In function wma_roam_scan_offload_mode, set qos_enabled to true if
qos_caps is a non zero value. Otherwise firmware will not be able
to get correct qos_caps value.
Change-Id: I3bdf43594f68cb0780f2947fff9db723644b5dac
CRs-Fixed: 1092258
Peer type in the link layer stats is being reported as wmi_peer_type
values. Map these values to wifi peer types before reporting link
layer stats to kernel.
Change-Id: I1b86cd030ff8e40296cd99b3a6ceb1168b96ba78
CRs-Fixed: 1091553
Add support to disable/configure the auto BMPS timer using INI
configuration.
The default value for the auto BMPS timer was set to 20 sec and
when the connection is established from cmd line, DUT enters into
power save once the timeout happens which can lead to issue in
DHCP completion. Framework disables the power save during DHCP and
enables it when DHCP is done, hence disable the auto BMPS timer by
default and provide the INI configuration to configure it.
Change-Id: I9732f915dd0fb552dd4943b70a6026a7a2bc80a0
CRs-Fixed: 1092305
SessionId validation check is not present in the
sme_sta_in_middle_of_roaming.
Remove duplicate sme_sta_in_middle_of_roaming API to
get roaming status instead use sme_neighbor_middle_of_roaming
API.
Change-Id: Ia8d02f93630297239454bfac37e902eccb92d761
CRs-Fixed: 1091051
Once P2P GO has started, supplicant will update the beacon/probe
response template to include the p2p group information. Host driver
is currenlty igonoring this since the 4-way handshake is not completed.
Due to this the beacon/probe response from the P2P GO is not including
the p2p group information sub-element.
Change-Id: Id645f7fdccbb59e6bf6c77dd73bdbb1c6bf47dcb
CRs-Fixed: 1087513
The 64-bit division in 32-bit architecture call 64-bit-by-64-bit
division routines "__aeabi_uldivmod", which is not defined for
the 32-bit architecture. Typecast the variables to proper data
type before division operation to avoid the "undefined symbol:
__aeabi_uldivmod" linking error during wlan driver load on
32-bit target.
CRs-Fixed: 1091920
Change-Id: I0cb7f78a098d90349870d4acb87230ba7fb492fc
Use correct variable name in argument while calling cnss_set_fw_debug_mode
cnss platform driver API to avoid compilation error for PCI based target.
Change-Id: I34d30cfd3113d379460124d423d0befa22a6bbd4
CRs-Fixed: 1091285
qcacld-2.0 to qcacld-3.0 propagation
The length of bss descriptor is calculated using offset of IE
field but when lim tries to get the ielength it doesnt use the
offset which results in incorrect IE length.
To fix use offset to get the ie length from bss descriptor
Change-Id: I7abbde83aea1e0a1cfcd7bdb1a184158f75f2455
CRs-Fixed: 1082001
In function csr_roam_offload_scan while copying ASSOC IEs, also populate
ASSOC IE length, else firmware wont get any ASSOC IE and REASSOC request
will not be consistent with ASSOC request.
Change-Id: I99af48b2f491d0bc7491a88b455e3636ea8e4eff
CRs-Fixed: 1090869
Propagate from qcacld-2.0 to qcacld-3.0
In rrmProcessBeaconReportReq(), the return value is not the same
enum type with the routine definition. In dfs_process_radarevent(),
2 variables type are not same in a comparison. Add fix to correct
it.
Change-Id: Ibc5fbf70e2632a22971f33b769b31737a40123e7
CRs-Fixed: 979671
Propagate from qcacld-2.0 to qcacld-3.0
If a channel is already in NOL list and DFS period has been expired, the
radar timestamp will not be updated when a radar event received. Update
radar timestamp in sap_mark_dfs_channels() to resolve this issue.
Change-Id: Ie9132f84bf5f35146e518b2a8a71998ddb2de901
CRs-Fixed: 1000945
Propagate from qcacld-2.0 to qcacld-3.0
Currently there are some places where value is assigned incorrectly.
