xref: /openbmc/linux/drivers/net/wireless/ath/ath11k/wmi.c (revision 1f00b5ab)
1 // SPDX-License-Identifier: BSD-3-Clause-Clear
2 /*
3  * Copyright (c) 2018-2019 The Linux Foundation. All rights reserved.
4  * Copyright (c) 2021, Qualcomm Innovation Center, Inc. All rights reserved.
5  */
6 #include <linux/skbuff.h>
7 #include <linux/ctype.h>
8 #include <net/mac80211.h>
9 #include <net/cfg80211.h>
10 #include <linux/completion.h>
11 #include <linux/if_ether.h>
12 #include <linux/types.h>
13 #include <linux/pci.h>
14 #include <linux/uuid.h>
15 #include <linux/time.h>
16 #include <linux/of.h>
17 #include "core.h"
18 #include "debug.h"
19 #include "mac.h"
20 #include "hw.h"
21 #include "peer.h"
22 
23 struct wmi_tlv_policy {
24 	size_t min_len;
25 };
26 
27 struct wmi_tlv_svc_ready_parse {
28 	bool wmi_svc_bitmap_done;
29 };
30 
31 struct wmi_tlv_dma_ring_caps_parse {
32 	struct wmi_dma_ring_capabilities *dma_ring_caps;
33 	u32 n_dma_ring_caps;
34 };
35 
36 struct wmi_tlv_svc_rdy_ext_parse {
37 	struct ath11k_service_ext_param param;
38 	struct wmi_soc_mac_phy_hw_mode_caps *hw_caps;
39 	struct wmi_hw_mode_capabilities *hw_mode_caps;
40 	u32 n_hw_mode_caps;
41 	u32 tot_phy_id;
42 	struct wmi_hw_mode_capabilities pref_hw_mode_caps;
43 	struct wmi_mac_phy_capabilities *mac_phy_caps;
44 	u32 n_mac_phy_caps;
45 	struct wmi_soc_hal_reg_capabilities *soc_hal_reg_caps;
46 	struct wmi_hal_reg_capabilities_ext *ext_hal_reg_caps;
47 	u32 n_ext_hal_reg_caps;
48 	struct wmi_tlv_dma_ring_caps_parse dma_caps_parse;
49 	bool hw_mode_done;
50 	bool mac_phy_done;
51 	bool ext_hal_reg_done;
52 	bool mac_phy_chainmask_combo_done;
53 	bool mac_phy_chainmask_cap_done;
54 	bool oem_dma_ring_cap_done;
55 	bool dma_ring_cap_done;
56 };
57 
58 struct wmi_tlv_svc_rdy_ext2_parse {
59 	struct wmi_tlv_dma_ring_caps_parse dma_caps_parse;
60 	bool dma_ring_cap_done;
61 };
62 
63 struct wmi_tlv_rdy_parse {
64 	u32 num_extra_mac_addr;
65 };
66 
67 struct wmi_tlv_dma_buf_release_parse {
68 	struct ath11k_wmi_dma_buf_release_fixed_param fixed;
69 	struct wmi_dma_buf_release_entry *buf_entry;
70 	struct wmi_dma_buf_release_meta_data *meta_data;
71 	u32 num_buf_entry;
72 	u32 num_meta;
73 	bool buf_entry_done;
74 	bool meta_data_done;
75 };
76 
77 struct wmi_tlv_fw_stats_parse {
78 	const struct wmi_stats_event *ev;
79 	const struct wmi_per_chain_rssi_stats *rssi;
80 	struct ath11k_fw_stats *stats;
81 	int rssi_num;
82 	bool chain_rssi_done;
83 };
84 
85 static const struct wmi_tlv_policy wmi_tlv_policies[] = {
86 	[WMI_TAG_ARRAY_BYTE]
87 		= { .min_len = 0 },
88 	[WMI_TAG_ARRAY_UINT32]
89 		= { .min_len = 0 },
90 	[WMI_TAG_SERVICE_READY_EVENT]
91 		= { .min_len = sizeof(struct wmi_service_ready_event) },
92 	[WMI_TAG_SERVICE_READY_EXT_EVENT]
93 		= { .min_len =  sizeof(struct wmi_service_ready_ext_event) },
94 	[WMI_TAG_SOC_MAC_PHY_HW_MODE_CAPS]
95 		= { .min_len = sizeof(struct wmi_soc_mac_phy_hw_mode_caps) },
96 	[WMI_TAG_SOC_HAL_REG_CAPABILITIES]
97 		= { .min_len = sizeof(struct wmi_soc_hal_reg_capabilities) },
98 	[WMI_TAG_VDEV_START_RESPONSE_EVENT]
99 		= { .min_len = sizeof(struct wmi_vdev_start_resp_event) },
100 	[WMI_TAG_PEER_DELETE_RESP_EVENT]
101 		= { .min_len = sizeof(struct wmi_peer_delete_resp_event) },
102 	[WMI_TAG_OFFLOAD_BCN_TX_STATUS_EVENT]
103 		= { .min_len = sizeof(struct wmi_bcn_tx_status_event) },
104 	[WMI_TAG_VDEV_STOPPED_EVENT]
105 		= { .min_len = sizeof(struct wmi_vdev_stopped_event) },
106 	[WMI_TAG_REG_CHAN_LIST_CC_EVENT]
107 		= { .min_len = sizeof(struct wmi_reg_chan_list_cc_event) },
108 	[WMI_TAG_MGMT_RX_HDR]
109 		= { .min_len = sizeof(struct wmi_mgmt_rx_hdr) },
110 	[WMI_TAG_MGMT_TX_COMPL_EVENT]
111 		= { .min_len = sizeof(struct wmi_mgmt_tx_compl_event) },
112 	[WMI_TAG_SCAN_EVENT]
113 		= { .min_len = sizeof(struct wmi_scan_event) },
114 	[WMI_TAG_PEER_STA_KICKOUT_EVENT]
115 		= { .min_len = sizeof(struct wmi_peer_sta_kickout_event) },
116 	[WMI_TAG_ROAM_EVENT]
117 		= { .min_len = sizeof(struct wmi_roam_event) },
118 	[WMI_TAG_CHAN_INFO_EVENT]
119 		= { .min_len = sizeof(struct wmi_chan_info_event) },
120 	[WMI_TAG_PDEV_BSS_CHAN_INFO_EVENT]
121 		= { .min_len = sizeof(struct wmi_pdev_bss_chan_info_event) },
122 	[WMI_TAG_VDEV_INSTALL_KEY_COMPLETE_EVENT]
123 		= { .min_len = sizeof(struct wmi_vdev_install_key_compl_event) },
124 	[WMI_TAG_READY_EVENT] = {
125 		.min_len = sizeof(struct wmi_ready_event_min) },
126 	[WMI_TAG_SERVICE_AVAILABLE_EVENT]
127 		= {.min_len = sizeof(struct wmi_service_available_event) },
128 	[WMI_TAG_PEER_ASSOC_CONF_EVENT]
129 		= { .min_len = sizeof(struct wmi_peer_assoc_conf_event) },
130 	[WMI_TAG_STATS_EVENT]
131 		= { .min_len = sizeof(struct wmi_stats_event) },
132 	[WMI_TAG_RFKILL_EVENT] = {
133 		.min_len = sizeof(struct wmi_rfkill_state_change_ev) },
134 	[WMI_TAG_PDEV_CTL_FAILSAFE_CHECK_EVENT]
135 		= { .min_len = sizeof(struct wmi_pdev_ctl_failsafe_chk_event) },
136 	[WMI_TAG_HOST_SWFDA_EVENT] = {
137 		.min_len = sizeof(struct wmi_fils_discovery_event) },
138 	[WMI_TAG_OFFLOAD_PRB_RSP_TX_STATUS_EVENT] = {
139 		.min_len = sizeof(struct wmi_probe_resp_tx_status_event) },
140 	[WMI_TAG_VDEV_DELETE_RESP_EVENT] = {
141 		.min_len = sizeof(struct wmi_vdev_delete_resp_event) },
142 	[WMI_TAG_OBSS_COLOR_COLLISION_EVT] = {
143 		.min_len = sizeof(struct wmi_obss_color_collision_event) },
144 	[WMI_TAG_11D_NEW_COUNTRY_EVENT] = {
145 		.min_len = sizeof(struct wmi_11d_new_cc_ev) },
146 	[WMI_TAG_PER_CHAIN_RSSI_STATS] = {
147 		.min_len = sizeof(struct wmi_per_chain_rssi_stats) },
148 	[WMI_TAG_TWT_ADD_DIALOG_COMPLETE_EVENT] = {
149 		.min_len = sizeof(struct wmi_twt_add_dialog_event) },
150 };
151 
152 #define PRIMAP(_hw_mode_) \
153 	[_hw_mode_] = _hw_mode_##_PRI
154 
155 static const int ath11k_hw_mode_pri_map[] = {
156 	PRIMAP(WMI_HOST_HW_MODE_SINGLE),
157 	PRIMAP(WMI_HOST_HW_MODE_DBS),
158 	PRIMAP(WMI_HOST_HW_MODE_SBS_PASSIVE),
159 	PRIMAP(WMI_HOST_HW_MODE_SBS),
160 	PRIMAP(WMI_HOST_HW_MODE_DBS_SBS),
161 	PRIMAP(WMI_HOST_HW_MODE_DBS_OR_SBS),
162 	/* keep last */
163 	PRIMAP(WMI_HOST_HW_MODE_MAX),
164 };
165 
166 static int
167 ath11k_wmi_tlv_iter(struct ath11k_base *ab, const void *ptr, size_t len,
168 		    int (*iter)(struct ath11k_base *ab, u16 tag, u16 len,
169 				const void *ptr, void *data),
170 		    void *data)
171 {
172 	const void *begin = ptr;
173 	const struct wmi_tlv *tlv;
174 	u16 tlv_tag, tlv_len;
175 	int ret;
176 
177 	while (len > 0) {
178 		if (len < sizeof(*tlv)) {
179 			ath11k_err(ab, "wmi tlv parse failure at byte %zd (%zu bytes left, %zu expected)\n",
180 				   ptr - begin, len, sizeof(*tlv));
181 			return -EINVAL;
182 		}
183 
184 		tlv = ptr;
185 		tlv_tag = FIELD_GET(WMI_TLV_TAG, tlv->header);
186 		tlv_len = FIELD_GET(WMI_TLV_LEN, tlv->header);
187 		ptr += sizeof(*tlv);
188 		len -= sizeof(*tlv);
189 
190 		if (tlv_len > len) {
191 			ath11k_err(ab, "wmi tlv parse failure of tag %u at byte %zd (%zu bytes left, %u expected)\n",
192 				   tlv_tag, ptr - begin, len, tlv_len);
193 			return -EINVAL;
194 		}
195 
196 		if (tlv_tag < ARRAY_SIZE(wmi_tlv_policies) &&
197 		    wmi_tlv_policies[tlv_tag].min_len &&
198 		    wmi_tlv_policies[tlv_tag].min_len > tlv_len) {
199 			ath11k_err(ab, "wmi tlv parse failure of tag %u at byte %zd (%u bytes is less than min length %zu)\n",
200 				   tlv_tag, ptr - begin, tlv_len,
201 				   wmi_tlv_policies[tlv_tag].min_len);
202 			return -EINVAL;
203 		}
204 
205 		ret = iter(ab, tlv_tag, tlv_len, ptr, data);
206 		if (ret)
207 			return ret;
208 
209 		ptr += tlv_len;
210 		len -= tlv_len;
211 	}
212 
213 	return 0;
214 }
215 
216 static int ath11k_wmi_tlv_iter_parse(struct ath11k_base *ab, u16 tag, u16 len,
217 				     const void *ptr, void *data)
218 {
219 	const void **tb = data;
220 
221 	if (tag < WMI_TAG_MAX)
222 		tb[tag] = ptr;
223 
224 	return 0;
225 }
226 
227 static int ath11k_wmi_tlv_parse(struct ath11k_base *ar, const void **tb,
228 				const void *ptr, size_t len)
229 {
230 	return ath11k_wmi_tlv_iter(ar, ptr, len, ath11k_wmi_tlv_iter_parse,
231 				   (void *)tb);
232 }
233 
234 static const void **
235 ath11k_wmi_tlv_parse_alloc(struct ath11k_base *ab, const void *ptr,
236 			   size_t len, gfp_t gfp)
237 {
238 	const void **tb;
239 	int ret;
240 
241 	tb = kcalloc(WMI_TAG_MAX, sizeof(*tb), gfp);
242 	if (!tb)
243 		return ERR_PTR(-ENOMEM);
244 
245 	ret = ath11k_wmi_tlv_parse(ab, tb, ptr, len);
246 	if (ret) {
247 		kfree(tb);
248 		return ERR_PTR(ret);
249 	}
250 
251 	return tb;
252 }
253 
254 static int ath11k_wmi_cmd_send_nowait(struct ath11k_pdev_wmi *wmi, struct sk_buff *skb,
255 				      u32 cmd_id)
256 {
257 	struct ath11k_skb_cb *skb_cb = ATH11K_SKB_CB(skb);
258 	struct ath11k_base *ab = wmi->wmi_ab->ab;
259 	struct wmi_cmd_hdr *cmd_hdr;
260 	int ret;
261 	u32 cmd = 0;
262 
263 	if (skb_push(skb, sizeof(struct wmi_cmd_hdr)) == NULL)
264 		return -ENOMEM;
265 
266 	cmd |= FIELD_PREP(WMI_CMD_HDR_CMD_ID, cmd_id);
267 
268 	cmd_hdr = (struct wmi_cmd_hdr *)skb->data;
269 	cmd_hdr->cmd_id = cmd;
270 
271 	trace_ath11k_wmi_cmd(ab, cmd_id, skb->data, skb->len);
272 
273 	memset(skb_cb, 0, sizeof(*skb_cb));
274 	ret = ath11k_htc_send(&ab->htc, wmi->eid, skb);
275 
276 	if (ret)
277 		goto err_pull;
278 
279 	return 0;
280 
281 err_pull:
282 	skb_pull(skb, sizeof(struct wmi_cmd_hdr));
283 	return ret;
284 }
285 
286 int ath11k_wmi_cmd_send(struct ath11k_pdev_wmi *wmi, struct sk_buff *skb,
287 			u32 cmd_id)
288 {
289 	struct ath11k_wmi_base *wmi_sc = wmi->wmi_ab;
290 	int ret = -EOPNOTSUPP;
291 	struct ath11k_base *ab = wmi_sc->ab;
292 
293 	might_sleep();
294 
295 	if (ab->hw_params.credit_flow) {
296 		wait_event_timeout(wmi_sc->tx_credits_wq, ({
297 			ret = ath11k_wmi_cmd_send_nowait(wmi, skb, cmd_id);
298 
299 			if (ret && test_bit(ATH11K_FLAG_CRASH_FLUSH,
300 					    &wmi_sc->ab->dev_flags))
301 				ret = -ESHUTDOWN;
302 
303 			(ret != -EAGAIN);
304 			}), WMI_SEND_TIMEOUT_HZ);
305 	} else {
306 		wait_event_timeout(wmi->tx_ce_desc_wq, ({
307 			ret = ath11k_wmi_cmd_send_nowait(wmi, skb, cmd_id);
308 
309 			if (ret && test_bit(ATH11K_FLAG_CRASH_FLUSH,
310 					    &wmi_sc->ab->dev_flags))
311 				ret = -ESHUTDOWN;
312 
313 			(ret != -ENOBUFS);
314 			}), WMI_SEND_TIMEOUT_HZ);
315 	}
316 
317 	if (ret == -EAGAIN)
318 		ath11k_warn(wmi_sc->ab, "wmi command %d timeout\n", cmd_id);
319 
320 	if (ret == -ENOBUFS)
321 		ath11k_warn(wmi_sc->ab, "ce desc not available for wmi command %d\n",
322 			    cmd_id);
323 
324 	return ret;
325 }
326 
327 static int ath11k_pull_svc_ready_ext(struct ath11k_pdev_wmi *wmi_handle,
328 				     const void *ptr,
329 				     struct ath11k_service_ext_param *param)
330 {
331 	const struct wmi_service_ready_ext_event *ev = ptr;
332 
333 	if (!ev)
334 		return -EINVAL;
335 
336 	/* Move this to host based bitmap */
337 	param->default_conc_scan_config_bits = ev->default_conc_scan_config_bits;
338 	param->default_fw_config_bits =	ev->default_fw_config_bits;
339 	param->he_cap_info = ev->he_cap_info;
340 	param->mpdu_density = ev->mpdu_density;
341 	param->max_bssid_rx_filters = ev->max_bssid_rx_filters;
342 	memcpy(&param->ppet, &ev->ppet, sizeof(param->ppet));
343 
344 	return 0;
345 }
346 
347 static int
348 ath11k_pull_mac_phy_cap_svc_ready_ext(struct ath11k_pdev_wmi *wmi_handle,
349 				      struct wmi_soc_mac_phy_hw_mode_caps *hw_caps,
350 				      struct wmi_hw_mode_capabilities *wmi_hw_mode_caps,
351 				      struct wmi_soc_hal_reg_capabilities *hal_reg_caps,
352 				      struct wmi_mac_phy_capabilities *wmi_mac_phy_caps,
353 				      u8 hw_mode_id, u8 phy_id,
354 				      struct ath11k_pdev *pdev)
355 {
356 	struct wmi_mac_phy_capabilities *mac_phy_caps;
357 	struct ath11k_base *ab = wmi_handle->wmi_ab->ab;
358 	struct ath11k_band_cap *cap_band;
359 	struct ath11k_pdev_cap *pdev_cap = &pdev->cap;
360 	u32 phy_map;
361 	u32 hw_idx, phy_idx = 0;
362 
363 	if (!hw_caps || !wmi_hw_mode_caps || !hal_reg_caps)
364 		return -EINVAL;
365 
366 	for (hw_idx = 0; hw_idx < hw_caps->num_hw_modes; hw_idx++) {
367 		if (hw_mode_id == wmi_hw_mode_caps[hw_idx].hw_mode_id)
368 			break;
369 
370 		phy_map = wmi_hw_mode_caps[hw_idx].phy_id_map;
371 		while (phy_map) {
372 			phy_map >>= 1;
373 			phy_idx++;
374 		}
375 	}
376 
377 	if (hw_idx == hw_caps->num_hw_modes)
378 		return -EINVAL;
379 
380 	phy_idx += phy_id;
381 	if (phy_id >= hal_reg_caps->num_phy)
382 		return -EINVAL;
383 
384 	mac_phy_caps = wmi_mac_phy_caps + phy_idx;
385 
386 	pdev->pdev_id = mac_phy_caps->pdev_id;
387 	pdev_cap->supported_bands |= mac_phy_caps->supported_bands;
388 	pdev_cap->ampdu_density = mac_phy_caps->ampdu_density;
389 	ab->target_pdev_ids[ab->target_pdev_count].supported_bands =
390 		mac_phy_caps->supported_bands;
391 	ab->target_pdev_ids[ab->target_pdev_count].pdev_id = mac_phy_caps->pdev_id;
392 	ab->target_pdev_count++;
393 
394 	if (!(mac_phy_caps->supported_bands & WMI_HOST_WLAN_2G_CAP) &&
395 	    !(mac_phy_caps->supported_bands & WMI_HOST_WLAN_5G_CAP))
396 		return -EINVAL;
397 
398 	/* Take non-zero tx/rx chainmask. If tx/rx chainmask differs from
399 	 * band to band for a single radio, need to see how this should be
400 	 * handled.
401 	 */
402 	if (mac_phy_caps->supported_bands & WMI_HOST_WLAN_2G_CAP) {
403 		pdev_cap->tx_chain_mask = mac_phy_caps->tx_chain_mask_2g;
404 		pdev_cap->rx_chain_mask = mac_phy_caps->rx_chain_mask_2g;
405 	}
406 
407 	if (mac_phy_caps->supported_bands & WMI_HOST_WLAN_5G_CAP) {
408 		pdev_cap->vht_cap = mac_phy_caps->vht_cap_info_5g;
409 		pdev_cap->vht_mcs = mac_phy_caps->vht_supp_mcs_5g;
410 		pdev_cap->he_mcs = mac_phy_caps->he_supp_mcs_5g;
411 		pdev_cap->tx_chain_mask = mac_phy_caps->tx_chain_mask_5g;
412 		pdev_cap->rx_chain_mask = mac_phy_caps->rx_chain_mask_5g;
413 		pdev_cap->nss_ratio_enabled =
414 			WMI_NSS_RATIO_ENABLE_DISABLE_GET(mac_phy_caps->nss_ratio);
415 		pdev_cap->nss_ratio_info =
416 			WMI_NSS_RATIO_INFO_GET(mac_phy_caps->nss_ratio);
417 	}
418 
419 	/* tx/rx chainmask reported from fw depends on the actual hw chains used,
420 	 * For example, for 4x4 capable macphys, first 4 chains can be used for first
421 	 * mac and the remaing 4 chains can be used for the second mac or vice-versa.
422 	 * In this case, tx/rx chainmask 0xf will be advertised for first mac and 0xf0
423 	 * will be advertised for second mac or vice-versa. Compute the shift value
424 	 * for tx/rx chainmask which will be used to advertise supported ht/vht rates to
425 	 * mac80211.
426 	 */
427 	pdev_cap->tx_chain_mask_shift =
428 			find_first_bit((unsigned long *)&pdev_cap->tx_chain_mask, 32);
429 	pdev_cap->rx_chain_mask_shift =
430 			find_first_bit((unsigned long *)&pdev_cap->rx_chain_mask, 32);
431 
432 	if (mac_phy_caps->supported_bands & WMI_HOST_WLAN_2G_CAP) {
433 		cap_band = &pdev_cap->band[NL80211_BAND_2GHZ];
434 		cap_band->phy_id = mac_phy_caps->phy_id;
435 		cap_band->max_bw_supported = mac_phy_caps->max_bw_supported_2g;
436 		cap_band->ht_cap_info = mac_phy_caps->ht_cap_info_2g;
437 		cap_band->he_cap_info[0] = mac_phy_caps->he_cap_info_2g;
438 		cap_band->he_cap_info[1] = mac_phy_caps->he_cap_info_2g_ext;
439 		cap_band->he_mcs = mac_phy_caps->he_supp_mcs_2g;
440 		memcpy(cap_band->he_cap_phy_info, &mac_phy_caps->he_cap_phy_info_2g,
441 		       sizeof(u32) * PSOC_HOST_MAX_PHY_SIZE);
442 		memcpy(&cap_band->he_ppet, &mac_phy_caps->he_ppet2g,
443 		       sizeof(struct ath11k_ppe_threshold));
444 	}
445 
446 	if (mac_phy_caps->supported_bands & WMI_HOST_WLAN_5G_CAP) {
447 		cap_band = &pdev_cap->band[NL80211_BAND_5GHZ];
448 		cap_band->phy_id = mac_phy_caps->phy_id;
449 		cap_band->max_bw_supported = mac_phy_caps->max_bw_supported_5g;
450 		cap_band->ht_cap_info = mac_phy_caps->ht_cap_info_5g;
451 		cap_band->he_cap_info[0] = mac_phy_caps->he_cap_info_5g;
452 		cap_band->he_cap_info[1] = mac_phy_caps->he_cap_info_5g_ext;
453 		cap_band->he_mcs = mac_phy_caps->he_supp_mcs_5g;
454 		memcpy(cap_band->he_cap_phy_info, &mac_phy_caps->he_cap_phy_info_5g,
455 		       sizeof(u32) * PSOC_HOST_MAX_PHY_SIZE);
456 		memcpy(&cap_band->he_ppet, &mac_phy_caps->he_ppet5g,
457 		       sizeof(struct ath11k_ppe_threshold));
458 
459 		cap_band = &pdev_cap->band[NL80211_BAND_6GHZ];
460 		cap_band->max_bw_supported = mac_phy_caps->max_bw_supported_5g;
461 		cap_band->ht_cap_info = mac_phy_caps->ht_cap_info_5g;
462 		cap_band->he_cap_info[0] = mac_phy_caps->he_cap_info_5g;
463 		cap_band->he_cap_info[1] = mac_phy_caps->he_cap_info_5g_ext;
464 		cap_band->he_mcs = mac_phy_caps->he_supp_mcs_5g;
465 		memcpy(cap_band->he_cap_phy_info, &mac_phy_caps->he_cap_phy_info_5g,
466 		       sizeof(u32) * PSOC_HOST_MAX_PHY_SIZE);
467 		memcpy(&cap_band->he_ppet, &mac_phy_caps->he_ppet5g,
468 		       sizeof(struct ath11k_ppe_threshold));
469 	}
470 
471 	return 0;
472 }
473 
474 static int
475 ath11k_pull_reg_cap_svc_rdy_ext(struct ath11k_pdev_wmi *wmi_handle,
476 				struct wmi_soc_hal_reg_capabilities *reg_caps,
477 				struct wmi_hal_reg_capabilities_ext *wmi_ext_reg_cap,
478 				u8 phy_idx,
479 				struct ath11k_hal_reg_capabilities_ext *param)
480 {
481 	struct wmi_hal_reg_capabilities_ext *ext_reg_cap;
482 
483 	if (!reg_caps || !wmi_ext_reg_cap)
484 		return -EINVAL;
485 
486 	if (phy_idx >= reg_caps->num_phy)
487 		return -EINVAL;
488 
489 	ext_reg_cap = &wmi_ext_reg_cap[phy_idx];
490 
491 	param->phy_id = ext_reg_cap->phy_id;
492 	param->eeprom_reg_domain = ext_reg_cap->eeprom_reg_domain;
493 	param->eeprom_reg_domain_ext =
494 			      ext_reg_cap->eeprom_reg_domain_ext;
495 	param->regcap1 = ext_reg_cap->regcap1;
496 	param->regcap2 = ext_reg_cap->regcap2;
497 	/* check if param->wireless_mode is needed */
498 	param->low_2ghz_chan = ext_reg_cap->low_2ghz_chan;
499 	param->high_2ghz_chan = ext_reg_cap->high_2ghz_chan;
500 	param->low_5ghz_chan = ext_reg_cap->low_5ghz_chan;
501 	param->high_5ghz_chan = ext_reg_cap->high_5ghz_chan;
502 
503 	return 0;
504 }
505 
506 static int ath11k_pull_service_ready_tlv(struct ath11k_base *ab,
507 					 const void *evt_buf,
508 					 struct ath11k_targ_cap *cap)
509 {
510 	const struct wmi_service_ready_event *ev = evt_buf;
511 
512 	if (!ev) {
513 		ath11k_err(ab, "%s: failed by NULL param\n",
514 			   __func__);
515 		return -EINVAL;
516 	}
517 
518 	cap->phy_capability = ev->phy_capability;
519 	cap->max_frag_entry = ev->max_frag_entry;
520 	cap->num_rf_chains = ev->num_rf_chains;
521 	cap->ht_cap_info = ev->ht_cap_info;
522 	cap->vht_cap_info = ev->vht_cap_info;
523 	cap->vht_supp_mcs = ev->vht_supp_mcs;
524 	cap->hw_min_tx_power = ev->hw_min_tx_power;
525 	cap->hw_max_tx_power = ev->hw_max_tx_power;
526 	cap->sys_cap_info = ev->sys_cap_info;
527 	cap->min_pkt_size_enable = ev->min_pkt_size_enable;
528 	cap->max_bcn_ie_size = ev->max_bcn_ie_size;
529 	cap->max_num_scan_channels = ev->max_num_scan_channels;
530 	cap->max_supported_macs = ev->max_supported_macs;
531 	cap->wmi_fw_sub_feat_caps = ev->wmi_fw_sub_feat_caps;
532 	cap->txrx_chainmask = ev->txrx_chainmask;
533 	cap->default_dbs_hw_mode_index = ev->default_dbs_hw_mode_index;
534 	cap->num_msdu_desc = ev->num_msdu_desc;
535 
536 	ath11k_dbg(ab, ATH11K_DBG_WMI, "wmi sys cap info 0x%x\n", cap->sys_cap_info);
537 
538 	return 0;
539 }
540 
541 /* Save the wmi_service_bitmap into a linear bitmap. The wmi_services in
542  * wmi_service ready event are advertised in b0-b3 (LSB 4-bits) of each
543  * 4-byte word.
544  */
545 static void ath11k_wmi_service_bitmap_copy(struct ath11k_pdev_wmi *wmi,
546 					   const u32 *wmi_svc_bm)
547 {
548 	int i, j;
549 
550 	for (i = 0, j = 0; i < WMI_SERVICE_BM_SIZE && j < WMI_MAX_SERVICE; i++) {
551 		do {
552 			if (wmi_svc_bm[i] & BIT(j % WMI_SERVICE_BITS_IN_SIZE32))
553 				set_bit(j, wmi->wmi_ab->svc_map);
554 		} while (++j % WMI_SERVICE_BITS_IN_SIZE32);
555 	}
556 }
557 
558 static int ath11k_wmi_tlv_svc_rdy_parse(struct ath11k_base *ab, u16 tag, u16 len,
559 					const void *ptr, void *data)
560 {
561 	struct wmi_tlv_svc_ready_parse *svc_ready = data;
562 	struct ath11k_pdev_wmi *wmi_handle = &ab->wmi_ab.wmi[0];
563 	u16 expect_len;
564 
565 	switch (tag) {
566 	case WMI_TAG_SERVICE_READY_EVENT:
567 		if (ath11k_pull_service_ready_tlv(ab, ptr, &ab->target_caps))
568 			return -EINVAL;
569 		break;
570 
571 	case WMI_TAG_ARRAY_UINT32:
572 		if (!svc_ready->wmi_svc_bitmap_done) {
573 			expect_len = WMI_SERVICE_BM_SIZE * sizeof(u32);
574 			if (len < expect_len) {
575 				ath11k_warn(ab, "invalid len %d for the tag 0x%x\n",
576 					    len, tag);
577 				return -EINVAL;
578 			}
579 
580 			ath11k_wmi_service_bitmap_copy(wmi_handle, ptr);
581 
582 			svc_ready->wmi_svc_bitmap_done = true;
583 		}
584 		break;
585 	default:
586 		break;
587 	}
588 
589 	return 0;
590 }
591 
592 static int ath11k_service_ready_event(struct ath11k_base *ab, struct sk_buff *skb)
593 {
594 	struct wmi_tlv_svc_ready_parse svc_ready = { };
595 	int ret;
596 
597 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
598 				  ath11k_wmi_tlv_svc_rdy_parse,
599 				  &svc_ready);
600 	if (ret) {
601 		ath11k_warn(ab, "failed to parse tlv %d\n", ret);
602 		return ret;
603 	}
604 
605 	return 0;
606 }
607 
608 struct sk_buff *ath11k_wmi_alloc_skb(struct ath11k_wmi_base *wmi_sc, u32 len)
609 {
610 	struct sk_buff *skb;
611 	struct ath11k_base *ab = wmi_sc->ab;
612 	u32 round_len = roundup(len, 4);
613 
614 	skb = ath11k_htc_alloc_skb(ab, WMI_SKB_HEADROOM + round_len);
615 	if (!skb)
616 		return NULL;
617 
618 	skb_reserve(skb, WMI_SKB_HEADROOM);
619 	if (!IS_ALIGNED((unsigned long)skb->data, 4))
620 		ath11k_warn(ab, "unaligned WMI skb data\n");
621 
622 	skb_put(skb, round_len);
623 	memset(skb->data, 0, round_len);
624 
625 	return skb;
626 }
627 
628 static u32 ath11k_wmi_mgmt_get_freq(struct ath11k *ar,
629 				    struct ieee80211_tx_info *info)
630 {
631 	struct ath11k_base *ab = ar->ab;
632 	u32 freq = 0;
633 
634 	if (ab->hw_params.support_off_channel_tx &&
635 	    ar->scan.is_roc &&
636 	    (info->flags & IEEE80211_TX_CTL_TX_OFFCHAN))
637 		freq = ar->scan.roc_freq;
638 
639 	return freq;
640 }
641 
642 int ath11k_wmi_mgmt_send(struct ath11k *ar, u32 vdev_id, u32 buf_id,
643 			 struct sk_buff *frame)
644 {
645 	struct ath11k_pdev_wmi *wmi = ar->wmi;
646 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(frame);
647 	struct wmi_mgmt_send_cmd *cmd;
648 	struct wmi_tlv *frame_tlv;
649 	struct sk_buff *skb;
650 	u32 buf_len;
651 	int ret, len;
652 
653 	buf_len = frame->len < WMI_MGMT_SEND_DOWNLD_LEN ?
654 		  frame->len : WMI_MGMT_SEND_DOWNLD_LEN;
655 
656 	len = sizeof(*cmd) + sizeof(*frame_tlv) + roundup(buf_len, 4);
657 
658 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
659 	if (!skb)
660 		return -ENOMEM;
661 
662 	cmd = (struct wmi_mgmt_send_cmd *)skb->data;
663 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_MGMT_TX_SEND_CMD) |
664 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
665 	cmd->vdev_id = vdev_id;
666 	cmd->desc_id = buf_id;
667 	cmd->chanfreq = ath11k_wmi_mgmt_get_freq(ar, info);
668 	cmd->paddr_lo = lower_32_bits(ATH11K_SKB_CB(frame)->paddr);
669 	cmd->paddr_hi = upper_32_bits(ATH11K_SKB_CB(frame)->paddr);
670 	cmd->frame_len = frame->len;
671 	cmd->buf_len = buf_len;
672 	cmd->tx_params_valid = 0;
673 
674 	frame_tlv = (struct wmi_tlv *)(skb->data + sizeof(*cmd));
675 	frame_tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
676 			    FIELD_PREP(WMI_TLV_LEN, buf_len);
677 
678 	memcpy(frame_tlv->value, frame->data, buf_len);
679 
680 	ath11k_ce_byte_swap(frame_tlv->value, buf_len);
681 
682 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_MGMT_TX_SEND_CMDID);
683 	if (ret) {
684 		ath11k_warn(ar->ab,
685 			    "failed to submit WMI_MGMT_TX_SEND_CMDID cmd\n");
686 		dev_kfree_skb(skb);
687 	}
688 
689 	return ret;
690 }
691 
692 int ath11k_wmi_vdev_create(struct ath11k *ar, u8 *macaddr,
693 			   struct vdev_create_params *param)
694 {
695 	struct ath11k_pdev_wmi *wmi = ar->wmi;
696 	struct wmi_vdev_create_cmd *cmd;
697 	struct sk_buff *skb;
698 	struct wmi_vdev_txrx_streams *txrx_streams;
699 	struct wmi_tlv *tlv;
700 	int ret, len;
701 	void *ptr;
702 
703 	/* It can be optimized my sending tx/rx chain configuration
704 	 * only for supported bands instead of always sending it for
705 	 * both the bands.
706 	 */
707 	len = sizeof(*cmd) + TLV_HDR_SIZE +
708 		(WMI_NUM_SUPPORTED_BAND_MAX * sizeof(*txrx_streams));
709 
710 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
711 	if (!skb)
712 		return -ENOMEM;
713 
714 	cmd = (struct wmi_vdev_create_cmd *)skb->data;
715 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_CREATE_CMD) |
716 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
717 
718 	cmd->vdev_id = param->if_id;
719 	cmd->vdev_type = param->type;
720 	cmd->vdev_subtype = param->subtype;
721 	cmd->num_cfg_txrx_streams = WMI_NUM_SUPPORTED_BAND_MAX;
722 	cmd->pdev_id = param->pdev_id;
723 	ether_addr_copy(cmd->vdev_macaddr.addr, macaddr);
724 
725 	ptr = skb->data + sizeof(*cmd);
726 	len = WMI_NUM_SUPPORTED_BAND_MAX * sizeof(*txrx_streams);
727 
728 	tlv = ptr;
729 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
730 		      FIELD_PREP(WMI_TLV_LEN, len);
731 
732 	ptr += TLV_HDR_SIZE;
733 	txrx_streams = ptr;
734 	len = sizeof(*txrx_streams);
735 	txrx_streams->tlv_header =
736 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_TXRX_STREAMS) |
737 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
738 	txrx_streams->band = WMI_TPC_CHAINMASK_CONFIG_BAND_2G;
739 	txrx_streams->supported_tx_streams =
740 				 param->chains[NL80211_BAND_2GHZ].tx;
741 	txrx_streams->supported_rx_streams =
742 				 param->chains[NL80211_BAND_2GHZ].rx;
743 
744 	txrx_streams++;
745 	txrx_streams->tlv_header =
746 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_TXRX_STREAMS) |
747 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
748 	txrx_streams->band = WMI_TPC_CHAINMASK_CONFIG_BAND_5G;
749 	txrx_streams->supported_tx_streams =
750 				 param->chains[NL80211_BAND_5GHZ].tx;
751 	txrx_streams->supported_rx_streams =
752 				 param->chains[NL80211_BAND_5GHZ].rx;
753 
754 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_CREATE_CMDID);
755 	if (ret) {
756 		ath11k_warn(ar->ab,
757 			    "failed to submit WMI_VDEV_CREATE_CMDID\n");
758 		dev_kfree_skb(skb);
759 	}
760 
761 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
762 		   "WMI vdev create: id %d type %d subtype %d macaddr %pM pdevid %d\n",
763 		   param->if_id, param->type, param->subtype,
764 		   macaddr, param->pdev_id);
765 
766 	return ret;
767 }
768 
769 int ath11k_wmi_vdev_delete(struct ath11k *ar, u8 vdev_id)
770 {
771 	struct ath11k_pdev_wmi *wmi = ar->wmi;
772 	struct wmi_vdev_delete_cmd *cmd;
773 	struct sk_buff *skb;
774 	int ret;
775 
776 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
777 	if (!skb)
778 		return -ENOMEM;
779 
780 	cmd = (struct wmi_vdev_delete_cmd *)skb->data;
781 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_DELETE_CMD) |
782 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
783 	cmd->vdev_id = vdev_id;
784 
785 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_DELETE_CMDID);
786 	if (ret) {
787 		ath11k_warn(ar->ab, "failed to submit WMI_VDEV_DELETE_CMDID\n");
788 		dev_kfree_skb(skb);
789 	}
790 
791 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "WMI vdev delete id %d\n", vdev_id);
792 
793 	return ret;
794 }
795 
796 int ath11k_wmi_vdev_stop(struct ath11k *ar, u8 vdev_id)
797 {
798 	struct ath11k_pdev_wmi *wmi = ar->wmi;
799 	struct wmi_vdev_stop_cmd *cmd;
800 	struct sk_buff *skb;
801 	int ret;
802 
803 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
804 	if (!skb)
805 		return -ENOMEM;
806 
807 	cmd = (struct wmi_vdev_stop_cmd *)skb->data;
808 
809 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_STOP_CMD) |
810 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
811 	cmd->vdev_id = vdev_id;
812 
813 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_STOP_CMDID);
814 	if (ret) {
815 		ath11k_warn(ar->ab, "failed to submit WMI_VDEV_STOP cmd\n");
816 		dev_kfree_skb(skb);
817 	}
818 
819 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "WMI vdev stop id 0x%x\n", vdev_id);
820 
821 	return ret;
822 }
823 
824 int ath11k_wmi_vdev_down(struct ath11k *ar, u8 vdev_id)
825 {
826 	struct ath11k_pdev_wmi *wmi = ar->wmi;
827 	struct wmi_vdev_down_cmd *cmd;
828 	struct sk_buff *skb;
829 	int ret;
830 
831 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
832 	if (!skb)
833 		return -ENOMEM;
834 
835 	cmd = (struct wmi_vdev_down_cmd *)skb->data;
836 
837 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_DOWN_CMD) |
838 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
839 	cmd->vdev_id = vdev_id;
840 
841 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_DOWN_CMDID);
842 	if (ret) {
843 		ath11k_warn(ar->ab, "failed to submit WMI_VDEV_DOWN cmd\n");
844 		dev_kfree_skb(skb);
845 	}
846 
847 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "WMI vdev down id 0x%x\n", vdev_id);
848 
849 	return ret;
850 }
851 
852 static void ath11k_wmi_put_wmi_channel(struct wmi_channel *chan,
853 				       struct wmi_vdev_start_req_arg *arg)
854 {
855 	u32 center_freq1 = arg->channel.band_center_freq1;
856 
857 	memset(chan, 0, sizeof(*chan));
858 
859 	chan->mhz = arg->channel.freq;
860 	chan->band_center_freq1 = arg->channel.band_center_freq1;
861 
862 	if (arg->channel.mode == MODE_11AX_HE160) {
863 		if (arg->channel.freq > arg->channel.band_center_freq1)
864 			chan->band_center_freq1 = center_freq1 + 40;
865 		else
866 			chan->band_center_freq1 = center_freq1 - 40;
867 
868 		chan->band_center_freq2 = arg->channel.band_center_freq1;
869 
870 	} else if (arg->channel.mode == MODE_11AC_VHT80_80) {
871 		chan->band_center_freq2 = arg->channel.band_center_freq2;
872 	} else {
873 		chan->band_center_freq2 = 0;
874 	}
875 
876 	chan->info |= FIELD_PREP(WMI_CHAN_INFO_MODE, arg->channel.mode);
877 	if (arg->channel.passive)
878 		chan->info |= WMI_CHAN_INFO_PASSIVE;
879 	if (arg->channel.allow_ibss)
880 		chan->info |= WMI_CHAN_INFO_ADHOC_ALLOWED;
881 	if (arg->channel.allow_ht)
882 		chan->info |= WMI_CHAN_INFO_ALLOW_HT;
883 	if (arg->channel.allow_vht)
884 		chan->info |= WMI_CHAN_INFO_ALLOW_VHT;
885 	if (arg->channel.allow_he)
886 		chan->info |= WMI_CHAN_INFO_ALLOW_HE;
887 	if (arg->channel.ht40plus)
888 		chan->info |= WMI_CHAN_INFO_HT40_PLUS;
889 	if (arg->channel.chan_radar)
890 		chan->info |= WMI_CHAN_INFO_DFS;
891 	if (arg->channel.freq2_radar)
892 		chan->info |= WMI_CHAN_INFO_DFS_FREQ2;
893 
894 	chan->reg_info_1 = FIELD_PREP(WMI_CHAN_REG_INFO1_MAX_PWR,
895 				      arg->channel.max_power) |
896 		FIELD_PREP(WMI_CHAN_REG_INFO1_MAX_REG_PWR,
897 			   arg->channel.max_reg_power);
898 
899 	chan->reg_info_2 = FIELD_PREP(WMI_CHAN_REG_INFO2_ANT_MAX,
900 				      arg->channel.max_antenna_gain) |
901 		FIELD_PREP(WMI_CHAN_REG_INFO2_MAX_TX_PWR,
902 			   arg->channel.max_power);
903 }
904 
905 int ath11k_wmi_vdev_start(struct ath11k *ar, struct wmi_vdev_start_req_arg *arg,
906 			  bool restart)
907 {
908 	struct ath11k_pdev_wmi *wmi = ar->wmi;
909 	struct wmi_vdev_start_request_cmd *cmd;
910 	struct sk_buff *skb;
911 	struct wmi_channel *chan;
912 	struct wmi_tlv *tlv;
913 	void *ptr;
914 	int ret, len;
915 
916 	if (WARN_ON(arg->ssid_len > sizeof(cmd->ssid.ssid)))
917 		return -EINVAL;
918 
919 	len = sizeof(*cmd) + sizeof(*chan) + TLV_HDR_SIZE;
920 
921 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
922 	if (!skb)
923 		return -ENOMEM;
924 
925 	cmd = (struct wmi_vdev_start_request_cmd *)skb->data;
926 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
927 				     WMI_TAG_VDEV_START_REQUEST_CMD) |
928 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
929 	cmd->vdev_id = arg->vdev_id;
930 	cmd->beacon_interval = arg->bcn_intval;
931 	cmd->bcn_tx_rate = arg->bcn_tx_rate;
932 	cmd->dtim_period = arg->dtim_period;
933 	cmd->num_noa_descriptors = arg->num_noa_descriptors;
934 	cmd->preferred_rx_streams = arg->pref_rx_streams;
935 	cmd->preferred_tx_streams = arg->pref_tx_streams;
936 	cmd->cac_duration_ms = arg->cac_duration_ms;
937 	cmd->regdomain = arg->regdomain;
938 	cmd->he_ops = arg->he_ops;
939 
940 	if (!restart) {
941 		if (arg->ssid) {
942 			cmd->ssid.ssid_len = arg->ssid_len;
943 			memcpy(cmd->ssid.ssid, arg->ssid, arg->ssid_len);
944 		}
945 		if (arg->hidden_ssid)
946 			cmd->flags |= WMI_VDEV_START_HIDDEN_SSID;
947 		if (arg->pmf_enabled)
948 			cmd->flags |= WMI_VDEV_START_PMF_ENABLED;
949 	}
950 
951 	cmd->flags |= WMI_VDEV_START_LDPC_RX_ENABLED;
952 	if (test_bit(ATH11K_FLAG_HW_CRYPTO_DISABLED, &ar->ab->dev_flags))
953 		cmd->flags |= WMI_VDEV_START_HW_ENCRYPTION_DISABLED;
954 
955 	ptr = skb->data + sizeof(*cmd);
956 	chan = ptr;
957 
958 	ath11k_wmi_put_wmi_channel(chan, arg);
959 
960 	chan->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_CHANNEL) |
961 			   FIELD_PREP(WMI_TLV_LEN,
962 				      sizeof(*chan) - TLV_HDR_SIZE);
963 	ptr += sizeof(*chan);
964 
965 	tlv = ptr;
966 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
967 		      FIELD_PREP(WMI_TLV_LEN, 0);
968 
969 	/* Note: This is a nested TLV containing:
970 	 * [wmi_tlv][wmi_p2p_noa_descriptor][wmi_tlv]..
