Module is saved in specified memory location when loading. In some
third platform, after rmmod/insmod wlan.ko for a while, wlan.ko may
fail to load due to memory fragmentation.
Split wlan.ko into wlan_resident.ko and wlan.ko. Keep wlan_resident.ko
in kernel all the while and trigger insmod/rmmod only on wlan.ko.
wlan_resident.ko contains all the module realization while wlan.ko
only contains module init/exit.
Change-Id: Iaeb6d810293cc000de8d6ec1df5cd985cef0c317
CRs-Fixed: 2727941
Print info related to WTC BTM roaming coming via
wmi_roam_trigger_reason_tlv_param.
Print timestamp, which indicates the time when btm response is sent
to AP, coming via wmi_roam_btm_response_info_tlv_param to HOST.
Change-Id: I2c408527739e1e2831015dd7b959ab17299abf6b
CRs-Fixed: 2740597
Dynamic rx aggregation feature depends on the context
id which is obtained from the packet context block.
This context id is invalid when this feature is not
enabled, and hence can lead to out of array access/write
leading to memory corruption.
Fix this issue by not using the context id when the dynamic
rx aggregation feature is not enabled.
Change-Id: Ie551217409b0f5aa2f704f9c617949e0d42a74d0
CRs-Fixed: 2742653
In scenarios where p2p is going to be the first connection,
while performing group negotiation, pass up the allowed non-pcl
channels with valid weight so that supplicant can include these
channels as well during negotiation.
Passing interface mode to policy_mgr_get_valid_chan_weights and
populating the channel list based on policy_mgr_is_concurrency_allowed
api for the given mode and assign WEIGHT_OF_NON_PCL_CHANNELS for all
allowed channels.
Change-Id: I8ff08163e6490642f9c2ebd9ca08f1275a2bb1b8
CRs-Fixed: 2734756
During the init sequnce host and firmware exchange the capability
messages, if there is any timeout driver currently induces the fatal
to debug the issues.
If the reason for the timeout is beacaue is because of firmware is
already recovering gracefully return resulting in probe failure.
Change-Id: I487aeae23db37a0ad2d991bae113b221e19a439a
CRs-Fixed: 2742638
If it is LFR2.0 roaming and BTM trigger, original procedure is always
stopping roaming scan with reason REASON_OS_REQUESTED_ROAMING_NOW,
After roaming stop configured, it will check the stop reason and post
eWNI_SME_ROAM_SCAN_OFFLOAD_RSP to invoke host handover to new AP.
Currently the roaming scan logic is changed, if roaming scan not in
enabled state, it will not invoke roaming scan stop, so host handover
cannot invoke when BTM.
And even roaming scan was enabled, the stop reason was override to
REASON_SME_ISSUED in csr_post_rso_stop(), also cannot invoke handover.
Fix it by check the stop reason against REASON_OS_REQUESTED_ROAMING_NOW,
which indicate it is LFR2.0 reassociation invoked by supplicant.
Change-Id: I39a84d06b9c696179da1b854985a23b874a399c5
CRs-Fixed: 2737888
Set the user power save configuration setting in NL power save
command handler.
Change-Id: I8f4d1955071af08a5c0511a4c01c46d79e70e1b0
CRs-Fixed: 2743237
AGO/AP is started and beaconing, but the hostapd_cli status cmd still
show "dfs". This will happen when the STA connected on DFS
channel and AGO/AP is starting on same DFS channel.
By design the AGO/AP CAC is skipped due to STA+SAP DFS concurrency.
If we skip CAC timer, we will need to indicate the CAC event
even though driver doesn't perform CAC, otherwise hostapd will
stuck in "DFS" state.
Change-Id: I7961d0b976fd84fc1f29449d98eb150d1463a92f
CRs-Fixed: 2733624
It will enable periodic capture of tsf and qtime pair.
The qtime will be used as reference for determining
instantaneous tsf.
The 'cat tsf’ command to fetch tsf will print the tsf
at that instant as well along with qtime and host time.
CRs-Fixed: 2736030
Change-Id: I11eb70d4ae710ef2bf50ebee708801fa67d0396c
Issue: Currently host supports WLAN_AKM_SUITE_FT_8021X_SHA384,
RSN_AUTH_KEY_MGMT_CCKM and RSN_AUTH_KEY_MGMT_OSEN AKM
in sta mode but doesn't advertise these akm suites which
may cause issue for FT_8021X_SHA384, RSN_AUTH_KEY_MGMT_CCKM
and RSN_AUTH_KEY_MGMT_OSEN supported connection.
Fix: update wiphy->iftype_akm_suites and advertise missing akm
suites.
