The name 'hdd_pdev' is misleading, since it is not actually an HDD pdev
context. Rather, it is the Object Manager pdev context. Rename hdd_pdev
to pdev for consistency, and to make room for HDD to have its own pdev
context.
Change-Id: Ie27e4b21d83865474bd464ba2c3948a0684de29b
CRs-Fixed: 2311497
The name 'hdd_vdev' is misleading, since it is not actually an HDD vdev
context. Rather, it is the Object Manager vdev context. Rename hdd_vdev
to vdev for consistency, and to make room for HDD to have its own vdev
context.
Change-Id: I6186d010404c0a7b1e25590d87e5350195faba80
CRs-Fixed: 2311435
The interface idle timeout work is started at the very end of the SoC
probe process. During rmmod, this timer is proactively canceled, but a
race between probe and rmmod means this cancel is not deterministic. The
mirror operation to probe is remove, so cancel this work at the
beginning of the remove process. This preserves symmetry between probe
and remove, and also deterministically cancels the work, since probe and
remove are properly synchronized.
Change-Id: Idfd68c0ed638dbe810db72d64f301018db45d522
CRs-Fixed: 2309533
Optimize struct reg_table_entry definition by means of
alignment and data type declarations to save memory.
Change-Id: Ib97541b0868416d1d797d8326e265e9789a040da
CRs-Fixed: 2301744
Currently if target is not ready, vdev stop req use check
cds_is_target_ready() in wma_fill_vdev_req(), while peer related API
uses wmi_handle->wmi_stopinprogress.
As wmi_handle->wmi_stopinprogress is set after target ready flag, the
vdev stop req is dropped while peer delete is sent to firmware. This
leads to bss peer delete sent without vdev stop.
Remove cds_is_target_ready() in wma_fill_hold_req() and
wma_fill_vdev_req() so that only wmi_handle->wmi_stopinprogress is used
to detect firmware down.
Change-Id: I5a7fb886f8bbf9a10d25c6991a291bc4bd2bef48
CRs-Fixed: 2309680
Add debugfs entry to get last five roam scan stats info which includes
old bssid, new bssid, roaming candidates etc., for STA interface.
Change-Id: Ied66beb270d97b6e17a6116c1be0e82783094519
CRs-Fixed: 2203885
Add the following SAP/STA protection ini and cfg parameters to MLME cfg:
CFG_PROTECTION_ENABLED - CFG
CFG_FORCE_POLICY_PROTECTION - CFG
CFG_IGNORE_PEER_HT_MODE_NAME - INI
Change-Id: I3763d62c6aa4ae79a5a31dfac248e8367b6369ad
CRs-Fixed: 2310378
The driver always allow roaming command ROAM_SCAN_OFFLOAD_UPDATE_CFG
even through session roaming not "started" in CSR.
But WMA will always enable Roam_scan_mode to non-zero
to FW when handle the command ROAM_SCAN_OFFLOAD_UPDATE_CFG.
The inconsistency is the CSR still keep as roaming stopped
status but WMA enable the roaming on session.
In STA+STA case, there will cause two vdev roam mode enabled in Firmware
because the CSR roaming start state does not keep sync with FW.
Fix by enable FW roam only based on enable state from CSR
when handle the ROAM_SCAN_OFFLOAD_UPDATE_CFG in WMA.
Change-Id: I95a2bd1edd88cc241ae9821a6e0756c44663229a
CRs-Fixed: 2305594
hdd_reg_set_country() validates the hdd context, which returns an error
if start_modules_in_progress is true. This was the motivation behind
I4378438873ffa72c0fce415ade65b91b90e2c84a, which effectively moves the
call to hdd_reg_set_country() to after start modules is complete.
However, all of the callers to hdd_reg_set_country() already validate
the hdd context, so this check is redundant. This means
I4378438873ffa72c0fce415ade65b91b90e2c84a was unnecessary. As this
change also brought with it some technical debt in the form of
additional driver_status checks, simply remove the validate hdd context
check from hdd_reg_set_country(), and replace the original call site.
This change is also necessary to enable the removal of the
DRIVER_MODULES_OPENED state (I4ec1268eb491fec04a78b90e51c6e616d95e019e).
