Release 13 * Support enabling/disabling rts/cts. Not sure if this really works as hoped though. * Improved compiler options to build smaller sized binaries. * Sept 15, 2022: Fix per-peer txpower to not over-ride tpc when value is 0 (ie, not set yet). This in turn fixes TPC over-ride through the txo path. * April 4, 2023: Fix uninitialized minccapwr threshold variables, reported by Sebastian. Release 12 * Dec 13 2018: Fix ct-sta mode, it was not installing bcast keys properly. The symptom was MMIC failures among other things. * Dec 17 2018: The TSF is only allocated when a vdev goes UP, not started. But the beacon code was testing for 'STARTED'. This lets the beacon code hit an assert where tsf-id is not assigned for an AP. Fix this by checking for UP in most code. * Dec 17 2018: Attempt to fix live-lock related to cleaning up cached pfsched commands. This hopefully resolves problems with an earlier patch I made in this area to work around a different problem. * Dec 19 2018: Add check for null tid/peer/vdev in tx stat code. This could cause crashes because a peer can be deleted with pending frames in the tx queues, so the tx complete callbacks happen after peer object is gone. * Jan 2, 2019: Rebase patches to make 9980 bisectable. * Jan 2, 2019: Fix scheduling related assert when wal-peer is deleted with pending tx buffers (bug 54, and others) * Jan 7, 2019: Fix specifying retransmits for AMPDU frames. It was previously ignored since it is a 'software' retransmit instead of a hardware retransmit. * Jan 9 2019: Fix potential way to get zero rates selected (and then assert) * Jan 18 2019: pfsched has specific work-around to just return if we find invalid flags AND if we are in an out-of-order situation. Maybe this is last of the pfsched related issues (bug 54 and similar). * Jan 24 2019: The rcSibUpdate method can be called concurrently with IRQ tx-completion callback, and that could potentially allow the tx-completion callback to see invalid state and assert or otherwise mess up the rate-ctrl logic. So, disable IRQs in rcSibUpdate to prevent this. Related to bug 58. * Jan 28 2019: Ensure that cached config is applied to ratectrl objects when fetched from the cache. This should fix part of bug 58. * Jan 28 2019: Ensure that ratectrl objects from cachemgr are always initialized. This fixes another part of bug 58. * Jan 30 2019: Better use of temporary rate-ctrl object. Make sure it is initialized, simplify code path. This finishes up porting forward similar changes I made for wave-1 firmware long ago, and fixes another potential way to hit bug-58 issues. * Jan 30 2019: Cachemgr did not have a callback for when memory was logically freed. This means that peers could keep stale references to rate-ctrl objects that were in process of being DMA'd into to load a different peer's rate-ctrl state. This was causing the bugcheck logic to fail early and often, and I suspect it might be a root cause of bug 58 as well. The fix is to add a callback and set any 'deleted' memory references to NULL so that we cannot access it accidentally. Thanks to excellent logs and patience from the bug-58 reporter! * Feb 8, 2019: Fix rate-ctrl assert related to bad logic that tried to guess that lower bandwidth probes were automatically successful if higher was. The NSS mismatch that can happen here caused the assert. Just comment out the offending code (per comment from original QCA code). This is bug 69. * Feb 10, 2019: Fix bssid mis-alignment that broke 4-addr vlan mode (bug 67). Original buggy commit was commit 2bf89e70ecd1eaf8d1c70df7d32f99d1e1c47fe3 dev-ds: Better packing of wal_vdev struct. * Feb 27. 2019: Support up to 32 AP vdevs. Previous to this, stack would be corrupted if you went past 16 AP vdevs. * Feb 28, 2019: Support beacon-tx-wmi callback message. This lets driver properly clean up beacon buffers. In wave-1, this could crash the entire OS, but I didn't see the same crashes in wave-2, so maybe it is fixed in some other way. Add the feature regardless as it seems proper. * March 6, 2019: Fix tx-status in case of NO-ACK. Previously random garbage was returned. It is mostly a reporting issue as far as the host is concerned. * March 12, 2019: Fix crash when tearing down VI TID when pending frames exist. Could reproduce this while doing rmmod when VI traffic was flowing and PMF was enabled but broken. Bad luck could rarely cause it to happen in more normal config too. * March 12, 2019: Support offloading