Currently host sends bmiss set param commands
separately to firmware.
Combine bmiss set params send to WMI to reduce
number of transactions.
Also replace target wmi vdev params with host wmi
vdev params to fix existing broken layering
violation.
Change-Id: I5867ee76f68abf462becafc1f5f80c422c239f4b
CRs-Fixed: 3333237
This is applicable only when the roaming happens from 2.4 GHz/5 GHz
to 6 GHz AP.
The value is used to check if the 6 GHz AP to which we are roaming
(from 2.4 GHz/ 5 GHz) is better than current AP in terms of RSSI.
This checking is disabled if the value is set to zero.
Change-Id: I77f1183e1fd704dfa153841e669a20c9e75d0fe7
CRs-Fixed: 3353346
During the roam scan, if there are no desired APs found in the partial
frequency list, an immediate full scan on all the supported frequencies
is initiated as a fallback. This would include the 6 GHz PSC
frequencies by default.
This attribute allow that behavior to be modified to include PSCs only
if 6 GHz use has been detected in the environment.
Change-Id: I6dc380419f14b920737fd87cd9a487c28364563b
CRs-Fixed: 3351697
User can include/exclude the frequencies in roam full scan that
were already scanned by the previous partial scan, using the new
vendor attribute introduced as part of roam vendor command.
Host sends the configured value to firmware.
As per current implementation of roam scan, if there are no APs
found during partial scan, immediately a full scan will be
initiated as a fallback. This includes all channels that were
already scanned as part of partial scan.
This attribute controls the optimization, to exclude all channels
which are already scanned as part of partial scan.
Change-Id: Icd6381b4daadcfe32dabda131ae92e2e32f07f1d
CRs-Fixed: 3343657
When dual sta connected as SBS mode instead of dbs mode, driver didn't set
pcl per vdev, so dual sta had same PCL in firmware, MCC may happened after
roaming.
Fix:
1. Host pass roaming MCC disallow flag to F/W by checking primary vdev id.
2. For platform SBS supported, when doing dbs or sbs, send PCL from table
to F/W directly, allow SCC and SBS<->DBS roaming, don't limit to intra
band, only avoid mcc case if no primary vdev.
3. Use policy_mgr_concurrent_sta_on_different_mac to replace
policy_mgr_concurrent_sta_doing_dbs, add logic to consider SBS when set
PCL to F/W.
4. Change dual sta PCL table to remove mcc channels.
5. When STA channel switch, also update PCL to F/W.
6. For roaming case, do vdev level PCL update for all sta after connection
update in policy mgr, or wrong PCL is got.
Change-Id: I631c84c96da2bba4011b69e4c076db174205c874
CRs-Fixed: 3336768
User can configure roam hand-off delay value using the new vendor
attribute introduced as part roam vendor command.
This change gets the configured value and sends it to firmware.
And firmware delays the roam Hand-off (in msec) by the specified
duration to receive pending RX frames from the current BSS.
Change-Id: Ic328c077cba06532ee8ffed12cde072c816b92e0
CRs-Fixed: 3329964
When firmware attempts roaming to an MLO AP, it tries to find
the complete ML info(all links info) either through ML probe
response or beacons from all the links. It forwards all link
beacons(or ML probe response) to host as part of roam sync
indication through roam sync frame event.
Add support to fetch both link beacons and add them to scan db.
If firmware sends ML probe response, generate link probe response
as well and add it to the scan db.
The link scan result can be used in link connect in case of
hybrid roaming like OWE, 1x,..
Change-Id: Ic8457a5630441d6fd3faeb4791c79422db787f94
CRs-Fixed: 3335225
Add check 11be supported before send the MLO roam config wmi
command by API wlan_psoc_mlme_get_11be_capab.
