Channel bonding mode can be disabled when connection happens. So reduce the
log level and rate for this log.
CRs-Fixed: 2298986
Change-Id: I47ab8111613292781bddca435f9800544b1e6d58
In the function wma_pdev_div_info_evt_handler, while handling
WMI_PDEV_DIV_RSSI_ANTID_EVENTID event, the corresponding event
handler wma_pdev_div_info_evt_handler is invoked. In the
function wma_pdev_div_info_evt_handler, event_buf argument comes
directly from firmware and event parameter is pulled from event
buf. The event->num_chains_valid is used as the maximum bound on
the array index of chain_rssi[] array which has a maximum limit
of CHAIN_MAX_NUM(8). When event->num_chains_valid has a value
greater than this maximum limit, OOB write could occur.
Add check to validate the event->num_chains_valid against
CHAIN_MAX_NUM(8) and return failure if it exceeds.
Change-Id: I40f1aa8a7b4bcffef3cab588c78c700e88e24673
CRs-Fixed: 2304662
Current driver reads WMI_SERVICE_LISTEN_INTERVAL_OFFLOAD_SUPPORT BIT
through WMI_SERVICE_EXT_IS_ENABLED macro which is deprecated.
Update it by reading wmi_service_listen_interval_offload_support through
wmi_service_enabled() API.
CRs-Fixed: 2305522
Change-Id: I1d6aedec31d035a3e9c2514ad6dc2b13b79dfff3
hdd_create_acs_timer() sets VENDOR_ACS_RESPONSE_PENDING, but
hdd_destroy_acs_timer() does not ensure this flag is cleared. This can
lead to a situation where the ACS timer is not initialized, but parts of
the code incorrectly assume that it is. Clear
VENDOR_ACS_RESPONSE_PENDING in hdd_destroy_acs_timer() to prevent
invalid access to the ACS timer.
Change-Id: I7c367b20e279fadc5ee329d94b7475711796b185
CRs-Fixed: 2305719
By default pktlog needs to be enabled during driver load.
To enable/disable pktlog use INI parameter.
This reverts Change-Id: Ie03a7e0a77bc5f525ad7ae74bb104a6d1bf21eb7
Change-Id: I8f74b4bcebfb8b4a35a29e321b2b6bd5e1920bf7
CRs-Fixed: 2296335
In WORLD mode, there can be urgency to discover the current country
since WORLD mode restricts the channel and TX power availability.Add
INI enable_11d_in_world_mode to automatically enable 11d in WORLD
mode. This INI supersedes the setting in 11d INI variable
Is11dSupportEnabled.
CRs-Fixed: 2289349
Change-Id: I7b289cdb60be5e737f41f9de5a478f32a234e717
qcacld-2.0 to qcacld-3.0 propagation
If all the STA connected to AP support ecsa, wlan driver will call
lim_send_extended_chan_switch_action_frame to send action frame,
but this function missing limSetProtectedBit when 11w enable,
this violate spec, so generate a fix for this issue.
Change-Id: I80f111f21015c98ee0abdafe76ea42c3e79163ac
CRs-Fixed: 2275626
Add WLAN_DFS_STATIC_MEM_ALLOC flag to use statically
allocated memory for dfs objects.
Change-Id: I73bfaead4da29a2e4a75cc667470f2255e453b12
CRs-Fixed: 2304928
Max beacon size in WMA layer is pointed by "WMA_BCN_BUF_MAX_SIZE"
which is currently set to 2500 bytes and Max beacon size in
PE layer is pointed by "SIR_MAX_BEACON_SIZE" which is currently
set to 512 bytes.
when wma_store_bcn_tmpl() gets called, this API tries to copy
beacon template from LIM to WMA which can't exceed 512 bytes.
To fix the issue, use SIR_MAX_BEACON_SIZE instead of
WMA_BCN_BUF_MAX_SIZE
CRs-Fixed: 2299791
Change-Id: I97b4c19611ec74c0702901c380bd32e866d26c8b
1) This reverts commit
Iab0862eda2392bd516c8ba0b913441b8e0d4c493
2) Reverted changes have been taken care through
Idd7617782e71ee187eef7fcb3523c05b49f82094
CRs-Fixed: 2300054
Change-Id: Icc47ded9a585e356b7eae1ad53ffea6668510308
Driver checks if 40 Mhz is supported for the channel but doesn't
validate if the cbmode provided by AP is valid.
Invalid cb mode provided by AP can lead to failure.
Add check to validate cbmode and bandwidth from AP in htinfo IE.
Change-Id: I3d2da7a8e3045594baf201732dd80a82bd88e16c
CRs-Fixed: 2303267
__wlan_hdd_open_ll_stats_debugfs() fails to free the llstats buffer in
the event that wlan_hdd_ll_stats_get() fails. Add error handling for
this call which frees the newly allocated buffer.
Change-Id: Ic5cff77a758ff81da82dd1143d77da68d87b9291
CRs-Fixed: 2304715
If SAP receive unicast data from a non-assoc STA, SAP should send
deauth mgmt frame to this STA, add this part logic to serve data path.
Change-Id: I47346e751b89eda77f6d6450218e2b70fe6b4953
CRs-Fixed: 2298550
When SSR is in progress, in vdev_detach, currently wma_force_vdev_cleanup
clears the peers from CDP vdev peer list. From the CDP, wma_remove_peer
is called via callback with the peer mac_addr. wma_remove_peer inturn
sends peer delete to FW, does a CDP peer delete and an ObjMgr peer delete.
But the peer delete to FW would not be sent as SSR is in progress and CDP
peer delete would not actually delete the peer from CDP as CDP will need
a peer unmap from the FW to actually delete the peer.
