root@(none):/lib/modules/5.4.52# hostapd /etc/hostapd.conf
[ 121.516593] br2: port 1(wlan0) entered blocking state
[ 121.516641] br2: port 1(wlan0) entered disabled state
[ 121.520874] device wlan0 entered promiscuous mode
wlan0: interface state UNINITIALIZED->COUNTRY_UPDATE
wlan0: interface state COUNTRY_UPDATE->HT_SCAN
[ 122.279103] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
wlan0: interface state HT_SCAN->ENABLED
wlan0: AP-ENABLED
[ 131.101551] ath11k c000000.wifi: bss channel survey timed out
[ 140.317552] ath11k c000000.wifi: bss channel survey timed out
1 Like
I have started a general IPQ807x thread here now we have a lot more of the HW working :
Should help get others with IPQ807x based HW startes 
2 Likes
Hi!
I managed to recompile the latest firmware (v67) using windows 10 linux subsystem.
I didn't lost SSH but I think the "phone home" stuff didn't work...
I don't see any changes in hosts, and I'm able to ping the sites that should be blocked.
Also the root password that I had set in v17 didn't change.
Could you help me? Can I run parts of the repack-squashfs.sh script in the router through SSH?
EDIT:
I was "following" the script line by line and cheking in the router if the changes were made, and besides roots password not changed (not a problem) I think this last step didn't work:
# as a last-ditch effort, change the *.miwifi.com hostnames to localhost
sed -i 's@\w\+.miwifi.com@localhost@g' $FSDIR/etc/config/miwifi
The current content of the file "/etc/config/miwifi" in the router is:
config miwifi 'server'
option API api.miwifi.com
option LOG log.miwifi.com
option S s.miwifi.com
option APP app.miwifi.com
option STUN stun.miwifi.com
option BROKER broker.miwifi.com
The Xiaomi AX3600 it's glorious and AX1800 it's almost so good, but smaller (charmy) and with half price.
I hope that IPQ6000 AX1800 it's not so different than IPQ8071 AX3600, so is there any chances to port AX1800 to openwrt in mid future too?
1 Like
Ipq6000 support for the kernel is still ver very VERY bad. I think the gcc (global clock controller) is not even approved upstream
2 Likes
Okay, so let's buy the big crab and soon put openwrt on it! Thanks!
Would a build from Qualcomm's Ipq6000 source be possible like there is for the AX3600?
Yeah the best you have in terms of ipq60xx support is in the QCOM staging tree .
1 Like
No it's not possible. Besides, squashfs is not some read-write fs, so there's no advantage to running it on-device.
Your root password and /etc/config/miwifi is on a separate partition. If that's not re-created or re-initialized on an upgrade, that means the router didn't perform an upgrade properly - likely flag_ota_reboot was not set.
A more accurate check for whether the firmware was modified is to see if files like /usr/sbin/otapredownload is zero-sized.
That's normal. The mod removes phone-home functionality from the router, not block off the manufacturer's servers. Otherwise users having Xiaomi IoT products would suddenly all not work.
1 Like
You may want to look at the QSDK source here:
https://source.codeaurora.org/quic/qsdk/oss/kernel/linux-msm/tree/?h=NHSS.QSDK.12.0.r2
It's for the 4.4 kernel, but it should be doable to make it work on 5.4 once the mechanics of the drivers are understood.
QSDK 12 appears to be the latest AFAIK.
2 Likes
Anybody have any idea?