Change-Id: I5a0d8a8407969275f023431095ff6205ef515b62
CRs-Fixed: 2310446
Make the following updates to the extscan reset significant change
logic:
1) Exclusively use the Unified WMI data structures.
2) Update the HDD<=>SME interface to enforce the contract that SME
must not make any assumptions about the buffers provided by HDD.
Change-Id: I9b63924f4219f6d3567e3ee2b1a31e1a9ce3bc29
CRs-Fixed: 2309570
1) CONFIG_MPC_UT_FRAMEWORK should only be enabled for slub debug build
2) CONFIG_MPC_UT_FRAMEWORK should be protected under
gEnableUnitTestFramework INI setting.
CRs-Fixed: 2309562
Change-Id: I314ec928af2a350d518eb8f8dd62dbadee1746e8
In function hdd_register_rx_ol, hdd_ctx is retruned by cds_get_context.
Check for hdd_ctx being NULL before de-referencing it.
Change-Id: I5e45036930a03368310871d108062c2d24742602
CRs-Fixed: 2299782
Check if pointer returned by hdd_napi_get_all is NULL. This would prevent
de-referencing of NULL pointer.
Change-Id: I23af3319422e0d2ebd93ce410d76457c54551538
CRs-Fixed: 2299788
Unlock the rx_ring.rx_hash_lock spin-lock when returning due to
failure to do smmu map_unmap.
Change-Id: I1b905c0ad529c80f78807c030920121ee0909825
CRs-Fixed: 2299785
Add debugfs entry to get offload info (mc addr list, arp, ns etc.,)
for STA interface.
Change-Id: I8bf4491929b5ef04ed5ce19f4b0030945f0eb0c0
CRs-Fixed: 2203786
Add debugfs entry to get connect info (bssid, ssid, freq etc.,)
for STA interface.
Change-Id: Id5c350dbb4ca9b9f6b203459adee59b2d5e94f67
CRs-Fixed: 2203654
Add debugfs framework support to get connect, scan,
roam scan statistics and offload info from debugfs.
Change-Id: I86bdd7e449488d2bcda1b2eaaeb07aac7465770b
CRs-Fixed: 2203626
In low memory condition, RX ring may become empty when all
SKB buffers attached to the ring get consumed and kernel is
unable to allocate SKB buffer during replenish.
Create a pre-allocated pool of skbs during driver load time
and request the buffer from this pool in low memory case.
Change-Id: If8c6a4fe04f3c931dc60dcffe28e45166eab9835
CRs-Fixed: 2306861
P2P Listen offload is not a requirement for Genoa, hence featurize
P2P listen offload code to save memory foot-print for Genoa.
Change-Id: If50c784bb4cd6daac513a0654364e78cd636c9d3
CRs-Fixed: 2304554
Correct the typo in status check variable due to which
Nss setting returns failure.
Change-Id: I81a430b0482e79ee3b2d0b2c4e6aea232907919a
CRs-Fixed: 2302465
cds_is_module_state_transitioning() is effectively a partial
re-implementation of wlan_hdd_validate_context(). Instead of having
multiple copies of this logic, register a new callback in QDF which
simply calls wlan_hdd_validate_context() instead.
Change-Id: If533d72725b4cc9dbe5e4b9c25e499657c8e1376
CRs-Fixed: 2308771
Do not disable the Tx beamformer capability when Nss is set to 1.
FW would check the current chainmask configuration and enables
the Tx beamformer capability accordingly.
Change-Id: I8709147c63f2990f135d098fdf13fc3d9b00d7bc
CRs-Fixed: 2305772
In function ol_txrx_offld_flush, check for pdev being
NULL, before de-referencing it.
Change-Id: I8999d894c74b6ef10cef91345370d859f5eee8ec
CRs-Fixed: 2299780
Fixed the naming conventions of APIs and files for MLME component.
Internal MLME component only APIs are in wlan_mlme_main.h/c files
under core.
APIs exposed to other components are in wlan_mlme_api.h/c files
under dispatcher.
APIs exposed to HDD are in wlan_mlme_ucfg_api.h/c files
under dispatcher.
mlme_init/deinit, mlme_psoc_open/close are called from HDD,
so made that as ucfg APIs.
