Currently there is no way to know if an stainfo is
already detached and driver can detach stainfo
again which may lead to put sta ref count twice in
some race condition.
In current scenario SAP receives the deauth from station,
disconnects the station and puts the sta reference taken
against station attach.
In parallel to the deauth from station if SAP gets the
disconnect from user space, it gets the sta reference
and moves ahead with the disconnect process, in this
process again does detach and does the put sta ref
taken as part of the sta attach, in this way it puts the
sta info twice.
To address above issue add logic to check if stainfo is
already detached or not, if sta info is not already
detached, detach the sta info and do the put ref.
Change-Id: I00c75c4d850931fb2a347d740002c21fae50785a
CRs-Fixed: 2735151
Currently, the pm_qos request and cpu mask is updated in bus bandwidth
work handler. In low-latency mode also, cpu mask and pm qos request is
updated. In cases when low latency mode is enabled and cpu mask is set
to all, the bus bandwidth work handler may overwrite the settings done
in LLM mode.
To resolve this issue, add a condition to check if llm_enabled is set
while updating the pm qos request.
Change-Id: I42c131c943128702de95f545c99e35978586d417
CRs-Fixed: 2733979
MSCS enables the establishment of classification using layer 2 and/or
layer 3 signaling to classify incoming individually addressed MSDUs
into streams. The MSCS Descriptor element defines information about
the parameters used to classify streams.
Host gets MSCS IE in set IE user request. Host adds the support to set
MSCS ie in assoc req.
Change-Id: I9c458326ffba3bad58ba27a611f5753afcf0531a
CRs-Fixed: 2732722
When we receive a packet from the network stack for
transmission, we make a copy of this skb and free the
shared skb before trying to trasnmit it.
Currently the mac address used for tdls operations is
taken as a pointer to the original skb, which gets freed
after the skb_unshare.
Copy the mac address into a local stack memory instead
of using a pointer to the skb data to avoid the
use-after-free condition.
Change-Id: I9f0e6260476d5a41b7209a6a599f50a548b953b5
CRs-Fixed: 2733445
Roam invoke is done by driver if reconnect to same bssid is
received or driver FASTREASSOC command is received from the
supplicant. If roaming module is not initialized at firmware,
then still we send roam invoke to firmware and firmware sends
roam invoke failure as part of which disconnection occurs.
Check if roaming module is initialized at firmware, else return
failure for the reassociation request from userspace.
Send failure only if the kernel version is greater than 4.9,
since the fix to handle reassociation failure is available from
this version.
Change-Id: I0feae326be751e50f7327c91739cd7dddab500e9
CRs-Fixed: 2724686
Rename file name and modify function names to keep it inline
with sysfs attribute name 'dp_trace'
Change-Id: Id4e366bea50d1bda95ee02cd7edd02691d0f70c6
CRs-Fixed: 2731064
Rename file name and modify function names to keep it inline
with sysfs attribute name 'stats'
Change-Id: Iffc390d4865977f9eff72a6a4bcf708c014f482e
CRs-Fixed: 2731064
Rename file name and modify function names to keep it inline
with sysfs attribute name 'range_ext'
Change-Id: Icf7ebbbcf1b8b219e64d1c9b98f1946069f91322
CRs-Fixed: 2731064
Rename file name and modify function names to keep it inline
with sysfs attribute name 'wlan_dbg'
Change-Id: I7d0e7b67afa701abd64efb62012c218ee4ab158d
CRs-Fixed: 2731064
Rename file name and modify function names to keep it inline
with sysfs attribute name 'fw_mode_config'
Change-Id: Ia389fa8807bbd0e58de58c503d9f3bbbef9ec707
CRs-Fixed: 2731064
Rename file name and modify function names to keep it inline
