Emulation builds can be very slow, leading to watchdog timeout issues.
One specific issue involves the HDD inactivity watchdog timer. Scale the
HDD inactivity timer by the qdf timer multiplier to avoid false
positives on emulation setups.
Change-Id: Idc7f3d25f836ff5406d4fb5758e975ab5d83f596
CRs-Fixed: 2269834
If STA+SAP is doing SCC & g_sta_sap_scc_on_lte_coex_chan is set,
don't move SAP to a different channel when LTE channel avoidance
event comes.
Change-Id: I3dfdbb6d59769a8ff9b3b2e6d828feee94630569
CRs-Fixed: 2261795
If station connect with infrastructure network, might connect to AP
different with the hint bssid, if reassociate command issued, it will
invoke hdd_reassoc(). It might bring down connected station without
bring down vdev of the LFR2.0 path if the process of scanning for ssid
failed.
Add back logic of checking uOsRequestedHandoff and route to correct
LFR2.0 roaming path.
Change-Id: I406b55270dc70e5d3494250d6013f7d35824970f
CRs-Fixed: 2256194
Using netif_rx_ni for UDP packets has a lot of overhead because of the
softirq(NET_RX) used to process the backlog queue. Hence use
netif_receive_skb for UDP packets.
Change-Id: I02e4de17e55ce448a87b55075465003b03fcd5f5
CRs-Fixed: 2185186
The HDD Request Manager was replicated in the converged project as the
OSIF Request Manager so that the infrastructure could be used by the
converged code. Transition HDD to the OSIF Request Manager and remove
the now duplicated HDD Request Manager.
Change-Id: I2dfdd2da4f98e95a74ba13d04bb42d25a90c9ec8
CRs-Fixed: 2269909
The tSirRetStatus definitions are obsolete, so replace them with
QDF_STATUS definitions in the mac pe/rrm folder.
Change-Id: Iba8b15a3f17ee4bd827d384cf775ac0679590208
CRs-Fixed: 2269739
The tSirRetStatus definitions are obsolete, so replace them with
QDF_STATUS definitions in the mac pe/sch folder.
Change-Id: I7301c209adccdb63b1f1ac063d4590b5019f2e40
CRs-Fixed: 2269738
Currently mac_handle_t is defined as a void pointer. This is
convenient from an information hiding point of view since that means a
non-MAC component cannot dereference a MAC handle to access MAC
private data. However this is not convenient from a defect prevention
point of view since the C standard allows any other pointer type to be
freely and silently converted to and from a void pointer, and hence
the compiler is unable to detect when a MAC handle is used in a
context where a different pointer type is expected.
An example of multiple such defects was addressed by Change-Id
I01812b2390269805da4d1a5cb40a811d1e22ec56 (qcacld-3.0: Fix bad
pointers being passed from SME to WMA).
To help prevent these kinds of defects change the definition of
mac_handle_t to be a pointer to an opaque struct.
Change-Id: I72483bf0e693d6eca24355f31d3a1653b8f31302
CRs-Fixed: 2268814
Currently sme_qos_is_ts_info_ack_policy_valid() takes a tpAniSirGlobal
mac context param. However this is a global function that is called by
HDD, so it should be taking an opaque handle. Update the function and
all callers to use the appropriate type.
Change-Id: I71759ce184306a90f46e37d79d6bdd7a545c1bc2
CRs-Fixed: 2269181
Currently sme_process_ready_to_ext_wow() takes a tHalHandle context
param. However this is a static internal function, and hence it
should be using the "real" context pointer type tpAniSirGlobal instead
of the opaque reference tHalHandle, so update the API to expect
tpAniSirGlobal (which is what is already being passed by
sme_process_msg()).
Change-Id: I06a2c00334867902e185726d1c7b3ba8c8cb08f5
CRs-Fixed: 2269965
Update pld soc info by structure member to decouple between pld soc info
with platform soc info.
Change-Id: I0e62d4784d7bccfb2f08d3678e1c78e6baaa9ca9
CRs-Fixed: 2268191
Currently there is a chance that driver can access pCurRoamProfile
even after freeing it. While driver frees pCurRoamProfile as part of
csr_roam_process_command in mc thread context/user space context(if
there is no active command in sme queue), it can access the same
variable as part of __wlan_hdd_cfg80211_set_ext_roam_params in user
space context and can result in use after free.
