The sap unsafe channel restart process include two subprocesses: CSA ie
update and channel switch, but CSA ie update request using
mac->sap.SapDfsInfo to save target channel switch parameters, which
would be overwritten by 2nd sap restart at same time. For example:
SAP1 on chan 1 and SAP2 on chan 36, then lte coex mark chan 1 and
chan 36 as unsafe channels, now SAP1 and SAP2 would switch to same
channel, but actually they can be on different channels doing DBS.
To fix it, one option is save the target channel switch parameters to
different session, but looks it may introduce a lot of code change,
because the logic is shared with DFS/concurrency. So the simple option
is making sap unsafe channel restart execute once at same time.
Change-Id: Ieaab3007fb6e79a9741f892e86771d2f52c03e3c
CRs-Fixed: 2504867
If g_sta_sap_scc_on_lte_coex_chan != 0, the SAP and
STA SCC on unsafe channel is allowed.
The change keeps the unsafe channel in SAP channel
list if STA is active on the channel.
Change-Id: I328841df611a000b1c4d4d09618a4035f0b7fba6
CRs-Fixed: 2509730
Refactor vdev stop and down code to target_if common code.
Remove legacy code for vdev stop and down.
Change-Id: I4ab0743d39a3b37816ab9f18e8850cadf1335c15
CRs-Fixed: 2506649
This reverts commit I04631ffd611d6ded318ddfb65b2dfeba479c9bdc.
Currently, for all the peers cleanup is done in lim and wma layers
to remove this peers. The original change is deleting the ndi
peer in HDD, and can lead to memory overwrites.
Hence reverting the change.
Change-Id: Id0083c3d1612f0fdccb6fca2c9cc4c03f607a139
CRs-Fixed: 2507142
In function csr_check_concurrent_channel_overlap, local
variable intf_ch is defined as uint16_t, but its pointer
is casted to uint32_t * before invoking
policy_mgr_get_sap_mandatory_channel, which will do
32-bit memory write and causes a stack memory over-
writing.
Call Trace:
dump_stack+0x46/0x59
print_address_description+0x66/0x22b
kasan_report+0x21f/0x245
policy_mgr_get_sap_mandatory_channel+0x1fd/0x258 [wlan]
csr_check_concurrent_channel_overlap+0xf84/0x10d2 [wlan]
sme_check_concurrent_channel_overlap+0xaa/0xf0 [wlan]
wlansap_check_cc_intf+0x102/0x124 [wlan]
wlan_hdd_get_channel_for_sap_restart+0x506/0x8f8 [wlan]
policy_mgr_check_sta_ap_concurrent_ch_intf+0x35e/0x425[wlan]
process_one_work+0x2cc/0x53b
worker_thread+0x357/0x490
Change the type of the 2nd parameter to uint16_t within
function policy_mgr_get_sap_mandatory_channel, so only
16-bit memory writing will take place.
Change-Id: If514a394e65d005a1fe025c0e753bf7440dd5dde
CRs-Fixed: 2508798
Direct buffer tx component initializes in target_if_init, which cause
platform assert since g_umac_glb_obj is NULL. So change the order to
avoid NULL pointer access.
Change-Id: I348775d08ccc478caef605c2ae8d1b6d65d77eb2
CRs-Fixed: 2497809
Avoid compiling ol_rx_reorder.c and ol_rx_reorder_timeout.c
for low latency and only compile for high latency
data path.
Change-Id: I1f3819fa093766abba87e5dc6dc44e6d2188740b
CRs-Fixed: 2506005
In "Change-Id: I2896f7704ffb809214c5b08756c4b8673307fd9e", parameter
type of hif_get_hal_handle changed from void to hif_opaque_softc,
which cause compilation failure in wma_init_dbr_params.
