xref: /openbmc/linux/drivers/net/wireless/ath/ath10k/mac.c (revision c819e2cf)
1 /*
2  * Copyright (c) 2005-2011 Atheros Communications Inc.
3  * Copyright (c) 2011-2013 Qualcomm Atheros, Inc.
4  *
5  * Permission to use, copy, modify, and/or distribute this software for any
6  * purpose with or without fee is hereby granted, provided that the above
7  * copyright notice and this permission notice appear in all copies.
8  *
9  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16  */
17 
18 #include "mac.h"
19 
20 #include <net/mac80211.h>
21 #include <linux/etherdevice.h>
22 
23 #include "hif.h"
24 #include "core.h"
25 #include "debug.h"
26 #include "wmi.h"
27 #include "htt.h"
28 #include "txrx.h"
29 #include "testmode.h"
30 
31 /**********/
32 /* Crypto */
33 /**********/
34 
35 static int ath10k_send_key(struct ath10k_vif *arvif,
36 			   struct ieee80211_key_conf *key,
37 			   enum set_key_cmd cmd,
38 			   const u8 *macaddr)
39 {
40 	struct ath10k *ar = arvif->ar;
41 	struct wmi_vdev_install_key_arg arg = {
42 		.vdev_id = arvif->vdev_id,
43 		.key_idx = key->keyidx,
44 		.key_len = key->keylen,
45 		.key_data = key->key,
46 		.macaddr = macaddr,
47 	};
48 
49 	lockdep_assert_held(&arvif->ar->conf_mutex);
50 
51 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
52 		arg.key_flags = WMI_KEY_PAIRWISE;
53 	else
54 		arg.key_flags = WMI_KEY_GROUP;
55 
56 	switch (key->cipher) {
57 	case WLAN_CIPHER_SUITE_CCMP:
58 		arg.key_cipher = WMI_CIPHER_AES_CCM;
59 		if (arvif->vdev_type == WMI_VDEV_TYPE_AP)
60 			key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV_MGMT;
61 		else
62 			key->flags |= IEEE80211_KEY_FLAG_SW_MGMT_TX;
63 		break;
64 	case WLAN_CIPHER_SUITE_TKIP:
65 		arg.key_cipher = WMI_CIPHER_TKIP;
66 		arg.key_txmic_len = 8;
67 		arg.key_rxmic_len = 8;
68 		break;
69 	case WLAN_CIPHER_SUITE_WEP40:
70 	case WLAN_CIPHER_SUITE_WEP104:
71 		arg.key_cipher = WMI_CIPHER_WEP;
72 		/* AP/IBSS mode requires self-key to be groupwise
73 		 * Otherwise pairwise key must be set */
74 		if (memcmp(macaddr, arvif->vif->addr, ETH_ALEN))
75 			arg.key_flags = WMI_KEY_PAIRWISE;
76 		break;
77 	default:
78 		ath10k_warn(ar, "cipher %d is not supported\n", key->cipher);
79 		return -EOPNOTSUPP;
80 	}
81 
82 	if (cmd == DISABLE_KEY) {
83 		arg.key_cipher = WMI_CIPHER_NONE;
84 		arg.key_data = NULL;
85 	}
86 
87 	return ath10k_wmi_vdev_install_key(arvif->ar, &arg);
88 }
89 
90 static int ath10k_install_key(struct ath10k_vif *arvif,
91 			      struct ieee80211_key_conf *key,
92 			      enum set_key_cmd cmd,
93 			      const u8 *macaddr)
94 {
95 	struct ath10k *ar = arvif->ar;
96 	int ret;
97 
98 	lockdep_assert_held(&ar->conf_mutex);
99 
100 	reinit_completion(&ar->install_key_done);
101 
102 	ret = ath10k_send_key(arvif, key, cmd, macaddr);
103 	if (ret)
104 		return ret;
105 
106 	ret = wait_for_completion_timeout(&ar->install_key_done, 3*HZ);
107 	if (ret == 0)
108 		return -ETIMEDOUT;
109 
110 	return 0;
111 }
112 
113 static int ath10k_install_peer_wep_keys(struct ath10k_vif *arvif,
114 					const u8 *addr)
115 {
116 	struct ath10k *ar = arvif->ar;
117 	struct ath10k_peer *peer;
118 	int ret;
119 	int i;
120 
121 	lockdep_assert_held(&ar->conf_mutex);
122 
123 	spin_lock_bh(&ar->data_lock);
124 	peer = ath10k_peer_find(ar, arvif->vdev_id, addr);
125 	spin_unlock_bh(&ar->data_lock);
126 
127 	if (!peer)
128 		return -ENOENT;
129 
130 	for (i = 0; i < ARRAY_SIZE(arvif->wep_keys); i++) {
131 		if (arvif->wep_keys[i] == NULL)
132 			continue;
133 
134 		ret = ath10k_install_key(arvif, arvif->wep_keys[i], SET_KEY,
135 					 addr);
136 		if (ret)
137 			return ret;
138 
139 		spin_lock_bh(&ar->data_lock);
140 		peer->keys[i] = arvif->wep_keys[i];
141 		spin_unlock_bh(&ar->data_lock);
142 	}
143 
144 	return 0;
145 }
146 
147 static int ath10k_clear_peer_keys(struct ath10k_vif *arvif,
148 				  const u8 *addr)
149 {
150 	struct ath10k *ar = arvif->ar;
151 	struct ath10k_peer *peer;
152 	int first_errno = 0;
153 	int ret;
154 	int i;
155 
156 	lockdep_assert_held(&ar->conf_mutex);
157 
158 	spin_lock_bh(&ar->data_lock);
159 	peer = ath10k_peer_find(ar, arvif->vdev_id, addr);
160 	spin_unlock_bh(&ar->data_lock);
161 
162 	if (!peer)
163 		return -ENOENT;
164 
165 	for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
166 		if (peer->keys[i] == NULL)
167 			continue;
168 
169 		ret = ath10k_install_key(arvif, peer->keys[i],
170 					 DISABLE_KEY, addr);
171 		if (ret && first_errno == 0)
172 			first_errno = ret;
173 
174 		if (ret)
175 			ath10k_warn(ar, "failed to remove peer wep key %d: %d\n",
176 				    i, ret);
177 
178 		spin_lock_bh(&ar->data_lock);
179 		peer->keys[i] = NULL;
180 		spin_unlock_bh(&ar->data_lock);
181 	}
182 
183 	return first_errno;
184 }
185 
186 bool ath10k_mac_is_peer_wep_key_set(struct ath10k *ar, const u8 *addr,
187 				    u8 keyidx)
188 {
189 	struct ath10k_peer *peer;
190 	int i;
191 
192 	lockdep_assert_held(&ar->data_lock);
193 
194 	/* We don't know which vdev this peer belongs to,
195 	 * since WMI doesn't give us that information.
196 	 *
197 	 * FIXME: multi-bss needs to be handled.
198 	 */
199 	peer = ath10k_peer_find(ar, 0, addr);
200 	if (!peer)
201 		return false;
202 
203 	for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
204 		if (peer->keys[i] && peer->keys[i]->keyidx == keyidx)
205 			return true;
206 	}
207 
208 	return false;
209 }
210 
211 static int ath10k_clear_vdev_key(struct ath10k_vif *arvif,
212 				 struct ieee80211_key_conf *key)
213 {
214 	struct ath10k *ar = arvif->ar;
215 	struct ath10k_peer *peer;
216 	u8 addr[ETH_ALEN];
217 	int first_errno = 0;
218 	int ret;
219 	int i;
220 
221 	lockdep_assert_held(&ar->conf_mutex);
222 
223 	for (;;) {
224 		/* since ath10k_install_key we can't hold data_lock all the
225 		 * time, so we try to remove the keys incrementally */
226 		spin_lock_bh(&ar->data_lock);
227 		i = 0;
228 		list_for_each_entry(peer, &ar->peers, list) {
229 			for (i = 0; i < ARRAY_SIZE(peer->keys); i++) {
230 				if (peer->keys[i] == key) {
231 					ether_addr_copy(addr, peer->addr);
232 					peer->keys[i] = NULL;
233 					break;
234 				}
235 			}
236 
237 			if (i < ARRAY_SIZE(peer->keys))
238 				break;
239 		}
240 		spin_unlock_bh(&ar->data_lock);
241 
242 		if (i == ARRAY_SIZE(peer->keys))
243 			break;
244 
245 		ret = ath10k_install_key(arvif, key, DISABLE_KEY, addr);
246 		if (ret && first_errno == 0)
247 			first_errno = ret;
248 
249 		if (ret)
250 			ath10k_warn(ar, "failed to remove key for %pM: %d\n",
251 				    addr, ret);
252 	}
253 
254 	return first_errno;
255 }
256 
257 /*********************/
258 /* General utilities */
259 /*********************/
260 
261 static inline enum wmi_phy_mode
262 chan_to_phymode(const struct cfg80211_chan_def *chandef)
263 {
264 	enum wmi_phy_mode phymode = MODE_UNKNOWN;
265 
266 	switch (chandef->chan->band) {
267 	case IEEE80211_BAND_2GHZ:
268 		switch (chandef->width) {
269 		case NL80211_CHAN_WIDTH_20_NOHT:
270 			phymode = MODE_11G;
271 			break;
272 		case NL80211_CHAN_WIDTH_20:
273 			phymode = MODE_11NG_HT20;
274 			break;
275 		case NL80211_CHAN_WIDTH_40:
276 			phymode = MODE_11NG_HT40;
277 			break;
278 		case NL80211_CHAN_WIDTH_5:
279 		case NL80211_CHAN_WIDTH_10:
280 		case NL80211_CHAN_WIDTH_80:
281 		case NL80211_CHAN_WIDTH_80P80:
282 		case NL80211_CHAN_WIDTH_160:
283 			phymode = MODE_UNKNOWN;
284 			break;
285 		}
286 		break;
287 	case IEEE80211_BAND_5GHZ:
288 		switch (chandef->width) {
289 		case NL80211_CHAN_WIDTH_20_NOHT:
290 			phymode = MODE_11A;
291 			break;
292 		case NL80211_CHAN_WIDTH_20:
293 			phymode = MODE_11NA_HT20;
294 			break;
295 		case NL80211_CHAN_WIDTH_40:
296 			phymode = MODE_11NA_HT40;
297 			break;
298 		case NL80211_CHAN_WIDTH_80:
299 			phymode = MODE_11AC_VHT80;
300 			break;
301 		case NL80211_CHAN_WIDTH_5:
302 		case NL80211_CHAN_WIDTH_10:
303 		case NL80211_CHAN_WIDTH_80P80:
304 		case NL80211_CHAN_WIDTH_160:
305 			phymode = MODE_UNKNOWN;
306 			break;
307 		}
308 		break;
309 	default:
310 		break;
311 	}
312 
313 	WARN_ON(phymode == MODE_UNKNOWN);
314 	return phymode;
315 }
316 
317 static u8 ath10k_parse_mpdudensity(u8 mpdudensity)
318 {
319 /*
320  * 802.11n D2.0 defined values for "Minimum MPDU Start Spacing":
321  *   0 for no restriction
322  *   1 for 1/4 us
323  *   2 for 1/2 us
324  *   3 for 1 us
325  *   4 for 2 us
326  *   5 for 4 us
327  *   6 for 8 us
328  *   7 for 16 us
329  */
330 	switch (mpdudensity) {
331 	case 0:
332 		return 0;
333 	case 1:
334 	case 2:
335 	case 3:
336 	/* Our lower layer calculations limit our precision to
337 	   1 microsecond */
338 		return 1;
339 	case 4:
340 		return 2;
341 	case 5:
342 		return 4;
343 	case 6:
344 		return 8;
345 	case 7:
346 		return 16;
347 	default:
348 		return 0;
349 	}
350 }
351 
352 static int ath10k_peer_create(struct ath10k *ar, u32 vdev_id, const u8 *addr)
353 {
354 	int ret;
355 
356 	lockdep_assert_held(&ar->conf_mutex);
357 
358 	if (ar->num_peers >= ar->max_num_peers)
359 		return -ENOBUFS;
360 
361 	ret = ath10k_wmi_peer_create(ar, vdev_id, addr);
362 	if (ret) {
363 		ath10k_warn(ar, "failed to create wmi peer %pM on vdev %i: %i\n",
364 			    addr, vdev_id, ret);
365 		return ret;
366 	}
367 
368 	ret = ath10k_wait_for_peer_created(ar, vdev_id, addr);
369 	if (ret) {
370 		ath10k_warn(ar, "failed to wait for created wmi peer %pM on vdev %i: %i\n",
371 			    addr, vdev_id, ret);
372 		return ret;
373 	}
374 
375 	ar->num_peers++;
376 
377 	return 0;
378 }
379 
380 static int ath10k_mac_set_kickout(struct ath10k_vif *arvif)
381 {
382 	struct ath10k *ar = arvif->ar;
383 	u32 param;
384 	int ret;
385 
386 	param = ar->wmi.pdev_param->sta_kickout_th;
387 	ret = ath10k_wmi_pdev_set_param(ar, param,
388 					ATH10K_KICKOUT_THRESHOLD);
389 	if (ret) {
390 		ath10k_warn(ar, "failed to set kickout threshold on vdev %i: %d\n",
391 			    arvif->vdev_id, ret);
392 		return ret;
393 	}
394 
395 	param = ar->wmi.vdev_param->ap_keepalive_min_idle_inactive_time_secs;
396 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
397 					ATH10K_KEEPALIVE_MIN_IDLE);
398 	if (ret) {
399 		ath10k_warn(ar, "failed to set keepalive minimum idle time on vdev %i: %d\n",
400 			    arvif->vdev_id, ret);
401 		return ret;
402 	}
403 
404 	param = ar->wmi.vdev_param->ap_keepalive_max_idle_inactive_time_secs;
405 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
406 					ATH10K_KEEPALIVE_MAX_IDLE);
407 	if (ret) {
408 		ath10k_warn(ar, "failed to set keepalive maximum idle time on vdev %i: %d\n",
409 			    arvif->vdev_id, ret);
410 		return ret;
411 	}
412 
413 	param = ar->wmi.vdev_param->ap_keepalive_max_unresponsive_time_secs;
414 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, param,
415 					ATH10K_KEEPALIVE_MAX_UNRESPONSIVE);
416 	if (ret) {
417 		ath10k_warn(ar, "failed to set keepalive maximum unresponsive time on vdev %i: %d\n",
418 			    arvif->vdev_id, ret);
419 		return ret;
420 	}
421 
422 	return 0;
423 }
424 
425 static int ath10k_mac_set_rts(struct ath10k_vif *arvif, u32 value)
426 {
427 	struct ath10k *ar = arvif->ar;
428 	u32 vdev_param;
429 
430 	vdev_param = ar->wmi.vdev_param->rts_threshold;
431 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, value);
432 }
433 
434 static int ath10k_mac_set_frag(struct ath10k_vif *arvif, u32 value)
435 {
436 	struct ath10k *ar = arvif->ar;
437 	u32 vdev_param;
438 
439 	if (value != 0xFFFFFFFF)
440 		value = clamp_t(u32, arvif->ar->hw->wiphy->frag_threshold,
441 				ATH10K_FRAGMT_THRESHOLD_MIN,
442 				ATH10K_FRAGMT_THRESHOLD_MAX);
443 
444 	vdev_param = ar->wmi.vdev_param->fragmentation_threshold;
445 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param, value);
446 }
447 
448 static int ath10k_peer_delete(struct ath10k *ar, u32 vdev_id, const u8 *addr)
449 {
450 	int ret;
451 
452 	lockdep_assert_held(&ar->conf_mutex);
453 
454 	ret = ath10k_wmi_peer_delete(ar, vdev_id, addr);
455 	if (ret)
456 		return ret;
457 
458 	ret = ath10k_wait_for_peer_deleted(ar, vdev_id, addr);
459 	if (ret)
460 		return ret;
461 
462 	ar->num_peers--;
463 
464 	return 0;
465 }
466 
467 static void ath10k_peer_cleanup(struct ath10k *ar, u32 vdev_id)
468 {
469 	struct ath10k_peer *peer, *tmp;
470 
471 	lockdep_assert_held(&ar->conf_mutex);
472 
473 	spin_lock_bh(&ar->data_lock);
474 	list_for_each_entry_safe(peer, tmp, &ar->peers, list) {
475 		if (peer->vdev_id != vdev_id)
476 			continue;
477 
478 		ath10k_warn(ar, "removing stale peer %pM from vdev_id %d\n",
479 			    peer->addr, vdev_id);
480 
481 		list_del(&peer->list);
482 		kfree(peer);
483 		ar->num_peers--;
484 	}
485 	spin_unlock_bh(&ar->data_lock);
486 }
487 
488 static void ath10k_peer_cleanup_all(struct ath10k *ar)
489 {
490 	struct ath10k_peer *peer, *tmp;
491 
492 	lockdep_assert_held(&ar->conf_mutex);
493 
494 	spin_lock_bh(&ar->data_lock);
495 	list_for_each_entry_safe(peer, tmp, &ar->peers, list) {
496 		list_del(&peer->list);
497 		kfree(peer);
498 	}
499 	spin_unlock_bh(&ar->data_lock);
500 
501 	ar->num_peers = 0;
502 	ar->num_stations = 0;
503 }
504 
505 /************************/
506 /* Interface management */
507 /************************/
508 
509 void ath10k_mac_vif_beacon_free(struct ath10k_vif *arvif)
510 {
511 	struct ath10k *ar = arvif->ar;
512 
513 	lockdep_assert_held(&ar->data_lock);
514 
515 	if (!arvif->beacon)
516 		return;
517 
518 	if (!arvif->beacon_buf)
519 		dma_unmap_single(ar->dev, ATH10K_SKB_CB(arvif->beacon)->paddr,
520 				 arvif->beacon->len, DMA_TO_DEVICE);
521 
522 	dev_kfree_skb_any(arvif->beacon);
523 
524 	arvif->beacon = NULL;
525 	arvif->beacon_sent = false;
526 }
527 
528 static void ath10k_mac_vif_beacon_cleanup(struct ath10k_vif *arvif)
529 {
530 	struct ath10k *ar = arvif->ar;
531 
532 	lockdep_assert_held(&ar->data_lock);
533 
534 	ath10k_mac_vif_beacon_free(arvif);
535 
536 	if (arvif->beacon_buf) {
537 		dma_free_coherent(ar->dev, IEEE80211_MAX_FRAME_LEN,
538 				  arvif->beacon_buf, arvif->beacon_paddr);
539 		arvif->beacon_buf = NULL;
540 	}
541 }
542 
543 static inline int ath10k_vdev_setup_sync(struct ath10k *ar)
544 {
545 	int ret;
546 
547 	lockdep_assert_held(&ar->conf_mutex);
548 
549 	if (test_bit(ATH10K_FLAG_CRASH_FLUSH, &ar->dev_flags))
550 		return -ESHUTDOWN;
551 
552 	ret = wait_for_completion_timeout(&ar->vdev_setup_done,
553 					  ATH10K_VDEV_SETUP_TIMEOUT_HZ);
554 	if (ret == 0)
555 		return -ETIMEDOUT;
556 
557 	return 0;
558 }
559 
560 static int ath10k_monitor_vdev_start(struct ath10k *ar, int vdev_id)
561 {
562 	struct cfg80211_chan_def *chandef = &ar->chandef;
563 	struct ieee80211_channel *channel = chandef->chan;
564 	struct wmi_vdev_start_request_arg arg = {};
565 	int ret = 0;
566 
567 	lockdep_assert_held(&ar->conf_mutex);
568 
569 	arg.vdev_id = vdev_id;
570 	arg.channel.freq = channel->center_freq;
571 	arg.channel.band_center_freq1 = chandef->center_freq1;
572 
573 	/* TODO setup this dynamically, what in case we
574 	   don't have any vifs? */
575 	arg.channel.mode = chan_to_phymode(chandef);
576 	arg.channel.chan_radar =
577 			!!(channel->flags & IEEE80211_CHAN_RADAR);
578 
579 	arg.channel.min_power = 0;
580 	arg.channel.max_power = channel->max_power * 2;
581 	arg.channel.max_reg_power = channel->max_reg_power * 2;
582 	arg.channel.max_antenna_gain = channel->max_antenna_gain * 2;
583 
584 	reinit_completion(&ar->vdev_setup_done);
585 
586 	ret = ath10k_wmi_vdev_start(ar, &arg);
587 	if (ret) {
588 		ath10k_warn(ar, "failed to request monitor vdev %i start: %d\n",
589 			    vdev_id, ret);
590 		return ret;
591 	}
592 
593 	ret = ath10k_vdev_setup_sync(ar);
594 	if (ret) {
595 		ath10k_warn(ar, "failed to synchronize setup for monitor vdev %i: %d\n",
596 			    vdev_id, ret);
597 		return ret;
598 	}
599 
600 	ret = ath10k_wmi_vdev_up(ar, vdev_id, 0, ar->mac_addr);
601 	if (ret) {
602 		ath10k_warn(ar, "failed to put up monitor vdev %i: %d\n",
603 			    vdev_id, ret);
604 		goto vdev_stop;
605 	}
606 
607 	ar->monitor_vdev_id = vdev_id;
608 
609 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %i started\n",
610 		   ar->monitor_vdev_id);
611 	return 0;
612 
613 vdev_stop:
614 	ret = ath10k_wmi_vdev_stop(ar, ar->monitor_vdev_id);
615 	if (ret)
616 		ath10k_warn(ar, "failed to stop monitor vdev %i after start failure: %d\n",
617 			    ar->monitor_vdev_id, ret);
618 
619 	return ret;
620 }
621 
622 static int ath10k_monitor_vdev_stop(struct ath10k *ar)
623 {
624 	int ret = 0;
625 
626 	lockdep_assert_held(&ar->conf_mutex);
627 
628 	ret = ath10k_wmi_vdev_down(ar, ar->monitor_vdev_id);
629 	if (ret)
630 		ath10k_warn(ar, "failed to put down monitor vdev %i: %d\n",
631 			    ar->monitor_vdev_id, ret);
632 
633 	reinit_completion(&ar->vdev_setup_done);
634 
635 	ret = ath10k_wmi_vdev_stop(ar, ar->monitor_vdev_id);
636 	if (ret)
637 		ath10k_warn(ar, "failed to to request monitor vdev %i stop: %d\n",
638 			    ar->monitor_vdev_id, ret);
639 
640 	ret = ath10k_vdev_setup_sync(ar);
641 	if (ret)
642 		ath10k_warn(ar, "failed to synchronise monitor vdev %i: %d\n",
643 			    ar->monitor_vdev_id, ret);
644 
645 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %i stopped\n",
646 		   ar->monitor_vdev_id);
647 	return ret;
648 }
649 
650 static int ath10k_monitor_vdev_create(struct ath10k *ar)
651 {
652 	int bit, ret = 0;
653 
654 	lockdep_assert_held(&ar->conf_mutex);
655 
656 	if (ar->free_vdev_map == 0) {
657 		ath10k_warn(ar, "failed to find free vdev id for monitor vdev\n");
658 		return -ENOMEM;
659 	}
660 
661 	bit = __ffs64(ar->free_vdev_map);
662 
663 	ar->monitor_vdev_id = bit;
664 
665 	ret = ath10k_wmi_vdev_create(ar, ar->monitor_vdev_id,
666 				     WMI_VDEV_TYPE_MONITOR,
667 				     0, ar->mac_addr);
668 	if (ret) {
669 		ath10k_warn(ar, "failed to request monitor vdev %i creation: %d\n",
670 			    ar->monitor_vdev_id, ret);
671 		return ret;
672 	}
673 
674 	ar->free_vdev_map &= ~(1LL << ar->monitor_vdev_id);
675 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %d created\n",
676 		   ar->monitor_vdev_id);
677 
678 	return 0;
679 }
680 
681 static int ath10k_monitor_vdev_delete(struct ath10k *ar)
682 {
683 	int ret = 0;
684 
685 	lockdep_assert_held(&ar->conf_mutex);
686 
687 	ret = ath10k_wmi_vdev_delete(ar, ar->monitor_vdev_id);
688 	if (ret) {
689 		ath10k_warn(ar, "failed to request wmi monitor vdev %i removal: %d\n",
690 			    ar->monitor_vdev_id, ret);
691 		return ret;
692 	}
693 
694 	ar->free_vdev_map |= 1LL << ar->monitor_vdev_id;
695 
696 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor vdev %d deleted\n",
697 		   ar->monitor_vdev_id);
698 	return ret;
699 }
700 
701 static int ath10k_monitor_start(struct ath10k *ar)
702 {
703 	int ret;
704 
705 	lockdep_assert_held(&ar->conf_mutex);
706 
707 	ret = ath10k_monitor_vdev_create(ar);
708 	if (ret) {
709 		ath10k_warn(ar, "failed to create monitor vdev: %d\n", ret);
710 		return ret;
711 	}
712 
713 	ret = ath10k_monitor_vdev_start(ar, ar->monitor_vdev_id);
714 	if (ret) {
715 		ath10k_warn(ar, "failed to start monitor vdev: %d\n", ret);
716 		ath10k_monitor_vdev_delete(ar);
717 		return ret;
718 	}
719 
720 	ar->monitor_started = true;
721 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor started\n");
722 
723 	return 0;
724 }
725 
726 static int ath10k_monitor_stop(struct ath10k *ar)
727 {
728 	int ret;
729 
730 	lockdep_assert_held(&ar->conf_mutex);
731 
732 	ret = ath10k_monitor_vdev_stop(ar);
733 	if (ret) {
734 		ath10k_warn(ar, "failed to stop monitor vdev: %d\n", ret);
735 		return ret;
736 	}
737 
738 	ret = ath10k_monitor_vdev_delete(ar);
739 	if (ret) {
740 		ath10k_warn(ar, "failed to delete monitor vdev: %d\n", ret);
741 		return ret;
742 	}
743 
744 	ar->monitor_started = false;
745 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac monitor stopped\n");
746 
747 	return 0;
748 }
749 
750 static int ath10k_monitor_recalc(struct ath10k *ar)
751 {
752 	bool should_start;
753 
754 	lockdep_assert_held(&ar->conf_mutex);
755 
756 	should_start = ar->monitor ||
757 		       ar->filter_flags & FIF_PROMISC_IN_BSS ||
758 		       test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
759 
760 	ath10k_dbg(ar, ATH10K_DBG_MAC,
761 		   "mac monitor recalc started? %d should? %d\n",
762 		   ar->monitor_started, should_start);
763 
764 	if (should_start == ar->monitor_started)
765 		return 0;
766 
767 	if (should_start)
768 		return ath10k_monitor_start(ar);
769 
770 	return ath10k_monitor_stop(ar);
771 }
772 
773 static int ath10k_recalc_rtscts_prot(struct ath10k_vif *arvif)
774 {
775 	struct ath10k *ar = arvif->ar;
776 	u32 vdev_param, rts_cts = 0;
777 
778 	lockdep_assert_held(&ar->conf_mutex);
779 
780 	vdev_param = ar->wmi.vdev_param->enable_rtscts;
781 
782 	if (arvif->use_cts_prot || arvif->num_legacy_stations > 0)
783 		rts_cts |= SM(WMI_RTSCTS_ENABLED, WMI_RTSCTS_SET);
784 
785 	if (arvif->num_legacy_stations > 0)
786 		rts_cts |= SM(WMI_RTSCTS_ACROSS_SW_RETRIES,
787 			      WMI_RTSCTS_PROFILE);
788 
789 	return ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
790 					 rts_cts);
791 }
792 
793 static int ath10k_start_cac(struct ath10k *ar)
794 {
795 	int ret;
796 
797 	lockdep_assert_held(&ar->conf_mutex);
798 
799 	set_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
800 
801 	ret = ath10k_monitor_recalc(ar);
802 	if (ret) {
803 		ath10k_warn(ar, "failed to start monitor (cac): %d\n", ret);
804 		clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
805 		return ret;
806 	}
807 
808 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac cac start monitor vdev %d\n",
809 		   ar->monitor_vdev_id);
810 
811 	return 0;
812 }
813 
814 static int ath10k_stop_cac(struct ath10k *ar)
815 {
816 	lockdep_assert_held(&ar->conf_mutex);
817 
818 	/* CAC is not running - do nothing */
819 	if (!test_bit(ATH10K_CAC_RUNNING, &ar->dev_flags))
820 		return 0;
821 
822 	clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
823 	ath10k_monitor_stop(ar);
824 
825 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac cac finished\n");
826 
827 	return 0;
828 }
829 
830 static void ath10k_recalc_radar_detection(struct ath10k *ar)
831 {
832 	int ret;
833 
834 	lockdep_assert_held(&ar->conf_mutex);
835 
836 	ath10k_stop_cac(ar);
837 
838 	if (!ar->radar_enabled)
839 		return;
840 
841 	if (ar->num_started_vdevs > 0)
842 		return;
843 
844 	ret = ath10k_start_cac(ar);
845 	if (ret) {
846 		/*
847 		 * Not possible to start CAC on current channel so starting
848 		 * radiation is not allowed, make this channel DFS_UNAVAILABLE
849 		 * by indicating that radar was detected.