decrypt of PMF blockack frames to the host. This lets us do blockack with PMF and rx-sw-crypt. Normal hwcrypt scenarios would not need this. * March 22, 2019: Re-work problematic patch that attempted to fix transmit on non-QOS tids. It appears buggy in several ways, hopefully improved now. This was introduced last fall. See github bug 78. * March 28, 2019: Fix off-channel scanning while associated in proxy-station mode. * March 29, 2019: Fix sometimes sending mgt frames on wrong tid when using htt-mgt. This bug has been around since I first enabled htt-mgt mode. * April 8, 2019: When setting keys, if high bit of high value of key_rsc_counter is set to 0x1, then the lower 48 bits will be used as the PN value. By default, PN is set to 1 each time the key is set. * April 8, 2019: Pack PN into un-used 'excretries' aka 'num_pkt_loss_excess_retry' high 16 bits. This lets us report peer PN, but *only* if driver has previously set a PN when setting key. This is done so that we know the driver is recent enough to deal with the PN stat reporting. * April 16, 2019: Support specifying tx rate on a per-beacon packet. See ath10k_wmi_op_gen_beacon_dma and ath10k_convert_hw_rate_to_rate_info for API details. Driver needs additional work to actually enable this feature currently. * April 30, 2019 Compile out tx-prefetch caching logic. It is full of tricky bugs that cause tx hangs. I fixed at least one, but more remain and I have wasted too much time on this already. * May 9, 2019 Start rate-ctrl at mcs-3 instead of mcs-5. This significantly helps DHCP happen quickly, probably because the initial rate being too high would take a while to ramp down, especially since there are few packets sent by the time DHCP needs to start. This bug was triggered by me decreasing retries of 0x1e (upstream default) to 0x4. But, I think it is better to start with lower initial MCS instead of always having a very high retry count. * May 15, 2019 Fix problem where rate-ctrl sometimes used rix of 0x0. * May 15, 2019 Allow raw-tx of encrypted frame. Requires a patch to the driver to use raw mode when skb has WEP flag enabled AND skb is flagged to not be encrypted. Lightly tested. * May 16, 2019 Fix tx-hang that happened when rate-ctrl chose an OFDM rate for 20Mhz and sent that as AMPDU. To fix, limit to (V)HT rates if peer is (V)HT. It seems that MCS0 (V)HT20 should have as good of a chance of being detected as CCK or OFDM. * June 6, 2019 Disable TX-BFEE, TX-BFER for IBSS connections. I suspect this is part of the tx-hang issue seen with IBSS between two 9984 radios. * June 12, 2019 Fix rx-rate reporting in 'fw_stats' logic. This was at least partly due to regressions I had added earlier when working on some multi-vdev enhancements. * June 12, 2019 Fix case where extd peer-stats were not always populated. The stats gathering code did not handle error conditions well. * June 24, 2019 Start rate-ctrl at minimal values to help DHCP work better for far-away peers. * July 24, 2019 Fix old regression that made /a (and probably /b/g) perform poorly, at least on diet-compiled images. * Aug 8, 2019 Improve a/b/g rate-ctrl by damping the PER swings caused by the all-or-nothing logic of transmitting non-block-ack frames one at a time. * October 9, 2019: Fix rate-ctrl issue with 160Mhz. See bug https://github.com/greearb/ath10k-ct/issues/94 Thanks to swg0101 for doing detailed debugging to narrow down this issue. * October 15, 2019: Only send beacon tx completion events if we can detect CT driver is being used (based on ATH10k_USE_TXCOMPL_TXRATE2 | ATH10k_USE_TXCOMPL_TXRATE1 flags being set). This should help CT firmware work better on stock driver. * October 31, 2019: Compile out peer-ratecode-list-event. ath10k driver ignores the event. * November 1, 2019: Fix rate-ctrl related crash when nss and other things were changed while station stays associated. See bug: https://github.com/greearb/ath10k-ct/issues/96 * December 6, 2019: Fix 160Mhz problem caused by logic that did not take into account the fact that 160Mhz has only 1/2 of the NSS of lower bandwidths in the rate table. * December 13, 2019: Fix case where transmit power was at least sometimes not set properly. Bug was caused by bad patch merging it seems. * Jan 16, 2020: Fix crash that is probably related to AP rekey problem. * Jan 27, 2020: Fix rate-ctrl problem that broke xbox communication in some cases. Big thanks to Neil Aspinall for prompt and persistent bisecting! * April 