root@OpenWrt:/sys/kernel/debug/ath11k/ipq8074 hw2.0/mac1/fw_stats# cat pdev_stat
s
[ 2172.830093] got wmi event id UPDATE STATS 0x1d004
[ 2638.929695] got wmi event id 0x1d004
ath11k PDEV stats
=================
Channel noise floor -96
Channel TX power 52
TX frame count 0
RX frame count 1396908160
RX clear count 9675200
Cycle count 3926238656
PHY error count 0
ath11k PDEV TX stats
====================
HTT cookies queued 0
HTT cookies disp. 0
MSDU queued 36
MPDU queued 36
MSDUs dropped 0
Local enqued 36
Local freed 36
HW queued 144
PPDUs reaped 144
Num underruns 0
PPDUs cleaned 0
MPDUs requed 0
Excessive retries 144
HW rate 0
Sched self triggers 144
Dropped due to SW retries 3
Illegal rate phy errors 56086580
PDEV continuous xretry 0
TX timeout 0
PDEV resets 0
Stateless TIDs alloc failures 0
PHY underrun 0
MPDU is more than txop limit 0
ath11k PDEV RX stats
====================
Mid PPDU route change 0
Tot. number of statuses 0
Extra frags on rings 0 36
Extra frags on rings 1 0
Extra frags on rings 2 36
Extra frags on rings 3 0
MSDUs delivered to HTT 0
MPDUs delivered to HTT 0
MSDUs delivered to stack 0
MPDUs delivered to stack 0
Oversized AMSUs 0
PHY errors 144
PHY errors drops 0
MPDU errors (FCS, MIC, ENC) 0
1 Like
The init cmd from qsdk:
Length = 85
CMD ID = 16001 WMI_REQUEST_STATS_CMDID
CMD TIME = [62.870026]
CMD = 4 0 dac3538c e2f9
CMD ID = 16001 WMI_REQUEST_STATS_CMDID
CMD TIME = [61.870022]
CMD = 4 0 dac3538c e2f9
CMD ID = 16001 WMI_REQUEST_STATS_CMDID
CMD TIME = [60.870026]
CMD = 4 0 dac3538c e2f9
CMD ID = 16001 WMI_REQUEST_STATS_CMDID
CMD TIME = [59.870025]
CMD = 4 0 dac3538c e2f9
CMD ID = 16001 WMI_REQUEST_STATS_CMDID
CMD TIME = [58.870026]
CMD = 4 0 dac3538c e2f9
CMD ID = 16001 WMI_REQUEST_STATS_CMDID
CMD TIME = [57.870023]
CMD = 4 0 dac3538c e2f9
CMD ID = 16001 WMI_REQUEST_STATS_CMDID
CMD TIME = [56.870024]
CMD = 4 0 dac3538c e2f9
CMD ID = 16001 WMI_REQUEST_STATS_CMDID
CMD TIME = [55.870027]
CMD = 4 0 dac3538c e2f9
CMD ID = 16001 WMI_REQUEST_STATS_CMDID
CMD TIME = [54.870032]
CMD = 4 0 dac3538c e2f9
CMD ID = 16001 WMI_REQUEST_STATS_CMDID
CMD TIME = [53.870025]
CMD = 4 0 dac3538c e2f9
CMD ID = 16001 WMI_REQUEST_STATS_CMDID
CMD TIME = [52.870024]
CMD = 4 0 dac3538c e2f9
CMD ID = 16001 WMI_REQUEST_STATS_CMDID
CMD TIME = [51.870021]
CMD = 4 0 dac3538c e2f9
CMD ID = 16001 WMI_REQUEST_STATS_CMDID
CMD TIME = [50.870027]
CMD = 4 0 dac3538c e2f9
CMD ID = 16001 WMI_REQUEST_STATS_CMDID
CMD TIME = [49.870019]
CMD = 4 0 dac3538c e2f9
CMD ID = 16001 WMI_REQUEST_STATS_CMDID
CMD TIME = [48.870025]
CMD = 4 0 dac3538c e2f9
CMD ID = 16001 WMI_REQUEST_STATS_CMDID
CMD TIME = [47.870026]
CMD = 4 0 dac3538c e2f9
CMD ID = 16001 WMI_REQUEST_STATS_CMDID
CMD TIME = [46.870060]
CMD = 4 0 dac3538c e2f9
CMD ID = 7003 WMI_BCN_TMPL_CMDID
CMD TIME = [45.887711]
CMD = 0 41 1ba 0
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [45.881643]
CMD = 0 19 10000003 0
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [45.877917]
CMD = 0 19 10000003 0
CMD ID = 2a003 WMI_OBSS_COLOR_COLLISION_DET_CONFIG_CMDID
CMD TIME = [45.874166]
CMD = 0 0 1 39
CMD ID = 5005 WMI_VDEV_UP_CMDID
CMD TIME = [45.874150]
CMD = 0 0 dac3538c e2f9
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [45.874142]
CMD = 0 3 64 0
