Few IOT APs advertise reduced NSS capabilities on ending
up in bad state. These APs can later recover to support
the actual NSS capabilities. In this scenario, when STA
initiates connection to these APs, which are in bad state,
reduced NSS capabilities is advertised. STA cannot later
upgrade NSS capabilities to the minimum of STA max NSS
capability and APs actual NSS capability, once AP recovers.
Fix is to advertise max NSS capability during connection
with these IOT APs based on vendor OUIs and downgrade if
AP still advertises reduced NSS capability in association
response.
Change-Id: I49ea13534b1a44fd9ffadd1e8fb44e9d782147c4
CRs-Fixed: 2453938
In function mlme_init_btm_cfg(), initializing the
btm_solicited_timeout, btm_max_attempt_cnt and btm_sticky_time
is done using the cfg_default() api, which always returns the
default value irrespective of the ini configured. This results
in failure of ini configuration from the WCNSS_qcom_cfg.ini file.
Use cfg_get() api to get the default value of ini items.
Change-Id: I773676cc67878f233cb6d14e0ad3ec1d79a5518f
CRs-Fixed: 2461612
Fix an issue where driver downgrades HW to single MAC mode for
NAN + NDI concurrency. DBS must be enabled for since NAN operates
in 2G.
Change-Id: Ie4d76e7a73d40ce663c6f907693954b62add0394
CRs-fixed: 2460830
Abstract the callback hdd_softap_ipa_start_xmit by
hdd_softap_ipa_start_xmit, to match the return type of
wlan_ipa_softap_xmit pointer, to fix a CFI failure.
Change-Id: If1cb1a80801558d5c7831ec89ad5281b0bbe36f3
A VHT beamformee shall indicate the maximum number of space-time
streams it can receive in a VHT NDP in the Beamformee STS
Capability subfield of the VHT Capabilities Information field of
the VHT Capabilities element. The SAP is advertising STS value
as 8 in both 2G and 5G band. This may cause IOT issues.
Fix the default value of beamformee STS capability value as
default value 3 for SAP.
Change-Id: I026eabeea941a33f1ffab6e498e6de90e182320e
CRs-Fixed: 2448390
If tdls feature is disabled, as currently tdls_osif_init_cb is called
before checking flags, tdls_osif_deinit_cb will be missed which causes
memory leak.
Do tdls_osif_init_cb after checking tdls_feature_flags.
Change-Id: I008c69a9b39f5321d1ca79f5193539f5abd32a02
CRs-Fixed: 2459853
For implicit and external control the tdls connection is
established based on the tx and rx pkt count. But currently,
pkt count with connected AP also tracked.
Do not track packets for connected AP as TDLS is not possible
with connected AP.
Change-Id: I29d6f4e7858de1ec453d64b6fce548f5132c57d4
CRs-Fixed: 2457524
In hdd_vdev_destroy, if policy_mgr_check_and_stop_opportunistic_timer
decides to move to single mac mode and while sending the HW mode change
the target goes down, this leads to timeout of the HW mode change req in
WMA layer which is 2 sec and in serialization its 4 sec, but
policy_mgr_check_and_stop_opportunistic_timer timeout in 1 sec and proceed
to sme_close_session and wait for it to complete.
sme_close_session queue WLAN_SER_CMD_DEL_STA_SESSION to serialization but
it remains in pending queue, behind HW mode change req.
Now due to SSR the wait event for sme_close_session is set and thus
hdd_vdev_destroy logically deletes the vdev.
Now on WMA timeout the HW mode change try to remove the request from
serialization which it fails to remove as it fails to get ref for vdev
with vdev being logically deleted.
Thus WLAN_SER_CMD_DEL_STA_SESSION is not processed and is flushed in
hdd_wlan_shutdown.
Thus as SSR WLAN_SER_CMD_DEL_STA_SESSION is flushed from serialization
queue, the wma_vdev_detach() is not called for that vdev and thus the
peer attached to the vdev are not deleted and wma vdev ref is also not
released, this lead vdev/peer ref leak.
To fix this update the wait timeout in
policy_mgr_check_and_stop_opportunistic_timer with proper value higher
than the serialization timeout for the HW mode change request. ALso
set the wait event in policy_mgr_pdev_set_hw_mode_cb in failure cases
as well to avoid timeout in case of hw mode change failures.
Also release pending peer and vdef refs in wma_wmi_service_close.
Change-Id: I5ddf8263b0dbf889be506332a67f5e18c1bfb111
CRs-Fixed: 2458034
Implement the interface to transfer the info between
host driver and firmware about the ap which has interop
issues with the DUT. It is detected by firmware and
forwarded to user sapce for persistent storage. And
user space configs these APs to firmware when the DUT
starts up next time.