971 	 */
972 
973 	ptr += sizeof(*tlv);
974 
975 	if (restart)
976 		ret = ath11k_wmi_cmd_send(wmi, skb,
977 					  WMI_VDEV_RESTART_REQUEST_CMDID);
978 	else
979 		ret = ath11k_wmi_cmd_send(wmi, skb,
980 					  WMI_VDEV_START_REQUEST_CMDID);
981 	if (ret) {
982 		ath11k_warn(ar->ab, "failed to submit vdev_%s cmd\n",
983 			    restart ? "restart" : "start");
984 		dev_kfree_skb(skb);
985 	}
986 
987 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "vdev %s id 0x%x freq 0x%x mode 0x%x\n",
988 		   restart ? "restart" : "start", arg->vdev_id,
989 		   arg->channel.freq, arg->channel.mode);
990 
991 	return ret;
992 }
993 
994 int ath11k_wmi_vdev_up(struct ath11k *ar, u32 vdev_id, u32 aid, const u8 *bssid)
995 {
996 	struct ath11k_pdev_wmi *wmi = ar->wmi;
997 	struct wmi_vdev_up_cmd *cmd;
998 	struct sk_buff *skb;
999 	int ret;
1000 
1001 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1002 	if (!skb)
1003 		return -ENOMEM;
1004 
1005 	cmd = (struct wmi_vdev_up_cmd *)skb->data;
1006 
1007 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_UP_CMD) |
1008 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1009 	cmd->vdev_id = vdev_id;
1010 	cmd->vdev_assoc_id = aid;
1011 
1012 	ether_addr_copy(cmd->vdev_bssid.addr, bssid);
1013 
1014 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_UP_CMDID);
1015 	if (ret) {
1016 		ath11k_warn(ar->ab, "failed to submit WMI_VDEV_UP cmd\n");
1017 		dev_kfree_skb(skb);
1018 	}
1019 
1020 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1021 		   "WMI mgmt vdev up id 0x%x assoc id %d bssid %pM\n",
1022 		   vdev_id, aid, bssid);
1023 
1024 	return ret;
1025 }
1026 
1027 int ath11k_wmi_send_peer_create_cmd(struct ath11k *ar,
1028 				    struct peer_create_params *param)
1029 {
1030 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1031 	struct wmi_peer_create_cmd *cmd;
1032 	struct sk_buff *skb;
1033 	int ret;
1034 
1035 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1036 	if (!skb)
1037 		return -ENOMEM;
1038 
1039 	cmd = (struct wmi_peer_create_cmd *)skb->data;
1040 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PEER_CREATE_CMD) |
1041 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1042 
1043 	ether_addr_copy(cmd->peer_macaddr.addr, param->peer_addr);
1044 	cmd->peer_type = param->peer_type;
1045 	cmd->vdev_id = param->vdev_id;
1046 
1047 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_CREATE_CMDID);
1048 	if (ret) {
1049 		ath11k_warn(ar->ab, "failed to submit WMI_PEER_CREATE cmd\n");
1050 		dev_kfree_skb(skb);
1051 	}
1052 
1053 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1054 		   "WMI peer create vdev_id %d peer_addr %pM\n",
1055 		   param->vdev_id, param->peer_addr);
1056 
1057 	return ret;
1058 }
1059 
1060 int ath11k_wmi_send_peer_delete_cmd(struct ath11k *ar,
1061 				    const u8 *peer_addr, u8 vdev_id)
1062 {
1063 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1064 	struct wmi_peer_delete_cmd *cmd;
1065 	struct sk_buff *skb;
1066 	int ret;
1067 
1068 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1069 	if (!skb)
1070 		return -ENOMEM;
1071 
1072 	cmd = (struct wmi_peer_delete_cmd *)skb->data;
1073 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PEER_DELETE_CMD) |
1074 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1075 
1076 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1077 	cmd->vdev_id = vdev_id;
1078 
1079 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1080 		   "WMI peer delete vdev_id %d peer_addr %pM\n",
1081 		   vdev_id,  peer_addr);
1082 
1083 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_DELETE_CMDID);
1084 	if (ret) {
1085 		ath11k_warn(ar->ab, "failed to send WMI_PEER_DELETE cmd\n");
1086 		dev_kfree_skb(skb);
1087 	}
1088 
1089 	return ret;
1090 }
1091 
1092 int ath11k_wmi_send_pdev_set_regdomain(struct ath11k *ar,
1093 				       struct pdev_set_regdomain_params *param)
1094 {
1095 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1096 	struct wmi_pdev_set_regdomain_cmd *cmd;
1097 	struct sk_buff *skb;
1098 	int ret;
1099 
1100 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1101 	if (!skb)
1102 		return -ENOMEM;
1103 
1104 	cmd = (struct wmi_pdev_set_regdomain_cmd *)skb->data;
1105 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1106 				     WMI_TAG_PDEV_SET_REGDOMAIN_CMD) |
1107 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1108 
1109 	cmd->reg_domain = param->current_rd_in_use;
1110 	cmd->reg_domain_2g = param->current_rd_2g;
1111 	cmd->reg_domain_5g = param->current_rd_5g;
1112 	cmd->conformance_test_limit_2g = param->ctl_2g;
1113 	cmd->conformance_test_limit_5g = param->ctl_5g;
1114 	cmd->dfs_domain = param->dfs_domain;
1115 	cmd->pdev_id = param->pdev_id;
1116 
1117 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1118 		   "WMI pdev regd rd %d rd2g %d rd5g %d domain %d pdev id %d\n",
1119 		   param->current_rd_in_use, param->current_rd_2g,
1120 		   param->current_rd_5g, param->dfs_domain, param->pdev_id);
1121 
1122 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_REGDOMAIN_CMDID);
1123 	if (ret) {
1124 		ath11k_warn(ar->ab,
1125 			    "failed to send WMI_PDEV_SET_REGDOMAIN cmd\n");
1126 		dev_kfree_skb(skb);
1127 	}
1128 
1129 	return ret;
1130 }
1131 
1132 int ath11k_wmi_set_peer_param(struct ath11k *ar, const u8 *peer_addr,
1133 			      u32 vdev_id, u32 param_id, u32 param_val)
1134 {
1135 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1136 	struct wmi_peer_set_param_cmd *cmd;
1137 	struct sk_buff *skb;
1138 	int ret;
1139 
1140 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1141 	if (!skb)
1142 		return -ENOMEM;
1143 
1144 	cmd = (struct wmi_peer_set_param_cmd *)skb->data;
1145 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PEER_SET_PARAM_CMD) |
1146 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1147 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1148 	cmd->vdev_id = vdev_id;
1149 	cmd->param_id = param_id;
1150 	cmd->param_value = param_val;
1151 
1152 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_SET_PARAM_CMDID);
1153 	if (ret) {
1154 		ath11k_warn(ar->ab, "failed to send WMI_PEER_SET_PARAM cmd\n");
1155 		dev_kfree_skb(skb);
1156 	}
1157 
1158 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1159 		   "WMI vdev %d peer 0x%pM set param %d value %d\n",
1160 		   vdev_id, peer_addr, param_id, param_val);
1161 
1162 	return ret;
1163 }
1164 
1165 int ath11k_wmi_send_peer_flush_tids_cmd(struct ath11k *ar,
1166 					u8 peer_addr[ETH_ALEN],
1167 					struct peer_flush_params *param)
1168 {
1169 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1170 	struct wmi_peer_flush_tids_cmd *cmd;
1171 	struct sk_buff *skb;
1172 	int ret;
1173 
1174 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1175 	if (!skb)
1176 		return -ENOMEM;
1177 
1178 	cmd = (struct wmi_peer_flush_tids_cmd *)skb->data;
1179 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PEER_FLUSH_TIDS_CMD) |
1180 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1181 
1182 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1183 	cmd->peer_tid_bitmap = param->peer_tid_bitmap;
1184 	cmd->vdev_id = param->vdev_id;
1185 
1186 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_FLUSH_TIDS_CMDID);
1187 	if (ret) {
1188 		ath11k_warn(ar->ab,
1189 			    "failed to send WMI_PEER_FLUSH_TIDS cmd\n");
1190 		dev_kfree_skb(skb);
1191 	}
1192 
1193 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1194 		   "WMI peer flush vdev_id %d peer_addr %pM tids %08x\n",
1195 		   param->vdev_id, peer_addr, param->peer_tid_bitmap);
1196 
1197 	return ret;
1198 }
1199 
1200 int ath11k_wmi_peer_rx_reorder_queue_setup(struct ath11k *ar,
1201 					   int vdev_id, const u8 *addr,
1202 					   dma_addr_t paddr, u8 tid,
1203 					   u8 ba_window_size_valid,
1204 					   u32 ba_window_size)
1205 {
1206 	struct wmi_peer_reorder_queue_setup_cmd *cmd;
1207 	struct sk_buff *skb;
1208 	int ret;
1209 
1210 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
1211 	if (!skb)
1212 		return -ENOMEM;
1213 
1214 	cmd = (struct wmi_peer_reorder_queue_setup_cmd *)skb->data;
1215 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1216 				     WMI_TAG_REORDER_QUEUE_SETUP_CMD) |
1217 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1218 
1219 	ether_addr_copy(cmd->peer_macaddr.addr, addr);
1220 	cmd->vdev_id = vdev_id;
1221 	cmd->tid = tid;
1222 	cmd->queue_ptr_lo = lower_32_bits(paddr);
1223 	cmd->queue_ptr_hi = upper_32_bits(paddr);
1224 	cmd->queue_no = tid;
1225 	cmd->ba_window_size_valid = ba_window_size_valid;
1226 	cmd->ba_window_size = ba_window_size;
1227 
1228 	ret = ath11k_wmi_cmd_send(ar->wmi, skb,
1229 				  WMI_PEER_REORDER_QUEUE_SETUP_CMDID);
1230 	if (ret) {
1231 		ath11k_warn(ar->ab,
1232 			    "failed to send WMI_PEER_REORDER_QUEUE_SETUP\n");
1233 		dev_kfree_skb(skb);
1234 	}
1235 
1236 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1237 		   "wmi rx reorder queue setup addr %pM vdev_id %d tid %d\n",
1238 		   addr, vdev_id, tid);
1239 
1240 	return ret;
1241 }
1242 
1243 int
1244 ath11k_wmi_rx_reord_queue_remove(struct ath11k *ar,
1245 				 struct rx_reorder_queue_remove_params *param)
1246 {
1247 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1248 	struct wmi_peer_reorder_queue_remove_cmd *cmd;
1249 	struct sk_buff *skb;
1250 	int ret;
1251 
1252 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1253 	if (!skb)
1254 		return -ENOMEM;
1255 
1256 	cmd = (struct wmi_peer_reorder_queue_remove_cmd *)skb->data;
1257 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1258 				     WMI_TAG_REORDER_QUEUE_REMOVE_CMD) |
1259 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1260 
1261 	ether_addr_copy(cmd->peer_macaddr.addr, param->peer_macaddr);
1262 	cmd->vdev_id = param->vdev_id;
1263 	cmd->tid_mask = param->peer_tid_bitmap;
1264 
1265 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1266 		   "%s: peer_macaddr %pM vdev_id %d, tid_map %d", __func__,
1267 		   param->peer_macaddr, param->vdev_id, param->peer_tid_bitmap);
1268 
1269 	ret = ath11k_wmi_cmd_send(wmi, skb,
1270 				  WMI_PEER_REORDER_QUEUE_REMOVE_CMDID);
1271 	if (ret) {
1272 		ath11k_warn(ar->ab,
1273 			    "failed to send WMI_PEER_REORDER_QUEUE_REMOVE_CMDID");
1274 		dev_kfree_skb(skb);
1275 	}
1276 
1277 	return ret;
1278 }
1279 
1280 int ath11k_wmi_pdev_set_param(struct ath11k *ar, u32 param_id,
1281 			      u32 param_value, u8 pdev_id)
1282 {
1283 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1284 	struct wmi_pdev_set_param_cmd *cmd;
1285 	struct sk_buff *skb;
1286 	int ret;
1287 
1288 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1289 	if (!skb)
1290 		return -ENOMEM;
1291 
1292 	cmd = (struct wmi_pdev_set_param_cmd *)skb->data;
1293 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SET_PARAM_CMD) |
1294 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1295 	cmd->pdev_id = pdev_id;
1296 	cmd->param_id = param_id;
1297 	cmd->param_value = param_value;
1298 
1299 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_PARAM_CMDID);
1300 	if (ret) {
1301 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_SET_PARAM cmd\n");
1302 		dev_kfree_skb(skb);
1303 	}
1304 
1305 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1306 		   "WMI pdev set param %d pdev id %d value %d\n",
1307 		   param_id, pdev_id, param_value);
1308 
1309 	return ret;
1310 }
1311 
1312 int ath11k_wmi_pdev_set_ps_mode(struct ath11k *ar, int vdev_id,
1313 				enum wmi_sta_ps_mode psmode)
1314 {
1315 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1316 	struct wmi_pdev_set_ps_mode_cmd *cmd;
1317 	struct sk_buff *skb;
1318 	int ret;
1319 
1320 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1321 	if (!skb)
1322 		return -ENOMEM;
1323 
1324 	cmd = (struct wmi_pdev_set_ps_mode_cmd *)skb->data;
1325 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_STA_POWERSAVE_MODE_CMD) |
1326 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1327 	cmd->vdev_id = vdev_id;
1328 	cmd->sta_ps_mode = psmode;
1329 
1330 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_STA_POWERSAVE_MODE_CMDID);
1331 	if (ret) {
1332 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_SET_PARAM cmd\n");
1333 		dev_kfree_skb(skb);
1334 	}
1335 
1336 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1337 		   "WMI vdev set psmode %d vdev id %d\n",
1338 		   psmode, vdev_id);
1339 
1340 	return ret;
1341 }
1342 
1343 int ath11k_wmi_pdev_suspend(struct ath11k *ar, u32 suspend_opt,
1344 			    u32 pdev_id)
1345 {
1346 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1347 	struct wmi_pdev_suspend_cmd *cmd;
1348 	struct sk_buff *skb;
1349 	int ret;
1350 
1351 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1352 	if (!skb)
1353 		return -ENOMEM;
1354 
1355 	cmd = (struct wmi_pdev_suspend_cmd *)skb->data;
1356 
1357 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SUSPEND_CMD) |
1358 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1359 
1360 	cmd->suspend_opt = suspend_opt;
1361 	cmd->pdev_id = pdev_id;
1362 
1363 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SUSPEND_CMDID);
1364 	if (ret) {
1365 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_SUSPEND cmd\n");
1366 		dev_kfree_skb(skb);
1367 	}
1368 
1369 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1370 		   "WMI pdev suspend pdev_id %d\n", pdev_id);
1371 
1372 	return ret;
1373 }
1374 
1375 int ath11k_wmi_pdev_resume(struct ath11k *ar, u32 pdev_id)
1376 {
1377 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1378 	struct wmi_pdev_resume_cmd *cmd;
1379 	struct sk_buff *skb;
1380 	int ret;
1381 
1382 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1383 	if (!skb)
1384 		return -ENOMEM;
1385 
1386 	cmd = (struct wmi_pdev_resume_cmd *)skb->data;
1387 
1388 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_RESUME_CMD) |
1389 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1390 	cmd->pdev_id = pdev_id;
1391 
1392 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1393 		   "WMI pdev resume pdev id %d\n", pdev_id);
1394 
1395 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_RESUME_CMDID);
1396 	if (ret) {
1397 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_RESUME cmd\n");
1398 		dev_kfree_skb(skb);
1399 	}
1400 
1401 	return ret;
1402 }
1403 
1404 /* TODO FW Support for the cmd is not available yet.
1405  * Can be tested once the command and corresponding
1406  * event is implemented in FW
1407  */
1408 int ath11k_wmi_pdev_bss_chan_info_request(struct ath11k *ar,
1409 					  enum wmi_bss_chan_info_req_type type)
1410 {
1411 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1412 	struct wmi_pdev_bss_chan_info_req_cmd *cmd;
1413 	struct sk_buff *skb;
1414 	int ret;
1415 
1416 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1417 	if (!skb)
1418 		return -ENOMEM;
1419 
1420 	cmd = (struct wmi_pdev_bss_chan_info_req_cmd *)skb->data;
1421 
1422 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1423 				     WMI_TAG_PDEV_BSS_CHAN_INFO_REQUEST) |
1424 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1425 	cmd->req_type = type;
1426 	cmd->pdev_id = ar->pdev->pdev_id;
1427 
1428 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1429 		   "WMI bss chan info req type %d\n", type);
1430 
1431 	ret = ath11k_wmi_cmd_send(wmi, skb,
1432 				  WMI_PDEV_BSS_CHAN_INFO_REQUEST_CMDID);
1433 	if (ret) {
1434 		ath11k_warn(ar->ab,
1435 			    "failed to send WMI_PDEV_BSS_CHAN_INFO_REQUEST cmd\n");
1436 		dev_kfree_skb(skb);
1437 	}
1438 
1439 	return ret;
1440 }
1441 
1442 int ath11k_wmi_send_set_ap_ps_param_cmd(struct ath11k *ar, u8 *peer_addr,
1443 					struct ap_ps_params *param)
1444 {
1445 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1446 	struct wmi_ap_ps_peer_cmd *cmd;
1447 	struct sk_buff *skb;
1448 	int ret;
1449 
1450 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1451 	if (!skb)
1452 		return -ENOMEM;
1453 
1454 	cmd = (struct wmi_ap_ps_peer_cmd *)skb->data;
1455 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_AP_PS_PEER_CMD) |
1456 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1457 
1458 	cmd->vdev_id = param->vdev_id;
1459 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1460 	cmd->param = param->param;
1461 	cmd->value = param->value;
1462 
1463 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_AP_PS_PEER_PARAM_CMDID);
1464 	if (ret) {
1465 		ath11k_warn(ar->ab,
1466 			    "failed to send WMI_AP_PS_PEER_PARAM_CMDID\n");
1467 		dev_kfree_skb(skb);
1468 	}
1469 
1470 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1471 		   "WMI set ap ps vdev id %d peer %pM param %d value %d\n",
1472 		   param->vdev_id, peer_addr, param->param, param->value);
1473 
1474 	return ret;
1475 }
1476 
1477 int ath11k_wmi_set_sta_ps_param(struct ath11k *ar, u32 vdev_id,
1478 				u32 param, u32 param_value)
1479 {
1480 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1481 	struct wmi_sta_powersave_param_cmd *cmd;
1482 	struct sk_buff *skb;
1483 	int ret;
1484 
1485 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1486 	if (!skb)
1487 		return -ENOMEM;
1488 
1489 	cmd = (struct wmi_sta_powersave_param_cmd *)skb->data;
1490 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1491 				     WMI_TAG_STA_POWERSAVE_PARAM_CMD) |
1492 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1493 
1494 	cmd->vdev_id = vdev_id;
1495 	cmd->param = param;
1496 	cmd->value = param_value;
1497 
1498 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1499 		   "WMI set sta ps vdev_id %d param %d value %d\n",
1500 		   vdev_id, param, param_value);
1501 
1502 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_STA_POWERSAVE_PARAM_CMDID);
1503 	if (ret) {
1504 		ath11k_warn(ar->ab, "failed to send WMI_STA_POWERSAVE_PARAM_CMDID");
1505 		dev_kfree_skb(skb);
1506 	}
1507 
1508 	return ret;
1509 }
1510 
1511 int ath11k_wmi_force_fw_hang_cmd(struct ath11k *ar, u32 type, u32 delay_time_ms)
1512 {
1513 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1514 	struct wmi_force_fw_hang_cmd *cmd;
1515 	struct sk_buff *skb;
1516 	int ret, len;
1517 
1518 	len = sizeof(*cmd);
1519 
1520 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
1521 	if (!skb)
1522 		return -ENOMEM;
1523 
1524 	cmd = (struct wmi_force_fw_hang_cmd *)skb->data;
1525 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_FORCE_FW_HANG_CMD) |
1526 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
1527 
1528 	cmd->type = type;
1529 	cmd->delay_time_ms = delay_time_ms;
1530 
1531 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_FORCE_FW_HANG_CMDID);
1532 
1533 	if (ret) {
1534 		ath11k_warn(ar->ab, "Failed to send WMI_FORCE_FW_HANG_CMDID");
1535 		dev_kfree_skb(skb);
1536 	}
1537 	return ret;
1538 }
1539 
1540 int ath11k_wmi_vdev_set_param_cmd(struct ath11k *ar, u32 vdev_id,
1541 				  u32 param_id, u32 param_value)
1542 {
1543 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1544 	struct wmi_vdev_set_param_cmd *cmd;
1545 	struct sk_buff *skb;
1546 	int ret;
1547 
1548 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1549 	if (!skb)
1550 		return -ENOMEM;
1551 
1552 	cmd = (struct wmi_vdev_set_param_cmd *)skb->data;
1553 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_SET_PARAM_CMD) |
1554 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1555 
1556 	cmd->vdev_id = vdev_id;
1557 	cmd->param_id = param_id;
1558 	cmd->param_value = param_value;
1559 
1560 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_SET_PARAM_CMDID);
1561 	if (ret) {
1562 		ath11k_warn(ar->ab,
1563 			    "failed to send WMI_VDEV_SET_PARAM_CMDID\n");
1564 		dev_kfree_skb(skb);
1565 	}
1566 
1567 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1568 		   "WMI vdev id 0x%x set param %d value %d\n",
1569 		   vdev_id, param_id, param_value);
1570 
1571 	return ret;
1572 }
1573 
1574 int ath11k_wmi_send_stats_request_cmd(struct ath11k *ar,
1575 				      struct stats_request_params *param)
1576 {
1577 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1578 	struct wmi_request_stats_cmd *cmd;
1579 	struct sk_buff *skb;
1580 	int ret;
1581 
1582 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1583 	if (!skb)
1584 		return -ENOMEM;
1585 
1586 	cmd = (struct wmi_request_stats_cmd *)skb->data;
1587 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_REQUEST_STATS_CMD) |
1588 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1589 
1590 	cmd->stats_id = param->stats_id;
1591 	cmd->vdev_id = param->vdev_id;
1592 	cmd->pdev_id = param->pdev_id;
1593 
1594 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_REQUEST_STATS_CMDID);
1595 	if (ret) {
1596 		ath11k_warn(ar->ab, "failed to send WMI_REQUEST_STATS cmd\n");
1597 		dev_kfree_skb(skb);
1598 	}
1599 
1600 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1601 		   "WMI request stats 0x%x vdev id %d pdev id %d\n",
1602 		   param->stats_id, param->vdev_id, param->pdev_id);
1603 
1604 	return ret;
1605 }
1606 
1607 int ath11k_wmi_send_pdev_temperature_cmd(struct ath11k *ar)
1608 {
1609 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1610 	struct wmi_get_pdev_temperature_cmd *cmd;
1611 	struct sk_buff *skb;
1612 	int ret;
1613 
1614 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1615 	if (!skb)
1616 		return -ENOMEM;
1617 
1618 	cmd = (struct wmi_get_pdev_temperature_cmd *)skb->data;
1619 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_GET_TEMPERATURE_CMD) |
1620 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1621 	cmd->pdev_id = ar->pdev->pdev_id;
1622 
1623 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_GET_TEMPERATURE_CMDID);
1624 	if (ret) {
1625 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_GET_TEMPERATURE cmd\n");
1626 		dev_kfree_skb(skb);
1627 	}
1628 
1629 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1630 		   "WMI pdev get temperature for pdev_id %d\n", ar->pdev->pdev_id);
1631 
1632 	return ret;
1633 }
1634 
1635 int ath11k_wmi_send_bcn_offload_control_cmd(struct ath11k *ar,
1636 					    u32 vdev_id, u32 bcn_ctrl_op)
1637 {
1638 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1639 	struct wmi_bcn_offload_ctrl_cmd *cmd;
1640 	struct sk_buff *skb;
1641 	int ret;
1642 
1643 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1644 	if (!skb)
1645 		return -ENOMEM;
1646 
1647 	cmd = (struct wmi_bcn_offload_ctrl_cmd *)skb->data;
1648 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1649 				     WMI_TAG_BCN_OFFLOAD_CTRL_CMD) |
1650 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1651 
1652 	cmd->vdev_id = vdev_id;
1653 	cmd->bcn_ctrl_op = bcn_ctrl_op;
1654 
1655 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1656 		   "WMI bcn ctrl offload vdev id %d ctrl_op %d\n",
1657 		   vdev_id, bcn_ctrl_op);
1658 
1659 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_BCN_OFFLOAD_CTRL_CMDID);
1660 	if (ret) {
1661 		ath11k_warn(ar->ab,
1662 			    "failed to send WMI_BCN_OFFLOAD_CTRL_CMDID\n");
1663 		dev_kfree_skb(skb);
1664 	}
1665 
1666 	return ret;
1667 }
1668 
1669 int ath11k_wmi_bcn_tmpl(struct ath11k *ar, u32 vdev_id,
1670 			struct ieee80211_mutable_offsets *offs,
1671 			struct sk_buff *bcn)
1672 {
1673 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1674 	struct wmi_bcn_tmpl_cmd *cmd;
1675 	struct wmi_bcn_prb_info *bcn_prb_info;
1676 	struct wmi_tlv *tlv;
1677 	struct sk_buff *skb;
1678 	void *ptr;
1679 	int ret, len;
1680 	size_t aligned_len = roundup(bcn->len, 4);
1681 	struct ieee80211_vif *vif;
1682 	struct ath11k_vif *arvif = ath11k_mac_get_arvif(ar, vdev_id);
1683 
1684 	if (!arvif) {
1685 		ath11k_warn(ar->ab, "failed to find arvif with vdev id %d\n", vdev_id);
1686 		return -EINVAL;
1687 	}
1688 
1689 	vif = arvif->vif;
1690 
1691 	len = sizeof(*cmd) + sizeof(*bcn_prb_info) + TLV_HDR_SIZE + aligned_len;
1692 
1693 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
1694 	if (!skb)
1695 		return -ENOMEM;
1696 
1697 	cmd = (struct wmi_bcn_tmpl_cmd *)skb->data;
1698 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_BCN_TMPL_CMD) |
1699 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1700 	cmd->vdev_id = vdev_id;
1701 	cmd->tim_ie_offset = offs->tim_offset;
1702 
1703 	if (vif->csa_active) {
1704 		cmd->csa_switch_count_offset = offs->cntdwn_counter_offs[0];
1705 		cmd->ext_csa_switch_count_offset = offs->cntdwn_counter_offs[1];
1706 	}
1707 
1708 	cmd->buf_len = bcn->len;
1709 
1710 	ptr = skb->data + sizeof(*cmd);
1711 
1712 	bcn_prb_info = ptr;
1713 	len = sizeof(*bcn_prb_info);
1714 	bcn_prb_info->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1715 					      WMI_TAG_BCN_PRB_INFO) |
1716 				   FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
1717 	bcn_prb_info->caps = 0;
1718 	bcn_prb_info->erp = 0;
1719 
1720 	ptr += sizeof(*bcn_prb_info);
1721 
1722 	tlv = ptr;
1723 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
1724 		      FIELD_PREP(WMI_TLV_LEN, aligned_len);
1725 	memcpy(tlv->value, bcn->data, bcn->len);
1726 
1727 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_BCN_TMPL_CMDID);
1728 	if (ret) {
1729 		ath11k_warn(ar->ab, "failed to send WMI_BCN_TMPL_CMDID\n");
1730 		dev_kfree_skb(skb);
1731 	}
1732 
1733 	return ret;
1734 }
1735 
1736 int ath11k_wmi_vdev_install_key(struct ath11k *ar,
1737 				struct wmi_vdev_install_key_arg *arg)
1738 {
1739 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1740 	struct wmi_vdev_install_key_cmd *cmd;
1741 	struct wmi_tlv *tlv;
1742 	struct sk_buff *skb;
1743 	int ret, len;
1744 	int key_len_aligned = roundup(arg->key_len, sizeof(uint32_t));
1745 
1746 	len = sizeof(*cmd) + TLV_HDR_SIZE + key_len_aligned;
1747 
1748 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
1749 	if (!skb)
1750 		return -ENOMEM;
1751 
1752 	cmd = (struct wmi_vdev_install_key_cmd *)skb->data;
1753 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_INSTALL_KEY_CMD) |
1754 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1755 	cmd->vdev_id = arg->vdev_id;
1756 	ether_addr_copy(cmd->peer_macaddr.addr, arg->macaddr);
1757 	cmd->key_idx = arg->key_idx;
1758 	cmd->key_flags = arg->key_flags;
1759 	cmd->key_cipher = arg->key_cipher;
1760 	cmd->key_len = arg->key_len;
1761 	cmd->key_txmic_len = arg->key_txmic_len;
1762 	cmd->key_rxmic_len = arg->key_rxmic_len;
1763 
1764 	if (arg->key_rsc_counter)
1765 		memcpy(&cmd->key_rsc_counter, &arg->key_rsc_counter,
1766 		       sizeof(struct wmi_key_seq_counter));
1767 
1768 	tlv = (struct wmi_tlv *)(skb->data + sizeof(*cmd));
1769 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
1770 		      FIELD_PREP(WMI_TLV_LEN, key_len_aligned);
1771 	if (arg->key_data)
1772 		memcpy(tlv->value, (u8 *)arg->key_data, key_len_aligned);
1773 
1774 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_INSTALL_KEY_CMDID);
1775 	if (ret) {
1776 		ath11k_warn(ar->ab,
1777 			    "failed to send WMI_VDEV_INSTALL_KEY cmd\n");
1778 		dev_kfree_skb(skb);
1779 	}
1780 
1781 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1782 		   "WMI vdev install key idx %d cipher %d len %d\n",
1783 		   arg->key_idx, arg->key_cipher, arg->key_len);
1784 
1785 	return ret;
1786 }
1787 
1788 static inline void
1789 ath11k_wmi_copy_peer_flags(struct wmi_peer_assoc_complete_cmd *cmd,
1790 			   struct peer_assoc_params *param,
1791 			   bool hw_crypto_disabled)
1792 {
1793 	cmd->peer_flags = 0;
1794 
1795 	if (param->is_wme_set) {
1796 		if (param->qos_flag)
1797 			cmd->peer_flags |= WMI_PEER_QOS;
1798 		if (param->apsd_flag)
1799 			cmd->peer_flags |= WMI_PEER_APSD;
1800 		if (param->ht_flag)
1801 			cmd->peer_flags |= WMI_PEER_HT;
1802 		if (param->bw_40)
1803 			cmd->peer_flags |= WMI_PEER_40MHZ;
1804 		if (param->bw_80)
1805 			cmd->peer_flags |= WMI_PEER_80MHZ;
1806 		if (param->bw_160)
1807 			cmd->peer_flags |= WMI_PEER_160MHZ;
1808 
1809 		/* Typically if STBC is enabled for VHT it should be enabled
1810 		 * for HT as well
1811 		 **/
1812 		if (param->stbc_flag)
1813 			cmd->peer_flags |= WMI_PEER_STBC;
1814 
1815 		/* Typically if LDPC is enabled for VHT it should be enabled
1816 		 * for HT as well
1817 		 **/
1818 		if (param->ldpc_flag)
1819 			cmd->peer_flags |= WMI_PEER_LDPC;
1820 
1821 		if (param->static_mimops_flag)
1822 			cmd->peer_flags |= WMI_PEER_STATIC_MIMOPS;
1823 		if (param->dynamic_mimops_flag)
1824 			cmd->peer_flags |= WMI_PEER_DYN_MIMOPS;
1825 		if (param->spatial_mux_flag)
1826 			cmd->peer_flags |= WMI_PEER_SPATIAL_MUX;
1827 		if (param->vht_flag)
1828 			cmd->peer_flags |= WMI_PEER_VHT;
1829 		if (param->he_flag)
1830 			cmd->peer_flags |= WMI_PEER_HE;
1831 		if (param->twt_requester)
1832 			cmd->peer_flags |= WMI_PEER_TWT_REQ;
1833 		if (param->twt_responder)
1834 			cmd->peer_flags |= WMI_PEER_TWT_RESP;
1835 	}
1836 
1837 	/* Suppress authorization for all AUTH modes that need 4-way handshake
1838 	 * (during re-association).
1839 	 * Authorization will be done for these modes on key installation.
1840 	 */
1841 	if (param->auth_flag)
1842 		cmd->peer_flags |= WMI_PEER_AUTH;
1843 	if (param->need_ptk_4_way) {
1844 		cmd->peer_flags |= WMI_PEER_NEED_PTK_4_WAY;
1845 		if (!hw_crypto_disabled && param->is_assoc)
1846 			cmd->peer_flags &= ~WMI_PEER_AUTH;
1847 	}
1848 	if (param->need_gtk_2_way)
1849 		cmd->peer_flags |= WMI_PEER_NEED_GTK_2_WAY;
1850 	/* safe mode bypass the 4-way handshake */
1851 	if (param->safe_mode_enabled)
1852 		cmd->peer_flags &= ~(WMI_PEER_NEED_PTK_4_WAY |
1853 				     WMI_PEER_NEED_GTK_2_WAY);
1854 
1855 	if (param->is_pmf_enabled)
1856 		cmd->peer_flags |= WMI_PEER_PMF;
1857 
1858 	/* Disable AMSDU for station transmit, if user configures it */
1859 	/* Disable AMSDU for AP transmit to 11n Stations, if user configures
1860 	 * it
1861 	 * if (param->amsdu_disable) Add after FW support
1862 	 **/
1863 
1864 	/* Target asserts if node is marked HT and all MCS is set to 0.
1865 	 * Mark the node as non-HT if all the mcs rates are disabled through
1866 	 * iwpriv
1867 	 **/
1868 	if (param->peer_ht_rates.num_rates == 0)
1869 		cmd->peer_flags &= ~WMI_PEER_HT;
1870 }
1871 
1872 int ath11k_wmi_send_peer_assoc_cmd(struct ath11k *ar,
1873 				   struct peer_assoc_params *param)
1874 {
1875 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1876 	struct wmi_peer_assoc_complete_cmd *cmd;
1877 	struct wmi_vht_rate_set *mcs;
1878 	struct wmi_he_rate_set *he_mcs;
1879 	struct sk_buff *skb;
1880 	struct wmi_tlv *tlv;
1881 	void *ptr;
1882 	u32 peer_legacy_rates_align;
1883 	u32 peer_ht_rates_align;
1884 	int i, ret, len;
1885 
1886 	peer_legacy_rates_align = roundup(param->peer_legacy_rates.num_rates,
1887 					  sizeof(u32));
1888 	peer_ht_rates_align = roundup(param->peer_ht_rates.num_rates,
1889 				      sizeof(u32));
1890 
1891 	len = sizeof(*cmd) +
1892 	      TLV_HDR_SIZE + (peer_legacy_rates_align * sizeof(u8)) +
1893 	      TLV_HDR_SIZE + (peer_ht_rates_align * sizeof(u8)) +
1894 	      sizeof(*mcs) + TLV_HDR_SIZE +
1895 	      (sizeof(*he_mcs) * param->peer_he_mcs_count);
1896 
1897 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
1898 	if (!skb)
1899 		return -ENOMEM;
1900 
1901 	ptr = skb->data;
1902 
1903 	cmd = ptr;
1904 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1905 				     WMI_TAG_PEER_ASSOC_COMPLETE_CMD) |
1906 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1907 
1908 	cmd->vdev_id = param->vdev_id;
1909 
1910 	cmd->peer_new_assoc = param->peer_new_assoc;
1911 	cmd->peer_associd = param->peer_associd;
1912 
1913 	ath11k_wmi_copy_peer_flags(cmd, param,
1914 				   test_bit(ATH11K_FLAG_HW_CRYPTO_DISABLED,
1915 					    &ar->ab->dev_flags));
1916 
1917 	ether_addr_copy(cmd->peer_macaddr.addr, param->peer_mac);
1918 
1919 	cmd->peer_rate_caps = param->peer_rate_caps;
1920 	cmd->peer_caps = param->peer_caps;
1921 	cmd->peer_listen_intval = param->peer_listen_intval;
1922 	cmd->peer_ht_caps = param->peer_ht_caps;
1923 	cmd->peer_max_mpdu = param->peer_max_mpdu;
1924 	cmd->peer_mpdu_density = param->peer_mpdu_density;
1925 	cmd->peer_vht_caps = param->peer_vht_caps;
1926 	cmd->peer_phymode = param->peer_phymode;
1927 
1928 	/* Update 11ax capabilities */
1929 	cmd->peer_he_cap_info = param->peer_he_cap_macinfo[0];
1930 	cmd->peer_he_cap_info_ext = param->peer_he_cap_macinfo[1];
1931 	cmd->peer_he_cap_info_internal = param->peer_he_cap_macinfo_internal;
1932 	cmd->peer_he_caps_6ghz = param->peer_he_caps_6ghz;
1933 	cmd->peer_he_ops = param->peer_he_ops;
1934 	memcpy(&cmd->peer_he_cap_phy, &param->peer_he_cap_phyinfo,
1935 	       sizeof(param->peer_he_cap_phyinfo));
1936 	memcpy(&cmd->peer_ppet, &param->peer_ppet,
1937 	       sizeof(param->peer_ppet));
1938 
1939 	/* Update peer legacy rate information */
1940 	ptr += sizeof(*cmd);
1941 
1942 	tlv = ptr;
1943 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
1944 		      FIELD_PREP(WMI_TLV_LEN, peer_legacy_rates_align);
1945 
1946 	ptr += TLV_HDR_SIZE;
1947 
1948 	cmd->num_peer_legacy_rates = param->peer_legacy_rates.num_rates;
1949 	memcpy(ptr, param->peer_legacy_rates.rates,
1950 	       param->peer_legacy_rates.num_rates);
1951 
1952 	/* Update peer HT rate information */
1953 	ptr += peer_legacy_rates_align;
1954 
1955 	tlv = ptr;
1956 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
1957 		      FIELD_PREP(WMI_TLV_LEN, peer_ht_rates_align);
1958 	ptr += TLV_HDR_SIZE;
1959 	cmd->num_peer_ht_rates = param->peer_ht_rates.num_rates;
1960 	memcpy(ptr, param->peer_ht_rates.rates,
1961 	       param->peer_ht_rates.num_rates);
1962 
1963 	/* VHT Rates */
1964 	ptr += peer_ht_rates_align;
1965 
1966 	mcs = ptr;
1967 
1968 	mcs->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VHT_RATE_SET) |
1969 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*mcs) - TLV_HDR_SIZE);
1970 
1971 	cmd->peer_nss = param->peer_nss;
1972 
1973 	/* Update bandwidth-NSS mapping */
1974 	cmd->peer_bw_rxnss_override = 0;
1975 	cmd->peer_bw_rxnss_override |= param->peer_bw_rxnss_override;
1976 
1977 	if (param->vht_capable) {
1978 		mcs->rx_max_rate = param->rx_max_rate;
1979 		mcs->rx_mcs_set = param->rx_mcs_set;
1980 		mcs->tx_max_rate = param->tx_max_rate;
1981 		mcs->tx_mcs_set = param->tx_mcs_set;
1982 	}
1983 
1984 	/* HE Rates */
1985 	cmd->peer_he_mcs = param->peer_he_mcs_count;
1986 	cmd->min_data_rate = param->min_data_rate;
1987 
1988 	ptr += sizeof(*mcs);
1989 
1990 	len = param->peer_he_mcs_count * sizeof(*he_mcs);
1991 
1992 	tlv = ptr;
1993 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
1994 		      FIELD_PREP(WMI_TLV_LEN, len);
1995 	ptr += TLV_HDR_SIZE;
1996 
1997 	/* Loop through the HE rate set */
1998 	for (i = 0; i < param->peer_he_mcs_count; i++) {
1999 		he_mcs = ptr;
2000 		he_mcs->tlv_header = FIELD_PREP(WMI_TLV_TAG,
2001 						WMI_TAG_HE_RATE_SET) |
2002 				     FIELD_PREP(WMI_TLV_LEN,
2003 						sizeof(*he_mcs) - TLV_HDR_SIZE);
2004 
2005 		he_mcs->rx_mcs_set = param->peer_he_tx_mcs_set[i];
2006 		he_mcs->tx_mcs_set = param->peer_he_rx_mcs_set[i];
2007 		ptr += sizeof(*he_mcs);
2008 	}
2009 
2010 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_ASSOC_CMDID);
2011 	if (ret) {
2012 		ath11k_warn(ar->ab,
2013 			    "failed to send WMI_PEER_ASSOC_CMDID\n");
2014 		dev_kfree_skb(skb);
2015 	}
2016 
2017 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2018 		   "wmi peer assoc vdev id %d assoc id %d peer mac %pM peer_flags %x rate_caps %x peer_caps %x listen_intval %d ht_caps %x max_mpdu %d nss %d phymode %d peer_mpdu_density %d vht_caps %x he cap_info %x he ops %x he cap_info_ext %x he phy %x %x %x peer_bw_rxnss_override %x\n",
2019 		   cmd->vdev_id, cmd->peer_associd, param->peer_mac,
2020 		   cmd->peer_flags, cmd->peer_rate_caps, cmd->peer_caps,
2021 		   cmd->peer_listen_intval, cmd->peer_ht_caps,
2022 		   cmd->peer_max_mpdu, cmd->peer_nss, cmd->peer_phymode,
2023 		   cmd->peer_mpdu_density,
2024 		   cmd->peer_vht_caps, cmd->peer_he_cap_info,
2025 		   cmd->peer_he_ops, cmd->peer_he_cap_info_ext,
2026 		   cmd->peer_he_cap_phy[0], cmd->peer_he_cap_phy[1],
2027 		   cmd->peer_he_cap_phy[2],
2028 		   cmd->peer_bw_rxnss_override);
2029 
2030 	return ret;
2031 }
2032 
2033 void ath11k_wmi_start_scan_init(struct ath11k *ar,
2034 				struct scan_req_params *arg)
2035 {
2036 	/* setup commonly used values */
2037 	arg->scan_req_id = 1;
2038 	if (ar->state_11d == ATH11K_11D_PREPARING)
2039 		arg->scan_priority = WMI_SCAN_PRIORITY_MEDIUM;
2040 	else
2041 		arg->scan_priority = WMI_SCAN_PRIORITY_LOW;
2042 	arg->dwell_time_active = 50;
2043 	arg->dwell_time_active_2g = 0;
2044 	arg->dwell_time_passive = 150;
2045 	arg->dwell_time_active_6g = 40;
2046 	arg->dwell_time_passive_6g = 30;
2047 	arg->min_rest_time = 50;
2048 	arg->max_rest_time = 500;
2049 	arg->repeat_probe_time = 0;
2050 	arg->probe_spacing_time = 0;
2051 	arg->idle_time = 0;
2052 	arg->max_scan_time = 20000;
2053 	arg->probe_delay = 5;
2054 	arg->notify_scan_events = WMI_SCAN_EVENT_STARTED |
2055 				  WMI_SCAN_EVENT_COMPLETED |
2056 				  WMI_SCAN_EVENT_BSS_CHANNEL |
2057 				  WMI_SCAN_EVENT_FOREIGN_CHAN |
2058 				  WMI_SCAN_EVENT_DEQUEUED;
2059 	arg->scan_flags |= WMI_SCAN_CHAN_STAT_EVENT;
2060 	arg->num_bssid = 1;
2061 
2062 	/* fill bssid_list[0] with 0xff, otherwise bssid and RA will be
2063 	 * ZEROs in probe request
2064 	 */
2065 	eth_broadcast_addr(arg->bssid_list[0].addr);
2066 }
2067 
2068 static inline void
2069 ath11k_wmi_copy_scan_event_cntrl_flags(struct wmi_start_scan_cmd *cmd,
2070 				       struct scan_req_params *param)
2071 {
2072 	/* Scan events subscription */
2073 	if (param->scan_ev_started)
2074 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_STARTED;
2075 	if (param->scan_ev_completed)
2076 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_COMPLETED;
2077 	if (param->scan_ev_bss_chan)
2078 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_BSS_CHANNEL;
2079 	if (param->scan_ev_foreign_chan)
2080 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_FOREIGN_CHAN;
2081 	if (param->scan_ev_dequeued)
2082 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_DEQUEUED;
2083 	if (param->scan_ev_preempted)
2084 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_PREEMPTED;
2085 	if (param->scan_ev_start_failed)
2086 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_START_FAILED;
2087 	if (param->scan_ev_restarted)
2088 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_RESTARTED;
2089 	if (param->scan_ev_foreign_chn_exit)
2090 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_FOREIGN_CHAN_EXIT;
2091 	if (param->scan_ev_suspended)
2092 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_SUSPENDED;
2093 	if (param->scan_ev_resumed)
2094 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_RESUMED;
2095 
2096 	/** Set scan control flags */
2097 	cmd->scan_ctrl_flags = 0;
2098 	if (param->scan_f_passive)
2099 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_PASSIVE;
2100 	if (param->scan_f_strict_passive_pch)
2101 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_STRICT_PASSIVE_ON_PCHN;
2102 	if (param->scan_f_promisc_mode)
2103 		cmd->scan_ctrl_flags |=  WMI_SCAN_FILTER_PROMISCUOS;
2104 	if (param->scan_f_capture_phy_err)
2105 		cmd->scan_ctrl_flags |=  WMI_SCAN_CAPTURE_PHY_ERROR;
2106 	if (param->scan_f_half_rate)
2107 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_HALF_RATE_SUPPORT;
2108 	if (param->scan_f_quarter_rate)
2109 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_QUARTER_RATE_SUPPORT;
2110 	if (param->scan_f_cck_rates)
2111 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_CCK_RATES;
2112 	if (param->scan_f_ofdm_rates)
2113 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_OFDM_RATES;
2114 	if (param->scan_f_chan_stat_evnt)
2115 		cmd->scan_ctrl_flags |=  WMI_SCAN_CHAN_STAT_EVENT;
2116 	if (param->scan_f_filter_prb_req)
2117 		cmd->scan_ctrl_flags |=  WMI_SCAN_FILTER_PROBE_REQ;
2118 	if (param->scan_f_bcast_probe)
2119 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_BCAST_PROBE_REQ;
2120 	if (param->scan_f_offchan_mgmt_tx)
2121 		cmd->scan_ctrl_flags |=  WMI_SCAN_OFFCHAN_MGMT_TX;
2122 	if (param->scan_f_offchan_data_tx)
2123 		cmd->scan_ctrl_flags |=  WMI_SCAN_OFFCHAN_DATA_TX;
2124 	if (param->scan_f_force_active_dfs_chn)
2125 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_FORCE_ACTIVE_ON_DFS;
2126 	if (param->scan_f_add_tpc_ie_in_probe)
2127 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_TPC_IE_IN_PROBE_REQ;
2128 	if (param->scan_f_add_ds_ie_in_probe)
2129 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_DS_IE_IN_PROBE_REQ;
2130 	if (param->scan_f_add_spoofed_mac_in_probe)
2131 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_SPOOF_MAC_IN_PROBE_REQ;
2132 	if (param->scan_f_add_rand_seq_in_probe)
2133 		cmd->scan_ctrl_flags |=  WMI_SCAN_RANDOM_SEQ_NO_IN_PROBE_REQ;
2134 	if (param->scan_f_en_ie_whitelist_in_probe)
2135 		cmd->scan_ctrl_flags |=
2136 			 WMI_SCAN_ENABLE_IE_WHTELIST_IN_PROBE_REQ;
2137 
2138 	/* for adaptive scan mode using 3 bits (21 - 23 bits) */
2139 	WMI_SCAN_SET_DWELL_MODE(cmd->scan_ctrl_flags,
2140 				param->adaptive_dwell_time_mode);
2141 }
2142 
2143 int ath11k_wmi_send_scan_start_cmd(struct ath11k *ar,
2144 				   struct scan_req_params *params)
2145 {
2146 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2147 	struct wmi_start_scan_cmd *cmd;
2148 	struct wmi_ssid *ssid = NULL;
2149 	struct wmi_mac_addr *bssid;
2150 	struct sk_buff *skb;
2151 	struct wmi_tlv *tlv;
2152 	void *ptr;
2153 	int i, ret, len;
2154 	u32 *tmp_ptr;
2155 	u16 extraie_len_with_pad = 0;
2156 	struct hint_short_ssid *s_ssid = NULL;
2157 	struct hint_bssid *hint_bssid = NULL;
2158 
2159 	len = sizeof(*cmd);
2160 
2161 	len += TLV_HDR_SIZE;
2162 	if (params->num_chan)
2163 		len += params->num_chan * sizeof(u32);
2164 
2165 	len += TLV_HDR_SIZE;
2166 	if (params->num_ssids)
2167 		len += params->num_ssids * sizeof(*ssid);
2168 
2169 	len += TLV_HDR_SIZE;
2170 	if (params->num_bssid)
2171 		len += sizeof(*bssid) * params->num_bssid;
2172 
2173 	len += TLV_HDR_SIZE;
2174 	if (params->extraie.len && params->extraie.len <= 0xFFFF)
2175 		extraie_len_with_pad =
2176 			roundup(params->extraie.len, sizeof(u32));
2177 	len += extraie_len_with_pad;
2178 
2179 	if (params->num_hint_bssid)
2180 		len += TLV_HDR_SIZE +
2181 		       params->num_hint_bssid * sizeof(struct hint_bssid);
2182 
2183 	if (params->num_hint_s_ssid)
2184 		len += TLV_HDR_SIZE +
2185 		       params->num_hint_s_ssid * sizeof(struct hint_short_ssid);
2186 
2187 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
2188 	if (!skb)
2189 		return -ENOMEM;
2190 
2191 	ptr = skb->data;
2192 
2193 	cmd = ptr;
2194 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_START_SCAN_CMD) |
2195 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2196 
2197 	cmd->scan_id = params->scan_id;
2198 	cmd->scan_req_id = params->scan_req_id;
2199 	cmd->vdev_id = params->vdev_id;
2200 	cmd->scan_priority = params->scan_priority;
2201 	cmd->notify_scan_events = params->notify_scan_events;
2202 
2203 	ath11k_wmi_copy_scan_event_cntrl_flags(cmd, params);
2204 
2205 	cmd->dwell_time_active = params->dwell_time_active;
2206 	cmd->dwell_time_active_2g = params->dwell_time_active_2g;
2207 	cmd->dwell_time_passive = params->dwell_time_passive;
2208 	cmd->dwell_time_active_6g = params->dwell_time_active_6g;
2209 	cmd->dwell_time_passive_6g = params->dwell_time_passive_6g;
2210 	cmd->min_rest_time = params->min_rest_time;
2211 	cmd->max_rest_time = params->max_rest_time;
2212 	cmd->repeat_probe_time = params->repeat_probe_time;
2213 	cmd->probe_spacing_time = params->probe_spacing_time;
2214 	cmd->idle_time = params->idle_time;
2215 	cmd->max_scan_time = params->max_scan_time;
2216 	cmd->probe_delay = params->probe_delay;
2217 	cmd->burst_duration = params->burst_duration;
2218 	cmd->num_chan = params->num_chan;
2219 	cmd->num_bssid = params->num_bssid;
2220 	cmd->num_ssids = params->num_ssids;
2221 	cmd->ie_len = params->extraie.len;
2222 	cmd->n_probes = params->n_probes;
2223 	ether_addr_copy(cmd->mac_addr.addr, params->mac_addr.addr);
2224 	ether_addr_copy(cmd->mac_mask.addr, params->mac_mask.addr);
2225 
2226 	ptr += sizeof(*cmd);
2227 
2228 	len = params->num_chan * sizeof(u32);
2229 
2230 	tlv = ptr;
2231 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_UINT32) |
2232 		      FIELD_PREP(WMI_TLV_LEN, len);
2233 	ptr += TLV_HDR_SIZE;
2234 	tmp_ptr = (u32 *)ptr;
2235 
2236 	for (i = 0; i < params->num_chan; ++i)
2237 		tmp_ptr[i] = params->chan_list[i];
2238 
2239 	ptr += len;
2240 
2241 	len = params->num_ssids * sizeof(*ssid);
2242 	tlv = ptr;
2243 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) |
2244 		      FIELD_PREP(WMI_TLV_LEN, len);
2245 
2246 	ptr += TLV_HDR_SIZE;
2247 
2248 	if (params->num_ssids) {
2249 		ssid = ptr;
2250 		for (i = 0; i < params->num_ssids; ++i) {
2251 			ssid->ssid_len = params->ssid[i].length;
2252 			memcpy(ssid->ssid, params->ssid[i].ssid,
2253 			       params->ssid[i].length);
2254 			ssid++;
2255 		}
2256 	}
2257 
2258 	ptr += (params->num_ssids * sizeof(*ssid));
2259 	len = params->num_bssid * sizeof(*bssid);
2260 	tlv = ptr;
2261 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) |
2262 		      FIELD_PREP(WMI_TLV_LEN, len);
2263 
2264 	ptr += TLV_HDR_SIZE;
2265 	bssid = ptr;
2266 
2267 	if (params->num_bssid) {
2268 		for (i = 0; i < params->num_bssid; ++i) {
2269 			ether_addr_copy(bssid->addr,
2270 					params->bssid_list[i].addr);
2271 			bssid++;
2272 		}
2273 	}
2274 
2275 	ptr += params->num_bssid * sizeof(*bssid);
2276 
2277 	len = extraie_len_with_pad;
2278 	tlv = ptr;
2279 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
2280 		      FIELD_PREP(WMI_TLV_LEN, len);
2281 	ptr += TLV_HDR_SIZE;
2282 
2283 	if (extraie_len_with_pad)
2284 		memcpy(ptr, params->extraie.ptr,
2285 		       params->extraie.len);
2286 
2287 	ptr += extraie_len_with_pad;
2288 
2289 	if (params->num_hint_s_ssid) {
2290 		len = params->num_hint_s_ssid * sizeof(struct hint_short_ssid);
2291 		tlv = ptr;
2292 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) |
2293 			      FIELD_PREP(WMI_TLV_LEN, len);
2294 		ptr += TLV_HDR_SIZE;
2295 		s_ssid = ptr;
2296 		for (i = 0; i < params->num_hint_s_ssid; ++i) {
2297 			s_ssid->freq_flags = params->hint_s_ssid[i].freq_flags;
2298 			s_ssid->short_ssid = params->hint_s_ssid[i].short_ssid;
2299 			s_ssid++;
2300 		}
2301 		ptr += len;
2302 	}
2303 
2304 	if (params->num_hint_bssid) {
2305 		len = params->num_hint_bssid * sizeof(struct hint_bssid);
2306 		tlv = ptr;
2307 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) |
2308 			      FIELD_PREP(WMI_TLV_LEN, len);
2309 		ptr += TLV_HDR_SIZE;
2310 		hint_bssid = ptr;
2311 		for (i = 0; i < params->num_hint_bssid; ++i) {
2312 			hint_bssid->freq_flags =
2313 				params->hint_bssid[i].freq_flags;
2314 			ether_addr_copy(&params->hint_bssid[i].bssid.addr[0],
2315 					&hint_bssid->bssid.addr[0]);
2316 			hint_bssid++;
2317 		}
2318 	}
2319 
2320 	ret = ath11k_wmi_cmd_send(wmi, skb,
2321 				  WMI_START_SCAN_CMDID);
2322 	if (ret) {
2323 		ath11k_warn(ar->ab, "failed to send WMI_START_SCAN_CMDID\n");
2324 		dev_kfree_skb(skb);
2325 	}
2326 
2327 	return ret;
2328 }
2329 
2330 int ath11k_wmi_send_scan_stop_cmd(struct ath11k *ar,
2331 				  struct scan_cancel_param *param)
2332 {
2333 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2334 	struct wmi_stop_scan_cmd *cmd;
2335 	struct sk_buff *skb;
2336 	int ret;
2337 
2338 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2339 	if (!skb)
2340 		return -ENOMEM;
2341 
2342 	cmd = (struct wmi_stop_scan_cmd *)skb->data;
2343 
2344 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_STOP_SCAN_CMD) |
2345 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2346 
2347 	cmd->vdev_id = param->vdev_id;
2348 	cmd->requestor = param->requester;
2349 	cmd->scan_id = param->scan_id;
2350 	cmd->pdev_id = param->pdev_id;
2351 	/* stop the scan with the corresponding scan_id */
2352 	if (param->req_type == WLAN_SCAN_CANCEL_PDEV_ALL) {
2353 		/* Cancelling all scans */
2354 		cmd->req_type =  WMI_SCAN_STOP_ALL;
2355 	} else if (param->req_type == WLAN_SCAN_CANCEL_VDEV_ALL) {
2356 		/* Cancelling VAP scans */
2357 		cmd->req_type =  WMI_SCN_STOP_VAP_ALL;
2358 	} else if (param->req_type == WLAN_SCAN_CANCEL_SINGLE) {
