qcacld-3.0: Fix firmware assertion caused by vdev delete

Currently the SME session is deleted during interface change API and
a new session is not opened until SAP is ready to start. This will
cause crash when scan API is invoked. This fix opens the SME session
after interface type is changed, so that it can be used to scan and
SAP later.

Change-Id: I3c4f8da14dbc70a3102fb1892bb101eb1a90a00d
CRs-fixed: 968572

core/hdd/src/wlan_hdd_assoc.c

@@ -3900,6 +3900,7 @@ hdd_sme_roam_callback(void *pContext, tCsrRoamInfo *pRoamInfo, uint32_t roamId,
 	case eCSR_ROAM_SESSION_OPENED:
 		set_bit(SME_SESSION_OPENED, &pAdapter->event_flags);
 		complete(&pAdapter->session_open_comp_var);
+		hdd_debug("session %d opened", pAdapter->sessionId);
 		break;
 
 	/*

core/hdd/src/wlan_hdd_hostapd.c

@@ -6014,6 +6014,8 @@ QDF_STATUS hdd_init_ap_mode(hdd_adapter_t *pAdapter)
 	v_CONTEXT_t sapContext = NULL;
 #endif
 	int ret;
+	enum tQDF_ADAPTER_MODE mode;
+	uint32_t session_id = CSR_SESSION_ID_INVALID;
 
 	ENTER();
 
@@ -6026,12 +6028,25 @@ QDF_STATUS hdd_init_ap_mode(hdd_adapter_t *pAdapter)
 
 	pAdapter->sessionCtx.ap.sapContext = sapContext;
 
-	status = wlansap_start(sapContext);
+	if (pAdapter->device_mode == WLAN_HDD_P2P_GO) {
+		mode = QDF_P2P_GO_MODE;
+	} else if (pAdapter->device_mode == WLAN_HDD_SOFTAP) {
+		mode = QDF_SAP_MODE;
+	} else {
+		hdd_err("Invalid mode for AP: %d", pAdapter->device_mode);
+		return QDF_STATUS_E_FAULT;
+	}
+
+	status = wlansap_start(sapContext, mode,
+			pAdapter->macAddressCurrent.bytes,
+			&session_id);
 	if (!QDF_IS_STATUS_SUCCESS(status)) {
 		hddLog(LOGE, ("ERROR: wlansap_start failed!!"));
 		wlansap_close(sapContext);
+		pAdapter->sessionCtx.ap.sapContext = NULL;
 		return status;
 	}
+	pAdapter->sessionId = session_id;
 #endif
 
 	/* Allocate the Wireless Extensions state structure */
@@ -6049,6 +6064,7 @@ QDF_STATUS hdd_init_ap_mode(hdd_adapter_t *pAdapter)
 		hddLog(LOGE, ("ERROR: hdd_set_hostapd failed!!"));
 #ifdef WLAN_FEATURE_MBSSID
 		wlansap_close(sapContext);
+		pAdapter->sessionCtx.ap.sapContext = NULL;
 #endif
 		return status;
 	}
@@ -6058,6 +6074,7 @@ QDF_STATUS hdd_init_ap_mode(hdd_adapter_t *pAdapter)
 		hddLog(LOGE, ("ERROR: Hostapd HDD qdf event init failed!!"));
 #ifdef WLAN_FEATURE_MBSSID
 		wlansap_close(sapContext);
+		pAdapter->sessionCtx.ap.sapContext = NULL;
 #endif
 		return qdf_status;
 	}
@@ -6068,6 +6085,7 @@ QDF_STATUS hdd_init_ap_mode(hdd_adapter_t *pAdapter)
 			  ("ERROR: Hostapd HDD stop bss event init failed!!"));
 #ifdef WLAN_FEATURE_MBSSID
 		wlansap_close(sapContext);
+		pAdapter->sessionCtx.ap.sapContext = NULL;
 #endif
 		return qdf_status;
 	}
@@ -6115,6 +6133,7 @@ error_wmm_init:
 	hdd_softap_deinit_tx_rx(pAdapter);
 #ifdef WLAN_FEATURE_MBSSID
 	wlansap_close(sapContext);
+	pAdapter->sessionCtx.ap.sapContext = NULL;
 #endif
 	EXIT();
 	return status;

core/hdd/src/wlan_hdd_main.c

@@ -2805,6 +2805,43 @@ void wlan_hdd_reset_prob_rspies(hdd_adapter_t *pHostapdAdapter)
 	}
 }
 
