Any direct reference to adapter->vdev outside the initial
assignment should use get/put to properly refer the vdev.
core/hdd/src/wlan_hdd_ioctl.c
core/hdd/src/wlan_hdd_station_info.c
os_if/interop_issues_ap/src/wlan_cfg80211_interop_issues_ap.c
Change-Id: I897ee8ac2a4816b91ed48e2c32e97540430c5520
CRs-Fixed: 2714025
Currently, policy mgr table entries correspond to NAN/NDI are
updated only if nan_dbs is supported. Update/access the
policy mgr table even when nan_conc_control is supported by host.
This allows the host to take care of NAN cuncurrencies through
policy mgr on the non-DBS platforms.
Process NAN enable request in host if nan_conc_control is
supported, which updates the NAN entry to policy mgr table.
Change-Id: Id6e58a9bfde6ceb66a8a0b33136880f75e36090f
CRs-Fixed: 2729995
QCA_NL80211_VENDOR_SUBCMD_NAN_EXT is introduced to carry NAN
command data along with channel info. This channel info is needed
to enable DBS on DBS supported platforms. The command data is sent
to firmware as it on non-DBS platforms.
Userspace is expected to send NAN commands through
QCA_NL80211_VENDOR_SUBCMD_NAN_EXT if it's supported. It can send
QCA_NL80211_VENDOR_SUBCMD_NAN if QCA_NL80211_VENDOR_SUBCMD_NAN_EXT
is not supported, which is expected to happen on older
platforms(non-DBS).
So legacy NAN command QCA_NL80211_VENDOR_SUBCMD_NAN is not allowed
on DBS platforms, as the command is sent to firmware without
enabling DBS.
Event part of QCA_NL80211_VENDOR_SUBCMD_NAN is still intact as it
carries NAN events from firmware to userspace.
Change-Id: Ie1aaf9f7ea051009125c972de4f0de13942448fb
CRs-Fixed: 2699605
The change If6d559a3aa7b8719a515e00e271e313c02f8135f has modified
few attribute types from NLA_UNSPEC to NLA_BINARY. But NLA_BINARY
validates only for max length and doesn't validate min length.
This could cause buffer overread if userspace sends less data as
the driver reads fixed length(e.g. 6 bytes for mac_addr) always.
Use VENDOR_NLA_POLICY_MAC_ADDR(NLA_POLICY_ETH_ADDR) or
NLA_EXACT_LEN instead of NLA_UNSPEC which validates for
exact length.
Change-Id: I92cc29716dff29037d14ffd2e269761149c7f74b
CRs-Fixed: 2700695
NLA_UNSPEC usage is restricted from kernel version 5.4 by adding
a strict check while validating the nla_policy. The advantage
of this is that types not specified in the policy will be
rejected.
Driver can give exception to NLA_UNSPEC by setting
strict_start_type in the policy of a vendor command to NLA_U8
or some greater value. But it's better to set the type to a
valid type so that kernel can validate.
So, use NLA_BINARY with valid length instead of NLA_UNSPEC.
Change-Id: If6d559a3aa7b8719a515e00e271e313c02f8135f
CRs-Fixed: 2692293
In the function __wlan_cfg80211_set_interop_issues_ap_config the
adapter->vdev pointer is being passed to fetch the psoc without any
prior NULL check. This can lead to NULL pointer dereference.
Add a NULL sanity check before performing action based on adapter->vdev
CRs-Fixed: 2681524
Change-Id: I0c58a3a263fe5166e0c13a5f866f4bccfa031086
NDI delete response is sent to userspace only when NDI is in
NAN_DATA_NDI_DELETING_STATE state. But NDI could be in
NAN_DATA_DISCONNECTED_STATE state if cleanup happens through
NDP_END_ALL path. Driver doesn't send response to userspace in
this case.
Send the response to userspace in NAN_DATA_DISCONNECTED_STATE also
as the application might be waiting for NDI delete status.
Also, use set/get APIs and avoid accessing NDI state directly.
