Android framework set tdls external control mode as a default
configuration and this conflicts with sigma DUT requirement
which expects TDLS in explicit trigger mode.
To solve this problem, we need a method to change the tdls
mode in wpa supplicant and host driver.
Add support to configure TDLS modes (Explicit, Implicit,
External Control) via vendor sub command.
Change-Id: Ib3c5258098975a573201a87e54674dc274afda77
CRs-Fixed: 1083694
"qcacld-3.0: Add infrastructure for pktstats based on linkedlist"
removed the only caller to function pktlog_check_threshold(). Since
this is now unused, remove it.
Change-Id: I37a3d561de248829e6f993fc98d9628476fbe874
CRs-Fixed: 1085689
During roaming join request pointer in the session
is not initilized and the same pointer gets dereferenced
as part of the heart beat timeout handler.
Add validation check before accessing the join request holder
in the session.
Change-Id: I92a4f13a611b9e8eb11dac1194e52ddd726dbc41
CRs-Fixed: 1084701
qcacld-2.0 to qcacld-3.0 propagation
RF bands attribute of WPS IE in Probe.Req from STA/P2P device
is 2.4 and 5GHz although BandCapability=1 (2.4GHz) in qcom_cfg.ini
file. Set the value of RF bands attribute of WPS IE by checking
return value of function hdd_is_5g_supported and value of
BandCapability in qcom_cfg.ini.
Change-Id: I7a60ef79336c586dbad35308e958563c5205888a
CRs-Fixed: 979025
qcacld-2.0 to qcacld-3.0 propagation
To shorten the SAP starting time, the OBSS scan
can be skipped if the ACS scan is performed
and the ACS scan channels cover the OBSS scan
channel list.
This change caches the ACS channel list and
skip the OBSS scan if necessary.
Change-Id: Iae54115051ae037c83b8dd2b639754f941c1d0f5
CRs-Fixed: 1073053
Propagate from qcacld-2.0 to qcacld-3.0
Currently there are some places where array name is compared to NULL
in SME. Add fix to correct it.
CRs-Fixed: 1063255
Change-Id: Id37e8b6fc483d41c4e5b48bb78c295acc08a0328
Propagate from qcacld-2.0 to qcacld-3.0
Currently there are some places where array name is compared to NULL
in HDD. Add fix to correct it.
CRs-Fixed: 1063255
Change-Id: Ic8b6ce003a918890bae6d9c81f6732472333528e
qcacld-2.0 to qcacld-3.0 propagation
Add OBSS scan parameter IE to probe response frame
in SoftAP mode. To avoid some station can't find
OBSS parameter and do not schedule OBSS scan.
Change-Id: If22944b216ff10bafb98b5a2d3e4f2f1abe61333
CRs-Fixed: 909694
qcacld-2.0 to qcacld-3.0 propagation
Current logic use the "not present" structure tDot11fQosMapConfigure
to calculate the array index which lead to the array overflow and
crash of VosMCThread. Add check code to avoid this problem.
Change-Id: Ifa08b24a06e409fed1bd445574127fef02f21d19
CRs-Fixed: 978582
qcacld-2.0 to qcacld-3.0 propagation
Add packet length check for HTT_T2H_MSG_TYPE_RX_FRAG_IND message.
Do not clone the RX frag buffer in the ol_rx_fraglist_insert, and all
buffer will be freed by ol_rx_frag_indication_handler or upper layer to
avoid double free issue.
Change-Id: I977ed9109a476a092dfb298386625a707bc98191
CRs-Fixed: 1039135
Propagation from qcacld-2.0 to qcacld-3.0.
When Dut is configured as 1*1, after roaming to 2*2 AP,
the linkspeed is not right, it will display 144Mpbs rather
than 72Mbps. Because it uses wrong peer_nss and
peer_rate_caps in WMI_PEER_ASSOC_CMDID.
Change-Id: I8700621fbef9c9b4867ac698f7f721d4ffb7d967
CRs-Fixed: 1031447
qcacld-2.0 to qcacld-3.0 propagation
Vendor ibss feature doesn't work because the wpa ie is cleared by
setting vendor specific ie. Per vendor spec, need add logic to replace
vendor specific ie instead of simply overwrite or append to exist ie.
