Scenarios are:
1. Host receives ROAM_START from firmware
2. Host receives EAPOL M1 from AP, host forwarded
it to supplicant and supplicant buffered it (with
timer 100 msec) to process it after association
completion.
3. Host starts processing CP stats request, which
holds RTNL kernel lock
4. Host starts a CP_STATS_WAIT_TIME_STAT (800 msec)
timer and sends WMI_REQUEST_STATS_CMDID to FW.
So cp stats are holding the RTNL lock.
5. In waiting state host/FW completed roaming within
a few milliseconds. Host Call roamed indication
to the kernel. Kernel post it to the Work queue
to indicate this to the supplicant. The Work
queue requires the RTNL lock to send the
indication to the supplicant.
6. Now Kernel is waiting on the RTNL lock taken by
the CP stats request which is waiting for the CP
stats response (WMI_UPDATE_STATS_EVENTID).
7. Host receives CP stats response but the host is
unable to handle it with the below reason.
8. Timed out happens for WMI_UPDATE_STATS_EVENTID,
then Kernel takes RTNL lock to indicate
association/roam completion status to the
supplicant.
9. As Kernel is sending association indication
after CP_STATS_WAIT_TIME_STAT (800 msec), by
this time supplicant deleted buffered EAPOL
first frame, this results in DUT failing to
initiate the 4-WAY handshake.
10. Finally AP sends the Deauthentication frame
to DUT.
Reason for unable to process CP stats response :
As per the current design, While processing Roaming,
the host deletes the old peer and creates a new peer
for roamed AP. If the Host receives cp stats response
after peer delete due to roaming, the host is unable
to stop waiting for timer CP_STATS_WAIT_TIME_STAT
and fails to release RTNL kernel lock till timeout.
After time out only, Kernel can take RTNL lock to
indicate association/roam completion status to the
supplicant.
Fix is to stop the wait timer CP_STATS_WAIT_TIME_STAT
and release RTNL kernel lock even in case peer has
deleted by HOST for which CP stats request sent.
Change-Id: Ie5b5275da10a06da50b2fbb8ab206b78f2c64d6a
CRs-Fixed: 3234063
With introduction of TDLS on 6 GHz, some of the channels
that peer can support will be same for 6 GHz band other
bands. So, extract frequency by using peer supported
operating class and supported channel list which can
be used for further processing.
If channel numbers are used then the duplicate channel
numbers are removed which may lead to skipping 6 GHz
supported channels.
Change-Id: Ic6838d05c3dab5a0cc17483890b83805e076684c
CRs-Fixed: 3233999
Irrespective of 6 GHz, wideband can be supported.
So, Allow TDLS connection in wideband only if FW supports TDLS
on 6Ghz.
If Fw doesn't support wideband then restrict the TDLS connection
BW to APs Bw.
Change-Id: If726233f381921a8eda25ac7a2705942db79d410
CRs-Fixed: 3223760
-Wimplicit-fallthrough is being enabled by default. Some compilers
such as clang require the attribute instead of just a fallthrough comment.
Change-Id: Icdb1590b51cf172728c3b484f05d20c49e68c38e
CRs-Fixed: 3217422
Combined dp process mic error support for both SAP
and STA interfaces into one API for DP component
Change-Id: Ic78675d4bfdd5b5cc995505bcbf9862711c5ba24
CRs-Fixed: 3226471
Currently in driver, NAN Data Interface can be created with
only name "aware_data" which creates dependency on interface name.
To remove the dependency, the interface is created now by name
provided by Wifi-HAL.
For this, interface is created in STA mode with name provided by
WiFi-HAl. While processing vendor cmd QCA_NL80211_VENDOR_SUBCMD_NDP,
given ifname is searched in adapter list and mode is changed to NDI.
CRs-Fixed: 3196179
Change-Id: I62dd512f8a7de4c69a53babf3112942d348bf3b6
Generally below process should happen in renegotiation failure
case.
1. TWT setup (successful)
2. TWT setup (renegotiation failure)
3. TWT teardown
4. TWT GET STATUS - 0(dialog ID) 0 0 0
5. TWT setup - successful
Since all WMI TWT events gets executed in WMI thread. So when
renegotiation failure case hits, driver sends TWT
teardown to firmware and waits for twt ack in worker thread.
In same worker thread TWT event needs to be processed.
TWT ack event will not process as it's waiting in same worker
thread and it will get timedout.
As part of fix, break the context in renegotiation and
send the teardown in the new worker context.
Change-Id: I13c8d44d6582e39d1cc2c2aa10a500fffbf150b1
CRs-Fixed: 3204750
Vendor commands of wiphy aren't initialized when driver load as FTM mode,
if changed to mission mode later with following cli:
echo 0 > /sys/module/wlan/parameters/con_mode,
vendor commands of wiphy keep uninitialized, wpa supplicant can't get
roam offload status by QCA_NL80211_VENDOR_SUBCMD_GET_SUPPORTED_FEATURES,
so PMK isn't sent to driver/firmware, roam offload failed.
