There is an API to get the scan aging time,
but there in no API to set the scan aging time
and can be configured through INI.
Add API to set the scan aging time run time.
CRs-Fixed: 2894428
Change-Id: Ide2b2eec780dd7ff07ebd783b0916a68c0e94a2c
Update default values of INI items to most commonly used values
in WCNSS_qcom_cfg.ini file on commercial devices.
Change-Id: Ie3a4ce2cbf4bc2352d5ebc5be939a47818a6d594
CRs-Fixed: 2874759
Currently there is no mechanism in driver to decide whether
to consider the user configured number of sched scan plan or
to configure only 1 schad scan plan.
There is a requirement to configure only one sched scan plan,
add ini support to meet this requiremet.
Change-Id: Iea3bc3f18696837150ce6f4bd60416a8a45bd1d3
CRs-Fixed: 2868125
util_scan_copy_beacon_data copies beacon and updates ie
pointers for the cache entry. However, two of the ie pointers
listed below are not updated:
1) hecap_6g - pointer to he 6ghz cap ie.
2) srp - pointer to spatial reuse parameter sub extended ie.
These non updated pointers will cause use after free issues
if the parent scan entry is freed.
Update ie pointers for hecap_6g and srp.
Change-Id: I6d0a6129941e3dc1267404a4191ab368c013a102
CRs-Fixed: 2862607
Reading extcaps from the scan entry currently checks if the byte
to be accessed is less than the length of the IE. Following this,
it will attempt to access the extcap IE using the requested byte
as the index.
Avoid accessing the extcap IE if the byte is greater than one less
than the ie_len (since indexing starts from zero).
CRs-Fixed: 2856212
Change-Id: Ie357edcd6095570c05871af657381c287e92504e
During ie parse from beacon/probe response, the variable
tbtt_count and tbtt_length in util_scan_parse_rnr_ie() getting
read from ie and the value is not checked before using it which
may cause out of bound read issue
Validate tbtt_count and tbtt_length before using it
Change-Id: I51cfb2356fb16feda8a70c4b76c7f76c90b1393b
CRs-Fixed: 2836205
Currently, 6g channels are sorted based on the weightage of each
channel. Frequencies are sorted but the flags associated to each
channel are not updated properly. So, channels carry invalid
flags to firmware and firmware may miss to scan few 6g channels
based on these flags and may scan few 6g channels unnecessarily.
Copy flags also while sorting frequencies to maintain the flags
of each channel as it is.
Also, change the type of phymode to enum scan_phy_mode
from uint32_t.
Change-Id: I0a2330faab1b738f2d7eff3d39ccbfffd51dfde0
CRs-Fixed: 2840029
Declare a TPE pointer to store the TPE IE in the scan cache ie list.
Write a function to obtain the TPE IE stored in the scan cache ie list.
Declare a minimum TPE IE length as 2 Bytes and use that to check the
sanity of the received TPE IE before storing it. Discard the TPE IE if the
length check fails.
Change-Id: If5b06604b03d07dd5fb26a62f90fb7202ce4eff0
CRs-Fixed: 2826300
Scan entry fails if any coruppted IEs are present
Introduced new ini parameters to enable scan based on ie
corruption. If ini parameter is enable then scan module skips
all IEs following coruppted IEs and adds scan entry without
completely dropping the frame. Otherwise if ini parameter is
disable then scan entry fails on corrupted ie.
Change-Id: If17b68448dd3e6ac3e98ed854ed67d7f16d9dff7
CRs-Fixed: 2806932
Add logic to
- Check if connect req freq is 6Ghz and security
is not allowed for 6Ghz, reject connect.
- Ignore 6Ghz APs if connect req security is invalid
for 6Ghz
Also added user config key_mgmt_mask_6ghz mask
to allow specific AKMs, by default all are allowed.
Add added user config check_6Ghz_security to enable
security checks as per spec.
Change-Id: I37518731faa4de67a49853e5ac544efa3b3ce1d6
CRs-Fixed: 2813013
Below optimizations can help to improve 6g scan,
1. RNR-only: Consider only 6g RNR(PSC and non-PSC) channels found
while scanning 2g and 5g bands, as the 6g APs are likely to
present in RNR channels.