Add fix to correct it.
CRs-Fixed: 1063255
Change-Id: I1d48b464ad67d112af6f3ffeea340a56633556f9
qcacld-2.0 to qcacld-3.0 propagation
When EGAP is enabled, configure EGAP parameters to firmware, and do
nothing for GAP.
When EGAP is disabled, need refine GAP in below situation.
AP+STA concurrency mode
When starts STA in case of AP existence, GREEN_AP_PS_STOP_EVENT
will be triggered, at this time need to set green_ap->ps_enable
as 0 and send firmware WMI_PDEV_GREEN_AP_PS_ENABLE_CMDID with
value 0.
When stops STA in case of AP existence, abandon using of
GREEN_AP_PS_IDLE_STATE, because once in GREEN_AP_PS_IDLE_STATE,
more than one GREEN_AP_PS_START_EVENT are needed to achieve
the GREEN_AP_PS_ON_STATE. Use GREEN_AP_PS_OFF_STATE instead.
AP mode
Remove hdd_wlan_green_ap_start_bss/hdd_wlan_green_ap_stop_bss
in eSAP_START_BSS_EVENT/eSAP_STOP_BSS_EVENT, becasue SME
session id is invalid in the context of eSAP_STOP_BSS_EVENT.
Add hdd_wlan_green_ap_start_bss/hdd_wlan_green_ap_stop_bss in
__wlan_hdd_cfg80211_start_ap/__wlan_hdd_cfg80211_stop_ap instead.
AP+AP mode
In hdd_wlan_green_ap_stop_bss, only trigger
GREEN_AP_PS_STOP_EVENT when the last AP stops.
Change-Id: Ifbf09b870b919d2bd155887bf17a494be07f97b4
CRs-Fixed: 1069300
Using a buffer after passing it to wmi_unified_cmd_send() induces a
race condition that may result in a use-after-freed situation. Fix
several potential use-after-freed situations when calling
wmi_unified_cmd_send() by ensuring all access to a buffer is done
before the call to wmi_unified_cmd_send().
Change-Id: I287487d865f3ef5386e8f8649a8bba42df5b56ac
CRs-Fixed: 1090473
qcacld-2.0 to qcacld-3.0 propagation
Remove the unwanted timer and its related code.
Change-Id: I469bf11a506a2901eae2865a69b75a058e276e75
CRs-Fixed: 658580
While initializing the CSR Scan timer, user data assignment is done with
incorrect pointer context of tSmeCmd.
Initialize userdata with right pointer context of tSmeCmd.
Change-Id: I2bdfc3c91e6cd8cc9d517640755aab26a2d818c9
CRs-Fixed: 1089908
Function lim_update_default_scan_ies() is no longer being used. Remove
this obsolete function.
Change-Id: Ic2e544232cc450fc9d8f706573b4e29144348170
CRs-Fixed: 1085760
lim_process_tdls.c defines the following "populate" functions:
populate_dot11f_link_iden()
populate_dot11f_tdls_ext_capability()
populate_dot11f_tdls_offchannel_params()
Currently these are defined to be global functions. Since these
functions are only used internally within lim_process_tdls.c and since
they don't follow the naming convention for LIM public functions, make
them static. In addition relocate them in the file so that the
existing forward reference prototypes are not needed.
Change-Id: I24452973cae7fed83efc26341eb66765fa19f7a5
CRs-Fixed: 1085760
While trying to enable the -Wmissing-prototypes switch it was
discovered that function lim_log_vht_cap() currently does not expose
its prototype in a header file. Add an appropriate prototype.
Change-Id: I493480bddd6302257123eea4bf1e7d1af5487c0d
CRs-Fixed: 1085760
Currently in lim_process_tdls.c there is a local prototype for
function lim_get_htcb_state(). Having a local prototype prevents the
compiler from verifying that the prototype matches the actual
implementation. Update the file to remove the local prototype and to
instead import the header file that defines the lim_get_htcb_state()
prototype. In addition remove the local prototype for
lim_populate_vht_mcs_set() since the appropriate header file is
already being included.