CMD ID = 700b WMI_BCN_OFFLOAD_CTRL_CMDID
CMD TIME = [45.874131]
CMD = 0 2 0 101
CMD ID = 7003 WMI_BCN_TMPL_CMDID
CMD TIME = [45.874112]
CMD = 0 41 1ba 0
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [45.874068]
CMD = 0 2d 37d 0
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [45.873804]
CMD = 0 7 2 0
CMD ID = 500d WMI_VDEV_SET_WMM_PARAMS_CMDID
CMD TIME = [45.873777]
CMD = 0 c70018 f 3f
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [45.568353]
CMD = 0 21 1 0
CMD ID = 5009 WMI_VDEV_INSTALL_KEY_CMDID
CMD TIME = [45.568188]
CMD = 0 dac3538c e2f9 1
CMD ID = 4003 WMI_PDEV_SET_PARAM_CMDID
CMD TIME = [45.551466]
CMD = 1 24 0 80014
CMD ID = 4003 WMI_PDEV_SET_PARAM_CMDID
CMD TIME = [45.551459]
CMD = 1 bc 80 80014
CMD ID = 40001 WMI_PDEV_OBSS_PD_SPATIAL_REUSE_CMDID
CMD TIME = [45.551449]
CMD = 1 0 0 0
CMD ID = 5003 WMI_VDEV_START_REQUEST_CMDID
CMD TIME = [45.551432]
CMD = 0 0 64 1
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [45.551233]
CMD = 0 2f 1 80014
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [45.551204]
CMD = 0 1a 0 a326361
CMD ID = 4003 WMI_PDEV_SET_PARAM_CMDID
CMD TIME = [45.551191]
CMD = 1 24 0 0
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [45.551087]
CMD = 0 3 64 0
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [45.551057]
CMD = 0 d 1 0
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [45.512346]
CMD = 0 1a 0 0
CMD ID = 3a004 WMI_SET_INIT_COUNTRY_CMDID
CMD TIME = [42.349953]
CMD = 2 1 9c 0
CMD ID = 4003 WMI_PDEV_SET_PARAM_CMDID
CMD TIME = [41.607895]
CMD = 1 4 3c 0
CMD ID = 3001 WMI_START_SCAN_CMDID
CMD TIME = [41.450650]
CMD = a001 a005 0 3
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [41.293516]
CMD = 0 20 1 80014
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [41.084163]
CMD = 0 8002 1b 0
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [41.063648]
CMD = 0 8002 3b 0
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [41.044706]
CMD = 0 2d 37d 38
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [41.044677]
CMD = 0 2d 37d 80014
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [40.707877]
CMD = 0 f 0 0
CMD ID = 6001 WMI_PEER_CREATE_CMDID
CMD TIME = [40.355187]
CMD = 0 dac3538c e2f9 0
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [40.295340]
CMD = 0 87 1 0
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [40.288498]
CMD = 0 8002 7b 0
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [40.268101]
CMD = 0 7e 3 0
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [40.268085]
CMD = 0 1d 3 0
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [40.255117]
CMD = 0 1c 1 0
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [40.255101]
CMD = 0 d 1 12800005
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [40.255076]
CMD = 0 2a 12c 0
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [40.255069]
CMD = 0 29 127 0
CMD ID = 5008 WMI_VDEV_SET_PARAM_CMDID
CMD TIME = [40.255061]
CMD = 0 28 93 0
CMD ID = 1d010 WMI_ECHO_CMDID
CMD TIME = [40.255036]
CMD = 0 0 49c42cff 76c44f3b
CMD ID = 5001 WMI_VDEV_CREATE_CMDID
CMD TIME = [40.254932]
CMD = 0 1 0 dac3538c
CMD ID = 4003 WMI_PDEV_SET_PARAM_CMDID
CMD TIME = [39.664704]
CMD = 1 61 64 0
CMD ID = 4003 WMI_PDEV_SET_PARAM_CMDID
CMD TIME = [39.558548]
CMD = 1 5c 6 0
