xref: /openbmc/linux/drivers/net/wireless/ath/ath11k/wmi.c (revision 90741096769bd75152a5fe397343e5893c7d905a)
1 // SPDX-License-Identifier: BSD-3-Clause-Clear
2 /*
3  * Copyright (c) 2018-2019 The Linux Foundation. All rights reserved.
4  * Copyright (c) 2021, Qualcomm Innovation Center, Inc. All rights reserved.
5  */
6 #include <linux/skbuff.h>
7 #include <linux/ctype.h>
8 #include <net/mac80211.h>
9 #include <net/cfg80211.h>
10 #include <linux/completion.h>
11 #include <linux/if_ether.h>
12 #include <linux/types.h>
13 #include <linux/pci.h>
14 #include <linux/uuid.h>
15 #include <linux/time.h>
16 #include <linux/of.h>
17 #include "core.h"
18 #include "debug.h"
19 #include "mac.h"
20 #include "hw.h"
21 #include "peer.h"
22 
23 struct wmi_tlv_policy {
24 	size_t min_len;
25 };
26 
27 struct wmi_tlv_svc_ready_parse {
28 	bool wmi_svc_bitmap_done;
29 };
30 
31 struct wmi_tlv_dma_ring_caps_parse {
32 	struct wmi_dma_ring_capabilities *dma_ring_caps;
33 	u32 n_dma_ring_caps;
34 };
35 
36 struct wmi_tlv_svc_rdy_ext_parse {
37 	struct ath11k_service_ext_param param;
38 	struct wmi_soc_mac_phy_hw_mode_caps *hw_caps;
39 	struct wmi_hw_mode_capabilities *hw_mode_caps;
40 	u32 n_hw_mode_caps;
41 	u32 tot_phy_id;
42 	struct wmi_hw_mode_capabilities pref_hw_mode_caps;
43 	struct wmi_mac_phy_capabilities *mac_phy_caps;
44 	u32 n_mac_phy_caps;
45 	struct wmi_soc_hal_reg_capabilities *soc_hal_reg_caps;
46 	struct wmi_hal_reg_capabilities_ext *ext_hal_reg_caps;
47 	u32 n_ext_hal_reg_caps;
48 	struct wmi_tlv_dma_ring_caps_parse dma_caps_parse;
49 	bool hw_mode_done;
50 	bool mac_phy_done;
51 	bool ext_hal_reg_done;
52 	bool mac_phy_chainmask_combo_done;
53 	bool mac_phy_chainmask_cap_done;
54 	bool oem_dma_ring_cap_done;
55 	bool dma_ring_cap_done;
56 };
57 
58 struct wmi_tlv_svc_rdy_ext2_parse {
59 	struct wmi_tlv_dma_ring_caps_parse dma_caps_parse;
60 	bool dma_ring_cap_done;
61 };
62 
63 struct wmi_tlv_rdy_parse {
64 	u32 num_extra_mac_addr;
65 };
66 
67 struct wmi_tlv_dma_buf_release_parse {
68 	struct ath11k_wmi_dma_buf_release_fixed_param fixed;
69 	struct wmi_dma_buf_release_entry *buf_entry;
70 	struct wmi_dma_buf_release_meta_data *meta_data;
71 	u32 num_buf_entry;
72 	u32 num_meta;
73 	bool buf_entry_done;
74 	bool meta_data_done;
75 };
76 
77 struct wmi_tlv_fw_stats_parse {
78 	const struct wmi_stats_event *ev;
79 	const struct wmi_per_chain_rssi_stats *rssi;
80 	struct ath11k_fw_stats *stats;
81 	int rssi_num;
82 	bool chain_rssi_done;
83 };
84 
85 static const struct wmi_tlv_policy wmi_tlv_policies[] = {
86 	[WMI_TAG_ARRAY_BYTE]
87 		= { .min_len = 0 },
88 	[WMI_TAG_ARRAY_UINT32]
89 		= { .min_len = 0 },
90 	[WMI_TAG_SERVICE_READY_EVENT]
91 		= { .min_len = sizeof(struct wmi_service_ready_event) },
92 	[WMI_TAG_SERVICE_READY_EXT_EVENT]
93 		= { .min_len =  sizeof(struct wmi_service_ready_ext_event) },
94 	[WMI_TAG_SOC_MAC_PHY_HW_MODE_CAPS]
95 		= { .min_len = sizeof(struct wmi_soc_mac_phy_hw_mode_caps) },
96 	[WMI_TAG_SOC_HAL_REG_CAPABILITIES]
97 		= { .min_len = sizeof(struct wmi_soc_hal_reg_capabilities) },
98 	[WMI_TAG_VDEV_START_RESPONSE_EVENT]
99 		= { .min_len = sizeof(struct wmi_vdev_start_resp_event) },
100 	[WMI_TAG_PEER_DELETE_RESP_EVENT]
101 		= { .min_len = sizeof(struct wmi_peer_delete_resp_event) },
102 	[WMI_TAG_OFFLOAD_BCN_TX_STATUS_EVENT]
103 		= { .min_len = sizeof(struct wmi_bcn_tx_status_event) },
104 	[WMI_TAG_VDEV_STOPPED_EVENT]
105 		= { .min_len = sizeof(struct wmi_vdev_stopped_event) },
106 	[WMI_TAG_REG_CHAN_LIST_CC_EVENT]
107 		= { .min_len = sizeof(struct wmi_reg_chan_list_cc_event) },
108 	[WMI_TAG_MGMT_RX_HDR]
109 		= { .min_len = sizeof(struct wmi_mgmt_rx_hdr) },
110 	[WMI_TAG_MGMT_TX_COMPL_EVENT]
111 		= { .min_len = sizeof(struct wmi_mgmt_tx_compl_event) },
112 	[WMI_TAG_SCAN_EVENT]
113 		= { .min_len = sizeof(struct wmi_scan_event) },
114 	[WMI_TAG_PEER_STA_KICKOUT_EVENT]
115 		= { .min_len = sizeof(struct wmi_peer_sta_kickout_event) },
116 	[WMI_TAG_ROAM_EVENT]
117 		= { .min_len = sizeof(struct wmi_roam_event) },
118 	[WMI_TAG_CHAN_INFO_EVENT]
119 		= { .min_len = sizeof(struct wmi_chan_info_event) },
120 	[WMI_TAG_PDEV_BSS_CHAN_INFO_EVENT]
121 		= { .min_len = sizeof(struct wmi_pdev_bss_chan_info_event) },
122 	[WMI_TAG_VDEV_INSTALL_KEY_COMPLETE_EVENT]
123 		= { .min_len = sizeof(struct wmi_vdev_install_key_compl_event) },
124 	[WMI_TAG_READY_EVENT] = {
125 		.min_len = sizeof(struct wmi_ready_event_min) },
126 	[WMI_TAG_SERVICE_AVAILABLE_EVENT]
127 		= {.min_len = sizeof(struct wmi_service_available_event) },
128 	[WMI_TAG_PEER_ASSOC_CONF_EVENT]
129 		= { .min_len = sizeof(struct wmi_peer_assoc_conf_event) },
130 	[WMI_TAG_STATS_EVENT]
131 		= { .min_len = sizeof(struct wmi_stats_event) },
132 	[WMI_TAG_PDEV_CTL_FAILSAFE_CHECK_EVENT]
133 		= { .min_len = sizeof(struct wmi_pdev_ctl_failsafe_chk_event) },
134 	[WMI_TAG_HOST_SWFDA_EVENT] = {
135 		.min_len = sizeof(struct wmi_fils_discovery_event) },
136 	[WMI_TAG_OFFLOAD_PRB_RSP_TX_STATUS_EVENT] = {
137 		.min_len = sizeof(struct wmi_probe_resp_tx_status_event) },
138 	[WMI_TAG_VDEV_DELETE_RESP_EVENT] = {
139 		.min_len = sizeof(struct wmi_vdev_delete_resp_event) },
140 	[WMI_TAG_OBSS_COLOR_COLLISION_EVT] = {
141 		.min_len = sizeof(struct wmi_obss_color_collision_event) },
142 	[WMI_TAG_11D_NEW_COUNTRY_EVENT] = {
143 		.min_len = sizeof(struct wmi_11d_new_cc_ev) },
144 	[WMI_TAG_PER_CHAIN_RSSI_STATS] = {
145 		.min_len = sizeof(struct wmi_per_chain_rssi_stats) },
146 	[WMI_TAG_TWT_ADD_DIALOG_COMPLETE_EVENT] = {
147 		.min_len = sizeof(struct wmi_twt_add_dialog_event) },
148 };
149 
150 #define PRIMAP(_hw_mode_) \
151 	[_hw_mode_] = _hw_mode_##_PRI
152 
153 static const int ath11k_hw_mode_pri_map[] = {
154 	PRIMAP(WMI_HOST_HW_MODE_SINGLE),
155 	PRIMAP(WMI_HOST_HW_MODE_DBS),
156 	PRIMAP(WMI_HOST_HW_MODE_SBS_PASSIVE),
157 	PRIMAP(WMI_HOST_HW_MODE_SBS),
158 	PRIMAP(WMI_HOST_HW_MODE_DBS_SBS),
159 	PRIMAP(WMI_HOST_HW_MODE_DBS_OR_SBS),
160 	/* keep last */
161 	PRIMAP(WMI_HOST_HW_MODE_MAX),
162 };
163 
164 static int
165 ath11k_wmi_tlv_iter(struct ath11k_base *ab, const void *ptr, size_t len,
166 		    int (*iter)(struct ath11k_base *ab, u16 tag, u16 len,
167 				const void *ptr, void *data),
168 		    void *data)
169 {
170 	const void *begin = ptr;
171 	const struct wmi_tlv *tlv;
172 	u16 tlv_tag, tlv_len;
173 	int ret;
174 
175 	while (len > 0) {
176 		if (len < sizeof(*tlv)) {
177 			ath11k_err(ab, "wmi tlv parse failure at byte %zd (%zu bytes left, %zu expected)\n",
178 				   ptr - begin, len, sizeof(*tlv));
179 			return -EINVAL;
180 		}
181 
182 		tlv = ptr;
183 		tlv_tag = FIELD_GET(WMI_TLV_TAG, tlv->header);
184 		tlv_len = FIELD_GET(WMI_TLV_LEN, tlv->header);
185 		ptr += sizeof(*tlv);
186 		len -= sizeof(*tlv);
187 
188 		if (tlv_len > len) {
189 			ath11k_err(ab, "wmi tlv parse failure of tag %u at byte %zd (%zu bytes left, %u expected)\n",
190 				   tlv_tag, ptr - begin, len, tlv_len);
191 			return -EINVAL;
192 		}
193 
194 		if (tlv_tag < ARRAY_SIZE(wmi_tlv_policies) &&
195 		    wmi_tlv_policies[tlv_tag].min_len &&
196 		    wmi_tlv_policies[tlv_tag].min_len > tlv_len) {
197 			ath11k_err(ab, "wmi tlv parse failure of tag %u at byte %zd (%u bytes is less than min length %zu)\n",
198 				   tlv_tag, ptr - begin, tlv_len,
199 				   wmi_tlv_policies[tlv_tag].min_len);
200 			return -EINVAL;
201 		}
202 
203 		ret = iter(ab, tlv_tag, tlv_len, ptr, data);
204 		if (ret)
205 			return ret;
206 
207 		ptr += tlv_len;
208 		len -= tlv_len;
209 	}
210 
211 	return 0;
212 }
213 
214 static int ath11k_wmi_tlv_iter_parse(struct ath11k_base *ab, u16 tag, u16 len,
215 				     const void *ptr, void *data)
216 {
217 	const void **tb = data;
218 
219 	if (tag < WMI_TAG_MAX)
220 		tb[tag] = ptr;
221 
222 	return 0;
223 }
224 
225 static int ath11k_wmi_tlv_parse(struct ath11k_base *ar, const void **tb,
226 				const void *ptr, size_t len)
227 {
228 	return ath11k_wmi_tlv_iter(ar, ptr, len, ath11k_wmi_tlv_iter_parse,
229 				   (void *)tb);
230 }
231 
232 static const void **
233 ath11k_wmi_tlv_parse_alloc(struct ath11k_base *ab, const void *ptr,
234 			   size_t len, gfp_t gfp)
235 {
236 	const void **tb;
237 	int ret;
238 
239 	tb = kcalloc(WMI_TAG_MAX, sizeof(*tb), gfp);
240 	if (!tb)
241 		return ERR_PTR(-ENOMEM);
242 
243 	ret = ath11k_wmi_tlv_parse(ab, tb, ptr, len);
244 	if (ret) {
245 		kfree(tb);
246 		return ERR_PTR(ret);
247 	}
248 
249 	return tb;
250 }
251 
252 static int ath11k_wmi_cmd_send_nowait(struct ath11k_pdev_wmi *wmi, struct sk_buff *skb,
253 				      u32 cmd_id)
254 {
255 	struct ath11k_skb_cb *skb_cb = ATH11K_SKB_CB(skb);
256 	struct ath11k_base *ab = wmi->wmi_ab->ab;
257 	struct wmi_cmd_hdr *cmd_hdr;
258 	int ret;
259 	u32 cmd = 0;
260 
261 	if (skb_push(skb, sizeof(struct wmi_cmd_hdr)) == NULL)
262 		return -ENOMEM;
263 
264 	cmd |= FIELD_PREP(WMI_CMD_HDR_CMD_ID, cmd_id);
265 
266 	cmd_hdr = (struct wmi_cmd_hdr *)skb->data;
267 	cmd_hdr->cmd_id = cmd;
268 
269 	trace_ath11k_wmi_cmd(ab, cmd_id, skb->data, skb->len);
270 
271 	memset(skb_cb, 0, sizeof(*skb_cb));
272 	ret = ath11k_htc_send(&ab->htc, wmi->eid, skb);
273 
274 	if (ret)
275 		goto err_pull;
276 
277 	return 0;
278 
279 err_pull:
280 	skb_pull(skb, sizeof(struct wmi_cmd_hdr));
281 	return ret;
282 }
283 
284 int ath11k_wmi_cmd_send(struct ath11k_pdev_wmi *wmi, struct sk_buff *skb,
285 			u32 cmd_id)
286 {
287 	struct ath11k_wmi_base *wmi_sc = wmi->wmi_ab;
288 	int ret = -EOPNOTSUPP;
289 	struct ath11k_base *ab = wmi_sc->ab;
290 
291 	might_sleep();
292 
293 	if (ab->hw_params.credit_flow) {
294 		wait_event_timeout(wmi_sc->tx_credits_wq, ({
295 			ret = ath11k_wmi_cmd_send_nowait(wmi, skb, cmd_id);
296 
297 			if (ret && test_bit(ATH11K_FLAG_CRASH_FLUSH,
298 					    &wmi_sc->ab->dev_flags))
299 				ret = -ESHUTDOWN;
300 
301 			(ret != -EAGAIN);
302 			}), WMI_SEND_TIMEOUT_HZ);
303 	} else {
304 		wait_event_timeout(wmi->tx_ce_desc_wq, ({
305 			ret = ath11k_wmi_cmd_send_nowait(wmi, skb, cmd_id);
306 
307 			if (ret && test_bit(ATH11K_FLAG_CRASH_FLUSH,
308 					    &wmi_sc->ab->dev_flags))
309 				ret = -ESHUTDOWN;
310 
311 			(ret != -ENOBUFS);
312 			}), WMI_SEND_TIMEOUT_HZ);
313 	}
314 
315 	if (ret == -EAGAIN)
316 		ath11k_warn(wmi_sc->ab, "wmi command %d timeout\n", cmd_id);
317 
318 	if (ret == -ENOBUFS)
319 		ath11k_warn(wmi_sc->ab, "ce desc not available for wmi command %d\n",
320 			    cmd_id);
321 
322 	return ret;
323 }
324 
325 static int ath11k_pull_svc_ready_ext(struct ath11k_pdev_wmi *wmi_handle,
326 				     const void *ptr,
327 				     struct ath11k_service_ext_param *param)
328 {
329 	const struct wmi_service_ready_ext_event *ev = ptr;
330 
331 	if (!ev)
332 		return -EINVAL;
333 
334 	/* Move this to host based bitmap */
335 	param->default_conc_scan_config_bits = ev->default_conc_scan_config_bits;
336 	param->default_fw_config_bits =	ev->default_fw_config_bits;
337 	param->he_cap_info = ev->he_cap_info;
338 	param->mpdu_density = ev->mpdu_density;
339 	param->max_bssid_rx_filters = ev->max_bssid_rx_filters;
340 	memcpy(&param->ppet, &ev->ppet, sizeof(param->ppet));
341 
342 	return 0;
343 }
344 
345 static int
346 ath11k_pull_mac_phy_cap_svc_ready_ext(struct ath11k_pdev_wmi *wmi_handle,
347 				      struct wmi_soc_mac_phy_hw_mode_caps *hw_caps,
348 				      struct wmi_hw_mode_capabilities *wmi_hw_mode_caps,
349 				      struct wmi_soc_hal_reg_capabilities *hal_reg_caps,
350 				      struct wmi_mac_phy_capabilities *wmi_mac_phy_caps,
351 				      u8 hw_mode_id, u8 phy_id,
352 				      struct ath11k_pdev *pdev)
353 {
354 	struct wmi_mac_phy_capabilities *mac_phy_caps;
355 	struct ath11k_base *ab = wmi_handle->wmi_ab->ab;
356 	struct ath11k_band_cap *cap_band;
357 	struct ath11k_pdev_cap *pdev_cap = &pdev->cap;
358 	u32 phy_map;
359 	u32 hw_idx, phy_idx = 0;
360 
361 	if (!hw_caps || !wmi_hw_mode_caps || !hal_reg_caps)
362 		return -EINVAL;
363 
364 	for (hw_idx = 0; hw_idx < hw_caps->num_hw_modes; hw_idx++) {
365 		if (hw_mode_id == wmi_hw_mode_caps[hw_idx].hw_mode_id)
366 			break;
367 
368 		phy_map = wmi_hw_mode_caps[hw_idx].phy_id_map;
369 		while (phy_map) {
370 			phy_map >>= 1;
371 			phy_idx++;
372 		}
373 	}
374 
375 	if (hw_idx == hw_caps->num_hw_modes)
376 		return -EINVAL;
377 
378 	phy_idx += phy_id;
379 	if (phy_id >= hal_reg_caps->num_phy)
380 		return -EINVAL;
381 
382 	mac_phy_caps = wmi_mac_phy_caps + phy_idx;
383 
384 	pdev->pdev_id = mac_phy_caps->pdev_id;
385 	pdev_cap->supported_bands |= mac_phy_caps->supported_bands;
386 	pdev_cap->ampdu_density = mac_phy_caps->ampdu_density;
387 	ab->target_pdev_ids[ab->target_pdev_count].supported_bands =
388 		mac_phy_caps->supported_bands;
389 	ab->target_pdev_ids[ab->target_pdev_count].pdev_id = mac_phy_caps->pdev_id;
390 	ab->target_pdev_count++;
391 
392 	if (!(mac_phy_caps->supported_bands & WMI_HOST_WLAN_2G_CAP) &&
393 	    !(mac_phy_caps->supported_bands & WMI_HOST_WLAN_5G_CAP))
394 		return -EINVAL;
395 
396 	/* Take non-zero tx/rx chainmask. If tx/rx chainmask differs from
397 	 * band to band for a single radio, need to see how this should be
398 	 * handled.
399 	 */
400 	if (mac_phy_caps->supported_bands & WMI_HOST_WLAN_2G_CAP) {
401 		pdev_cap->tx_chain_mask = mac_phy_caps->tx_chain_mask_2g;
402 		pdev_cap->rx_chain_mask = mac_phy_caps->rx_chain_mask_2g;
403 	}
404 
405 	if (mac_phy_caps->supported_bands & WMI_HOST_WLAN_5G_CAP) {
406 		pdev_cap->vht_cap = mac_phy_caps->vht_cap_info_5g;
407 		pdev_cap->vht_mcs = mac_phy_caps->vht_supp_mcs_5g;
408 		pdev_cap->he_mcs = mac_phy_caps->he_supp_mcs_5g;
409 		pdev_cap->tx_chain_mask = mac_phy_caps->tx_chain_mask_5g;
410 		pdev_cap->rx_chain_mask = mac_phy_caps->rx_chain_mask_5g;
411 		pdev_cap->nss_ratio_enabled =
412 			WMI_NSS_RATIO_ENABLE_DISABLE_GET(mac_phy_caps->nss_ratio);
413 		pdev_cap->nss_ratio_info =
414 			WMI_NSS_RATIO_INFO_GET(mac_phy_caps->nss_ratio);
415 	}
416 
417 	/* tx/rx chainmask reported from fw depends on the actual hw chains used,
418 	 * For example, for 4x4 capable macphys, first 4 chains can be used for first
419 	 * mac and the remaining 4 chains can be used for the second mac or vice-versa.
420 	 * In this case, tx/rx chainmask 0xf will be advertised for first mac and 0xf0
421 	 * will be advertised for second mac or vice-versa. Compute the shift value
422 	 * for tx/rx chainmask which will be used to advertise supported ht/vht rates to
423 	 * mac80211.