Change-Id: Ie9931f972a3126fdc08c54f497aa46ef91d746cd
CRs-Fixed: 1085760
Use QDF_BUG to create a crash dump when peer attach operation detects
that the peer already exists even after waiting for 500 ms. It will
detect failure to complete peer delete operation in firmware and
missing peer unmap events.
Crash dump is enabled only when compiled with PANIC_ON_BUG, otherwise
it will print a warning.
CRs-Fixed: 1075798
Change-Id: I0131f4f706bc76feb86894975ff9f3c30f873b9b
Scan request sent on the invalid vdev id which
triggered assert at firmware.
-Reset sessionid to invalid number in sme open
session failure scenarios.
-WMA differs vdev delete, if vdev stop
command is pending. Current code process differed
vdev delete only for P2P GO.
-Extend it for other modes so that vdev delete gets
processed later point of time.
Change-Id: I2068e358928fa7157625cf35b3de4ee552299fdb
CRs-Fixed: 1089287
WNI_CFG_VHT_SU_BEAMFORMEE_CAP is a global location for self capabilities
and is being overwritten with AP's capability, which is incorrect.
Because of this after roaming from an inferior capability AP to higher
capability AP, we are advertizing previous session's capability which is
wrong. Fix this by removing overwriting of WNI_CFG from function
lim_extract_ap_capability.
Change-Id: I5676598a008f3a118206e40c244faf38648e0b01
CRs-Fixed: 1088579
In function __wlan_hdd_cfg80211_extscan_get_valid_channel,
Valid channel list length is limited to 100. But if the channel list size
in NL request buffer is larger, it can cause a buffer overflow situation
while filling the channel list in the request buffer.
Change-Id: Ie6226934af3e40817ef4b44007915c36e501fd56
CRs-Fixed: 1083022
qcacld-2.0 to qcacld-3.0 propagation
While processing IPA event, uninitialized objects are used in debug prints.
Debug prints are updated to print valid values, by using proper variables.
Change-Id: Iedfb22a980554c326a3231b560212195f35ff745
CRs-Fixed: 1061660
qcacld-2.0 to qcacld-3.0 propagation
While retrieving FW memory dump, if memory is already allocated
then paddr, which holds physical address, is not updated.
This leads to pass invalid physical address while freeing FW
memory dump, if host fails to get FW memory dump.
Hence, assign paddr with physical address, if memory
is already allocated.
Change-Id: I3b3071ec3d5bc04177bfbe8447dadac47e81cb40
CRs-Fixed: 1061662
The mutex qdf_conc_list_lock is accessed, before it is
initialized and it triggers the system assert.
Initialize the mutex in cds open function to avoid
invalid mutex access.
Change-Id: Iec13a101ba2cc4a332d486b08f0c0562f648edfa
CRs-Fixed: 1089357
Add a logic to avoid processing duplicate rrm link measurement request.
Cache last processed frame with timestamp to validate new frame.
If retry bit set, compare sequence number and source address of
last processed frame. If both are matches and is within retry time
than ignore that frame, else process. Update last processed frame cache
every time new frame processed successfully
Change-Id: Ic2bff028c7bcd79d6b3dca186edb35464b1fd059
CRs-Fixed: 1088735
neighborRoamInfo is being accessed with index: sme session id, which is not
validated at multiple places in SME APIs. SME APIs are being called from HDD
where sme session id is initialized to 255 as invalid value. Avoid out of bound
access for neighborRoamInfo in SME APIs by checking against max session ID.
Change-Id: I312631a15373d75bcaae7278ff4f57778bf3fc9b
CRs-Fixed: 1088734
Scan flags WMI_SCAN_ADD_TPC_IE_IN_PROBE_REQ included in scan request will
trigger firmware probe request to include TPC IE, hence do not include TPC
IE in additional scan IEs sent from host.
