Pointer mac is returned from function cds_get_context which might return
NULL. So NULL check for mac pointer is added before dereferencing it.
Change-Id: I9258dc625144650c077fd457827fc24610732b77
CRs-Fixed: 3746451
Add support override the NSS capability with HW NSS capability
during TDLS setup.
Change-Id: I916193969d5aafe042ee1bea2adc29668c9109ee
CRs-Fixed: 3792456
Currently, ROAM_SYNC is aborted on the corresponding vdev when
the vdev is not in CONNECTED state. This abort operation sends
an RSO_STOP to fw but the status is not notified to the caller.
This results in a race condition in the below scenario,
1. Firmware roamed to a 2-link ML AP and sent Roam sync ind
to host
2. Host posted ROAM_SYNC on vdev-0 in scheduler thread context
as the vdev-0 state is CONNECTED
3. Got a DISCONNECT request from userspace in user thread and
the states moved to DISCONNECTING.
4. Host tried to post ROAM_SYNC to vdev-1 but aborted as the
state is not CONNECTED and tries to send RSO_STOP to fw.
This RSO_STOP won’t be sent as it’s a link vdev and the
RSO_STOP should go from assoc vdev later.
But this status is not indicated to the caller which
proceeds with vdev-0 ROAM_SYNC.
5. As vdev-0 ROAM_SYNC doesn't check for the connection state
once processing is started, ROAM_SYNC would be completed
on vdev-0.
6. This causes out of sync and vdev-1 doesn't get cleaned-up.
7. As part of the disconnect, host tries to cleanup the old
peer on vdev-1. But firmware ignores this as that peer is
already cleaned up in fw.
This results in peer map-unmap issue later as the new Roamed
peer on vdev-1 will never get cleaned-up in host but the same
got cleaned up in fw. FW is free to use that peer_id to
another peer mac later and when it does, host DP complains.
So, indicate ROAM_SYNC abort status to the caller to abort
the complete Roaming.
Change-Id: Ic65149ddf28f01ca5d7a0f6d3137a38e64e6c6ae
CRs-Fixed: 3786671
When SAP CSA is started, host driver starts sending CSA IE
with beacon count. Host driver sends VDEV_RESTART to firmware
only when the beacon count reaches to 0(e.g. from 10 to 0).
But if CSA has to be aborted due to some reason(e.g. concurrent
SAP got disconnected), host driver stops the CSA by posting
EV_CHAN_SWITCH_DISABLED where it stops sending the CSA IE and
restores the VDEV state to UP-UP-ACTIVE. It updates the
templates and doesn't send VDEV_RESTART to firmware.
Currently, host driver sends VDEV_UP to firmware as part of
SAP state machine restoration. But firmware might not expect
this VDEV_UP as vdev is in UP state. Host has to avoid
sending VDEV_UP to firmware when the VDEV state is UP-ACTIVE.
Also, SAP CSA abort might result in other race conditions.
So, let the CSA continue if it's already started and SAP channel
gets evaluated once SAP is UP anyway.
Change-Id: Ic8ff8b0c58dd656b4e7ae2a2f9c46c3584a33165
CRs-Fixed: 3734991
Host driver doesn't disable RSO before restarting the vdev
for fw-initiated as well host-initiated CSA or BW change for
link vdev. Therefore, if the FW is in middle of roam(for host
initiated CSA) cases, this restart leads to race condition in FW.
Add a new reason code for VDEV restarts triggered due to CSA,
enable/disable the RSO SM based on this new reason code for
assoc as well as partner links.
Change-Id: I48925d76df62bb1c60f212048b95c434af18042f
CRs-Fixed: 3770973
In the api hdd_set_nss_params() and hdd_set_antenna_mode()
change in nss parameter or antenna mode cause the TDLS
teardown.
Add a check in api hdd_set_nss_params() and
hdd_set_antenna_mode() to prevent change in parameter
if there is a existing TDLS connection.
Change-Id: I8a58b8b0a617a8de490907e4c3181b15d90e0dbb
CRs-Fixed: 3789892
Set chipset stats bits i.e HOST_LOG_CHIPSET_STATS for
host chipset stats and FW_LOG_CHIPSET_STATS for firmware
chipset stats in gwlan_logging.eventFlag object whenever
user requests ring data inorder to flush both host and fw
chipset stats buffer.
