Add change to release vdev reference only on successful removal
of active cmd from serialization active queue.
Change-Id: I2e14f7f53dc38388cdd05f029edc9329f9dd86a7
CRs-Fixed: 2463724
In the normal execution osif priv is freed when the object manager
is freed. Whenever there is a error w.r.t to creation of vdev,
osifpriv is deleted as part of vdev destroy. When this error
propagated to caller. Caller tries to again free the osif_priv
in the error path.
Hence set osif priv to NULL in error case to prevent any double
free by caller.
Change-Id: Iaa074ad39aa473e99ab2fd7b14194422f19c168d
CRs-Fixed: 2467327
Add interface API to send reject ap list to FW,
also add the blacklist manager UMAC, and QDF component
for the same.
Change-Id: I826e537683441762043003d71dc2b79ceebebbcb
CRs-Fixed: 2460770
wlan_pdev_chan_match used to take current vdev lock on current
iterating vdev and then on vdev for which channel set is triggered.
If two cores happed to try setting channel on two different vdevs,
cross locking may occur. Fix this by releasing one lock and then
acquiring other lock.
Change-Id: Ic1a6ca448c6d535e949102bc5a8a45971c8babd2
CRs-Fixed: 2460054
While accessing txrx desc pool, in_use flags is not used and thus
caller may end up using a txrx desc which is not in use. Also
all the params of txrx desc are not reinitialized once in_use flag
is set to false. This can lead invalid pointers used by caller.
So check for in_use flag before using the txrx desc pool, to avoid
use after in_use is set to false and reinitialized all params to
invalid values.
Also In wlan_mgmt_txrx_mgmt_frame_tx driver forcefully get the peer
ref count. It should use wlan_objmgr_peer_try_get_ref api to get
the peer ref, so that after logical delete the frames are not sent
for the peer.
Change-Id: Ie59e622c095750de8eabc49985b114ec6197be00
CRs-Fixed: 2459212
Implement the interface to transfer the info between
host driver and firmware about the ap which has interop
issues with the DUT. It is detected by firmware and
forwarded to user sapce for persistent storage. User
space configs these APs to firmware when the DUT
starts up next time.
CRs-Fixed: 2425197
Change-Id: I3857d2a605baa2673af333a7a0412f1690b59769
Legacy code for VDEV_SM is no more used, thus clean up flags
CMN_VDEV_MLME_SM_ENABLE and CMN_VDEV_MLME_CMPT_ENABLE.
Change-Id: I4f7b1099d4929f6250b1868c53b73d7c235a9c22
CRs-Fixed: 2457270
wlan_vdev_get_bsspeer() return bss peer without taking the ref count
of the peer and thus if peer is deleted after wlan_vdev_get_bsspeer()
returns a valid peer, the caller will have stale entry of the peer.
Stale entry of peer can lead to Assert.
Use wlan_objmgr_vdev_try_get_bsspeer API for stats to get the BSS
peer which increment the refcount if peer is valid. With this the
peer won't be deleted till the caller release the ref count of the
peer.
Change-Id: I3690f1309cbc7643ed55d8e903814b06f9d8755f
CRs-Fixed: 2454080
wlan_vdev_get_bsspeer() return bss peer without taking the ref count
of the peer and thus if peer is deleted after wlan_vdev_get_bsspeer()
returns a valid peer, the caller will have stale entry of the peer.
Stale entry of peer can lead to Assert.
Use wlan_objmgr_vdev_try_get_bsspeer API for crypto to get the BSS
peer which increment the refcount if peer is valid. With this the
peer won't be deleted till the caller release the ref count of the
peer.
Change-Id: I5472c80d267a6639acaff2d47dbc09e37963bc93
CRs-Fixed: 2447249
Rmmod process:
wlan_hdd_pld_remove --> hdd_stop_adapter --> hdd_vdev_destroy
--> WLAN_SER_CMD_DEL_STA_SESSION (25) cmd queued --> PLD_FW_DOWN
(will complete wait event as part of qdf_complete_wait_events)
--> hdd_wlan_stop_modules --> cds_disable -->
dispatcher_psoc_disable --> wlan_serialization_psoc_disable -->
wlan_serialization_timer_destroy --> umac_stop --> csr_stop -->
wlan_ser_cancel_non_scan_cmd -> check if timer is present but th
timer are already destroyed, so assert.
Move wlan_serialization_purge_cmd_list into converged API file to
be shared by MCC and WIN.