2359 		/* Cancelling specific scan */
2360 		cmd->req_type =  WMI_SCAN_STOP_ONE;
2361 	} else {
2362 		ath11k_warn(ar->ab, "invalid scan cancel param %d",
2363 			    param->req_type);
2364 		dev_kfree_skb(skb);
2365 		return -EINVAL;
2366 	}
2367 
2368 	ret = ath11k_wmi_cmd_send(wmi, skb,
2369 				  WMI_STOP_SCAN_CMDID);
2370 	if (ret) {
2371 		ath11k_warn(ar->ab, "failed to send WMI_STOP_SCAN_CMDID\n");
2372 		dev_kfree_skb(skb);
2373 	}
2374 
2375 	return ret;
2376 }
2377 
2378 int ath11k_wmi_send_scan_chan_list_cmd(struct ath11k *ar,
2379 				       struct scan_chan_list_params *chan_list)
2380 {
2381 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2382 	struct wmi_scan_chan_list_cmd *cmd;
2383 	struct sk_buff *skb;
2384 	struct wmi_channel *chan_info;
2385 	struct channel_param *tchan_info;
2386 	struct wmi_tlv *tlv;
2387 	void *ptr;
2388 	int i, ret, len;
2389 	u16 num_send_chans, num_sends = 0, max_chan_limit = 0;
2390 	u32 *reg1, *reg2;
2391 
2392 	tchan_info = chan_list->ch_param;
2393 	while (chan_list->nallchans) {
2394 		len = sizeof(*cmd) + TLV_HDR_SIZE;
2395 		max_chan_limit = (wmi->wmi_ab->max_msg_len[ar->pdev_idx] - len) /
2396 			sizeof(*chan_info);
2397 
2398 		if (chan_list->nallchans > max_chan_limit)
2399 			num_send_chans = max_chan_limit;
2400 		else
2401 			num_send_chans = chan_list->nallchans;
2402 
2403 		chan_list->nallchans -= num_send_chans;
2404 		len += sizeof(*chan_info) * num_send_chans;
2405 
2406 		skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
2407 		if (!skb)
2408 			return -ENOMEM;
2409 
2410 		cmd = (struct wmi_scan_chan_list_cmd *)skb->data;
2411 		cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_SCAN_CHAN_LIST_CMD) |
2412 			FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2413 		cmd->pdev_id = chan_list->pdev_id;
2414 		cmd->num_scan_chans = num_send_chans;
2415 		if (num_sends)
2416 			cmd->flags |= WMI_APPEND_TO_EXISTING_CHAN_LIST_FLAG;
2417 
2418 		ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2419 			   "WMI no.of chan = %d len = %d pdev_id = %d num_sends = %d\n",
2420 			   num_send_chans, len, cmd->pdev_id, num_sends);
2421 
2422 		ptr = skb->data + sizeof(*cmd);
2423 
2424 		len = sizeof(*chan_info) * num_send_chans;
2425 		tlv = ptr;
2426 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
2427 			      FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
2428 		ptr += TLV_HDR_SIZE;
2429 
2430 		for (i = 0; i < num_send_chans; ++i) {
2431 			chan_info = ptr;
2432 			memset(chan_info, 0, sizeof(*chan_info));
2433 			len = sizeof(*chan_info);
2434 			chan_info->tlv_header = FIELD_PREP(WMI_TLV_TAG,
2435 							   WMI_TAG_CHANNEL) |
2436 						FIELD_PREP(WMI_TLV_LEN,
2437 							   len - TLV_HDR_SIZE);
2438 
2439 			reg1 = &chan_info->reg_info_1;
2440 			reg2 = &chan_info->reg_info_2;
2441 			chan_info->mhz = tchan_info->mhz;
2442 			chan_info->band_center_freq1 = tchan_info->cfreq1;
2443 			chan_info->band_center_freq2 = tchan_info->cfreq2;
2444 
2445 			if (tchan_info->is_chan_passive)
2446 				chan_info->info |= WMI_CHAN_INFO_PASSIVE;
2447 			if (tchan_info->allow_he)
2448 				chan_info->info |= WMI_CHAN_INFO_ALLOW_HE;
2449 			else if (tchan_info->allow_vht)
2450 				chan_info->info |= WMI_CHAN_INFO_ALLOW_VHT;
2451 			else if (tchan_info->allow_ht)
2452 				chan_info->info |= WMI_CHAN_INFO_ALLOW_HT;
2453 			if (tchan_info->half_rate)
2454 				chan_info->info |= WMI_CHAN_INFO_HALF_RATE;
2455 			if (tchan_info->quarter_rate)
2456 				chan_info->info |= WMI_CHAN_INFO_QUARTER_RATE;
2457 			if (tchan_info->psc_channel)
2458 				chan_info->info |= WMI_CHAN_INFO_PSC;
2459 			if (tchan_info->dfs_set)
2460 				chan_info->info |= WMI_CHAN_INFO_DFS;
2461 
2462 			chan_info->info |= FIELD_PREP(WMI_CHAN_INFO_MODE,
2463 						      tchan_info->phy_mode);
2464 			*reg1 |= FIELD_PREP(WMI_CHAN_REG_INFO1_MIN_PWR,
2465 					    tchan_info->minpower);
2466 			*reg1 |= FIELD_PREP(WMI_CHAN_REG_INFO1_MAX_PWR,
2467 					    tchan_info->maxpower);
2468 			*reg1 |= FIELD_PREP(WMI_CHAN_REG_INFO1_MAX_REG_PWR,
2469 					    tchan_info->maxregpower);
2470 			*reg1 |= FIELD_PREP(WMI_CHAN_REG_INFO1_REG_CLS,
2471 					    tchan_info->reg_class_id);
2472 			*reg2 |= FIELD_PREP(WMI_CHAN_REG_INFO2_ANT_MAX,
2473 					    tchan_info->antennamax);
2474 			*reg2 |= FIELD_PREP(WMI_CHAN_REG_INFO2_MAX_TX_PWR,
2475 					    tchan_info->maxregpower);
2476 
2477 			ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2478 				   "WMI chan scan list chan[%d] = %u, chan_info->info %8x\n",
2479 				   i, chan_info->mhz, chan_info->info);
2480 
2481 			ptr += sizeof(*chan_info);
2482 
2483 			tchan_info++;
2484 		}
2485 
2486 		ret = ath11k_wmi_cmd_send(wmi, skb, WMI_SCAN_CHAN_LIST_CMDID);
2487 		if (ret) {
2488 			ath11k_warn(ar->ab, "failed to send WMI_SCAN_CHAN_LIST cmd\n");
2489 			dev_kfree_skb(skb);
2490 			return ret;
2491 		}
2492 
2493 		num_sends++;
2494 	}
2495 
2496 	return 0;
2497 }
2498 
2499 int ath11k_wmi_send_wmm_update_cmd_tlv(struct ath11k *ar, u32 vdev_id,
2500 				       struct wmi_wmm_params_all_arg *param)
2501 {
2502 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2503 	struct wmi_vdev_set_wmm_params_cmd *cmd;
2504 	struct wmi_wmm_params *wmm_param;
2505 	struct wmi_wmm_params_arg *wmi_wmm_arg;
2506 	struct sk_buff *skb;
2507 	int ret, ac;
2508 
2509 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2510 	if (!skb)
2511 		return -ENOMEM;
2512 
2513 	cmd = (struct wmi_vdev_set_wmm_params_cmd *)skb->data;
2514 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
2515 				     WMI_TAG_VDEV_SET_WMM_PARAMS_CMD) |
2516 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2517 
2518 	cmd->vdev_id = vdev_id;
2519 	cmd->wmm_param_type = 0;
2520 
2521 	for (ac = 0; ac < WME_NUM_AC; ac++) {
2522 		switch (ac) {
2523 		case WME_AC_BE:
2524 			wmi_wmm_arg = &param->ac_be;
2525 			break;
2526 		case WME_AC_BK:
2527 			wmi_wmm_arg = &param->ac_bk;
2528 			break;
2529 		case WME_AC_VI:
2530 			wmi_wmm_arg = &param->ac_vi;
2531 			break;
2532 		case WME_AC_VO:
2533 			wmi_wmm_arg = &param->ac_vo;
2534 			break;
2535 		}
2536 
2537 		wmm_param = (struct wmi_wmm_params *)&cmd->wmm_params[ac];
2538 		wmm_param->tlv_header =
2539 				FIELD_PREP(WMI_TLV_TAG,
2540 					   WMI_TAG_VDEV_SET_WMM_PARAMS_CMD) |
2541 				FIELD_PREP(WMI_TLV_LEN,
2542 					   sizeof(*wmm_param) - TLV_HDR_SIZE);
2543 
2544 		wmm_param->aifs = wmi_wmm_arg->aifs;
2545 		wmm_param->cwmin = wmi_wmm_arg->cwmin;
2546 		wmm_param->cwmax = wmi_wmm_arg->cwmax;
2547 		wmm_param->txoplimit = wmi_wmm_arg->txop;
2548 		wmm_param->acm = wmi_wmm_arg->acm;
2549 		wmm_param->no_ack = wmi_wmm_arg->no_ack;
2550 
2551 		ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2552 			   "wmi wmm set ac %d aifs %d cwmin %d cwmax %d txop %d acm %d no_ack %d\n",
2553 			   ac, wmm_param->aifs, wmm_param->cwmin,
2554 			   wmm_param->cwmax, wmm_param->txoplimit,
2555 			   wmm_param->acm, wmm_param->no_ack);
2556 	}
2557 	ret = ath11k_wmi_cmd_send(wmi, skb,
2558 				  WMI_VDEV_SET_WMM_PARAMS_CMDID);
2559 	if (ret) {
2560 		ath11k_warn(ar->ab,
2561 			    "failed to send WMI_VDEV_SET_WMM_PARAMS_CMDID");
2562 		dev_kfree_skb(skb);
2563 	}
2564 
2565 	return ret;
2566 }
2567 
2568 int ath11k_wmi_send_dfs_phyerr_offload_enable_cmd(struct ath11k *ar,
2569 						  u32 pdev_id)
2570 {
2571 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2572 	struct wmi_dfs_phyerr_offload_cmd *cmd;
2573 	struct sk_buff *skb;
2574 	int ret;
2575 
2576 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2577 	if (!skb)
2578 		return -ENOMEM;
2579 
2580 	cmd = (struct wmi_dfs_phyerr_offload_cmd *)skb->data;
2581 	cmd->tlv_header =
2582 		FIELD_PREP(WMI_TLV_TAG,
2583 			   WMI_TAG_PDEV_DFS_PHYERR_OFFLOAD_ENABLE_CMD) |
2584 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2585 
2586 	cmd->pdev_id = pdev_id;
2587 
2588 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2589 		   "WMI dfs phy err offload enable pdev id %d\n", pdev_id);
2590 
2591 	ret = ath11k_wmi_cmd_send(wmi, skb,
2592 				  WMI_PDEV_DFS_PHYERR_OFFLOAD_ENABLE_CMDID);
2593 	if (ret) {
2594 		ath11k_warn(ar->ab,
2595 			    "failed to send WMI_PDEV_DFS_PHYERR_OFFLOAD_ENABLE cmd\n");
2596 		dev_kfree_skb(skb);
2597 	}
2598 
2599 	return ret;
2600 }
2601 
2602 int ath11k_wmi_delba_send(struct ath11k *ar, u32 vdev_id, const u8 *mac,
2603 			  u32 tid, u32 initiator, u32 reason)
2604 {
2605 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2606 	struct wmi_delba_send_cmd *cmd;
2607 	struct sk_buff *skb;
2608 	int ret;
2609 
2610 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2611 	if (!skb)
2612 		return -ENOMEM;
2613 
2614 	cmd = (struct wmi_delba_send_cmd *)skb->data;
2615 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_DELBA_SEND_CMD) |
2616 			FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2617 	cmd->vdev_id = vdev_id;
2618 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2619 	cmd->tid = tid;
2620 	cmd->initiator = initiator;
2621 	cmd->reasoncode = reason;
2622 
2623 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2624 		   "wmi delba send vdev_id 0x%X mac_addr %pM tid %u initiator %u reason %u\n",
2625 		   vdev_id, mac, tid, initiator, reason);
2626 
2627 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_DELBA_SEND_CMDID);
2628 
2629 	if (ret) {
2630 		ath11k_warn(ar->ab,
2631 			    "failed to send WMI_DELBA_SEND_CMDID cmd\n");
2632 		dev_kfree_skb(skb);
2633 	}
2634 
2635 	return ret;
2636 }
2637 
2638 int ath11k_wmi_addba_set_resp(struct ath11k *ar, u32 vdev_id, const u8 *mac,
2639 			      u32 tid, u32 status)
2640 {
2641 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2642 	struct wmi_addba_setresponse_cmd *cmd;
2643 	struct sk_buff *skb;
2644 	int ret;
2645 
2646 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2647 	if (!skb)
2648 		return -ENOMEM;
2649 
2650 	cmd = (struct wmi_addba_setresponse_cmd *)skb->data;
2651 	cmd->tlv_header =
2652 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ADDBA_SETRESPONSE_CMD) |
2653 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2654 	cmd->vdev_id = vdev_id;
2655 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2656 	cmd->tid = tid;
2657 	cmd->statuscode = status;
2658 
2659 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2660 		   "wmi addba set resp vdev_id 0x%X mac_addr %pM tid %u status %u\n",
2661 		   vdev_id, mac, tid, status);
2662 
2663 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_ADDBA_SET_RESP_CMDID);
2664 
2665 	if (ret) {
2666 		ath11k_warn(ar->ab,
2667 			    "failed to send WMI_ADDBA_SET_RESP_CMDID cmd\n");
2668 		dev_kfree_skb(skb);
2669 	}
2670 
2671 	return ret;
2672 }
2673 
2674 int ath11k_wmi_addba_send(struct ath11k *ar, u32 vdev_id, const u8 *mac,
2675 			  u32 tid, u32 buf_size)
2676 {
2677 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2678 	struct wmi_addba_send_cmd *cmd;
2679 	struct sk_buff *skb;
2680 	int ret;
2681 
2682 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2683 	if (!skb)
2684 		return -ENOMEM;
2685 
2686 	cmd = (struct wmi_addba_send_cmd *)skb->data;
2687 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ADDBA_SEND_CMD) |
2688 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2689 	cmd->vdev_id = vdev_id;
2690 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2691 	cmd->tid = tid;
2692 	cmd->buffersize = buf_size;
2693 
2694 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2695 		   "wmi addba send vdev_id 0x%X mac_addr %pM tid %u bufsize %u\n",
2696 		   vdev_id, mac, tid, buf_size);
2697 
2698 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_ADDBA_SEND_CMDID);
2699 
2700 	if (ret) {
2701 		ath11k_warn(ar->ab,
2702 			    "failed to send WMI_ADDBA_SEND_CMDID cmd\n");
2703 		dev_kfree_skb(skb);
2704 	}
2705 
2706 	return ret;
2707 }
2708 
2709 int ath11k_wmi_addba_clear_resp(struct ath11k *ar, u32 vdev_id, const u8 *mac)
2710 {
2711 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2712 	struct wmi_addba_clear_resp_cmd *cmd;
2713 	struct sk_buff *skb;
2714 	int ret;
2715 
2716 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2717 	if (!skb)
2718 		return -ENOMEM;
2719 
2720 	cmd = (struct wmi_addba_clear_resp_cmd *)skb->data;
2721 	cmd->tlv_header =
2722 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ADDBA_CLEAR_RESP_CMD) |
2723 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2724 	cmd->vdev_id = vdev_id;
2725 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2726 
2727 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2728 		   "wmi addba clear resp vdev_id 0x%X mac_addr %pM\n",
2729 		   vdev_id, mac);
2730 
2731 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_ADDBA_CLEAR_RESP_CMDID);
2732 
2733 	if (ret) {
2734 		ath11k_warn(ar->ab,
2735 			    "failed to send WMI_ADDBA_CLEAR_RESP_CMDID cmd\n");
2736 		dev_kfree_skb(skb);
2737 	}
2738 
2739 	return ret;
2740 }
2741 
2742 int ath11k_wmi_pdev_peer_pktlog_filter(struct ath11k *ar, u8 *addr, u8 enable)
2743 {
2744 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2745 	struct wmi_pdev_pktlog_filter_cmd *cmd;
2746 	struct wmi_pdev_pktlog_filter_info *info;
2747 	struct sk_buff *skb;
2748 	struct wmi_tlv *tlv;
2749 	void *ptr;
2750 	int ret, len;
2751 
2752 	len = sizeof(*cmd) + sizeof(*info) + TLV_HDR_SIZE;
2753 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
2754 	if (!skb)
2755 		return -ENOMEM;
2756 
2757 	cmd = (struct wmi_pdev_pktlog_filter_cmd *)skb->data;
2758 
2759 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_PEER_PKTLOG_FILTER_CMD) |
2760 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2761 
2762 	cmd->pdev_id = DP_HW2SW_MACID(ar->pdev->pdev_id);
2763 	cmd->num_mac = 1;
2764 	cmd->enable = enable;
2765 
2766 	ptr = skb->data + sizeof(*cmd);
2767 
2768 	tlv = ptr;
2769 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
2770 		      FIELD_PREP(WMI_TLV_LEN, sizeof(*info));
2771 
2772 	ptr += TLV_HDR_SIZE;
2773 	info = ptr;
2774 
2775 	ether_addr_copy(info->peer_macaddr.addr, addr);
2776 	info->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_PEER_PKTLOG_FILTER_INFO) |
2777 			   FIELD_PREP(WMI_TLV_LEN,
2778 				      sizeof(*info) - TLV_HDR_SIZE);
2779 
2780 	ret = ath11k_wmi_cmd_send(wmi, skb,
2781 				  WMI_PDEV_PKTLOG_FILTER_CMDID);
2782 	if (ret) {
2783 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_PKTLOG_ENABLE_CMDID\n");
2784 		dev_kfree_skb(skb);
2785 	}
2786 
2787 	return ret;
2788 }
2789 
2790 int
2791 ath11k_wmi_send_init_country_cmd(struct ath11k *ar,
2792 				 struct wmi_init_country_params init_cc_params)
2793 {
2794 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2795 	struct wmi_init_country_cmd *cmd;
2796 	struct sk_buff *skb;
2797 	int ret;
2798 
2799 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2800 	if (!skb)
2801 		return -ENOMEM;
2802 
2803 	cmd = (struct wmi_init_country_cmd *)skb->data;
2804 	cmd->tlv_header =
2805 		FIELD_PREP(WMI_TLV_TAG,
2806 			   WMI_TAG_SET_INIT_COUNTRY_CMD) |
2807 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2808 
2809 	cmd->pdev_id = ar->pdev->pdev_id;
2810 
2811 	switch (init_cc_params.flags) {
2812 	case ALPHA_IS_SET:
2813 		cmd->init_cc_type = WMI_COUNTRY_INFO_TYPE_ALPHA;
2814 		memcpy((u8 *)&cmd->cc_info.alpha2,
2815 		       init_cc_params.cc_info.alpha2, 3);
2816 		break;
2817 	case CC_IS_SET:
2818 		cmd->init_cc_type = WMI_COUNTRY_INFO_TYPE_COUNTRY_CODE;
2819 		cmd->cc_info.country_code = init_cc_params.cc_info.country_code;
2820 		break;
2821 	case REGDMN_IS_SET:
2822 		cmd->init_cc_type = WMI_COUNTRY_INFO_TYPE_REGDOMAIN;
2823 		cmd->cc_info.regdom_id = init_cc_params.cc_info.regdom_id;
2824 		break;
2825 	default:
2826 		ret = -EINVAL;
2827 		goto out;
2828 	}
2829 
2830 	ret = ath11k_wmi_cmd_send(wmi, skb,
2831 				  WMI_SET_INIT_COUNTRY_CMDID);
2832 
2833 out:
2834 	if (ret) {
2835 		ath11k_warn(ar->ab,
2836 			    "failed to send WMI_SET_INIT_COUNTRY CMD :%d\n",
2837 			    ret);
2838 		dev_kfree_skb(skb);
2839 	}
2840 
2841 	return ret;
2842 }
2843 
2844 int ath11k_wmi_send_set_current_country_cmd(struct ath11k *ar,
2845 					    struct wmi_set_current_country_params *param)
2846 {
2847 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2848 	struct wmi_set_current_country_cmd *cmd;
2849 	struct sk_buff *skb;
2850 	int ret;
2851 
2852 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2853 	if (!skb)
2854 		return -ENOMEM;
2855 
2856 	cmd = (struct wmi_set_current_country_cmd *)skb->data;
2857 	cmd->tlv_header =
2858 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_SET_CURRENT_COUNTRY_CMD) |
2859 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2860 
2861 	cmd->pdev_id = ar->pdev->pdev_id;
2862 	memcpy(&cmd->new_alpha2, &param->alpha2, 3);
2863 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_SET_CURRENT_COUNTRY_CMDID);
2864 
2865 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2866 		   "set current country pdev id %d alpha2 %c%c\n",
2867 		   ar->pdev->pdev_id,
2868 		   param->alpha2[0],
2869 		   param->alpha2[1]);
2870 
2871 	if (ret) {
2872 		ath11k_warn(ar->ab,
2873 			    "failed to send WMI_SET_CURRENT_COUNTRY_CMDID: %d\n", ret);
2874 		dev_kfree_skb(skb);
2875 	}
2876 
2877 	return ret;
2878 }
2879 
2880 int
2881 ath11k_wmi_send_thermal_mitigation_param_cmd(struct ath11k *ar,
2882 					     struct thermal_mitigation_params *param)
2883 {
2884 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2885 	struct wmi_therm_throt_config_request_cmd *cmd;
2886 	struct wmi_therm_throt_level_config_info *lvl_conf;
2887 	struct wmi_tlv *tlv;
2888 	struct sk_buff *skb;
2889 	int i, ret, len;
2890 
2891 	len = sizeof(*cmd) + TLV_HDR_SIZE +
2892 	      THERMAL_LEVELS * sizeof(struct wmi_therm_throt_level_config_info);
2893 
2894 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
2895 	if (!skb)
2896 		return -ENOMEM;
2897 
2898 	cmd = (struct wmi_therm_throt_config_request_cmd *)skb->data;
2899 
2900 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_THERM_THROT_CONFIG_REQUEST) |
2901 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2902 
2903 	cmd->pdev_id = ar->pdev->pdev_id;
2904 	cmd->enable = param->enable;
2905 	cmd->dc = param->dc;
2906 	cmd->dc_per_event = param->dc_per_event;
2907 	cmd->therm_throt_levels = THERMAL_LEVELS;
2908 
2909 	tlv = (struct wmi_tlv *)(skb->data + sizeof(*cmd));
2910 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
2911 		      FIELD_PREP(WMI_TLV_LEN,
2912 				 (THERMAL_LEVELS *
2913 				  sizeof(struct wmi_therm_throt_level_config_info)));
2914 
2915 	lvl_conf = (struct wmi_therm_throt_level_config_info *)(skb->data +
2916 								sizeof(*cmd) +
2917 								TLV_HDR_SIZE);
2918 	for (i = 0; i < THERMAL_LEVELS; i++) {
2919 		lvl_conf->tlv_header =
2920 			FIELD_PREP(WMI_TLV_TAG, WMI_TAG_THERM_THROT_LEVEL_CONFIG_INFO) |
2921 			FIELD_PREP(WMI_TLV_LEN, sizeof(*lvl_conf) - TLV_HDR_SIZE);
2922 
2923 		lvl_conf->temp_lwm = param->levelconf[i].tmplwm;
2924 		lvl_conf->temp_hwm = param->levelconf[i].tmphwm;
2925 		lvl_conf->dc_off_percent = param->levelconf[i].dcoffpercent;
2926 		lvl_conf->prio = param->levelconf[i].priority;
2927 		lvl_conf++;
2928 	}
2929 
2930 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_THERM_THROT_SET_CONF_CMDID);
2931 	if (ret) {
2932 		ath11k_warn(ar->ab, "failed to send THERM_THROT_SET_CONF cmd\n");
2933 		dev_kfree_skb(skb);
2934 	}
2935 
2936 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2937 		   "WMI vdev set thermal throt pdev_id %d enable %d dc %d dc_per_event %x levels %d\n",
2938 		   ar->pdev->pdev_id, param->enable, param->dc,
2939 		   param->dc_per_event, THERMAL_LEVELS);
2940 
2941 	return ret;
2942 }
2943 
2944 int ath11k_wmi_send_11d_scan_start_cmd(struct ath11k *ar,
2945 				       struct wmi_11d_scan_start_params *param)
2946 {
2947 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2948 	struct wmi_11d_scan_start_cmd *cmd;
2949 	struct sk_buff *skb;
2950 	int ret;
2951 
2952 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2953 	if (!skb)
2954 		return -ENOMEM;
2955 
2956 	cmd = (struct wmi_11d_scan_start_cmd *)skb->data;
2957 	cmd->tlv_header =
2958 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_11D_SCAN_START_CMD) |
2959 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2960 
2961 	cmd->vdev_id = param->vdev_id;
2962 	cmd->scan_period_msec = param->scan_period_msec;
2963 	cmd->start_interval_msec = param->start_interval_msec;
2964 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_11D_SCAN_START_CMDID);
2965 
2966 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2967 		   "send 11d scan start vdev id %d period %d ms internal %d ms\n",
2968 		   cmd->vdev_id,
2969 		   cmd->scan_period_msec,
2970 		   cmd->start_interval_msec);
2971 
2972 	if (ret) {
2973 		ath11k_warn(ar->ab,
2974 			    "failed to send WMI_11D_SCAN_START_CMDID: %d\n", ret);
2975 		dev_kfree_skb(skb);
2976 	}
2977 
2978 	return ret;
2979 }
2980 
2981 int ath11k_wmi_send_11d_scan_stop_cmd(struct ath11k *ar, u32 vdev_id)
2982 {
2983 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2984 	struct wmi_11d_scan_stop_cmd *cmd;
2985 	struct sk_buff *skb;
2986 	int ret;
2987 
2988 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2989 	if (!skb)
2990 		return -ENOMEM;
2991 
2992 	cmd = (struct wmi_11d_scan_stop_cmd *)skb->data;
2993 	cmd->tlv_header =
2994 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_11D_SCAN_STOP_CMD) |
2995 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2996 
2997 	cmd->vdev_id = vdev_id;
2998 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_11D_SCAN_STOP_CMDID);
2999 
3000 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3001 		   "send 11d scan stop vdev id %d\n",
3002 		   cmd->vdev_id);
3003 
3004 	if (ret) {
3005 		ath11k_warn(ar->ab,
3006 			    "failed to send WMI_11D_SCAN_STOP_CMDID: %d\n", ret);
3007 		dev_kfree_skb(skb);
3008 	}
3009 
3010 	return ret;
3011 }
3012 
3013 int ath11k_wmi_pdev_pktlog_enable(struct ath11k *ar, u32 pktlog_filter)
3014 {
3015 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3016 	struct wmi_pktlog_enable_cmd *cmd;
3017 	struct sk_buff *skb;
3018 	int ret;
3019 
3020 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
3021 	if (!skb)
3022 		return -ENOMEM;
3023 
3024 	cmd = (struct wmi_pktlog_enable_cmd *)skb->data;
3025 
3026 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_PKTLOG_ENABLE_CMD) |
3027 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3028 
3029 	cmd->pdev_id = DP_HW2SW_MACID(ar->pdev->pdev_id);
3030 	cmd->evlist = pktlog_filter;
3031 	cmd->enable = ATH11K_WMI_PKTLOG_ENABLE_FORCE;
3032 
3033 	ret = ath11k_wmi_cmd_send(wmi, skb,
3034 				  WMI_PDEV_PKTLOG_ENABLE_CMDID);
3035 	if (ret) {
3036 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_PKTLOG_ENABLE_CMDID\n");
3037 		dev_kfree_skb(skb);
3038 	}
3039 
3040 	return ret;
3041 }
3042 
3043 int ath11k_wmi_pdev_pktlog_disable(struct ath11k *ar)
3044 {
3045 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3046 	struct wmi_pktlog_disable_cmd *cmd;
3047 	struct sk_buff *skb;
3048 	int ret;
3049 
3050 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
3051 	if (!skb)
3052 		return -ENOMEM;
3053 
3054 	cmd = (struct wmi_pktlog_disable_cmd *)skb->data;
3055 
3056 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_PKTLOG_DISABLE_CMD) |
3057 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3058 
3059 	cmd->pdev_id = DP_HW2SW_MACID(ar->pdev->pdev_id);
3060 
3061 	ret = ath11k_wmi_cmd_send(wmi, skb,
3062 				  WMI_PDEV_PKTLOG_DISABLE_CMDID);
3063 	if (ret) {
3064 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_PKTLOG_ENABLE_CMDID\n");
3065 		dev_kfree_skb(skb);
3066 	}
3067 
3068 	return ret;
3069 }
3070 
3071 int
3072 ath11k_wmi_send_twt_enable_cmd(struct ath11k *ar, u32 pdev_id)
3073 {
3074 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3075 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3076 	struct wmi_twt_enable_params_cmd *cmd;
3077 	struct sk_buff *skb;
3078 	int ret, len;
3079 
3080 	len = sizeof(*cmd);
3081 
3082 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3083 	if (!skb)
3084 		return -ENOMEM;
3085 
3086 	cmd = (struct wmi_twt_enable_params_cmd *)skb->data;
3087 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_TWT_ENABLE_CMD) |
3088 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3089 	cmd->pdev_id = pdev_id;
3090 	cmd->sta_cong_timer_ms = ATH11K_TWT_DEF_STA_CONG_TIMER_MS;
3091 	cmd->default_slot_size = ATH11K_TWT_DEF_DEFAULT_SLOT_SIZE;
3092 	cmd->congestion_thresh_setup = ATH11K_TWT_DEF_CONGESTION_THRESH_SETUP;
3093 	cmd->congestion_thresh_teardown =
3094 		ATH11K_TWT_DEF_CONGESTION_THRESH_TEARDOWN;
3095 	cmd->congestion_thresh_critical =
3096 		ATH11K_TWT_DEF_CONGESTION_THRESH_CRITICAL;
3097 	cmd->interference_thresh_teardown =
3098 		ATH11K_TWT_DEF_INTERFERENCE_THRESH_TEARDOWN;
3099 	cmd->interference_thresh_setup =
3100 		ATH11K_TWT_DEF_INTERFERENCE_THRESH_SETUP;
3101 	cmd->min_no_sta_setup = ATH11K_TWT_DEF_MIN_NO_STA_SETUP;
3102 	cmd->min_no_sta_teardown = ATH11K_TWT_DEF_MIN_NO_STA_TEARDOWN;
3103 	cmd->no_of_bcast_mcast_slots = ATH11K_TWT_DEF_NO_OF_BCAST_MCAST_SLOTS;
3104 	cmd->min_no_twt_slots = ATH11K_TWT_DEF_MIN_NO_TWT_SLOTS;
3105 	cmd->max_no_sta_twt = ATH11K_TWT_DEF_MAX_NO_STA_TWT;
3106 	cmd->mode_check_interval = ATH11K_TWT_DEF_MODE_CHECK_INTERVAL;
3107 	cmd->add_sta_slot_interval = ATH11K_TWT_DEF_ADD_STA_SLOT_INTERVAL;
3108 	cmd->remove_sta_slot_interval =
3109 		ATH11K_TWT_DEF_REMOVE_STA_SLOT_INTERVAL;
3110 	/* TODO add MBSSID support */
3111 	cmd->mbss_support = 0;
3112 
3113 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_ENABLE_CMDID);
3114 	if (ret) {
3115 		ath11k_warn(ab, "Failed to send WMI_TWT_ENABLE_CMDID");
3116 		dev_kfree_skb(skb);
3117 	} else {
3118 		ar->twt_enabled = 1;
3119 	}
3120 	return ret;
3121 }
3122 
3123 int
3124 ath11k_wmi_send_twt_disable_cmd(struct ath11k *ar, u32 pdev_id)
3125 {
3126 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3127 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3128 	struct wmi_twt_disable_params_cmd *cmd;
3129 	struct sk_buff *skb;
3130 	int ret, len;
3131 
3132 	len = sizeof(*cmd);
3133 
3134 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3135 	if (!skb)
3136 		return -ENOMEM;
3137 
3138 	cmd = (struct wmi_twt_disable_params_cmd *)skb->data;
3139 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_TWT_DISABLE_CMD) |
3140 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3141 	cmd->pdev_id = pdev_id;
3142 
3143 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_DISABLE_CMDID);
3144 	if (ret) {
3145 		ath11k_warn(ab, "Failed to send WMI_TWT_DISABLE_CMDID");
3146 		dev_kfree_skb(skb);
3147 	} else {
3148 		ar->twt_enabled = 0;
3149 	}
3150 	return ret;
3151 }
3152 
3153 int ath11k_wmi_send_twt_add_dialog_cmd(struct ath11k *ar,
3154 				       struct wmi_twt_add_dialog_params *params)
3155 {
3156 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3157 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3158 	struct wmi_twt_add_dialog_params_cmd *cmd;
3159 	struct sk_buff *skb;
3160 	int ret, len;
3161 
3162 	len = sizeof(*cmd);
3163 
3164 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3165 	if (!skb)
3166 		return -ENOMEM;
3167 
3168 	cmd = (struct wmi_twt_add_dialog_params_cmd *)skb->data;
3169 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_TWT_ADD_DIALOG_CMD) |
3170 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3171 
3172 	cmd->vdev_id = params->vdev_id;
3173 	ether_addr_copy(cmd->peer_macaddr.addr, params->peer_macaddr);
3174 	cmd->dialog_id = params->dialog_id;
3175 	cmd->wake_intvl_us = params->wake_intvl_us;
3176 	cmd->wake_intvl_mantis = params->wake_intvl_mantis;
3177 	cmd->wake_dura_us = params->wake_dura_us;
3178 	cmd->sp_offset_us = params->sp_offset_us;
3179 	cmd->flags = params->twt_cmd;
3180 	if (params->flag_bcast)
3181 		cmd->flags |= WMI_TWT_ADD_DIALOG_FLAG_BCAST;
3182 	if (params->flag_trigger)
3183 		cmd->flags |= WMI_TWT_ADD_DIALOG_FLAG_TRIGGER;
3184 	if (params->flag_flow_type)
3185 		cmd->flags |= WMI_TWT_ADD_DIALOG_FLAG_FLOW_TYPE;
3186 	if (params->flag_protection)
3187 		cmd->flags |= WMI_TWT_ADD_DIALOG_FLAG_PROTECTION;
3188 
3189 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3190 		   "wmi add twt dialog vdev %u dialog id %u wake interval %u mantissa %u wake duration %u service period offset %u flags 0x%x\n",
3191 		   cmd->vdev_id, cmd->dialog_id, cmd->wake_intvl_us,
3192 		   cmd->wake_intvl_mantis, cmd->wake_dura_us, cmd->sp_offset_us,
3193 		   cmd->flags);
3194 
3195 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_ADD_DIALOG_CMDID);
3196 
3197 	if (ret) {
3198 		ath11k_warn(ab,
3199 			    "failed to send wmi command to add twt dialog: %d",
3200 			    ret);
3201 		dev_kfree_skb(skb);
3202 	}
3203 	return ret;
3204 }
3205 
3206 int ath11k_wmi_send_twt_del_dialog_cmd(struct ath11k *ar,
3207 				       struct wmi_twt_del_dialog_params *params)
3208 {
3209 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3210 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3211 	struct wmi_twt_del_dialog_params_cmd *cmd;
3212 	struct sk_buff *skb;
3213 	int ret, len;
3214 
3215 	len = sizeof(*cmd);
3216 
3217 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3218 	if (!skb)
3219 		return -ENOMEM;
3220 
3221 	cmd = (struct wmi_twt_del_dialog_params_cmd *)skb->data;
3222 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_TWT_DEL_DIALOG_CMD) |
3223 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3224 
3225 	cmd->vdev_id = params->vdev_id;
3226 	ether_addr_copy(cmd->peer_macaddr.addr, params->peer_macaddr);
3227 	cmd->dialog_id = params->dialog_id;
3228 
3229 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3230 		   "wmi delete twt dialog vdev %u dialog id %u\n",
3231 		   cmd->vdev_id, cmd->dialog_id);
3232 
3233 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_DEL_DIALOG_CMDID);
3234 	if (ret) {
3235 		ath11k_warn(ab,
3236 			    "failed to send wmi command to delete twt dialog: %d",
3237 			    ret);
3238 		dev_kfree_skb(skb);
3239 	}
3240 	return ret;
3241 }
3242 
3243 int ath11k_wmi_send_twt_pause_dialog_cmd(struct ath11k *ar,
3244 					 struct wmi_twt_pause_dialog_params *params)
3245 {
3246 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3247 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3248 	struct wmi_twt_pause_dialog_params_cmd *cmd;
3249 	struct sk_buff *skb;
3250 	int ret, len;
3251 
3252 	len = sizeof(*cmd);
3253 
3254 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3255 	if (!skb)
3256 		return -ENOMEM;
3257 
3258 	cmd = (struct wmi_twt_pause_dialog_params_cmd *)skb->data;
3259 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3260 				     WMI_TAG_TWT_PAUSE_DIALOG_CMD) |
3261 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3262 
3263 	cmd->vdev_id = params->vdev_id;
3264 	ether_addr_copy(cmd->peer_macaddr.addr, params->peer_macaddr);
3265 	cmd->dialog_id = params->dialog_id;
3266 
3267 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3268 		   "wmi pause twt dialog vdev %u dialog id %u\n",
3269 		   cmd->vdev_id, cmd->dialog_id);
3270 
3271 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_PAUSE_DIALOG_CMDID);
3272 	if (ret) {
3273 		ath11k_warn(ab,
3274 			    "failed to send wmi command to pause twt dialog: %d",
3275 			    ret);
3276 		dev_kfree_skb(skb);
3277 	}
3278 	return ret;
3279 }
3280 
3281 int ath11k_wmi_send_twt_resume_dialog_cmd(struct ath11k *ar,
3282 					  struct wmi_twt_resume_dialog_params *params)
3283 {
3284 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3285 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3286 	struct wmi_twt_resume_dialog_params_cmd *cmd;
3287 	struct sk_buff *skb;
3288 	int ret, len;
3289 
3290 	len = sizeof(*cmd);
3291 
3292 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3293 	if (!skb)
3294 		return -ENOMEM;
3295 
3296 	cmd = (struct wmi_twt_resume_dialog_params_cmd *)skb->data;
3297 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3298 				     WMI_TAG_TWT_RESUME_DIALOG_CMD) |
3299 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3300 
3301 	cmd->vdev_id = params->vdev_id;
3302 	ether_addr_copy(cmd->peer_macaddr.addr, params->peer_macaddr);
3303 	cmd->dialog_id = params->dialog_id;
3304 	cmd->sp_offset_us = params->sp_offset_us;
3305 	cmd->next_twt_size = params->next_twt_size;
3306 
3307 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3308 		   "wmi resume twt dialog vdev %u dialog id %u service period offset %u next twt subfield size %u\n",
3309 		   cmd->vdev_id, cmd->dialog_id, cmd->sp_offset_us,
3310 		   cmd->next_twt_size);
3311 
3312 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_RESUME_DIALOG_CMDID);
3313 	if (ret) {
3314 		ath11k_warn(ab,
3315 			    "failed to send wmi command to resume twt dialog: %d",
3316 			    ret);
3317 		dev_kfree_skb(skb);
3318 	}
3319 	return ret;
3320 }
3321 
3322 int
3323 ath11k_wmi_send_obss_spr_cmd(struct ath11k *ar, u32 vdev_id,
3324 			     struct ieee80211_he_obss_pd *he_obss_pd)
3325 {
3326 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3327 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3328 	struct wmi_obss_spatial_reuse_params_cmd *cmd;
3329 	struct sk_buff *skb;
3330 	int ret, len;
3331 
3332 	len = sizeof(*cmd);
3333 
3334 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3335 	if (!skb)
3336 		return -ENOMEM;
3337 
3338 	cmd = (struct wmi_obss_spatial_reuse_params_cmd *)skb->data;
3339 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3340 				     WMI_TAG_OBSS_SPATIAL_REUSE_SET_CMD) |
3341 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3342 	cmd->vdev_id = vdev_id;
3343 	cmd->enable = he_obss_pd->enable;
3344 	cmd->obss_min = he_obss_pd->min_offset;
3345 	cmd->obss_max = he_obss_pd->max_offset;
3346 
3347 	ret = ath11k_wmi_cmd_send(wmi, skb,
3348 				  WMI_PDEV_OBSS_PD_SPATIAL_REUSE_CMDID);
3349 	if (ret) {
3350 		ath11k_warn(ab,
3351 			    "Failed to send WMI_PDEV_OBSS_PD_SPATIAL_REUSE_CMDID");
3352 		dev_kfree_skb(skb);
3353 	}
3354 	return ret;
3355 }
3356 
3357 int
3358 ath11k_wmi_pdev_set_srg_bss_color_bitmap(struct ath11k *ar, u32 *bitmap)
3359 {
3360 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3361 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3362 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3363 	struct sk_buff *skb;
3364 	int ret, len;
3365 
3366 	len = sizeof(*cmd);
3367 
3368 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3369 	if (!skb)
3370 		return -ENOMEM;
3371 
3372 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3373 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3374 				     WMI_TAG_PDEV_SRG_BSS_COLOR_BITMAP_CMD) |
3375 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3376 	cmd->pdev_id = ar->pdev->pdev_id;
3377 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3378 
3379 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3380 		   "obss pd pdev_id %d bss color bitmap %08x %08x\n",
3381 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3382 
3383 	ret = ath11k_wmi_cmd_send(wmi, skb,
3384 				  WMI_PDEV_SET_SRG_BSS_COLOR_BITMAP_CMDID);
3385 	if (ret) {
3386 		ath11k_warn(ab,
3387 			    "failed to send WMI_PDEV_SET_SRG_BSS_COLOR_BITMAP_CMDID");
3388 		dev_kfree_skb(skb);
3389 	}
3390 
3391 	return ret;
3392 }
3393 
3394 int
3395 ath11k_wmi_pdev_set_srg_patial_bssid_bitmap(struct ath11k *ar, u32 *bitmap)
3396 {
3397 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3398 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3399 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3400 	struct sk_buff *skb;
3401 	int ret, len;
3402 
3403 	len = sizeof(*cmd);
3404 
3405 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3406 	if (!skb)
3407 		return -ENOMEM;
3408 
3409 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3410 	cmd->tlv_header =
3411 		FIELD_PREP(WMI_TLV_TAG,
3412 			   WMI_TAG_PDEV_SRG_PARTIAL_BSSID_BITMAP_CMD) |
3413 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3414 	cmd->pdev_id = ar->pdev->pdev_id;
3415 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3416 
3417 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3418 		   "obss pd pdev_id %d partial bssid bitmap %08x %08x\n",
3419 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3420 
3421 	ret = ath11k_wmi_cmd_send(wmi, skb,
3422 				  WMI_PDEV_SET_SRG_PARTIAL_BSSID_BITMAP_CMDID);
3423 	if (ret) {
3424 		ath11k_warn(ab,
3425 			    "failed to send WMI_PDEV_SET_SRG_PARTIAL_BSSID_BITMAP_CMDID");
3426 		dev_kfree_skb(skb);
3427 	}
3428 
3429 	return ret;
3430 }
3431 
3432 int
3433 ath11k_wmi_pdev_srg_obss_color_enable_bitmap(struct ath11k *ar, u32 *bitmap)
3434 {
3435 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3436 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3437 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3438 	struct sk_buff *skb;
3439 	int ret, len;
3440 
3441 	len = sizeof(*cmd);
3442 
3443 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3444 	if (!skb)
3445 		return -ENOMEM;
3446 
3447 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3448 	cmd->tlv_header =
3449 		FIELD_PREP(WMI_TLV_TAG,
3450 			   WMI_TAG_PDEV_SRG_OBSS_COLOR_ENABLE_BITMAP_CMD) |
3451 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3452 	cmd->pdev_id = ar->pdev->pdev_id;
3453 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3454 
3455 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3456 		   "obss pd srg pdev_id %d bss color enable bitmap %08x %08x\n",
3457 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3458 
3459 	ret = ath11k_wmi_cmd_send(wmi, skb,
3460 				  WMI_PDEV_SET_SRG_OBSS_COLOR_ENABLE_BITMAP_CMDID);
3461 	if (ret) {
3462 		ath11k_warn(ab,
3463 			    "failed to send WMI_PDEV_SET_SRG_OBSS_COLOR_ENABLE_BITMAP_CMDID");
3464 		dev_kfree_skb(skb);
3465 	}
3466 
3467 	return ret;
3468 }
3469 
3470 int
3471 ath11k_wmi_pdev_srg_obss_bssid_enable_bitmap(struct ath11k *ar, u32 *bitmap)
3472 {
3473 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3474 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3475 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3476 	struct sk_buff *skb;
3477 	int ret, len;
3478 
3479 	len = sizeof(*cmd);
3480 
3481 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3482 	if (!skb)
3483 		return -ENOMEM;
3484 
3485 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3486 	cmd->tlv_header =
3487 		FIELD_PREP(WMI_TLV_TAG,
3488 			   WMI_TAG_PDEV_SRG_OBSS_BSSID_ENABLE_BITMAP_CMD) |
3489 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3490 	cmd->pdev_id = ar->pdev->pdev_id;
3491 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3492 
3493 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3494 		   "obss pd srg pdev_id %d bssid enable bitmap %08x %08x\n",
3495 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3496 
3497 	ret = ath11k_wmi_cmd_send(wmi, skb,
3498 				  WMI_PDEV_SET_SRG_OBSS_BSSID_ENABLE_BITMAP_CMDID);
3499 	if (ret) {
3500 		ath11k_warn(ab,
3501 			    "failed to send WMI_PDEV_SET_SRG_OBSS_BSSID_ENABLE_BITMAP_CMDID");
3502 		dev_kfree_skb(skb);
3503 	}
3504 
3505 	return ret;
3506 }
3507 
3508 int
3509 ath11k_wmi_pdev_non_srg_obss_color_enable_bitmap(struct ath11k *ar, u32 *bitmap)
3510 {
3511 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3512 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3513 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3514 	struct sk_buff *skb;
3515 	int ret, len;
3516 
3517 	len = sizeof(*cmd);
3518 
3519 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3520 	if (!skb)
3521 		return -ENOMEM;
3522 
3523 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3524 	cmd->tlv_header =
3525 		FIELD_PREP(WMI_TLV_TAG,
3526 			   WMI_TAG_PDEV_NON_SRG_OBSS_COLOR_ENABLE_BITMAP_CMD) |
3527 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3528 	cmd->pdev_id = ar->pdev->pdev_id;
3529 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3530 
3531 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3532 		   "obss pd non_srg pdev_id %d bss color enable bitmap %08x %08x\n",
3533 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3534 
3535 	ret = ath11k_wmi_cmd_send(wmi, skb,
3536 				  WMI_PDEV_SET_NON_SRG_OBSS_COLOR_ENABLE_BITMAP_CMDID);
3537 	if (ret) {
3538 		ath11k_warn(ab,
3539 			    "failed to send WMI_PDEV_SET_NON_SRG_OBSS_COLOR_ENABLE_BITMAP_CMDID");
3540 		dev_kfree_skb(skb);
3541 	}
3542 
3543 	return ret;
3544 }
3545 
3546 int
3547 ath11k_wmi_pdev_non_srg_obss_bssid_enable_bitmap(struct ath11k *ar, u32 *bitmap)
3548 {
3549 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3550 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3551 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3552 	struct sk_buff *skb;
3553 	int ret, len;
3554 
3555 	len = sizeof(*cmd);
3556 
3557 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3558 	if (!skb)
3559 		return -ENOMEM;
3560 
3561 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3562 	cmd->tlv_header =
3563 		FIELD_PREP(WMI_TLV_TAG,
3564 			   WMI_TAG_PDEV_NON_SRG_OBSS_BSSID_ENABLE_BITMAP_CMD) |
3565 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3566 	cmd->pdev_id = ar->pdev->pdev_id;
3567 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3568 
3569 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3570 		   "obss pd non_srg pdev_id %d bssid enable bitmap %08x %08x\n",
3571 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3572 
3573 	ret = ath11k_wmi_cmd_send(wmi, skb,
3574 				  WMI_PDEV_SET_NON_SRG_OBSS_BSSID_ENABLE_BITMAP_CMDID);
3575 	if (ret) {
3576 		ath11k_warn(ab,
3577 			    "failed to send WMI_PDEV_SET_NON_SRG_OBSS_BSSID_ENABLE_BITMAP_CMDID");
3578 		dev_kfree_skb(skb);
3579 	}
3580 
3581 	return ret;
3582 }
3583 
3584 int
3585 ath11k_wmi_send_obss_color_collision_cfg_cmd(struct ath11k *ar, u32 vdev_id,
3586 					     u8 bss_color, u32 period,
3587 					     bool enable)
3588 {
3589 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3590 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3591 	struct wmi_obss_color_collision_cfg_params_cmd *cmd;
3592 	struct sk_buff *skb;
3593 	int ret, len;
3594 
3595 	len = sizeof(*cmd);
3596 
3597 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3598 	if (!skb)
3599 		return -ENOMEM;
3600 
3601 	cmd = (struct wmi_obss_color_collision_cfg_params_cmd *)skb->data;
3602 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3603 				     WMI_TAG_OBSS_COLOR_COLLISION_DET_CONFIG) |
3604 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3605 	cmd->vdev_id = vdev_id;
3606 	cmd->evt_type = enable ? ATH11K_OBSS_COLOR_COLLISION_DETECTION :
3607 				 ATH11K_OBSS_COLOR_COLLISION_DETECTION_DISABLE;
3608 	cmd->current_bss_color = bss_color;
3609 	cmd->detection_period_ms = period;
3610 	cmd->scan_period_ms = ATH11K_BSS_COLOR_COLLISION_SCAN_PERIOD_MS;
3611 	cmd->free_slot_expiry_time_ms = 0;
3612 	cmd->flags = 0;
3613 
3614 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3615 		   "wmi_send_obss_color_collision_cfg id %d type %d bss_color %d detect_period %d scan_period %d\n",
3616 		   cmd->vdev_id, cmd->evt_type, cmd->current_bss_color,
3617 		   cmd->detection_period_ms, cmd->scan_period_ms);
3618 
3619 	ret = ath11k_wmi_cmd_send(wmi, skb,
3620 				  WMI_OBSS_COLOR_COLLISION_DET_CONFIG_CMDID);
3621 	if (ret) {
3622 		ath11k_warn(ab, "Failed to send WMI_OBSS_COLOR_COLLISION_DET_CONFIG_CMDID");
3623 		dev_kfree_skb(skb);
3624 	}
3625 	return ret;
3626 }
3627 
3628 int ath11k_wmi_send_bss_color_change_enable_cmd(struct ath11k *ar, u32 vdev_id,
3629 						bool enable)
3630 {
3631 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3632 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3633 	struct wmi_bss_color_change_enable_params_cmd *cmd;
3634 	struct sk_buff *skb;
3635 	int ret, len;
3636 
3637 	len = sizeof(*cmd);
3638 
3639 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3640 	if (!skb)
3641 		return -ENOMEM;
3642 
3643 	cmd = (struct wmi_bss_color_change_enable_params_cmd *)skb->data;
3644 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_BSS_COLOR_CHANGE_ENABLE) |
3645 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3646 	cmd->vdev_id = vdev_id;
3647 	cmd->enable = enable ? 1 : 0;
3648 
3649 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3650 		   "wmi_send_bss_color_change_enable id %d enable %d\n",
3651 		   cmd->vdev_id, cmd->enable);
3652 
3653 	ret = ath11k_wmi_cmd_send(wmi, skb,
3654 				  WMI_BSS_COLOR_CHANGE_ENABLE_CMDID);
3655 	if (ret) {
3656 		ath11k_warn(ab, "Failed to send WMI_BSS_COLOR_CHANGE_ENABLE_CMDID");
3657 		dev_kfree_skb(skb);
3658 	}
3659 	return ret;
3660 }
3661 
3662 int ath11k_wmi_fils_discovery_tmpl(struct ath11k *ar, u32 vdev_id,
3663 				   struct sk_buff *tmpl)
3664 {
3665 	struct wmi_tlv *tlv;
3666 	struct sk_buff *skb;
3667 	void *ptr;
3668 	int ret, len;
3669 	size_t aligned_len;
3670 	struct wmi_fils_discovery_tmpl_cmd *cmd;
3671 
3672 	aligned_len = roundup(tmpl->len, 4);
3673 	len = sizeof(*cmd) + TLV_HDR_SIZE + aligned_len;
3674 
3675 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3676 		   "WMI vdev %i set FILS discovery template\n", vdev_id);
3677 
3678 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
3679 	if (!skb)
3680 		return -ENOMEM;
3681 
3682 	cmd = (struct wmi_fils_discovery_tmpl_cmd *)skb->data;
3683 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3684 				     WMI_TAG_FILS_DISCOVERY_TMPL_CMD) |
3685 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3686 	cmd->vdev_id = vdev_id;
3687 	cmd->buf_len = tmpl->len;
3688 	ptr = skb->data + sizeof(*cmd);
3689 
3690 	tlv = ptr;
3691 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
3692 		      FIELD_PREP(WMI_TLV_LEN, aligned_len);
3693 	memcpy(tlv->value, tmpl->data, tmpl->len);
3694 
3695 	ret = ath11k_wmi_cmd_send(ar->wmi, skb, WMI_FILS_DISCOVERY_TMPL_CMDID);
3696 	if (ret) {
3697 		ath11k_warn(ar->ab,
3698 			    "WMI vdev %i failed to send FILS discovery template command\n",
3699 			    vdev_id);
3700 		dev_kfree_skb(skb);
3701 	}
3702 	return ret;
3703 }
3704 
3705 int ath11k_wmi_probe_resp_tmpl(struct ath11k *ar, u32 vdev_id,
3706 			       struct sk_buff *tmpl)
3707 {
3708 	struct wmi_probe_tmpl_cmd *cmd;
3709 	struct wmi_bcn_prb_info *probe_info;
3710 	struct wmi_tlv *tlv;
3711 	struct sk_buff *skb;
3712 	void *ptr;
3713 	int ret, len;
3714 	size_t aligned_len = roundup(tmpl->len, 4);
3715 
3716 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3717 		   "WMI vdev %i set probe response template\n", vdev_id);
3718 
3719 	len = sizeof(*cmd) + sizeof(*probe_info) + TLV_HDR_SIZE + aligned_len;
3720 
3721 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
3722 	if (!skb)
3723 		return -ENOMEM;
3724 
3725 	cmd = (struct wmi_probe_tmpl_cmd *)skb->data;
3726 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PRB_TMPL_CMD) |
3727 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3728 	cmd->vdev_id = vdev_id;
3729 	cmd->buf_len = tmpl->len;
3730 
3731 	ptr = skb->data + sizeof(*cmd);
3732 
3733 	probe_info = ptr;
3734 	len = sizeof(*probe_info);
3735 	probe_info->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3736 					    WMI_TAG_BCN_PRB_INFO) |
3737 				 FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3738 	probe_info->caps = 0;
3739 	probe_info->erp = 0;
3740 
3741 	ptr += sizeof(*probe_info);
3742 
3743 	tlv = ptr;
3744 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
3745 		      FIELD_PREP(WMI_TLV_LEN, aligned_len);
3746 	memcpy(tlv->value, tmpl->data, tmpl->len);
3747 
3748 	ret = ath11k_wmi_cmd_send(ar->wmi, skb, WMI_PRB_TMPL_CMDID);
3749 	if (ret) {
3750 		ath11k_warn(ar->ab,
3751 			    "WMI vdev %i failed to send probe response template command\n",
3752 			    vdev_id);
3753 		dev_kfree_skb(skb);
3754 	}
3755 	return ret;
3756 }
3757 
3758 int ath11k_wmi_fils_discovery(struct ath11k *ar, u32 vdev_id, u32 interval,
3759 			      bool unsol_bcast_probe_resp_enabled)
3760 {
3761 	struct sk_buff *skb;
3762 	int ret, len;
3763 	struct wmi_fils_discovery_cmd *cmd;
3764 
3765 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3766 		   "WMI vdev %i set %s interval to %u TU\n",
3767 		   vdev_id, unsol_bcast_probe_resp_enabled ?
