Process SAE authentication frames in SAP mode as well.
These frames will be forwarded to userspace for offloaded
SAE authentication.
Change-Id: Id385cd9394160f2fae1bee7e996fd879e0109235
CRs-Fixed: 2396359
hostapd/wpa_supplicant sends authentication frames through mgmt_tx
interface but may not fill sequence control. Fill the same.
Change-Id: I568b72590ce4280eaf9540dc07b38f87f10f019d
CRs-Fixed: 2396358
There are several instances of incorrectly using EOK with QDF_STATUS.
Address all infractions in WMA.
Change-Id: I1bc97c2ed8d4d9600dcbc07f57fccfe42d75d27e
CRs-Fixed: 2403943
When userspace disconnect is received, wlan_hdd_disconnect()
checks if roaming is in progress and waits for 4 secs if roaming
is in progress. The roaming_in_progress flag is set after
CSR receives SIR_ROAMING_START and is unset after CSR receives
SIR_ROAM_SYNCH_NAPI_OFF. Since SIR_ROAM_SYNCH_COMPLETE is
received after SIR_ROAM_SYNCH_NAPI_OFF and all the roaming state
machine activities like filling connection info, bss description
happens after SIR_ROAM_SYNCH_COMPLETE is received. So there
exists a race window between SIR_ROAM_SYNCH_NAPI_OFF and
SIR_ROAM_SYNCH_COMPLETE when the wlan_hdd_disconnect() could
proceed to free the session->pCurRoamProfile and
csr_roam_prepare_bss_config() tries to acces this when
SIR_ROAM_SYNCH_COMPLETE or SIR_ROAM_SYNCH_PROPOGATE is received.
This could result in null pointer dereference of pCurRoamProfile.
Call hdd_set_roaming_in_progress(false) in
hdd_sme_roam_callback() when SIR_ROAM_SYNCH_COMPLETE is received
Change-Id: Ic350d55e857ad950a0e630b07d75a5b1b572a75c
CRs-Fixed: 2399474
An ancestor of the current driver used mailboxes for communication
between SME and LIM, and serialization/deserialization routines were
used to encode and decode the mailbox messages. This mechanism is no
longer in use, but there are remnants still present.
One remnant is the eWNI_SME_SEND_DISASSOC_FRAME message processing
which is still serialized by SME and deserialized by LIM even though
the message is no longer sent via a mailbox. Bring this message
handling up to date by exclusively using the underlying struct
sme_send_disassoc_frm_req.
As part of the change remove the trans_id field from the struct since
it is not actually used by LIM.
Change-Id: I067c9f7461fddd7a25090e691836d7d9276c4e89
CRs-Fixed: 2402289
Add new ini "roaming_scan_policy" to config roaming scan
behavior (DBS/non-DBS) in fw side.
This ini is corresponding scan_ctrl_flags_ext in
wmi_start_scan_cmd_fixed_param when host sends
WMI_ROAM_SCAN_MODE to fw.
Change-Id: Id95c3b9bb40d4f32ab3ff14a30f72c6150ac1884
CRs-Fixed: 2398531
Register peer unmap sync callback in pdev during wma_tx_attach
to be accessed in ol_txrx.
Change-Id: I16909ae51e3ca55714c8d1f9f07d7a02f651c190
CRs-Fixed: 2398856
To address kernel control flow integrity (CFI) issues related to type
mismatch, correct the return type of ol_txrx_pdev_attach_target().
Change-Id: Icb170ad1e57513519f3d9b122ab4feed6a4efcb8
CRs-Fixed: 2402963
To address kernel control flow integrity (CFI) issues related to type
mismatch, correct the return type of wdi_event_sub().
Change-Id: Id51c6523ddd5d6f5835f7aa08a3a7b2940d2c50b
CRs-Fixed: 2402961
To address kernel control flow integrity (CFI) issues related to type
mismatch, correct the return type of wdi_event_unsub().
Change-Id: I45d090cb4011ca659e30b2f7be6c2b7d32bbba4b
CRs-Fixed: 2402957
As part of DSC integration, use vdev op start/stop for appropriate
cfg80211 operation callback handlers.
Change-Id: Id2a13469267547b878e234cb3c0b16e74abe00d5
CRs-Fixed: 2402143
As part of DSC integration, use vdev op start/stop for appropriate
vendor commands.
Change-Id: I5d296e7e97158bcc11db04361e0211d1a44b7fcd
CRs-Fixed: 2402142
An ancestor of the current driver used mailboxes for communication
between SME and LIM, and serialization/deserialization routines were
used to encode and decode the mailbox messages. This mechanism is no
longer in use, but there are remnants still present.
Two such remnants are in lim_send_sme_disassoc_ntf(). The logic for
creating both the Disassoc Response and the Disassoc Indication use a
combination of direct structure writes and serialized buffer writes.
Bring this logic up to date by removing all serialized buffer writes
and exclusively use direct structure writes.
Change-Id: I73be566a1512fdc9b8dc28c9ddf818b7c4aa26ed
CRs-Fixed: 2402223
An ancestor of the current driver used mailboxes for communication
between SME and LIM, and serialization/deserialization routines were
used to encode and decode the mailbox messages. This mechanism is no
longer in use, but there are remnants still present.
One such remnant is csr_ser_des_unpack_diassoc_rsp(). This function
currently deserializes a message that is already in the correct
format. Since this is pointless, remove the functionality.
Change-Id: I2d212f0f7a40fd12d9932974dfd3f5cde7fc4eb7
CRs-Fixed: 2402222
Currently all logging for CP_STATS is disabled so CP stats
logs are not getting printed.