Change-Id: Iad557e4a05d682c257be0c39049c52950e5eb530
CRs-Fixed: 2451058
osif priv is allocated as part of the vdev object and freed as part of
the logical vdev deletion. There is a race condition where in a
component
holding the reference to the vdev is trying to do an operation using
the osif priv. But in the other thread osif priv can be freed.
This can lead to null pointer exception.
Hence, move the osif priv deletion to the vdev physical destroy.
Change-Id: Iea3fd87cb272a51c5691ee2e39a590861c1b1637
CRs-Fixed: 2449996
Add API to fetch the logically deleted peer list for a given vdev
and also add change to move peer delete request and response
related stats from pdev to vdev layer
Change-Id: Ibaac286a1e6ca86988b223055c15a6b9ba6cf4b9
CRs-Fixed: 2448111
The release ref APIs for an object first checks,
if the caller is holding a ref, and if yes, it decrements
the count.
If not, there is an error print and an assert, and if the assert is
disabled, the total ref count is decremented in the code, which could
lead to the object getting destoyed, even when it is being used or
some other component holding its ref.
So, if release ref API for an object is called by a component, which
is not holding the ref, we should return, so its handled correctly
even when assert is disabled.
Change-Id: I90de5c1b2e485e80c4b3138fc0fd99f5509d06a2
CRs-Fixed: 2417616
Adaptive 11r is a feature by which the network supports 11r
even though the bss doesn't advertise 11r. This is done with the
help of advertising vendor specific adaptive 11r IE and MD IE
in the beacon/probe. When vendor specific adaptive 11r
IE (oui 0x00 40 96 type 0x2C) is present in the beacon/probe,
and 1st bit of the IE data is set to 1, then the BSS supports
adaptive 11r.
The BSS advertises, non-11r akm in RSN IE and user space will
send the 11r akm in the connect start. So the scan module
shouldn't filter out the candidate adaptive 11r supported BSS
with AKM mismatch reason.
Add changes in scan module to parse the Vendor specific adaptive
11r IE and copy it to the scan_entry ie_list. Check if
negotiated akm is non-11r akm, and the filter akm sent from csr
is a 11r akm (which is received from user space), then mark the
bss as matching.
Change-Id: I65f32c67016ad634f1592a7453e77aaf0c5a327c
CRs-Fixed: 2431074
wlan_vdev_get_bsspeer() return bss peer without taking the ref count
of the peer and thus if peer is deleted after wlan_vdev_get_bsspeer()
returns a valid peer, the caller will have stale entry of the peer.
Thus add an API to get the BSS peer and increment the refcount if
peer is valid. With this the peer won't be deleted till the caller
release the ref count of the peer.
Change-Id: Ifb3b4de54f3aace359a35a821265c80119df1f50
CRs-Fixed: 2444996
Currently 1024+ is the number of peers, increase it to be 1536+,
(512*3) as the three radio soc supports 512 clients per radio.
Change-Id: I5f1d69206c536bb706825fbd70736dce21b64161
CRs-Fixed: 2436434
Update the commment sections in function
scm_req_update_concurrency_params and
wlan_util_get_mode_specific_peer_count.
Change-Id: I076beddacb6efa10f78a1d850f9b74886e9cdcdc
CRs-Fixed: 2439552
With this feature, using appropriate commands, link layer, network layer,
transport layer and some of the application protocols can be tagged with
the user provided tag values for easier identification of protocols. The
supported protocols today are as follows.
ARP, DHCPv4, DHCPv6, DNS over TCP (v4), DNS over TCP (v6), DNS over UDP
(v4), DNS over UDP (v6), ICMPv4, ICMPv6, TCPv4, TCPv6, UDPv4,
UDPv6, IPv4, IPv6, EAP.
Receive packets are tagged by hardware. Tags are applied after the first
matching rule. Hence it is recommended that the rules are
programmed in such a way that tags are configured from application layer
to data link layer to get expected results.
Change-Id: Ibdc2bd2b78234f482074955e89fb93f05988eaca
The serialization active command removal can happen in two ways
1. Its through wlan_serialization_remove_cmd API
2. Command times out and command timeout handler is called.
In case, cmd times out and handler is called in scheduler
context and as part of the active cmd removal,
the active cmd is removed, and release cmd cb is called
which could delete the vdev(post last reference release).
Then as part of moving cmd from pending to active,
the vdev queues are null, and we see a panic.
