1 2 #include "wifi_hal.h" 3 4 #ifndef __WIFI_HAL_GSCAN_H__ 5 #define __WIFI_HAL_GSCAN_H__ 6 7 /* AP Scans */ 8 9 typedef enum { 10 WIFI_BAND_UNSPECIFIED, 11 WIFI_BAND_BG = 1, // 2.4 GHz 12 WIFI_BAND_A = 2, // 5 GHz without DFS 13 WIFI_BAND_A_DFS = 4, // 5 GHz DFS only 14 WIFI_BAND_A_WITH_DFS = 6, // 5 GHz with DFS 15 WIFI_BAND_ABG = 3, // 2.4 GHz + 5 GHz; no DFS 16 WIFI_BAND_ABG_WITH_DFS = 7, // 2.4 GHz + 5 GHz with DFS 17 } wifi_band; 18 19 const unsigned MAX_CHANNELS = 16; 20 const unsigned MAX_BUCKETS = 16; 21 const unsigned MAX_HOTLIST_APS = 128; 22 const unsigned MAX_SIGNIFICANT_CHANGE_APS = 64; 23 const unsigned MAX_PNO_SSID = 64; 24 const unsigned MAX_HOTLIST_SSID = 8; 25 const unsigned MAX_BLACKLIST_BSSID = 16; 26 const unsigned MAX_AP_CACHE_PER_SCAN = 32; 27 28 wifi_error wifi_get_valid_channels(wifi_interface_handle handle, 29 int band, int max_channels, wifi_channel *channels, int *num_channels); 30 31 typedef struct { 32 int max_scan_cache_size; // total space allocated for scan (in bytes) 33 int max_scan_buckets; // maximum number of channel buckets 34 int max_ap_cache_per_scan; // maximum number of APs that can be stored per scan 35 int max_rssi_sample_size; // number of RSSI samples used for averaging RSSI 36 int max_scan_reporting_threshold; // max possible report_threshold as described 37 // in wifi_scan_cmd_params 38 int max_hotlist_bssids; // maximum number of entries for hotlist BSSIDs 39 int max_hotlist_ssids; // maximum number of entries for hotlist SSIDs 40 int max_significant_wifi_change_aps; // maximum number of entries for 41 // significant wifi change APs 42 int max_bssid_history_entries; // number of BSSID/RSSI entries that device can hold 43 int max_number_epno_networks; // max number of epno entries 44 int max_number_epno_networks_by_ssid; // max number of epno entries if ssid is specified, 45 // that is, epno entries for which an exact match is 46 // required, or entries corresponding to hidden ssids 47 int max_number_of_white_listed_ssid; // max number of white listed SSIDs, M target is 2 to 4 48 } wifi_gscan_capabilities; 49 50 wifi_error wifi_get_gscan_capabilities(wifi_interface_handle handle, 51 wifi_gscan_capabilities *capabilities); 52 53 typedef enum { 54 WIFI_SCAN_BUFFER_FULL, 55 WIFI_SCAN_COMPLETE, 56 } wifi_scan_event; 57 58 59 /* Format of information elements found in the beacon */ 60 typedef struct { 61 byte id; // element identifier 62 byte len; // number of bytes to follow 63 byte data[]; 64 } wifi_information_element; 65 66 typedef struct { 67 wifi_timestamp ts; // time since boot (in microsecond) when the result was 68 // retrieved 69 char ssid[32+1]; // null terminated 70 mac_addr bssid; 71 wifi_channel channel; // channel frequency in MHz 72 wifi_rssi rssi; // in db 73 wifi_timespan rtt; // in nanoseconds 74 wifi_timespan rtt_sd; // standard deviation in rtt 75 unsigned short beacon_period; // period advertised in the beacon 76 unsigned short capability; // capabilities advertised in the beacon 77 unsigned int ie_length; // size of the ie_data blob 78 char ie_data[1]; // blob of all the information elements found in the 79 // beacon; this data should be a packed list of 80 // wifi_information_element objects, one after the other. 81 // other fields 82 } wifi_scan_result; 83 84 typedef struct { 85 /* reported when report_threshold is reached in scan cache */ 86 void (*on_scan_results_available) (wifi_request_id id, unsigned num_results_available); 87 88 /* reported when each probe response is received, if report_events 89 * enabled in wifi_scan_cmd_params */ 90 void (*on_full_scan_result) (wifi_request_id id, wifi_scan_result *result); 91 92 /* optional event - indicates progress of scanning statemachine */ 93 void (*on_scan_event) (wifi_scan_event event, unsigned status); 94 95 } wifi_scan_result_handler; 96 97 typedef struct { 98 wifi_channel channel; // frequency 99 int dwellTimeMs; // dwell time hint 100 int passive; // 0 => active, 1 => passive scan; ignored for DFS 101 /* Add channel class */ 102 } wifi_scan_channel_spec; 103 104 #define REPORT_EVENTS_BUFFER_FULL 0 105 #define REPORT_EVENTS_EACH_SCAN 1 106 #define REPORT_EVENTS_FULL_RESULTS 2 107 #define REPORT_EVENTS_NO_BATCH 4 108 109 typedef struct { 110 int bucket; // bucket index, 0 based 111 wifi_band band; // when UNSPECIFIED, use channel list 112 int period; // desired period, in millisecond; if this is too 113 // low, the firmware should choose to generate results as 114 // fast as it can instead of failing the command. 