with sysfs attribute name 'scan_config'
Change-Id: I6621cbe5571541d073072ef9e0348d771fd3bc4a
CRs-Fixed: 2731064
Rename file name and modify function names to keep it inline
with sysfs attribute name 'radar'
Change-Id: If13effc45323f5a286d8aeb7a8e27848cb3e618b
CRs-Fixed: 2731064
Rename file name and modify function names to keep it inline
with sysfs attribute name 'tx_stbc'
Change-Id: I274c1405fab7385202431b48d65603c38783222b
CRs-Fixed: 2731064
Rename file name and modify function names to keep it inline
with sysfs attribute name 'tdls_peers'
Change-Id: If6aa504dccd22ce0ccff11f3d73ffb1eedb5895c
CRs-Fixed: 2731064
Rename file name and modify function names to keep it inline
with sysfs attribute name 'sta_info'
Change-Id: Ibb13c1496ea1dd5bc3b024b99414ac8d72db3be6
CRs-Fixed: 2731064
Rename file name and modify function names to keep it inline
with sysfs attribute name 'temperature'
Change-Id: I8f31d59be9954d3ffe1ff7c11d16dd24b9e2644d
CRs-Fixed: 2731064
Rename file name and modify function names to keep it inline
with sysfs attribute name 'monitor_mode_channel'
Change-Id: Ic207d6e29c14a0b33ed4982d533a78729d32a4ba
CRs-Fixed: 2731064
Rename file name and modify function names to keep it inline
with sysfs attribute name 'channel'
Change-Id: I9c73e572bdb80edc3431180448dffd9843d6a720
CRs-Fixed: 2731064
Currently reinit resets the recovery in progress flag when
reinit is successul. It may happen that after initial handshake
with FW during reinit, FW crashes and send the FW down indication
to the driver. Driver sets the recovery flag in FW down but it gets
reset on the successul reinit.
Now on subsequent shutdown, driver crashes as recovery flag is
reset by last reinit.
Check for fw down to reset the recovery flag on reinit completion
CRs-Fixed: 2727205
Change-Id: I88effc1211de138351ef9b232645d0c616a9d5dc
Userspace can configure different roam control params as
defined in qca_vendor_attr_roam_control through the roam subcmd
QCA_NL80211_VENDOR_SUBCMD_ROAM and the below attributes:
QCA_ATTR_ROAM_CONTROL_SCAN_FREQ_SCHEME
QCA_ATTR_ROAM_CONTROL_CONNECTED_RSSI_THRESHOLD
QCA_ATTR_ROAM_CONTROL_CANDIDATE_RSSI_THRESHOLD
QCA_ATTR_ROAM_CONTROL_USER_REASON
Send value of above attribute to fw through command
WMI_ROAM_ENABLE_DISABLE_TRIGGER_REASON_CMDID for trigger
reason WMI_ROAM_TRIGGER_REASON_BTM_WTC.
Change-Id: I17502eebab56652192164144b7ebdadb32033117
CRs-Fixed: 2729119
SAP sends unicast disassoc to associated stations
as part of the del station request from userspace.
But host is flushing the tids as well at the same
time causing a race in FW which is failing to send
out the unicast deauth/disassoc. Fix is to add the
delay between sending the unicast frame & flush tid.
Change-Id: If52da8766f72b8f5a1ed97ca5e1d9f87d82840d8
CRs-Fixed: 2731483
If ERP key lengths are greater than maximum valid lengths,
currently the connect request is allowed to go through.
Allow fils connection to go through only if erp keys are
not sent in connect. If erp information is present, validate
the rrk, realm, username length.
Add changes to lookup pmkid based on bssid also in addition to
the existing logic to lookup based on fils cache_id and ssid.
Change-Id: Iebde1f382b7db13553b848a459cb4a783744c2a6
CRs-Fixed: 2732050
Currently in SAP case if a station disconnects and re-connects
to the SAP, in the process of register sta, SAP clears
previous reference of the station and re-initializes the sta
info. Because of this when the thread which actually took the
reference, tries to release the reference, is not able to release
the reference as the ref count is already set to zero as part
of the reconnect which results in undefined behaviour.
To address this issue, retain the ref count of the sta info
in case of re-connect from the same station.
