Fix improper naming and exporting of dump_frag_desc() by:
1) adding ol_txrx prefix in the api
2) adding prototype of api to ol_tx.h and removing the local
prototype for the api from core/dp/txrx/ol_tx_desc.c
Change-Id: I29a06419164afba7c1c391d11aee10742d41b93c
CRs-Fixed: 1083068
(cherry picked from commit bcc6b34818654241a4886b35619fb5e901f6f10b)
Enable logging of DPTRACE logs at each layer of driver and at tx
completion for all tx as well as rx protocol packets.
Change-Id: Id568c19196702034989a0f55490bc62667b3b20e
CRs-Fixed: 1083002
(cherry picked from commit c91cad24c240283aa70b120836799014c820975f)
Add a spinlock to make sure that htt rx_hash history buffer will
not break under SMP conditions. Apply the lock on set and reset operations.
Add timestamp to each buffer entry (will store the time stamp of the last
operation on the entry).
Change-Id: If1dcab4ac331351cf2dcfbaa6cb24d453e7fdf50
CRs-Fixed: 1077047
(cherry picked from commit be2d6e14afdc142564bb9d7fbcc446c060b0d0d4)
In function sap_random_channel_sel change final_lst array size from
WNI_CFG_VALID_CHANNEL_LIST_LEN (100) to QDF_MAX_NUM_CHAN (128) to
avoid possible buffer overflow, as sap_apply_rules function can return
rule_adjusted_cnt QDF_MAX_NUM_CHAN size.
Change-Id: I367dc54966fa57a7ef0195279953e31def06fd21
CRs-Fixed: 1082162
(cherry picked from commit bceffc9b2cfb622fbb44b5ec768fd7ebc6ecadb2)
In function __lim_process_roam_scan_offload_req add validation code
to avoid buffer overflow during memcopy.
Change-Id: I2ac02e276dd7e4df0a6dffe58181ff538b49ed74
CRs-Fixed: 1082162
(cherry picked from commit 9806f9cfe464fb7ebebbf1a1f27c2b0b39cb1ffd)
unlock chan_lock before return in wma_dfs_indicate_radar function
in failure case.
Change-Id: I389d6479d2cd048b636230b38f135471acd38d00
CRs-Fixed: 1082162
(cherry picked from commit 41e358802ddc6722e4f1bf37b8c68ceab5e5fee5)
In wma_mgmt_tx_bundle_completion_handler function fix validation code from
logical AND to OR, to fail validation if any of the two input variable are
invalid.
Change-Id: I835b4d4bfb966e313c9ab05fb9fd57b10925d506
CRs-Fixed: 1082162
(cherry picked from commit d1c9e067b250fe75257164e1db7e363db583d49b)
sap_signal_hdd_event function caller may pass NULL csr_romeinfo,
So validate csr_roaminfo to avoid null pointer dereference.
Change-Id: I17364d9c3eb7b84786a86c29bc03b99dc2c0149a
CRs-Fixed: 1082162
(cherry picked from commit 023028cc64383d062d10a3922dc06ba6c4cac54a)
In __lim_process_gid_management_action_frame function dph_lookup_hash_entry
may return NULL, So validate return type to avoid null pointer dereference.
Change-Id: I7d66f61bb26017ed4ffdd3435520b68623dda55a
CRs-Fixed: 1082162
(cherry picked from commit 86a1d429d9114f982dd837c4d2527f154261c459)
hdd_ocb_config_new() takes four "length" parameters, currently defined
to be of type 'int'. Since these are summed to calculate the size of a
dynamic memory allocation they must be non-negative so change them to
'uint32_t'.
Change-Id: Ie66bbb7c69aba92d9d846cb90628110b3bea8f74
CRs-Fixed: 1079596
(cherry picked from commit a3047fb23625dfae22520c106e8b90093590b3d4)
If the TX queue is unresponsive for more than a few seconds, the Linux
kernel raises a NETDEV watchdog event. Normally, this should never
happen and indicates a problem because Apps should be suspended and not
generating TX traffic. However, during Unit-Test suspend, Apps is not
suspended and these events can be safely ignored. Disable NETDEV
watchdog events in this case to dramatically reduce logging volume.
Change-Id: Ia0d28f64d921add065d8dce3b2d6115600f16975
CRs-Fixed: 1076495
This reverts Change-Id Ia14b84f1039dc4ffec6ad63550fed21e932f8012
It was observed that in some scenarios scan results are not showing up
in the UI in a timely manner. The speculation is that not all code was
converted that needs to be converted. So revert this change for now
with the expectation that a complete change will be forthcoming. This
means that until a revised change is supplied that the original issue
of scan result aging may again be present.
Change-Id: I38d975fd9927493e81f4008b429abcae90af4fa9
CRs-Fixed: 1083225
(cherry picked from commit f40cf74d38bf630930325c6e9b703746bee107cc)
If WLAN FW crashes while in suspend mode then resume fails.