+/**
+ * hdd_wait_for_sme_close_sesion() - Close and wait for SME session close
+ * @hdd_ctx: HDD context which is already NULL validated
+ * @adapter: HDD adapter which is already NULL validated
+ *
+ * Close the SME session and wait for its completion, if needed.
+ *
+ * Return: None
+ */
+static void hdd_wait_for_sme_close_sesion(hdd_context_t *hdd_ctx,
+					hdd_adapter_t *adapter)
+{
+	unsigned long rc;
+
+	if (!test_bit(SME_SESSION_OPENED, &adapter->event_flags)) {
+		hdd_err("session is not opened:%d", adapter->sessionId);
+		return;
+	}
+
+	INIT_COMPLETION(adapter->session_close_comp_var);
+	if (QDF_STATUS_SUCCESS ==
+			sme_close_session(hdd_ctx->hHal, adapter->sessionId,
+				hdd_sme_close_session_callback,
+				adapter)) {
+		/*
+		 * Block on a completion variable. Can't wait
+		 * forever though.
+		 */
+		rc = wait_for_completion_timeout(
+				&adapter->session_close_comp_var,
+				msecs_to_jiffies
+				(WLAN_WAIT_TIME_SESSIONOPENCLOSE));
+		if (!rc)
+			hdd_err("failure waiting for session_close_comp_var");
+	}
+}
+
 QDF_STATUS hdd_stop_adapter(hdd_context_t *hdd_ctx, hdd_adapter_t *adapter,
 			    const bool bCloseSession)
 {
@@ -2884,29 +2921,8 @@ QDF_STATUS hdd_stop_adapter(hdd_context_t *hdd_ctx, hdd_adapter_t *adapter,
 		 * It is possible that the caller of this function does not
 		 * wish to close the session
 		 */
-		if (true == bCloseSession &&
-		    test_bit(SME_SESSION_OPENED, &adapter->event_flags)) {
-			INIT_COMPLETION(adapter->session_close_comp_var);
-			if (QDF_STATUS_SUCCESS ==
-			    sme_close_session(hdd_ctx->hHal, adapter->sessionId,
-					      hdd_sme_close_session_callback,
-					      adapter)) {
-				/*
-				 * Block on a completion variable. Can't wait
-				 * forever though.
-				 */
-				rc = wait_for_completion_timeout(
-					&adapter->session_close_comp_var,
-					msecs_to_jiffies
-						(WLAN_WAIT_TIME_SESSIONOPENCLOSE));
-				if (!rc) {
-					hddLog(LOGE,
-					       FL(
-						  "failure waiting for session_close_comp_var"
-						 ));
-				}
-			}
-		}
+		if (true == bCloseSession)
+			hdd_wait_for_sme_close_sesion(hdd_ctx, adapter);
 		break;
 
 	case WLAN_HDD_SOFTAP:
@@ -2999,6 +3015,8 @@ QDF_STATUS hdd_stop_adapter(hdd_context_t *hdd_ctx, hdd_adapter_t *adapter,
 			adapter->sessionCtx.ap.beacon = NULL;
 		}
 		mutex_unlock(&hdd_ctx->sap_lock);
+		if (true == bCloseSession)
+			hdd_wait_for_sme_close_sesion(hdd_ctx, adapter);
 		break;
 	case WLAN_HDD_OCB:
 		ol_txrx_clear_peer(WLAN_HDD_GET_STATION_CTX_PTR(adapter)->

core/mac/src/pe/lim/lim_process_mlm_rsp_messages.c

@@ -2039,8 +2039,8 @@ void lim_process_mlm_del_sta_rsp(tpAniSirGlobal mac_ctx,
 	session_entry = pe_find_session_by_session_id(mac_ctx,
 				del_sta_params->sessionId);
 	if (NULL == session_entry) {
-		lim_log(mac_ctx, LOGP,
-			FL("Session Doesn't exist"));
+		lim_log(mac_ctx, LOGP, FL("Session Doesn't exist: %d"),
+			del_sta_params->sessionId);
 		qdf_mem_free(del_sta_params);
 		msg->bodyptr = NULL;
 		return;

core/sap/inc/sap_api.h

@@ -806,11 +806,12 @@ QDF_STATUS wlansap_stop_Wps(void *p_cds_gctx);
 QDF_STATUS wlansap_get_wps_state(void *p_cds_gctx, bool *pbWPSState);
 
