For SAP (2.4G) + SAP (5g dfs chan), the radar event
will be posted to all vdevs. 2.4 SAP will run into
failure in random chan selection.
Fix by ignoring radar event for Non dfs channel SAP.
Change-Id: I739f2a84f17941e501dfe52c9cd12afc6a42425f
CRs-Fixed: 2294077
The hosts sends the beacon template to firmware through the
command WMI_BCN_TMPL_CMDID. The firmware sends a TX complete
indication via the WMI_OFFLOAD_BCN_TX_STATUS_EVENT and upon
receiving this host decrements the CSA count.
The hosts waits until the csa count becomes zero and then sends
vdev restart to firmware. There are some issues with this
implementation when 10 beacons with CSA are taking more time
than 1 sec. This is because in STA+SAP case sometime the
WMI_OFFLOAD_BCN_TX_STATUS_EVENT is received after in 200-300ms.
If the host doesn't receive the channel change event, it gets
struck in the channel change.
To avoid this scenario, send the beacon template to the firmware
for every beacon interval without waiting for the beacon TX
complete indication from FW except for the first beacon template
updation. Introduced a new timer (ap_ecsa_timer) to update the
firmware with the beacon template.
Change-Id: I377768b87c96fd5064aa04d1ed5434a475e656ef
CRs-Fixed: 2294661
Revert I457c20f6ba908cac32cfc9b27fbaf980f1ec174d, which removes the
check to ensure recovery has been enabled via configuration before
starting the recovery process. This is a critical feature for internal
debugging. The check was moved into cds_trigger_recovery() to prevent
callers from bypassing this configuration and unconditionally asserting
the target firmware. Restore that check now.
Change-Id: Ieb347cfcd0eecd24f005d374c0fead07c34f3705
CRs-Fixed: 2296038
cds_trigger_recovery() already checks for various conditions before
actually triggering recovery. One of these checks ensures that recovery
is enabled, but some callers are checking to see if recovery is enabled
before calling cds_trigger_recovery() as well. Because of this, some
important checks are skipped, and crashes can occur when they should
not. Remove the redundant checks at the call sites for
cds_trigger_recovery() so that all of the recovery conditions are
properly handled, and the wlan driver avoids crashing when it should
not.
Change-Id: I8c26a002b66496a1eb06263f3f8b91ead739e3ac
CRs-Fixed: 2296008
When channel 4 is unsafe channel in 2.4g LTE coex ACS case,
the weight for channel 4 will be calculated as 0 by function
sap_sort_chl_weight_ht40_24_g, it's wrong because weight_copy
doesn't be initialized in this case, so acs channel select
may choose wrong channel to start sap.
Fix is to add initialization for weight_copy when weight is
SAP_ACS_WEIGHT_MAX.
Change-Id: I4aa0fb133774d9980146a9ceae9b91154bd15bbc
CRs-Fixed: 2282371
Scheduled scan (a.k.a Preferred Network Offload, PNO) is intended to be
used only for station interfaces. However, it has been observed that
userspace will send scheduled scan requests for non-station interfaces.
Reject requests to start or stop a scheduled scan on non-station
interfaces.
Change-Id: If5abd242f134518ac4e3d942c1513c66b5c50ff3
CRs-Fixed: 2295101
In wma_vdev_resp_timer(), while handling WMA_DEL_STA_SELF_REQ if
wma_crash_on_fw_timeout() is true, then wma_vdev_resp_timer initiate
SSR and memset iface structure without freeing iface->del_staself_req.
This results mem leak in wma_vdev_resp_timer().
Free all the dynamic memory from iface structure in wma_vdev_deinit()
instead of handling them separately.
Change-Id: I7b16ddc9dfb70638c6f895bd97cd9c106bfad595
CRs-Fixed: 2293099
Clean up the WMA context structure which currently has the following
issues:
1) Fields are defined that are unused
2) Fields are defined that are missing documentation
3) Fields are defined with documentation inline rather than in the
documentation block
4) Documentation exists for fields that are no longer present
Change-Id: Ia9fb52c3967818c0a12ade7a15f0c353494f56de
CRs-Fixed: 2296105
pe session_id should not be used as vdev_id.
Add a vdevId field to tAggrAddTsParams struct
and fill smeSessionId as vdevId and pass this
down.
Change-Id: Id021dda35a32f7870277d405c85a0878d7baa3f3
CRs-fixed: 2272126
Do not required to print function and line number
for data path statistics function which is invoked
by ioctl.
Change data path statistics to info print so
that it can be printed in dmesg as well.
