Currently, the return value of get_wmi_unified_hdl_from_psoc() API
is passing directly as argument to some functions without checking
the return value for NULL which may cause NULL pointer dereference.
To address this issue, add NULL checks for return value of
get_wmi_unified_hdl_from_psoc() API where ever it is getting used.
Change-Id: I9e9bf1372a8728e1af1be65065c9ba12f95ee305
CRs-Fixed: 2317025
As part of the effort to reduce the volume of logs produced by wlan,
remove the radio index from the base information which gets logged with
every message. The module name, which is also logged with every message,
is the preferred way to keep track of which wlan module is logging.
Change-Id: Ib13f12c55fb9a90ac61661d2a13e44913997804e
CRs-Fixed: 2318008
Add timer to flush out log buffers periodically. Add command to set the
time period value.
Change-Id: I8e796a9bc7caac2661d00852420dd5fa66f5bca5
CRs-Fixed: 2296362
For large local variable, it is better to use malloc to prevent the stack
overflow.
Change-Id: Ibf5f516132410122b730bfc1407ea14e0f26d630
CRs-Fixed: 2318354
WMI APIs currently use qdf_print() calls to print the messages onto
the console irrespective of whether it is an error, info or debug
message.
Replace qdf_print() calls with appropriate WMI_LOGX() APIs to ensure
they align with the debug framework.
Change-Id: I9a14a3defc61462bf4c7a8f0278e258603b781c7
CRs-Fixed: 2319398
The removal of blocking command from active non scan queue,
can result in movement of either single/multiple
blocking/non blocking commands from pending to active queue,
so the activation of new command(s) moved to active queue
as a result removal of blocking command, is done inside the
wlan_serialization_activate_multiple_cmd where the active
list is traversed and activated, which needs to be protected by the queue
lock to avoid concurrent access and updates to the cmds in the queue
from different contexts.
Change-Id: Ibf3034083d348ef7187bfac9cf2c540c748cd678
CRs-Fixed: 2317626
Stability feature enhancement to log below highlighted QTIMER
tick into Hexadecimal(currently its logged in decimal) such
that it can easily compare WLAN log QTIMER with WMI and HTC
credit log in crash-scope.
Change-Id: I0e0db3cbe90519248be98678e692cc89a87fcd2f
CRs-Fixed: 2315210
Add check for headroom before pushing the head for sufficient headroom
to prevent kernel panic in skb push function.
Change-Id: Iafc963f68b35564c7f291e9d91d933b3e31d7daa
CRs-Fixed: 2315569
Potential NULL pointer dereferences of wmi_handle are found in these
functions:
target_if_tdls_event_handler()
target_if_tdls_register_event_handler()
target_if_tdls_unregister_event_handler()
Do wmi_handle NULL check in the above functions.
Change-Id: I7cb4b574750d6bc6538862aa24a0cf49831b7c25
CRs-Fixed: 2317029
This change Removes legacy APIs to modify vdev state machine and
add use new API to get vdev state.
Change-Id: I48aa3744dafc6d13a43a14e48de821c7dadf3a37
CRs-Fixed: 2314731
Initialize local variable to zero to prevent compilation
warning for KASAN enabled builds.
Change-Id: I22a6115800ea31e0fe0c86204722664355b53947
CRs-Fixed: 2310542
1. Keep serialization legacy api not broken.
Serialization enhancement have much changes on internal struct
and API, need re-implement serialization legacy APIs.
2. Set all cmds on MCL platform as blocking type.
MCL dones't support cmd concurrency on multi vdevs, while WIN need
it.
Change-Id: I5d5d6e0e16becb0b0f285fd8ed20982f2819659c
CRs-Fixed: 2315407
In dp_txrx_peer_find_inact_timeout_handler ignore pdev
which is already detached
Change-Id: I0349d5f9c8d249cf332727bff3c120ddf38a6807
CRs-fixed: 2312279
Wmi_hdl can be NULL in call to wmi_unified_ipa_offload_control_cmd. Do
a check for the same.
Change-Id: I2629e03a812cbafdfd1494798ad7d8b986ceec75
CRs-Fixed: 2316859
Create and send user configurable ini for max number of roam preauth
retries and roam preauth no-ack timeout to the firmware.
Change-Id: I0343cb29952286d9b42a69136fc6353cd86e4752
CRs-Fixed: 2286079
HKV2 has support for three radios. Update Target service map
for HKV2 to map third endpoint for WMI commands corresponding to
third radio.
Change-Id: I9b84dedf1fcddf5c6d43e12c6688d8f9ee7db886
CRs-Fixed: 2313124
wmi_mtrace is defined as static in wmi_unified_tlv.c and
used in TLV functions, but some TLVs need to be featurized
and moved to separated TLV files. Need to export wmi_mtrace
for external use.
Change-Id: I9459ec01c9cd4a89f3544d6a9831acba56e6a278
CRs-Fixed: 2314779
etsi-precac done list will be updated only after CAC finishes on
the primary channel. This list will not get updated for preCAC on
secondary channel. When channel change happens from intermediate
channel(non-DFS) to weather radar channel after preCAC done, preCAC timeout
for rest of the non-erather radar DFS channels were taken as 10min
since that channel will not be present in etsi-precac done list.
