qcacld-3.0: Change sme_open_session to take a session Id

Currently, vdev_id and session_id are assumed to be the same, but are
generated in two separate code paths. Unsurprisingly, this leads to a
whole host of desync issues. Instead, modify sme_open_session to take
a session_id, which will be populated with an objmgr vdev_id. This means
vdev_id and session_id can no longer desync, as there is only a single
source for both.

Change-Id: I104aba29beb3c19d0ef2ff23380e3d005e01ced0
CRs-Fixed: 2022136

core/hdd/inc/wlan_hdd_main.h

@@ -1733,6 +1733,11 @@ hdd_adapter_t *hdd_get_adapter_by_vdev(hdd_context_t *pHddCtx,
 				       uint32_t vdev_id);
 hdd_adapter_t *hdd_get_adapter_by_macaddr(hdd_context_t *pHddCtx,
 					  tSirMacAddr macAddr);
+
+int hdd_vdev_create(hdd_adapter_t *adapter);
+int hdd_vdev_destroy(hdd_adapter_t *adapter);
+int hdd_vdev_ready(hdd_adapter_t *adapter);
+
 QDF_STATUS hdd_init_station_mode(hdd_adapter_t *pAdapter);
 hdd_adapter_t *hdd_get_adapter(hdd_context_t *pHddCtx,
 			enum tQDF_ADAPTER_MODE mode);

core/hdd/src/wlan_hdd_hostapd.c

@@ -5863,7 +5863,6 @@ QDF_STATUS hdd_init_ap_mode(hdd_adapter_t *pAdapter, bool reinit)
 	v_CONTEXT_t sapContext = NULL;
 	int ret;
 	enum tQDF_ADAPTER_MODE mode;
-	uint32_t session_id = CSR_SESSION_ID_INVALID;
 	enum dfs_mode acs_dfs_mode;
 
 	ENTER();
@@ -5896,19 +5895,37 @@ QDF_STATUS hdd_init_ap_mode(hdd_adapter_t *pAdapter, bool reinit)
 		return QDF_STATUS_E_FAULT;
 	}
 
+	/*
+	 * This is a special case of hdd_vdev_create(). In phase 4 convergence,
+	 * this special case will be properly addressed.
+	 */
+	ret = hdd_create_and_store_vdev(pHddCtx->hdd_pdev, pAdapter);
+	if (ret) {
+		hdd_err("failed to create objmgr vdev: %d", ret);
+		return QDF_STATUS_E_FAILURE;
+	}
+
 	status = wlansap_start(sapContext, mode,
-			pAdapter->macAddressCurrent.bytes,
-			&session_id);
-	if (!QDF_IS_STATUS_SUCCESS(status)) {
-		hdd_err("ERROR: wlansap_start failed!!");
+			       pAdapter->macAddressCurrent.bytes,
+			       pAdapter->sessionId);
+	if (QDF_IS_STATUS_ERROR(status)) {
+		hdd_err("failed to open sem sap session: %d", status);
 		pAdapter->sessionCtx.ap.sapContext = NULL;
+
+		/*
+		 * In this case, we need to cleanup in the same order as create.
+		 * See hdd_vdev_create() for more details.
+		 */
+		QDF_BUG(!hdd_release_and_destroy_vdev(pAdapter));
+
 		return status;
 	}
-	pAdapter->sessionId = session_id;
 
-	ret = hdd_create_and_store_vdev(pHddCtx->hdd_pdev, pAdapter);
-	if (ret)
-		goto error_vdev_create;
+	ret = hdd_vdev_ready(pAdapter);
+	if (ret) {
+		hdd_err("failed to raise vdev ready event: %d", ret);
+		goto error_init_ap_mode;
+	}
 
 	/* Allocate the Wireless Extensions state structure */
 	phostapdBuf = WLAN_HDD_GET_HOSTAP_STATE_PTR(pAdapter);
@@ -5985,17 +6002,18 @@ QDF_STATUS hdd_init_ap_mode(hdd_adapter_t *pAdapter, bool reinit)
 			     sizeof(struct sap_acs_cfg));
 	}
 
+	EXIT();
+
 	return status;
 
 error_wmm_init:
 	hdd_softap_deinit_tx_rx(pAdapter);
+
 error_init_ap_mode:
-	ret = hdd_release_and_destroy_vdev(pAdapter);
-	if (ret)
-		hdd_err("vdev delete failed");
-error_vdev_create:
+	QDF_BUG(!hdd_release_and_destroy_vdev(pAdapter));
 	wlansap_close(sapContext);
 	pAdapter->sessionCtx.ap.sapContext = NULL;
+
 	EXIT();
 	return status;
 }

core/hdd/src/wlan_hdd_main.c

@@ -2841,7 +2841,6 @@ QDF_STATUS hdd_sme_close_session_callback(void *pContext)
 /**
  * hdd_check_and_init_tdls() - check and init TDLS operation for desired mode
  * @adapter: pointer to device adapter
- * @type: type of interface
  *
  * This routine will check the mode of adapter and if it is required then it
  * will initialize the TDLS operations
@@ -2849,78 +2848,183 @@ QDF_STATUS hdd_sme_close_session_callback(void *pContext)
  * Return: QDF_STATUS
  */
 #ifdef FEATURE_WLAN_TDLS
-static QDF_STATUS hdd_check_and_init_tdls(hdd_adapter_t *adapter, uint32_t type)
+static QDF_STATUS hdd_check_and_init_tdls(hdd_adapter_t *adapter)
 {
-	if (QDF_IBSS_MODE != type) {
-		if (0 != wlan_hdd_tdls_init(adapter)) {
-			hdd_err("wlan_hdd_tdls_init failed");
-			return QDF_STATUS_E_FAILURE;
-		}
-		set_bit(TDLS_INIT_DONE, &adapter->event_flags);
+	if (adapter->device_mode == QDF_IBSS_MODE)
+		return QDF_STATUS_SUCCESS;
+
+	if (wlan_hdd_tdls_init(adapter)) {
+		hdd_err("wlan_hdd_tdls_init failed");
+		return QDF_STATUS_E_FAILURE;
 	}
+	set_bit(TDLS_INIT_DONE, &adapter->event_flags);
+
 	return QDF_STATUS_SUCCESS;
 }
 #else
-static QDF_STATUS hdd_check_and_init_tdls(hdd_adapter_t *adapter, uint32_t type)
+static QDF_STATUS hdd_check_and_init_tdls(hdd_adapter_t *adapter)
 {
 	return QDF_STATUS_SUCCESS;
 }
 #endif
 