 void *wlansap_open(void *p_cds_gctx);
-QDF_STATUS wlansap_start(void *p_cds_gctx);
+QDF_STATUS wlansap_start(void *p_cds_gctx, enum tQDF_ADAPTER_MODE mode,
+			 uint8_t *addr, uint32_t *session_id);
 QDF_STATUS wlansap_stop(void *p_cds_gctx);
 QDF_STATUS wlansap_close(void *p_cds_gctx);
 typedef QDF_STATUS (*tpWLAN_SAPEventCB)(tpSap_Event pSapEvent,
-		void *pUsrContext);
+					void *pUsrContext);
 uint8_t wlansap_get_state(void *p_cds_gctx);
 
 QDF_STATUS wlansap_start_bss(void *p_cds_gctx,

core/sap/src/sap_api_link_cntl.c

@@ -407,15 +407,7 @@ wlansap_pre_start_bss_acs_scan_callback(tHalHandle hal_handle, void *pcontext,
 	sap_ctx->sap_state = eSAP_ACS_CHANNEL_SELECTED;
 	sap_ctx->sap_status = eSAP_STATUS_SUCCESS;
 close_session:
-	status = sme_close_session(hal_handle,
-			sap_ctx->sessionId, sap_hdd_signal_event_handler,
-			sap_ctx);
-	if (QDF_STATUS_SUCCESS != status)
-		QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_ERROR,
-			  FL("CloseSession failed"));
-	else
-		sap_ctx->isScanSessionOpen = eSAP_FALSE;
-	sap_ctx->sessionId = 0xff;
+	sap_hdd_signal_event_handler(sap_ctx);
 	return status;
 }
 
@@ -949,11 +941,10 @@ wlansap_roam_callback(void *ctx, tCsrRoamInfo *csr_roam_info, uint32_t roamId,
 	switch (roam_status) {
 	case eCSR_ROAM_SESSION_OPENED:
 		QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_INFO_HIGH,
-			  FL("Calling sme_roam_connect with eCSR_BSS_TYPE_INFRA_AP"));
+			  FL("Session %d opened successfully"),
+			  sap_ctx->sessionId);
 		sap_ctx->isSapSessionOpen = eSAP_TRUE;
-		qdf_ret_status = sme_roam_connect(hal, sap_ctx->sessionId,
-						  &sap_ctx->csr_roamProfile,
-						  &sap_ctx->csr_roamId);
+		qdf_event_set(&sap_ctx->sap_session_opened_evt);
 		break;
 	case eCSR_ROAM_INFRA_IND:
 		QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_INFO_HIGH,

core/sap/src/sap_fsm.c

@@ -2214,29 +2214,20 @@ QDF_STATUS sap_goto_channel_sel(ptSapContext sap_context,
 	return QDF_STATUS_SUCCESS;
 }
 
-/*==========================================================================
-   FUNCTION    sap_OpenSession
-
-   DESCRIPTION
-    Function for opening SME and SAP sessions when system is in SoftAP role
-
-   DEPENDENCIES
-    NA.
-
-   PARAMETERS
-
-    IN
-    hHal        : Hal handle
-    sapContext  : Sap Context value
-
-   RETURN VALUE
-    The QDF_STATUS code associated with performing the operation
-
-    QDF_STATUS_SUCCESS: Success
+/**
+ * sap_open_session() - Opens a SAP session
+ * @hHal: Hal handle
+ * @sapContext:  Sap Context value
+ * @session_id: Pointer to the session id
+ *
+ * Function for opening SME and SAP sessions when system is in SoftAP role
+ *
+ * Return: QDF_STATUS
+ */
 
-   SIDE EFFECTS
-   ============================================================================*/
-QDF_STATUS sap_open_session(tHalHandle hHal, ptSapContext sapContext)
+#define SAP_OPEN_SESSION_TIMEOUT 500
+QDF_STATUS sap_open_session(tHalHandle hHal, ptSapContext sapContext,
+			    uint32_t *session_id)
 {
 	uint32_t type, subType;
 	QDF_STATUS qdf_ret_status;
@@ -2253,6 +2244,8 @@ QDF_STATUS sap_open_session(tHalHandle hHal, ptSapContext sapContext)
 			  "failed to get vdev type");
 		return QDF_STATUS_E_FAILURE;
 	}
+
+	qdf_event_reset(&sapContext->sap_session_opened_evt);
 	/* Open SME Session for Softap */
 	qdf_ret_status = sme_open_session(hHal,
 					  &wlansap_roam_callback,
@@ -2268,11 +2261,21 @@ QDF_STATUS sap_open_session(tHalHandle hHal, ptSapContext sapContext)
 		return QDF_STATUS_E_FAILURE;
 	}
 