24, 2020: Fix tids > 425, which caused pool to overflow uint16 bounds checks. Change bounds check to 32-bit numbers. * April 24, 2020: Tweak RAM usage so that 9888 diet + htt build can support 200 stations and 8 vdevs. * April 24, 2020: Tweak RAM usage so that 4019 diet + htt build can support 164 stations and 8 vdevs. * June 30, 2020: Enable building with qcache peer swapping enabled. Upstream QCA uses this option, though I had previously disabled it. Now images supporting this can be built again. * October 5, 2020: Fix some qcache mode bugs related to regression I had done some years ago. (comparing mac-addr in AST lookup, etc). More qcache bugs remain. Release 11 * Fix 80+80 mode to allow OFDM and some other lower rates. This fixes a crash and at least somewhat works, but not sure this mode is fully supported. * Improve rate-ctrl: The code uses timers to know when to probe higher rates, and when you have 20 active peers doing full speed transmit, a 75ms probe timer means about 20% of the frames are probe frames! So, scale up the probe timer a bit * Fix memory corruption related to pre-fetch sched structs being carelessly cast, exacerbated by changes I made last spring, but the code was potentially wrong even before that and in stock firmware. * The driver can set the software retry for agg and non-agg TIDs, but the ath10k driver doesn't ever actually do this currently. Change defaults in the firmware to do zero non-agg retries (hardware will still retry 4 times it seems), and default agg-retries to 4 instead of 16. I'm not sure if the firmware actually handles the agg-retries or not, possibly that is handled by upper layers anyway. * Do not software-retry host-generated non-mpdu frames. Previously, these could be retransmitted by software the maximum amount the tid supports. In addition, flag frames with NOACK if user specifies 0 retransmits. * Enable specifying per-packet tx-rate info. Requires modified driver, see ath10k_convert_hw_rate_to_rate_info in recent ath10k-ct driver. * Enable MFP feature flag. This fixes .11w performance since blockack can now work. * Disable building WREG feature. Let the host deal with regulatory domain issues as needed, no need to put extra logic in the firmware. Release 10 (April 11, 2018) * Fix an assert related to tx scheduling. This hopefully fixes what appears to be a regression that I added some time back. * Enable CSI reporting for 9984, and maybe 9888/9886. Only in non-trimmed builds. * Other stability improvements, including regression fixes from some tricky bugs introduced in earlier releases. * Allow compiling for IPQ4019 chipset. * Firmware will now send txbf frames to the host (driver) if the TXBF (0xF00000001) set-special feature is enabled, or when the radio is in monitor mode. But, if the frame is consumed by the txbf_cv logic, then the pkt cannot be delivered to the host in this manner. Instead, a WMI event will be sent and host can find the txbf_cv data in shared memory. See ath10k_wmi_event_txbf_cv_mesg() in ath10k-ct driver. * Support rx-all-mgt option. When enabled, the firmware will deliver all management frames that it can to the host. No RX filters are changed when this option is enabled. * Fix at least some problems with sending tx-beamforming frames to SU-MIMO peers. Looks like this was a regression in my code. * Fix a crash in rate-ctrl due to nss mismatch. This was something I introduced while trying to fix other bugs in rate-ctrl some time back. * Attempt to fix a sw-peer-key object leak in IBSS mode. The peer key code is very complex, and shares some pointers as union members. I think I fixed at least some of the issues, but would not be surprised if more exist. * Improve ath10k user guide to document CT firmware features: https://www.candelatech.com/ath10k-ug.php * Add ct-special option to configure the txbf sounding time. See ath10k-ug.php * Fix and allow the driver to tell the firmware to send sounding frames. See ath10k-ug.php In further testing, this seems to fail much of the time, and I am not sure why. Disabling this in diet (trimmed) builds. * Fix crashes related to deleting peers while they are in power-save mode. Reported by LEDE user on r7800 with 9984 NIC. * Make rate-ctrl txbf probe work better. If enabled, the rate-ctrl logic will periodically send out probes at an NSS that can to txbf. Previously, txbf probes would not reliably happen if both AP and peer had the same nss (ie, 2x2 talking to 