CRs-Fixed: 2425202
Change-Id: I2e828d521f0e04862a01fa1c90626f51b7f65796
Host need to fill netbuf with qtime instead of tsf. So
host need to add tsf64 enable/disable related functions
and definitions to sync with FW.
The tsf64_time is new added to fw/host structure, so host
need to add parse functions to get tsf64_time from tx_desc.
Change-Id: Ieea0d8f905eb57629d279f8da0e811857b760b1f
CRs-Fixed: 2444456
WMI_STA_PS_PARAM_INACTIVITY_TIME and
WMI_STA_PS_PARAM_MAX_RESET_ITO_COUNT_ON_TIM_NO_TXRX
need to be sent as WMI_STA_POWERSAVE_PARAM_CMDID param IDs.
Thus use pmo_tgt_send_vdev_sta_ps_param instead of
pmo_tgt_vdev_update_param_req in appropriate locations.
Change-Id: Ie9438cd88540a9bbcaf120b3d0a32d355f85002d
CRs-fixed: 2457998
Userspace request driver to report details of each beacon
received whose bssid is same as currently connected BSS's
mac address. The driver encapsulates the details of these
beacons as an asynchronous event within vendor command:
QCA_NL80211_VENDOR_SUBCMD_BEACON_REPORTING with operation
type QCA_WLAN_VENDOR_BEACON_REPORTING_OP_STOP until
userspace requests to stop sending beacons.
When driver gets stop indication from userspace, it does
the following things:
1. De-register all callback which is registered while handling
start indication
2. Add beacon filter and send it to fw
If driver is in WOW mode and WMI_ADD_BCN_FILTER_CMDID is
NOT configured, fw wakeup HOST and sends connected AP beacon.
Fw should not wakeup host if host is in wow mode. In order
to support this, configure WOW_BEACON_EVENT for STA and P2P.
Change-Id: Ie7c768fa957d02e1361e1ecb95435ba3f06034b0
CRs-Fixed: 2431360
TDLS is disabled if second connection comes up.
If that second connection fails then enable
the TDLS again.
Change-Id: Id5df1df81c94bcf3a0616bbfb4b33f3e4d81dcbe
CRs-Fixed: 2445831
Currently LFR band specific ini attributes 5g_rssi_boost_threshold
and 5g_rssi_penalize_threshold programmed with wrong type and range.
This can lead to ignore user-input and always use default value.
To fix this, correct min and max ini values for 5Ghz network RSSI
boost/penalty preference.
Change-Id: If89c09fb1343a68dfaa7241b5ec14b046d1bb758
CRs-Fixed: 2452128
VDEV UP command doesn't include right MBSSID information, it will
cause data stall issue and so on.
Fix is to provide right MBSSID information with VDEV UP command.
Change-Id: I0201722c14dee1b01b8dacc7e3095301fb02fd3a
CRs-Fixed: 2434405
Any new param_id added to target_if_pmo_send_vdev_update_param_req
should be added to wmi_tag_vdev_set_cmd to be tagged for runtime PM
feature so that it will not invoke runtime PM get which may result
resume right after suspend (WOW_ENABLE).
Change-Id: Ifa154b38ec91599023e30a37b7fcfef88f5f0491
CRs-fixed: 2451994
Currently in function pmo_core_config_modulated_dtim there is a possible
scenario of a division by zero. The parameter dtim period can have zero
value.
Add a check before performing the operation.
Change-Id: Ida4a798e5c7914966db25bd188821a75caaf4353
CRs-Fixed: 2432010
Presently osif tdls memory is freed as part of the osif_priv
when the vdev is logically destroyed. There is case seen
wherein the tdls is holding vdev reference and in the other
thread the interface down is received and the osif_priv is
freed resulting in the tdls osif priv also, if the other thread
tries to dereference the tdls os priv it will result
null pointer exception.
Move the tdls osif priv memory creation/deletion to the tdls component.
Change-Id: I3782f6304bee5a6eaab4d9122a569ba56fd29947
CRs-Fixed: 2436379
If FW does not support WMI_SERVICE_DUAL_BEACON_ON_SINGLE_MAC_MCC_SUPPORT,
in AP+AP case start the second SAP on same band and
different channel will be failed.
For force mcc to scc switch enabled case, override the second AP's
chan to same chan of first AP instead of return failed in start AP.