+	status = qdf_wait_single_event(&sapContext->sap_session_opened_evt,
+				       SAP_OPEN_SESSION_TIMEOUT);
+
+	if (!QDF_IS_STATUS_SUCCESS(status)) {
+		cds_err("wait for sap open session event timed out");
+		return QDF_STATUS_E_FAILURE;
+	}
+
 	pMac->sap.sapCtxList[sapContext->sessionId].sessionID =
 		sapContext->sessionId;
 	pMac->sap.sapCtxList[sapContext->sessionId].pSapContext = sapContext;
 	pMac->sap.sapCtxList[sapContext->sessionId].sapPersona =
 		sapContext->csr_roamProfile.csrPersona;
+	*session_id = sapContext->sessionId;
+	sapContext->isSapSessionOpen = eSAP_TRUE;
 	return QDF_STATUS_SUCCESS;
 }
 
@@ -2300,10 +2303,9 @@ QDF_STATUS sap_open_session(tHalHandle hHal, ptSapContext sapContext)
 
    SIDE EFFECTS
    ============================================================================*/
-QDF_STATUS
-sap_goto_starting
-	(ptSapContext sapContext,
-	ptWLAN_SAPEvent sapEvent, eCsrRoamBssType bssType) {
+QDF_STATUS sap_goto_starting(ptSapContext sapContext, ptWLAN_SAPEvent sapEvent,
+			     eCsrRoamBssType bssType)
+{
 	/* tHalHandle */
 	tHalHandle hHal = CDS_GET_HAL_CB(sapContext->p_cds_gctx);
 	QDF_STATUS qdf_ret_status;
@@ -2313,7 +2315,9 @@ sap_goto_starting
 		4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, };
 	sapContext->key_type = 0x05;
 	sapContext->key_length = 32;
-	qdf_mem_copy(sapContext->key_material, key_material, sizeof(key_material));     /* Need a key size define */
+	/* Need a key size define */
+	qdf_mem_copy(sapContext->key_material, key_material,
+		     sizeof(key_material));
 
 	QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_INFO_HIGH, "In %s",
 		  __func__);
@@ -2325,16 +2329,17 @@ sap_goto_starting
 		return QDF_STATUS_E_FAULT;
 	}
 
-	qdf_ret_status = sap_open_session(hHal, sapContext);
+	QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_INFO, "%s: session: %d",
+		  __func__, sapContext->sessionId);
 
-	if (QDF_STATUS_SUCCESS != qdf_ret_status) {
+	qdf_ret_status = sme_roam_connect(hHal, sapContext->sessionId,
+					  &sapContext->csr_roamProfile,
+					  &sapContext->csr_roamId);
+	if (QDF_STATUS_SUCCESS != qdf_ret_status)
 		QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_ERROR,
-			  "Error: In %s calling sap_open_session status = %d",
-			  __func__, qdf_ret_status);
-		return QDF_STATUS_E_FAILURE;
-	}
+			"%s: Failed to issue sme_roam_connect", __func__);
 
-	return QDF_STATUS_SUCCESS;
+	return qdf_ret_status;
 } /* sapGotoStarting */
 
 /*==========================================================================
@@ -2844,6 +2849,7 @@ QDF_STATUS sap_close_session(tHalHandle hHal,
 	sapContext->isCacStartNotified = false;
 	sapContext->isCacEndNotified = false;
 	pMac->sap.sapCtxList[sapContext->sessionId].pSapContext = NULL;
+	sapContext->isSapSessionOpen = false;
 
 	if (NULL == sap_find_valid_concurrent_session(hHal)) {
 		/* If timer is running then stop the timer and destory it */
@@ -3071,36 +3077,41 @@ static QDF_STATUS sap_fsm_state_disconnected(ptSapContext sap_ctx,
 		 * (both without substates)
 		 */
 		QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_INFO_HIGH,
-			  FL("new from state %s => %s"),
-			  "eSAP_DISCONNECTED", "eSAP_CH_SELECT");
+			  FL("new from state %s => %s: session:%d"),
+			  "eSAP_DISCONNECTED", "eSAP_CH_SELECT",
+			  sap_ctx->sessionId);
 
