sequence number populated from tlv are incorrect for some frames.
Firmware populate correct sequence number for management and control
frame either in payload or tlv itself.
added field to get valid sequence number.
Change-Id: I21b1c34c0d66cb46c3a0baaaa231c952de065534
In case of handling connect scan response, if cm_req is not found for
scan id, cm_req will be NULL and is getting deref at
cm_send_connect_start_fail.
Add fix to avoid NULL pointer dereference
Change-Id: I6b30a4bc41d3b0568dd307c91a7a7202d92b9c87
CRs-Fixed: 2877829
added new WDI event index for tx capture, share same index cause
corruption when switching different feature without delay.
Change-Id: I9e7a849968544957491891629eb42974c8b65728
Add delayed SRNG register writes support for Tx Ring, also add
dedicated workqueue to do the delayed Tx SRNG register writes.
Change-Id: I8dd157d341f3035e988804eab50d1ca681ab789b
CRs-Fixed: 2868989
Currently the return type of qdf_queue_work is void,
whereas queue_work return type is bool denoting the status,
so changing the return type of qdf_queue_work to bool,
helps to check the status of the function.
Change-Id: Ifd07923a18641790314b88d38a7eba2a73e498b3
CRs-Fixed: 2876197
Make 5.9G channels point to Global opclass because there is no support for
them in US opclass as per the current 802.11 spec(802.11ax D8).
Change-Id: I7278cb8f2dc8eb27d10f0d7834a13c0afd6fc668
CRs-Fixed: 2869445
Refactor WLAN_FEATURE_PKT_CAPTURE_LITHIUM to WLAN_FEATURE_PKT_CAPTURE_V2
to remove hardware name from compilation flag.
Change-Id: I5a30b33d8bd6065d12e7c89c666c2f0cab66344e
CRs-Fixed: 2869827
Fix issue on enabling packet log.
Fix issue on logging CBF pkt in AP/STA mode.
Fix issue on setting data length 4 bytes aligned in pktlog header
, htt stats indication message header and Rx management TLV header.
Add CBF support for pktlog WMI enable command for firmware to enable
CBF receive.
Change-Id: Ib0067f32d7414be96503c4c67846c1312a59586e
Currently there is no mechanism in driver to decide whether
to consider the user configured number of sched scan plan or
to configure only 1 schad scan plan.
There is a requirement to configure only one sched scan plan,
add ini support to meet this requiremet.
Change-Id: Iea3bc3f18696837150ce6f4bd60416a8a45bd1d3
CRs-Fixed: 2868125
5.9GHz channels are built on the Pine wideband radio even though
the FW does not advertise the 5.9GHz support through the WMI service
bit.
This is because, the 5G regdomain id FCC16, in the case of a wideband
radio is absent in the host regulatory database. Due to this, within the
function reg_is_fcc_regdmn, reg_get_curr_regdomain does not
return QDF_STATUS_SUCCESS.
To fix this issue, enable the declarations of FCC15 and FCC16 in the
Host regulatory database.
Change-Id: Ib48ab0167a6fa4bafb912ab28b332613bac42f73
CRs-Fixed: 3506736
Fix gpio command arguments in #else case. When WLAN_FEATURE_GPIO_CFG
is set to 0, the else path of macro is executed and the function
arguments are not matching with that of the declaration.
Change-Id: I182a636e53217dfca5a697f280316f30b1afd8ba
Add length check in scan beacon IE processing function for the below IEs to
avoid any possible memory corruption.
1. WLAN_ELEMID_COUNTRY
2. WLAN_ELEMID_WIDE_BAND_CHAN_SWITCH
3. WLAN_ELEMID_VHT_TX_PWR_ENVLP
4. WLAN_EXTN_ELEMID_MAX_CHAN_SWITCH_TIME
Change-Id: I860bee8633849215d46c2dfe60a1a98d7c80f510
CRs-Fixed: 2873039
Add and initialize a preallocated pool of buffers which can
be used to replenish RX buffers. During replenish, the buffers
from the pool are used instead of allocating/mapping a new buffer
in the softirq context. This preallocated pool will be refilled
in thread context.
Change-Id: Idf3bd7d25c5d57ddba105ccd8fab672c26a184f1
CRs-Fixed: 2869345
Change the value of WLAN_CFG_RX_SW_DESC_NUM_SIZE_MIN from 4096
to 1024, so that the rx descriptor number can be configured in
the config file of target.
Change-Id: Iedbbf3cbbfd92dc3d955e0e67aac362afbabed45
CRs-Fixed: 2862285
The default value of ini is_bssid_hint_priority change 1 for AP
and 0 for non AP in documentation.
Change-Id: I4181ba5b72a5d6f013be74adaa579fb23370e25c
CRs-Fixed: 2869604
When switching from mission mode to FTM or Epping mode,
g_pktlog_pde is not cleared after de-init. When switching
back to mission mode, a warning is produced as the proc
directory is not found.
To fix this, g_pktlog_pde is cleared when pktlog is
de-initialized.