Change-Id: Ie1569b22e22716abcf7d215c2e93870b84cf668f
CRs-Fixed: 962051
The function wlan_init_sysfs() returns 0 on success; and
errno on failure. Fix this error handling to check for ret instead of !ret.
Change-Id: I9acc30985735b014464b83c9e3dffea2d1cb4226
CRs-Fixed: 1085184
While processing cfg operation, there is possibly of sending
invalid session-id to firmware, which may lead to device crash.
So, validate session-id before processing cfg operation.
Change-Id: I06014598e56f31b66d645f0380f5188dbe956f4f
CRs-Fixed: 1080697
Currently in __wlan_hdd_cfg80211_vendor_scan() the band parsed from
the QCA_WLAN_VENDOR_ATTR_SCAN_SUPP_RATES is not sufficiently validated
before being used. Validate the actual value before attempting to use
it as an index.
Change-Id: I0db43ab8e73e20c8cb60a75a521a934967615023
CRs-Fixed: 1085099
While extracting SSID from nl attributes, Currently there is
no boundary check for max and min length. Hence host causes
buffer overflow.
As a part of this fix, Add ssid array boundary check to avoid
buffer overflow.
CRs-Fixed: 1069298
Change-Id: I395be358f7bf3f23bb9453d1ed6c3dc9025f4aab
Get self SU and MU beamformee cap from cfg in function
populate_dot11f_vht_caps in case of session is NULL so that
absolute self cap will reflect values that are intersection
of ini configuration and firmware capability.
Change-Id: Ic177382e6922e4c117cb01c78dd9b16437659496
CRs-Fixed: 1082131
With AUTO ROAM issue, Supplicant disables roaming to other BSS
and expects driver/firmware to re-associate to a specific BSS.
Currently, host driver sets RSO to STOP[disable LFR3] completely
when supplicant invokes disable roaming and when subsequent connect
comes from supplicant, host is doing disconnect and connect.
This fix adds provision to invoke LFR3 reassociation even when
RSO Stop is issued previously to firmware. It is achieved by setting
WMI_ROAM_SCAN_MODE_ROAMOFFLOAD along with WMI_ROAM_SCAN_MODE_NONE
in mode of RSO Stop command.
Change-Id: Iaa8bb455b3b61adac725beca4494ed792ca00fe0
CRs-Fixed: 1078139
Encryption key with zero length are installed in some scanarios.
If PMF is enabled for the session, privacy bit on deauth and
disassoc transmit frames is wrongly set.
Fix: Do not set is_key_installed flag if key length is 0.
CRs-Fixed: 1080127
Change-Id: Iad92c8acbaad504fd69dab585d1bf40afa6de206
During late suspend jiffies will not be incremented. Because of this
scan results are not age out as the delta of current time and the BSS
received time is not correct.
To address this, use the system time instead of jiffies for the
BSS received time and also make sure to use system time in all
other functions.
Change-Id: I4a9cd35ad5109ee2a33cfcafc9b03d5fcd80bb3f
CRs-Fixed: 1083225
qcacld-2.0 to qcacld-3.0 propagation
Return HTC_SEND_FULL_KEEP directly in epping_tx_queue_full function
and give nodrop pkts higher priority over normal pkts
Change-Id: Ib36e1a9f34eb9054b12f0e8ba54a86ace7d6c8f8
CRs-Fixed: 990726
Propagation from qcacld-2.0 to qcacld-3.0.
It is the regression issue caused by ChangeId
I6223ab27c2285c53c45fd388bd56cadc6d348324. When changing
the TX_WAKE_THRESHOLD to TX_WAKE_THRESHOLD_NEVER, the
function wmi_unified_set_sta_ps_param will set
iface->ps_enabled to FALSE. Because of this in function
wma_set_vdev_resume_dtim, "iface->ps_enabled == TRUE"
check fails which is not expected.
To mitigate this issue, remove the unnecessary code
related to iface->ps_enabled.
Change-Id: I59a8b150cf8383bf265c048c9fa1b26646e68dc0
CRs-Fixed: 1039904
qcacld-2.0 to qcacld-3.0 propagation
If SAP interface is up then STA interface can't find
the AP most of the time as a result of SCAN parameters
are getting set to 28ms active dwell time and 0
repeated probe (which means only 1 probe for 28ms of
active dwell time).