-		/* There can be one SAP Session for softap */
-		if (sap_ctx->isSapSessionOpen == eSAP_TRUE) {
-			QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_FATAL,
-				  FL("SME Session is already opened"));
-			return QDF_STATUS_E_EXISTS;
-		}
-
-		sap_ctx->sessionId = 0xff;
-
-		if ((sap_ctx->channel == AUTO_CHANNEL_SELECT) &&
-		    (sap_ctx->isScanSessionOpen == eSAP_FALSE)) {
+		if (sap_ctx->isSapSessionOpen == eSAP_FALSE) {
 			uint32_t type, subtype;
-			if (QDF_STATUS_SUCCESS == cds_get_vdev_types(
-					QDF_STA_MODE, &type, &subtype)) {
-				/* Open SME Session for scan */
-				qdf_status = sme_open_session(hal, NULL,
-					    sap_ctx, sap_ctx->self_mac_addr,
-					    &sap_ctx->sessionId, type, subtype);
-				if (QDF_STATUS_SUCCESS != qdf_status) {
-					QDF_TRACE(QDF_MODULE_ID_SAP,
-						  QDF_TRACE_LEVEL_ERROR,
-						  FL("Error: calling sme_open_session"));
-				} else {
-					sap_ctx->isScanSessionOpen = eSAP_TRUE;
-				}
+			if (sap_ctx->csr_roamProfile.csrPersona ==
+			    QDF_P2P_GO_MODE)
+				qdf_status = cds_get_vdev_types(QDF_P2P_GO_MODE,
+							&type, &subtype);
+			else
+				qdf_status = cds_get_vdev_types(QDF_SAP_MODE,
+								&type,
+								&subtype);
+
+			if (QDF_STATUS_SUCCESS != qdf_status) {
+				QDF_TRACE(QDF_MODULE_ID_SAP,
+						QDF_TRACE_LEVEL_FATAL,
+						"failed to get vdev type");
+				return QDF_STATUS_E_FAILURE;
+			}
+			/* Open SME Session for scan */
+			qdf_status = sme_open_session(hal, NULL,
+					sap_ctx, sap_ctx->self_mac_addr,
+					&sap_ctx->sessionId, type, subtype);
+			if (QDF_STATUS_SUCCESS != qdf_status) {
+				QDF_TRACE(QDF_MODULE_ID_SAP,
+					 QDF_TRACE_LEVEL_ERROR,
+					 FL("Error: calling sme_open_session"));
+				return QDF_STATUS_E_FAILURE;
 			}
+
+			sap_ctx->isSapSessionOpen = eSAP_TRUE;
 		}
+
 		/* init dfs channel nol */
 		sap_init_dfs_channel_nol_list(sap_ctx);
 
@@ -3179,18 +3190,6 @@ static QDF_STATUS sap_fsm_state_ch_select(ptSapContext sap_ctx,
 	tSapDfsNolInfo *p_nol;
 #endif
 
-	if (sap_ctx->isScanSessionOpen == eSAP_TRUE) {
-		/* scan completed, so close the session */
-		qdf_status = sme_close_session(hal, sap_ctx->sessionId,
-				NULL, NULL);
-		if (QDF_STATUS_SUCCESS != qdf_status)
-			QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_ERROR,
-				FL("CloseSession error event msg %d"), msg);
-		else
-			sap_ctx->isScanSessionOpen = eSAP_FALSE;
-		sap_ctx->sessionId = 0xff;
-	}
-
 	if (msg == eSAP_MAC_SCAN_COMPLETE) {
 		/* get the bonding mode */
 		if (sap_ctx->channel <= 14)

core/sap/src/sap_internal.h

@@ -262,6 +262,8 @@ typedef struct sSapContext {
 	eSapHddEvent sap_state;
 	eSapStatus sap_status;
 	uint32_t roc_ind_scan_id;
+
+	qdf_event_t sap_session_opened_evt;
 } *ptSapContext;
 