Change-Id: I1b9c9259c220a1981151dcb1e44a5621d7fd8204
CRs-Fixed: 2872045
Currently rx descriptor debug info API's are under RX_DESC_DEBUG_CHECK
feature, making those API's independent will be enabled with new feature
flag RX_DESC_LOGGING.
Change-Id: Iadb087f1b3104311b06e161bdeae975a8772e0ee
CRs-Fixed: 2869335
Currently driver rejects connect request if assoc ie length
is 0 or assoc ie is NULL which results in connect failure.
To avoid above issue do not reject connect request if
assoc ie is NULL. Also fix the connect status to send the
proper status code instead of WLAN_STATUS_UNSPECIFIED_FAILURE.
Change-Id: Icb775a88780350fa589ae8db65abdd79980558c6
CRs-Fixed: 2869967
To make it generic, rename the flag QCA_WIFI_NAPIER_EMULATION
as QCA_WIFI_EMULATION.
Change-Id: I21b34475ce550b6875c5f19cf1fbba342862ecee
CRs-Fixed: 2871345
util_scan_copy_beacon_data copies beacon and updates ie
pointers for the cache entry. However, two of the ie pointers
listed below are not updated:
1) hecap_6g - pointer to he 6ghz cap ie.
2) srp - pointer to spatial reuse parameter sub extended ie.
These non updated pointers will cause use after free issues
if the parent scan entry is freed.
Update ie pointers for hecap_6g and srp.
Change-Id: I6d0a6129941e3dc1267404a4191ab368c013a102
CRs-Fixed: 2862607
Move ctrl_path_twt_stats related functions to appropriate source
and header files.
CRs-Fixed: 2871393
Change-Id: I7043259c102e5aee6cbb13260ce2bb0c53c17853
Add function declaration for dfs_restart_rcac_on_nol_expiry()
API. This API helps to restart RCAC on NOL expired channel
with interCAC and RCAC feature enabled.
CRs-Fixed: 2860727
Change-Id: Ifc06ed938ebc7cc6ccbe68989158939d6f399c46
CVE-2020-26139
With the CCE changes, EAPOL frames will now come in
wbm error ring as push reason route. These frames need to
be indicated to stack. Any other frame coming with this
reason code needs to dropped.
Change-Id: I66df0b53a36d99b3e9d9000e0bd93bf7677c221d
Set SAP and P2P GO D3 wow host WMI resource config such that
FW is aware of host capability and can allocate memory for
sufficient remote peers.
Change-Id: I05499f98bd6bc080a9aefb302be12873bf19ac35
CRs-Fixed: 2869055
With the reception of MBSSIE beacon frame, host tries to
construct beacon frames for the non tx VAPs as well.
For which, it has to copy all the IEs from the
received beacon's IE except the MBSSID relevant element
IDs, by comparing the subelement data.
The memcpy that is being used in this case, does not check
the space availability in the target buffer which may lead
to random memory corruption. Hence, using safe memcpy to
avoid buffer overflow.
Change-Id: Ib0861d606dba7725077dd530dd15ebff59058cfd
CRs-Fixed: 2857436
Prerequisite change to include ALD headers into SON public header
as ALD is now part of SON.
Change-Id: Ic98e9ae7b5d2f0e6a2be7915b026ae169247b76f
CRs-Fixed: 2868824
The memory below 0x2000 is reserved for the target use,
so any memory in this region should not used by host.
But on some third-party platforms, we observe such
memory is allocated for RX buffer, which cause HW/FW
NOC error, then RX is stuck. To address this,
re-allocate RX buffers when small buffer appear.
Change-Id: Iad118e82f3fe10f92cbf5f7388dc0960542fc03c
CRs-Fixed: 2707190
Reading extcaps from the scan entry currently checks if the byte
to be accessed is less than the length of the IE. Following this,
it will attempt to access the extcap IE using the requested byte
as the index.
Avoid accessing the extcap IE if the byte is greater than one less
than the ie_len (since indexing starts from zero).
CRs-Fixed: 2856212
Change-Id: Ie357edcd6095570c05871af657381c287e92504e
For smart monitor initialize monitor buffer ring,
Monitor direct mode onto monitor status ring expects monitor buffer
ring to initilized with at least 64 buffers.
CRs-Fixed: 2863316
Change-Id: Ie67ff465522184ad776a9ba76a68c00f02f92221
Fix the index used for looping over descriptors
to free the memory that was already allocated, in the
event of an allocation failure.
Change-Id: I791cdf0b040664a5d39bb52f416d7aab7f3b6bf4
On one-msi platform, when some ce tasklet execute, other srng such
as reo generate the interrupt, the ce interrupt handler can also be
called and then schedule the ce tasklet, if the running ce tasklet
intend to re-schedule itself due to the rx pending, obviously will
fail, then ce active tasklet count leaked.
Decrease the ce active tasklet count if failed to re-schedule when ce
rx pending.
Change-Id: I36c1c6c007735e192bee5af12aab674ee8324ca9
CRs-Fixed: 2830443
Currently, there are separate list for 2g/5g and 6g reg rules. Only one
list is sent north from pdev, so append the corresponding rules to the
existing list in the pdev only.
Change-Id: I28e68f345ae6faad3ac2d929dac3922e9389d53e
CRs-fixed: 2860702