CMD ID = 4003 WMI_PDEV_SET_PARAM_CMDID
CMD TIME = [39.525680]
CMD = 1 5c 1 80014
CMD ID = 3003 WMI_SCAN_CHAN_LIST_CMDID
CMD TIME = [39.180876]
CMD = d 0 1 12016c
CMD ID = 3003 WMI_SCAN_CHAN_LIST_CMDID
CMD TIME = [39.166365]
CMD = d 0 1 12016c
CMD ID = 3a004 WMI_SET_INIT_COUNTRY_CMDID
CMD TIME = [39.161683]
CMD = 1 1 9c 0
CMD ID = 1d017 WMI_TRANSFER_DATA_TO_FLASH_CMDID
CMD TIME = [35.555486]
CMD = 1 1 64 2
CMD ID = 4003 WMI_PDEV_SET_PARAM_CMDID
CMD TIME = [35.554125]
CMD = 1 bc 80 0
CMD ID = a005 WMI_PDEV_DFS_PHYERR_OFFLOAD_ENABLE_CMDID
CMD TIME = [35.554075]
CMD = 0 ffff 70060 0
CMD ID = 4034 WMI_PDEV_WAL_POWER_DEBUG_CMDID
CMD TIME = [35.553065]
CMD = 1 1 53519000 0
CMD ID = 4034 WMI_PDEV_WAL_POWER_DEBUG_CMDID
CMD TIME = [35.552002]
CMD = 1 0 58702000 0
CMD ID = 3e001 WMI_TWT_ENABLE_CMDID
CMD TIME = [35.551162]
CMD = 1 1388 0 a
CMD ID = 3003 WMI_SCAN_CHAN_LIST_CMDID
CMD TIME = [35.509198]
CMD = 19 0 1 1202bc
CMD ID = 4021 WMI_PDEV_SET_MIMOGAIN_TABLE_CMDID
CMD TIME = [35.501848]
CMD = 1 3e8 1 1ba869c0
CMD ID = 4003 WMI_PDEV_SET_PARAM_CMDID
CMD TIME = [35.463710]
CMD = 1 a 1 0
CMD ID = 4003 WMI_PDEV_SET_PARAM_CMDID
CMD TIME = [35.463555]
CMD = 1 5b 1 2
CMD ID = 4003 WMI_PDEV_SET_PARAM_CMDID
CMD TIME = [35.352363]
CMD = 1 7 1 2
CMD ID = 4003 WMI_PDEV_SET_PARAM_CMDID
CMD TIME = [35.352356]
CMD = 1 60 7d0 0
CMD ID = 4003 WMI_PDEV_SET_PARAM_CMDID
CMD TIME = [35.352347]
CMD = 1 50 3001f40 72656874
CMD ID = 4003 WMI_PDEV_SET_PARAM_CMDID
CMD TIME = [35.352340]
CMD = 1 50 2001f40 72656874
CMD ID = 4003 WMI_PDEV_SET_PARAM_CMDID
CMD TIME = [35.352331]
CMD = 1 50 1001f40 1bb04f70
CMD ID = 4003 WMI_PDEV_SET_PARAM_CMDID
CMD TIME = [35.352306]
CMD = 1 50 1f40 10008
CMD ID = 1d010 WMI_THERMAL_MGMT_CMDID
CMD TIME = [35.222748]
CMD = 0 0 23ca52eb dba380e6
CMD ID = 1 WMI_INIT_CMDID
CMD TIME = [35.012296]
CMD = 1000000 2c2 5f414351 4c4d
The init cmd from ath11k:
root@OpenWrt:/# dmesg |grep wmi|grep cmdid
[ 8.143392] wmi cmdid 00000001 length 844
[ 8.416316] wmi cmdid 00004034 length 52
[ 8.418413] wmi cmdid 00004034 length 52
All i can think of is that we are missing some patches for ath11k.
Also we need to make use of the correct bdwlan.bin from stock (bdwlan.b292)
- remove board-2.bin from firmware
- add
bdwlan.b292to /lib/firmware/IPQ8074/bdwlan.bin
But i dont think that will fix the issues we are seeing, its probably just ath11k missing something.
I have tested the latest code from https://source.codeaurora.org/quic/qsdk/kvalo/ath/.
Don't know why the firmware recived so many frames but no interrupt.
Don't know what are these errors means
Illegal rate phy errors 56086580
In that case try with the correct bdwlan file from stock
How should I let the ath11k to load bdwlan?
I deleted board-2.bin and add bdwlan, but the ath11k will not load bdwlan.bin
ath11k checks for board-2.bin and if not found it will load bdwlan. See :
The function ath11k_core_fetch_board_data_api_1 should load bdwlan.bin
Edit ...
The file names are defined https://github.com/torvalds/linux/blob/master/drivers/net/wireless/ath/ath11k/hw.h#L77
ath11k_core_fetch_board_data_api_1will load board.bin, not bdwlan.
On master kernel its looks for :
in function
They have just renamed that file, see
So just copy bdwlan.b292 from stock to /lib/firmware/IPQ8074/board.bin