-QDF_STATUS hdd_init_station_mode(hdd_adapter_t *adapter)
+int hdd_vdev_ready(hdd_adapter_t *adapter)
 {
-	struct net_device *pWlanDev = adapter->dev;
-	hdd_station_ctx_t *pHddStaCtx = &adapter->sessionCtx.station;
-	hdd_context_t *hdd_ctx = WLAN_HDD_GET_CTX(adapter);
-	QDF_STATUS qdf_ret_status = QDF_STATUS_SUCCESS;
-	QDF_STATUS status = QDF_STATUS_E_FAILURE;
-	uint32_t type, subType;
+	QDF_STATUS status;
+
+	status = pmo_vdev_ready(adapter->hdd_vdev);
+
+	return qdf_status_to_os_return(status);
+}
+
+int hdd_vdev_destroy(hdd_adapter_t *adapter)
+{
+	QDF_STATUS status;
+	int errno;
+	hdd_context_t *hdd_ctx;
 	unsigned long rc;
-	int ret_val;
 
-	INIT_COMPLETION(adapter->session_open_comp_var);
-	sme_set_curr_device_mode(hdd_ctx->hHal, adapter->device_mode);
-	sme_set_pdev_ht_vht_ies(hdd_ctx->hHal, hdd_ctx->config->enable2x2);
-	status = cds_get_vdev_types(adapter->device_mode, &type, &subType);
+	hdd_info("destroying vdev %d", adapter->sessionId);
+
+	/* vdev created sanity check */
+	if (!test_bit(SME_SESSION_OPENED, &adapter->event_flags)) {
+		hdd_err("vdev for Id %d does not exist", adapter->sessionId);
+		return -EINVAL;
+	}
+
+	/* do vdev create via objmgr */
+	errno = hdd_release_and_destroy_vdev(adapter);
+	if (errno) {
+		hdd_err("failed to destroy objmgr vdev: %d", errno);
+		return errno;
+	}
+
+	/* close sme session (destroy vdev in firmware via legacy API) */
+	INIT_COMPLETION(adapter->session_close_comp_var);
+	hdd_ctx = WLAN_HDD_GET_CTX(adapter);
+	status = sme_close_session(hdd_ctx->hHal, adapter->sessionId,
+				   hdd_sme_close_session_callback, adapter);
+	if (QDF_IS_STATUS_ERROR(status)) {
+		hdd_err("failed to close sme session: %d", status);
+		return qdf_status_to_os_return(status);
+	}
+
+	/* block on a completion variable until sme session is closed */
+	rc = wait_for_completion_timeout(
+		&adapter->session_close_comp_var,
+		msecs_to_jiffies(WLAN_WAIT_TIME_SESSIONOPENCLOSE));
+	if (!rc) {
+		hdd_err("timed out waiting for close sme session: %ld", rc);
+		if (adapter->device_mode == QDF_NDI_MODE)
+			hdd_ndp_session_end_handler(adapter);
+		clear_bit(SME_SESSION_OPENED, &adapter->event_flags);
+		return -ETIMEDOUT;
+	}
+
+	hdd_info("vdev destroyed successfully");
+
+	return 0;
+}
+
+int hdd_vdev_create(hdd_adapter_t *adapter)
+{
+	QDF_STATUS status;
+	int errno;
+	hdd_context_t *hdd_ctx;
+	uint32_t type;
+	uint32_t sub_type;
+	unsigned long rc;
+
+	hdd_info("creating new vdev");
+
+	/* determine vdev (sub)type */
+	status = cds_get_vdev_types(adapter->device_mode, &type, &sub_type);
 	if (QDF_STATUS_SUCCESS != status) {
-		hdd_err("failed to get vdev type");
-		goto error_sme_open;
-	}
-	/* Open a SME session for future operation */
-	qdf_ret_status =
-		sme_open_session(hdd_ctx->hHal, hdd_sme_roam_callback, adapter,
-				 (uint8_t *) &adapter->macAddressCurrent,
-				 &adapter->sessionId, type, subType);
-	if (!QDF_IS_STATUS_SUCCESS(qdf_ret_status)) {
-		hdd_alert("sme_open_session() failed, status code %08d [x%08x]",
-		       qdf_ret_status, qdf_ret_status);
-		status = QDF_STATUS_E_FAILURE;
-		goto error_sme_open;
+		hdd_err("failed to get vdev type: %d", status);
+		return qdf_status_to_os_return(status);
+	}
+
+	/* do vdev create via objmgr */
+	hdd_ctx = WLAN_HDD_GET_CTX(adapter);
+	errno = hdd_create_and_store_vdev(hdd_ctx->hdd_pdev, adapter);
+	if (errno) {
+		hdd_err("failed to create objmgr vdev: %d", errno);
+		return errno;
+	}
+
+	/* Open a SME session (prepare vdev in firmware via legacy API) */
+	INIT_COMPLETION(adapter->session_open_comp_var);
+	status = sme_open_session(hdd_ctx->hHal, hdd_sme_roam_callback, adapter,
+				  (uint8_t *)&adapter->macAddressCurrent,
+				  adapter->sessionId, type, sub_type);
+	if (QDF_IS_STATUS_ERROR(status)) {
+		hdd_err("failed to open sme session: %d", status);
+		errno = qdf_status_to_os_return(status);
+		goto objmgr_vdev_destroy;
 	}
-	/* Block on a completion variable. Can't wait forever though. */
+
+	/* block on a completion variable until sme session is opened */
 	rc = wait_for_completion_timeout(
 		&adapter->session_open_comp_var,
 		msecs_to_jiffies(WLAN_WAIT_TIME_SESSIONOPENCLOSE));
 	if (!rc) {
-		hdd_alert("Session is not opened within timeout period code %ld",
-			rc);
-		adapter->sessionId = HDD_SESSION_ID_INVALID;
-		return QDF_STATUS_E_FAILURE;
+		hdd_err("timed out waiting for open sme session: %ld", rc);
+		errno = -ETIMEDOUT;
+		goto objmgr_vdev_destroy;
 	}
 
