In function wlan_hdd_set_sap_csa_reason, sap_ctx pointer is
dereferenced without NULL check.
Add NULL check to avoid null pointer access.
Change-Id: I74bbfdcae6d5a06d5eaf0cd66e3ff9c3380c6bb0
CRs-Fixed: 2512034
Add configuration for gpio pin used to send strobe to wlan hw.
The host driver will latch the current time and toggle the gpio
to generate a strobe to wlan hw.
The tsf will be latched on detecting the strobe and it will be
made available in a register for sw access.
The wlan fw will read this tsf and report it to driver using tsf event.
Change-Id: I4365d97d22836ddbbd2bf9913d4f723e5a870369
CRs-Fixed: 2495152
For runtime PM if the bus is suspended driver need to consider
extra 6 sec time for bus resume.
Thus add 6 sec extra in WMI timeouts if runtime PM is supported.
Change-Id: I5515cc889a0315382bac11a33ea6f901b7af1c46
CRs-Fixed: 2507029
In case of HL, send tx completion bit in HTT tx descriptor
to receive tx completion from FW and disable DHCP indication
to FW properly.
Change-Id: Iff8e0c1f5d95c4f62af8b498552d92b57006969c
CRS-Fixed: 2506011
Replace lim functions parameter struct scheduler_msg
with struct bss_params.
Internal functions don't need param struct scheduler_msg,
wma can call lim API: lim_handle_mlm_add_bss_rsp directly
instead of post msg.
Refactor struct bss_params memory free method.
whether success or fail when handle lim add bss rsp,
struct bss_params memory need free, it is simple and
clear to free only in one place: end of
lim_handle_mlm_add_bss_rsp.
Change-Id: I2d5d647a6949b1e0bdfbbe9a4dfb390a362a75ee
CRs-Fixed: 2508876
This member renamed by another change recently, and change here
accordingly to avoid compilation issue.
Change-Id: I65903cdb5255deca4b4a83daceec178790e76501
CRs-Fixed: 2505462
Currently the host driver sets PMKSA op_flag for flush and
delete PMKSA entry as in both the cases PMK length is 0.
This is not correct because for delete PMKSA command only
the bssid and SSID will be sent to the firmware.
For the host driver to distinguish between del_pmksa and
flush pmksa, the is_flush_all flag should be used.
is_flush_all: true - Flush pmksa
is_flush_all: false - set/del pmksa based on the action flag.
Change-Id: I7eac65317a9c6904cfd08acce328a65df451269e
CRs-Fixed: 2503372
Cleanup ol_txrx_flush_cache_rx_queue to find peer
from peer_list instead of sta_id.
Change-Id: Ia737e732051f3cdad53b1a552eb273b8a05562aa
CRs-Fixed: 2508259
The mapping of sta_id to the adapter in hdd context stores the adapter
with respect to the corresponding sta_id. Currently, the mapping is not
used anywhere in the driver even though the adapters are stored in it.
As there is no usage for the mapping, remove it as a part of sta_id
cleanup effort.
Change-Id: I26590a69e61d82f723a83eb3f9f24c42afa6c5a2
CRs-Fixed: 2511767
As part of the tdls vdev creation, tdls osif memory is allocated
and not freed in the error condition, which can result in the
memory leak.
Free the tdls osif memory in the error condition
Change-Id: I084b14c4277be3e88142e3eaaabcf3293a15f220
CRs-Fixed: 2507609
The sap unsafe channel restart process include two subprocesses: CSA ie
update and channel switch, but CSA ie update request using
mac->sap.SapDfsInfo to save target channel switch parameters, which
would be overwritten by 2nd sap restart at same time. For example:
SAP1 on chan 1 and SAP2 on chan 36, then lte coex mark chan 1 and
chan 36 as unsafe channels, now SAP1 and SAP2 would switch to same
channel, but actually they can be on different channels doing DBS.
To fix it, one option is save the target channel switch parameters to
different session, but looks it may introduce a lot of code change,
because the logic is shared with DFS/concurrency. So the simple option
is making sap unsafe channel restart execute once at same time.
Change-Id: Ieaab3007fb6e79a9741f892e86771d2f52c03e3c
CRs-Fixed: 2504867
If g_sta_sap_scc_on_lte_coex_chan != 0, the SAP and
STA SCC on unsafe channel is allowed.
The change keeps the unsafe channel in SAP channel
list if STA is active on the channel.
Change-Id: I328841df611a000b1c4d4d09618a4035f0b7fba6
CRs-Fixed: 2509730
Refactor vdev stop and down code to target_if common code.
Remove legacy code for vdev stop and down.
Change-Id: I4ab0743d39a3b37816ab9f18e8850cadf1335c15
CRs-Fixed: 2506649
This reverts commit I04631ffd611d6ded318ddfb65b2dfeba479c9bdc.
Currently, for all the peers cleanup is done in lim and wma layers
to remove this peers. The original change is deleting the ndi
peer in HDD, and can lead to memory overwrites.
Hence reverting the change.
Change-Id: Id0083c3d1612f0fdccb6fca2c9cc4c03f607a139
CRs-Fixed: 2507142
In function csr_check_concurrent_channel_overlap, local
variable intf_ch is defined as uint16_t, but its pointer
is casted to uint32_t * before invoking
policy_mgr_get_sap_mandatory_channel, which will do
32-bit memory write and causes a stack memory over-
writing.
