The AP rejects the FILS-IM association request with reason
"Invalid IE format". In the assoc request, two problems are
seen:
1. The RSN IE has a junk group management cipher suite.
2. FILS HLP container IE is fragmented, and the fragment
IE does not immediately follow the HLP container IE.
In the assoc request, the RSN IE encoded in the authentication
is unpacked and the PMKID is replaced with the pmkr1 name
derived at the end of FILS authentication. Currently, the
existing PMKID in the RSN IE is replaced only if the group
management cipher is present. In non-802.11w case, the new
PMKID is appended at the end of existing PMKID, and leads to
improper IE format.
To fix this, replace the existing PMKID whenever PMKID is
present.
To fix invalid HLP container IE format, encode the HLP
container and its fragment IEs together in the assoc request.
Also, inorder to get the pmksa match from the crypto table for
a FT-FILS, fill both ssid and cache ID. Without cache id, the
cached entry is not updated with MDIE.
Change-Id: I654b5527a726eb7872b90fb19a3d97623f3caa68
CRs-Fixed: 3233081
Wrong value of Roam reason and sub-reason code is sent to
userspace via diag logging.
Convert the value of reason and sub-reason code to qca
specific code before sending it to userspace
Change-Id: Iebdc5f8673e2da6a208a89caca9a742202256bcc
CRs-Fixed: 3236178
In the cm_roam_result_info_event() api, for roam result the
current AP bssid is sent instead of candidate AP.
Correct this to send candidate AP bssid during roam result
logging.
Change-Id: I4b1d4634faa3fbf3e7b32af8c13d4b444d26c505
CRs-Fixed: 3237021
After WLAN_TWT_CONV_SUPPORTED enabled, TWT variables are moved from
COMP_MLME to COMP_TWT, APIs are updated too, hdd_update_tgt_twt_cap
just intersects enable_twt and twt_requestor of COMP_TWT instead of
COMP_MLME, legacy variable mlme_cfg->he_caps.dot11_he_cap.twt_request
isn't controlled by ini enable_twt now.
Change-Id: I71bb09704fd96591f37019ebbb77733cff04af25
CRs-Fixed: 3229121
BTM and EAPOL events are sent through the vendor event to
the supplicant
Modify the BTM and EAPOL event log flow through the diag
event to the supplicant in order to maintain single
logging infrastructure
Change-Id: I1e21d1192be059cc48189bc57aacbc314d5297bc
CRs-Fixed: 3219065
Roam Diag logs are sent through the vendor event to the supplicant.
Modify the Roam Scan start and Roam Candidate log flow through
the diag event to the supplicant in order to maintain single
logging infrastructure.
Change-Id: Idd85b46f72a481aa99e243c81952010d2779afaf
CRs-Fixed: 3218639
In multiple AKM suite roaming scenario, if the STA is
roaming from WPA3 to WPA2 AKM suite, during the roam sync the
rso config will have the PMK of previous WPA3 connection. The
RSO start for the new connection would plumb the PMK of WPA3 to
the FW. After the RSO is enabled, set_key from userspace will
update the proper PMK of the current WPA2 to the FW via
RSO Update.
Due to a race condition, the set_key from userspace can reach
driver before the RSO start is sent to the FW. In this case,
the RSO update(due to set_key) will fail. Therefore, the FW
will keep the WPA3 PMK(in RSO start) as the final PMK for
the WPA2 connection, leading to roam failures.
To fix this, if the set_key for the connected bssid is
received during Roam sync in progress, then mark the
set_key rejection in vdev and send RSO update to the
FW after RSO gets enabled.
Change-Id: Ibb5a4929212e6c2ccabf39136962d3a8e606ece9
CRs-Fixed: 3212800
In the api cm_roam_candidate_info_event(), the value of
throughput is sent in Mbps whereas throughput is expected
in Kbps
Correct this by converting the throughput to Kbps instead of
sending it in Mbps.
Change-Id: I0fe95efc3a02d43187ff2c0423813529687c2ee9
CRs-Fixed: 3224754
When supplicant disables firmware roam, RSO stop command with
roam scan mode value 4 is sent to firmware and this value 4
indicates the firmare to enable only Forced roam trigger(roam
invoke command from host). But before
ROAM_DEINIT(WMI_VDEV_PARAM_ROAM_FW_OFFLOAD with value zero) is
posted to firmware, the roam scan mode should be 0 or else there
could be potential peer unmap failures if firmware has already
started roam and disconnect is triggered from north bound or from
peer.