424 	 */
425 	pdev_cap->tx_chain_mask_shift =
426 			find_first_bit((unsigned long *)&pdev_cap->tx_chain_mask, 32);
427 	pdev_cap->rx_chain_mask_shift =
428 			find_first_bit((unsigned long *)&pdev_cap->rx_chain_mask, 32);
429 
430 	if (mac_phy_caps->supported_bands & WMI_HOST_WLAN_2G_CAP) {
431 		cap_band = &pdev_cap->band[NL80211_BAND_2GHZ];
432 		cap_band->phy_id = mac_phy_caps->phy_id;
433 		cap_band->max_bw_supported = mac_phy_caps->max_bw_supported_2g;
434 		cap_band->ht_cap_info = mac_phy_caps->ht_cap_info_2g;
435 		cap_band->he_cap_info[0] = mac_phy_caps->he_cap_info_2g;
436 		cap_band->he_cap_info[1] = mac_phy_caps->he_cap_info_2g_ext;
437 		cap_band->he_mcs = mac_phy_caps->he_supp_mcs_2g;
438 		memcpy(cap_band->he_cap_phy_info, &mac_phy_caps->he_cap_phy_info_2g,
439 		       sizeof(u32) * PSOC_HOST_MAX_PHY_SIZE);
440 		memcpy(&cap_band->he_ppet, &mac_phy_caps->he_ppet2g,
441 		       sizeof(struct ath11k_ppe_threshold));
442 	}
443 
444 	if (mac_phy_caps->supported_bands & WMI_HOST_WLAN_5G_CAP) {
445 		cap_band = &pdev_cap->band[NL80211_BAND_5GHZ];
446 		cap_band->phy_id = mac_phy_caps->phy_id;
447 		cap_band->max_bw_supported = mac_phy_caps->max_bw_supported_5g;
448 		cap_band->ht_cap_info = mac_phy_caps->ht_cap_info_5g;
449 		cap_band->he_cap_info[0] = mac_phy_caps->he_cap_info_5g;
450 		cap_band->he_cap_info[1] = mac_phy_caps->he_cap_info_5g_ext;
451 		cap_band->he_mcs = mac_phy_caps->he_supp_mcs_5g;
452 		memcpy(cap_band->he_cap_phy_info, &mac_phy_caps->he_cap_phy_info_5g,
453 		       sizeof(u32) * PSOC_HOST_MAX_PHY_SIZE);
454 		memcpy(&cap_band->he_ppet, &mac_phy_caps->he_ppet5g,
455 		       sizeof(struct ath11k_ppe_threshold));
456 
457 		cap_band = &pdev_cap->band[NL80211_BAND_6GHZ];
458 		cap_band->max_bw_supported = mac_phy_caps->max_bw_supported_5g;
459 		cap_band->ht_cap_info = mac_phy_caps->ht_cap_info_5g;
460 		cap_band->he_cap_info[0] = mac_phy_caps->he_cap_info_5g;
461 		cap_band->he_cap_info[1] = mac_phy_caps->he_cap_info_5g_ext;
462 		cap_band->he_mcs = mac_phy_caps->he_supp_mcs_5g;
463 		memcpy(cap_band->he_cap_phy_info, &mac_phy_caps->he_cap_phy_info_5g,
464 		       sizeof(u32) * PSOC_HOST_MAX_PHY_SIZE);
465 		memcpy(&cap_band->he_ppet, &mac_phy_caps->he_ppet5g,
466 		       sizeof(struct ath11k_ppe_threshold));
467 	}
468 
469 	return 0;
470 }
471 
472 static int
473 ath11k_pull_reg_cap_svc_rdy_ext(struct ath11k_pdev_wmi *wmi_handle,
474 				struct wmi_soc_hal_reg_capabilities *reg_caps,
475 				struct wmi_hal_reg_capabilities_ext *wmi_ext_reg_cap,
476 				u8 phy_idx,
477 				struct ath11k_hal_reg_capabilities_ext *param)
478 {
479 	struct wmi_hal_reg_capabilities_ext *ext_reg_cap;
480 
481 	if (!reg_caps || !wmi_ext_reg_cap)
482 		return -EINVAL;
483 
484 	if (phy_idx >= reg_caps->num_phy)
485 		return -EINVAL;
486 
487 	ext_reg_cap = &wmi_ext_reg_cap[phy_idx];
488 
489 	param->phy_id = ext_reg_cap->phy_id;
490 	param->eeprom_reg_domain = ext_reg_cap->eeprom_reg_domain;
491 	param->eeprom_reg_domain_ext =
492 			      ext_reg_cap->eeprom_reg_domain_ext;
493 	param->regcap1 = ext_reg_cap->regcap1;
494 	param->regcap2 = ext_reg_cap->regcap2;
495 	/* check if param->wireless_mode is needed */
496 	param->low_2ghz_chan = ext_reg_cap->low_2ghz_chan;
497 	param->high_2ghz_chan = ext_reg_cap->high_2ghz_chan;
498 	param->low_5ghz_chan = ext_reg_cap->low_5ghz_chan;
499 	param->high_5ghz_chan = ext_reg_cap->high_5ghz_chan;
500 
501 	return 0;
502 }
503 
504 static int ath11k_pull_service_ready_tlv(struct ath11k_base *ab,
505 					 const void *evt_buf,
506 					 struct ath11k_targ_cap *cap)
507 {
508 	const struct wmi_service_ready_event *ev = evt_buf;
509 
510 	if (!ev) {
511 		ath11k_err(ab, "%s: failed by NULL param\n",
512 			   __func__);
513 		return -EINVAL;
514 	}
515 
516 	cap->phy_capability = ev->phy_capability;
517 	cap->max_frag_entry = ev->max_frag_entry;
518 	cap->num_rf_chains = ev->num_rf_chains;
519 	cap->ht_cap_info = ev->ht_cap_info;
520 	cap->vht_cap_info = ev->vht_cap_info;
521 	cap->vht_supp_mcs = ev->vht_supp_mcs;
522 	cap->hw_min_tx_power = ev->hw_min_tx_power;
523 	cap->hw_max_tx_power = ev->hw_max_tx_power;
524 	cap->sys_cap_info = ev->sys_cap_info;
525 	cap->min_pkt_size_enable = ev->min_pkt_size_enable;
526 	cap->max_bcn_ie_size = ev->max_bcn_ie_size;
527 	cap->max_num_scan_channels = ev->max_num_scan_channels;
528 	cap->max_supported_macs = ev->max_supported_macs;
529 	cap->wmi_fw_sub_feat_caps = ev->wmi_fw_sub_feat_caps;
530 	cap->txrx_chainmask = ev->txrx_chainmask;
531 	cap->default_dbs_hw_mode_index = ev->default_dbs_hw_mode_index;
532 	cap->num_msdu_desc = ev->num_msdu_desc;
533 
534 	return 0;
535 }
536 
537 /* Save the wmi_service_bitmap into a linear bitmap. The wmi_services in
538  * wmi_service ready event are advertised in b0-b3 (LSB 4-bits) of each
539  * 4-byte word.
540  */
541 static void ath11k_wmi_service_bitmap_copy(struct ath11k_pdev_wmi *wmi,
542 					   const u32 *wmi_svc_bm)
543 {
544 	int i, j;
545 
546 	for (i = 0, j = 0; i < WMI_SERVICE_BM_SIZE && j < WMI_MAX_SERVICE; i++) {
547 		do {
548 			if (wmi_svc_bm[i] & BIT(j % WMI_SERVICE_BITS_IN_SIZE32))
549 				set_bit(j, wmi->wmi_ab->svc_map);
550 		} while (++j % WMI_SERVICE_BITS_IN_SIZE32);
551 	}
552 }
553 
554 static int ath11k_wmi_tlv_svc_rdy_parse(struct ath11k_base *ab, u16 tag, u16 len,
555 					const void *ptr, void *data)
556 {
557 	struct wmi_tlv_svc_ready_parse *svc_ready = data;
558 	struct ath11k_pdev_wmi *wmi_handle = &ab->wmi_ab.wmi[0];
559 	u16 expect_len;
560 
561 	switch (tag) {
562 	case WMI_TAG_SERVICE_READY_EVENT:
563 		if (ath11k_pull_service_ready_tlv(ab, ptr, &ab->target_caps))
564 			return -EINVAL;
565 		break;
566 
567 	case WMI_TAG_ARRAY_UINT32:
568 		if (!svc_ready->wmi_svc_bitmap_done) {
569 			expect_len = WMI_SERVICE_BM_SIZE * sizeof(u32);
570 			if (len < expect_len) {
571 				ath11k_warn(ab, "invalid len %d for the tag 0x%x\n",
572 					    len, tag);
573 				return -EINVAL;
574 			}
575 
576 			ath11k_wmi_service_bitmap_copy(wmi_handle, ptr);
577 
578 			svc_ready->wmi_svc_bitmap_done = true;
579 		}
580 		break;
581 	default:
582 		break;
583 	}
584 
585 	return 0;
586 }
587 
588 static int ath11k_service_ready_event(struct ath11k_base *ab, struct sk_buff *skb)
589 {
590 	struct wmi_tlv_svc_ready_parse svc_ready = { };
591 	int ret;
592 
593 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
594 				  ath11k_wmi_tlv_svc_rdy_parse,
595 				  &svc_ready);
596 	if (ret) {
597 		ath11k_warn(ab, "failed to parse tlv %d\n", ret);
598 		return ret;
599 	}
600 
601 	return 0;
602 }
603 
604 struct sk_buff *ath11k_wmi_alloc_skb(struct ath11k_wmi_base *wmi_sc, u32 len)
605 {
606 	struct sk_buff *skb;
607 	struct ath11k_base *ab = wmi_sc->ab;
608 	u32 round_len = roundup(len, 4);
609 
610 	skb = ath11k_htc_alloc_skb(ab, WMI_SKB_HEADROOM + round_len);
611 	if (!skb)
612 		return NULL;
613 
614 	skb_reserve(skb, WMI_SKB_HEADROOM);
615 	if (!IS_ALIGNED((unsigned long)skb->data, 4))
616 		ath11k_warn(ab, "unaligned WMI skb data\n");
617 
618 	skb_put(skb, round_len);
619 	memset(skb->data, 0, round_len);
620 
621 	return skb;
622 }
623 
624 static u32 ath11k_wmi_mgmt_get_freq(struct ath11k *ar,
625 				    struct ieee80211_tx_info *info)
626 {
627 	struct ath11k_base *ab = ar->ab;
628 	u32 freq = 0;
629 
630 	if (ab->hw_params.support_off_channel_tx &&
631 	    ar->scan.is_roc &&
632 	    (info->flags & IEEE80211_TX_CTL_TX_OFFCHAN))
633 		freq = ar->scan.roc_freq;
634 
635 	return freq;
636 }
637 
638 int ath11k_wmi_mgmt_send(struct ath11k *ar, u32 vdev_id, u32 buf_id,
639 			 struct sk_buff *frame)
640 {
641 	struct ath11k_pdev_wmi *wmi = ar->wmi;
642 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(frame);
643 	struct wmi_mgmt_send_cmd *cmd;
644 	struct wmi_tlv *frame_tlv;
645 	struct sk_buff *skb;
646 	u32 buf_len;
647 	int ret, len;
648 
649 	buf_len = frame->len < WMI_MGMT_SEND_DOWNLD_LEN ?
650 		  frame->len : WMI_MGMT_SEND_DOWNLD_LEN;
651 
652 	len = sizeof(*cmd) + sizeof(*frame_tlv) + roundup(buf_len, 4);
653 
654 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
655 	if (!skb)
656 		return -ENOMEM;
657 
658 	cmd = (struct wmi_mgmt_send_cmd *)skb->data;
659 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_MGMT_TX_SEND_CMD) |
660 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
661 	cmd->vdev_id = vdev_id;
662 	cmd->desc_id = buf_id;
663 	cmd->chanfreq = ath11k_wmi_mgmt_get_freq(ar, info);
664 	cmd->paddr_lo = lower_32_bits(ATH11K_SKB_CB(frame)->paddr);
665 	cmd->paddr_hi = upper_32_bits(ATH11K_SKB_CB(frame)->paddr);
666 	cmd->frame_len = frame->len;
667 	cmd->buf_len = buf_len;
668 	cmd->tx_params_valid = 0;
669 
670 	frame_tlv = (struct wmi_tlv *)(skb->data + sizeof(*cmd));
671 	frame_tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
672 			    FIELD_PREP(WMI_TLV_LEN, buf_len);
673 
674 	memcpy(frame_tlv->value, frame->data, buf_len);
675 
676 	ath11k_ce_byte_swap(frame_tlv->value, buf_len);
677 
678 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_MGMT_TX_SEND_CMDID);
679 	if (ret) {
680 		ath11k_warn(ar->ab,
681 			    "failed to submit WMI_MGMT_TX_SEND_CMDID cmd\n");
682 		dev_kfree_skb(skb);
683 	}
684 
685 	return ret;
686 }
687 
688 int ath11k_wmi_vdev_create(struct ath11k *ar, u8 *macaddr,
689 			   struct vdev_create_params *param)
690 {
691 	struct ath11k_pdev_wmi *wmi = ar->wmi;
692 	struct wmi_vdev_create_cmd *cmd;
693 	struct sk_buff *skb;
694 	struct wmi_vdev_txrx_streams *txrx_streams;
695 	struct wmi_tlv *tlv;
696 	int ret, len;
697 	void *ptr;
698 
699 	/* It can be optimized my sending tx/rx chain configuration
700 	 * only for supported bands instead of always sending it for
701 	 * both the bands.
702 	 */
703 	len = sizeof(*cmd) + TLV_HDR_SIZE +
704 		(WMI_NUM_SUPPORTED_BAND_MAX * sizeof(*txrx_streams));
705 
706 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
707 	if (!skb)
708 		return -ENOMEM;
709 
710 	cmd = (struct wmi_vdev_create_cmd *)skb->data;
711 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_CREATE_CMD) |
712 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
713 
714 	cmd->vdev_id = param->if_id;
715 	cmd->vdev_type = param->type;
716 	cmd->vdev_subtype = param->subtype;
717 	cmd->num_cfg_txrx_streams = WMI_NUM_SUPPORTED_BAND_MAX;
718 	cmd->pdev_id = param->pdev_id;
719 	ether_addr_copy(cmd->vdev_macaddr.addr, macaddr);
720 
721 	ptr = skb->data + sizeof(*cmd);
722 	len = WMI_NUM_SUPPORTED_BAND_MAX * sizeof(*txrx_streams);
723 
724 	tlv = ptr;
725 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
726 		      FIELD_PREP(WMI_TLV_LEN, len);
727 
728 	ptr += TLV_HDR_SIZE;
729 	txrx_streams = ptr;
730 	len = sizeof(*txrx_streams);
731 	txrx_streams->tlv_header =
732 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_TXRX_STREAMS) |
733 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
734 	txrx_streams->band = WMI_TPC_CHAINMASK_CONFIG_BAND_2G;
735 	txrx_streams->supported_tx_streams =
736 				 param->chains[NL80211_BAND_2GHZ].tx;
737 	txrx_streams->supported_rx_streams =
738 				 param->chains[NL80211_BAND_2GHZ].rx;
739 
740 	txrx_streams++;
741 	txrx_streams->tlv_header =
742 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_TXRX_STREAMS) |
743 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
744 	txrx_streams->band = WMI_TPC_CHAINMASK_CONFIG_BAND_5G;
745 	txrx_streams->supported_tx_streams =
746 				 param->chains[NL80211_BAND_5GHZ].tx;
747 	txrx_streams->supported_rx_streams =
748 				 param->chains[NL80211_BAND_5GHZ].rx;
749 
750 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_CREATE_CMDID);
751 	if (ret) {
752 		ath11k_warn(ar->ab,
753 			    "failed to submit WMI_VDEV_CREATE_CMDID\n");
754 		dev_kfree_skb(skb);
755 	}
756 
757 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
758 		   "WMI vdev create: id %d type %d subtype %d macaddr %pM pdevid %d\n",
759 		   param->if_id, param->type, param->subtype,
760 		   macaddr, param->pdev_id);
761 
762 	return ret;
763 }
764 
765 int ath11k_wmi_vdev_delete(struct ath11k *ar, u8 vdev_id)
766 {
767 	struct ath11k_pdev_wmi *wmi = ar->wmi;
768 	struct wmi_vdev_delete_cmd *cmd;
769 	struct sk_buff *skb;
770 	int ret;
771 
772 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
773 	if (!skb)
774 		return -ENOMEM;
775 
776 	cmd = (struct wmi_vdev_delete_cmd *)skb->data;
777 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_DELETE_CMD) |
778 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
779 	cmd->vdev_id = vdev_id;
780 
781 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_DELETE_CMDID);
782 	if (ret) {
783 		ath11k_warn(ar->ab, "failed to submit WMI_VDEV_DELETE_CMDID\n");
784 		dev_kfree_skb(skb);
785 	}
786 
787 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "WMI vdev delete id %d\n", vdev_id);
788 
789 	return ret;
790 }
791 
792 int ath11k_wmi_vdev_stop(struct ath11k *ar, u8 vdev_id)
793 {
794 	struct ath11k_pdev_wmi *wmi = ar->wmi;
795 	struct wmi_vdev_stop_cmd *cmd;
796 	struct sk_buff *skb;
797 	int ret;
798 
799 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
800 	if (!skb)
801 		return -ENOMEM;
802 
803 	cmd = (struct wmi_vdev_stop_cmd *)skb->data;
804 
805 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_STOP_CMD) |
806 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
807 	cmd->vdev_id = vdev_id;
808 
809 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_STOP_CMDID);
810 	if (ret) {
811 		ath11k_warn(ar->ab, "failed to submit WMI_VDEV_STOP cmd\n");
812 		dev_kfree_skb(skb);
813 	}
814 
815 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "WMI vdev stop id 0x%x\n", vdev_id);
816 
817 	return ret;
818 }
819 
820 int ath11k_wmi_vdev_down(struct ath11k *ar, u8 vdev_id)
821 {
822 	struct ath11k_pdev_wmi *wmi = ar->wmi;
823 	struct wmi_vdev_down_cmd *cmd;
824 	struct sk_buff *skb;
825 	int ret;
826 
827 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
828 	if (!skb)
829 		return -ENOMEM;
830 
831 	cmd = (struct wmi_vdev_down_cmd *)skb->data;
832 
833 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_DOWN_CMD) |
834 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
835 	cmd->vdev_id = vdev_id;
836 
837 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_DOWN_CMDID);
838 	if (ret) {
839 		ath11k_warn(ar->ab, "failed to submit WMI_VDEV_DOWN cmd\n");
840 		dev_kfree_skb(skb);
841 	}
842 
843 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "WMI vdev down id 0x%x\n", vdev_id);
844 
845 	return ret;
846 }
847 
848 static void ath11k_wmi_put_wmi_channel(struct wmi_channel *chan,
849 				       struct wmi_vdev_start_req_arg *arg)
850 {
851 	u32 center_freq1 = arg->channel.band_center_freq1;
852 
853 	memset(chan, 0, sizeof(*chan));
854 
855 	chan->mhz = arg->channel.freq;
856 	chan->band_center_freq1 = arg->channel.band_center_freq1;
857 
858 	if (arg->channel.mode == MODE_11AX_HE160) {
859 		if (arg->channel.freq > arg->channel.band_center_freq1)
860 			chan->band_center_freq1 = center_freq1 + 40;
861 		else
862 			chan->band_center_freq1 = center_freq1 - 40;
863 
864 		chan->band_center_freq2 = arg->channel.band_center_freq1;
865 
866 	} else if (arg->channel.mode == MODE_11AC_VHT80_80) {
867 		chan->band_center_freq2 = arg->channel.band_center_freq2;
868 	} else {
869 		chan->band_center_freq2 = 0;
870 	}
871 
872 	chan->info |= FIELD_PREP(WMI_CHAN_INFO_MODE, arg->channel.mode);
873 	if (arg->channel.passive)
874 		chan->info |= WMI_CHAN_INFO_PASSIVE;
875 	if (arg->channel.allow_ibss)
876 		chan->info |= WMI_CHAN_INFO_ADHOC_ALLOWED;
877 	if (arg->channel.allow_ht)
878 		chan->info |= WMI_CHAN_INFO_ALLOW_HT;
879 	if (arg->channel.allow_vht)
880 		chan->info |= WMI_CHAN_INFO_ALLOW_VHT;
881 	if (arg->channel.allow_he)
882 		chan->info |= WMI_CHAN_INFO_ALLOW_HE;
883 	if (arg->channel.ht40plus)
884 		chan->info |= WMI_CHAN_INFO_HT40_PLUS;
885 	if (arg->channel.chan_radar)
886 		chan->info |= WMI_CHAN_INFO_DFS;
887 	if (arg->channel.freq2_radar)
888 		chan->info |= WMI_CHAN_INFO_DFS_FREQ2;
889 
890 	chan->reg_info_1 = FIELD_PREP(WMI_CHAN_REG_INFO1_MAX_PWR,
891 				      arg->channel.max_power) |
892 		FIELD_PREP(WMI_CHAN_REG_INFO1_MAX_REG_PWR,
893 			   arg->channel.max_reg_power);
894 
895 	chan->reg_info_2 = FIELD_PREP(WMI_CHAN_REG_INFO2_ANT_MAX,
896 				      arg->channel.max_antenna_gain) |
897 		FIELD_PREP(WMI_CHAN_REG_INFO2_MAX_TX_PWR,
898 			   arg->channel.max_power);
899 }
900 
901 int ath11k_wmi_vdev_start(struct ath11k *ar, struct wmi_vdev_start_req_arg *arg,
902 			  bool restart)
903 {
904 	struct ath11k_pdev_wmi *wmi = ar->wmi;
905 	struct wmi_vdev_start_request_cmd *cmd;
906 	struct sk_buff *skb;
907 	struct wmi_channel *chan;
908 	struct wmi_tlv *tlv;
909 	void *ptr;
910 	int ret, len;
911 
912 	if (WARN_ON(arg->ssid_len > sizeof(cmd->ssid.ssid)))
913 		return -EINVAL;
914 
915 	len = sizeof(*cmd) + sizeof(*chan) + TLV_HDR_SIZE;
916 
917 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
918 	if (!skb)
919 		return -ENOMEM;
920 
921 	cmd = (struct wmi_vdev_start_request_cmd *)skb->data;
922 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
923 				     WMI_TAG_VDEV_START_REQUEST_CMD) |
924 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
925 	cmd->vdev_id = arg->vdev_id;
926 	cmd->beacon_interval = arg->bcn_intval;
927 	cmd->bcn_tx_rate = arg->bcn_tx_rate;
928 	cmd->dtim_period = arg->dtim_period;
929 	cmd->num_noa_descriptors = arg->num_noa_descriptors;
930 	cmd->preferred_rx_streams = arg->pref_rx_streams;
931 	cmd->preferred_tx_streams = arg->pref_tx_streams;
932 	cmd->cac_duration_ms = arg->cac_duration_ms;
933 	cmd->regdomain = arg->regdomain;
934 	cmd->he_ops = arg->he_ops;
935 
936 	if (!restart) {
937 		if (arg->ssid) {
938 			cmd->ssid.ssid_len = arg->ssid_len;
939 			memcpy(cmd->ssid.ssid, arg->ssid, arg->ssid_len);
940 		}
941 		if (arg->hidden_ssid)
942 			cmd->flags |= WMI_VDEV_START_HIDDEN_SSID;
943 		if (arg->pmf_enabled)
944 			cmd->flags |= WMI_VDEV_START_PMF_ENABLED;
945 	}
946 
947 	cmd->flags |= WMI_VDEV_START_LDPC_RX_ENABLED;
948 	if (test_bit(ATH11K_FLAG_HW_CRYPTO_DISABLED, &ar->ab->dev_flags))
949 		cmd->flags |= WMI_VDEV_START_HW_ENCRYPTION_DISABLED;
950 
951 	ptr = skb->data + sizeof(*cmd);
952 	chan = ptr;
953 
954 	ath11k_wmi_put_wmi_channel(chan, arg);
955 
956 	chan->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_CHANNEL) |
957 			   FIELD_PREP(WMI_TLV_LEN,
958 				      sizeof(*chan) - TLV_HDR_SIZE);
959 	ptr += sizeof(*chan);
960 
961 	tlv = ptr;
962 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
963 		      FIELD_PREP(WMI_TLV_LEN, 0);
964 
965 	/* Note: This is a nested TLV containing:
966 	 * [wmi_tlv][wmi_p2p_noa_descriptor][wmi_tlv]..