Change-Id: I83ad3db3160cfc2dd66163bb1e1b2e19ae7c5fa3
CRs-Fixed: 2439440
Correct INI description for "gTDLSRSSIDelta", and configuration type
for below items:
- CFG_VALID_CHANNEL_LIST
- CFG_COUNTRY_CODE
Change-Id: If7ae2845c06b39ba9ce5af96c21bbe3900edbdf4
CRs-Fixed: 2448134
CSA on DFS channels requires CAC period after RESTART response, peers
can leave during CAC period due to HB failure. But peers remain
connected in SAP and are not deleted.
Now if vdev down is called during CAC wait period, the peer delete
all is not called, and vdev delete is sent without sending peer
delete to firmare leading to assert.
This change adds the logic to internally disconnect all peers before
channel switch if CAC is required on new channel, i.e new channel is
DFS and pre-CAC is not done and ignore cac is not set.
Change-Id: I923fd11d1b9d4a2c606b19ff94baaf44397d3e20
CRs-Fixed: 2449104
Some failures in PMO runtime suspend do not return any error code.
Fix them by returning proper error code.
Change-Id: Icc6b8fef45707cba6dc2cef7ec44cd5c71d2f07d
CRs-fixed: 2450271
Scenario of the issue is :-
1. Keep sta+sap_scc_dfs_ch as 0 to disable the dfs concurrency
2. Start a SAP on any 5ghz channel(NON-DFS).
3. Start a STA on a DFS channel.
Expectation: The SAP should not do MCC, SCC as the above
mentioned ini is 0, also MCC is not prefereed in a HW
solution where DFS is preferred, hence the SAP should go
to 2.4ghz and DBS should be the expectation.
Observation: The SAP does not do a DBS operation, and falls to
MCC here.
Reason: When the SAP gets a PCL in the path of SAP restart,
the PCL feels that a new SAP is going to come up, and hence
gives the best channel (first element of PCL ) as its own,
which leads to restart being rejected, as the SAP cannot start
on a channel which is the same as existing.
The final channel then selected is the STA channel, leading to
DFS SCC which is also not allowed. Hence the SAP is now stuck
in MCC(STA+SAP , one on DFS, and the other on NON-DFS channel).
Fix: The fix is to get an alternate channel for SAP restart, other
than the channel on which the SAP is already up, to lead to DBS,
if the STA channel is not suitable for SCC operaion.
Change-Id: Iab3ad22b2f970ca26ce3e6bc7a9b5ee34bc7e7ba
CRs-Fixed: 2443718
wlan_vdev_get_bsspeer() return bss peer without taking the ref count
of the peer and thus if peer is deleted after wlan_vdev_get_bsspeer()
returns a valid peer, the caller will have stale entry of the peer.
Stale entry of peer can lead to Assert.
Use wlan_objmgr_vdev_try_get_bsspeer API for pmo to get the BSS peer
which increment the refcount if peer is valid. With this the peer
won't be deleted till the caller release the ref count of the peer.
Change-Id: I0901164132c497d78c9dc603539b045e5ce0f152
CRs-Fixed: 2446618
MLME log macros like mlme_debug, mlme_err, mlme_info are having same
definition in legacy and common code. To avoid this redefination,
lagacy MLME log macros are renamed.
Change-Id: I71fbbcd1f74df73e82b799b318a9e9a95a3cb0c8
CRs-Fixed: 2446535
Update the HE partial BW UL MU MIMO capability in CFG with the
FW capability shared for supported features.
Change-Id: Ia2c934ce2277076f86fc679b55d4d386ae27795c
CRs-Fixed: 2446810
Mc timer is used to initialize the p2p roc timer.
And the actual timer runs in the soft irq thread and
when the timer exipres it posts the message to mc thread.
Currently, qdf_mc_timer_stop is called to stop the timer.
It calls the del_timer internally to delete the timer.
del_timer() ensures that the given timer is not queued
to run anywhere in the system. But the callback may
be running on another CPU core can create race conditions.
So use del_timer_sync to delete the roc timer.
Change-Id: I2c0fd6e335fc342a3acf06ede534c84d40e19346
CRs-Fixed: 2445705
wlan_vdev_get_bsspeer() return bss peer without taking the ref count
of the peer and thus if peer is deleted after wlan_vdev_get_bsspeer()
returns a valid peer, the caller will have stale entry of the peer.
Stale entry of peer can lead to Assert.
Use wlan_objmgr_vdev_try_get_bsspeer API in TDLS to get the BSS peer
which increment the refcount if peer is valid. With this the peer
won't be deleted till the caller release the ref count of the peer.
