In the present scenario the function wlan_cfg80211_cleanup_scan_queue
does the code scan queue cleanup during radio detach, leading to access of
freed vdev netdev.
Extend cfg80211 scan cleanup API to support netdev level cleanup. The
second parameter if NULL cleans up all the queues or only the queue of
the specific net dev given.
Change-Id: I2a6b350fe5102b2a5d772dd9a075003ccf3b684c
CRs-Fixed: 2197309
If multiple auth req comes, it added to the header of message queue
but in between mc thread could be processing some beacon frame. while
processing beacon, SAP gets assoc req and adds it to head of message
queue and will be processed first instead of auth req. After sending
of accoc rsp, mc thread will start to process queued auth req, which
is at the top of message queue which will result in deauthentication.
Reverts commit 360c5d590ec8 ("qcacld-3.0: Prioritize connection req
frames in pe queue")
Change-Id: Iaf511be1160e05cfcd9d60f18be4339587308089
CRs-Fixed: 2192836
The checkpatch script has identified instances of "Missing a blank
line after declarations" in HDD, so add them.
Change-Id: I289072b26e0c9c1f8392616438e304b018d9ecd2
CRs-Fixed: 2198555
Currently hdd_roam_deregister_sta() tests the STA to see if it is in
the eConnectionState_IbssDisconnected state, but then doesn't actually
do anything if it is true. Since this is obviously an obsolete test
where the action code has been previously removed, now remove the
actual test.
Change-Id: I6a0077088d87f91b8d8f220049de05a19232995b
CRs-Fixed: 2198554
WoW is always enabled on ROME and ADRASTEA platforms and wow
wake up pattern configuration is dynamic based on vdev type.
All wow wake up patterns are configured at the time of vdev
creation. HDD and SME has obsolete wow enter and exit logic
and hence nuke it.
Change-Id: I228ff5b77a7f9dac579448ada4ebee591d5a0c38
CRs-Fixed: 2198644
In wma_vdev_delete_handler() once vdev req is removed from the
vdev_resp_queue the vdev rsp timer is stopped and freed after
releasing the wake lock and vdev detach callback.
So before vdev rsp timer is stopped it may get expired and
post msg in MC thread. Now once this timer msg is processed it
access the already freed memory.
To fix it stop vdev rsp timer first before releasing the wake
lock and vdev detach callback.
Change-Id: Iface6d1faaa9f801d0da7a70d548eafbd082dc48
CRs-Fixed: 2196338
Current driver posts the high and low Tx TPUT indications to cnss-daemon to
tune the tcp_limit_output_byte system parameter. Add option to disable it.
Change-Id: Ic65fe0bd762024425cabf2f1f07123211dce5dce
CRs-Fixed: 2197112
ICM does not support hw_mode=any at present. When hw_mode is
set to any in hostapd.conf, HOST driver choose one band out of
2.4Ghz and 5Ghz based on "acs_freq_band" ini item and update the
ACS and PCL channel list accordingly. But currently driver does
not send updated band to ICM and so ICM still gets BAND_ALL from
HOST driver which is INVALID for ICM module. As a result ICM
algorithm does not run and channel selection fails.
Send Updated band to ICM and also update channel width accordingly
for 2.4Ghz band as it does not support 80/160/80PLUS80 Mhz.
Change-Id: I13593a3c59c204d1ff7677e67d96d039c9456568
CRs-Fixed: 2196247
qcacld-2.0 to qcacld-3.0 propagation
Send host timestamp to firmware, so that firmware can print the
logs timestamp in sync with host.
Change-Id: I1d4d223aa1c8e207941ab659f69b72a855e3a604
CRs-Fixed: 2193976
Check the total supported mac and phy count for capability
parsing in service ready extension event.
Change-Id: Ibde9040e5adf97d53645f714e5e8981dd1a9d22a
CRs-Fixed: 2194602
The checkpatch script has identified an instance of a non-conformant
block comment in wlan_hdd_main.h, so fix it.
Change-Id: Ie76156601021e2b5e503280337b38792217b7dbc
CRs-Fixed: 2197711
The checkpatch script has identified instances of "else after return"
that is not conformant with the Linux coding style, so fix them.
Change-Id: Ica4ccb1ef1c865089851e928ddeaa27ea54bcb4a
CRs-Fixed: 2197681
The checkpatch script has identified multiple instances of non-conformant
indentation in HDD, so fix them.