850 		 */
851 		ath10k_warn(ar, "failed to start CAC: %d\n", ret);
852 		ieee80211_radar_detected(ar->hw);
853 	}
854 }
855 
856 static int ath10k_vdev_start_restart(struct ath10k_vif *arvif, bool restart)
857 {
858 	struct ath10k *ar = arvif->ar;
859 	struct cfg80211_chan_def *chandef = &ar->chandef;
860 	struct wmi_vdev_start_request_arg arg = {};
861 	int ret = 0;
862 
863 	lockdep_assert_held(&ar->conf_mutex);
864 
865 	reinit_completion(&ar->vdev_setup_done);
866 
867 	arg.vdev_id = arvif->vdev_id;
868 	arg.dtim_period = arvif->dtim_period;
869 	arg.bcn_intval = arvif->beacon_interval;
870 
871 	arg.channel.freq = chandef->chan->center_freq;
872 	arg.channel.band_center_freq1 = chandef->center_freq1;
873 	arg.channel.mode = chan_to_phymode(chandef);
874 
875 	arg.channel.min_power = 0;
876 	arg.channel.max_power = chandef->chan->max_power * 2;
877 	arg.channel.max_reg_power = chandef->chan->max_reg_power * 2;
878 	arg.channel.max_antenna_gain = chandef->chan->max_antenna_gain * 2;
879 
880 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
881 		arg.ssid = arvif->u.ap.ssid;
882 		arg.ssid_len = arvif->u.ap.ssid_len;
883 		arg.hidden_ssid = arvif->u.ap.hidden_ssid;
884 
885 		/* For now allow DFS for AP mode */
886 		arg.channel.chan_radar =
887 			!!(chandef->chan->flags & IEEE80211_CHAN_RADAR);
888 	} else if (arvif->vdev_type == WMI_VDEV_TYPE_IBSS) {
889 		arg.ssid = arvif->vif->bss_conf.ssid;
890 		arg.ssid_len = arvif->vif->bss_conf.ssid_len;
891 	}
892 
893 	ath10k_dbg(ar, ATH10K_DBG_MAC,
894 		   "mac vdev %d start center_freq %d phymode %s\n",
895 		   arg.vdev_id, arg.channel.freq,
896 		   ath10k_wmi_phymode_str(arg.channel.mode));
897 
898 	if (restart)
899 		ret = ath10k_wmi_vdev_restart(ar, &arg);
900 	else
901 		ret = ath10k_wmi_vdev_start(ar, &arg);
902 
903 	if (ret) {
904 		ath10k_warn(ar, "failed to start WMI vdev %i: %d\n",
905 			    arg.vdev_id, ret);
906 		return ret;
907 	}
908 
909 	ret = ath10k_vdev_setup_sync(ar);
910 	if (ret) {
911 		ath10k_warn(ar, "failed to synchronise setup for vdev %i: %d\n",
912 			    arg.vdev_id, ret);
913 		return ret;
914 	}
915 
916 	ar->num_started_vdevs++;
917 	ath10k_recalc_radar_detection(ar);
918 
919 	return ret;
920 }
921 
922 static int ath10k_vdev_start(struct ath10k_vif *arvif)
923 {
924 	return ath10k_vdev_start_restart(arvif, false);
925 }
926 
927 static int ath10k_vdev_restart(struct ath10k_vif *arvif)
928 {
929 	return ath10k_vdev_start_restart(arvif, true);
930 }
931 
932 static int ath10k_vdev_stop(struct ath10k_vif *arvif)
933 {
934 	struct ath10k *ar = arvif->ar;
935 	int ret;
936 
937 	lockdep_assert_held(&ar->conf_mutex);
938 
939 	reinit_completion(&ar->vdev_setup_done);
940 
941 	ret = ath10k_wmi_vdev_stop(ar, arvif->vdev_id);
942 	if (ret) {
943 		ath10k_warn(ar, "failed to stop WMI vdev %i: %d\n",
944 			    arvif->vdev_id, ret);
945 		return ret;
946 	}
947 
948 	ret = ath10k_vdev_setup_sync(ar);
949 	if (ret) {
950 		ath10k_warn(ar, "failed to syncronise setup for vdev %i: %d\n",
951 			    arvif->vdev_id, ret);
952 		return ret;
953 	}
954 
955 	WARN_ON(ar->num_started_vdevs == 0);
956 
957 	if (ar->num_started_vdevs != 0) {
958 		ar->num_started_vdevs--;
959 		ath10k_recalc_radar_detection(ar);
960 	}
961 
962 	return ret;
963 }
964 
965 static void ath10k_control_beaconing(struct ath10k_vif *arvif,
966 				     struct ieee80211_bss_conf *info)
967 {
968 	struct ath10k *ar = arvif->ar;
969 	int ret = 0;
970 
971 	lockdep_assert_held(&arvif->ar->conf_mutex);
972 
973 	if (!info->enable_beacon) {
974 		ath10k_vdev_stop(arvif);
975 
976 		arvif->is_started = false;
977 		arvif->is_up = false;
978 
979 		spin_lock_bh(&arvif->ar->data_lock);
980 		ath10k_mac_vif_beacon_free(arvif);
981 		spin_unlock_bh(&arvif->ar->data_lock);
982 
983 		return;
984 	}
985 
986 	arvif->tx_seq_no = 0x1000;
987 
988 	ret = ath10k_vdev_start(arvif);
989 	if (ret)
990 		return;
991 
992 	arvif->aid = 0;
993 	ether_addr_copy(arvif->bssid, info->bssid);
994 
995 	ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
996 				 arvif->bssid);
997 	if (ret) {
998 		ath10k_warn(ar, "failed to bring up vdev %d: %i\n",
999 			    arvif->vdev_id, ret);
1000 		ath10k_vdev_stop(arvif);
1001 		return;
1002 	}
1003 
1004 	arvif->is_started = true;
1005 	arvif->is_up = true;
1006 
1007 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d up\n", arvif->vdev_id);
1008 }
1009 
1010 static void ath10k_control_ibss(struct ath10k_vif *arvif,
1011 				struct ieee80211_bss_conf *info,
1012 				const u8 self_peer[ETH_ALEN])
1013 {
1014 	struct ath10k *ar = arvif->ar;
1015 	u32 vdev_param;
1016 	int ret = 0;
1017 
1018 	lockdep_assert_held(&arvif->ar->conf_mutex);
1019 
1020 	if (!info->ibss_joined) {
1021 		ret = ath10k_peer_delete(arvif->ar, arvif->vdev_id, self_peer);
1022 		if (ret)
1023 			ath10k_warn(ar, "failed to delete IBSS self peer %pM for vdev %d: %d\n",
1024 				    self_peer, arvif->vdev_id, ret);
1025 
1026 		if (is_zero_ether_addr(arvif->bssid))
1027 			return;
1028 
1029 		memset(arvif->bssid, 0, ETH_ALEN);
1030 
1031 		return;
1032 	}
1033 
1034 	ret = ath10k_peer_create(arvif->ar, arvif->vdev_id, self_peer);
1035 	if (ret) {
1036 		ath10k_warn(ar, "failed to create IBSS self peer %pM for vdev %d: %d\n",
1037 			    self_peer, arvif->vdev_id, ret);
1038 		return;
1039 	}
1040 
1041 	vdev_param = arvif->ar->wmi.vdev_param->atim_window;
1042 	ret = ath10k_wmi_vdev_set_param(arvif->ar, arvif->vdev_id, vdev_param,
1043 					ATH10K_DEFAULT_ATIM);
1044 	if (ret)
1045 		ath10k_warn(ar, "failed to set IBSS ATIM for vdev %d: %d\n",
1046 			    arvif->vdev_id, ret);
1047 }
1048 
1049 /*
1050  * Review this when mac80211 gains per-interface powersave support.
1051  */
1052 static int ath10k_mac_vif_setup_ps(struct ath10k_vif *arvif)
1053 {
1054 	struct ath10k *ar = arvif->ar;
1055 	struct ieee80211_conf *conf = &ar->hw->conf;
1056 	enum wmi_sta_powersave_param param;
1057 	enum wmi_sta_ps_mode psmode;
1058 	int ret;
1059 
1060 	lockdep_assert_held(&arvif->ar->conf_mutex);
1061 
1062 	if (arvif->vif->type != NL80211_IFTYPE_STATION)
1063 		return 0;
1064 
1065 	if (conf->flags & IEEE80211_CONF_PS) {
1066 		psmode = WMI_STA_PS_MODE_ENABLED;
1067 		param = WMI_STA_PS_PARAM_INACTIVITY_TIME;
1068 
1069 		ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id, param,
1070 						  conf->dynamic_ps_timeout);
1071 		if (ret) {
1072 			ath10k_warn(ar, "failed to set inactivity time for vdev %d: %i\n",
1073 				    arvif->vdev_id, ret);
1074 			return ret;
1075 		}
1076 	} else {
1077 		psmode = WMI_STA_PS_MODE_DISABLED;
1078 	}
1079 
1080 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d psmode %s\n",
1081 		   arvif->vdev_id, psmode ? "enable" : "disable");
1082 
1083 	ret = ath10k_wmi_set_psmode(ar, arvif->vdev_id, psmode);
1084 	if (ret) {
1085 		ath10k_warn(ar, "failed to set PS Mode %d for vdev %d: %d\n",
1086 			    psmode, arvif->vdev_id, ret);
1087 		return ret;
1088 	}
1089 
1090 	return 0;
1091 }
1092 
1093 /**********************/
1094 /* Station management */
1095 /**********************/
1096 
1097 static u32 ath10k_peer_assoc_h_listen_intval(struct ath10k *ar,
1098 					     struct ieee80211_vif *vif)
1099 {
1100 	/* Some firmware revisions have unstable STA powersave when listen
1101 	 * interval is set too high (e.g. 5). The symptoms are firmware doesn't
1102 	 * generate NullFunc frames properly even if buffered frames have been
1103 	 * indicated in Beacon TIM. Firmware would seldom wake up to pull
1104 	 * buffered frames. Often pinging the device from AP would simply fail.
1105 	 *
1106 	 * As a workaround set it to 1.
1107 	 */
1108 	if (vif->type == NL80211_IFTYPE_STATION)
1109 		return 1;
1110 
1111 	return ar->hw->conf.listen_interval;
1112 }
1113 
1114 static void ath10k_peer_assoc_h_basic(struct ath10k *ar,
1115 				      struct ieee80211_vif *vif,
1116 				      struct ieee80211_sta *sta,
1117 				      struct wmi_peer_assoc_complete_arg *arg)
1118 {
1119 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
1120 
1121 	lockdep_assert_held(&ar->conf_mutex);
1122 
1123 	ether_addr_copy(arg->addr, sta->addr);
1124 	arg->vdev_id = arvif->vdev_id;
1125 	arg->peer_aid = sta->aid;
1126 	arg->peer_flags |= WMI_PEER_AUTH;
1127 	arg->peer_listen_intval = ath10k_peer_assoc_h_listen_intval(ar, vif);
1128 	arg->peer_num_spatial_streams = 1;
1129 	arg->peer_caps = vif->bss_conf.assoc_capability;
1130 }
1131 
1132 static void ath10k_peer_assoc_h_crypto(struct ath10k *ar,
1133 				       struct ieee80211_vif *vif,
1134 				       struct wmi_peer_assoc_complete_arg *arg)
1135 {
1136 	struct ieee80211_bss_conf *info = &vif->bss_conf;
1137 	struct cfg80211_bss *bss;
1138 	const u8 *rsnie = NULL;
1139 	const u8 *wpaie = NULL;
1140 
1141 	lockdep_assert_held(&ar->conf_mutex);
1142 
1143 	bss = cfg80211_get_bss(ar->hw->wiphy, ar->hw->conf.chandef.chan,
1144 			       info->bssid, NULL, 0, 0, 0);
1145 	if (bss) {
1146 		const struct cfg80211_bss_ies *ies;
1147 
1148 		rcu_read_lock();
1149 		rsnie = ieee80211_bss_get_ie(bss, WLAN_EID_RSN);
1150 
1151 		ies = rcu_dereference(bss->ies);
1152 
1153 		wpaie = cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,
1154 						WLAN_OUI_TYPE_MICROSOFT_WPA,
1155 						ies->data,
1156 						ies->len);
1157 		rcu_read_unlock();
1158 		cfg80211_put_bss(ar->hw->wiphy, bss);
1159 	}
1160 
1161 	/* FIXME: base on RSN IE/WPA IE is a correct idea? */
1162 	if (rsnie || wpaie) {
1163 		ath10k_dbg(ar, ATH10K_DBG_WMI, "%s: rsn ie found\n", __func__);
1164 		arg->peer_flags |= WMI_PEER_NEED_PTK_4_WAY;
1165 	}
1166 
1167 	if (wpaie) {
1168 		ath10k_dbg(ar, ATH10K_DBG_WMI, "%s: wpa ie found\n", __func__);
1169 		arg->peer_flags |= WMI_PEER_NEED_GTK_2_WAY;
1170 	}
1171 }
1172 
1173 static void ath10k_peer_assoc_h_rates(struct ath10k *ar,
1174 				      struct ieee80211_sta *sta,
1175 				      struct wmi_peer_assoc_complete_arg *arg)
1176 {
1177 	struct wmi_rate_set_arg *rateset = &arg->peer_legacy_rates;
1178 	const struct ieee80211_supported_band *sband;
1179 	const struct ieee80211_rate *rates;
1180 	u32 ratemask;
1181 	int i;
1182 
1183 	lockdep_assert_held(&ar->conf_mutex);
1184 
1185 	sband = ar->hw->wiphy->bands[ar->hw->conf.chandef.chan->band];
1186 	ratemask = sta->supp_rates[ar->hw->conf.chandef.chan->band];
1187 	rates = sband->bitrates;
1188 
1189 	rateset->num_rates = 0;
1190 
1191 	for (i = 0; i < 32; i++, ratemask >>= 1, rates++) {
1192 		if (!(ratemask & 1))
1193 			continue;
1194 
1195 		rateset->rates[rateset->num_rates] = rates->hw_value;
1196 		rateset->num_rates++;
1197 	}
1198 }
1199 
1200 static void ath10k_peer_assoc_h_ht(struct ath10k *ar,
1201 				   struct ieee80211_sta *sta,
1202 				   struct wmi_peer_assoc_complete_arg *arg)
1203 {
1204 	const struct ieee80211_sta_ht_cap *ht_cap = &sta->ht_cap;
1205 	int i, n;
1206 	u32 stbc;
1207 
1208 	lockdep_assert_held(&ar->conf_mutex);
1209 
1210 	if (!ht_cap->ht_supported)
1211 		return;
1212 
1213 	arg->peer_flags |= WMI_PEER_HT;
1214 	arg->peer_max_mpdu = (1 << (IEEE80211_HT_MAX_AMPDU_FACTOR +
1215 				    ht_cap->ampdu_factor)) - 1;
1216 
1217 	arg->peer_mpdu_density =
1218 		ath10k_parse_mpdudensity(ht_cap->ampdu_density);
1219 
1220 	arg->peer_ht_caps = ht_cap->cap;
1221 	arg->peer_rate_caps |= WMI_RC_HT_FLAG;
1222 
1223 	if (ht_cap->cap & IEEE80211_HT_CAP_LDPC_CODING)
1224 		arg->peer_flags |= WMI_PEER_LDPC;
1225 
1226 	if (sta->bandwidth >= IEEE80211_STA_RX_BW_40) {
1227 		arg->peer_flags |= WMI_PEER_40MHZ;
1228 		arg->peer_rate_caps |= WMI_RC_CW40_FLAG;
1229 	}
1230 
1231 	if (ht_cap->cap & IEEE80211_HT_CAP_SGI_20)
1232 		arg->peer_rate_caps |= WMI_RC_SGI_FLAG;
1233 
1234 	if (ht_cap->cap & IEEE80211_HT_CAP_SGI_40)
1235 		arg->peer_rate_caps |= WMI_RC_SGI_FLAG;
1236 
1237 	if (ht_cap->cap & IEEE80211_HT_CAP_TX_STBC) {
1238 		arg->peer_rate_caps |= WMI_RC_TX_STBC_FLAG;
1239 		arg->peer_flags |= WMI_PEER_STBC;
1240 	}
1241 
1242 	if (ht_cap->cap & IEEE80211_HT_CAP_RX_STBC) {
1243 		stbc = ht_cap->cap & IEEE80211_HT_CAP_RX_STBC;
1244 		stbc = stbc >> IEEE80211_HT_CAP_RX_STBC_SHIFT;
1245 		stbc = stbc << WMI_RC_RX_STBC_FLAG_S;
1246 		arg->peer_rate_caps |= stbc;
1247 		arg->peer_flags |= WMI_PEER_STBC;
1248 	}
1249 
1250 	if (ht_cap->mcs.rx_mask[1] && ht_cap->mcs.rx_mask[2])
1251 		arg->peer_rate_caps |= WMI_RC_TS_FLAG;
1252 	else if (ht_cap->mcs.rx_mask[1])
1253 		arg->peer_rate_caps |= WMI_RC_DS_FLAG;
1254 
1255 	for (i = 0, n = 0; i < IEEE80211_HT_MCS_MASK_LEN*8; i++)
1256 		if (ht_cap->mcs.rx_mask[i/8] & (1 << i%8))
1257 			arg->peer_ht_rates.rates[n++] = i;
1258 
1259 	/*
1260 	 * This is a workaround for HT-enabled STAs which break the spec
1261 	 * and have no HT capabilities RX mask (no HT RX MCS map).
1262 	 *
1263 	 * As per spec, in section 20.3.5 Modulation and coding scheme (MCS),
1264 	 * MCS 0 through 7 are mandatory in 20MHz with 800 ns GI at all STAs.
1265 	 *
1266 	 * Firmware asserts if such situation occurs.
1267 	 */
1268 	if (n == 0) {
1269 		arg->peer_ht_rates.num_rates = 8;
1270 		for (i = 0; i < arg->peer_ht_rates.num_rates; i++)
1271 			arg->peer_ht_rates.rates[i] = i;
1272 	} else {
1273 		arg->peer_ht_rates.num_rates = n;
1274 		arg->peer_num_spatial_streams = sta->rx_nss;
1275 	}
1276 
1277 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac ht peer %pM mcs cnt %d nss %d\n",
1278 		   arg->addr,
1279 		   arg->peer_ht_rates.num_rates,
1280 		   arg->peer_num_spatial_streams);
1281 }
1282 
1283 static int ath10k_peer_assoc_qos_ap(struct ath10k *ar,
1284 				    struct ath10k_vif *arvif,
1285 				    struct ieee80211_sta *sta)
1286 {
1287 	u32 uapsd = 0;
1288 	u32 max_sp = 0;
1289 	int ret = 0;
1290 
1291 	lockdep_assert_held(&ar->conf_mutex);
1292 
1293 	if (sta->wme && sta->uapsd_queues) {
1294 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac uapsd_queues 0x%x max_sp %d\n",
1295 			   sta->uapsd_queues, sta->max_sp);
1296 
1297 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO)
1298 			uapsd |= WMI_AP_PS_UAPSD_AC3_DELIVERY_EN |
1299 				 WMI_AP_PS_UAPSD_AC3_TRIGGER_EN;
1300 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VI)
1301 			uapsd |= WMI_AP_PS_UAPSD_AC2_DELIVERY_EN |
1302 				 WMI_AP_PS_UAPSD_AC2_TRIGGER_EN;
1303 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BK)
1304 			uapsd |= WMI_AP_PS_UAPSD_AC1_DELIVERY_EN |
1305 				 WMI_AP_PS_UAPSD_AC1_TRIGGER_EN;
1306 		if (sta->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_BE)
1307 			uapsd |= WMI_AP_PS_UAPSD_AC0_DELIVERY_EN |
1308 				 WMI_AP_PS_UAPSD_AC0_TRIGGER_EN;
1309 
1310 		if (sta->max_sp < MAX_WMI_AP_PS_PEER_PARAM_MAX_SP)
1311 			max_sp = sta->max_sp;
1312 
1313 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id,
1314 						 sta->addr,
1315 						 WMI_AP_PS_PEER_PARAM_UAPSD,
1316 						 uapsd);
1317 		if (ret) {
1318 			ath10k_warn(ar, "failed to set ap ps peer param uapsd for vdev %i: %d\n",
1319 				    arvif->vdev_id, ret);
1320 			return ret;
1321 		}
1322 
1323 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id,
1324 						 sta->addr,
1325 						 WMI_AP_PS_PEER_PARAM_MAX_SP,
1326 						 max_sp);
1327 		if (ret) {
1328 			ath10k_warn(ar, "failed to set ap ps peer param max sp for vdev %i: %d\n",
1329 				    arvif->vdev_id, ret);
1330 			return ret;
1331 		}
1332 
1333 		/* TODO setup this based on STA listen interval and
1334 		   beacon interval. Currently we don't know
1335 		   sta->listen_interval - mac80211 patch required.
1336 		   Currently use 10 seconds */
1337 		ret = ath10k_wmi_set_ap_ps_param(ar, arvif->vdev_id, sta->addr,
1338 						 WMI_AP_PS_PEER_PARAM_AGEOUT_TIME,
1339 						 10);
1340 		if (ret) {
1341 			ath10k_warn(ar, "failed to set ap ps peer param ageout time for vdev %i: %d\n",
1342 				    arvif->vdev_id, ret);
1343 			return ret;
1344 		}
1345 	}
1346 
1347 	return 0;
1348 }
1349 
1350 static void ath10k_peer_assoc_h_vht(struct ath10k *ar,
1351 				    struct ieee80211_sta *sta,
1352 				    struct wmi_peer_assoc_complete_arg *arg)
1353 {
1354 	const struct ieee80211_sta_vht_cap *vht_cap = &sta->vht_cap;
1355 	u8 ampdu_factor;
1356 
1357 	if (!vht_cap->vht_supported)
1358 		return;
1359 
1360 	arg->peer_flags |= WMI_PEER_VHT;
1361 	arg->peer_vht_caps = vht_cap->cap;
1362 
1363 	ampdu_factor = (vht_cap->cap &
1364 			IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK) >>
1365 		       IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_SHIFT;
1366 
1367 	/* Workaround: Some Netgear/Linksys 11ac APs set Rx A-MPDU factor to
1368 	 * zero in VHT IE. Using it would result in degraded throughput.