2x2). To enable this feature, you need to enable the fwtest-cmdid number 20. * Report rx-timeout error counters. These were previously un-reported, though the field existed in the wmi struct already. * txbf: Ignore frames not destined for us. If NIC is in promisc mode, it could acquire and process NDPA frames that were not destined for it. Check the dest-MAC and ignore frames not for us (pass them up the stack for monitor mode instead of save them in the peer's rate-ctrl logic.) * Port ping-pong crash handling and othe related features to IPQ4019 target. It should now act similar to 9984 in this regard. * Fix a few asserts related to txbf and tx-seq logic. * Add custom-stats support, for rx-reorder-stats. Similar to what I did for wave-1. * Disable AMSDU for IBSS. This now matches what I did for peregrine. It seems to work better this way, though I did not debug it in detail. * Enable the set-special command to re-enable AMSDU for IBSS if user wants to experiment. * Fix bug where dbglog did not disable IRQs, so if you made dbglog messages from the IRQ handler, it could cause corruption that could crash the firmware and/or corrupt the log message buffers. * Don't assert if there are no buffer descriptors for RX of non-data frame. * Retry any stuck block-ack sessions every 20 seconds instead of just disabling BA for ever when we get too many failures. * Fix SGI flag when reporting tx-rate info. The flag moved since wave-1 days, and I did not notice that when I ported my changes forward to wave-2. * Allow disabling special CCA handling for IBSS txqs. Earlier testing indicated this might improve throughput in some testing on 9984 chips in IBSS mode, but subsequent testing looks about the same without it. Since I do not really understand what this setting exists for, leave it at upstream defaults. A new set-special API command (0x12) can be used to enable this hack for testing. Setting 0x1 bit disables special CCA handling for non-beacon IBSS txqs, setting 0x2 bit disables it for beacon queues as well. * When calculating the rx-address filter (affects ACK & BLOCK-ACK, among other things), to not add in monitor interfaces if other interfaces are up. There is no need for a monitor device to ACK frames. * Fix key leak in monitor mode. Release 9 (Sept 1, 2017) * Fix channel parsing for vht160 mode. Should be compatible with the way ath10k wants to do it, and hopefully doesn't break whatever driver wants to do it the new and weird way. * Disable WAR that ignored the driver setting opmode to 80Mhz on a NIC that supports 160Mhz. This WAR broke the ability for a station to configure itself to only 80Mhz on these chips. * Port forward rate-ctrl change from 10.1 CT firmware that will cache tx-status if the rate-ctrl object is not currently swapped in from the host memory. This keeps the rate-ctrl logic from getting stuck at low rates when using 30+ stations and fast UDP download to all of them. This is implemented a bit differently from 10.1, hopefully better. Might can backport that some day if desired. * Use the patch-allocram for 9888 target. This should save a bit of RAM, and gives good debugging hooks in case we need to go exploring. * Let driver configure larger max-amsdu (up to 31 is allowed). This improves tx rate somewhat when packets are small. * Probe requests logic had an un-initialized variable that could cause them to be sent at invalid tx rates. This was introduced by me some time ago. It is now fixed. * Allow compiling with gcc 4.7 and fix the many compile warnings it found. Most were probably not serious, but a few, especially for the 9888 target, might have caused buffer overflows and such. * Backport latest 3.4.71 firmware to this code base. * Compile out COEX code in diet builds in order to save memory. * Backport latest 3.4.82 firmware to this code base. * Fix some type-safety issues in WDS logic. Might fix WDS mode in CT firmware. * Comment out a line of code in wlan_vdev.c that came in with 3.4.71 and made multiple vdev performance with 9888 (at least) work poorly. * Modify firmware to not ask for txq prefetch for self-peers. It is useless, at best, since the driver has no idea about self-peers since the AST-add event is not sent to the driver, and thus will not be able to fetch anything. * The firmware tries to cache rate-ctrl objects in the host (driver) memory. But, with lots of active stations, this appears to cause constant cache swapping and in the end, rate-ctrl fails to