To avoid this, in the roam offload state machine handle the state
switch from RSO stopped to deinit if supplicant disabled roaming
flag is set and send RSO stop with roam scan mode value 0 to
firmware.
Change-Id: I6ff39f43bd75c95ed03c357a5602e25a5a0ffd92
CRs-Fixed: 3229082
WMI_ROAM_GET_VENDOR_CONTROL_PARAM_CMDID: Add support
for a new roam command to get vendor control parameters
from FW. Host needs to send proper param ID in command
(from enum WMI_ROAM_GET_VENDOR_CONTROL_PARAM_ID)
to get corresponding INI value from FW.
WMI_ROAM_GET_VENDOR_CONTROL_PARAM_EVENTID:
Add support for a new roam event to get param value
from FW. FW sends this event upon receiving
WMI_ROAM_GET_VENDOR_CONTROL_PARAM_CMDID command.
Change-Id: I03679bcf359a0f425aab7b9ea1c3cb6d84fbb0ca
CRs-Fixed: 3225160
Add new tags for reassociation request and reassociation
response. Parse the association id from roam stats event
and send it over the connectivity logging event
Add support to print AID and BT-COEX field.
Change-Id: I7926b5c69a84404b666acfd5e2db30426d085881
CRs-Fixed: 3221624
Add support to parse a new INI named
"bss_load_trigger_6g_rssi_threshold/RoamCU_6GRSSIRange"
and send its value to FW via WMI_ROAM_BSS_LOAD_CONFIG_CMDID.
Min, Max and default value of this INI:
Min: -120
Max: 0
Default: -70
Change-Id: I9aa99d887553de4022fc0a31dc0644601cd340d6
CRs-Fixed: 3225548
When STA receives a connect req (C1) and it requires hw mode
change. Now the hw mode change resp will take the SME global
lock and call connection manager API, which will try to
acquire CM lock.
But if before that one more connect req (C2) is received in
another thread which has acquired CM lock before C1 can
acquire it, and this connect req C2 will also flush the C1
from CM queue. Now if C2 also require hw mode change, which
also require to acquire SME global lock.
So both connect will wait for each other to complete, leading
to deadlock.
To fix this, from hw mode change response, break the context
(by posting to scheduler thread) so that sme global lock is
released and C2 is processed.
As C1 is already flushed by C2, on scheduler thread execution
once it get CM lock it will be dropped silently, and C2 will
proceed with connect.
Change-Id: I14efb0f21442edcae90a4abea20cb0b9e06a0758
CRs-Fixed: 3223786
Currently host sends first, final bmiss count to fw
Add support for bmiss timeout(in seconds)
during wakeup as well as sleep state to fw.
Change-Id: Id748fabdff94f5fa3038bcea1b1cac733ac2dbe1
CRs-Fixed: 3224106
GETROAMSCANCONTROL and SETROAMSCANCONTROL driver commands
will be deprecated from Android 13. So remove all logic
related to these driver commands in the host.
Change-Id: I05fafbec2b3f3b798c8c89d0c33b1dbf5c1b45d4
CRs-Fixed: 3225052
-Wimplicit-fallthrough is being enabled by default. Some compilers
such as clang require the attribute instead of just a fallthrough comment.
Change-Id: I7a04c8727121f58a5d6dcd575446c9acedea164b
CRs-Fixed: 3216248
set_primary_vdev usecase in STA+STA concurrency is to use that
interface(e.g. wlan0) over the other interface(i.e. wlan1) for
data transfer.
Non-primary vdev use case is to check the quality of that link
and decide if data can be switched to it and make it primary.
It may get disabled if it's not going to become primary STA after
measuring the link quality for sometime or with few APs.
Enable roaming on non-primary vdev also to find better AP.
Change-Id: I3205f1ee1b7da4aa813955308730949ccc70941f
CRs-Fixed: 3219633
When an ML STA connection exists with more than one link and if
another STA connection is attempted, allow it. Disable the link
causing MCC with the new station after successful connection.
If there is only one link, reject the second STA connection.
Change-Id: I3cd95e0b425f5e1f96d75f226b058668f030151f
CRs-Fixed: 3218700
Currently, roaming state machine relies on the disconnect
sequence where link vdev gets disconnected first and then
assoc vdev. RSO stop is sent as part of link disconnection
and skipped for assoc vdev disconnection as the roaming
state machine is per ML than per link.
