In MBO 5.2.6 Test, the sigma dut will disable roaming by supplicant
and invoke roaming by "WMI_ROAM_INVOKE_CMDID" to FT roam to new AP.
Revert the previous change Ia471998cf631948d8ffa701e67fcee22eebb0fa0
to not set roaming mode to WMI_ROAM_SCAN_MODE_NONE for supplicant
disabled roaming because Firmware will not support force roaming by
"WMI_ROAM_INVOKE_CMDID" command in roam mode WMI_ROAM_SCAN_MODE_NONE.
The original issue of above change will be fixed in
If50a306b6019320ddab2ac1695a57718d27f477a.
Change-Id: I30e6405895bfa236a71f8f8d8fe3b7b933f40412
CRs-Fixed: 2755801
As driver already have frequency API use
wlan_reg_is_passive_or_disable_for_freq instead of converting
freq to channel and calling the channel API
wlan_reg_is_passive_or_disable_ch.
Change-Id: Ib6a9c4c1016911ff7a9598cbfd14797e305c75f3
CRs-Fixed: 2753825
The in_ifaddr in in_dev->ifa_list which stores IP info is freed
maybe due to lifetime hit/wlan interface re-connect, etc. In
the meantime, lot ARP request frame is pending in DP RX thread and
still try to do local ARP check in function hdd_is_arp_local(),
this function will go through in_dev->ifa_list but no lock
protection, use after free happened due to race condition.
Add lock protection in hdd_is_arp_local().
Change-Id: Iaa97d445d3c4c0b79b5b9f63362df2601f62af5b
CRs-Fixed: 2751469
Convert the TWT request type command to WMI TWT request type
value to configure it to FW.
Change-Id: I6bd550ec9a6cf971e3d8fc5df596f2ea521d9636
CRs-Fixed: 2750153
In lim_handle_csa_offload_msg(), mac->scan.countryCodeCurrent is
passed in regulatory API wlan_reg_dmn_get_chanwidth_from_opclass
to get the opclass. mac_ctx->scan.countryCodeCurrent is no more
updated after the regulatory componentization so get country
using wlan_reg_read_current_country() instead of it.
Change-Id: Ic56e4bf33784fa5f64aedd431ebe41275a7666b2
CRs-Fixed: 2742068
In case of pre-cac as part of pre-cac vdev delete the whole
mac_ctx->sap is zero in sap_clear_global_dfs_param() and thus the
loop for mac_ctx->sap.sapCtxList always return null sap ctx. Due
to this if radar is dedected on the original SAP, the vdev switch
to new channel is ignored.
Also in case of radar detection if SAP moves to 2.4ghz, the HW mode
change is not attempted and thus vdev restart fails on 2.4ghz if HW
mode is not DBS.
Thus dont reset the mac_ctx->sap in sap_clear_global_dfs_param() and
add check if HW mode change is required when channel change due to
Radar detection.
Change-Id: Id44a0ddbbb20035412b0c039c12f7f59f2c37f1a
CRs-Fixed: 2753029
Take care to update the EAPOL Tx frame DA with AP mac addr if
DA is broadcast address as EAPOL BC doesnot make sense.
Change-Id: Id58b7b7971f5a7c11de0b46c6189a6e6ad1917ab
CRs-Fixed: 2745826
Scenario:
(1) vdev0 is running RX traffic, vdev2 is doing vdev detach, vdev2
will send RX_VDEV_DEL_EVENT to dp thread, but if dp thread is slow
to process thread queue frame in dp_rx_thread_process_nbufq(),
like if Kasan is enabled. RX_VDEV_DEL_EVENT will be delayed and
vdev2 corresbonding stack queue frame can not be flushed
before net_dev is freed, later will hit panic.
(2) vdev2 detach set rx_thread->vdev_del_event but not be
cleared due to qdf_wait_single_event() timeout, later vdev2
attach/detach again, this time as rx_thread->vdev_del_event
is not cleared so it will skip waiting dp thread, vdev2 realted
net_dev freed before dp thread do napi_gro_flush.
solution:
(1) reset rx_thread->vdev_del_event before wait this event.
(2) Increase DP_RX_THREAD_WAIT_TIMEOUT to 1000 ms.
Change-Id: Ibc1d761be3588fc3ee6c383b8779f56b2c9f17cd
CRs-Fixed: 2736887
When vdev response timeout happens from the firmware, vdev will
be logically deleted in the host and peer won't be deleted in
host and firmware. To catch these scenarios early on stages,
trigger self recovery when vdev delete response timeout happens.
Change-Id: I63d7b8aa315ba0b6a0e4bab60c2db535d99285ba
CRs-Fixed: 2754602
For channel switch event, the kernel expects the
center_freq1 contains the channel center frequency
of 160MHz. Use the the mhz_freq_seg1 of chan parameter
to fill the kernel struct.
