Add wmi layer support to get firmware roam scan statistics which includes
scoring of roam candidates, channels, old and new bssids etc.,
Change-Id: I3a0aafbe66d12eea40e71ceb4c7c3a60b9d6e04f
CRs-Fixed: 2203904
The function extract_pdev_utf_event_tlv, is called when the WMI
event WMI_PDEV_UTF_EVENTID is received. The event_buf
argument to it is fully FW controlled. There is an assumption
that the WMI message is at least the size of struct
wmi_host_utf_seg_header_info which could lead to OOB read issues
when a shorter message is sent.
Add fix to validate the event->datalen passed against
sizeof(struct wmi_host_utf_seg_header_info) before copying to
seg_hdr.
Change-Id: I1a8313f11013722edb601c009e59b1509fda3280
CRs-Fixed: 2305465
There is possible to read buffer overflow. Since it don't check number
of NOA descriptor when handling WMI_P2P_NOA_EVENTID.
Change-Id: I08fc3ac429bc19a8df7ac429fbe779fa3b227318
CRs-Fixed: 2307321
In wmi_unified_cmd_send() function, pass function name and
line number of caller and log the same in case of failure,
this approach helps to remove error logs in caller function
there by reducing text segment.
Change-Id: Ib70d55959087021c4495c175d5363375037afe00
CRs-Fixed: 2281983
In qdf_nbuf_alloc() function, pass function name and
line number of caller and log the same in case of failure,
this approach helps to remove error logs in caller function
there by reducing text segment.
Also add qdf_rl and qdf_rl_nofl_* macros.
Change-Id: Ib8ce83335807cfbd2d83d1f165d6bec1dc1e4c94
CRs-Fixed: 2281983
In wmi_buf_alloc() function, pass function name and
line number of caller and log the same in case of failure,
this approach helps to remove error logs in caller function
there by reducing text segment.
Also add wmi_nofl_* macros.
Change-Id: Ib1ac8bf2bbcefa7f0015aff2733d3dc4773b185d
CRs-Fixed: 2281983
P2P Listen offload is not a requirement for Genoa, hence featurize
P2P listen offload code to save memory foot-print for Genoa.
Change-Id: I3c32b4ee2b37421e49acee4bd20d36e7a8a3bf77
CRs-Fixed: 2304555
Read AC ID from the firmware event(ATF) received.
The AC ID sent by the firmware is used to (un)block
tx traffic with ATF enabled
Change-Id: I4efedea26495b262f1c55fab3a1fc2824e1509f7
CRs-Fixed: 2306297
1. Service ready ext includes a parameter for max
BSSID indicator.
2. Beacon template includes MBSSID IE offset.
3. Vdev create and up cmds include more parameters.
Change-Id: I71214eacdaa886725b7ea8f61db3a743ba6597e9
CRs-Fixed: 2306638
If RX mgmt frame is received with error decryption,
discard it in WMI layer earlier to prevent further
processing and introducing unexpected behavior, do this
for MCL only.
Change-Id: I3d0f0ca72ae497012f93f39739b727692098ba2d
CRs-Fixed: 2296371
Add TLV support for estimated airtime calculation.
Add support to send esp_ie_offset along with beacon template.
Change-Id: Ic70ad7df330674a10ac6051f96975aa928700ba3
CRs-Fixed: 2300339
In cases where the user wants to ignore the OUI and OUI data in the
INI, the OUI bit of info_presence field is set to 0. In such cases
the OUI length would be 0.
Do not send OUI to FW if info_presence OUI bit is not set.
Change-Id: Ib55ad0dbb917c01ac7a9b024d2ac6d6e9cc42d4a
CRs-Fixed: 2294624
Reduce log level for few prints to debug to avoid flooding
of prints to console.
Change-Id: I514585cc87d51ead15fb1f40d45f62023628d9bb
CRs-Fixed: 2296839
Add new WMI command to support WMM based ATF configuration.
The new WMI command sends the Access category ID and the
corresponding airtime allocation to the firmware.
Change-Id: I7a5fafa6190d779d0fef8982b7b781af54656b19
CRs-Fixed: 2293193
Change "qcacmn: Add revised extscan start hotlist monitor API" (Change
Id Ie705f2462c7d5befa691f1ab57293e55ab68e3e2) recently added a revised
"start hotlist" handler. The only known client of the existing
interface was converted to use the new interface with change
"qcacld-3.0: Refine the extscan start BSSID hotlist logic" (Change-Id
I4d9f982177bc61a751ba0e7437fe55482dfd2723) so remove the now obsolete
interface.
Change-Id: I6e43170daa3ed2d932f1f2fa6717ea230a37ea8b
CRs-Fixed: 2294278
pe sessionId should not be used as vdevId.Add
vdevId field to aggr_add_ts_param and use it
in wmi command.
Change-Id: Id021dda35a32f7870277d405c85a0878d7baa3f3
CRs-Fixed: 2293867
Clean up WMI component prints by correcting trace levels for
regularly occurring prints and removing newlines from converged
print APIs since qdf_trace_msg appends them by default.