Change-Id: I81a6b19a77144c76dde145f126c45b2ca67ff093
CRs-Fixed: 2679581
Few NAN/NDP logs are redundant in the current logging infra.
Optimize the same and add few necessary logs.
Change-Id: Ie261db317af48955a16269539948ff1596c4bbcb
CRs-Fixed: 2644418
According to new changes in kernel 5.4 version onwards, driver has to
provide the policy for a NL command to ve verified against while
registering wiphy to the kernel.
To accommodate these changes, add policy for all the following
vendor commands that are being registered in the driver
QCA_NL80211_VENDOR_SUBCMD_GET_SUPPORTED_FEATURES
QCA_NL80211_VENDOR_SUBCMD_GET_FEATURES
QCA_NL80211_VENDOR_SUBCMD_GET_LOGGER_FEATURE_SET
QCA_NL80211_VENDOR_SUBCMD_GET_WIFI_INFO
QCA_NL80211_VENDOR_SUBCMD_GET_BUS_SIZE
QCA_NL80211_VENDOR_SUBCMD_NO_DFS_FLAG
QCA_NL80211_VENDOR_SUBCMD_LL_STATS_SET
QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION
QCA_NL80211_VENDOR_SUBCMD_NAN_EXT
QCA_NL80211_VENDOR_SUBCMD_NDP
QCA_NL80211_VENDOR_SUBCMD_SCANNING_MAC_OUI
QCA_NL80211_VENDOR_SUBCMD_WIFI_LOGGER_START
QCA_NL80211_VENDOR_SUBCMD_LL_STATS_GET
QCA_NL80211_VENDOR_SUBCMD_ROAM
QCA_NL80211_VENDOR_SUBCMD_PACKET_FILTER
QCA_NL80211_VENDOR_SUBCMD_ND_OFFLOAD
QCA_NL80211_VENDOR_SUBCMD_GW_PARAM_CONFIG
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_SET_KEY
QCA_NL80211_VENDOR_SUBCMD_GET_RING_DATA
QCA_NL80211_VENDOR_SUBCMD_TRIGGER_SCAN
Change-Id: I714c8b21a95144f7ed8ff4c6e038782e469edf3d
CRs-Fixed: 2621308
According to new changes in kernel 5.4 version onwards, driver has to
provide the policy for a NL command to be verified against while
registering wiphy to the kernel.
To satisfy kernel 5.4 requirement add policy to following vendor
command as part of this change:
QCA_NL80211_VENDOR_SUBCMD_INTEROP_ISSUES_AP
Change-Id: I7cce1632efed4cbb3c431c449bf82ec8353b4bb2
CRs-Fixed: 2635041
Currently there are lot of duplicate logging. Identify and
reduce those logs that are not absolutely necessary.
Change-Id: Ia2df5a46610b885be5e27455aef7f7281c7c3c55
CRs-Fixed: 2617719
Currently there are lot of duplicate logging. Identify and
reduce those logs that are not absolutely necessary.
Change-Id: I649ce3bec8c3c8542fe9edd08907da9ab01fa948
CRs-Fixed: 2617504
Add support to customize DSCP-to-UP map table and send the
customized map values to FW to update its corresponding
map table.
Change-Id: Ibe9704a90468c898dd2e60fdf83a271152f654ce
CRs-Fixed: 2616247
sta_id is carrying an uninitialized value from the caller
lim_send_sme_ndp_(add/del)_sta_rsp(). So, it's failing the
check for its validity and skipping the first NDP peer creation
/last NDP peer cleanup.
Remove the sta_id check as it's no longer used. So that the NDP
peer creation/cleanup happens properly.
Change-Id: I8daff2bfbc57b7a2fa17a121a5a9dec6975137de
CRs-Fixed: 2594317
Framework might not disable NAN discovery explicitly in some
cases like driver unload. So disable NAN from stop_adapter to
terminate NDPs and NAN discovery properly.
Cleanup the API os_if_process_nan_disable_req() by using the
new API ucfg_disable_nan_discovery().