2. Duty cycle: There is a chance to miss the standalone 6g APs as
they don't advertise RNR IEs. So, instead of optimizing all
scan requests, we can consider to do a full scan with duty
cycle(n) where optimization is skipped for every nth full scan.
The full scan requests 1 to n-1 are going to be optimized as
per RNR-only policy.
Driver shall maintain a scan count to track the full scans and
decides whether to optimize the scan (scan count 1 to n-1) or
send it as it is(scan count n) to firmware.
Change-Id: I35b31e900b74dbcd7791f4c2fcfe87b3c629758b
CRs-Fixed: 2806409
Add the below values to scan_mode_6ghz enum,
1. SCAN_MODE_6G_RNR_ONLY: Scan the channels (PSC and non-PSC)
found in RNR-IEs while scanning 2g and 5g bands. Host fills
all PSC and non-PSC channels in the scan request and set the
flag FLAG_SCAN_ONLY_IF_RNR_FOUND for each channel.
2. SCAN_MODE_6G_PSC_DUTY_CYCLE: Scan the complete PSC channel
list for every duty cycle. For every duty cycle scan, host
fills all 6g channels and sets the flag
FLAG_SCAN_ONLY_IF_RNR_FOUND only for non-PSC channels. Rest
of the scans will be done only on RNR channels(PSC and non-PSC).
3. SCAN_MODE_6G_ALL_DUTY_CYCLE: Scan the complete 6g(PSC and
non-PSC) channel list for every duty cycle. For every duty
cycle scan, host fills all 6g channels and doesn't set
the flag FLAG_SCAN_ONLY_IF_RNR_FOUND for any 6g
channel(PSC/non-PSC). Rest of the scans will be done only
on RNR(PSC/non-PSC) channels.
Change the default ini value to PSC_DUTY_CYCLE.
Change-Id: I73bc08d973bd57dbe2ba6644c3842da9ce850cec
CRs-Fixed: 2806406
Introduce scan_mode_6ghz_duty_cycle ini parameter.
It disables full scan optimization after every default value
provided in ini and forward scan request as it is to firmware
without optimization.
Change-Id: I68c1f79432ae646157be94241a779af8189c3c8c
CRs-Fixed: 2801797
Userspace/framework tracks last few days(e.g: 10 days) history of
connected APs and maintains best 10 channels out of that list by
considering multiple parameters like scoring, location etc.
It's likely to find an AP in one of these channels when a scan issued.
So, framework issues first scan request with a maximum of 10 channels
in the below cases currently,
1. When the wifi is turned on
2. When the wifi is in disconnected state and user turns on the screen.
Host driver shouldn't add any more channels to this scan request as
it's expected to complete the scan as soon as possible to connect
quickly to the known APs. Don't add 6g RNR channels also in the
scan request.
Further scans from framework would be full scans or with list a
of channels(more than 10) and RNR channels can be added to them.
Also, don't add all 6g channels if userspace hasn't given any as
the current framework/kernels are matured enough decide whether to
issue scan with 6g channels or not. RNR channels can be added as
mentioned. Remove SCAN_MODE_6G_NO_OPERATION as it's not needed
anymore with this.
Also, 6ghz scan functionality gets enahanced depending on various
requirements. This can be moved to a separate file so that core
scan_manager.c file won't be bloated with new code.
Change-Id: I1800a3e95e438720f94d8eec3544023cab16b081
CRs-Fixed: 2805900
Adds wlan_scan_get_scan_id, wlan_scan_init_default_params,
wlan_scan_register_requester and wlan_scan_unregister_requester
APIs to use from non-osif component, as ucfg_* API should only
be used from OSIF.
Change-Id: Ia90313030e853c957ca85e47ff2b67097490ef87
CRs-Fixed: 2791549
Currently, there is no provision for dynamic dwell time control in 6G.
Update existing driver commands SETDWELLTIME and GETDWELLTIME to
support 6G.
Change-Id: Id284097e300f3ed45557ebe7ea2287e0da9a485b
CRs-Fixed: 2789720
Currently for STA mode, depending on the scan_mode_6g ini value
driver will remove or add 6g channels to scan req, due to which
in some cases, scan is taking more time to complete.
Fix is to add new value to enum scan_mode_6g, when scan_mode_6g
ini value set to SCAN_MODE_6G_NO_OPERATION driver will not
modify the channel list.