3768 		   "unsolicited broadcast probe response" : "FILS discovery",
3769 		   interval);
3770 
3771 	len = sizeof(*cmd);
3772 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
3773 	if (!skb)
3774 		return -ENOMEM;
3775 
3776 	cmd = (struct wmi_fils_discovery_cmd *)skb->data;
3777 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ENABLE_FILS_CMD) |
3778 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3779 	cmd->vdev_id = vdev_id;
3780 	cmd->interval = interval;
3781 	cmd->config = unsol_bcast_probe_resp_enabled;
3782 
3783 	ret = ath11k_wmi_cmd_send(ar->wmi, skb, WMI_ENABLE_FILS_CMDID);
3784 	if (ret) {
3785 		ath11k_warn(ar->ab,
3786 			    "WMI vdev %i failed to send FILS discovery enable/disable command\n",
3787 			    vdev_id);
3788 		dev_kfree_skb(skb);
3789 	}
3790 	return ret;
3791 }
3792 
3793 static void
3794 ath11k_wmi_obss_color_collision_event(struct ath11k_base *ab, struct sk_buff *skb)
3795 {
3796 	const void **tb;
3797 	const struct wmi_obss_color_collision_event *ev;
3798 	struct ath11k_vif *arvif;
3799 	int ret;
3800 
3801 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
3802 	if (IS_ERR(tb)) {
3803 		ret = PTR_ERR(tb);
3804 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
3805 		return;
3806 	}
3807 
3808 	rcu_read_lock();
3809 
3810 	ev = tb[WMI_TAG_OBSS_COLOR_COLLISION_EVT];
3811 	if (!ev) {
3812 		ath11k_warn(ab, "failed to fetch obss color collision ev");
3813 		goto exit;
3814 	}
3815 
3816 	arvif = ath11k_mac_get_arvif_by_vdev_id(ab, ev->vdev_id);
3817 	if (!arvif) {
3818 		ath11k_warn(ab, "failed to find arvif with vedv id %d in obss_color_collision_event\n",
3819 			    ev->vdev_id);
3820 		goto exit;
3821 	}
3822 
3823 	switch (ev->evt_type) {
3824 	case WMI_BSS_COLOR_COLLISION_DETECTION:
3825 		ieeee80211_obss_color_collision_notify(arvif->vif, ev->obss_color_bitmap);
3826 		ath11k_dbg(ab, ATH11K_DBG_WMI,
3827 			   "OBSS color collision detected vdev:%d, event:%d, bitmap:%08llx\n",
3828 			   ev->vdev_id, ev->evt_type, ev->obss_color_bitmap);
3829 		break;
3830 	case WMI_BSS_COLOR_COLLISION_DISABLE:
3831 	case WMI_BSS_COLOR_FREE_SLOT_TIMER_EXPIRY:
3832 	case WMI_BSS_COLOR_FREE_SLOT_AVAILABLE:
3833 		break;
3834 	default:
3835 		ath11k_warn(ab, "received unknown obss color collision detection event\n");
3836 	}
3837 
3838 exit:
3839 	kfree(tb);
3840 	rcu_read_unlock();
3841 }
3842 
3843 static void
3844 ath11k_fill_band_to_mac_param(struct ath11k_base  *soc,
3845 			      struct wmi_host_pdev_band_to_mac *band_to_mac)
3846 {
3847 	u8 i;
3848 	struct ath11k_hal_reg_capabilities_ext *hal_reg_cap;
3849 	struct ath11k_pdev *pdev;
3850 
3851 	for (i = 0; i < soc->num_radios; i++) {
3852 		pdev = &soc->pdevs[i];
3853 		hal_reg_cap = &soc->hal_reg_cap[i];
3854 		band_to_mac[i].pdev_id = pdev->pdev_id;
3855 
3856 		switch (pdev->cap.supported_bands) {
3857 		case WMI_HOST_WLAN_2G_5G_CAP:
3858 			band_to_mac[i].start_freq = hal_reg_cap->low_2ghz_chan;
3859 			band_to_mac[i].end_freq = hal_reg_cap->high_5ghz_chan;
3860 			break;
3861 		case WMI_HOST_WLAN_2G_CAP:
3862 			band_to_mac[i].start_freq = hal_reg_cap->low_2ghz_chan;
3863 			band_to_mac[i].end_freq = hal_reg_cap->high_2ghz_chan;
3864 			break;
3865 		case WMI_HOST_WLAN_5G_CAP:
3866 			band_to_mac[i].start_freq = hal_reg_cap->low_5ghz_chan;
3867 			band_to_mac[i].end_freq = hal_reg_cap->high_5ghz_chan;
3868 			break;
3869 		default:
3870 			break;
3871 		}
3872 	}
3873 }
3874 
3875 static void
3876 ath11k_wmi_copy_resource_config(struct wmi_resource_config *wmi_cfg,
3877 				struct target_resource_config *tg_cfg)
3878 {
3879 	wmi_cfg->num_vdevs = tg_cfg->num_vdevs;
3880 	wmi_cfg->num_peers = tg_cfg->num_peers;
3881 	wmi_cfg->num_offload_peers = tg_cfg->num_offload_peers;
3882 	wmi_cfg->num_offload_reorder_buffs = tg_cfg->num_offload_reorder_buffs;
3883 	wmi_cfg->num_peer_keys = tg_cfg->num_peer_keys;
3884 	wmi_cfg->num_tids = tg_cfg->num_tids;
3885 	wmi_cfg->ast_skid_limit = tg_cfg->ast_skid_limit;
3886 	wmi_cfg->tx_chain_mask = tg_cfg->tx_chain_mask;
3887 	wmi_cfg->rx_chain_mask = tg_cfg->rx_chain_mask;
3888 	wmi_cfg->rx_timeout_pri[0] = tg_cfg->rx_timeout_pri[0];
3889 	wmi_cfg->rx_timeout_pri[1] = tg_cfg->rx_timeout_pri[1];
3890 	wmi_cfg->rx_timeout_pri[2] = tg_cfg->rx_timeout_pri[2];
3891 	wmi_cfg->rx_timeout_pri[3] = tg_cfg->rx_timeout_pri[3];
3892 	wmi_cfg->rx_decap_mode = tg_cfg->rx_decap_mode;
3893 	wmi_cfg->scan_max_pending_req = tg_cfg->scan_max_pending_req;
3894 	wmi_cfg->bmiss_offload_max_vdev = tg_cfg->bmiss_offload_max_vdev;
3895 	wmi_cfg->roam_offload_max_vdev = tg_cfg->roam_offload_max_vdev;
3896 	wmi_cfg->roam_offload_max_ap_profiles =
3897 		tg_cfg->roam_offload_max_ap_profiles;
3898 	wmi_cfg->num_mcast_groups = tg_cfg->num_mcast_groups;
3899 	wmi_cfg->num_mcast_table_elems = tg_cfg->num_mcast_table_elems;
3900 	wmi_cfg->mcast2ucast_mode = tg_cfg->mcast2ucast_mode;
3901 	wmi_cfg->tx_dbg_log_size = tg_cfg->tx_dbg_log_size;
3902 	wmi_cfg->num_wds_entries = tg_cfg->num_wds_entries;
3903 	wmi_cfg->dma_burst_size = tg_cfg->dma_burst_size;
3904 	wmi_cfg->mac_aggr_delim = tg_cfg->mac_aggr_delim;
3905 	wmi_cfg->rx_skip_defrag_timeout_dup_detection_check =
3906 		tg_cfg->rx_skip_defrag_timeout_dup_detection_check;
3907 	wmi_cfg->vow_config = tg_cfg->vow_config;
3908 	wmi_cfg->gtk_offload_max_vdev = tg_cfg->gtk_offload_max_vdev;
3909 	wmi_cfg->num_msdu_desc = tg_cfg->num_msdu_desc;
3910 	wmi_cfg->max_frag_entries = tg_cfg->max_frag_entries;
3911 	wmi_cfg->num_tdls_vdevs = tg_cfg->num_tdls_vdevs;
3912 	wmi_cfg->num_tdls_conn_table_entries =
3913 		tg_cfg->num_tdls_conn_table_entries;
3914 	wmi_cfg->beacon_tx_offload_max_vdev =
3915 		tg_cfg->beacon_tx_offload_max_vdev;
3916 	wmi_cfg->num_multicast_filter_entries =
3917 		tg_cfg->num_multicast_filter_entries;
3918 	wmi_cfg->num_wow_filters = tg_cfg->num_wow_filters;
3919 	wmi_cfg->num_keep_alive_pattern = tg_cfg->num_keep_alive_pattern;
3920 	wmi_cfg->keep_alive_pattern_size = tg_cfg->keep_alive_pattern_size;
3921 	wmi_cfg->max_tdls_concurrent_sleep_sta =
3922 		tg_cfg->max_tdls_concurrent_sleep_sta;
3923 	wmi_cfg->max_tdls_concurrent_buffer_sta =
3924 		tg_cfg->max_tdls_concurrent_buffer_sta;
3925 	wmi_cfg->wmi_send_separate = tg_cfg->wmi_send_separate;
3926 	wmi_cfg->num_ocb_vdevs = tg_cfg->num_ocb_vdevs;
3927 	wmi_cfg->num_ocb_channels = tg_cfg->num_ocb_channels;
3928 	wmi_cfg->num_ocb_schedules = tg_cfg->num_ocb_schedules;
3929 	wmi_cfg->bpf_instruction_size = tg_cfg->bpf_instruction_size;
3930 	wmi_cfg->max_bssid_rx_filters = tg_cfg->max_bssid_rx_filters;
3931 	wmi_cfg->use_pdev_id = tg_cfg->use_pdev_id;
3932 	wmi_cfg->flag1 = tg_cfg->flag1;
3933 	wmi_cfg->peer_map_unmap_v2_support = tg_cfg->peer_map_unmap_v2_support;
3934 	wmi_cfg->sched_params = tg_cfg->sched_params;
3935 	wmi_cfg->twt_ap_pdev_count = tg_cfg->twt_ap_pdev_count;
3936 	wmi_cfg->twt_ap_sta_count = tg_cfg->twt_ap_sta_count;
3937 }
3938 
3939 static int ath11k_init_cmd_send(struct ath11k_pdev_wmi *wmi,
3940 				struct wmi_init_cmd_param *param)
3941 {
3942 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3943 	struct sk_buff *skb;
3944 	struct wmi_init_cmd *cmd;
3945 	struct wmi_resource_config *cfg;
3946 	struct wmi_pdev_set_hw_mode_cmd_param *hw_mode;
3947 	struct wmi_pdev_band_to_mac *band_to_mac;
3948 	struct wlan_host_mem_chunk *host_mem_chunks;
3949 	struct wmi_tlv *tlv;
3950 	size_t ret, len;
3951 	void *ptr;
3952 	u32 hw_mode_len = 0;
3953 	u16 idx;
3954 
3955 	if (param->hw_mode_id != WMI_HOST_HW_MODE_MAX)
3956 		hw_mode_len = sizeof(*hw_mode) + TLV_HDR_SIZE +
3957 			      (param->num_band_to_mac * sizeof(*band_to_mac));
3958 
3959 	len = sizeof(*cmd) + TLV_HDR_SIZE + sizeof(*cfg) + hw_mode_len +
3960 	      (param->num_mem_chunks ? (sizeof(*host_mem_chunks) * WMI_MAX_MEM_REQS) : 0);
3961 
3962 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3963 	if (!skb)
3964 		return -ENOMEM;
3965 
3966 	cmd = (struct wmi_init_cmd *)skb->data;
3967 
3968 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_INIT_CMD) |
3969 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3970 
3971 	ptr = skb->data + sizeof(*cmd);
3972 	cfg = ptr;
3973 
3974 	ath11k_wmi_copy_resource_config(cfg, param->res_cfg);
3975 
3976 	cfg->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_RESOURCE_CONFIG) |
3977 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cfg) - TLV_HDR_SIZE);
3978 
3979 	ptr += sizeof(*cfg);
3980 	host_mem_chunks = ptr + TLV_HDR_SIZE;
3981 	len = sizeof(struct wlan_host_mem_chunk);
3982 
3983 	for (idx = 0; idx < param->num_mem_chunks; ++idx) {
3984 		host_mem_chunks[idx].tlv_header =
3985 				FIELD_PREP(WMI_TLV_TAG,
3986 					   WMI_TAG_WLAN_HOST_MEMORY_CHUNK) |
3987 				FIELD_PREP(WMI_TLV_LEN, len);
3988 
3989 		host_mem_chunks[idx].ptr = param->mem_chunks[idx].paddr;
3990 		host_mem_chunks[idx].size = param->mem_chunks[idx].len;
3991 		host_mem_chunks[idx].req_id = param->mem_chunks[idx].req_id;
3992 
3993 		ath11k_dbg(ab, ATH11K_DBG_WMI,
3994 			   "WMI host mem chunk req_id %d paddr 0x%llx len %d\n",
3995 			   param->mem_chunks[idx].req_id,
3996 			   (u64)param->mem_chunks[idx].paddr,
3997 			   param->mem_chunks[idx].len);
3998 	}
3999 	cmd->num_host_mem_chunks = param->num_mem_chunks;
4000 	len = sizeof(struct wlan_host_mem_chunk) * param->num_mem_chunks;
4001 
4002 	/* num_mem_chunks is zero */
4003 	tlv = ptr;
4004 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
4005 		      FIELD_PREP(WMI_TLV_LEN, len);
4006 	ptr += TLV_HDR_SIZE + len;
4007 
4008 	if (param->hw_mode_id != WMI_HOST_HW_MODE_MAX) {
4009 		hw_mode = (struct wmi_pdev_set_hw_mode_cmd_param *)ptr;
4010 		hw_mode->tlv_header = FIELD_PREP(WMI_TLV_TAG,
4011 						 WMI_TAG_PDEV_SET_HW_MODE_CMD) |
4012 				      FIELD_PREP(WMI_TLV_LEN,
4013 						 sizeof(*hw_mode) - TLV_HDR_SIZE);
4014 
4015 		hw_mode->hw_mode_index = param->hw_mode_id;
4016 		hw_mode->num_band_to_mac = param->num_band_to_mac;
4017 
4018 		ptr += sizeof(*hw_mode);
4019 
4020 		len = param->num_band_to_mac * sizeof(*band_to_mac);
4021 		tlv = ptr;
4022 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
4023 			      FIELD_PREP(WMI_TLV_LEN, len);
4024 
4025 		ptr += TLV_HDR_SIZE;
4026 		len = sizeof(*band_to_mac);
4027 
4028 		for (idx = 0; idx < param->num_band_to_mac; idx++) {
4029 			band_to_mac = (void *)ptr;
4030 
4031 			band_to_mac->tlv_header = FIELD_PREP(WMI_TLV_TAG,
4032 							     WMI_TAG_PDEV_BAND_TO_MAC) |
4033 						  FIELD_PREP(WMI_TLV_LEN,
4034 							     len - TLV_HDR_SIZE);
4035 			band_to_mac->pdev_id = param->band_to_mac[idx].pdev_id;
4036 			band_to_mac->start_freq =
4037 				param->band_to_mac[idx].start_freq;
4038 			band_to_mac->end_freq =
4039 				param->band_to_mac[idx].end_freq;
4040 			ptr += sizeof(*band_to_mac);
4041 		}
4042 	}
4043 
4044 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_INIT_CMDID);
4045 	if (ret) {
4046 		ath11k_warn(ab, "failed to send WMI_INIT_CMDID\n");
4047 		dev_kfree_skb(skb);
4048 	}
4049 
4050 	return ret;
4051 }
4052 
4053 int ath11k_wmi_pdev_lro_cfg(struct ath11k *ar,
4054 			    int pdev_id)
4055 {
4056 	struct ath11k_wmi_pdev_lro_config_cmd *cmd;
4057 	struct sk_buff *skb;
4058 	int ret;
4059 
4060 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
4061 	if (!skb)
4062 		return -ENOMEM;
4063 
4064 	cmd = (struct ath11k_wmi_pdev_lro_config_cmd *)skb->data;
4065 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_LRO_INFO_CMD) |
4066 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4067 
4068 	get_random_bytes(cmd->th_4, sizeof(uint32_t) * ATH11K_IPV4_TH_SEED_SIZE);
4069 	get_random_bytes(cmd->th_6, sizeof(uint32_t) * ATH11K_IPV6_TH_SEED_SIZE);
4070 
4071 	cmd->pdev_id = pdev_id;
4072 
4073 	ret = ath11k_wmi_cmd_send(ar->wmi, skb, WMI_LRO_CONFIG_CMDID);
4074 	if (ret) {
4075 		ath11k_warn(ar->ab,
4076 			    "failed to send lro cfg req wmi cmd\n");
4077 		goto err;
4078 	}
4079 
4080 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
4081 		   "WMI lro cfg cmd pdev_id 0x%x\n", pdev_id);
4082 	return 0;
4083 err:
4084 	dev_kfree_skb(skb);
4085 	return ret;
4086 }
4087 
4088 int ath11k_wmi_wait_for_service_ready(struct ath11k_base *ab)
4089 {
4090 	unsigned long time_left;
4091 
4092 	time_left = wait_for_completion_timeout(&ab->wmi_ab.service_ready,
4093 						WMI_SERVICE_READY_TIMEOUT_HZ);
4094 	if (!time_left)
4095 		return -ETIMEDOUT;
4096 
4097 	return 0;
4098 }
4099 
4100 int ath11k_wmi_wait_for_unified_ready(struct ath11k_base *ab)
4101 {
4102 	unsigned long time_left;
4103 
4104 	time_left = wait_for_completion_timeout(&ab->wmi_ab.unified_ready,
4105 						WMI_SERVICE_READY_TIMEOUT_HZ);
4106 	if (!time_left)
4107 		return -ETIMEDOUT;
4108 
4109 	return 0;
4110 }
4111 
4112 int ath11k_wmi_set_hw_mode(struct ath11k_base *ab,
4113 			   enum wmi_host_hw_mode_config_type mode)
4114 {
4115 	struct wmi_pdev_set_hw_mode_cmd_param *cmd;
4116 	struct sk_buff *skb;
4117 	struct ath11k_wmi_base *wmi_ab = &ab->wmi_ab;
4118 	int len;
4119 	int ret;
4120 
4121 	len = sizeof(*cmd);
4122 
4123 	skb = ath11k_wmi_alloc_skb(wmi_ab, len);
4124 	if (!skb)
4125 		return -ENOMEM;
4126 
4127 	cmd = (struct wmi_pdev_set_hw_mode_cmd_param *)skb->data;
4128 
4129 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SET_HW_MODE_CMD) |
4130 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4131 
4132 	cmd->pdev_id = WMI_PDEV_ID_SOC;
4133 	cmd->hw_mode_index = mode;
4134 
4135 	ret = ath11k_wmi_cmd_send(&wmi_ab->wmi[0], skb, WMI_PDEV_SET_HW_MODE_CMDID);
4136 	if (ret) {
4137 		ath11k_warn(ab, "failed to send WMI_PDEV_SET_HW_MODE_CMDID\n");
4138 		dev_kfree_skb(skb);
4139 	}
4140 
4141 	return ret;
4142 }
4143 
4144 int ath11k_wmi_cmd_init(struct ath11k_base *ab)
4145 {
4146 	struct ath11k_wmi_base *wmi_sc = &ab->wmi_ab;
4147 	struct wmi_init_cmd_param init_param;
4148 	struct target_resource_config  config;
4149 
4150 	memset(&init_param, 0, sizeof(init_param));
4151 	memset(&config, 0, sizeof(config));
4152 
4153 	ab->hw_params.hw_ops->wmi_init_config(ab, &config);
4154 
4155 	memcpy(&wmi_sc->wlan_resource_config, &config, sizeof(config));
4156 
4157 	init_param.res_cfg = &wmi_sc->wlan_resource_config;
4158 	init_param.num_mem_chunks = wmi_sc->num_mem_chunks;
4159 	init_param.hw_mode_id = wmi_sc->preferred_hw_mode;
4160 	init_param.mem_chunks = wmi_sc->mem_chunks;
4161 
4162 	if (ab->hw_params.single_pdev_only)
4163 		init_param.hw_mode_id = WMI_HOST_HW_MODE_MAX;
4164 
4165 	init_param.num_band_to_mac = ab->num_radios;
4166 	ath11k_fill_band_to_mac_param(ab, init_param.band_to_mac);
4167 
4168 	return ath11k_init_cmd_send(&wmi_sc->wmi[0], &init_param);
4169 }
4170 
4171 int ath11k_wmi_vdev_spectral_conf(struct ath11k *ar,
4172 				  struct ath11k_wmi_vdev_spectral_conf_param *param)
4173 {
4174 	struct ath11k_wmi_vdev_spectral_conf_cmd *cmd;
4175 	struct sk_buff *skb;
4176 	int ret;
4177 
4178 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
4179 	if (!skb)
4180 		return -ENOMEM;
4181 
4182 	cmd = (struct ath11k_wmi_vdev_spectral_conf_cmd *)skb->data;
4183 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
4184 				     WMI_TAG_VDEV_SPECTRAL_CONFIGURE_CMD) |
4185 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4186 
4187 	memcpy(&cmd->param, param, sizeof(*param));
4188 
4189 	ret = ath11k_wmi_cmd_send(ar->wmi, skb,
4190 				  WMI_VDEV_SPECTRAL_SCAN_CONFIGURE_CMDID);
4191 	if (ret) {
4192 		ath11k_warn(ar->ab,
4193 			    "failed to send spectral scan config wmi cmd\n");
4194 		goto err;
4195 	}
4196 
4197 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
4198 		   "WMI spectral scan config cmd vdev_id 0x%x\n",
4199 		   param->vdev_id);
4200 
4201 	return 0;
4202 err:
4203 	dev_kfree_skb(skb);
4204 	return ret;
4205 }
4206 
4207 int ath11k_wmi_vdev_spectral_enable(struct ath11k *ar, u32 vdev_id,
4208 				    u32 trigger, u32 enable)
4209 {
4210 	struct ath11k_wmi_vdev_spectral_enable_cmd *cmd;
4211 	struct sk_buff *skb;
4212 	int ret;
4213 
4214 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
4215 	if (!skb)
4216 		return -ENOMEM;
4217 
4218 	cmd = (struct ath11k_wmi_vdev_spectral_enable_cmd *)skb->data;
4219 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
4220 				     WMI_TAG_VDEV_SPECTRAL_ENABLE_CMD) |
4221 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4222 
4223 	cmd->vdev_id = vdev_id;
4224 	cmd->trigger_cmd = trigger;
4225 	cmd->enable_cmd = enable;
4226 
4227 	ret = ath11k_wmi_cmd_send(ar->wmi, skb,
4228 				  WMI_VDEV_SPECTRAL_SCAN_ENABLE_CMDID);
4229 	if (ret) {
4230 		ath11k_warn(ar->ab,
4231 			    "failed to send spectral enable wmi cmd\n");
4232 		goto err;
4233 	}
4234 
4235 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
4236 		   "WMI spectral enable cmd vdev id 0x%x\n",
4237 		   vdev_id);
4238 
4239 	return 0;
4240 err:
4241 	dev_kfree_skb(skb);
4242 	return ret;
4243 }
4244 
4245 int ath11k_wmi_pdev_dma_ring_cfg(struct ath11k *ar,
4246 				 struct ath11k_wmi_pdev_dma_ring_cfg_req_cmd *param)
4247 {
4248 	struct ath11k_wmi_pdev_dma_ring_cfg_req_cmd *cmd;
4249 	struct sk_buff *skb;
4250 	int ret;
4251 
4252 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
4253 	if (!skb)
4254 		return -ENOMEM;
4255 
4256 	cmd = (struct ath11k_wmi_pdev_dma_ring_cfg_req_cmd *)skb->data;
4257 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_DMA_RING_CFG_REQ) |
4258 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4259 
4260 	cmd->pdev_id		= param->pdev_id;
4261 	cmd->module_id		= param->module_id;
4262 	cmd->base_paddr_lo	= param->base_paddr_lo;
4263 	cmd->base_paddr_hi	= param->base_paddr_hi;
4264 	cmd->head_idx_paddr_lo	= param->head_idx_paddr_lo;
4265 	cmd->head_idx_paddr_hi	= param->head_idx_paddr_hi;
4266 	cmd->tail_idx_paddr_lo	= param->tail_idx_paddr_lo;
4267 	cmd->tail_idx_paddr_hi	= param->tail_idx_paddr_hi;
4268 	cmd->num_elems		= param->num_elems;
4269 	cmd->buf_size		= param->buf_size;
4270 	cmd->num_resp_per_event	= param->num_resp_per_event;
4271 	cmd->event_timeout_ms	= param->event_timeout_ms;
4272 
4273 	ret = ath11k_wmi_cmd_send(ar->wmi, skb,
4274 				  WMI_PDEV_DMA_RING_CFG_REQ_CMDID);
4275 	if (ret) {
4276 		ath11k_warn(ar->ab,
4277 			    "failed to send dma ring cfg req wmi cmd\n");
4278 		goto err;
4279 	}
4280 
4281 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
4282 		   "WMI DMA ring cfg req cmd pdev_id 0x%x\n",
4283 		   param->pdev_id);
4284 
4285 	return 0;
4286 err:
4287 	dev_kfree_skb(skb);
4288 	return ret;
4289 }
4290 
4291 static int ath11k_wmi_tlv_dma_buf_entry_parse(struct ath11k_base *soc,
4292 					      u16 tag, u16 len,
4293 					      const void *ptr, void *data)
4294 {
4295 	struct wmi_tlv_dma_buf_release_parse *parse = data;
4296 
4297 	if (tag != WMI_TAG_DMA_BUF_RELEASE_ENTRY)
4298 		return -EPROTO;
4299 
4300 	if (parse->num_buf_entry >= parse->fixed.num_buf_release_entry)
4301 		return -ENOBUFS;
4302 
4303 	parse->num_buf_entry++;
4304 	return 0;
4305 }
4306 
4307 static int ath11k_wmi_tlv_dma_buf_meta_parse(struct ath11k_base *soc,
4308 					     u16 tag, u16 len,
4309 					     const void *ptr, void *data)
4310 {
4311 	struct wmi_tlv_dma_buf_release_parse *parse = data;
4312 
4313 	if (tag != WMI_TAG_DMA_BUF_RELEASE_SPECTRAL_META_DATA)
4314 		return -EPROTO;
4315 
4316 	if (parse->num_meta >= parse->fixed.num_meta_data_entry)
4317 		return -ENOBUFS;
4318 
4319 	parse->num_meta++;
4320 	return 0;
4321 }
4322 
4323 static int ath11k_wmi_tlv_dma_buf_parse(struct ath11k_base *ab,
4324 					u16 tag, u16 len,
4325 					const void *ptr, void *data)
4326 {
4327 	struct wmi_tlv_dma_buf_release_parse *parse = data;
4328 	int ret;
4329 
4330 	switch (tag) {
4331 	case WMI_TAG_DMA_BUF_RELEASE:
4332 		memcpy(&parse->fixed, ptr,
4333 		       sizeof(struct ath11k_wmi_dma_buf_release_fixed_param));
4334 		parse->fixed.pdev_id = DP_HW2SW_MACID(parse->fixed.pdev_id);
4335 		break;
4336 	case WMI_TAG_ARRAY_STRUCT:
4337 		if (!parse->buf_entry_done) {
4338 			parse->num_buf_entry = 0;
4339 			parse->buf_entry = (struct wmi_dma_buf_release_entry *)ptr;
4340 
4341 			ret = ath11k_wmi_tlv_iter(ab, ptr, len,
4342 						  ath11k_wmi_tlv_dma_buf_entry_parse,
4343 						  parse);
4344 			if (ret) {
4345 				ath11k_warn(ab, "failed to parse dma buf entry tlv %d\n",
4346 					    ret);
4347 				return ret;
4348 			}
4349 
4350 			parse->buf_entry_done = true;
4351 		} else if (!parse->meta_data_done) {
4352 			parse->num_meta = 0;
4353 			parse->meta_data = (struct wmi_dma_buf_release_meta_data *)ptr;
4354 
4355 			ret = ath11k_wmi_tlv_iter(ab, ptr, len,
4356 						  ath11k_wmi_tlv_dma_buf_meta_parse,
4357 						  parse);
4358 			if (ret) {
4359 				ath11k_warn(ab, "failed to parse dma buf meta tlv %d\n",
4360 					    ret);
4361 				return ret;
4362 			}
4363 
4364 			parse->meta_data_done = true;
4365 		}
4366 		break;
4367 	default:
4368 		break;
4369 	}
4370 	return 0;
4371 }
4372 
4373 static void ath11k_wmi_pdev_dma_ring_buf_release_event(struct ath11k_base *ab,
4374 						       struct sk_buff *skb)
4375 {
4376 	struct wmi_tlv_dma_buf_release_parse parse = { };
4377 	struct ath11k_dbring_buf_release_event param;
4378 	int ret;
4379 
4380 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
4381 				  ath11k_wmi_tlv_dma_buf_parse,
4382 				  &parse);
4383 	if (ret) {
4384 		ath11k_warn(ab, "failed to parse dma buf release tlv %d\n", ret);
4385 		return;
4386 	}
4387 
4388 	param.fixed		= parse.fixed;
4389 	param.buf_entry		= parse.buf_entry;
4390 	param.num_buf_entry	= parse.num_buf_entry;
4391 	param.meta_data		= parse.meta_data;
4392 	param.num_meta		= parse.num_meta;
4393 
4394 	ret = ath11k_dbring_buffer_release_event(ab, &param);
4395 	if (ret) {
4396 		ath11k_warn(ab, "failed to handle dma buf release event %d\n", ret);
4397 		return;
4398 	}
4399 }
4400 
4401 static int ath11k_wmi_tlv_hw_mode_caps_parse(struct ath11k_base *soc,
4402 					     u16 tag, u16 len,
4403 					     const void *ptr, void *data)
4404 {
4405 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4406 	struct wmi_hw_mode_capabilities *hw_mode_cap;
4407 	u32 phy_map = 0;
4408 
4409 	if (tag != WMI_TAG_HW_MODE_CAPABILITIES)
4410 		return -EPROTO;
4411 
4412 	if (svc_rdy_ext->n_hw_mode_caps >= svc_rdy_ext->param.num_hw_modes)
4413 		return -ENOBUFS;
4414 
4415 	hw_mode_cap = container_of(ptr, struct wmi_hw_mode_capabilities,
4416 				   hw_mode_id);
4417 	svc_rdy_ext->n_hw_mode_caps++;
4418 
4419 	phy_map = hw_mode_cap->phy_id_map;
4420 	while (phy_map) {
4421 		svc_rdy_ext->tot_phy_id++;
4422 		phy_map = phy_map >> 1;
4423 	}
4424 
4425 	return 0;
4426 }
4427 
4428 static int ath11k_wmi_tlv_hw_mode_caps(struct ath11k_base *soc,
4429 				       u16 len, const void *ptr, void *data)
4430 {
4431 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4432 	struct wmi_hw_mode_capabilities *hw_mode_caps;
4433 	enum wmi_host_hw_mode_config_type mode, pref;
4434 	u32 i;
4435 	int ret;
4436 
4437 	svc_rdy_ext->n_hw_mode_caps = 0;
4438 	svc_rdy_ext->hw_mode_caps = (struct wmi_hw_mode_capabilities *)ptr;
4439 
4440 	ret = ath11k_wmi_tlv_iter(soc, ptr, len,
4441 				  ath11k_wmi_tlv_hw_mode_caps_parse,
4442 				  svc_rdy_ext);
4443 	if (ret) {
4444 		ath11k_warn(soc, "failed to parse tlv %d\n", ret);
4445 		return ret;
4446 	}
4447 
4448 	i = 0;
4449 	while (i < svc_rdy_ext->n_hw_mode_caps) {
4450 		hw_mode_caps = &svc_rdy_ext->hw_mode_caps[i];
4451 		mode = hw_mode_caps->hw_mode_id;
4452 		pref = soc->wmi_ab.preferred_hw_mode;
4453 
4454 		if (ath11k_hw_mode_pri_map[mode] < ath11k_hw_mode_pri_map[pref]) {
4455 			svc_rdy_ext->pref_hw_mode_caps = *hw_mode_caps;
4456 			soc->wmi_ab.preferred_hw_mode = mode;
4457 		}
4458 		i++;
4459 	}
4460 
4461 	ath11k_dbg(soc, ATH11K_DBG_WMI, "preferred_hw_mode:%d\n",
4462 		   soc->wmi_ab.preferred_hw_mode);
4463 	if (soc->wmi_ab.preferred_hw_mode == WMI_HOST_HW_MODE_MAX)
4464 		return -EINVAL;
4465 
4466 	return 0;
4467 }
4468 
4469 static int ath11k_wmi_tlv_mac_phy_caps_parse(struct ath11k_base *soc,
4470 					     u16 tag, u16 len,
4471 					     const void *ptr, void *data)
4472 {
4473 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4474 
4475 	if (tag != WMI_TAG_MAC_PHY_CAPABILITIES)
4476 		return -EPROTO;
4477 
4478 	if (svc_rdy_ext->n_mac_phy_caps >= svc_rdy_ext->tot_phy_id)
4479 		return -ENOBUFS;
4480 
4481 	len = min_t(u16, len, sizeof(struct wmi_mac_phy_capabilities));
4482 	if (!svc_rdy_ext->n_mac_phy_caps) {
4483 		svc_rdy_ext->mac_phy_caps = kcalloc(svc_rdy_ext->tot_phy_id,
4484 						    len, GFP_ATOMIC);
4485 		if (!svc_rdy_ext->mac_phy_caps)
4486 			return -ENOMEM;
4487 	}
4488 
4489 	memcpy(svc_rdy_ext->mac_phy_caps + svc_rdy_ext->n_mac_phy_caps, ptr, len);
4490 	svc_rdy_ext->n_mac_phy_caps++;
4491 	return 0;
4492 }
4493 
4494 static int ath11k_wmi_tlv_ext_hal_reg_caps_parse(struct ath11k_base *soc,
4495 						 u16 tag, u16 len,
4496 						 const void *ptr, void *data)
4497 {
4498 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4499 
4500 	if (tag != WMI_TAG_HAL_REG_CAPABILITIES_EXT)
4501 		return -EPROTO;
4502 
4503 	if (svc_rdy_ext->n_ext_hal_reg_caps >= svc_rdy_ext->param.num_phy)
4504 		return -ENOBUFS;
4505 
4506 	svc_rdy_ext->n_ext_hal_reg_caps++;
4507 	return 0;
4508 }
4509 
4510 static int ath11k_wmi_tlv_ext_hal_reg_caps(struct ath11k_base *soc,
4511 					   u16 len, const void *ptr, void *data)
4512 {
4513 	struct ath11k_pdev_wmi *wmi_handle = &soc->wmi_ab.wmi[0];
4514 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4515 	struct ath11k_hal_reg_capabilities_ext reg_cap;
4516 	int ret;
4517 	u32 i;
4518 
4519 	svc_rdy_ext->n_ext_hal_reg_caps = 0;
4520 	svc_rdy_ext->ext_hal_reg_caps = (struct wmi_hal_reg_capabilities_ext *)ptr;
4521 	ret = ath11k_wmi_tlv_iter(soc, ptr, len,
4522 				  ath11k_wmi_tlv_ext_hal_reg_caps_parse,
4523 				  svc_rdy_ext);
4524 	if (ret) {
4525 		ath11k_warn(soc, "failed to parse tlv %d\n", ret);
4526 		return ret;
4527 	}
4528 
4529 	for (i = 0; i < svc_rdy_ext->param.num_phy; i++) {
4530 		ret = ath11k_pull_reg_cap_svc_rdy_ext(wmi_handle,
4531 						      svc_rdy_ext->soc_hal_reg_caps,
4532 						      svc_rdy_ext->ext_hal_reg_caps, i,
4533 						      &reg_cap);
4534 		if (ret) {
4535 			ath11k_warn(soc, "failed to extract reg cap %d\n", i);
4536 			return ret;
4537 		}
4538 
4539 		memcpy(&soc->hal_reg_cap[reg_cap.phy_id],
4540 		       &reg_cap, sizeof(reg_cap));
4541 	}
4542 	return 0;
4543 }
4544 
4545 static int ath11k_wmi_tlv_ext_soc_hal_reg_caps_parse(struct ath11k_base *soc,
4546 						     u16 len, const void *ptr,
4547 						     void *data)
4548 {
4549 	struct ath11k_pdev_wmi *wmi_handle = &soc->wmi_ab.wmi[0];
4550 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4551 	u8 hw_mode_id = svc_rdy_ext->pref_hw_mode_caps.hw_mode_id;
4552 	u32 phy_id_map;
4553 	int pdev_index = 0;
4554 	int ret;
4555 
4556 	svc_rdy_ext->soc_hal_reg_caps = (struct wmi_soc_hal_reg_capabilities *)ptr;
4557 	svc_rdy_ext->param.num_phy = svc_rdy_ext->soc_hal_reg_caps->num_phy;
4558 
4559 	soc->num_radios = 0;
4560 	soc->target_pdev_count = 0;
4561 	phy_id_map = svc_rdy_ext->pref_hw_mode_caps.phy_id_map;
4562 
4563 	while (phy_id_map && soc->num_radios < MAX_RADIOS) {
4564 		ret = ath11k_pull_mac_phy_cap_svc_ready_ext(wmi_handle,
4565 							    svc_rdy_ext->hw_caps,
4566 							    svc_rdy_ext->hw_mode_caps,
4567 							    svc_rdy_ext->soc_hal_reg_caps,
4568 							    svc_rdy_ext->mac_phy_caps,
4569 							    hw_mode_id, soc->num_radios,
4570 							    &soc->pdevs[pdev_index]);
4571 		if (ret) {
4572 			ath11k_warn(soc, "failed to extract mac caps, idx :%d\n",
4573 				    soc->num_radios);
4574 			return ret;
4575 		}
4576 
4577 		soc->num_radios++;
4578 
4579 		/* For QCA6390, save mac_phy capability in the same pdev */
4580 		if (soc->hw_params.single_pdev_only)
4581 			pdev_index = 0;
4582 		else
4583 			pdev_index = soc->num_radios;
4584 
4585 		/* TODO: mac_phy_cap prints */
4586 		phy_id_map >>= 1;
4587 	}
4588 
4589 	/* For QCA6390, set num_radios to 1 because host manages
4590 	 * both 2G and 5G radio in one pdev.