115 // for exponential backoff bucket this is the min_period 116 /* report_events semantics - 117 * This is a bit field; which defines following bits - 118 * REPORT_EVENTS_BUFFER_FULL => report only when scan history is % full 119 * REPORT_EVENTS_EACH_SCAN => report a scan completion event after scan 120 * REPORT_EVENTS_FULL_RESULTS => forward scan results (beacons/probe responses + IEs) 121 * in real time to HAL, in addition to completion events 122 * Note: To keep backward compatibility, fire completion 123 * events regardless of REPORT_EVENTS_EACH_SCAN. 124 * REPORT_EVENTS_NO_BATCH => controls batching, 0 => batching, 1 => no batching 125 */ 126 byte report_events; 127 int max_period; // if max_period is non zero or different than period, then this bucket is 128 // an exponential backoff bucket and the scan period will grow exponentially 129 // as per formula: actual_period(N) = period ^ (N/(step_count+1)) 130 // to a maximum period of max_period 131 int exponent; // for exponential back off bucket: multiplier: new_period=old_period*exponent 132 int step_count; // for exponential back off bucket, number of scans performed at a given 133 // period and until the exponent is applied 134 135 int num_channels; 136 // channels to scan; these may include DFS channels 137 // Note that a given channel may appear in multiple buckets 138 wifi_scan_channel_spec channels[MAX_CHANNELS]; 139 } wifi_scan_bucket_spec; 140 141 typedef struct { 142 int base_period; // base timer period in ms 143 int max_ap_per_scan; // number of APs to store in each scan ientryn the 144 // BSSID/RSSI history buffer (keep the highest RSSI APs) 145 int report_threshold_percent; // in %, when scan buffer is this much full, wake up AP 146 int report_threshold_num_scans; // in number of scans, wake up AP after these many scans 147 int num_buckets; 148 wifi_scan_bucket_spec buckets[MAX_BUCKETS]; 149 } wifi_scan_cmd_params; 150 151 /* Start periodic GSCAN */ 152 wifi_error wifi_start_gscan(wifi_request_id id, wifi_interface_handle iface, 153 wifi_scan_cmd_params params, wifi_scan_result_handler handler); 154 155 /* Stop periodic GSCAN */ 156 wifi_error wifi_stop_gscan(wifi_request_id id, wifi_interface_handle iface); 157 158 typedef enum { 159 WIFI_SCAN_FLAG_INTERRUPTED = 1 // Indicates that scan results are not complete because 160 // probes were not sent on some channels 161 } wifi_scan_flags; 162 163 /* Get the GSCAN cached scan results */ 164 typedef struct { 165 int scan_id; // a unique identifier for the scan unit 166 int flags; // a bitmask with additional 167 // information about scan 168 int num_results; // number of bssids retrieved by the scan 169 wifi_scan_result results[MAX_AP_CACHE_PER_SCAN]; // scan results - one for each bssid 170 } wifi_cached_scan_results; 171 172 wifi_error wifi_get_cached_gscan_results(wifi_interface_handle iface, byte flush, 173 int max, wifi_cached_scan_results *results, int *num); 174 175 /* BSSID Hotlist */ 176 typedef struct { 177 void (*on_hotlist_ap_found)(wifi_request_id id, 178 unsigned num_results, wifi_scan_result *results); 179 void (*on_hotlist_ap_lost)(wifi_request_id id, 180 unsigned num_results, wifi_scan_result *results); 181 } wifi_hotlist_ap_found_handler; 182 183 typedef struct { 184 mac_addr bssid; // AP BSSID 185 wifi_rssi low; // low threshold 186 wifi_rssi high; // high threshold 187 } ap_threshold_param; 188 189 typedef struct { 190 int lost_ap_sample_size; 191 int num_bssid; // number of hotlist