Change-Id: I5b6891f142b54f4fa2fe6e9a75bf5fbd2e5f3adc
CRs-Fixed: 2783911
Adds rsn cap info in scan entry security info, to get the
rsn caps directly from scan entry without need of parsing
RSN IE again.
Change-Id: Ideeb0780841a70fda94d8580dbb025d162716d06
CRs-Fixed: 2786586
Move RSNXE IE parsing to crypto module and add entry of RSNXE IE in
util_scan_copy_beacon_data() so that a copy of RSNXE IE remains in
scan entry cache and doesn't get free on scan result update.
Change-Id: I792c8636d7e1f21c6291158188ab2c1d241151ec
CRs-Fixed: 2780832
SAE Public Key (SAE-PK) authentication is an extension of SAE. Host adds
support for SAE-PK APs roam score which host uses to select AP for initial
connection and roaming.
User configures SAE-PK APs weightage using INI "sae_pk_ap_weightage".
Change-Id: I9066c483188bcbf01e3ffbcc4c57f04e1a9129f1
CRs-Fixed: 2769373
Adds wlan_scan_start and wlan_scan_cancel public APIs to use
from non-osif component, as ucfg_* API should only be used from
OSIF.
Change-Id: If603e49a57641dba26163454bce12327660b20fd
CRs-Fixed: 2773612
Add support to filter APs based on dot11mode such
as connect only 11N/11AC/11AX capable APs.
Change-Id: I0046c726d944dd08453c19086282e32d0599ddac
CRs-Fixed: 2769979
Add change to move the existing filter params bool datatypes
into bitfields and also add new filter type to filter candidate
with channel marked as DFS hit.
Change-Id: I4aa5d7342cf7880da20c35eebd99fc72a71b58be
CRs-Fixed: 2746157
Currently, vendor scan request is enqueued in the scan queue first and
then posted into the scheduler queue. Now if there is an SSR in between,
then scan request will be freed twice. Once in SSR context and again
in the caller context because scan scheduling fails due to user disabled
the scan.
To resolve this, post the scan request in scheduler queue first. Once
scan request scheduling is success, then enqueue the scan request in
scan queue. This approach can lead to a race condition like after
scheduling scan request, host may get scan response from firmware even
before the scan request is queued. To avoid this race, scan request
scheduling and enqueue should be protected by scan_req_q_lock.
Change-Id: Ic26da0181fb9a902a8a4abb8f68d9fc668f1b3f2
CRs-Fixed: 2714495
In the TBTT info of RNR, one byte is added for power
spectral density. Add logic to get the PSD limit.
Change-Id: I7ce44a762c47d0d0526157fcb41a80ad3ef3c08e
CRs-Fixed: 2731433
Remove unused filter params from scan filter. Also
change the type of few, to decrease the memory required.
Change-Id: I3f86d416805174b56c8998f5a4a4723d9ebdd90b
CRs-Fixed: 2723220
Add new scan type SCAN_FOR_CONNECT to support connection manager
infrastructure.
CRs-Fixed: 2713772
Change-Id: I631f3f0324e82ef6cd8b2befbed020649c80bc4c
There are different version of SSID structure used in driver, replace
them with struct wlan_ssid.
Also move struct element_info from scan module to generic structures.
Change-Id: Ia32f82d943980c23b4ff478f5a06c5c053036de5
CRs-Fixed: 2721872
Kernel reject the beacon/probe resp frame with invalid channel in
DS,HT info and HE IE, but same frame is added in the scan cache
and when mlme refer this frame, connect issues are seen due to
invalid channel.
Thus do not add the entry in scan cache.
Change-Id: Ib2891f95034b04be26c5feefed7c4354d8bb367a
CRs-Fixed: 2708975
In struct weight_config, "oce_subnet_id_weightage" added newly.
Station uses "oce_subnet_id_weightage" as one of the parameter for
selecting AP candidate during initial connection. Host sends
"oce_subnet_id_weightage" ini value to firmware over WMI command
WMI_ROAM_AP_PROFILE.
Add oce_subnet_id_weightage in scan object scoring param to calculate
weightage based on SUBNET ID and select candidate accordingly.