Change-Id: I049008ceaa86ca52acd3ad9a02f903a732117d1f
CRs-Fixed: 2309276
In case of recovery of SAP after SSR, driver is not updating
params for secondary channel as per primary channel (Operation
channel) for SAP.
Update parameters for secondary channel as per primary channel
before SAP start.
Change-Id: I2da2eff62881fe4e65208be778618d0b9c05bf88
CRs-Fixed: 2292645
Bus bandwidth compute work handler is missing SSR protection wrapper
although it has HDD validate context check but since HDD validate
context check is not sufficient alone add CDS SSR protection wrapper
around bus bandwidth compute work handler.
Change-Id: I43b3495610b2a9936472ff67a95c7db8dbfa5560
CRs-Fixed: 2307421
Make the following updates to the extscan set significant change
logic:
1) Exclusively use the Unified WMI data structures.
2) Update the HDD<=>SME interface to enforce the contract that SME
must not make any assumptions about the buffers provided by HDD.
Change-Id: I916f387cee254c2d8ba57a9182bd927a91eadf0c
CRs-Fixed: 2307374
wma_roam_scan_offload_mode, allocates mem for params buffer
to store roaming offload scan parameters locally from incoming
roam req. In last it calls wmi_unified_roam_scan_offload_mode_cmd
using param as an argument to set roam scan parameters to wmi
structure and free the local param buffer in the successful case.
But in case if driver unable to write wmi struct,
wma_roam_scan_offload_mode returns error status to its caller
without freeing locally allocated params mem buffer. This results
in mem leak while unsuccessful roaming offload.
Fix is to free locally allocated mem buff before the return
in case of roaming offload failure
Change-Id: Ic73f0b3ec004c3dcc53076594c0b872a29fee633
CRs-Fixed: 2308506
In platforms that support dual wifi instances, userspace doesn't
set avoid frequency channel list with command
QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY to trigger restart sap
process, but current handling is always to check avoid channel list
which is set by userspace so it will be failed for lte coex case.
Fix is to add process for userspace doesn't set avoid channel list.
Change-Id: Icc3356191411791f4cec9fd89e4490359cf6f1fc
CRs-Fixed: 2294109
The length attributes for all message frames are retrieved from
param_buf->fixed_param rather than using the correct TLV length values.
This can result in multiple buffer overreads due to the fact that the
param_buf->fixed_param lengths are never properly checked against the
original TLV buffer.
Add check param_buf->fixed_param lengths against the TLV buffer to
prevent OOB happen.
Change-Id: Ib6e2c847b9a2cc7bfe1233eb1f8214be75f21850
CRs-Fixed: 2304631
Remove all eSmeIssuedIbssJoinFailure relative code in disasssoc
and roam result handler.
Change-Id: Ia204fa331ec6f5de1ff52b8c2d2907d10f0d1ee4
CRs-Fixed: 2308522
Dynamically allocated apf buffer memory is not freed in error case
when interpreter is enabled and leading to memory leak. Free APF
buffer memory in case APF interpreter is enabled to avoid memory
leak.
Change-Id: I012bf80eb6db7b986f812161b48f96b0965c0542
CRs-Fixed: 2308702
Add support to store vdev object in PE session and acquire/release its
reference count during PE create/delete session respectively.
Change-Id: I476798c4c42992dec2a2648319780b206274e8c4
CRs-Fixed: 2306387
We have some local variables allocated statically in LIM.
To reduce data segment size, allocate these variables dynamically
and then free.
Change-Id: I9ab6a180a89342ebace6f92336bfe30a498f5848
CRs-Fixed: 2307644
Host provides INI way to control voltage configs, featurizing the
same for Genoa.
Change-Id: Ia58d84eb2e2a67ead189a51d2a0b98230513f8f9
CRs-Fixed: 2304125
NUD tracking is disabled in hdd_stop_adapter which needs to be
enabled back in hdd_start_adapter.
Enable the NUD tracking by setting NUD tracking status to false.
Change-Id: I606653d553d6282cfdb6e52a9bf5bc1100732375
CRs-Fixed: 2308351
We are transitioning to new logging infrastructure
by using existing mtrace functionality.
Add new logging for complete scan request and response path.