Change-Id: I490d978d8a90b13f779c1e3a77a7bd16b9bd8b99
CRs-Fixed: 1088639
When sending WDI enable_disable message, there is ia possibility of
sending invalid session-id to firmware, which may lead to device
crash. Validate session-id before sending WDI enable_disable message.
Change-Id: Iee1a101d2187b66b0427b2137c80b598f82ad75b
CRs-Fixed: 1086832
When parsing multiple chain RSSI stats data from firmware, there is a
struct array TLV header that is not being accounted for. Properly
account for the struct array TLV header.
Change-Id: Ib41643ae9e859de6fd0d20a84c015e2b8f7205dc
CRs-Fixed: 1088660
Change to enable per virtual device transmit descriptors
in Kbuild for lithium.
Change-Id: I2824de2daa5bce7b0ab6993fb7f85ea01ac0849d
CRs-Fixed: 1089685
Currently in different functions we are assigning memory to
pointers and using it without checking that pointers has valid
address or NULL.
Add NULL checks before pointer dereferences.
Change-Id: I43a04fc59e56261d37e657b815b214a59cdcf838
CRs-Fixed: 1095650
CONFIG_PLD_PCIE_INIT indicates that pcie initialization
and io remap have allready been done by the platform driver,
and should not be re-done by the wlan driver.
This is to facilitate shared controll between the MHI & wlan
drivers.
Change-Id: I97704076d1efe2a8d980c8f659f05367ca82a5f6
CRs-Fixed: 1097375
qcacld-2.0 to qcacld-3.0 propagation
Currently, TDLS can be enabled/disabled by different sources
without knowledge of each other which would lead to issue
if one of the resource enable and other would disable TDLS.
Fix is to ensure that TDLS will not be enabled/disabled
until all the resources agree upon it.
Change-Id: Id8ab5ddda88fa554f2837ded3540b3c7b3afb54d
CRs-Fixed: 948121
This is a qcacld-2.0 to qcacld-3.0 propagation.
The wlan driver supports the following vendor command:
QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_SET_BSSID_HOTLIST
This command supplies a "number of APs" attribute as well as a list of
per-AP attributes. However there is no validation that the number of
APs provided won't overflow the destination buffer. In addition there
is no validation that the number of APs actually provided matches the
number of APs expected.
To address these issues:
* Verify that the expected number of APs doesn't exceed the maximum
allowed number of APs
* Verify that the actual number of APs supplied doesn't exceed the
expected number of APs
* Only process the actual number of supplied APs if it is less than
the expected number of APs.
Change-Id: I41e36d11bc3e71928866a27afc2fbf046b59f0f5
CRs-Fixed: 1095770
This is a qcacld-2.0 to qcacld-3.0 propagation.
Enable the compiler's -Wheader-guard switch. This will help
catch mismatches between #ifndef and #define lines in header guard.
Change-Id: Ic05a829eadbf974598370c494a5cff10201ec600
CRs-Fixed: 1091052
Set 15th bit of flags field of ath_pktlog_hdr to indicate whether
the pktlog hdr size if 12 bytes or 16 bytes.
Change-Id: I58027053c67e749c79f6cec77da1519a9f28a2d2
CRs-Fixed: 1097280
This reverts Change-Id I2aec7253511d2ca7b08ca77d858a46f9c01d4e9d
Adding support for dumping 32 tx/rx packets during connection
by reverting above change as "exceeding skb buffer size and
leading to crash" issue is resolved with this change.
Change-Id: I951355776461706bb52eeee0527819377e7b7857
CRs-Fixed: 1097280
Add second and third connection pcl tables and next actions
for 2X2 dbs solution
Change-Id: I4722e137360a4a0d349d856b01255a0fe11d59fb
CRs-Fixed: 1068000