Change-Id: I3701c65d2f3a94773e34f14c1a5742ec9b416347
CRs-Fixed: 3783014
Update bazel script with wlan_cp_stats_chipset_stats.c src
file to include it in the compilation
Change-Id: I9f92db2856f14c146b2ea111be0e0f2f0ce8fc19
CRs-Fixed: 3783012
Firmware timestamp values are not printed for BTM_QUERY &
BTM_REQ events and wrong value for BTM_RSP. This is because
the timestamp values is read from wrong structures.
Read the firmware timestamp values from correct wmi structure
to fill the connectivity diag event
Change-Id: I568e87ee3e4bb66d3f73d353df794ced92b418c1
CRs-Fixed: 3788350
When SAP start as pri freq: 5180, 160M, pri freq isn’t DFS freq, but
bonded freqs are DFS freq, so sap_dfs_wakelock is held.
After SAP restart as pri freq: 5180, 80M, pri freq and bonded freqs are
not DFS freq, so sap_dfs_wakelock isn’t released.
To fix it, add ch_params_before_ch_switch in sap_context, which includes
ch_width/ccfs0/ccfs1, can get all bonded sub channel info.
Add ch_params parameter in API hdd_hostapd_channel_allow_suspend and
hdd_hostapd_channel_prevent_suspend.
Call wlan_mlme_check_chan_param_has_dfs in them instead of
sap_chan_bond_dfs_sub_chan with
CRs-Fixed: 3777779
Change-Id: I7e32317b2ffab6f8de5990aeed68e7bd02527d6f
Currently, opmode is extracted from sap_ctx->vdev without
checking if it's NULL. Add a preventive NULL check
on sap_ctx->vdev.
Change-Id: I084d7ad441f84426d316d729136286a24fbeed26
CRs-Fixed: 3786993
Move definition STA_ENTRY_TDLS_PEER out
of the TDLS feature macro, which will be used
in the common code lim_process_addba_req().
Otherwise it will happen compile error if
FEATURE_WLAN_TDLS disabled.
Change-Id: Idff66bc61b60147bfb9f5c627d2e5a29a28bd268
CRs-Fixed: 3784440
Currently there is no validaton for total num powers
which is calculated by adding powers sent by AP till
160 MHz and powers sent in ext element of the TPE IE.
total powers will increase more than allowed Tx powers
if AP sends some invalid value in ext count but array
limit is 15 only. which may become cause of out of
bound if AP sends some invalid value in ext count.
Fix is to add a validation check for total num powers.
If total num powers becaomes greater than allowed powers,
don't parse the ext element.
Change-Id: I1478b8d1dfa3c491a471790a12d0c3b0f62352f7
CRs-Fixed: 3695072
Driver use uninitialized unsafe channel array in the function
"wlansap_select_chan_with_best_bandwidth"
So, to fix this, initialize the unsafe channel array with zero
value.
Change-Id: If63226da00187086f27e716424b29e30137a46b1
CRs-Fixed: 3772902
Pointer 'dp_ctx' returned from call to function 'dp_psoc_get_priv'
may be NULL in below APIs:
1. dp_reset_tcp_delack
2. dp_bus_bandwidth_init
3. dp_bus_bandwidth_deinit
4. dp_bus_bw_compute_timer_try_start
5. dp_bus_bw_compute_timer_try_stop
6. ucfg_dp_set_cmn_dp_handle
7. __dp_bus_bw_compute_timer_start
Fix is to add NULL check for dp_ctx before use.
Change-Id: I5f9ea6ae8ce3bb13631ad9a2dfe25d9c3686a33b
CRs-Fixed: 3767091
Certain countries have dot11mode restrictions such as no
11be mode support, in which case the regdb updates the
phymode and sends to Host.
Add support to use this value to limit and update the
internal dot11mode to allow connection in corresponding
phymode.
Change-Id: If7dd8c261fbe61e96c7749dd1457713502409fa6
CRs-Fixed: 3747811