Change-Id: I101e2c614efd44c7eabac0f45dc558e044185b6b
CRs-Fixed: 3305746
Send MLO Roam config to target, including:
support_link_num: Configure max number of link mlo connection supports.
support_link_band: Configure the band bitmap of mlo connection supports
Bit 0: 2.4 GHz band support if 1
Bit 1: 5 GHz band support if 1
Bit 2: 6 GHz band support if 1
Change-Id: Id59fc93cc271266ff794702d997ffc5113de5bc1
CRs-Fixed: 3273012
Currently host starts the start_rso_stop_timer when it sends roam
stop related commands to firmware. And tries to stop the timer when
it receives roam event with reason ROAM_REASON_RSO_STATUS or
ROAM_REASON_HO_FAILED. Since firmware also sends roam event with
above reasons when host configs other roam parameters. This causes
host confused about whether to stop the timer or not.
To resolve this issue, add one more condition
roam_event->notif_params == WMI_ROAM_SCAN_MODE_NONE
Change-Id: Ia24d5bba1e35bc4102951adcafc76edda7769d35
CRs-Fixed: 3267506
To avoid unmeaningful roaming, when low RSSI trigger,
only roam when rx linkspeed is also bad.
Steps:
1. F/W indicates feature supported by:
wmi_service_linkspeed_roam_trigger_support
2. App sets vdev rx link speed threshold by vendor cmd.
3. Bus_bw_work gets rx link speed from data path periodically.
4. If found rx link speed change from good to poor, or poor to good, send
to F/W.
5. F/W low rssi roaming is triggered only when both RSSI and link speed are
poor.
Change-Id: I56829e42b26e407dd8e989a870aee2b3ea406232
CRs-Fixed: 3261996
Sometimes fw sends roam event with RSO status 7, it does not need
host driver trigger in function target_if_cm_roam_send_stop. When
this scenario happens, driver tries to stop the timer which does
not started and dumps wrong info.
Change-Id: I82f723bb8e8c5b6108caff48a9189eeaf2686a2c
CRs-Fixed: 3261664
In target_if_get_roam_vendor_control_param_event_handler,
there are 2 possible NULL pointer dereference issues:
1. Host calls target_if_get_psoc_from_scn_hdl API to get
psoc object. But as per current logic even if psoc is
NULL, psoc is dereferenced by passing it as an argument
to get_wmi_unified_hdl_from_psoc.
2. Host calls get_wmi_unified_hdl_from_psoc API to get
wmi_handle pointer. But as per current logic even if
wmi_handle is NULL, wmi_handle is dereferenced by
passing is as an argument 1 to function
wmi_extract_roam_vendor_control_param_event.
Fix is to update the sanity check logic for psoc and
wmi_handle pointers to avoid possible NULL pointer
dereference.
Change-Id: I3c3df062b538b05218e729d7bf6806e221073269
CRs-Fixed: 3242435
Acquire the runtime pm lock when roam sync event is received
and release after roam sync complete is sent.
Change-Id: Ic56d353dd343f5fcbc228a8d7251e047177b9a9b
CRs-Fixed: 3238723
WMI_ROAM_GET_VENDOR_CONTROL_PARAM_CMDID: Add support
for a new roam command to get vendor control parameters
from FW. Host needs to send proper param ID in command
(from enum WMI_ROAM_GET_VENDOR_CONTROL_PARAM_ID)
to get corresponding INI value from FW.
WMI_ROAM_GET_VENDOR_CONTROL_PARAM_EVENTID:
Add support for a new roam event to get param value
from FW. FW sends this event upon receiving
WMI_ROAM_GET_VENDOR_CONTROL_PARAM_CMDID command.
Change-Id: I03679bcf359a0f425aab7b9ea1c3cb6d84fbb0ca
CRs-Fixed: 3225160
Add support to parse a new INI named
"bss_load_trigger_6g_rssi_threshold/RoamCU_6GRSSIRange"
and send its value to FW via WMI_ROAM_BSS_LOAD_CONFIG_CMDID.