work well at all. CT Firmware has lots of RAM savings, especially when using fewer than 64 vdevs, so allow users to configure more than the default of in-ram rate-ctrl objects. As long as firmware RAM is available, allocating as many rate-ctrl objects as possible (up to number of peers) is probably a good idea. Setting value to 0 means use firmware defaults. * Fix channel reservation logic. This has been broken for a long time in CT firmware, at least when using multiple station vdevs. Somehow, it mostly worked before, but the bug became appearant lately. Tracked it down and fixed it I did. * Fix key-setting bug that broke sending the EAPOL 2/4 in some cases. This was a bug I introduced some time back while trying to fix .11r and simplify the key handling logic. (Patch to wpa_supplicant fixed the race with sending the 4/4 and setting the key...un-patched supplicant will still have this race and the 4-way auth will not work as reliably.) * Increase amount of active-tids that can be scheduled. This fixes a tx-stall seen with many station vdevs. * Fix bug in upstream code that would cause the maximum peer to never be scheduled for tx. * Fix crash when some rate indices had zero available rates. This was seen when specifying that a station should only transmit on VHT-MCS 31 when peer was only a 3x3. Probably other ways of getting zero ratesets would also trigger this. * Inspect beacons, and wake a station vdev if we detect the AID in the beacon TIM IE. This fixes the case where you ping from AP to a power-save station and the station takes 10+ seconds to respond. * Fix 802.11s mesh interfaces, specifically beaconing was broken. And, there was a crash related to mesh when a monitor interface was the last vdev in the firmware. That is fixed as well. * Add wmi message to allow host to inspect txbf-cv data. Disabled by default, use the set-special API to enable. See 4.9 ath10k-ct driver for syntax. * Fix problem with mesh where ARPs could not be sent. This was due to the firmware tx-scheduler having boundary-condition errors when there was only peer-0 wanting to transmit. Possibly peer-0 would always have issues and it was only detected in the mesh test case? Release 8 * Backport 10.4.3.3.92 changes from upstream. * Fix regression I had added earlier in the beta series. Problem was regression in power-save logic due to some problems when I tried to consolidate lots of timers into one timer to save RAM. * Optimize for memory, especially the DIET (trimmed) builds. qboost and RTT are disabled in diet builds now. Neither seem that useful for normal wifi work, and qboost is not used by the ath10k driver at present anyway. * Consolidate and re-work block-ack to not need a timer per session. Instead use one timer and walk all sessions at expiry. Saves a nice bit of RAM, and is cleaner fix for a previously worked-around use-after-free timer crash bug, but hard to test properly. Please report any BA issues. * Diet build now supports 64-vdevs (128 sta, etc) on 9984 and 9886 hardware, 9980 supports 48 vdevs. * Allow compiling for 9886/9888 chipset. This NIC seems to work pretty well so far, tested on a 9886 NIC from Compex. * Auto-calculate the 'base' MAC address. This lets us create vdevs with a MAC address range differing from the 'real' MAC of the radio and still keep a tight BSSID-Filter mask. * Fix assert related to prefetch-sched logic when completion comes in after peer object was deleted and then quickly re-used. * set-special: Some: Many of the set-special options are not supported by 10.4 firmware. Setting THRESH62, NOISE_FLR_THRESH, MAX_TXPOWER, and MAX_PER_THR should work in previous releases. STA_TXBW_MASK, RIFS_ENABLE is not supported. PDEV_XRETRY_TH is not supported (or needed). WMI_WD is not supported (WMI WD is not enabled in 10.4 firmware) * Fix some crashes related to tx-callbacks in the firmware when deleting peer (and tid) objects. Release 7 * Fix regression that broke mu-mimo, among other things. MU-MIMO does not work with rxsw-crypt enabled, however. * Fix htt-mgt-tx for 4.5 and higher kernels. Problem was that mgt tid and non-pause tids were being converted to non-qos tid, which means that mgt frames were going onto the air with 10 bytes of junk on the end. This same bug might have make APs using this firmware not be able to associate with /a/b/g stations as well, but not certain of that. * Fix memory corruption relating to passing the wrong value to methods taking void pointers