We take a vdev reference, when timer for active cmd is started.
For active cmd removal through wlan_serialization_remove_cmd,
we release the reference when the timer is stopped.
To avoid vdev destroy, in case command times out,
and until the command timeout handling is completed,
we hold vdev reference from when timer is started,
until timer handler completes.
Change-Id: I16b6864f75e8bf354da6f8b16c3aaa6cf39d7ac7
CRs-Fixed: 2422422
Currently, in case of SAP/GO present active dwell time of scan req
on STA iface is restricted. This can result in less scan time but
STA can miss some AP's. So, decrease dwell time only if some client
is connected to SAP or GO.
Change-Id: I46fb76792941b7c79f541b8b358d02bb944f0086
CRs-Fixed: 2436910
Any obj ref can be taken by modules. In the case the obj is logically
deleted but not deleted physically due to some pending reference not
released, it leads to memory curruption issues in unexpected places.
Debugging these issues becomes difficult as there is no indication where
the ref leak has happened. Especially when the curruption occurs before
stop_modules is called (where there is check for ref leaks)
To ease the process of debugging such issues, add a print to show the
modules holding the refs after logical deletion. Also, assert in
case any objs are in logically deleted state for longer than 10 secs.
Change-Id: I8fa55693c89f146d859cc9ec3355f5eb1e2c3853
CRs-Fixed: 2419733
Hostapd requests igtk keys with keyix 4,5.
Adding support to wlan_crypto_getkey to send the igtk keys
for keyix 4,5. In absence of the patch, hostapd getkey
call for igtk keys will fail.
Change-Id: I32cd6b417aae92cf3b3ac17bb72e19b581d21bd6
In the current implementation, we print the ser history
from index 0 to the current index of the ciruclar buffer,
so when buffer overflows we print only few recent items.
Instead, we should print all the elements in the circular buffer
starting from current index to entire length of the circular buffer.
This will print all the elements in the circular buffer
when it overflows and also takes care of printing
required items when buffer is not overflown.
Change-Id: I6c54cb34de7a1ba24ee0204004cc9a203173c66b
CRs-Fixed: 2430483
Add change to cleanup duplicate fields of
of vdev_mlme, which are also in mlme_channel_param
and their dependencies while updating
vdev_start_param. Cleanup unused mlme_cfg_ids.
Change-Id: Ie32971283a337f04692c0c0bc7f41fff75c090c3
CRs-Fixed: 2407953
Since umac cmd is specific to the module adding cmd to serialization
queue, an API is needed to validate the umac_cmd associated with that
serialization context holding the serialization queue lock.
Change-Id: Iadb4deb17ffabd780432a29e7cbd37024fd431fe
CRs-Fixed: 2430764
Move get macaddr from peer API at appropriate place instead of fetching
it everytime and not using it.
Change-Id: I01349a672215395795cd08cd65d98ad8a08b95b0
CRs-Fixed: 2431163
In wlan_crypto_rsn_info, only need to reject STA with PMF disabled
when PMF is required.
Change-Id: I7a7d4b2d1a2d44a95d08eb6bfac14540940f0be3
CRs-Fixed: 2424932
Currently only STA mode is supported in wlan_crypto_set_del_pmksa.
For SAE SAP, need to add AP mode support in this API.
Change-Id: If45a516713e302b3516d163516263bbcbafeaed2
CRs-Fixed: 2424893
MCL code will need to find the supported mgmt cipher
type from crypto component. Add two api for vdev and
peer for it.
Change-Id: Ic33d4f18a04b48ce4699617569585fd1c2ae6f61
CRs-Fixed: 2421463
Currently, the vdev connection status is checked by getting
the bss peer of that vdev, and if the bss peer is in associated
state then vdev connected status is sent as true. It can happen
vdev is present and bss peer is deleted after getting the bss peer
from vdev pointer. Then bss peer can not be dereferenced to get the
its status.
Instead remove all the duplicate api's tdls_is_vdev_connected,
pmo_core_is_vdev_connected, and wlan_vdev_is_connected with
wlan_vdev_is_up. wlan_vdev_is_up gives success status
if associated.
Change-Id: I863c3c0689f329870bd08c813813c16956135209
CRs-Fixed: 2426092
There is an assert inside the serialization timer cb.
This timer cb can also be called in the scheduler context.
So if we get a scan cancel request, it is posted to scheduler
and after that command timesout, the timer cb is posted
to the scheduler.