-	ret_val = hdd_create_and_store_vdev(hdd_ctx->hdd_pdev, adapter);
-	if (ret_val)
-		goto error_vdev_create;
+	/* firmware ready for component communication, raise vdev_ready event */
+	errno = hdd_vdev_ready(adapter);
+	if (errno) {
+		hdd_err("failed to dispatch vdev ready event: %d", errno);
+		goto hdd_vdev_destroy;
+	}
+
+	hdd_info("vdev %d created successfully", adapter->sessionId);
 
+	return 0;
+
+	/*
+	 * Due to legacy constraints, we need to destroy in the same order as
+	 * create. So, split error handling into 2 cases to accommodate.
+	 */
+
+objmgr_vdev_destroy:
+	QDF_BUG(!hdd_release_and_destroy_vdev(adapter));
+
+	return errno;
+
+hdd_vdev_destroy:
+	QDF_BUG(!hdd_vdev_destroy(adapter));
+
+	return errno;
+}
+
+QDF_STATUS hdd_init_station_mode(hdd_adapter_t *adapter)
+{
+	hdd_station_ctx_t *pHddStaCtx = &adapter->sessionCtx.station;
+	hdd_context_t *hdd_ctx;
+	QDF_STATUS status;
+	int ret_val;
+
+	ret_val = hdd_vdev_create(adapter);
+	if (ret_val) {
+		hdd_err("failed to create vdev: %d", ret_val);
+		return QDF_STATUS_E_FAILURE;
+	}
+
+	hdd_ctx = WLAN_HDD_GET_CTX(adapter);
+	sme_set_curr_device_mode(hdd_ctx->hHal, adapter->device_mode);
+	sme_set_pdev_ht_vht_ies(hdd_ctx->hHal, hdd_ctx->config->enable2x2);
 	sme_set_vdev_ies_per_band(hdd_ctx->hHal, adapter->sessionId);
+
 	/* Register wireless extensions */
-	qdf_ret_status = hdd_register_wext(pWlanDev);
-	if (QDF_STATUS_SUCCESS != qdf_ret_status) {
-		hdd_alert("hdd_register_wext() failed, status code %08d [x%08x]",
-		       qdf_ret_status, qdf_ret_status);
-		status = QDF_STATUS_E_FAILURE;
+	status = hdd_register_wext(adapter->dev);
+	if (QDF_IS_STATUS_ERROR(status)) {
+		hdd_err("failed to register wireless extensions: %d", status);
 		goto error_register_wext;
 	}
+
 	/* Set the Connection State to Not Connected */
 	hdd_notice("Set HDD connState to eConnectionState_NotConnected");
 	pHddStaCtx->conn_info.connState = eConnectionState_NotConnected;
@@ -2957,12 +3061,10 @@ QDF_STATUS hdd_init_station_mode(hdd_adapter_t *adapter)
 				      WMI_PDEV_PARAM_BURST_ENABLE,
 				      hdd_ctx->config->enableSifsBurst,
 				      PDEV_CMD);
+	if (ret_val)
+		hdd_err("WMI_PDEV_PARAM_BURST_ENABLE set failed %d", ret_val);
 
-	if (0 != ret_val) {
-		hdd_err("WMI_PDEV_PARAM_BURST_ENABLE set failed %d",
-		       ret_val);
-	}
-	status = hdd_check_and_init_tdls(adapter, type);
+	status = hdd_check_and_init_tdls(adapter);
 	if (status != QDF_STATUS_SUCCESS)
 		goto error_tdls_init;
 
@@ -2981,34 +3083,10 @@ error_wmm_init:
 	clear_bit(INIT_TX_RX_SUCCESS, &adapter->event_flags);
 	hdd_deinit_tx_rx(adapter);
 error_init_txrx:
-	hdd_unregister_wext(pWlanDev);
+	hdd_unregister_wext(adapter->dev);
 error_register_wext:
-	ret_val = hdd_release_and_destroy_vdev(adapter);
-	if (ret_val)
-		hdd_err("vdev delete failed");
-error_vdev_create:
-	if (test_bit(SME_SESSION_OPENED, &adapter->event_flags)) {
-		INIT_COMPLETION(adapter->session_close_comp_var);
-		if (QDF_STATUS_SUCCESS == sme_close_session(hdd_ctx->hHal,
-							    adapter->sessionId,
-							    hdd_sme_close_session_callback,
-							    adapter)) {
-			unsigned long rc;
+	QDF_BUG(!hdd_vdev_destroy(adapter));
 
-			/*
-			 * Block on a completion variable.
-			 * Can't wait forever though.
-			 */
-			rc = wait_for_completion_timeout(
-				&adapter->session_close_comp_var,
-				msecs_to_jiffies
-					(WLAN_WAIT_TIME_SESSIONOPENCLOSE));
-			if (rc <= 0)
-				hdd_err("Session is not opened within timeout period code %ld",
-				       rc);
-		}
-	}
-error_sme_open:
 	return status;
 }
 

core/hdd/src/wlan_hdd_nan_datapath.c

@@ -1955,44 +1955,16 @@ int hdd_init_nan_data_mode(struct hdd_adapter_s *adapter)
 	struct nan_datapath_ctx *ndp_ctx = WLAN_HDD_GET_NDP_CTX_PTR(adapter);
 	hdd_context_t *hdd_ctx = WLAN_HDD_GET_CTX(adapter);
 	QDF_STATUS status;
-	uint32_t type, sub_type;
 	int32_t ret_val = 0;
-	unsigned long rc;
-	uint32_t timeout = WLAN_WAIT_TIME_SESSIONOPENCLOSE;
 
-	INIT_COMPLETION(adapter->session_open_comp_var);
 	sme_set_curr_device_mode(hdd_ctx->hHal, adapter->device_mode);
-	status = cds_get_vdev_types(adapter->device_mode, &type, &sub_type);
-	if (QDF_STATUS_SUCCESS != status) {
-		hdd_err("failed to get vdev type");
-		goto error_sme_open;
-	}
-
-	/* open sme session for future use */
-	status = sme_open_session(hdd_ctx->hHal, hdd_sme_roam_callback,
-			adapter, (uint8_t *)&adapter->macAddressCurrent,
-			&adapter->sessionId, type, sub_type);
-	if (QDF_STATUS_SUCCESS != status) {
-		hdd_err("sme_open_session() failed with status code %d",
-			status);
-		ret_val = -EAGAIN;
-		goto error_sme_open;
-	}
 