Change-Id: Ie375e6fda2943f5f2b7287da4374ef9d7470d593
CRs-Fixed: 2243843
WMI_PEER_TWT_REQ and WMI_PEER_TWT_RESP flags are introduced in peer
flags sent to FW in PEER_ASSOC_CMD. Add corresponding flags in host
structure to indicate peer's support for TWT requester and TWT
responder.
Change-Id: Ic5edb594a95b255fe8ce1091d96c4d886b4d6170
CRs-Fixed: 2290026
Add WMI support for new 1x1 connect with 1 Tx/Rx Chain action OUI to be
parsed and sent to the FW.
Change-Id: I077eccb6fab0684d1bc0ec63745de728bfd1a868
CRs-Fixed: 2264328
Alter the wbuf length based on the scan_offset_time set in
the host to FW. This will avoid sending incorrect payload
to the FW.
Change-Id: I0033dcab7e38fe7f107180294cb3cbaaf0c9d45e
CRs-Fixed: 2134748
TWT delete, pause and resume command is upadted by FW to include peer
mac address. Update host implementation to include peer mac in these
commands. Also, resume command is updated to include next_twt_size.
Update resume command for the same.
Change-Id: Iec184d0449b06aaeb9bac558e8cb5322f867e12f
CRs-Fixed: 2279309
ba_window_size_valid and ba_window size support is missing
while sending wmi_peer_reorder_queue_setup. This is needed
for handing 256 BA which is not FW default.
Change-Id: I3218921c48c0f82225b7992076e73ac0acf7bd11
CRs-fixed: 2285423
There is an existing WMI command which is used to start the extscan
hotlist monitor, wmi_unified_get_buf_extscan_hotlist_cmd(), but this
API has multiple issues:
1) The "get_buf" in the name implies it retrieves something, but it
doesn't.
2) The full name is not a "mirror" of the companion function that
stops the monitor, wmi_unified_extscan_stop_hotlist_monitor_cmd().
3) The current function has an "int *buf_len" parameter that is unused.
To address these issue introduce a new function with "mirror" naming,
wmi_unified_extscan_start_hotlist_monitor_cmd(), which has an
appropriate parameter list.
It is expected that all clients of the existing API will be moved to
the new API, at which point the existing API can be removed.
Change-Id: Ie705f2462c7d5befa691f1ab57293e55ab68e3e2
CRs-Fixed: 2289368
Potential NULL pointer dereferences of wmi_handle are found in these
functions:
wmi_extract_dfs_cac_complete_event()
wmi_extract_dfs_radar_detection_event()
wmi_extract_reg_chan_list_update_event()
wmi_extract_reg_11d_new_cc_event()
wmi_extract_reg_ch_avoid_event()
Introduce wmi_handle NULL check in the above functions.
Change-Id: I30a842818dff400b8648293f65794ff382eb24e7
CRs-Fixed: 2286258
We are suspecting that peer_rx_reorder_queue_remove_cmd is causing
drop of ARP response frames from REO by the FW. This may cause drop of
ping packets.
Add a check in the function to detect if its being called.
Change-Id: I368aa8155830e8e6fadccfaf9ab5bfbfc8bfdd35
CRs-Fixed: 2254858
Currently the 'setratemask' command supports setting
the rate mask for upto MCS0-9 and NSS 4. Add 'lower32_2'
field in the ratemask_params struct to extend support
for the 'setratemask' command to set rate mask
for upto MCS0-11 and NSS 8.
Change-Id: I9c06ae238142dca37df9826ca34449dd34ee6782
CRs-fixed: 2251392
Add ini item to configure active dwell time of 2.4GHz band channels,
This will help to reduce AP search failure probability & hence
connection latency in 2.4GHz band channels especially in noisy
condition by increasing active dwell time.
Change-Id: I05259a8f1fd4a5c67da42e516721a01d32fa652e
CRs-Fixed: 2283692
Existing antenna gain command does not take odd antenna gain value that is
gains are not supported in steps of 0.5db. antenna_gain_half_db pdev
param provides this support. Added WMI and CDP changes to configure/read
this data.
CRs-Fixed: 2024854
Change-Id: I47da9eed74a1a0180cefb4c3f47bc4340da1bdfd
For a full explanation of the problem and phased solution refer to
"qcacmn: Clean up the extscan unified WMI (phase 1)", Change-Id
I11800361b572331cfada00fb7d518c314df20b43, in the qca-wifi-host-cmn
project.
For phase 2 (this change):
Replace all references of the badly named identifiers with references
to the properly named substitutes. Note that this phase may touch
multiple repos and may involve a number of separate changes.
Change-Id: Ie19d632faa50b23f18a2214a7b2502830ff3fbd3
CRs-Fixed: 2282767
Add WMI support to send action OUI extensions to firmware.