967 	 */
968 
969 	ptr += sizeof(*tlv);
970 
971 	if (restart)
972 		ret = ath11k_wmi_cmd_send(wmi, skb,
973 					  WMI_VDEV_RESTART_REQUEST_CMDID);
974 	else
975 		ret = ath11k_wmi_cmd_send(wmi, skb,
976 					  WMI_VDEV_START_REQUEST_CMDID);
977 	if (ret) {
978 		ath11k_warn(ar->ab, "failed to submit vdev_%s cmd\n",
979 			    restart ? "restart" : "start");
980 		dev_kfree_skb(skb);
981 	}
982 
983 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "vdev %s id 0x%x freq 0x%x mode 0x%x\n",
984 		   restart ? "restart" : "start", arg->vdev_id,
985 		   arg->channel.freq, arg->channel.mode);
986 
987 	return ret;
988 }
989 
990 int ath11k_wmi_vdev_up(struct ath11k *ar, u32 vdev_id, u32 aid, const u8 *bssid)
991 {
992 	struct ath11k_pdev_wmi *wmi = ar->wmi;
993 	struct wmi_vdev_up_cmd *cmd;
994 	struct ieee80211_bss_conf *bss_conf;
995 	struct ath11k_vif *arvif;
996 	struct sk_buff *skb;
997 	int ret;
998 
999 	arvif = ath11k_mac_get_arvif(ar, vdev_id);
1000 
1001 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1002 	if (!skb)
1003 		return -ENOMEM;
1004 
1005 	cmd = (struct wmi_vdev_up_cmd *)skb->data;
1006 
1007 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_UP_CMD) |
1008 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1009 	cmd->vdev_id = vdev_id;
1010 	cmd->vdev_assoc_id = aid;
1011 
1012 	ether_addr_copy(cmd->vdev_bssid.addr, bssid);
1013 
1014 	if (arvif && arvif->vif->type == NL80211_IFTYPE_STATION) {
1015 		bss_conf = &arvif->vif->bss_conf;
1016 
1017 		if (bss_conf->nontransmitted) {
1018 			ether_addr_copy(cmd->trans_bssid.addr,
1019 					bss_conf->transmitter_bssid);
1020 			cmd->profile_idx = bss_conf->bssid_index;
1021 			cmd->profile_num = bss_conf->bssid_indicator;
1022 		}
1023 	}
1024 
1025 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_UP_CMDID);
1026 	if (ret) {
1027 		ath11k_warn(ar->ab, "failed to submit WMI_VDEV_UP cmd\n");
1028 		dev_kfree_skb(skb);
1029 	}
1030 
1031 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1032 		   "WMI mgmt vdev up id 0x%x assoc id %d bssid %pM\n",
1033 		   vdev_id, aid, bssid);
1034 
1035 	return ret;
1036 }
1037 
1038 int ath11k_wmi_send_peer_create_cmd(struct ath11k *ar,
1039 				    struct peer_create_params *param)
1040 {
1041 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1042 	struct wmi_peer_create_cmd *cmd;
1043 	struct sk_buff *skb;
1044 	int ret;
1045 
1046 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1047 	if (!skb)
1048 		return -ENOMEM;
1049 
1050 	cmd = (struct wmi_peer_create_cmd *)skb->data;
1051 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PEER_CREATE_CMD) |
1052 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1053 
1054 	ether_addr_copy(cmd->peer_macaddr.addr, param->peer_addr);
1055 	cmd->peer_type = param->peer_type;
1056 	cmd->vdev_id = param->vdev_id;
1057 
1058 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_CREATE_CMDID);
1059 	if (ret) {
1060 		ath11k_warn(ar->ab, "failed to submit WMI_PEER_CREATE cmd\n");
1061 		dev_kfree_skb(skb);
1062 	}
1063 
1064 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1065 		   "WMI peer create vdev_id %d peer_addr %pM\n",
1066 		   param->vdev_id, param->peer_addr);
1067 
1068 	return ret;
1069 }
1070 
1071 int ath11k_wmi_send_peer_delete_cmd(struct ath11k *ar,
1072 				    const u8 *peer_addr, u8 vdev_id)
1073 {
1074 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1075 	struct wmi_peer_delete_cmd *cmd;
1076 	struct sk_buff *skb;
1077 	int ret;
1078 
1079 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1080 	if (!skb)
1081 		return -ENOMEM;
1082 
1083 	cmd = (struct wmi_peer_delete_cmd *)skb->data;
1084 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PEER_DELETE_CMD) |
1085 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1086 
1087 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1088 	cmd->vdev_id = vdev_id;
1089 
1090 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1091 		   "WMI peer delete vdev_id %d peer_addr %pM\n",
1092 		   vdev_id,  peer_addr);
1093 
1094 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_DELETE_CMDID);
1095 	if (ret) {
1096 		ath11k_warn(ar->ab, "failed to send WMI_PEER_DELETE cmd\n");
1097 		dev_kfree_skb(skb);
1098 	}
1099 
1100 	return ret;
1101 }
1102 
1103 int ath11k_wmi_send_pdev_set_regdomain(struct ath11k *ar,
1104 				       struct pdev_set_regdomain_params *param)
1105 {
1106 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1107 	struct wmi_pdev_set_regdomain_cmd *cmd;
1108 	struct sk_buff *skb;
1109 	int ret;
1110 
1111 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1112 	if (!skb)
1113 		return -ENOMEM;
1114 
1115 	cmd = (struct wmi_pdev_set_regdomain_cmd *)skb->data;
1116 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1117 				     WMI_TAG_PDEV_SET_REGDOMAIN_CMD) |
1118 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1119 
1120 	cmd->reg_domain = param->current_rd_in_use;
1121 	cmd->reg_domain_2g = param->current_rd_2g;
1122 	cmd->reg_domain_5g = param->current_rd_5g;
1123 	cmd->conformance_test_limit_2g = param->ctl_2g;
1124 	cmd->conformance_test_limit_5g = param->ctl_5g;
1125 	cmd->dfs_domain = param->dfs_domain;
1126 	cmd->pdev_id = param->pdev_id;
1127 
1128 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1129 		   "WMI pdev regd rd %d rd2g %d rd5g %d domain %d pdev id %d\n",
1130 		   param->current_rd_in_use, param->current_rd_2g,
1131 		   param->current_rd_5g, param->dfs_domain, param->pdev_id);
1132 
1133 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_REGDOMAIN_CMDID);
1134 	if (ret) {
1135 		ath11k_warn(ar->ab,
1136 			    "failed to send WMI_PDEV_SET_REGDOMAIN cmd\n");
1137 		dev_kfree_skb(skb);
1138 	}
1139 
1140 	return ret;
1141 }
1142 
1143 int ath11k_wmi_set_peer_param(struct ath11k *ar, const u8 *peer_addr,
1144 			      u32 vdev_id, u32 param_id, u32 param_val)
1145 {
1146 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1147 	struct wmi_peer_set_param_cmd *cmd;
1148 	struct sk_buff *skb;
1149 	int ret;
1150 
1151 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1152 	if (!skb)
1153 		return -ENOMEM;
1154 
1155 	cmd = (struct wmi_peer_set_param_cmd *)skb->data;
1156 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PEER_SET_PARAM_CMD) |
1157 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1158 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1159 	cmd->vdev_id = vdev_id;
1160 	cmd->param_id = param_id;
1161 	cmd->param_value = param_val;
1162 
1163 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_SET_PARAM_CMDID);
1164 	if (ret) {
1165 		ath11k_warn(ar->ab, "failed to send WMI_PEER_SET_PARAM cmd\n");
1166 		dev_kfree_skb(skb);
1167 	}
1168 
1169 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1170 		   "WMI vdev %d peer 0x%pM set param %d value %d\n",
1171 		   vdev_id, peer_addr, param_id, param_val);
1172 
1173 	return ret;
1174 }
1175 
1176 int ath11k_wmi_send_peer_flush_tids_cmd(struct ath11k *ar,
1177 					u8 peer_addr[ETH_ALEN],
1178 					struct peer_flush_params *param)
1179 {
1180 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1181 	struct wmi_peer_flush_tids_cmd *cmd;
1182 	struct sk_buff *skb;
1183 	int ret;
1184 
1185 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1186 	if (!skb)
1187 		return -ENOMEM;
1188 
1189 	cmd = (struct wmi_peer_flush_tids_cmd *)skb->data;
1190 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PEER_FLUSH_TIDS_CMD) |
1191 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1192 
1193 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1194 	cmd->peer_tid_bitmap = param->peer_tid_bitmap;
1195 	cmd->vdev_id = param->vdev_id;
1196 
1197 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_FLUSH_TIDS_CMDID);
1198 	if (ret) {
1199 		ath11k_warn(ar->ab,
1200 			    "failed to send WMI_PEER_FLUSH_TIDS cmd\n");
1201 		dev_kfree_skb(skb);
1202 	}
1203 
1204 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1205 		   "WMI peer flush vdev_id %d peer_addr %pM tids %08x\n",
1206 		   param->vdev_id, peer_addr, param->peer_tid_bitmap);
1207 
1208 	return ret;
1209 }
1210 
1211 int ath11k_wmi_peer_rx_reorder_queue_setup(struct ath11k *ar,
1212 					   int vdev_id, const u8 *addr,
1213 					   dma_addr_t paddr, u8 tid,
1214 					   u8 ba_window_size_valid,
1215 					   u32 ba_window_size)
1216 {
1217 	struct wmi_peer_reorder_queue_setup_cmd *cmd;
1218 	struct sk_buff *skb;
1219 	int ret;
1220 
1221 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
1222 	if (!skb)
1223 		return -ENOMEM;
1224 
1225 	cmd = (struct wmi_peer_reorder_queue_setup_cmd *)skb->data;
1226 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1227 				     WMI_TAG_REORDER_QUEUE_SETUP_CMD) |
1228 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1229 
1230 	ether_addr_copy(cmd->peer_macaddr.addr, addr);
1231 	cmd->vdev_id = vdev_id;
1232 	cmd->tid = tid;
1233 	cmd->queue_ptr_lo = lower_32_bits(paddr);
1234 	cmd->queue_ptr_hi = upper_32_bits(paddr);
1235 	cmd->queue_no = tid;
1236 	cmd->ba_window_size_valid = ba_window_size_valid;
1237 	cmd->ba_window_size = ba_window_size;
1238 
1239 	ret = ath11k_wmi_cmd_send(ar->wmi, skb,
1240 				  WMI_PEER_REORDER_QUEUE_SETUP_CMDID);
1241 	if (ret) {
1242 		ath11k_warn(ar->ab,
1243 			    "failed to send WMI_PEER_REORDER_QUEUE_SETUP\n");
1244 		dev_kfree_skb(skb);
1245 	}
1246 
1247 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1248 		   "wmi rx reorder queue setup addr %pM vdev_id %d tid %d\n",
1249 		   addr, vdev_id, tid);
1250 
1251 	return ret;
1252 }
1253 
1254 int
1255 ath11k_wmi_rx_reord_queue_remove(struct ath11k *ar,
1256 				 struct rx_reorder_queue_remove_params *param)
1257 {
1258 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1259 	struct wmi_peer_reorder_queue_remove_cmd *cmd;
1260 	struct sk_buff *skb;
1261 	int ret;
1262 
1263 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1264 	if (!skb)
1265 		return -ENOMEM;
1266 
1267 	cmd = (struct wmi_peer_reorder_queue_remove_cmd *)skb->data;
1268 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1269 				     WMI_TAG_REORDER_QUEUE_REMOVE_CMD) |
1270 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1271 
1272 	ether_addr_copy(cmd->peer_macaddr.addr, param->peer_macaddr);
1273 	cmd->vdev_id = param->vdev_id;
1274 	cmd->tid_mask = param->peer_tid_bitmap;
1275 
1276 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1277 		   "%s: peer_macaddr %pM vdev_id %d, tid_map %d", __func__,
1278 		   param->peer_macaddr, param->vdev_id, param->peer_tid_bitmap);
1279 
1280 	ret = ath11k_wmi_cmd_send(wmi, skb,
1281 				  WMI_PEER_REORDER_QUEUE_REMOVE_CMDID);
1282 	if (ret) {
1283 		ath11k_warn(ar->ab,
1284 			    "failed to send WMI_PEER_REORDER_QUEUE_REMOVE_CMDID");
1285 		dev_kfree_skb(skb);
1286 	}
1287 
1288 	return ret;
1289 }
1290 
1291 int ath11k_wmi_pdev_set_param(struct ath11k *ar, u32 param_id,
1292 			      u32 param_value, u8 pdev_id)
1293 {
1294 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1295 	struct wmi_pdev_set_param_cmd *cmd;
1296 	struct sk_buff *skb;
1297 	int ret;
1298 
1299 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1300 	if (!skb)
1301 		return -ENOMEM;
1302 
1303 	cmd = (struct wmi_pdev_set_param_cmd *)skb->data;
1304 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SET_PARAM_CMD) |
1305 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1306 	cmd->pdev_id = pdev_id;
1307 	cmd->param_id = param_id;
1308 	cmd->param_value = param_value;
1309 
1310 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_PARAM_CMDID);
1311 	if (ret) {
1312 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_SET_PARAM cmd\n");
1313 		dev_kfree_skb(skb);
1314 	}
1315 
1316 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1317 		   "WMI pdev set param %d pdev id %d value %d\n",
1318 		   param_id, pdev_id, param_value);
1319 
1320 	return ret;
1321 }
1322 
1323 int ath11k_wmi_pdev_set_ps_mode(struct ath11k *ar, int vdev_id,
1324 				enum wmi_sta_ps_mode psmode)
1325 {
1326 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1327 	struct wmi_pdev_set_ps_mode_cmd *cmd;
1328 	struct sk_buff *skb;
1329 	int ret;
1330 
1331 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1332 	if (!skb)
1333 		return -ENOMEM;
1334 
1335 	cmd = (struct wmi_pdev_set_ps_mode_cmd *)skb->data;
1336 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_STA_POWERSAVE_MODE_CMD) |
1337 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1338 	cmd->vdev_id = vdev_id;
1339 	cmd->sta_ps_mode = psmode;
1340 
1341 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_STA_POWERSAVE_MODE_CMDID);
1342 	if (ret) {
1343 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_SET_PARAM cmd\n");
1344 		dev_kfree_skb(skb);
1345 	}
1346 
1347 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1348 		   "WMI vdev set psmode %d vdev id %d\n",
1349 		   psmode, vdev_id);
1350 
1351 	return ret;
1352 }
1353 
1354 int ath11k_wmi_pdev_suspend(struct ath11k *ar, u32 suspend_opt,
1355 			    u32 pdev_id)
1356 {
1357 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1358 	struct wmi_pdev_suspend_cmd *cmd;
1359 	struct sk_buff *skb;
1360 	int ret;
1361 
1362 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1363 	if (!skb)
1364 		return -ENOMEM;
1365 
1366 	cmd = (struct wmi_pdev_suspend_cmd *)skb->data;
1367 
1368 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SUSPEND_CMD) |
1369 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1370 
1371 	cmd->suspend_opt = suspend_opt;
1372 	cmd->pdev_id = pdev_id;
1373 
1374 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SUSPEND_CMDID);
1375 	if (ret) {
1376 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_SUSPEND cmd\n");
1377 		dev_kfree_skb(skb);
1378 	}
1379 
1380 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1381 		   "WMI pdev suspend pdev_id %d\n", pdev_id);
1382 
1383 	return ret;
1384 }
1385 
1386 int ath11k_wmi_pdev_resume(struct ath11k *ar, u32 pdev_id)
1387 {
1388 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1389 	struct wmi_pdev_resume_cmd *cmd;
1390 	struct sk_buff *skb;
1391 	int ret;
1392 
1393 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1394 	if (!skb)
1395 		return -ENOMEM;
1396 
1397 	cmd = (struct wmi_pdev_resume_cmd *)skb->data;
1398 
1399 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_RESUME_CMD) |
1400 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1401 	cmd->pdev_id = pdev_id;
1402 
1403 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1404 		   "WMI pdev resume pdev id %d\n", pdev_id);
1405 
1406 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_RESUME_CMDID);
1407 	if (ret) {
1408 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_RESUME cmd\n");
1409 		dev_kfree_skb(skb);
1410 	}
1411 
1412 	return ret;
1413 }
1414 
1415 /* TODO FW Support for the cmd is not available yet.
1416  * Can be tested once the command and corresponding
1417  * event is implemented in FW
1418  */
1419 int ath11k_wmi_pdev_bss_chan_info_request(struct ath11k *ar,
1420 					  enum wmi_bss_chan_info_req_type type)
1421 {
1422 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1423 	struct wmi_pdev_bss_chan_info_req_cmd *cmd;
1424 	struct sk_buff *skb;
1425 	int ret;
1426 
1427 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1428 	if (!skb)
1429 		return -ENOMEM;
1430 
1431 	cmd = (struct wmi_pdev_bss_chan_info_req_cmd *)skb->data;
1432 
1433 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1434 				     WMI_TAG_PDEV_BSS_CHAN_INFO_REQUEST) |
1435 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1436 	cmd->req_type = type;
1437 	cmd->pdev_id = ar->pdev->pdev_id;
1438 
1439 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1440 		   "WMI bss chan info req type %d\n", type);
1441 
1442 	ret = ath11k_wmi_cmd_send(wmi, skb,
1443 				  WMI_PDEV_BSS_CHAN_INFO_REQUEST_CMDID);
1444 	if (ret) {
1445 		ath11k_warn(ar->ab,
1446 			    "failed to send WMI_PDEV_BSS_CHAN_INFO_REQUEST cmd\n");
1447 		dev_kfree_skb(skb);
1448 	}
1449 
1450 	return ret;
1451 }
1452 
1453 int ath11k_wmi_send_set_ap_ps_param_cmd(struct ath11k *ar, u8 *peer_addr,
1454 					struct ap_ps_params *param)
1455 {
1456 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1457 	struct wmi_ap_ps_peer_cmd *cmd;
1458 	struct sk_buff *skb;
1459 	int ret;
1460 
1461 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1462 	if (!skb)
1463 		return -ENOMEM;
1464 
1465 	cmd = (struct wmi_ap_ps_peer_cmd *)skb->data;
1466 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_AP_PS_PEER_CMD) |
1467 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1468 
1469 	cmd->vdev_id = param->vdev_id;
1470 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1471 	cmd->param = param->param;
1472 	cmd->value = param->value;
1473 
1474 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_AP_PS_PEER_PARAM_CMDID);
1475 	if (ret) {
1476 		ath11k_warn(ar->ab,
1477 			    "failed to send WMI_AP_PS_PEER_PARAM_CMDID\n");
1478 		dev_kfree_skb(skb);
1479 	}
1480 
1481 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1482 		   "WMI set ap ps vdev id %d peer %pM param %d value %d\n",
1483 		   param->vdev_id, peer_addr, param->param, param->value);
1484 
1485 	return ret;
1486 }
1487 
1488 int ath11k_wmi_set_sta_ps_param(struct ath11k *ar, u32 vdev_id,
1489 				u32 param, u32 param_value)
1490 {
1491 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1492 	struct wmi_sta_powersave_param_cmd *cmd;
1493 	struct sk_buff *skb;
1494 	int ret;
1495 
1496 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1497 	if (!skb)
1498 		return -ENOMEM;
1499 
1500 	cmd = (struct wmi_sta_powersave_param_cmd *)skb->data;
1501 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1502 				     WMI_TAG_STA_POWERSAVE_PARAM_CMD) |
1503 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1504 
1505 	cmd->vdev_id = vdev_id;
1506 	cmd->param = param;
1507 	cmd->value = param_value;
1508 
1509 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1510 		   "WMI set sta ps vdev_id %d param %d value %d\n",
1511 		   vdev_id, param, param_value);
1512 
1513 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_STA_POWERSAVE_PARAM_CMDID);
1514 	if (ret) {
1515 		ath11k_warn(ar->ab, "failed to send WMI_STA_POWERSAVE_PARAM_CMDID");
1516 		dev_kfree_skb(skb);
1517 	}
1518 
1519 	return ret;
1520 }
1521 
1522 int ath11k_wmi_force_fw_hang_cmd(struct ath11k *ar, u32 type, u32 delay_time_ms)
1523 {
1524 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1525 	struct wmi_force_fw_hang_cmd *cmd;
1526 	struct sk_buff *skb;
1527 	int ret, len;
1528 
1529 	len = sizeof(*cmd);
1530 
1531 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
1532 	if (!skb)
1533 		return -ENOMEM;
1534 
1535 	cmd = (struct wmi_force_fw_hang_cmd *)skb->data;
1536 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_FORCE_FW_HANG_CMD) |
1537 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
1538 
1539 	cmd->type = type;
1540 	cmd->delay_time_ms = delay_time_ms;
1541 
1542 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_FORCE_FW_HANG_CMDID);
1543 
1544 	if (ret) {
1545 		ath11k_warn(ar->ab, "Failed to send WMI_FORCE_FW_HANG_CMDID");
1546 		dev_kfree_skb(skb);
1547 	}
1548 	return ret;
1549 }
1550 
1551 int ath11k_wmi_vdev_set_param_cmd(struct ath11k *ar, u32 vdev_id,
1552 				  u32 param_id, u32 param_value)
1553 {
1554 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1555 	struct wmi_vdev_set_param_cmd *cmd;
1556 	struct sk_buff *skb;
1557 	int ret;
1558 
1559 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1560 	if (!skb)
1561 		return -ENOMEM;
1562 
1563 	cmd = (struct wmi_vdev_set_param_cmd *)skb->data;
1564 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_SET_PARAM_CMD) |
1565 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1566 
1567 	cmd->vdev_id = vdev_id;
1568 	cmd->param_id = param_id;
1569 	cmd->param_value = param_value;
1570 
1571 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_SET_PARAM_CMDID);
1572 	if (ret) {
1573 		ath11k_warn(ar->ab,
1574 			    "failed to send WMI_VDEV_SET_PARAM_CMDID\n");
1575 		dev_kfree_skb(skb);
1576 	}
1577 
1578 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1579 		   "WMI vdev id 0x%x set param %d value %d\n",
1580 		   vdev_id, param_id, param_value);
1581 
1582 	return ret;
1583 }
1584 
1585 int ath11k_wmi_send_stats_request_cmd(struct ath11k *ar,
1586 				      struct stats_request_params *param)
1587 {
1588 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1589 	struct wmi_request_stats_cmd *cmd;
1590 	struct sk_buff *skb;
1591 	int ret;
1592 
1593 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1594 	if (!skb)
1595 		return -ENOMEM;
1596 
1597 	cmd = (struct wmi_request_stats_cmd *)skb->data;
1598 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_REQUEST_STATS_CMD) |
1599 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1600 
1601 	cmd->stats_id = param->stats_id;
1602 	cmd->vdev_id = param->vdev_id;
1603 	cmd->pdev_id = param->pdev_id;
1604 
1605 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_REQUEST_STATS_CMDID);
1606 	if (ret) {
1607 		ath11k_warn(ar->ab, "failed to send WMI_REQUEST_STATS cmd\n");
1608 		dev_kfree_skb(skb);
1609 	}
1610 
1611 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1612 		   "WMI request stats 0x%x vdev id %d pdev id %d\n",
1613 		   param->stats_id, param->vdev_id, param->pdev_id);
1614 
1615 	return ret;
1616 }
1617 
1618 int ath11k_wmi_send_pdev_temperature_cmd(struct ath11k *ar)
1619 {
1620 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1621 	struct wmi_get_pdev_temperature_cmd *cmd;
1622 	struct sk_buff *skb;
1623 	int ret;
1624 
1625 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1626 	if (!skb)
1627 		return -ENOMEM;
1628 
1629 	cmd = (struct wmi_get_pdev_temperature_cmd *)skb->data;
1630 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_GET_TEMPERATURE_CMD) |
1631 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1632 	cmd->pdev_id = ar->pdev->pdev_id;
1633 
1634 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_GET_TEMPERATURE_CMDID);
1635 	if (ret) {
1636 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_GET_TEMPERATURE cmd\n");
1637 		dev_kfree_skb(skb);
1638 	}
1639 
1640 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1641 		   "WMI pdev get temperature for pdev_id %d\n", ar->pdev->pdev_id);
1642 
1643 	return ret;
1644 }
1645 
1646 int ath11k_wmi_send_bcn_offload_control_cmd(struct ath11k *ar,
1647 					    u32 vdev_id, u32 bcn_ctrl_op)
1648 {
1649 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1650 	struct wmi_bcn_offload_ctrl_cmd *cmd;
1651 	struct sk_buff *skb;
1652 	int ret;
1653 
1654 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1655 	if (!skb)
1656 		return -ENOMEM;
1657 
1658 	cmd = (struct wmi_bcn_offload_ctrl_cmd *)skb->data;
1659 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1660 				     WMI_TAG_BCN_OFFLOAD_CTRL_CMD) |
1661 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1662 
1663 	cmd->vdev_id = vdev_id;
1664 	cmd->bcn_ctrl_op = bcn_ctrl_op;
1665 
1666 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1667 		   "WMI bcn ctrl offload vdev id %d ctrl_op %d\n",
1668 		   vdev_id, bcn_ctrl_op);
1669 
1670 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_BCN_OFFLOAD_CTRL_CMDID);
1671 	if (ret) {
1672 		ath11k_warn(ar->ab,
1673 			    "failed to send WMI_BCN_OFFLOAD_CTRL_CMDID\n");
1674 		dev_kfree_skb(skb);
1675 	}
1676 
1677 	return ret;
1678 }
1679 
1680 int ath11k_wmi_bcn_tmpl(struct ath11k *ar, u32 vdev_id,
1681 			struct ieee80211_mutable_offsets *offs,
1682 			struct sk_buff *bcn)
1683 {
1684 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1685 	struct wmi_bcn_tmpl_cmd *cmd;
1686 	struct wmi_bcn_prb_info *bcn_prb_info;
1687 	struct wmi_tlv *tlv;
1688 	struct sk_buff *skb;
1689 	void *ptr;
1690 	int ret, len;
1691 	size_t aligned_len = roundup(bcn->len, 4);
1692 	struct ieee80211_vif *vif;
1693 	struct ath11k_vif *arvif = ath11k_mac_get_arvif(ar, vdev_id);
1694 
1695 	if (!arvif) {
1696 		ath11k_warn(ar->ab, "failed to find arvif with vdev id %d\n", vdev_id);
1697 		return -EINVAL;
1698 	}
1699 
1700 	vif = arvif->vif;
1701 
1702 	len = sizeof(*cmd) + sizeof(*bcn_prb_info) + TLV_HDR_SIZE + aligned_len;
1703 
1704 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
1705 	if (!skb)
1706 		return -ENOMEM;
1707 
1708 	cmd = (struct wmi_bcn_tmpl_cmd *)skb->data;
1709 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_BCN_TMPL_CMD) |
1710 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1711 	cmd->vdev_id = vdev_id;
1712 	cmd->tim_ie_offset = offs->tim_offset;
1713 
1714 	if (vif->bss_conf.csa_active) {
1715 		cmd->csa_switch_count_offset = offs->cntdwn_counter_offs[0];
1716 		cmd->ext_csa_switch_count_offset = offs->cntdwn_counter_offs[1];
1717 	}
1718 
1719 	cmd->buf_len = bcn->len;
1720 
1721 	ptr = skb->data + sizeof(*cmd);
1722 
1723 	bcn_prb_info = ptr;
1724 	len = sizeof(*bcn_prb_info);
1725 	bcn_prb_info->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1726 					      WMI_TAG_BCN_PRB_INFO) |
1727 				   FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
1728 	bcn_prb_info->caps = 0;
1729 	bcn_prb_info->erp = 0;
1730 
1731 	ptr += sizeof(*bcn_prb_info);
1732 
1733 	tlv = ptr;
1734 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
1735 		      FIELD_PREP(WMI_TLV_LEN, aligned_len);
1736 	memcpy(tlv->value, bcn->data, bcn->len);
1737 
1738 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_BCN_TMPL_CMDID);
1739 	if (ret) {
1740 		ath11k_warn(ar->ab, "failed to send WMI_BCN_TMPL_CMDID\n");
1741 		dev_kfree_skb(skb);
1742 	}
1743 
1744 	return ret;
1745 }
1746 
1747 int ath11k_wmi_vdev_install_key(struct ath11k *ar,
1748 				struct wmi_vdev_install_key_arg *arg)
1749 {
1750 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1751 	struct wmi_vdev_install_key_cmd *cmd;
1752 	struct wmi_tlv *tlv;
1753 	struct sk_buff *skb;
1754 	int ret, len;
1755 	int key_len_aligned = roundup(arg->key_len, sizeof(uint32_t));
1756 
1757 	len = sizeof(*cmd) + TLV_HDR_SIZE + key_len_aligned;
1758 
1759 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
1760 	if (!skb)
1761 		return -ENOMEM;
1762 
1763 	cmd = (struct wmi_vdev_install_key_cmd *)skb->data;
1764 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_INSTALL_KEY_CMD) |
1765 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1766 	cmd->vdev_id = arg->vdev_id;
1767 	ether_addr_copy(cmd->peer_macaddr.addr, arg->macaddr);
1768 	cmd->key_idx = arg->key_idx;
1769 	cmd->key_flags = arg->key_flags;
1770 	cmd->key_cipher = arg->key_cipher;
1771 	cmd->key_len = arg->key_len;
1772 	cmd->key_txmic_len = arg->key_txmic_len;
1773 	cmd->key_rxmic_len = arg->key_rxmic_len;
1774 
1775 	if (arg->key_rsc_counter)
1776 		memcpy(&cmd->key_rsc_counter, &arg->key_rsc_counter,
1777 		       sizeof(struct wmi_key_seq_counter));
1778 
1779 	tlv = (struct wmi_tlv *)(skb->data + sizeof(*cmd));
1780 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
1781 		      FIELD_PREP(WMI_TLV_LEN, key_len_aligned);
1782 	if (arg->key_data)
1783 		memcpy(tlv->value, (u8 *)arg->key_data, key_len_aligned);
1784 
1785 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_INSTALL_KEY_CMDID);
1786 	if (ret) {
1787 		ath11k_warn(ar->ab,
1788 			    "failed to send WMI_VDEV_INSTALL_KEY cmd\n");
1789 		dev_kfree_skb(skb);
1790 	}
1791 
1792 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1793 		   "WMI vdev install key idx %d cipher %d len %d\n",
1794 		   arg->key_idx, arg->key_cipher, arg->key_len);
1795 
1796 	return ret;
1797 }
1798 
1799 static inline void
1800 ath11k_wmi_copy_peer_flags(struct wmi_peer_assoc_complete_cmd *cmd,
1801 			   struct peer_assoc_params *param,
1802 			   bool hw_crypto_disabled)
1803 {
1804 	cmd->peer_flags = 0;
1805 
1806 	if (param->is_wme_set) {
1807 		if (param->qos_flag)
1808 			cmd->peer_flags |= WMI_PEER_QOS;
1809 		if (param->apsd_flag)
1810 			cmd->peer_flags |= WMI_PEER_APSD;
1811 		if (param->ht_flag)
1812 			cmd->peer_flags |= WMI_PEER_HT;
1813 		if (param->bw_40)
1814 			cmd->peer_flags |= WMI_PEER_40MHZ;
1815 		if (param->bw_80)
1816 			cmd->peer_flags |= WMI_PEER_80MHZ;
1817 		if (param->bw_160)
1818 			cmd->peer_flags |= WMI_PEER_160MHZ;
1819 
1820 		/* Typically if STBC is enabled for VHT it should be enabled
1821 		 * for HT as well
1822 		 **/
1823 		if (param->stbc_flag)
1824 			cmd->peer_flags |= WMI_PEER_STBC;
1825 
1826 		/* Typically if LDPC is enabled for VHT it should be enabled
1827 		 * for HT as well
1828 		 **/
1829 		if (param->ldpc_flag)
1830 			cmd->peer_flags |= WMI_PEER_LDPC;
1831 
1832 		if (param->static_mimops_flag)
1833 			cmd->peer_flags |= WMI_PEER_STATIC_MIMOPS;
1834 		if (param->dynamic_mimops_flag)
1835 			cmd->peer_flags |= WMI_PEER_DYN_MIMOPS;
1836 		if (param->spatial_mux_flag)
1837 			cmd->peer_flags |= WMI_PEER_SPATIAL_MUX;
1838 		if (param->vht_flag)
1839 			cmd->peer_flags |= WMI_PEER_VHT;
1840 		if (param->he_flag)
1841 			cmd->peer_flags |= WMI_PEER_HE;
1842 		if (param->twt_requester)
1843 			cmd->peer_flags |= WMI_PEER_TWT_REQ;
1844 		if (param->twt_responder)
1845 			cmd->peer_flags |= WMI_PEER_TWT_RESP;
1846 	}
1847 
1848 	/* Suppress authorization for all AUTH modes that need 4-way handshake
1849 	 * (during re-association).