Change-Id: Idbb591bb1ea1507661882fe48b18eaaffcac164d
CRs-Fixed: 2504894
Support monitor mode enablement by changing driver mode, and also
remove the support that enable monitor mode with insmod parameter
"con_mode_monitor = 4", use "con_mode = 4" instead.
enable monitor mode steps for reference:
(1) change driver mode
a. svc wifi disable
b. echo 4 > /sys/module/wlan/parameters/con_mode
c. ifconfig wlan0 up
d. iwpriv wlan0 setMonChan 11 0
(2) insmod with kernal parameter way
a. insmod /vendor/lib/modules/qca_cld3_wlan.ko con_mode=4
b. ifconfig wlan0 up
c. iwpriv wlan0 setMonChan 11 0
Change-Id: Ie615533d060261d545b3b92bea9916099ccccadd
CRs-Fixed: 2494158
Presently in the driver, in function hdd_objmgr_create_and_store_vdev
the vdev object is created and stored. In case the creation of the vdev
fails due to some reason, the corresponding error condition tries to
free the osif_priv pointer. This osif_free pointer is actually already
freed as a part of vdev_obj_delete -> vdev_release_ref -> vdev_obj_free.
As this is already freed, a possible double free scenario can occur in
the original error handling scenario.
To avoid this scenario, do not free the osif_priv pointer in the error
handling as it is already taken care in the caller.
Change-Id: I7fc7be187ce1e303c81da885a75c600a7b6c4b3e
CRs-Fixed: 2507432
Full roam scan period is the minimum idle period in seconds between
two successive full channel roam scans. Firmware expects this param
as part of roam scan offload request. Add an ini param to set
it to a default value and use it while sending roam scan offload
request.
Change-Id: Id66b583b2c487f06e62298641dc28853af3ab11c
CRs-Fixed: 2507448
enum qca_wlan_vendor_roaming_subcmd contains different values of
subcmds to be used with QCA_WLAN_VENDOR_ATTR_ROAMING_SUBCMD and
these are not attributes.
Values of the enum qca_wlan_vendor_roaming_subcmd have been
renamed according to usage and relevant documentation is added
in qca-vendor.h. Make corresponding changes in usage to avoid
compilation errors.
Use right max index(QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_MAX) while
parsing for PARAM_LIST_SSID. This caused compilation error as the
inappropriate max index(QCA_WLAN_VENDOR_ATTR_ROAM_SUBCMD_MAX)
is used for parsing which has been deleted now.
Change-Id: Ifc063b801ba2729e8cff1581ef63e78e1d36a32d
CRs-Fixed: 2508196
Currently, the API cdp_fc_get_tx_resource takes as input the sta_id. As a
part of cleaning up the usage of sta_id, replace it by peer mac address.
Change-Id: I7b81a05d312da84aa16c82f0f6152710daf986c5
CRs-Fixed: 2507274
Cleanup ol_txrx_get_tx_resource to be peer mac address based
from local peer id based.
Change-Id: Id7ac4b5152c782d3475d9fad59f8f835102483cc
CRs-Fixed: 2508132
Some system suspend commands are getting sent to firmware while
runtime resume is in progress. Sync runtime pm resume when system
suspend occurs to avoid this.
Change-Id: I6e652104e984b81e29a5f328fcf3937502a8f47f
CRs-Fixed: 2509910
Currently the NUD tracking is done only for STA mode.
For all the adapters the NUD tracking work is not
created and hence should not be destroyed when the
adapter is cleaned up.
Destroy the NUD tracking work only for the STA adapter.
CRs-Fixed: 2505365
Change-Id: I677a07cb37e2d547e62b7ffebf6d014255a9d237
In the current wlanhost driver dump status, it doesn't
support to count the dropped packets seperately that
due to firmware don't have enough tx descriptors, so
add such function which can benefit KPI tune.
Change-Id: I1a72acbc4f1f861c2013a1ef1a95b73acccd6b53
CRs-Fixed: 2507410
Currently the driver selects channel 12, 13 as they are
free from BSS as their weights are minimum, which results
into IOT issues as legacy STAs do not support the same.
Fix is to avoid channel 12, 13 in SAP ACS process, and try
to start the SAP on channels from 1 - 11.
Change-Id: If735fade7d7b489b45a20f74c04bab5582343f79
CRs-Fixed: 2509791
Convert channel to freq in hdd_connection_info, so
remove unused 'channel' and rename 'freq' to 'chan_freq'.