Change-Id: I43762c38e15746f50f897a6026b1b96fd571ec4d
CRs-Fixed: 2713183
- Limit the timeout value of the BLM entry if it has big comeback
value and allow connection to that BSSID.
- Fix the BLM entry time stamp boundary checks.
Change-Id: I07bf7b1fce1c1e8d349c4fc0a9b0fed07f237197
CRs-Fixed: 2741689
Possible use of uninitialized Variable "report" in
rrm_process_beacon_req.
Fix is to initialize "report" pointer to NULL,
before use.
Change-Id: I1dcbec60b0028d52046ce28836df83a04e2ed830
CRs-Fixed: 2734078
During idle shutdown(T1 Thread), Driver sends the PDEV
suspend command to FW. If ACK is not received, driver initiates
the work for self recovery. As a part of self recovery(T2 thread)
driver allocates the memory and sends the force fw hang cmd and
wait for the event.
T1 thread continues and stop all the modules and check for mem leaks.
Since t2 thread is not completed and free the memory, the crash
happens as a part of mem leak check.
Fix this race condition by cancelling and flushing the recovery work
in cds close.
CRs-Fixed: 2730021
Change-Id: Ieffff621e0838b341531c5b7feda1277ee4f70fd
In wma_get_trigger_detail_str() driver prints the roam trigger
detail for Low rssi and Periodic scan triggers, the RSSI value of
the current AP is the value before roam scan is triggered. But
the firmware considers the rssi of the current AP after roam scan
is complete to calculate the next RSSI threshold. So there could
be mismatch in the current rssi value and next rssi threshold
when roam_info->rssi_trig_data.threshold is used to print the
current AP rssi.
Use roam_info->current_rssi to print the current connected AP
rssi in the roam trigger logging.
Change-Id: Ib154bb3cbdfe13dbcdd8c8830cdafb6daefa34b5
CRs-Fixed: 2739346
Since there is common API to get spectral version, so use ucfg API to
get spectral version directly and remove unused codes.
Change-Id: Icfd4c68a035166dcaa32478128107249df2c4c95
CRs-Fixed: 2575839
Currently, bus bw timer is not stopped if STA disconnection is
timed out. Due to this hdd_bus_bandwidth_deinit fails.
Force stop the bus bw timer during hdd_wlan_stop_modules to avoid
hdd_bus_bandwidth_deinit to fail.
Change-Id: Idcdf011383838f1dc061f3e0f32ada97e617a8c9
CRs-Fixed: 2739304
As part of beacon report request , currently driver sets last
beacon report indication data field to be 1 for last frame of
every channel. This is incorrect as per spec as the
expectation is to set this only after all channels of all
beacon measurement requests are done.
Add change to set the last beacon report fragment bit only
after measurement is complete on all channels for all the
measurement request index for a beacon report request. If
last channel has empty result and AP supports last beacon
report indication, then send empty report with last beacon
report indication element.
Change-Id: Ic8902b61c5a370ec828022cd73dffdef9eb37f32
CRs-Fixed: 2720249
In DUT sta mode, when tcp/udp stream between sta and PC ethernet at same
subnet, dst mac addr of each tx skb is not bssid, but ethernet mac of the
PC. Since only self peer and bssid peer are created on DUT, the ethernet
mac addr of the PC can't be found from peer list at all by
ol_txrx_peer_find_hash_find_get_ref, ol_txrx_peer_get_ref_by_addr and
ol_txrx_get_vdev_by_peer_addr return NULL. For each tx skb, 2 txrx log
will print and be saved to storage by cnss_diag, throughput is impacted
and LEGACY_TX_FLOW_CONTROL doesn't work too.
Fix: In sta mode, use connected bssid to find dp peer and vdev.
Log sample:
18769633: [soft_i][0x650c858e][08:11:05.109017]wlan: [0:IH:TXRX] PDEV
not found for peer_addr:a0:36:9f:21:18:88
18769633: [soft_i][0x650c85b3][08:11:05.109019]wlan: [0:IH:TXRX]
ol_txrx_get_tx_resource: Invalid peer address: a0:36:9f:21:18:88
Change-Id: Ib87bbe5cbb1c8d0aa31d06b32dc98d9b3b9456b3
CRs-Fixed: 2715377
Add support to enable or disable GRO per adapter at
runtime based on the ingress qdisc registered for the
net device. Disable GRO when ingress qdisc is configured
and enable GRO when there is no ingress qdisc configured.
Change-Id: Ie9ced2c92d176c040bc44da4cee93db55c6a335a
CRs-Fixed: 2739414
Check the required security types allowed for 6GHz connection and
do not allow the connection if the secutiry check fails.