Change-Id: Ic2c834db44c42a44db902c93f67a887de1b6c2fb
CRs-Fixed: 2594318
Fix compile issues when some features are disabled, the features are:
BUILD_DEBUG_VERSION
CONFIG_CP_STATS
CONFIG_HOST_OPCLASS
CONFIG_FEATURE_ROAM_DEBUG
There are some other features depends on each other, so enabled features to
qcs40x.snoc.perf_defconfig, the features are:
CONFIG_WLAN_FEATURE_FILS
CONFIG_WMI_ROAM_SUPPORT
CONFIG_WMI_STA_SUPPORT
CONFIG_REG_CLIENT
CONFIG_WLAN_FEATURE_DP_BUS_BANDWIDTH
CONFIG_WMI_CONCURRENCY_SUPPORT
CONFIG_LL_DP_SUPPORT
Change-Id: I6fa1eacb79576a955e593dbb9ac52083742275e3
CRs-Fixed: 2354496
Currently in case of STA+NDI+NDI concurrency, the below scenario
can occur,
1) If NDI(NDP) + NDI(NDP) exists and sta tries to connect,
then all NDPs on 1st NDI is tear down.
2) If STA+NDI(NDPs) exist and then another NDI tries to establish
the NDP, then it is allowed in the current driver.
Fix is to reject the 2nd NDI(NDP) if STA+NDI(NDPs) concurrency
already exist.
Change-Id: Iadf6c9e10b9cdd59ca7beaace578a52b5e5dbb0f
CRs-Fixed: 2568552
Based on the ini gfine_time_meas_cap, send enable/disable value to the
firmware for STA INITIATOR/RESPONDER mode using VDEV set param.
Change-Id: Idd4142e13061cd1af992bda88d0a0b81edc42fef
CRs-Fixed: 2574050
Currently, NDI and NDP creation is happening only if the
corresponding concurrency is allowed. But NDI should be allowed
to create/delete in all concurrent scenarios. So, don't validate
the other interfaces present on device for NDI creation/deletion
and validate only for NDP requests.
Change-Id: I8e8817ac63f1f94b48fe71a30ddf1d49183d263a
CRs-Fixed: 2552623
In os_if_ndp_end_ind_handler, when it returns, make sure the
allocated memory ndp_instance_array is freed.
Change-Id: I39725bdeae01e3e3839f9bbac67721d4a1f38670
CRs-Fixed: 2552236
Due to channel number ambiguity with introduction of 6GHZ support
update NAN component APIs and data structures to use frequency
values instead of channel number.
Change-Id: I982fe8da0320c878f9473a62c86b80b220e2892e
CRs-fixed: 2551927
Fill the pfm info of the TDLS peer before sending the peer assoc
command to FW.
Change-Id: I4e336c345c0fb8f063157b3e3a780efa777f1a74
CRs-Fixed: 2535832
For 6GHz support and to remove channel number ambiguity use policy
manager APIs updated for frequency in other modules. This change
covers following APIs:
policy_mgr_get_chan_by_session_id
policy_mgr_get_mcc_operating_channel
policy_mgr_check_and_set_hw_mode_for_channel_switch
policy_mgr_is_chan_ok_for_dnbs
policy_mgr_is_safe_channel
policy_mgr_valid_sap_conc_channel_check
policy_mgr_disallow_mcc
policy_mgr_add_sap_mandatory_chan
policy_mgr_remove_sap_mandatory_chan
policy_mgr_is_hwmode_set_for_given_chnl
policy_mgr_is_valid_for_channel_switch
policy_mgr_update_user_config_sap_chan
policy_mgr_is_sap_restart_required_after_sta_disconnect
policy_mgr_is_sta_sap_scc
policy_mgr_nan_sap_scc_on_unsafe_ch_chk
Change-Id: I682f8380d9dc41fc015d73f06b6e055d1d04ef97
CRs-fixed: 2545110
As a part of 802.11ax amendment, 6GHz band operation is added.
Since the 6 GHz channel numbers are overlapping with existing 2.4GHz
and 5GHz channel numbers, use frequency to identify unique channel
operation instead of channel number. Channel frequency is unique across
bands.