Change-Id: I4ad7cb2a0a1f93f324b9afb63493888984006194
CRs-Fixed: 2744698
Add new code to implement below functions for connection manager
roam part:
And below two RSO command related process:
ROAM_SCAN_OFFLOAD_STOP
ROAM_SCAN_OFFLOAD_UPDATE_CFG
Change-Id: I378b969ddae77fff49ad1d4d8ce21764b292e5ac
CRs-Fixed: 2753011
The Tlv of the hang data is reduced to 2bytes from the 4bytes
change the structure definitions accordingly.
Change-Id: Ic535a7b985d028076d14afebe603dfa3fd8e94d3
CRs-Fixed: 2753804
Un-initialized use of boolean variable 'is_host_pdev_id'
of struct pdev_params is causing wrong remapping of pdev_id
before passing it down to fw with WMI_PDEV_SET_PARAM_CMDID
resulting in unexpected behavior in fw.
Fixing this by initializing pdev_param, instance of struct
pdev_params to zero.
Change-Id: I2e6333c966d602cd4dcc72749dca23a48097028a
CRs-Fixed: 2747575
Update the Punctured Preamble Rx support only from 5G band device
capabilities.
Change-Id: I5bd357a66abb5429d8bf059660bd53864b4f1956
CRs-Fixed: 2749061
In commit I5aa50145fcd3ba91b1c92d4817b7f0e4fc216e3f for FT-SuiteB
case Memory is allocated for GTK/IGTK in wlan_parse_ftie_sha384
while parsing the FTIE in Assoc/Reassoc response but it is not
freed properly.
This change does the respective mem free wherever required.
Change-Id: I59ccdd234efd2ee693b05426e62d3c2422fb5326
CRs-Fixed: 2747641
Currently, shutdown notifiers are purged after closing WMA and
PE modules. If there is an SSR in between these modules close
and purging the shutdown notifiers, SSR sequence will try to
access the timers that are already freed in modules close.
To avoid this, purge shutdown notifiers before closing WMA and
PE modules.
Change-Id: I6a192b11d0f99c93c70bd244072bec353327d843
CRs-Fixed: 2745954
Move the lim_default_hmac_sha256_kdf() & lim_create_fils_rik()
API to crypto component since both these API are primarily for
cryptographic derivation of re-authentication integrity key(rIK)
Use the new crypto APIs qdf_default_hmac_sha256_kdf(),
wlan_crypto_create_fils_rik() for this.
Change-Id: I22c20b13f46c13a34a2c4fd2ea7490f9a1441d21
CRs-Fixed: 2752632
If rmmod is in progress, return -EAGAIN for idle shutdown such that
cnss driver does not power off the soc and rmmod can succeed.
Change-Id: I91845da41bb666792a55aa3d446058025ce0fadb
CRs-Fixed: 2751194
During the module initialization the scheduler thread and the
init thread run in parallel if there is a failure in the error
path, the scheduler thread is not aware and still sending
the messages to firmware resulting in system instability.
Disable the scheduler as soon as there is an error in the init path.
Change-Id: I50546a84cbfed86a0bdd6e4e38ede411f4e924d2
CRs-Fixed: 2742025
Fixing the failure of set_quota feature for IPA stats,
currently calling set_quota during resource_loading, but
it is supposed to be called if resource_loading is false.
This is causing IPA stats set_quota feature is getting
failed for Adrestea targets and fixing the same.
Change-Id: I95ad60a8e15f4faaea34093785422ad494ee1fb4
CRs-Fixed: 2730655
WMI handler is registered for twt_session_stats event.
Upon wmi event twt session parameters are extracted and
cached in peer mc_cp_stats. UMAC APIs are provided to
retrieve TWT session parameters from north bound
interface(hdd) using twt peer's mac_addr/session dialog_id
CRs-Fixed: 2730732
Change-Id: I8ce38ac6be97e844e26e03751c6d6cca981b82b4
When DFS channel is used WMI_VDEV_TSF_TSTAMP_ACTION_CMDID is
sent to fw before vdev is in up state. It leads the tsf capture
to enter into HDD_TS_STATUS_WAITING state as the fw returns
invalid tsf in the TSF report event.
The tsf capture has to be restarted to recover from this state.
Fix this by Calling hdd_stop_tsf_sync() while entering into CAC,
the subsequent call to hdd_start_tsf_sync() will restart the tsf
capture.
CRs-Fixed: 2750676
Change-Id: Ie2fdf719d4b57035bf6fcc11824a894a1e313e23
As the channel numbers are no longer unique use
wlan_reg_get_channel_state_for_freq() to get the
channel state and populate the valid channel list.
Change-Id: I182cea44c234cd0da2010f7b2c807b70c51cce85
CRs-Fixed: 2747949
Currently, stats over QMI features can only be disabled over build flags,
which is not flexible. Hence, add a CFG ini item to enable/disable stats
over QMI.
Change-Id: Idb27b712f8a831059dd6d6d12350533361d4d693
CRs-Fixed: 2752316
Directly dereferencing pointer beacon_xmit_ind before
null-checking, which may result in null pointer issue.
Meanwhile, measurement_idx should be checked to avoid
out-of-bounds read.
Fix is to check before dereferencing it.
CRs-Fixed: 2751550
Change-Id: I5241b3b16fcd9a04da121fd938b27d4070ea4e06