 /*----------------------------------------------------------------------------
@@ -417,6 +419,11 @@ void sap_config_acs_result(tHalHandle hal, ptSapContext sap_ctx,
  */
 bool
 sap_check_in_avoid_ch_list(ptSapContext sap_ctx, uint8_t channel);
+QDF_STATUS sap_open_session(tHalHandle hHal, ptSapContext sapContext,
+				uint32_t *session_id);
+QDF_STATUS sap_close_session(tHalHandle hHal,
+			     ptSapContext sapContext,
+			     csr_roamSessionCloseCallback callback, bool valid);
 #ifdef __cplusplus
 }
 #endif

core/sap/src/sap_module.c

@@ -134,6 +134,9 @@ void *wlansap_open(void *p_cds_gctx)
  *        control block can be extracted from its context
  *        When MBSSID feature is enabled, SAP context is directly
  *        passed to SAP APIs
+ * @mode: Device mode
+ * @addr: MAC address of the SAP
+ * @session_id: Pointer to the session id
  *
  * Called as part of the overall start procedure (cds_enable). SAP will
  * use this call to register with TL as the SAP entity for SAP RSN frames.
@@ -143,9 +146,12 @@ void *wlansap_open(void *p_cds_gctx)
  *                             access would cause a page fault.
  *         QDF_STATUS_SUCCESS: Success
  */
-QDF_STATUS wlansap_start(void *pCtx)
+QDF_STATUS wlansap_start(void *pCtx, enum tQDF_ADAPTER_MODE mode,
+			 uint8_t *addr, uint32_t *session_id)
 {
 	ptSapContext pSapCtx = NULL;
+	QDF_STATUS qdf_ret_status;
+	tHalHandle hal;
 
 	/*- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -*/
 
@@ -181,6 +187,9 @@ QDF_STATUS wlansap_start(void *pCtx)
 
 	pSapCtx->csr_roamProfile.BSSIDs.numOfBSSIDs = 1; /* This is true for now. */
 	pSapCtx->csr_roamProfile.BSSIDs.bssid = &pSapCtx->bssid;
+	pSapCtx->csr_roamProfile.csrPersona = mode;
+	qdf_mem_copy(pSapCtx->self_mac_addr, addr, QDF_MAC_ADDR_SIZE);
+	qdf_event_create(&pSapCtx->sap_session_opened_evt);
 
 	/* Now configure the auth type in the roaming profile. To open. */
 	pSapCtx->csr_roamProfile.negotiatedAuthType = eCSR_AUTH_TYPE_OPEN_SYSTEM;        /* open is the default */
@@ -191,6 +200,16 @@ QDF_STATUS wlansap_start(void *pCtx)
 		return QDF_STATUS_E_FAULT;
 	}
 
+	hal = (tHalHandle) CDS_GET_HAL_CB(pSapCtx->p_cds_gctx);
+	qdf_ret_status = sap_open_session(hal, pSapCtx, session_id);
+
+	if (QDF_STATUS_SUCCESS != qdf_ret_status) {
+		QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_ERROR,
+			"Error: In %s calling sap_open_session status = %d",
+			__func__, qdf_ret_status);
+		return QDF_STATUS_E_FAILURE;
+	}
+
 	return QDF_STATUS_SUCCESS;
 }
 
@@ -295,6 +314,8 @@ QDF_STATUS wlansap_close(void *pCtx)
  */
 QDF_STATUS wlansap_clean_cb(ptSapContext pSapCtx, uint32_t freeFlag      /* 0 / *do not empty* /); */
 			    ) {
+	tHalHandle hal;
+
 	/*------------------------------------------------------------------------
 	    Sanity check SAP control block
 	   ------------------------------------------------------------------------*/
@@ -311,6 +332,13 @@ QDF_STATUS wlansap_clean_cb(ptSapContext pSapCtx, uint32_t freeFlag      /* 0 /
 	QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_INFO_HIGH,
 		  "wlansap_clean_cb");
 
+	hal = (tHalHandle) CDS_GET_HAL_CB(pSapCtx->p_cds_gctx);
+	if (eSAP_TRUE == pSapCtx->isSapSessionOpen && hal) {
+		QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_INFO,
+				"close existing SAP session");
+		sap_close_session(hal, pSapCtx, NULL, false);
+	}
+
 	qdf_mem_zero(pSapCtx, sizeof(tSapContext));
 
 	pSapCtx->p_cds_gctx = NULL;
@@ -322,7 +350,6 @@ QDF_STATUS wlansap_clean_cb(ptSapContext pSapCtx, uint32_t freeFlag      /* 0 /
 		  pSapCtx->sapsMachine, pSapCtx);
 	pSapCtx->sessionId = 0;
 	pSapCtx->channel = 0;
-	pSapCtx->isSapSessionOpen = eSAP_FALSE;
 
 	return QDF_STATUS_SUCCESS;
 } /* wlansap_clean_cb */
@@ -3167,116 +3194,66 @@ wlansap_acs_chselect(void *pvos_gctx,
 		return QDF_STATUS_E_FAULT;
 	}
 
