VDEV is moved to INIT state as part of link switch disconnect,
before set MAC address response is received, any disconnect
request on this VDEV will not be handled as VDEV is in INIT
state, if link switch is in progress then it will abort link
switch and starts link switch dequeue process.
If the new disconnect request is from userspace it will
increment the OSIF ops, but if link switch is on assoc VDEV
OSIF is notified to restore the adapter deflink as part of
link switch complete where it wait for all OSIF ops to
complete. This is a deadlock case where driver is waiting
for ops completion on same thread where ops is initiated.
To fix this issue, do not handle link switch dequeue on the
same thread, instead move the link switch state to abort
and when actual link switch thread comes it will flush from
serialization.
If userspace disconnect is not queued as VDEV is in INIT
state due to link switch, kernel won't be notified about
the disconnect as this notification is only done on assoc
VDEV and any further connect requests from supplicant gets
dropped in kernel saying already connected and supplicant
will immediately try disconnect which driver will again
drop as VDEV is in INIT state. To avoid this kernel-driver
out of sync, forcefully move VDEV to disconnecting state
and queue the disconnect request.
Change-Id: I116859601ebba21d44797e74e160b56532ef833c
CRs-Fixed: 3588936
For multi link connection there might be the case where
rsnxe of the AP is not present on the link vdev.
This causes the link vdev alone to downgrade to 11ax
mode and assoc vdev is in 11be dot11 mode.
So for vdev with ML peer, the dot11mode is 11ax,
which causes abnormal firmware behavior.
Reject the partner link that doesn’t pass the security
check and validate the next available partner link.
if none of the partner link passes the security check,
proceed connection with single link.
Change-Id: I080557027180c0566a1c284a93fcc4b69c61a9c8
CRs-Fixed: 3581189
Handle case where device topology needs bridge peer.
So if the device have connection on two opposite links
create bridge peer on the central vap.
Sample topology:
AP
2 GHz<-->6 GHz MLO Links
STA topology
(5 GHz Low VAP)
chip0
/ \
(2 GHz VAP)chip1 chip2 (6 GHz VAP)
\ /
chip3
(5 GHz High VAP)
In the above case we will have Bridge peer on either
5 GHz Low or 5 GHz High VAP
CRs-Fixed: 3575939
Change-Id: I923cc01b3c6e23099436a25565cbabab5a08d93c
Currently PM_LL_LT_SAP_MODE is not handled in policy manager.
With this change add support for PM_LL_LT_SAP_MODE in the policy
manager.
Change-Id: I7b893b04498957eb4a7e9f74c4b4395d4a823bf9
CRs-Fixed: 3536612
Stack variable 'mlme_info' in cm_connect_complete() can lead to
uninitialized access if BSSID in 'resp' function argument is NULL.
Initialize the variable to avoid unanticipated results.
Change-Id: Id9db244c8168740e4d5c0d71959b578551773bb6
CRs-Fixed: 3576785
Introduce following for link switch disconnect:
1) Connect request source.
2) Connect request reason.
If the set MAC address response for new link is successful, post
connection on new link and transition the link switch state to
connecting. If the status of connection is successful, update
the state to link switch complete or else directly go for
deserializing link switch command and posting response to FW.
Based on the final state of link switch at the time of sending
FW response, send the appropirate status of link switch and reset
the state of link switch to idle post FW notify.
Don't unlink BSS incase of failure in connection.
Don't indicate connect results to userspace.
As we are already in serialization due to link switch,
don't serialize/deserialize connection command if it
is due to link switch.
Incase of race condition between link switch connect and
userspace connect/disconnect always abort link switch connect.
Change-Id: Ie350b52021c36802b82d6cb5f6f441fe1bd10458
CRs-Fixed: 3556529
Introduce following for link switch disconnect:
1) Disconnect source.
2) Disconnect reason.
3) Link switch BIT in CM_ID to identify link switch request
Don't notify link switch disconnect to initiate disconnect on
other connect VDEV of MLO mgr.