1369 	 * arg->peer_max_mpdu at this point contains HT max_mpdu so keep
1370 	 * it if VHT max_mpdu is smaller. */
1371 	arg->peer_max_mpdu = max(arg->peer_max_mpdu,
1372 				 (1U << (IEEE80211_HT_MAX_AMPDU_FACTOR +
1373 					ampdu_factor)) - 1);
1374 
1375 	if (sta->bandwidth == IEEE80211_STA_RX_BW_80)
1376 		arg->peer_flags |= WMI_PEER_80MHZ;
1377 
1378 	arg->peer_vht_rates.rx_max_rate =
1379 		__le16_to_cpu(vht_cap->vht_mcs.rx_highest);
1380 	arg->peer_vht_rates.rx_mcs_set =
1381 		__le16_to_cpu(vht_cap->vht_mcs.rx_mcs_map);
1382 	arg->peer_vht_rates.tx_max_rate =
1383 		__le16_to_cpu(vht_cap->vht_mcs.tx_highest);
1384 	arg->peer_vht_rates.tx_mcs_set =
1385 		__le16_to_cpu(vht_cap->vht_mcs.tx_mcs_map);
1386 
1387 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vht peer %pM max_mpdu %d flags 0x%x\n",
1388 		   sta->addr, arg->peer_max_mpdu, arg->peer_flags);
1389 }
1390 
1391 static void ath10k_peer_assoc_h_qos(struct ath10k *ar,
1392 				    struct ieee80211_vif *vif,
1393 				    struct ieee80211_sta *sta,
1394 				    struct wmi_peer_assoc_complete_arg *arg)
1395 {
1396 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
1397 
1398 	switch (arvif->vdev_type) {
1399 	case WMI_VDEV_TYPE_AP:
1400 		if (sta->wme)
1401 			arg->peer_flags |= WMI_PEER_QOS;
1402 
1403 		if (sta->wme && sta->uapsd_queues) {
1404 			arg->peer_flags |= WMI_PEER_APSD;
1405 			arg->peer_rate_caps |= WMI_RC_UAPSD_FLAG;
1406 		}
1407 		break;
1408 	case WMI_VDEV_TYPE_STA:
1409 		if (vif->bss_conf.qos)
1410 			arg->peer_flags |= WMI_PEER_QOS;
1411 		break;
1412 	default:
1413 		break;
1414 	}
1415 }
1416 
1417 static void ath10k_peer_assoc_h_phymode(struct ath10k *ar,
1418 					struct ieee80211_vif *vif,
1419 					struct ieee80211_sta *sta,
1420 					struct wmi_peer_assoc_complete_arg *arg)
1421 {
1422 	enum wmi_phy_mode phymode = MODE_UNKNOWN;
1423 
1424 	switch (ar->hw->conf.chandef.chan->band) {
1425 	case IEEE80211_BAND_2GHZ:
1426 		if (sta->ht_cap.ht_supported) {
1427 			if (sta->bandwidth == IEEE80211_STA_RX_BW_40)
1428 				phymode = MODE_11NG_HT40;
1429 			else
1430 				phymode = MODE_11NG_HT20;
1431 		} else {
1432 			phymode = MODE_11G;
1433 		}
1434 
1435 		break;
1436 	case IEEE80211_BAND_5GHZ:
1437 		/*
1438 		 * Check VHT first.
1439 		 */
1440 		if (sta->vht_cap.vht_supported) {
1441 			if (sta->bandwidth == IEEE80211_STA_RX_BW_80)
1442 				phymode = MODE_11AC_VHT80;
1443 			else if (sta->bandwidth == IEEE80211_STA_RX_BW_40)
1444 				phymode = MODE_11AC_VHT40;
1445 			else if (sta->bandwidth == IEEE80211_STA_RX_BW_20)
1446 				phymode = MODE_11AC_VHT20;
1447 		} else if (sta->ht_cap.ht_supported) {
1448 			if (sta->bandwidth == IEEE80211_STA_RX_BW_40)
1449 				phymode = MODE_11NA_HT40;
1450 			else
1451 				phymode = MODE_11NA_HT20;
1452 		} else {
1453 			phymode = MODE_11A;
1454 		}
1455 
1456 		break;
1457 	default:
1458 		break;
1459 	}
1460 
1461 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac peer %pM phymode %s\n",
1462 		   sta->addr, ath10k_wmi_phymode_str(phymode));
1463 
1464 	arg->peer_phymode = phymode;
1465 	WARN_ON(phymode == MODE_UNKNOWN);
1466 }
1467 
1468 static int ath10k_peer_assoc_prepare(struct ath10k *ar,
1469 				     struct ieee80211_vif *vif,
1470 				     struct ieee80211_sta *sta,
1471 				     struct wmi_peer_assoc_complete_arg *arg)
1472 {
1473 	lockdep_assert_held(&ar->conf_mutex);
1474 
1475 	memset(arg, 0, sizeof(*arg));
1476 
1477 	ath10k_peer_assoc_h_basic(ar, vif, sta, arg);
1478 	ath10k_peer_assoc_h_crypto(ar, vif, arg);
1479 	ath10k_peer_assoc_h_rates(ar, sta, arg);
1480 	ath10k_peer_assoc_h_ht(ar, sta, arg);
1481 	ath10k_peer_assoc_h_vht(ar, sta, arg);
1482 	ath10k_peer_assoc_h_qos(ar, vif, sta, arg);
1483 	ath10k_peer_assoc_h_phymode(ar, vif, sta, arg);
1484 
1485 	return 0;
1486 }
1487 
1488 static const u32 ath10k_smps_map[] = {
1489 	[WLAN_HT_CAP_SM_PS_STATIC] = WMI_PEER_SMPS_STATIC,
1490 	[WLAN_HT_CAP_SM_PS_DYNAMIC] = WMI_PEER_SMPS_DYNAMIC,
1491 	[WLAN_HT_CAP_SM_PS_INVALID] = WMI_PEER_SMPS_PS_NONE,
1492 	[WLAN_HT_CAP_SM_PS_DISABLED] = WMI_PEER_SMPS_PS_NONE,
1493 };
1494 
1495 static int ath10k_setup_peer_smps(struct ath10k *ar, struct ath10k_vif *arvif,
1496 				  const u8 *addr,
1497 				  const struct ieee80211_sta_ht_cap *ht_cap)
1498 {
1499 	int smps;
1500 
1501 	if (!ht_cap->ht_supported)
1502 		return 0;
1503 
1504 	smps = ht_cap->cap & IEEE80211_HT_CAP_SM_PS;
1505 	smps >>= IEEE80211_HT_CAP_SM_PS_SHIFT;
1506 
1507 	if (smps >= ARRAY_SIZE(ath10k_smps_map))
1508 		return -EINVAL;
1509 
1510 	return ath10k_wmi_peer_set_param(ar, arvif->vdev_id, addr,
1511 					 WMI_PEER_SMPS_STATE,
1512 					 ath10k_smps_map[smps]);
1513 }
1514 
1515 /* can be called only in mac80211 callbacks due to `key_count` usage */
1516 static void ath10k_bss_assoc(struct ieee80211_hw *hw,
1517 			     struct ieee80211_vif *vif,
1518 			     struct ieee80211_bss_conf *bss_conf)
1519 {
1520 	struct ath10k *ar = hw->priv;
1521 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
1522 	struct ieee80211_sta_ht_cap ht_cap;
1523 	struct wmi_peer_assoc_complete_arg peer_arg;
1524 	struct ieee80211_sta *ap_sta;
1525 	int ret;
1526 
1527 	lockdep_assert_held(&ar->conf_mutex);
1528 
1529 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i assoc bssid %pM aid %d\n",
1530 		   arvif->vdev_id, arvif->bssid, arvif->aid);
1531 
1532 	rcu_read_lock();
1533 
1534 	ap_sta = ieee80211_find_sta(vif, bss_conf->bssid);
1535 	if (!ap_sta) {
1536 		ath10k_warn(ar, "failed to find station entry for bss %pM vdev %i\n",
1537 			    bss_conf->bssid, arvif->vdev_id);
1538 		rcu_read_unlock();
1539 		return;
1540 	}
1541 
1542 	/* ap_sta must be accessed only within rcu section which must be left
1543 	 * before calling ath10k_setup_peer_smps() which might sleep. */
1544 	ht_cap = ap_sta->ht_cap;
1545 
1546 	ret = ath10k_peer_assoc_prepare(ar, vif, ap_sta, &peer_arg);
1547 	if (ret) {
1548 		ath10k_warn(ar, "failed to prepare peer assoc for %pM vdev %i: %d\n",
1549 			    bss_conf->bssid, arvif->vdev_id, ret);
1550 		rcu_read_unlock();
1551 		return;
1552 	}
1553 
1554 	rcu_read_unlock();
1555 
1556 	ret = ath10k_wmi_peer_assoc(ar, &peer_arg);
1557 	if (ret) {
1558 		ath10k_warn(ar, "failed to run peer assoc for %pM vdev %i: %d\n",
1559 			    bss_conf->bssid, arvif->vdev_id, ret);
1560 		return;
1561 	}
1562 
1563 	ret = ath10k_setup_peer_smps(ar, arvif, bss_conf->bssid, &ht_cap);
1564 	if (ret) {
1565 		ath10k_warn(ar, "failed to setup peer SMPS for vdev %i: %d\n",
1566 			    arvif->vdev_id, ret);
1567 		return;
1568 	}
1569 
1570 	ath10k_dbg(ar, ATH10K_DBG_MAC,
1571 		   "mac vdev %d up (associated) bssid %pM aid %d\n",
1572 		   arvif->vdev_id, bss_conf->bssid, bss_conf->aid);
1573 
1574 	WARN_ON(arvif->is_up);
1575 
1576 	arvif->aid = bss_conf->aid;
1577 	ether_addr_copy(arvif->bssid, bss_conf->bssid);
1578 
1579 	ret = ath10k_wmi_vdev_up(ar, arvif->vdev_id, arvif->aid, arvif->bssid);
1580 	if (ret) {
1581 		ath10k_warn(ar, "failed to set vdev %d up: %d\n",
1582 			    arvif->vdev_id, ret);
1583 		return;
1584 	}
1585 
1586 	arvif->is_up = true;
1587 }
1588 
1589 static void ath10k_bss_disassoc(struct ieee80211_hw *hw,
1590 				struct ieee80211_vif *vif)
1591 {
1592 	struct ath10k *ar = hw->priv;
1593 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
1594 	int ret;
1595 
1596 	lockdep_assert_held(&ar->conf_mutex);
1597 
1598 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i disassoc bssid %pM\n",
1599 		   arvif->vdev_id, arvif->bssid);
1600 
1601 	ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
1602 	if (ret)
1603 		ath10k_warn(ar, "faield to down vdev %i: %d\n",
1604 			    arvif->vdev_id, ret);
1605 
1606 	arvif->def_wep_key_idx = 0;
1607 	arvif->is_up = false;
1608 }
1609 
1610 static int ath10k_station_assoc(struct ath10k *ar,
1611 				struct ieee80211_vif *vif,
1612 				struct ieee80211_sta *sta,
1613 				bool reassoc)
1614 {
1615 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
1616 	struct wmi_peer_assoc_complete_arg peer_arg;
1617 	int ret = 0;
1618 
1619 	lockdep_assert_held(&ar->conf_mutex);
1620 
1621 	ret = ath10k_peer_assoc_prepare(ar, vif, sta, &peer_arg);
1622 	if (ret) {
1623 		ath10k_warn(ar, "failed to prepare WMI peer assoc for %pM vdev %i: %i\n",
1624 			    sta->addr, arvif->vdev_id, ret);
1625 		return ret;
1626 	}
1627 
1628 	peer_arg.peer_reassoc = reassoc;
1629 	ret = ath10k_wmi_peer_assoc(ar, &peer_arg);
1630 	if (ret) {
1631 		ath10k_warn(ar, "failed to run peer assoc for STA %pM vdev %i: %d\n",
1632 			    sta->addr, arvif->vdev_id, ret);
1633 		return ret;
1634 	}
1635 
1636 	/* Re-assoc is run only to update supported rates for given station. It
1637 	 * doesn't make much sense to reconfigure the peer completely.
1638 	 */
1639 	if (!reassoc) {
1640 		ret = ath10k_setup_peer_smps(ar, arvif, sta->addr,
1641 					     &sta->ht_cap);
1642 		if (ret) {
1643 			ath10k_warn(ar, "failed to setup peer SMPS for vdev %d: %d\n",
1644 				    arvif->vdev_id, ret);
1645 			return ret;
1646 		}
1647 
1648 		ret = ath10k_peer_assoc_qos_ap(ar, arvif, sta);
1649 		if (ret) {
1650 			ath10k_warn(ar, "failed to set qos params for STA %pM for vdev %i: %d\n",
1651 				    sta->addr, arvif->vdev_id, ret);
1652 			return ret;
1653 		}
1654 
1655 		if (!sta->wme) {
1656 			arvif->num_legacy_stations++;
1657 			ret  = ath10k_recalc_rtscts_prot(arvif);
1658 			if (ret) {
1659 				ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
1660 					    arvif->vdev_id, ret);
1661 				return ret;
1662 			}
1663 		}
1664 
1665 		ret = ath10k_install_peer_wep_keys(arvif, sta->addr);
1666 		if (ret) {
1667 			ath10k_warn(ar, "failed to install peer wep keys for vdev %i: %d\n",
1668 				    arvif->vdev_id, ret);
1669 			return ret;
1670 		}
1671 	}
1672 
1673 	return ret;
1674 }
1675 
1676 static int ath10k_station_disassoc(struct ath10k *ar,
1677 				   struct ieee80211_vif *vif,
1678 				   struct ieee80211_sta *sta)
1679 {
1680 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
1681 	int ret = 0;
1682 
1683 	lockdep_assert_held(&ar->conf_mutex);
1684 
1685 	if (!sta->wme) {
1686 		arvif->num_legacy_stations--;
1687 		ret = ath10k_recalc_rtscts_prot(arvif);
1688 		if (ret) {
1689 			ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
1690 				    arvif->vdev_id, ret);
1691 			return ret;
1692 		}
1693 	}
1694 
1695 	ret = ath10k_clear_peer_keys(arvif, sta->addr);
1696 	if (ret) {
1697 		ath10k_warn(ar, "failed to clear all peer wep keys for vdev %i: %d\n",
1698 			    arvif->vdev_id, ret);
1699 		return ret;
1700 	}
1701 
1702 	return ret;
1703 }
1704 
1705 /**************/
1706 /* Regulatory */
1707 /**************/
1708 
1709 static int ath10k_update_channel_list(struct ath10k *ar)
1710 {
1711 	struct ieee80211_hw *hw = ar->hw;
1712 	struct ieee80211_supported_band **bands;
1713 	enum ieee80211_band band;
1714 	struct ieee80211_channel *channel;
1715 	struct wmi_scan_chan_list_arg arg = {0};
1716 	struct wmi_channel_arg *ch;
1717 	bool passive;
1718 	int len;
1719 	int ret;
1720 	int i;
1721 
1722 	lockdep_assert_held(&ar->conf_mutex);
1723 
1724 	bands = hw->wiphy->bands;
1725 	for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
1726 		if (!bands[band])
1727 			continue;
1728 
1729 		for (i = 0; i < bands[band]->n_channels; i++) {
1730 			if (bands[band]->channels[i].flags &
1731 			    IEEE80211_CHAN_DISABLED)
1732 				continue;
1733 
1734 			arg.n_channels++;
1735 		}
1736 	}
1737 
1738 	len = sizeof(struct wmi_channel_arg) * arg.n_channels;
1739 	arg.channels = kzalloc(len, GFP_KERNEL);
1740 	if (!arg.channels)
1741 		return -ENOMEM;
1742 
1743 	ch = arg.channels;
1744 	for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
1745 		if (!bands[band])
1746 			continue;
1747 
1748 		for (i = 0; i < bands[band]->n_channels; i++) {
1749 			channel = &bands[band]->channels[i];
1750 
1751 			if (channel->flags & IEEE80211_CHAN_DISABLED)
1752 				continue;
1753 
1754 			ch->allow_ht   = true;
1755 
1756 			/* FIXME: when should we really allow VHT? */
1757 			ch->allow_vht = true;
1758 
1759 			ch->allow_ibss =
1760 				!(channel->flags & IEEE80211_CHAN_NO_IR);
1761 
1762 			ch->ht40plus =
1763 				!(channel->flags & IEEE80211_CHAN_NO_HT40PLUS);
1764 
1765 			ch->chan_radar =
1766 				!!(channel->flags & IEEE80211_CHAN_RADAR);
1767 
1768 			passive = channel->flags & IEEE80211_CHAN_NO_IR;
1769 			ch->passive = passive;
1770 
1771 			ch->freq = channel->center_freq;
1772 			ch->band_center_freq1 = channel->center_freq;
1773 			ch->min_power = 0;
1774 			ch->max_power = channel->max_power * 2;
1775 			ch->max_reg_power = channel->max_reg_power * 2;
1776 			ch->max_antenna_gain = channel->max_antenna_gain * 2;
1777 			ch->reg_class_id = 0; /* FIXME */
1778 
1779 			/* FIXME: why use only legacy modes, why not any
1780 			 * HT/VHT modes? Would that even make any
1781 			 * difference? */
1782 			if (channel->band == IEEE80211_BAND_2GHZ)
1783 				ch->mode = MODE_11G;
1784 			else
1785 				ch->mode = MODE_11A;
1786 
1787 			if (WARN_ON_ONCE(ch->mode == MODE_UNKNOWN))
1788 				continue;
1789 
1790 			ath10k_dbg(ar, ATH10K_DBG_WMI,
1791 				   "mac channel [%zd/%d] freq %d maxpower %d regpower %d antenna %d mode %d\n",
1792 				    ch - arg.channels, arg.n_channels,
1793 				   ch->freq, ch->max_power, ch->max_reg_power,
1794 				   ch->max_antenna_gain, ch->mode);
1795 
1796 			ch++;
1797 		}
1798 	}
1799 
1800 	ret = ath10k_wmi_scan_chan_list(ar, &arg);
1801 	kfree(arg.channels);
1802 
1803 	return ret;
1804 }
1805 
1806 static enum wmi_dfs_region
1807 ath10k_mac_get_dfs_region(enum nl80211_dfs_regions dfs_region)
1808 {
1809 	switch (dfs_region) {
1810 	case NL80211_DFS_UNSET:
1811 		return WMI_UNINIT_DFS_DOMAIN;
1812 	case NL80211_DFS_FCC:
1813 		return WMI_FCC_DFS_DOMAIN;
1814 	case NL80211_DFS_ETSI:
1815 		return WMI_ETSI_DFS_DOMAIN;
1816 	case NL80211_DFS_JP:
1817 		return WMI_MKK4_DFS_DOMAIN;
1818 	}
1819 	return WMI_UNINIT_DFS_DOMAIN;
1820 }
1821 
1822 static void ath10k_regd_update(struct ath10k *ar)
1823 {
1824 	struct reg_dmn_pair_mapping *regpair;
1825 	int ret;
1826 	enum wmi_dfs_region wmi_dfs_reg;
1827 	enum nl80211_dfs_regions nl_dfs_reg;
1828 
1829 	lockdep_assert_held(&ar->conf_mutex);
1830 
1831 	ret = ath10k_update_channel_list(ar);
1832 	if (ret)
1833 		ath10k_warn(ar, "failed to update channel list: %d\n", ret);
1834 
1835 	regpair = ar->ath_common.regulatory.regpair;
1836 
1837 	if (config_enabled(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector) {
1838 		nl_dfs_reg = ar->dfs_detector->region;
1839 		wmi_dfs_reg = ath10k_mac_get_dfs_region(nl_dfs_reg);
1840 	} else {
1841 		wmi_dfs_reg = WMI_UNINIT_DFS_DOMAIN;
1842 	}
1843 
1844 	/* Target allows setting up per-band regdomain but ath_common provides
1845 	 * a combined one only */
1846 	ret = ath10k_wmi_pdev_set_regdomain(ar,
1847 					    regpair->reg_domain,
1848 					    regpair->reg_domain, /* 2ghz */
1849 					    regpair->reg_domain, /* 5ghz */
1850 					    regpair->reg_2ghz_ctl,
1851 					    regpair->reg_5ghz_ctl,
1852 					    wmi_dfs_reg);
1853 	if (ret)
1854 		ath10k_warn(ar, "failed to set pdev regdomain: %d\n", ret);
1855 }
1856 
1857 static void ath10k_reg_notifier(struct wiphy *wiphy,
1858 				struct regulatory_request *request)
1859 {
1860 	struct ieee80211_hw *hw = wiphy_to_ieee80211_hw(wiphy);
1861 	struct ath10k *ar = hw->priv;
1862 	bool result;
1863 
1864 	ath_reg_notifier_apply(wiphy, request, &ar->ath_common.regulatory);
1865 
1866 	if (config_enabled(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector) {
1867 		ath10k_dbg(ar, ATH10K_DBG_REGULATORY, "dfs region 0x%x\n",
1868 			   request->dfs_region);
1869 		result = ar->dfs_detector->set_dfs_domain(ar->dfs_detector,
1870 							  request->dfs_region);
1871 		if (!result)
1872 			ath10k_warn(ar, "DFS region 0x%X not supported, will trigger radar for every pulse\n",
1873 				    request->dfs_region);
1874 	}
1875 
1876 	mutex_lock(&ar->conf_mutex);
1877 	if (ar->state == ATH10K_STATE_ON)
1878 		ath10k_regd_update(ar);
1879 	mutex_unlock(&ar->conf_mutex);
1880 }
1881 
1882 /***************/
1883 /* TX handlers */
1884 /***************/
1885 
1886 static u8 ath10k_tx_h_get_tid(struct ieee80211_hdr *hdr)
1887 {
1888 	if (ieee80211_is_mgmt(hdr->frame_control))
1889 		return HTT_DATA_TX_EXT_TID_MGMT;
1890 
1891 	if (!ieee80211_is_data_qos(hdr->frame_control))
1892 		return HTT_DATA_TX_EXT_TID_NON_QOS_MCAST_BCAST;
1893 
1894 	if (!is_unicast_ether_addr(ieee80211_get_DA(hdr)))
1895 		return HTT_DATA_TX_EXT_TID_NON_QOS_MCAST_BCAST;
1896 
1897 	return ieee80211_get_qos_ctl(hdr)[0] & IEEE80211_QOS_CTL_TID_MASK;
1898 }
1899 
1900 static u8 ath10k_tx_h_get_vdev_id(struct ath10k *ar, struct ieee80211_vif *vif)
1901 {
1902 	if (vif)
1903 		return ath10k_vif_to_arvif(vif)->vdev_id;
1904 
1905 	if (ar->monitor_started)
1906 		return ar->monitor_vdev_id;
1907 
1908 	ath10k_warn(ar, "failed to resolve vdev id\n");
1909 	return 0;
1910 }
1911 
1912 /* HTT Tx uses Native Wifi tx mode which expects 802.11 frames without QoS
1913  * Control in the header.
1914  */
1915 static void ath10k_tx_h_nwifi(struct ieee80211_hw *hw, struct sk_buff *skb)
1916 {
1917 	struct ieee80211_hdr *hdr = (void *)skb->data;
1918 	struct ath10k_skb_cb *cb = ATH10K_SKB_CB(skb);
1919 	u8 *qos_ctl;
1920 
1921 	if (!ieee80211_is_data_qos(hdr->frame_control))
1922 		return;
1923 
1924 	qos_ctl = ieee80211_get_qos_ctl(hdr);
1925 	memmove(skb->data + IEEE80211_QOS_CTL_LEN,
1926 		skb->data, (void *)qos_ctl - (void *)skb->data);
1927 	skb_pull(skb, IEEE80211_QOS_CTL_LEN);
1928 
1929 	/* Fw/Hw generates a corrupted QoS Control Field for QoS NullFunc
1930 	 * frames. Powersave is handled by the fw/hw so QoS NyllFunc frames are
1931 	 * used only for CQM purposes (e.g. hostapd station keepalive ping) so
1932 	 * it is safe to downgrade to NullFunc.
1933 	 */
1934 	if (ieee80211_is_qos_nullfunc(hdr->frame_control)) {
1935 		hdr->frame_control &= ~__cpu_to_le16(IEEE80211_STYPE_QOS_DATA);
1936 		cb->htt.tid = HTT_DATA_TX_EXT_TID_NON_QOS_MCAST_BCAST;
1937 	}
1938 }
1939 
1940 static void ath10k_tx_wep_key_work(struct work_struct *work)
1941 {
1942 	struct ath10k_vif *arvif = container_of(work, struct ath10k_vif,
1943 						wep_key_work);
1944 	struct ath10k *ar = arvif->ar;
1945 	int ret, keyidx = arvif->def_wep_key_newidx;
1946 
1947 	mutex_lock(&arvif->ar->conf_mutex);
1948 
1949 	if (arvif->ar->state != ATH10K_STATE_ON)
1950 		goto unlock;
1951 
1952 	if (arvif->def_wep_key_idx == keyidx)
1953 		goto unlock;
1954 
1955 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d set keyidx %d\n",
1956 		   arvif->vdev_id, keyidx);
1957 
1958 	ret = ath10k_wmi_vdev_set_param(arvif->ar,
1959 					arvif->vdev_id,
1960 					arvif->ar->wmi.vdev_param->def_keyid,
1961 					keyidx);
1962 	if (ret) {
1963 		ath10k_warn(ar, "failed to update wep key index for vdev %d: %d\n",
1964 			    arvif->vdev_id,
1965 			    ret);
1966 		goto unlock;
1967 	}
1968 
1969 	arvif->def_wep_key_idx = keyidx;
1970 
1971 unlock:
1972 	mutex_unlock(&arvif->ar->conf_mutex);
1973 }
1974 
1975 static void ath10k_tx_h_update_wep_key(struct ieee80211_vif *vif,
1976 				       struct ieee80211_key_conf *key,
1977 				       struct sk_buff *skb)
1978 {
1979 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
1980 	struct ath10k *ar = arvif->ar;
1981 	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1982 
1983 	if (!ieee80211_has_protected(hdr->frame_control))
1984 		return;
1985 
1986 	if (!key)
1987 		return;
1988 
1989 	if (key->cipher != WLAN_CIPHER_SUITE_WEP40 &&
1990 	    key->cipher != WLAN_CIPHER_SUITE_WEP104)
1991 		return;
1992 
1993 	if (key->keyidx == arvif->def_wep_key_idx)
1994 		return;
1995 
1996 	/* FIXME: Most likely a few frames will be TXed with an old key. Simply
1997 	 * queueing frames until key index is updated is not an option because
1998 	 * sk_buff may need more processing to be done, e.g. offchannel */
1999 	arvif->def_wep_key_newidx = key->keyidx;
2000 	ieee80211_queue_work(ar->hw, &arvif->wep_key_work);
2001 }
2002 
2003 static void ath10k_tx_h_add_p2p_noa_ie(struct ath10k *ar,
2004 				       struct ieee80211_vif *vif,
2005 				       struct sk_buff *skb)
2006 {
2007 	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
2008 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
2009 
2010 	/* This is case only for P2P_GO */
2011 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP ||
2012 	    arvif->vdev_subtype != WMI_VDEV_SUBTYPE_P2P_GO)
2013 		return;
2014 
2015 	if (unlikely(ieee80211_is_probe_resp(hdr->frame_control))) {
2016 		spin_lock_bh(&ar->data_lock);
2017 		if (arvif->u.ap.noa_data)
2018 			if (!pskb_expand_head(skb, 0, arvif->u.ap.noa_len,
2019 					      GFP_ATOMIC))
2020 				memcpy(skb_put(skb, arvif->u.ap.noa_len),
2021 				       arvif->u.ap.noa_data,
2022 				       arvif->u.ap.noa_len);
2023 		spin_unlock_bh(&ar->data_lock);
2024 	}
2025 }
2026 
2027 static bool ath10k_mac_need_offchan_tx_work(struct ath10k *ar)
2028 {
2029 	/* FIXME: Not really sure since when the behaviour changed. At some
2030 	 * point new firmware stopped requiring creation of peer entries for
2031 	 * offchannel tx (and actually creating them causes issues with wmi-htc
2032 	 * tx credit replenishment and reliability). Assuming it's at least 3.4
2033 	 * because that's when the `freq` was introduced to TX_FRM HTT command.
