d054e0b3e2
Currently, ROAM_SYNC is aborted on the corresponding vdev when the vdev is not in CONNECTED state. This abort operation sends an RSO_STOP to fw but the status is not notified to the caller. This results in a race condition in the below scenario, 1. Firmware roamed to a 2-link ML AP and sent Roam sync ind to host 2. Host posted ROAM_SYNC on vdev-0 in scheduler thread context as the vdev-0 state is CONNECTED 3. Got a DISCONNECT request from userspace in user thread and the states moved to DISCONNECTING. 4. Host tried to post ROAM_SYNC to vdev-1 but aborted as the state is not CONNECTED and tries to send RSO_STOP to fw. This RSO_STOP won’t be sent as it’s a link vdev and the RSO_STOP should go from assoc vdev later. But this status is not indicated to the caller which proceeds with vdev-0 ROAM_SYNC. 5. As vdev-0 ROAM_SYNC doesn't check for the connection state once processing is started, ROAM_SYNC would be completed on vdev-0. 6. This causes out of sync and vdev-1 doesn't get cleaned-up. 7. As part of the disconnect, host tries to cleanup the old peer on vdev-1. But firmware ignores this as that peer is already cleaned up in fw. This results in peer map-unmap issue later as the new Roamed peer on vdev-1 will never get cleaned-up in host but the same got cleaned up in fw. FW is free to use that peer_id to another peer mac later and when it does, host DP complains. So, indicate ROAM_SYNC abort status to the caller to abort the complete Roaming. Change-Id: Ic65149ddf28f01ca5d7a0f6d3137a38e64e6c6ae CRs-Fixed: 3786671
This is CNSS WLAN Host Driver for products starting from iHelium