Change-Id: Iab48b0f2a6ab9d0ec14e3110eb628b6d1731df53
CRs-Fixed: 2308237
__wlan_hdd_open_ll_stats_debugfs() currently does not ensure the given
adapter is up. This can lead to sending an invalid vdev Id to firmware.
Ensure the given adapter is up before sending the link layer stats
request to firmware.
Change-Id: I1c81f56ec795bc782404293c0f4abd8bbeb6b124
CRs-Fixed: 2306604
Stop bus bandwidth compute timer during SSR shutdown such that
bus bandwidth timer is stopped and bus bandwidth compute work is
flushed cleanly in all the cases.
Change-Id: Ie79ddd1ab13b852fb5d23029c51f05e921f72989
CRs-Fixed: 2307304
qcacld-2.0 to qcacld-3.0 propagation.
Some stations send association request with zero length of SuppChannels
IE then currently dot11f decodes it to an invalid value.
To fix this, set the minsize of SuppChannels IE to 2.
Change-Id: If44807d2f2b8a62e5a137ca3d17af2e2654f72f2
CRs-Fixed: 2303702
Presently the lpass information is sent during the wlan startup
at that point session for the station interface is not created.
Send the lpass scan interface notifcation for station when the
interface up/down is received.
Change-Id: I50a68acc62a76f9e65e1758cd3b21688c0dd3500
CRs-Fixed: 2048439
Remove hardcoded print message for ini parameters during
insmod and use hdd_cfg_get_global_config to print ini
parameters.
Change-Id: I3ac077818e99c461866211e220232fa6c0e3e00d
CRs-Fixed: 2278888
In one of the tests, when the driver switches to FTM mode, DP RX threads
are not initialized as the necessary configuration is not passed down
from CDS. However, cds_dp_close tries to de-initialize the threads and a
spinlock un-initialized error is seen.
Donot de-initialize the DP RX thread module if it is not initialized.
Change-Id: I14a1dcb678c9d953abd3262e86408d12f4eb2617
CRs-Fixed: 2301398
Hdd has two sets of bitmap flags which are using #define's. It so
happens that two of the flags use the same bit offset. To address this,
and ensure no such issues arise in the future, convert these into
auto-incrementing enumerations.
Change-Id: I8f0e9d0f3a0a493176227ccf16f25d0a4c5bdc73
CRs-Fixed: 2307446
Fix and add debug_ids iappropriately account for function holding the peer
reference. This will help to further narrow down the peer leak.
Also add signatures in ref_release functions to catch error path.
Change-Id: I7f091ca8270ba724e24550e80208739d63d57b22
CRs-Fixed: 2293477
Log the current country while executing ACS logic. Current country
helps in knowing the current channel list.
Change-Id: I05a0982d940da19f178f0432372eead0313e77be
CRs-Fixed: 2296561
Channel bonding mode can be disabled when connection happens. So reduce the
log level and rate for this log.
CRs-Fixed: 2298986
Change-Id: I47ab8111613292781bddca435f9800544b1e6d58
In the function wma_pdev_div_info_evt_handler, while handling
WMI_PDEV_DIV_RSSI_ANTID_EVENTID event, the corresponding event
handler wma_pdev_div_info_evt_handler is invoked. In the
function wma_pdev_div_info_evt_handler, event_buf argument comes
directly from firmware and event parameter is pulled from event
buf. The event->num_chains_valid is used as the maximum bound on
the array index of chain_rssi[] array which has a maximum limit
of CHAIN_MAX_NUM(8). When event->num_chains_valid has a value
greater than this maximum limit, OOB write could occur.
Add check to validate the event->num_chains_valid against
CHAIN_MAX_NUM(8) and return failure if it exceeds.
Change-Id: I40f1aa8a7b4bcffef3cab588c78c700e88e24673
CRs-Fixed: 2304662
Current driver reads WMI_SERVICE_LISTEN_INTERVAL_OFFLOAD_SUPPORT BIT
through WMI_SERVICE_EXT_IS_ENABLED macro which is deprecated.
Update it by reading wmi_service_listen_interval_offload_support through
wmi_service_enabled() API.
