In testbed sta mode the RSNE enc type and auth type may not match the
AP's enc type and auth type and thus the scan filter is unable to match
and find the AP.
Introduce auth and enc type as "ANY" in scan filter. With the auth
and enc type set as ANY, all the AP's matching the BSSID and SSID
will be filtered and the negotiated auth and enc type will be
dependent on AP's auth and enc type.
Change-Id: I82f07f68d9ec6c6f2104122a05d06a698c61a50a
CRs-Fixed: 2197222
With IE length sanity check, that involved by Change-Id I9a091486,
11ax AP cant be found due to the addition of +1 byte in HE-operation
IE in latest spec of 11ax (D2.2).
Remove all 11ax extended capability IE length checks for now due to
11ax being under development.
Change-Id: I45d676325c72c8e0020ca52d094fb1652f8fcaf2
CRs-Fixed: 2197252
In scm_handle_bcn_probe, scm_add_update_entry is called before
inform_beacon(wlan_cfg80211_inform_bss_frame).
Once scan entry is added to db, there is race condition that other
threads may remove it from db before wlan_cfg80211_inform_bss_frame
is called. Thus freed memory will be accessed in
wlan_cfg80211_inform_bss_frame.
To fix call inform_beacon(wlan_cfg80211_inform_bss_frame) before
adding the entry to scan DB and after updating required fields
from duplicate older entry.
Change-Id: Ib6dd967da9625ce944bffda5037b689ffd70903a
CRs-Fixed: 2197238
Add support to send the per chain rssi to upper layer
for each beacon and probe responses.
Change-Id: Ife6cb9e8e65591baf485c54a985f84d842400321
CRs-Fixed: 2177638
In testbed STA mode the RSNE may not match with APUT and thus
driver fails to filter AP from scan cache as PMF capability
mismatch.
With this change driver will ignore PMF capability check and
proceed with connection to send auth and assoc to APUT.
Change-Id: I195cda133c8d2b9d38b1d2966261c320185ffeca
CRs-Fixed: 2195352
Add support to drop beacon, probe response frames if frame
receipt channel and channel mentioned in IEs dont match.
Change-Id: Ib545f125dc53ccfb21abf6bdcb94a327ecde5a0a
CRs-Fixed: 2149224
scan entry raw data length is not populated
during the duplicate scan entry generation.
Copy raw data length to new scan entry
while duplicating the scan entry. This api
is triggered as part of the get scan results
handler.
Change-Id: Ie59782fd437415552b7ae29c1b190e86d4b72d48
CRs-Fixed: 2186845
Invoke beacon update callback function before adding new entry
to scan list. It's required as get_scan_result API will end up
returning partially initialized scan entry.
Change-Id: Ia34f9c69b4eef2435b135912e06c39018a8987b8
CRs-Fixed: 2189783
Currently there is no individual length check to each IE, which
could probably result in buffer overead. Minimum length should
be checked for each varibale IE for avoid the same. Also some fixed
IEs should have a length check of not greater than the size of
their respective structures to avoid corrupting other IE data.
Fix is to add a length check to each individual IE to avoid
corrupting other IEs and also to prevent reception of any IE
of invalid length IE.
Change-Id: I9a0914861d7ff2871ac72ad7357ebbb7ef10eeb3
CRs-Fixed: 2183014
1. Enable scan command time out for all commands if not disabled
explicitly.
2. Remove QDF_BUG() for no serialization command buffers
Change-Id: I5357211ef6bc44f8ebd4b8acaa56a12f691fa46d
CRs-Fixed: 2175843
OWE SSID is hidden in OWE transition mode. When supplicant detects
connection to OWE transition mode, it issues connect with required
SSID to driver. But that ssid does not present in driver scan cache
as it is hidden. Instead of this ssid, driver scan cache has NULL
entry. This can result in connection failure due to mismatch in ssid.
In normal hidden ssid cases, supplicant issues scan with specific
ssid which helps to update driver scan cache with required ssid. SSID
is also hidden in OWE transition mode, but supplicant does not issue
scan with specific ssid which results in NULL entry in driver scan
cache for that SSID.