4591 	 * Set pdev_id = 0 and 0 means soc level.
4592 	 */
4593 	if (soc->hw_params.single_pdev_only) {
4594 		soc->num_radios = 1;
4595 		soc->pdevs[0].pdev_id = 0;
4596 	}
4597 
4598 	return 0;
4599 }
4600 
4601 static int ath11k_wmi_tlv_dma_ring_caps_parse(struct ath11k_base *soc,
4602 					      u16 tag, u16 len,
4603 					      const void *ptr, void *data)
4604 {
4605 	struct wmi_tlv_dma_ring_caps_parse *parse = data;
4606 
4607 	if (tag != WMI_TAG_DMA_RING_CAPABILITIES)
4608 		return -EPROTO;
4609 
4610 	parse->n_dma_ring_caps++;
4611 	return 0;
4612 }
4613 
4614 static int ath11k_wmi_alloc_dbring_caps(struct ath11k_base *ab,
4615 					u32 num_cap)
4616 {
4617 	size_t sz;
4618 	void *ptr;
4619 
4620 	sz = num_cap * sizeof(struct ath11k_dbring_cap);
4621 	ptr = kzalloc(sz, GFP_ATOMIC);
4622 	if (!ptr)
4623 		return -ENOMEM;
4624 
4625 	ab->db_caps = ptr;
4626 	ab->num_db_cap = num_cap;
4627 
4628 	return 0;
4629 }
4630 
4631 static void ath11k_wmi_free_dbring_caps(struct ath11k_base *ab)
4632 {
4633 	kfree(ab->db_caps);
4634 	ab->db_caps = NULL;
4635 }
4636 
4637 static int ath11k_wmi_tlv_dma_ring_caps(struct ath11k_base *ab,
4638 					u16 len, const void *ptr, void *data)
4639 {
4640 	struct wmi_tlv_dma_ring_caps_parse *dma_caps_parse = data;
4641 	struct wmi_dma_ring_capabilities *dma_caps;
4642 	struct ath11k_dbring_cap *dir_buff_caps;
4643 	int ret;
4644 	u32 i;
4645 
4646 	dma_caps_parse->n_dma_ring_caps = 0;
4647 	dma_caps = (struct wmi_dma_ring_capabilities *)ptr;
4648 	ret = ath11k_wmi_tlv_iter(ab, ptr, len,
4649 				  ath11k_wmi_tlv_dma_ring_caps_parse,
4650 				  dma_caps_parse);
4651 	if (ret) {
4652 		ath11k_warn(ab, "failed to parse dma ring caps tlv %d\n", ret);
4653 		return ret;
4654 	}
4655 
4656 	if (!dma_caps_parse->n_dma_ring_caps)
4657 		return 0;
4658 
4659 	if (ab->num_db_cap) {
4660 		ath11k_warn(ab, "Already processed, so ignoring dma ring caps\n");
4661 		return 0;
4662 	}
4663 
4664 	ret = ath11k_wmi_alloc_dbring_caps(ab, dma_caps_parse->n_dma_ring_caps);
4665 	if (ret)
4666 		return ret;
4667 
4668 	dir_buff_caps = ab->db_caps;
4669 	for (i = 0; i < dma_caps_parse->n_dma_ring_caps; i++) {
4670 		if (dma_caps[i].module_id >= WMI_DIRECT_BUF_MAX) {
4671 			ath11k_warn(ab, "Invalid module id %d\n", dma_caps[i].module_id);
4672 			ret = -EINVAL;
4673 			goto free_dir_buff;
4674 		}
4675 
4676 		dir_buff_caps[i].id = dma_caps[i].module_id;
4677 		dir_buff_caps[i].pdev_id = DP_HW2SW_MACID(dma_caps[i].pdev_id);
4678 		dir_buff_caps[i].min_elem = dma_caps[i].min_elem;
4679 		dir_buff_caps[i].min_buf_sz = dma_caps[i].min_buf_sz;
4680 		dir_buff_caps[i].min_buf_align = dma_caps[i].min_buf_align;
4681 	}
4682 
4683 	return 0;
4684 
4685 free_dir_buff:
4686 	ath11k_wmi_free_dbring_caps(ab);
4687 	return ret;
4688 }
4689 
4690 static int ath11k_wmi_tlv_svc_rdy_ext_parse(struct ath11k_base *ab,
4691 					    u16 tag, u16 len,
4692 					    const void *ptr, void *data)
4693 {
4694 	struct ath11k_pdev_wmi *wmi_handle = &ab->wmi_ab.wmi[0];
4695 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4696 	int ret;
4697 
4698 	switch (tag) {
4699 	case WMI_TAG_SERVICE_READY_EXT_EVENT:
4700 		ret = ath11k_pull_svc_ready_ext(wmi_handle, ptr,
4701 						&svc_rdy_ext->param);
4702 		if (ret) {
4703 			ath11k_warn(ab, "unable to extract ext params\n");
4704 			return ret;
4705 		}
4706 		break;
4707 
4708 	case WMI_TAG_SOC_MAC_PHY_HW_MODE_CAPS:
4709 		svc_rdy_ext->hw_caps = (struct wmi_soc_mac_phy_hw_mode_caps *)ptr;
4710 		svc_rdy_ext->param.num_hw_modes = svc_rdy_ext->hw_caps->num_hw_modes;
4711 		break;
4712 
4713 	case WMI_TAG_SOC_HAL_REG_CAPABILITIES:
4714 		ret = ath11k_wmi_tlv_ext_soc_hal_reg_caps_parse(ab, len, ptr,
4715 								svc_rdy_ext);
4716 		if (ret)
4717 			return ret;
4718 		break;
4719 
4720 	case WMI_TAG_ARRAY_STRUCT:
4721 		if (!svc_rdy_ext->hw_mode_done) {
4722 			ret = ath11k_wmi_tlv_hw_mode_caps(ab, len, ptr,
4723 							  svc_rdy_ext);
4724 			if (ret)
4725 				return ret;
4726 
4727 			svc_rdy_ext->hw_mode_done = true;
4728 		} else if (!svc_rdy_ext->mac_phy_done) {
4729 			svc_rdy_ext->n_mac_phy_caps = 0;
4730 			ret = ath11k_wmi_tlv_iter(ab, ptr, len,
4731 						  ath11k_wmi_tlv_mac_phy_caps_parse,
4732 						  svc_rdy_ext);
4733 			if (ret) {
4734 				ath11k_warn(ab, "failed to parse tlv %d\n", ret);
4735 				return ret;
4736 			}
4737 
4738 			svc_rdy_ext->mac_phy_done = true;
4739 		} else if (!svc_rdy_ext->ext_hal_reg_done) {
4740 			ret = ath11k_wmi_tlv_ext_hal_reg_caps(ab, len, ptr,
4741 							      svc_rdy_ext);
4742 			if (ret)
4743 				return ret;
4744 
4745 			svc_rdy_ext->ext_hal_reg_done = true;
4746 		} else if (!svc_rdy_ext->mac_phy_chainmask_combo_done) {
4747 			svc_rdy_ext->mac_phy_chainmask_combo_done = true;
4748 		} else if (!svc_rdy_ext->mac_phy_chainmask_cap_done) {
4749 			svc_rdy_ext->mac_phy_chainmask_cap_done = true;
4750 		} else if (!svc_rdy_ext->oem_dma_ring_cap_done) {
4751 			svc_rdy_ext->oem_dma_ring_cap_done = true;
4752 		} else if (!svc_rdy_ext->dma_ring_cap_done) {
4753 			ret = ath11k_wmi_tlv_dma_ring_caps(ab, len, ptr,
4754 							   &svc_rdy_ext->dma_caps_parse);
4755 			if (ret)
4756 				return ret;
4757 
4758 			svc_rdy_ext->dma_ring_cap_done = true;
4759 		}
4760 		break;
4761 
4762 	default:
4763 		break;
4764 	}
4765 	return 0;
4766 }
4767 
4768 static int ath11k_service_ready_ext_event(struct ath11k_base *ab,
4769 					  struct sk_buff *skb)
4770 {
4771 	struct wmi_tlv_svc_rdy_ext_parse svc_rdy_ext = { };
4772 	int ret;
4773 
4774 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
4775 				  ath11k_wmi_tlv_svc_rdy_ext_parse,
4776 				  &svc_rdy_ext);
4777 	if (ret) {
4778 		ath11k_warn(ab, "failed to parse tlv %d\n", ret);
4779 		goto err;
4780 	}
4781 
4782 	if (!test_bit(WMI_TLV_SERVICE_EXT2_MSG, ab->wmi_ab.svc_map))
4783 		complete(&ab->wmi_ab.service_ready);
4784 
4785 	kfree(svc_rdy_ext.mac_phy_caps);
4786 	return 0;
4787 
4788 err:
4789 	ath11k_wmi_free_dbring_caps(ab);
4790 	return ret;
4791 }
4792 
4793 static int ath11k_wmi_tlv_svc_rdy_ext2_parse(struct ath11k_base *ab,
4794 					     u16 tag, u16 len,
4795 					     const void *ptr, void *data)
4796 {
4797 	struct wmi_tlv_svc_rdy_ext2_parse *parse = data;
4798 	int ret;
4799 
4800 	switch (tag) {
4801 	case WMI_TAG_ARRAY_STRUCT:
4802 		if (!parse->dma_ring_cap_done) {
4803 			ret = ath11k_wmi_tlv_dma_ring_caps(ab, len, ptr,
4804 							   &parse->dma_caps_parse);
4805 			if (ret)
4806 				return ret;
4807 
4808 			parse->dma_ring_cap_done = true;
4809 		}
4810 		break;
4811 	default:
4812 		break;
4813 	}
4814 
4815 	return 0;
4816 }
4817 
4818 static int ath11k_service_ready_ext2_event(struct ath11k_base *ab,
4819 					   struct sk_buff *skb)
4820 {
4821 	struct wmi_tlv_svc_rdy_ext2_parse svc_rdy_ext2 = { };
4822 	int ret;
4823 
4824 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
4825 				  ath11k_wmi_tlv_svc_rdy_ext2_parse,
4826 				  &svc_rdy_ext2);
4827 	if (ret) {
4828 		ath11k_warn(ab, "failed to parse ext2 event tlv %d\n", ret);
4829 		goto err;
4830 	}
4831 
4832 	complete(&ab->wmi_ab.service_ready);
4833 
4834 	return 0;
4835 
4836 err:
4837 	ath11k_wmi_free_dbring_caps(ab);
4838 	return ret;
4839 }
4840 
4841 static int ath11k_pull_vdev_start_resp_tlv(struct ath11k_base *ab, struct sk_buff *skb,
4842 					   struct wmi_vdev_start_resp_event *vdev_rsp)
4843 {
4844 	const void **tb;
4845 	const struct wmi_vdev_start_resp_event *ev;
4846 	int ret;
4847 
4848 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4849 	if (IS_ERR(tb)) {
4850 		ret = PTR_ERR(tb);
4851 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
4852 		return ret;
4853 	}
4854 
4855 	ev = tb[WMI_TAG_VDEV_START_RESPONSE_EVENT];
4856 	if (!ev) {
4857 		ath11k_warn(ab, "failed to fetch vdev start resp ev");
4858 		kfree(tb);
4859 		return -EPROTO;
4860 	}
4861 
4862 	memset(vdev_rsp, 0, sizeof(*vdev_rsp));
4863 
4864 	vdev_rsp->vdev_id = ev->vdev_id;
4865 	vdev_rsp->requestor_id = ev->requestor_id;
4866 	vdev_rsp->resp_type = ev->resp_type;
4867 	vdev_rsp->status = ev->status;
4868 	vdev_rsp->chain_mask = ev->chain_mask;
4869 	vdev_rsp->smps_mode = ev->smps_mode;
4870 	vdev_rsp->mac_id = ev->mac_id;
4871 	vdev_rsp->cfgd_tx_streams = ev->cfgd_tx_streams;
4872 	vdev_rsp->cfgd_rx_streams = ev->cfgd_rx_streams;
4873 
4874 	kfree(tb);
4875 	return 0;
4876 }
4877 
4878 static struct cur_reg_rule
4879 *create_reg_rules_from_wmi(u32 num_reg_rules,
4880 			   struct wmi_regulatory_rule_struct *wmi_reg_rule)
4881 {
4882 	struct cur_reg_rule *reg_rule_ptr;
4883 	u32 count;
4884 
4885 	reg_rule_ptr = kcalloc(num_reg_rules, sizeof(*reg_rule_ptr),
4886 			       GFP_ATOMIC);
4887 
4888 	if (!reg_rule_ptr)
4889 		return NULL;
4890 
4891 	for (count = 0; count < num_reg_rules; count++) {
4892 		reg_rule_ptr[count].start_freq =
4893 			FIELD_GET(REG_RULE_START_FREQ,
4894 				  wmi_reg_rule[count].freq_info);
4895 		reg_rule_ptr[count].end_freq =
4896 			FIELD_GET(REG_RULE_END_FREQ,
4897 				  wmi_reg_rule[count].freq_info);
4898 		reg_rule_ptr[count].max_bw =
4899 			FIELD_GET(REG_RULE_MAX_BW,
4900 				  wmi_reg_rule[count].bw_pwr_info);
4901 		reg_rule_ptr[count].reg_power =
4902 			FIELD_GET(REG_RULE_REG_PWR,
4903 				  wmi_reg_rule[count].bw_pwr_info);
4904 		reg_rule_ptr[count].ant_gain =
4905 			FIELD_GET(REG_RULE_ANT_GAIN,
4906 				  wmi_reg_rule[count].bw_pwr_info);
4907 		reg_rule_ptr[count].flags =
4908 			FIELD_GET(REG_RULE_FLAGS,
4909 				  wmi_reg_rule[count].flag_info);
4910 	}
4911 
4912 	return reg_rule_ptr;
4913 }
4914 
4915 static int ath11k_pull_reg_chan_list_update_ev(struct ath11k_base *ab,
4916 					       struct sk_buff *skb,
4917 					       struct cur_regulatory_info *reg_info)
4918 {
4919 	const void **tb;
4920 	const struct wmi_reg_chan_list_cc_event *chan_list_event_hdr;
4921 	struct wmi_regulatory_rule_struct *wmi_reg_rule;
4922 	u32 num_2g_reg_rules, num_5g_reg_rules;
4923 	int ret;
4924 
4925 	ath11k_dbg(ab, ATH11K_DBG_WMI, "processing regulatory channel list\n");
4926 
4927 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4928 	if (IS_ERR(tb)) {
4929 		ret = PTR_ERR(tb);
4930 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
4931 		return ret;
4932 	}
4933 
4934 	chan_list_event_hdr = tb[WMI_TAG_REG_CHAN_LIST_CC_EVENT];
4935 	if (!chan_list_event_hdr) {
4936 		ath11k_warn(ab, "failed to fetch reg chan list update ev\n");
4937 		kfree(tb);
4938 		return -EPROTO;
4939 	}
4940 
4941 	reg_info->num_2g_reg_rules = chan_list_event_hdr->num_2g_reg_rules;
4942 	reg_info->num_5g_reg_rules = chan_list_event_hdr->num_5g_reg_rules;
4943 
4944 	if (!(reg_info->num_2g_reg_rules + reg_info->num_5g_reg_rules)) {
4945 		ath11k_warn(ab, "No regulatory rules available in the event info\n");
4946 		kfree(tb);
4947 		return -EINVAL;
4948 	}
4949 
4950 	memcpy(reg_info->alpha2, &chan_list_event_hdr->alpha2,
4951 	       REG_ALPHA2_LEN);
4952 	reg_info->dfs_region = chan_list_event_hdr->dfs_region;
4953 	reg_info->phybitmap = chan_list_event_hdr->phybitmap;
4954 	reg_info->num_phy = chan_list_event_hdr->num_phy;
4955 	reg_info->phy_id = chan_list_event_hdr->phy_id;
4956 	reg_info->ctry_code = chan_list_event_hdr->country_id;
4957 	reg_info->reg_dmn_pair = chan_list_event_hdr->domain_code;
4958 	if (chan_list_event_hdr->status_code == WMI_REG_SET_CC_STATUS_PASS)
4959 		reg_info->status_code = REG_SET_CC_STATUS_PASS;
4960 	else if (chan_list_event_hdr->status_code == WMI_REG_CURRENT_ALPHA2_NOT_FOUND)
4961 		reg_info->status_code = REG_CURRENT_ALPHA2_NOT_FOUND;
4962 	else if (chan_list_event_hdr->status_code == WMI_REG_INIT_ALPHA2_NOT_FOUND)
4963 		reg_info->status_code = REG_INIT_ALPHA2_NOT_FOUND;
4964 	else if (chan_list_event_hdr->status_code == WMI_REG_SET_CC_CHANGE_NOT_ALLOWED)
4965 		reg_info->status_code = REG_SET_CC_CHANGE_NOT_ALLOWED;
4966 	else if (chan_list_event_hdr->status_code == WMI_REG_SET_CC_STATUS_NO_MEMORY)
4967 		reg_info->status_code = REG_SET_CC_STATUS_NO_MEMORY;
4968 	else if (chan_list_event_hdr->status_code == WMI_REG_SET_CC_STATUS_FAIL)
4969 		reg_info->status_code = REG_SET_CC_STATUS_FAIL;
4970 
4971 	reg_info->min_bw_2g = chan_list_event_hdr->min_bw_2g;
4972 	reg_info->max_bw_2g = chan_list_event_hdr->max_bw_2g;
4973 	reg_info->min_bw_5g = chan_list_event_hdr->min_bw_5g;
4974 	reg_info->max_bw_5g = chan_list_event_hdr->max_bw_5g;
4975 
4976 	num_2g_reg_rules = reg_info->num_2g_reg_rules;
4977 	num_5g_reg_rules = reg_info->num_5g_reg_rules;
4978 
4979 	ath11k_dbg(ab, ATH11K_DBG_WMI,
4980 		   "%s:cc %s dsf %d BW: min_2g %d max_2g %d min_5g %d max_5g %d",
4981 		   __func__, reg_info->alpha2, reg_info->dfs_region,
4982 		   reg_info->min_bw_2g, reg_info->max_bw_2g,
4983 		   reg_info->min_bw_5g, reg_info->max_bw_5g);
4984 
4985 	ath11k_dbg(ab, ATH11K_DBG_WMI,
4986 		   "%s: num_2g_reg_rules %d num_5g_reg_rules %d", __func__,
4987 		   num_2g_reg_rules, num_5g_reg_rules);
4988 
4989 	wmi_reg_rule =
4990 		(struct wmi_regulatory_rule_struct *)((u8 *)chan_list_event_hdr
4991 						+ sizeof(*chan_list_event_hdr)
4992 						+ sizeof(struct wmi_tlv));
4993 
4994 	if (num_2g_reg_rules) {
4995 		reg_info->reg_rules_2g_ptr = create_reg_rules_from_wmi(num_2g_reg_rules,
4996 								       wmi_reg_rule);
4997 		if (!reg_info->reg_rules_2g_ptr) {
4998 			kfree(tb);
4999 			ath11k_warn(ab, "Unable to Allocate memory for 2g rules\n");
5000 			return -ENOMEM;
5001 		}
5002 	}
5003 
5004 	if (num_5g_reg_rules) {
5005 		wmi_reg_rule += num_2g_reg_rules;
5006 		reg_info->reg_rules_5g_ptr = create_reg_rules_from_wmi(num_5g_reg_rules,
5007 								       wmi_reg_rule);
5008 		if (!reg_info->reg_rules_5g_ptr) {
5009 			kfree(tb);
5010 			ath11k_warn(ab, "Unable to Allocate memory for 5g rules\n");
5011 			return -ENOMEM;
5012 		}
5013 	}
5014 
5015 	ath11k_dbg(ab, ATH11K_DBG_WMI, "processed regulatory channel list\n");
5016 
5017 	kfree(tb);
5018 	return 0;
5019 }
5020 
5021 static int ath11k_pull_peer_del_resp_ev(struct ath11k_base *ab, struct sk_buff *skb,
5022 					struct wmi_peer_delete_resp_event *peer_del_resp)
5023 {
5024 	const void **tb;
5025 	const struct wmi_peer_delete_resp_event *ev;
5026 	int ret;
5027 
5028 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5029 	if (IS_ERR(tb)) {
5030 		ret = PTR_ERR(tb);
5031 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5032 		return ret;
5033 	}
5034 
5035 	ev = tb[WMI_TAG_PEER_DELETE_RESP_EVENT];
5036 	if (!ev) {
5037 		ath11k_warn(ab, "failed to fetch peer delete resp ev");
5038 		kfree(tb);
5039 		return -EPROTO;
5040 	}
5041 
5042 	memset(peer_del_resp, 0, sizeof(*peer_del_resp));
5043 
5044 	peer_del_resp->vdev_id = ev->vdev_id;
5045 	ether_addr_copy(peer_del_resp->peer_macaddr.addr,
5046 			ev->peer_macaddr.addr);
5047 
5048 	kfree(tb);
5049 	return 0;
5050 }
5051 
5052 static int ath11k_pull_vdev_del_resp_ev(struct ath11k_base *ab,
5053 					struct sk_buff *skb,
5054 					u32 *vdev_id)
5055 {
5056 	const void **tb;
5057 	const struct wmi_vdev_delete_resp_event *ev;
5058 	int ret;
5059 
5060 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5061 	if (IS_ERR(tb)) {
5062 		ret = PTR_ERR(tb);
5063 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5064 		return ret;
5065 	}
5066 
5067 	ev = tb[WMI_TAG_VDEV_DELETE_RESP_EVENT];
5068 	if (!ev) {
5069 		ath11k_warn(ab, "failed to fetch vdev delete resp ev");
5070 		kfree(tb);
5071 		return -EPROTO;
5072 	}
5073 
5074 	*vdev_id = ev->vdev_id;
5075 
5076 	kfree(tb);
5077 	return 0;
5078 }
5079 
5080 static int ath11k_pull_bcn_tx_status_ev(struct ath11k_base *ab, void *evt_buf,
5081 					u32 len, u32 *vdev_id,
5082 					u32 *tx_status)
5083 {
5084 	const void **tb;
5085 	const struct wmi_bcn_tx_status_event *ev;
5086 	int ret;
5087 
5088 	tb = ath11k_wmi_tlv_parse_alloc(ab, evt_buf, len, GFP_ATOMIC);
5089 	if (IS_ERR(tb)) {
5090 		ret = PTR_ERR(tb);
5091 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5092 		return ret;
5093 	}
5094 
5095 	ev = tb[WMI_TAG_OFFLOAD_BCN_TX_STATUS_EVENT];
5096 	if (!ev) {
5097 		ath11k_warn(ab, "failed to fetch bcn tx status ev");
5098 		kfree(tb);
5099 		return -EPROTO;
5100 	}
5101 
5102 	*vdev_id   = ev->vdev_id;
5103 	*tx_status = ev->tx_status;
5104 
5105 	kfree(tb);
5106 	return 0;
5107 }
5108 
5109 static int ath11k_pull_vdev_stopped_param_tlv(struct ath11k_base *ab, struct sk_buff *skb,
5110 					      u32 *vdev_id)
5111 {
5112 	const void **tb;
5113 	const struct wmi_vdev_stopped_event *ev;
5114 	int ret;
5115 
5116 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5117 	if (IS_ERR(tb)) {
5118 		ret = PTR_ERR(tb);
5119 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5120 		return ret;
5121 	}
5122 
5123 	ev = tb[WMI_TAG_VDEV_STOPPED_EVENT];
5124 	if (!ev) {
5125 		ath11k_warn(ab, "failed to fetch vdev stop ev");
5126 		kfree(tb);
5127 		return -EPROTO;
5128 	}
5129 
5130 	*vdev_id =  ev->vdev_id;
5131 
5132 	kfree(tb);
5133 	return 0;
5134 }
5135 
5136 static int ath11k_pull_mgmt_rx_params_tlv(struct ath11k_base *ab,
5137 					  struct sk_buff *skb,
5138 					  struct mgmt_rx_event_params *hdr)
5139 {
5140 	const void **tb;
5141 	const struct wmi_mgmt_rx_hdr *ev;
5142 	const u8 *frame;
5143 	int ret;
5144 
5145 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5146 	if (IS_ERR(tb)) {
5147 		ret = PTR_ERR(tb);
5148 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5149 		return ret;
5150 	}
5151 
5152 	ev = tb[WMI_TAG_MGMT_RX_HDR];
5153 	frame = tb[WMI_TAG_ARRAY_BYTE];
5154 
5155 	if (!ev || !frame) {
5156 		ath11k_warn(ab, "failed to fetch mgmt rx hdr");
5157 		kfree(tb);
5158 		return -EPROTO;
5159 	}
5160 
5161 	hdr->pdev_id =  ev->pdev_id;
5162 	hdr->chan_freq = ev->chan_freq;
5163 	hdr->channel =  ev->channel;
5164 	hdr->snr =  ev->snr;
5165 	hdr->rate =  ev->rate;
5166 	hdr->phy_mode =  ev->phy_mode;
5167 	hdr->buf_len =  ev->buf_len;
5168 	hdr->status =  ev->status;
5169 	hdr->flags =  ev->flags;
5170 	hdr->rssi =  ev->rssi;
5171 	hdr->tsf_delta =  ev->tsf_delta;
5172 	memcpy(hdr->rssi_ctl, ev->rssi_ctl, sizeof(hdr->rssi_ctl));
5173 
5174 	if (skb->len < (frame - skb->data) + hdr->buf_len) {
5175 		ath11k_warn(ab, "invalid length in mgmt rx hdr ev");
5176 		kfree(tb);
5177 		return -EPROTO;
5178 	}
5179 
5180 	/* shift the sk_buff to point to `frame` */
5181 	skb_trim(skb, 0);
5182 	skb_put(skb, frame - skb->data);
5183 	skb_pull(skb, frame - skb->data);
5184 	skb_put(skb, hdr->buf_len);
5185 
5186 	ath11k_ce_byte_swap(skb->data, hdr->buf_len);
5187 
5188 	kfree(tb);
5189 	return 0;
5190 }
5191 
5192 static int wmi_process_mgmt_tx_comp(struct ath11k *ar, u32 desc_id,
5193 				    u32 status)
5194 {
5195 	struct sk_buff *msdu;
5196 	struct ieee80211_tx_info *info;
5197 	struct ath11k_skb_cb *skb_cb;
5198 	int num_mgmt;
5199 
5200 	spin_lock_bh(&ar->txmgmt_idr_lock);
5201 	msdu = idr_find(&ar->txmgmt_idr, desc_id);
5202 
5203 	if (!msdu) {
5204 		ath11k_warn(ar->ab, "received mgmt tx compl for invalid msdu_id: %d\n",
5205 			    desc_id);
5206 		spin_unlock_bh(&ar->txmgmt_idr_lock);
5207 		return -ENOENT;
5208 	}
5209 
5210 	idr_remove(&ar->txmgmt_idr, desc_id);
5211 	spin_unlock_bh(&ar->txmgmt_idr_lock);
5212 
5213 	skb_cb = ATH11K_SKB_CB(msdu);
5214 	dma_unmap_single(ar->ab->dev, skb_cb->paddr, msdu->len, DMA_TO_DEVICE);
5215 
5216 	info = IEEE80211_SKB_CB(msdu);
5217 	if ((!(info->flags & IEEE80211_TX_CTL_NO_ACK)) && !status)
5218 		info->flags |= IEEE80211_TX_STAT_ACK;
5219 
5220 	ieee80211_tx_status_irqsafe(ar->hw, msdu);
5221 
5222 	num_mgmt = atomic_dec_if_positive(&ar->num_pending_mgmt_tx);
5223 
5224 	/* WARN when we received this event without doing any mgmt tx */
5225 	if (num_mgmt < 0)
5226 		WARN_ON_ONCE(1);
5227 
5228 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
5229 		   "wmi mgmt tx comp pending %d desc id %d\n",
5230 		   num_mgmt, desc_id);
5231 
5232 	if (!num_mgmt)
5233 		wake_up(&ar->txmgmt_empty_waitq);
5234 
5235 	return 0;
5236 }
5237 
5238 static int ath11k_pull_mgmt_tx_compl_param_tlv(struct ath11k_base *ab,
5239 					       struct sk_buff *skb,
5240 					       struct wmi_mgmt_tx_compl_event *param)
5241 {
5242 	const void **tb;
5243 	const struct wmi_mgmt_tx_compl_event *ev;
5244 	int ret;
5245 
5246 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5247 	if (IS_ERR(tb)) {
5248 		ret = PTR_ERR(tb);
5249 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5250 		return ret;
5251 	}
5252 
5253 	ev = tb[WMI_TAG_MGMT_TX_COMPL_EVENT];
5254 	if (!ev) {
5255 		ath11k_warn(ab, "failed to fetch mgmt tx compl ev");
5256 		kfree(tb);
5257 		return -EPROTO;
5258 	}
5259 
5260 	param->pdev_id = ev->pdev_id;
5261 	param->desc_id = ev->desc_id;
5262 	param->status = ev->status;
5263 
5264 	kfree(tb);
5265 	return 0;
5266 }
5267 
5268 static void ath11k_wmi_event_scan_started(struct ath11k *ar)
5269 {
5270 	lockdep_assert_held(&ar->data_lock);
5271 
5272 	switch (ar->scan.state) {
5273 	case ATH11K_SCAN_IDLE:
5274 	case ATH11K_SCAN_RUNNING:
5275 	case ATH11K_SCAN_ABORTING:
5276 		ath11k_warn(ar->ab, "received scan started event in an invalid scan state: %s (%d)\n",
5277 			    ath11k_scan_state_str(ar->scan.state),
5278 			    ar->scan.state);
5279 		break;
5280 	case ATH11K_SCAN_STARTING:
5281 		ar->scan.state = ATH11K_SCAN_RUNNING;
5282 		if (ar->scan.is_roc)
5283 			ieee80211_ready_on_channel(ar->hw);
5284 		complete(&ar->scan.started);
5285 		break;
5286 	}
5287 }
5288 
5289 static void ath11k_wmi_event_scan_start_failed(struct ath11k *ar)
5290 {
5291 	lockdep_assert_held(&ar->data_lock);
5292 
5293 	switch (ar->scan.state) {
5294 	case ATH11K_SCAN_IDLE:
5295 	case ATH11K_SCAN_RUNNING:
5296 	case ATH11K_SCAN_ABORTING:
5297 		ath11k_warn(ar->ab, "received scan start failed event in an invalid scan state: %s (%d)\n",
5298 			    ath11k_scan_state_str(ar->scan.state),
5299 			    ar->scan.state);
5300 		break;
5301 	case ATH11K_SCAN_STARTING:
5302 		complete(&ar->scan.started);
5303 		__ath11k_mac_scan_finish(ar);
5304 		break;
5305 	}
5306 }
5307 
5308 static void ath11k_wmi_event_scan_completed(struct ath11k *ar)
5309 {
5310 	lockdep_assert_held(&ar->data_lock);
5311 
5312 	switch (ar->scan.state) {
5313 	case ATH11K_SCAN_IDLE:
5314 	case ATH11K_SCAN_STARTING:
5315 		/* One suspected reason scan can be completed while starting is
5316 		 * if firmware fails to deliver all scan events to the host,
5317 		 * e.g. when transport pipe is full. This has been observed
5318 		 * with spectral scan phyerr events starving wmi transport
5319 		 * pipe. In such case the "scan completed" event should be (and
5320 		 * is) ignored by the host as it may be just firmware's scan
5321 		 * state machine recovering.
5322 		 */
5323 		ath11k_warn(ar->ab, "received scan completed event in an invalid scan state: %s (%d)\n",
5324 			    ath11k_scan_state_str(ar->scan.state),
5325 			    ar->scan.state);
5326 		break;
5327 	case ATH11K_SCAN_RUNNING:
5328 	case ATH11K_SCAN_ABORTING:
5329 		__ath11k_mac_scan_finish(ar);
5330 		break;
5331 	}
5332 }
5333 
5334 static void ath11k_wmi_event_scan_bss_chan(struct ath11k *ar)
5335 {
5336 	lockdep_assert_held(&ar->data_lock);
5337 
5338 	switch (ar->scan.state) {
5339 	case ATH11K_SCAN_IDLE:
5340 	case ATH11K_SCAN_STARTING:
5341 		ath11k_warn(ar->ab, "received scan bss chan event in an invalid scan state: %s (%d)\n",
5342 			    ath11k_scan_state_str(ar->scan.state),
5343 			    ar->scan.state);
5344 		break;
5345 	case ATH11K_SCAN_RUNNING:
5346 	case ATH11K_SCAN_ABORTING:
5347 		ar->scan_channel = NULL;
5348 		break;
5349 	}
5350 }
5351 
5352 static void ath11k_wmi_event_scan_foreign_chan(struct ath11k *ar, u32 freq)
5353 {
5354 	lockdep_assert_held(&ar->data_lock);
5355 
5356 	switch (ar->scan.state) {
5357 	case ATH11K_SCAN_IDLE:
5358 	case ATH11K_SCAN_STARTING:
5359 		ath11k_warn(ar->ab, "received scan foreign chan event in an invalid scan state: %s (%d)\n",
5360 			    ath11k_scan_state_str(ar->scan.state),
5361 			    ar->scan.state);
5362 		break;
5363 	case ATH11K_SCAN_RUNNING:
5364 	case ATH11K_SCAN_ABORTING:
5365 		ar->scan_channel = ieee80211_get_channel(ar->hw->wiphy, freq);
5366 		if (ar->scan.is_roc && ar->scan.roc_freq == freq)
5367 			complete(&ar->scan.on_channel);
5368 		break;
5369 	}
5370 }
5371 
5372 static const char *
5373 ath11k_wmi_event_scan_type_str(enum wmi_scan_event_type type,
5374 			       enum wmi_scan_completion_reason reason)
5375 {
5376 	switch (type) {
5377 	case WMI_SCAN_EVENT_STARTED:
5378 		return "started";
5379 	case WMI_SCAN_EVENT_COMPLETED:
5380 		switch (reason) {
5381 		case WMI_SCAN_REASON_COMPLETED:
5382 			return "completed";
5383 		case WMI_SCAN_REASON_CANCELLED:
5384 			return "completed [cancelled]";
5385 		case WMI_SCAN_REASON_PREEMPTED:
5386 			return "completed [preempted]";
5387 		case WMI_SCAN_REASON_TIMEDOUT:
5388 			return "completed [timedout]";
5389 		case WMI_SCAN_REASON_INTERNAL_FAILURE:
5390 			return "completed [internal err]";
5391 		case WMI_SCAN_REASON_MAX:
5392 			break;
5393 		}
5394 		return "completed [unknown]";
5395 	case WMI_SCAN_EVENT_BSS_CHANNEL:
5396 		return "bss channel";
5397 	case WMI_SCAN_EVENT_FOREIGN_CHAN:
5398 		return "foreign channel";
5399 	case WMI_SCAN_EVENT_DEQUEUED:
5400 		return "dequeued";
5401 	case WMI_SCAN_EVENT_PREEMPTED:
5402 		return "preempted";
5403 	case WMI_SCAN_EVENT_START_FAILED:
5404 		return "start failed";
5405 	case WMI_SCAN_EVENT_RESTARTED:
5406 		return "restarted";
5407 	case WMI_SCAN_EVENT_FOREIGN_CHAN_EXIT:
5408 		return "foreign channel exit";
5409 	default:
5410 		return "unknown";
5411 	}
5412 }
5413 
5414 static int ath11k_pull_scan_ev(struct ath11k_base *ab, struct sk_buff *skb,
5415 			       struct wmi_scan_event *scan_evt_param)
5416 {
5417 	const void **tb;
5418 	const struct wmi_scan_event *ev;
5419 	int ret;
5420 
5421 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5422 	if (IS_ERR(tb)) {
5423 		ret = PTR_ERR(tb);
5424 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5425 		return ret;
5426 	}
5427 
5428 	ev = tb[WMI_TAG_SCAN_EVENT];
5429 	if (!ev) {
5430 		ath11k_warn(ab, "failed to fetch scan ev");
5431 		kfree(tb);
5432 		return -EPROTO;
5433 	}
5434 
5435 	scan_evt_param->event_type = ev->event_type;
5436 	scan_evt_param->reason = ev->reason;
5437 	scan_evt_param->channel_freq = ev->channel_freq;
5438 	scan_evt_param->scan_req_id = ev->scan_req_id;
5439 	scan_evt_param->scan_id = ev->scan_id;
5440 	scan_evt_param->vdev_id = ev->vdev_id;
5441 	scan_evt_param->tsf_timestamp = ev->tsf_timestamp;
5442 
5443 	kfree(tb);
5444 	return 0;
5445 }
5446 
5447 static int ath11k_pull_peer_sta_kickout_ev(struct ath11k_base *ab, struct sk_buff *skb,
5448 					   struct wmi_peer_sta_kickout_arg *arg)
5449 {
5450 	const void **tb;
5451 	const struct wmi_peer_sta_kickout_event *ev;
5452 	int ret;
5453 
5454 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5455 	if (IS_ERR(tb)) {
5456 		ret = PTR_ERR(tb);
5457 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5458 		return ret;
5459 	}
5460 
5461 	ev = tb[WMI_TAG_PEER_STA_KICKOUT_EVENT];
5462 	if (!ev) {
5463 		ath11k_warn(ab, "failed to fetch peer sta kickout ev");
5464 		kfree(tb);
5465 		return -EPROTO;
5466 	}
5467 
5468 	arg->mac_addr = ev->peer_macaddr.addr;
5469 
5470 	kfree(tb);
5471 	return 0;
5472 }
5473 
5474 static int ath11k_pull_roam_ev(struct ath11k_base *ab, struct sk_buff *skb,
5475 			       struct wmi_roam_event *roam_ev)
5476 {
5477 	const void **tb;
5478 	const struct wmi_roam_event *ev;
5479 	int ret;
5480 
5481 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5482 	if (IS_ERR(tb)) {
5483 		ret = PTR_ERR(tb);
5484 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5485 		return ret;
5486 	}
5487 
5488 	ev = tb[WMI_TAG_ROAM_EVENT];
5489 	if (!ev) {
5490 		ath11k_warn(ab, "failed to fetch roam ev");
5491 		kfree(tb);
5492 		return -EPROTO;
5493 	}
5494 
5495 	roam_ev->vdev_id = ev->vdev_id;
5496 	roam_ev->reason = ev->reason;
5497 	roam_ev->rssi = ev->rssi;
5498 
5499 	kfree(tb);
5500 	return 0;
5501 }
5502 
5503 static int freq_to_idx(struct ath11k *ar, int freq)
5504 {
5505 	struct ieee80211_supported_band *sband;
5506 	int band, ch, idx = 0;
5507 
5508 	for (band = NL80211_BAND_2GHZ; band < NUM_NL80211_BANDS; band++) {
5509 		sband = ar->hw->wiphy->bands[band];
5510 		if (!sband)
5511 			continue;
5512 
5513 		for (ch = 0; ch < sband->n_channels; ch++, idx++)
5514 			if (sband->channels[ch].center_freq == freq)
5515 				goto exit;
5516 	}
5517 
5518 exit:
5519 	return idx;
5520 }
5521 
5522 static int ath11k_pull_chan_info_ev(struct ath11k_base *ab, u8 *evt_buf,
5523 				    u32 len, struct wmi_chan_info_event *ch_info_ev)
5524 {
5525 	const void **tb;
5526 	const struct wmi_chan_info_event *ev;
5527 	int ret;
5528 
5529 	tb = ath11k_wmi_tlv_parse_alloc(ab, evt_buf, len, GFP_ATOMIC);
5530 	if (IS_ERR(tb)) {
5531 		ret = PTR_ERR(tb);
5532 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5533 		return ret;
5534 	}
5535 
5536 	ev = tb[WMI_TAG_CHAN_INFO_EVENT];
5537 	if (!ev) {
5538 		ath11k_warn(ab, "failed to fetch chan info ev");
5539 		kfree(tb);
5540 		return -EPROTO;
5541 	}
5542 
5543 	ch_info_ev->err_code = ev->err_code;
5544 	ch_info_ev->freq = ev->freq;
5545 	ch_info_ev->cmd_flags = ev->cmd_flags;
5546 	ch_info_ev->noise_floor = ev->noise_floor;
5547 	ch_info_ev->rx_clear_count = ev->rx_clear_count;
5548 	ch_info_ev->cycle_count = ev->cycle_count;
5549 	ch_info_ev->chan_tx_pwr_range = ev->chan_tx_pwr_range;
5550 	ch_info_ev->chan_tx_pwr_tp = ev->chan_tx_pwr_tp;
5551 	ch_info_ev->rx_frame_count = ev->rx_frame_count;
5552 	ch_info_ev->tx_frame_cnt = ev->tx_frame_cnt;
5553 	ch_info_ev->mac_clk_mhz = ev->mac_clk_mhz;
5554 	ch_info_ev->vdev_id = ev->vdev_id;
5555 
5556 	kfree(tb);
5557 	return 0;
5558 }
5559 
5560 static int
5561 ath11k_pull_pdev_bss_chan_info_ev(struct ath11k_base *ab, struct sk_buff *skb,
5562 				  struct wmi_pdev_bss_chan_info_event *bss_ch_info_ev)
5563 {
5564 	const void **tb;
5565 	const struct wmi_pdev_bss_chan_info_event *ev;
5566 	int ret;
5567 
5568 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5569 	if (IS_ERR(tb)) {
5570 		ret = PTR_ERR(tb);
5571 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5572 		return ret;
5573 	}
5574 
5575 	ev = tb[WMI_TAG_PDEV_BSS_CHAN_INFO_EVENT];
5576 	if (!ev) {
5577 		ath11k_warn(ab, "failed to fetch pdev bss chan info ev");
5578 		kfree(tb);
5579 		return -EPROTO;
5580 	}
5581 
5582 	bss_ch_info_ev->pdev_id = ev->pdev_id;
5583 	bss_ch_info_ev->freq = ev->freq;
5584 	bss_ch_info_ev->noise_floor = ev->noise_floor;
5585 	bss_ch_info_ev->rx_clear_count_low = ev->rx_clear_count_low;
5586 	bss_ch_info_ev->rx_clear_count_high = ev->rx_clear_count_high;
5587 	bss_ch_info_ev->cycle_count_low = ev->cycle_count_low;
5588 	bss_ch_info_ev->cycle_count_high = ev->cycle_count_high;
5589 	bss_ch_info_ev->tx_cycle_count_low = ev->tx_cycle_count_low;
5590 	bss_ch_info_ev->tx_cycle_count_high = ev->tx_cycle_count_high;
5591 	bss_ch_info_ev->rx_cycle_count_low = ev->rx_cycle_count_low;
5592 	bss_ch_info_ev->rx_cycle_count_high = ev->rx_cycle_count_high;
5593 	bss_ch_info_ev->rx_bss_cycle_count_low = ev->rx_bss_cycle_count_low;
5594 	bss_ch_info_ev->rx_bss_cycle_count_high = ev->rx_bss_cycle_count_high;
5595 
5596 	kfree(tb);
5597 	return 0;
5598 }
5599 
5600 static int
5601 ath11k_pull_vdev_install_key_compl_ev(struct ath11k_base *ab, struct sk_buff *skb,
5602 				      struct wmi_vdev_install_key_complete_arg *arg)
5603 {
5604 	const void **tb;
5605 	const struct wmi_vdev_install_key_compl_event *ev;
5606 	int ret;
5607 
5608 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5609 	if (IS_ERR(tb)) {
5610 		ret = PTR_ERR(tb);
5611 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5612 		return ret;
5613 	}
5614 
5615 	ev = tb[WMI_TAG_VDEV_INSTALL_KEY_COMPLETE_EVENT];
5616 	if (!ev) {
5617 		ath11k_warn(ab, "failed to fetch vdev install key compl ev");
5618 		kfree(tb);
5619 		return -EPROTO;
5620 	}
5621 
5622 	arg->vdev_id = ev->vdev_id;
5623 	arg->macaddr = ev->peer_macaddr.addr;
5624 	arg->key_idx = ev->key_idx;
5625 	arg->key_flags = ev->key_flags;
5626 	arg->status = ev->status;
5627 
5628 	kfree(tb);
5629 	return 0;
5630 }
5631 
5632 static int ath11k_pull_peer_assoc_conf_ev(struct ath11k_base *ab, struct sk_buff *skb,
5633 					  struct wmi_peer_assoc_conf_arg *peer_assoc_conf)
5634 {
5635 	const void **tb;
5636 	const struct wmi_peer_assoc_conf_event *ev;
5637 	int ret;
5638 
5639 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5640 	if (IS_ERR(tb)) {
5641 		ret = PTR_ERR(tb);
5642 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5643 		return ret;
5644 	}
5645 
5646 	ev = tb[WMI_TAG_PEER_ASSOC_CONF_EVENT];
5647 	if (!ev) {
5648 		ath11k_warn(ab, "failed to fetch peer assoc conf ev");
5649 		kfree(tb);
5650 		return -EPROTO;
5651 	}
5652 
5653 	peer_assoc_conf->vdev_id = ev->vdev_id;
5654 	peer_assoc_conf->macaddr = ev->peer_macaddr.addr;
5655 
5656 	kfree(tb);
5657 	return 0;
5658 }
5659 
5660 static void ath11k_wmi_pull_pdev_stats_base(const struct wmi_pdev_stats_base *src,
5661 					    struct ath11k_fw_stats_pdev *dst)
5662 {
5663 	dst->ch_noise_floor = src->chan_nf;
5664 	dst->tx_frame_count = src->tx_frame_count;
5665 	dst->rx_frame_count = src->rx_frame_count;
5666 	dst->rx_clear_count = src->rx_clear_count;
5667 	dst->cycle_count = src->cycle_count;
5668 	dst->phy_err_count = src->phy_err_count;
5669 	dst->chan_tx_power = src->chan_tx_pwr;
5670 }
5671 
5672 static void
5673 ath11k_wmi_pull_pdev_stats_tx(const struct wmi_pdev_stats_tx *src,
5674 			      struct ath11k_fw_stats_pdev *dst)
5675 {
5676 	dst->comp_queued = src->comp_queued;
5677 	dst->comp_delivered = src->comp_delivered;
5678 	dst->msdu_enqued = src->msdu_enqued;
5679 	dst->mpdu_enqued = src->mpdu_enqued;
5680 	dst->wmm_drop = src->wmm_drop;
5681 	dst->local_enqued = src->local_enqued;
5682 	dst->local_freed = src->local_freed;
5683 	dst->hw_queued = src->hw_queued;
5684 	dst->hw_reaped = src->hw_reaped;
5685 	dst->underrun = src->underrun;
5686 	dst->hw_paused = src->hw_paused;
5687 	dst->tx_abort = src->tx_abort;
5688 	dst->mpdus_requeued = src->mpdus_requeued;
5689 	dst->tx_ko = src->tx_ko;
5690 	dst->tx_xretry = src->tx_xretry;
5691 	dst->data_rc = src->data_rc;
5692 	dst->self_triggers = src->self_triggers;
5693 	dst->sw_retry_failure = src->sw_retry_failure;
5694 	dst->illgl_rate_phy_err = src->illgl_rate_phy_err;
5695 	dst->pdev_cont_xretry = src->pdev_cont_xretry;
5696 	dst->pdev_tx_timeout = src->pdev_tx_timeout;
5697 	dst->pdev_resets = src->pdev_resets;
5698 	dst->stateless_tid_alloc_failure = src->stateless_tid_alloc_failure;
5699 	dst->phy_underrun = src->phy_underrun;
5700 	dst->txop_ovf = src->txop_ovf;
5701 	dst->seq_posted = src->seq_posted;
5702 	dst->seq_failed_queueing = src->seq_failed_queueing;
5703 	dst->seq_completed = src->seq_completed;
5704 	dst->seq_restarted = src->seq_restarted;
5705 	dst->mu_seq_posted = src->mu_seq_posted;
5706 	dst->mpdus_sw_flush = src->mpdus_sw_flush;
5707 	dst->mpdus_hw_filter = src->mpdus_hw_filter;
5708 	dst->mpdus_truncated = src->mpdus_truncated;
5709 	dst->mpdus_ack_failed = src->mpdus_ack_failed;
5710 	dst->mpdus_expired = src->mpdus_expired;
5711 }
5712 
5713 static void ath11k_wmi_pull_pdev_stats_rx(const struct wmi_pdev_stats_rx *src,
5714 					  struct ath11k_fw_stats_pdev *dst)
5715 {
5716 	dst->mid_ppdu_route_change = src->mid_ppdu_route_change;
5717 	dst->status_rcvd = src->status_rcvd;
5718 	dst->r0_frags = src->r0_frags;
5719 	dst->r1_frags = src->r1_frags;
5720 	dst->r2_frags = src->r2_frags;
5721 	dst->r3_frags = src->r3_frags;
5722 	dst->htt_msdus = src->htt_msdus;
5723 	dst->htt_mpdus = src->htt_mpdus;
5724 	dst->loc_msdus = src->loc_msdus;
5725 	dst->loc_mpdus = src->loc_mpdus;
5726 	dst->oversize_amsdu = src->oversize_amsdu;
5727 	dst->phy_errs = src->phy_errs;
5728 	dst->phy_err_drop = src->phy_err_drop;
5729 	dst->mpdu_errs = src->mpdu_errs;
5730 	dst->rx_ovfl_errs = src->rx_ovfl_errs;
5731 }
5732 
5733 static void
5734 ath11k_wmi_pull_vdev_stats(const struct wmi_vdev_stats *src,
5735 			   struct ath11k_fw_stats_vdev *dst)
5736 {
5737 	int i;
5738 
5739 	dst->vdev_id = src->vdev_id;
5740 	dst->beacon_snr = src->beacon_snr;
5741 	dst->data_snr = src->data_snr;
5742 	dst->num_rx_frames = src->num_rx_frames;
5743 	dst->num_rts_fail = src->num_rts_fail;
5744 	dst->num_rts_success = src->num_rts_success;
5745 	dst->num_rx_err = src->num_rx_err;
5746 	dst->num_rx_discard = src->num_rx_discard;
5747 	dst->num_tx_not_acked = src->num_tx_not_acked;
5748 
5749 	for (i = 0; i < ARRAY_SIZE(src->num_tx_frames); i++)
5750 		dst->num_tx_frames[i] = src->num_tx_frames[i];
5751 
5752 	for (i = 0; i < ARRAY_SIZE(src->num_tx_frames_retries); i++)
5753 		dst->num_tx_frames_retries[i] = src->num_tx_frames_retries[i];
5754 
5755 	for (i = 0; i < ARRAY_SIZE(src->num_tx_frames_failures); i++)
5756 		dst->num_tx_frames_failures[i] = src->num_tx_frames_failures[i];
