qcacld-3.0: Fix some LFR2.0 issues for connection manager path

Fix some LFR2.0 issues for connection manager path as below:
1: Add ptr null pointer and len check before access
rsp->connect_ies.bcn_probe_rsp.
2: Remove aged AP threshold check so that roam process can find
candidate AP with more probability.
3: Set cm_ctx->vdev to cmd_info.vdev in
cm_remove_preauth_cmd_from_serialization().
4: Add more debug logs for preauth part.

Change-Id: I4b0766bba40e3ebc3d01bdd4ae59aec1ec3a21d9
CRs-Fixed: 2961151

components/umac/mlme/connection_mgr/core/src/wlan_cm_host_roam_preauth.c

@@ -74,6 +74,11 @@ static QDF_STATUS cm_get_valid_preauth_candidate(struct cm_roam_req *cm_req)
 
 	cm_req->num_preauth_retry++;
 
+	mlme_debug(CM_PREFIX_FMT "Try preauth attempt no. %d for bssid:" QDF_MAC_ADDR_FMT,
+		   CM_PREFIX_REF(vdev_id, cm_req->cm_id),
+		   cm_req->num_preauth_retry,
+		   QDF_MAC_ADDR_REF(cm_req->cur_candidate->entry->bssid.bytes));
+
 	return QDF_STATUS_SUCCESS;
 }
 
@@ -653,6 +658,10 @@ void cm_preauth_done_resp(struct cnx_mgr *cm_ctx, struct wlan_preauth_rsp *rsp)
 		cm_req = cm_get_req_by_cm_id(cm_ctx, cm_id);
 		if (!cm_req)
 			return;
+		mlme_info(CM_PREFIX_FMT "Preauth attempt no. %d failed for bssid:" QDF_MAC_ADDR_FMT,
+			  CM_PREFIX_REF(wlan_vdev_get_id(cm_ctx->vdev), cm_id),
+			  cm_req->roam_req.num_preauth_retry,
+			  QDF_MAC_ADDR_REF(rsp->pre_auth_bssid.bytes));
 
 		/* retry again with same or new candidate */
 		status = cm_host_roam_preauth_start(cm_ctx, cm_req);
@@ -681,6 +690,7 @@ static void cm_remove_preauth_cmd_from_serialization(struct cnx_mgr *cm_ctx,
 	struct wlan_serialization_queued_cmd_info cmd_info;
 
 	qdf_mem_zero(&cmd_info, sizeof(cmd_info));
+	cmd_info.vdev = cm_ctx->vdev;
 	cmd_info.cmd_id = cm_id;
 	cmd_info.req_type = WLAN_SER_CANCEL_NON_SCAN_CMD;
 	cmd_info.cmd_type = WLAN_SER_CMD_PERFORM_PRE_AUTH;
@@ -714,6 +724,10 @@ static QDF_STATUS cm_preauth_rsp(struct wlan_objmgr_vdev *vdev,
 	}
 	rsp->cm_id = cm_id;
 
+	mlme_debug(CM_PREFIX_FMT "preauth resp status %d bssid:" QDF_MAC_ADDR_FMT,
+		   CM_PREFIX_REF(wlan_vdev_get_id(vdev), cm_id),
+		   rsp->status, QDF_MAC_ADDR_REF(rsp->pre_auth_bssid.bytes));
+
 	cm_remove_preauth_cmd_from_serialization(cm_ctx, cm_id);
 
 	status = cm_sm_deliver_event(vdev, WLAN_CM_SM_EV_PREAUTH_RESP,
@@ -739,7 +753,8 @@ QDF_STATUS cm_handle_preauth_rsp(struct scheduler_msg *msg)
 	vdev = wlan_objmgr_get_vdev_by_id_from_psoc(rsp->psoc, rsp->vdev_id,
 						    WLAN_MLME_CM_ID);
 	if (!vdev) {
-		mlme_err("vdev_id: %d : vdev not found", rsp->vdev_id);
+		mlme_err("vdev_id: %d : vdev not found, status %d",
+			 rsp->vdev_id, rsp->status);
 		status = QDF_STATUS_E_INVAL;
 		goto end;
 	}

components/umac/mlme/connection_mgr/core/src/wlan_cm_host_util.c

@@ -30,8 +30,6 @@
 #include "wlan_logging_sock_svc.h"
 #include "connection_mgr/core/src/wlan_cm_roam.h"
 
-#define ROAM_AP_AGE_LIMIT_MS                     10000
-
 /*
  * cm_copy_ssids_from_rso_config_params() - copy SSID from rso_config_params
  * to scan filter
@@ -127,9 +125,6 @@ QDF_STATUS cm_update_advance_roam_scan_filter(
 	else if (rso_cfg->rsn_cap & WLAN_CRYPTO_RSN_CAP_MFP_ENABLED)
 		filter->pmf_cap = WLAN_PMF_CAPABLE;
 