-	if (sap_context->isSapSessionOpen == eSAP_TRUE) {
-		QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_FATAL,
-			"%s:SME Session is already opened\n", __func__);
-		return QDF_STATUS_E_EXISTS;
-	}
-
-	sap_context->sessionId = 0xff;
-
 	pmac = PMAC_STRUCT(h_hal);
 	sap_context->acs_cfg = &pconfig->acs_cfg;
 	sap_context->ch_width_orig = pconfig->acs_cfg.ch_width;
 	sap_context->csr_roamProfile.phyMode = pconfig->acs_cfg.hw_mode;
 
-	if (sap_context->isScanSessionOpen == eSAP_FALSE) {
-		uint32_t type, subType;
-
-		/*
-		* Now, configure the scan and ACS channel params
-		* to issue a scan request.
-		*/
-		wlansap_set_scan_acs_channel_params(pconfig, sap_context,
+	/*
+	 * Now, configure the scan and ACS channel params
+	 * to issue a scan request.
+	 */
+	wlansap_set_scan_acs_channel_params(pconfig, sap_context,
 						pusr_context);
 
-		if (QDF_STATUS_SUCCESS ==
-			cds_get_vdev_types(QDF_STA_MODE, &type, &subType)) {
-			/*
-			* Open SME Session for scan
-			*/
-			if (QDF_STATUS_SUCCESS  != sme_open_session(h_hal,
-						NULL, sap_context,
-						sap_context->self_mac_addr,
-						&sap_context->sessionId,
-						type, subType)) {
-				QDF_TRACE(QDF_MODULE_ID_SAP,
-					QDF_TRACE_LEVEL_ERROR,
-					"Error: In %s calling sme_OpenSession",
-					__func__);
-				return QDF_STATUS_E_FAILURE;
-			} else {
-				sap_context->isScanSessionOpen = eSAP_TRUE;
-			}
-		}
-
-		/*
-		* Copy the HDD callback function to report the
-		* ACS result after scan in SAP context callback function.
-		*/
-		sap_context->pfnSapEventCallback = pacs_event_callback;
-		/*
-		* init dfs channel nol
-		*/
-		sap_init_dfs_channel_nol_list(sap_context);
+	/*
+	 * Copy the HDD callback function to report the
+	 * ACS result after scan in SAP context callback function.
+	 */
+	sap_context->pfnSapEventCallback = pacs_event_callback;
+	/*
+	 * init dfs channel nol
+	 */
+	sap_init_dfs_channel_nol_list(sap_context);
 
-		/*
-		* Issue the scan request. This scan request is
-		* issued before the start BSS is done so
-		*
-		* 1. No need to pass the second parameter
-		* as the SAP state machine is not started yet
-		* and there is no need for any event posting.
-		*
-		* 2. Set third parameter to TRUE to indicate the
-		* channel selection function to register a
-		* different scan callback fucntion to process
-		* the results pre start BSS.
-		*/
-		qdf_status = sap_goto_channel_sel(sap_context, NULL, true);
+	/*
+	 * Issue the scan request. This scan request is
+	 * issued before the start BSS is done so
+	 *
+	 * 1. No need to pass the second parameter
+	 * as the SAP state machine is not started yet
+	 * and there is no need for any event posting.
+	 *
+	 * 2. Set third parameter to TRUE to indicate the
+	 * channel selection function to register a
+	 * different scan callback fucntion to process
+	 * the results pre start BSS.
+	 */
+	qdf_status = sap_goto_channel_sel(sap_context, NULL, true);
 