If link vdev connection hasn't happened due to some
reason (e.g. link not available in scan while connect, single link
ML connection), RSO stop command is not sent to firmware due
dependency on above sequence.
Check roam state while processing assoc vdev disconnect and send
RSO stop command to firmware if it's in enabled state to cleanup
the RSO state machine in firmware.
Change-Id: If3e9a579c0f3da27a337fbbffcaf0beb580bd8bd
CRs-Fixed: 3215155
Generally below process should happen in renegotiation failure
case.
1. TWT setup (successful)
2. TWT setup (renegotiation failure)
3. TWT teardown
4. TWT GET STATUS - 0(dialog ID) 0 0 0
5. TWT setup - successful
Since all WMI TWT events gets executed in WMI thread. So when
renegotiation failure case hits, driver sends TWT
teardown to firmware and waits for twt ack in worker thread.
In same worker thread TWT event needs to be processed.
TWT ack event will not process as it's waiting in same worker
thread and it will get timedout.
As part of fix, break the context in renegotiation and
send the teardown in the new worker context.
Change-Id: I13c8d44d6582e39d1cc2c2aa10a500fffbf150b1
CRs-Fixed: 3204750
Limit mlo link num and band by psoc sta cfg mlo_support_link_num and
mlo_support_link_band.
If mlo_support_link_num is 1, only permit 1 mlo link, don't permit
partner link.
Disable both assoc link and partner link on disallowed band too.
Change-Id: I04f0725ceb0fb4e0bd14ca44ff1a870702b62285
CRs-Fixed: 3211973
In api wlan_cm_is_roam_sync_in_progress(), the roam_sync
status is checked for every instance of
wlan_cm_is_roam_sync_in_progress resulting in excessive
printing of cm_is_vdev_roam_sync_inprogress logs
Add check to verify roam_sync status for STA mode which
results in trimming of cm_is_vdev_roam_sync_inprogress()
logs.
Change-Id: If0228edb90d718c7fde2b8f34e0003256cfd139b
CRs-Fixed: 3211915
Currently, when driver receives connect request on secondary STA,
it checks if the secondary STA channel and first STA channel are
on different band to allow. This works fine for DBS solutions but
SBS solutions support same band(5GHz) channels on different MACs.
So, check if the secondary STA channel is on different mac to
allow connection.
Change-Id: If9cfe0f4605e31ab54b38a85fb9d38e9ca65871d
CRs-Fixed: 3212686
When SAP and STA both are in 11n mode then STA doesn't populate
twt_req bit during assoc req. Because of this TWT commands failed.
As part of fix, check the below variable before setting twt_req
1. TWT requestor support from firmware
2. Enable TWT ini
3. TWT ini support in 11n
4. TWT requestor support from host
Set twt_requestor bit only if all above variable are set.
Change-Id: I77f2397f986b517cd5292109927eece7fdb4c7c1
CRs-Fixed: 3210015
Sta is not allowed to connect/roam in 6 GHz frequency or indoor
frequency in non-DBS target if SAP is active.
But STA roams to 6 GHz AP when SAP is active since the PCL allows
6 GHz frequency.
While populating PCL to firmware, check if 6 GHz and indoor
frequencies are allowed for non-dbs target and set the
weight appropriately if the channels are not allowed
Change-Id: I0e5fdc5b3c4177283d91cdfc58359336cc11910d
CRs-Fixed: 3205494
When disconnected request started for an MLO connection,
link vdev gets disconnected first and then assoc vdev. So active
disconnect request is queued for link vdev first. As part of
RSO stop request-response handshake, the disconnect request is
cached and RSO stop request is sent to firmware. Disconnect is
supposed to resume for link vdev after getting the RSO stop
response . But currently, first MLO vdev gets checked if it
has active disconnect. This may fail to fetch the active
disconnect request if the first vdev in the list is assoc vdev
as it doesn't have active disconnect but link vdev has.
Check if it's a link vdev to resolve this and fetch active
disconnect req always.
Also, if there is only one link present(e.g. single link
connection or failed to connect the secondary link, etc.. ) in the
vdev_list, current release of vdev refs at the end of the API
wlan_cm_mlo_update_disconnecting_vdev_id() is not valid as it's
trying to release all links. Release only the links for which
reference is taken.