as context. While fixing this, convert several classes of void pointers into typed pointers so that the compiler can catch stupid mistakes. This was in core code, so both 9980 and 9984 will benefit. * Fix memory corruption in iq-cal logic for 9984 (and probably 9888 if I compile for that) chipsets. Basic problem was poor code quality causing buffer overflow in a structure located in SRAM storage. * Return stats when no vdevs are active. Seems this was a regression added to the firmware at some point. * Allow compiling out the peer-caching (swap to host) logic. It breaks use-case of having multiple STA vdevs connected to one AP, and I suspect it might be cause of instability in many station load test case. * Merge in upstream 10.4.3.3-25 code. * Enable compiling for 9984 chipset, fix some initial bugs (Initial release for 9984 CT firmware) * Fix, or at least work-around asserts in rate-ctrl code with TCP download test. * Lots more tweaks to rate-ctrl logic. * Fix regression bug with htt-mgt and OPEN APs. Release 6 * Fix regression bug that broke encryption. * Tested with 36 station vdevs. * Disable WMI keepalive timer. It was not actually working properly and was crashing due to calling a function-pointer that was NULL. Can properly re-enable it later if it turns out wave-2 firmware/hardware actually has WMI hang issues. * Ensure key event is sent on error when AST is full. Saves 3-second timeout under RTNL lock in the driver in cases where not enough AST entries are allocated. * Pull in changes from the CNSS.BL.3.0.2-00068-S-1 release. * Fix NPE crash when removing vdev. Looks like frame completion logic was trying to access a just-freed peer object, and so it crashed. So, protect against NULL pointers in this case. * Fix several crashes related to removing peers, especially when deleting a partially created peer. * Fix more asserts related to running out of peer-key objects and similar. Release 5 * Fix AP mode. I had introduced a regression in the rx-filter concurrency logic in Release 4. In addition, there were some other bugs in AP mode when using htt-mgt that are resolved. * Ensure mgt frames use proper management rate in htt-mgt mode. This significantly improves the ability to associate. This had not worked properly since the introduction of htt-mgt logic. Images compiled without htt-mgt would not have had this bug. * Support CT Ratemask feature (ability to disable any rate or set of rates). Release 4 * Fix IBSS + STA concurrent use. It mostly worked, but needed to remove some asserts that seemed overly restrictive. * Fix ANQP queries to APs with which the station is not currently connected. The station will now use the bss-peer if actual peer is unknown. This changes some behaviour for how mgt frames to unknown peers is handled. This appears good for ANQP/GAS, but possibly there are other test cases where the old logic was needed? * Return temperature for the 4 ADC units in the register-dump stats. * Fix TID mapping: When host requests one of the special TIDS, such as HTT_DATA_TX_EXT_TID_NON_QOS_MCAST_BCAST, then the firmware should NOT attempt to re-map this to AC/TID. Instead, pass it unchanged into the lower code. This lets null-func packets go out as truly non-qos frames instead of turning them into QoS best-effort frames and then letting block-ack work (or not, or at least not fast enough, in my testing). May require host patch to set the TID to HTT_DATA_TX_EXT_TID_NON_QOS_MCAST_BCAST as needed to make good use of this firmware. This change only affects station mode. * Allow over-riding thresh62_ext. The other 'special' cmd IDs involving CTS timing have not been implemented yet. * Enable CT Management-over-HTT firmware variants. These are *NOT* compatible with stock drivers. You must use this patch or something similar for the 'htt-mgt' firmware to work. http://dmz2.candelatech.com/git/gitweb.cgi?p=linux-4.0.dev.y/.git;a=commitdiff;h=56d57560d68da5d9a5ec266c0d9bc6f2ad8a2f44;hp=abd3ee5c4d297e56b854864624152f5704c5df20 Stock 10.4 has somewhat similar HTT mgt API already, so this is mostly to be compatible with earlier firmware and to make sure all frames go through the same code path instead of using the MGT specific packet-transmit API that stock firmware uses. * Allow monitor mode to receive 'Association Request', block-ack action frames, nodata frames, TYPE-CTL frames. Previously, these were not delivered to the WMI interface, and the kernel driver is configured to