CRs-Fixed: 2305522
Change-Id: I1d6aedec31d035a3e9c2514ad6dc2b13b79dfff3
hdd_create_acs_timer() sets VENDOR_ACS_RESPONSE_PENDING, but
hdd_destroy_acs_timer() does not ensure this flag is cleared. This can
lead to a situation where the ACS timer is not initialized, but parts of
the code incorrectly assume that it is. Clear
VENDOR_ACS_RESPONSE_PENDING in hdd_destroy_acs_timer() to prevent
invalid access to the ACS timer.
Change-Id: I7c367b20e279fadc5ee329d94b7475711796b185
CRs-Fixed: 2305719
By default pktlog needs to be enabled during driver load.
To enable/disable pktlog use INI parameter.
This reverts Change-Id: Ie03a7e0a77bc5f525ad7ae74bb104a6d1bf21eb7
Change-Id: I8f74b4bcebfb8b4a35a29e321b2b6bd5e1920bf7
CRs-Fixed: 2296335
In WORLD mode, there can be urgency to discover the current country
since WORLD mode restricts the channel and TX power availability.Add
INI enable_11d_in_world_mode to automatically enable 11d in WORLD
mode. This INI supersedes the setting in 11d INI variable
Is11dSupportEnabled.
CRs-Fixed: 2289349
Change-Id: I7b289cdb60be5e737f41f9de5a478f32a234e717
qcacld-2.0 to qcacld-3.0 propagation
If all the STA connected to AP support ecsa, wlan driver will call
lim_send_extended_chan_switch_action_frame to send action frame,
but this function missing limSetProtectedBit when 11w enable,
this violate spec, so generate a fix for this issue.
Change-Id: I80f111f21015c98ee0abdafe76ea42c3e79163ac
CRs-Fixed: 2275626
Max beacon size in WMA layer is pointed by "WMA_BCN_BUF_MAX_SIZE"
which is currently set to 2500 bytes and Max beacon size in
PE layer is pointed by "SIR_MAX_BEACON_SIZE" which is currently
set to 512 bytes.
when wma_store_bcn_tmpl() gets called, this API tries to copy
beacon template from LIM to WMA which can't exceed 512 bytes.
To fix the issue, use SIR_MAX_BEACON_SIZE instead of
WMA_BCN_BUF_MAX_SIZE
CRs-Fixed: 2299791
Change-Id: I97b4c19611ec74c0702901c380bd32e866d26c8b
1) This reverts commit
Iab0862eda2392bd516c8ba0b913441b8e0d4c493
2) Reverted changes have been taken care through
Idd7617782e71ee187eef7fcb3523c05b49f82094
CRs-Fixed: 2300054
Change-Id: Icc47ded9a585e356b7eae1ad53ffea6668510308
Driver checks if 40 Mhz is supported for the channel but doesn't
validate if the cbmode provided by AP is valid.
Invalid cb mode provided by AP can lead to failure.
Add check to validate cbmode and bandwidth from AP in htinfo IE.
Change-Id: I3d2da7a8e3045594baf201732dd80a82bd88e16c
CRs-Fixed: 2303267
__wlan_hdd_open_ll_stats_debugfs() fails to free the llstats buffer in
the event that wlan_hdd_ll_stats_get() fails. Add error handling for
this call which frees the newly allocated buffer.
Change-Id: Ic5cff77a758ff81da82dd1143d77da68d87b9291
CRs-Fixed: 2304715
If SAP receive unicast data from a non-assoc STA, SAP should send
deauth mgmt frame to this STA, add this part logic to serve data path.
Change-Id: I47346e751b89eda77f6d6450218e2b70fe6b4953
CRs-Fixed: 2298550
When SSR is in progress, in vdev_detach, currently wma_force_vdev_cleanup
clears the peers from CDP vdev peer list. From the CDP, wma_remove_peer
is called via callback with the peer mac_addr. wma_remove_peer inturn
sends peer delete to FW, does a CDP peer delete and an ObjMgr peer delete.
But the peer delete to FW would not be sent as SSR is in progress and CDP
peer delete would not actually delete the peer from CDP as CDP will need
a peer unmap from the FW to actually delete the peer.
Proper implementation would be to delete the ObjMgr peers alone during SSR
in vdev_detach and let the cds_post_disable to take care of cleanup of
CDP Peers.