Don't notify userspace if the disconnect request is due to
link switch.
Don't notify netdev to stop queues on link switch disconnect.
Don't flush any pending disconnect/connect request on complete
of link switch disconnect request.
Don't attempt to serialize/deserialize disconnect command
if it is a link switch command ID due to either disconnect request,
disconnect complete or disconnect request flush.
Before start of link switch set the VDEV flag as MLO link VDEV
to leverage the disconnect/connect checks for link VDEV and
restore the flag at the end of link switch. This will impact
when link switch on assoc VDEV is received for which initially
the flag is not set.
Check status of link switch disconnect done API to either
proceed further in link switch or terminate the link switch.
If any userspace disconnect and link switch disconnect race
condition, always abort link switch disconnect and notify
failure to FW.
Change-Id: I6ec2a850d49f5ec6df2ec868c290f19203cd8c88
CRs-Fixed: 3556481
STA is not able to connect to 11be non-WPA3 mode AP.
STA need to decide whether to connect in EHT or not at
the time of connection to AP based on security configuration.
Change-Id: I812f5c322d36ba44f63d4e27b5ec65a2846b3265
CRs-Fixed: 3404747
Currently while updating the mlo vdev flag host checks whether the
mlie is present, this vdev flag is used to send various ml information
to firmware. In certain cases because of issue due to parsing of
ml probe response or AP issues mlie is not present in the partner link
entry, resulting in host sending ml flags for assoc vdev and not setting
ml flags for partner vdev's resulting in undetermined behaviors in
firmware.
If mlie is not present during the partner link association stay associated
on the available links.
Change-Id: I3134555dc955ffc96a50584c2cfc6713b2673cc4
CRs-Fixed: 3555133
In current scenario osif_cm_free_connect_req() and mlo_free_connect_ies()
used to free up connect request and its sub memory.
Similarly cm_free_connect_req() and cm_free_connect_req_param() also
free up the connect request and its sub memory.
So replace osif_cm_free_connect_req() with ucfg_cm_free_connect_req(),
mlo_free_connect_ies() and qdf_mem_free() with wlan_cm_free_connect_req()
and mlo_free_connect_ies() with wlan_cm_free_connect_req_param().
Change-Id: Ie62603652dd77ae5ae9f7b7085d4b9bb257eaf53
CRs-Fixed: 3554234
In current scenario during OWE roaming when HB failure occurs,
it should clean copied reassoc response and roaming info. But it
is not getting freed which leads to memory leak and host driver
crash while on idle shutdown.
Free copied reassoc response at mlo_dev_ctx_deinit().
Change-Id: I1a25e4ad1ba62d3d6b90da38cb5b7ab7c3f8e91a
CRs-Fixed: 3530058
For mlo 5+6, 6 GHz band score is higher than 5 GHz, so 6+5 total score is
higher than 5+6, 6+5 is always selected before 5+6 even 6 GHz link score is
much worse than 5 GHz.
To fix it, calculate each link score for each MLO AP, if assoc link is
best link, add a boost score, then it can be selected first.
Update band weight and score for both SLO and MLO, select average of link
band score as MLO band score.
Change-Id: If0714fa94031d5746d89388917540f0e34086d86
CRs-Fixed: 3483850
Currently type of score is unit32_t due to which
negative value calculated is tried to change
to uint32_t and MLO score is getting boost instead
of deteriorate.
Fix is to calculate score in int32_t type and then move
to unsigned value.
Change-Id: Id28f58b44e1a1246f491b28a86de1c78c5e97215
CRs-Fixed: 3525654
During wlan0 vdev0 roaming, before roam sync received, 2nd sta wlan1
vdev2 connect req came, disabled RSO of vdev0, so vdev0 roam aborted, and
disconnected.