Acquire lock before freeing roam profile to fix this issue.
Change-Id: I16863f35405fa41424060bb2d12c779681095a85
CRs-Fixed: 2265905
Remove the obsolete logic in the SME QOS module.
QDF_STATUS_PMC_PENDING status is not used, so remove the
obsolete code based on this status.
Change-Id: Ie891eddad2b536e43f5f933c8683d41b096bf578
CRs-Fixed: 2269866
SME_QOS_CSR_HANDOFF_FAILURE event is not used and the event
handler is obosolete. Remove the obsolete functionality
Change-Id: I7d3c9732b0550bdedb1c2b06b9d31e2ee3db2480
CRs-Fixed: 2269866
Currently if disconnet is triggered from the supplicant, RSO Stop
is sent with reason REASON_ROAM_STOP_ALL and this sends roam_scan_mode
as 0 to the FW.
However, if disconnect is triggered from the LIM/FW, the RSO Stop
is sent with reason REASON_DISCONNECTED and leads to roam_scan_mode
being sent as 4 which does not disable RSO in the FW.
In STA+STA scenario where vdev0 receives a disconnect from LIM,
RSO is not stopped for vdev0, however driver goes ahead to enable
RSO for vdev1, which leads to FW assert.
Send roam_scan_mode as 0 for RSO Stop command with REASON_DISCONNECTED
also.
Change-Id: Id2147653ecbd91e033f42382aa00a717d280f6e6
CRs-Fixed: 2266778
The csr_linked_list implementation has remnants of a command debugging
infrastructure that is no longer used, so remove those remnants.
Change-Id: Ic217c99b755744eed36c153a4183ed98724e86d7
CRs-Fixed: 2269026
Don't update the global channel list on channel avoidance event. The
LTE channel avoidance is relevant for beaconing entities only.
Change-Id: Iad991e63d59d7070d487c2aef5302ced1d0f91c6
CRs-Fixed: 2267371
The kernel address is used as cookie to keep track
of stats request. This address can be disclosed to
target leading to a security vulnerability.
Implement a FW stats descriptor pool, and use a
descriptor ID to keep track of stats requests,
instead of the kernel address, to prevent
kernel address leak.
Change-Id: Ib49150da899c0b9314f614868a90867f4aa92d3d
CRs-Fixed: 2246110
Driver is selecting first channel from the preferred channel list
if no channel is selected from the sap channel select algorithm.
This leads to the selection of an invalid channel if the entire
preferred channel list is invalid.
To resolve this issue, do not select any channel from the preferred
channel list if the entire list is invalid or if the entire list
is unsafe.
Change-Id: Ic90416fe62f854e2c1f124884c200876f543caba
CRs-Fixed: 2234142
When sta+sap scc enabled on dfs channel then SAP cannot operate on
DFS channel in standalone mode. If STA+SAP are operating in SCC mode
on a DFS channel and STA gets disconnected from reference AP then driver
schedules a workqueue to move the SAP from DFS channel to user configured
channel. At this time if STA again connects to reference AP within few ms
then driver again schedules one more workqueue to move the SAP to STA's
channel. Sometimes the second workqueue may fail to switch the channel
if first one is not yet completed. So added event variable to schedule
second workqueue only when first one is complete.
CRs-Fixed: 2163412
Change-Id: Ia6ce4b6264c35f6d2c809e2a3f65f535e930874e
The HDD handle hHdd in struct tDblLinkList is never referenced, so
remove it from the struct. In addition remove the hHdd parameter from
csr_ll_open() since it is only being used to populate this field.
Change-Id: I6c123c5338feb795fdaea194c2cb7f9bd7a36093
CRs-Fixed: 2269025
In the function lim_process_set_default_scan_ie_request, memory
of MAX_DEFAULT_SCAN_IE_LEN (2048) is allocated for local_ie_buf.
This local_ie_buf accommodates the ie data and also the ext
capabilities. If the local_ie_len, that is used to copy the
ie_data to local_ie_buf is greater than
MAX_DEFAULT_SCAN_IE_LEN(2048) - (DOT11F_IE_EXTCAP_MAX_LEN(15) +
EXT_CAP_IE_HDR_LEN(2)), then heap overflow could occur.