Change-Id: Idcb8a979dbdadafd4690e51a7301c4a7dfe82f73
CRs-Fixed: 3203969
Add logic to disable a link vdev if concurrency doesn't allow it.
Send mlo_force_link_inactive in peer assoc for this and add
it in deleted table on connection complete.
Also disable the link if roam sync indication indicate
that link is disabled.
Change-Id: Ib0615308a669a5fd9d2b8ef6f8ab3f50953f658d
CRs-Fixed: 3192728
Add disabled links table and APIs to move and remove
vdevs from disabled links table.
Change-Id: I610bbd10e387a4bcd3a5d5c88c3dba5698878441
CRs-Fixed: 3181474
During full scan only 2.4Ghz channels are printed.
Along with 2.4Ghz channels print 5Ghz channels.
so, use policy_mgr_get_connected_roaming_vdev_band_mask()
instead of policy_mgr_get_connected_vdev_band_mask()
After Roam result candidate or currently connected
AP bssid is not printed. so, printed candidate or
currently connected AP bssid by changing logic
Change-Id: I800ebdc033480b93150bdeb00a900c373ba333dc
CRs-Fixed: 3185092
Currently we are reading early stop scan min and max
threshold to unsigned int, because of which we are
sending wrong values to FW.
Read early stop scan threshold min and max values
to signed int to send correct values to FW.
Change-Id: I2e96b3c3e9fb48352d8075a4e7a96eae41dacedc
CRs-Fixed: 3191076
Userspace sends the vendor command WIFI_TEST_CONFIGURATION by
setting the attribute WIFI_TEST_CONFIG_IGNORE_H2E_RSNXE when
driver needs to ignore the SAE H2E mismatch for 6 GHz connection.
This is needed for certification test support.
Change-Id: Ic26e733e21811a9f19c6e35e27a9d63616c17c1b
CRs-Fixed: 3050391
Initialize struct cm_roam_values_copy to avoid using uninitialized
parameters in wlan_cm_roam_cfg_set_value().
Initialize struct pdev_params to zero to avoid using uninitialized
parameters in wmi_unified_pdev_param_send().
Change-Id: I820db09840431487f1756695a0562f8a794f549f
CRs-Fixed: 3187194
when firmware sends TWT notify event with status
HOST_TWT_NOTIFY_EVENT_AP_TWT_REQ_BIT_CLEAR or
HOST_TWT_NOTIFY_EVENT_AP_TWT_REQ_BIT_SET.
Host will check the peer TWT required bit and take the
following action:
1. If fw sends HOST_TWT_NOTIFY_EVENT_AP_TWT_REQ_BIT_CLEAR then
host will dynamically change the peer twt required bit as 0.
2. If fw sends HOST_TWT_NOTIFY_EVENT_AP_TWT_REQ_BIT_SET then
host will dynamically change the peer twt required bit as 1.
Change-Id: Ia72aab685adf5b56f674e21ceedc2c498930403c
CRs-Fixed: 3163826
Currently TWT works only in 11ax. Add enable_twt_in_11n
ini to support TWT in 11n mode.
False: DO not support TWT in 11n mode
True: Support TWT in 11n mode
Change-Id: If1011c9a24b9c285199d7b0e60e5614d6c1f8786
CRs-Fixed: 3185100
Currently, roam scan mode is updated as roam offload while setting
primary vdev, but expected scan mode in this case is none. This is due
to wrong reason is propagated from cm_roam_stop_req to
cm_roam_scan_offload_fill_rso_configs.
So, reason in roam stop config is updated with set roam primary which is
propagated to cm_roam_scan_offload_fill_rso_configs.
CRs-Fixed: 3182222
Change-Id: I6d0db95f475038e659bddeb24b79ac4f67c9c079
Use the Connection Manager state machine to check if the
VDEV is currently in roam sync state. RSO states can be
changed dynamically based on the roaming configuration, whereas
the state machine would maintain the state.
Change-Id: Ic5c9a3a322febfe6b71f4684d5074dad599ecd37
CRs-Fixed: 3183191
Add support for QCA_WLAN_TWT_SET_PARAM command to configure
QCA_WLAN_VENDOR_ATTR_TWT_SET_PARAM_AP_AC_VALUE attribute.
This attribute provides access category value for
WMI_PDEV_PARAM_TWT_AC_CONFIG. This is used by firmware to
configure access category for TWT HW queue in TWT Responder
mode(SAP).