5757 
5758 	for (i = 0; i < ARRAY_SIZE(src->tx_rate_history); i++)
5759 		dst->tx_rate_history[i] = src->tx_rate_history[i];
5760 
5761 	for (i = 0; i < ARRAY_SIZE(src->beacon_rssi_history); i++)
5762 		dst->beacon_rssi_history[i] = src->beacon_rssi_history[i];
5763 }
5764 
5765 static void
5766 ath11k_wmi_pull_bcn_stats(const struct wmi_bcn_stats *src,
5767 			  struct ath11k_fw_stats_bcn *dst)
5768 {
5769 	dst->vdev_id = src->vdev_id;
5770 	dst->tx_bcn_succ_cnt = src->tx_bcn_succ_cnt;
5771 	dst->tx_bcn_outage_cnt = src->tx_bcn_outage_cnt;
5772 }
5773 
5774 static int ath11k_wmi_tlv_rssi_chain_parse(struct ath11k_base *ab,
5775 					   u16 tag, u16 len,
5776 					   const void *ptr, void *data)
5777 {
5778 	struct wmi_tlv_fw_stats_parse *parse = data;
5779 	const struct wmi_stats_event *ev = parse->ev;
5780 	struct ath11k_fw_stats *stats = parse->stats;
5781 	struct ath11k *ar;
5782 	struct ath11k_vif *arvif;
5783 	struct ieee80211_sta *sta;
5784 	struct ath11k_sta *arsta;
5785 	const struct wmi_rssi_stats *stats_rssi = (const struct wmi_rssi_stats *)ptr;
5786 	int j, ret = 0;
5787 
5788 	if (tag != WMI_TAG_RSSI_STATS)
5789 		return -EPROTO;
5790 
5791 	rcu_read_lock();
5792 
5793 	ar = ath11k_mac_get_ar_by_pdev_id(ab, ev->pdev_id);
5794 	stats->stats_id = WMI_REQUEST_RSSI_PER_CHAIN_STAT;
5795 
5796 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5797 		   "wmi stats vdev id %d mac %pM\n",
5798 		   stats_rssi->vdev_id, stats_rssi->peer_macaddr.addr);
5799 
5800 	arvif = ath11k_mac_get_arvif(ar, stats_rssi->vdev_id);
5801 	if (!arvif) {
5802 		ath11k_warn(ab, "not found vif for vdev id %d\n",
5803 			    stats_rssi->vdev_id);
5804 		ret = -EPROTO;
5805 		goto exit;
5806 	}
5807 
5808 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5809 		   "wmi stats bssid %pM vif %pK\n",
5810 		   arvif->bssid, arvif->vif);
5811 
5812 	sta = ieee80211_find_sta_by_ifaddr(ar->hw,
5813 					   arvif->bssid,
5814 					   NULL);
5815 	if (!sta) {
5816 		ath11k_dbg(ab, ATH11K_DBG_WMI,
5817 			   "not found station of bssid %pM for rssi chain\n",
5818 			   arvif->bssid);
5819 		goto exit;
5820 	}
5821 
5822 	arsta = (struct ath11k_sta *)sta->drv_priv;
5823 
5824 	BUILD_BUG_ON(ARRAY_SIZE(arsta->chain_signal) >
5825 		     ARRAY_SIZE(stats_rssi->rssi_avg_beacon));
5826 
5827 	for (j = 0; j < ARRAY_SIZE(arsta->chain_signal); j++) {
5828 		arsta->chain_signal[j] = stats_rssi->rssi_avg_beacon[j];
5829 		ath11k_dbg(ab, ATH11K_DBG_WMI,
5830 			   "wmi stats beacon rssi[%d] %d data rssi[%d] %d\n",
5831 			   j,
5832 			   stats_rssi->rssi_avg_beacon[j],
5833 			   j,
5834 			   stats_rssi->rssi_avg_data[j]);
5835 	}
5836 
5837 exit:
5838 	rcu_read_unlock();
5839 	return ret;
5840 }
5841 
5842 static int ath11k_wmi_tlv_fw_stats_data_parse(struct ath11k_base *ab,
5843 					      struct wmi_tlv_fw_stats_parse *parse,
5844 					      const void *ptr,
5845 					      u16 len)
5846 {
5847 	struct ath11k_fw_stats *stats = parse->stats;
5848 	const struct wmi_stats_event *ev = parse->ev;
5849 	struct ath11k *ar;
5850 	struct ath11k_vif *arvif;
5851 	struct ieee80211_sta *sta;
5852 	struct ath11k_sta *arsta;
5853 	int i, ret = 0;
5854 	const void *data = ptr;
5855 
5856 	if (!ev) {
5857 		ath11k_warn(ab, "failed to fetch update stats ev");
5858 		return -EPROTO;
5859 	}
5860 
5861 	stats->stats_id = 0;
5862 
5863 	rcu_read_lock();
5864 
5865 	ar = ath11k_mac_get_ar_by_pdev_id(ab, ev->pdev_id);
5866 
5867 	for (i = 0; i < ev->num_pdev_stats; i++) {
5868 		const struct wmi_pdev_stats *src;
5869 		struct ath11k_fw_stats_pdev *dst;
5870 
5871 		src = data;
5872 		if (len < sizeof(*src)) {
5873 			ret = -EPROTO;
5874 			goto exit;
5875 		}
5876 
5877 		stats->stats_id = WMI_REQUEST_PDEV_STAT;
5878 
5879 		data += sizeof(*src);
5880 		len -= sizeof(*src);
5881 
5882 		dst = kzalloc(sizeof(*dst), GFP_ATOMIC);
5883 		if (!dst)
5884 			continue;
5885 
5886 		ath11k_wmi_pull_pdev_stats_base(&src->base, dst);
5887 		ath11k_wmi_pull_pdev_stats_tx(&src->tx, dst);
5888 		ath11k_wmi_pull_pdev_stats_rx(&src->rx, dst);
5889 		list_add_tail(&dst->list, &stats->pdevs);
5890 	}
5891 
5892 	for (i = 0; i < ev->num_vdev_stats; i++) {
5893 		const struct wmi_vdev_stats *src;
5894 		struct ath11k_fw_stats_vdev *dst;
5895 
5896 		src = data;
5897 		if (len < sizeof(*src)) {
5898 			ret = -EPROTO;
5899 			goto exit;
5900 		}
5901 
5902 		stats->stats_id = WMI_REQUEST_VDEV_STAT;
5903 
5904 		arvif = ath11k_mac_get_arvif(ar, src->vdev_id);
5905 		if (arvif) {
5906 			sta = ieee80211_find_sta_by_ifaddr(ar->hw,
5907 							   arvif->bssid,
5908 							   NULL);
5909 			if (sta) {
5910 				arsta = (struct ath11k_sta *)sta->drv_priv;
5911 				arsta->rssi_beacon = src->beacon_snr;
5912 				ath11k_dbg(ab, ATH11K_DBG_WMI,
5913 					   "wmi stats vdev id %d snr %d\n",
5914 					   src->vdev_id, src->beacon_snr);
5915 			} else {
5916 				ath11k_dbg(ab, ATH11K_DBG_WMI,
5917 					   "not found station of bssid %pM for vdev stat\n",
5918 					   arvif->bssid);
5919 			}
5920 		}
5921 
5922 		data += sizeof(*src);
5923 		len -= sizeof(*src);
5924 
5925 		dst = kzalloc(sizeof(*dst), GFP_ATOMIC);
5926 		if (!dst)
5927 			continue;
5928 
5929 		ath11k_wmi_pull_vdev_stats(src, dst);
5930 		list_add_tail(&dst->list, &stats->vdevs);
5931 	}
5932 
5933 	for (i = 0; i < ev->num_bcn_stats; i++) {
5934 		const struct wmi_bcn_stats *src;
5935 		struct ath11k_fw_stats_bcn *dst;
5936 
5937 		src = data;
5938 		if (len < sizeof(*src)) {
5939 			ret = -EPROTO;
5940 			goto exit;
5941 		}
5942 
5943 		stats->stats_id = WMI_REQUEST_BCN_STAT;
5944 
5945 		data += sizeof(*src);
5946 		len -= sizeof(*src);
5947 
5948 		dst = kzalloc(sizeof(*dst), GFP_ATOMIC);
5949 		if (!dst)
5950 			continue;
5951 
5952 		ath11k_wmi_pull_bcn_stats(src, dst);
5953 		list_add_tail(&dst->list, &stats->bcn);
5954 	}
5955 
5956 exit:
5957 	rcu_read_unlock();
5958 	return ret;
5959 }
5960 
5961 static int ath11k_wmi_tlv_fw_stats_parse(struct ath11k_base *ab,
5962 					 u16 tag, u16 len,
5963 					 const void *ptr, void *data)
5964 {
5965 	struct wmi_tlv_fw_stats_parse *parse = data;
5966 	int ret = 0;
5967 
5968 	switch (tag) {
5969 	case WMI_TAG_STATS_EVENT:
5970 		parse->ev = (struct wmi_stats_event *)ptr;
5971 		parse->stats->pdev_id = parse->ev->pdev_id;
5972 		break;
5973 	case WMI_TAG_ARRAY_BYTE:
5974 		ret = ath11k_wmi_tlv_fw_stats_data_parse(ab, parse, ptr, len);
5975 		break;
5976 	case WMI_TAG_PER_CHAIN_RSSI_STATS:
5977 		parse->rssi = (struct wmi_per_chain_rssi_stats *)ptr;
5978 
5979 		if (parse->ev->stats_id & WMI_REQUEST_RSSI_PER_CHAIN_STAT)
5980 			parse->rssi_num = parse->rssi->num_per_chain_rssi_stats;
5981 
5982 		ath11k_dbg(ab, ATH11K_DBG_WMI,
5983 			   "wmi stats id 0x%x num chain %d\n",
5984 			   parse->ev->stats_id,
5985 			   parse->rssi_num);
5986 		break;
5987 	case WMI_TAG_ARRAY_STRUCT:
5988 		if (parse->rssi_num && !parse->chain_rssi_done) {
5989 			ret = ath11k_wmi_tlv_iter(ab, ptr, len,
5990 						  ath11k_wmi_tlv_rssi_chain_parse,
5991 						  parse);
5992 			if (ret) {
5993 				ath11k_warn(ab, "failed to parse rssi chain %d\n",
5994 					    ret);
5995 				return ret;
5996 			}
5997 			parse->chain_rssi_done = true;
5998 		}
5999 		break;
6000 	default:
6001 		break;
6002 	}
6003 	return ret;
6004 }
6005 
6006 int ath11k_wmi_pull_fw_stats(struct ath11k_base *ab, struct sk_buff *skb,
6007 			     struct ath11k_fw_stats *stats)
6008 {
6009 	struct wmi_tlv_fw_stats_parse parse = { };
6010 
6011 	stats->stats_id = 0;
6012 	parse.stats = stats;
6013 
6014 	return ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
6015 				   ath11k_wmi_tlv_fw_stats_parse,
6016 				   &parse);
6017 }
6018 
6019 size_t ath11k_wmi_fw_stats_num_vdevs(struct list_head *head)
6020 {
6021 	struct ath11k_fw_stats_vdev *i;
6022 	size_t num = 0;
6023 
6024 	list_for_each_entry(i, head, list)
6025 		++num;
6026 
6027 	return num;
6028 }
6029 
6030 static size_t ath11k_wmi_fw_stats_num_bcn(struct list_head *head)
6031 {
6032 	struct ath11k_fw_stats_bcn *i;
6033 	size_t num = 0;
6034 
6035 	list_for_each_entry(i, head, list)
6036 		++num;
6037 
6038 	return num;
6039 }
6040 
6041 static void
6042 ath11k_wmi_fw_pdev_base_stats_fill(const struct ath11k_fw_stats_pdev *pdev,
6043 				   char *buf, u32 *length)
6044 {
6045 	u32 len = *length;
6046 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6047 
6048 	len += scnprintf(buf + len, buf_len - len, "\n");
6049 	len += scnprintf(buf + len, buf_len - len, "%30s\n",
6050 			"ath11k PDEV stats");
6051 	len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6052 			"=================");
6053 
6054 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6055 			"Channel noise floor", pdev->ch_noise_floor);
6056 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6057 			"Channel TX power", pdev->chan_tx_power);
6058 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6059 			"TX frame count", pdev->tx_frame_count);
6060 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6061 			"RX frame count", pdev->rx_frame_count);
6062 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6063 			"RX clear count", pdev->rx_clear_count);
6064 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6065 			"Cycle count", pdev->cycle_count);
6066 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6067 			"PHY error count", pdev->phy_err_count);
6068 
6069 	*length = len;
6070 }
6071 
6072 static void
6073 ath11k_wmi_fw_pdev_tx_stats_fill(const struct ath11k_fw_stats_pdev *pdev,
6074 				 char *buf, u32 *length)
6075 {
6076 	u32 len = *length;
6077 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6078 
6079 	len += scnprintf(buf + len, buf_len - len, "\n%30s\n",
6080 			 "ath11k PDEV TX stats");
6081 	len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6082 			 "====================");
6083 
6084 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6085 			 "HTT cookies queued", pdev->comp_queued);
6086 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6087 			 "HTT cookies disp.", pdev->comp_delivered);
6088 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6089 			 "MSDU queued", pdev->msdu_enqued);
6090 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6091 			 "MPDU queued", pdev->mpdu_enqued);
6092 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6093 			 "MSDUs dropped", pdev->wmm_drop);
6094 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6095 			 "Local enqued", pdev->local_enqued);
6096 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6097 			 "Local freed", pdev->local_freed);
6098 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6099 			 "HW queued", pdev->hw_queued);
6100 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6101 			 "PPDUs reaped", pdev->hw_reaped);
6102 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6103 			 "Num underruns", pdev->underrun);
6104 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6105 			 "Num HW Paused", pdev->hw_paused);
6106 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6107 			 "PPDUs cleaned", pdev->tx_abort);
6108 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6109 			 "MPDUs requeued", pdev->mpdus_requeued);
6110 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6111 			 "PPDU OK", pdev->tx_ko);
6112 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6113 			 "Excessive retries", pdev->tx_xretry);
6114 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6115 			 "HW rate", pdev->data_rc);
6116 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6117 			 "Sched self triggers", pdev->self_triggers);
6118 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6119 			 "Dropped due to SW retries",
6120 			 pdev->sw_retry_failure);
6121 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6122 			 "Illegal rate phy errors",
6123 			 pdev->illgl_rate_phy_err);
6124 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6125 			 "PDEV continuous xretry", pdev->pdev_cont_xretry);
6126 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6127 			 "TX timeout", pdev->pdev_tx_timeout);
6128 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6129 			 "PDEV resets", pdev->pdev_resets);
6130 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6131 			 "Stateless TIDs alloc failures",
6132 			 pdev->stateless_tid_alloc_failure);
6133 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6134 			 "PHY underrun", pdev->phy_underrun);
6135 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6136 			 "MPDU is more than txop limit", pdev->txop_ovf);
6137 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6138 			 "Num sequences posted", pdev->seq_posted);
6139 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6140 			 "Num seq failed queueing ", pdev->seq_failed_queueing);
6141 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6142 			 "Num sequences completed ", pdev->seq_completed);
6143 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6144 			 "Num sequences restarted ", pdev->seq_restarted);
6145 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6146 			 "Num of MU sequences posted ", pdev->mu_seq_posted);
6147 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6148 			 "Num of MPDUS SW flushed ", pdev->mpdus_sw_flush);
6149 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6150 			 "Num of MPDUS HW filtered ", pdev->mpdus_hw_filter);
6151 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6152 			 "Num of MPDUS truncated ", pdev->mpdus_truncated);
6153 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6154 			 "Num of MPDUS ACK failed ", pdev->mpdus_ack_failed);
6155 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6156 			 "Num of MPDUS expired ", pdev->mpdus_expired);
6157 	*length = len;
6158 }
6159 
6160 static void
6161 ath11k_wmi_fw_pdev_rx_stats_fill(const struct ath11k_fw_stats_pdev *pdev,
6162 				 char *buf, u32 *length)
6163 {
6164 	u32 len = *length;
6165 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6166 
6167 	len += scnprintf(buf + len, buf_len - len, "\n%30s\n",
6168 			 "ath11k PDEV RX stats");
6169 	len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6170 			 "====================");
6171 
6172 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6173 			 "Mid PPDU route change",
6174 			 pdev->mid_ppdu_route_change);
6175 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6176 			 "Tot. number of statuses", pdev->status_rcvd);
6177 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6178 			 "Extra frags on rings 0", pdev->r0_frags);
6179 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6180 			 "Extra frags on rings 1", pdev->r1_frags);
6181 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6182 			 "Extra frags on rings 2", pdev->r2_frags);
6183 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6184 			 "Extra frags on rings 3", pdev->r3_frags);
6185 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6186 			 "MSDUs delivered to HTT", pdev->htt_msdus);
6187 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6188 			 "MPDUs delivered to HTT", pdev->htt_mpdus);
6189 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6190 			 "MSDUs delivered to stack", pdev->loc_msdus);
6191 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6192 			 "MPDUs delivered to stack", pdev->loc_mpdus);
6193 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6194 			 "Oversized AMSUs", pdev->oversize_amsdu);
6195 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6196 			 "PHY errors", pdev->phy_errs);
6197 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6198 			 "PHY errors drops", pdev->phy_err_drop);
6199 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6200 			 "MPDU errors (FCS, MIC, ENC)", pdev->mpdu_errs);
6201 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6202 			 "Overflow errors", pdev->rx_ovfl_errs);
6203 	*length = len;
6204 }
6205 
6206 static void
6207 ath11k_wmi_fw_vdev_stats_fill(struct ath11k *ar,
6208 			      const struct ath11k_fw_stats_vdev *vdev,
6209 			      char *buf, u32 *length)
6210 {
6211 	u32 len = *length;
6212 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6213 	struct ath11k_vif *arvif = ath11k_mac_get_arvif(ar, vdev->vdev_id);
6214 	u8 *vif_macaddr;
6215 	int i;
6216 
6217 	/* VDEV stats has all the active VDEVs of other PDEVs as well,
6218 	 * ignoring those not part of requested PDEV
6219 	 */
6220 	if (!arvif)
6221 		return;
6222 
6223 	vif_macaddr = arvif->vif->addr;
6224 
6225 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6226 			 "VDEV ID", vdev->vdev_id);
6227 	len += scnprintf(buf + len, buf_len - len, "%30s %pM\n",
6228 			 "VDEV MAC address", vif_macaddr);
6229 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6230 			 "beacon snr", vdev->beacon_snr);
6231 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6232 			 "data snr", vdev->data_snr);
6233 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6234 			 "num rx frames", vdev->num_rx_frames);
6235 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6236 			 "num rts fail", vdev->num_rts_fail);
6237 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6238 			 "num rts success", vdev->num_rts_success);
6239 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6240 			 "num rx err", vdev->num_rx_err);
6241 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6242 			 "num rx discard", vdev->num_rx_discard);
6243 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6244 			 "num tx not acked", vdev->num_tx_not_acked);
6245 
6246 	for (i = 0 ; i < ARRAY_SIZE(vdev->num_tx_frames); i++)
6247 		len += scnprintf(buf + len, buf_len - len,
6248 				"%25s [%02d] %u\n",
6249 				"num tx frames", i,
6250 				vdev->num_tx_frames[i]);
6251 
6252 	for (i = 0 ; i < ARRAY_SIZE(vdev->num_tx_frames_retries); i++)
6253 		len += scnprintf(buf + len, buf_len - len,
6254 				"%25s [%02d] %u\n",
6255 				"num tx frames retries", i,
6256 				vdev->num_tx_frames_retries[i]);
6257 
6258 	for (i = 0 ; i < ARRAY_SIZE(vdev->num_tx_frames_failures); i++)
6259 		len += scnprintf(buf + len, buf_len - len,
6260 				"%25s [%02d] %u\n",
6261 				"num tx frames failures", i,
6262 				vdev->num_tx_frames_failures[i]);
6263 
6264 	for (i = 0 ; i < ARRAY_SIZE(vdev->tx_rate_history); i++)
6265 		len += scnprintf(buf + len, buf_len - len,
6266 				"%25s [%02d] 0x%08x\n",
6267 				"tx rate history", i,
6268 				vdev->tx_rate_history[i]);
6269 
6270 	for (i = 0 ; i < ARRAY_SIZE(vdev->beacon_rssi_history); i++)
6271 		len += scnprintf(buf + len, buf_len - len,
6272 				"%25s [%02d] %u\n",
6273 				"beacon rssi history", i,
6274 				vdev->beacon_rssi_history[i]);
6275 
6276 	len += scnprintf(buf + len, buf_len - len, "\n");
6277 	*length = len;
6278 }
6279 
6280 static void
6281 ath11k_wmi_fw_bcn_stats_fill(struct ath11k *ar,
6282 			     const struct ath11k_fw_stats_bcn *bcn,
6283 			     char *buf, u32 *length)
6284 {
6285 	u32 len = *length;
6286 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6287 	struct ath11k_vif *arvif = ath11k_mac_get_arvif(ar, bcn->vdev_id);
6288 	u8 *vdev_macaddr;
6289 
6290 	if (!arvif) {
6291 		ath11k_warn(ar->ab, "invalid vdev id %d in bcn stats",
6292 			    bcn->vdev_id);
6293 		return;
6294 	}
6295 
6296 	vdev_macaddr = arvif->vif->addr;
6297 
6298 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6299 			 "VDEV ID", bcn->vdev_id);
6300 	len += scnprintf(buf + len, buf_len - len, "%30s %pM\n",
6301 			 "VDEV MAC address", vdev_macaddr);
6302 	len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6303 			 "================");
6304 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6305 			 "Num of beacon tx success", bcn->tx_bcn_succ_cnt);
6306 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6307 			 "Num of beacon tx failures", bcn->tx_bcn_outage_cnt);
6308 
6309 	len += scnprintf(buf + len, buf_len - len, "\n");
6310 	*length = len;
6311 }
6312 
6313 void ath11k_wmi_fw_stats_fill(struct ath11k *ar,
6314 			      struct ath11k_fw_stats *fw_stats,
6315 			      u32 stats_id, char *buf)
6316 {
6317 	u32 len = 0;
6318 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6319 	const struct ath11k_fw_stats_pdev *pdev;
6320 	const struct ath11k_fw_stats_vdev *vdev;
6321 	const struct ath11k_fw_stats_bcn *bcn;
6322 	size_t num_bcn;
6323 
6324 	spin_lock_bh(&ar->data_lock);
6325 
6326 	if (stats_id == WMI_REQUEST_PDEV_STAT) {
6327 		pdev = list_first_entry_or_null(&fw_stats->pdevs,
6328 						struct ath11k_fw_stats_pdev, list);
6329 		if (!pdev) {
6330 			ath11k_warn(ar->ab, "failed to get pdev stats\n");
6331 			goto unlock;
6332 		}
6333 
6334 		ath11k_wmi_fw_pdev_base_stats_fill(pdev, buf, &len);
6335 		ath11k_wmi_fw_pdev_tx_stats_fill(pdev, buf, &len);
6336 		ath11k_wmi_fw_pdev_rx_stats_fill(pdev, buf, &len);
6337 	}
6338 
6339 	if (stats_id == WMI_REQUEST_VDEV_STAT) {
6340 		len += scnprintf(buf + len, buf_len - len, "\n");
6341 		len += scnprintf(buf + len, buf_len - len, "%30s\n",
6342 				 "ath11k VDEV stats");
6343 		len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6344 				 "=================");
6345 
6346 		list_for_each_entry(vdev, &fw_stats->vdevs, list)
6347 			ath11k_wmi_fw_vdev_stats_fill(ar, vdev, buf, &len);
6348 	}
6349 
6350 	if (stats_id == WMI_REQUEST_BCN_STAT) {
6351 		num_bcn = ath11k_wmi_fw_stats_num_bcn(&fw_stats->bcn);
6352 
6353 		len += scnprintf(buf + len, buf_len - len, "\n");
6354 		len += scnprintf(buf + len, buf_len - len, "%30s (%zu)\n",
6355 				 "ath11k Beacon stats", num_bcn);
6356 		len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6357 				 "===================");
6358 
6359 		list_for_each_entry(bcn, &fw_stats->bcn, list)
6360 			ath11k_wmi_fw_bcn_stats_fill(ar, bcn, buf, &len);
6361 	}
6362 
6363 unlock:
6364 	spin_unlock_bh(&ar->data_lock);
6365 
6366 	if (len >= buf_len)
6367 		buf[len - 1] = 0;
6368 	else
6369 		buf[len] = 0;
6370 }
6371 
6372 static void ath11k_wmi_op_ep_tx_credits(struct ath11k_base *ab)
6373 {
6374 	/* try to send pending beacons first. they take priority */
6375 	wake_up(&ab->wmi_ab.tx_credits_wq);
6376 }
6377 
6378 static int ath11k_reg_11d_new_cc_event(struct ath11k_base *ab, struct sk_buff *skb)
6379 {
6380 	const struct wmi_11d_new_cc_ev *ev;
6381 	struct ath11k *ar;
6382 	struct ath11k_pdev *pdev;
6383 	const void **tb;
6384 	int ret, i;
6385 
6386 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6387 	if (IS_ERR(tb)) {
6388 		ret = PTR_ERR(tb);
6389 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
6390 		return ret;
6391 	}
6392 
6393 	ev = tb[WMI_TAG_11D_NEW_COUNTRY_EVENT];
6394 	if (!ev) {
6395 		kfree(tb);
6396 		ath11k_warn(ab, "failed to fetch 11d new cc ev");
6397 		return -EPROTO;
6398 	}
6399 
6400 	spin_lock_bh(&ab->base_lock);
6401 	memcpy(&ab->new_alpha2, &ev->new_alpha2, 2);
6402 	spin_unlock_bh(&ab->base_lock);
6403 
6404 	ath11k_dbg(ab, ATH11K_DBG_WMI, "wmi 11d new cc %c%c\n",
6405 		   ab->new_alpha2[0],
6406 		   ab->new_alpha2[1]);
6407 
6408 	kfree(tb);
6409 
6410 	for (i = 0; i < ab->num_radios; i++) {
6411 		pdev = &ab->pdevs[i];
6412 		ar = pdev->ar;
6413 		ar->state_11d = ATH11K_11D_IDLE;
6414 		complete(&ar->completed_11d_scan);
6415 	}
6416 
6417 	queue_work(ab->workqueue, &ab->update_11d_work);
6418 
6419 	return 0;
6420 }
6421 
6422 static void ath11k_wmi_htc_tx_complete(struct ath11k_base *ab,
6423 				       struct sk_buff *skb)
6424 {
6425 	struct ath11k_pdev_wmi *wmi = NULL;
6426 	u32 i;
6427 	u8 wmi_ep_count;
6428 	u8 eid;
6429 
6430 	eid = ATH11K_SKB_CB(skb)->eid;
6431 	dev_kfree_skb(skb);
6432 
6433 	if (eid >= ATH11K_HTC_EP_COUNT)
6434 		return;
6435 
6436 	wmi_ep_count = ab->htc.wmi_ep_count;
6437 	if (wmi_ep_count > ab->hw_params.max_radios)
6438 		return;
6439 
6440 	for (i = 0; i < ab->htc.wmi_ep_count; i++) {
6441 		if (ab->wmi_ab.wmi[i].eid == eid) {
6442 			wmi = &ab->wmi_ab.wmi[i];
6443 			break;
6444 		}
6445 	}
6446 
6447 	if (wmi)
6448 		wake_up(&wmi->tx_ce_desc_wq);
6449 }
6450 
6451 static bool ath11k_reg_is_world_alpha(char *alpha)
6452 {
6453 	if (alpha[0] == '0' && alpha[1] == '0')
6454 		return true;
6455 
6456 	if (alpha[0] == 'n' && alpha[1] == 'a')
6457 		return true;
6458 
6459 	return false;
6460 }
6461 
6462 static int ath11k_reg_chan_list_event(struct ath11k_base *ab, struct sk_buff *skb)
6463 {
6464 	struct cur_regulatory_info *reg_info = NULL;
6465 	struct ieee80211_regdomain *regd = NULL;
6466 	bool intersect = false;
6467 	int ret = 0, pdev_idx;
6468 	struct ath11k *ar;
6469 
6470 	reg_info = kzalloc(sizeof(*reg_info), GFP_ATOMIC);
6471 	if (!reg_info) {
6472 		ret = -ENOMEM;
6473 		goto fallback;
6474 	}
6475 
6476 	ret = ath11k_pull_reg_chan_list_update_ev(ab, skb, reg_info);
6477 	if (ret) {
6478 		ath11k_warn(ab, "failed to extract regulatory info from received event\n");
6479 		goto fallback;
6480 	}
6481 
6482 	if (reg_info->status_code != REG_SET_CC_STATUS_PASS) {
6483 		/* In case of failure to set the requested ctry,
6484 		 * fw retains the current regd. We print a failure info
6485 		 * and return from here.
6486 		 */
6487 		ath11k_warn(ab, "Failed to set the requested Country regulatory setting\n");
6488 		goto mem_free;
6489 	}
6490 
6491 	pdev_idx = reg_info->phy_id;
6492 
6493 	/* Avoid default reg rule updates sent during FW recovery if
6494 	 * it is already available
6495 	 */
6496 	spin_lock(&ab->base_lock);
6497 	if (test_bit(ATH11K_FLAG_RECOVERY, &ab->dev_flags) &&
6498 	    ab->default_regd[pdev_idx]) {
6499 		spin_unlock(&ab->base_lock);
6500 		goto mem_free;
6501 	}
6502 	spin_unlock(&ab->base_lock);
6503 
6504 	if (pdev_idx >= ab->num_radios) {
6505 		/* Process the event for phy0 only if single_pdev_only
6506 		 * is true. If pdev_idx is valid but not 0, discard the
6507 		 * event. Otherwise, it goes to fallback.
6508 		 */
6509 		if (ab->hw_params.single_pdev_only &&
6510 		    pdev_idx < ab->hw_params.num_rxmda_per_pdev)
6511 			goto mem_free;
6512 		else
6513 			goto fallback;
6514 	}
6515 
6516 	/* Avoid multiple overwrites to default regd, during core
6517 	 * stop-start after mac registration.
6518 	 */
6519 	if (ab->default_regd[pdev_idx] && !ab->new_regd[pdev_idx] &&
6520 	    !memcmp((char *)ab->default_regd[pdev_idx]->alpha2,
6521 		    (char *)reg_info->alpha2, 2))
6522 		goto mem_free;
6523 
6524 	/* Intersect new rules with default regd if a new country setting was
6525 	 * requested, i.e a default regd was already set during initialization
6526 	 * and the regd coming from this event has a valid country info.
6527 	 */
6528 	if (ab->default_regd[pdev_idx] &&
6529 	    !ath11k_reg_is_world_alpha((char *)
6530 		ab->default_regd[pdev_idx]->alpha2) &&
6531 	    !ath11k_reg_is_world_alpha((char *)reg_info->alpha2))
6532 		intersect = true;
6533 
6534 	regd = ath11k_reg_build_regd(ab, reg_info, intersect);
6535 	if (!regd) {
6536 		ath11k_warn(ab, "failed to build regd from reg_info\n");
6537 		goto fallback;
6538 	}
6539 
6540 	spin_lock(&ab->base_lock);
6541 	if (ab->default_regd[pdev_idx]) {
6542 		/* The initial rules from FW after WMI Init is to build
6543 		 * the default regd. From then on, any rules updated for
6544 		 * the pdev could be due to user reg changes.
6545 		 * Free previously built regd before assigning the newly
6546 		 * generated regd to ar. NULL pointer handling will be
6547 		 * taken care by kfree itself.
6548 		 */
6549 		ar = ab->pdevs[pdev_idx].ar;
6550 		kfree(ab->new_regd[pdev_idx]);
6551 		ab->new_regd[pdev_idx] = regd;
6552 		queue_work(ab->workqueue, &ar->regd_update_work);
6553 	} else {
6554 		/* This regd would be applied during mac registration and is
6555 		 * held constant throughout for regd intersection purpose
6556 		 */
6557 		ab->default_regd[pdev_idx] = regd;
6558 	}
6559 	ab->dfs_region = reg_info->dfs_region;
6560 	spin_unlock(&ab->base_lock);
6561 
6562 	goto mem_free;
6563 
6564 fallback:
6565 	/* Fallback to older reg (by sending previous country setting
6566 	 * again if fw has succeded and we failed to process here.
6567 	 * The Regdomain should be uniform across driver and fw. Since the
6568 	 * FW has processed the command and sent a success status, we expect
6569 	 * this function to succeed as well. If it doesn't, CTRY needs to be
6570 	 * reverted at the fw and the old SCAN_CHAN_LIST cmd needs to be sent.
6571 	 */
6572 	/* TODO: This is rare, but still should also be handled */
6573 	WARN_ON(1);
6574 mem_free:
6575 	if (reg_info) {
6576 		kfree(reg_info->reg_rules_2g_ptr);
6577 		kfree(reg_info->reg_rules_5g_ptr);
6578 		kfree(reg_info);
6579 	}
6580 	return ret;
6581 }
6582 
6583 static int ath11k_wmi_tlv_rdy_parse(struct ath11k_base *ab, u16 tag, u16 len,
6584 				    const void *ptr, void *data)
6585 {
6586 	struct wmi_tlv_rdy_parse *rdy_parse = data;
6587 	struct wmi_ready_event fixed_param;
6588 	struct wmi_mac_addr *addr_list;
6589 	struct ath11k_pdev *pdev;
6590 	u32 num_mac_addr;
6591 	int i;
6592 
6593 	switch (tag) {
6594 	case WMI_TAG_READY_EVENT:
6595 		memset(&fixed_param, 0, sizeof(fixed_param));
6596 		memcpy(&fixed_param, (struct wmi_ready_event *)ptr,
6597 		       min_t(u16, sizeof(fixed_param), len));
6598 		ab->wlan_init_status = fixed_param.ready_event_min.status;
6599 		rdy_parse->num_extra_mac_addr =
6600 			fixed_param.ready_event_min.num_extra_mac_addr;
6601 
6602 		ether_addr_copy(ab->mac_addr,
6603 				fixed_param.ready_event_min.mac_addr.addr);
6604 		ab->pktlog_defs_checksum = fixed_param.pktlog_defs_checksum;
6605 		ab->wmi_ready = true;
6606 		break;
6607 	case WMI_TAG_ARRAY_FIXED_STRUCT:
6608 		addr_list = (struct wmi_mac_addr *)ptr;
6609 		num_mac_addr = rdy_parse->num_extra_mac_addr;
6610 
6611 		if (!(ab->num_radios > 1 && num_mac_addr >= ab->num_radios))
6612 			break;
6613 
6614 		for (i = 0; i < ab->num_radios; i++) {
6615 			pdev = &ab->pdevs[i];
6616 			ether_addr_copy(pdev->mac_addr, addr_list[i].addr);
6617 		}
6618 		ab->pdevs_macaddr_valid = true;
6619 		break;
6620 	default:
6621 		break;
6622 	}
6623 
6624 	return 0;
6625 }
6626 
6627 static int ath11k_ready_event(struct ath11k_base *ab, struct sk_buff *skb)
6628 {
6629 	struct wmi_tlv_rdy_parse rdy_parse = { };
6630 	int ret;
6631 
6632 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
6633 				  ath11k_wmi_tlv_rdy_parse, &rdy_parse);
6634 	if (ret) {
6635 		ath11k_warn(ab, "failed to parse tlv %d\n", ret);
6636 		return ret;
6637 	}
6638 
6639 	complete(&ab->wmi_ab.unified_ready);
6640 	return 0;
6641 }
6642 
6643 static void ath11k_peer_delete_resp_event(struct ath11k_base *ab, struct sk_buff *skb)
6644 {
6645 	struct wmi_peer_delete_resp_event peer_del_resp;
6646 	struct ath11k *ar;
6647 
6648 	if (ath11k_pull_peer_del_resp_ev(ab, skb, &peer_del_resp) != 0) {
6649 		ath11k_warn(ab, "failed to extract peer delete resp");
6650 		return;
6651 	}
6652 
6653 	rcu_read_lock();
6654 	ar = ath11k_mac_get_ar_by_vdev_id(ab, peer_del_resp.vdev_id);
6655 	if (!ar) {
6656 		ath11k_warn(ab, "invalid vdev id in peer delete resp ev %d",
6657 			    peer_del_resp.vdev_id);
6658 		rcu_read_unlock();
6659 		return;
6660 	}
6661 
6662 	complete(&ar->peer_delete_done);
6663 	rcu_read_unlock();
6664 	ath11k_dbg(ab, ATH11K_DBG_WMI, "peer delete resp for vdev id %d addr %pM\n",
6665 		   peer_del_resp.vdev_id, peer_del_resp.peer_macaddr.addr);
6666 }
6667 
6668 static void ath11k_vdev_delete_resp_event(struct ath11k_base *ab,
6669 					  struct sk_buff *skb)
6670 {
6671 	struct ath11k *ar;
6672 	u32 vdev_id = 0;
6673 
6674 	if (ath11k_pull_vdev_del_resp_ev(ab, skb, &vdev_id) != 0) {
6675 		ath11k_warn(ab, "failed to extract vdev delete resp");
6676 		return;
6677 	}
6678 
6679 	rcu_read_lock();
6680 	ar = ath11k_mac_get_ar_by_vdev_id(ab, vdev_id);
6681 	if (!ar) {
6682 		ath11k_warn(ab, "invalid vdev id in vdev delete resp ev %d",
6683 			    vdev_id);
6684 		rcu_read_unlock();
6685 		return;
6686 	}
6687 
6688 	complete(&ar->vdev_delete_done);
6689 
6690 	rcu_read_unlock();
6691 
6692 	ath11k_dbg(ab, ATH11K_DBG_WMI, "vdev delete resp for vdev id %d\n",
6693 		   vdev_id);
6694 }
6695 
6696 static inline const char *ath11k_wmi_vdev_resp_print(u32 vdev_resp_status)
6697 {
6698 	switch (vdev_resp_status) {
6699 	case WMI_VDEV_START_RESPONSE_INVALID_VDEVID:
6700 		return "invalid vdev id";
6701 	case WMI_VDEV_START_RESPONSE_NOT_SUPPORTED:
6702 		return "not supported";
6703 	case WMI_VDEV_START_RESPONSE_DFS_VIOLATION:
6704 		return "dfs violation";
6705 	case WMI_VDEV_START_RESPONSE_INVALID_REGDOMAIN:
6706 		return "invalid regdomain";
6707 	default:
6708 		return "unknown";
6709 	}
6710 }
6711 
6712 static void ath11k_vdev_start_resp_event(struct ath11k_base *ab, struct sk_buff *skb)
6713 {
6714 	struct wmi_vdev_start_resp_event vdev_start_resp;
6715 	struct ath11k *ar;
6716 	u32 status;
6717 
6718 	if (ath11k_pull_vdev_start_resp_tlv(ab, skb, &vdev_start_resp) != 0) {
6719 		ath11k_warn(ab, "failed to extract vdev start resp");
6720 		return;
6721 	}
6722 
6723 	rcu_read_lock();
6724 	ar = ath11k_mac_get_ar_by_vdev_id(ab, vdev_start_resp.vdev_id);
6725 	if (!ar) {
6726 		ath11k_warn(ab, "invalid vdev id in vdev start resp ev %d",
6727 			    vdev_start_resp.vdev_id);
6728 		rcu_read_unlock();
6729 		return;
6730 	}
6731 
6732 	ar->last_wmi_vdev_start_status = 0;
6733 
6734 	status = vdev_start_resp.status;
6735 
6736 	if (WARN_ON_ONCE(status)) {
6737 		ath11k_warn(ab, "vdev start resp error status %d (%s)\n",
6738 			    status, ath11k_wmi_vdev_resp_print(status));
6739 		ar->last_wmi_vdev_start_status = status;
6740 	}
6741 
6742 	complete(&ar->vdev_setup_done);
6743 
6744 	rcu_read_unlock();
6745 
6746 	ath11k_dbg(ab, ATH11K_DBG_WMI, "vdev start resp for vdev id %d",
6747 		   vdev_start_resp.vdev_id);
6748 }
6749 
6750 static void ath11k_bcn_tx_status_event(struct ath11k_base *ab, struct sk_buff *skb)
6751 {
6752 	struct ath11k_vif *arvif;
6753 	u32 vdev_id, tx_status;
6754 
6755 	if (ath11k_pull_bcn_tx_status_ev(ab, skb->data, skb->len,
6756 					 &vdev_id, &tx_status) != 0) {
6757 		ath11k_warn(ab, "failed to extract bcn tx status");
6758 		return;
6759 	}
6760 
6761 	rcu_read_lock();
6762 	arvif = ath11k_mac_get_arvif_by_vdev_id(ab, vdev_id);
6763 	if (!arvif) {
6764 		ath11k_warn(ab, "invalid vdev id %d in bcn_tx_status",
6765 			    vdev_id);
6766 		rcu_read_unlock();
6767 		return;
6768 	}
6769 	ath11k_mac_bcn_tx_event(arvif);
6770 	rcu_read_unlock();
6771 }
6772 
6773 static void ath11k_vdev_stopped_event(struct ath11k_base *ab, struct sk_buff *skb)
6774 {
6775 	struct ath11k *ar;
6776 	u32 vdev_id = 0;
6777 
6778 	if (ath11k_pull_vdev_stopped_param_tlv(ab, skb, &vdev_id) != 0) {
6779 		ath11k_warn(ab, "failed to extract vdev stopped event");
6780 		return;
6781 	}
6782 
6783 	rcu_read_lock();
6784 	ar = ath11k_mac_get_ar_by_vdev_id(ab, vdev_id);
6785 	if (!ar) {
6786 		ath11k_warn(ab, "invalid vdev id in vdev stopped ev %d",
6787 			    vdev_id);
6788 		rcu_read_unlock();
6789 		return;
6790 	}
6791 
6792 	complete(&ar->vdev_setup_done);
6793 
6794 	rcu_read_unlock();
6795 
6796 	ath11k_dbg(ab, ATH11K_DBG_WMI, "vdev stopped for vdev id %d", vdev_id);
6797 }
6798 
6799 static void ath11k_mgmt_rx_event(struct ath11k_base *ab, struct sk_buff *skb)
6800 {
6801 	struct mgmt_rx_event_params rx_ev = {0};
6802 	struct ath11k *ar;
6803 	struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
6804 	struct ieee80211_hdr *hdr;
6805 	u16 fc;
6806 	struct ieee80211_supported_band *sband;
6807 
6808 	if (ath11k_pull_mgmt_rx_params_tlv(ab, skb, &rx_ev) != 0) {
6809 		ath11k_warn(ab, "failed to extract mgmt rx event");
6810 		dev_kfree_skb(skb);
6811 		return;
6812 	}
6813 
6814 	memset(status, 0, sizeof(*status));
6815 
6816 	ath11k_dbg(ab, ATH11K_DBG_MGMT, "mgmt rx event status %08x\n",
6817 		   rx_ev.status);
6818 
6819 	rcu_read_lock();
6820 	ar = ath11k_mac_get_ar_by_pdev_id(ab, rx_ev.pdev_id);
6821 
6822 	if (!ar) {
6823 		ath11k_warn(ab, "invalid pdev_id %d in mgmt_rx_event\n",
6824 			    rx_ev.pdev_id);
6825 		dev_kfree_skb(skb);
6826 		goto exit;
6827 	}
6828 
6829 	if ((test_bit(ATH11K_CAC_RUNNING, &ar->dev_flags)) ||
6830 	    (rx_ev.status & (WMI_RX_STATUS_ERR_DECRYPT |
6831 	    WMI_RX_STATUS_ERR_KEY_CACHE_MISS | WMI_RX_STATUS_ERR_CRC))) {
6832 		dev_kfree_skb(skb);
6833 		goto exit;
6834 	}
6835 
6836 	if (rx_ev.status & WMI_RX_STATUS_ERR_MIC)
6837 		status->flag |= RX_FLAG_MMIC_ERROR;
6838 
6839 	if (rx_ev.chan_freq >= ATH11K_MIN_6G_FREQ &&
6840 	    rx_ev.chan_freq <= ATH11K_MAX_6G_FREQ) {
6841 		status->band = NL80211_BAND_6GHZ;
6842 		status->freq = rx_ev.chan_freq;
6843 	} else if (rx_ev.channel >= 1 && rx_ev.channel <= 14) {
6844 		status->band = NL80211_BAND_2GHZ;
6845 	} else if (rx_ev.channel >= 36 && rx_ev.channel <= ATH11K_MAX_5G_CHAN) {
6846 		status->band = NL80211_BAND_5GHZ;
6847 	} else {
6848 		/* Shouldn't happen unless list of advertised channels to
6849 		 * mac80211 has been changed.