-	/* Dont Consider AP older than ROAM_AP_AGE_LIMIT_MS */
-	filter->age_threshold = ROAM_AP_AGE_LIMIT_MS;
-
 	return QDF_STATUS_SUCCESS;
 }
 

core/hdd/src/wlan_hdd_cm_connect.c

@@ -553,9 +553,11 @@ static void hdd_cm_save_bss_info(struct hdd_adapter *adapter,
 
 	qdf_mem_zero(&hdd_sta_ctx->conn_info.hs20vendor_ie,
 		     sizeof(hdd_sta_ctx->conn_info.hs20vendor_ie));
-	sme_get_hs20vendor_ie(mac_handle, rsp->connect_ies.bcn_probe_rsp.ptr,
-			      rsp->connect_ies.bcn_probe_rsp.len,
-			      &hdd_sta_ctx->conn_info.hs20vendor_ie);
+	if (rsp->connect_ies.bcn_probe_rsp.ptr)
+		sme_get_hs20vendor_ie(mac_handle,
+				      rsp->connect_ies.bcn_probe_rsp.ptr,
+				      rsp->connect_ies.bcn_probe_rsp.len,
+				      &hdd_sta_ctx->conn_info.hs20vendor_ie);
 
 	status = sme_unpack_assoc_rsp(mac_handle,
 				      rsp->connect_ies.assoc_rsp.ptr,
@@ -755,6 +757,15 @@ static void hdd_cm_save_connect_info(struct hdd_adapter *adapter,
 				sme_phy_mode_to_dot11mode(des_chan->ch_phymode);
 
 	sta_ctx->conn_info.ch_width = des_chan->ch_width;
+	if (!rsp->connect_ies.bcn_probe_rsp.ptr ||
+	    (rsp->connect_ies.bcn_probe_rsp.len <
+	     (sizeof(struct wlan_frame_hdr) +
+	      offsetof(struct wlan_bcn_frame, ie)))) {
+		hdd_err("beacon len is invalid %d",
+			rsp->connect_ies.bcn_probe_rsp.len);
+		qdf_mem_free(bcn_ie);
+		return;
+	}
 
 	ie_len = (rsp->connect_ies.bcn_probe_rsp.len -
 			sizeof(struct wlan_frame_hdr) -
@@ -841,16 +852,18 @@ hdd_cm_connect_success_pre_user_update(struct wlan_objmgr_vdev *vdev,
 
 	adapter->wapi_info.is_wapi_sta = hdd_cm_is_wapi_sta(
 						sta_ctx->conn_info.auth_type);
+	if (adapter->device_mode == QDF_STA_MODE &&
+	    rsp->connect_ies.bcn_probe_rsp.ptr &&
+	    (rsp->connect_ies.bcn_probe_rsp.len >
+	     (sizeof(struct wlan_frame_hdr) +
+	      offsetof(struct wlan_bcn_frame, ie)))) {
+		ie_len = (rsp->connect_ies.bcn_probe_rsp.len -
+				sizeof(struct wlan_frame_hdr) -
+				offsetof(struct wlan_bcn_frame, ie));
 
-	ie_len = (rsp->connect_ies.bcn_probe_rsp.len -
-			sizeof(struct wlan_frame_hdr) -
-			offsetof(struct wlan_bcn_frame, ie));
-
-	ie_field  = (uint8_t *)(rsp->connect_ies.bcn_probe_rsp.ptr +
+		ie_field  = (uint8_t *)(rsp->connect_ies.bcn_probe_rsp.ptr +
 				sizeof(struct wlan_frame_hdr) +
 				offsetof(struct wlan_bcn_frame, ie));
-
-	if (adapter->device_mode == QDF_STA_MODE) {
 		sta_ctx->ap_supports_immediate_power_save =
 				wlan_hdd_is_ap_supports_immediate_power_save(
 				     ie_field, ie_len);

core/sme/src/csr/csr_api_roam.c

@@ -12534,6 +12534,34 @@ csr_qos_send_reassoc_ind(struct mac_context *mac_ctx,
 {}
 #endif
 
+static void
+csr_update_beacon_in_connect_rsp(struct scan_cache_entry *entry,
+				 struct wlan_connect_rsp_ies *connect_ies)
+{
+	if (!entry)
+		return;
+
+	/* no need to update if already present */
+	if (connect_ies->bcn_probe_rsp.ptr)
+		return;
+
+	/*
+	 * In case connection to MBSSID: Non Tx BSS OR host reassoc,
+	 * vdev/peer manager doesn't send unicast probe req so fill the
+	 * beacon in connect resp IEs here.
+	 */
+	connect_ies->bcn_probe_rsp.len =
+				util_scan_entry_frame_len(entry);
+	connect_ies->bcn_probe_rsp.ptr =
+		qdf_mem_malloc(connect_ies->bcn_probe_rsp.len);
+	if (!connect_ies->bcn_probe_rsp.ptr)
+		return;
+
+	qdf_mem_copy(connect_ies->bcn_probe_rsp.ptr,
+		     util_scan_entry_frame_ptr(entry),
+		     connect_ies->bcn_probe_rsp.len);
+}
+
 static void csr_fill_connected_profile(struct mac_context *mac_ctx,
 				       struct csr_roam_session *session,
 				       struct wlan_objmgr_vdev *vdev,
@@ -12596,6 +12624,9 @@ static void csr_fill_connected_profile(struct mac_context *mac_ctx,
 	if (!bss_desc->beaconInterval)
 		sme_err("ERROR: Beacon interval is ZERO");
 
+	csr_update_beacon_in_connect_rsp(cur_node->entry,
+					 &rsp->connect_rsp.connect_ies);
+
 	if (bss_desc->mdiePresent) {
 		src_cfg.bool_value = true;
 		src_cfg.uint_value =