-		if (QDF_STATUS_E_ABORTED == qdf_status) {
-			QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_ERROR,
+	if (QDF_STATUS_E_ABORTED == qdf_status) {
+		QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_ERROR,
 			"In %s,DFS not supported in the current operating mode",
 			__func__);
-			return QDF_STATUS_E_FAILURE;
-		} else if (QDF_STATUS_E_CANCELED == qdf_status) {
-			/*
-			* ERROR is returned when either the SME scan request
-			* failed or ACS is overridden due to other constrainst
-			* So send selected channel to HDD
-			*/
-			QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_ERROR,
-				FL("Scan Req Failed/ACS Overridden"));
-			QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_ERROR,
-				FL("Selected channel = %d"),
-				sap_context->channel);
-			if (sap_context->isScanSessionOpen == eSAP_TRUE) {
-				/* ACS scan not needed so close session */
-				tHalHandle h_hal = CDS_GET_HAL_CB(
-						sap_context->p_cds_gctx);
-				if (h_hal == NULL)
-					return QDF_STATUS_E_FAILURE;
-
-				if (sme_close_session(h_hal,
-					sap_context->sessionId, NULL, NULL) ==
-							 QDF_STATUS_SUCCESS)
-					sap_context->isScanSessionOpen =
-								eSAP_FALSE;
-				else
-					QDF_TRACE(QDF_MODULE_ID_SAP,
-						QDF_TRACE_LEVEL_ERROR,
-						"ACS Scan Session close fail");
-				sap_context->sessionId = 0xff;
-			}
+		return QDF_STATUS_E_FAILURE;
+	} else if (QDF_STATUS_E_CANCELED == qdf_status) {
+		/*
+		* ERROR is returned when either the SME scan request
+		* failed or ACS is overridden due to other constrainst
+		* So send selected channel to HDD
+		*/
+		QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_ERROR,
+			FL("Scan Req Failed/ACS Overridden"));
+		QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_ERROR,
+			FL("Selected channel = %d"),
+			sap_context->channel);
 
-			return sap_signal_hdd_event(sap_context, NULL,
-					eSAP_ACS_CHANNEL_SELECTED,
-					(void *) eSAP_STATUS_SUCCESS);
-		} else if (QDF_STATUS_SUCCESS == qdf_status) {
-			QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_INFO_HIGH,
+		return sap_signal_hdd_event(sap_context, NULL,
+				eSAP_ACS_CHANNEL_SELECTED,
+				(void *) eSAP_STATUS_SUCCESS);
+	} else if (QDF_STATUS_SUCCESS == qdf_status) {
+		QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_INFO_HIGH,
 			FL("Successfully Issued a Pre Start Bss Scan Request"));
-		}
 	}
 	return qdf_status;
 }

core/sme/src/common/sme_api.c

@@ -5640,17 +5640,18 @@ QDF_STATUS sme_open_session(tHalHandle hHal, csr_roam_completeCallback callback,
 	tpAniSirGlobal pMac = PMAC_STRUCT(hHal);
 
 	QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_INFO_HIGH,
-		  "%s: type=%d, subType=%d", __func__, type, subType);
+		  "%s: type=%d, subType=%d addr:%pM",
+		  __func__, type, subType, pSelfMacAddr);
 
 	if (NULL == pbSessionId) {
 		status = QDF_STATUS_E_INVAL;
 	} else {
 		status = sme_acquire_global_lock(&pMac->sme);
 		if (QDF_IS_STATUS_SUCCESS(status)) {
-			status =
-				csr_roam_open_session(pMac, callback, pContext,
-						      pSelfMacAddr, pbSessionId, type,
-						      subType);
+			status = csr_roam_open_session(pMac, callback, pContext,
+						       pSelfMacAddr,
+						       pbSessionId, type,
+						       subType);
 
 			sme_release_global_lock(&pMac->sme);
 		}

core/sme/src/csr/csr_api_roam.c

@@ -14812,6 +14812,8 @@ QDF_STATUS csr_roam_open_session(tpAniSirGlobal pMac,
 	*pbSessionId = CSR_SESSION_ID_INVALID;
 
 	for (i = 0; i < pMac->sme.max_intf_count; i++) {
+		sms_log(pMac, LOG1, FL("session:%d active:%d"), i,
+			pMac->roam.roamSession[i].sessionActive);
 		if (!CSR_IS_SESSION_VALID(pMac, i)) {
 			pSession = CSR_GET_SESSION(pMac, i);
 			if (!pSession) {

core/wma/src/wma_dev_if.c

@@ -2663,7 +2663,9 @@ static void wma_add_bss_ap_mode(tp_wma_handle wma, tpAddBssParams add_bss)
 
 	vdev = wma_find_vdev_by_addr(wma, add_bss->bssId, &vdev_id);
 	if (!vdev) {
-		WMA_LOGE("%s: Failed to get vdev handle", __func__);
+		WMA_LOGE("%s: Failed to get vdev handle:"MAC_ADDRESS_STR,
+			__func__, MAC_ADDR_ARRAY(add_bss->bssId));
+
 		goto send_fail_resp;
 	}
 	if (SAP_WPS_DISABLED == add_bss->wps_state)