6850 		 */
6851 		WARN_ON_ONCE(1);
6852 		dev_kfree_skb(skb);
6853 		goto exit;
6854 	}
6855 
6856 	if (rx_ev.phy_mode == MODE_11B &&
6857 	    (status->band == NL80211_BAND_5GHZ || status->band == NL80211_BAND_6GHZ))
6858 		ath11k_dbg(ab, ATH11K_DBG_WMI,
6859 			   "wmi mgmt rx 11b (CCK) on 5/6GHz, band = %d\n", status->band);
6860 
6861 	sband = &ar->mac.sbands[status->band];
6862 
6863 	if (status->band != NL80211_BAND_6GHZ)
6864 		status->freq = ieee80211_channel_to_frequency(rx_ev.channel,
6865 							      status->band);
6866 
6867 	status->signal = rx_ev.snr + ATH11K_DEFAULT_NOISE_FLOOR;
6868 	status->rate_idx = ath11k_mac_bitrate_to_idx(sband, rx_ev.rate / 100);
6869 
6870 	hdr = (struct ieee80211_hdr *)skb->data;
6871 	fc = le16_to_cpu(hdr->frame_control);
6872 
6873 	/* Firmware is guaranteed to report all essential management frames via
6874 	 * WMI while it can deliver some extra via HTT. Since there can be
6875 	 * duplicates split the reporting wrt monitor/sniffing.
6876 	 */
6877 	status->flag |= RX_FLAG_SKIP_MONITOR;
6878 
6879 	/* In case of PMF, FW delivers decrypted frames with Protected Bit set.
6880 	 * Don't clear that. Also, FW delivers broadcast management frames
6881 	 * (ex: group privacy action frames in mesh) as encrypted payload.
6882 	 */
6883 	if (ieee80211_has_protected(hdr->frame_control) &&
6884 	    !is_multicast_ether_addr(ieee80211_get_DA(hdr))) {
6885 		status->flag |= RX_FLAG_DECRYPTED;
6886 
6887 		if (!ieee80211_is_robust_mgmt_frame(skb)) {
6888 			status->flag |= RX_FLAG_IV_STRIPPED |
6889 					RX_FLAG_MMIC_STRIPPED;
6890 			hdr->frame_control = __cpu_to_le16(fc &
6891 					     ~IEEE80211_FCTL_PROTECTED);
6892 		}
6893 	}
6894 
6895 	if (ieee80211_is_beacon(hdr->frame_control))
6896 		ath11k_mac_handle_beacon(ar, skb);
6897 
6898 	ath11k_dbg(ab, ATH11K_DBG_MGMT,
6899 		   "event mgmt rx skb %pK len %d ftype %02x stype %02x\n",
6900 		   skb, skb->len,
6901 		   fc & IEEE80211_FCTL_FTYPE, fc & IEEE80211_FCTL_STYPE);
6902 
6903 	ath11k_dbg(ab, ATH11K_DBG_MGMT,
6904 		   "event mgmt rx freq %d band %d snr %d, rate_idx %d\n",
6905 		   status->freq, status->band, status->signal,
6906 		   status->rate_idx);
6907 
6908 	ieee80211_rx_ni(ar->hw, skb);
6909 
6910 exit:
6911 	rcu_read_unlock();
6912 }
6913 
6914 static void ath11k_mgmt_tx_compl_event(struct ath11k_base *ab, struct sk_buff *skb)
6915 {
6916 	struct wmi_mgmt_tx_compl_event tx_compl_param = {0};
6917 	struct ath11k *ar;
6918 
6919 	if (ath11k_pull_mgmt_tx_compl_param_tlv(ab, skb, &tx_compl_param) != 0) {
6920 		ath11k_warn(ab, "failed to extract mgmt tx compl event");
6921 		return;
6922 	}
6923 
6924 	rcu_read_lock();
6925 	ar = ath11k_mac_get_ar_by_pdev_id(ab, tx_compl_param.pdev_id);
6926 	if (!ar) {
6927 		ath11k_warn(ab, "invalid pdev id %d in mgmt_tx_compl_event\n",
6928 			    tx_compl_param.pdev_id);
6929 		goto exit;
6930 	}
6931 
6932 	wmi_process_mgmt_tx_comp(ar, tx_compl_param.desc_id,
6933 				 tx_compl_param.status);
6934 
6935 	ath11k_dbg(ab, ATH11K_DBG_MGMT,
6936 		   "mgmt tx compl ev pdev_id %d, desc_id %d, status %d",
6937 		   tx_compl_param.pdev_id, tx_compl_param.desc_id,
6938 		   tx_compl_param.status);
6939 
6940 exit:
6941 	rcu_read_unlock();
6942 }
6943 
6944 static struct ath11k *ath11k_get_ar_on_scan_state(struct ath11k_base *ab,
6945 						  u32 vdev_id,
6946 						  enum ath11k_scan_state state)
6947 {
6948 	int i;
6949 	struct ath11k_pdev *pdev;
6950 	struct ath11k *ar;
6951 
6952 	for (i = 0; i < ab->num_radios; i++) {
6953 		pdev = rcu_dereference(ab->pdevs_active[i]);
6954 		if (pdev && pdev->ar) {
6955 			ar = pdev->ar;
6956 
6957 			spin_lock_bh(&ar->data_lock);
6958 			if (ar->scan.state == state &&
6959 			    ar->scan.vdev_id == vdev_id) {
6960 				spin_unlock_bh(&ar->data_lock);
6961 				return ar;
6962 			}
6963 			spin_unlock_bh(&ar->data_lock);
6964 		}
6965 	}
6966 	return NULL;
6967 }
6968 
6969 static void ath11k_scan_event(struct ath11k_base *ab, struct sk_buff *skb)
6970 {
6971 	struct ath11k *ar;
6972 	struct wmi_scan_event scan_ev = {0};
6973 
6974 	if (ath11k_pull_scan_ev(ab, skb, &scan_ev) != 0) {
6975 		ath11k_warn(ab, "failed to extract scan event");
6976 		return;
6977 	}
6978 
6979 	rcu_read_lock();
6980 
6981 	/* In case the scan was cancelled, ex. during interface teardown,
6982 	 * the interface will not be found in active interfaces.
6983 	 * Rather, in such scenarios, iterate over the active pdev's to
6984 	 * search 'ar' if the corresponding 'ar' scan is ABORTING and the
6985 	 * aborting scan's vdev id matches this event info.
6986 	 */
6987 	if (scan_ev.event_type == WMI_SCAN_EVENT_COMPLETED &&
6988 	    scan_ev.reason == WMI_SCAN_REASON_CANCELLED) {
6989 		ar = ath11k_get_ar_on_scan_state(ab, scan_ev.vdev_id,
6990 						 ATH11K_SCAN_ABORTING);
6991 		if (!ar)
6992 			ar = ath11k_get_ar_on_scan_state(ab, scan_ev.vdev_id,
6993 							 ATH11K_SCAN_RUNNING);
6994 	} else {
6995 		ar = ath11k_mac_get_ar_by_vdev_id(ab, scan_ev.vdev_id);
6996 	}
6997 
6998 	if (!ar) {
6999 		ath11k_warn(ab, "Received scan event for unknown vdev");
7000 		rcu_read_unlock();
7001 		return;
7002 	}
7003 
7004 	spin_lock_bh(&ar->data_lock);
7005 
7006 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7007 		   "scan event %s type %d reason %d freq %d req_id %d scan_id %d vdev_id %d state %s (%d)\n",
7008 		   ath11k_wmi_event_scan_type_str(scan_ev.event_type, scan_ev.reason),
7009 		   scan_ev.event_type, scan_ev.reason, scan_ev.channel_freq,
7010 		   scan_ev.scan_req_id, scan_ev.scan_id, scan_ev.vdev_id,
7011 		   ath11k_scan_state_str(ar->scan.state), ar->scan.state);
7012 
7013 	switch (scan_ev.event_type) {
7014 	case WMI_SCAN_EVENT_STARTED:
7015 		ath11k_wmi_event_scan_started(ar);
7016 		break;
7017 	case WMI_SCAN_EVENT_COMPLETED:
7018 		ath11k_wmi_event_scan_completed(ar);
7019 		break;
7020 	case WMI_SCAN_EVENT_BSS_CHANNEL:
7021 		ath11k_wmi_event_scan_bss_chan(ar);
7022 		break;
7023 	case WMI_SCAN_EVENT_FOREIGN_CHAN:
7024 		ath11k_wmi_event_scan_foreign_chan(ar, scan_ev.channel_freq);
7025 		break;
7026 	case WMI_SCAN_EVENT_START_FAILED:
7027 		ath11k_warn(ab, "received scan start failure event\n");
7028 		ath11k_wmi_event_scan_start_failed(ar);
7029 		break;
7030 	case WMI_SCAN_EVENT_DEQUEUED:
7031 		__ath11k_mac_scan_finish(ar);
7032 		break;
7033 	case WMI_SCAN_EVENT_PREEMPTED:
7034 	case WMI_SCAN_EVENT_RESTARTED:
7035 	case WMI_SCAN_EVENT_FOREIGN_CHAN_EXIT:
7036 	default:
7037 		break;
7038 	}
7039 
7040 	spin_unlock_bh(&ar->data_lock);
7041 
7042 	rcu_read_unlock();
7043 }
7044 
7045 static void ath11k_peer_sta_kickout_event(struct ath11k_base *ab, struct sk_buff *skb)
7046 {
7047 	struct wmi_peer_sta_kickout_arg arg = {};
7048 	struct ieee80211_sta *sta;
7049 	struct ath11k_peer *peer;
7050 	struct ath11k *ar;
7051 	u32 vdev_id;
7052 
7053 	if (ath11k_pull_peer_sta_kickout_ev(ab, skb, &arg) != 0) {
7054 		ath11k_warn(ab, "failed to extract peer sta kickout event");
7055 		return;
7056 	}
7057 
7058 	rcu_read_lock();
7059 
7060 	spin_lock_bh(&ab->base_lock);
7061 
7062 	peer = ath11k_peer_find_by_addr(ab, arg.mac_addr);
7063 
7064 	if (!peer) {
7065 		ath11k_warn(ab, "peer not found %pM\n",
7066 			    arg.mac_addr);
7067 		spin_unlock_bh(&ab->base_lock);
7068 		goto exit;
7069 	}
7070 
7071 	vdev_id = peer->vdev_id;
7072 
7073 	spin_unlock_bh(&ab->base_lock);
7074 
7075 	ar = ath11k_mac_get_ar_by_vdev_id(ab, vdev_id);
7076 	if (!ar) {
7077 		ath11k_warn(ab, "invalid vdev id in peer sta kickout ev %d",
7078 			    peer->vdev_id);
7079 		goto exit;
7080 	}
7081 
7082 	sta = ieee80211_find_sta_by_ifaddr(ar->hw,
7083 					   arg.mac_addr, NULL);
7084 	if (!sta) {
7085 		ath11k_warn(ab, "Spurious quick kickout for STA %pM\n",
7086 			    arg.mac_addr);
7087 		goto exit;
7088 	}
7089 
7090 	ath11k_dbg(ab, ATH11K_DBG_WMI, "peer sta kickout event %pM",
7091 		   arg.mac_addr);
7092 
7093 	ieee80211_report_low_ack(sta, 10);
7094 
7095 exit:
7096 	rcu_read_unlock();
7097 }
7098 
7099 static void ath11k_roam_event(struct ath11k_base *ab, struct sk_buff *skb)
7100 {
7101 	struct wmi_roam_event roam_ev = {};
7102 	struct ath11k *ar;
7103 
7104 	if (ath11k_pull_roam_ev(ab, skb, &roam_ev) != 0) {
7105 		ath11k_warn(ab, "failed to extract roam event");
7106 		return;
7107 	}
7108 
7109 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7110 		   "wmi roam event vdev %u reason 0x%08x rssi %d\n",
7111 		   roam_ev.vdev_id, roam_ev.reason, roam_ev.rssi);
7112 
7113 	rcu_read_lock();
7114 	ar = ath11k_mac_get_ar_by_vdev_id(ab, roam_ev.vdev_id);
7115 	if (!ar) {
7116 		ath11k_warn(ab, "invalid vdev id in roam ev %d",
7117 			    roam_ev.vdev_id);
7118 		rcu_read_unlock();
7119 		return;
7120 	}
7121 
7122 	if (roam_ev.reason >= WMI_ROAM_REASON_MAX)
7123 		ath11k_warn(ab, "ignoring unknown roam event reason %d on vdev %i\n",
7124 			    roam_ev.reason, roam_ev.vdev_id);
7125 
7126 	switch (roam_ev.reason) {
7127 	case WMI_ROAM_REASON_BEACON_MISS:
7128 		ath11k_mac_handle_beacon_miss(ar, roam_ev.vdev_id);
7129 		break;
7130 	case WMI_ROAM_REASON_BETTER_AP:
7131 	case WMI_ROAM_REASON_LOW_RSSI:
7132 	case WMI_ROAM_REASON_SUITABLE_AP_FOUND:
7133 	case WMI_ROAM_REASON_HO_FAILED:
7134 		ath11k_warn(ab, "ignoring not implemented roam event reason %d on vdev %i\n",
7135 			    roam_ev.reason, roam_ev.vdev_id);
7136 		break;
7137 	}
7138 
7139 	rcu_read_unlock();
7140 }
7141 
7142 static void ath11k_chan_info_event(struct ath11k_base *ab, struct sk_buff *skb)
7143 {
7144 	struct wmi_chan_info_event ch_info_ev = {0};
7145 	struct ath11k *ar;
7146 	struct survey_info *survey;
7147 	int idx;
7148 	/* HW channel counters frequency value in hertz */
7149 	u32 cc_freq_hz = ab->cc_freq_hz;
7150 
7151 	if (ath11k_pull_chan_info_ev(ab, skb->data, skb->len, &ch_info_ev) != 0) {
7152 		ath11k_warn(ab, "failed to extract chan info event");
7153 		return;
7154 	}
7155 
7156 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7157 		   "chan info vdev_id %d err_code %d freq %d cmd_flags %d noise_floor %d rx_clear_count %d cycle_count %d mac_clk_mhz %d\n",
7158 		   ch_info_ev.vdev_id, ch_info_ev.err_code, ch_info_ev.freq,
7159 		   ch_info_ev.cmd_flags, ch_info_ev.noise_floor,
7160 		   ch_info_ev.rx_clear_count, ch_info_ev.cycle_count,
7161 		   ch_info_ev.mac_clk_mhz);
7162 
7163 	if (ch_info_ev.cmd_flags == WMI_CHAN_INFO_END_RESP) {
7164 		ath11k_dbg(ab, ATH11K_DBG_WMI, "chan info report completed\n");
7165 		return;
7166 	}
7167 
7168 	rcu_read_lock();
7169 	ar = ath11k_mac_get_ar_by_vdev_id(ab, ch_info_ev.vdev_id);
7170 	if (!ar) {
7171 		ath11k_warn(ab, "invalid vdev id in chan info ev %d",
7172 			    ch_info_ev.vdev_id);
7173 		rcu_read_unlock();
7174 		return;
7175 	}
7176 	spin_lock_bh(&ar->data_lock);
7177 
7178 	switch (ar->scan.state) {
7179 	case ATH11K_SCAN_IDLE:
7180 	case ATH11K_SCAN_STARTING:
7181 		ath11k_warn(ab, "received chan info event without a scan request, ignoring\n");
7182 		goto exit;
7183 	case ATH11K_SCAN_RUNNING:
7184 	case ATH11K_SCAN_ABORTING:
7185 		break;
7186 	}
7187 
7188 	idx = freq_to_idx(ar, ch_info_ev.freq);
7189 	if (idx >= ARRAY_SIZE(ar->survey)) {
7190 		ath11k_warn(ab, "chan info: invalid frequency %d (idx %d out of bounds)\n",
7191 			    ch_info_ev.freq, idx);
7192 		goto exit;
7193 	}
7194 
7195 	/* If FW provides MAC clock frequency in Mhz, overriding the initialized
7196 	 * HW channel counters frequency value
7197 	 */
7198 	if (ch_info_ev.mac_clk_mhz)
7199 		cc_freq_hz = (ch_info_ev.mac_clk_mhz * 1000);
7200 
7201 	if (ch_info_ev.cmd_flags == WMI_CHAN_INFO_START_RESP) {
7202 		survey = &ar->survey[idx];
7203 		memset(survey, 0, sizeof(*survey));
7204 		survey->noise = ch_info_ev.noise_floor;
7205 		survey->filled = SURVEY_INFO_NOISE_DBM | SURVEY_INFO_TIME |
7206 				 SURVEY_INFO_TIME_BUSY;
7207 		survey->time = div_u64(ch_info_ev.cycle_count, cc_freq_hz);
7208 		survey->time_busy = div_u64(ch_info_ev.rx_clear_count, cc_freq_hz);
7209 	}
7210 exit:
7211 	spin_unlock_bh(&ar->data_lock);
7212 	rcu_read_unlock();
7213 }
7214 
7215 static void
7216 ath11k_pdev_bss_chan_info_event(struct ath11k_base *ab, struct sk_buff *skb)
7217 {
7218 	struct wmi_pdev_bss_chan_info_event bss_ch_info_ev = {};
7219 	struct survey_info *survey;
7220 	struct ath11k *ar;
7221 	u32 cc_freq_hz = ab->cc_freq_hz;
7222 	u64 busy, total, tx, rx, rx_bss;
7223 	int idx;
7224 
7225 	if (ath11k_pull_pdev_bss_chan_info_ev(ab, skb, &bss_ch_info_ev) != 0) {
7226 		ath11k_warn(ab, "failed to extract pdev bss chan info event");
7227 		return;
7228 	}
7229 
7230 	busy = (u64)(bss_ch_info_ev.rx_clear_count_high) << 32 |
7231 			bss_ch_info_ev.rx_clear_count_low;
7232 
7233 	total = (u64)(bss_ch_info_ev.cycle_count_high) << 32 |
7234 			bss_ch_info_ev.cycle_count_low;
7235 
7236 	tx = (u64)(bss_ch_info_ev.tx_cycle_count_high) << 32 |
7237 			bss_ch_info_ev.tx_cycle_count_low;
7238 
7239 	rx = (u64)(bss_ch_info_ev.rx_cycle_count_high) << 32 |
7240 			bss_ch_info_ev.rx_cycle_count_low;
7241 
7242 	rx_bss = (u64)(bss_ch_info_ev.rx_bss_cycle_count_high) << 32 |
7243 			bss_ch_info_ev.rx_bss_cycle_count_low;
7244 
7245 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7246 		   "pdev bss chan info:\n pdev_id: %d freq: %d noise: %d cycle: busy %llu total %llu tx %llu rx %llu rx_bss %llu\n",
7247 		   bss_ch_info_ev.pdev_id, bss_ch_info_ev.freq,
7248 		   bss_ch_info_ev.noise_floor, busy, total,
7249 		   tx, rx, rx_bss);
7250 
7251 	rcu_read_lock();
7252 	ar = ath11k_mac_get_ar_by_pdev_id(ab, bss_ch_info_ev.pdev_id);
7253 
7254 	if (!ar) {
7255 		ath11k_warn(ab, "invalid pdev id %d in bss_chan_info event\n",
7256 			    bss_ch_info_ev.pdev_id);
7257 		rcu_read_unlock();
7258 		return;
7259 	}
7260 
7261 	spin_lock_bh(&ar->data_lock);
7262 	idx = freq_to_idx(ar, bss_ch_info_ev.freq);
7263 	if (idx >= ARRAY_SIZE(ar->survey)) {
7264 		ath11k_warn(ab, "bss chan info: invalid frequency %d (idx %d out of bounds)\n",
7265 			    bss_ch_info_ev.freq, idx);
7266 		goto exit;
7267 	}
7268 
7269 	survey = &ar->survey[idx];
7270 
7271 	survey->noise     = bss_ch_info_ev.noise_floor;
7272 	survey->time      = div_u64(total, cc_freq_hz);
7273 	survey->time_busy = div_u64(busy, cc_freq_hz);
7274 	survey->time_rx   = div_u64(rx_bss, cc_freq_hz);
7275 	survey->time_tx   = div_u64(tx, cc_freq_hz);
7276 	survey->filled   |= (SURVEY_INFO_NOISE_DBM |
7277 			     SURVEY_INFO_TIME |
7278 			     SURVEY_INFO_TIME_BUSY |
7279 			     SURVEY_INFO_TIME_RX |
7280 			     SURVEY_INFO_TIME_TX);
7281 exit:
7282 	spin_unlock_bh(&ar->data_lock);
7283 	complete(&ar->bss_survey_done);
7284 
7285 	rcu_read_unlock();
7286 }
7287 
7288 static void ath11k_vdev_install_key_compl_event(struct ath11k_base *ab,
7289 						struct sk_buff *skb)
7290 {
7291 	struct wmi_vdev_install_key_complete_arg install_key_compl = {0};
7292 	struct ath11k *ar;
7293 
7294 	if (ath11k_pull_vdev_install_key_compl_ev(ab, skb, &install_key_compl) != 0) {
7295 		ath11k_warn(ab, "failed to extract install key compl event");
7296 		return;
7297 	}
7298 
7299 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7300 		   "vdev install key ev idx %d flags %08x macaddr %pM status %d\n",
7301 		   install_key_compl.key_idx, install_key_compl.key_flags,
7302 		   install_key_compl.macaddr, install_key_compl.status);
7303 
7304 	rcu_read_lock();
7305 	ar = ath11k_mac_get_ar_by_vdev_id(ab, install_key_compl.vdev_id);
7306 	if (!ar) {
7307 		ath11k_warn(ab, "invalid vdev id in install key compl ev %d",
7308 			    install_key_compl.vdev_id);
7309 		rcu_read_unlock();
7310 		return;
7311 	}
7312 
7313 	ar->install_key_status = 0;
7314 
7315 	if (install_key_compl.status != WMI_VDEV_INSTALL_KEY_COMPL_STATUS_SUCCESS) {
7316 		ath11k_warn(ab, "install key failed for %pM status %d\n",
7317 			    install_key_compl.macaddr, install_key_compl.status);
7318 		ar->install_key_status = install_key_compl.status;
7319 	}
7320 
7321 	complete(&ar->install_key_done);
7322 	rcu_read_unlock();
7323 }
7324 
7325 static int  ath11k_wmi_tlv_services_parser(struct ath11k_base *ab,
7326 					   u16 tag, u16 len,
7327 					   const void *ptr, void *data)
7328 {
7329 	const struct wmi_service_available_event *ev;
7330 	u32 *wmi_ext2_service_bitmap;
7331 	int i, j;
7332 
7333 	switch (tag) {
7334 	case WMI_TAG_SERVICE_AVAILABLE_EVENT:
7335 		ev = (struct wmi_service_available_event *)ptr;
7336 		for (i = 0, j = WMI_MAX_SERVICE;
7337 			i < WMI_SERVICE_SEGMENT_BM_SIZE32 && j < WMI_MAX_EXT_SERVICE;
7338 			i++) {
7339 			do {
7340 				if (ev->wmi_service_segment_bitmap[i] &
7341 				    BIT(j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32))
7342 					set_bit(j, ab->wmi_ab.svc_map);
7343 			} while (++j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32);
7344 		}
7345 
7346 		ath11k_dbg(ab, ATH11K_DBG_WMI,
7347 			   "wmi_ext_service_bitmap 0:0x%04x, 1:0x%04x, 2:0x%04x, 3:0x%04x",
7348 			   ev->wmi_service_segment_bitmap[0],
7349 			   ev->wmi_service_segment_bitmap[1],
7350 			   ev->wmi_service_segment_bitmap[2],
7351 			   ev->wmi_service_segment_bitmap[3]);
7352 		break;
7353 	case WMI_TAG_ARRAY_UINT32:
7354 		wmi_ext2_service_bitmap = (u32 *)ptr;
7355 		for (i = 0, j = WMI_MAX_EXT_SERVICE;
7356 			i < WMI_SERVICE_SEGMENT_BM_SIZE32 && j < WMI_MAX_EXT2_SERVICE;
7357 			i++) {
7358 			do {
7359 				if (wmi_ext2_service_bitmap[i] &
7360 				    BIT(j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32))
7361 					set_bit(j, ab->wmi_ab.svc_map);
7362 			} while (++j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32);
7363 		}
7364 
7365 		ath11k_dbg(ab, ATH11K_DBG_WMI,
7366 			   "wmi_ext2_service__bitmap  0:0x%04x, 1:0x%04x, 2:0x%04x, 3:0x%04x",
7367 			   wmi_ext2_service_bitmap[0], wmi_ext2_service_bitmap[1],
7368 			   wmi_ext2_service_bitmap[2], wmi_ext2_service_bitmap[3]);
7369 		break;
7370 	}
7371 	return 0;
7372 }
7373 
7374 static void ath11k_service_available_event(struct ath11k_base *ab, struct sk_buff *skb)
7375 {
7376 	int ret;
7377 
7378 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
7379 				  ath11k_wmi_tlv_services_parser,
7380 				  NULL);
7381 	if (ret)
7382 		ath11k_warn(ab, "failed to parse services available tlv %d\n", ret);
7383 }
7384 
7385 static void ath11k_peer_assoc_conf_event(struct ath11k_base *ab, struct sk_buff *skb)
7386 {
7387 	struct wmi_peer_assoc_conf_arg peer_assoc_conf = {0};
7388 	struct ath11k *ar;
7389 
7390 	if (ath11k_pull_peer_assoc_conf_ev(ab, skb, &peer_assoc_conf) != 0) {
7391 		ath11k_warn(ab, "failed to extract peer assoc conf event");
7392 		return;
7393 	}
7394 
7395 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7396 		   "peer assoc conf ev vdev id %d macaddr %pM\n",
7397 		   peer_assoc_conf.vdev_id, peer_assoc_conf.macaddr);
7398 
7399 	rcu_read_lock();
7400 	ar = ath11k_mac_get_ar_by_vdev_id(ab, peer_assoc_conf.vdev_id);
7401 
7402 	if (!ar) {
7403 		ath11k_warn(ab, "invalid vdev id in peer assoc conf ev %d",
7404 			    peer_assoc_conf.vdev_id);
7405 		rcu_read_unlock();
7406 		return;
7407 	}
7408 
7409 	complete(&ar->peer_assoc_done);
7410 	rcu_read_unlock();
7411 }
7412 
7413 static void ath11k_update_stats_event(struct ath11k_base *ab, struct sk_buff *skb)
7414 {
7415 	ath11k_debugfs_fw_stats_process(ab, skb);
7416 }
7417 
7418 /* PDEV_CTL_FAILSAFE_CHECK_EVENT is received from FW when the frequency scanned
7419  * is not part of BDF CTL(Conformance test limits) table entries.
7420  */
7421 static void ath11k_pdev_ctl_failsafe_check_event(struct ath11k_base *ab,
7422 						 struct sk_buff *skb)
7423 {
7424 	const void **tb;
7425 	const struct wmi_pdev_ctl_failsafe_chk_event *ev;
7426 	int ret;
7427 
7428 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7429 	if (IS_ERR(tb)) {
7430 		ret = PTR_ERR(tb);
7431 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
7432 		return;
7433 	}
7434 
7435 	ev = tb[WMI_TAG_PDEV_CTL_FAILSAFE_CHECK_EVENT];
7436 	if (!ev) {
7437 		ath11k_warn(ab, "failed to fetch pdev ctl failsafe check ev");
7438 		kfree(tb);
7439 		return;
7440 	}
7441 
7442 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7443 		   "pdev ctl failsafe check ev status %d\n",
7444 		   ev->ctl_failsafe_status);
7445 
7446 	/* If ctl_failsafe_status is set to 1 FW will max out the Transmit power
7447 	 * to 10 dBm else the CTL power entry in the BDF would be picked up.
7448 	 */
7449 	if (ev->ctl_failsafe_status != 0)
7450 		ath11k_warn(ab, "pdev ctl failsafe failure status %d",
7451 			    ev->ctl_failsafe_status);
7452 
7453 	kfree(tb);
7454 }
7455 
7456 static void
7457 ath11k_wmi_process_csa_switch_count_event(struct ath11k_base *ab,
7458 					  const struct wmi_pdev_csa_switch_ev *ev,
7459 					  const u32 *vdev_ids)
7460 {
7461 	int i;
7462 	struct ath11k_vif *arvif;
7463 
7464 	/* Finish CSA once the switch count becomes NULL */
7465 	if (ev->current_switch_count)
7466 		return;
7467 
7468 	rcu_read_lock();
7469 	for (i = 0; i < ev->num_vdevs; i++) {
7470 		arvif = ath11k_mac_get_arvif_by_vdev_id(ab, vdev_ids[i]);
7471 
7472 		if (!arvif) {
7473 			ath11k_warn(ab, "Recvd csa status for unknown vdev %d",
7474 				    vdev_ids[i]);
7475 			continue;
7476 		}
7477 
7478 		if (arvif->is_up && arvif->vif->csa_active)
7479 			ieee80211_csa_finish(arvif->vif);
7480 	}
7481 	rcu_read_unlock();
7482 }
7483 
7484 static void
7485 ath11k_wmi_pdev_csa_switch_count_status_event(struct ath11k_base *ab,
7486 					      struct sk_buff *skb)
7487 {
7488 	const void **tb;
7489 	const struct wmi_pdev_csa_switch_ev *ev;
7490 	const u32 *vdev_ids;
7491 	int ret;
7492 
7493 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7494 	if (IS_ERR(tb)) {
7495 		ret = PTR_ERR(tb);
7496 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
7497 		return;
7498 	}
7499 
7500 	ev = tb[WMI_TAG_PDEV_CSA_SWITCH_COUNT_STATUS_EVENT];
7501 	vdev_ids = tb[WMI_TAG_ARRAY_UINT32];
7502 
7503 	if (!ev || !vdev_ids) {
7504 		ath11k_warn(ab, "failed to fetch pdev csa switch count ev");
7505 		kfree(tb);
7506 		return;
7507 	}
7508 
7509 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7510 		   "pdev csa switch count %d for pdev %d, num_vdevs %d",
7511 		   ev->current_switch_count, ev->pdev_id,
7512 		   ev->num_vdevs);
7513 
7514 	ath11k_wmi_process_csa_switch_count_event(ab, ev, vdev_ids);
7515 
7516 	kfree(tb);
7517 }
7518 
7519 static void
7520 ath11k_wmi_pdev_dfs_radar_detected_event(struct ath11k_base *ab, struct sk_buff *skb)
7521 {
7522 	const void **tb;
7523 	const struct wmi_pdev_radar_ev *ev;
7524 	struct ath11k *ar;
7525 	int ret;
7526 
7527 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7528 	if (IS_ERR(tb)) {
7529 		ret = PTR_ERR(tb);
7530 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
7531 		return;
7532 	}
7533 
7534 	ev = tb[WMI_TAG_PDEV_DFS_RADAR_DETECTION_EVENT];
7535 
7536 	if (!ev) {
7537 		ath11k_warn(ab, "failed to fetch pdev dfs radar detected ev");
7538 		kfree(tb);
7539 		return;
7540 	}
7541 
7542 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7543 		   "pdev dfs radar detected on pdev %d, detection mode %d, chan freq %d, chan_width %d, detector id %d, seg id %d, timestamp %d, chirp %d, freq offset %d, sidx %d",
7544 		   ev->pdev_id, ev->detection_mode, ev->chan_freq, ev->chan_width,
7545 		   ev->detector_id, ev->segment_id, ev->timestamp, ev->is_chirp,
7546 		   ev->freq_offset, ev->sidx);
7547 
7548 	ar = ath11k_mac_get_ar_by_pdev_id(ab, ev->pdev_id);
7549 
7550 	if (!ar) {
7551 		ath11k_warn(ab, "radar detected in invalid pdev %d\n",
7552 			    ev->pdev_id);
7553 		goto exit;
7554 	}
7555 
7556 	ath11k_dbg(ar->ab, ATH11K_DBG_REG, "DFS Radar Detected in pdev %d\n",
7557 		   ev->pdev_id);
7558 
7559 	if (ar->dfs_block_radar_events)
7560 		ath11k_info(ab, "DFS Radar detected, but ignored as requested\n");
7561 	else
7562 		ieee80211_radar_detected(ar->hw);
7563 
7564 exit:
7565 	kfree(tb);
7566 }
7567 
7568 static void ath11k_rfkill_state_change_event(struct ath11k_base *ab,
7569 					     struct sk_buff *skb)
7570 {
7571 	const struct wmi_rfkill_state_change_ev *ev;
7572 	const void **tb;
7573 	int ret;
7574 
7575 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7576 	if (IS_ERR(tb)) {
7577 		ret = PTR_ERR(tb);
7578 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
7579 		return;
7580 	}
7581 
7582 	ev = tb[WMI_TAG_RFKILL_EVENT];
7583 	if (!ev) {
7584 		kfree(tb);
7585 		return;
7586 	}
7587 
7588 	ath11k_dbg(ab, ATH11K_DBG_MAC,
7589 		   "wmi tlv rfkill state change gpio %d type %d radio_state %d\n",
7590 		   ev->gpio_pin_num,
7591 		   ev->int_type,
7592 		   ev->radio_state);
7593 
7594 	spin_lock_bh(&ab->base_lock);
7595 	ab->rfkill_radio_on = (ev->radio_state == WMI_RFKILL_RADIO_STATE_ON);
7596 	spin_unlock_bh(&ab->base_lock);
7597 
7598 	queue_work(ab->workqueue, &ab->rfkill_work);
7599 	kfree(tb);
7600 }
7601 
7602 static void
7603 ath11k_wmi_pdev_temperature_event(struct ath11k_base *ab,
7604 				  struct sk_buff *skb)
7605 {
7606 	struct ath11k *ar;
7607 	const void **tb;
7608 	const struct wmi_pdev_temperature_event *ev;
7609 	int ret;
7610 
7611 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7612 	if (IS_ERR(tb)) {
7613 		ret = PTR_ERR(tb);
7614 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
7615 		return;
7616 	}
7617 
7618 	ev = tb[WMI_TAG_PDEV_TEMPERATURE_EVENT];
7619 	if (!ev) {
7620 		ath11k_warn(ab, "failed to fetch pdev temp ev");
7621 		kfree(tb);
7622 		return;
7623 	}
7624 
7625 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7626 		   "pdev temperature ev temp %d pdev_id %d\n", ev->temp, ev->pdev_id);
7627 
7628 	ar = ath11k_mac_get_ar_by_pdev_id(ab, ev->pdev_id);
7629 	if (!ar) {
7630 		ath11k_warn(ab, "invalid pdev id in pdev temperature ev %d", ev->pdev_id);
7631 		kfree(tb);
7632 		return;
7633 	}
7634 
7635 	ath11k_thermal_event_temperature(ar, ev->temp);
7636 
7637 	kfree(tb);
7638 }
7639 
7640 static void ath11k_fils_discovery_event(struct ath11k_base *ab,
7641 					struct sk_buff *skb)
7642 {
7643 	const void **tb;
7644 	const struct wmi_fils_discovery_event *ev;
7645 	int ret;
7646 
7647 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7648 	if (IS_ERR(tb)) {
7649 		ret = PTR_ERR(tb);
7650 		ath11k_warn(ab,
7651 			    "failed to parse FILS discovery event tlv %d\n",
7652 			    ret);
7653 		return;
7654 	}
7655 
7656 	ev = tb[WMI_TAG_HOST_SWFDA_EVENT];
7657 	if (!ev) {
7658 		ath11k_warn(ab, "failed to fetch FILS discovery event\n");
7659 		kfree(tb);
7660 		return;
7661 	}
7662 
7663 	ath11k_warn(ab,
7664 		    "FILS discovery frame expected from host for vdev_id: %u, transmission scheduled at %u, next TBTT: %u\n",
7665 		    ev->vdev_id, ev->fils_tt, ev->tbtt);
7666 
7667 	kfree(tb);
7668 }
7669 
7670 static void ath11k_probe_resp_tx_status_event(struct ath11k_base *ab,
7671 					      struct sk_buff *skb)
7672 {
7673 	const void **tb;
7674 	const struct wmi_probe_resp_tx_status_event *ev;
7675 	int ret;
7676 
7677 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7678 	if (IS_ERR(tb)) {
7679 		ret = PTR_ERR(tb);
7680 		ath11k_warn(ab,
7681 			    "failed to parse probe response transmission status event tlv: %d\n",
7682 			    ret);
7683 		return;
7684 	}
7685 
7686 	ev = tb[WMI_TAG_OFFLOAD_PRB_RSP_TX_STATUS_EVENT];
7687 	if (!ev) {
7688 		ath11k_warn(ab,
7689 			    "failed to fetch probe response transmission status event");
7690 		kfree(tb);
7691 		return;
7692 	}
7693 
7694 	if (ev->tx_status)
7695 		ath11k_warn(ab,
7696 			    "Probe response transmission failed for vdev_id %u, status %u\n",
7697 			    ev->vdev_id, ev->tx_status);
7698 
7699 	kfree(tb);
7700 }
7701 
7702 static int ath11k_wmi_tlv_wow_wakeup_host_parse(struct ath11k_base *ab,
7703 						u16 tag, u16 len,
7704 						const void *ptr, void *data)
7705 {
7706 	struct wmi_wow_ev_arg *ev = data;
7707 	const char *wow_pg_fault;
7708 	int wow_pg_len;
7709 
7710 	switch (tag) {
7711 	case WMI_TAG_WOW_EVENT_INFO:
7712 		memcpy(ev, ptr, sizeof(*ev));
7713 		ath11k_dbg(ab, ATH11K_DBG_WMI, "wow wakeup host reason %d %s\n",
7714 			   ev->wake_reason, wow_reason(ev->wake_reason));
7715 		break;
7716 
7717 	case WMI_TAG_ARRAY_BYTE:
7718 		if (ev && ev->wake_reason == WOW_REASON_PAGE_FAULT) {
7719 			wow_pg_fault = ptr;
7720 			/* the first 4 bytes are length */
7721 			wow_pg_len = *(int *)wow_pg_fault;
7722 			wow_pg_fault += sizeof(int);
7723 			ath11k_dbg(ab, ATH11K_DBG_WMI, "wow data_len = %d\n",
7724 				   wow_pg_len);
7725 			ath11k_dbg_dump(ab, ATH11K_DBG_WMI,
7726 					"wow_event_info_type packet present",
7727 					"wow_pg_fault ",
7728 					wow_pg_fault,
7729 					wow_pg_len);
7730 		}
7731 		break;
7732 	default:
7733 		break;
7734 	}
7735 
7736 	return 0;
7737 }
7738 
7739 static void ath11k_wmi_event_wow_wakeup_host(struct ath11k_base *ab, struct sk_buff *skb)
7740 {
7741 	struct wmi_wow_ev_arg ev = { };
7742 	int ret;
7743 
7744 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
7745 				  ath11k_wmi_tlv_wow_wakeup_host_parse,
7746 				  &ev);
7747 	if (ret) {
7748 		ath11k_warn(ab, "failed to parse wmi wow tlv: %d\n", ret);
7749 		return;
7750 	}
7751 
7752 	complete(&ab->wow.wakeup_completed);
7753 }
7754 
7755 static void
7756 ath11k_wmi_diag_event(struct ath11k_base *ab,
7757 		      struct sk_buff *skb)
7758 {
7759 	trace_ath11k_wmi_diag(ab, skb->data, skb->len);
7760 }
7761 
7762 static const char *ath11k_wmi_twt_add_dialog_event_status(u32 status)
7763 {
7764 	switch (status) {
7765 	case WMI_ADD_TWT_STATUS_OK:
7766 		return "ok";
7767 	case WMI_ADD_TWT_STATUS_TWT_NOT_ENABLED:
7768 		return "twt disabled";
7769 	case WMI_ADD_TWT_STATUS_USED_DIALOG_ID:
7770 		return "dialog id in use";
7771 	case WMI_ADD_TWT_STATUS_INVALID_PARAM:
7772 		return "invalid parameters";
7773 	case WMI_ADD_TWT_STATUS_NOT_READY:
7774 		return "not ready";
7775 	case WMI_ADD_TWT_STATUS_NO_RESOURCE:
7776 		return "resource unavailable";
7777 	case WMI_ADD_TWT_STATUS_NO_ACK:
7778 		return "no ack";
7779 	case WMI_ADD_TWT_STATUS_NO_RESPONSE:
7780 		return "no response";
7781 	case WMI_ADD_TWT_STATUS_DENIED:
7782 		return "denied";
7783 	case WMI_ADD_TWT_STATUS_UNKNOWN_ERROR:
7784 		fallthrough;
7785 	default:
7786 		return "unknown error";
7787 	}
7788 }
7789 
7790 static void ath11k_wmi_twt_add_dialog_event(struct ath11k_base *ab,
7791 					    struct sk_buff *skb)
7792 {
7793 	const void **tb;
7794 	const struct wmi_twt_add_dialog_event *ev;
7795 	int ret;
7796 
7797 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7798 	if (IS_ERR(tb)) {
7799 		ret = PTR_ERR(tb);
7800 		ath11k_warn(ab,
7801 			    "failed to parse wmi twt add dialog status event tlv: %d\n",
7802 			    ret);
7803 		return;
7804 	}
7805 
7806 	ev = tb[WMI_TAG_TWT_ADD_DIALOG_COMPLETE_EVENT];
7807 	if (!ev) {
7808 		ath11k_warn(ab, "failed to fetch twt add dialog wmi event\n");
7809 		goto exit;
7810 	}
7811 
7812 	if (ev->status)
7813 		ath11k_warn(ab,
7814 			    "wmi add twt dialog event vdev %d dialog id %d status %s\n",
7815 			    ev->vdev_id, ev->dialog_id,
7816 			    ath11k_wmi_twt_add_dialog_event_status(ev->status));
7817 
7818 exit:
7819 	kfree(tb);
7820 }
7821 
7822 static void ath11k_wmi_gtk_offload_status_event(struct ath11k_base *ab,
7823 						struct sk_buff *skb)
7824 {
7825 	const void **tb;
7826 	const struct wmi_gtk_offload_status_event *ev;
7827 	struct ath11k_vif *arvif;
7828 	__be64 replay_ctr_be;
7829 	u64    replay_ctr;
7830 	int ret;
7831 
7832 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7833 	if (IS_ERR(tb)) {
7834 		ret = PTR_ERR(tb);
7835 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
7836 		return;
7837 	}
7838 
7839 	ev = tb[WMI_TAG_GTK_OFFLOAD_STATUS_EVENT];
7840 	if (!ev) {
7841 		ath11k_warn(ab, "failed to fetch gtk offload status ev");
7842 		kfree(tb);
7843 		return;
7844 	}
7845 
7846 	arvif = ath11k_mac_get_arvif_by_vdev_id(ab, ev->vdev_id);
7847 	if (!arvif) {
7848 		ath11k_warn(ab, "failed to get arvif for vdev_id:%d\n",
7849 			    ev->vdev_id);
7850 		kfree(tb);
7851 		return;
7852 	}
7853 
7854 	ath11k_dbg(ab, ATH11K_DBG_WMI, "wmi gtk offload event refresh_cnt %d\n",
7855 		   ev->refresh_cnt);
7856 	ath11k_dbg_dump(ab, ATH11K_DBG_WMI, "replay_cnt",
7857 			NULL, ev->replay_ctr.counter, GTK_REPLAY_COUNTER_BYTES);
7858 
7859 	replay_ctr =  ev->replay_ctr.word1;
7860 	replay_ctr = (replay_ctr << 32) | ev->replay_ctr.word0;
7861 	arvif->rekey_data.replay_ctr = replay_ctr;
7862 
7863 	/* supplicant expects big-endian replay counter */
7864 	replay_ctr_be = cpu_to_be64(replay_ctr);
7865 
7866 	ieee80211_gtk_rekey_notify(arvif->vif, arvif->bssid,
7867 				   (void *)&replay_ctr_be, GFP_ATOMIC);
7868 
7869 	kfree(tb);
7870 }
7871 
7872 static void ath11k_wmi_tlv_op_rx(struct ath11k_base *ab, struct sk_buff *skb)
7873 {
7874 	struct wmi_cmd_hdr *cmd_hdr;
7875 	enum wmi_tlv_event_id id;
7876 
7877 	cmd_hdr = (struct wmi_cmd_hdr *)skb->data;
7878 	id = FIELD_GET(WMI_CMD_HDR_CMD_ID, (cmd_hdr->cmd_id));
7879 
7880 	trace_ath11k_wmi_event(ab, id, skb->data, skb->len);
7881 
7882 	if (skb_pull(skb, sizeof(struct wmi_cmd_hdr)) == NULL)
7883 		goto out;
7884 
7885 	switch (id) {
7886 		/* Process all the WMI events here */
7887 	case WMI_SERVICE_READY_EVENTID:
7888 		ath11k_service_ready_event(ab, skb);
7889 		break;
7890 	case WMI_SERVICE_READY_EXT_EVENTID:
7891 		ath11k_service_ready_ext_event(ab, skb);
7892 		break;
7893 	case WMI_SERVICE_READY_EXT2_EVENTID:
7894 		ath11k_service_ready_ext2_event(ab, skb);
7895 		break;
7896 	case WMI_REG_CHAN_LIST_CC_EVENTID:
7897 		ath11k_reg_chan_list_event(ab, skb);
7898 		break;
7899 	case WMI_READY_EVENTID:
7900 		ath11k_ready_event(ab, skb);
7901 		break;
7902 	case WMI_PEER_DELETE_RESP_EVENTID:
7903 		ath11k_peer_delete_resp_event(ab, skb);
7904 		break;
7905 	case WMI_VDEV_START_RESP_EVENTID:
7906 		ath11k_vdev_start_resp_event(ab, skb);
7907 		break;
7908 	case WMI_OFFLOAD_BCN_TX_STATUS_EVENTID:
7909 		ath11k_bcn_tx_status_event(ab, skb);
7910 		break;
7911 	case WMI_VDEV_STOPPED_EVENTID:
7912 		ath11k_vdev_stopped_event(ab, skb);
7913 		break;
7914 	case WMI_MGMT_RX_EVENTID:
7915 		ath11k_mgmt_rx_event(ab, skb);
7916 		/* mgmt_rx_event() owns the skb now! */
7917 		return;
7918 	case WMI_MGMT_TX_COMPLETION_EVENTID:
7919 		ath11k_mgmt_tx_compl_event(ab, skb);
7920 		break;
7921 	case WMI_SCAN_EVENTID:
7922 		ath11k_scan_event(ab, skb);
7923 		break;
7924 	case WMI_PEER_STA_KICKOUT_EVENTID:
7925 		ath11k_peer_sta_kickout_event(ab, skb);
7926 		break;
7927 	case WMI_ROAM_EVENTID:
7928 		ath11k_roam_event(ab, skb);
7929 		break;
7930 	case WMI_CHAN_INFO_EVENTID:
7931 		ath11k_chan_info_event(ab, skb);
7932 		break;
7933 	case WMI_PDEV_BSS_CHAN_INFO_EVENTID:
7934 		ath11k_pdev_bss_chan_info_event(ab, skb);
7935 		break;
7936 	case WMI_VDEV_INSTALL_KEY_COMPLETE_EVENTID:
7937 		ath11k_vdev_install_key_compl_event(ab, skb);
7938 		break;
7939 	case WMI_SERVICE_AVAILABLE_EVENTID:
7940 		ath11k_service_available_event(ab, skb);
7941 		break;
7942 	case WMI_PEER_ASSOC_CONF_EVENTID:
7943 		ath11k_peer_assoc_conf_event(ab, skb);
7944 		break;
7945 	case WMI_UPDATE_STATS_EVENTID:
7946 		ath11k_update_stats_event(ab, skb);
7947 		break;
7948 	case WMI_PDEV_CTL_FAILSAFE_CHECK_EVENTID:
7949 		ath11k_pdev_ctl_failsafe_check_event(ab, skb);
7950 		break;
7951 	case WMI_PDEV_CSA_SWITCH_COUNT_STATUS_EVENTID:
7952 		ath11k_wmi_pdev_csa_switch_count_status_event(ab, skb);
7953 		break;
7954 	case WMI_PDEV_TEMPERATURE_EVENTID:
7955 		ath11k_wmi_pdev_temperature_event(ab, skb);
7956 		break;
7957 	case WMI_PDEV_DMA_RING_BUF_RELEASE_EVENTID:
7958 		ath11k_wmi_pdev_dma_ring_buf_release_event(ab, skb);
7959 		break;
7960 	case WMI_HOST_FILS_DISCOVERY_EVENTID:
7961 		ath11k_fils_discovery_event(ab, skb);
7962 		break;
7963 	case WMI_OFFLOAD_PROB_RESP_TX_STATUS_EVENTID:
7964 		ath11k_probe_resp_tx_status_event(ab, skb);
7965 		break;
7966 	case WMI_OBSS_COLOR_COLLISION_DETECTION_EVENTID:
7967 		ath11k_wmi_obss_color_collision_event(ab, skb);
7968 		break;
7969 	case WMI_TWT_ADD_DIALOG_EVENTID:
7970 		ath11k_wmi_twt_add_dialog_event(ab, skb);
7971 		break;
7972 	/* add Unsupported events here */
7973 	case WMI_TBTTOFFSET_EXT_UPDATE_EVENTID:
7974 	case WMI_PEER_OPER_MODE_CHANGE_EVENTID:
7975 	case WMI_TWT_ENABLE_EVENTID:
7976 	case WMI_TWT_DISABLE_EVENTID:
7977 	case WMI_TWT_DEL_DIALOG_EVENTID:
7978 	case WMI_TWT_PAUSE_DIALOG_EVENTID:
7979 	case WMI_TWT_RESUME_DIALOG_EVENTID:
7980 	case WMI_PDEV_DMA_RING_CFG_RSP_EVENTID:
7981 	case WMI_PEER_CREATE_CONF_EVENTID:
7982 		ath11k_dbg(ab, ATH11K_DBG_WMI,
7983 			   "ignoring unsupported event 0x%x\n", id);
7984 		break;
7985 	case WMI_PDEV_DFS_RADAR_DETECTION_EVENTID:
7986 		ath11k_wmi_pdev_dfs_radar_detected_event(ab, skb);
7987 		break;
7988 	case WMI_VDEV_DELETE_RESP_EVENTID:
7989 		ath11k_vdev_delete_resp_event(ab, skb);
7990 		break;
7991 	case WMI_WOW_WAKEUP_HOST_EVENTID:
7992 		ath11k_wmi_event_wow_wakeup_host(ab, skb);
7993 		break;
7994 	case WMI_11D_NEW_COUNTRY_EVENTID:
7995 		ath11k_reg_11d_new_cc_event(ab, skb);
7996 		break;
7997 	case WMI_RFKILL_STATE_CHANGE_EVENTID:
7998 		ath11k_rfkill_state_change_event(ab, skb);
7999 		break;
8000 	case WMI_DIAG_EVENTID:
8001 		ath11k_wmi_diag_event(ab, skb);
8002 		break;
8003 	case WMI_GTK_OFFLOAD_STATUS_EVENTID:
8004 		ath11k_wmi_gtk_offload_status_event(ab, skb);
8005 		break;
8006 	/* TODO: Add remaining events */
8007 	default:
8008 		ath11k_dbg(ab, ATH11K_DBG_WMI, "Unknown eventid: 0x%x\n", id);
8009 		break;
8010 	}
8011 
8012 out:
8013 	dev_kfree_skb(skb);
8014 }
8015 
8016 static int ath11k_connect_pdev_htc_service(struct ath11k_base *ab,
8017 					   u32 pdev_idx)
8018 {
8019 	int status;
8020 	u32 svc_id[] = { ATH11K_HTC_SVC_ID_WMI_CONTROL,
8021 			 ATH11K_HTC_SVC_ID_WMI_CONTROL_MAC1,
8022 			 ATH11K_HTC_SVC_ID_WMI_CONTROL_MAC2 };
8023 
8024 	struct ath11k_htc_svc_conn_req conn_req;
8025 	struct ath11k_htc_svc_conn_resp conn_resp;
8026 
8027 	memset(&conn_req, 0, sizeof(conn_req));
8028 	memset(&conn_resp, 0, sizeof(conn_resp));
8029 
8030 	/* these fields are the same for all service endpoints */
8031 	conn_req.ep_ops.ep_tx_complete = ath11k_wmi_htc_tx_complete;
8032 	conn_req.ep_ops.ep_rx_complete = ath11k_wmi_tlv_op_rx;
8033 	conn_req.ep_ops.ep_tx_credits = ath11k_wmi_op_ep_tx_credits;
8034 
8035 	/* connect to control service */
8036 	conn_req.service_id = svc_id[pdev_idx];
8037 
8038 	status = ath11k_htc_connect_service(&ab->htc, &conn_req, &conn_resp);
8039 	if (status) {
8040 		ath11k_warn(ab, "failed to connect to WMI CONTROL service status: %d\n",
8041 			    status);
8042 		return status;
8043 	}
8044 
8045 	ab->wmi_ab.wmi_endpoint_id[pdev_idx] = conn_resp.eid;
8046 	ab->wmi_ab.wmi[pdev_idx].eid = conn_resp.eid;
8047 	ab->wmi_ab.max_msg_len[pdev_idx] = conn_resp.max_msg_len;
8048 	init_waitqueue_head(&ab->wmi_ab.wmi[pdev_idx].tx_ce_desc_wq);
8049 
8050 	return 0;
8051 }
8052 
8053 static int
8054 ath11k_wmi_send_unit_test_cmd(struct ath11k *ar,
8055 			      struct wmi_unit_test_cmd ut_cmd,
8056 			      u32 *test_args)
8057 {
8058 	struct ath11k_pdev_wmi *wmi = ar->wmi;
8059 	struct wmi_unit_test_cmd *cmd;
8060 	struct sk_buff *skb;
8061 	struct wmi_tlv *tlv;
8062 	void *ptr;
8063 	u32 *ut_cmd_args;
8064 	int buf_len, arg_len;
8065 	int ret;
8066 	int i;
8067 
8068 	arg_len = sizeof(u32) * ut_cmd.num_args;
8069 	buf_len = sizeof(ut_cmd) + arg_len + TLV_HDR_SIZE;
8070 
8071 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, buf_len);
8072 	if (!skb)
8073 		return -ENOMEM;
8074 
8075 	cmd = (struct wmi_unit_test_cmd *)skb->data;
8076 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_UNIT_TEST_CMD) |
8077 			  FIELD_PREP(WMI_TLV_LEN, sizeof(ut_cmd) - TLV_HDR_SIZE);
8078 
8079 	cmd->vdev_id = ut_cmd.vdev_id;
8080 	cmd->module_id = ut_cmd.module_id;
8081 	cmd->num_args = ut_cmd.num_args;
8082 	cmd->diag_token = ut_cmd.diag_token;
8083 
8084 	ptr = skb->data + sizeof(ut_cmd);
8085 
8086 	tlv = ptr;
8087 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_UINT32) |
8088 		      FIELD_PREP(WMI_TLV_LEN, arg_len);
8089 
8090 	ptr += TLV_HDR_SIZE;
8091 
8092 	ut_cmd_args = ptr;
8093 	for (i = 0; i < ut_cmd.num_args; i++)
8094 		ut_cmd_args[i] = test_args[i];
8095 
8096 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_UNIT_TEST_CMDID);
8097 
8098 	if (ret) {
8099 		ath11k_warn(ar->ab, "failed to send WMI_UNIT_TEST CMD :%d\n",
8100 			    ret);
8101 		dev_kfree_skb(skb);
8102 	}
8103 
8104 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
8105 		   "WMI unit test : module %d vdev %d n_args %d token %d\n",
8106 		   cmd->module_id, cmd->vdev_id, cmd->num_args,
8107 		   cmd->diag_token);
8108 
8109 	return ret;
8110 }
8111 
8112 int ath11k_wmi_simulate_radar(struct ath11k *ar)
8113 {
8114 	struct ath11k_vif *arvif;
8115 	u32 dfs_args[DFS_MAX_TEST_ARGS];
8116 	struct wmi_unit_test_cmd wmi_ut;
8117 	bool arvif_found = false;
8118 
8119 	list_for_each_entry(arvif, &ar->arvifs, list) {
8120 		if (arvif->is_started && arvif->vdev_type == WMI_VDEV_TYPE_AP) {
8121 			arvif_found = true;
8122 			break;
8123 		}
8124 	}
8125 
8126 	if (!arvif_found)
8127 		return -EINVAL;
8128 
8129 	dfs_args[DFS_TEST_CMDID] = 0;
8130 	dfs_args[DFS_TEST_PDEV_ID] = ar->pdev->pdev_id;
8131 	/* Currently we could pass segment_id(b0 - b1), chirp(b2)
8132 	 * freq offset (b3 - b10) to unit test. For simulation
8133 	 * purpose this can be set to 0 which is valid.