Change-Id: I0d3fd39f9ac3c2303729b27b7c97385097c82104
CRs-Fixed: 2508791
1. Add g_enable_go_force_scc INI configuration
to enable force SCC on P2P GO interface.
This option only takes effect when
gWlanMccToSccSwitchMode INI enabled.
2. Add API policy_mgr_is_go_allow_force_scc to get
the above configuration value for GO.
Driver will apply "MCC to SCC" logic to P2P GO
interface based on STA active status and the configurated
INI values.
Change-Id: I1d16368b5f2d88984b91ef0a3e882148c20dcd23
CRs-Fixed: 2509555
In AP+STA case, if g_sta_sap_scc_on_lte_coex_chan != 0,
SAP is allowed SCC with STA on unsafe channel. And
if g_sta_sap_scc_on_dfs_chan != 0, SAP is allowed
SCC with STA on DFS channel.
But when the STA disconnected, standalone SAP is not allowed
on unsafe channel or DFS channel. We need to move
the SAP to safe channel or non DFS channel.
The original API -
policy_mgr_is_sap_restart_required_after_sta_disconnect
only handle AP+STA case. Change it to cover 3VIF
concurrency case - AP+AP+STA.
Change-Id: Iec4e750d8b3fda0cc52ac698ecaa9a274f935706
CRs-Fixed: 2509545
hdd_update_dp_vdev_flags takes sta_id as input and as a
part of clean up of sta_id, replace it by peer mac address.
Change-Id: Id9a8c132546d312f5b048485de48535807e2db4b
CRs-Fixed: 2506497
Currently, cdp_peer_get_vdev_by_sta_id takes as input the sta_id. As a
part of cleaning up the usage of sta_id, replace it by peer mac address.
Change-Id: Ibb7f3489899ac3fda48ad5e54891cd2d7623c6c8
CRs-Fixed: 2507219
Rename API ol_txrx_get_vdev_by_sta_id to ol_txrx_get_vdev_by_peer_addr
and cleanup ol_txrx_get_vdev_by_peer_addr to be peer mac address based
from local peer id based.
Change-Id: Ie3b8a1d97b5196e7306e5641cb894f31b8abe154
CRs-Fixed: 2504565
Currently the driver calls the pre bss scan cb
which is used to calculate the weight to start
the SAP on best channel. This API depends upon
the SAP context pointer which is passed as a arg
to the scan module, which in turn returns the arg
as part of the scan cb. But it may happen that
the SAP was deleted before the scan cb was called.
In that case pre bss scan cb and weight calculation
does not matter to the driver as SAP in any case is
OFF. Here the sap context which was passed as an arg
to the ACS cb is used after free, and there is no way
currently to validate the pointer. But as part of scan
cb, the driver gets a vdev pointer, which would be in a
logically deleted state, if the stop adapter for SAP has
been done. Using this data, the driver can know the object
status, and then decide to continue with the weight calculation.
Fix is to try get vdev ref before the weight calculation algo
kicks in, and return if the reference cannot be taken to avoid
use after free for SAP-context.
Change-Id: Ib9c3bde4a36ee49efdadab3dc531991b8688f79e
CRs-Fixed: 2509249
When lte channel avoidance event triggered, multiple SAP will choose
safe channel from pcl/acs combination and switch to the safe channel
one by one.
Actually when force SCC mode is enabled, if one SAP is the same band
as other concurrent SAP whose channel is already safe, it doesn't
need to choose safe channel from pcl/acs again, just needs to
follow concurrent SAP channel. Add code to implement this policy.
Change-Id: Icc9b2a53bb56915daeab8d94eceaaa64a660cb65
CRs-Fixed: 2500183
There is only vdev start, stop, and set-key wakelocks for system suspend
as of now. Add vdev start, stop, and set-key wakelocks for runtime PM
also.
Change-Id: Ic071bcfb112ae8861a446298677d190484f0c01b
CRs-Fixed: 2507852