1850 	 * Authorization will be done for these modes on key installation.
1851 	 */
1852 	if (param->auth_flag)
1853 		cmd->peer_flags |= WMI_PEER_AUTH;
1854 	if (param->need_ptk_4_way) {
1855 		cmd->peer_flags |= WMI_PEER_NEED_PTK_4_WAY;
1856 		if (!hw_crypto_disabled && param->is_assoc)
1857 			cmd->peer_flags &= ~WMI_PEER_AUTH;
1858 	}
1859 	if (param->need_gtk_2_way)
1860 		cmd->peer_flags |= WMI_PEER_NEED_GTK_2_WAY;
1861 	/* safe mode bypass the 4-way handshake */
1862 	if (param->safe_mode_enabled)
1863 		cmd->peer_flags &= ~(WMI_PEER_NEED_PTK_4_WAY |
1864 				     WMI_PEER_NEED_GTK_2_WAY);
1865 
1866 	if (param->is_pmf_enabled)
1867 		cmd->peer_flags |= WMI_PEER_PMF;
1868 
1869 	/* Disable AMSDU for station transmit, if user configures it */
1870 	/* Disable AMSDU for AP transmit to 11n Stations, if user configures
1871 	 * it
1872 	 * if (param->amsdu_disable) Add after FW support
1873 	 **/
1874 
1875 	/* Target asserts if node is marked HT and all MCS is set to 0.
1876 	 * Mark the node as non-HT if all the mcs rates are disabled through
1877 	 * iwpriv
1878 	 **/
1879 	if (param->peer_ht_rates.num_rates == 0)
1880 		cmd->peer_flags &= ~WMI_PEER_HT;
1881 }
1882 
1883 int ath11k_wmi_send_peer_assoc_cmd(struct ath11k *ar,
1884 				   struct peer_assoc_params *param)
1885 {
1886 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1887 	struct wmi_peer_assoc_complete_cmd *cmd;
1888 	struct wmi_vht_rate_set *mcs;
1889 	struct wmi_he_rate_set *he_mcs;
1890 	struct sk_buff *skb;
1891 	struct wmi_tlv *tlv;
1892 	void *ptr;
1893 	u32 peer_legacy_rates_align;
1894 	u32 peer_ht_rates_align;
1895 	int i, ret, len;
1896 
1897 	peer_legacy_rates_align = roundup(param->peer_legacy_rates.num_rates,
1898 					  sizeof(u32));
1899 	peer_ht_rates_align = roundup(param->peer_ht_rates.num_rates,
1900 				      sizeof(u32));
1901 
1902 	len = sizeof(*cmd) +
1903 	      TLV_HDR_SIZE + (peer_legacy_rates_align * sizeof(u8)) +
1904 	      TLV_HDR_SIZE + (peer_ht_rates_align * sizeof(u8)) +
1905 	      sizeof(*mcs) + TLV_HDR_SIZE +
1906 	      (sizeof(*he_mcs) * param->peer_he_mcs_count);
1907 
1908 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
1909 	if (!skb)
1910 		return -ENOMEM;
1911 
1912 	ptr = skb->data;
1913 
1914 	cmd = ptr;
1915 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1916 				     WMI_TAG_PEER_ASSOC_COMPLETE_CMD) |
1917 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1918 
1919 	cmd->vdev_id = param->vdev_id;
1920 
1921 	cmd->peer_new_assoc = param->peer_new_assoc;
1922 	cmd->peer_associd = param->peer_associd;
1923 
1924 	ath11k_wmi_copy_peer_flags(cmd, param,
1925 				   test_bit(ATH11K_FLAG_HW_CRYPTO_DISABLED,
1926 					    &ar->ab->dev_flags));
1927 
1928 	ether_addr_copy(cmd->peer_macaddr.addr, param->peer_mac);
1929 
1930 	cmd->peer_rate_caps = param->peer_rate_caps;
1931 	cmd->peer_caps = param->peer_caps;
1932 	cmd->peer_listen_intval = param->peer_listen_intval;
1933 	cmd->peer_ht_caps = param->peer_ht_caps;
1934 	cmd->peer_max_mpdu = param->peer_max_mpdu;
1935 	cmd->peer_mpdu_density = param->peer_mpdu_density;
1936 	cmd->peer_vht_caps = param->peer_vht_caps;
1937 	cmd->peer_phymode = param->peer_phymode;
1938 
1939 	/* Update 11ax capabilities */
1940 	cmd->peer_he_cap_info = param->peer_he_cap_macinfo[0];
1941 	cmd->peer_he_cap_info_ext = param->peer_he_cap_macinfo[1];
1942 	cmd->peer_he_cap_info_internal = param->peer_he_cap_macinfo_internal;
1943 	cmd->peer_he_caps_6ghz = param->peer_he_caps_6ghz;
1944 	cmd->peer_he_ops = param->peer_he_ops;
1945 	memcpy(&cmd->peer_he_cap_phy, &param->peer_he_cap_phyinfo,
1946 	       sizeof(param->peer_he_cap_phyinfo));
1947 	memcpy(&cmd->peer_ppet, &param->peer_ppet,
1948 	       sizeof(param->peer_ppet));
1949 
1950 	/* Update peer legacy rate information */
1951 	ptr += sizeof(*cmd);
1952 
1953 	tlv = ptr;
1954 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
1955 		      FIELD_PREP(WMI_TLV_LEN, peer_legacy_rates_align);
1956 
1957 	ptr += TLV_HDR_SIZE;
1958 
1959 	cmd->num_peer_legacy_rates = param->peer_legacy_rates.num_rates;
1960 	memcpy(ptr, param->peer_legacy_rates.rates,
1961 	       param->peer_legacy_rates.num_rates);
1962 
1963 	/* Update peer HT rate information */
1964 	ptr += peer_legacy_rates_align;
1965 
1966 	tlv = ptr;
1967 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
1968 		      FIELD_PREP(WMI_TLV_LEN, peer_ht_rates_align);
1969 	ptr += TLV_HDR_SIZE;
1970 	cmd->num_peer_ht_rates = param->peer_ht_rates.num_rates;
1971 	memcpy(ptr, param->peer_ht_rates.rates,
1972 	       param->peer_ht_rates.num_rates);
1973 
1974 	/* VHT Rates */
1975 	ptr += peer_ht_rates_align;
1976 
1977 	mcs = ptr;
1978 
1979 	mcs->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VHT_RATE_SET) |
1980 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*mcs) - TLV_HDR_SIZE);
1981 
1982 	cmd->peer_nss = param->peer_nss;
1983 
1984 	/* Update bandwidth-NSS mapping */
1985 	cmd->peer_bw_rxnss_override = 0;
1986 	cmd->peer_bw_rxnss_override |= param->peer_bw_rxnss_override;
1987 
1988 	if (param->vht_capable) {
1989 		mcs->rx_max_rate = param->rx_max_rate;
1990 		mcs->rx_mcs_set = param->rx_mcs_set;
1991 		mcs->tx_max_rate = param->tx_max_rate;
1992 		mcs->tx_mcs_set = param->tx_mcs_set;
1993 	}
1994 
1995 	/* HE Rates */
1996 	cmd->peer_he_mcs = param->peer_he_mcs_count;
1997 	cmd->min_data_rate = param->min_data_rate;
1998 
1999 	ptr += sizeof(*mcs);
2000 
2001 	len = param->peer_he_mcs_count * sizeof(*he_mcs);
2002 
2003 	tlv = ptr;
2004 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
2005 		      FIELD_PREP(WMI_TLV_LEN, len);
2006 	ptr += TLV_HDR_SIZE;
2007 
2008 	/* Loop through the HE rate set */
2009 	for (i = 0; i < param->peer_he_mcs_count; i++) {
2010 		he_mcs = ptr;
2011 		he_mcs->tlv_header = FIELD_PREP(WMI_TLV_TAG,
2012 						WMI_TAG_HE_RATE_SET) |
2013 				     FIELD_PREP(WMI_TLV_LEN,
2014 						sizeof(*he_mcs) - TLV_HDR_SIZE);
2015 
2016 		he_mcs->rx_mcs_set = param->peer_he_tx_mcs_set[i];
2017 		he_mcs->tx_mcs_set = param->peer_he_rx_mcs_set[i];
2018 		ptr += sizeof(*he_mcs);
2019 	}
2020 
2021 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_ASSOC_CMDID);
2022 	if (ret) {
2023 		ath11k_warn(ar->ab,
2024 			    "failed to send WMI_PEER_ASSOC_CMDID\n");
2025 		dev_kfree_skb(skb);
2026 	}
2027 
2028 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2029 		   "wmi peer assoc vdev id %d assoc id %d peer mac %pM peer_flags %x rate_caps %x peer_caps %x listen_intval %d ht_caps %x max_mpdu %d nss %d phymode %d peer_mpdu_density %d vht_caps %x he cap_info %x he ops %x he cap_info_ext %x he phy %x %x %x peer_bw_rxnss_override %x\n",
2030 		   cmd->vdev_id, cmd->peer_associd, param->peer_mac,
2031 		   cmd->peer_flags, cmd->peer_rate_caps, cmd->peer_caps,
2032 		   cmd->peer_listen_intval, cmd->peer_ht_caps,
2033 		   cmd->peer_max_mpdu, cmd->peer_nss, cmd->peer_phymode,
2034 		   cmd->peer_mpdu_density,
2035 		   cmd->peer_vht_caps, cmd->peer_he_cap_info,
2036 		   cmd->peer_he_ops, cmd->peer_he_cap_info_ext,
2037 		   cmd->peer_he_cap_phy[0], cmd->peer_he_cap_phy[1],
2038 		   cmd->peer_he_cap_phy[2],
2039 		   cmd->peer_bw_rxnss_override);
2040 
2041 	return ret;
2042 }
2043 
2044 void ath11k_wmi_start_scan_init(struct ath11k *ar,
2045 				struct scan_req_params *arg)
2046 {
2047 	/* setup commonly used values */
2048 	arg->scan_req_id = 1;
2049 	if (ar->state_11d == ATH11K_11D_PREPARING)
2050 		arg->scan_priority = WMI_SCAN_PRIORITY_MEDIUM;
2051 	else
2052 		arg->scan_priority = WMI_SCAN_PRIORITY_LOW;
2053 	arg->dwell_time_active = 50;
2054 	arg->dwell_time_active_2g = 0;
2055 	arg->dwell_time_passive = 150;
2056 	arg->dwell_time_active_6g = 40;
2057 	arg->dwell_time_passive_6g = 30;
2058 	arg->min_rest_time = 50;
2059 	arg->max_rest_time = 500;
2060 	arg->repeat_probe_time = 0;
2061 	arg->probe_spacing_time = 0;
2062 	arg->idle_time = 0;
2063 	arg->max_scan_time = 20000;
2064 	arg->probe_delay = 5;
2065 	arg->notify_scan_events = WMI_SCAN_EVENT_STARTED |
2066 				  WMI_SCAN_EVENT_COMPLETED |
2067 				  WMI_SCAN_EVENT_BSS_CHANNEL |
2068 				  WMI_SCAN_EVENT_FOREIGN_CHAN |
2069 				  WMI_SCAN_EVENT_DEQUEUED;
2070 	arg->scan_flags |= WMI_SCAN_CHAN_STAT_EVENT;
2071 	arg->num_bssid = 1;
2072 
2073 	/* fill bssid_list[0] with 0xff, otherwise bssid and RA will be
2074 	 * ZEROs in probe request
2075 	 */
2076 	eth_broadcast_addr(arg->bssid_list[0].addr);
2077 }
2078 
2079 static inline void
2080 ath11k_wmi_copy_scan_event_cntrl_flags(struct wmi_start_scan_cmd *cmd,
2081 				       struct scan_req_params *param)
2082 {
2083 	/* Scan events subscription */
2084 	if (param->scan_ev_started)
2085 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_STARTED;
2086 	if (param->scan_ev_completed)
2087 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_COMPLETED;
2088 	if (param->scan_ev_bss_chan)
2089 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_BSS_CHANNEL;
2090 	if (param->scan_ev_foreign_chan)
2091 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_FOREIGN_CHAN;
2092 	if (param->scan_ev_dequeued)
2093 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_DEQUEUED;
2094 	if (param->scan_ev_preempted)
2095 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_PREEMPTED;
2096 	if (param->scan_ev_start_failed)
2097 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_START_FAILED;
2098 	if (param->scan_ev_restarted)
2099 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_RESTARTED;
2100 	if (param->scan_ev_foreign_chn_exit)
2101 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_FOREIGN_CHAN_EXIT;
2102 	if (param->scan_ev_suspended)
2103 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_SUSPENDED;
2104 	if (param->scan_ev_resumed)
2105 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_RESUMED;
2106 
2107 	/** Set scan control flags */
2108 	cmd->scan_ctrl_flags = 0;
2109 	if (param->scan_f_passive)
2110 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_PASSIVE;
2111 	if (param->scan_f_strict_passive_pch)
2112 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_STRICT_PASSIVE_ON_PCHN;
2113 	if (param->scan_f_promisc_mode)
2114 		cmd->scan_ctrl_flags |=  WMI_SCAN_FILTER_PROMISCUOS;
2115 	if (param->scan_f_capture_phy_err)
2116 		cmd->scan_ctrl_flags |=  WMI_SCAN_CAPTURE_PHY_ERROR;
2117 	if (param->scan_f_half_rate)
2118 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_HALF_RATE_SUPPORT;
2119 	if (param->scan_f_quarter_rate)
2120 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_QUARTER_RATE_SUPPORT;
2121 	if (param->scan_f_cck_rates)
2122 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_CCK_RATES;
2123 	if (param->scan_f_ofdm_rates)
2124 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_OFDM_RATES;
2125 	if (param->scan_f_chan_stat_evnt)
2126 		cmd->scan_ctrl_flags |=  WMI_SCAN_CHAN_STAT_EVENT;
2127 	if (param->scan_f_filter_prb_req)
2128 		cmd->scan_ctrl_flags |=  WMI_SCAN_FILTER_PROBE_REQ;
2129 	if (param->scan_f_bcast_probe)
2130 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_BCAST_PROBE_REQ;
2131 	if (param->scan_f_offchan_mgmt_tx)
2132 		cmd->scan_ctrl_flags |=  WMI_SCAN_OFFCHAN_MGMT_TX;
2133 	if (param->scan_f_offchan_data_tx)
2134 		cmd->scan_ctrl_flags |=  WMI_SCAN_OFFCHAN_DATA_TX;
2135 	if (param->scan_f_force_active_dfs_chn)
2136 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_FORCE_ACTIVE_ON_DFS;
2137 	if (param->scan_f_add_tpc_ie_in_probe)
2138 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_TPC_IE_IN_PROBE_REQ;
2139 	if (param->scan_f_add_ds_ie_in_probe)
2140 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_DS_IE_IN_PROBE_REQ;
2141 	if (param->scan_f_add_spoofed_mac_in_probe)
2142 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_SPOOF_MAC_IN_PROBE_REQ;
2143 	if (param->scan_f_add_rand_seq_in_probe)
2144 		cmd->scan_ctrl_flags |=  WMI_SCAN_RANDOM_SEQ_NO_IN_PROBE_REQ;
2145 	if (param->scan_f_en_ie_whitelist_in_probe)
2146 		cmd->scan_ctrl_flags |=
2147 			 WMI_SCAN_ENABLE_IE_WHTELIST_IN_PROBE_REQ;
2148 
2149 	/* for adaptive scan mode using 3 bits (21 - 23 bits) */
2150 	WMI_SCAN_SET_DWELL_MODE(cmd->scan_ctrl_flags,
2151 				param->adaptive_dwell_time_mode);
2152 }
2153 
2154 int ath11k_wmi_send_scan_start_cmd(struct ath11k *ar,
2155 				   struct scan_req_params *params)
2156 {
2157 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2158 	struct wmi_start_scan_cmd *cmd;
2159 	struct wmi_ssid *ssid = NULL;
2160 	struct wmi_mac_addr *bssid;
2161 	struct sk_buff *skb;
2162 	struct wmi_tlv *tlv;
2163 	void *ptr;
2164 	int i, ret, len;
2165 	u32 *tmp_ptr;
2166 	u16 extraie_len_with_pad = 0;
2167 	struct hint_short_ssid *s_ssid = NULL;
2168 	struct hint_bssid *hint_bssid = NULL;
2169 
2170 	len = sizeof(*cmd);
2171 
2172 	len += TLV_HDR_SIZE;
2173 	if (params->num_chan)
2174 		len += params->num_chan * sizeof(u32);
2175 
2176 	len += TLV_HDR_SIZE;
2177 	if (params->num_ssids)
2178 		len += params->num_ssids * sizeof(*ssid);
2179 
2180 	len += TLV_HDR_SIZE;
2181 	if (params->num_bssid)
2182 		len += sizeof(*bssid) * params->num_bssid;
2183 
2184 	len += TLV_HDR_SIZE;
2185 	if (params->extraie.len && params->extraie.len <= 0xFFFF)
2186 		extraie_len_with_pad =
2187 			roundup(params->extraie.len, sizeof(u32));
2188 	len += extraie_len_with_pad;
2189 
2190 	if (params->num_hint_bssid)
2191 		len += TLV_HDR_SIZE +
2192 		       params->num_hint_bssid * sizeof(struct hint_bssid);
2193 
2194 	if (params->num_hint_s_ssid)
2195 		len += TLV_HDR_SIZE +
2196 		       params->num_hint_s_ssid * sizeof(struct hint_short_ssid);
2197 
2198 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
2199 	if (!skb)
2200 		return -ENOMEM;
2201 
2202 	ptr = skb->data;
2203 
2204 	cmd = ptr;
2205 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_START_SCAN_CMD) |
2206 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2207 
2208 	cmd->scan_id = params->scan_id;
2209 	cmd->scan_req_id = params->scan_req_id;
2210 	cmd->vdev_id = params->vdev_id;
2211 	cmd->scan_priority = params->scan_priority;
2212 	cmd->notify_scan_events = params->notify_scan_events;
2213 
2214 	ath11k_wmi_copy_scan_event_cntrl_flags(cmd, params);
2215 
2216 	cmd->dwell_time_active = params->dwell_time_active;
2217 	cmd->dwell_time_active_2g = params->dwell_time_active_2g;
2218 	cmd->dwell_time_passive = params->dwell_time_passive;
2219 	cmd->dwell_time_active_6g = params->dwell_time_active_6g;
2220 	cmd->dwell_time_passive_6g = params->dwell_time_passive_6g;
2221 	cmd->min_rest_time = params->min_rest_time;
2222 	cmd->max_rest_time = params->max_rest_time;
2223 	cmd->repeat_probe_time = params->repeat_probe_time;
2224 	cmd->probe_spacing_time = params->probe_spacing_time;
2225 	cmd->idle_time = params->idle_time;
2226 	cmd->max_scan_time = params->max_scan_time;
2227 	cmd->probe_delay = params->probe_delay;
2228 	cmd->burst_duration = params->burst_duration;
2229 	cmd->num_chan = params->num_chan;
2230 	cmd->num_bssid = params->num_bssid;
2231 	cmd->num_ssids = params->num_ssids;
2232 	cmd->ie_len = params->extraie.len;
2233 	cmd->n_probes = params->n_probes;
2234 	ether_addr_copy(cmd->mac_addr.addr, params->mac_addr.addr);
2235 	ether_addr_copy(cmd->mac_mask.addr, params->mac_mask.addr);
2236 
2237 	ptr += sizeof(*cmd);
2238 
2239 	len = params->num_chan * sizeof(u32);
2240 
2241 	tlv = ptr;
2242 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_UINT32) |
2243 		      FIELD_PREP(WMI_TLV_LEN, len);
2244 	ptr += TLV_HDR_SIZE;
2245 	tmp_ptr = (u32 *)ptr;
2246 
2247 	for (i = 0; i < params->num_chan; ++i)
2248 		tmp_ptr[i] = params->chan_list[i];
2249 
2250 	ptr += len;
2251 
2252 	len = params->num_ssids * sizeof(*ssid);
2253 	tlv = ptr;
2254 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) |
2255 		      FIELD_PREP(WMI_TLV_LEN, len);
2256 
2257 	ptr += TLV_HDR_SIZE;
2258 
2259 	if (params->num_ssids) {
2260 		ssid = ptr;
2261 		for (i = 0; i < params->num_ssids; ++i) {
2262 			ssid->ssid_len = params->ssid[i].length;
2263 			memcpy(ssid->ssid, params->ssid[i].ssid,
2264 			       params->ssid[i].length);
2265 			ssid++;
2266 		}
2267 	}
2268 
2269 	ptr += (params->num_ssids * sizeof(*ssid));
2270 	len = params->num_bssid * sizeof(*bssid);
2271 	tlv = ptr;
2272 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) |
2273 		      FIELD_PREP(WMI_TLV_LEN, len);
2274 
2275 	ptr += TLV_HDR_SIZE;
2276 	bssid = ptr;
2277 
2278 	if (params->num_bssid) {
2279 		for (i = 0; i < params->num_bssid; ++i) {
2280 			ether_addr_copy(bssid->addr,
2281 					params->bssid_list[i].addr);
2282 			bssid++;
2283 		}
2284 	}
2285 
2286 	ptr += params->num_bssid * sizeof(*bssid);
2287 
2288 	len = extraie_len_with_pad;
2289 	tlv = ptr;
2290 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
2291 		      FIELD_PREP(WMI_TLV_LEN, len);
2292 	ptr += TLV_HDR_SIZE;
2293 
2294 	if (extraie_len_with_pad)
2295 		memcpy(ptr, params->extraie.ptr,
2296 		       params->extraie.len);
2297 
2298 	ptr += extraie_len_with_pad;
2299 
2300 	if (params->num_hint_s_ssid) {
2301 		len = params->num_hint_s_ssid * sizeof(struct hint_short_ssid);
2302 		tlv = ptr;
2303 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) |
2304 			      FIELD_PREP(WMI_TLV_LEN, len);
2305 		ptr += TLV_HDR_SIZE;