2034 	 */
2035 	return !(ar->htt.target_version_major >= 3 &&
2036 		 ar->htt.target_version_minor >= 4);
2037 }
2038 
2039 static void ath10k_tx_htt(struct ath10k *ar, struct sk_buff *skb)
2040 {
2041 	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
2042 	int ret = 0;
2043 
2044 	if (ar->htt.target_version_major >= 3) {
2045 		/* Since HTT 3.0 there is no separate mgmt tx command */
2046 		ret = ath10k_htt_tx(&ar->htt, skb);
2047 		goto exit;
2048 	}
2049 
2050 	if (ieee80211_is_mgmt(hdr->frame_control)) {
2051 		if (test_bit(ATH10K_FW_FEATURE_HAS_WMI_MGMT_TX,
2052 			     ar->fw_features)) {
2053 			if (skb_queue_len(&ar->wmi_mgmt_tx_queue) >=
2054 			    ATH10K_MAX_NUM_MGMT_PENDING) {
2055 				ath10k_warn(ar, "reached WMI management transmit queue limit\n");
2056 				ret = -EBUSY;
2057 				goto exit;
2058 			}
2059 
2060 			skb_queue_tail(&ar->wmi_mgmt_tx_queue, skb);
2061 			ieee80211_queue_work(ar->hw, &ar->wmi_mgmt_tx_work);
2062 		} else {
2063 			ret = ath10k_htt_mgmt_tx(&ar->htt, skb);
2064 		}
2065 	} else if (!test_bit(ATH10K_FW_FEATURE_HAS_WMI_MGMT_TX,
2066 			     ar->fw_features) &&
2067 		   ieee80211_is_nullfunc(hdr->frame_control)) {
2068 		/* FW does not report tx status properly for NullFunc frames
2069 		 * unless they are sent through mgmt tx path. mac80211 sends
2070 		 * those frames when it detects link/beacon loss and depends
2071 		 * on the tx status to be correct. */
2072 		ret = ath10k_htt_mgmt_tx(&ar->htt, skb);
2073 	} else {
2074 		ret = ath10k_htt_tx(&ar->htt, skb);
2075 	}
2076 
2077 exit:
2078 	if (ret) {
2079 		ath10k_warn(ar, "failed to transmit packet, dropping: %d\n",
2080 			    ret);
2081 		ieee80211_free_txskb(ar->hw, skb);
2082 	}
2083 }
2084 
2085 void ath10k_offchan_tx_purge(struct ath10k *ar)
2086 {
2087 	struct sk_buff *skb;
2088 
2089 	for (;;) {
2090 		skb = skb_dequeue(&ar->offchan_tx_queue);
2091 		if (!skb)
2092 			break;
2093 
2094 		ieee80211_free_txskb(ar->hw, skb);
2095 	}
2096 }
2097 
2098 void ath10k_offchan_tx_work(struct work_struct *work)
2099 {
2100 	struct ath10k *ar = container_of(work, struct ath10k, offchan_tx_work);
2101 	struct ath10k_peer *peer;
2102 	struct ieee80211_hdr *hdr;
2103 	struct sk_buff *skb;
2104 	const u8 *peer_addr;
2105 	int vdev_id;
2106 	int ret;
2107 
2108 	/* FW requirement: We must create a peer before FW will send out
2109 	 * an offchannel frame. Otherwise the frame will be stuck and
2110 	 * never transmitted. We delete the peer upon tx completion.
2111 	 * It is unlikely that a peer for offchannel tx will already be
2112 	 * present. However it may be in some rare cases so account for that.
2113 	 * Otherwise we might remove a legitimate peer and break stuff. */
2114 
2115 	for (;;) {
2116 		skb = skb_dequeue(&ar->offchan_tx_queue);
2117 		if (!skb)
2118 			break;
2119 
2120 		mutex_lock(&ar->conf_mutex);
2121 
2122 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac offchannel skb %p\n",
2123 			   skb);
2124 
2125 		hdr = (struct ieee80211_hdr *)skb->data;
2126 		peer_addr = ieee80211_get_DA(hdr);
2127 		vdev_id = ATH10K_SKB_CB(skb)->vdev_id;
2128 
2129 		spin_lock_bh(&ar->data_lock);
2130 		peer = ath10k_peer_find(ar, vdev_id, peer_addr);
2131 		spin_unlock_bh(&ar->data_lock);
2132 
2133 		if (peer)
2134 			/* FIXME: should this use ath10k_warn()? */
2135 			ath10k_dbg(ar, ATH10K_DBG_MAC, "peer %pM on vdev %d already present\n",
2136 				   peer_addr, vdev_id);
2137 
2138 		if (!peer) {
2139 			ret = ath10k_peer_create(ar, vdev_id, peer_addr);
2140 			if (ret)
2141 				ath10k_warn(ar, "failed to create peer %pM on vdev %d: %d\n",
2142 					    peer_addr, vdev_id, ret);
2143 		}
2144 
2145 		spin_lock_bh(&ar->data_lock);
2146 		reinit_completion(&ar->offchan_tx_completed);
2147 		ar->offchan_tx_skb = skb;
2148 		spin_unlock_bh(&ar->data_lock);
2149 
2150 		ath10k_tx_htt(ar, skb);
2151 
2152 		ret = wait_for_completion_timeout(&ar->offchan_tx_completed,
2153 						  3 * HZ);
2154 		if (ret <= 0)
2155 			ath10k_warn(ar, "timed out waiting for offchannel skb %p\n",
2156 				    skb);
2157 
2158 		if (!peer) {
2159 			ret = ath10k_peer_delete(ar, vdev_id, peer_addr);
2160 			if (ret)
2161 				ath10k_warn(ar, "failed to delete peer %pM on vdev %d: %d\n",
2162 					    peer_addr, vdev_id, ret);
2163 		}
2164 
2165 		mutex_unlock(&ar->conf_mutex);
2166 	}
2167 }
2168 
2169 void ath10k_mgmt_over_wmi_tx_purge(struct ath10k *ar)
2170 {
2171 	struct sk_buff *skb;
2172 
2173 	for (;;) {
2174 		skb = skb_dequeue(&ar->wmi_mgmt_tx_queue);
2175 		if (!skb)
2176 			break;
2177 
2178 		ieee80211_free_txskb(ar->hw, skb);
2179 	}
2180 }
2181 
2182 void ath10k_mgmt_over_wmi_tx_work(struct work_struct *work)
2183 {
2184 	struct ath10k *ar = container_of(work, struct ath10k, wmi_mgmt_tx_work);
2185 	struct sk_buff *skb;
2186 	int ret;
2187 
2188 	for (;;) {
2189 		skb = skb_dequeue(&ar->wmi_mgmt_tx_queue);
2190 		if (!skb)
2191 			break;
2192 
2193 		ret = ath10k_wmi_mgmt_tx(ar, skb);
2194 		if (ret) {
2195 			ath10k_warn(ar, "failed to transmit management frame via WMI: %d\n",
2196 				    ret);
2197 			ieee80211_free_txskb(ar->hw, skb);
2198 		}
2199 	}
2200 }
2201 
2202 /************/
2203 /* Scanning */
2204 /************/
2205 
2206 void __ath10k_scan_finish(struct ath10k *ar)
2207 {
2208 	lockdep_assert_held(&ar->data_lock);
2209 
2210 	switch (ar->scan.state) {
2211 	case ATH10K_SCAN_IDLE:
2212 		break;
2213 	case ATH10K_SCAN_RUNNING:
2214 		if (ar->scan.is_roc)
2215 			ieee80211_remain_on_channel_expired(ar->hw);
2216 	case ATH10K_SCAN_ABORTING:
2217 		if (!ar->scan.is_roc)
2218 			ieee80211_scan_completed(ar->hw,
2219 						 (ar->scan.state ==
2220 						  ATH10K_SCAN_ABORTING));
2221 		/* fall through */
2222 	case ATH10K_SCAN_STARTING:
2223 		ar->scan.state = ATH10K_SCAN_IDLE;
2224 		ar->scan_channel = NULL;
2225 		ath10k_offchan_tx_purge(ar);
2226 		cancel_delayed_work(&ar->scan.timeout);
2227 		complete_all(&ar->scan.completed);
2228 		break;
2229 	}
2230 }
2231 
2232 void ath10k_scan_finish(struct ath10k *ar)
2233 {
2234 	spin_lock_bh(&ar->data_lock);
2235 	__ath10k_scan_finish(ar);
2236 	spin_unlock_bh(&ar->data_lock);
2237 }
2238 
2239 static int ath10k_scan_stop(struct ath10k *ar)
2240 {
2241 	struct wmi_stop_scan_arg arg = {
2242 		.req_id = 1, /* FIXME */
2243 		.req_type = WMI_SCAN_STOP_ONE,
2244 		.u.scan_id = ATH10K_SCAN_ID,
2245 	};
2246 	int ret;
2247 
2248 	lockdep_assert_held(&ar->conf_mutex);
2249 
2250 	ret = ath10k_wmi_stop_scan(ar, &arg);
2251 	if (ret) {
2252 		ath10k_warn(ar, "failed to stop wmi scan: %d\n", ret);
2253 		goto out;
2254 	}
2255 
2256 	ret = wait_for_completion_timeout(&ar->scan.completed, 3*HZ);
2257 	if (ret == 0) {
2258 		ath10k_warn(ar, "failed to receive scan abortion completion: timed out\n");
2259 		ret = -ETIMEDOUT;
2260 	} else if (ret > 0) {
2261 		ret = 0;
2262 	}
2263 
2264 out:
2265 	/* Scan state should be updated upon scan completion but in case
2266 	 * firmware fails to deliver the event (for whatever reason) it is
2267 	 * desired to clean up scan state anyway. Firmware may have just
2268 	 * dropped the scan completion event delivery due to transport pipe
2269 	 * being overflown with data and/or it can recover on its own before
2270 	 * next scan request is submitted.
2271 	 */
2272 	spin_lock_bh(&ar->data_lock);
2273 	if (ar->scan.state != ATH10K_SCAN_IDLE)
2274 		__ath10k_scan_finish(ar);
2275 	spin_unlock_bh(&ar->data_lock);
2276 
2277 	return ret;
2278 }
2279 
2280 static void ath10k_scan_abort(struct ath10k *ar)
2281 {
2282 	int ret;
2283 
2284 	lockdep_assert_held(&ar->conf_mutex);
2285 
2286 	spin_lock_bh(&ar->data_lock);
2287 
2288 	switch (ar->scan.state) {
2289 	case ATH10K_SCAN_IDLE:
2290 		/* This can happen if timeout worker kicked in and called
2291 		 * abortion while scan completion was being processed.
2292 		 */
2293 		break;
2294 	case ATH10K_SCAN_STARTING:
2295 	case ATH10K_SCAN_ABORTING:
2296 		ath10k_warn(ar, "refusing scan abortion due to invalid scan state: %s (%d)\n",
2297 			    ath10k_scan_state_str(ar->scan.state),
2298 			    ar->scan.state);
2299 		break;
2300 	case ATH10K_SCAN_RUNNING:
2301 		ar->scan.state = ATH10K_SCAN_ABORTING;
2302 		spin_unlock_bh(&ar->data_lock);
2303 
2304 		ret = ath10k_scan_stop(ar);
2305 		if (ret)
2306 			ath10k_warn(ar, "failed to abort scan: %d\n", ret);
2307 
2308 		spin_lock_bh(&ar->data_lock);
2309 		break;
2310 	}
2311 
2312 	spin_unlock_bh(&ar->data_lock);
2313 }
2314 
2315 void ath10k_scan_timeout_work(struct work_struct *work)
2316 {
2317 	struct ath10k *ar = container_of(work, struct ath10k,
2318 					 scan.timeout.work);
2319 
2320 	mutex_lock(&ar->conf_mutex);
2321 	ath10k_scan_abort(ar);
2322 	mutex_unlock(&ar->conf_mutex);
2323 }
2324 
2325 static int ath10k_start_scan(struct ath10k *ar,
2326 			     const struct wmi_start_scan_arg *arg)
2327 {
2328 	int ret;
2329 
2330 	lockdep_assert_held(&ar->conf_mutex);
2331 
2332 	ret = ath10k_wmi_start_scan(ar, arg);
2333 	if (ret)
2334 		return ret;
2335 
2336 	ret = wait_for_completion_timeout(&ar->scan.started, 1*HZ);
2337 	if (ret == 0) {
2338 		ret = ath10k_scan_stop(ar);
2339 		if (ret)
2340 			ath10k_warn(ar, "failed to stop scan: %d\n", ret);
2341 
2342 		return -ETIMEDOUT;
2343 	}
2344 
2345 	/* Add a 200ms margin to account for event/command processing */
2346 	ieee80211_queue_delayed_work(ar->hw, &ar->scan.timeout,
2347 				     msecs_to_jiffies(arg->max_scan_time+200));
2348 	return 0;
2349 }
2350 
2351 /**********************/
2352 /* mac80211 callbacks */
2353 /**********************/
2354 
2355 static void ath10k_tx(struct ieee80211_hw *hw,
2356 		      struct ieee80211_tx_control *control,
2357 		      struct sk_buff *skb)
2358 {
2359 	struct ath10k *ar = hw->priv;
2360 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
2361 	struct ieee80211_vif *vif = info->control.vif;
2362 	struct ieee80211_key_conf *key = info->control.hw_key;
2363 	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
2364 
2365 	/* We should disable CCK RATE due to P2P */
2366 	if (info->flags & IEEE80211_TX_CTL_NO_CCK_RATE)
2367 		ath10k_dbg(ar, ATH10K_DBG_MAC, "IEEE80211_TX_CTL_NO_CCK_RATE\n");
2368 
2369 	ATH10K_SKB_CB(skb)->htt.is_offchan = false;
2370 	ATH10K_SKB_CB(skb)->htt.tid = ath10k_tx_h_get_tid(hdr);
2371 	ATH10K_SKB_CB(skb)->vdev_id = ath10k_tx_h_get_vdev_id(ar, vif);
2372 
2373 	/* it makes no sense to process injected frames like that */
2374 	if (vif && vif->type != NL80211_IFTYPE_MONITOR) {
2375 		ath10k_tx_h_nwifi(hw, skb);
2376 		ath10k_tx_h_update_wep_key(vif, key, skb);
2377 		ath10k_tx_h_add_p2p_noa_ie(ar, vif, skb);
2378 		ath10k_tx_h_seq_no(vif, skb);
2379 	}
2380 
2381 	if (info->flags & IEEE80211_TX_CTL_TX_OFFCHAN) {
2382 		spin_lock_bh(&ar->data_lock);
2383 		ATH10K_SKB_CB(skb)->htt.freq = ar->scan.roc_freq;
2384 		ATH10K_SKB_CB(skb)->vdev_id = ar->scan.vdev_id;
2385 		spin_unlock_bh(&ar->data_lock);
2386 
2387 		if (ath10k_mac_need_offchan_tx_work(ar)) {
2388 			ATH10K_SKB_CB(skb)->htt.freq = 0;
2389 			ATH10K_SKB_CB(skb)->htt.is_offchan = true;
2390 
2391 			ath10k_dbg(ar, ATH10K_DBG_MAC, "queued offchannel skb %p\n",
2392 				   skb);
2393 
2394 			skb_queue_tail(&ar->offchan_tx_queue, skb);
2395 			ieee80211_queue_work(hw, &ar->offchan_tx_work);
2396 			return;
2397 		}
2398 	}
2399 
2400 	ath10k_tx_htt(ar, skb);
2401 }
2402 
2403 /* Must not be called with conf_mutex held as workers can use that also. */
2404 void ath10k_drain_tx(struct ath10k *ar)
2405 {
2406 	/* make sure rcu-protected mac80211 tx path itself is drained */
2407 	synchronize_net();
2408 
2409 	ath10k_offchan_tx_purge(ar);
2410 	ath10k_mgmt_over_wmi_tx_purge(ar);
2411 
2412 	cancel_work_sync(&ar->offchan_tx_work);
2413 	cancel_work_sync(&ar->wmi_mgmt_tx_work);
2414 }
2415 
2416 void ath10k_halt(struct ath10k *ar)
2417 {
2418 	struct ath10k_vif *arvif;
2419 
2420 	lockdep_assert_held(&ar->conf_mutex);
2421 
2422 	clear_bit(ATH10K_CAC_RUNNING, &ar->dev_flags);
2423 	ar->filter_flags = 0;
2424 	ar->monitor = false;
2425 
2426 	if (ar->monitor_started)
2427 		ath10k_monitor_stop(ar);
2428 
2429 	ar->monitor_started = false;
2430 
2431 	ath10k_scan_finish(ar);
2432 	ath10k_peer_cleanup_all(ar);
2433 	ath10k_core_stop(ar);
2434 	ath10k_hif_power_down(ar);
2435 
2436 	spin_lock_bh(&ar->data_lock);
2437 	list_for_each_entry(arvif, &ar->arvifs, list)
2438 		ath10k_mac_vif_beacon_cleanup(arvif);
2439 	spin_unlock_bh(&ar->data_lock);
2440 }
2441 
2442 static int ath10k_get_antenna(struct ieee80211_hw *hw, u32 *tx_ant, u32 *rx_ant)
2443 {
2444 	struct ath10k *ar = hw->priv;
2445 
2446 	mutex_lock(&ar->conf_mutex);
2447 
2448 	if (ar->cfg_tx_chainmask) {
2449 		*tx_ant = ar->cfg_tx_chainmask;
2450 		*rx_ant = ar->cfg_rx_chainmask;
2451 	} else {
2452 		*tx_ant = ar->supp_tx_chainmask;
2453 		*rx_ant = ar->supp_rx_chainmask;
2454 	}
2455 
2456 	mutex_unlock(&ar->conf_mutex);
2457 
2458 	return 0;
2459 }
2460 
2461 static void ath10k_check_chain_mask(struct ath10k *ar, u32 cm, const char *dbg)
2462 {
2463 	/* It is not clear that allowing gaps in chainmask
2464 	 * is helpful.  Probably it will not do what user
2465 	 * is hoping for, so warn in that case.
2466 	 */
2467 	if (cm == 15 || cm == 7 || cm == 3 || cm == 1 || cm == 0)
2468 		return;
2469 
2470 	ath10k_warn(ar, "mac %s antenna chainmask may be invalid: 0x%x.  Suggested values: 15, 7, 3, 1 or 0.\n",
2471 		    dbg, cm);
2472 }
2473 
2474 static int __ath10k_set_antenna(struct ath10k *ar, u32 tx_ant, u32 rx_ant)
2475 {
2476 	int ret;
2477 
2478 	lockdep_assert_held(&ar->conf_mutex);
2479 
2480 	ath10k_check_chain_mask(ar, tx_ant, "tx");
2481 	ath10k_check_chain_mask(ar, rx_ant, "rx");
2482 
2483 	ar->cfg_tx_chainmask = tx_ant;
2484 	ar->cfg_rx_chainmask = rx_ant;
2485 
2486 	if ((ar->state != ATH10K_STATE_ON) &&
2487 	    (ar->state != ATH10K_STATE_RESTARTED))
2488 		return 0;
2489 
2490 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->tx_chain_mask,
2491 					tx_ant);
2492 	if (ret) {
2493 		ath10k_warn(ar, "failed to set tx-chainmask: %d, req 0x%x\n",
2494 			    ret, tx_ant);
2495 		return ret;
2496 	}
2497 
2498 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->rx_chain_mask,
2499 					rx_ant);
2500 	if (ret) {
2501 		ath10k_warn(ar, "failed to set rx-chainmask: %d, req 0x%x\n",
2502 			    ret, rx_ant);
2503 		return ret;
2504 	}
2505 
2506 	return 0;
2507 }
2508 
2509 static int ath10k_set_antenna(struct ieee80211_hw *hw, u32 tx_ant, u32 rx_ant)
2510 {
2511 	struct ath10k *ar = hw->priv;
2512 	int ret;
2513 
2514 	mutex_lock(&ar->conf_mutex);
2515 	ret = __ath10k_set_antenna(ar, tx_ant, rx_ant);
2516 	mutex_unlock(&ar->conf_mutex);
2517 	return ret;
2518 }
2519 
2520 static int ath10k_start(struct ieee80211_hw *hw)
2521 {
2522 	struct ath10k *ar = hw->priv;
2523 	int ret = 0;
2524 
2525 	/*
2526 	 * This makes sense only when restarting hw. It is harmless to call
2527 	 * uncoditionally. This is necessary to make sure no HTT/WMI tx
2528 	 * commands will be submitted while restarting.
2529 	 */
2530 	ath10k_drain_tx(ar);
2531 
2532 	mutex_lock(&ar->conf_mutex);
2533 
2534 	switch (ar->state) {
2535 	case ATH10K_STATE_OFF:
2536 		ar->state = ATH10K_STATE_ON;
2537 		break;
2538 	case ATH10K_STATE_RESTARTING:
2539 		ath10k_halt(ar);
2540 		ar->state = ATH10K_STATE_RESTARTED;
2541 		break;
2542 	case ATH10K_STATE_ON:
2543 	case ATH10K_STATE_RESTARTED:
2544 	case ATH10K_STATE_WEDGED:
2545 		WARN_ON(1);
2546 		ret = -EINVAL;
2547 		goto err;
2548 	case ATH10K_STATE_UTF:
2549 		ret = -EBUSY;
2550 		goto err;
2551 	}
2552 
2553 	ret = ath10k_hif_power_up(ar);
2554 	if (ret) {
2555 		ath10k_err(ar, "Could not init hif: %d\n", ret);
2556 		goto err_off;
2557 	}
2558 
2559 	ret = ath10k_core_start(ar, ATH10K_FIRMWARE_MODE_NORMAL);
2560 	if (ret) {
2561 		ath10k_err(ar, "Could not init core: %d\n", ret);
2562 		goto err_power_down;
2563 	}
2564 
2565 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->pmf_qos, 1);
2566 	if (ret) {
2567 		ath10k_warn(ar, "failed to enable PMF QOS: %d\n", ret);
2568 		goto err_core_stop;
2569 	}
2570 
2571 	ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->dynamic_bw, 1);
2572 	if (ret) {
2573 		ath10k_warn(ar, "failed to enable dynamic BW: %d\n", ret);
2574 		goto err_core_stop;
2575 	}
2576 
2577 	if (ar->cfg_tx_chainmask)
2578 		__ath10k_set_antenna(ar, ar->cfg_tx_chainmask,
2579 				     ar->cfg_rx_chainmask);
2580 
2581 	/*
2582 	 * By default FW set ARP frames ac to voice (6). In that case ARP
2583 	 * exchange is not working properly for UAPSD enabled AP. ARP requests
2584 	 * which arrives with access category 0 are processed by network stack
2585 	 * and send back with access category 0, but FW changes access category
2586 	 * to 6. Set ARP frames access category to best effort (0) solves
2587 	 * this problem.