To fix it, serialize roaming disable during connect too, don’t disable
roaming of other connected sta until serialization allowed in
wlan_serialization_activate_cmd ->cm_connect_active
Change-Id: Ic2e626154b570a1691b8f3d684d21d8a107d09dc
CRs-Fixed: 3510787
Currently if MLO connection fails then connection is tried
with same link until it reaches to maximum no of trials but
connection is not tried with same assoc link by changing partner
link or with SLO.
So, when vendor roam score algorithm is enabled, add logic to try
MLO connection again by reducing number of partner links with
each retry till SLO connection is tried.
Change-Id: Ic0e3acd2198cfa0ed0ff893da6ae32d669d32a41
CRs-Fixed: 3521159
Update etp score as per the mlo_tp_preference_percentage ini.
MLO score require to be boost or reduce based on the mlo
prefrence percentage ini, so update score as per the
provided value.
Change-Id: I0263b0f83207c279a2b4e88ac7b08b3b18a49df4
CRs-Fixed: 3456420
On reception of reassoc req from user space to the
connected AP, wlan driver proceeds with reassociation
without clearing the keys. This leads to encrypted EAPOL
frames in LFR2. To avoid this, trigger disconnect & delete
keys before proceeding with reassociation.
Change-Id: I02536a0049517ff5e8459834df493dccbf5a7a62
CRs-Fixed: 3433224
When wlan_reg_extract_puncture_by_bw return fail, new_punc isn't
filled, it is not initialized too, will be random value, it will
make F/W assert if the wrong puncture passed to F/W.
To fix it, initialize local var new_punc to 0.
Change-Id: I1554e1f55a2f5b319abc94b8409a5c4aed78e223
CRs-Fixed: 3506816
"prev_bssid" can be AP mld address if current connection
is mlo connection. Allow roam if "prev_bssid" is AP mld
address.
Change-Id: Iebc71acae11fcbfb4fc98ec2199d546d71ef057c
CRs-Fixed: 3489879
In the enum wlan_cm_connect_fail_reason, the value of
member CM_NO_CANDIDATE_FOUND is modified to 1 in order
for value of members of the enum will begin from 1.
Change-Id: I3f4686b32cec92b45e03b30b4293b4571a3f01fe
CRs-Fixed: 3486473
Add a new cfg item to drop connection request if
AP is operating in 6 GHz SP mode and STA doesn't
support SP mode but supports VLP mode.
Change-Id: Icbe109abecdd73ceedee8ecec45ae82cd47464e0
CRs-Fixed: 3470599
relaxed_6ghz_conn_policy cfg item is no longer needed
with new regulatory policy as there is no dependency
on STA, AP country code to find 6 GHz power mode for
connection and also connect request should be rejected
if AP is advertising VLP and STA doesn't support VLP.
Hence remove this cfg item and the related APIs.
Change-Id: I215939bdce2e08eb9d4c5286487941198ab19232
CRs-Fixed: 3470569
wlan_cm_get_rnr, uses the cm request without lock and pass the
pointer to the caller instead of passing a copy.
Fix it by copying the rnr info while holding the lock. and move the
cm req access logic to core from dispatcher.
Change-Id: I72861021d98b996a379a2917874b5dadbc37c6af
CRs-Fixed: 3483871
Scenario: There is dual sta present in HBS mode in DUT where one
sta is on wlan0 interface and it has 11be capability, so it has
formed ML connection with ML AP. The another STA is present on
wlan1 interface and this STA also supports 11be capability. But
as per current design, host supports 11be with MLO. It doesn't
support 11be alone. Also 11be with MLO is supported only in wlan0
interface. So for another connection which are present in wlan1
interface, even if it supports 11be host will downgrade to 11ax
and form connection.
During the formation of second connection, host will sends peer
create command(WMI_PEER_CREATE_CMDID) to firmware. Before sending
this command, host checks only eht cap in cm_create_bss_peer()
and fills the mld_mac addr. Because of that, DP assumes that
there is an ML connection and it creates MLD peer on wlan1
interface. Due to this, it causes ping failure on wlan1 interface
as the ICMP response might be coming on incorrect peer and it's
getting dropped.