2306 		s_ssid = ptr;
2307 		for (i = 0; i < params->num_hint_s_ssid; ++i) {
2308 			s_ssid->freq_flags = params->hint_s_ssid[i].freq_flags;
2309 			s_ssid->short_ssid = params->hint_s_ssid[i].short_ssid;
2310 			s_ssid++;
2311 		}
2312 		ptr += len;
2313 	}
2314 
2315 	if (params->num_hint_bssid) {
2316 		len = params->num_hint_bssid * sizeof(struct hint_bssid);
2317 		tlv = ptr;
2318 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) |
2319 			      FIELD_PREP(WMI_TLV_LEN, len);
2320 		ptr += TLV_HDR_SIZE;
2321 		hint_bssid = ptr;
2322 		for (i = 0; i < params->num_hint_bssid; ++i) {
2323 			hint_bssid->freq_flags =
2324 				params->hint_bssid[i].freq_flags;
2325 			ether_addr_copy(&params->hint_bssid[i].bssid.addr[0],
2326 					&hint_bssid->bssid.addr[0]);
2327 			hint_bssid++;
2328 		}
2329 	}
2330 
2331 	ret = ath11k_wmi_cmd_send(wmi, skb,
2332 				  WMI_START_SCAN_CMDID);
2333 	if (ret) {
2334 		ath11k_warn(ar->ab, "failed to send WMI_START_SCAN_CMDID\n");
2335 		dev_kfree_skb(skb);
2336 	}
2337 
2338 	return ret;
2339 }
2340 
2341 int ath11k_wmi_send_scan_stop_cmd(struct ath11k *ar,
2342 				  struct scan_cancel_param *param)
2343 {
2344 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2345 	struct wmi_stop_scan_cmd *cmd;
2346 	struct sk_buff *skb;
2347 	int ret;
2348 
2349 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2350 	if (!skb)
2351 		return -ENOMEM;
2352 
2353 	cmd = (struct wmi_stop_scan_cmd *)skb->data;
2354 
2355 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_STOP_SCAN_CMD) |
2356 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2357 
2358 	cmd->vdev_id = param->vdev_id;
2359 	cmd->requestor = param->requester;
2360 	cmd->scan_id = param->scan_id;
2361 	cmd->pdev_id = param->pdev_id;
2362 	/* stop the scan with the corresponding scan_id */
2363 	if (param->req_type == WLAN_SCAN_CANCEL_PDEV_ALL) {
2364 		/* Cancelling all scans */
2365 		cmd->req_type =  WMI_SCAN_STOP_ALL;
2366 	} else if (param->req_type == WLAN_SCAN_CANCEL_VDEV_ALL) {
2367 		/* Cancelling VAP scans */
2368 		cmd->req_type =  WMI_SCN_STOP_VAP_ALL;
2369 	} else if (param->req_type == WLAN_SCAN_CANCEL_SINGLE) {
2370 		/* Cancelling specific scan */
2371 		cmd->req_type =  WMI_SCAN_STOP_ONE;
2372 	} else {
2373 		ath11k_warn(ar->ab, "invalid scan cancel param %d",
2374 			    param->req_type);
2375 		dev_kfree_skb(skb);
2376 		return -EINVAL;
2377 	}
2378 
2379 	ret = ath11k_wmi_cmd_send(wmi, skb,
2380 				  WMI_STOP_SCAN_CMDID);
2381 	if (ret) {
2382 		ath11k_warn(ar->ab, "failed to send WMI_STOP_SCAN_CMDID\n");
2383 		dev_kfree_skb(skb);
2384 	}
2385 
2386 	return ret;
2387 }
2388 
2389 int ath11k_wmi_send_scan_chan_list_cmd(struct ath11k *ar,
2390 				       struct scan_chan_list_params *chan_list)
2391 {
2392 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2393 	struct wmi_scan_chan_list_cmd *cmd;
2394 	struct sk_buff *skb;
2395 	struct wmi_channel *chan_info;
2396 	struct channel_param *tchan_info;
2397 	struct wmi_tlv *tlv;
2398 	void *ptr;
2399 	int i, ret, len;
2400 	u16 num_send_chans, num_sends = 0, max_chan_limit = 0;
2401 	u32 *reg1, *reg2;
2402 
2403 	tchan_info = chan_list->ch_param;
2404 	while (chan_list->nallchans) {
2405 		len = sizeof(*cmd) + TLV_HDR_SIZE;
2406 		max_chan_limit = (wmi->wmi_ab->max_msg_len[ar->pdev_idx] - len) /
2407 			sizeof(*chan_info);
2408 
2409 		if (chan_list->nallchans > max_chan_limit)
2410 			num_send_chans = max_chan_limit;
2411 		else
2412 			num_send_chans = chan_list->nallchans;
2413 
2414 		chan_list->nallchans -= num_send_chans;
2415 		len += sizeof(*chan_info) * num_send_chans;
2416 
2417 		skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
2418 		if (!skb)
2419 			return -ENOMEM;
2420 
2421 		cmd = (struct wmi_scan_chan_list_cmd *)skb->data;
2422 		cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_SCAN_CHAN_LIST_CMD) |
2423 			FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2424 		cmd->pdev_id = chan_list->pdev_id;
2425 		cmd->num_scan_chans = num_send_chans;
2426 		if (num_sends)
2427 			cmd->flags |= WMI_APPEND_TO_EXISTING_CHAN_LIST_FLAG;
2428 
2429 		ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2430 			   "WMI no.of chan = %d len = %d pdev_id = %d num_sends = %d\n",
2431 			   num_send_chans, len, cmd->pdev_id, num_sends);
2432 
2433 		ptr = skb->data + sizeof(*cmd);
2434 
2435 		len = sizeof(*chan_info) * num_send_chans;
2436 		tlv = ptr;
2437 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
2438 			      FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
2439 		ptr += TLV_HDR_SIZE;
2440 
2441 		for (i = 0; i < num_send_chans; ++i) {
2442 			chan_info = ptr;
2443 			memset(chan_info, 0, sizeof(*chan_info));
2444 			len = sizeof(*chan_info);
2445 			chan_info->tlv_header = FIELD_PREP(WMI_TLV_TAG,
2446 							   WMI_TAG_CHANNEL) |
2447 						FIELD_PREP(WMI_TLV_LEN,
2448 							   len - TLV_HDR_SIZE);
2449 
2450 			reg1 = &chan_info->reg_info_1;
2451 			reg2 = &chan_info->reg_info_2;
2452 			chan_info->mhz = tchan_info->mhz;
2453 			chan_info->band_center_freq1 = tchan_info->cfreq1;
2454 			chan_info->band_center_freq2 = tchan_info->cfreq2;
2455 
2456 			if (tchan_info->is_chan_passive)
2457 				chan_info->info |= WMI_CHAN_INFO_PASSIVE;
2458 			if (tchan_info->allow_he)
2459 				chan_info->info |= WMI_CHAN_INFO_ALLOW_HE;
2460 			else if (tchan_info->allow_vht)
2461 				chan_info->info |= WMI_CHAN_INFO_ALLOW_VHT;
2462 			else if (tchan_info->allow_ht)
2463 				chan_info->info |= WMI_CHAN_INFO_ALLOW_HT;
2464 			if (tchan_info->half_rate)
2465 				chan_info->info |= WMI_CHAN_INFO_HALF_RATE;
2466 			if (tchan_info->quarter_rate)
2467 				chan_info->info |= WMI_CHAN_INFO_QUARTER_RATE;
2468 			if (tchan_info->psc_channel)
2469 				chan_info->info |= WMI_CHAN_INFO_PSC;
2470 			if (tchan_info->dfs_set)
2471 				chan_info->info |= WMI_CHAN_INFO_DFS;
2472 
2473 			chan_info->info |= FIELD_PREP(WMI_CHAN_INFO_MODE,
2474 						      tchan_info->phy_mode);
2475 			*reg1 |= FIELD_PREP(WMI_CHAN_REG_INFO1_MIN_PWR,
2476 					    tchan_info->minpower);
2477 			*reg1 |= FIELD_PREP(WMI_CHAN_REG_INFO1_MAX_PWR,
2478 					    tchan_info->maxpower);
2479 			*reg1 |= FIELD_PREP(WMI_CHAN_REG_INFO1_MAX_REG_PWR,
2480 					    tchan_info->maxregpower);
2481 			*reg1 |= FIELD_PREP(WMI_CHAN_REG_INFO1_REG_CLS,
2482 					    tchan_info->reg_class_id);
2483 			*reg2 |= FIELD_PREP(WMI_CHAN_REG_INFO2_ANT_MAX,
2484 					    tchan_info->antennamax);
2485 			*reg2 |= FIELD_PREP(WMI_CHAN_REG_INFO2_MAX_TX_PWR,
2486 					    tchan_info->maxregpower);
2487 
2488 			ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2489 				   "WMI chan scan list chan[%d] = %u, chan_info->info %8x\n",
2490 				   i, chan_info->mhz, chan_info->info);
2491 
2492 			ptr += sizeof(*chan_info);
2493 
2494 			tchan_info++;
2495 		}
2496 
2497 		ret = ath11k_wmi_cmd_send(wmi, skb, WMI_SCAN_CHAN_LIST_CMDID);
2498 		if (ret) {
2499 			ath11k_warn(ar->ab, "failed to send WMI_SCAN_CHAN_LIST cmd\n");
2500 			dev_kfree_skb(skb);
2501 			return ret;
2502 		}
2503 
2504 		num_sends++;
2505 	}
2506 
2507 	return 0;
2508 }
2509 
2510 int ath11k_wmi_send_wmm_update_cmd_tlv(struct ath11k *ar, u32 vdev_id,
2511 				       struct wmi_wmm_params_all_arg *param)
2512 {
2513 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2514 	struct wmi_vdev_set_wmm_params_cmd *cmd;
2515 	struct wmi_wmm_params *wmm_param;
2516 	struct wmi_wmm_params_arg *wmi_wmm_arg;
2517 	struct sk_buff *skb;
2518 	int ret, ac;
2519 
2520 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2521 	if (!skb)
2522 		return -ENOMEM;
2523 
2524 	cmd = (struct wmi_vdev_set_wmm_params_cmd *)skb->data;
2525 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
2526 				     WMI_TAG_VDEV_SET_WMM_PARAMS_CMD) |
2527 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2528 
2529 	cmd->vdev_id = vdev_id;
2530 	cmd->wmm_param_type = 0;
2531 
2532 	for (ac = 0; ac < WME_NUM_AC; ac++) {
2533 		switch (ac) {
2534 		case WME_AC_BE:
2535 			wmi_wmm_arg = &param->ac_be;
2536 			break;
2537 		case WME_AC_BK:
2538 			wmi_wmm_arg = &param->ac_bk;
2539 			break;
2540 		case WME_AC_VI:
2541 			wmi_wmm_arg = &param->ac_vi;
2542 			break;
2543 		case WME_AC_VO:
2544 			wmi_wmm_arg = &param->ac_vo;
2545 			break;
2546 		}
2547 
2548 		wmm_param = (struct wmi_wmm_params *)&cmd->wmm_params[ac];
2549 		wmm_param->tlv_header =
2550 				FIELD_PREP(WMI_TLV_TAG,
2551 					   WMI_TAG_VDEV_SET_WMM_PARAMS_CMD) |
2552 				FIELD_PREP(WMI_TLV_LEN,
2553 					   sizeof(*wmm_param) - TLV_HDR_SIZE);
2554 
2555 		wmm_param->aifs = wmi_wmm_arg->aifs;
2556 		wmm_param->cwmin = wmi_wmm_arg->cwmin;
2557 		wmm_param->cwmax = wmi_wmm_arg->cwmax;
2558 		wmm_param->txoplimit = wmi_wmm_arg->txop;
2559 		wmm_param->acm = wmi_wmm_arg->acm;
2560 		wmm_param->no_ack = wmi_wmm_arg->no_ack;
2561 
2562 		ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2563 			   "wmi wmm set ac %d aifs %d cwmin %d cwmax %d txop %d acm %d no_ack %d\n",
2564 			   ac, wmm_param->aifs, wmm_param->cwmin,
2565 			   wmm_param->cwmax, wmm_param->txoplimit,
2566 			   wmm_param->acm, wmm_param->no_ack);
2567 	}
2568 	ret = ath11k_wmi_cmd_send(wmi, skb,
2569 				  WMI_VDEV_SET_WMM_PARAMS_CMDID);
2570 	if (ret) {
2571 		ath11k_warn(ar->ab,
2572 			    "failed to send WMI_VDEV_SET_WMM_PARAMS_CMDID");
2573 		dev_kfree_skb(skb);
2574 	}
2575 
2576 	return ret;
2577 }
2578 
2579 int ath11k_wmi_send_dfs_phyerr_offload_enable_cmd(struct ath11k *ar,
2580 						  u32 pdev_id)
2581 {
2582 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2583 	struct wmi_dfs_phyerr_offload_cmd *cmd;
2584 	struct sk_buff *skb;
2585 	int ret;
2586 
2587 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2588 	if (!skb)
2589 		return -ENOMEM;
2590 
2591 	cmd = (struct wmi_dfs_phyerr_offload_cmd *)skb->data;
2592 	cmd->tlv_header =
2593 		FIELD_PREP(WMI_TLV_TAG,
2594 			   WMI_TAG_PDEV_DFS_PHYERR_OFFLOAD_ENABLE_CMD) |
2595 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2596 
2597 	cmd->pdev_id = pdev_id;
2598 
2599 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2600 		   "WMI dfs phy err offload enable pdev id %d\n", pdev_id);
2601 
2602 	ret = ath11k_wmi_cmd_send(wmi, skb,
2603 				  WMI_PDEV_DFS_PHYERR_OFFLOAD_ENABLE_CMDID);
2604 	if (ret) {
2605 		ath11k_warn(ar->ab,
2606 			    "failed to send WMI_PDEV_DFS_PHYERR_OFFLOAD_ENABLE cmd\n");
2607 		dev_kfree_skb(skb);
2608 	}
2609 
2610 	return ret;
2611 }
2612 
2613 int ath11k_wmi_delba_send(struct ath11k *ar, u32 vdev_id, const u8 *mac,
2614 			  u32 tid, u32 initiator, u32 reason)
2615 {
2616 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2617 	struct wmi_delba_send_cmd *cmd;
2618 	struct sk_buff *skb;
2619 	int ret;
2620 
2621 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2622 	if (!skb)
2623 		return -ENOMEM;
2624 
2625 	cmd = (struct wmi_delba_send_cmd *)skb->data;
2626 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_DELBA_SEND_CMD) |
2627 			FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2628 	cmd->vdev_id = vdev_id;
2629 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2630 	cmd->tid = tid;
2631 	cmd->initiator = initiator;
2632 	cmd->reasoncode = reason;
2633 
2634 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2635 		   "wmi delba send vdev_id 0x%X mac_addr %pM tid %u initiator %u reason %u\n",
2636 		   vdev_id, mac, tid, initiator, reason);
2637 
2638 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_DELBA_SEND_CMDID);
2639 
2640 	if (ret) {
2641 		ath11k_warn(ar->ab,
2642 			    "failed to send WMI_DELBA_SEND_CMDID cmd\n");
2643 		dev_kfree_skb(skb);
2644 	}
2645 
2646 	return ret;
2647 }
2648 
2649 int ath11k_wmi_addba_set_resp(struct ath11k *ar, u32 vdev_id, const u8 *mac,
2650 			      u32 tid, u32 status)
2651 {
2652 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2653 	struct wmi_addba_setresponse_cmd *cmd;
2654 	struct sk_buff *skb;
2655 	int ret;
2656 
2657 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2658 	if (!skb)
2659 		return -ENOMEM;
2660 
2661 	cmd = (struct wmi_addba_setresponse_cmd *)skb->data;
2662 	cmd->tlv_header =
2663 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ADDBA_SETRESPONSE_CMD) |
2664 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2665 	cmd->vdev_id = vdev_id;
2666 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2667 	cmd->tid = tid;
2668 	cmd->statuscode = status;
2669 
2670 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2671 		   "wmi addba set resp vdev_id 0x%X mac_addr %pM tid %u status %u\n",
2672 		   vdev_id, mac, tid, status);
2673 
2674 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_ADDBA_SET_RESP_CMDID);
2675 
2676 	if (ret) {
2677 		ath11k_warn(ar->ab,
2678 			    "failed to send WMI_ADDBA_SET_RESP_CMDID cmd\n");
2679 		dev_kfree_skb(skb);
2680 	}
2681 
2682 	return ret;
2683 }
2684 
2685 int ath11k_wmi_addba_send(struct ath11k *ar, u32 vdev_id, const u8 *mac,
2686 			  u32 tid, u32 buf_size)
2687 {
2688 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2689 	struct wmi_addba_send_cmd *cmd;
2690 	struct sk_buff *skb;
2691 	int ret;
2692 
2693 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2694 	if (!skb)
2695 		return -ENOMEM;
2696 
2697 	cmd = (struct wmi_addba_send_cmd *)skb->data;
2698 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ADDBA_SEND_CMD) |
2699 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2700 	cmd->vdev_id = vdev_id;
2701 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2702 	cmd->tid = tid;
2703 	cmd->buffersize = buf_size;
2704 
2705 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2706 		   "wmi addba send vdev_id 0x%X mac_addr %pM tid %u bufsize %u\n",
2707 		   vdev_id, mac, tid, buf_size);
2708 
2709 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_ADDBA_SEND_CMDID);
2710 
2711 	if (ret) {
2712 		ath11k_warn(ar->ab,
2713 			    "failed to send WMI_ADDBA_SEND_CMDID cmd\n");
2714 		dev_kfree_skb(skb);
2715 	}
2716 
2717 	return ret;
2718 }
2719 
2720 int ath11k_wmi_addba_clear_resp(struct ath11k *ar, u32 vdev_id, const u8 *mac)
2721 {
2722 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2723 	struct wmi_addba_clear_resp_cmd *cmd;
2724 	struct sk_buff *skb;
2725 	int ret;
2726 
2727 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2728 	if (!skb)
2729 		return -ENOMEM;
2730 
2731 	cmd = (struct wmi_addba_clear_resp_cmd *)skb->data;
2732 	cmd->tlv_header =
2733 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ADDBA_CLEAR_RESP_CMD) |
2734 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2735 	cmd->vdev_id = vdev_id;
2736 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2737 
2738 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2739 		   "wmi addba clear resp vdev_id 0x%X mac_addr %pM\n",
2740 		   vdev_id, mac);
2741 
2742 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_ADDBA_CLEAR_RESP_CMDID);
2743 
2744 	if (ret) {
2745 		ath11k_warn(ar->ab,
2746 			    "failed to send WMI_ADDBA_CLEAR_RESP_CMDID cmd\n");
2747 		dev_kfree_skb(skb);
2748 	}
2749 
2750 	return ret;
2751 }
2752 
2753 int ath11k_wmi_pdev_peer_pktlog_filter(struct ath11k *ar, u8 *addr, u8 enable)
2754 {
2755 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2756 	struct wmi_pdev_pktlog_filter_cmd *cmd;
2757 	struct wmi_pdev_pktlog_filter_info *info;
2758 	struct sk_buff *skb;
2759 	struct wmi_tlv *tlv;
2760 	void *ptr;
2761 	int ret, len;
2762 
2763 	len = sizeof(*cmd) + sizeof(*info) + TLV_HDR_SIZE;
2764 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
2765 	if (!skb)
2766 		return -ENOMEM;
2767 
2768 	cmd = (struct wmi_pdev_pktlog_filter_cmd *)skb->data;
2769 
2770 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_PEER_PKTLOG_FILTER_CMD) |
2771 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2772 
2773 	cmd->pdev_id = DP_HW2SW_MACID(ar->pdev->pdev_id);
2774 	cmd->num_mac = 1;
2775 	cmd->enable = enable;
2776 
2777 	ptr = skb->data + sizeof(*cmd);
2778 
2779 	tlv = ptr;
2780 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
2781 		      FIELD_PREP(WMI_TLV_LEN, sizeof(*info));
2782 
2783 	ptr += TLV_HDR_SIZE;
2784 	info = ptr;
2785 
2786 	ether_addr_copy(info->peer_macaddr.addr, addr);
2787 	info->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_PEER_PKTLOG_FILTER_INFO) |
2788 			   FIELD_PREP(WMI_TLV_LEN,
2789 				      sizeof(*info) - TLV_HDR_SIZE);
2790 
2791 	ret = ath11k_wmi_cmd_send(wmi, skb,
2792 				  WMI_PDEV_PKTLOG_FILTER_CMDID);
2793 	if (ret) {
2794 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_PKTLOG_ENABLE_CMDID\n");
2795 		dev_kfree_skb(skb);
2796 	}
2797 
2798 	return ret;
2799 }
2800 
2801 int
2802 ath11k_wmi_send_init_country_cmd(struct ath11k *ar,
2803 				 struct wmi_init_country_params init_cc_params)
2804 {
2805 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2806 	struct wmi_init_country_cmd *cmd;
2807 	struct sk_buff *skb;
2808 	int ret;
2809 
2810 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2811 	if (!skb)
2812 		return -ENOMEM;
2813 
2814 	cmd = (struct wmi_init_country_cmd *)skb->data;
2815 	cmd->tlv_header =
2816 		FIELD_PREP(WMI_TLV_TAG,
2817 			   WMI_TAG_SET_INIT_COUNTRY_CMD) |
2818 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2819 
2820 	cmd->pdev_id = ar->pdev->pdev_id;