2588 	 */
2589 
2590 	ret = ath10k_wmi_pdev_set_param(ar,
2591 					ar->wmi.pdev_param->arp_ac_override, 0);
2592 	if (ret) {
2593 		ath10k_warn(ar, "failed to set arp ac override parameter: %d\n",
2594 			    ret);
2595 		goto err_core_stop;
2596 	}
2597 
2598 	ar->num_started_vdevs = 0;
2599 	ath10k_regd_update(ar);
2600 
2601 	ath10k_spectral_start(ar);
2602 
2603 	mutex_unlock(&ar->conf_mutex);
2604 	return 0;
2605 
2606 err_core_stop:
2607 	ath10k_core_stop(ar);
2608 
2609 err_power_down:
2610 	ath10k_hif_power_down(ar);
2611 
2612 err_off:
2613 	ar->state = ATH10K_STATE_OFF;
2614 
2615 err:
2616 	mutex_unlock(&ar->conf_mutex);
2617 	return ret;
2618 }
2619 
2620 static void ath10k_stop(struct ieee80211_hw *hw)
2621 {
2622 	struct ath10k *ar = hw->priv;
2623 
2624 	ath10k_drain_tx(ar);
2625 
2626 	mutex_lock(&ar->conf_mutex);
2627 	if (ar->state != ATH10K_STATE_OFF) {
2628 		ath10k_halt(ar);
2629 		ar->state = ATH10K_STATE_OFF;
2630 	}
2631 	mutex_unlock(&ar->conf_mutex);
2632 
2633 	cancel_delayed_work_sync(&ar->scan.timeout);
2634 	cancel_work_sync(&ar->restart_work);
2635 }
2636 
2637 static int ath10k_config_ps(struct ath10k *ar)
2638 {
2639 	struct ath10k_vif *arvif;
2640 	int ret = 0;
2641 
2642 	lockdep_assert_held(&ar->conf_mutex);
2643 
2644 	list_for_each_entry(arvif, &ar->arvifs, list) {
2645 		ret = ath10k_mac_vif_setup_ps(arvif);
2646 		if (ret) {
2647 			ath10k_warn(ar, "failed to setup powersave: %d\n", ret);
2648 			break;
2649 		}
2650 	}
2651 
2652 	return ret;
2653 }
2654 
2655 static const char *chandef_get_width(enum nl80211_chan_width width)
2656 {
2657 	switch (width) {
2658 	case NL80211_CHAN_WIDTH_20_NOHT:
2659 		return "20 (noht)";
2660 	case NL80211_CHAN_WIDTH_20:
2661 		return "20";
2662 	case NL80211_CHAN_WIDTH_40:
2663 		return "40";
2664 	case NL80211_CHAN_WIDTH_80:
2665 		return "80";
2666 	case NL80211_CHAN_WIDTH_80P80:
2667 		return "80+80";
2668 	case NL80211_CHAN_WIDTH_160:
2669 		return "160";
2670 	case NL80211_CHAN_WIDTH_5:
2671 		return "5";
2672 	case NL80211_CHAN_WIDTH_10:
2673 		return "10";
2674 	}
2675 	return "?";
2676 }
2677 
2678 static void ath10k_config_chan(struct ath10k *ar)
2679 {
2680 	struct ath10k_vif *arvif;
2681 	int ret;
2682 
2683 	lockdep_assert_held(&ar->conf_mutex);
2684 
2685 	ath10k_dbg(ar, ATH10K_DBG_MAC,
2686 		   "mac config channel to %dMHz (cf1 %dMHz cf2 %dMHz width %s)\n",
2687 		   ar->chandef.chan->center_freq,
2688 		   ar->chandef.center_freq1,
2689 		   ar->chandef.center_freq2,
2690 		   chandef_get_width(ar->chandef.width));
2691 
2692 	/* First stop monitor interface. Some FW versions crash if there's a
2693 	 * lone monitor interface. */
2694 	if (ar->monitor_started)
2695 		ath10k_monitor_stop(ar);
2696 
2697 	list_for_each_entry(arvif, &ar->arvifs, list) {
2698 		if (!arvif->is_started)
2699 			continue;
2700 
2701 		if (!arvif->is_up)
2702 			continue;
2703 
2704 		if (arvif->vdev_type == WMI_VDEV_TYPE_MONITOR)
2705 			continue;
2706 
2707 		ret = ath10k_wmi_vdev_down(ar, arvif->vdev_id);
2708 		if (ret) {
2709 			ath10k_warn(ar, "failed to down vdev %d: %d\n",
2710 				    arvif->vdev_id, ret);
2711 			continue;
2712 		}
2713 	}
2714 
2715 	/* all vdevs are downed now - attempt to restart and re-up them */
2716 
2717 	list_for_each_entry(arvif, &ar->arvifs, list) {
2718 		if (!arvif->is_started)
2719 			continue;
2720 
2721 		if (arvif->vdev_type == WMI_VDEV_TYPE_MONITOR)
2722 			continue;
2723 
2724 		ret = ath10k_vdev_restart(arvif);
2725 		if (ret) {
2726 			ath10k_warn(ar, "failed to restart vdev %d: %d\n",
2727 				    arvif->vdev_id, ret);
2728 			continue;
2729 		}
2730 
2731 		if (!arvif->is_up)
2732 			continue;
2733 
2734 		ret = ath10k_wmi_vdev_up(arvif->ar, arvif->vdev_id, arvif->aid,
2735 					 arvif->bssid);
2736 		if (ret) {
2737 			ath10k_warn(ar, "failed to bring vdev up %d: %d\n",
2738 				    arvif->vdev_id, ret);
2739 			continue;
2740 		}
2741 	}
2742 
2743 	ath10k_monitor_recalc(ar);
2744 }
2745 
2746 static int ath10k_mac_txpower_setup(struct ath10k *ar, int txpower)
2747 {
2748 	int ret;
2749 	u32 param;
2750 
2751 	lockdep_assert_held(&ar->conf_mutex);
2752 
2753 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac txpower %d\n", txpower);
2754 
2755 	param = ar->wmi.pdev_param->txpower_limit2g;
2756 	ret = ath10k_wmi_pdev_set_param(ar, param, txpower * 2);
2757 	if (ret) {
2758 		ath10k_warn(ar, "failed to set 2g txpower %d: %d\n",
2759 			    txpower, ret);
2760 		return ret;
2761 	}
2762 
2763 	param = ar->wmi.pdev_param->txpower_limit5g;
2764 	ret = ath10k_wmi_pdev_set_param(ar, param, txpower * 2);
2765 	if (ret) {
2766 		ath10k_warn(ar, "failed to set 5g txpower %d: %d\n",
2767 			    txpower, ret);
2768 		return ret;
2769 	}
2770 
2771 	return 0;
2772 }
2773 
2774 static int ath10k_mac_txpower_recalc(struct ath10k *ar)
2775 {
2776 	struct ath10k_vif *arvif;
2777 	int ret, txpower = -1;
2778 
2779 	lockdep_assert_held(&ar->conf_mutex);
2780 
2781 	list_for_each_entry(arvif, &ar->arvifs, list) {
2782 		WARN_ON(arvif->txpower < 0);
2783 
2784 		if (txpower == -1)
2785 			txpower = arvif->txpower;
2786 		else
2787 			txpower = min(txpower, arvif->txpower);
2788 	}
2789 
2790 	if (WARN_ON(txpower == -1))
2791 		return -EINVAL;
2792 
2793 	ret = ath10k_mac_txpower_setup(ar, txpower);
2794 	if (ret) {
2795 		ath10k_warn(ar, "failed to setup tx power %d: %d\n",
2796 			    txpower, ret);
2797 		return ret;
2798 	}
2799 
2800 	return 0;
2801 }
2802 
2803 static int ath10k_config(struct ieee80211_hw *hw, u32 changed)
2804 {
2805 	struct ath10k *ar = hw->priv;
2806 	struct ieee80211_conf *conf = &hw->conf;
2807 	int ret = 0;
2808 
2809 	mutex_lock(&ar->conf_mutex);
2810 
2811 	if (changed & IEEE80211_CONF_CHANGE_CHANNEL) {
2812 		ath10k_dbg(ar, ATH10K_DBG_MAC,
2813 			   "mac config channel %dMHz flags 0x%x radar %d\n",
2814 			   conf->chandef.chan->center_freq,
2815 			   conf->chandef.chan->flags,
2816 			   conf->radar_enabled);
2817 
2818 		spin_lock_bh(&ar->data_lock);
2819 		ar->rx_channel = conf->chandef.chan;
2820 		spin_unlock_bh(&ar->data_lock);
2821 
2822 		ar->radar_enabled = conf->radar_enabled;
2823 		ath10k_recalc_radar_detection(ar);
2824 
2825 		if (!cfg80211_chandef_identical(&ar->chandef, &conf->chandef)) {
2826 			ar->chandef = conf->chandef;
2827 			ath10k_config_chan(ar);
2828 		}
2829 	}
2830 
2831 	if (changed & IEEE80211_CONF_CHANGE_PS)
2832 		ath10k_config_ps(ar);
2833 
2834 	if (changed & IEEE80211_CONF_CHANGE_MONITOR) {
2835 		ar->monitor = conf->flags & IEEE80211_CONF_MONITOR;
2836 		ret = ath10k_monitor_recalc(ar);
2837 		if (ret)
2838 			ath10k_warn(ar, "failed to recalc monitor: %d\n", ret);
2839 	}
2840 
2841 	mutex_unlock(&ar->conf_mutex);
2842 	return ret;
2843 }
2844 
2845 static u32 get_nss_from_chainmask(u16 chain_mask)
2846 {
2847 	if ((chain_mask & 0x15) == 0x15)
2848 		return 4;
2849 	else if ((chain_mask & 0x7) == 0x7)
2850 		return 3;
2851 	else if ((chain_mask & 0x3) == 0x3)
2852 		return 2;
2853 	return 1;
2854 }
2855 
2856 /*
2857  * TODO:
2858  * Figure out how to handle WMI_VDEV_SUBTYPE_P2P_DEVICE,
2859  * because we will send mgmt frames without CCK. This requirement
2860  * for P2P_FIND/GO_NEG should be handled by checking CCK flag
2861  * in the TX packet.
2862  */
2863 static int ath10k_add_interface(struct ieee80211_hw *hw,
2864 				struct ieee80211_vif *vif)
2865 {
2866 	struct ath10k *ar = hw->priv;
2867 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
2868 	enum wmi_sta_powersave_param param;
2869 	int ret = 0;
2870 	u32 value;
2871 	int bit;
2872 	u32 vdev_param;
2873 
2874 	mutex_lock(&ar->conf_mutex);
2875 
2876 	memset(arvif, 0, sizeof(*arvif));
2877 
2878 	arvif->ar = ar;
2879 	arvif->vif = vif;
2880 
2881 	INIT_WORK(&arvif->wep_key_work, ath10k_tx_wep_key_work);
2882 	INIT_LIST_HEAD(&arvif->list);
2883 
2884 	if (ar->free_vdev_map == 0) {
2885 		ath10k_warn(ar, "Free vdev map is empty, no more interfaces allowed.\n");
2886 		ret = -EBUSY;
2887 		goto err;
2888 	}
2889 	bit = __ffs64(ar->free_vdev_map);
2890 
2891 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac create vdev %i map %llx\n",
2892 		   bit, ar->free_vdev_map);
2893 
2894 	arvif->vdev_id = bit;
2895 	arvif->vdev_subtype = WMI_VDEV_SUBTYPE_NONE;
2896 
2897 	if (ar->p2p)
2898 		arvif->vdev_subtype = WMI_VDEV_SUBTYPE_P2P_DEVICE;
2899 
2900 	switch (vif->type) {
2901 	case NL80211_IFTYPE_UNSPECIFIED:
2902 	case NL80211_IFTYPE_STATION:
2903 		arvif->vdev_type = WMI_VDEV_TYPE_STA;
2904 		if (vif->p2p)
2905 			arvif->vdev_subtype = WMI_VDEV_SUBTYPE_P2P_CLIENT;
2906 		break;
2907 	case NL80211_IFTYPE_ADHOC:
2908 		arvif->vdev_type = WMI_VDEV_TYPE_IBSS;
2909 		break;
2910 	case NL80211_IFTYPE_AP:
2911 		arvif->vdev_type = WMI_VDEV_TYPE_AP;
2912 
2913 		if (vif->p2p)
2914 			arvif->vdev_subtype = WMI_VDEV_SUBTYPE_P2P_GO;
2915 		break;
2916 	case NL80211_IFTYPE_MONITOR:
2917 		arvif->vdev_type = WMI_VDEV_TYPE_MONITOR;
2918 		break;
2919 	default:
2920 		WARN_ON(1);
2921 		break;
2922 	}
2923 
2924 	/* Some firmware revisions don't wait for beacon tx completion before
2925 	 * sending another SWBA event. This could lead to hardware using old
2926 	 * (freed) beacon data in some cases, e.g. tx credit starvation
2927 	 * combined with missed TBTT. This is very very rare.
2928 	 *
2929 	 * On non-IOMMU-enabled hosts this could be a possible security issue
2930 	 * because hw could beacon some random data on the air.  On
2931 	 * IOMMU-enabled hosts DMAR faults would occur in most cases and target
2932 	 * device would crash.
2933 	 *
2934 	 * Since there are no beacon tx completions (implicit nor explicit)
2935 	 * propagated to host the only workaround for this is to allocate a
2936 	 * DMA-coherent buffer for a lifetime of a vif and use it for all
2937 	 * beacon tx commands. Worst case for this approach is some beacons may
2938 	 * become corrupted, e.g. have garbled IEs or out-of-date TIM bitmap.
2939 	 */
2940 	if (vif->type == NL80211_IFTYPE_ADHOC ||
2941 	    vif->type == NL80211_IFTYPE_AP) {
2942 		arvif->beacon_buf = dma_zalloc_coherent(ar->dev,
2943 							IEEE80211_MAX_FRAME_LEN,
2944 							&arvif->beacon_paddr,
2945 							GFP_ATOMIC);
2946 		if (!arvif->beacon_buf) {
2947 			ret = -ENOMEM;
2948 			ath10k_warn(ar, "failed to allocate beacon buffer: %d\n",
2949 				    ret);
2950 			goto err;
2951 		}
2952 	}
2953 
2954 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev create %d (add interface) type %d subtype %d bcnmode %s\n",
2955 		   arvif->vdev_id, arvif->vdev_type, arvif->vdev_subtype,
2956 		   arvif->beacon_buf ? "single-buf" : "per-skb");
2957 
2958 	ret = ath10k_wmi_vdev_create(ar, arvif->vdev_id, arvif->vdev_type,
2959 				     arvif->vdev_subtype, vif->addr);
2960 	if (ret) {
2961 		ath10k_warn(ar, "failed to create WMI vdev %i: %d\n",
2962 			    arvif->vdev_id, ret);
2963 		goto err;
2964 	}
2965 
2966 	ar->free_vdev_map &= ~(1LL << arvif->vdev_id);
2967 	list_add(&arvif->list, &ar->arvifs);
2968 
2969 	vdev_param = ar->wmi.vdev_param->def_keyid;
2970 	ret = ath10k_wmi_vdev_set_param(ar, 0, vdev_param,
2971 					arvif->def_wep_key_idx);
2972 	if (ret) {
2973 		ath10k_warn(ar, "failed to set vdev %i default key id: %d\n",
2974 			    arvif->vdev_id, ret);
2975 		goto err_vdev_delete;
2976 	}
2977 
2978 	vdev_param = ar->wmi.vdev_param->tx_encap_type;
2979 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
2980 					ATH10K_HW_TXRX_NATIVE_WIFI);
2981 	/* 10.X firmware does not support this VDEV parameter. Do not warn */
2982 	if (ret && ret != -EOPNOTSUPP) {
2983 		ath10k_warn(ar, "failed to set vdev %i TX encapsulation: %d\n",
2984 			    arvif->vdev_id, ret);
2985 		goto err_vdev_delete;
2986 	}
2987 
2988 	if (ar->cfg_tx_chainmask) {
2989 		u16 nss = get_nss_from_chainmask(ar->cfg_tx_chainmask);
2990 
2991 		vdev_param = ar->wmi.vdev_param->nss;
2992 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
2993 						nss);
2994 		if (ret) {
2995 			ath10k_warn(ar, "failed to set vdev %i chainmask 0x%x, nss %i: %d\n",
2996 				    arvif->vdev_id, ar->cfg_tx_chainmask, nss,
2997 				    ret);
2998 			goto err_vdev_delete;
2999 		}
3000 	}
3001 
3002 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
3003 		ret = ath10k_peer_create(ar, arvif->vdev_id, vif->addr);
3004 		if (ret) {
3005 			ath10k_warn(ar, "failed to create vdev %i peer for AP: %d\n",
3006 				    arvif->vdev_id, ret);
3007 			goto err_vdev_delete;
3008 		}
3009 
3010 		ret = ath10k_mac_set_kickout(arvif);
3011 		if (ret) {
3012 			ath10k_warn(ar, "failed to set vdev %i kickout parameters: %d\n",
3013 				    arvif->vdev_id, ret);
3014 			goto err_peer_delete;
3015 		}
3016 	}
3017 
3018 	if (arvif->vdev_type == WMI_VDEV_TYPE_STA) {
3019 		param = WMI_STA_PS_PARAM_RX_WAKE_POLICY;
3020 		value = WMI_STA_PS_RX_WAKE_POLICY_WAKE;
3021 		ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
3022 						  param, value);
3023 		if (ret) {
3024 			ath10k_warn(ar, "failed to set vdev %i RX wake policy: %d\n",
3025 				    arvif->vdev_id, ret);
3026 			goto err_peer_delete;
3027 		}
3028 
3029 		param = WMI_STA_PS_PARAM_TX_WAKE_THRESHOLD;
3030 		value = WMI_STA_PS_TX_WAKE_THRESHOLD_ALWAYS;
3031 		ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
3032 						  param, value);
3033 		if (ret) {
3034 			ath10k_warn(ar, "failed to set vdev %i TX wake thresh: %d\n",
3035 				    arvif->vdev_id, ret);
3036 			goto err_peer_delete;
3037 		}
3038 
3039 		param = WMI_STA_PS_PARAM_PSPOLL_COUNT;
3040 		value = WMI_STA_PS_PSPOLL_COUNT_NO_MAX;
3041 		ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
3042 						  param, value);
3043 		if (ret) {
3044 			ath10k_warn(ar, "failed to set vdev %i PSPOLL count: %d\n",
3045 				    arvif->vdev_id, ret);
3046 			goto err_peer_delete;
3047 		}
3048 	}
3049 
3050 	ret = ath10k_mac_set_rts(arvif, ar->hw->wiphy->rts_threshold);
3051 	if (ret) {
3052 		ath10k_warn(ar, "failed to set rts threshold for vdev %d: %d\n",
3053 			    arvif->vdev_id, ret);
3054 		goto err_peer_delete;
3055 	}
3056 
3057 	ret = ath10k_mac_set_frag(arvif, ar->hw->wiphy->frag_threshold);
3058 	if (ret) {
3059 		ath10k_warn(ar, "failed to set frag threshold for vdev %d: %d\n",
3060 			    arvif->vdev_id, ret);
3061 		goto err_peer_delete;
3062 	}
3063 
3064 	arvif->txpower = vif->bss_conf.txpower;
3065 	ret = ath10k_mac_txpower_recalc(ar);
3066 	if (ret) {
3067 		ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
3068 		goto err_peer_delete;
3069 	}
3070 
3071 	mutex_unlock(&ar->conf_mutex);
3072 	return 0;
3073 
3074 err_peer_delete:
3075 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP)
3076 		ath10k_wmi_peer_delete(ar, arvif->vdev_id, vif->addr);
3077 
3078 err_vdev_delete:
3079 	ath10k_wmi_vdev_delete(ar, arvif->vdev_id);
3080 	ar->free_vdev_map |= 1LL << arvif->vdev_id;
3081 	list_del(&arvif->list);
3082 
3083 err:
3084 	if (arvif->beacon_buf) {
3085 		dma_free_coherent(ar->dev, IEEE80211_MAX_FRAME_LEN,
3086 				  arvif->beacon_buf, arvif->beacon_paddr);
3087 		arvif->beacon_buf = NULL;
3088 	}
3089 
3090 	mutex_unlock(&ar->conf_mutex);
3091 
3092 	return ret;
3093 }
3094 
3095 static void ath10k_remove_interface(struct ieee80211_hw *hw,
3096 				    struct ieee80211_vif *vif)
3097 {
3098 	struct ath10k *ar = hw->priv;
3099 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
3100 	int ret;
3101 
3102 	cancel_work_sync(&arvif->wep_key_work);
3103 
3104 	mutex_lock(&ar->conf_mutex);
3105 
3106 	spin_lock_bh(&ar->data_lock);
3107 	ath10k_mac_vif_beacon_cleanup(arvif);
3108 	spin_unlock_bh(&ar->data_lock);
3109 
3110 	ret = ath10k_spectral_vif_stop(arvif);
3111 	if (ret)
3112 		ath10k_warn(ar, "failed to stop spectral for vdev %i: %d\n",
3113 			    arvif->vdev_id, ret);
3114 
3115 	ar->free_vdev_map |= 1LL << arvif->vdev_id;
3116 	list_del(&arvif->list);
3117 
3118 	if (arvif->vdev_type == WMI_VDEV_TYPE_AP) {
3119 		ret = ath10k_peer_delete(arvif->ar, arvif->vdev_id, vif->addr);
3120 		if (ret)
3121 			ath10k_warn(ar, "failed to remove peer for AP vdev %i: %d\n",
3122 				    arvif->vdev_id, ret);
3123 
3124 		kfree(arvif->u.ap.noa_data);
3125 	}
3126 
3127 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %i delete (remove interface)\n",
3128 		   arvif->vdev_id);
3129 
3130 	ret = ath10k_wmi_vdev_delete(ar, arvif->vdev_id);
3131 	if (ret)
3132 		ath10k_warn(ar, "failed to delete WMI vdev %i: %d\n",
3133 			    arvif->vdev_id, ret);
3134 
3135 	ath10k_peer_cleanup(ar, arvif->vdev_id);
3136 
3137 	mutex_unlock(&ar->conf_mutex);
3138 }
3139 
3140 /*
3141  * FIXME: Has to be verified.
3142  */
3143 #define SUPPORTED_FILTERS			\
3144 	(FIF_PROMISC_IN_BSS |			\
3145 	FIF_ALLMULTI |				\
3146 	FIF_CONTROL |				\
3147 	FIF_PSPOLL |				\
3148 	FIF_OTHER_BSS |				\
3149 	FIF_BCN_PRBRESP_PROMISC |		\
3150 	FIF_PROBE_REQ |				\
3151 	FIF_FCSFAIL)
3152 
3153 static void ath10k_configure_filter(struct ieee80211_hw *hw,
3154 				    unsigned int changed_flags,
3155 				    unsigned int *total_flags,
3156 				    u64 multicast)
3157 {
3158 	struct ath10k *ar = hw->priv;
3159 	int ret;
3160 
3161 	mutex_lock(&ar->conf_mutex);
3162 
3163 	changed_flags &= SUPPORTED_FILTERS;
3164 	*total_flags &= SUPPORTED_FILTERS;
3165 	ar->filter_flags = *total_flags;
3166 
3167 	ret = ath10k_monitor_recalc(ar);
3168 	if (ret)
3169 		ath10k_warn(ar, "failed to recalc montior: %d\n", ret);
3170 
3171 	mutex_unlock(&ar->conf_mutex);
3172 }
3173 
3174 static void ath10k_bss_info_changed(struct ieee80211_hw *hw,
3175 				    struct ieee80211_vif *vif,
3176 				    struct ieee80211_bss_conf *info,
3177 				    u32 changed)
3178 {
3179 	struct ath10k *ar = hw->priv;
3180 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
3181 	int ret = 0;
3182 	u32 vdev_param, pdev_param, slottime, preamble;
3183 
3184 	mutex_lock(&ar->conf_mutex);
3185 
3186 	if (changed & BSS_CHANGED_IBSS)
3187 		ath10k_control_ibss(arvif, info, vif->addr);
3188 
3189 	if (changed & BSS_CHANGED_BEACON_INT) {
3190 		arvif->beacon_interval = info->beacon_int;
3191 		vdev_param = ar->wmi.vdev_param->beacon_interval;
3192 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
3193 						arvif->beacon_interval);
3194 		ath10k_dbg(ar, ATH10K_DBG_MAC,
3195 			   "mac vdev %d beacon_interval %d\n",
3196 			   arvif->vdev_id, arvif->beacon_interval);
3197 
3198 		if (ret)
3199 			ath10k_warn(ar, "failed to set beacon interval for vdev %d: %i\n",
3200 				    arvif->vdev_id, ret);
3201 	}
3202 
3203 	if (changed & BSS_CHANGED_BEACON) {
3204 		ath10k_dbg(ar, ATH10K_DBG_MAC,
3205 			   "vdev %d set beacon tx mode to staggered\n",
3206 			   arvif->vdev_id);
3207 
3208 		pdev_param = ar->wmi.pdev_param->beacon_tx_mode;
3209 		ret = ath10k_wmi_pdev_set_param(ar, pdev_param,
3210 						WMI_BEACON_STAGGERED_MODE);
3211 		if (ret)
3212 			ath10k_warn(ar, "failed to set beacon mode for vdev %d: %i\n",
3213 				    arvif->vdev_id, ret);
3214 	}
3215 
3216 	if (changed & BSS_CHANGED_BEACON_INFO) {
3217 		arvif->dtim_period = info->dtim_period;
3218 
3219 		ath10k_dbg(ar, ATH10K_DBG_MAC,
3220 			   "mac vdev %d dtim_period %d\n",
3221 			   arvif->vdev_id, arvif->dtim_period);
3222 
3223 		vdev_param = ar->wmi.vdev_param->dtim_period;
3224 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
3225 						arvif->dtim_period);
3226 		if (ret)
3227 			ath10k_warn(ar, "failed to set dtim period for vdev %d: %i\n",
3228 				    arvif->vdev_id, ret);
3229 	}
3230 
3231 	if (changed & BSS_CHANGED_SSID &&
3232 	    vif->type == NL80211_IFTYPE_AP) {
3233 		arvif->u.ap.ssid_len = info->ssid_len;
3234 		if (info->ssid_len)
3235 			memcpy(arvif->u.ap.ssid, info->ssid, info->ssid_len);
3236 		arvif->u.ap.hidden_ssid = info->hidden_ssid;
3237 	}
3238 
3239 	if (changed & BSS_CHANGED_BSSID && !is_zero_ether_addr(info->bssid))
3240 		ether_addr_copy(arvif->bssid, info->bssid);
3241 
3242 	if (changed & BSS_CHANGED_BEACON_ENABLED)
3243 		ath10k_control_beaconing(arvif, info);
3244 
3245 	if (changed & BSS_CHANGED_ERP_CTS_PROT) {
3246 		arvif->use_cts_prot = info->use_cts_prot;
3247 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d cts_prot %d\n",
3248 			   arvif->vdev_id, info->use_cts_prot);
3249 
3250 		ret = ath10k_recalc_rtscts_prot(arvif);
3251 		if (ret)
3252 			ath10k_warn(ar, "failed to recalculate rts/cts prot for vdev %d: %d\n",
3253 				    arvif->vdev_id, ret);
3254 	}
3255 
3256 	if (changed & BSS_CHANGED_ERP_SLOT) {
3257 		if (info->use_short_slot)
3258 			slottime = WMI_VDEV_SLOT_TIME_SHORT; /* 9us */
3259 
3260 		else
3261 			slottime = WMI_VDEV_SLOT_TIME_LONG; /* 20us */
3262 
3263 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d slot_time %d\n",
3264 			   arvif->vdev_id, slottime);
3265 
3266 		vdev_param = ar->wmi.vdev_param->slot_time;
3267 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
3268 						slottime);
3269 		if (ret)
3270 			ath10k_warn(ar, "failed to set erp slot for vdev %d: %i\n",
3271 				    arvif->vdev_id, ret);
3272 	}
3273 
3274 	if (changed & BSS_CHANGED_ERP_PREAMBLE) {
3275 		if (info->use_short_preamble)
3276 			preamble = WMI_VDEV_PREAMBLE_SHORT;
3277 		else
3278 			preamble = WMI_VDEV_PREAMBLE_LONG;
3279 
3280 		ath10k_dbg(ar, ATH10K_DBG_MAC,
3281 			   "mac vdev %d preamble %dn",
3282 			   arvif->vdev_id, preamble);
3283 
3284 		vdev_param = ar->wmi.vdev_param->preamble;
3285 		ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
3286 						preamble);
3287 		if (ret)
3288 			ath10k_warn(ar, "failed to set preamble for vdev %d: %i\n",
3289 				    arvif->vdev_id, ret);
3290 	}
3291 
3292 	if (changed & BSS_CHANGED_ASSOC) {
3293 		if (info->assoc) {
3294 			/* Workaround: Make sure monitor vdev is not running
3295 			 * when associating to prevent some firmware revisions
3296 			 * (e.g. 10.1 and 10.2) from crashing.