Change-id: Ie9558ca8e59601b48f9be7fff37cc530874ab5ad
CRs-Fixed: 2730782
The band_capability field is used in other places to be
a bitmap over reg_wifi_band. Update the field in wma_tgt_cfg and
wlan_mlme_generic to take the same bitmap for consistency.
Update all references to these fields to expect a bitmap as well.
Change-Id: I8abd697e2fbe02b4eadd32f3027bef7408bac2a0
CRs-fixed: 2726710
Update calls from reg_get_curr_band to reg_get_band since
they provide the same functionality.
Update calls to reg_get_band to expect a bitmap since the API
has been updated.
Update getband driver command to convert the bitmap to the
old values. Also add the new vendor command getband.
Change-Id: I069489ebf4826f8f4bfcb974b74e4d0591d5b33f
CRs-fixed: 2726361
Update both the driver and vendor setband command to support the
new 6G band. Specific changes include:
1. Update driver setband command to convert userspace
input into a setband bitmap.
2. Update vendor setband command to accept a bitmask
or a value
3. Add support API to convert between vendor mask and reg
bitmap.
Change-Id: Ic968261ce5c3712f1e73cac0cb5a5f030118753a
CRs-fixed: 2726314
Any direct reference to adapter->vdev outside the initial
assignment should use get/put to properly refer the vdev.
core/hdd/src/wlan_hdd_nan_datapath.c
core/hdd/src/wlan_hdd_p2p.c
core/hdd/src/wlan_hdd_softap_tx_rx.c
Change-Id: I2e98ca517c63ad0a03d3539fc9f97f8e466ba2ab
CRs-Fixed: 2714025
Any direct reference to adapter->vdev outside the initial
assignment should use get/put to properly refer the vdev.
core/hdd/src/wlan_hdd_power.c
Change-Id: I68a093c92e57b7076cf4f41e9f69f747f0c7e6ec
CRs-Fixed: 2714025
Any direct reference to adapter->vdev outside the initial
assignment should use get/put to properly refer the vdev.
core/hdd/src/wlan_hdd_ioctl.c
core/hdd/src/wlan_hdd_station_info.c
os_if/interop_issues_ap/src/wlan_cfg80211_interop_issues_ap.c
Change-Id: I897ee8ac2a4816b91ed48e2c32e97540430c5520
CRs-Fixed: 2714025
When nan_sap and nan_disable are supported but nan_dbs is not
supported,
1. Allow SAP+NAN concurrency if force SCC is supported
2. Disable NAN if SAP comes up on a different band and force SCC is
not supported
3. Reject NAN enable if SAP is already on a different band and force SCC is
not supported
Change-Id: Ic53eedcda2e5b314f9be2a4bd913d5e63f6613a2
CRs-Fixed: 2729986
nan_disable_support is the firmware capability to allow host to
disable NAN. So that host can disable NAN in any unsupported
concurrencies. This was actually introduced to handle
NAN concurrencies. Rename the capability flag and corresponding
APIs across host driver to resemble the functionality.
Change-Id: I24805194fdb855040bcc518acc96459ee7cb5128
CRs-Fixed: 2729984
For user request of get roam scan frequencies using vendor sub command
QCA_WLAN_VENDOR_ROAMING_SUBCMD_CONTROL_GET and vendor sub attribute
QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_CONTROL, host replies with list
of roam scan frequencies.
Change-Id: Ia63a5181e13541629a380dec9a032743d15add0c
CRs-Fixed: 2725834
Add changes to handle transition to the 2 new states:
1. Roaming in progress: Switch to this state when roam
start notification is received from firmware.
2. Roam Synch in progress: Switch to this from RSO
STARTED state if roam synch indication event is received
from firmware. Change to this state is also allowed in
RSO STOPPED state if supplicant disabled roaming on that
vdev - to allow roam invoke to be processed.
Also query the state machine to get the roaming status instead
of using discrete flags at various layers. Clean the redundant
roaming in progress, roam synch related flags.
Change-Id: Ide20a30d9d8c20a96d8bba70367b51b8643cae09
CRs-Fixed: 2725443
Fix the type mismatch issue in set wifi config PHY_MODE and
refactor related APIs.