Returning failure in this case confuses kernel power manager. Do
not return failure to resume if recovery is going on.
Also do not panic for the resume failures if recovery is going
on.
Change-Id: I380194cb53ca669edaf50544657b19b74de6dfd3
CRs-fixed: 1079299
(cherry picked from commit 3ff45a5b515810d36f36e2755a3653a55ab81a4a)
If WLAN FW crashes while in suspend mode then kernel tries to
resume the driver and WMA sends resume indication to WLAN FW and
waits for the response from WLAN FW. Since FW is already crashed,
there will not be any response from WLAN FW and wait logic waits
for the timeout before bailing out. This may cause delay in
completing the recovery and may cause other race conditions
becuase of that.
Register for shutdown notification so that call back would be
called during recovery and resume event can be set to make sure
resume thread doesn't just wait for the FW response.
Change-Id: Icdd78479dd4072eabf29e7b0664d328553bfa1ad
CRs-fixed: 1079299
(cherry picked from commit 9e493ade1c08204fcfff51c66d135803d830fa60)
During remove() or shutdown(), driver waits for external thread
to complete but there is no mechanism available today to inform
lower layers that driver is about to go through remove() or
shutdown(). Add mechanism to provide the notification about
remove() or shutdown() so that lower layers can make use of it
and get out of waiting logic and complete the remove() or
shutdown() early without waiting for the timeout to happen.
Change-Id: I1eece21fb63e6d5e0454659795a4dad011483c75
CRs-fixed: 1079299
(cherry picked from commit 305516248006141ef331c8c1b7a4b56999fa496d)
channel width is not populated properly into the channel switch
parameters hence the phy_mode is configured wrongly to the FW.
Correct the channel width in the channel switch parameters and
update the CSA processing with new VHT operation IE definition.
Change-Id: I4f299dd721b602efb9e64797b1bdb34972e07797
CRs-Fixed: 1081503
(cherry picked from commit ebc53cabfb357847e434a4c822878fc4f1910be3)
An assert was observed with the following traceback:
qdf_mc_timer_stop+0x90/0x140 [wlan]
hdd_wmm_disable_inactivity_timer+0x54/0xd0 [wlan]
hdd_wmm_delts+0x168/0x240 [wlan]
iw_del_tspec+0x94/0xf0 [wlan]
In hdd_wmm_disable_inactivity_timer() there is sufficient guard logic
to only act upon a valid timer:
if (pQosContext->is_inactivity_timer_running == true) {
So it is apparent that this flag was set to true. However in this
specific use case the logs show that in the addTS path the timer was
not started and the flag was not explicitly set. So the only
explanation is that the flag was set via some other mechanism.
There are two places where a pQosContext is allocated and initialized.
In hdd_wmm_acquire_access() the implicit qos case is handled, and in
that function there is an explicit assignment:
pQosContext->is_inactivity_timer_running = false;
In hdd_wmm_addts() the explicit qos case is handled, and in that
function there is not an explicit assignment.
Note the memory is allocated by:
pQosContext = kmalloc(sizeof(*pQosContext), GFP_KERNEL);
And there is not an explicit clearing of the memory. Hence in the case
of an explicit addTS the is_inactivity_timer_running flag will have a
garbage value. So in the case at handle this garbage value must have
been equal to true.
Fix this by explicitly setting is_inactivity_timer_running in the
explicit qos case.
Change-Id: I94325ab6889780d77241d6e1b3ac0a138cf786b8
CRs-Fixed: 1083078
(cherry picked from commit 9e5e59ff7a51680d582711ef1182fc6aace1bfe1)
As of version 4.8 of the Linux kernel, the ablkcipher Api is removed.
Remove all obsolete crypto functions that reference this Api.
Change-Id: Ia82743d048834a67dfce23b91f660beb59b1e94d
CRs-Fixed: 1079951
(cherry picked from commit bf349575d765f53f207c7cb2ad6c66a198cf07de)
As of the Linux kernel 4.5, the abs() macro has changed so the results
are no longer promoted to long. Fix related issues.
Change-Id: Ic1e71327427df5fe2b47587f4dc164cbd50b86ee
CRs-Fixed: 1079308
(cherry picked from commit c980b6d8cf8f9a8beeebd702b2fc98e6b8ffc948)
As of the Linux kernel 4.7, the Api for cfg80211_scan_done() has
changed. Update references to the function and include a wrapper
to support compiling against older kernels.
Change-Id: I955d6c3767de86baeeb0760e42d12f46d0a00a5a
CRs-Fixed: 1078834
(cherry picked from commit 64288ebb9bcf45a398c7625bf79ad35dcc202eed)
nla_put_u64() was replaced by nla_put_u64_64bit() in the 4.7 Kernel.