Change-Id: I5131967ff2061bf6afad7bc5f091a7eb5ee01b8a
CRs-Fixed: 3168197
SAE authentication logging events are sent from host
driver during connection as well as during roaming.
But the other roaming frame related stats are printed
as part of the WMI_ROAM_STATS_EVENTID handling.
Since this roam stats event is received after preauth
frame related logs are queued to userspace, the order
of the logs are not correct.
Cache the SAE preauth logs in mlme and print them
upon receiving ROAM stats event. Read the firmware
service capability to decide if new caching needs
to be used or legacy behavior needs to be followed
Change-Id: I76381b9deef222f1481325974e2b5d9730eb2b67
CRs-Fixed: 3154147
Assume AP1 and AP2 are SPMK APs. For SPMK AP(s), Host
should add an entry of an AP in PMK cache table like below in
two cases only:
Case 1. When DUT successfully associated with SPMK supported AP
In this case host update “is_spmk_ap” flag in PMK
table by parsing beacon of associated AP after
successful connection.
Case 2. When DUT successfully roamed to SPMK supported AP
In this case host update “is_spmk_ap” flag in PMK
table by parsing roam sync indication event.
In case of connection with SPMK AP, Host selectively deletes PMK
entry for other SPMK supported AP(s) on basis of “is_spmk_ap”
flag and maintains only one entry for all SPMK AP(s). And host
sends the same single PMK in RSO for further roaming to SPMK AP.
Initially, DUT is connected with AP2. Then Disconnection happens with
AP2 due to NUD failure. After disconnection, the upper layer sends
flush PMK requests for AP1 and AP2. Host deletes old PMK entries for
both APs. Now upper layer sends a set PMK request for AP2. Host adds
AP2 entry in PMK cache table but host does not set "is_spmk_ap" flag
in PMK table for this entry as DUT is not connected to AP2. Now host
receives a connect request for AP1 from the upper layer. DUT
successfully associated with AP1 by performing full SAE authentication.
Host adds an entry for AP1 in the PMK cache table and sets "is_spmk_ap"
flag for AP1 but fails to delete the entry for other SPMK AP(s), here
AP2, from PMK cache table. This is because of "is_spmk_ap" flag is not
set for AP2. At this point of time below is the PMK cache table entry
for SPMK AP(s): The Host PMK cache table has two entries for two SPMK
APs.
BSSID PMK is_spmk_ap flag
AP2 PMK2 0
AP1 PMK1 1
Now FW roams to AP2 using PMK1. Host process roam sync indication for
AP2 and updates "is_spmk_ap" flag for AP2 in the PMK cache table. As
Host has a stale entry for AP2 in the PMK cache table, Host sends AP2’s
PMK (here PMK2) in RSO command which firmware will use for further
roaming but roaming fails due to invalid PMK, as target SPMK AP expects
PMK1 in reassociation request.
To handle these scenarios, FW should send PMK info of roamed AP and
host override stale entry for roamed AP (if any) with roamed AP's PMK
in PMK cache table.
Change-Id: I5e46d16a64aa05469ebc389df9b638351d02a1e0
CRs-Fixed: 3152132
If host invoke roam failed, roam request is freed from vdev when
EV_ROAM_INVOKE_FAIL is handled, can't access it after that.
Change-Id: Ia486a18a6213fce693f85e8f633d343a367ab6e2
CRs-Fixed: 3178286
Currently min_dwell_time_6g ini support is there only for normal
scan.
Added support to configure min_dwell_time_6g in roam offload scan.
Change-Id: I7da5fff738dbaf2a28a909e58ab6c797724ccfaf
CRs-Fixed: 3156597
Currently wmi_roam_event_id event handler only register under feature
WLAN_FEATURE_ROAM_OFFLOAD, but it's needed for LFR2 roaming too. So
refine roam event processing for LFR2/LFR3.
Change-Id: Ic07fd8a543142fc1e151f484979ab99ff55ce802
CRs-Fixed: 3161973
As per the requirement, if TWT setup request is issued when
power save is disabled, expectation from driver is to return -EAGAIN.
Change-Id: I7a519d15787f912338afabf7e83b561cb3a2ebc0
CRs-Fixed: 3163880
Peer MAC address is not specified when get_peer_by_mac fails.
We should print the peer MAC address with debug message.
Change-Id: I9d75098784879ddecd447f8dbbcd61e6cdc1bf76
CRs-Fixed: 3153776