Change-Id: I9dc26771a0e8dadf75898c94bff5d4b8fb8a88d5
CRs-Fixed: 2445795
Disable OCE in STA vdev if any sta gets associated to SAP/GO.
This will improve the scan results in STA interface.
Without this fix firmware will do probe request deferral for 15ms
out of 28 ms , so 15ms is gone and rest is not sufficient dwell
time to get all AP probe responses.
Change-Id: Ie6f79c86025c53360c792c740a963ed8a1d9b936
CRs-Fixed: 2443190
Adaptive 11r feature that enables the AP to support FT-AKM
without configuring the FT-AKM in the network. The AP will
advertise non-FT akm with a vendor specific IE having Adaptive
11r bit set to 1 in the IE data. The AP also advertises the
MDE in beacon/probe response.
The STA should check the adaptive 11r capability if the AP
advertises MDE in beacon/probe and adaptive 11r capability in
vendor specific IE. If adaptive 11r capability is found,
STA should advertise the FT equivalent of the non-FT AKM.
Introdue a compile time flag WLAN_ADAPTIVE_11R_ENABLED to
enable/disable adaptive 11r support.
If the AP is adaptive 11r capable, set the is_adaptive_11r_ap
flag in bss descrtiptor. This flag will be sent in join request
and populated to pe_session. Also mark the CSR session as
adaptive 11r session based on this flag.
Add changes to check for the adaptive 11r service capability
advertised by firmware. If the host driver connects to adaptive
11r AP, enable RSO only if the firmware advertises adaptive
11r capability, else RSO should be disabled.
If the connection is adaptive 11r connection and if the adaptive
11r ini is enabled, set the adaptive_11r flag in
wmi_roam_11r_offload_tlv_param sent over the wmi command
WMI_ROAM_SCAN_MODE to the firmware. This will enable firmware to
filter the adaptive 11r AP from roam scan results.
Change-Id: If27a2393e3f4bb68942f5ebcec0135f57627f16b
CRs-Fixed: 2437988
Driver uses cipher stored in vdev to get the MIC length, which
may get updated if multiple peer(TDLS peer in STA case) get
connected to the vdev. Thus depending on latest peer cipher type
the MIC length will be calculated for all peers.
Add changes to store cipher info in peer and use it to calculate
MIC length for the frame if CRYPTO_SET_KEY_CONVERGED is defined.
Change-Id: I852e4b519f55d8020237989314f8506aa275f379
CRs-Fixed: 2444416
Currently, Updation of vdev related parameters
policy_mgr_vdev_entry_info is conditional. Conditional
updation can cause uninitialized usage of subtype of
policy_mgr_vdev_entry_info by policy manager to get concurrency
mode.
Fix is to initialize policy_mgr_vdev_entry_info with zero.
Change-Id: If1350bd66705defdea2e69d559de0a6578acde02
CRs-Fixed: 2423871
Currently the driver checks that whether DBS connection
is allowed in concurrency or not, and if it is not
allowed, MCC should happen.
But the check of policy_mgr_is_hwmode_set_for_given_chnl blocks
the connection in MCC, because it checks whether the DBS
mode is set or not, which should not be case always, for
example in MCC case scenarios, or SBS case scenarios in
future.
Lets take a case scenario to understand this :-
1. Keep the ini channel_select_logic_conc = 0
this would disable the dbs for STA+STA/P2P-CLI
2. Turn on the above concurrency combinations in diff band
3. The expectation should be MCC as DBS for this combination
is disabled, but this is not the observation.
here the vdev that comes up next, would fail as MCC is rejected
in policy_mgr_is_hwmode_set_for_given_chn, and DBS is not allowed
according to the check in policy_mgr_is_dbs_allowed_for_concurrency
hence the combination mentioned above cannot be achieved with
this check.
Fix is to remove the check of dbs from API
policy_mgr_is_hwmode_set_for_given_chnl.
Change-Id: I4260f3229658b753f98a106e5580b6c18f7ac0ff
CRs-Fixed: 2442533
Do not allow tdls peer update command if tdls peer is not
found in lim. If peer assoc command is given to FW
without peer create, FW will assert.
Remove tdls peers in tdls component in case of roaming as
peers are deleted in lim as part of roaming.
Change-Id: Ie227da682e4d30c9b583881f7e2eaafe91826476
CRs-Fixed: 2441951
In STA-SAP config, IPA offload is enabled only when first
client is connected to SAP. This is OK for MSM platforms.
But for MDM platforms, this is not the case. There's STA
tethering cases, where traffic is routed between STA and
USB tethering devices while SAP is idle and no wifi clients
are connected to SAP. In such case, IPA offload needs to
be enabled for STA to promote performance.