Proper implementation would be to delete the ObjMgr peers alone during SSR
in vdev_detach and let the cds_post_disable to take care of cleanup of
CDP Peers.
Change-Id: I6129b69eb26f3eaa68be40b62b822a4dfc6ff675
CRs-Fixed: 2302972
Phase 1, after ftm componentization, we could now support to remove
the ftm related components when FTM is disable from the build
configuration.
Size changes: after removing the ftm related binaries, we could save
15KB from module size.
Change-Id: Ib363f1d6204b07947a46f32673c4f8ad6fb3dbd3
CRs-fixed: 2258441
If mgmt encryption type is not updated, 11w feature will not be enabled
correctly for this association.
Mgmt encryption type is always updated through limJoinReqSerDes in the
cld2.0, which is removed in cld3.0. In cld3.0 if fast roaming is enabled,
mgmt encryption type will be updated through csr_construct_rsn_ie. If
fast roaming is not enabled, csr_construct_rsn_ie will not be called and
mgmt encryption type will not be updated.
Always called csr_construct_rsn_ie in csr_retrieve_rsn_ie to make sure
mgmt encryption type is updated.
Change-Id: I2d6541dd88a9d1770f4976b9caa32baa70a60ed3
CRs-Fixed: 2300847
The error handling in cds_open(), in the event that the call to
dispatcher_psoc_open() fails, is currently empty. Add appropriate error
handing for this case by referencing cds_open() and cds_close().
Change-Id: I2b0d328e365efd67099bb8e6b529720c7b1904c5
CRs-Fixed: 2303785
Add new iwpriv command to set BA aging timeout value to hardware.
e.g. "iwpriv wlan0 set_ba_timeout <ac> <duration>" which should set
given duration in msecs for given access class.
"iwpriv wlan0 get_ba_timeout" which should get duration
value for each access class and display.
CRs-Fixed: 2254891
Change-Id: I79f79191c47376e414dceeb73b736a0a9610e3ae
The error handling in cds_open(), in the event that the call to
mac_open() fails, is currently stubbed out. Add appropriate error
handling for this case by referencing cds_open() and cds_close().
Change-Id: I6103050d5f2323250c9254a5a3add01fd0d34de3
CRs-Fixed: 2302968
psoc ref count and mac_context memory is leaked in failure cases
of mac_open API.
Fix the psoc ref count and memory leaks in failure cases.
Change-Id: I39eaa7bef5e5c50b9b1a8833bec5e6da8cdf0d72
CRs-Fixed: 2302187
BSS description is dereferencing in hdd_association_completion_handler
without checking for NULL, which may cause NULL pointer dereference.
To address this, add check for BSS description before dereferencing.
Change-Id: I24f728fb6d66b4c07dfe39f3ac426f3d2153b917
CRs-Fixed: 2299797
SAP(Go) concurrency check is mainly used for two purposes:
1) When new GO/SAP session is coming up and needs to check if
this session's channel can co-exist with existing GO/SAP
sessions. For example, in case of single radio platform, MCC for
SAP/GO+SAP/GO is not supported, in such case this API should
prevent bringing the second connection.
2)There is already existing SAP+GO combination but due to upper
layer notifying LTE-COEX event or sending command to move one of
the connections to different channel. In such cases before moving
existing connection to new channel, check if new channel can
co-exist with the other existing connection. For example, one
SAP1 is on channel-6 and second SAP2 is on channel-36 and lets
say they are doing DBS, and lets say upper layer sends LTE-COEX
to move SAP1 from channel-6 to channel-149. In this case, SAP1
and SAP2 will end up doing MCC which may not be desirable result.
Add vdev_id check while checking for 2nd case. If connection with
given vdev_id exist then it is confirmed that it's a case of
channel switch rather than a new connection case.
Change-Id: I2535b38af353be2abd9c2ff636c06f3c5869969d
CRs-Fixed: 2300451
There are two lim_set_protected_bit() implementation with/without
WLAN_FEATURE_11W defined.
So no need to wrap this function with macro WLAN_FEATURE_11W.
Change-Id: I719f623d17ed0db655d33bda04b51937f1c1c5f4
CRs-Fixed: 2298804
The bus bandwidth compute timer is a periodic timer which computes bus
bandwidth usage of associated adapters over a period of time. When the
last adapter disassociates, this timer is stopped. However, the timer
starts a work that is not stopped or flushed at this time. When the
device is under load from external subsystems, this work can get pushed
out past what is safe. When the bus bandwidth timer is stopped, also
stop and flush the bus bandwidth work to ensure safe memory access.
Change-Id: I32c15b42c9756341d1ecf534c05f87738fd24edb
CRs-Fixed: 2300697
Presently, recovery inprogress flag is set only when PLD_RECOVERY
is received but in cases of rejuvenate only PLD_FW_DOWN is received.
Set for the recovery in progress for all the firmware down events
so the unneccessary bug_on's will be avoided.
Change-Id: I654e9e5b02925ac21857369f87af6ca40d8dc815
CRs-Fixed: 2285278
Currently, driver calls hdd_alloc_station_adapter to initialize the
completion variables for a particular adapter only if mode of interface
is STA or P2P. In case when driver changes its STA + SAP mode to
STA + STA mode by calling hdd_open_concurrent_interface, driver is not
able to initialize init_completion variable for new STA interface. So
while processing fw commands (for new STA interface) which uses
completion variables, driver leads to the use of uninitialized
variables issue.
Create new function cmn_init_completion to initialize completion
variables for all interfaces while opening the HDD adapter.
Change-Id: Iae8ec1a86dd4084c9f5b39ec0d90e16182212df9
CRs-Fixed: 2288919