Change-Id: I2d84f144766126c54e2ed449d367316b65fc769c
CRs-Fixed: 2706050
Currently, kernel and driver both support dpp akm suite.
but driver doesn't advertise WLAN_AKM_SUITE_DPP_RSN which may
cause issue for WLAN_AKM_SUITE_DPP_RSN supported connection.
Fix: Advertise WLAN_AKM_SUITE_DPP_RSN as supported akm suite
in sta mode.
Change-Id: I5882b310a742c06ad57e97fc24735a9e5021f352
CRs-Fixed: 2726197
WMI_VDEV_BCN_LATENCY_EVENTID is sent by firmware when it receives
the latency IE from connected AP in beacon.
Add handler for this event and when latency_level received is ultra
low in latency IE, update request pm qos type PM_QOS_CPU_DMA_LATENCY
to level DISABLE_KRAIT_IDLE_PS_VAL to speed up CPU efficiency and
irq response. This is needed for Voice and Music products where extreme
low latency is needed while playing music and high power consumption is
accepted.
Change-Id: I3c63ef247f4f4a1add68111ef1bcee6daafd148a
CRs-Fixed: 2723205
On dp_aggregation sysfs store or show, wiphy is fetched
from hdd context without validation. This could result
in possible NULL hdd context dereference.
Fix is to validate the hdd context before dereference
to get wiphy.
Change-Id: I0d01f64e95c9aa3f09ccc940a64d5a25148c302e
CRs-Fixed: 2726433
SAP sends broadcast disassoc to associated stations
as part of the del station request from userspace.
hdd_softap_deauth_current_sta is sending broadcast
address to SME to send the disassoc frame instead
of associated STA address. Modified API to pass
the STA address.
Change-Id: I1645441804abef3c76f7deeff44ef929684c0bf1
CRs-Fixed: 2726960
Race conditon is seen between the mode change and Wifi Off.
When mode change happens, modules are stopped and wmi handle
becomes NULL. As a part of state ctrl param write, BLM module
uses this wmi handle to send the reject ap list to FW.
Add the psoc op start protection for the ops required during
wifi off.
CRs-Fixed: 2722283
Change-Id: I8e8d9ca789dcacf201934105725e677ce9e0a031
Currently wmm dscp will be called when open adapter,
as wmm dscp will send wmi cmd to fw, it is not right
place as adapter not yet started.
Move wmm dscp init to hdd_wmm_adapter_init, which
adapter vdev has been created.
Change-Id: I41b5e79d0b28ead9c449612ca2d2ed7529b3495f
CRs-Fixed: 2725883
There is possible dfs cac timer start on p2pgo,
then ssr happens, which cause timer leak.
Clean up dfs cac timer when stop adapter.
Change-Id: I8fe67420196ac752941476312caa7a80f2b3e264
CRs-Fixed: 2720896
Currently in the driver, there is no limit on how many number of times
get_tx_power can be requested by the userspace. This can lead to
potential issues where the firmware crashes due to excessive stats
request.
Add a time based rate limiting logic wherein the function call only
sends request to the firmware once in three seconds. In other cases, it
returns the cached value present in the adapter.
Change-Id: I65f23135d88c66e6438484715dafce3def14ddb3
CRs-Fixed: 2717633
For FILS pmksa caching, the STA can use the PMKSA cached as
part of the full 802.1x connection. When FILS PMKSA caching
is used, the supplicant might not send the ERP keys in the
connect request. So add support to allow connection when
ERP keys are not received in connect request but FILS
PMK is present in the cache.
If the PMK cache lookup is successful for the bssid,
use pmksa caching to associate, else fallback to full 802.1x
to associate to the BSS.
Change-Id: I9fa67ee5978b7199da1cb638f7f321baed6e5913
CRs-Fixed: 2710402
Pointer 'hif_ctx' returned from call to function 'cds_get_context'
may be NULL. Check for NULL pointer before de-referencing it.
Change-Id: I9d34d877783b35829faf2049c3c8c43519e12914
CRs-Fixed: 2726468