As part of above requirement add logic to process rx mgmt
packets based on the frequencies instead of channel numbers.
Change-Id: Ib063070738ecdb4f83379eafe50629778a490aae
CRs-fixed: 2522693
When 6GHz introduced, the MAX channel numbers
are conditionally defined by macro NUM_CHANNELS based on
6GHz band supported by driver or not.
Change the driver to use the NUM_CHANNELS for channel
list operation.
Change-Id: I866ac1423b97f9ab74740da263d642f2e3b70445
CRs-Fixed: 2531003
In the host driver, after receiving NDP END INDICATIONs for all NDP
connections then policy manager deletes NDI mode from
pm_conc_connection_list.
From user-space application, if NDP END REQUEST and NDI DELETE request
are issued back to back without waiting for NDP END indication, then
firmware could process NDI DELETE command firstly and avoid NDP END
indication due to peer delete as a part of NDI delete.
If vendor command NDI delete request is issued without receiving
NDP_END_INDICATIONs for all active NDP peers then pm_conc_connection_list
contains stale entry of PM_NDI_MODE associated with deleted NDI.
Stale NDI entry in pm_conc_connection_list is the cause for failure of
get_second_connection_pcl_table_index() for PM_NAN_DISC_MODE, therefore
further NAN enable requests are rejected.
To address this issue, cleanup PM_NDI_MODE from pm_conc_connection_list
as a part of NDI delete.
Change-Id: Ic1535420b60224cc426b24e22fe7486781fd2fa6
CRs-Fixed: 2519625
This reverts commit I04631ffd611d6ded318ddfb65b2dfeba479c9bdc.
Currently, for all the peers cleanup is done in lim and wma layers
to remove this peers. The original change is deleting the ndi
peer in HDD, and can lead to memory overwrites.
Hence reverting the change.
Change-Id: Id0083c3d1612f0fdccb6fca2c9cc4c03f607a139
CRs-Fixed: 2507142
Fix the issue of NAN getting disabled in NAN+SAP concurrency
when SAP and NAN operate in different bands and host processes
LTE coex event for unsafe channel update.
Change-Id: I4f2d63a5283bd75712aa3bd9a3b3f278a28b0951
CRs-fixed: 2486595
Driver has a stats infrastructure and all the stats related
commands are using this infrastructure and for this
target_if_mc_cp_stats_stats_event_handler is getting used.
Remove legacy implementation of stats event handler
wma_stats_event_handler and related APIs.
With this change remove unused structures also.
Change-Id: I9a892b5f7486a406654256fc2cc8177f2fafe790
CRs-Fixed: 2481937
Change Id3273498f623d04beec879aa9d77c1d33986357a ("qcacmn: Rename OSIF
logging macros") is renaming the OSIF logging macros, so update the
legacy OSIF to use the new names.
Change-Id: I73d4214c9fecc435f9ac8c9f79560aa36333d311
CRs-Fixed: 2469498
tdls_priv is alloted per vdev and deleted after physical
vdev delete. Check the tdls_priv for NULL pointer before
accessing as there is possibility of NULL dereference
after vdev delete.
Change-Id: I47e30f6ed5dcf5c1ae6a07c3d56fa24db2ea4f6c
CRs-Fixed: 2469840
In function wlan_cfg80211_tdls_add_peer, osif_tdls
is allocated only for STA and P2P CLI vdevs. So if tdls connection is in
progress on p2p_client vdev and at the same time if the driver gets the
change iface for p2p client to p2p device, p2p device vdev is created
with the same mac address replacing the p2p client vdev.
Now if supplicant issues add_station command after change_iface
on p2p interface, it tries to access osif_tdls pointer which is not
allocated for p2p device vdev. This can lead to NULL pointer access
of osif_tdls.
Add check for NULL pointer before accessing osif_tdls pointer
for adding station command.