8134 	 */
8135 	dfs_args[DFS_TEST_RADAR_PARAM] = 0;
8136 
8137 	wmi_ut.vdev_id = arvif->vdev_id;
8138 	wmi_ut.module_id = DFS_UNIT_TEST_MODULE;
8139 	wmi_ut.num_args = DFS_MAX_TEST_ARGS;
8140 	wmi_ut.diag_token = DFS_UNIT_TEST_TOKEN;
8141 
8142 	ath11k_dbg(ar->ab, ATH11K_DBG_REG, "Triggering Radar Simulation\n");
8143 
8144 	return ath11k_wmi_send_unit_test_cmd(ar, wmi_ut, dfs_args);
8145 }
8146 
8147 int ath11k_wmi_fw_dbglog_cfg(struct ath11k *ar, u32 *module_id_bitmap,
8148 			     struct ath11k_fw_dbglog *dbglog)
8149 {
8150 	struct ath11k_pdev_wmi *wmi = ar->wmi;
8151 	struct wmi_debug_log_config_cmd_fixed_param *cmd;
8152 	struct sk_buff *skb;
8153 	struct wmi_tlv *tlv;
8154 	int ret, len;
8155 
8156 	len = sizeof(*cmd) + TLV_HDR_SIZE + (MAX_MODULE_ID_BITMAP_WORDS * sizeof(u32));
8157 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
8158 	if (!skb)
8159 		return -ENOMEM;
8160 
8161 	cmd = (struct wmi_debug_log_config_cmd_fixed_param *)skb->data;
8162 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_DEBUG_LOG_CONFIG_CMD) |
8163 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8164 	cmd->dbg_log_param = dbglog->param;
8165 
8166 	tlv = (struct wmi_tlv *)((u8 *)cmd + sizeof(*cmd));
8167 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_UINT32) |
8168 		      FIELD_PREP(WMI_TLV_LEN, MAX_MODULE_ID_BITMAP_WORDS * sizeof(u32));
8169 
8170 	switch (dbglog->param) {
8171 	case WMI_DEBUG_LOG_PARAM_LOG_LEVEL:
8172 	case WMI_DEBUG_LOG_PARAM_VDEV_ENABLE:
8173 	case WMI_DEBUG_LOG_PARAM_VDEV_DISABLE:
8174 	case WMI_DEBUG_LOG_PARAM_VDEV_ENABLE_BITMAP:
8175 		cmd->value = dbglog->value;
8176 		break;
8177 	case WMI_DEBUG_LOG_PARAM_MOD_ENABLE_BITMAP:
8178 	case WMI_DEBUG_LOG_PARAM_WOW_MOD_ENABLE_BITMAP:
8179 		cmd->value = dbglog->value;
8180 		memcpy(tlv->value, module_id_bitmap,
8181 		       MAX_MODULE_ID_BITMAP_WORDS * sizeof(u32));
8182 		/* clear current config to be used for next user config */
8183 		memset(module_id_bitmap, 0,
8184 		       MAX_MODULE_ID_BITMAP_WORDS * sizeof(u32));
8185 		break;
8186 	default:
8187 		dev_kfree_skb(skb);
8188 		return -EINVAL;
8189 	}
8190 
8191 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_DBGLOG_CFG_CMDID);
8192 	if (ret) {
8193 		ath11k_warn(ar->ab,
8194 			    "failed to send WMI_DBGLOG_CFG_CMDID\n");
8195 		dev_kfree_skb(skb);
8196 	}
8197 	return ret;
8198 }
8199 
8200 int ath11k_wmi_connect(struct ath11k_base *ab)
8201 {
8202 	u32 i;
8203 	u8 wmi_ep_count;
8204 
8205 	wmi_ep_count = ab->htc.wmi_ep_count;
8206 	if (wmi_ep_count > ab->hw_params.max_radios)
8207 		return -1;
8208 
8209 	for (i = 0; i < wmi_ep_count; i++)
8210 		ath11k_connect_pdev_htc_service(ab, i);
8211 
8212 	return 0;
8213 }
8214 
8215 static void ath11k_wmi_pdev_detach(struct ath11k_base *ab, u8 pdev_id)
8216 {
8217 	if (WARN_ON(pdev_id >= MAX_RADIOS))
8218 		return;
8219 
8220 	/* TODO: Deinit any pdev specific wmi resource */
8221 }
8222 
8223 int ath11k_wmi_pdev_attach(struct ath11k_base *ab,
8224 			   u8 pdev_id)
8225 {
8226 	struct ath11k_pdev_wmi *wmi_handle;
8227 
8228 	if (pdev_id >= ab->hw_params.max_radios)
8229 		return -EINVAL;
8230 
8231 	wmi_handle = &ab->wmi_ab.wmi[pdev_id];
8232 
8233 	wmi_handle->wmi_ab = &ab->wmi_ab;
8234 
8235 	ab->wmi_ab.ab = ab;
8236 	/* TODO: Init remaining resource specific to pdev */
8237 
8238 	return 0;
8239 }
8240 
8241 int ath11k_wmi_attach(struct ath11k_base *ab)
8242 {
8243 	int ret;
8244 
8245 	ret = ath11k_wmi_pdev_attach(ab, 0);
8246 	if (ret)
8247 		return ret;
8248 
8249 	ab->wmi_ab.ab = ab;
8250 	ab->wmi_ab.preferred_hw_mode = WMI_HOST_HW_MODE_MAX;
8251 
8252 	/* It's overwritten when service_ext_ready is handled */
8253 	if (ab->hw_params.single_pdev_only && ab->hw_params.num_rxmda_per_pdev > 1)
8254 		ab->wmi_ab.preferred_hw_mode = WMI_HOST_HW_MODE_SINGLE;
8255 
8256 	/* TODO: Init remaining wmi soc resources required */
8257 	init_completion(&ab->wmi_ab.service_ready);
8258 	init_completion(&ab->wmi_ab.unified_ready);
8259 
8260 	return 0;
8261 }
8262 
8263 void ath11k_wmi_detach(struct ath11k_base *ab)
8264 {
8265 	int i;
8266 
8267 	/* TODO: Deinit wmi resource specific to SOC as required */
8268 
8269 	for (i = 0; i < ab->htc.wmi_ep_count; i++)
8270 		ath11k_wmi_pdev_detach(ab, i);
8271 
8272 	ath11k_wmi_free_dbring_caps(ab);
8273 }
8274 
8275 int ath11k_wmi_hw_data_filter_cmd(struct ath11k *ar, u32 vdev_id,
8276 				  u32 filter_bitmap, bool enable)
8277 {
8278 	struct wmi_hw_data_filter_cmd *cmd;
8279 	struct sk_buff *skb;
8280 	int len;
8281 
8282 	len = sizeof(*cmd);
8283 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8284 
8285 	if (!skb)
8286 		return -ENOMEM;
8287 
8288 	cmd = (struct wmi_hw_data_filter_cmd *)skb->data;
8289 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_HW_DATA_FILTER_CMD) |
8290 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8291 
8292 	cmd->vdev_id = vdev_id;
8293 	cmd->enable = enable;
8294 
8295 	/* Set all modes in case of disable */
8296 	if (cmd->enable)
8297 		cmd->hw_filter_bitmap = filter_bitmap;
8298 	else
8299 		cmd->hw_filter_bitmap = ((u32)~0U);
8300 
8301 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
8302 		   "wmi hw data filter enable %d filter_bitmap 0x%x\n",
8303 		   enable, filter_bitmap);
8304 
8305 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_HW_DATA_FILTER_CMDID);
8306 }
8307 
8308 int ath11k_wmi_wow_host_wakeup_ind(struct ath11k *ar)
8309 {
8310 	struct wmi_wow_host_wakeup_ind *cmd;
8311 	struct sk_buff *skb;
8312 	size_t len;
8313 
8314 	len = sizeof(*cmd);
8315 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8316 	if (!skb)
8317 		return -ENOMEM;
8318 
8319 	cmd = (struct wmi_wow_host_wakeup_ind *)skb->data;
8320 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
8321 				     WMI_TAG_WOW_HOSTWAKEUP_FROM_SLEEP_CMD) |
8322 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8323 
8324 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi tlv wow host wakeup ind\n");
8325 
8326 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_HOSTWAKEUP_FROM_SLEEP_CMDID);
8327 }
8328 
8329 int ath11k_wmi_wow_enable(struct ath11k *ar)
8330 {
8331 	struct wmi_wow_enable_cmd *cmd;
8332 	struct sk_buff *skb;
8333 	int len;
8334 
8335 	len = sizeof(*cmd);
8336 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8337 	if (!skb)
8338 		return -ENOMEM;
8339 
8340 	cmd = (struct wmi_wow_enable_cmd *)skb->data;
8341 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_WOW_ENABLE_CMD) |
8342 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8343 
8344 	cmd->enable = 1;
8345 	cmd->pause_iface_config = WOW_IFACE_PAUSE_ENABLED;
8346 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi tlv wow enable\n");
8347 
8348 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_ENABLE_CMDID);
8349 }
8350 
8351 int ath11k_wmi_scan_prob_req_oui(struct ath11k *ar,
8352 				 const u8 mac_addr[ETH_ALEN])
8353 {
8354 	struct sk_buff *skb;
8355 	struct wmi_scan_prob_req_oui_cmd *cmd;
8356 	u32 prob_req_oui;
8357 	int len;
8358 
8359 	prob_req_oui = (((u32)mac_addr[0]) << 16) |
8360 		       (((u32)mac_addr[1]) << 8) | mac_addr[2];
8361 
8362 	len = sizeof(*cmd);
8363 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8364 	if (!skb)
8365 		return -ENOMEM;
8366 
8367 	cmd = (struct wmi_scan_prob_req_oui_cmd *)skb->data;
8368 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
8369 				     WMI_TAG_SCAN_PROB_REQ_OUI_CMD) |
8370 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8371 	cmd->prob_req_oui = prob_req_oui;
8372 
8373 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi scan prob req oui %d\n",
8374 		   prob_req_oui);
8375 
8376 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_SCAN_PROB_REQ_OUI_CMDID);
8377 }
8378 
8379 int ath11k_wmi_wow_add_wakeup_event(struct ath11k *ar, u32 vdev_id,
8380 				    enum wmi_wow_wakeup_event event,
8381 				u32 enable)
8382 {
8383 	struct wmi_wow_add_del_event_cmd *cmd;
8384 	struct sk_buff *skb;
8385 	size_t len;
8386 
8387 	len = sizeof(*cmd);
8388 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8389 	if (!skb)
8390 		return -ENOMEM;
8391 
8392 	cmd = (struct wmi_wow_add_del_event_cmd *)skb->data;
8393 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_WOW_ADD_DEL_EVT_CMD) |
8394 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8395 
8396 	cmd->vdev_id = vdev_id;
8397 	cmd->is_add = enable;
8398 	cmd->event_bitmap = (1 << event);
8399 
8400 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi tlv wow add wakeup event %s enable %d vdev_id %d\n",
8401 		   wow_wakeup_event(event), enable, vdev_id);
8402 
8403 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_ENABLE_DISABLE_WAKE_EVENT_CMDID);
8404 }
8405 
8406 int ath11k_wmi_wow_add_pattern(struct ath11k *ar, u32 vdev_id, u32 pattern_id,
8407 			       const u8 *pattern, const u8 *mask,
8408 			   int pattern_len, int pattern_offset)
8409 {
8410 	struct wmi_wow_add_pattern_cmd *cmd;
8411 	struct wmi_wow_bitmap_pattern *bitmap;
8412 	struct wmi_tlv *tlv;
8413 	struct sk_buff *skb;
8414 	u8 *ptr;
8415 	size_t len;
8416 
8417 	len = sizeof(*cmd) +
8418 	      sizeof(*tlv) +			/* array struct */
8419 	      sizeof(*bitmap) +			/* bitmap */
8420 	      sizeof(*tlv) +			/* empty ipv4 sync */
8421 	      sizeof(*tlv) +			/* empty ipv6 sync */
8422 	      sizeof(*tlv) +			/* empty magic */
8423 	      sizeof(*tlv) +			/* empty info timeout */
8424 	      sizeof(*tlv) + sizeof(u32);	/* ratelimit interval */
8425 
8426 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8427 	if (!skb)
8428 		return -ENOMEM;
8429 
8430 	/* cmd */
8431 	ptr = (u8 *)skb->data;
8432 	cmd = (struct wmi_wow_add_pattern_cmd *)ptr;
8433 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
8434 				     WMI_TAG_WOW_ADD_PATTERN_CMD) |
8435 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8436 
8437 	cmd->vdev_id = vdev_id;
8438 	cmd->pattern_id = pattern_id;
8439 	cmd->pattern_type = WOW_BITMAP_PATTERN;
8440 
8441 	ptr += sizeof(*cmd);
8442 
8443 	/* bitmap */
8444 	tlv = (struct wmi_tlv *)ptr;
8445 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
8446 				 WMI_TAG_ARRAY_STRUCT) |
8447 		      FIELD_PREP(WMI_TLV_LEN, sizeof(*bitmap));
8448 
8449 	ptr += sizeof(*tlv);
8450 
8451 	bitmap = (struct wmi_wow_bitmap_pattern *)ptr;
8452 	bitmap->tlv_header = FIELD_PREP(WMI_TLV_TAG,
8453 					WMI_TAG_WOW_BITMAP_PATTERN_T) |
8454 			     FIELD_PREP(WMI_TLV_LEN, sizeof(*bitmap) - TLV_HDR_SIZE);
8455 
8456 	memcpy(bitmap->patternbuf, pattern, pattern_len);
8457 	ath11k_ce_byte_swap(bitmap->patternbuf, roundup(pattern_len, 4));
8458 	memcpy(bitmap->bitmaskbuf, mask, pattern_len);
8459 	ath11k_ce_byte_swap(bitmap->bitmaskbuf, roundup(pattern_len, 4));
8460 	bitmap->pattern_offset = pattern_offset;
8461 	bitmap->pattern_len = pattern_len;
8462 	bitmap->bitmask_len = pattern_len;
8463 	bitmap->pattern_id = pattern_id;
8464 
8465 	ptr += sizeof(*bitmap);
8466 
8467 	/* ipv4 sync */
8468 	tlv = (struct wmi_tlv *)ptr;
8469 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
8470 				 WMI_TAG_ARRAY_STRUCT) |
8471 		      FIELD_PREP(WMI_TLV_LEN, 0);
8472 
8473 	ptr += sizeof(*tlv);
8474 
8475 	/* ipv6 sync */
8476 	tlv = (struct wmi_tlv *)ptr;
8477 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
8478 				 WMI_TAG_ARRAY_STRUCT) |
8479 		      FIELD_PREP(WMI_TLV_LEN, 0);
8480 
8481 	ptr += sizeof(*tlv);
8482 
8483 	/* magic */
8484 	tlv = (struct wmi_tlv *)ptr;
8485 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
8486 				 WMI_TAG_ARRAY_STRUCT) |
8487 		      FIELD_PREP(WMI_TLV_LEN, 0);
8488 
8489 	ptr += sizeof(*tlv);
8490 
8491 	/* pattern info timeout */
8492 	tlv = (struct wmi_tlv *)ptr;
8493 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
8494 				 WMI_TAG_ARRAY_UINT32) |
8495 		      FIELD_PREP(WMI_TLV_LEN, 0);
8496 
8497 	ptr += sizeof(*tlv);
8498 
8499 	/* ratelimit interval */
8500 	tlv = (struct wmi_tlv *)ptr;
8501 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
8502 				 WMI_TAG_ARRAY_UINT32) |
8503 		      FIELD_PREP(WMI_TLV_LEN, sizeof(u32));
8504 
8505 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi tlv wow add pattern vdev_id %d pattern_id %d pattern_offset %d\n",
8506 		   vdev_id, pattern_id, pattern_offset);
8507 
8508 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_ADD_WAKE_PATTERN_CMDID);
8509 }
8510 
8511 int ath11k_wmi_wow_del_pattern(struct ath11k *ar, u32 vdev_id, u32 pattern_id)
8512 {
8513 	struct wmi_wow_del_pattern_cmd *cmd;
8514 	struct sk_buff *skb;
8515 	size_t len;
8516 
8517 	len = sizeof(*cmd);
8518 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8519 	if (!skb)
8520 		return -ENOMEM;
8521 
8522 	cmd = (struct wmi_wow_del_pattern_cmd *)skb->data;
8523 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
8524 				     WMI_TAG_WOW_DEL_PATTERN_CMD) |
8525 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8526 
8527 	cmd->vdev_id = vdev_id;
8528 	cmd->pattern_id = pattern_id;
8529 	cmd->pattern_type = WOW_BITMAP_PATTERN;
8530 
8531 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi tlv wow del pattern vdev_id %d pattern_id %d\n",
8532 		   vdev_id, pattern_id);
8533 
8534 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_DEL_WAKE_PATTERN_CMDID);
8535 }
8536 
8537 static struct sk_buff *
8538 ath11k_wmi_op_gen_config_pno_start(struct ath11k *ar,
8539 				   u32 vdev_id,
8540 				       struct wmi_pno_scan_req *pno)
8541 {
8542 	struct nlo_configured_parameters *nlo_list;
8543 	struct wmi_wow_nlo_config_cmd *cmd;
8544 	struct wmi_tlv *tlv;
8545 	struct sk_buff *skb;
8546 	u32 *channel_list;
8547 	size_t len, nlo_list_len, channel_list_len;
8548 	u8 *ptr;
8549 	u32 i;
8550 
8551 	len = sizeof(*cmd) +
8552 	      sizeof(*tlv) +
8553 	      /* TLV place holder for array of structures
8554 	       * nlo_configured_parameters(nlo_list)
8555 	       */
8556 	      sizeof(*tlv);
8557 	      /* TLV place holder for array of uint32 channel_list */
8558 
8559 	channel_list_len = sizeof(u32) * pno->a_networks[0].channel_count;
8560 	len += channel_list_len;
8561 
8562 	nlo_list_len = sizeof(*nlo_list) * pno->uc_networks_count;
8563 	len += nlo_list_len;
8564 
8565 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8566 	if (!skb)
8567 		return ERR_PTR(-ENOMEM);
8568 
8569 	ptr = (u8 *)skb->data;
8570 	cmd = (struct wmi_wow_nlo_config_cmd *)ptr;
8571 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_NLO_CONFIG_CMD) |
8572 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8573 
8574 	cmd->vdev_id = pno->vdev_id;
8575 	cmd->flags = WMI_NLO_CONFIG_START | WMI_NLO_CONFIG_SSID_HIDE_EN;
8576 
8577 	/* current FW does not support min-max range for dwell time */
8578 	cmd->active_dwell_time = pno->active_max_time;
8579 	cmd->passive_dwell_time = pno->passive_max_time;
8580 
8581 	if (pno->do_passive_scan)
8582 		cmd->flags |= WMI_NLO_CONFIG_SCAN_PASSIVE;
8583 
8584 	cmd->fast_scan_period = pno->fast_scan_period;
8585 	cmd->slow_scan_period = pno->slow_scan_period;
8586 	cmd->fast_scan_max_cycles = pno->fast_scan_max_cycles;
8587 	cmd->delay_start_time = pno->delay_start_time;
8588 
8589 	if (pno->enable_pno_scan_randomization) {
8590 		cmd->flags |= WMI_NLO_CONFIG_SPOOFED_MAC_IN_PROBE_REQ |
8591 				WMI_NLO_CONFIG_RANDOM_SEQ_NO_IN_PROBE_REQ;
8592 		ether_addr_copy(cmd->mac_addr.addr, pno->mac_addr);
8593 		ether_addr_copy(cmd->mac_mask.addr, pno->mac_addr_mask);
8594 		ath11k_ce_byte_swap(cmd->mac_addr.addr, 8);
8595 		ath11k_ce_byte_swap(cmd->mac_mask.addr, 8);
8596 	}
8597 
8598 	ptr += sizeof(*cmd);
8599 
8600 	/* nlo_configured_parameters(nlo_list) */
8601 	cmd->no_of_ssids = pno->uc_networks_count;
8602 	tlv = (struct wmi_tlv *)ptr;
8603 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
8604 				 WMI_TAG_ARRAY_STRUCT) |
8605 		      FIELD_PREP(WMI_TLV_LEN, nlo_list_len);
8606 
8607 	ptr += sizeof(*tlv);
8608 	nlo_list = (struct nlo_configured_parameters *)ptr;
8609 	for (i = 0; i < cmd->no_of_ssids; i++) {
8610 		tlv = (struct wmi_tlv *)(&nlo_list[i].tlv_header);
8611 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
8612 			      FIELD_PREP(WMI_TLV_LEN, sizeof(*nlo_list) - sizeof(*tlv));
8613 
8614 		nlo_list[i].ssid.valid = true;
8615 		nlo_list[i].ssid.ssid.ssid_len = pno->a_networks[i].ssid.ssid_len;
8616 		memcpy(nlo_list[i].ssid.ssid.ssid,
8617 		       pno->a_networks[i].ssid.ssid,
8618 		       nlo_list[i].ssid.ssid.ssid_len);
8619 		ath11k_ce_byte_swap(nlo_list[i].ssid.ssid.ssid,
8620 				    roundup(nlo_list[i].ssid.ssid.ssid_len, 4));
8621 
8622 		if (pno->a_networks[i].rssi_threshold &&
8623 		    pno->a_networks[i].rssi_threshold > -300) {
8624 			nlo_list[i].rssi_cond.valid = true;
8625 			nlo_list[i].rssi_cond.rssi =
8626 				pno->a_networks[i].rssi_threshold;
8627 		}
8628 
8629 		nlo_list[i].bcast_nw_type.valid = true;
8630 		nlo_list[i].bcast_nw_type.bcast_nw_type =
8631 			pno->a_networks[i].bcast_nw_type;
8632 	}
8633 
8634 	ptr += nlo_list_len;
8635 	cmd->num_of_channels = pno->a_networks[0].channel_count;
8636 	tlv = (struct wmi_tlv *)ptr;
8637 	tlv->header =  FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_UINT32) |
8638 		       FIELD_PREP(WMI_TLV_LEN, channel_list_len);
8639 	ptr += sizeof(*tlv);
8640 	channel_list = (u32 *)ptr;
8641 	for (i = 0; i < cmd->num_of_channels; i++)
8642 		channel_list[i] = pno->a_networks[0].channels[i];
8643 
8644 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi tlv start pno config vdev_id %d\n",
8645 		   vdev_id);
8646 
8647 	return skb;
8648 }
8649 
8650 static struct sk_buff *ath11k_wmi_op_gen_config_pno_stop(struct ath11k *ar,
8651 							 u32 vdev_id)
8652 {
8653 	struct wmi_wow_nlo_config_cmd *cmd;
8654 	struct sk_buff *skb;
8655 	size_t len;
8656 
8657 	len = sizeof(*cmd);
8658 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8659 	if (!skb)
8660 		return ERR_PTR(-ENOMEM);
8661 
8662 	cmd = (struct wmi_wow_nlo_config_cmd *)skb->data;
8663 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_NLO_CONFIG_CMD) |
8664 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
8665 
8666 	cmd->vdev_id = vdev_id;
8667 	cmd->flags = WMI_NLO_CONFIG_STOP;
8668 
8669 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
8670 		   "wmi tlv stop pno config vdev_id %d\n", vdev_id);
8671 	return skb;
8672 }
8673 
8674 int ath11k_wmi_wow_config_pno(struct ath11k *ar, u32 vdev_id,
8675 			      struct wmi_pno_scan_req  *pno_scan)
8676 {
8677 	struct sk_buff *skb;
8678 
8679 	if (pno_scan->enable)
8680 		skb = ath11k_wmi_op_gen_config_pno_start(ar, vdev_id, pno_scan);
8681 	else
8682 		skb = ath11k_wmi_op_gen_config_pno_stop(ar, vdev_id);
8683 
8684 	if (IS_ERR_OR_NULL(skb))
8685 		return -ENOMEM;
8686 
8687 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_NETWORK_LIST_OFFLOAD_CONFIG_CMDID);
8688 }
8689 
8690 static void ath11k_wmi_fill_ns_offload(struct ath11k *ar,
8691 				       struct ath11k_arp_ns_offload *offload,
8692 				       u8 **ptr,
8693 				       bool enable,
8694 				       bool ext)
8695 {
8696 	struct wmi_ns_offload_tuple *ns;
8697 	struct wmi_tlv *tlv;
8698 	u8 *buf_ptr = *ptr;
8699 	u32 ns_cnt, ns_ext_tuples;
8700 	int i, max_offloads;
8701 
8702 	ns_cnt = offload->ipv6_count;
8703 
8704 	tlv  = (struct wmi_tlv *)buf_ptr;
8705 
8706 	if (ext) {
8707 		ns_ext_tuples = offload->ipv6_count - WMI_MAX_NS_OFFLOADS;
8708 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
8709 			      FIELD_PREP(WMI_TLV_LEN, ns_ext_tuples * sizeof(*ns));
8710 		i = WMI_MAX_NS_OFFLOADS;
8711 		max_offloads = offload->ipv6_count;
8712 	} else {
8713 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
8714 			      FIELD_PREP(WMI_TLV_LEN, WMI_MAX_NS_OFFLOADS * sizeof(*ns));
8715 		i = 0;
8716 		max_offloads = WMI_MAX_NS_OFFLOADS;
8717 	}
8718 
8719 	buf_ptr += sizeof(*tlv);
8720 
8721 	for (; i < max_offloads; i++) {
8722 		ns = (struct wmi_ns_offload_tuple *)buf_ptr;
8723 		ns->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_NS_OFFLOAD_TUPLE) |
8724 				 FIELD_PREP(WMI_TLV_LEN, sizeof(*ns) - TLV_HDR_SIZE);
8725 
8726 		if (enable) {
8727 			if (i < ns_cnt)
8728 				ns->flags |= WMI_NSOL_FLAGS_VALID;
8729 
8730 			memcpy(ns->target_ipaddr[0], offload->ipv6_addr[i], 16);
8731 			memcpy(ns->solicitation_ipaddr, offload->self_ipv6_addr[i], 16);
8732 			ath11k_ce_byte_swap(ns->target_ipaddr[0], 16);
8733 			ath11k_ce_byte_swap(ns->solicitation_ipaddr, 16);
8734 
8735 			if (offload->ipv6_type[i])
8736 				ns->flags |= WMI_NSOL_FLAGS_IS_IPV6_ANYCAST;
8737 
8738 			memcpy(ns->target_mac.addr, offload->mac_addr, ETH_ALEN);
8739 			ath11k_ce_byte_swap(ns->target_mac.addr, 8);
8740 
8741 			if (ns->target_mac.word0 != 0 ||
8742 			    ns->target_mac.word1 != 0) {
8743 				ns->flags |= WMI_NSOL_FLAGS_MAC_VALID;
8744 			}
8745 
8746 			ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
8747 				   "wmi index %d ns_solicited %pI6 target %pI6",
8748 				   i, ns->solicitation_ipaddr,
8749 				   ns->target_ipaddr[0]);
8750 		}
8751 
8752 		buf_ptr += sizeof(*ns);
8753 	}
8754 
8755 	*ptr = buf_ptr;
8756 }
8757 
8758 static void ath11k_wmi_fill_arp_offload(struct ath11k *ar,
8759 					struct ath11k_arp_ns_offload *offload,
8760 					u8 **ptr,
8761 					bool enable)
8762 {
8763 	struct wmi_arp_offload_tuple *arp;
8764 	struct wmi_tlv *tlv;
8765 	u8 *buf_ptr = *ptr;
8766 	int i;
8767 
8768 	/* fill arp tuple */
8769 	tlv = (struct wmi_tlv *)buf_ptr;
8770 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
8771 		      FIELD_PREP(WMI_TLV_LEN, WMI_MAX_ARP_OFFLOADS * sizeof(*arp));
8772 	buf_ptr += sizeof(*tlv);
8773 
8774 	for (i = 0; i < WMI_MAX_ARP_OFFLOADS; i++) {
8775 		arp = (struct wmi_arp_offload_tuple *)buf_ptr;
8776 		arp->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARP_OFFLOAD_TUPLE) |
8777 				  FIELD_PREP(WMI_TLV_LEN, sizeof(*arp) - TLV_HDR_SIZE);
8778 
8779 		if (enable && i < offload->ipv4_count) {
8780 			/* Copy the target ip addr and flags */
8781 			arp->flags = WMI_ARPOL_FLAGS_VALID;
8782 			memcpy(arp->target_ipaddr, offload->ipv4_addr[i], 4);
8783 			ath11k_ce_byte_swap(arp->target_ipaddr, 4);
8784 
8785 			ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi arp offload address %pI4",
8786 				   arp->target_ipaddr);
8787 		}
8788 
8789 		buf_ptr += sizeof(*arp);
8790 	}
8791 
8792 	*ptr = buf_ptr;
8793 }
8794 
8795 int ath11k_wmi_arp_ns_offload(struct ath11k *ar,
8796 			      struct ath11k_vif *arvif, bool enable)
8797 {
8798 	struct ath11k_arp_ns_offload *offload;
8799 	struct wmi_set_arp_ns_offload_cmd *cmd;
8800 	struct wmi_tlv *tlv;
8801 	struct sk_buff *skb;
8802 	u8 *buf_ptr;
8803 	size_t len;
8804 	u8 ns_cnt, ns_ext_tuples = 0;
8805 
8806 	offload = &arvif->arp_ns_offload;
8807 	ns_cnt = offload->ipv6_count;
8808 
8809 	len = sizeof(*cmd) +
8810 	      sizeof(*tlv) +
8811 	      WMI_MAX_NS_OFFLOADS * sizeof(struct wmi_ns_offload_tuple) +
8812 	      sizeof(*tlv) +
8813 	      WMI_MAX_ARP_OFFLOADS * sizeof(struct wmi_arp_offload_tuple);
8814 
8815 	if (ns_cnt > WMI_MAX_NS_OFFLOADS) {
8816 		ns_ext_tuples = ns_cnt - WMI_MAX_NS_OFFLOADS;
8817 		len += sizeof(*tlv) +
8818 		       ns_ext_tuples * sizeof(struct wmi_ns_offload_tuple);
8819 	}
8820 
8821 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8822 	if (!skb)
8823 		return -ENOMEM;
8824 
8825 	buf_ptr = skb->data;
8826 	cmd = (struct wmi_set_arp_ns_offload_cmd *)buf_ptr;
8827 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
8828 				     WMI_TAG_SET_ARP_NS_OFFLOAD_CMD) |
8829 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8830 
8831 	cmd->flags = 0;
8832 	cmd->vdev_id = arvif->vdev_id;
8833 	cmd->num_ns_ext_tuples = ns_ext_tuples;
8834 
8835 	buf_ptr += sizeof(*cmd);
8836 
8837 	ath11k_wmi_fill_ns_offload(ar, offload, &buf_ptr, enable, 0);
8838 	ath11k_wmi_fill_arp_offload(ar, offload, &buf_ptr, enable);
8839 
8840 	if (ns_ext_tuples)
8841 		ath11k_wmi_fill_ns_offload(ar, offload, &buf_ptr, enable, 1);
8842 
8843 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_SET_ARP_NS_OFFLOAD_CMDID);
8844 }
8845 
8846 int ath11k_wmi_gtk_rekey_offload(struct ath11k *ar,
8847 				 struct ath11k_vif *arvif, bool enable)
8848 {
8849 	struct wmi_gtk_rekey_offload_cmd *cmd;
8850 	struct ath11k_rekey_data *rekey_data = &arvif->rekey_data;
8851 	int len;
8852 	struct sk_buff *skb;
8853 	__le64 replay_ctr;
8854 
8855 	len = sizeof(*cmd);
8856 	skb =  ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8857 	if (!skb)
8858 		return -ENOMEM;
8859 
8860 	cmd = (struct wmi_gtk_rekey_offload_cmd *)skb->data;
8861 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_GTK_OFFLOAD_CMD) |
8862 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8863 
8864 	cmd->vdev_id = arvif->vdev_id;
8865 
8866 	if (enable) {
8867 		cmd->flags = GTK_OFFLOAD_ENABLE_OPCODE;
8868 
8869 		/* the length in rekey_data and cmd is equal */
8870 		memcpy(cmd->kck, rekey_data->kck, sizeof(cmd->kck));
8871 		ath11k_ce_byte_swap(cmd->kck, GTK_OFFLOAD_KEK_BYTES);
8872 		memcpy(cmd->kek, rekey_data->kek, sizeof(cmd->kek));
8873 		ath11k_ce_byte_swap(cmd->kek, GTK_OFFLOAD_KEK_BYTES);
8874 
8875 		replay_ctr = cpu_to_le64(rekey_data->replay_ctr);
8876 		memcpy(cmd->replay_ctr, &replay_ctr,
8877 		       sizeof(replay_ctr));
8878 		ath11k_ce_byte_swap(cmd->replay_ctr, GTK_REPLAY_COUNTER_BYTES);
8879 	} else {
8880 		cmd->flags = GTK_OFFLOAD_DISABLE_OPCODE;
8881 	}
8882 
8883 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "offload gtk rekey vdev: %d %d\n",
8884 		   arvif->vdev_id, enable);
8885 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_GTK_OFFLOAD_CMDID);
8886 }
8887 
8888 int ath11k_wmi_gtk_rekey_getinfo(struct ath11k *ar,
8889 				 struct ath11k_vif *arvif)
8890 {
8891 	struct wmi_gtk_rekey_offload_cmd *cmd;
8892 	int len;
8893 	struct sk_buff *skb;
8894 
8895 	len = sizeof(*cmd);
8896 	skb =  ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8897 	if (!skb)
8898 		return -ENOMEM;
8899 
8900 	cmd = (struct wmi_gtk_rekey_offload_cmd *)skb->data;
8901 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_GTK_OFFLOAD_CMD) |
8902 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8903 
8904 	cmd->vdev_id = arvif->vdev_id;
8905 	cmd->flags = GTK_OFFLOAD_REQUEST_STATUS_OPCODE;
8906 
8907 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "get gtk rekey vdev_id: %d\n",
8908 		   arvif->vdev_id);
8909 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_GTK_OFFLOAD_CMDID);
8910 }
8911 
8912 int ath11k_wmi_pdev_set_bios_sar_table_param(struct ath11k *ar, const u8 *sar_val)
8913 {	struct ath11k_pdev_wmi *wmi = ar->wmi;
8914 	struct wmi_pdev_set_sar_table_cmd *cmd;
8915 	struct wmi_tlv *tlv;
8916 	struct sk_buff *skb;
8917 	u8 *buf_ptr;
8918 	u32 len, sar_len_aligned, rsvd_len_aligned;
8919 
8920 	sar_len_aligned = roundup(BIOS_SAR_TABLE_LEN, sizeof(u32));
8921 	rsvd_len_aligned = roundup(BIOS_SAR_RSVD1_LEN, sizeof(u32));
8922 	len = sizeof(*cmd) +
8923 	      TLV_HDR_SIZE + sar_len_aligned +
8924 	      TLV_HDR_SIZE + rsvd_len_aligned;
8925 
8926 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
8927 	if (!skb)
8928 		return -ENOMEM;
8929 
8930 	cmd = (struct wmi_pdev_set_sar_table_cmd *)skb->data;
8931 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SET_BIOS_SAR_TABLE_CMD) |
8932 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8933 	cmd->pdev_id = ar->pdev->pdev_id;
8934 	cmd->sar_len = BIOS_SAR_TABLE_LEN;
8935 	cmd->rsvd_len = BIOS_SAR_RSVD1_LEN;
8936 
8937 	buf_ptr = skb->data + sizeof(*cmd);
8938 	tlv = (struct wmi_tlv *)buf_ptr;
8939 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
8940 		      FIELD_PREP(WMI_TLV_LEN, sar_len_aligned);
8941 	buf_ptr += TLV_HDR_SIZE;
8942 	memcpy(buf_ptr, sar_val, BIOS_SAR_TABLE_LEN);
8943 
8944 	buf_ptr += sar_len_aligned;
8945 	tlv = (struct wmi_tlv *)buf_ptr;
8946 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
8947 		      FIELD_PREP(WMI_TLV_LEN, rsvd_len_aligned);
8948 
8949 	return ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_BIOS_SAR_TABLE_CMDID);
8950 }
8951 
8952 int ath11k_wmi_pdev_set_bios_geo_table_param(struct ath11k *ar)
8953 {
8954 	struct ath11k_pdev_wmi *wmi = ar->wmi;
8955 	struct wmi_pdev_set_geo_table_cmd *cmd;
8956 	struct wmi_tlv *tlv;
8957 	struct sk_buff *skb;
8958 	u8 *buf_ptr;
8959 	u32 len, rsvd_len_aligned;
8960 
8961 	rsvd_len_aligned = roundup(BIOS_SAR_RSVD2_LEN, sizeof(u32));
8962 	len = sizeof(*cmd) + TLV_HDR_SIZE + rsvd_len_aligned;
8963 
8964 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
8965 	if (!skb)
8966 		return -ENOMEM;
8967 
8968 	cmd = (struct wmi_pdev_set_geo_table_cmd *)skb->data;
8969 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SET_BIOS_GEO_TABLE_CMD) |
8970 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8971 	cmd->pdev_id = ar->pdev->pdev_id;
8972 	cmd->rsvd_len = BIOS_SAR_RSVD2_LEN;
8973 
8974 	buf_ptr = skb->data + sizeof(*cmd);
8975 	tlv = (struct wmi_tlv *)buf_ptr;
8976 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
8977 		      FIELD_PREP(WMI_TLV_LEN, rsvd_len_aligned);
8978 
8979 	return ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_BIOS_GEO_TABLE_CMDID);
8980 }
8981 
8982 int ath11k_wmi_sta_keepalive(struct ath11k *ar,
8983 			     const struct wmi_sta_keepalive_arg *arg)
8984 {
8985 	struct ath11k_pdev_wmi *wmi = ar->wmi;
8986 	struct wmi_sta_keepalive_cmd *cmd;
8987 	struct wmi_sta_keepalive_arp_resp *arp;
8988 	struct sk_buff *skb;
8989 	size_t len;
8990 
8991 	len = sizeof(*cmd) + sizeof(*arp);
8992 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
8993 	if (!skb)
8994 		return -ENOMEM;
8995 
8996 	cmd = (struct wmi_sta_keepalive_cmd *)skb->data;
8997 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
8998 				     WMI_TAG_STA_KEEPALIVE_CMD) |
8999 				     FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9000 	cmd->vdev_id = arg->vdev_id;
9001 	cmd->enabled = arg->enabled;
9002 	cmd->interval = arg->interval;
9003 	cmd->method = arg->method;
9004 
9005 	if (arg->method == WMI_STA_KEEPALIVE_METHOD_UNSOLICITED_ARP_RESPONSE ||
9006 	    arg->method == WMI_STA_KEEPALIVE_METHOD_GRATUITOUS_ARP_REQUEST) {
9007 		arp = (struct wmi_sta_keepalive_arp_resp *)(cmd + 1);
9008 		arp->tlv_header = FIELD_PREP(WMI_TLV_TAG,
9009 					     WMI_TAG_STA_KEEPALVE_ARP_RESPONSE) |
9010 				 FIELD_PREP(WMI_TLV_LEN, sizeof(*arp) - TLV_HDR_SIZE);
9011 		arp->src_ip4_addr = arg->src_ip4_addr;
9012 		arp->dest_ip4_addr = arg->dest_ip4_addr;
9013 		ether_addr_copy(arp->dest_mac_addr.addr, arg->dest_mac_addr);
9014 	}
9015 
9016 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
9017 		   "wmi sta keepalive vdev %d enabled %d method %d interval %d\n",
9018 		   arg->vdev_id, arg->enabled, arg->method, arg->interval);
9019 
9020 	return ath11k_wmi_cmd_send(wmi, skb, WMI_STA_KEEPALIVE_CMDID);
9021 }
9022