So first the cancel is executed and the command is removed.
After that, the timer handler is executed which will find timer->cmd
to NULL.
So, by the time, the timer handler is involved in scheduler context
the command might be cancelled so we return an error when cmd is null
in timer handler cb.
Change-Id: I03651a63de88fe5c6467c5783254ffd006c663d2
CRs-Fixed: 2427323
In roaming offload, PMK will be sent to firmware.
So,save the PMK to pmkcache when supplicant provide
from os interface.
Change-Id: Ibfd3d354b9150b40755ba2ab1dd90c2e3c6ddbc3
CRs-Fixed: 2420359
Per the Linux Kernel coding style, as enforced by the kernel
checkpatch script, pointers should not be explicitly compared to
NULL. Therefore within umac crypto replace any such comparisons with
logical operations performed on the pointer itself.
Change-Id: Id6edc4aa8bf0fef455c1359dacabd74fc7163e44
CRs-Fixed: 2418253
Per the Linux Kernel coding style, as enforced by the kernel
checkpatch script, pointers should not be explicitly compared to
NULL. Therefore within umac serialization replace any such comparisons
with logical operations performed on the pointer itself.
Change-Id: I6b8ff46dacfd2f9a883262f6336f35f5aff499bc
CRs-Fixed: 2420150
If MLME gets RADAR detected event while waiting for RESTART response from
FW(RESTART_PROGRESS substate), it sets PDEV RADAR detect deferred flag.
Once VDEV SM moves from START to other state, it invokes MLME SM callback,
which checks whether “RADAR detect defer” is set.
If it is set, SM callback posts message to scheduler to notify all VDEVs on
RADAR detection.(from here, flow goes as regular radar detected event)
Change-Id: Icaa2aee900be60c12c5b38b1d199bb01ba31f722
CRs-Fixed: 2390019
When a serialization cmd is activated and activation is process in
scheduler context, it is observed that the timeout for that cmd
occurs and the cmd is released even though the activation in
scheduler context is still in progress.
This will lead to accessing the serialization cmd after free,
leading to memory corruption error.
Add change to avoid this by posting timeout message to scheduler
thread which will help synchronize the cmd execution in scheduler.
Change-Id: Ib2234331844f48d0d219f430f5b585f792282d42
CRs-Fixed: 2419854
Per the Linux Kernel coding style, as enforced by the kernel
checkpatch script, pointers should not be explicitly compared to
NULL. Therefore within umac obj_mgr replace any such comparisons with
logical operations performed on the pointer itself.
Change-Id: I0f556e8baa9126511420a8d4c1b1a5e4ee220bab
CRs-Fixed: 2420149
Add object manager to iterate through all the psoc in
the system and call the provided callback with relevant
arguments
Change-Id: I92f4c1248447ce14413b666076e515c0569385a0
CRs-Fixed: 2413775
Modules wlan_util_get_vdev_by_ifname/wlan_util_vdev_get_if_name,
which are part of wlan utility under UMAC, are accessing OS IF
private structure that points to the interface name. This is a
layering violation since OS IF private structure should only be
accessed from OS IF layer. Move these modules in NAN OS IF files
in CLD where they are more appropriate.
Move modules that access os if priv to NAN OS IF files in CLD.
Change-Id: Ie4c2f51cddf3abfccbaa6a80580f38345697cfd1
CRs-Fixed: 2384474
The current implementation allows one extra vdev
to be created than the max vdevs allowed for a pdev.
Correct the check to allow only max vdevs to be created
for a pdev.
Change-Id: I589ae204abe87f5a727489494a34807a45d501fa
CRs-Fixed: 2415783
Add change to fetch the activation status for the command in the
active queue of a given vdev.
Change-Id: I2ef87b5423f3749eb68e50147c9a30115492197c
CRs-Fixed: 2415236
Add modules and API's to issue command WMI_NDP_CMDID. This
command, for now, can request Firmware to terminate all NDP's
associated with the given vdev. Add module that extracts
event information from event WMI_NDP_EVENTID. This event acts
as a response to command WMI_NDP_CMDID, and carries NDP
related status information for the host. Extract mac_id from
the updated TLV of NDP confirm and schedule update events.
Add modules and API's to support new NDP command and event.
Change-Id: Ibf6312cb3669b5e62ada3f4ad852be87f14ae09f
CRs-Fixed: 2384535