Change-Id: Ic680c4600b3f17151e42f8708ff8810e5d16e52e
CRs-Fixed: 2715086
It starts spectral scan without vdev object, and uses the first vdev
as current vdev. which cause vdev mismatch in some platform. So pass
vdev object when starting spectral scan.
Change-Id: I7571d2f3716079969de872372779aa28d60c82ce
CRs-Fixed: 2716454
Add new channel 177 to wiphy struct ieee80211_channel
hdd_etsi13_srd_ch and rename the struct to
hdd_5dot9_ghz_ch.
Add a new ini fcc_5dot9_ghz_chan_in_master_mode to
enable/disable new 5.9 GHz channels 169, 173 and 177
in master mode.
Change-Id: I68dc3be18277ca0e416a579327f406279458899e
CRs-Fixed: 2693707
Remove the support of BLM in case of assoc
comeback assoc reject as anyway the driver
retries the assoc again after a specific time.
Change-Id: I8b49472d59ab8d41f591159cbf897b2e8c7e877c
CRs-Fixed: 2738544
Add sanity check on head_skb->data_len, head_skb->data_len should be
equal to equal to sum of all frag_skb->len. Assert and drop such invalid
length skb aggregate.
Change-Id: Ie6d2eea1b41fbb2909d34d18d0629844b4be9af3
CRs-Fixed: 2728294
Replace enum band_info with reg_wifi_band in APIs to set phy mode
for support of 6GHz.
Change-Id: I834a8ae61270a6e8ee43d15beb0825c21c5a6d06
CRs-Fixed: 2733417
Host driver uses reference count get and put implementation to
synchronize sta_info access. But it is very difficult to debug issues
where these reference count get and put are not used properly.
To address this, add a debug infra to identify the API where sta_info
ref count get and put handling is incorrect.
Change-Id: If384798f353ee66e149b4caabdc359379c69d072
CRs-Fixed: 2733933
Currently the band_capabability from mlme_cfg is a bitmap over
reg_wifi_band. Update the checks so that it is compared with
a bitmap, instead of with band_info.
Change-Id: Ibad0231f1f6e5c555e6e5be5a5662fd26c549037
CRs-fixed: 2738440
Currently, when SAP is being restarted on a phymode change,
the logic will run unconditionally. Add a check to see if SAP
is up first before attempting to restart it.
Change-Id: I7c02b3c62d265c6e4989901bc108d53689425f0c
CRs-fixed: 2734308
To handle no-inter-band MCC scenarios for dual MAC non-DBS solutions,
add changes to detect capability at run-time based on service bits.
If the service is set then code for only intra-band MCC will be
exercised.
Change-Id: If62068f8f05c17278d279f36ec11bc9ca123dfbd
CRs-Fixed: 2730359
Currently, NDI adapter is not restarted when SSR happens. Start the
adapter as part of recovery so that it creates NDI vdev.
Change-Id: Ifa159b53e7e9571404f1d9cecd62755fe5e8c600
CRs-Fixed: 2707460
Currently, host driver sends NAN disable request to firmware and
firmware sends NAN disable indication as a response. Host driver
forwards this indication to framework. But when SSR happens,
driver needs to send this NAN disable indication to framework
as firmware lost the NAN context. This allows framework to
initiate NAN again. Send the NAN disable indication with success
status code to framework after recovery.
Change-Id: Ic2139e159f0c1d9c1fb5c39597ce18e0787e809b
CRs-Fixed: 2735047
Register STA tx completion callback with dp as part of
vdev registration to update successful ack stats.
Change-Id: I27f36336f0e37d43cc2cdff204c0217667a48b13
CRs-Fixed: 2682020
After SSR host reinits and as a part of start all adapters host
starts monitor mode and sets the channel. To set the channel for
monitor mode, host send vdev start command to fw, at the same time
host checks for interfaces down during SSR. If the monitor mode is
down during SSR, host stops monitor mode adapter and sends vdev
delete command to fw. As a result, fw doesn't respond to vdev start
command and host receives only vdev delete response. Thus vdev
response timer timeout and host triggers self recovery.
Hence do not set monitor mode channel if monitor interfaces is down
during SSR.
Change-Id: Ia381de3e0797e597158f028d7bded5fc33019150
CRs-Fixed: 2733706
Crash is seen when the mode change and shutdown happens in
parallel. Mode change is the driver trans and shutdown is a
psoc trans. If mode change is going on and shutdown req comes
then shutddown trans is rejected. Currently driver crashes
whenever psoc trans is rejected.
Avoid BUG_ON when the psoc trans is rejected.