As part of fix, check eht cap as well as vdev is mlo supported or
not in cm_create_bss_peer()
Change-Id: I60dbb8ee91025266d0b9b48075dc2db9a407e015
CRs-Fixed: 3454128
If PMKID present in AP expires, AP rejects the PMKID based association.
Current design is to clear the cache using BSSID/MAC address of link
in such cases to let a fresh SAE authentication to happen.
But host driver stores PMKSA with MLD address for ML BSS.
Adapt to the same and update PMKSA cache clear APIs to use
MLD address instead of link address.
Introduce new API which return the legacy address for non-ML
association and MLD address for MLO association of the BSS peer.
Use this API to get the correct entry from PMKSA cache to delete.
Introduce new utility API to fetch the MLD address from scan entry.
Use this API to get the MLD address of the ML candidate.
Change-Id: Id35a3937ba6649e8ba7ae8f849ac1ed2a9cc83f8
CRs-Fixed: 3453839
If link vdev roam sync failed and new dp mlo peer wasn't created,
assoc vdev roam sync was still handled, dp peer update failed
and asserted for mlo peer not found.
To fix it, if link vdev roam sync failed, return to trigger HO_FAIL,
don't handle assoc vdev roam sync.
Change-Id: I47aa70723cd741839cdb8fb21d446730a8ed80e5
CRs-Fixed: 3468553
Add if_mgr support to handle STA CSA complete notification and
SAP CSA Started and complete notification.
Before CSA vdev restart on SAP side, disable TDLS off channel.
After CSA, check if TDLS is allowed for the current concurrency
and take action accordingly.
Change-Id: Icbadb898f5b468717f74f92a0993c05b59719205
CRs-Fixed: 3445113
Some IOT APs only allow to connect if last 3 bytes of
BSSID and self MAC is same. They create a new bssid on
receiving unicast probe/auth req from STA and allow STA to
connect to this matching BSSID only. So boost the matching BSSID
to try to connect to this BSSID.
And add logic to refresh the candidate list before next
candidate try when the last candidate connect fail.
Change-Id: I482e122c8c9febbab42f64013fbb78c266f49655
CRs-Fixed: 3432618
This is needed in case the STA is configured with more MLO links
than the AP. It will make sure only links that the AP allows
are in use in the STA MLO as well.
Also check for mlo flag on vdev before sending link connect and
updating partner bitmap.
CRs-Fixed: 3423668
Change-Id: Iceec3cf7e8dc7e5bc0a29c56b990faef4f741158
Assoc dev disconnect happened before link vdev for following sequence
1) SB disconnect followed by NB disconnect.
2) SB disconnect queue disconnect on both link and assoc same time.
3) NB disconnect queue link disconnect first and wait for it to complete.
Fix in mlo_sync_disconnect by using sync API only for assoc vdev, for link
vdevs, let the non-sync API post the disconnect, thus all disconnect goes
in 1 instance and wait for assoc disconnect (last) to complete, similar to
SB disconnect.
With this both vdev1 and vdev0 disconnect will be queued at same time, thus
maintain the sequence.
Also optimize the wait time of the assoc vdev in
cm_disconnect_start_req_sync, to include all link disconnect time as well
(DISCONNECT_TIMEOUT * 2 + 5000).
Flush old disconnect only for non-MLO and assoc link, do not flush for link
vdev.
Change-Id: Ibaf4051d6e06a8e8354571e87883ac72b6ac07f0
CRs-Fixed: 3420508
When NDI stop bss is pending in serialization queue and
STA connect is in progress with multiple candidate trying,
NDI stop bss will be timeout and vdev clean up will not happen
if STA connect takes too much time.
Fix by stop next candidate trying if NDI stop bss in
queue.
Change-Id: I29ca38f420586862f294d10041fc1754f8b485ce
CRs-Fixed: 3402121
Add support for generating link specific assoc request/response
and probe response for 2+ mlo links.
