Currently the driver fills the vdev nss, and default nss
in ft session according to the band on which the roaming
happenend. For eg. if the roaming happenend on 5ghz band,
then the nss value would be filled from the nss 5ghz value.
But the nss is filled before the channel is populated in
the structure, which can lead to wrong nss.
Fix is to fill the nss value after the channel has been
populated in the session.
Change-Id: Ie4fc2452107fe5b1be296be7768868d251796a73
CRs-Fixed: 2467718
In roaming scenario, if association is not completed with
new AP, there is possibility of trying to send disassoc in
failure handling. So, if vdev is in INIT state send
disassoc failure and cleanup session.
Change-Id: I0fcf3b0b51aa810323911c5ebc121767ca22a502
CRs-Fixed: 2453160
eCsrAuthType is the enum of AKMs to be used during connection.
So the name eCsrAuthType is misleading as akm and auth algo are
different.
Also the Linux Coding Style doesn't allow mixed-case names and
so-called Hungarian notation, so rename the enum eCsrAuthType to
be compliant.
Change-Id: I35e18d1f84babd0ef2928ae9d7258028d4c9b3c5
CRs-Fixed: 2463813
The Linux Coding Style doesn't allow mixed-case names and
so-called Hungarian notation, so rename the pMsgBuf to be
compliant.
Change-Id: Ia28e9e8ce69c7fbb6853278ccdb12e722ec24e06
CRs-Fixed: 2463442
The Linux Coding Style doesn't allow mixed-case names and
so-called camelcase notation, so rename the statusCode to be
compliant with the coding style.
Change-Id: I98e0af710401a9718bdc1402617253eb970c5861
CRs-Fixed: 2463825
The Linux Coding Style doesn't allow mixed-case names and
so-called Hungarian notation, so rename the identifier pBssDesc
to be compliant.
Change-Id: I0980de75bbaaeb1eee9321621da1f3ff90e09188
CRs-Fixed: 2463446
Currently in case of CSA announcement with channel switch mode 1,
host wraps "switch wrapper IEs" of the current operating channel
for target channel. This is not expected. Driver should send
fills information about target channel in the channel switch
wrapper IEs.
Fix is to fill IE in host and ignore the IE from hostapd.
Change-Id: Ie2447fa7affdf8211a46877e0d8b0e41796f0cc3
CRs-Fixed: 2444679
Free Dynamic allocated memory in following scenarios:
1. In __lim_ext_scan_forward_bcn_probe_rsp()
Free dynamic allocated memory for result in failure case
2. In sme_oem_data_req()
Free dynamic allocated memory for oem_data_req in failure case.
3. In sme_notify_ht2040_mode()
Free dynamic allocated memory for pHtOpMode in default case.
4. In sme_send_rate_update_ind()
Free dynamic allocated memory for rate_upd if mutex acquire
fails.
5. In sme_txpower_limit()
Free dynamic allocated memory tx_power_limit rate_upd if mutex
acquire fails.
Change-Id: I5deccb5ac10f69ad00ea860f43c821ee7e90c71e
CRs-Fixed: 2465786
In LFR2 scenario, STA roams to IOT AP with which max nss
capability is advertised because ini configured vendor OUI
and data for max nss is found in AP's beacons or probe
responses. On receiving association response with reduced
nss, nss is not updated as part of add_sta. This is resulting
in incorrect nss to be sent in peer_assoc command.
Fix is to update MCS set so that appropriate nss is sent in
peer_assoc command.
Change-Id: Id137a09f24063c8260c21eda6cd74cbb571b9129
CRs-Fixed: 2464318
Link BLM exposed APIs to the following:-
1. csr_get_scan_result:- Link this API with filter bssids in
the reject ap list maintained by the blacklist mgr.
2. lim_assoc_rej_add_to_rssi_based_reject_list:- Link this API
with the the blacklist mgr add bssid to reject list to add the
OCE and BTM related assoc rejects.
3. Userspace avoid list parsing logic for the userspace to set
the BSSID as avoided.
Change-Id: Id51ffb80cea3f845fefe14db25d0f7acda6ea0f3
CRs-Fixed: 2461281
PMKR0 buffer's length is currently 32 bytes in struct
pe_fils_session, which is incapable of storing the
value of Q when SHA384 is used for authentication.