Test results suggest that 1 Probe request through out
the active dwell time in noisy environment is not good
enough, so sending two probe requests with each 11ms
apart would make the scan results little better.
Implement above suggested solution by changing
probe_time_dwell_time_map's repeated probe time to
11ms so that n_probes (number of probes) becomes 2
by n_probes = (dwell_time_active/repeat_probe_time)
= (28/11) = 2.
Change-Id: I8a3f3dbaf70c666973454e3266e0dabe0df1c9ea
CRs-Fixed: 992655
qcacld-2.0 to qcacld-3.0 propagation
"MEMORY_DEBUG" enabled driver shows the
SapAllChnlList is not freed upon driver unloading
in SNS test. This commit fixes this issue by
freeing channel list in WLANSAP_CLOSE API.
Change-Id: I1c954336e14746060fec19f3ad89b3d4882306af
CRs-Fixed: 985334
qcacld-2.0 to qcacld-3.0 propagation
Before write to array member of pSpectInfoParams
in sapSelectChannel, we need to check the memory
access range to avoid the write overflow of the
memory.
CRs-Fixed: 998557
Change-Id: I0c05f65fd2ab62919272464a3be7cd138f12e2ec
qcacld-2.0 to qcacld-3.0 propagation
When radar detected in sap channel, it needs switch channel. Those
channels affected by radar signal leaking should be filtered out
from candidate channels.
Change-Id: I86e6e849e7822f1c82c0f8951a8d91c5baebdcfe
CRs-Fixed: 945388
qcacld-2.0 to qcacld-3.0 propagation
When the driver is configured to "force SCC" mode by
gWlanMccToSccSwitchMode = 2, in STA+SAP case, the
driver will check the SAP channel to avoid the
MCC in same band(2.4G or 5G) and override if necessary.
During ACS process, the SAP sapContext->channel is 0.
The driver doesn't validate it before uses it in
sapGotoChannelSel when applies the "force SCC" logic.
That causes an invalid channel selection for the SAP.
And finally causes the hostapd starting failed.
This fix is to skip the override logic if the
sapContext->channel is 0. When the SAP is starting with
a valid channel, the override logic will be activated
again.
Change-Id: I8e3d171ac47d8be149df98ae3e30c8df391a15b0
CRs-Fixed: 1033277
When firmware sends WMI_ROAM_REASON_HO_FAILED event to host,
it has already deleted the peer. Host should not send peer
and vdev cleanup commands to firmware.
Add disassoc_reason field to roamCmd to indicate that CSR wants to
disconnect because of ROAM_HO_FAIL. Copy that information to PE
session, send it to WMA using WMA_DELETE_BSS_HO_FAIL_REQ.
Add wma_delete_bss_ho_fail() to take care of driver state cleanup
without sending commands to firmware.
CRs-Fixed: 1083649
Change-Id: Icdd7571214ea5510c0cdbc44c69d6b5060f5892c
Currently an issue is being observed where UMAC is not correctly
responding to Link Measurement Request action frames. The logic in
UMAC is dependent upon sme_dhcp_done_ind() being called from the HDD
address change notifiers. Unfortunately neither HDD nor SME log when
this occurs, so it is impossible to tell from the logs whether or not
this has occurred.
Add appropriate logging to the HDD address change notifiers so that
it is clear when sme_dhcp_done_ind() is invoked, and upon which
interface.
Change-Id: I35f80af382df4ff118bf426d12dc47ef7bbbc080
CRs-Fixed: 1084151
We want to enable the compiler's -Wmissing-prototypes switch, but
there is existing code that is generating warnings. One such issue is
function lim_is_scan_requested_ssid() is defined but unused. Delete
this unused function.
Change-Id: I52137b0a1e85d73f7567772228eb6994f9d16143
CRs-Fixed: 1075090
Function csr_send_mb_scan_result_req() is obsolete and no longer being
used, so remove it.
Change-Id: I50832b7e84c75b085173bc24d5827b93afb1e679
CRs-Fixed: 1075575
Function sme_set_phy_cb_mode24_g() is obsolete and not being used, so
remove it.
Change-Id: I3289ea53a634915961d4f904cd806d7aed4202e4
CRs-Fixed: 1075575
Recently the following change removed the only reference to function
ol_txrx_ipa_uc_fw_op_event_handler():
Change-Id Iae45c059006592293ea61d04be89b1477daae514
"qcacld-3.0: Fix HTT_T2H_MSG_TYPE_WDI_IPA_OP_RESPONSE handler"
Since the function is now obsolete, remove it.