2821 
2822 	switch (init_cc_params.flags) {
2823 	case ALPHA_IS_SET:
2824 		cmd->init_cc_type = WMI_COUNTRY_INFO_TYPE_ALPHA;
2825 		memcpy((u8 *)&cmd->cc_info.alpha2,
2826 		       init_cc_params.cc_info.alpha2, 3);
2827 		break;
2828 	case CC_IS_SET:
2829 		cmd->init_cc_type = WMI_COUNTRY_INFO_TYPE_COUNTRY_CODE;
2830 		cmd->cc_info.country_code = init_cc_params.cc_info.country_code;
2831 		break;
2832 	case REGDMN_IS_SET:
2833 		cmd->init_cc_type = WMI_COUNTRY_INFO_TYPE_REGDOMAIN;
2834 		cmd->cc_info.regdom_id = init_cc_params.cc_info.regdom_id;
2835 		break;
2836 	default:
2837 		ret = -EINVAL;
2838 		goto out;
2839 	}
2840 
2841 	ret = ath11k_wmi_cmd_send(wmi, skb,
2842 				  WMI_SET_INIT_COUNTRY_CMDID);
2843 
2844 out:
2845 	if (ret) {
2846 		ath11k_warn(ar->ab,
2847 			    "failed to send WMI_SET_INIT_COUNTRY CMD :%d\n",
2848 			    ret);
2849 		dev_kfree_skb(skb);
2850 	}
2851 
2852 	return ret;
2853 }
2854 
2855 int ath11k_wmi_send_set_current_country_cmd(struct ath11k *ar,
2856 					    struct wmi_set_current_country_params *param)
2857 {
2858 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2859 	struct wmi_set_current_country_cmd *cmd;
2860 	struct sk_buff *skb;
2861 	int ret;
2862 
2863 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2864 	if (!skb)
2865 		return -ENOMEM;
2866 
2867 	cmd = (struct wmi_set_current_country_cmd *)skb->data;
2868 	cmd->tlv_header =
2869 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_SET_CURRENT_COUNTRY_CMD) |
2870 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2871 
2872 	cmd->pdev_id = ar->pdev->pdev_id;
2873 	memcpy(&cmd->new_alpha2, &param->alpha2, 3);
2874 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_SET_CURRENT_COUNTRY_CMDID);
2875 
2876 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2877 		   "set current country pdev id %d alpha2 %c%c\n",
2878 		   ar->pdev->pdev_id,
2879 		   param->alpha2[0],
2880 		   param->alpha2[1]);
2881 
2882 	if (ret) {
2883 		ath11k_warn(ar->ab,
2884 			    "failed to send WMI_SET_CURRENT_COUNTRY_CMDID: %d\n", ret);
2885 		dev_kfree_skb(skb);
2886 	}
2887 
2888 	return ret;
2889 }
2890 
2891 int
2892 ath11k_wmi_send_thermal_mitigation_param_cmd(struct ath11k *ar,
2893 					     struct thermal_mitigation_params *param)
2894 {
2895 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2896 	struct wmi_therm_throt_config_request_cmd *cmd;
2897 	struct wmi_therm_throt_level_config_info *lvl_conf;
2898 	struct wmi_tlv *tlv;
2899 	struct sk_buff *skb;
2900 	int i, ret, len;
2901 
2902 	len = sizeof(*cmd) + TLV_HDR_SIZE +
2903 	      THERMAL_LEVELS * sizeof(struct wmi_therm_throt_level_config_info);
2904 
2905 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
2906 	if (!skb)
2907 		return -ENOMEM;
2908 
2909 	cmd = (struct wmi_therm_throt_config_request_cmd *)skb->data;
2910 
2911 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_THERM_THROT_CONFIG_REQUEST) |
2912 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2913 
2914 	cmd->pdev_id = ar->pdev->pdev_id;
2915 	cmd->enable = param->enable;
2916 	cmd->dc = param->dc;
2917 	cmd->dc_per_event = param->dc_per_event;
2918 	cmd->therm_throt_levels = THERMAL_LEVELS;
2919 
2920 	tlv = (struct wmi_tlv *)(skb->data + sizeof(*cmd));
2921 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
2922 		      FIELD_PREP(WMI_TLV_LEN,
2923 				 (THERMAL_LEVELS *
2924 				  sizeof(struct wmi_therm_throt_level_config_info)));
2925 
2926 	lvl_conf = (struct wmi_therm_throt_level_config_info *)(skb->data +
2927 								sizeof(*cmd) +
2928 								TLV_HDR_SIZE);
2929 	for (i = 0; i < THERMAL_LEVELS; i++) {
2930 		lvl_conf->tlv_header =
2931 			FIELD_PREP(WMI_TLV_TAG, WMI_TAG_THERM_THROT_LEVEL_CONFIG_INFO) |
2932 			FIELD_PREP(WMI_TLV_LEN, sizeof(*lvl_conf) - TLV_HDR_SIZE);
2933 
2934 		lvl_conf->temp_lwm = param->levelconf[i].tmplwm;
2935 		lvl_conf->temp_hwm = param->levelconf[i].tmphwm;
2936 		lvl_conf->dc_off_percent = param->levelconf[i].dcoffpercent;
2937 		lvl_conf->prio = param->levelconf[i].priority;
2938 		lvl_conf++;
2939 	}
2940 
2941 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_THERM_THROT_SET_CONF_CMDID);
2942 	if (ret) {
2943 		ath11k_warn(ar->ab, "failed to send THERM_THROT_SET_CONF cmd\n");
2944 		dev_kfree_skb(skb);
2945 	}
2946 
2947 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2948 		   "WMI vdev set thermal throt pdev_id %d enable %d dc %d dc_per_event %x levels %d\n",
2949 		   ar->pdev->pdev_id, param->enable, param->dc,
2950 		   param->dc_per_event, THERMAL_LEVELS);
2951 
2952 	return ret;
2953 }
2954 
2955 int ath11k_wmi_send_11d_scan_start_cmd(struct ath11k *ar,
2956 				       struct wmi_11d_scan_start_params *param)
2957 {
2958 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2959 	struct wmi_11d_scan_start_cmd *cmd;
2960 	struct sk_buff *skb;
2961 	int ret;
2962 
2963 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2964 	if (!skb)
2965 		return -ENOMEM;
2966 
2967 	cmd = (struct wmi_11d_scan_start_cmd *)skb->data;
2968 	cmd->tlv_header =
2969 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_11D_SCAN_START_CMD) |
2970 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2971 
2972 	cmd->vdev_id = param->vdev_id;
2973 	cmd->scan_period_msec = param->scan_period_msec;
2974 	cmd->start_interval_msec = param->start_interval_msec;
2975 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_11D_SCAN_START_CMDID);
2976 
2977 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2978 		   "send 11d scan start vdev id %d period %d ms internal %d ms\n",
2979 		   cmd->vdev_id,
2980 		   cmd->scan_period_msec,
2981 		   cmd->start_interval_msec);
2982 
2983 	if (ret) {
2984 		ath11k_warn(ar->ab,
2985 			    "failed to send WMI_11D_SCAN_START_CMDID: %d\n", ret);
2986 		dev_kfree_skb(skb);
2987 	}
2988 
2989 	return ret;
2990 }
2991 
2992 int ath11k_wmi_send_11d_scan_stop_cmd(struct ath11k *ar, u32 vdev_id)
2993 {
2994 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2995 	struct wmi_11d_scan_stop_cmd *cmd;
2996 	struct sk_buff *skb;
2997 	int ret;
2998 
2999 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
3000 	if (!skb)
3001 		return -ENOMEM;
3002 
3003 	cmd = (struct wmi_11d_scan_stop_cmd *)skb->data;
3004 	cmd->tlv_header =
3005 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_11D_SCAN_STOP_CMD) |
3006 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3007 
3008 	cmd->vdev_id = vdev_id;
3009 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_11D_SCAN_STOP_CMDID);
3010 
3011 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3012 		   "send 11d scan stop vdev id %d\n",
3013 		   cmd->vdev_id);
3014 
3015 	if (ret) {
3016 		ath11k_warn(ar->ab,
3017 			    "failed to send WMI_11D_SCAN_STOP_CMDID: %d\n", ret);
3018 		dev_kfree_skb(skb);
3019 	}
3020 
3021 	return ret;
3022 }
3023 
3024 int ath11k_wmi_pdev_pktlog_enable(struct ath11k *ar, u32 pktlog_filter)
3025 {
3026 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3027 	struct wmi_pktlog_enable_cmd *cmd;
3028 	struct sk_buff *skb;
3029 	int ret;
3030 
3031 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
3032 	if (!skb)
3033 		return -ENOMEM;
3034 
3035 	cmd = (struct wmi_pktlog_enable_cmd *)skb->data;
3036 
3037 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_PKTLOG_ENABLE_CMD) |
3038 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3039 
3040 	cmd->pdev_id = DP_HW2SW_MACID(ar->pdev->pdev_id);
3041 	cmd->evlist = pktlog_filter;
3042 	cmd->enable = ATH11K_WMI_PKTLOG_ENABLE_FORCE;
3043 
3044 	ret = ath11k_wmi_cmd_send(wmi, skb,
3045 				  WMI_PDEV_PKTLOG_ENABLE_CMDID);
3046 	if (ret) {
3047 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_PKTLOG_ENABLE_CMDID\n");
3048 		dev_kfree_skb(skb);
3049 	}
3050 
3051 	return ret;
3052 }
3053 
3054 int ath11k_wmi_pdev_pktlog_disable(struct ath11k *ar)
3055 {
3056 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3057 	struct wmi_pktlog_disable_cmd *cmd;
3058 	struct sk_buff *skb;
3059 	int ret;
3060 
3061 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
3062 	if (!skb)
3063 		return -ENOMEM;
3064 
3065 	cmd = (struct wmi_pktlog_disable_cmd *)skb->data;
3066 
3067 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_PKTLOG_DISABLE_CMD) |
3068 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3069 
3070 	cmd->pdev_id = DP_HW2SW_MACID(ar->pdev->pdev_id);
3071 
3072 	ret = ath11k_wmi_cmd_send(wmi, skb,
3073 				  WMI_PDEV_PKTLOG_DISABLE_CMDID);
3074 	if (ret) {
3075 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_PKTLOG_ENABLE_CMDID\n");
3076 		dev_kfree_skb(skb);
3077 	}
3078 
3079 	return ret;
3080 }
3081 
3082 void ath11k_wmi_fill_default_twt_params(struct wmi_twt_enable_params *twt_params)
3083 {
3084 	twt_params->sta_cong_timer_ms = ATH11K_TWT_DEF_STA_CONG_TIMER_MS;
3085 	twt_params->default_slot_size = ATH11K_TWT_DEF_DEFAULT_SLOT_SIZE;
3086 	twt_params->congestion_thresh_setup = ATH11K_TWT_DEF_CONGESTION_THRESH_SETUP;
3087 	twt_params->congestion_thresh_teardown =
3088 		ATH11K_TWT_DEF_CONGESTION_THRESH_TEARDOWN;
3089 	twt_params->congestion_thresh_critical =
3090 		ATH11K_TWT_DEF_CONGESTION_THRESH_CRITICAL;
3091 	twt_params->interference_thresh_teardown =
3092 		ATH11K_TWT_DEF_INTERFERENCE_THRESH_TEARDOWN;
3093 	twt_params->interference_thresh_setup =
3094 		ATH11K_TWT_DEF_INTERFERENCE_THRESH_SETUP;
3095 	twt_params->min_no_sta_setup = ATH11K_TWT_DEF_MIN_NO_STA_SETUP;
3096 	twt_params->min_no_sta_teardown = ATH11K_TWT_DEF_MIN_NO_STA_TEARDOWN;
3097 	twt_params->no_of_bcast_mcast_slots = ATH11K_TWT_DEF_NO_OF_BCAST_MCAST_SLOTS;
3098 	twt_params->min_no_twt_slots = ATH11K_TWT_DEF_MIN_NO_TWT_SLOTS;
3099 	twt_params->max_no_sta_twt = ATH11K_TWT_DEF_MAX_NO_STA_TWT;
3100 	twt_params->mode_check_interval = ATH11K_TWT_DEF_MODE_CHECK_INTERVAL;
3101 	twt_params->add_sta_slot_interval = ATH11K_TWT_DEF_ADD_STA_SLOT_INTERVAL;
3102 	twt_params->remove_sta_slot_interval =
3103 		ATH11K_TWT_DEF_REMOVE_STA_SLOT_INTERVAL;
3104 	/* TODO add MBSSID support */
3105 	twt_params->mbss_support = 0;
3106 }
3107 
3108 int ath11k_wmi_send_twt_enable_cmd(struct ath11k *ar, u32 pdev_id,
3109 				   struct wmi_twt_enable_params *params)
3110 {
3111 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3112 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3113 	struct wmi_twt_enable_params_cmd *cmd;
3114 	struct sk_buff *skb;
3115 	int ret, len;
3116 
3117 	len = sizeof(*cmd);
3118 
3119 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3120 	if (!skb)
3121 		return -ENOMEM;
3122 
3123 	cmd = (struct wmi_twt_enable_params_cmd *)skb->data;
3124 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_TWT_ENABLE_CMD) |
3125 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3126 	cmd->pdev_id = pdev_id;
3127 	cmd->sta_cong_timer_ms = params->sta_cong_timer_ms;
3128 	cmd->default_slot_size = params->default_slot_size;
3129 	cmd->congestion_thresh_setup = params->congestion_thresh_setup;
3130 	cmd->congestion_thresh_teardown = params->congestion_thresh_teardown;
3131 	cmd->congestion_thresh_critical = params->congestion_thresh_critical;
3132 	cmd->interference_thresh_teardown = params->interference_thresh_teardown;
3133 	cmd->interference_thresh_setup = params->interference_thresh_setup;
3134 	cmd->min_no_sta_setup = params->min_no_sta_setup;
3135 	cmd->min_no_sta_teardown = params->min_no_sta_teardown;
3136 	cmd->no_of_bcast_mcast_slots = params->no_of_bcast_mcast_slots;
3137 	cmd->min_no_twt_slots = params->min_no_twt_slots;
3138 	cmd->max_no_sta_twt = params->max_no_sta_twt;
3139 	cmd->mode_check_interval = params->mode_check_interval;
3140 	cmd->add_sta_slot_interval = params->add_sta_slot_interval;
3141 	cmd->remove_sta_slot_interval = params->remove_sta_slot_interval;
3142 	cmd->mbss_support = params->mbss_support;
3143 
3144 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_ENABLE_CMDID);
3145 	if (ret) {
3146 		ath11k_warn(ab, "Failed to send WMI_TWT_ENABLE_CMDID");
3147 		dev_kfree_skb(skb);
3148 	} else {
3149 		ar->twt_enabled = 1;
3150 	}
3151 	return ret;
3152 }
3153 
3154 int
3155 ath11k_wmi_send_twt_disable_cmd(struct ath11k *ar, u32 pdev_id)
3156 {
3157 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3158 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3159 	struct wmi_twt_disable_params_cmd *cmd;
3160 	struct sk_buff *skb;
3161 	int ret, len;
3162 
3163 	len = sizeof(*cmd);
3164 
3165 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3166 	if (!skb)
3167 		return -ENOMEM;
3168 
3169 	cmd = (struct wmi_twt_disable_params_cmd *)skb->data;
3170 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_TWT_DISABLE_CMD) |
3171 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3172 	cmd->pdev_id = pdev_id;
3173 
3174 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_DISABLE_CMDID);
3175 	if (ret) {
3176 		ath11k_warn(ab, "Failed to send WMI_TWT_DISABLE_CMDID");
3177 		dev_kfree_skb(skb);
3178 	} else {
3179 		ar->twt_enabled = 0;
3180 	}
3181 	return ret;
3182 }
3183 
3184 int ath11k_wmi_send_twt_add_dialog_cmd(struct ath11k *ar,
3185 				       struct wmi_twt_add_dialog_params *params)
3186 {
3187 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3188 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3189 	struct wmi_twt_add_dialog_params_cmd *cmd;
3190 	struct sk_buff *skb;
3191 	int ret, len;
3192 
3193 	len = sizeof(*cmd);
3194 
3195 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3196 	if (!skb)
3197 		return -ENOMEM;
3198 
3199 	cmd = (struct wmi_twt_add_dialog_params_cmd *)skb->data;
3200 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_TWT_ADD_DIALOG_CMD) |
3201 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3202 
3203 	cmd->vdev_id = params->vdev_id;
3204 	ether_addr_copy(cmd->peer_macaddr.addr, params->peer_macaddr);
3205 	cmd->dialog_id = params->dialog_id;
3206 	cmd->wake_intvl_us = params->wake_intvl_us;
3207 	cmd->wake_intvl_mantis = params->wake_intvl_mantis;
3208 	cmd->wake_dura_us = params->wake_dura_us;
3209 	cmd->sp_offset_us = params->sp_offset_us;
3210 	cmd->flags = params->twt_cmd;
3211 	if (params->flag_bcast)
3212 		cmd->flags |= WMI_TWT_ADD_DIALOG_FLAG_BCAST;
3213 	if (params->flag_trigger)
3214 		cmd->flags |= WMI_TWT_ADD_DIALOG_FLAG_TRIGGER;
3215 	if (params->flag_flow_type)
3216 		cmd->flags |= WMI_TWT_ADD_DIALOG_FLAG_FLOW_TYPE;
3217 	if (params->flag_protection)
3218 		cmd->flags |= WMI_TWT_ADD_DIALOG_FLAG_PROTECTION;
3219 
3220 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3221 		   "wmi add twt dialog vdev %u dialog id %u wake interval %u mantissa %u wake duration %u service period offset %u flags 0x%x\n",
3222 		   cmd->vdev_id, cmd->dialog_id, cmd->wake_intvl_us,
3223 		   cmd->wake_intvl_mantis, cmd->wake_dura_us, cmd->sp_offset_us,
3224 		   cmd->flags);
3225 
3226 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_ADD_DIALOG_CMDID);
3227 
3228 	if (ret) {
3229 		ath11k_warn(ab,
3230 			    "failed to send wmi command to add twt dialog: %d",
3231 			    ret);
3232 		dev_kfree_skb(skb);
3233 	}
3234 	return ret;
3235 }
3236 
3237 int ath11k_wmi_send_twt_del_dialog_cmd(struct ath11k *ar,
3238 				       struct wmi_twt_del_dialog_params *params)
3239 {
3240 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3241 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3242 	struct wmi_twt_del_dialog_params_cmd *cmd;
3243 	struct sk_buff *skb;
3244 	int ret, len;
3245 
3246 	len = sizeof(*cmd);
3247 
3248 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3249 	if (!skb)
3250 		return -ENOMEM;
3251 
3252 	cmd = (struct wmi_twt_del_dialog_params_cmd *)skb->data;
3253 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_TWT_DEL_DIALOG_CMD) |
3254 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3255 
3256 	cmd->vdev_id = params->vdev_id;
3257 	ether_addr_copy(cmd->peer_macaddr.addr, params->peer_macaddr);
3258 	cmd->dialog_id = params->dialog_id;
3259 
3260 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3261 		   "wmi delete twt dialog vdev %u dialog id %u\n",
3262 		   cmd->vdev_id, cmd->dialog_id);
3263 
3264 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_DEL_DIALOG_CMDID);
3265 	if (ret) {
3266 		ath11k_warn(ab,
3267 			    "failed to send wmi command to delete twt dialog: %d",
3268 			    ret);
3269 		dev_kfree_skb(skb);
3270 	}
3271 	return ret;
3272 }
3273 
3274 int ath11k_wmi_send_twt_pause_dialog_cmd(struct ath11k *ar,
3275 					 struct wmi_twt_pause_dialog_params *params)
3276 {
3277 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3278 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3279 	struct wmi_twt_pause_dialog_params_cmd *cmd;
3280 	struct sk_buff *skb;
3281 	int ret, len;
3282 
3283 	len = sizeof(*cmd);
3284 
3285 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3286 	if (!skb)
3287 		return -ENOMEM;
3288 
3289 	cmd = (struct wmi_twt_pause_dialog_params_cmd *)skb->data;
3290 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3291 				     WMI_TAG_TWT_PAUSE_DIALOG_CMD) |
3292 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3293 
3294 	cmd->vdev_id = params->vdev_id;
3295 	ether_addr_copy(cmd->peer_macaddr.addr, params->peer_macaddr);
3296 	cmd->dialog_id = params->dialog_id;
3297 