In order to fix this, consider primary channel's CAC timeout only
if neither CAC nor preCAC is done on primary channel.
Change-Id: I274b0f07d7d04644e79262fcecf61036ff79f96e
CRs-fixed: 2312912
In DFS component 0 byte memory is allocated when dfs_nol_count is 0.
We see a print 'allocating 0 bytes at this location' during wifi unload.
Change-Id: I5d6ad36875d634ee5ae6a138656bdb3f538bcdbe
CRs-Fixed: 2316513
Set search type only when peer map v2 messaging is enabled
as we will have the search index (AST hash) only when v2 is
enabled
Change-Id: I6c1ab4a4d7519278755d93537a8430755d708a3c
CRs-fixed: 2316418
The serialization timers can be accessed from multiple contexts
when adding and removing commands to/from the serialization
queues. So the access to the serialization timers should be
atomic to protect the same timers being used for multiple
commands.
The serialization timers are maintained per psoc and are
protected with psoc timer locks.
Also the serialization lock APIs are updated to take the lock
object pointer as an argument
Change-Id: Ibdb41818fde9318fca6bbc92a536858364639365
CRs-Fixed: 2313039
next_twt_size is introduced in TWT resume dialog command by FW to
provide next TWT subfield size. Update this field in the TWT resume
command.
Change-Id: Id4e7aacfa2c4890e3b03de17402e7ea29f82826a
CRs-Fixed: 2316475
When a BSS peer gets associated with vap configured in sta mode,
the ast type associated with that entry should be different from
that of regular static entries, The reason being bridge on root AP
can pick up the mac address of AP VAP.
Change-Id: Ie322a015d883e2712f41623f71ccbc255b99baf3
Enable ML logging in wmi_control_rx and capture all
responses from firmware.
This would result in knowledge of whether the wmi_response
or any wmi_event was received by the host.
Change-Id: I0206a5b9bd357d06a8621747473dedecaa1779f2
CRs-Fixed: 2306047
Channel number being out of range is not expected for a pdev. Put debug
log for the same.
Change-Id: Iaccec084e2bc22a3955915ad48a55d16963b49a5
CRs-Fixed: 2316097
No data length check when extract control panel stats of pdev,
vdev and peer etc, may result in buffer overflow.
Fixed param of cp stats indicates numbers of pdev, vdev and peer
etc in cp stats. Need do length check to make sure actual tlv
data length is same as expected.
Change-Id: I8750d4e10048930222059897a24804e9f2c91ab5
CRs-Fixed: 2305421
CE service file includes APIs for both legacy and lithium
architecture.
These are getting compiled for both targets today. Separate the CE
services into legacy and srng and selectively compile based on
targets present in the SoC.
Note: Generic APIs implemented for both legacy and SRNG services
are separated out through this change. Fast path implementation
will be de-coupled from common service and moved to legacy source
in a follow-up change.
CRs-Fixed: 2258640
Change-Id: If86c21c0bf560a360474c9efcdbcd4841a09828d
For HE case, SGI enum values are different in FW and Host
So that firmware stats and host stats shows different values
To resolve this, change SGI enum value in host to match
firmware definitions.
Change-Id: I1b38dbe32a6c1ab2610c1c3a736a6898ddc73e30
Move network buffer null check to beginning of function to
cover possible case of null pointer dereference during free.
Change-Id: I8c998d4d1711ab28c94a946d04314c26a4c74278
CRs-fixed: 2309452
Heavy print from scan module slowing down
frame processing and caused the scheduler
buffer to be full causing buffer full assert
Move scm_err to scm_err_rl which will add
print rate limiting
CRs-Fixed: 2313262
Change-Id: I4eebe7eeb0e52e0858eb064717a5ce457ac891e2
When multiple STA-PEERs are connected to SAP-DUT device and if SAP
is getting shutdown then as part of shutdown:
1) PEER delete happens first and as part of it,
firmware sends peer_unmap event in interrupt-context.
2) entire peer_unmap handling happens in interrupt_context on one
of the available CPU-core.
3) as part of peer_unmap handling, driver removes the peer from
peer_list first and then cleans up its peer data structure.
4) so between peer getting removed from peer_list and
peer data structure getting cleaned up;
control thread (hdd_vdev_destroy/IOCTL/mcthread),
which is running on different CPU core in process-context,
takes control.
5) control thread checks if peer_list is empty. If it is empty then
cleans dp_vdev structure.
6) so when interrupt_context is cleaning up peer data-structure queue,
it gets stability issue while accessing dp_vdev structure which is
already cleaned up by control thread.
Fix the situation by cleaning-up the peer data-struct first and
then remove peer from peer_list
CRs-Fixed: 2291861
Change-Id: I39675bbe4448df57911963942800cbcede508917
While freeing the AST table traverse through table and
free any AST entries present in the table
Change-Id: I87382da2425380938d91ee1980a9c356c0f647ef
CRs-fixed: 2275212