Fix this issue by explicit check for OWE if it is hidden.
Change-Id: I95e6b9af37e62c56b4b890090c33d53f89fed731
CRs-Fixed: 2185576
Move wma_get_buf_start_scan_cmd logic to common code in
ucfg_scan_update_params.
Change-Id: I4c9dcb48b4862ad10f64e260d87938251e270185
CRs-Fixed: 2180960
Support 11d for non-offload platform by maintaining
count of beacons encountered for each country code
and choosing country code with max votes as device's
country code.
Change-Id: I83b66e980854eded17e254386561fa32b1f8c4ac
CRs-Fixed: 2154048
When wide band scan is enabled, host configures all possible
channels with all possible phy modes. In his case if a scan
is invoked with 0 channels, target will end up scanning each
channel with all possible phy modes which increases scan time
exponentially.
If wide band scan is enabled and scan is issues with 0 channels,
configure target to scan all available channels only in 11A/11G mode.
Change-Id: I7c678ccf43c3238aacbfc59cc7e7bd19763453cc
CRs-Fixed: 2165025
Do command complete before invoking scan event handlers.
Its required as few scan event handlers check if scan is
active on underlying pdev which returns true as command
complete is not done yet.
Change-Id: Ia415b55e9c9a1cea71faa160c6b52c88dc8329a9
CRs-Fixed: 2180033
Due to Rx sensitivity issue, sometime beacons are seen on adjacent
channel so workaround in software is needed. If DS params or HT
info are present driver can get proper channel info from these IEs
and set channel_mismatch so that the older RSSI values are used in
new entry.
For the cases where DS params and HT info is not present, driver
needs to check below conditions to get proper channel and set
channel_mismatch so that the older RSSI values are used in
new entry:
-- The old entry channel and new entry channel are not same
-- RSSI is less than -80, this indicate that the signal has
leaked in adjacent channel
Change-Id: Ie9dc26f938b58b0c5d071ce4f2ba02b8e7fd4f60
CRs-Fixed: 2180012
For each scan node in db, real delete should be called only once.
If 2 threads are trying to delete a note, only one thread should
mark it delete and decrement the ref count and the other thread
should return. or use after free happens as some other thread is
still using it.
Change-Id: I8cfaea73f28f31406816c9fb38f6b65f6b50428d
CRs-Fixed: 2169890
Pass back scan start request in scan events so that
handlers can know parameters used to start underlying scan.
Change-Id: I8ca3d55edb266677cc636228919656baa12b43d9
CRs-Fixed: 2159700
With gcc 5+ utilized for driver building, more coding errors are
detected, some of which are valid issues.
Fix all those errors in one shot.
Change-Id: I263c70d4bff9ec0c3076103001cd7f2ccc8e0d1a
CRs-Fixed: 2176076
Change scan pno active , passive dwell time based upon the current
concurrency mode which can any of p2p_go , p2p_client or Sap
Change-Id: I8223879a981c412e4f57451346d4c2f375780f8e
CRs-Fixed: 2163209
Adds logic to use default RSN IE fields if optional fields are not
present in IE. So if RSN IE doesn't contain AKM, group and unicast
cipher, use the default AKM(AKM_IEEE8021X) and cipher (CCMP).
Change-Id: Icabfb8b88b294e935908b249462a61124aa76268
CRs-Fixed: 2164531
Add bss_scoring_required in scan filter to enable/disable
scan results filtering based on scoring
Change-Id: I6c2c08a1cd959f1586e3e5bb7b63665f04c3a856
CRs-Fixed: 2165465
Beacon parse util API currently returns only one
scan cache entry to the caller.
Extended the beacon parse api to return list of
scan cache entries in scenarios like mbssid
Change-Id: Ia362cda4fdbc9955966696484869fee6ac2d0a22
CRs-Fixed: 2154753
Set passive dwell time to 28msecs for active
scan when bt a2dp is enabled and hw is not dbs
capable and when sta is connected on 2G band.