APs 192 ap_threshold_param ap[MAX_HOTLIST_APS]; // hotlist APs 193 } wifi_bssid_hotlist_params; 194 195 /* Set the BSSID Hotlist */ 196 wifi_error wifi_set_bssid_hotlist(wifi_request_id id, wifi_interface_handle iface, 197 wifi_bssid_hotlist_params params, wifi_hotlist_ap_found_handler handler); 198 199 /* Clear the BSSID Hotlist */ 200 wifi_error wifi_reset_bssid_hotlist(wifi_request_id id, wifi_interface_handle iface); 201 202 /* SSID Hotlist */ 203 typedef struct { 204 void (*on_hotlist_ssid_found)(wifi_request_id id, 205 unsigned num_results, wifi_scan_result *results); 206 void (*on_hotlist_ssid_lost)(wifi_request_id id, 207 unsigned num_results, wifi_scan_result *results); 208 } wifi_hotlist_ssid_handler; 209 210 typedef struct { 211 char ssid[32+1]; // SSID 212 wifi_band band; // band for this set of threshold params 213 wifi_rssi low; // low threshold 214 wifi_rssi high; // high threshold 215 } ssid_threshold_param; 216 217 typedef struct { 218 int lost_ssid_sample_size; 219 int num_ssid; // number of hotlist SSIDs 220 ssid_threshold_param ssid[MAX_HOTLIST_SSID]; // hotlist SSIDs 221 } wifi_ssid_hotlist_params; 222 223 224 /* Set the SSID Hotlist */ 225 wifi_error wifi_set_ssid_hotlist(wifi_request_id id, wifi_interface_handle iface, 226 wifi_ssid_hotlist_params params, wifi_hotlist_ssid_handler handler); 227 228 /* Clear the SSID Hotlist */ 229 wifi_error wifi_reset_ssid_hotlist(wifi_request_id id, wifi_interface_handle iface); 230 231 232 /* BSSID blacklist */ 233 typedef struct { 234 int num_bssid; // number of blacklisted BSSIDs 235 mac_addr bssids[MAX_BLACKLIST_BSSID]; // blacklisted BSSIDs 236 } wifi_bssid_params; 237 238 /* Set the BSSID blacklist */ 239 wifi_error wifi_set_bssid_blacklist(wifi_request_id id, wifi_interface_handle iface, 240 wifi_bssid_params params); 241 242 243 /* Significant wifi change */ 244 typedef struct { 245 mac_addr bssid; // BSSID 246 wifi_channel channel; // channel frequency in MHz 247 int num_rssi; // number of rssi samples 248 wifi_rssi rssi[]; // RSSI history in db 249 } wifi_significant_change_result; 250 251 typedef struct { 252 void (*on_significant_change)(wifi_request_id id, 253 unsigned num_results, wifi_significant_change_result **results); 254 } wifi_significant_change_handler; 255 256 // The sample size parameters in the wifi_significant_change_params structure 257 // represent the number of occurence of a g-scan where the BSSID was seen and RSSI was 258 // collected for that BSSID, or, the BSSID was expected to be seen and didn't. 259 // for instance: lost_ap_sample_size : number of time a g-scan was performed on the 260 // channel the BSSID was seen last, and the BSSID was not seen during those g-scans 261 typedef struct { 262 int rssi_sample_size; // number of samples for averaging RSSI 263 int lost_ap_sample_size; // number of samples to confirm AP loss 264 int min_breaching; // number of APs breaching threshold 265 int num_bssid; // max 64 266 ap_threshold_param ap[MAX_SIGNIFICANT_CHANGE_APS]; 267 } wifi_significant_change_params; 268 269 /* Set the Signifcant AP change list */ 270 wifi_error wifi_set_significant_change_handler(wifi_request_id id, wifi_interface_handle iface, 271 wifi_significant_change_params params, wifi_significant_change_handler handler); 272 273 /* Clear the Signifcant AP change list */ 274 wifi_error wifi_reset_significant_change_handler(wifi_request_id id, wifi_interface_handle iface); 275 276 /* Random MAC OUI for PNO */ 277 wifi_error wifi_set_scanning_mac_oui(wifi_interface_handle handle, oui scan_oui); 278 279 // Whether directed scan needs to be performed (for hidden SSIDs) 280 #define WIFI_PNO_FLAG_DIRECTED_SCAN = 1 281 // Whether PNO event shall be triggered if the network is found on A band 282 #define WIFI_PNO_FLAG_A_BAND = 2 283 // Whether PNO event shall be triggered if the network is found on G band 284 #define WIFI_PNO_FLAG_G_BAND = 4 285 // Whether strict matching is required (i.e. firmware shall not match on the entire SSID) 286 #define WIFI_PNO_FLAG_STRICT_MATCH = 8 287 288 // Code for matching the beacon AUTH IE - additional codes TBD 289 #define WIFI_PNO_AUTH_CODE_OPEN 1 // open 290 #define WIFI_PNO_AUTH_CODE_PSK 2 // WPA_PSK or WPA2PSK 291 #define WIFI_PNO_AUTH_CODE_EAPOL 4 // any EAPOL 292 293 // Enhanced PNO: 294 // Enhanced PNO feature is expected to be enabled all of the time (e.g. screen lit) and may thus 295 // requires firmware to store a large number of networks, covering the whole list of known network. 