini to configure the probe response or
fils discovery frame.
enable_6g_sap_fils_discovery=1 sends fils discovery frame
at every 20ms.
enable_6g_sap_fils_discovery=0 sends probe response frame
at every 20ms
Change-Id: I6c5fb339135cf11be071d73970ea3704441380eb
CRs-Fixed: 2586524
When roaming is complete, firmware sends WMI_ROAM_STATS_EVENTID
to host driver. This event has details regarding the roam
trigger reason, roam scan and candidate details, roaming result
and 11kv info sent after roaming to AP. Parse this event and
fill the below diag log report to print this in logcat:
LOG_WLAN_AUTH_ASSOC_TX_RX_INFO
LOG_WLAN_ROAM_TRIGGER_INFO
LOG_WLAN_ROAM_SCAN_INFO
LOG_WLAN_ROAM_RESULT_INFO
LOG_WLAN_RRM_TX_RX_INFO
Change-Id: Ie09dc8ad5b236d0925327dba73a3f2e73a80109a
CRs-Fixed: 2597057
If TXBF is disabled, do not configure TXBF to FW. Otherwise NDPA
packets are sent by SAP from air sniffer, which is incorrect.
Do not configure TXBF to FW through WMI_VDEV_PARAM_SET_HEMU_MODE
if TXBF is disabled for HE.
Change-Id: Ib1f9366ce18be8dadfdb46663f6606dd08f0e033
CRs-Fixed: 2596373
Certification test case HE-4.2.2 enable both 11ax and wep for sap, we
start sap as 11g mode as expected, but there is additional IEs from
hostapd which has HE cap/op IEs fails the case.
Strip these HE IEs from additional IE configure from hostapd when HE
has been decided to disable when sap start in host driver.
Change-Id: If1001255cc6528ab1a01d72d13f8376815aa5ebc
CRs-Fixed: 2594834
WLAN_CONV_CRYPTO_SUPPORTED is a temporary flag which is used for
converged crypto component transition. The transition has already
been done, so cleanup legacy code related to the flag.
Change-Id: I6626a7c9d2ab46cf35ed3593b72c074100954ab8
CRs-fixed: 2593529
During LFR2, new pe session is created before old pe session
deleted, the 2 pe sessions have different pe session id, but
same vdev id.
After change-Id: Ib2e7c72e0636765341792a79aa12968a84ed4879,
When delete old pe session DPH Entry, get pe session by vdev
id instead of pe session id, since both new and old session have
same vdev id, so there is 50% chance to get wrong pe session.
then DPH Entry for STA 1 missing issue happens, then no reassoc
happens.
Fix: When delete old pe session DPH Entry, get pe session by
both vdev id and PE mlm state: eLIM_MLM_WT_DEL_BSS_RSP_STATE.
Change-Id: I207a4291cd26175ea7013fb2f2a0c27865304db2
CRs-Fixed: 2593194
In case of nbuf map failure as part of htc_send_pkt for
tx credit flow disabled endpoints, htc pkt is not put
back in the freelist as return status is not checked
resulting in memory leak.
Fix is to put the htc pkt back in the freelist based on
status returned by htc_send_pkt.
Change-Id: I9173fa3684bc887a360b92d48b689c53a5ad5dbe
CRs-Fixed: 2593729
If gDot11Mode=1 is set to INI, DUT STA will be failed to
connect to 5G AP due to "unknown phymode" included in
vdev start.
Correct the driver to use freq API to identify 5G band
BSS instead of channel API.
And the change forces 11ax mode for 6ghz bss.
Change-Id: I692fa744756490e7125ccd5fd82c15febc19ce68
CRs-Fixed: 2594048
While sending peer_assoc_cmd to FW,add 6ghz HE band capability
if chan_freq is 6ghz.
Change-Id: Icfe886e8c9089d2c58609866e5bc64250c2b6eea
CRs-Fixed: 2591039
When roaming to whitelist SSID, firmware offloads
EAPOL 4-way HS to supplicant. Suppose initially if DUT connects
to SSID1 and then firmware roams to SSID2 then 4-way HS should be
offloaded to supplicant as the firmware doesn't posses the
pre-shared key. When roaming happens between same SSID, then
firmware has PSK and 4-way handshake is taken care by firmware.
But due to issue in roaming code, 4-way HS is offloaded to supplicant
even if roam happens between same SSID. Issue is for ROAM_RSO_STARTED
state in csr_roam_switch_to_rso_start API, there is no handling to send
RSO update if Roaming is already started, due to which
csr_roam_offload_scan is not invoked.