Change-Id: I6129b69eb26f3eaa68be40b62b822a4dfc6ff675
CRs-Fixed: 2302972
Phase 1, after ftm componentization, we could now support to remove
the ftm related components when FTM is disable from the build
configuration.
Size changes: after removing the ftm related binaries, we could save
15KB from module size.
Change-Id: Ib363f1d6204b07947a46f32673c4f8ad6fb3dbd3
CRs-fixed: 2258441
If mgmt encryption type is not updated, 11w feature will not be enabled
correctly for this association.
Mgmt encryption type is always updated through limJoinReqSerDes in the
cld2.0, which is removed in cld3.0. In cld3.0 if fast roaming is enabled,
mgmt encryption type will be updated through csr_construct_rsn_ie. If
fast roaming is not enabled, csr_construct_rsn_ie will not be called and
mgmt encryption type will not be updated.
Always called csr_construct_rsn_ie in csr_retrieve_rsn_ie to make sure
mgmt encryption type is updated.
Change-Id: I2d6541dd88a9d1770f4976b9caa32baa70a60ed3
CRs-Fixed: 2300847
The error handling in cds_open(), in the event that the call to
dispatcher_psoc_open() fails, is currently empty. Add appropriate error
handing for this case by referencing cds_open() and cds_close().
Change-Id: I2b0d328e365efd67099bb8e6b529720c7b1904c5
CRs-Fixed: 2303785
Add new iwpriv command to set BA aging timeout value to hardware.
e.g. "iwpriv wlan0 set_ba_timeout <ac> <duration>" which should set
given duration in msecs for given access class.
"iwpriv wlan0 get_ba_timeout" which should get duration
value for each access class and display.
CRs-Fixed: 2254891
Change-Id: I79f79191c47376e414dceeb73b736a0a9610e3ae
The error handling in cds_open(), in the event that the call to
mac_open() fails, is currently stubbed out. Add appropriate error
handling for this case by referencing cds_open() and cds_close().
Change-Id: I6103050d5f2323250c9254a5a3add01fd0d34de3
CRs-Fixed: 2302968
psoc ref count and mac_context memory is leaked in failure cases
of mac_open API.
Fix the psoc ref count and memory leaks in failure cases.
Change-Id: I39eaa7bef5e5c50b9b1a8833bec5e6da8cdf0d72
CRs-Fixed: 2302187
BSS description is dereferencing in hdd_association_completion_handler
without checking for NULL, which may cause NULL pointer dereference.
To address this, add check for BSS description before dereferencing.
Change-Id: I24f728fb6d66b4c07dfe39f3ac426f3d2153b917
CRs-Fixed: 2299797
SAP(Go) concurrency check is mainly used for two purposes:
1) When new GO/SAP session is coming up and needs to check if
this session's channel can co-exist with existing GO/SAP
sessions. For example, in case of single radio platform, MCC for
SAP/GO+SAP/GO is not supported, in such case this API should
prevent bringing the second connection.
2)There is already existing SAP+GO combination but due to upper
layer notifying LTE-COEX event or sending command to move one of
the connections to different channel. In such cases before moving
existing connection to new channel, check if new channel can
co-exist with the other existing connection. For example, one
SAP1 is on channel-6 and second SAP2 is on channel-36 and lets
say they are doing DBS, and lets say upper layer sends LTE-COEX
to move SAP1 from channel-6 to channel-149. In this case, SAP1
and SAP2 will end up doing MCC which may not be desirable result.
Add vdev_id check while checking for 2nd case. If connection with
given vdev_id exist then it is confirmed that it's a case of
channel switch rather than a new connection case.
Change-Id: I2535b38af353be2abd9c2ff636c06f3c5869969d
CRs-Fixed: 2300451
There are two lim_set_protected_bit() implementation with/without
WLAN_FEATURE_11W defined.
So no need to wrap this function with macro WLAN_FEATURE_11W.
Change-Id: I719f623d17ed0db655d33bda04b51937f1c1c5f4
CRs-Fixed: 2298804
The bus bandwidth compute timer is a periodic timer which computes bus
bandwidth usage of associated adapters over a period of time. When the
last adapter disassociates, this timer is stopped. However, the timer
starts a work that is not stopped or flushed at this time. When the
device is under load from external subsystems, this work can get pushed
out past what is safe. When the bus bandwidth timer is stopped, also
stop and flush the bus bandwidth work to ensure safe memory access.