Enlarge the PMKR0 buffer to 48 bytes in case SHA384
is used.
Change-Id: Ib935a4dfc6fc415453d3c3b9cf458cc3b0f4f0a2
CRs-Fixed: 2462643
CSR is populating TX SSID in NonTx to NonTx
BSSID roaming scenario.
SSID is populated from the TX beacon instead
of the generated NonTX beacon. MOdified code
to populate the IE's from NonTX beacon.
Change-Id: Ib02f320ba0e6622ad79a1bd2429ad5f61e53b71b
CRs-Fixed: 2462018
When BTM config is disabled in the supplicant, the BSS
transition bit (19) of the extended capabilities will be
disabled. If BTM offload is enabled, currently driver still
advertises that the BSS transition bit(19) as disabled. This
results in AP disabling 11v for this STA.
Advertise the BSS transition bit (19) as enabled in the extended
capabilities if btm_offload ini bit 1 is enabled.
Change-Id: I7c1977294a2e166321951ee0ec31f18929c42176
CRs-Fixed: 2455919
The Linux Coding Style doesn't allow mixed-case names so rename
pePersona to opmode in struct pe_session to be in compliance.
Change-Id: I3434bdba5300fb89c7e78cd16dacfd151ba7c00b
CRs-Fixed: 2459760
Few IOT APs advertise reduced NSS capabilities on ending
up in bad state. These APs can later recover to support
the actual NSS capabilities. In this scenario, when STA
initiates connection to these APs, which are in bad state,
reduced NSS capabilities is advertised. STA cannot later
upgrade NSS capabilities to the minimum of STA max NSS
capability and APs actual NSS capability, once AP recovers.
Fix is to advertise max NSS capability during connection
with these IOT APs based on vendor OUIs and downgrade if
AP still advertises reduced NSS capability in association
response.
Change-Id: I49ea13534b1a44fd9ffadd1e8fb44e9d782147c4
CRs-Fixed: 2453938
The linux coding style forbids use of typedef unless clearly
some rules are met. The tSirBssDescription doesn't match any of
those criteria, so replace it with underlying structure
bss_description.
Change-Id: I36ad517325117cf04d499c7c472ca6ef5921a85d
CRs-Fixed: 2459769
The Linux Coding Style doesn't allow mixed-case names so rename
bssIdx in struct pe_session to be in compliance.
Change-Id: Idf2df6cb4ca30e4fdae74b8fb39445bb878003c5
CRs-Fixed: 2459768
The Linux Coding Style doesn't allow mixed-case names so rename
eSirBssType in struct pe_session to be in compliance.
Change-Id: Iafe6649a130c77064180c67fb1385d2d7a763370
CRs-Fixed: 2459767
The Linux Coding Style enumerates a few special cases where
typedefs are useful, but stresses "NEVER EVER use a typedef
unless you can clearly match one of those rules." The
tSirMacStatusCodes typedef does not meet any of those criteria,
so replace it properly named enum.
Change-Id: I4712acc4898a60ce78e7a6e71d2e91f5b1929c97
CRs-Fixed: 2459765
When FILS authentication is performed, the key confirmation is
performed as part of the FILS exchange using association frames.
Hence, no additional 4-way handshake is necessary. But still the
host driver sets the WMI_PEER_NEED_PTK_4_WAY flag as part of
peer_assoc command. So firmware expects setting key command after
4-Way handshake is completed. But host sends the set key command
before M4 in this case, which results in firmware assert.
Don't set WMI_PEER_NEED_PTK_4_WAY for FILS connection.
Change-Id: I13451bd7592d5836c16cd648235f691b11aafb15
CRs-Fixed: 2458097
Scenario:
1. Turn on STA and try connect with a PMF capable AP.
2. Configure te AP to reject assoc everytime, with status
code as ASSOC TRY AGAIN.
Issue with DUT:
STA would try again after the time t, which the AP has
specified in the assoc rsp frame, and if the AP sends
the assoc rsp fail continuosly with reason code try again,
then the active command timeout may happen as the
active command to connect would be stuck.
Observation:
Active command timeout happens, because the AP sends
the assoc rsp with the reason code try again and time
after every attempt.