Second issue in roaming code is that RSO is not enabled with the
new SSID2 in firmware. RSO is not enabled as after set key
complete the state of roaming state was not set to
eCSR_NEIGHBOR_ROAM_STATE_INIT. Due to this the SSID in
firmware is still SSID1 and when firmware tries to roam again
to SSID2 it offloads 4-way HS to supplicant instead of handling
within firmware only.
Fix is to update the roam state from eCSR_NEIGHBOR_ROAM_STATE_CONNECTED
to eCSR_NEIGHBOR_ROAM_STATE_INIT in csr_process_roam_sync_callback after
roam synch propagation and also handle ROAM_RSO_STARTED state with
roam_command ROAM_SCAN_OFFLOAD_UPDATE_CFG instead of returing success from
csr_roam_switch_to_rso_start API. Now when supplicant does set key after
4-way HS, roaming is enabled via csr_roam_chk_lnk_set_ctx_rsp->
csr_roam_link_up->csr_neighbor_roam_indicate_connect->
csr_neighbor_roam_info_ctx_init->csr_post_roam_state_change.
Change-Id: I5b81f2e03fe1c7dee2820370d06f4e4f8017f12c
CRs-Fixed: 2587120
wlan_set_vdev_crypto_prarams_from_ie() is defined in qcacmn code but
disabled in Kbuild if CONFIG_CRYPTO_COMPONENT=n, it caused runtime
error if run it.
The #ifdef/#else code should live in common code where define
wlan_set_vdev_crypto_prarams_from_ie(), but there is no motivation
from WIN side to add any code which is not converged.
And it is not appropriate to put it into exist head files, so just
define inlined wrapper functions to cover the not defined case.
Change-Id: I11916703fff860025728f904c8d3906eee1d0037
CRs-Fixed: 2592904
If g_enable_go_force_scc isn't enabled, P2P Go failed to switch
to 2G band when 5G disabled.
Fix: Check whether need switch channel for band restriction
first, check go force scc later.
Change-Id: Icf8de51321debea2806585d47d2bd4fc6486075e
CRs-Fixed: 2594279
Currently the driver does not allow the channels
12 and 13 for SAP ACS because most of the legacy
stations don't scan them and they can cause many
IOT issues. But if they are the only channels left
in the spectrum (for eg. all other channels became
unsafe), then the SAP would fail as the driver did
not consider channel 12-14 for ACS.
Fix is to consider 12-14 for ACS, remove them if
other channels are available and if they are the
only channels available in the spectrum, then start
the SAP on any one of these channels.
Change-Id: I599d0e95e9bdc3aed70d6a515d7a52c39846b6f2
CRs-Fixed: 2576635
In function hdd_ocb_register_sta(), it will call function
cdp_peer_register(soc, (struct cdp_pdev *)pdev, &sta_desc), but pdev
is undeclared.
Change-Id: Ie0341b8ff880c21960a655399378b519fc240631
CRs-Fixed: 2595641
Use user setting for HT mpdu_density if target reported value is
0 which means no restriction.
Change-Id: I4be7d3f4137744e5c9e5bdfc7b50e6c338bd4f79
CRs-Fixed: 2592163
Scenario: Turn on SAP in 2.4ghz in 20Mhz and connect
DUT to it.
Now trigger channel change command and change the SAP
channel to 5ghz in 80Mhz mode.
Issue:-
STA would not go to 80Mhz mode and would remain in 20Mhz
Issue in driver was that it was checking for the ht
supported chan width rather than the self capability.
HT self capability would always be 0 if the connection
is in 20Mhz, and thus the STA would never be able to
ramp up it's BW.
Expectation:
STA should move to 80mhz if it supports 80Mhz bandwidth.
Fix:-
Check for the self capability rather than the ht channel
BW supported.
Change-Id: I546d5edd9881c1013b1a08989cbab3d4ef8fae4d
CRs-Fixed: 2594982
Scenario:
Configure two AP with same SSID and different
passwords, and try to connect to one and then roam to
other.
Observations: The DUT would connect to the second AP
but since the password is different, the EAPOL would
certainly fail, and hence it would result in overall
connection drop and the DUT could not establish a
secure connection with the second AP, and it
disconnected with the previous AP.
Fix is to avoid the AP for some time and try to
connect to other BSSIDs, and still if the EAPOl
fails with the new AP, blacklist it.
Change-Id: Ifb908823cd0eb1873ec7a4b08dffa86e548533fc
CRs-Fixed: 2591467
Currently the BLM does not check the BSSID of
the entry for 0 or broadcast BSSID, and thus
can lead to addition of many entries with such
property.
This would also result in removal of old valid BSSID
entry data, which is essentially required.
Fix is to check the BSSID of the entry for 0
or broadcast, and reject them if not valid.
Change-Id: I2939673a1c4efb1a22e03ffe82121513c071fa4b
CRs-Fixed: 2595331