Replace any references as needed, and provide a shim for compiling
against older versions of the Linux kernel.
Change-Id: Ia85a0d1d839a0c76a90dedd603ea667e029a1c6b
CRs-Fixed: 1078754
(cherry picked from commit b5578f0c34243338d9a421e921c9432f5c1d835f)
Net_device->trans_start was removed in the 4.7 kernel. Remove any
references to it, and replace direct assignments to it with a call to
netif_trans_update().
Change-Id: Ia512316c10afddcb1a8ed19222d933021f657a59
CRs-Fixed: 1078282
(cherry picked from commit e328cb49a4d712fe0fdf9b85c05513ef25b06458)
VM_FAULT_MINOR was finally removed in the 4.7 Linux Kernel. According
to the below documentation, we should be returning a bitmask. In this
case, we are not handling the fault and should return 0, which
happens to be what VM_FAULT_MINOR was defined as anyway.
"The vma's ->fault is responsible for returning a bitmask of
VM_FAULT_xxx flags that give details about how the
fault was handled.
Replace the reference to VM_FAULT_MINOR with 0.
Change-Id: Id1703a61b8798f307630ccdbb7b928799490413e
CRs-Fixed: 1078189
(cherry picked from commit 09dd4f4dfff7320a2312245f6952f56e5f322c6b)
Update references from enum ieee80211_band to nl80211_band, as
ieee80211_band was removed in version 4.7 of the Linux Kernel.
Change-Id: Id42cf6e20c3ebe921546d11fd22c3909aeb84ddd
CRs-Fixed: 1077221
(cherry picked from commit 8e62ee9836406b81fe3e418028cdb2ae8f5ec039)
Any time SSR protect/unprotect fails, log a count of the pending
functions. Also, periodically dump the protection log when it is
full to help with debugging.
Change-Id: I926b2f8198a14cf0fac4138400e84a6a8ffedc73
CRs-Fixed: 1082070
(cherry picked from commit dfef826bf4883bc59ea1e6bd7dfb227567b95d1d)
Fix memory leak:
1) during driver shutdown as netbufs associated with
outstanding descriptors at the time of driver shutdown
are not getting freed.
2) in ol_tx_ll_fast where in case packet fails to download,
descriptor is being freed but the netbuf associated with
it is not getting freed.
Change-Id: I6c3eaf551149078f1ecd1329d5f3fe8ab36c2f34
CRs-Fixed: 1081206
(cherry picked from commit 2e5ea6c3489e8ef40e07c45d0f8e244bbd6bee7f)
Pass correct parameter(msdu in place of head_msdu) in
ol_rx_send_pktlog_event in ol_rx_indication_handler.
Change-Id: I11c3fcf038b1b8242733bc19889d550fdf4a5766
CRs-Fixed: 1082515
(cherry picked from commit 97632b4f075245c93b348dfd2ed76b5b14bb9a5c)
Propagation from qcacld-2.0 to qcacld-3.0.
Fix DPTRACE implementation in rx path by setting
QDF_NBUF_CB_TX_PACKET_TRACK for data packet to
QDF_NBUF_TX_PKT_DATA_TRACK in
ol_rx_offload_paddr_deliver_ind_handler.
Change-Id: Iab77f19ee0040d601b3e91013d08a04362b3d4a9
CRs-Fixed: 1074435
(cherry picked from commit be3a5cd2e00aff5552dd4d55e199c5452b7b5c1b)
Add feature flags for DISA functionality in SME and WMA layers
Change-Id: I9fe33083469a2169cd06206e85d7965405d4a728
CRs-Fixed: 1076941
(cherry picked from commit 3c85d965eec08da145a26fc2ceefdaf8dcfb4df0)
P2P connection failed when scan is active on another
interface.
Abort all the scans on all the active session when
connect request is getting processed at SME.
Change-Id: Ibc7c0df7f2884710fbaf29a5b1ff5d315c3bfc52
CRs-Fixed: 1081116
(cherry picked from commit 271cbf851f7fbbfeae503097e9d06ff3cb89c761)
Association completion handler(MCthread) acquired cds
concurrency lock while holding the sme global lock and
hostapd thread is trying to aquire sme lock while holding
cds concurrency lock which resulted in deadlock.
Don't allow start BSS while connection is in progress.
Change-Id: I1887aab39d2fa13cc8a900164d2aa6d489464e42
CRs-Fixed: 1081809
(cherry picked from commit cdfb0b38197a13755847e303c753c01bd4801e82)
Currently cds_flush_cache_rx_queue() does not verify that
cds_get_context() returns a valid pdev which could subsequently lead
to dereferencing an invalid pointer. Add a validity check for this
pointer.
Change-Id: I326e0b92205fda78854c947248e675d287a7ec04
CRs-Fixed: 1082035
(cherry picked from commit 514e12df3c66ef0e457d76ef8c984874481f5117)