3298 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3299 		   "wmi pause twt dialog vdev %u dialog id %u\n",
3300 		   cmd->vdev_id, cmd->dialog_id);
3301 
3302 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_PAUSE_DIALOG_CMDID);
3303 	if (ret) {
3304 		ath11k_warn(ab,
3305 			    "failed to send wmi command to pause twt dialog: %d",
3306 			    ret);
3307 		dev_kfree_skb(skb);
3308 	}
3309 	return ret;
3310 }
3311 
3312 int ath11k_wmi_send_twt_resume_dialog_cmd(struct ath11k *ar,
3313 					  struct wmi_twt_resume_dialog_params *params)
3314 {
3315 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3316 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3317 	struct wmi_twt_resume_dialog_params_cmd *cmd;
3318 	struct sk_buff *skb;
3319 	int ret, len;
3320 
3321 	len = sizeof(*cmd);
3322 
3323 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3324 	if (!skb)
3325 		return -ENOMEM;
3326 
3327 	cmd = (struct wmi_twt_resume_dialog_params_cmd *)skb->data;
3328 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3329 				     WMI_TAG_TWT_RESUME_DIALOG_CMD) |
3330 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3331 
3332 	cmd->vdev_id = params->vdev_id;
3333 	ether_addr_copy(cmd->peer_macaddr.addr, params->peer_macaddr);
3334 	cmd->dialog_id = params->dialog_id;
3335 	cmd->sp_offset_us = params->sp_offset_us;
3336 	cmd->next_twt_size = params->next_twt_size;
3337 
3338 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3339 		   "wmi resume twt dialog vdev %u dialog id %u service period offset %u next twt subfield size %u\n",
3340 		   cmd->vdev_id, cmd->dialog_id, cmd->sp_offset_us,
3341 		   cmd->next_twt_size);
3342 
3343 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_RESUME_DIALOG_CMDID);
3344 	if (ret) {
3345 		ath11k_warn(ab,
3346 			    "failed to send wmi command to resume twt dialog: %d",
3347 			    ret);
3348 		dev_kfree_skb(skb);
3349 	}
3350 	return ret;
3351 }
3352 
3353 int
3354 ath11k_wmi_send_obss_spr_cmd(struct ath11k *ar, u32 vdev_id,
3355 			     struct ieee80211_he_obss_pd *he_obss_pd)
3356 {
3357 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3358 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3359 	struct wmi_obss_spatial_reuse_params_cmd *cmd;
3360 	struct sk_buff *skb;
3361 	int ret, len;
3362 
3363 	len = sizeof(*cmd);
3364 
3365 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3366 	if (!skb)
3367 		return -ENOMEM;
3368 
3369 	cmd = (struct wmi_obss_spatial_reuse_params_cmd *)skb->data;
3370 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3371 				     WMI_TAG_OBSS_SPATIAL_REUSE_SET_CMD) |
3372 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3373 	cmd->vdev_id = vdev_id;
3374 	cmd->enable = he_obss_pd->enable;
3375 	cmd->obss_min = he_obss_pd->min_offset;
3376 	cmd->obss_max = he_obss_pd->max_offset;
3377 
3378 	ret = ath11k_wmi_cmd_send(wmi, skb,
3379 				  WMI_PDEV_OBSS_PD_SPATIAL_REUSE_CMDID);
3380 	if (ret) {
3381 		ath11k_warn(ab,
3382 			    "Failed to send WMI_PDEV_OBSS_PD_SPATIAL_REUSE_CMDID");
3383 		dev_kfree_skb(skb);
3384 	}
3385 	return ret;
3386 }
3387 
3388 int
3389 ath11k_wmi_pdev_set_srg_bss_color_bitmap(struct ath11k *ar, u32 *bitmap)
3390 {
3391 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3392 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3393 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3394 	struct sk_buff *skb;
3395 	int ret, len;
3396 
3397 	len = sizeof(*cmd);
3398 
3399 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3400 	if (!skb)
3401 		return -ENOMEM;
3402 
3403 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3404 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3405 				     WMI_TAG_PDEV_SRG_BSS_COLOR_BITMAP_CMD) |
3406 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3407 	cmd->pdev_id = ar->pdev->pdev_id;
3408 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3409 
3410 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3411 		   "obss pd pdev_id %d bss color bitmap %08x %08x\n",
3412 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3413 
3414 	ret = ath11k_wmi_cmd_send(wmi, skb,
3415 				  WMI_PDEV_SET_SRG_BSS_COLOR_BITMAP_CMDID);
3416 	if (ret) {
3417 		ath11k_warn(ab,
3418 			    "failed to send WMI_PDEV_SET_SRG_BSS_COLOR_BITMAP_CMDID");
3419 		dev_kfree_skb(skb);
3420 	}
3421 
3422 	return ret;
3423 }
3424 
3425 int
3426 ath11k_wmi_pdev_set_srg_patial_bssid_bitmap(struct ath11k *ar, u32 *bitmap)
3427 {
3428 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3429 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3430 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3431 	struct sk_buff *skb;
3432 	int ret, len;
3433 
3434 	len = sizeof(*cmd);
3435 
3436 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3437 	if (!skb)
3438 		return -ENOMEM;
3439 
3440 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3441 	cmd->tlv_header =
3442 		FIELD_PREP(WMI_TLV_TAG,
3443 			   WMI_TAG_PDEV_SRG_PARTIAL_BSSID_BITMAP_CMD) |
3444 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3445 	cmd->pdev_id = ar->pdev->pdev_id;
3446 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3447 
3448 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3449 		   "obss pd pdev_id %d partial bssid bitmap %08x %08x\n",
3450 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3451 
3452 	ret = ath11k_wmi_cmd_send(wmi, skb,
3453 				  WMI_PDEV_SET_SRG_PARTIAL_BSSID_BITMAP_CMDID);
3454 	if (ret) {
3455 		ath11k_warn(ab,
3456 			    "failed to send WMI_PDEV_SET_SRG_PARTIAL_BSSID_BITMAP_CMDID");
3457 		dev_kfree_skb(skb);
3458 	}
3459 
3460 	return ret;
3461 }
3462 
3463 int
3464 ath11k_wmi_pdev_srg_obss_color_enable_bitmap(struct ath11k *ar, u32 *bitmap)
3465 {
3466 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3467 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3468 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3469 	struct sk_buff *skb;
3470 	int ret, len;
3471 
3472 	len = sizeof(*cmd);
3473 
3474 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3475 	if (!skb)
3476 		return -ENOMEM;
3477 
3478 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3479 	cmd->tlv_header =
3480 		FIELD_PREP(WMI_TLV_TAG,
3481 			   WMI_TAG_PDEV_SRG_OBSS_COLOR_ENABLE_BITMAP_CMD) |
3482 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3483 	cmd->pdev_id = ar->pdev->pdev_id;
3484 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3485 
3486 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3487 		   "obss pd srg pdev_id %d bss color enable bitmap %08x %08x\n",
3488 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3489 
3490 	ret = ath11k_wmi_cmd_send(wmi, skb,
3491 				  WMI_PDEV_SET_SRG_OBSS_COLOR_ENABLE_BITMAP_CMDID);
3492 	if (ret) {
3493 		ath11k_warn(ab,
3494 			    "failed to send WMI_PDEV_SET_SRG_OBSS_COLOR_ENABLE_BITMAP_CMDID");
3495 		dev_kfree_skb(skb);
3496 	}
3497 
3498 	return ret;
3499 }
3500 
3501 int
3502 ath11k_wmi_pdev_srg_obss_bssid_enable_bitmap(struct ath11k *ar, u32 *bitmap)
3503 {
3504 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3505 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3506 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3507 	struct sk_buff *skb;
3508 	int ret, len;
3509 
3510 	len = sizeof(*cmd);
3511 
3512 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3513 	if (!skb)
3514 		return -ENOMEM;
3515 
3516 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3517 	cmd->tlv_header =
3518 		FIELD_PREP(WMI_TLV_TAG,
3519 			   WMI_TAG_PDEV_SRG_OBSS_BSSID_ENABLE_BITMAP_CMD) |
3520 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3521 	cmd->pdev_id = ar->pdev->pdev_id;
3522 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3523 
3524 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3525 		   "obss pd srg pdev_id %d bssid enable bitmap %08x %08x\n",
3526 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3527 
3528 	ret = ath11k_wmi_cmd_send(wmi, skb,
3529 				  WMI_PDEV_SET_SRG_OBSS_BSSID_ENABLE_BITMAP_CMDID);
3530 	if (ret) {
3531 		ath11k_warn(ab,
3532 			    "failed to send WMI_PDEV_SET_SRG_OBSS_BSSID_ENABLE_BITMAP_CMDID");
3533 		dev_kfree_skb(skb);
3534 	}
3535 
3536 	return ret;
3537 }
3538 
3539 int
3540 ath11k_wmi_pdev_non_srg_obss_color_enable_bitmap(struct ath11k *ar, u32 *bitmap)
3541 {
3542 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3543 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3544 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3545 	struct sk_buff *skb;
3546 	int ret, len;
3547 
3548 	len = sizeof(*cmd);
3549 
3550 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3551 	if (!skb)
3552 		return -ENOMEM;
3553 
3554 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3555 	cmd->tlv_header =
3556 		FIELD_PREP(WMI_TLV_TAG,
3557 			   WMI_TAG_PDEV_NON_SRG_OBSS_COLOR_ENABLE_BITMAP_CMD) |
3558 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3559 	cmd->pdev_id = ar->pdev->pdev_id;
3560 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3561 
3562 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3563 		   "obss pd non_srg pdev_id %d bss color enable bitmap %08x %08x\n",
3564 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3565 
3566 	ret = ath11k_wmi_cmd_send(wmi, skb,
3567 				  WMI_PDEV_SET_NON_SRG_OBSS_COLOR_ENABLE_BITMAP_CMDID);
3568 	if (ret) {
3569 		ath11k_warn(ab,
3570 			    "failed to send WMI_PDEV_SET_NON_SRG_OBSS_COLOR_ENABLE_BITMAP_CMDID");
3571 		dev_kfree_skb(skb);
3572 	}
3573 
3574 	return ret;
3575 }
3576 
3577 int
3578 ath11k_wmi_pdev_non_srg_obss_bssid_enable_bitmap(struct ath11k *ar, u32 *bitmap)
3579 {
3580 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3581 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3582 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3583 	struct sk_buff *skb;
3584 	int ret, len;
3585 
3586 	len = sizeof(*cmd);
3587 
3588 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3589 	if (!skb)
3590 		return -ENOMEM;
3591 
3592 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3593 	cmd->tlv_header =
3594 		FIELD_PREP(WMI_TLV_TAG,
3595 			   WMI_TAG_PDEV_NON_SRG_OBSS_BSSID_ENABLE_BITMAP_CMD) |
3596 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3597 	cmd->pdev_id = ar->pdev->pdev_id;
3598 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3599 
3600 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3601 		   "obss pd non_srg pdev_id %d bssid enable bitmap %08x %08x\n",
3602 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3603 
3604 	ret = ath11k_wmi_cmd_send(wmi, skb,
3605 				  WMI_PDEV_SET_NON_SRG_OBSS_BSSID_ENABLE_BITMAP_CMDID);
3606 	if (ret) {
3607 		ath11k_warn(ab,
3608 			    "failed to send WMI_PDEV_SET_NON_SRG_OBSS_BSSID_ENABLE_BITMAP_CMDID");
3609 		dev_kfree_skb(skb);
3610 	}
3611 
3612 	return ret;
3613 }
3614 
3615 int
3616 ath11k_wmi_send_obss_color_collision_cfg_cmd(struct ath11k *ar, u32 vdev_id,
3617 					     u8 bss_color, u32 period,
3618 					     bool enable)
3619 {
3620 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3621 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3622 	struct wmi_obss_color_collision_cfg_params_cmd *cmd;
3623 	struct sk_buff *skb;
3624 	int ret, len;
3625 
3626 	len = sizeof(*cmd);
3627 
3628 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3629 	if (!skb)
3630 		return -ENOMEM;
3631 
3632 	cmd = (struct wmi_obss_color_collision_cfg_params_cmd *)skb->data;
3633 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3634 				     WMI_TAG_OBSS_COLOR_COLLISION_DET_CONFIG) |
3635 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3636 	cmd->vdev_id = vdev_id;
3637 	cmd->evt_type = enable ? ATH11K_OBSS_COLOR_COLLISION_DETECTION :
3638 				 ATH11K_OBSS_COLOR_COLLISION_DETECTION_DISABLE;
3639 	cmd->current_bss_color = bss_color;
3640 	cmd->detection_period_ms = period;
3641 	cmd->scan_period_ms = ATH11K_BSS_COLOR_COLLISION_SCAN_PERIOD_MS;
3642 	cmd->free_slot_expiry_time_ms = 0;
3643 	cmd->flags = 0;
3644 
3645 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3646 		   "wmi_send_obss_color_collision_cfg id %d type %d bss_color %d detect_period %d scan_period %d\n",
3647 		   cmd->vdev_id, cmd->evt_type, cmd->current_bss_color,
3648 		   cmd->detection_period_ms, cmd->scan_period_ms);
3649 
3650 	ret = ath11k_wmi_cmd_send(wmi, skb,
3651 				  WMI_OBSS_COLOR_COLLISION_DET_CONFIG_CMDID);
3652 	if (ret) {
3653 		ath11k_warn(ab, "Failed to send WMI_OBSS_COLOR_COLLISION_DET_CONFIG_CMDID");
3654 		dev_kfree_skb(skb);
3655 	}
3656 	return ret;
3657 }
3658 
3659 int ath11k_wmi_send_bss_color_change_enable_cmd(struct ath11k *ar, u32 vdev_id,
3660 						bool enable)
3661 {
3662 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3663 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3664 	struct wmi_bss_color_change_enable_params_cmd *cmd;
3665 	struct sk_buff *skb;
3666 	int ret, len;
3667 
3668 	len = sizeof(*cmd);
3669 
3670 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3671 	if (!skb)
3672 		return -ENOMEM;
3673 
3674 	cmd = (struct wmi_bss_color_change_enable_params_cmd *)skb->data;
3675 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_BSS_COLOR_CHANGE_ENABLE) |
3676 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3677 	cmd->vdev_id = vdev_id;
3678 	cmd->enable = enable ? 1 : 0;
3679 
3680 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3681 		   "wmi_send_bss_color_change_enable id %d enable %d\n",
3682 		   cmd->vdev_id, cmd->enable);
3683 
3684 	ret = ath11k_wmi_cmd_send(wmi, skb,
3685 				  WMI_BSS_COLOR_CHANGE_ENABLE_CMDID);
3686 	if (ret) {
3687 		ath11k_warn(ab, "Failed to send WMI_BSS_COLOR_CHANGE_ENABLE_CMDID");
3688 		dev_kfree_skb(skb);
3689 	}
3690 	return ret;
3691 }
3692 
3693 int ath11k_wmi_fils_discovery_tmpl(struct ath11k *ar, u32 vdev_id,
3694 				   struct sk_buff *tmpl)
3695 {
3696 	struct wmi_tlv *tlv;
3697 	struct sk_buff *skb;
3698 	void *ptr;
3699 	int ret, len;
3700 	size_t aligned_len;
3701 	struct wmi_fils_discovery_tmpl_cmd *cmd;
3702 
3703 	aligned_len = roundup(tmpl->len, 4);
3704 	len = sizeof(*cmd) + TLV_HDR_SIZE + aligned_len;
3705 
3706 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3707 		   "WMI vdev %i set FILS discovery template\n", vdev_id);
3708 
3709 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
3710 	if (!skb)
3711 		return -ENOMEM;
3712 
3713 	cmd = (struct wmi_fils_discovery_tmpl_cmd *)skb->data;
3714 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3715 				     WMI_TAG_FILS_DISCOVERY_TMPL_CMD) |
3716 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3717 	cmd->vdev_id = vdev_id;
3718 	cmd->buf_len = tmpl->len;
3719 	ptr = skb->data + sizeof(*cmd);
3720 
3721 	tlv = ptr;
3722 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
3723 		      FIELD_PREP(WMI_TLV_LEN, aligned_len);
3724 	memcpy(tlv->value, tmpl->data, tmpl->len);
3725 
3726 	ret = ath11k_wmi_cmd_send(ar->wmi, skb, WMI_FILS_DISCOVERY_TMPL_CMDID);
3727 	if (ret) {
3728 		ath11k_warn(ar->ab,
3729 			    "WMI vdev %i failed to send FILS discovery template command\n",
3730 			    vdev_id);
3731 		dev_kfree_skb(skb);
3732 	}
3733 	return ret;
3734 }
3735 
3736 int ath11k_wmi_probe_resp_tmpl(struct ath11k *ar, u32 vdev_id,
3737 			       struct sk_buff *tmpl)
3738 {
3739 	struct wmi_probe_tmpl_cmd *cmd;
3740 	struct wmi_bcn_prb_info *probe_info;
3741 	struct wmi_tlv *tlv;
3742 	struct sk_buff *skb;
3743 	void *ptr;
3744 	int ret, len;
3745 	size_t aligned_len = roundup(tmpl->len, 4);
3746 
3747 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3748 		   "WMI vdev %i set probe response template\n", vdev_id);
3749 
3750 	len = sizeof(*cmd) + sizeof(*probe_info) + TLV_HDR_SIZE + aligned_len;
3751 
3752 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
3753 	if (!skb)
3754 		return -ENOMEM;
3755 
3756 	cmd = (struct wmi_probe_tmpl_cmd *)skb->data;
3757 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PRB_TMPL_CMD) |
3758 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3759 	cmd->vdev_id = vdev_id;
3760 	cmd->buf_len = tmpl->len;
3761 
3762 	ptr = skb->data + sizeof(*cmd);
3763 
3764 	probe_info = ptr;
3765 	len = sizeof(*probe_info);
3766 	probe_info->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3767 					    WMI_TAG_BCN_PRB_INFO) |
3768 				 FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3769 	probe_info->caps = 0;
3770 	probe_info->erp = 0;
3771 
3772 	ptr += sizeof(*probe_info);
3773 
3774 	tlv = ptr;
3775 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
3776 		      FIELD_PREP(WMI_TLV_LEN, aligned_len);
3777 	memcpy(tlv->value, tmpl->data, tmpl->len);
3778 
3779 	ret = ath11k_wmi_cmd_send(ar->wmi, skb, WMI_PRB_TMPL_CMDID);
3780 	if (ret) {
3781 		ath11k_warn(ar->ab,
3782 			    "WMI vdev %i failed to send probe response template command\n",
3783 			    vdev_id);
3784 		dev_kfree_skb(skb);
3785 	}
3786 	return ret;
3787 }
3788 
3789 int ath11k_wmi_fils_discovery(struct ath11k *ar, u32 vdev_id, u32 interval,
3790 			      bool unsol_bcast_probe_resp_enabled)
3791 {
3792 	struct sk_buff *skb;
3793 	int ret, len;
3794 	struct wmi_fils_discovery_cmd *cmd;
3795 
3796 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3797 		   "WMI vdev %i set %s interval to %u TU\n",
3798 		   vdev_id, unsol_bcast_probe_resp_enabled ?