Change-Id: Iadd09efeb0b0098baeae25f3b1968826e75dedc4
CRs-Fixed: 3049640
Add new roaming invoke source enum CM_ROAMING_LINK_REMOVAL.
That will be used in link removal process to trigger STA
roaming to new AP.
Change-Id: I78cb1fcfce8e11fcca33ce99c80a4d6444ac3fea
CRs-Fixed: 3353004
Driver doesn't sort the AKM properly based on security
to use for the association. This causes lower secure AKM to be
used when AP advertises multiple AKMs.
Choose more secure AKM for association. Below is the new
changed order of Secure AKMs:
1. FT-FILS SHA384
2. FT-FILS SHA256
3. FILS SHA384
3. FILS SHA256
4. WPA3 FT-SUITE B Sha 384
5. WPA3 802.1x Suite B - 192
6. WPA3 802.1x Suite B
5. WPA3 FT-SAE
6. WPA3 SAE EXT Key
7. WPA3 SAE
8. WPA3 OWE
9. WPA3 DPP
10. WPA2 FT-802.1x
11. WPA2 802.1x SHA256
12. WPA2 802.1x
13. WPA2 FT-PSK SHA384
14. WPA2 PSK SHA384
15. WPA2 PSK SHA256
16. WPA2 FT-PSK
17. WPA2 PSK
Change-Id: I18910b56b15624725ad4fc0cdb0b37ff241e82ff
CRs-Fixed: 3400535
When calculate mlo score, partner link congestion score is used wrongly.
Total congestion score after considering both assoc and partner link should
be used.
Change-Id: I6f94fc1bcbfd1adf547dbf519e03524409509260
CRs-Fixed: 3399624
In legacy to MLO roaming case, the link vdev will be
moved from INIT->UP via EV_ROAM event. Similarly, if
the Hand-off fails in host due to host-related handling,
treat the failure as HO-FAILURE and move the link VDEV
SM from UP->INIT directly.
Change-Id: Ia6bfeb958f0302a934d24c9b40fadd4a8f557236
CRs-Fixed: 3389148
When Scan db reaches max size, driver deletes the oldest node,
so chances are that BSS on 1st freq scanned is removed.
This lead to scan for SSID, which will do a scan again on
all freqs, and thus we end up in flushing the entry again.
TO fix this use freq hint to scan for ssid to quickly find the
AP so that required AP remains in scan database as it will
be the latest entry.
Change-Id: I28849ee97ff1f492d372870c362288206c4ec9a5
CRs-Fixed: 3392831
There are two different name with different range of value for
aliasing INI's.
So, it should pick the valid range of value wrt INI name.
Change-Id: I81ece854a2d8b34f232e03c8ab835161d58c56b1
CRs-Fixed: 3355346
Currently, the definition of WMI_ROAM_GET_VENDOR_CONTROL_PARAM_ID
is present at the fw-api level. The host should not be using fw-api
definitions outside the WMI TLV code. To make sure it, Add
host-defined enum vendor_control_roam_param which defines the param
IDs that the host supports.
Change-Id: I0aaba99c1af7c7c50a62f9bc763d0968c3a3a99c
CRs-Fixed: 3366594
The kernel-doc script identified some documentation errors in the
umac/mlme folder, so fix them.
Change-Id: I84617fe2007e51dcb009801ebc6cdf87c0d0a686
CRs-Fixed: 3381478
Add the code logic to save the BSS parameters change count (BPCC)
for critical update feature.
Change-Id: I3fafd44af8661d1dcf5d7bbde84d2729d390a44c
CRs-Fixed: 3324174
In some scenarios, memset function is called after spinlock initialization,
which clears the container holding the spin lock causing the spinlock to
be uninitialized. Fix this by initializing the spinlock after the container
has been cleared with memset().
Change-Id: I87e9844e95e814d8dca25e591a6494516d929c70
CRs-Fixed: 3377971