3297 			 */
3298 			if (ar->monitor_started)
3299 				ath10k_monitor_stop(ar);
3300 			ath10k_bss_assoc(hw, vif, info);
3301 			ath10k_monitor_recalc(ar);
3302 		} else {
3303 			ath10k_bss_disassoc(hw, vif);
3304 		}
3305 	}
3306 
3307 	if (changed & BSS_CHANGED_TXPOWER) {
3308 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev_id %i txpower %d\n",
3309 			   arvif->vdev_id, info->txpower);
3310 
3311 		arvif->txpower = info->txpower;
3312 		ret = ath10k_mac_txpower_recalc(ar);
3313 		if (ret)
3314 			ath10k_warn(ar, "failed to recalc tx power: %d\n", ret);
3315 	}
3316 
3317 	mutex_unlock(&ar->conf_mutex);
3318 }
3319 
3320 static int ath10k_hw_scan(struct ieee80211_hw *hw,
3321 			  struct ieee80211_vif *vif,
3322 			  struct ieee80211_scan_request *hw_req)
3323 {
3324 	struct ath10k *ar = hw->priv;
3325 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
3326 	struct cfg80211_scan_request *req = &hw_req->req;
3327 	struct wmi_start_scan_arg arg;
3328 	int ret = 0;
3329 	int i;
3330 
3331 	mutex_lock(&ar->conf_mutex);
3332 
3333 	spin_lock_bh(&ar->data_lock);
3334 	switch (ar->scan.state) {
3335 	case ATH10K_SCAN_IDLE:
3336 		reinit_completion(&ar->scan.started);
3337 		reinit_completion(&ar->scan.completed);
3338 		ar->scan.state = ATH10K_SCAN_STARTING;
3339 		ar->scan.is_roc = false;
3340 		ar->scan.vdev_id = arvif->vdev_id;
3341 		ret = 0;
3342 		break;
3343 	case ATH10K_SCAN_STARTING:
3344 	case ATH10K_SCAN_RUNNING:
3345 	case ATH10K_SCAN_ABORTING:
3346 		ret = -EBUSY;
3347 		break;
3348 	}
3349 	spin_unlock_bh(&ar->data_lock);
3350 
3351 	if (ret)
3352 		goto exit;
3353 
3354 	memset(&arg, 0, sizeof(arg));
3355 	ath10k_wmi_start_scan_init(ar, &arg);
3356 	arg.vdev_id = arvif->vdev_id;
3357 	arg.scan_id = ATH10K_SCAN_ID;
3358 
3359 	if (!req->no_cck)
3360 		arg.scan_ctrl_flags |= WMI_SCAN_ADD_CCK_RATES;
3361 
3362 	if (req->ie_len) {
3363 		arg.ie_len = req->ie_len;
3364 		memcpy(arg.ie, req->ie, arg.ie_len);
3365 	}
3366 
3367 	if (req->n_ssids) {
3368 		arg.n_ssids = req->n_ssids;
3369 		for (i = 0; i < arg.n_ssids; i++) {
3370 			arg.ssids[i].len  = req->ssids[i].ssid_len;
3371 			arg.ssids[i].ssid = req->ssids[i].ssid;
3372 		}
3373 	} else {
3374 		arg.scan_ctrl_flags |= WMI_SCAN_FLAG_PASSIVE;
3375 	}
3376 
3377 	if (req->n_channels) {
3378 		arg.n_channels = req->n_channels;
3379 		for (i = 0; i < arg.n_channels; i++)
3380 			arg.channels[i] = req->channels[i]->center_freq;
3381 	}
3382 
3383 	ret = ath10k_start_scan(ar, &arg);
3384 	if (ret) {
3385 		ath10k_warn(ar, "failed to start hw scan: %d\n", ret);
3386 		spin_lock_bh(&ar->data_lock);
3387 		ar->scan.state = ATH10K_SCAN_IDLE;
3388 		spin_unlock_bh(&ar->data_lock);
3389 	}
3390 
3391 exit:
3392 	mutex_unlock(&ar->conf_mutex);
3393 	return ret;
3394 }
3395 
3396 static void ath10k_cancel_hw_scan(struct ieee80211_hw *hw,
3397 				  struct ieee80211_vif *vif)
3398 {
3399 	struct ath10k *ar = hw->priv;
3400 
3401 	mutex_lock(&ar->conf_mutex);
3402 	ath10k_scan_abort(ar);
3403 	mutex_unlock(&ar->conf_mutex);
3404 
3405 	cancel_delayed_work_sync(&ar->scan.timeout);
3406 }
3407 
3408 static void ath10k_set_key_h_def_keyidx(struct ath10k *ar,
3409 					struct ath10k_vif *arvif,
3410 					enum set_key_cmd cmd,
3411 					struct ieee80211_key_conf *key)
3412 {
3413 	u32 vdev_param = arvif->ar->wmi.vdev_param->def_keyid;
3414 	int ret;
3415 
3416 	/* 10.1 firmware branch requires default key index to be set to group
3417 	 * key index after installing it. Otherwise FW/HW Txes corrupted
3418 	 * frames with multi-vif APs. This is not required for main firmware
3419 	 * branch (e.g. 636).
3420 	 *
3421 	 * FIXME: This has been tested only in AP. It remains unknown if this
3422 	 * is required for multi-vif STA interfaces on 10.1 */
3423 
3424 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP)
3425 		return;
3426 
3427 	if (key->cipher == WLAN_CIPHER_SUITE_WEP40)
3428 		return;
3429 
3430 	if (key->cipher == WLAN_CIPHER_SUITE_WEP104)
3431 		return;
3432 
3433 	if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
3434 		return;
3435 
3436 	if (cmd != SET_KEY)
3437 		return;
3438 
3439 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
3440 					key->keyidx);
3441 	if (ret)
3442 		ath10k_warn(ar, "failed to set vdev %i group key as default key: %d\n",
3443 			    arvif->vdev_id, ret);
3444 }
3445 
3446 static int ath10k_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
3447 			  struct ieee80211_vif *vif, struct ieee80211_sta *sta,
3448 			  struct ieee80211_key_conf *key)
3449 {
3450 	struct ath10k *ar = hw->priv;
3451 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
3452 	struct ath10k_peer *peer;
3453 	const u8 *peer_addr;
3454 	bool is_wep = key->cipher == WLAN_CIPHER_SUITE_WEP40 ||
3455 		      key->cipher == WLAN_CIPHER_SUITE_WEP104;
3456 	int ret = 0;
3457 
3458 	if (key->keyidx > WMI_MAX_KEY_INDEX)
3459 		return -ENOSPC;
3460 
3461 	mutex_lock(&ar->conf_mutex);
3462 
3463 	if (sta)
3464 		peer_addr = sta->addr;
3465 	else if (arvif->vdev_type == WMI_VDEV_TYPE_STA)
3466 		peer_addr = vif->bss_conf.bssid;
3467 	else
3468 		peer_addr = vif->addr;
3469 
3470 	key->hw_key_idx = key->keyidx;
3471 
3472 	/* the peer should not disappear in mid-way (unless FW goes awry) since
3473 	 * we already hold conf_mutex. we just make sure its there now. */
3474 	spin_lock_bh(&ar->data_lock);
3475 	peer = ath10k_peer_find(ar, arvif->vdev_id, peer_addr);
3476 	spin_unlock_bh(&ar->data_lock);
3477 
3478 	if (!peer) {
3479 		if (cmd == SET_KEY) {
3480 			ath10k_warn(ar, "failed to install key for non-existent peer %pM\n",
3481 				    peer_addr);
3482 			ret = -EOPNOTSUPP;
3483 			goto exit;
3484 		} else {
3485 			/* if the peer doesn't exist there is no key to disable
3486 			 * anymore */
3487 			goto exit;
3488 		}
3489 	}
3490 
3491 	if (is_wep) {
3492 		if (cmd == SET_KEY)
3493 			arvif->wep_keys[key->keyidx] = key;
3494 		else
3495 			arvif->wep_keys[key->keyidx] = NULL;
3496 
3497 		if (cmd == DISABLE_KEY)
3498 			ath10k_clear_vdev_key(arvif, key);
3499 	}
3500 
3501 	ret = ath10k_install_key(arvif, key, cmd, peer_addr);
3502 	if (ret) {
3503 		ath10k_warn(ar, "failed to install key for vdev %i peer %pM: %d\n",
3504 			    arvif->vdev_id, peer_addr, ret);
3505 		goto exit;
3506 	}
3507 
3508 	ath10k_set_key_h_def_keyidx(ar, arvif, cmd, key);
3509 
3510 	spin_lock_bh(&ar->data_lock);
3511 	peer = ath10k_peer_find(ar, arvif->vdev_id, peer_addr);
3512 	if (peer && cmd == SET_KEY)
3513 		peer->keys[key->keyidx] = key;
3514 	else if (peer && cmd == DISABLE_KEY)
3515 		peer->keys[key->keyidx] = NULL;
3516 	else if (peer == NULL)
3517 		/* impossible unless FW goes crazy */
3518 		ath10k_warn(ar, "Peer %pM disappeared!\n", peer_addr);
3519 	spin_unlock_bh(&ar->data_lock);
3520 
3521 exit:
3522 	mutex_unlock(&ar->conf_mutex);
3523 	return ret;
3524 }
3525 
3526 static void ath10k_sta_rc_update_wk(struct work_struct *wk)
3527 {
3528 	struct ath10k *ar;
3529 	struct ath10k_vif *arvif;
3530 	struct ath10k_sta *arsta;
3531 	struct ieee80211_sta *sta;
3532 	u32 changed, bw, nss, smps;
3533 	int err;
3534 
3535 	arsta = container_of(wk, struct ath10k_sta, update_wk);
3536 	sta = container_of((void *)arsta, struct ieee80211_sta, drv_priv);
3537 	arvif = arsta->arvif;
3538 	ar = arvif->ar;
3539 
3540 	spin_lock_bh(&ar->data_lock);
3541 
3542 	changed = arsta->changed;
3543 	arsta->changed = 0;
3544 
3545 	bw = arsta->bw;
3546 	nss = arsta->nss;
3547 	smps = arsta->smps;
3548 
3549 	spin_unlock_bh(&ar->data_lock);
3550 
3551 	mutex_lock(&ar->conf_mutex);
3552 
3553 	if (changed & IEEE80211_RC_BW_CHANGED) {
3554 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac update sta %pM peer bw %d\n",
3555 			   sta->addr, bw);
3556 
3557 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
3558 						WMI_PEER_CHAN_WIDTH, bw);
3559 		if (err)
3560 			ath10k_warn(ar, "failed to update STA %pM peer bw %d: %d\n",
3561 				    sta->addr, bw, err);
3562 	}
3563 
3564 	if (changed & IEEE80211_RC_NSS_CHANGED) {
3565 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac update sta %pM nss %d\n",
3566 			   sta->addr, nss);
3567 
3568 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
3569 						WMI_PEER_NSS, nss);
3570 		if (err)
3571 			ath10k_warn(ar, "failed to update STA %pM nss %d: %d\n",
3572 				    sta->addr, nss, err);
3573 	}
3574 
3575 	if (changed & IEEE80211_RC_SMPS_CHANGED) {
3576 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac update sta %pM smps %d\n",
3577 			   sta->addr, smps);
3578 
3579 		err = ath10k_wmi_peer_set_param(ar, arvif->vdev_id, sta->addr,
3580 						WMI_PEER_SMPS_STATE, smps);
3581 		if (err)
3582 			ath10k_warn(ar, "failed to update STA %pM smps %d: %d\n",
3583 				    sta->addr, smps, err);
3584 	}
3585 
3586 	if (changed & IEEE80211_RC_SUPP_RATES_CHANGED) {
3587 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac update sta %pM supp rates\n",
3588 			   sta->addr);
3589 
3590 		err = ath10k_station_assoc(ar, arvif->vif, sta, true);
3591 		if (err)
3592 			ath10k_warn(ar, "failed to reassociate station: %pM\n",
3593 				    sta->addr);
3594 	}
3595 
3596 	mutex_unlock(&ar->conf_mutex);
3597 }
3598 
3599 static int ath10k_mac_inc_num_stations(struct ath10k_vif *arvif)
3600 {
3601 	struct ath10k *ar = arvif->ar;
3602 
3603 	lockdep_assert_held(&ar->conf_mutex);
3604 
3605 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP &&
3606 	    arvif->vdev_type != WMI_VDEV_TYPE_IBSS)
3607 		return 0;
3608 
3609 	if (ar->num_stations >= ar->max_num_stations)
3610 		return -ENOBUFS;
3611 
3612 	ar->num_stations++;
3613 
3614 	return 0;
3615 }
3616 
3617 static void ath10k_mac_dec_num_stations(struct ath10k_vif *arvif)
3618 {
3619 	struct ath10k *ar = arvif->ar;
3620 
3621 	lockdep_assert_held(&ar->conf_mutex);
3622 
3623 	if (arvif->vdev_type != WMI_VDEV_TYPE_AP &&
3624 	    arvif->vdev_type != WMI_VDEV_TYPE_IBSS)
3625 		return;
3626 
3627 	ar->num_stations--;
3628 }
3629 
3630 static int ath10k_sta_state(struct ieee80211_hw *hw,
3631 			    struct ieee80211_vif *vif,
3632 			    struct ieee80211_sta *sta,
3633 			    enum ieee80211_sta_state old_state,
3634 			    enum ieee80211_sta_state new_state)
3635 {
3636 	struct ath10k *ar = hw->priv;
3637 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
3638 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
3639 	int ret = 0;
3640 
3641 	if (old_state == IEEE80211_STA_NOTEXIST &&
3642 	    new_state == IEEE80211_STA_NONE) {
3643 		memset(arsta, 0, sizeof(*arsta));
3644 		arsta->arvif = arvif;
3645 		INIT_WORK(&arsta->update_wk, ath10k_sta_rc_update_wk);
3646 	}
3647 
3648 	/* cancel must be done outside the mutex to avoid deadlock */
3649 	if ((old_state == IEEE80211_STA_NONE &&
3650 	     new_state == IEEE80211_STA_NOTEXIST))
3651 		cancel_work_sync(&arsta->update_wk);
3652 
3653 	mutex_lock(&ar->conf_mutex);
3654 
3655 	if (old_state == IEEE80211_STA_NOTEXIST &&
3656 	    new_state == IEEE80211_STA_NONE) {
3657 		/*
3658 		 * New station addition.
3659 		 */
3660 		ath10k_dbg(ar, ATH10K_DBG_MAC,
3661 			   "mac vdev %d peer create %pM (new sta) sta %d / %d peer %d / %d\n",
3662 			   arvif->vdev_id, sta->addr,
3663 			   ar->num_stations + 1, ar->max_num_stations,
3664 			   ar->num_peers + 1, ar->max_num_peers);
3665 
3666 		ret = ath10k_mac_inc_num_stations(arvif);
3667 		if (ret) {
3668 			ath10k_warn(ar, "refusing to associate station: too many connected already (%d)\n",
3669 				    ar->max_num_stations);
3670 			goto exit;
3671 		}
3672 
3673 		ret = ath10k_peer_create(ar, arvif->vdev_id, sta->addr);
3674 		if (ret) {
3675 			ath10k_warn(ar, "failed to add peer %pM for vdev %d when adding a new sta: %i\n",
3676 				    sta->addr, arvif->vdev_id, ret);
3677 			ath10k_mac_dec_num_stations(arvif);
3678 			goto exit;
3679 		}
3680 
3681 		if (vif->type == NL80211_IFTYPE_STATION) {
3682 			WARN_ON(arvif->is_started);
3683 
3684 			ret = ath10k_vdev_start(arvif);
3685 			if (ret) {
3686 				ath10k_warn(ar, "failed to start vdev %i: %d\n",
3687 					    arvif->vdev_id, ret);
3688 				WARN_ON(ath10k_peer_delete(ar, arvif->vdev_id,
3689 							   sta->addr));
3690 				ath10k_mac_dec_num_stations(arvif);
3691 				goto exit;
3692 			}
3693 
3694 			arvif->is_started = true;
3695 		}
3696 	} else if ((old_state == IEEE80211_STA_NONE &&
3697 		    new_state == IEEE80211_STA_NOTEXIST)) {
3698 		/*
3699 		 * Existing station deletion.
3700 		 */
3701 		ath10k_dbg(ar, ATH10K_DBG_MAC,
3702 			   "mac vdev %d peer delete %pM (sta gone)\n",
3703 			   arvif->vdev_id, sta->addr);
3704 
3705 		if (vif->type == NL80211_IFTYPE_STATION) {
3706 			WARN_ON(!arvif->is_started);
3707 
3708 			ret = ath10k_vdev_stop(arvif);
3709 			if (ret)
3710 				ath10k_warn(ar, "failed to stop vdev %i: %d\n",
3711 					    arvif->vdev_id, ret);
3712 
3713 			arvif->is_started = false;
3714 		}
3715 
3716 		ret = ath10k_peer_delete(ar, arvif->vdev_id, sta->addr);
3717 		if (ret)
3718 			ath10k_warn(ar, "failed to delete peer %pM for vdev %d: %i\n",
3719 				    sta->addr, arvif->vdev_id, ret);
3720 
3721 		ath10k_mac_dec_num_stations(arvif);
3722 	} else if (old_state == IEEE80211_STA_AUTH &&
3723 		   new_state == IEEE80211_STA_ASSOC &&
3724 		   (vif->type == NL80211_IFTYPE_AP ||
3725 		    vif->type == NL80211_IFTYPE_ADHOC)) {
3726 		/*
3727 		 * New association.
3728 		 */
3729 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac sta %pM associated\n",
3730 			   sta->addr);
3731 
3732 		ret = ath10k_station_assoc(ar, vif, sta, false);
3733 		if (ret)
3734 			ath10k_warn(ar, "failed to associate station %pM for vdev %i: %i\n",
3735 				    sta->addr, arvif->vdev_id, ret);
3736 	} else if (old_state == IEEE80211_STA_ASSOC &&
3737 		   new_state == IEEE80211_STA_AUTH &&
3738 		   (vif->type == NL80211_IFTYPE_AP ||
3739 		    vif->type == NL80211_IFTYPE_ADHOC)) {
3740 		/*
3741 		 * Disassociation.
3742 		 */
3743 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac sta %pM disassociated\n",
3744 			   sta->addr);
3745 
3746 		ret = ath10k_station_disassoc(ar, vif, sta);
3747 		if (ret)
3748 			ath10k_warn(ar, "failed to disassociate station: %pM vdev %i: %i\n",
3749 				    sta->addr, arvif->vdev_id, ret);
3750 	}
3751 exit:
3752 	mutex_unlock(&ar->conf_mutex);
3753 	return ret;
3754 }
3755 
3756 static int ath10k_conf_tx_uapsd(struct ath10k *ar, struct ieee80211_vif *vif,
3757 				u16 ac, bool enable)
3758 {
3759 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
3760 	u32 value = 0;
3761 	int ret = 0;
3762 
3763 	lockdep_assert_held(&ar->conf_mutex);
3764 
3765 	if (arvif->vdev_type != WMI_VDEV_TYPE_STA)
3766 		return 0;
3767 
3768 	switch (ac) {
3769 	case IEEE80211_AC_VO:
3770 		value = WMI_STA_PS_UAPSD_AC3_DELIVERY_EN |
3771 			WMI_STA_PS_UAPSD_AC3_TRIGGER_EN;
3772 		break;
3773 	case IEEE80211_AC_VI:
3774 		value = WMI_STA_PS_UAPSD_AC2_DELIVERY_EN |
3775 			WMI_STA_PS_UAPSD_AC2_TRIGGER_EN;
3776 		break;
3777 	case IEEE80211_AC_BE:
3778 		value = WMI_STA_PS_UAPSD_AC1_DELIVERY_EN |
3779 			WMI_STA_PS_UAPSD_AC1_TRIGGER_EN;
3780 		break;
3781 	case IEEE80211_AC_BK:
3782 		value = WMI_STA_PS_UAPSD_AC0_DELIVERY_EN |
3783 			WMI_STA_PS_UAPSD_AC0_TRIGGER_EN;
3784 		break;
3785 	}
3786 
3787 	if (enable)
3788 		arvif->u.sta.uapsd |= value;
3789 	else
3790 		arvif->u.sta.uapsd &= ~value;
3791 
3792 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
3793 					  WMI_STA_PS_PARAM_UAPSD,
3794 					  arvif->u.sta.uapsd);
3795 	if (ret) {
3796 		ath10k_warn(ar, "failed to set uapsd params: %d\n", ret);
3797 		goto exit;
3798 	}
3799 
3800 	if (arvif->u.sta.uapsd)
3801 		value = WMI_STA_PS_RX_WAKE_POLICY_POLL_UAPSD;
3802 	else
3803 		value = WMI_STA_PS_RX_WAKE_POLICY_WAKE;
3804 
3805 	ret = ath10k_wmi_set_sta_ps_param(ar, arvif->vdev_id,
3806 					  WMI_STA_PS_PARAM_RX_WAKE_POLICY,
3807 					  value);
3808 	if (ret)
3809 		ath10k_warn(ar, "failed to set rx wake param: %d\n", ret);
3810 
3811 exit:
3812 	return ret;
3813 }
3814 
3815 static int ath10k_conf_tx(struct ieee80211_hw *hw,
3816 			  struct ieee80211_vif *vif, u16 ac,
3817 			  const struct ieee80211_tx_queue_params *params)
3818 {
3819 	struct ath10k *ar = hw->priv;
3820 	struct wmi_wmm_params_arg *p = NULL;
3821 	int ret;
3822 
3823 	mutex_lock(&ar->conf_mutex);
3824 
3825 	switch (ac) {
3826 	case IEEE80211_AC_VO:
3827 		p = &ar->wmm_params.ac_vo;
3828 		break;
3829 	case IEEE80211_AC_VI:
3830 		p = &ar->wmm_params.ac_vi;
3831 		break;
3832 	case IEEE80211_AC_BE:
3833 		p = &ar->wmm_params.ac_be;
3834 		break;
3835 	case IEEE80211_AC_BK:
3836 		p = &ar->wmm_params.ac_bk;
3837 		break;
3838 	}
3839 
3840 	if (WARN_ON(!p)) {
3841 		ret = -EINVAL;
3842 		goto exit;
3843 	}
3844 
3845 	p->cwmin = params->cw_min;
3846 	p->cwmax = params->cw_max;
3847 	p->aifs = params->aifs;
3848 
3849 	/*
3850 	 * The channel time duration programmed in the HW is in absolute
3851 	 * microseconds, while mac80211 gives the txop in units of
3852 	 * 32 microseconds.