296 // Therefore, it is acceptable for firmware to store a crc24, crc32 or other short hash of the SSID, 297 // such that a low but non-zero probability of collision exist. With that scheme it should be 298 // possible for firmware to keep an entry as small as 4 bytes for each pno network. 299 // For instance, a firmware pn0 entry can be implemented in the form of: 300 // PNO ENTRY = crc24(3 bytes) | RSSI_THRESHOLD>>3 (5 bits) | auth flags(3 bits) 301 // 302 // A PNO network shall be reported once, that is, once a network is reported by firmware 303 // its entry shall be marked as "done" until framework calls wifi_set_epno_list again. 304 // Calling wifi_set_epno_list shall reset the "done" status of pno networks in firmware. 305 typedef struct { 306 char ssid[32+1]; 307 byte rssi_threshold; // threshold for considering this SSID as found, required granularity for 308 // this threshold is 4dBm to 8dBm 309 byte flags; // WIFI_PNO_FLAG_XXX 310 byte auth_bit_field; // auth bit field for matching WPA IE 311 } wifi_epno_network; 312 313 /* PNO list */ 314 typedef struct { 315 int num_networks; // number of SSIDs 316 wifi_epno_network networks[]; // PNO networks 317 } wifi_epno_params; 318 319 typedef struct { 320 // on results 321 void (*on_network_found)(wifi_request_id id, 322 unsigned num_results, wifi_scan_result *results); 323 } wifi_epno_handler; 324 325 326 /* Set the PNO list */ 327 wifi_error wifi_set_epno_list(wifi_request_id id, wifi_interface_handle iface, 328 int num_networks, wifi_epno_network *networks, wifi_epno_handler handler); 329 330 331 /* SSID white list */ 332 /* Note that this feature requires firmware to be able to indicate to kernel sme and wpa_supplicant 333 * that the SSID of the network has changed 334 * and thus requires further changed in cfg80211 stack, for instance, 335 * the below function would change: 336 337 void __cfg80211_roamed(struct wireless_dev *wdev, 338 struct cfg80211_bss *bss, 339 const u8 *req_ie, size_t req_ie_len, 340 const u8 *resp_ie, size_t resp_ie_len) 341 * when firmware roam to a new SSID the corresponding link layer stats info need to be updated: 342 struct wifi_interface_link_layer_info; 343 */ 344 typedef struct { 345 char ssid[32+1]; // null terminated 346 } wifi_ssid; 347 348 wifi_error wifi_set_ssid_white_list(wifi_request_id id, wifi_interface_handle iface, 349 int num_networks, wifi_ssid *ssids); 350 351 /* Set G-SCAN roam parameters */ 352 /** 353 * Firmware roaming is implemented with two modes: 354 * 1- "Alert" mode roaming, (Note: alert roaming is the pre-L roaming, whereas firmware is 355 * "urgently" hunting for another BSSID because the RSSI is low, or because many successive 356 * beacons have been lost or other bad link conditions). 357 * 2- "Lazy" mode, where firmware is hunting for a better BSSID or white listed SSID even though 358 * the RSSI of the link is good. 359 * Lazy mode is configured thru G-scan, that is, the results of G-scans are compared to the 360 * current RSSI and fed thru the roaming engine. 361 * Lazy scan will be enabled (and or throttled down by reducing the number of G-scans) by 362 * framework only in certain conditions, such as: 363 * - no real time (VO/VI) traffic at the interface 364 * - low packet rate for BE/BK packets a the interface 365 * - system conditions (screen lit/dark) etc... 366 * 367 * For consistency, the roam parameters will always be configured by framework such that: 368 * 369 * condition 1- A_band_boost_threshold >= (alert_roam_rssi_trigger + 10) 370 * This condition ensures that Lazy roam doesn't cause the device to roam to a 5GHz BSSID whose RSSI 371 * is lower than the alert threshold, which would consequently trigger a roam to a low RSSI BSSID, 372 * hence triggering alert mode roaming. 