Change-Id: I10d8ee7ef9a97d1eb5283e08c786826005fbd335
CRs-Fixed: 1075151
In case user-space country priority is not defined; user-space
country code can still take effect if 11d country is not defined.
Change-Id: I972b9354aec5cc6a078056d10c0e76eb841998c3
CRs-Fixed: 1082704
Platform driver flags should be hiden behind PLD layer only. Hence
remove them in WMA layer.
Change-Id: Icee457715bd26e23c489dfefd35999b278ff68c0
CRs-fixed: 1082183
This reverts Change-Id: Iad92cc3ce634b69397666f574917b5254a73dcda
There is back and forth happening for expected value of NSS by firmware.
Final agreed upon values are: NSS=1 for 1x1 and NSS=2 for 2x2
Change-Id: I134a118b367c46e1b655a4eb21a6b406a3b25c2a
CRs-Fixed: 1084104
Codeswap feature is introduced for a WLAN chipset which is already
cancelled. It is no longer used in host driver. Remove the feature
to avoid any confusion for future development.
Change-Id: I70ae291ded2d2e290408e2f5b177e872f1f3d7e8
CRs-fixed: 1082183
We want to enable the compiler's -Wmissing-prototypes switch, but
there is existing code that is generating warnings. Fix all warnings
in core/wma.
Change-Id: I1f270e6b0ba4666d1640b1bf1d1c8e5dbc51e968
CRs-Fixed: 1081656
qcacld-2.0 to qcacld-3.0 propagation
Currently there are no error logs to indicate if the ROC timer stop,
start or destroy failed. To address this, added error logs in all the
possible scenarios.
Also ensure that the ROC context is valid before destroying the timer
if the start ROC request fails.
CRs-Fixed: 1005077
Change-Id: I95311ca6846796ad67fa09106bccb71ec6394aab
qcacld-2.0 to qcacld-3.0 propagation
Vendor attribute for setting TX fail count threshold. This attribute
is part of QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION.
Change-Id: Iba2a6d4c04809041489ff8c32aeb17c9dafbc4a5
CRs-Fixed: 1045760
qcacld-2.0 to qcacld-3.0 propagation
If a station does not send anything in sta_inactivity_timeout, an
empty data frame is sent to it in order to verify whether it is
still in range. If this frame is not ACKed, the station will be
disassociated and then deauthenticated.
Change-Id: Ib86c9aacdb52141890b224262d55abbe58b1604d
CRs-Fixed: 1020078
qcacld-2.0 to qcacld-3.0 propagation
Add data structures to save short_retry_limit and long_retry_limit.
long_retry_limit is count to retry frame at current rate.
short_retry_limit is count to retry frame on lower rate.
Add changes to pass these params to firmware as well.
Change-Id: Icb45c37358dcfacbea8e3b3f40b93189d62e1be4
CRs-Fixed: 1020078
qcacld-2.0 to qcacld-3.0 propagation
Add data structures to save tx_pkt_fail_cnt_threshold and changes
to pass the same to FW.
Change-Id: I46dc401c26c3eeeb41b345d0fe1b4406394971fb
CRs-Fixed: 1020078
Call ICNSS API to get QMI support info and based on this
information later WLAN host driver decide to allocate 1 MB
Memory for MSA region or not.
CRs-Fixed: 1081443
Change-Id: I1ae0f3a0c92ded2df8e8c710be1faab6fde5cc10
Fix the size of pcl_channels & pcl_weight array to be QDF_MAX_NUM_CHAN in
cds_get_nondfs_preferred_channel. Also make sure all the callers of
cds_get_channel_list uses QDF_MAX_NUM_CHAN as channel array size.
Change-Id: I256421f54180d1d8f9f6abd549d417e74d62add5
CRs-Fixed: 1082596
In an HDD timeout failure scenario, HDD frees the sap context. A
delayed WMA response will try to access the previously freed sap
context.
Add a validation check to prevent dereferencing the freed pointer.
Change-Id: Ifcc7d840680b05f4b136722ae204e7a55b66c6cc
CRs-Fixed: 1083677