-	/* Block on a completion variable. Can't wait forever though */
-	rc = wait_for_completion_timeout(
-			&adapter->session_open_comp_var,
-			msecs_to_jiffies(timeout));
-	if (!rc) {
-		hdd_err("Failed to open session, timeout code: %ld", rc);
-		ret_val = -ETIMEDOUT;
-		goto error_sme_open;
+	ret_val = hdd_vdev_create(adapter);
+	if (ret_val) {
+		hdd_err("failed to create vdev: %d", ret_val);
+		return ret_val;
 	}
 
-	ret_val = hdd_create_and_store_vdev(hdd_ctx->hdd_pdev, adapter);
-	if (ret_val)
-		goto error_vdev_create;
-
 	/* Register wireless extensions */
 	ret_val = hdd_register_wext(wlan_dev);
 	if (0 > ret_val) {
@@ -2039,27 +2011,7 @@ error_init_txrx:
 	hdd_unregister_wext(wlan_dev);
 
 error_register_wext:
-	status = hdd_release_and_destroy_vdev(adapter);
-	if (QDF_IS_STATUS_ERROR(status))
-		hdd_err("vdev delete failed");
-error_vdev_create:
-	if (test_bit(SME_SESSION_OPENED, &adapter->event_flags)) {
-		INIT_COMPLETION(adapter->session_close_comp_var);
-		if (QDF_STATUS_SUCCESS ==
-				sme_close_session(hdd_ctx->hHal,
-					adapter->sessionId,
-					hdd_sme_close_session_callback,
-					adapter)) {
-			rc = wait_for_completion_timeout(
-					&adapter->session_close_comp_var,
-					msecs_to_jiffies(timeout));
-			if (rc <= 0) {
-				hdd_err("Session close failed status %ld", rc);
-				ret_val = -ETIMEDOUT;
-			}
-		}
-	}
+	QDF_BUG(!hdd_vdev_destroy(adapter));
 
-error_sme_open:
 	return ret_val;
 }

core/hdd/src/wlan_hdd_object_manager.c

@@ -141,7 +141,6 @@ int hdd_create_and_store_vdev(struct wlan_objmgr_pdev *pdev,
 	struct wlan_objmgr_peer *peer;
 	struct vdev_osif_priv *osif_priv;
 	struct wlan_vdev_create_params vdev_params;
-	uint8_t vdev_id;
 
 	vdev_params.opmode = adapter->device_mode;
 	qdf_mem_copy(vdev_params.macaddr, adapter->macAddressCurrent.bytes,
@@ -166,17 +165,6 @@ int hdd_create_and_store_vdev(struct wlan_objmgr_pdev *pdev,
 		return -ENOMEM;
 	}
 
-	vdev_id = wlan_vdev_get_id(vdev);
-	if (vdev_id != adapter->sessionId) {
-		hdd_context_t *hdd_ctx = WLAN_HDD_GET_CTX(adapter);
-		hdd_err("session id (%d) and vdev id (%d) mismatch\n"
-			"likely, a component leaked a vdev reference",
-			adapter->sessionId, vdev_id);
-		wlan_objmgr_print_ref_all_objects_per_psoc(hdd_ctx->hdd_psoc);
-		QDF_BUG(0);
-		return -EINVAL;
-	}
-
 	peer = wlan_objmgr_peer_obj_create(vdev, WLAN_PEER_SELF,
 					vdev_params.macaddr);
 	if (!peer) {
@@ -187,26 +175,28 @@ int hdd_create_and_store_vdev(struct wlan_objmgr_pdev *pdev,
 	}
 
 	adapter->hdd_vdev = vdev;
+	adapter->sessionId = wlan_vdev_get_id(vdev);
 
 	return 0;
 }
 
 int hdd_release_and_destroy_vdev(hdd_adapter_t *adapter)
 {
-	struct wlan_objmgr_vdev *vdev = adapter->hdd_vdev;
+	struct wlan_objmgr_vdev *vdev;
 	struct vdev_osif_priv *osif_priv;
 
-	adapter->hdd_vdev = NULL;
+	vdev = adapter->hdd_vdev;
 	if (!vdev)
-		return -EFAULT;
+		return -EINVAL;
 
 	osif_priv = wlan_vdev_get_ospriv(vdev);
 	vdev->vdev_nif.osdev = NULL;
 	qdf_mem_free(osif_priv);
 
-	if (hdd_remove_peer_object(vdev,
-			wlan_vdev_mlme_get_macaddr(vdev))) {
-		hdd_err("Self peer delete fails");
+	adapter->hdd_vdev = NULL;
+	adapter->sessionId = HDD_SESSION_ID_INVALID;
+	if (hdd_remove_peer_object(vdev, wlan_vdev_mlme_get_macaddr(vdev))) {
+		hdd_err("Self peer delete failed");
 		return -EINVAL;
 	}
 

core/hdd/src/wlan_hdd_object_manager.h

@@ -111,9 +111,7 @@ int hdd_release_and_destroy_pdev(hdd_context_t *hdd_ctx);
  * @adapter: hdd adapter
  *
  * This API creates the vdev object and store the vdev reference to the
- * given @adapter. Also, creates a self peer for the vdev. If the adapter
- * session id and vdev id of the new vdev object doesnot match, destroys the
- * created vdev object and returns failure
+ * given @adapter. Also, creates a self peer for the vdev.
  *
  * Return: 0 for success, negative error code for failure
  */

core/sap/inc/sap_api.h

@@ -873,7 +873,7 @@ void *wlansap_open(void *p_cds_gctx);
 QDF_STATUS wlansap_global_init(void);
 QDF_STATUS wlansap_global_deinit(void);
 QDF_STATUS wlansap_start(void *p_cds_gctx, enum tQDF_ADAPTER_MODE mode,
-			 uint8_t *addr, uint32_t *session_id);
+			 uint8_t *addr, uint32_t session_id);
 QDF_STATUS wlansap_stop(void *p_cds_gctx);
 QDF_STATUS wlansap_close(void *p_cds_gctx);
 typedef QDF_STATUS (*tpWLAN_SAPEventCB)(tpSap_Event pSapEvent,