For STA interface, this feature is intended to control mode of connection,
connected AP's in-activity time, Tx rate etc.,
Change-Id: I6a0bc9d3f7f0d57805b872cae4baa1fe84fb8193
CRs-Fixed: 2254509
If SAR version 2 is not supported by firmware, then fallback to
default SAR version 1
Change-Id: Ibfbcfd7cf3f438f7cb46250c70221956ea54c7ca
CRs-Fixed: 2274447
Pass offset value to the Firmware to support split scanning
of total dwell time in smaller chunks. Offset passed is
calculated from TBTT.
Change-Id: I8114acd1147d468aa6471f672307d8ea0ec8611d
CRs-Fixed: 2134748
Currently the host sends the fixed gtk offload params
and the FILS TLV params, even when the FILS feature is disabled
in the host, which force firmware to pick the KEK from the
FILS TLV structure rather than from the fixed param structure,
which further leads to GTK re-keying feature fail.
Fix is to send only the fixed params in case when host doesnt
supports FILS.
Change-Id: I53a77257e716bf290a6f4bd62927020f073e2df6
CRs-Fixed: 2275938
WMI_VDEV_PARAM_SET_HE_SOUNDING_MODE provides the scope for host
to configure the sounding mode to (VHT or HE). It also provides
(SU or MU) and (Triggered or Non-Triggered) configurability.
Change-Id: Iac566383c5a6b6b3b402526afd2bfa4818f27bc5
CRs-Fixed: 2262752
Reduce log level of channel list logged as part
of roam scan offload command processing.
Change-Id: I8b37db9de94d8f399525255f7d073a6340a058f3
CRs-Fixed: 2271608
Add support for sending WMI command to firmware
to measure estimated airtime that a new client
will get and populate the result that firmware
returns in the ESP IE.
Change-Id: Ic5fcb11100ecd0597ba02dfa5512e2f4ff3558c9
CRs-Fixed: 2261469
WMI recording is done per pdev and hence an instance of
debugfs directory (eg: WMI0, WMI1, WMI2 for 3 radio boards)
has to be created in /sys/kernel/debug/ path.
The wmi handle is per pdev and hence is causing the problem of wmi_instance
being 0 always as each pdev has its own wmi_handle.
WMI1 and WMI2 debugfs directories are not created as wmi_instance
is always 0.
WMI debugfs directory is created for every pdev of the psoc and naming
convention is changed to WMI_SOCx_PDEVx.
Change-Id: Ieb7e9d072d84f699588a8f719508c5cd8d9873fb
CRs-Fixed: 2232472
Data len received in encrypt decrypt data response
is not validated against the max allowed size which
can result in buffer overflow.
Fix is to validate data len against max allowed size.
Change-Id: I69bd8e63014220e5a2f291e4a0b1914d10c79fd7
CRs-Fixed: 2226375
Add check for valid length before copying in function
extract_ndp_ind_tlv to avoid potential buffer overflow issue.
CRs-Fixed: 2271344
Change-Id: I2ddcbc46a45d4d5308b1e0cf663598c85512bbaf
Pdev parameter to prioritize IGMP packets are supported through
WMI_PDEV_PARAM_IGMPMLD_AC_OVERRIDE. In legacy platforms, they are
supported by different pdev parameters WMI_PDEV_PARAM_IGMPMLD_OVERRIDE
and WMI_PDEV_PARAM_IGMPMLD_TID.
Map host maintained pdev params wmi_pdev_param_igmpmld_override and
wmi_pdev_param_igmpmld_tid to WMI_PDEV_PARAM_IGMPMLD_AC_OVERRIDE since
this is the one supported by TLV based targets.
Change-Id: Ia11787265bd926f257dc1b028552c6e7f1f733d2
CRs-Fixed: 2272219
Worker thread WMI processing API has more broader use now. So make it
non-static.
CRs-Fixed: 2268243
Change-Id: Iae51e1115f5f3664d08c891e8a42d24bd3ef7bcf
Few WMI services are defined which are specific to newer WIN
platforms and are not supported for older platforms. Since the
code to check if service is enabled is common between the platforms,
we see prints quoting service is not supported on chipsets having
both new and old generation radios
Suppress these prints to a reduced trace level to avoid flooding.
Change-Id: I83140c8eec7cf337068fff60442b9d6684efd013
CRs-Fixed: 2261754
In the function __wlan_hdd_cfg80211_stats_ext_request,
data_len is recieved from vendor command and is passed ultimately
to send_stats_ext_req_cmd_tlv. In send_stats_ext_req_cmd_tlv, len
is calculated as sum of sizeof(*cmd), WMI_TLV_HDR_SIZE,
preq->request_data_len.The len is of type uint16_t
and adding sizeof(*cmd) + WMI_TLV_HDR_SIZE will cause a buffer
overflow.
Changed the datatype of len to size_t so that it doesn't overflow.
Change-Id: I6618042e3c60bbdb1ff5d833188f4bdb4832da7a
CRs-Fixed: 2243169