Change-Id: I4b5ea4202255ace71dbb6f9a4bbff6f93e496425
CRs-Fixed: 2278885
When peer creation fails in wma_set_link_state, wma sends the
WMA_SET_LINK_STATE_RSP msg to LIM and Lim frees the msg->bodyptr
But there is a situation occurs where after this wma_peer_create
fails, mc thread stop sys event also occurs where the mac_stop
is invoked which calls the pe_free_msg -> pe_free_nested_messages
In pe_free_nested_messages, if the msg type is
WMA_SET_LINK_STATE_RSP, we free the msg->bodyptr->callbackArg.
This callbackArg points to the PE session. Trying to free the
PE session results in memory corruption.
Just pass the session id as callback argument when the callback
is lim_post_join_set_link_state_callback.
Change-Id: I27f9127685ac7ef8d215b135f1625e8e2f225fc0
CRs-Fixed: 2287827
Peer assoc command expects a response from firmware so peer
assoc timer is started at wma once command sent to firmware.
In the failure scenario peer assoc command is dropped at wma due to
unavilable 11b rates but timer was not stopped. So at later point of
time timer got expired and it triggered timeout error handling.
Dont start the timer in failure scenario and send failure response to LIM
if the peer assoc command failed to send command to firmware.
Change-Id: Iaa644fbe7940502fc07b5110787c2dc5b58f4612
CRs-Fixed: 2292610
After bring up SAP(2G)+SAP(5G) DBS mode, initiate CSA on SAP2
from 5G to 2G (DBS mode to SCC mode) with cmd:
iwpriv wlan1 setChanChange X
assert will happen.
Fix: SAP+SAP on same band on Helium is not PORed case yet,
Do concurrency check for path: iwpriv wlan0 setChanChange X.
Change-Id: Iacd6f2b4c49f4bb52739f602e7ba1e8cd9be04bc
CRs-Fixed: 2289366
Kernel checkpatch is throwing style issues due to use of camel case
notation for SAP FSM states.
To fix this, rename states according to kernel coding guidelines.
Change-Id: Ia09cccb7c51a61436d067710a763bed7f2437820
CRs-Fixed: 2295580
In preassoc state, if the set link state has failed to create the
peer, then send back a failure status to the upper layers and
ensure that the set link state for failure is not called again
because this will eventually call vdev stop and lead to a vdev
stop response and then lead to a peer delete attempt which is
really not needed since the peer has not been created at all.
Change-Id: I265726000204bab51c429a2d00cdd599d8064170
CRs-Fixed: 2286684
When a station connected to one of the sap interface reassociates
to the other sap interface, the driver triggers internal
disconnect for that station with disassocTrigger =
eLIM_DUPLICATE_ENTRY. Once this station is deleted from firmware
we send add sta for the station lim_send_sme_disassoc_ntf on the
sap interface to which the station is to be connected. But the
first SAP interface doesn't send eWNI_SME_DISCONNECT_DONE_IND to
remove eSmeCommandWmStatusChange.
send eWNI_SME_DISCONNECT_DONE_IND from lim_send_sme_disassoc_ntf
in case eLIM_DUPLICATE_ENTRY.
Change-Id: Ibc3cc8121928fe83cc1d8cf3e98419bf5f7f7d1c
CRs-Fixed: 2286783
hdd_parse_disable_chan_cmd() misleadingly indents code after a for loop
without brackets in such a way that it is easy to assume the code is
inside the for loop, but it is not. Not only does this cause build
failure for some configurations, but is dangerously confusing for future
readers. Remove the misleading indentation in
hdd_parse_disable_chan_cmd().
Change-Id: I4af2bd4b05719354db730ef39a3b6ec18d6f842b
CRs-Fixed: 2290196
The scan_id_counter in the WMA context is initialized but never
incremented or read. Since it is not actually used, remove it.
Change-Id: Id159ba6ff36ae2a3977978f8799cf16aeee5300d
CRs-Fixed: 2294150
The driver_type field in the WMA context is written but never
read. Since it is not actually used, remove it.
Change-Id: I646fea6fc5f08bf090980de755055b58f6fec0cd
CRs-Fixed: 2294149
Change "qcacmn: Remove struct extended_caps" (Change-Id
I96fd072b7d6b58a9c237165fcba7ed8c8da0eae3) in the
qca-wifi-host-cmn project removed the only reference to
struct hw_mode_idx_to_mac_cap_idx. Since this struct is
now obsolete, remove it.
Change-Id: I1b57c09d18ec52574e34487122fe526b10b9f51f
CRs-Fixed: 2294148
If wait for key is set during close session, the request is dropped
in CSR and thus during SSR the BSS peer and SELF peer are not
deleted resulting in peer leakage.
Fix this by resetting wait for key before sending close session.
Change-Id: I139640ad5ad473372bce24413f7ace1cef32fbc3
CRs-Fixed: 2294417