Validate the MAX_DEFAULT_SCAN_IE_LEN against the difference
between MAX_DEFAULT_SCAN_IE_LEN and sum of EXT_CAP_IE_HDR_LEN
and DOT11F_IE_EXTCAP_MAX_LEN.
Change-Id: Id2f950440d69ddb09090643f8a426061c0d336c3
CRs-Fixed: 2231300
Return max tx groups supported in driver for all HIF types.
Earlier max tx group was being returned for SDIO only.
Change-Id: Id0431b03b89945386dd0f5aa0fe01b6d66fadde2
CRs-fixed: 2268757
1) Genoa FW by default enables HI_ACS_FLAGS_SDIO_REDUCE_TX_COMPL_SET.
When this flag is enabled, credits are reported through
HTT_T2H_MSG_TYPE_TX_CREDIT_UPDATE_IND and not through
HTT_T2H_MSG_TYPE_TX_COMPL_IND.
However when TSF and PTP features are enabled we need to get TX
Completions from FW.
Since credits can also be updated through TX Completions
we need to disable updation of credits through TX Completion for Genoa.
2) Enable flag : cfg_ctx->tx_free_at_download to free ol tx descriptors at
download.
Change-Id: I176dc8391ded9fc57f8be2b465effd8ae84eda49
CRs-fixed: 2268757
If STA is already connected on DFS channel and SAP is going to start
on the same channel then skip the CAC for SAP.
If STA and SAP sessions are already operating on same DFS channel,
then ignore radar indication received on SAP interface.
CRs-Fixed: 2130000
Change-Id: Ife0ab6979a07c8773001a43f5a30c9a555dab37a
Currently, discon_in_progress flag is set in SME from HDD when
there is a disconnection request. But after setting the flag it
may wait for any on-going roaming to complete.Doing this may
unnecessarily stop the on-going roaming process. Hence set the
flag after completing the wait time and during the actual time
when the disconnection is about to be started in SME layer.
Change-Id: Ie91049ef2e385ff86d8aa6881799caf432a7e8a5
CRs-Fixed: 2266432
In cds_open() the call to mac_open() currently passes a pointer to the
gp_cds_context->mac_context field. This is a void * field but
mac_open() expects a mac_handle_t * (aka tHalHandle *). This currently
compiles because mac_handle_t is itself a void *. But in the future
the underlying type of mac_handle_t will change, so pass a pointer to
an object of the correct type to mac_open().
Change-Id: Ie3e54c5288bc7d1e9287f30d997b005a5c8dc2ef
CRs-Fixed: 2268813
The sme scan APIs sme_scan_get_result(), sme_scan_result_get_first(),
sme_scan_result_get_next() all take a mac_handle_t (aka tHalHandle) as
the first parameter. However in sme_rrm_send_scan_result() currently a
tpAniSirGlobal is being passed. Even though these ultimately reference
the same structure, an upcoming change will enforce type safety so
update the code to pass a parameter of the correct type.
Change-Id: I83e585bc91cbd9eeab5ecdeae0274196c98f3b4f
CRs-Fixed: 2268812
The sme cfg APIs sme_cfg_get_int(), sme_cfg_set_int(),
sme_cfg_get_str(), and sme_cfg_set_str() all take a mac_handle_t (aka
tHalHandle) as the first parameter. However in some cases the caller
is actually passing a tpAniSirGlobal. Even though these ultimately
reference the same structure, an upcoming change will enforce type
safety so update the bad callers to pass a parameter of the correct
type.
Change-Id: I7f602c2c6c25f15efe239cb1ba2c0c8e5bfd3e0a
CRs-Fixed: 2268811
Currently csr_set_channels() takes a tHalHandle context param.
However csr is internal to the UMAC, and hence it should be using the
"real" context pointer type tpAniSirGlobal instead of the opaque
reference tHalHandle, so update the API to expect tpAniSirGlobal.
Change-Id: Idf260cce60cd436ac871b4df3620cf1baf2b06c3
CRs-Fixed: 2268810
Currently csr_dump_connection_stats() passes a tpAniSirGlobal to
sme_get_rssi_snr_by_bssid() but a tHalHandle is expected, so correct
the call to pass the correct parameter.
Change-Id: I51216e2636a88fea30b007dcc5eee95000cafe60
CRs-Fixed: 2268809