Change-Id: I2cd63d4d758af360987e1563022918548d113d76
CRs-Fixed: 2464766
It won't send mgmt frame with NULL channel information currently,
which is different to other branches. Add this change because up layer
pass NULL channel information when tx mgmt frame in some platform.
Change-Id: I689d64789187fe0df03ed57ef0ff10c5157aeeb6
CRs-Fixed: 2459485
As part of start_ap or connect_start to teardown active tdls peers
hdd_notify_teardown_tdls_links is called with argument vdev. But
TDLS might not be enabled on that vdev. With recent changes,
osif_priv object is initialized as part of tdls_vdev_init.
For the new interface if TDLS is not initialized then osif_priv
object will not be found and TDLS peers are not removed.
Change-Id: Idcf690bba2766664700a4851d390ee620f2fe73a
CRs-Fixed: 2460108
Implement the interface to transfer the info between
host driver and firmware about the ap which has interop
issues with the DUT. It is detected by firmware and
forwarded to user sapce for persistent storage. And
user space configs these APs to firmware when the DUT
starts up next time.
CRs-Fixed: 2425202
Change-Id: I2e828d521f0e04862a01fa1c90626f51b7f65796
Presently osif tdls memory is freed as part of the osif_priv
when the vdev is logically destroyed. There is case seen
wherein the tdls is holding vdev reference and in the other
thread the interface down is received and the osif_priv is
freed resulting in the tdls osif priv also, if the other thread
tries to dereference the tdls os priv it will result
null pointer exception.
Move the tdls osif priv memory creation/deletion to the tdls component.
Change-Id: I3782f6304bee5a6eaab4d9122a569ba56fd29947
CRs-Fixed: 2436379
It doesn't update rssi of tdls peers. So add logic to update it when
get all tdls peers.
Change-Id: I81d4536b5cb2443b088ee4a5d425d548eac152d6
CRs-Fixed: 2435903
Since os_if_psoc_trans_wait may sleep on a wait event if there is any
active ongoing transition on driver, psoc or vdevs. Hence move the
os_if_psoc_sync_lock(a spin lock bh) inside sync calback API for psoc
look up such that spin lock is not held before starting the wait on
event. os_if_psoc_sync lock is for psoc look up and not for wait
and hence this fix makes locking fine granular as well.
Change-Id: I0537604337a6b594be3e7dc34dc97b79d5987ad4
CRs-Fixed: 2433409
Since os_if_vdev_trans_wait may sleep on a wait event if there is any
active ongoing transition on driver, psoc or vdevs. Hence move the
os_if_vdev_sync_lock(a spin lock bh) inside sync calback API for vdev
look up such that spin lock is not held before starting the wait on
event. os_if_vdev_sync lock is for vdev look up and not for wait
and hence this fix makes locking fine granular as well.
Change-Id: I2cca560aeed9b79648168a09f596dbaa374ecbb5
CRs-Fixed: 2433829
Since os_if_driver_trans_wait may sleep on a wait event if there is any
active ongoing transition on driver, psoc or vdevs. Hence move the
os_if_driver_sync_lock(a spin lock bh) inside sync calback API for driver
look up such that spin lock is not held before starting the wait on
event. os_if_driver_sync lock is for driver look up and not for wait
and hence this fix makes locking fine granular as well.
Change-Id: I32c582bedbbee81d3a5b171666fc3009c3dc7e5a
CRs-Fixed: 2433825
In function os_if_nan_legacy_req(), if qdf_mem_malloc() call return NULL,
this will result in nan_req NULL pointer dereference.
Fix is to add NULL pointer check for nan_req before using.
Change-Id: I8ce9e9f9fa556606cf5e8d389905c39ff7198f2c
CRs-Fixed: 2423772
While the concepts of osif_sync started out as a simple set of APIs, it
ultimately evolved into its own full-fledge code module. While the
per-function documenation is present, high-level documentation for the
osif_sync code module as a whole was over looked. Add a high-level
description of the purpose of osif_sync in osif_sync.h
Change-Id: I42cd28673b500c85ecf95de4b507b677804892ba
CRs-Fixed: 2421801