373 * In other words, in alert mode, the A_band parameters may safely be ignored by WiFi chipset. 374 * 375 * condition 2- A_band_boost_threshold > A_band_penalty_factor 376 * 377 */ 378 379 /** 380 * Example: 381 * A_band_boost_threshold = -65 382 * A_band_penalty_threshold = -75 383 * A_band_boost_factor = 4 384 * A_band_penalty_factor = 2 385 * A_band_max_boost = 50 386 * 387 * a 5GHz RSSI value is transformed as below: 388 * -20 -> -20+ 50 = 30 389 * -60 -> -60 + 4 * (-60 - A_band_boost_threshold) = -60 + 16 = -44 390 * -70 -> -70 391 * -80 -> -80 - 2 * (A_band_penalty_threshold - (-80)) = -80 - 10 = -90 392 */ 393 394 typedef struct { 395 // Lazy roam parameters 396 // A_band_XX parameters are applied to 5GHz BSSIDs when comparing with a 2.4GHz BSSID 397 // they may not be applied when comparing two 5GHz BSSIDs 398 int A_band_boost_threshold; // RSSI threshold above which 5GHz RSSI is favored 399 int A_band_penalty_threshold; // RSSI threshold below which 5GHz RSSI is penalized 400 int A_band_boost_factor; // factor by which 5GHz RSSI is boosted 401 // boost=RSSI_measured-5GHz_boost_threshold)*5GHz_boost_factor 402 int A_band_penalty_factor; // factor by which 5GHz RSSI is penalized 403 // penalty=(5GHz_penalty_factor-RSSI_measured)*5GHz_penalty_factor 404 int A_band_max_boost; // maximum boost that can be applied to a 5GHz RSSI 405 406 // Hysteresis: ensuring the currently associated BSSID is favored 407 // so as to prevent ping-pong situations 408 int lazy_roam_hysteresis; // boost applied to current BSSID 409 410 // Alert mode enable, i.e. configuring when firmware enters alert mode 411 int alert_roam_rssi_trigger; // RSSI below which "Alert" roam is enabled 412 } wifi_roam_params; 413 414 wifi_error wifi_set_gscan_roam_params(wifi_request_id id, wifi_interface_handle iface, 415 wifi_roam_params * params); 416 417 /** 418 * Enable/Disable "Lazy" roam 419 */ 420 wifi_error wifi_enable_lazy_roam(wifi_request_id id, wifi_interface_handle iface, int enable); 421 422 /** 423 * Per BSSID preference 424 */ 425 typedef struct { 426 mac_addr bssid; 427 int rssi_modifier; // modifier applied to the RSSI of the BSSID for the purpose of comparing 428 // it with other roam candidate 429 } wifi_bssid_preference; 430 431 wifi_error wifi_set_bssid_preference(wifi_request_id id, wifi_interface_handle iface, 432 int num_bssid, wifi_bssid_preference *prefs); 433 434 typedef struct { 435 int id; // identifier of this network block, report this in event 436 char realm[256]; // null terminated UTF8 encoded realm, 0 if unspecified 437 int64_t roamingConsortiumIds[16]; // roaming consortium ids to match, 0s if unspecified 438 byte plmn[3]; // mcc/mnc combination as per rules, 0s if unspecified 439 } wifi_passpoint_network; 440 441 typedef struct { 442 void (*on_passpoint_network_found)( 443 wifi_request_id id, 444 int net_id, // network block identifier for the matched network 445 wifi_scan_result *result, // scan result, with channel and beacon information 446 int anqp_len, // length of ANQP blob 447 byte *anqp // ANQP data, in the information_element format 448 ); 449 } wifi_passpoint_event_handler; 450 451 /* Sets a list for passpoint networks for PNO purposes; it should be matched 452 * against any passpoint networks (designated by Interworking element) found 453 * during regular PNO scan. */ 454 wifi_error wifi_set_passpoint_list(wifi_request_id id, wifi_interface_handle iface, int num, 455 wifi_passpoint_network *networks, wifi_passpoint_event_handler handler); 456 457 /* Reset passpoint network list - no Passpoint networks should be matched after this */ 458 wifi_error wifi_reset_passpoint_list(wifi_request_id id, wifi_interface_handle iface); 459 460 #endif 461 462