Fix is to use available MDM_PLATFORM marco and STA only IPA
support is decided upon driver build time.
Change-Id: If2bc016aa941f2c0651a2669f1169e631208326b
CRs-Fixed: 2433608
It doesn't update rssi of tdls peers. So add logic to update it when
get all tdls peers.
Change-Id: I81d4536b5cb2443b088ee4a5d425d548eac152d6
CRs-Fixed: 2435903
Currently in the case of concurrent sessions running,
the driver updates the active dwell time for the scan
request to the default value, overwriting the already
filled active dwell time which the DUT got from the
AP as part of RRM request, which results in violation
of protocol.
Fix is to not update the concurrency params if the scan
request is of type RRM.
Change-Id: I09ebfbee0d282391be17aed7eaf56e3c53c2a5e2
CRs-Fixed: 2438535
With current design, firmware sends the kck, kek and replay
counters as part of wmi_key_material tlv over the
WMI_ROAM_SYNCH_EVENTID event. But the maximum supported kck key
length in wmi_key_material was 16 bytes. But for FT Suite-B
(akm 00:0f:ac:13), the kck_bits is 24 bytes long and cannot be
sent over wmi_key_material. So firmware sends kck, kek and
replay counter values over the new tlv wmi_key_material_ext.
Host driver copies the kck key with fixed 16 byte length to the
upper layers. Introduce kck_length parameter in csr_roam_info
and roam_offload_synch_ind structures and copy kck based on this
length.
Also fix maximum number of AKM suites supported to 5, as some
certification test cases advertise 5 akms.
Change-Id: Iab050e3e3f7efead8070a02094998d15f7ffcbd0
CRs-Fixed: 2400770
Propagation from qcacld-2.0 to qcacld-3.0
For the sap role, .get_station would invoke
wlan_hdd_get_station_remote() or wlan_hdd_get_sap_stats(), depends on
"gSapGetPeerInfo" ini setting. And fix the logic of determine sap get
peer info enable or not by target capability.
CRs-Fixed: 2427627
Change-Id: I3162950a6a7202d55b64ff9c60a26971d3a31555
Add gTxAggSwRetry for tx aggregation case, and
Add gTxNonAggSwRetry for non tx aggregation case.
Change-Id: I92265fb4e279eaf63c45f0134f997df02bca8737
CRs-Fixed: 2436305
Currently the driver does not update the PCL
channel list based upon the SRD ini, and thus
adds the SRD channels in the PCL for p2p-go,
which can lead to p2p-go operation on a channel
not expected.
Fix is to remove the SRD channels from the PCL
channel list, if the SRD ini is set.
Change-Id: I8824fa38ef59976816a5e230982c551263da0c9c
CRs-Fixed: 2437795
MLME debug stats are added to the sta, ap and ext mlme ops
functions. This will help in debugging.
Change-Id: I55a3a91c6daf98a77557175447798c670be5709a
CRs-Fixed: 2439436
Check for validity of vdev obtained from the CDP
cdp_get_vdev_from_vdev_id API.
Change-Id: Ie7fb99a0e08135bd3f2cc6b63070a4bd72df943a
CRs-Fixed: 2434583
1. There is a need for STA to find better AP to connect to, so
this becomes priority over total scan duration.
2. Typically there are very few channel numbers to scan (with FW
CHAN MAP) therefore any penalty with higher dwell time is
compensated with the lesser number of channel. Only in case of
not finding a candidate FW does full scan but that probability
might reduce if AP is found in first CHAN map scan.
Change-Id: Ib923c2af9b92a1465730a861a2b56393dc3d8668
CRs-Fixed: 2431846
Support WDI 3.0 SW path intra-bss forwarding. Major
difference for WDI 3.0 is the metadata info passed
from ipa driver in skb->cb[].
Previously intra-bss fwd decision is done by FW and
it passes fw_desc to IPA where IPA driver passes onto
WLAN driver. Now for WDI 3.0, FW is not involved in RX
path and SW path intra-bss fwd decision has to be done
in wlan driver.
Change-Id: I0b4b9bbf16440dd47b6f97460f8931ea3a79303c
CRs-Fixed: 2426857
Both FW and host support TDLS low rssi teardown, so remove the host
logic. In addition, host trigger low rssi teardown wrongly since
doesn't update rssi of tdls peer on time.
Change-Id: I93d7957e01ba805b73558a5ced7a1dc8cc2681c1
CRs-Fixed: 2437166