core/sap/src/sap_fsm.c

@@ -2536,7 +2536,7 @@ QDF_STATUS sap_goto_channel_sel(ptSapContext sap_context,
  * Return: QDF_STATUS
  */
 QDF_STATUS sap_open_session(tHalHandle hHal, ptSapContext sapContext,
-			    uint32_t *session_id)
+			    uint32_t session_id)
 {
 	uint32_t type, subType;
 	QDF_STATUS qdf_ret_status;
@@ -2560,7 +2560,7 @@ QDF_STATUS sap_open_session(tHalHandle hHal, ptSapContext sapContext,
 					  &wlansap_roam_callback,
 					  sapContext,
 					  sapContext->self_mac_addr,
-					  &sapContext->sessionId, type, subType);
+					  session_id, type, subType);
 
 	if (QDF_STATUS_SUCCESS != qdf_ret_status) {
 		QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_ERROR,
@@ -2570,6 +2570,7 @@ QDF_STATUS sap_open_session(tHalHandle hHal, ptSapContext sapContext,
 		return QDF_STATUS_E_FAILURE;
 	}
 
+	sapContext->sessionId = session_id;
 	status = qdf_wait_single_event(&sapContext->sap_session_opened_evt,
 					SME_CMD_TIMEOUT_VALUE);
 
@@ -2584,7 +2585,6 @@ QDF_STATUS sap_open_session(tHalHandle hHal, ptSapContext sapContext,
 	pMac->sap.sapCtxList[sapContext->sessionId].pSapContext = sapContext;
 	pMac->sap.sapCtxList[sapContext->sessionId].sapPersona =
 		sapContext->csr_roamProfile.csrPersona;
-	*session_id = sapContext->sessionId;
 	sapContext->isSapSessionOpen = eSAP_TRUE;
 	sapContext->is_pre_cac_on = false;
 	sapContext->pre_cac_complete = false;
@@ -3604,10 +3604,12 @@ static QDF_STATUS sap_fsm_state_disconnected(ptSapContext sap_ctx,
 						"failed to get vdev type");
 				return QDF_STATUS_E_FAILURE;
 			}
+
+			/* recycle old session Id */
 			qdf_status = sme_open_session(hal,
 					&wlansap_roam_callback,
 					sap_ctx, sap_ctx->self_mac_addr,
-					&sap_ctx->sessionId, type, subtype);
+					sap_ctx->sessionId, type, subtype);
 			if (QDF_STATUS_SUCCESS != qdf_status) {
 				QDF_TRACE(QDF_MODULE_ID_SAP,
 					 QDF_TRACE_LEVEL_ERROR,

core/sap/src/sap_internal.h

@@ -435,7 +435,7 @@ void sap_config_acs_result(tHalHandle hal, ptSapContext sap_ctx,
 bool
 sap_check_in_avoid_ch_list(ptSapContext sap_ctx, uint8_t channel);
 QDF_STATUS sap_open_session(tHalHandle hHal, ptSapContext sapContext,
-				uint32_t *session_id);
+				uint32_t session_id);
 QDF_STATUS sap_close_session(tHalHandle hHal,
 			     ptSapContext sapContext,
 			     csr_roamSessionCloseCallback callback, bool valid);

core/sap/src/sap_module.c

@@ -310,7 +310,7 @@ void *wlansap_open(void *p_cds_gctx)
  *         QDF_STATUS_SUCCESS: Success
  */
 QDF_STATUS wlansap_start(void *pCtx, enum tQDF_ADAPTER_MODE mode,
-			 uint8_t *addr, uint32_t *session_id)
+			 uint8_t *addr, uint32_t session_id)
 {
 	ptSapContext pSapCtx = NULL;
 	QDF_STATUS qdf_ret_status;

core/sme/inc/sme_api.h

@@ -213,7 +213,7 @@ QDF_STATUS sme_start(tHalHandle hHal);
 QDF_STATUS sme_stop(tHalHandle hHal, tHalStopType stopType);
 QDF_STATUS sme_open_session(tHalHandle hHal, csr_roam_completeCallback callback,
 		void *pContext, uint8_t *pSelfMacAddr,
-		uint8_t *pbSessionId, uint32_t type,
+		uint8_t session_id, uint32_t type,
 		uint32_t subType);
 void sme_set_curr_device_mode(tHalHandle hHal,
 		enum tQDF_ADAPTER_MODE currDeviceMode);

core/sme/src/common/sme_api.c

@@ -5766,19 +5766,17 @@ QDF_STATUS sme_oem_data_req(tHalHandle hal, struct oem_data_req *hdd_oem_req)
    \param pContext - The context passed with callback
    \param pSelfMacAddr - Caller allocated memory filled with self MAC address
 			 (6 bytes)
-   \param pbSessionId - pointer to a caller allocated buffer for returned session ID
+   \param session_id - the Id to use for the newly opened session
 
    \return QDF_STATUS_SUCCESS - session is opened. sessionId returned.
 
 		Other status means SME is failed to open the session.
-		QDF_STATUS_E_RESOURCES - no more session available.
    \sa
 
    --------------------------------------------------------------------------*/
 QDF_STATUS sme_open_session(tHalHandle hHal, csr_roam_completeCallback callback,
-			    void *pContext,
-			    uint8_t *pSelfMacAddr, uint8_t *pbSessionId,
-			    uint32_t type, uint32_t subType)
+			    void *pContext, uint8_t *pSelfMacAddr,
+			    uint8_t session_id, uint32_t type, uint32_t subType)
 {
 	QDF_STATUS status;
 	tpAniSirGlobal pMac = PMAC_STRUCT(hHal);
@@ -5787,23 +5785,16 @@ QDF_STATUS sme_open_session(tHalHandle hHal, csr_roam_completeCallback callback,
 		  "%s: type=%d, subType=%d addr:%pM",
 		  __func__, type, subType, pSelfMacAddr);
 
-	if (NULL == pbSessionId) {
-		status = QDF_STATUS_E_INVAL;
-	} else {
-		status = sme_acquire_global_lock(&pMac->sme);
-		if (QDF_IS_STATUS_SUCCESS(status)) {
-			status = csr_roam_open_session(pMac, callback, pContext,
-						       pSelfMacAddr,
-						       pbSessionId, type,
-						       subType);
+	status = sme_acquire_global_lock(&pMac->sme);
+	if (QDF_IS_STATUS_ERROR(status))
+		return status;
 