Expectation:
The AP should be added to RSSI reject list, keeping RSSI
as 0, and retry delay as the time specified by AP, which would
result in connection attempt to that AP after the timeout, also
the STA would then continue with the other candidates.
Fix:
Fill the retry delay as the timeout value AP has given, RSSI as
0, and add the BSSID to the reject list, and continue connect
with other BSSIDs
Change-Id: If6155906a586539b3edef3e25bcad4f1e77159c3
CRs-Fixed: 2453875
VDEV UP command doesn't include right MBSSID information, it will
cause data stall issue and so on.
Fix is to provide right MBSSID information with VDEV UP command.
Change-Id: I0201722c14dee1b01b8dacc7e3095301fb02fd3a
CRs-Fixed: 2434405
Currently, TDLS connection can be attempted with
any peer if the stats are more than configured threshold.
If the connection is attempted with connected AP then
add sta will be failed and TDLS disable link is given
by upper layer to cleanup the add sta failure.
TDLS component sends del sta request to lim.
As peer type check was not present del sta request will
be sent to firmware for connected BSS. In the resp path
as there is a check for TDLS peer type, TDLS component
was not notified of the resp and serialization cmd
timeout will happen.
Fix is to check the peer type for tdls peer del sta.
Change-Id: Ibe59256d7f7ba75116e234481569863259f921be
CRs-Fixed: 2453027
The function lim_update_fils_config(), is invoked when
csr_send_join_req() sends the join request message to lim. It
copies the fils related configurations to lim from csr. The
variable csr_fils_info is used for destination lim structure.
This is misleading.
Rename csr_fils_info to pe_fils_info in lim_update_fils_config.
Change-Id: Idac1f73bba5ceff646e09b588f3e08ed4968a0fd
CRs-Fixed: 2445238
Once driver gets QCA_NL80211_VENDOR_SUBCMD_BEACON_REPORTING vendor
command with an attribute for start, firmware sends all
beacons to host for the connected peer. Host extract required info
(SSID, BSSID, Channel number, Beacon Interval, Timestamp, System
timestamp) from incoming beacon for connected AP and sends it to
userspace. Userspace needs this data for WIPS.
Change-Id: I9d6dd068a076bda79881043946be3133ee87fe84
CRs-Fixed: 2431354
CSA on DFS channels requires CAC period after RESTART response, peers
can leave during CAC period due to HB failure. But peers remain
connected in SAP and are not deleted.
Now if vdev down is called during CAC wait period, the peer delete
all is not called, and vdev delete is sent without sending peer
delete to firmare leading to assert.
This change adds the logic to internally disconnect all peers before
channel switch if CAC is required on new channel, i.e new channel is
DFS and pre-CAC is not done and ignore cac is not set.
Change-Id: I923fd11d1b9d4a2c606b19ff94baaf44397d3e20
CRs-Fixed: 2449104
Currently the driver does not sends the assoc req and assoc
response frame exchanged with the AP if the connection attempt
fails with the peer.
The connection failure can be because of n number of reasons,
OCE assoc reject be one of them.
The supplicant requires these IEs to reject the connection
attempt with the AP with which the connect attempt failed
for t number of seconds, which is mentioned by the AP.
Fix is to send the assoc req, and assoc response IEs to
the driver.
Change-Id: I9c1f7063105912a8005f9e8399640d028b15eec7
CRs-Fixed: 2445709
Currently HE capable for TDLS peer is set from STA connection
session which sets the TDLS peer HE capability incorrectly.
Set the HE capable setting for TDLS peer from the peer STA
context that has correct value.
Change-Id: I232d32fb45ea5bbe7c2925922de3804e28f888cc
CRs-Fixed: 2441422
The FTIE subelem lengths are validated before copying
the R0-KH and R1-KH subelement. So remove the sub-element
length sanity check, which is causing parse failure.
Change-Id: I2fd2423e3d33e557e93a82ca250cb8bee1013c1a
CRs-Fixed: 2445863
pLimJoinReq will be NULL for the pe session, created when
STA does a successful FT-Preauth with target AP, using LFR
2.0 based roaming.
Any subsequent roaming using this new pe session will cause NULL
pointer dereference.
Hence checking validity of session->pLimJoinReq before accessing.