Min, Max and default value of this INI:
Min: -120
Max: 0
Default: -70
Change-Id: I9aa99d887553de4022fc0a31dc0644601cd340d6
CRs-Fixed: 3225548
Currently host sends first, final bmiss count to fw
Add support for bmiss timeout(in seconds)
during wakeup as well as sleep state to fw.
Change-Id: Id748fabdff94f5fa3038bcea1b1cac733ac2dbe1
CRs-Fixed: 3224106
Currently wmi_roam_event_id event handler only register under feature
WLAN_FEATURE_ROAM_OFFLOAD, but it's needed for LFR2 roaming too. So
refine roam event processing for LFR2/LFR3.
Change-Id: Ic07fd8a543142fc1e151f484979ab99ff55ce802
CRs-Fixed: 3161973
Replace blacklist/whitelist with denylist/allowlist in
qcacld3.0. and replace blm with dlm.
Change-Id: I9ba61dde3b3ea008ca3777448d1f8dab83d33ec1
CRs-Fixed: 3091211
Firmware doesn't expect any vdev commands from host while RSO stop
is happening. It sends a response to the RSO_STOP command once
it's done with cleanup. Host needs to run a timer after sending
RSO stop command to firmware and wait for a maximum of 6 seconds
for the response. Host can stop the timer and allow the commands
to firmware in the below cases,
1. RSO_STOP response with success status
2. RSO_STOP response with HO_FAIL status followed by
HO_FAIL event: Host needs to wait till HO_FAIL event is received
If firmware doesn't send any response in the 6 seconds wait, issue
a recovery to help to check the firmware state.
Also, set WMI_ROAM_SCAN_MODE_FLAG_REPORT_STATUS always when MLO is
supported while sending RSO_STOP to firmware. It's sent only
in case of wpa_supplicant disabled roaming currently.
Change-Id: I8182e60beb9288dba23cc72e978dc781c8ab1707
CRs-Fixed: 3106023
When wmi_roam_synch_frame_event receieved from firmware, memory is
malloced to save probe rsp/reassoc req/reassoc rsp once extract event,
when copied to vdev rso_cfg->roam_sync_frame_ind, memory is malloc again,
and original memory isn't freed, memory leak happens.
To fix it, assure memory is only malloced once to save
probe rsp/reassoc req/reassoc rsp when handle wmi_roam_synch_frame_event.
Change-Id: I6b31378bcf624547fca9fd858268252fd22f533d
CRs-Fixed: 3107576
During SAE roam auth offload, update the beacon/probe response
frame coming from the FW via WMI_ROAM_FRAME_EVENTID into the
scan db.
When the bss info of the preauth candidate is unavailable in
the host/kernel scan entry, supplicant fails to determine the
proper SAE PWE config of the peer and the commit request fails.
Change-Id: Ia782ece7bebf8274f949fe9fb3b2a2882bf47597
CRs-Fixed: 3075458
Currently memory allocated for structure roam_pmkid_req_event
is freed in two places causing usage after free.
Fix is to free memory only once in
target_if_pmkid_request_event_handler api.
Change-Id: Idc70e8437f89cb1cf4f6d35f924085409994714a
CRs-Fixed: 3064667
For allowlist roaming, EAPOL isn't offloaded for PMK changed, then
RSO is stopped and allowlist ssid is cleared in F/W, but when RSO
is restarted after EAPOL finished, allowlist ssid isn't reset to F/W,
so allowlist roaming will fail after that.
To fix it, when roam start or update cmd is sent to F/W: update
allowlist ssid and denylist to F/W.
Change-Id: Ia8ddc251767dfc04d9a6cfd1e7c1074ab0e88e96
CRs-Fixed: 3081226
Add new vendor command to enable the roam events stats from the
driver/FW in both resume and suspend mode.
New roam param is introduced to indicate the FW to enable/disable
the roam stats using the new roam set command.
Change-Id: I6d04f0946e6735613a4cf3d4361bf31052314fa0
CRs-Fixed: 3036518
Currently, target_if forwards the blacklist event to upper layers
even if there is no AP info present. This event can be dropped in
target_if to avoid accessing unallocated memory.