-			sme_release_global_lock(&pMac->sme);
-		}
-	}
-	if (NULL != pbSessionId)
-		MTRACE(qdf_trace(QDF_MODULE_ID_SME,
-				 TRACE_CODE_SME_RX_HDD_OPEN_SESSION,
-				 *pbSessionId, 0));
+	status = csr_roam_open_session(pMac, callback, pContext, pSelfMacAddr,
+				       session_id, type, subType);
+	sme_release_global_lock(&pMac->sme);
+
+	MTRACE(qdf_trace(QDF_MODULE_ID_SME, TRACE_CODE_SME_RX_HDD_OPEN_SESSION,
+			 session_id, 0));
 
 	return status;
 }

core/sme/src/csr/csr_api_roam.c

@@ -15669,9 +15669,8 @@ QDF_STATUS csr_issue_add_sta_for_session_req(tpAniSirGlobal pMac,
 	add_sta_self_req = qdf_mem_malloc(sizeof(struct add_sta_self_params));
 	if (NULL == add_sta_self_req) {
 		sms_log(pMac, LOGP,
-			FL
-			("Unable to allocate memory for tAddSelfStaParams"));
-		return status;
+			FL("Unable to allocate memory for tAddSelfStaParams"));
+		return QDF_STATUS_E_NOMEM;
 	}
 
 	csr_get_vdev_type_nss(pMac, pMac->sme.currDeviceMode,
@@ -15713,218 +15712,182 @@ QDF_STATUS csr_issue_add_sta_for_session_req(tpAniSirGlobal pMac,
 QDF_STATUS csr_roam_open_session(tpAniSirGlobal mac_ctx,
 				 csr_roam_completeCallback callback,
 				 void *pContext,
-				 uint8_t *pSelfMacAddr, uint8_t *pbSessionId,
+				 uint8_t *pSelfMacAddr,
+				 uint8_t session_id,
 				 uint32_t type, uint32_t subType)
 {
-	QDF_STATUS status = QDF_STATUS_SUCCESS;
-	uint32_t i, value = 0, session_id;
+	QDF_STATUS status;
+	uint32_t existing_session_id;
 	union {
 		uint16_t nCfgValue16;
 		tSirMacHTCapabilityInfo htCapInfo;
 	} uHTCapabilityInfo;
-	uint32_t nCfgValue = 0;
+	uint32_t nCfgValue;
 	tCsrRoamSession *session;
-	*pbSessionId = CSR_SESSION_ID_INVALID;
 
-	if (QDF_STATUS_SUCCESS == csr_roam_get_session_id_from_bssid(mac_ctx,
-				(struct qdf_mac_addr *)pSelfMacAddr,
-				&session_id)) {
+	/* check to see if the mac address already belongs to a session */
+	status = csr_roam_get_session_id_from_bssid(mac_ctx,
+					(struct qdf_mac_addr *)pSelfMacAddr,
+					&existing_session_id);
+	if (QDF_IS_STATUS_SUCCESS(status)) {
 		sms_log(mac_ctx, LOGE,
-			FL("Session %d exists with mac address"
-			MAC_ADDRESS_STR),
-			session_id, MAC_ADDR_ARRAY(pSelfMacAddr));
+			FL("Session %d exists with mac address "
+			   MAC_ADDRESS_STR),
+			existing_session_id, MAC_ADDR_ARRAY(pSelfMacAddr));
 		return QDF_STATUS_E_FAILURE;
 	}
 
-	for (i = 0; i < mac_ctx->sme.max_intf_count; i++) {
-		sms_log(mac_ctx, LOG1, FL("session:%d active:%d"), i,
-			mac_ctx->roam.roamSession[i].sessionActive);
-		if (!CSR_IS_SESSION_VALID(mac_ctx, i)) {
-			session = CSR_GET_SESSION(mac_ctx, i);
-			if (!session) {
-				sms_log(mac_ctx, LOGE,
-					FL("Session does not exist for interface %d"),
-					i);
-				break;
-			}
-			status = QDF_STATUS_SUCCESS;
-			session->sessionActive = true;
-			session->sessionId = (uint8_t) i;
+	/* attempt to retrieve session for Id */
+	session = CSR_GET_SESSION(mac_ctx, session_id);
+	if (!session) {
+		sms_log(mac_ctx, LOGE,
+			FL("Session does not exist for interface %d"),
+			session_id);
+		return QDF_STATUS_E_FAILURE;
+	}
 
-			/* Initialize FT related data structures only in STA mode */
-			sme_ft_open(mac_ctx, session->sessionId);
+	/* check to see if the session is already active */
+	if (session->sessionActive) {
+		sms_log(mac_ctx, LOGE,
+			FL("Cannot re-open active session with Id %d"),
+			session_id);
+		return QDF_STATUS_E_FAILURE;
+	}
 