Change-Id: I47480a4d22c02ce1cc804430f60e8adf7959164e
CRs-Fixed: 2433647
Adaptive 11r feature that enables the AP to support FT-AKM
without configuring the FT-AKM in the network. The AP will
advertise non-FT akm with a vendor specific IE having Adaptive
11r bit set to 1 in the IE data. The AP also advertises the
MDE in beacon/probe response.
The STA should check the adaptive 11r capability if the AP
advertises MDE in beacon/probe and adaptive 11r capability in
vendor specific IE. If adaptive 11r capability is found,
STA can advertise the FT equivalent of the non-FT AKM and
connect with 11r protocol.
Before sending probe request to the AP, the host driver
intersects the csr_roam_profile akm with the akms advertised
by the AP in the function csr_construct_rsn_ie(). Based on
the intersection, RSN IE is constructed and this RSN IE will
be sent over the association request frame. Add changes to
fill FT-PSK akm selector if AP advertises PSK akm(00:0f:ac,4).
If the AP advertises 802.1X akm, fill FT-802.1x akm(00:0f:ac,3).
If the session is adaptive 11r connection, then copy the
adaptive_11r flag to pe_session while sending join request.
Populate the adaptive 11r vendor specific IE into association
request frame.
Change-Id: Iae6ea37787e96fd7cffca32fc4d9a33eb5772f26
CRs-Fixed: 2441337
Do not allow tdls peer update command if tdls peer is not
found in lim. If peer assoc command is given to FW
without peer create, FW will assert.
Remove tdls peers in tdls component in case of roaming as
peers are deleted in lim as part of roaming.
Change-Id: Ie227da682e4d30c9b583881f7e2eaafe91826476
CRs-Fixed: 2441951
When AP sends deauthentication/disassociation frame, host will
handle the deauth/disassoc frame. If the ini
"enable_disconnect_roam_offload" is enabled, firmware will
trigger a roam scan immediately after deauth/disassoc is
received and roam to a new AP. If roam failure happens after
this roam scan, firmware will send WMI_ROAM_EVENTID with reason
WMI_ROAM_REASON_DEAUTH.
Register a WMA callback to call the PE disconnect handler
function. This will call lim_tear_down_link_with_ap() to
handle the deauth state machine changes and posts message to
sme to inform the link lost info.
Change-Id: I404b019595b96c0710d09cb9218e3a1d28924fc7
CRs-Fixed: 2443219
1. Move the VDEV SM to UP state in lim_process_mlm_reassoc_cnf in
success cases similar to lim_handle_sme_join_result.
2. Handle LFR2 fail case in lim_process_mlm_reassoc_cnf
1) Vdev start failure
2) Reassoc timeout
3) Reassoc reject
Change-Id: Id34715faa9428fc11f5330a353258542c8ce29e3
CRs-Fixed: 2442470
Generate PMK-R0 and PMK-R1NAME for FT-FILS connection and send it
over assoc request frame.
According to 802.11-2016 standard:
PMK-R0 is derived as:
R0-Key-Data = KDF-Hash-Length(XXKey, "FT-R0", SSIDlength ||
SSID || MDID || R0KHlength ||
R0KH-ID || S0KH-ID)
PMK-R0 = L(R0-Key-Data, 0, Q)
PMKR0Name = Truncate-128(SHA-256("FT-R0N" || PMK-R0Name-Salt))
PMK-R1 is derived as:
PMK-R1 = KDF-Hash-Length(PMK-R0, "FT-R1", R1KH-ID || S1KH-ID)
PMK-R1Name is derived as:
PMKR1Name = Truncate-128(SHA-256(“FT-R1N” || PMKR0Name ||
R1KH-ID || S1KH-ID))
Call qdf_get_hash() function to generate a sha-256 or sha-384
hash. Use qdf_get_hash() with hmac(sha-256) or hmac(sha-384)
to generate hmac_hash.
Set PMKID count as 1 in RSN IE and copy the PMKR1-name
generated to the PMKID list. This PMKR1 should be the only
entry in PMKID list in assoc request frame sent by the driver
during FT-FILS initial mobility domain FILS connection.
Change-Id: Ic634aebbe42a58b92f871cf3258c62f7541d161a
CRs-Fixed: 2414719