Change-Id: Icfaabb0a8e3304882979ffde7f5cd27fd4c8a067
CRs-Fixed: 3057424
Currently WMI_DBGLOG_TIME_STAMP_SYNC_CMDID command sent
every 1 sec causes RTPM collapse and inturn has power
impact. So to avoid this enable time of the day synchronization
only after connection/roaming.
Send WMI_DBGLOG_TIME_STAMP_SYNC_CMDID as part of RSO
start command.
Change-Id: Iee3cefe1318a6e5507a43cefb9666cc2a439fe06
CRs-Fixed: 3060762
wma to target_if convergence code is guarded under the feature
flag ROAM_TARGET_IF_CONVERGENCE and it's is enabled currently.
Remove the flag usage and remove the deprecated code(else part)
also.
Change-Id: I6973d9c366ec6a9c6164dd19f6f4775dd3ebf5f0
CRs-Fixed: 3049942
Currently, the ROAM event is posted to scheduler thread when it's
received from firmware. This is done to avoid processing the
complete event in IRQ context as the same callback gets called
from IRQ context for WOW events(WOW_REASON_LOW_RSSI and
WOW_REASON_HO_FAIL). Posting the ROAM event to scheduler
thread may introduce some additional delay in processing it back
as there would be a context switch.
If this ROAM event carries ROAM_START which is followed by a
ROAM_SYNC event, there is chance to process the ROAM_SYNC
before ROAM_START as ROAM_SYNC would be processed in the same
context whereas ROAM_START needs a context switch. This results
into an invalid connection manager state after processing
ROAM_START event, which results a connection failure.
Same is applicable for ROAM_PMKID_REQ_EVENT and
ROAM_VDEV_DISCONNECT_EVENT. Avoid reposting the same to scheduler
thread.
Change-Id: Ic4fc1b3baf12e4ceee9a0975ebfee77fb88ab6f0
CRs-Fixed: 3033657
Send additional roam trigger TLV for BTC in
WMI_ROAM_ENABLE_DISABLE_TRIGGER_REASON_CMDID
command, to support a new roaming trigger
"WMI_ROAM_TRIGGER_REASON_BTC".
Change-Id: Ib767bd6bcf005c187b0fb58986ad287fe8753c1b
CRs-Fixed: 3009788
target_if expects psoc as part of roam events which is used for
event extraction. Send the same as it's missing currently.
Change-Id: I04729df90d8e64e07427fe47926a8a92a24aaf23
CRs-Fixed: 3027055
Currently, wmi_roam_pmkid_request_event_id data is extracted and
processing is also done in wma. This is not inline with component
model where target_if takes care of data extraction and handover
the extracted data to corresponding component(connection mgr in
this case). Add changes to support the same.
Change-Id: I3fad4e4d7ceeb85c632723e161809bf980d5375f
CRs-Fixed: 3014248
Currently, wmi_roam_auth_offload_event_id data is extracted and
processing is also done in wma. This is not inline with component
model where target_if takes care of data extraction and handover
the extracted data to corresponding component(connection mgr in
this case). Add changes to support the same.
Change-Id: I128db23077d423c5e5ecf27636bc3af35cbbc58f
CRs-Fixed: 3010419
Currently, wmi_roam_stats_event_id data is extracted and
processing is also done in wma. This is not inline with component
model where target_if takes care of data extraction and handover
the extracted data to corresponding component(connection mgr in
this case). Add changes to support the same.
Change-Id: I5e336b01e1a2183e49b3e6eeb125c7c9fd0fd73c
CRs-Fixed: 3003125
Currently, wmi_roam_scan_chan_list_id data is extracted and
processing is also done in wma. This is not inline with component
model where target_if takes care of data extraction and handover
the extracted data to corresponding component(connection mgr in
this case). Add changes to support the same.