3853 	 */
3854 	p->txop = params->txop * 32;
3855 
3856 	/* FIXME: FW accepts wmm params per hw, not per vif */
3857 	ret = ath10k_wmi_pdev_set_wmm_params(ar, &ar->wmm_params);
3858 	if (ret) {
3859 		ath10k_warn(ar, "failed to set wmm params: %d\n", ret);
3860 		goto exit;
3861 	}
3862 
3863 	ret = ath10k_conf_tx_uapsd(ar, vif, ac, params->uapsd);
3864 	if (ret)
3865 		ath10k_warn(ar, "failed to set sta uapsd: %d\n", ret);
3866 
3867 exit:
3868 	mutex_unlock(&ar->conf_mutex);
3869 	return ret;
3870 }
3871 
3872 #define ATH10K_ROC_TIMEOUT_HZ (2*HZ)
3873 
3874 static int ath10k_remain_on_channel(struct ieee80211_hw *hw,
3875 				    struct ieee80211_vif *vif,
3876 				    struct ieee80211_channel *chan,
3877 				    int duration,
3878 				    enum ieee80211_roc_type type)
3879 {
3880 	struct ath10k *ar = hw->priv;
3881 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
3882 	struct wmi_start_scan_arg arg;
3883 	int ret = 0;
3884 
3885 	mutex_lock(&ar->conf_mutex);
3886 
3887 	spin_lock_bh(&ar->data_lock);
3888 	switch (ar->scan.state) {
3889 	case ATH10K_SCAN_IDLE:
3890 		reinit_completion(&ar->scan.started);
3891 		reinit_completion(&ar->scan.completed);
3892 		reinit_completion(&ar->scan.on_channel);
3893 		ar->scan.state = ATH10K_SCAN_STARTING;
3894 		ar->scan.is_roc = true;
3895 		ar->scan.vdev_id = arvif->vdev_id;
3896 		ar->scan.roc_freq = chan->center_freq;
3897 		ret = 0;
3898 		break;
3899 	case ATH10K_SCAN_STARTING:
3900 	case ATH10K_SCAN_RUNNING:
3901 	case ATH10K_SCAN_ABORTING:
3902 		ret = -EBUSY;
3903 		break;
3904 	}
3905 	spin_unlock_bh(&ar->data_lock);
3906 
3907 	if (ret)
3908 		goto exit;
3909 
3910 	duration = max(duration, WMI_SCAN_CHAN_MIN_TIME_MSEC);
3911 
3912 	memset(&arg, 0, sizeof(arg));
3913 	ath10k_wmi_start_scan_init(ar, &arg);
3914 	arg.vdev_id = arvif->vdev_id;
3915 	arg.scan_id = ATH10K_SCAN_ID;
3916 	arg.n_channels = 1;
3917 	arg.channels[0] = chan->center_freq;
3918 	arg.dwell_time_active = duration;
3919 	arg.dwell_time_passive = duration;
3920 	arg.max_scan_time = 2 * duration;
3921 	arg.scan_ctrl_flags |= WMI_SCAN_FLAG_PASSIVE;
3922 	arg.scan_ctrl_flags |= WMI_SCAN_FILTER_PROBE_REQ;
3923 
3924 	ret = ath10k_start_scan(ar, &arg);
3925 	if (ret) {
3926 		ath10k_warn(ar, "failed to start roc scan: %d\n", ret);
3927 		spin_lock_bh(&ar->data_lock);
3928 		ar->scan.state = ATH10K_SCAN_IDLE;
3929 		spin_unlock_bh(&ar->data_lock);
3930 		goto exit;
3931 	}
3932 
3933 	ret = wait_for_completion_timeout(&ar->scan.on_channel, 3*HZ);
3934 	if (ret == 0) {
3935 		ath10k_warn(ar, "failed to switch to channel for roc scan\n");
3936 
3937 		ret = ath10k_scan_stop(ar);
3938 		if (ret)
3939 			ath10k_warn(ar, "failed to stop scan: %d\n", ret);
3940 
3941 		ret = -ETIMEDOUT;
3942 		goto exit;
3943 	}
3944 
3945 	ret = 0;
3946 exit:
3947 	mutex_unlock(&ar->conf_mutex);
3948 	return ret;
3949 }
3950 
3951 static int ath10k_cancel_remain_on_channel(struct ieee80211_hw *hw)
3952 {
3953 	struct ath10k *ar = hw->priv;
3954 
3955 	mutex_lock(&ar->conf_mutex);
3956 	ath10k_scan_abort(ar);
3957 	mutex_unlock(&ar->conf_mutex);
3958 
3959 	cancel_delayed_work_sync(&ar->scan.timeout);
3960 
3961 	return 0;
3962 }
3963 
3964 /*
3965  * Both RTS and Fragmentation threshold are interface-specific
3966  * in ath10k, but device-specific in mac80211.
3967  */
3968 
3969 static int ath10k_set_rts_threshold(struct ieee80211_hw *hw, u32 value)
3970 {
3971 	struct ath10k *ar = hw->priv;
3972 	struct ath10k_vif *arvif;
3973 	int ret = 0;
3974 
3975 	mutex_lock(&ar->conf_mutex);
3976 	list_for_each_entry(arvif, &ar->arvifs, list) {
3977 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d rts threshold %d\n",
3978 			   arvif->vdev_id, value);
3979 
3980 		ret = ath10k_mac_set_rts(arvif, value);
3981 		if (ret) {
3982 			ath10k_warn(ar, "failed to set rts threshold for vdev %d: %d\n",
3983 				    arvif->vdev_id, ret);
3984 			break;
3985 		}
3986 	}
3987 	mutex_unlock(&ar->conf_mutex);
3988 
3989 	return ret;
3990 }
3991 
3992 static int ath10k_set_frag_threshold(struct ieee80211_hw *hw, u32 value)
3993 {
3994 	struct ath10k *ar = hw->priv;
3995 	struct ath10k_vif *arvif;
3996 	int ret = 0;
3997 
3998 	mutex_lock(&ar->conf_mutex);
3999 	list_for_each_entry(arvif, &ar->arvifs, list) {
4000 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac vdev %d fragmentation threshold %d\n",
4001 			   arvif->vdev_id, value);
4002 
4003 		ret = ath10k_mac_set_frag(arvif, value);
4004 		if (ret) {
4005 			ath10k_warn(ar, "failed to set fragmentation threshold for vdev %d: %d\n",
4006 				    arvif->vdev_id, ret);
4007 			break;
4008 		}
4009 	}
4010 	mutex_unlock(&ar->conf_mutex);
4011 
4012 	return ret;
4013 }
4014 
4015 static void ath10k_flush(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
4016 			 u32 queues, bool drop)
4017 {
4018 	struct ath10k *ar = hw->priv;
4019 	bool skip;
4020 	int ret;
4021 
4022 	/* mac80211 doesn't care if we really xmit queued frames or not
4023 	 * we'll collect those frames either way if we stop/delete vdevs */
4024 	if (drop)
4025 		return;
4026 
4027 	mutex_lock(&ar->conf_mutex);
4028 
4029 	if (ar->state == ATH10K_STATE_WEDGED)
4030 		goto skip;
4031 
4032 	ret = wait_event_timeout(ar->htt.empty_tx_wq, ({
4033 			bool empty;
4034 
4035 			spin_lock_bh(&ar->htt.tx_lock);
4036 			empty = (ar->htt.num_pending_tx == 0);
4037 			spin_unlock_bh(&ar->htt.tx_lock);
4038 
4039 			skip = (ar->state == ATH10K_STATE_WEDGED) ||
4040 			       test_bit(ATH10K_FLAG_CRASH_FLUSH,
4041 					&ar->dev_flags);
4042 
4043 			(empty || skip);
4044 		}), ATH10K_FLUSH_TIMEOUT_HZ);
4045 
4046 	if (ret <= 0 || skip)
4047 		ath10k_warn(ar, "failed to flush transmit queue (skip %i ar-state %i): %i\n",
4048 			    skip, ar->state, ret);
4049 
4050 skip:
4051 	mutex_unlock(&ar->conf_mutex);
4052 }
4053 
4054 /* TODO: Implement this function properly
4055  * For now it is needed to reply to Probe Requests in IBSS mode.
4056  * Propably we need this information from FW.
4057  */
4058 static int ath10k_tx_last_beacon(struct ieee80211_hw *hw)
4059 {
4060 	return 1;
4061 }
4062 
4063 #ifdef CONFIG_PM
4064 static int ath10k_suspend(struct ieee80211_hw *hw,
4065 			  struct cfg80211_wowlan *wowlan)
4066 {
4067 	struct ath10k *ar = hw->priv;
4068 	int ret;
4069 
4070 	mutex_lock(&ar->conf_mutex);
4071 
4072 	ret = ath10k_wait_for_suspend(ar, WMI_PDEV_SUSPEND);
4073 	if (ret) {
4074 		if (ret == -ETIMEDOUT)
4075 			goto resume;
4076 		ret = 1;
4077 		goto exit;
4078 	}
4079 
4080 	ret = ath10k_hif_suspend(ar);
4081 	if (ret) {
4082 		ath10k_warn(ar, "failed to suspend hif: %d\n", ret);
4083 		goto resume;
4084 	}
4085 
4086 	ret = 0;
4087 	goto exit;
4088 resume:
4089 	ret = ath10k_wmi_pdev_resume_target(ar);
4090 	if (ret)
4091 		ath10k_warn(ar, "failed to resume target: %d\n", ret);
4092 
4093 	ret = 1;
4094 exit:
4095 	mutex_unlock(&ar->conf_mutex);
4096 	return ret;
4097 }
4098 
4099 static int ath10k_resume(struct ieee80211_hw *hw)
4100 {
4101 	struct ath10k *ar = hw->priv;
4102 	int ret;
4103 
4104 	mutex_lock(&ar->conf_mutex);
4105 
4106 	ret = ath10k_hif_resume(ar);
4107 	if (ret) {
4108 		ath10k_warn(ar, "failed to resume hif: %d\n", ret);
4109 		ret = 1;
4110 		goto exit;
4111 	}
4112 
4113 	ret = ath10k_wmi_pdev_resume_target(ar);
4114 	if (ret) {
4115 		ath10k_warn(ar, "failed to resume target: %d\n", ret);
4116 		ret = 1;
4117 		goto exit;
4118 	}
4119 
4120 	ret = 0;
4121 exit:
4122 	mutex_unlock(&ar->conf_mutex);
4123 	return ret;
4124 }
4125 #endif
4126 
4127 static void ath10k_reconfig_complete(struct ieee80211_hw *hw,
4128 				     enum ieee80211_reconfig_type reconfig_type)
4129 {
4130 	struct ath10k *ar = hw->priv;
4131 
4132 	if (reconfig_type != IEEE80211_RECONFIG_TYPE_RESTART)
4133 		return;
4134 
4135 	mutex_lock(&ar->conf_mutex);
4136 
4137 	/* If device failed to restart it will be in a different state, e.g.
4138 	 * ATH10K_STATE_WEDGED */
4139 	if (ar->state == ATH10K_STATE_RESTARTED) {
4140 		ath10k_info(ar, "device successfully recovered\n");
4141 		ar->state = ATH10K_STATE_ON;
4142 		ieee80211_wake_queues(ar->hw);
4143 	}
4144 
4145 	mutex_unlock(&ar->conf_mutex);
4146 }
4147 
4148 static int ath10k_get_survey(struct ieee80211_hw *hw, int idx,
4149 			     struct survey_info *survey)
4150 {
4151 	struct ath10k *ar = hw->priv;
4152 	struct ieee80211_supported_band *sband;
4153 	struct survey_info *ar_survey = &ar->survey[idx];
4154 	int ret = 0;
4155 
4156 	mutex_lock(&ar->conf_mutex);
4157 
4158 	sband = hw->wiphy->bands[IEEE80211_BAND_2GHZ];
4159 	if (sband && idx >= sband->n_channels) {
4160 		idx -= sband->n_channels;
4161 		sband = NULL;
4162 	}
4163 
4164 	if (!sband)
4165 		sband = hw->wiphy->bands[IEEE80211_BAND_5GHZ];
4166 
4167 	if (!sband || idx >= sband->n_channels) {
4168 		ret = -ENOENT;
4169 		goto exit;
4170 	}
4171 
4172 	spin_lock_bh(&ar->data_lock);
4173 	memcpy(survey, ar_survey, sizeof(*survey));
4174 	spin_unlock_bh(&ar->data_lock);
4175 
4176 	survey->channel = &sband->channels[idx];
4177 
4178 	if (ar->rx_channel == survey->channel)
4179 		survey->filled |= SURVEY_INFO_IN_USE;
4180 
4181 exit:
4182 	mutex_unlock(&ar->conf_mutex);
4183 	return ret;
4184 }
4185 
4186 /* Helper table for legacy fixed_rate/bitrate_mask */
4187 static const u8 cck_ofdm_rate[] = {
4188 	/* CCK */
4189 	3, /* 1Mbps */
4190 	2, /* 2Mbps */
4191 	1, /* 5.5Mbps */
4192 	0, /* 11Mbps */
4193 	/* OFDM */
4194 	3, /* 6Mbps */
4195 	7, /* 9Mbps */
4196 	2, /* 12Mbps */
4197 	6, /* 18Mbps */
4198 	1, /* 24Mbps */
4199 	5, /* 36Mbps */
4200 	0, /* 48Mbps */
4201 	4, /* 54Mbps */
4202 };
4203 
4204 /* Check if only one bit set */
4205 static int ath10k_check_single_mask(u32 mask)
4206 {
4207 	int bit;
4208 
4209 	bit = ffs(mask);
4210 	if (!bit)
4211 		return 0;
4212 
4213 	mask &= ~BIT(bit - 1);
4214 	if (mask)
4215 		return 2;
4216 
4217 	return 1;
4218 }
4219 
4220 static bool
4221 ath10k_default_bitrate_mask(struct ath10k *ar,
4222 			    enum ieee80211_band band,
4223 			    const struct cfg80211_bitrate_mask *mask)
4224 {
4225 	u32 legacy = 0x00ff;
4226 	u8 ht = 0xff, i;
4227 	u16 vht = 0x3ff;
4228 	u16 nrf = ar->num_rf_chains;
4229 
4230 	if (ar->cfg_tx_chainmask)
4231 		nrf = get_nss_from_chainmask(ar->cfg_tx_chainmask);
4232 
4233 	switch (band) {
4234 	case IEEE80211_BAND_2GHZ:
4235 		legacy = 0x00fff;
4236 		vht = 0;
4237 		break;
4238 	case IEEE80211_BAND_5GHZ:
4239 		break;
4240 	default:
4241 		return false;
4242 	}
4243 
4244 	if (mask->control[band].legacy != legacy)
4245 		return false;
4246 
4247 	for (i = 0; i < nrf; i++)
4248 		if (mask->control[band].ht_mcs[i] != ht)
4249 			return false;
4250 
4251 	for (i = 0; i < nrf; i++)
4252 		if (mask->control[band].vht_mcs[i] != vht)
4253 			return false;
4254 
4255 	return true;
4256 }
4257 
4258 static bool
4259 ath10k_bitrate_mask_nss(const struct cfg80211_bitrate_mask *mask,
4260 			enum ieee80211_band band,
4261 			u8 *fixed_nss)
4262 {
4263 	int ht_nss = 0, vht_nss = 0, i;
4264 
4265 	/* check legacy */
4266 	if (ath10k_check_single_mask(mask->control[band].legacy))
4267 		return false;
4268 
4269 	/* check HT */
4270 	for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
4271 		if (mask->control[band].ht_mcs[i] == 0xff)
4272 			continue;
4273 		else if (mask->control[band].ht_mcs[i] == 0x00)
4274 			break;
4275 
4276 		return false;
4277 	}
4278 
4279 	ht_nss = i;
4280 
4281 	/* check VHT */
4282 	for (i = 0; i < NL80211_VHT_NSS_MAX; i++) {
4283 		if (mask->control[band].vht_mcs[i] == 0x03ff)
4284 			continue;
4285 		else if (mask->control[band].vht_mcs[i] == 0x0000)
4286 			break;
4287 
4288 		return false;
4289 	}
4290 
4291 	vht_nss = i;
4292 
4293 	if (ht_nss > 0 && vht_nss > 0)
4294 		return false;
4295 
4296 	if (ht_nss)
4297 		*fixed_nss = ht_nss;
4298 	else if (vht_nss)
4299 		*fixed_nss = vht_nss;
4300 	else
4301 		return false;
4302 
4303 	return true;
4304 }
4305 
4306 static bool
4307 ath10k_bitrate_mask_correct(const struct cfg80211_bitrate_mask *mask,
4308 			    enum ieee80211_band band,
4309 			    enum wmi_rate_preamble *preamble)
4310 {
4311 	int legacy = 0, ht = 0, vht = 0, i;
4312 
4313 	*preamble = WMI_RATE_PREAMBLE_OFDM;
4314 
4315 	/* check legacy */
4316 	legacy = ath10k_check_single_mask(mask->control[band].legacy);
4317 	if (legacy > 1)
4318 		return false;
4319 
4320 	/* check HT */
4321 	for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++)
4322 		ht += ath10k_check_single_mask(mask->control[band].ht_mcs[i]);
4323 	if (ht > 1)
4324 		return false;
4325 
4326 	/* check VHT */
4327 	for (i = 0; i < NL80211_VHT_NSS_MAX; i++)
4328 		vht += ath10k_check_single_mask(mask->control[band].vht_mcs[i]);
4329 	if (vht > 1)
4330 		return false;
4331 
4332 	/* Currently we support only one fixed_rate */
4333 	if ((legacy + ht + vht) != 1)
4334 		return false;
4335 
4336 	if (ht)
4337 		*preamble = WMI_RATE_PREAMBLE_HT;
4338 	else if (vht)
4339 		*preamble = WMI_RATE_PREAMBLE_VHT;
4340 
4341 	return true;
4342 }
4343 
4344 static bool
4345 ath10k_bitrate_mask_rate(struct ath10k *ar,
4346 			 const struct cfg80211_bitrate_mask *mask,
4347 			 enum ieee80211_band band,
4348 			 u8 *fixed_rate,
4349 			 u8 *fixed_nss)
4350 {
4351 	u8 rate = 0, pream = 0, nss = 0, i;
4352 	enum wmi_rate_preamble preamble;
4353 
4354 	/* Check if single rate correct */
4355 	if (!ath10k_bitrate_mask_correct(mask, band, &preamble))
4356 		return false;
4357 
4358 	pream = preamble;
4359 
4360 	switch (preamble) {
4361 	case WMI_RATE_PREAMBLE_CCK:
4362 	case WMI_RATE_PREAMBLE_OFDM:
4363 		i = ffs(mask->control[band].legacy) - 1;
4364 
4365 		if (band == IEEE80211_BAND_2GHZ && i < 4)
4366 			pream = WMI_RATE_PREAMBLE_CCK;
4367 
4368 		if (band == IEEE80211_BAND_5GHZ)
4369 			i += 4;
4370 
4371 		if (i >= ARRAY_SIZE(cck_ofdm_rate))
4372 			return false;
4373 
4374 		rate = cck_ofdm_rate[i];
4375 		break;
4376 	case WMI_RATE_PREAMBLE_HT:
4377 		for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++)
4378 			if (mask->control[band].ht_mcs[i])
4379 				break;
4380 
4381 		if (i == IEEE80211_HT_MCS_MASK_LEN)
4382 			return false;
4383 
4384 		rate = ffs(mask->control[band].ht_mcs[i]) - 1;
4385 		nss = i;
4386 		break;
4387 	case WMI_RATE_PREAMBLE_VHT:
4388 		for (i = 0; i < NL80211_VHT_NSS_MAX; i++)
4389 			if (mask->control[band].vht_mcs[i])
4390 				break;
4391 
4392 		if (i == NL80211_VHT_NSS_MAX)
4393 			return false;
4394 
4395 		rate = ffs(mask->control[band].vht_mcs[i]) - 1;
4396 		nss = i;
4397 		break;
4398 	}
4399 
4400 	*fixed_nss = nss + 1;
4401 	nss <<= 4;
4402 	pream <<= 6;
4403 
4404 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac fixed rate pream 0x%02x nss 0x%02x rate 0x%02x\n",
4405 		   pream, nss, rate);
4406 
4407 	*fixed_rate = pream | nss | rate;
4408 
4409 	return true;
4410 }
4411 
4412 static bool ath10k_get_fixed_rate_nss(struct ath10k *ar,
4413 				      const struct cfg80211_bitrate_mask *mask,
4414 				      enum ieee80211_band band,
4415 				      u8 *fixed_rate,
4416 				      u8 *fixed_nss)
4417 {
4418 	/* First check full NSS mask, if we can simply limit NSS */
4419 	if (ath10k_bitrate_mask_nss(mask, band, fixed_nss))
4420 		return true;
4421 
4422 	/* Next Check single rate is set */
4423 	return ath10k_bitrate_mask_rate(ar, mask, band, fixed_rate, fixed_nss);
4424 }
4425 
4426 static int ath10k_set_fixed_rate_param(struct ath10k_vif *arvif,
4427 				       u8 fixed_rate,
4428 				       u8 fixed_nss,
4429 				       u8 force_sgi)
4430 {
4431 	struct ath10k *ar = arvif->ar;
4432 	u32 vdev_param;
4433 	int ret = 0;
4434 
4435 	mutex_lock(&ar->conf_mutex);
4436 
4437 	if (arvif->fixed_rate == fixed_rate &&
4438 	    arvif->fixed_nss == fixed_nss &&
4439 	    arvif->force_sgi == force_sgi)
4440 		goto exit;
4441 
4442 	if (fixed_rate == WMI_FIXED_RATE_NONE)
4443 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac disable fixed bitrate mask\n");
4444 
4445 	if (force_sgi)
4446 		ath10k_dbg(ar, ATH10K_DBG_MAC, "mac force sgi\n");
4447 
4448 	vdev_param = ar->wmi.vdev_param->fixed_rate;
4449 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
4450 					vdev_param, fixed_rate);
4451 	if (ret) {
4452 		ath10k_warn(ar, "failed to set fixed rate param 0x%02x: %d\n",
4453 			    fixed_rate, ret);
4454 		ret = -EINVAL;
4455 		goto exit;
4456 	}
4457 
4458 	arvif->fixed_rate = fixed_rate;
4459 
4460 	vdev_param = ar->wmi.vdev_param->nss;
4461 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id,
4462 					vdev_param, fixed_nss);
4463 
4464 	if (ret) {
4465 		ath10k_warn(ar, "failed to set fixed nss param %d: %d\n",
4466 			    fixed_nss, ret);
4467 		ret = -EINVAL;
4468 		goto exit;
4469 	}
4470 
4471 	arvif->fixed_nss = fixed_nss;
4472 
4473 	vdev_param = ar->wmi.vdev_param->sgi;
4474 	ret = ath10k_wmi_vdev_set_param(ar, arvif->vdev_id, vdev_param,
4475 					force_sgi);
4476 
4477 	if (ret) {
4478 		ath10k_warn(ar, "failed to set sgi param %d: %d\n",
4479 			    force_sgi, ret);
4480 		ret = -EINVAL;
4481 		goto exit;
4482 	}
4483 
4484 	arvif->force_sgi = force_sgi;
4485 
4486 exit:
4487 	mutex_unlock(&ar->conf_mutex);
4488 	return ret;
4489 }
4490 
4491 static int ath10k_set_bitrate_mask(struct ieee80211_hw *hw,
4492 				   struct ieee80211_vif *vif,
4493 				   const struct cfg80211_bitrate_mask *mask)
4494 {
4495 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
4496 	struct ath10k *ar = arvif->ar;
4497 	enum ieee80211_band band = ar->hw->conf.chandef.chan->band;
4498 	u8 fixed_rate = WMI_FIXED_RATE_NONE;
4499 	u8 fixed_nss = ar->num_rf_chains;
4500 	u8 force_sgi;
4501 
4502 	if (ar->cfg_tx_chainmask)
4503 		fixed_nss = get_nss_from_chainmask(ar->cfg_tx_chainmask);
4504 
4505 	force_sgi = mask->control[band].gi;
4506 	if (force_sgi == NL80211_TXRATE_FORCE_LGI)
4507 		return -EINVAL;
4508 
4509 	if (!ath10k_default_bitrate_mask(ar, band, mask)) {
4510 		if (!ath10k_get_fixed_rate_nss(ar, mask, band,
4511 					       &fixed_rate,
4512 					       &fixed_nss))
4513 			return -EINVAL;
4514 	}
4515 
4516 	if (fixed_rate == WMI_FIXED_RATE_NONE && force_sgi) {
4517 		ath10k_warn(ar, "failed to force SGI usage for default rate settings\n");
4518 		return -EINVAL;
4519 	}
4520 
4521 	return ath10k_set_fixed_rate_param(arvif, fixed_rate,
4522 					   fixed_nss, force_sgi);
4523 }
4524 
4525 static void ath10k_sta_rc_update(struct ieee80211_hw *hw,
4526 				 struct ieee80211_vif *vif,
4527 				 struct ieee80211_sta *sta,
4528 				 u32 changed)
4529 {
4530 	struct ath10k *ar = hw->priv;
4531 	struct ath10k_sta *arsta = (struct ath10k_sta *)sta->drv_priv;
4532 	u32 bw, smps;
4533 
4534 	spin_lock_bh(&ar->data_lock);
4535 
4536 	ath10k_dbg(ar, ATH10K_DBG_MAC,
4537 		   "mac sta rc update for %pM changed %08x bw %d nss %d smps %d\n",
4538 		   sta->addr, changed, sta->bandwidth, sta->rx_nss,
4539 		   sta->smps_mode);
4540 
4541 	if (changed & IEEE80211_RC_BW_CHANGED) {
4542 		bw = WMI_PEER_CHWIDTH_20MHZ;
4543 
4544 		switch (sta->bandwidth) {
4545 		case IEEE80211_STA_RX_BW_20:
4546 			bw = WMI_PEER_CHWIDTH_20MHZ;
4547 			break;
4548 		case IEEE80211_STA_RX_BW_40:
4549 			bw = WMI_PEER_CHWIDTH_40MHZ;
4550 			break;
4551 		case IEEE80211_STA_RX_BW_80:
4552 			bw = WMI_PEER_CHWIDTH_80MHZ;
4553 			break;
4554 		case IEEE80211_STA_RX_BW_160:
4555 			ath10k_warn(ar, "Invalid bandwith %d in rc update for %pM\n",
4556 				    sta->bandwidth, sta->addr);
4557 			bw = WMI_PEER_CHWIDTH_20MHZ;
4558 			break;
4559 		}
4560 
4561 		arsta->bw = bw;
4562 	}
4563 
4564 	if (changed & IEEE80211_RC_NSS_CHANGED)
4565 		arsta->nss = sta->rx_nss;
4566 
4567 	if (changed & IEEE80211_RC_SMPS_CHANGED) {
4568 		smps = WMI_PEER_SMPS_PS_NONE;
4569 
4570 		switch (sta->smps_mode) {
4571 		case IEEE80211_SMPS_AUTOMATIC:
4572 		case IEEE80211_SMPS_OFF:
4573 			smps = WMI_PEER_SMPS_PS_NONE;
4574 			break;
4575 		case IEEE80211_SMPS_STATIC:
4576 			smps = WMI_PEER_SMPS_STATIC;
4577 			break;
4578 		case IEEE80211_SMPS_DYNAMIC:
4579 			smps = WMI_PEER_SMPS_DYNAMIC;
4580 			break;
4581 		case IEEE80211_SMPS_NUM_MODES:
4582 			ath10k_warn(ar, "Invalid smps %d in sta rc update for %pM\n",
4583 				    sta->smps_mode, sta->addr);
4584 			smps = WMI_PEER_SMPS_PS_NONE;
4585 			break;
4586 		}
4587 
4588 		arsta->smps = smps;
4589 	}
4590 
4591 	arsta->changed |= changed;
4592 
4593 	spin_unlock_bh(&ar->data_lock);
4594 
4595 	ieee80211_queue_work(hw, &arsta->update_wk);
4596 }
4597 
4598 static u64 ath10k_get_tsf(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
4599 {
4600 	/*
4601 	 * FIXME: Return 0 for time being. Need to figure out whether FW
4602 	 * has the API to fetch 64-bit local TSF
4603 	 */
4604 
4605 	return 0;
4606 }
4607 
4608 static int ath10k_ampdu_action(struct ieee80211_hw *hw,
4609 			       struct ieee80211_vif *vif,
4610 			       enum ieee80211_ampdu_mlme_action action,
4611 			       struct ieee80211_sta *sta, u16 tid, u16 *ssn,
4612 			       u8 buf_size)
4613 {
4614 	struct ath10k *ar = hw->priv;
4615 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
4616 
4617 	ath10k_dbg(ar, ATH10K_DBG_MAC, "mac ampdu vdev_id %i sta %pM tid %hu action %d\n",
4618 		   arvif->vdev_id, sta->addr, tid, action);
4619 
4620 	switch (action) {
4621 	case IEEE80211_AMPDU_RX_START:
4622 	case IEEE80211_AMPDU_RX_STOP:
4623 		/* HTT AddBa/DelBa events trigger mac80211 Rx BA session
4624 		 * creation/removal. Do we need to verify this?