drop mgmt frames in the normal RX htt datapath, so host never saw them. This makes sniffing with ath10k a lot more useful. When no monitor devices are active, the firmware reverts to the previous behaviour. I guess the idea is that this is an optimization and keeps some un-needed frames off the host. * Enable setting noise-floor-threshold and min-cca-power. If set, this will over ride the defaults, including eeprom (though firmware ignores these settings in the eeprom anyway.) Don't mess with this unless you understand the consequences. But, if set properly, noise-floor-threshold tweaking may fix ETSI CCA adapatibility test failures. * Allow disabling firmware-added legacy, HT and VHT related IEs in probe requests. The host can do a better job of adding these, and this keeps there from being duplicated IEs in probe requests. Requires kernel patch to take advantage of these new features. NOTE: Flags values changed from 10.1 FW since 10.4 stole the bits I was using. * Ensure that off-channel packets sent on 5Ghz band do not use CCK encoding rates (which are only valid on 2.4Ghz band). This fixes at least one problem with ANQP queries to APs on the 5Ghz band. * vdev-up logic was resetting the mcast/bcast and non-data rate-ctrl codes to default values. This over-rode any settings that the driver may have previously set, breaking the driver's ability to properly specify rates. So, a check has been added so that if the driver has set the mcast rate before the vdev-up command happens, then the mcast, bcast, and non-date rate control settings are not modified. It is assumed that if the driver is setting mcast rate, then it is also setting the rest. The Candela kernel driver patches do this at least. In additiona, add the off-channel fixup logic for mcast/bcast frames as well, just in case those can be sent as off-channel frames. * Allow setting a global maximum tx-power. This is to allow a user to be as sure as possible that the hardware will never transmit above thsi power level. See CT kernels for a patch that enables setting this value: http://dmz2.candelatech.com/?p=linux-3.17.dev.y/.git;a=commitdiff;h=fd488b42eb008c27e4dba07c5df615b95235d8e0 * NOT-YET: Allow tuning the g_rc_rate_max_per_thr value. This rate-ctrl tunable defaults to 50, and some reports indicate that setting this to a higher value (70, for instance), may make performance better in a crouded RF environment. * Remove EAPOL M1, M4 snooping. This logic attempted to stop any DATA frames from being transmitted until the M4 was successfully sent (for STA, IBSS), and until the M1 had been sent for AP mode. This was breaking 802.11r roaming because the 4-way is only done at the initial connection, not on subsequent roams. If the host/driver allows data frames before encryption keys are set, then possibly this opens up a race where un-encrypted frames could hit the air. Linux, at least, will not send in-appropriate send frames to an un-authorized peer, so my change should be safe on Linux. Possibly other OS's might have issues. * Compile out some tx-descriptor debugging in the hot path. I have never seen this code find any bugs, so I'm assuming it is not needed. * Add 'no-beacon-miss-ct' feature flag for 'diet' builds. This lets the host know that beacon-miss is not enabled so it can let mac80211 handle the beacon miss. * When a user used a scan request that needed more than 5 buffers (many bssids, for instance) the scan logic ran out of local mgt buffers and then just failed to send more frames. Instead, use it's (now fixed) delay-time logic to wait a bit and send the rest of the frames 5ms or so later. * Fix use-after free with the 'ps_timer'. This caused us to crash after deleting a vdev (and after first creating several vdevs, which makes ps_timer start to run). * Support advanced pool-mgr memory poisoning and timer debugging. This will likely be compiled into specific images since it bloats the code and uses too much CPU cycles for normal production use. * Fix using DBGLOG logic from IRQ and timer context. * Optimize timer usage in vdevs by using a single timer and checking all vdevs 10 times per second. This saves quite a bit of RAM, and should not cause any significant degradation of timer-related services & features. * Debug and work-around appearant 'va_arg' bug in the firmware. Was more of a bother than anything, probably it does not cause any real harm except to confuse debugging efforts. * Support up to 36 station