In wma_start_extscan, it will always return error due to an
incorrect conditional statement.
Change-Id: Iddb81e34a59ff541d4a17e45b8eca13e704fb89d
CRs-Fixed: 2450704
If firmware starts off-channel scan, driver does not
receive beacons. In this case driver should send a
pause event to userspace.
Change-Id: I90ba5c586656486df110778b73b236e5877f8684
CRs-Fixed: 2431359
Once driver gets QCA_NL80211_VENDOR_SUBCMD_BEACON_REPORTING vendor
command with an attribute for start, firmware sends all
beacons to host for the connected peer. Host extract required info
(SSID, BSSID, Channel number, Beacon Interval, Timestamp, System
timestamp) from incoming beacon for connected AP and sends it to
userspace. Userspace needs this data for WIPS.
Change-Id: I9d6dd068a076bda79881043946be3133ee87fe84
CRs-Fixed: 2431354
Add new vendor cmd : QCA_NL80211_VENDOR_SUBCMD_BEACON_REPORTING.
This subcommand is used to implement asynchronous beacon
reporting feature. Userspace can request driver/firmware to
report details of each beacon received whose bssid is same as
currently connected BSS's mac address. The driver will encapsulate
the details of these beacons as an asynchronous event within this
command id until userspace requests to stop sending beacons.
Change-Id: I9a32fe5431767b077983c7db90a2f825709f368c
CRs-Fixed: 2431351
CSA on DFS channels requires CAC period after RESTART response, peers
can leave during CAC period due to HB failure. But peers remain
connected in SAP and are not deleted.
Now if vdev down is called during CAC wait period, the peer delete
all is not called, and vdev delete is sent without sending peer
delete to firmare leading to assert.
This change adds the logic to internally disconnect all peers before
channel switch if CAC is required on new channel, i.e new channel is
DFS and pre-CAC is not done and ignore cac is not set.
Change-Id: I923fd11d1b9d4a2c606b19ff94baaf44397d3e20
CRs-Fixed: 2449104
Add support to pass scan priority to override the def scan priority
for cfg initiated scan.
Change-Id: I454c2667d1814d96fbb611e6ecbb90d4154ec9b5
CRs-Fixed: 2449730
While processing vendor command WIFI_TEST_CONFIG_TWT_SETUP,
in respective command handler __wlan_hdd_cfg80211_set_wifi_test_config()
there is no maximum range check of INTVL_EXP and INTVL_MANTISSA attrs
which can lead to potential integer overflow.
Also there is no check whether mandatory attrs like DURATION,
INTVL_MANTISSA etc., are present. If these mandatory attrs are
not present then driver is initializing them to zeros
which can lead to divide by zero error when calculating wake interval.
To address this, return error when mandatory attributes are not
present and add maximum range check.
Change-Id: If3ac71e1263906fdd502c77103e1fff91f65e816
CRs-Fixed: 2435728
In hdd_deregister_cb, wlan_hdd_cfg80211_stats_ext_callback should
be deregistered instead of registered.
Change-Id: Ib7051aeb4579e2573b1b1845601aee07f596bcbc
CRs-Fixed: 2449023
Some failures in PMO runtime suspend do not return any error code.
Fix them by returning proper error code.
Change-Id: Icc6b8fef45707cba6dc2cef7ec44cd5c71d2f07d
CRs-fixed: 2450271
Currently the driver flushes all the scan results during
ACS request, and then scans the specific channels as
mentioned in the request, which leads to a scan again
for the STA interface as no scan results are available.
Fix is to have a timestamp, and get only the latest scan
results, instead of the scan database flush.
Change-Id: Icc343fcca77fb7074071ca1d467947ef70fd1930
CRs-Fixed: 2446490
Scenario of the issue is :-
1. Keep sta+sap_scc_dfs_ch as 0 to disable the dfs concurrency
2. Start a SAP on any 5ghz channel(NON-DFS).
3. Start a STA on a DFS channel.
Expectation: The SAP should not do MCC, SCC as the above
mentioned ini is 0, also MCC is not prefereed in a HW
solution where DFS is preferred, hence the SAP should go
to 2.4ghz and DBS should be the expectation.