To fix it, remove QDF_GLOBAL_FTM_MODE check in wlan_hdd_cfg80211_init, let
vendor commands of wiphy initialized in FTM mode too when driver load.
But in each vendor cmd, check FTM mode when called, if FTM mode, return
-EPERM.
When driver is changed to mission mode, all interfaces are deleted and
re-added by driver, when interface added event is received by
wpa supplicant, QCA_NL80211_VENDOR_SUBCMD_GET_SUPPORTED_FEATURES is
called again to get roam offload enabled status, PMK will be sent to
driver and firmware when RSO start, roam offload will work.
Change-Id: Ie0c868ebd4b7e356d72a154206b13df94f378188
CRs-Fixed: 3213221
If macro WLAN_FEATURE_11BE_MLO is enable, get_station_stats_cb for
TYPE_STATION_STATS is called only if last_req->ml_vdev_info.ml_vdev_count
none zero when WMI_UPDATE_STATS_EVENTID event comes back.
This causes timeout and fail to get station stats for legacy device or for
MLO device which does not set last_req->ml_vdev_info.ml_vdev_count.
To resolve this issue, add sanity check legacy device before invoking the
callback and set last_req->ml_vdev_info.ml_vdev_count if it is MLO device.
Change-Id: I8ca325482fc32de87cbedcba7d4af17d3876cbbc
CRs-Fixed: 3202588
Add target_if API to send ARP request, LRO config and
DHCP indiacation to firmware.
Change-Id: I2d4af7a5da6c29398ab00205654df9be3d90b665
CRs-Fixed: 3165155
tx_bitrate is used as indication of macThroughputCapacity in transmitter
link metric for backhaul STA link.
tx_bitrate is added in wlan_node_info structure and os_if interface is
exposed so that SON module could get the tx_bitrate parameter.
Change-Id: Ib9949906b3247519bf8c1ce786d6b93d38d4d8ea
CRs-Fixed: 3154548
A check is added recently to avoid creating NDI if NAN is not in
enabled state. This is to avoid wastage of resources(vdev, peers,..)
in firmware.But this check is valid only for the platforms where NAN
statemachine is in host driver. This check is not valid for legacy
platforms where NAN state machine is in firmware. Bypass the same
for legacy targets.
CRs-Fixed: 3178939
Change-Id: I1475b4313d1e7ac2c05d5edd215e929f3eb6335e
Add support for QCA_WLAN_TWT_SET_PARAM command to configure
QCA_WLAN_VENDOR_ATTR_TWT_SET_PARAM_AP_AC_VALUE attribute.
This attribute provides access category value for
WMI_PDEV_PARAM_TWT_AC_CONFIG. This is used by firmware to
configure access category for TWT HW queue in TWT Responder
mode(SAP).
Change-Id: I5131967ff2061bf6afad7bc5f091a7eb5ee01b8a
CRs-Fixed: 3168197
Expected error code is not returned for TWT setup with no
associated AP. Error code has been updated to correct value.
Change-Id: I5234026410a1bcfaf1151c6b7da272a1784d3fe3
CRs-Fixed: 3181078
Add support for QCA_WLAN_VENDOR_ATTR_TWT_SETUP_ANNOUNCE_TIMEOUT
attribute as part of TWT setup command. This attribute is used
to configure the announce timeout value (in us) in the firmware.
This timeout value is only applicable for the announced TWT. If
the timeout value is non-zero, the firmware waits up to the
timeout value to use Data frame as an announcement frame. If the
timeout value is 0, the firmware sends an explicit QoS NULL frame
as the announcement frame on SP start.
Change-Id: Idf564813487b8157f05265dc73ef7a9a1c31d9e2
CRs-Fixed: 3168235
Previously elna_bypass is of type bool, which check for
elna_bypass enabled or disabled with en_dis
Change en_dis to elna_mode of enum extlna_mode
to support extra mode of firmware_default
Change-Id: I12dfe3a07e04b102562b11c8235d56bd3e2a7059
CRs-Fixed: 3169266
Reject any incoming get_all_peers TDLS command if there
are any currently in progress.
The later commands will only be processed once the earlier
commands finish, since they are processed sequentially.
However, once a command finishes, the memory allocated for
it from userspace is freed up. Each command is passed the
same address so the later commands will end up writing to
a freed address. To avoid this, reject incoming requests
if there are any still in progress.
For this, the condition should be corrected.
We shouldn't use completion_done here for checking for
completion as this will always return false, as
tdls_user_cmd_comp.done will remain in init state always.
So, the very first command will also not work.