-			session->callback = callback;
-			session->pContext = pContext;
-			qdf_mem_copy(&session->selfMacAddr, pSelfMacAddr,
-				     sizeof(struct qdf_mac_addr));
-			*pbSessionId = (uint8_t) i;
-			status =
-				qdf_mc_timer_init(&session->hTimerRoaming,
-						  QDF_TIMER_TYPE_SW,
-						  csr_roam_roaming_timer_handler,
-						  &session->roamingTimerInfo);
-			if (!QDF_IS_STATUS_SUCCESS(status)) {
-				sms_log(mac_ctx, LOGE,
-					FL("cannot allocate memory for Roaming timer"));
-				break;
-			}
-			status = qdf_mc_timer_init(
-					&session->roaming_offload_timer,
-					QDF_TIMER_TYPE_SW,
-					csr_roam_roaming_offload_timeout_handler,
-					&session->roamingTimerInfo);
-			if (!QDF_IS_STATUS_SUCCESS(status)) {
-				sms_log(mac_ctx, LOGE,
-					FL("mem fail for roaming timer"));
-				break;
-			}
-			/* get the HT capability info */
-			if (wlan_cfg_get_int(mac_ctx, WNI_CFG_HT_CAP_INFO, &value)
-					!= eSIR_SUCCESS) {
-				QDF_TRACE(QDF_MODULE_ID_QDF,
-					  QDF_TRACE_LEVEL_ERROR,
-					  "%s: could not get HT capability info",
-					  __func__);
-				break;
-			}
-#ifdef FEATURE_WLAN_BTAMP_UT_RF
-			status = qdf_mc_timer_init(&session->hTimerJoinRetry,
-						   QDF_TIMER_TYPE_SW,
-						   csr_roam_join_retry_timer_handler,
-						   &session->
-						   joinRetryTimerInfo);
-			if (!QDF_IS_STATUS_SUCCESS(status)) {
-				sms_log(mac_ctx, LOGE,
-					FL
-						("cannot allocate memory for join retry timer"));
-				break;
-			}
-#endif
-			uHTCapabilityInfo.nCfgValue16 = 0xFFFF & value;
-			session->htConfig.ht_rx_ldpc =
-				uHTCapabilityInfo.htCapInfo.advCodingCap;
-			session->htConfig.ht_tx_stbc =
-				uHTCapabilityInfo.htCapInfo.txSTBC;
-			session->htConfig.ht_rx_stbc =
-				uHTCapabilityInfo.htCapInfo.rxSTBC;
-			session->htConfig.ht_sgi20 =
-				uHTCapabilityInfo.htCapInfo.shortGI20MHz;
-			session->htConfig.ht_sgi40 =
-				uHTCapabilityInfo.htCapInfo.shortGI40MHz;
-
-			wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_MAX_MPDU_LENGTH,
-					 &nCfgValue);
-			session->vht_config.max_mpdu_len = nCfgValue;
-
-			nCfgValue = 0;
-			wlan_cfg_get_int(mac_ctx,
-					 WNI_CFG_VHT_SUPPORTED_CHAN_WIDTH_SET,
-					 &nCfgValue);
-			session->vht_config.supported_channel_widthset =
-								nCfgValue;
-
-			nCfgValue = 0;
-			wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_LDPC_CODING_CAP,
-					 &nCfgValue);
-			session->vht_config.ldpc_coding = nCfgValue;
-
-			nCfgValue = 0;
-			wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_SHORT_GI_80MHZ,
-					 &nCfgValue);
-			session->vht_config.shortgi80 = nCfgValue;
-
-			nCfgValue = 0;
-			wlan_cfg_get_int(mac_ctx,
-				WNI_CFG_VHT_SHORT_GI_160_AND_80_PLUS_80MHZ,
-				&nCfgValue);
-			session->vht_config.shortgi160and80plus80 = nCfgValue;
-
-			nCfgValue = 0;
-			wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_TXSTBC,
-					&nCfgValue);
-			session->vht_config.tx_stbc = nCfgValue;
-
-			nCfgValue = 0;
-			wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_RXSTBC,
-					&nCfgValue);
-			session->vht_config.rx_stbc = nCfgValue;
-
-			nCfgValue = 0;
-			wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_SU_BEAMFORMER_CAP,
-						&nCfgValue);
-			session->vht_config.su_beam_former = nCfgValue;
-
-			nCfgValue = 0;
-			wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_SU_BEAMFORMEE_CAP,
-						&nCfgValue);
-			session->vht_config.su_beam_formee = nCfgValue;
-
-			nCfgValue = 0;
-			wlan_cfg_get_int(mac_ctx,
-				WNI_CFG_VHT_CSN_BEAMFORMEE_ANT_SUPPORTED,
-				&nCfgValue);
-			session->vht_config.csnof_beamformer_antSup =
-								nCfgValue;
-
-			nCfgValue = 0;
-			wlan_cfg_get_int(mac_ctx,
-					WNI_CFG_VHT_NUM_SOUNDING_DIMENSIONS,
-					&nCfgValue);
-			session->vht_config.num_soundingdim = nCfgValue;
-
-			nCfgValue = 0;
-			wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_MU_BEAMFORMER_CAP,
-						&nCfgValue);
-			session->vht_config.mu_beam_former = nCfgValue;
-
-			nCfgValue = 0;
-			wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_MU_BEAMFORMEE_CAP,
-						&nCfgValue);
-			session->vht_config.mu_beam_formee = nCfgValue;
-
-			nCfgValue = 0;
-			wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_TXOP_PS,
-					 &nCfgValue);
-			session->vht_config.vht_txops = nCfgValue;
-
-			nCfgValue = 0;
-			wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_HTC_VHTC_CAP,
-					 &nCfgValue);
-			session->vht_config.htc_vhtcap = nCfgValue;
-
-			nCfgValue = 0;
-			wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_RX_ANT_PATTERN,
-					 &nCfgValue);
-			session->vht_config.rx_antpattern = nCfgValue;
-
-			nCfgValue = 0;
-			wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_TX_ANT_PATTERN,
-					 &nCfgValue);
-			session->vht_config.tx_antpattern = nCfgValue;
-
-			nCfgValue = 0;
-			wlan_cfg_get_int(mac_ctx,
-					 WNI_CFG_VHT_AMPDU_LEN_EXPONENT,
-					 &nCfgValue);
-			session->vht_config.max_ampdu_lenexp = nCfgValue;
-
-			csr_update_session_he_cap(mac_ctx, session);
-
-			status = csr_issue_add_sta_for_session_req(mac_ctx, i,
-								pSelfMacAddr,
-								type, subType);
-			break;
-		}
+	session->sessionActive = true;
+	session->sessionId = session_id;
+
+	/* Initialize FT related data structures only in STA mode */
+	sme_ft_open(mac_ctx, session->sessionId);
+
+	session->callback = callback;
+	session->pContext = pContext;
+	qdf_mem_copy(&session->selfMacAddr, pSelfMacAddr,
+		     sizeof(struct qdf_mac_addr));
+	status = qdf_mc_timer_init(&session->hTimerRoaming,