CRs-Fixed: 2732103
Change-Id: Iad1ab4f188702ed581e3b41c1cdef1c495015048
5ghz AP broadcasts beacon frame with no HT caps but
VHT and HE caps are present.STA should connect to AP
in HE mode, but STA connects in 11a mode.Fix is to
check if AP supports HE connect in 11ax mode.
Change-Id: Id9e4f620e395d4ca2617af190b677003d1f9e4cf
CRs-Fixed: 2724747
FW sends a disconnect request to HOST while roaming failure
through event WMI_VDEV_DISCONNECT_EVENTID per vdev id. For disconnect
reason SA query timeout in WMI_VDEV_DISCONNECT_EVENTID, add support
to handle disconnect request from FW.
Change-Id: If911b18476d021bfe62eb10b4db3c2eec2a37743
CRs-Fixed: 2736242
Wlan phy mode in sap roaming profile will become invalid when
the following corner case happens:
1) sta starts in 5G channel x;
2) sap starts in 5G channel y, leading to mcc;
3) sap moves to 2.4G band on the other mac;
In the above case, sap channel frequency will be set to 2.4G,
but the phy mode in its roaming profile will not change.
Override the sap phy mode in its roaming profile so it aligns
with channel frequency again.
Change-Id: I0b243c1d312f77bf4a4d782f6b9d0d75928d0277
CRs-Fixed: 2736429
Currently there is no way to know if an stainfo is
already detached and driver can detach stainfo
again which may lead to put sta ref count twice in
some race condition.
In current scenario SAP receives the deauth from station,
disconnects the station and puts the sta reference taken
against station attach.
In parallel to the deauth from station if SAP gets the
disconnect from user space, it gets the sta reference
and moves ahead with the disconnect process, in this
process again does detach and does the put sta ref
taken as part of the sta attach, in this way it puts the
sta info twice.
To address above issue add logic to check if stainfo is
already detached or not, if sta info is not already
detached, detach the sta info and do the put ref.
Change-Id: I00c75c4d850931fb2a347d740002c21fae50785a
CRs-Fixed: 2735151
Currently, the pm_qos request and cpu mask is updated in bus bandwidth
work handler. In low-latency mode also, cpu mask and pm qos request is
updated. In cases when low latency mode is enabled and cpu mask is set
to all, the bus bandwidth work handler may overwrite the settings done
in LLM mode.
To resolve this issue, add a condition to check if llm_enabled is set
while updating the pm qos request.
Change-Id: I42c131c943128702de95f545c99e35978586d417
CRs-Fixed: 2733979
MSCS enables the establishment of classification using layer 2 and/or
layer 3 signaling to classify incoming individually addressed MSDUs
into streams. The MSCS Descriptor element defines information about
the parameters used to classify streams.
Host gets MSCS IE in set IE user request. Host adds the support to set
MSCS ie in assoc req.
Change-Id: I9c458326ffba3bad58ba27a611f5753afcf0531a
CRs-Fixed: 2732722
Operating frequency may not have been filled up yet, from connectiion
profile. Check for the same.
Change-Id: I5f3c28fb855920c6038ce0714e9e0b3c4c21e7ef
CRs-Fixed: 2731261
If peer phymode is not same as vdev phymode on channel switch the
peer phymode is updated with vdev phymode.
It should consider the prev peer phymode to calculate the new
phymode.
Change-Id: I33b57ad991a5899742e7aa4334089762cd325c59
CRs-Fixed: 2736158
When reassociate, roaming is disabled by wpa_supplicant, but RSO stop
reason REASON_SUPPLICANT_DISABLED_ROAMING is ignored and roam scan mode
isn't cleared to 0 before vdev WMI_ROAM_FW_OFFLOAD_ENABLE_FLAG flag is
cleared. Then host can't receive peer unmap/map event when wlan disconnect
and reconnect, host dp peer id isn't updated, Rx frames are dropped for
peer id mismatch.
Fix: When roaming is disabled, make sure roam scan mode is cleared to 0
before vdev WMI_ROAM_FW_OFFLOAD_ENABLE_FLAG flag is cleared.
Change-Id: Ia471998cf631948d8ffa701e67fcee22eebb0fa0
CRs-Fixed: 2734351
When we receive a packet from the network stack for
transmission, we make a copy of this skb and free the
shared skb before trying to trasnmit it.
Currently the mac address used for tdls operations is
taken as a pointer to the original skb, which gets freed
after the skb_unshare.
Copy the mac address into a local stack memory instead
of using a pointer to the skb data to avoid the
use-after-free condition.
Change-Id: I9f0e6260476d5a41b7209a6a599f50a548b953b5
CRs-Fixed: 2733445