Observation: The SAP does not do a DBS operation, and falls to
MCC here.
Reason: When the SAP gets a PCL in the path of SAP restart,
the PCL feels that a new SAP is going to come up, and hence
gives the best channel (first element of PCL ) as its own,
which leads to restart being rejected, as the SAP cannot start
on a channel which is the same as existing.
The final channel then selected is the STA channel, leading to
DFS SCC which is also not allowed. Hence the SAP is now stuck
in MCC(STA+SAP , one on DFS, and the other on NON-DFS channel).
Fix: The fix is to get an alternate channel for SAP restart, other
than the channel on which the SAP is already up, to lead to DBS,
if the STA channel is not suitable for SCC operaion.
Change-Id: Iab3ad22b2f970ca26ce3e6bc7a9b5ee34bc7e7ba
CRs-Fixed: 2443718
wlan_vdev_get_bsspeer() return bss peer without taking the ref count
of the peer and thus if peer is deleted after wlan_vdev_get_bsspeer()
returns a valid peer, the caller will have stale entry of the peer.
Stale entry of peer can lead to Assert.
Use wlan_objmgr_vdev_try_get_bsspeer API for pmo to get the BSS peer
which increment the refcount if peer is valid. With this the peer
won't be deleted till the caller release the ref count of the peer.
Change-Id: I0901164132c497d78c9dc603539b045e5ce0f152
CRs-Fixed: 2446618
Currently the driver does not sends the assoc req and assoc
response frame exchanged with the AP if the connection attempt
fails with the peer.
The connection failure can be because of n number of reasons,
OCE assoc reject be one of them.
The supplicant requires these IEs to reject the connection
attempt with the AP with which the connect attempt failed
for t number of seconds, which is mentioned by the AP.
Fix is to send the assoc req, and assoc response IEs to
the driver.
Change-Id: I9c1f7063105912a8005f9e8399640d028b15eec7
CRs-Fixed: 2445709
MLME log macros like mlme_debug, mlme_err, mlme_info are having same
definition in legacy and common code. To avoid this redefination,
lagacy MLME log macros are renamed.
Change-Id: I71fbbcd1f74df73e82b799b318a9e9a95a3cb0c8
CRs-Fixed: 2446535
Update the HE partial BW UL MU MIMO capability in CFG with the
FW capability shared for supported features.
Change-Id: Ia2c934ce2277076f86fc679b55d4d386ae27795c
CRs-Fixed: 2446810
Mc timer is used to initialize the p2p roc timer.
And the actual timer runs in the soft irq thread and
when the timer exipres it posts the message to mc thread.
Currently, qdf_mc_timer_stop is called to stop the timer.
It calls the del_timer internally to delete the timer.
del_timer() ensures that the given timer is not queued
to run anywhere in the system. But the callback may
be running on another CPU core can create race conditions.
So use del_timer_sync to delete the roc timer.
Change-Id: I2c0fd6e335fc342a3acf06ede534c84d40e19346
CRs-Fixed: 2445705
Commit I0f79731a750c9d759bcd5593f11a740572e9d4ad added wow disable
check to disable wow(apps low power) mode features for all modes.
Move wow disable check after hdd validate context to make code more
readable. There is no issue with current code as well because DSC
vdev op protection already protects cfg80211 suspend/resume OPs
from SSR and driver unload.
Change-Id: I3a39a445e7431735e8ac64fc12b9e7ba71d8816c
CRs-Fixed: 2447777
Currently HE capable for TDLS peer is set from STA connection
session which sets the TDLS peer HE capability incorrectly.
Set the HE capable setting for TDLS peer from the peer STA
context that has correct value.
Change-Id: I232d32fb45ea5bbe7c2925922de3804e28f888cc
CRs-Fixed: 2441422
When sending keepalive packets if there is failure in mapping
request id to pattern id in function -
hdd_map_req_id_to_pattern_id(), error code EINVAL is returned.