Change-Id: I8f59f9ebfe1bbdc7ef37ccc1f10178fe8128e912
CRs-Fixed: 2990376
Currently, wmi_vdev_disconnect_event_id data is extracted and
processing is also done in wma. This is not inline with component
model where target_if takes care of data extraction and handover
the extracted data to corresponding component(connection mgr in
this case). Add changes to support the same.
Change-Id: I2486cc3f63c4b35305b60ac55cd0a622c7185323
CRs-Fixed: 2990373
Currently, wmi_roam_blacklist_event_id data is extracted and
processing is also done in wma. This is not inline with component
model where target_if takes care of data extraction and handover
the extracted data to corresponding component(connection mgr in
this case). Add changes to support the same.
Change-Id: I41d2ef6c228acd8f86f24107c02d11f1a8ac6dea
CRs-Fixed: 2990369
Currently, wmi_roam_event_id data is extracted and processing is
also done in wma. This is not inline with component model where
target_if takes care of data extraction and handover the extracted
data to corresponding component(connection mgr in this case).
Add changes to support the same. As the legacy CSR/LIM is not
yet converged, have a wrapper from connection mgr to wma to call
these legacy APIs.
Change-Id: I0e22bbccfe21200b90771a01f9ee7454f4ecb119
CRs-Fixed: 2990355
Return success when firmware doesn't support 11k offload, or else
subsequent roaming related wmi commands have no chance to issue.
Change-Id: I69d55cca63f2b7ab4787295a2825159395cf2a11
CRs-Fixed: 2976163
Existing INI disable_4way_hs_offload is defined as a boolean
that controls the EAPOL Handshake to be offloaded to Firmware or
Not. There is no way to specify the EAPOL offload per AKM.
Hence extended the support of EAPOL handshake offload to firmware
per AKM by converting this INI to a bitmap integer.
With ini value as 0 by default Firmware takes care of 4-way HS
during roam for all AKMs except for SAE and OWE. If
this ini value is 1 then Host takes care of EAPOL for all AKMs.
Having the backward compatibility, added a new value to ini.
If this ini value is set to 2 and also if the SAE EAPOL offload
service bit is set by Firmware then the behavior is same as ini
with 0 except that Firmware takes care of 4-way HS for SAE roam
as well. And for OWE it is still handled by supplicant.
To achieve this, new roam offload flag is introduced to indicate
Firmware about SAE roam EAPOL offload, So that in Roam sync
indication Firmware will inform the status as connected but not
authenticated so that supplicant can take care of 4-way EAPOL HS.
Change-Id: I8b65a1768fad91fac7e427712d3ccf4586176f5f
CRs-Fixed: 2955029
Since new rso ROAM_OFFLOAD_V1 path is enabled, remove
the old rso path code for cm/wmi roam related files.
Change-Id: Iec350f032c3e037204f560199d4a6e258ac02688
CRs-Fixed: 2810145
Roaming between different PMF option APs has following issues:
1. Roaming between Optional -> Disabled -> Optional
When STA roam to optional, PMF is set to False from STA in reassoc
request and all management pkt not secured.
2. Roaming between Required -> Disabled -> Required
STA not able to find candidate AP when tried to roam to AP with PMF
Required.
Root cause: When LFR3 roam happens, vdev_crypto_params will be reset
including rsn_caps 11w PMF, if new AP hasn't enabled PMF, vdev rsn_caps
11w PMF is disabled too, and passed to F/W. Then F/W think DUT STA
doesn'tsupport PMF, then failed to roam to AP with PMF Required and
enabled.
Fix:
Get self-capability of 11w PMF from connected profile and pass to F/W in
WMI_ROAM_SCAN_MODE by wmi_fill_rso_tlvs after roaming.
Move target_if_cm_roam_fill_11w_params to csr_cm_roam_fill_11w_params,
put protocol part to csr connection manager.
Change-Id: I543799385ec8c0ec7afdf64e2310c24758305095
CRs-Fixed: 2807454