Change-Id: I6583f46f661eaefabbad858bc7fb34e37443ebae
CRs-Fixed: 2675924
Change max AP score limit from 100 to 200 and thus change
BEST_CANDIDATE_MAX_WEIGHT to 200 from 100.
Also remove duplicate sanity check, which is already done while
getting values from INI.
Change-Id: I4f87a00e90b7d5d829007d89cbf7cfd9b70fa4dc
CRs-Fixed: 2673980
The roam sequence in LFR-3.0 is roam scan start notification
from firmware followed by roam start indication and then
roam synch,roam synch frame events. Roam start is sent
after candidate selection and host driver will disable
queues when roam start is received.
But for emergency roam trigger, firmware sends roam start
indication directly without notifying roam scan start to disable
data path queues immediately after deauth received from the AP.
So roam start is received before roam scan is started at firmware
and before candidate selection is done.
After roam start notification, host sends scan abort for all scan
on vdev by setting scan command request type to
WMI_SCN_STOP_VAP_ALL. This results in roam scan getting aborted at
firmare in emergency deauth roaming case and roaming fails.
Introduce new vdev id value based on which the scan module will
abort only host triggered scans setting the flag
WMI_SCN_STOP_HOST_VAP_ALL in the scan request.
Change-Id: I3a162c55d4a008ff986fd957bed395b39c060bb5
CRs-Fixed: 2636410
The driver doesn't ageout connected BSS from rrm scan
result after the scan default ageout time. This results
in connected AP information sent in beacon report request
in table mode always.
Introduce scan api to get the scan age out time configured
from scan module. This value will be used as the threshold
in rrm scan filter.
Change-Id: Ib3981538faf179cff53936770f705d41922dca66
CRs-Fixed: 2650914
In struct weight_config, "oce_ap_tx_pwr_weightage" added newly.
Station uses "oce_ap_tx_pwr_weightage" as one of the parameter for
selecting AP candidate during initial connection. Host sends
"oce_ap_tx_pwr_weightage" ini value to firmware over WMI command
WMI_ROAM_AP_PROFILE.
Add oce_ap_tx_pwr_weightage in scan object scoring param to calculate
weightage based on AP tx power and select candidate accordingly.
Change-Id: I7f717e9cc398e8b9307f2f464f972b095c06364b
CRs-Fixed: 2647116
Currently QDF_MAX_NUM_CHAN and NUM_CHANNELS aren't aligned, this unalignment
may cause many potential OOB access. So replace QDF_MAX_NUM_CHAN with
NUM_CHANNELS to keep unified.
Change-Id: I7bf7829d776f7caf5b2afbd2c9fd0c20d608e630
CRs-Fixed: 2644073
The default value provided for the INI item
gScanProbeRepeatTime for WIN is 50 which is
beyond the specified INI range 0 and 30.
Changing the max value to 50 to accommodate
the default value used by the INI and avoid
warning while parsing INI values.
CRs-Fixed: 2633733
Change-Id: I442d07de55813c930b77e7dfffcdebf5372c5c0e
Populate RNR info during scan req instead of beacon
add/delete to avoid loop while holding scan db spin lock.
With loop spin lock can take more than 5ms, which can results
in asserts.
Change-Id: I4ba346b8dcbaf7da844f97195dbdd3003bdb234b
CRs-Fixed: 2640889
"WPA3-SAE Single PMK" is a feature by which STA can
complete SAE roaming to specific group of AP(s) using
single PMK. This is done with the help of advertising
vendor specific SAE single PMK IE in the beacon/probe.
When vendor specific sae single pmk IE (oui 0x00 40 96,
type 0x03) is present in the beacon/probe of AP then the
BSS supports WPA3-SAE roaming using Single PMK.
Add changes in scan module to parse the Vendor specific
SAE single PMK IE and copy it to the scan_entry ie_list.
Change-Id: I5b7096d1360c624ce1c47e56e8cad37adbdda1e3
CRs-Fixed: 2616099
Currently there is no support to dynamically set dwell time
for 2g channels.
Add support in existing command SETDWELLTIME to dynamically
configure dwell time for 2g channels.
Along with set, add support to get dwell time for 2g channels
with the existing driver command GETDWELLTIME.
Change-Id: I8a71e39338e7a81690140f50bc3c5ac7b0bd63eb
CRs-Fixed: 2620370