Change-Id: I44f2e3d98f2d7ddc52e4902ba989131c256da4ef
CRs-Fixed: 2160963
If the requester id is 0 or other invalid values,
the function scm_scan_get_requester_event_handler
will get unexpected handler.
Change-Id: I505e2e1a1bdc9cec57aaa0c28abadf28d228ba5b
CRs-Fixed: 2147555
Current scan cancel API frees scan request and notifies internal
scan complete event to registered scan event handlers.
Add option to wait for target scan cancel event before freeing
scan request.
Change-Id: I9ccd753595b3467f6b4e668e9cac876a1105bba0
CRs-Fixed: 2145484
When a beacon/probe resp is received the scan cache delete the
old node (N1) and adds a new node(N2) at the end of the list, If any
other process is using old node (N1), for some amount of time driver
will have 2 entry for the same AP. Now if driver again receive a
beacon/probe resp during this time, it end up deleting the older node
(N1) Again and thus making its ref count 0 and freeing it, even when
the process using old node (N1) hasnt freed it.
To fix this add a active state to the scan node, and mark it inactive
or logically delete the node as soon its deleted from ageout, entry update
or flush logic. Also do not use the inactive or logically deleted node
for any new operation. For this add a logic to return only active nodes in
scm_get_next_node.
CRs-Fixed: 2155538
Change-Id: I186d3a0b0540f0b572735e1d95239ddcd8c9bdc9
ucfg_scan_cancel currently grabs a vdev reference unconditionally. This
opens the possibility of operating on a destroyed vdev. Instead, try to
get a vdev reference, and abort the scan cancel operation if a reference
cannot be obtained.
Change-Id: I6380775c6cd09920ad70feed0ec67e4c85ba890d
CRs-Fixed: 2149645
Currently driver assigns WLAN_PMF_REQUIRED to AP pmf capability
even if rsn capability do not matches with RSN_CAP_MFP_REQUIRED.
Add check for rsn capability against RSN_CAP_MFP_REQUIRED to fix
this issue.
Change-Id: Iff51090c9a65fd7c0d45048b73c5383d56bb13a5
CRs-Fixed: 2146881
In coex mode, BT throughput test cases are getting effected as
driver is selecting non-DBS scan policy for directed scan requests.
FW is going to use only one MAC for scan when performing non-DBS
scan which inturn increases the total scan duration.
This increase in total scan duration has effect on BT throughput
test cases.
Select DBS scan policy if atleast one session is in connected
state.
CRs-Fixed: 2084608
Change-Id: I6fba26accbaed4d57c6c56a782e570b534af43c4
Update dbs scan policy as HDD_SCAN_DBS_POLICY_FORCE_NONDBS if
the scan request is for directed SSID or directed BSSID.
CRs-Fixed: 2084612
Change-Id: I9d720770e2e364ca5cb01bb5fe137f7248593398
Add user configuration parameters to configure the number of
probes in scan request and probe repeate time during scan
Change-Id: I65a3734d8080d8adfe3e9ffa26905e6adc196197
CRs-Fixed: 2071697
For FT_PSK connection, we use WLAN_AKM_FT_IEEE8021X to make the
security match which causes can't find the candidate AP, the fix
is to use WLAN_AKM_FT_PSK instead.
Change-Id: Ic11fa8e47ccee04621e3bb9491f138c425c91cee
CRs-Fixed: 2131598
For passive scan host expects dpp public action frames which
are broadcast. So set 3rd bit of scan_ctrl_flags_ext to 1, so
that firmware sends these frames to host upon passive scan.
Change-Id: I7ab70ef92d9226fc265e99f3d1196c5ebae6acb4
CRs-Fixed: 2124683
Adds support to enable/disable scans for the psoc.
Also adds API to set and get the scan enable/disable status.
Change-Id: I2ebb6f9c7fffabef90e9f8c461bdf735e95f0db3
CRs-Fixed: 2124783
Add support to send BSS scoring params from INI to firmware.
Firmware will use these params to select best candidate during
roaming.
Change-Id: Iad0e71c770ac4f4c31ce3b19552f09fd27dc37bf
CRs-Fixed: 2121739