Enable all the logs for CP_STATS Module.
Change-Id: If465c813d98410129f80427ed7072de063f1f3c8
CRs-fixed: 2402649
In the case the interface timer gets expired and stop modules is called
in that context and modem graceful shutdown occurs at the same time,
there arises a situation in which there is a mismatch in the FW and
driver state. This results in the rx ring buffers being freed by the
host while FW still tries to access those buffers.
To avoid this assert situation, block the modem shutdown while the host
is performing stop modules. During stop modules, host will send pdev
suspend which will suspend all activity from FW. This can then clear the
path for the modem graceful shutdown.
Change-Id: I8ecae86bb90be7e97eb274946270eb57ca107332
CRs-Fixed: 2392815
In several functions of HDD, reference of vdev is acquired and released
with hdd_objmgr_get_vdev() and hdd_objmgr_put_vdev() respectively.
Both hdd_objmgr_get_vdev() and hdd_objmgr_put_vdev() use adapter input
argument to get the access to vdev pointer: adapter->vdev.
When acquiring vdev reference "adapter->vdev" can be valid but when
releasing vdev reference "adapter->vdev" can be NULL, leading to
reference leak. This can happen only when hdd_vdev_destroy() invoked
from another thread concurrently.
To address this issue, use the input argument vdev pointer to release
the reference in hdd_objmgr_put_vdev().
Change-Id: I89166a471b6c82a95ae0c70ae025608f2f19e5ca
CRs-Fixed: 2399777
Value of ts_acm_is_off gets updated by 0 irrespective of the value
passed by ini file results driver unable to send eSmeCommandAddTs
cmd.
Fix is to use value of ts_acm_is_off as per value in ini in
CSR_IS_ADDTS_WHEN_ACMOFF_SUPPORTED().
Change-Id: Ic5f34f4c4499f92471ce501a78c39a255d6537c9
CRs-Fixed: 2401454
Currently there is no support from driver to send STA authorized
event to supplicant.
Use QCA_NL80211_VENDOR_SUBCMD_LINK_PROPERTIES vendor command to
send STA authorized event to supplicant.
Change-Id: I46416949f04dd28a1713cbebf1f7d0e84b5efda2
CRs-Fixed: 2172816
Hostapd handles SAE authentication and sends the
authentication frames via NL80211_CMD_FRAME interface.
Enable mgmt_tx API for SAP mode as well to
facilitate the same.
Change-Id: Ie858881333b0f12e03f9a4f7b54fe5476b1d9173
CRs-Fixed: 2396335
Revert set ol_rx_thread to SCHED_RR, SCHED_RR could lead to
hdd_ctx->bus_bw_work delayed for long time, and throughput level is not
updated while running traffic, finally hdd_rx_packet_cbk drop packets(rx
path slow).
Change-Id: Idc48c4ff4f38e25124121f814492ea116555cd32
CRs-Fixed: 2398511
Epping mode is currently borken in qcacld-3.2 codebase.
Fix epping mode for QCN7605 for USB and PCIe interface.
Change-Id: I12a11989d86f255e7ec61c98e328fbb755fc39ae
CRs-Fixed: 2400179
If gEnableMCCMode is disabled then STA connection is rejected by
driver if it is second connection and creating a 2-port combination.
STA should work as the selected AP is operating on otherband thereby
creating a DBS concurrent scenario.
Change-Id: Ia1f4f8dbf927a872ada72fb15d646a0a0e323e36
CRs-Fixed: 2400546
11k offload params bitmask is sent over the wmi command
WMI_11K_OFFLOAD_REPORT_CMDID. Its value is controlled by the ini
value "nr_offload_params_bitmask". The ini value got from the cfg
component during initialization is not correctly populated to the
sme layer resulting in zero values sent to firmware. This results
in 11k functionality failure.
Populate the 11k values to sme with values stored into fwol
component from ucfg_fwol_get_neighbor_report_cfg.
Change-Id: I8615745083cdab677bca8cbb76eb0902758a8a75
CRs-Fixed: 2397328
The Driver Synchronization Core (DSC) is a set of synchronization
primitives for use by the driver's orchestration layer. It provides APIs
for ensuring safe state transitions (including bring up and tear down)
of major driver objects: a single driver, associated psocs, and their
associated vdevs.
As part of integrating the DSC APIs into OSIF, protect NAN datapath and
NAN discovery.
Change-Id: Icf24c8f7717cd1ca92616c781f06dacdd69c01f0
CRs-Fixed: 2398340
The CONVERGED_TDLS_ENABLE feature flag was originally introduced when
the TDLS feature was being componentized so that one could select
either the legacy implementation or the componentized implementation.
That componentization activity has concluded and the legacy
implementation no longer exists. To align with the current usage
switch to exclusively using the FEATURE_WLAN_TDLS feature flag since
that more accurately describes the code being protected.
Change-Id: I2cdb4c6ddba22c5b1d29e87403e5e1c87ce5cbfe
CRs-Fixed: 2395728
Host driver packs only the RSN IE, WAP IE and additional IE
from association request to upper layers. With any new IE
support added on the driver, the driver has to add new structure
to csr_roam_info and pack that IE into the
tSap_StationAssocReassocCompleteEvent and pass it to higher
layers. This increases the redundancy with new IE introduced.
To facilitate hostapd to get information on all IE, pass all the
IE present in the assoc request to hostapd.
Change-Id: I1665a83de52bd67529ea026dc0c5e92cfbd51590
CRs-Fixed: 2390425