Call Trace:
dump_stack+0x46/0x59
print_address_description+0x66/0x22b
kasan_report+0x21f/0x245
policy_mgr_get_sap_mandatory_channel+0x1fd/0x258 [wlan]
csr_check_concurrent_channel_overlap+0xf84/0x10d2 [wlan]
sme_check_concurrent_channel_overlap+0xaa/0xf0 [wlan]
wlansap_check_cc_intf+0x102/0x124 [wlan]
wlan_hdd_get_channel_for_sap_restart+0x506/0x8f8 [wlan]
policy_mgr_check_sta_ap_concurrent_ch_intf+0x35e/0x425[wlan]
process_one_work+0x2cc/0x53b
worker_thread+0x357/0x490
Change the type of the 2nd parameter to uint16_t within
function policy_mgr_get_sap_mandatory_channel, so only
16-bit memory writing will take place.
Change-Id: If514a394e65d005a1fe025c0e753bf7440dd5dde
CRs-Fixed: 2508798
Direct buffer tx component initializes in target_if_init, which cause
platform assert since g_umac_glb_obj is NULL. So change the order to
avoid NULL pointer access.
Change-Id: I348775d08ccc478caef605c2ae8d1b6d65d77eb2
CRs-Fixed: 2497809
Avoid compiling ol_rx_reorder.c and ol_rx_reorder_timeout.c
for low latency and only compile for high latency
data path.
Change-Id: I1f3819fa093766abba87e5dc6dc44e6d2188740b
CRs-Fixed: 2506005
In "Change-Id: I2896f7704ffb809214c5b08756c4b8673307fd9e", parameter
type of hif_get_hal_handle changed from void to hif_opaque_softc,
which cause compilation failure in wma_init_dbr_params.
Change-Id: Idbb591bb1ea1507661882fe48b18eaaffcac164d
CRs-Fixed: 2504894
Support monitor mode enablement by changing driver mode, and also
remove the support that enable monitor mode with insmod parameter
"con_mode_monitor = 4", use "con_mode = 4" instead.
enable monitor mode steps for reference:
(1) change driver mode
a. svc wifi disable
b. echo 4 > /sys/module/wlan/parameters/con_mode
c. ifconfig wlan0 up
d. iwpriv wlan0 setMonChan 11 0
(2) insmod with kernal parameter way
a. insmod /vendor/lib/modules/qca_cld3_wlan.ko con_mode=4
b. ifconfig wlan0 up
c. iwpriv wlan0 setMonChan 11 0
Change-Id: Ie615533d060261d545b3b92bea9916099ccccadd
CRs-Fixed: 2494158
Presently in the driver, in function hdd_objmgr_create_and_store_vdev
the vdev object is created and stored. In case the creation of the vdev
fails due to some reason, the corresponding error condition tries to
free the osif_priv pointer. This osif_free pointer is actually already
freed as a part of vdev_obj_delete -> vdev_release_ref -> vdev_obj_free.
As this is already freed, a possible double free scenario can occur in
the original error handling scenario.
To avoid this scenario, do not free the osif_priv pointer in the error
handling as it is already taken care in the caller.
Change-Id: I7fc7be187ce1e303c81da885a75c600a7b6c4b3e
CRs-Fixed: 2507432
Full roam scan period is the minimum idle period in seconds between
two successive full channel roam scans. Firmware expects this param
as part of roam scan offload request. Add an ini param to set
it to a default value and use it while sending roam scan offload
request.
Change-Id: Id66b583b2c487f06e62298641dc28853af3ab11c
CRs-Fixed: 2507448
enum qca_wlan_vendor_roaming_subcmd contains different values of
subcmds to be used with QCA_WLAN_VENDOR_ATTR_ROAMING_SUBCMD and
these are not attributes.
Values of the enum qca_wlan_vendor_roaming_subcmd have been
renamed according to usage and relevant documentation is added
in qca-vendor.h. Make corresponding changes in usage to avoid
compilation errors.
Use right max index(QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_MAX) while
parsing for PARAM_LIST_SSID. This caused compilation error as the
inappropriate max index(QCA_WLAN_VENDOR_ATTR_ROAM_SUBCMD_MAX)
is used for parsing which has been deleted now.
Change-Id: Ifc063b801ba2729e8cff1581ef63e78e1d36a32d
CRs-Fixed: 2508196
Currently, the API cdp_fc_get_tx_resource takes as input the sta_id. As a
part of cleaning up the usage of sta_id, replace it by peer mac address.
Change-Id: I7b81a05d312da84aa16c82f0f6152710daf986c5
CRs-Fixed: 2507274
Cleanup ol_txrx_get_tx_resource to be peer mac address based
from local peer id based.
Change-Id: Id7ac4b5152c782d3475d9fad59f8f835102483cc
CRs-Fixed: 2508132
Some system suspend commands are getting sent to firmware while
runtime resume is in progress. Sync runtime pm resume when system
suspend occurs to avoid this.
Change-Id: I6e652104e984b81e29a5f328fcf3937502a8f47f
CRs-Fixed: 2509910
Currently the NUD tracking is done only for STA mode.
For all the adapters the NUD tracking work is not
created and hence should not be destroyed when the
adapter is cleaned up.
Destroy the NUD tracking work only for the STA adapter.
CRs-Fixed: 2505365
Change-Id: I677a07cb37e2d547e62b7ffebf6d014255a9d237
In the current wlanhost driver dump status, it doesn't
support to count the dropped packets seperately that
due to firmware don't have enough tx descriptors, so
add such function which can benefit KPI tune.
Change-Id: I1a72acbc4f1f861c2013a1ef1a95b73acccd6b53
CRs-Fixed: 2507410
Currently the driver selects channel 12, 13 as they are
free from BSS as their weights are minimum, which results
into IOT issues as legacy STAs do not support the same.
Fix is to avoid channel 12, 13 in SAP ACS process, and try
to start the SAP on channels from 1 - 11.
Change-Id: If735fade7d7b489b45a20f74c04bab5582343f79
CRs-Fixed: 2509791
