In lim_populate_peer_rate_set(), bss description is obtained by
dereferencing the bss descriptor from session->lim_join_req.
But in LFR-3.0 roaming case, the lim_join_req will be NULL, since
roaming is south bound operation and there is no csr join request
message after roam. So this results in NULL pointer dereference
of bss_description in lim_populate_peer_rate_set() while
handling LFR-3.0 roam synch indication event.
Pass the correct bss descriptor from caller to ensure that valid
bss descriptor is passed to the lim_populate_peer_rate_set() api.
Change-Id: I3af915d5753c7aa054dc6d8766e51fd62c8314bb
CRs-Fixed: 2733807
When FILS erp keys are not available, EAP initiate packet will not
be sent to the AP so FILS authentication wrapped data IE is not
required, but the driver is adding extra 3 bytes for wrapped data
even if wrapped data is not included. This will cause issues with
the FILS AP.
Don't allocate bytes for wrapped data if ERP keys are not available.
Change-Id: I9bd8033048829eeaf63ce123129e64f2685df04f
CRs-Fixed: 2732852
Userspace can configure different roam control params as
defined in qca_vendor_attr_roam_control through the roam subcmd
QCA_NL80211_VENDOR_SUBCMD_ROAM and the below attributes:
QCA_ATTR_ROAM_CONTROL_SCAN_FREQ_SCHEME
QCA_ATTR_ROAM_CONTROL_CONNECTED_RSSI_THRESHOLD
QCA_ATTR_ROAM_CONTROL_CANDIDATE_RSSI_THRESHOLD
QCA_ATTR_ROAM_CONTROL_USER_REASON
Send value of above attribute to fw through command
WMI_ROAM_ENABLE_DISABLE_TRIGGER_REASON_CMDID for trigger
reason WMI_ROAM_TRIGGER_REASON_BTM_WTC.
Change-Id: I17502eebab56652192164144b7ebdadb32033117
CRs-Fixed: 2729119
The EDCA parameters in SAP mode are reset to default values
defined in EDCA config strings when the first station connects
the BSS and again when the last station leaves the BSS. it
overrides the EDCA parameters values configured from the hostapd.
Add a check to avoid resetting EDCA parameters when SAP is not
operating with ANI profile.
Change-Id: Iecf21b4c35192e98ea9e96b50c0ba0d6d5382a40
CRs-Fixed: 2725446
Host sends SAE auth retry frames if the response/ack for the previous
SAE auth is not received. In roam scenarios like roam abort, HO fail
host don't need to send SAE auth again.
Hence cleanup sae auth timer for roaming scenarios.
Change-Id: I617a61fdb4ce7b6afa66415ebc33a2ce23e3821b
CRs-Fixed: 2730888
For WPA3 SAE, host runs pmf comeback timer to retry assoc request. Host
retires assoc request once if assoc response has response status as
TRY_AGAIN_LATER after 1 seconds.
Problem scenario:
Host sends assoc request to which AP respond with assoc response status
TRY_AGAIN_LATER, deactivates assoc response failure timer and retransmit
assoc request after 1 second. After 1 second host retransmit assoc req
and marks this is "retried" assoc request. If to the retried assoc
request host gets assoc response with reason status TRY_AGAIN_LATER,
host deactivates assoc failure timer and drops the assoc response.
Thus association does not complete and even association timer doesn't
trigger.
Fix:
deactivate assoc failure timer after checking the assoc response status
is not TRY_AGAIN_LATER and deactivate pmf comeback timer on assoc failure
timer gets trigger.
Change-Id: I7fc89063efec3c4a5b0521e9ff8301d6ea64683e
CRs-Fixed: 2730194
Introduce new INI sae_connect_retries to decide auth (initial connect
and roam auth) and connect retry for sae. MAX reties is capped to 2
and max for roam auth is 1.
Default is 0x49 i.e. 1 retry each.
Bits Retry Type
BIT[0:2] AUTH retries
BIT[3:5] Connection reties
BIT[6:8] ROAM AUTH retries
Change-Id: Idae86a7bdb32244c7f3a140b8591418b8238758a
CRs-Fixed: 2728458
Add changes to handle transition to the 2 new states:
1. Roaming in progress: Switch to this state when roam
start notification is received from firmware.
2. Roam Synch in progress: Switch to this from RSO
STARTED state if roam synch indication event is received
from firmware. Change to this state is also allowed in
RSO STOPPED state if supplicant disabled roaming on that
vdev - to allow roam invoke to be processed.
Also query the state machine to get the roaming status instead
of using discrete flags at various layers. Clean the redundant
roaming in progress, roam synch related flags.
Change-Id: Ide20a30d9d8c20a96d8bba70367b51b8643cae09
CRs-Fixed: 2725443
If STA DUT receives assoc response with assoc response status as
eSIR_MAC_TRY_AGAIN_LATER, host starts a pmf comeback timer to
send assoc request again on pmf comeback timer timeout.
Change-Id: Ifb28e44af86daef90db7146572cdfae26dfcaa20
CRs-Fixed: 2728459
Currently, if fw doesn't send phy mode after roaming host itself
calculates phy mode based on band only. Host doesn't consider self
dot11 mode and returns dot11 mode based on 2g band or any other band.
Which may cause different phy modes in fw and host.
Fix: Calculate dot11 based on self dot11 mode, return dot11 mode based
on band only if self dot11 mode is not valid.
Change-Id: Ifa320e3bb8a2ae8cffc59c73501c0643dc3b65af
CRs-Fixed: 2725841
when CSA happens, peer delete will not call
SAP de-register flow, of which may lead adapter
sta_info struct dirty. When STA interface is assigned
new peer_id, it has possibility to conflict with
dirty sta_id in adapter sta_info list. So change to
sync peer delete and notify umac to clean sta_info.
Change-Id: I1703b2b45837e0b4c0814e5c95ae7f86b510e1fc
CRs-Fixed: 2713147