4625 		 */
4626 		return 0;
4627 	case IEEE80211_AMPDU_TX_START:
4628 	case IEEE80211_AMPDU_TX_STOP_CONT:
4629 	case IEEE80211_AMPDU_TX_STOP_FLUSH:
4630 	case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
4631 	case IEEE80211_AMPDU_TX_OPERATIONAL:
4632 		/* Firmware offloads Tx aggregation entirely so deny mac80211
4633 		 * Tx aggregation requests.
4634 		 */
4635 		return -EOPNOTSUPP;
4636 	}
4637 
4638 	return -EINVAL;
4639 }
4640 
4641 static const struct ieee80211_ops ath10k_ops = {
4642 	.tx				= ath10k_tx,
4643 	.start				= ath10k_start,
4644 	.stop				= ath10k_stop,
4645 	.config				= ath10k_config,
4646 	.add_interface			= ath10k_add_interface,
4647 	.remove_interface		= ath10k_remove_interface,
4648 	.configure_filter		= ath10k_configure_filter,
4649 	.bss_info_changed		= ath10k_bss_info_changed,
4650 	.hw_scan			= ath10k_hw_scan,
4651 	.cancel_hw_scan			= ath10k_cancel_hw_scan,
4652 	.set_key			= ath10k_set_key,
4653 	.sta_state			= ath10k_sta_state,
4654 	.conf_tx			= ath10k_conf_tx,
4655 	.remain_on_channel		= ath10k_remain_on_channel,
4656 	.cancel_remain_on_channel	= ath10k_cancel_remain_on_channel,
4657 	.set_rts_threshold		= ath10k_set_rts_threshold,
4658 	.set_frag_threshold		= ath10k_set_frag_threshold,
4659 	.flush				= ath10k_flush,
4660 	.tx_last_beacon			= ath10k_tx_last_beacon,
4661 	.set_antenna			= ath10k_set_antenna,
4662 	.get_antenna			= ath10k_get_antenna,
4663 	.reconfig_complete		= ath10k_reconfig_complete,
4664 	.get_survey			= ath10k_get_survey,
4665 	.set_bitrate_mask		= ath10k_set_bitrate_mask,
4666 	.sta_rc_update			= ath10k_sta_rc_update,
4667 	.get_tsf			= ath10k_get_tsf,
4668 	.ampdu_action			= ath10k_ampdu_action,
4669 	.get_et_sset_count		= ath10k_debug_get_et_sset_count,
4670 	.get_et_stats			= ath10k_debug_get_et_stats,
4671 	.get_et_strings			= ath10k_debug_get_et_strings,
4672 
4673 	CFG80211_TESTMODE_CMD(ath10k_tm_cmd)
4674 
4675 #ifdef CONFIG_PM
4676 	.suspend			= ath10k_suspend,
4677 	.resume				= ath10k_resume,
4678 #endif
4679 };
4680 
4681 #define RATETAB_ENT(_rate, _rateid, _flags) { \
4682 	.bitrate		= (_rate), \
4683 	.flags			= (_flags), \
4684 	.hw_value		= (_rateid), \
4685 }
4686 
4687 #define CHAN2G(_channel, _freq, _flags) { \
4688 	.band			= IEEE80211_BAND_2GHZ, \
4689 	.hw_value		= (_channel), \
4690 	.center_freq		= (_freq), \
4691 	.flags			= (_flags), \
4692 	.max_antenna_gain	= 0, \
4693 	.max_power		= 30, \
4694 }
4695 
4696 #define CHAN5G(_channel, _freq, _flags) { \
4697 	.band			= IEEE80211_BAND_5GHZ, \
4698 	.hw_value		= (_channel), \
4699 	.center_freq		= (_freq), \
4700 	.flags			= (_flags), \
4701 	.max_antenna_gain	= 0, \
4702 	.max_power		= 30, \
4703 }
4704 
4705 static const struct ieee80211_channel ath10k_2ghz_channels[] = {
4706 	CHAN2G(1, 2412, 0),
4707 	CHAN2G(2, 2417, 0),
4708 	CHAN2G(3, 2422, 0),
4709 	CHAN2G(4, 2427, 0),
4710 	CHAN2G(5, 2432, 0),
4711 	CHAN2G(6, 2437, 0),
4712 	CHAN2G(7, 2442, 0),
4713 	CHAN2G(8, 2447, 0),
4714 	CHAN2G(9, 2452, 0),
4715 	CHAN2G(10, 2457, 0),
4716 	CHAN2G(11, 2462, 0),
4717 	CHAN2G(12, 2467, 0),
4718 	CHAN2G(13, 2472, 0),
4719 	CHAN2G(14, 2484, 0),
4720 };
4721 
4722 static const struct ieee80211_channel ath10k_5ghz_channels[] = {
4723 	CHAN5G(36, 5180, 0),
4724 	CHAN5G(40, 5200, 0),
4725 	CHAN5G(44, 5220, 0),
4726 	CHAN5G(48, 5240, 0),
4727 	CHAN5G(52, 5260, 0),
4728 	CHAN5G(56, 5280, 0),
4729 	CHAN5G(60, 5300, 0),
4730 	CHAN5G(64, 5320, 0),
4731 	CHAN5G(100, 5500, 0),
4732 	CHAN5G(104, 5520, 0),
4733 	CHAN5G(108, 5540, 0),
4734 	CHAN5G(112, 5560, 0),
4735 	CHAN5G(116, 5580, 0),
4736 	CHAN5G(120, 5600, 0),
4737 	CHAN5G(124, 5620, 0),
4738 	CHAN5G(128, 5640, 0),
4739 	CHAN5G(132, 5660, 0),
4740 	CHAN5G(136, 5680, 0),
4741 	CHAN5G(140, 5700, 0),
4742 	CHAN5G(149, 5745, 0),
4743 	CHAN5G(153, 5765, 0),
4744 	CHAN5G(157, 5785, 0),
4745 	CHAN5G(161, 5805, 0),
4746 	CHAN5G(165, 5825, 0),
4747 };
4748 
4749 static struct ieee80211_rate ath10k_rates[] = {
4750 	/* CCK */
4751 	RATETAB_ENT(10,  0x82, 0),
4752 	RATETAB_ENT(20,  0x84, 0),
4753 	RATETAB_ENT(55,  0x8b, 0),
4754 	RATETAB_ENT(110, 0x96, 0),
4755 	/* OFDM */
4756 	RATETAB_ENT(60,  0x0c, 0),
4757 	RATETAB_ENT(90,  0x12, 0),
4758 	RATETAB_ENT(120, 0x18, 0),
4759 	RATETAB_ENT(180, 0x24, 0),
4760 	RATETAB_ENT(240, 0x30, 0),
4761 	RATETAB_ENT(360, 0x48, 0),
4762 	RATETAB_ENT(480, 0x60, 0),
4763 	RATETAB_ENT(540, 0x6c, 0),
4764 };
4765 
4766 #define ath10k_a_rates (ath10k_rates + 4)
4767 #define ath10k_a_rates_size (ARRAY_SIZE(ath10k_rates) - 4)
4768 #define ath10k_g_rates (ath10k_rates + 0)
4769 #define ath10k_g_rates_size (ARRAY_SIZE(ath10k_rates))
4770 
4771 struct ath10k *ath10k_mac_create(size_t priv_size)
4772 {
4773 	struct ieee80211_hw *hw;
4774 	struct ath10k *ar;
4775 
4776 	hw = ieee80211_alloc_hw(sizeof(struct ath10k) + priv_size, &ath10k_ops);
4777 	if (!hw)
4778 		return NULL;
4779 
4780 	ar = hw->priv;
4781 	ar->hw = hw;
4782 
4783 	return ar;
4784 }
4785 
4786 void ath10k_mac_destroy(struct ath10k *ar)
4787 {
4788 	ieee80211_free_hw(ar->hw);
4789 }
4790 
4791 static const struct ieee80211_iface_limit ath10k_if_limits[] = {
4792 	{
4793 	.max	= 8,
4794 	.types	= BIT(NL80211_IFTYPE_STATION)
4795 		| BIT(NL80211_IFTYPE_P2P_CLIENT)
4796 	},
4797 	{
4798 	.max	= 3,
4799 	.types	= BIT(NL80211_IFTYPE_P2P_GO)
4800 	},
4801 	{
4802 	.max	= 7,
4803 	.types	= BIT(NL80211_IFTYPE_AP)
4804 	},
4805 };
4806 
4807 static const struct ieee80211_iface_limit ath10k_10x_if_limits[] = {
4808 	{
4809 	.max	= 8,
4810 	.types	= BIT(NL80211_IFTYPE_AP)
4811 	},
4812 };
4813 
4814 static const struct ieee80211_iface_combination ath10k_if_comb[] = {
4815 	{
4816 		.limits = ath10k_if_limits,
4817 		.n_limits = ARRAY_SIZE(ath10k_if_limits),
4818 		.max_interfaces = 8,
4819 		.num_different_channels = 1,
4820 		.beacon_int_infra_match = true,
4821 	},
4822 };
4823 
4824 static const struct ieee80211_iface_combination ath10k_10x_if_comb[] = {
4825 	{
4826 		.limits = ath10k_10x_if_limits,
4827 		.n_limits = ARRAY_SIZE(ath10k_10x_if_limits),
4828 		.max_interfaces = 8,
4829 		.num_different_channels = 1,
4830 		.beacon_int_infra_match = true,
4831 #ifdef CONFIG_ATH10K_DFS_CERTIFIED
4832 		.radar_detect_widths =	BIT(NL80211_CHAN_WIDTH_20_NOHT) |
4833 					BIT(NL80211_CHAN_WIDTH_20) |
4834 					BIT(NL80211_CHAN_WIDTH_40) |
4835 					BIT(NL80211_CHAN_WIDTH_80),
4836 #endif
4837 	},
4838 };
4839 
4840 static struct ieee80211_sta_vht_cap ath10k_create_vht_cap(struct ath10k *ar)
4841 {
4842 	struct ieee80211_sta_vht_cap vht_cap = {0};
4843 	u16 mcs_map;
4844 	int i;
4845 
4846 	vht_cap.vht_supported = 1;
4847 	vht_cap.cap = ar->vht_cap_info;
4848 
4849 	mcs_map = 0;
4850 	for (i = 0; i < 8; i++) {
4851 		if (i < ar->num_rf_chains)
4852 			mcs_map |= IEEE80211_VHT_MCS_SUPPORT_0_9 << (i*2);
4853 		else
4854 			mcs_map |= IEEE80211_VHT_MCS_NOT_SUPPORTED << (i*2);
4855 	}
4856 
4857 	vht_cap.vht_mcs.rx_mcs_map = cpu_to_le16(mcs_map);
4858 	vht_cap.vht_mcs.tx_mcs_map = cpu_to_le16(mcs_map);
4859 
4860 	return vht_cap;
4861 }
4862 
4863 static struct ieee80211_sta_ht_cap ath10k_get_ht_cap(struct ath10k *ar)
4864 {
4865 	int i;
4866 	struct ieee80211_sta_ht_cap ht_cap = {0};
4867 
4868 	if (!(ar->ht_cap_info & WMI_HT_CAP_ENABLED))
4869 		return ht_cap;
4870 
4871 	ht_cap.ht_supported = 1;
4872 	ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
4873 	ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_8;
4874 	ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
4875 	ht_cap.cap |= IEEE80211_HT_CAP_DSSSCCK40;
4876 	ht_cap.cap |= WLAN_HT_CAP_SM_PS_STATIC << IEEE80211_HT_CAP_SM_PS_SHIFT;
4877 
4878 	if (ar->ht_cap_info & WMI_HT_CAP_HT20_SGI)
4879 		ht_cap.cap |= IEEE80211_HT_CAP_SGI_20;
4880 
4881 	if (ar->ht_cap_info & WMI_HT_CAP_HT40_SGI)
4882 		ht_cap.cap |= IEEE80211_HT_CAP_SGI_40;
4883 
4884 	if (ar->ht_cap_info & WMI_HT_CAP_DYNAMIC_SMPS) {
4885 		u32 smps;
4886 
4887 		smps   = WLAN_HT_CAP_SM_PS_DYNAMIC;
4888 		smps <<= IEEE80211_HT_CAP_SM_PS_SHIFT;
4889 
4890 		ht_cap.cap |= smps;
4891 	}
4892 
4893 	if (ar->ht_cap_info & WMI_HT_CAP_TX_STBC)
4894 		ht_cap.cap |= IEEE80211_HT_CAP_TX_STBC;
4895 
4896 	if (ar->ht_cap_info & WMI_HT_CAP_RX_STBC) {
4897 		u32 stbc;
4898 
4899 		stbc   = ar->ht_cap_info;
4900 		stbc  &= WMI_HT_CAP_RX_STBC;
4901 		stbc >>= WMI_HT_CAP_RX_STBC_MASK_SHIFT;
4902 		stbc <<= IEEE80211_HT_CAP_RX_STBC_SHIFT;
4903 		stbc  &= IEEE80211_HT_CAP_RX_STBC;
4904 
4905 		ht_cap.cap |= stbc;
4906 	}
4907 
4908 	if (ar->ht_cap_info & WMI_HT_CAP_LDPC)
4909 		ht_cap.cap |= IEEE80211_HT_CAP_LDPC_CODING;
4910 
4911 	if (ar->ht_cap_info & WMI_HT_CAP_L_SIG_TXOP_PROT)
4912 		ht_cap.cap |= IEEE80211_HT_CAP_LSIG_TXOP_PROT;
4913 
4914 	/* max AMSDU is implicitly taken from vht_cap_info */
4915 	if (ar->vht_cap_info & WMI_VHT_CAP_MAX_MPDU_LEN_MASK)
4916 		ht_cap.cap |= IEEE80211_HT_CAP_MAX_AMSDU;
4917 
4918 	for (i = 0; i < ar->num_rf_chains; i++)
4919 		ht_cap.mcs.rx_mask[i] = 0xFF;
4920 
4921 	ht_cap.mcs.tx_params |= IEEE80211_HT_MCS_TX_DEFINED;
4922 
4923 	return ht_cap;
4924 }
4925 
4926 static void ath10k_get_arvif_iter(void *data, u8 *mac,
4927 				  struct ieee80211_vif *vif)
4928 {
4929 	struct ath10k_vif_iter *arvif_iter = data;
4930 	struct ath10k_vif *arvif = ath10k_vif_to_arvif(vif);
4931 
4932 	if (arvif->vdev_id == arvif_iter->vdev_id)
4933 		arvif_iter->arvif = arvif;
4934 }
4935 
4936 struct ath10k_vif *ath10k_get_arvif(struct ath10k *ar, u32 vdev_id)
4937 {
4938 	struct ath10k_vif_iter arvif_iter;
4939 	u32 flags;
4940 
4941 	memset(&arvif_iter, 0, sizeof(struct ath10k_vif_iter));
4942 	arvif_iter.vdev_id = vdev_id;
4943 
4944 	flags = IEEE80211_IFACE_ITER_RESUME_ALL;
4945 	ieee80211_iterate_active_interfaces_atomic(ar->hw,
4946 						   flags,
4947 						   ath10k_get_arvif_iter,
4948 						   &arvif_iter);
4949 	if (!arvif_iter.arvif) {
4950 		ath10k_warn(ar, "No VIF found for vdev %d\n", vdev_id);
4951 		return NULL;
4952 	}
4953 
4954 	return arvif_iter.arvif;
4955 }
4956 
4957 int ath10k_mac_register(struct ath10k *ar)
4958 {
4959 	struct ieee80211_supported_band *band;
4960 	struct ieee80211_sta_vht_cap vht_cap;
4961 	struct ieee80211_sta_ht_cap ht_cap;
4962 	void *channels;
4963 	int ret;
4964 
4965 	SET_IEEE80211_PERM_ADDR(ar->hw, ar->mac_addr);
4966 
4967 	SET_IEEE80211_DEV(ar->hw, ar->dev);
4968 
4969 	ht_cap = ath10k_get_ht_cap(ar);
4970 	vht_cap = ath10k_create_vht_cap(ar);
4971 
4972 	if (ar->phy_capability & WHAL_WLAN_11G_CAPABILITY) {
4973 		channels = kmemdup(ath10k_2ghz_channels,
4974 				   sizeof(ath10k_2ghz_channels),
4975 				   GFP_KERNEL);
4976 		if (!channels) {
4977 			ret = -ENOMEM;
4978 			goto err_free;
4979 		}
4980 
4981 		band = &ar->mac.sbands[IEEE80211_BAND_2GHZ];
4982 		band->n_channels = ARRAY_SIZE(ath10k_2ghz_channels);
4983 		band->channels = channels;
4984 		band->n_bitrates = ath10k_g_rates_size;
4985 		band->bitrates = ath10k_g_rates;
4986 		band->ht_cap = ht_cap;
4987 
4988 		/* vht is not supported in 2.4 GHz */
4989 
4990 		ar->hw->wiphy->bands[IEEE80211_BAND_2GHZ] = band;
4991 	}
4992 
4993 	if (ar->phy_capability & WHAL_WLAN_11A_CAPABILITY) {
4994 		channels = kmemdup(ath10k_5ghz_channels,
4995 				   sizeof(ath10k_5ghz_channels),
4996 				   GFP_KERNEL);
4997 		if (!channels) {
4998 			ret = -ENOMEM;
4999 			goto err_free;
5000 		}
5001 
5002 		band = &ar->mac.sbands[IEEE80211_BAND_5GHZ];
5003 		band->n_channels = ARRAY_SIZE(ath10k_5ghz_channels);
5004 		band->channels = channels;
5005 		band->n_bitrates = ath10k_a_rates_size;
5006 		band->bitrates = ath10k_a_rates;
5007 		band->ht_cap = ht_cap;
5008 		band->vht_cap = vht_cap;
5009 		ar->hw->wiphy->bands[IEEE80211_BAND_5GHZ] = band;
5010 	}
5011 
5012 	ar->hw->wiphy->interface_modes =
5013 		BIT(NL80211_IFTYPE_STATION) |
5014 		BIT(NL80211_IFTYPE_AP);
5015 
5016 	ar->hw->wiphy->available_antennas_rx = ar->supp_rx_chainmask;
5017 	ar->hw->wiphy->available_antennas_tx = ar->supp_tx_chainmask;
5018 
5019 	if (!test_bit(ATH10K_FW_FEATURE_NO_P2P, ar->fw_features))
5020 		ar->hw->wiphy->interface_modes |=
5021 			BIT(NL80211_IFTYPE_P2P_CLIENT) |
5022 			BIT(NL80211_IFTYPE_P2P_GO);
5023 
5024 	ar->hw->flags = IEEE80211_HW_SIGNAL_DBM |
5025 			IEEE80211_HW_SUPPORTS_PS |
5026 			IEEE80211_HW_SUPPORTS_DYNAMIC_PS |
5027 			IEEE80211_HW_SUPPORTS_UAPSD |
5028 			IEEE80211_HW_MFP_CAPABLE |
5029 			IEEE80211_HW_REPORTS_TX_ACK_STATUS |
5030 			IEEE80211_HW_HAS_RATE_CONTROL |
5031 			IEEE80211_HW_AP_LINK_PS |
5032 			IEEE80211_HW_SPECTRUM_MGMT;
5033 
5034 	ar->hw->wiphy->features |= NL80211_FEATURE_STATIC_SMPS;
5035 
5036 	if (ar->ht_cap_info & WMI_HT_CAP_DYNAMIC_SMPS)
5037 		ar->hw->wiphy->features |= NL80211_FEATURE_DYNAMIC_SMPS;
5038 
5039 	if (ar->ht_cap_info & WMI_HT_CAP_ENABLED) {
5040 		ar->hw->flags |= IEEE80211_HW_AMPDU_AGGREGATION;
5041 		ar->hw->flags |= IEEE80211_HW_TX_AMPDU_SETUP_IN_HW;
5042 	}
5043 
5044 	ar->hw->wiphy->max_scan_ssids = WLAN_SCAN_PARAMS_MAX_SSID;
5045 	ar->hw->wiphy->max_scan_ie_len = WLAN_SCAN_PARAMS_MAX_IE_LEN;
5046 
5047 	ar->hw->vif_data_size = sizeof(struct ath10k_vif);
5048 	ar->hw->sta_data_size = sizeof(struct ath10k_sta);
5049 
5050 	ar->hw->max_listen_interval = ATH10K_MAX_HW_LISTEN_INTERVAL;
5051 
5052 	ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
5053 	ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_CHANNEL_SWITCH;
5054 	ar->hw->wiphy->max_remain_on_channel_duration = 5000;
5055 
5056 	ar->hw->wiphy->flags |= WIPHY_FLAG_AP_UAPSD;
5057 	ar->hw->wiphy->features |= NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE;
5058 
5059 	/*
5060 	 * on LL hardware queues are managed entirely by the FW
5061 	 * so we only advertise to mac we can do the queues thing
5062 	 */
5063 	ar->hw->queues = 4;
5064 
5065 	if (test_bit(ATH10K_FW_FEATURE_WMI_10X, ar->fw_features)) {
5066 		ar->hw->wiphy->iface_combinations = ath10k_10x_if_comb;
5067 		ar->hw->wiphy->n_iface_combinations =
5068 			ARRAY_SIZE(ath10k_10x_if_comb);
5069 	} else {
5070 		ar->hw->wiphy->iface_combinations = ath10k_if_comb;
5071 		ar->hw->wiphy->n_iface_combinations =
5072 			ARRAY_SIZE(ath10k_if_comb);
5073 
5074 		ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_ADHOC);
5075 	}
5076 
5077 	ar->hw->netdev_features = NETIF_F_HW_CSUM;
5078 
5079 	if (config_enabled(CONFIG_ATH10K_DFS_CERTIFIED)) {
5080 		/* Init ath dfs pattern detector */
5081 		ar->ath_common.debug_mask = ATH_DBG_DFS;
5082 		ar->dfs_detector = dfs_pattern_detector_init(&ar->ath_common,
5083 							     NL80211_DFS_UNSET);
5084 
5085 		if (!ar->dfs_detector)
5086 			ath10k_warn(ar, "failed to initialise DFS pattern detector\n");
5087 	}
5088 
5089 	ret = ath_regd_init(&ar->ath_common.regulatory, ar->hw->wiphy,
5090 			    ath10k_reg_notifier);
5091 	if (ret) {
5092 		ath10k_err(ar, "failed to initialise regulatory: %i\n", ret);
5093 		goto err_free;
5094 	}
5095 
5096 	ret = ieee80211_register_hw(ar->hw);
5097 	if (ret) {
5098 		ath10k_err(ar, "failed to register ieee80211: %d\n", ret);
5099 		goto err_free;
5100 	}
5101 
5102 	if (!ath_is_world_regd(&ar->ath_common.regulatory)) {
5103 		ret = regulatory_hint(ar->hw->wiphy,
5104 				      ar->ath_common.regulatory.alpha2);
5105 		if (ret)
5106 			goto err_unregister;
5107 	}
5108 
5109 	return 0;
5110 
5111 err_unregister:
5112 	ieee80211_unregister_hw(ar->hw);
5113 err_free:
5114 	kfree(ar->mac.sbands[IEEE80211_BAND_2GHZ].channels);
5115 	kfree(ar->mac.sbands[IEEE80211_BAND_5GHZ].channels);
5116 
5117 	return ret;
5118 }
5119 
5120 void ath10k_mac_unregister(struct ath10k *ar)
5121 {
5122 	ieee80211_unregister_hw(ar->hw);
5123 
5124 	if (config_enabled(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector)
5125 		ar->dfs_detector->exit(ar->dfs_detector);
5126 
5127 	kfree(ar->mac.sbands[IEEE80211_BAND_2GHZ].channels);
5128 	kfree(ar->mac.sbands[IEEE80211_BAND_5GHZ].channels);
5129 
5130 	SET_IEEE80211_DEV(ar->hw, NULL);
5131 }
5132