+				   QDF_TIMER_TYPE_SW,
+				   csr_roam_roaming_timer_handler,
+				   &session->roamingTimerInfo);
+	if (QDF_IS_STATUS_ERROR(status)) {
+		sms_log(mac_ctx, LOGE,
+			FL("cannot allocate memory for Roaming timer"));
+		return status;
 	}
-	if (mac_ctx->sme.max_intf_count == i) {
-		/* No session is available */
+
+	status = qdf_mc_timer_init(&session->roaming_offload_timer,
+				   QDF_TIMER_TYPE_SW,
+				   csr_roam_roaming_offload_timeout_handler,
+				   &session->roamingTimerInfo);
+	if (QDF_IS_STATUS_ERROR(status)) {
+		sms_log(mac_ctx, LOGE, FL("mem fail for roaming timer"));
+		return status;
+	}
+
+	/* get the HT capability info */
+	if (wlan_cfg_get_int(mac_ctx, WNI_CFG_HT_CAP_INFO, &nCfgValue) !=
+	    eSIR_SUCCESS) {
+		sms_log(mac_ctx, LOG1, FL("could not get HT capability info"));
+		return QDF_STATUS_SUCCESS;
+	}
+
+	uHTCapabilityInfo.nCfgValue16 = 0xFFFF & nCfgValue;
+	session->htConfig.ht_rx_ldpc = uHTCapabilityInfo.htCapInfo.advCodingCap;
+	session->htConfig.ht_tx_stbc = uHTCapabilityInfo.htCapInfo.txSTBC;
+	session->htConfig.ht_rx_stbc = uHTCapabilityInfo.htCapInfo.rxSTBC;
+	session->htConfig.ht_sgi20 = uHTCapabilityInfo.htCapInfo.shortGI20MHz;
+	session->htConfig.ht_sgi40 = uHTCapabilityInfo.htCapInfo.shortGI40MHz;
+
+#ifdef FEATURE_WLAN_BTAMP_UT_RF
+	status = qdf_mc_timer_init(&session->hTimerJoinRetry, QDF_TIMER_TYPE_SW,
+				   csr_roam_join_retry_timer_handler,
+				   &session->joinRetryTimerInfo);
+	if (QDF_IS_STATUS_ERROR(status)) {
 		sms_log(mac_ctx, LOGE,
-			"%s: Reached max interfaces: %d! Session creation will fail",
-			__func__, mac_ctx->sme.max_intf_count);
-		status = QDF_STATUS_E_RESOURCES;
+			FL("cannot allocate memory for join retry timer"));
+		return status;
 	}
-	return status;
+#endif /* FEATURE_WLAN_BTAMP_UT_RF */
+
+	nCfgValue = 0;
+	wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_MAX_MPDU_LENGTH, &nCfgValue);
+	session->vht_config.max_mpdu_len = nCfgValue;
+
+	nCfgValue = 0;
+	wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_SUPPORTED_CHAN_WIDTH_SET,
+			 &nCfgValue);
+	session->vht_config.supported_channel_widthset = nCfgValue;
+
+	nCfgValue = 0;
+	wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_LDPC_CODING_CAP, &nCfgValue);
+	session->vht_config.ldpc_coding = nCfgValue;
+
+	nCfgValue = 0;
+	wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_SHORT_GI_80MHZ, &nCfgValue);
+	session->vht_config.shortgi80 = nCfgValue;
+
+	nCfgValue = 0;
+	wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_SHORT_GI_160_AND_80_PLUS_80MHZ,
+			 &nCfgValue);
+	session->vht_config.shortgi160and80plus80 = nCfgValue;
+
+	nCfgValue = 0;
+	wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_TXSTBC, &nCfgValue);
+	session->vht_config.tx_stbc = nCfgValue;
+
+	nCfgValue = 0;
+	wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_RXSTBC, &nCfgValue);
+	session->vht_config.rx_stbc = nCfgValue;
+
+	nCfgValue = 0;
+	wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_SU_BEAMFORMER_CAP, &nCfgValue);
+	session->vht_config.su_beam_former = nCfgValue;
+
+	nCfgValue = 0;
+	wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_SU_BEAMFORMEE_CAP, &nCfgValue);
+	session->vht_config.su_beam_formee = nCfgValue;
+
+	nCfgValue = 0;
+	wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_CSN_BEAMFORMEE_ANT_SUPPORTED,
+			 &nCfgValue);
+	session->vht_config.csnof_beamformer_antSup = nCfgValue;
+
+	nCfgValue = 0;
+	wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_NUM_SOUNDING_DIMENSIONS,
+			 &nCfgValue);
+	session->vht_config.num_soundingdim = nCfgValue;
+
+	nCfgValue = 0;
+	wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_MU_BEAMFORMER_CAP, &nCfgValue);
+	session->vht_config.mu_beam_former = nCfgValue;
+
+	nCfgValue = 0;
+	wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_MU_BEAMFORMEE_CAP, &nCfgValue);
+	session->vht_config.mu_beam_formee = nCfgValue;
+
+	nCfgValue = 0;
+	wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_TXOP_PS, &nCfgValue);
+	session->vht_config.vht_txops = nCfgValue;
+
+	nCfgValue = 0;
+	wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_HTC_VHTC_CAP, &nCfgValue);
+	session->vht_config.htc_vhtcap = nCfgValue;
+
+	nCfgValue = 0;
+	wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_RX_ANT_PATTERN, &nCfgValue);
+	session->vht_config.rx_antpattern = nCfgValue;
+
+	nCfgValue = 0;
+	wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_TX_ANT_PATTERN, &nCfgValue);
+	session->vht_config.tx_antpattern = nCfgValue;
+
+	nCfgValue = 0;
+	wlan_cfg_get_int(mac_ctx, WNI_CFG_VHT_AMPDU_LEN_EXPONENT, &nCfgValue);
+	session->vht_config.max_ampdu_lenexp = nCfgValue;
+
+	csr_update_session_he_cap(mac_ctx, session);
+
+	return csr_issue_add_sta_for_session_req(mac_ctx, session_id,
+						 pSelfMacAddr, type, subType);
 }
 
 QDF_STATUS csr_process_del_sta_session_rsp(tpAniSirGlobal pMac, uint8_t *pMsg)

core/sme/src/csr/csr_inside_api.h

@@ -465,7 +465,7 @@ QDF_STATUS csr_roam_set_key(tpAniSirGlobal pMac, uint32_t sessionId,
 			    tCsrRoamSetKey *pSetKey, uint32_t roamId);
 QDF_STATUS csr_roam_open_session(tpAniSirGlobal pMac,
 				 csr_roam_completeCallback callback, void *pContext,
-				 uint8_t *pSelfMacAddr, uint8_t *pbSessionId,
+				 uint8_t *pSelfMacAddr, uint8_t session_id,
 				 uint32_t type, uint32_t subType);
 /* fSync: true means cleanupneeds to handle synchronously. */
 QDF_STATUS csr_roam_close_session(tpAniSirGlobal pMac, uint32_t sessionId,