Change-Id: Icb28911e54324198d50018fcaf6d6662c9dc161c
CRs-Fixed: 2197006
The checkpatch script has identified two instances of non-conformant
brace placement in HDD, so fix them.
Change-Id: I0c8bbf2258b24c4876c6a8749633b90873980e95
CRs-Fixed: 2196976
Add check for GMAC offload capability wmi_service_gmac_offload_support.
If firmware supports GMAC offload, trim MMIE when driver receives
PMF frame. Otherwise, driver calculates MIC and trims MMIE.
Also, add support for suiteB auth types during roaming in
e_csr_auth_type_to_rsn_authmode.
Change-Id: Id44f44a41297ca3e462d14905f5986f904a639fd
CRs-Fixed: 2185819
While changing the channel, driver needs to add vdev restart instead
of channel switch.
Change-Id: I2d5a40aee2108feda5da5e41c6d18aab6c3a30bc
CRs-Fixed: 2182014
The qdf_str APIs have recently been moved from qdf_mem. Reference the
new qdf_str.h header file where appropriate.
Change-Id: I2be5fa3f511fd6d67b4217243f4b3498321e0a9f
CRs-Fixed: 2196120
Send a ROAM_STOP command to firmware with an explicit
reason code for the failure so that it is not blocked
in WMA before sending it to firmware.
Change-Id: I4d7e2e525c145ca0e990dcef85948285e2186c63
CRs-Fixed: 2182671
When LFR2 roaming on same channel, after pre-auth resp received,
A new PE session is created, currentOperChannel is 0 before
lim_fill_ft_session, not same as currentOperChannel of original
session, so lim_is_in_mcc return true, pre-auth auth result is
not sent to SME/CSR for lim_ft_process_pre_auth_result isn't
called in lim_handle_ft_pre_auth_rsp
Change-Id: If8686c7f73c76655f7ab69c23fb97a7bb540732f
CRs-Fixed: 2195749
Adds logic in frame parser to use default RSN IE fields if optional
fields are not present in IE. So if RSN IE doesn't contain AKM,
group and unicast cipher use the default AKM(AKM_IEEE8021X) and
cipher (CCMP). Also adds sanity checks for RSNE in the frame parser.
Change-Id: I120a29c21407f82aab2c6fcdcaf1095518cb71b5
CRs-Fixed: 2195951
One of the arrays defined in data-path's API is not initialized
and this API assumes that subsequent loop will fill up the array to
correct default value. This assumption is wrong.
Intialize the array "save_peer_id_ref_cnt" in API
"ol_txrx_peer_remove_obj_map_entries" to default value "0" to avoid
any issue.
CRs-Fixed: 2196084
Change-Id: If0080708662fc44e6583823717798a9f505ec1d0
Currently when the MAC address is changed dynamically, invalid MAC
(Broadcast, Multicast and 00:00:00:00:00:00) are getting accepted
and interface is getting up on these invalid addresses because
of this device is trying to connect to AP with the configured
invalid address.
To address this issue reject all invalid MAC addresses
when MAC is dynamically getting configured.
Change-Id: If2530b213b5ffc2ddf0bc728138e1f3200f33286
CRs-Fixed: 2190468
When stop_bss from HDD is received when a SAP channel change request
is currently in progress and channel change response is not yet
received from the FW, the stop_bss would clear the SAP session and
when channel change response is received, we try to start BSS again.
The CSR roam state is also set to JOINING in this case.
As part of start BSS, we queue set key command to SME active command
list. Since the session has been cleared, eWNI_SME_SETCONTEXT_RSP
sent to lim would not be processed in CSR state JOINING leading to set
key command stuck in the active command list.
Do not restart BSS after channel change response if stop BSS is in
progress. Also handle eWNI_SME_SETCONTEXT_RSP and clear the command
queue in CSR Joining state.
Change-Id: I8dbab054746d26cc92fc2274d35ce76a694035fe
CRs-Fixed: 2193505
In MCC tx path, skb is owned by IPA driver, where IPA driver provides
wlan driver directly DMA mapped address. Doing dma unmap of the skb
will lead to skb dma map check failure.
Fix is to skip dma unmap for IPA owned skb and let IPA driver handle
dma unmap.
Change-Id: Ib38ca949ba915785e460c05172b70088a3564b1c
CRs-Fixed: 2189889