Change-Id: I32c15b42c9756341d1ecf534c05f87738fd24edb
CRs-Fixed: 2300697
Presently, recovery inprogress flag is set only when PLD_RECOVERY
is received but in cases of rejuvenate only PLD_FW_DOWN is received.
Set for the recovery in progress for all the firmware down events
so the unneccessary bug_on's will be avoided.
Change-Id: I654e9e5b02925ac21857369f87af6ca40d8dc815
CRs-Fixed: 2285278
Currently, driver calls hdd_alloc_station_adapter to initialize the
completion variables for a particular adapter only if mode of interface
is STA or P2P. In case when driver changes its STA + SAP mode to
STA + STA mode by calling hdd_open_concurrent_interface, driver is not
able to initialize init_completion variable for new STA interface. So
while processing fw commands (for new STA interface) which uses
completion variables, driver leads to the use of uninitialized
variables issue.
Create new function cmn_init_completion to initialize completion
variables for all interfaces while opening the HDD adapter.
Change-Id: Iae8ec1a86dd4084c9f5b39ec0d90e16182212df9
CRs-Fixed: 2288919
There is race condition for a small window. The scenario
as below.
1 SAP is starting, and dfs cac begins but without finished.
2 SSR happens, wlan begins to call hdd_reset_all_adapters.
In hdd_reset_all_adapters, sap_ctx->sessionId is reset to invalid.
3 In hdd_hostapd_sap_event_cb, adapter sessionId is set to
sap_ctx->sessionId, after this step, adapter sessionId is changed
from valid sessionId to 0xff.
In hdd_reset_all_adapters->hdd_vdev_destroy, vdev is released
but session can't be clean up as invalid sessionId. adapter->event_flags
can't be clear which cause hdd_vdev_destroy can be called multi times.
Change as below.
1 cancel cac timer at the beginning of hdd_reset_all_adapters and
before wlansap_set_invalid_session.
2 before send eSAP_START_BSS_EVENT, check if sap_ctx->sessionId
is valid.
Change-Id: Ifaad62cd008f7769b059f36530455d4e734522e4
CRs-Fixed: 2293072
Under get_supported_features vendor command driver is advertising
NAN capability by checking only the Firmware support. If NAN is
disabled through INI it should not advertize this support.
Add an INI parameter check before advertizing NAN capability.
Change-Id: Ib48044a04500d6619b97d5ca1c3431ee64d7e096
CRs-Fixed: 2288204
In function hdd_wlan_de_init, the hdd_context is fetched via
cds_get_context. This context is then NULL checked. In the failure case
of this check, the hdd_context is still dereferenced which shall lead to
null pointer dereference.
Add proper jump statement to take care of the proper order of init and
deinit
Change-Id: Ied0ac42371315d0286cdcc71e6e0e10ed2ff5fa1
CRs-Fixed: 2299794
While handling IPA event in case if, __wlan_ipa_wlan_evt() queue
WLAN_AP_DISCONNECT cmd for later processing in work-queue context and
in the meanwhile sme close session deletes vdev then, as part of work
queue context driver process WLAN_AP_DISCONNECT and sends
WMA_IPA_OFFLOAD_ENABLE_DISABLE cmd to firmware for the VDEV which is
already deleted by sme_close_session. This result asserts in firmware.
This reverts commit Ief9318bb476b480fd52f4155a0788a34c1e2ed53
Change-Id: I6128fb489fc40cc7ed01cbdf9c419a6a6b20c6d4
CRs-Fixed: 2295672
As part of any change interface TDLS links are toredown and tdls
state set to disabled in FW. The assumption here is before adding
new interface disable TDLS mode as TDLS is not supported in
concurrency. Due to recent changes in framework,
Driver may receive the change interface to P2P Device mode
after STA connection then teardown is not expected as
STA + P2P Device modes does not comes under concurrent operation.
Check for current and new interface types before disabling TDLS.
Change-Id: I26cfab077b3f83c64687479fba5c7a7c01491a52
CRs-Fixed: 2301650