In general completion_done is used to check if there are
multiple threads waiting on the complete event that's
why it will return true only when tdls_user_cmd_comp.done
is set with complete().
Also, if the state is in wait_for_completion, this function
will return true after the wait timer is over or condition
is met as wait_for_completion will hold out the hold lock
and will will prevent completion_done from returning.
Better to use a flag to determine command condition.
Change-Id: I1b6b270dbb9b0b103f10e7ae22a60030ea2fbb98
CRs-Fixed: 3162184
Add a new field max_mcs_index in mlme_legacy_priv to save max mcs
index of current vdev.
Add a new field max_real_mcs_idx in hdd_station_info to save max
mcs index of the connected station.
Change-Id: I28908515cbe5c18c79f14f8645defd5c82e3a6f0
CRs-Fixed: 3065838
When obtaining twt session traffic statistics,
some allocated memory not freed for failure case.
Fix it to avoid memory leak.
Change-Id: I18ce45467c3600c3f62b23ab50582ecb40ced88d
CRs-Fixed: 3169747
Currently driver code has data type as char* for NAN related code.
With this change update this data type as const char*.
Also, move NAN related functions under WLAN_FEATURE_NAN feature flag.
Change-ID: I61ad10304be4399a68f32778d01d9a951d7d14bb
CRs-Fixed: 3169168
Currently host driver creates/deletes NDI interfaces using
vendor command. With the kernel 5.12 version onwards,
interface creation/deletion is not allowed using vendor
commands as it leads to deadlock when driver tries to acquire
the RTNL_LOCK at the time of netdev register/unregister.
With this change, add support to Create and delete NDI interface
using NL80211_CMD_NEW_INTERFACE and NL80211_CMD_DEL_INTERFACE
commands respectively if driver advertises
QCA_WLAN_VENDOR_FEATURE_USE_ADD_DEL_VIRTUAL_INTF_FOR_NDI capability.
Since NL80211_CMD_NEW_INTERFACE and NL80211_CMD_DEL_INTERFACE
already comes with the rtnl lock and driver does not need to
take the rtnl lock again which will help to avoid the above issue.
Change-Id: I6d5441a5e883de1222f105f26d73cb0506d16ddf
CRs-Fixed: 3167125
Reject any incoming get_all_peers TDLS command if there are any
currently in progress.
The later commands will only be processed once the earlier commands
finish, since they are processed sequentially. However, once a
command finishes, the memory allocated for it from userspace is freed
up. Each command is passed the same address so the later commands will
end up writing to a freed address. To avoid this, reject incoming
requests if there are any still in progress.
Change-Id: I6970e3b73c6ce5afc921edaaf477825928800342
CRs-Fixed: 3150044
When power save mode is disabled, TWT is also disabled. All existing
TWT sessions must be removed.
Change-Id: I7c1ceb7abbfea0205e65a038fdf8d574b797685e
CRs-Fixed: 3147231
Default kernel version 5.4 not support all 6GHz changes,
and msm-5.4 kernel introduced below commit to do backport:
Git-commit: 3290a9818c538b88d4e75b5891fa530e9142c219.
This causes building error on third party platform with
kernel version 5.4. Fix it with adding CONFIG_BAND_6GHZ flag.
Change-Id: I967a5e5c1ab3b3bc349f2685950f3bfe6b33255e
CRs-Fixed: 3148383
Vdev ref count is not released after acquired in both success and
failure case in osif_twt_notify_complete_cb().
Release vdev ref count in both success and failure case.
Change-Id: I54ba4bdeb0ac5a6965a674e4c3dc5d0d8d6992bc
CRs-Fixed: 3143718
Currently in station disconnect state, host doesn't request
bmiss stats from firmware.
Remove peer check to get bmiss stats in station disconnect
state also.
Change-Id: I6268f8af7daf7a90f9ae8a5d24ae17256ff3e76c
CRs-Fixed: 3127834
Add support for below SON peer ops:
PEER_SET_KICKOUT
PEER_SET_EXT_STATS
PEER_REQ_INST_STAT
PEER_GET_MAX_MCS
Change-Id: Iafadd17d6a13cfbba2884e50a0432c34115cd7f7
CRs-Fixed: 3141862
Update Kbuild with SON binaries based on SON config flag
and GENERIC_DATA policy with proper length
Change-Id: I60d06b3bdcc600095d7e9ad779e9b779f5477e33
CRs-Fixed: 3136142
Currently, in twt get status command, params->peer_mac is used
check if twt setup exists for this peer mac, but if the input
is broadcast dialog id then params->peer_mac gets updated to
broadcast mac address and twt setup done check fails.
Fix is to use local peer mac address for twt setup check.
Change-Id: Iee98091bc86cfd48471b07464cda39666dd17ee3
CRs-Fixed: 3138601