This error code is misleading and not sufficient to inform the
userspace that all available buffers are utilized and it should
stop sending keepalive packets.
Return proper error code if all available buffers are utilized
and no buffers are available to address any new request to send
keepalive packets.
Change-Id: Ie54299a0a7ff43a7044316d641d19ce12ac047c8
CRs-Fixed: 2445981
Currently Roam Scan time is misspelled as Raom in roam_stats debugfs,
fix with proper spell.
Change-Id: I7d5d889da1e168990f44ce609273812a7ba4ec3e
CRs-Fixed: 2445715
If gEnableSapSuspend is disabled then in both SAP and GO mode
cfg80211 suspend should be rejected. Fix a boolean logic typo
in GO mode such that GO mode behaves same as SAP mode.
Change-Id: I49ab2a378f32eb4dedaa57183ad78cc022419cfa
CRs-Fixed: 2446133
wlan_vdev_get_bsspeer() return bss peer without taking the ref count
of the peer and thus if peer is deleted after wlan_vdev_get_bsspeer()
returns a valid peer, the caller will have stale entry of the peer.
Stale entry of peer can lead to Assert.
Use wlan_objmgr_vdev_try_get_bsspeer API in TDLS to get the BSS peer
which increment the refcount if peer is valid. With this the peer
won't be deleted till the caller release the ref count of the peer.
Change-Id: I9dc26771a0e8dadf75898c94bff5d4b8fb8a88d5
CRs-Fixed: 2445795
wlan_vdev_get_bsspeer() return bss peer without taking the ref count
of the peer and thus if peer is deleted after wlan_vdev_get_bsspeer()
returns a valid peer, the caller will have stale entry of the peer.
Stale entry of peer can lead to Assert.
Use wlan_objmgr_vdev_try_get_bsspeer API in hdd to get the BSS peer
which increment the refcount if peer is valid. With this the peer
won't be deleted till the caller release the ref count of the peer.
Change-Id: I9adf79810c7ec02af377f485eee596dd14289b50
CRs-Fixed: 2445716
No channel is included for RRM scan on receiving beacon
report request with operating class 0 as there is no
channel list in the global operating class table.
Fix is to include all the valid channels for RRM scan when
operating class in beacon report request is 0.
Change-Id: I49aedbeabf14cdd709c6965a1f5af05cc7a68a76
CRs-Fixed: 2444737
Disable OCE in STA vdev if any sta gets associated to SAP/GO.
This will improve the scan results in STA interface.
Without this fix firmware will do probe request deferral for 15ms
out of 28 ms , so 15ms is gone and rest is not sufficient dwell
time to get all AP probe responses.
Change-Id: Ie6f79c86025c53360c792c740a963ed8a1d9b936
CRs-Fixed: 2443190
WoW feature may need to be disabled for certain targets
hence add an INI item gDisableWow to disable wow feature
for all modes.
Change-Id: I0f79731a750c9d759bcd5593f11a740572e9d4ad
CRs-Fixed: 2446226
In wma_stats_event_handler several fields lengths are added
together to check against param_buf->num_data (the overall
length of the buffer).
The problem is that num_pdev_stats, num_vdev_stats and
num_peer_stats represent the number of structures of each
type rather than the total number of bytes.
Therefore update the logic to compare the expected size of
the entire payload to the actual payload.
Change-Id: I94af679480e62a61d4b25a1f370b2f199985f874
CRs-Fixed: 2429010
The FTIE subelem lengths are validated before copying
the R0-KH and R1-KH subelement. So remove the sub-element
length sanity check, which is causing parse failure.
Change-Id: I2fd2423e3d33e557e93a82ca250cb8bee1013c1a
CRs-Fixed: 2445863
pLimJoinReq will be NULL for the pe session, created when
STA does a successful FT-Preauth with target AP, using LFR
2.0 based roaming.
Any subsequent roaming using this new pe session will cause NULL
pointer dereference.
Hence checking validity of session->pLimJoinReq before accessing.
Change-Id: I47480a4d22c02ce1cc804430f60e8adf7959164e
CRs-Fixed: 2433647