vdevs (more testing is needed of course, but I could associate this many in a quick test.) * Fix IBSS mode when using wave-2 mu-mimo adapter on both sides. Release 3 * Enable Software RX-Crypt. This allows one to disable the RX hardware crypt, allowing the firmware to pass un-decrypted frames to the driver. The driver/host will then be able to do rx-software-crypt. This is needed to have more than one station vdev connected to the same AP when using encryption (The HW decrypt logic gets confused by the peer hash collision, so it will not work.) This feature is probably only useful for test-equipment manufacturers. Firmware binaries built with this feature are NOT free to use...you must first get an agreement with Candela Technologies. * Fix off-by-one in station-kickout code. * Fix several use-after-free bugs (tx-sched logic, blockack, resmgr) found by memory-poisoning. * Fix use of unitialized PPDU descriptor memory, found by memory-poisoning. * Gracefully recover if sent bad block-ack frames. I've no proof, but this *might* protect against some malicious attack involving sending un-expected blockack frames to an ath10k device. * Optimize RAM, IRAM and SRAM usage to allow more vdevs, peers, etc. * Support dumping a few registers and firmware state through the stats API. This brings the feature set up to match the 10.1 CT firmware. * Don't send PEER_UNMAP event for self peers. * Allow host to configure for up to 64 vdevs (in practice, the limit is around 32 currently.) * Compile out the profiling logic. * Fix beacon logic to deal with more than 32 vdevs (only the first 32 can use beacons.) * Allow flushing all vdevs, peers, tids with a single WMI command. * Allow disabling Wake on Wlan, but it is compiled out of 10.4 firmware by default anyway. * Fix potential buffer-overflow in whalini code. * Allow driver to crash firmware with null-pointer read to better debug crash recover in the driver. * Allow not reserving the channel on vdev start. This speeds up association when we know we are already on the proper channel (due to another vdev being active there, for instance.) * Add NO_BMISS_CT feature flag to builds that compile out the beacon-miss logic. This lets the driver know that it should ask mac80211 to handle beacon loss. * Fix crash I introduced earlier related to htt-tx status. * Add debugging around heap-realloc code. It should now just assert if heap re-alloc fails. Calling code was not checking, so I want to run with this debugging enabled for a while to make sure we are not over-running the heap. * Verify IBSS/ADHOC works. Tested bi-directional between another Peregrine ath10k and got about 150Mbps UDP traffic in each direction, so it seems stable. * Added IBSS AMSDU work-around for Peregrine chips, but I did NOT enable this for wave-2 NICs yet. I need to verify the bug still exists by testing wave2 <-> wave2 IBSS traffic, and do not yet have enough hardware set up to do that test. * More concurrency cleanup so we have the bulk of the rx-filter configuration in a single place. Release 2 * Fix problem where the NIC would hang instead of quickly crash if the firmware accessed bad memory (ie, read from a NULL pointer). I also fixed the decode tool to provide useful backtraces in this case, and made the dbglog buffers readable after a crash. * Rebase against upstream version CNSS.BL.3.0.2-00056-S-1 * The diet build now disables SWBMISS code, verbose debugging (including pktlog). With this disabled, PRINTF logic in firmware can now be enabled, but it did not help so far with the NULL dereference problem. * Fix some issues with 'make clean' type logic so that we can easily script builds. * Enable tx-rate reporting. This requires kernel driver patches. * Do not hard-code the vdev count to 17 (or 8, depending). Instead, just use the value the host requests. * Ensure 'key-add' WMI command always gets an answer, even if the operation failed. Without this patch, the host may wait up to 3 seconds and then timeout if key-add fails. With driver patches, the key-add failure can be noticed as well. * Add ability to read crash registers and debug-logs using the 'pingpong' method. This often works in case of bad CE/AXI related crash. Requires driver patches. * Significant re-write of the concurrency logic in order to handle various vdev better. * Support multiple station vdevs attaching to the same AP peer. Good for testing, probably not very useful for anything else. Known issues: Release 1