3799 		   "unsolicited broadcast probe response" : "FILS discovery",
3800 		   interval);
3801 
3802 	len = sizeof(*cmd);
3803 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
3804 	if (!skb)
3805 		return -ENOMEM;
3806 
3807 	cmd = (struct wmi_fils_discovery_cmd *)skb->data;
3808 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ENABLE_FILS_CMD) |
3809 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3810 	cmd->vdev_id = vdev_id;
3811 	cmd->interval = interval;
3812 	cmd->config = unsol_bcast_probe_resp_enabled;
3813 
3814 	ret = ath11k_wmi_cmd_send(ar->wmi, skb, WMI_ENABLE_FILS_CMDID);
3815 	if (ret) {
3816 		ath11k_warn(ar->ab,
3817 			    "WMI vdev %i failed to send FILS discovery enable/disable command\n",
3818 			    vdev_id);
3819 		dev_kfree_skb(skb);
3820 	}
3821 	return ret;
3822 }
3823 
3824 static void
3825 ath11k_wmi_obss_color_collision_event(struct ath11k_base *ab, struct sk_buff *skb)
3826 {
3827 	const void **tb;
3828 	const struct wmi_obss_color_collision_event *ev;
3829 	struct ath11k_vif *arvif;
3830 	int ret;
3831 
3832 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
3833 	if (IS_ERR(tb)) {
3834 		ret = PTR_ERR(tb);
3835 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
3836 		return;
3837 	}
3838 
3839 	rcu_read_lock();
3840 
3841 	ev = tb[WMI_TAG_OBSS_COLOR_COLLISION_EVT];
3842 	if (!ev) {
3843 		ath11k_warn(ab, "failed to fetch obss color collision ev");
3844 		goto exit;
3845 	}
3846 
3847 	arvif = ath11k_mac_get_arvif_by_vdev_id(ab, ev->vdev_id);
3848 	if (!arvif) {
3849 		ath11k_warn(ab, "failed to find arvif with vedv id %d in obss_color_collision_event\n",
3850 			    ev->vdev_id);
3851 		goto exit;
3852 	}
3853 
3854 	switch (ev->evt_type) {
3855 	case WMI_BSS_COLOR_COLLISION_DETECTION:
3856 		ieeee80211_obss_color_collision_notify(arvif->vif, ev->obss_color_bitmap,
3857 						       GFP_KERNEL);
3858 		ath11k_dbg(ab, ATH11K_DBG_WMI,
3859 			   "OBSS color collision detected vdev:%d, event:%d, bitmap:%08llx\n",
3860 			   ev->vdev_id, ev->evt_type, ev->obss_color_bitmap);
3861 		break;
3862 	case WMI_BSS_COLOR_COLLISION_DISABLE:
3863 	case WMI_BSS_COLOR_FREE_SLOT_TIMER_EXPIRY:
3864 	case WMI_BSS_COLOR_FREE_SLOT_AVAILABLE:
3865 		break;
3866 	default:
3867 		ath11k_warn(ab, "received unknown obss color collision detection event\n");
3868 	}
3869 
3870 exit:
3871 	kfree(tb);
3872 	rcu_read_unlock();
3873 }
3874 
3875 static void
3876 ath11k_fill_band_to_mac_param(struct ath11k_base  *soc,
3877 			      struct wmi_host_pdev_band_to_mac *band_to_mac)
3878 {
3879 	u8 i;
3880 	struct ath11k_hal_reg_capabilities_ext *hal_reg_cap;
3881 	struct ath11k_pdev *pdev;
3882 
3883 	for (i = 0; i < soc->num_radios; i++) {
3884 		pdev = &soc->pdevs[i];
3885 		hal_reg_cap = &soc->hal_reg_cap[i];
3886 		band_to_mac[i].pdev_id = pdev->pdev_id;
3887 
3888 		switch (pdev->cap.supported_bands) {
3889 		case WMI_HOST_WLAN_2G_5G_CAP:
3890 			band_to_mac[i].start_freq = hal_reg_cap->low_2ghz_chan;
3891 			band_to_mac[i].end_freq = hal_reg_cap->high_5ghz_chan;
3892 			break;
3893 		case WMI_HOST_WLAN_2G_CAP:
3894 			band_to_mac[i].start_freq = hal_reg_cap->low_2ghz_chan;
3895 			band_to_mac[i].end_freq = hal_reg_cap->high_2ghz_chan;
3896 			break;
3897 		case WMI_HOST_WLAN_5G_CAP:
3898 			band_to_mac[i].start_freq = hal_reg_cap->low_5ghz_chan;
3899 			band_to_mac[i].end_freq = hal_reg_cap->high_5ghz_chan;
3900 			break;
3901 		default:
3902 			break;
3903 		}
3904 	}
3905 }
3906 
3907 static void
3908 ath11k_wmi_copy_resource_config(struct wmi_resource_config *wmi_cfg,
3909 				struct target_resource_config *tg_cfg)
3910 {
3911 	wmi_cfg->num_vdevs = tg_cfg->num_vdevs;
3912 	wmi_cfg->num_peers = tg_cfg->num_peers;
3913 	wmi_cfg->num_offload_peers = tg_cfg->num_offload_peers;
3914 	wmi_cfg->num_offload_reorder_buffs = tg_cfg->num_offload_reorder_buffs;
3915 	wmi_cfg->num_peer_keys = tg_cfg->num_peer_keys;
3916 	wmi_cfg->num_tids = tg_cfg->num_tids;
3917 	wmi_cfg->ast_skid_limit = tg_cfg->ast_skid_limit;
3918 	wmi_cfg->tx_chain_mask = tg_cfg->tx_chain_mask;
3919 	wmi_cfg->rx_chain_mask = tg_cfg->rx_chain_mask;
3920 	wmi_cfg->rx_timeout_pri[0] = tg_cfg->rx_timeout_pri[0];
3921 	wmi_cfg->rx_timeout_pri[1] = tg_cfg->rx_timeout_pri[1];
3922 	wmi_cfg->rx_timeout_pri[2] = tg_cfg->rx_timeout_pri[2];
3923 	wmi_cfg->rx_timeout_pri[3] = tg_cfg->rx_timeout_pri[3];
3924 	wmi_cfg->rx_decap_mode = tg_cfg->rx_decap_mode;
3925 	wmi_cfg->scan_max_pending_req = tg_cfg->scan_max_pending_req;
3926 	wmi_cfg->bmiss_offload_max_vdev = tg_cfg->bmiss_offload_max_vdev;
3927 	wmi_cfg->roam_offload_max_vdev = tg_cfg->roam_offload_max_vdev;
3928 	wmi_cfg->roam_offload_max_ap_profiles =
3929 		tg_cfg->roam_offload_max_ap_profiles;
3930 	wmi_cfg->num_mcast_groups = tg_cfg->num_mcast_groups;
3931 	wmi_cfg->num_mcast_table_elems = tg_cfg->num_mcast_table_elems;
3932 	wmi_cfg->mcast2ucast_mode = tg_cfg->mcast2ucast_mode;
3933 	wmi_cfg->tx_dbg_log_size = tg_cfg->tx_dbg_log_size;
3934 	wmi_cfg->num_wds_entries = tg_cfg->num_wds_entries;
3935 	wmi_cfg->dma_burst_size = tg_cfg->dma_burst_size;
3936 	wmi_cfg->mac_aggr_delim = tg_cfg->mac_aggr_delim;
3937 	wmi_cfg->rx_skip_defrag_timeout_dup_detection_check =
3938 		tg_cfg->rx_skip_defrag_timeout_dup_detection_check;
3939 	wmi_cfg->vow_config = tg_cfg->vow_config;
3940 	wmi_cfg->gtk_offload_max_vdev = tg_cfg->gtk_offload_max_vdev;
3941 	wmi_cfg->num_msdu_desc = tg_cfg->num_msdu_desc;
3942 	wmi_cfg->max_frag_entries = tg_cfg->max_frag_entries;
3943 	wmi_cfg->num_tdls_vdevs = tg_cfg->num_tdls_vdevs;
3944 	wmi_cfg->num_tdls_conn_table_entries =
3945 		tg_cfg->num_tdls_conn_table_entries;
3946 	wmi_cfg->beacon_tx_offload_max_vdev =
3947 		tg_cfg->beacon_tx_offload_max_vdev;
3948 	wmi_cfg->num_multicast_filter_entries =
3949 		tg_cfg->num_multicast_filter_entries;
3950 	wmi_cfg->num_wow_filters = tg_cfg->num_wow_filters;
3951 	wmi_cfg->num_keep_alive_pattern = tg_cfg->num_keep_alive_pattern;
3952 	wmi_cfg->keep_alive_pattern_size = tg_cfg->keep_alive_pattern_size;
3953 	wmi_cfg->max_tdls_concurrent_sleep_sta =
3954 		tg_cfg->max_tdls_concurrent_sleep_sta;
3955 	wmi_cfg->max_tdls_concurrent_buffer_sta =
3956 		tg_cfg->max_tdls_concurrent_buffer_sta;
3957 	wmi_cfg->wmi_send_separate = tg_cfg->wmi_send_separate;
3958 	wmi_cfg->num_ocb_vdevs = tg_cfg->num_ocb_vdevs;
3959 	wmi_cfg->num_ocb_channels = tg_cfg->num_ocb_channels;
3960 	wmi_cfg->num_ocb_schedules = tg_cfg->num_ocb_schedules;
3961 	wmi_cfg->bpf_instruction_size = tg_cfg->bpf_instruction_size;
3962 	wmi_cfg->max_bssid_rx_filters = tg_cfg->max_bssid_rx_filters;
3963 	wmi_cfg->use_pdev_id = tg_cfg->use_pdev_id;
3964 	wmi_cfg->flag1 = tg_cfg->flag1;
3965 	wmi_cfg->peer_map_unmap_v2_support = tg_cfg->peer_map_unmap_v2_support;
3966 	wmi_cfg->sched_params = tg_cfg->sched_params;
3967 	wmi_cfg->twt_ap_pdev_count = tg_cfg->twt_ap_pdev_count;
3968 	wmi_cfg->twt_ap_sta_count = tg_cfg->twt_ap_sta_count;
3969 }
3970 
3971 static int ath11k_init_cmd_send(struct ath11k_pdev_wmi *wmi,
3972 				struct wmi_init_cmd_param *param)
3973 {
3974 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3975 	struct sk_buff *skb;
3976 	struct wmi_init_cmd *cmd;
3977 	struct wmi_resource_config *cfg;
3978 	struct wmi_pdev_set_hw_mode_cmd_param *hw_mode;
3979 	struct wmi_pdev_band_to_mac *band_to_mac;
3980 	struct wlan_host_mem_chunk *host_mem_chunks;
3981 	struct wmi_tlv *tlv;
3982 	size_t ret, len;
3983 	void *ptr;
3984 	u32 hw_mode_len = 0;
3985 	u16 idx;
3986 
3987 	if (param->hw_mode_id != WMI_HOST_HW_MODE_MAX)
3988 		hw_mode_len = sizeof(*hw_mode) + TLV_HDR_SIZE +
3989 			      (param->num_band_to_mac * sizeof(*band_to_mac));
3990 
3991 	len = sizeof(*cmd) + TLV_HDR_SIZE + sizeof(*cfg) + hw_mode_len +
3992 	      (param->num_mem_chunks ? (sizeof(*host_mem_chunks) * WMI_MAX_MEM_REQS) : 0);
3993 
3994 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3995 	if (!skb)
3996 		return -ENOMEM;
3997 
3998 	cmd = (struct wmi_init_cmd *)skb->data;
3999 
4000 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_INIT_CMD) |
4001 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4002 
4003 	ptr = skb->data + sizeof(*cmd);
4004 	cfg = ptr;
4005 
4006 	ath11k_wmi_copy_resource_config(cfg, param->res_cfg);
4007 
4008 	cfg->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_RESOURCE_CONFIG) |
4009 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cfg) - TLV_HDR_SIZE);
4010 
4011 	ptr += sizeof(*cfg);
4012 	host_mem_chunks = ptr + TLV_HDR_SIZE;
4013 	len = sizeof(struct wlan_host_mem_chunk);
4014 
4015 	for (idx = 0; idx < param->num_mem_chunks; ++idx) {
4016 		host_mem_chunks[idx].tlv_header =
4017 				FIELD_PREP(WMI_TLV_TAG,
4018 					   WMI_TAG_WLAN_HOST_MEMORY_CHUNK) |
4019 				FIELD_PREP(WMI_TLV_LEN, len);
4020 
4021 		host_mem_chunks[idx].ptr = param->mem_chunks[idx].paddr;
4022 		host_mem_chunks[idx].size = param->mem_chunks[idx].len;
4023 		host_mem_chunks[idx].req_id = param->mem_chunks[idx].req_id;
4024 
4025 		ath11k_dbg(ab, ATH11K_DBG_WMI,
4026 			   "WMI host mem chunk req_id %d paddr 0x%llx len %d\n",
4027 			   param->mem_chunks[idx].req_id,
4028 			   (u64)param->mem_chunks[idx].paddr,
4029 			   param->mem_chunks[idx].len);
4030 	}
4031 	cmd->num_host_mem_chunks = param->num_mem_chunks;
4032 	len = sizeof(struct wlan_host_mem_chunk) * param->num_mem_chunks;
4033 
4034 	/* num_mem_chunks is zero */
4035 	tlv = ptr;
4036 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
4037 		      FIELD_PREP(WMI_TLV_LEN, len);
4038 	ptr += TLV_HDR_SIZE + len;
4039 
4040 	if (param->hw_mode_id != WMI_HOST_HW_MODE_MAX) {
4041 		hw_mode = (struct wmi_pdev_set_hw_mode_cmd_param *)ptr;
4042 		hw_mode->tlv_header = FIELD_PREP(WMI_TLV_TAG,
4043 						 WMI_TAG_PDEV_SET_HW_MODE_CMD) |
4044 				      FIELD_PREP(WMI_TLV_LEN,
4045 						 sizeof(*hw_mode) - TLV_HDR_SIZE);
4046 
4047 		hw_mode->hw_mode_index = param->hw_mode_id;
4048 		hw_mode->num_band_to_mac = param->num_band_to_mac;
4049 
4050 		ptr += sizeof(*hw_mode);
4051 
4052 		len = param->num_band_to_mac * sizeof(*band_to_mac);
4053 		tlv = ptr;
4054 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
4055 			      FIELD_PREP(WMI_TLV_LEN, len);
4056 
4057 		ptr += TLV_HDR_SIZE;
4058 		len = sizeof(*band_to_mac);
4059 
4060 		for (idx = 0; idx < param->num_band_to_mac; idx++) {
4061 			band_to_mac = (void *)ptr;
4062 
4063 			band_to_mac->tlv_header = FIELD_PREP(WMI_TLV_TAG,
4064 							     WMI_TAG_PDEV_BAND_TO_MAC) |
4065 						  FIELD_PREP(WMI_TLV_LEN,
4066 							     len - TLV_HDR_SIZE);
4067 			band_to_mac->pdev_id = param->band_to_mac[idx].pdev_id;
4068 			band_to_mac->start_freq =
4069 				param->band_to_mac[idx].start_freq;
4070 			band_to_mac->end_freq =
4071 				param->band_to_mac[idx].end_freq;
4072 			ptr += sizeof(*band_to_mac);
4073 		}
4074 	}
4075 
4076 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_INIT_CMDID);
4077 	if (ret) {
4078 		ath11k_warn(ab, "failed to send WMI_INIT_CMDID\n");
4079 		dev_kfree_skb(skb);
4080 	}
4081 
4082 	return ret;
4083 }
4084 
4085 int ath11k_wmi_pdev_lro_cfg(struct ath11k *ar,
4086 			    int pdev_id)
4087 {
4088 	struct ath11k_wmi_pdev_lro_config_cmd *cmd;
4089 	struct sk_buff *skb;
4090 	int ret;
4091 
4092 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
4093 	if (!skb)
4094 		return -ENOMEM;
4095 
4096 	cmd = (struct ath11k_wmi_pdev_lro_config_cmd *)skb->data;
4097 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_LRO_INFO_CMD) |
4098 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4099 
4100 	get_random_bytes(cmd->th_4, sizeof(uint32_t) * ATH11K_IPV4_TH_SEED_SIZE);
4101 	get_random_bytes(cmd->th_6, sizeof(uint32_t) * ATH11K_IPV6_TH_SEED_SIZE);
4102 
4103 	cmd->pdev_id = pdev_id;
4104 
4105 	ret = ath11k_wmi_cmd_send(ar->wmi, skb, WMI_LRO_CONFIG_CMDID);
4106 	if (ret) {
4107 		ath11k_warn(ar->ab,
4108 			    "failed to send lro cfg req wmi cmd\n");
4109 		goto err;
4110 	}
4111 
4112 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
4113 		   "WMI lro cfg cmd pdev_id 0x%x\n", pdev_id);
4114 	return 0;
4115 err:
4116 	dev_kfree_skb(skb);
4117 	return ret;
4118 }
4119 
4120 int ath11k_wmi_wait_for_service_ready(struct ath11k_base *ab)
4121 {
4122 	unsigned long time_left;
4123 
4124 	time_left = wait_for_completion_timeout(&ab->wmi_ab.service_ready,
4125 						WMI_SERVICE_READY_TIMEOUT_HZ);
4126 	if (!time_left)
4127 		return -ETIMEDOUT;
4128 
4129 	return 0;
4130 }
4131 
4132 int ath11k_wmi_wait_for_unified_ready(struct ath11k_base *ab)
4133 {
4134 	unsigned long time_left;
4135 
4136 	time_left = wait_for_completion_timeout(&ab->wmi_ab.unified_ready,
4137 						WMI_SERVICE_READY_TIMEOUT_HZ);
4138 	if (!time_left)
4139 		return -ETIMEDOUT;
4140 
4141 	return 0;
4142 }
4143 
4144 int ath11k_wmi_set_hw_mode(struct ath11k_base *ab,
4145 			   enum wmi_host_hw_mode_config_type mode)
4146 {
4147 	struct wmi_pdev_set_hw_mode_cmd_param *cmd;
4148 	struct sk_buff *skb;
4149 	struct ath11k_wmi_base *wmi_ab = &ab->wmi_ab;
4150 	int len;
4151 	int ret;
4152 
4153 	len = sizeof(*cmd);
4154 
4155 	skb = ath11k_wmi_alloc_skb(wmi_ab, len);
4156 	if (!skb)
4157 		return -ENOMEM;
4158 
4159 	cmd = (struct wmi_pdev_set_hw_mode_cmd_param *)skb->data;
4160 
4161 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SET_HW_MODE_CMD) |
4162 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4163 
4164 	cmd->pdev_id = WMI_PDEV_ID_SOC;
4165 	cmd->hw_mode_index = mode;
4166 
4167 	ret = ath11k_wmi_cmd_send(&wmi_ab->wmi[0], skb, WMI_PDEV_SET_HW_MODE_CMDID);
4168 	if (ret) {
4169 		ath11k_warn(ab, "failed to send WMI_PDEV_SET_HW_MODE_CMDID\n");
4170 		dev_kfree_skb(skb);
4171 	}
4172 
4173 	return ret;
4174 }
4175 
4176 int ath11k_wmi_cmd_init(struct ath11k_base *ab)
4177 {
4178 	struct ath11k_wmi_base *wmi_sc = &ab->wmi_ab;
4179 	struct wmi_init_cmd_param init_param;
4180 	struct target_resource_config  config;
4181 
4182 	memset(&init_param, 0, sizeof(init_param));
4183 	memset(&config, 0, sizeof(config));
4184 
4185 	ab->hw_params.hw_ops->wmi_init_config(ab, &config);
4186 
4187 	memcpy(&wmi_sc->wlan_resource_config, &config, sizeof(config));
4188 
4189 	init_param.res_cfg = &wmi_sc->wlan_resource_config;
4190 	init_param.num_mem_chunks = wmi_sc->num_mem_chunks;
4191 	init_param.hw_mode_id = wmi_sc->preferred_hw_mode;
4192 	init_param.mem_chunks = wmi_sc->mem_chunks;
4193 
4194 	if (ab->hw_params.single_pdev_only)
4195 		init_param.hw_mode_id = WMI_HOST_HW_MODE_MAX;
4196 
4197 	init_param.num_band_to_mac = ab->num_radios;
4198 	ath11k_fill_band_to_mac_param(ab, init_param.band_to_mac);
4199 
4200 	return ath11k_init_cmd_send(&wmi_sc->wmi[0], &init_param);
4201 }
4202 
4203 int ath11k_wmi_vdev_spectral_conf(struct ath11k *ar,
4204 				  struct ath11k_wmi_vdev_spectral_conf_param *param)
4205 {
4206 	struct ath11k_wmi_vdev_spectral_conf_cmd *cmd;
4207 	struct sk_buff *skb;
4208 	int ret;
4209 
4210 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
4211 	if (!skb)
4212 		return -ENOMEM;
4213 
4214 	cmd = (struct ath11k_wmi_vdev_spectral_conf_cmd *)skb->data;
4215 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
4216 				     WMI_TAG_VDEV_SPECTRAL_CONFIGURE_CMD) |
4217 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4218 
4219 	memcpy(&cmd->param, param, sizeof(*param));
4220 
4221 	ret = ath11k_wmi_cmd_send(ar->wmi, skb,
4222 				  WMI_VDEV_SPECTRAL_SCAN_CONFIGURE_CMDID);
4223 	if (ret) {
4224 		ath11k_warn(ar->ab,
4225 			    "failed to send spectral scan config wmi cmd\n");
4226 		goto err;
4227 	}
4228 
4229 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
4230 		   "WMI spectral scan config cmd vdev_id 0x%x\n",
4231 		   param->vdev_id);
4232 
4233 	return 0;
4234 err:
4235 	dev_kfree_skb(skb);
4236 	return ret;
4237 }
4238 
4239 int ath11k_wmi_vdev_spectral_enable(struct ath11k *ar, u32 vdev_id,
4240 				    u32 trigger, u32 enable)
4241 {
4242 	struct ath11k_wmi_vdev_spectral_enable_cmd *cmd;
4243 	struct sk_buff *skb;
4244 	int ret;
4245 
4246 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
4247 	if (!skb)
4248 		return -ENOMEM;
4249 
4250 	cmd = (struct ath11k_wmi_vdev_spectral_enable_cmd *)skb->data;
4251 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
4252 				     WMI_TAG_VDEV_SPECTRAL_ENABLE_CMD) |
4253 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4254 
4255 	cmd->vdev_id = vdev_id;
4256 	cmd->trigger_cmd = trigger;
4257 	cmd->enable_cmd = enable;
4258 
4259 	ret = ath11k_wmi_cmd_send(ar->wmi, skb,
4260 				  WMI_VDEV_SPECTRAL_SCAN_ENABLE_CMDID);
4261 	if (ret) {
4262 		ath11k_warn(ar->ab,
4263 			    "failed to send spectral enable wmi cmd\n");
4264 		goto err;
4265 	}
4266 
4267 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
4268 		   "WMI spectral enable cmd vdev id 0x%x\n",
4269 		   vdev_id);
4270 
4271 	return 0;
4272 err:
4273 	dev_kfree_skb(skb);
4274 	return ret;
4275 }
4276 
4277 int ath11k_wmi_pdev_dma_ring_cfg(struct ath11k *ar,
4278 				 struct ath11k_wmi_pdev_dma_ring_cfg_req_cmd *param)
4279 {
4280 	struct ath11k_wmi_pdev_dma_ring_cfg_req_cmd *cmd;
4281 	struct sk_buff *skb;
4282 	int ret;
4283 
4284 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
4285 	if (!skb)
4286 		return -ENOMEM;
4287 
4288 	cmd = (struct ath11k_wmi_pdev_dma_ring_cfg_req_cmd *)skb->data;
4289 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_DMA_RING_CFG_REQ) |
4290 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4291 
4292 	cmd->pdev_id		= param->pdev_id;
4293 	cmd->module_id		= param->module_id;
4294 	cmd->base_paddr_lo	= param->base_paddr_lo;
4295 	cmd->base_paddr_hi	= param->base_paddr_hi;
4296 	cmd->head_idx_paddr_lo	= param->head_idx_paddr_lo;
4297 	cmd->head_idx_paddr_hi	= param->head_idx_paddr_hi;
4298 	cmd->tail_idx_paddr_lo	= param->tail_idx_paddr_lo;
4299 	cmd->tail_idx_paddr_hi	= param->tail_idx_paddr_hi;
4300 	cmd->num_elems		= param->num_elems;
4301 	cmd->buf_size		= param->buf_size;
4302 	cmd->num_resp_per_event	= param->num_resp_per_event;
4303 	cmd->event_timeout_ms	= param->event_timeout_ms;
4304 
4305 	ret = ath11k_wmi_cmd_send(ar->wmi, skb,
4306 				  WMI_PDEV_DMA_RING_CFG_REQ_CMDID);
4307 	if (ret) {
4308 		ath11k_warn(ar->ab,
4309 			    "failed to send dma ring cfg req wmi cmd\n");
4310 		goto err;
4311 	}
4312 
4313 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
4314 		   "WMI DMA ring cfg req cmd pdev_id 0x%x\n",
4315 		   param->pdev_id);
4316 
4317 	return 0;
4318 err:
4319 	dev_kfree_skb(skb);
4320 	return ret;
4321 }
4322 
4323 static int ath11k_wmi_tlv_dma_buf_entry_parse(struct ath11k_base *soc,
4324 					      u16 tag, u16 len,
4325 					      const void *ptr, void *data)
4326 {
4327 	struct wmi_tlv_dma_buf_release_parse *parse = data;
4328 
4329 	if (tag != WMI_TAG_DMA_BUF_RELEASE_ENTRY)
4330 		return -EPROTO;
4331 
4332 	if (parse->num_buf_entry >= parse->fixed.num_buf_release_entry)
4333 		return -ENOBUFS;
4334 
4335 	parse->num_buf_entry++;
4336 	return 0;
4337 }
4338 
4339 static int ath11k_wmi_tlv_dma_buf_meta_parse(struct ath11k_base *soc,
4340 					     u16 tag, u16 len,
4341 					     const void *ptr, void *data)
4342 {
4343 	struct wmi_tlv_dma_buf_release_parse *parse = data;
4344 
4345 	if (tag != WMI_TAG_DMA_BUF_RELEASE_SPECTRAL_META_DATA)
4346 		return -EPROTO;
4347 
4348 	if (parse->num_meta >= parse->fixed.num_meta_data_entry)
4349 		return -ENOBUFS;
4350 
4351 	parse->num_meta++;
4352 	return 0;
4353 }
4354 
4355 static int ath11k_wmi_tlv_dma_buf_parse(struct ath11k_base *ab,
4356 					u16 tag, u16 len,
4357 					const void *ptr, void *data)
4358 {
4359 	struct wmi_tlv_dma_buf_release_parse *parse = data;
4360 	int ret;
4361 
4362 	switch (tag) {
4363 	case WMI_TAG_DMA_BUF_RELEASE:
4364 		memcpy(&parse->fixed, ptr,
4365 		       sizeof(struct ath11k_wmi_dma_buf_release_fixed_param));
4366 		parse->fixed.pdev_id = DP_HW2SW_MACID(parse->fixed.pdev_id);
4367 		break;
4368 	case WMI_TAG_ARRAY_STRUCT:
4369 		if (!parse->buf_entry_done) {
4370 			parse->num_buf_entry = 0;
4371 			parse->buf_entry = (struct wmi_dma_buf_release_entry *)ptr;
4372 
4373 			ret = ath11k_wmi_tlv_iter(ab, ptr, len,
4374 						  ath11k_wmi_tlv_dma_buf_entry_parse,
4375 						  parse);
4376 			if (ret) {
4377 				ath11k_warn(ab, "failed to parse dma buf entry tlv %d\n",
4378 					    ret);
4379 				return ret;
4380 			}
4381 
4382 			parse->buf_entry_done = true;
4383 		} else if (!parse->meta_data_done) {
4384 			parse->num_meta = 0;
4385 			parse->meta_data = (struct wmi_dma_buf_release_meta_data *)ptr;
4386 
4387 			ret = ath11k_wmi_tlv_iter(ab, ptr, len,
4388 						  ath11k_wmi_tlv_dma_buf_meta_parse,
4389 						  parse);
4390 			if (ret) {
4391 				ath11k_warn(ab, "failed to parse dma buf meta tlv %d\n",
4392 					    ret);
4393 				return ret;
4394 			}
4395 
4396 			parse->meta_data_done = true;
4397 		}
4398 		break;
4399 	default:
4400 		break;
4401 	}
4402 	return 0;
4403 }
4404 
4405 static void ath11k_wmi_pdev_dma_ring_buf_release_event(struct ath11k_base *ab,
4406 						       struct sk_buff *skb)
4407 {
4408 	struct wmi_tlv_dma_buf_release_parse parse = { };
4409 	struct ath11k_dbring_buf_release_event param;
4410 	int ret;
4411 
4412 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
4413 				  ath11k_wmi_tlv_dma_buf_parse,
4414 				  &parse);
4415 	if (ret) {
4416 		ath11k_warn(ab, "failed to parse dma buf release tlv %d\n", ret);
4417 		return;
4418 	}
4419 
4420 	param.fixed		= parse.fixed;
4421 	param.buf_entry		= parse.buf_entry;
4422 	param.num_buf_entry	= parse.num_buf_entry;
4423 	param.meta_data		= parse.meta_data;
4424 	param.num_meta		= parse.num_meta;
4425 
4426 	ret = ath11k_dbring_buffer_release_event(ab, &param);
4427 	if (ret) {
4428 		ath11k_warn(ab, "failed to handle dma buf release event %d\n", ret);
4429 		return;
4430 	}
4431 }
4432 
4433 static int ath11k_wmi_tlv_hw_mode_caps_parse(struct ath11k_base *soc,
4434 					     u16 tag, u16 len,
4435 					     const void *ptr, void *data)
4436 {
4437 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4438 	struct wmi_hw_mode_capabilities *hw_mode_cap;
4439 	u32 phy_map = 0;
4440 
4441 	if (tag != WMI_TAG_HW_MODE_CAPABILITIES)
4442 		return -EPROTO;
4443 
4444 	if (svc_rdy_ext->n_hw_mode_caps >= svc_rdy_ext->param.num_hw_modes)
4445 		return -ENOBUFS;
4446 
4447 	hw_mode_cap = container_of(ptr, struct wmi_hw_mode_capabilities,
4448 				   hw_mode_id);
4449 	svc_rdy_ext->n_hw_mode_caps++;
4450 
4451 	phy_map = hw_mode_cap->phy_id_map;
4452 	while (phy_map) {
4453 		svc_rdy_ext->tot_phy_id++;
4454 		phy_map = phy_map >> 1;
4455 	}
4456 
4457 	return 0;
4458 }
4459 
4460 static int ath11k_wmi_tlv_hw_mode_caps(struct ath11k_base *soc,
4461 				       u16 len, const void *ptr, void *data)
4462 {
4463 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4464 	struct wmi_hw_mode_capabilities *hw_mode_caps;
4465 	enum wmi_host_hw_mode_config_type mode, pref;
4466 	u32 i;
4467 	int ret;
4468 
4469 	svc_rdy_ext->n_hw_mode_caps = 0;
4470 	svc_rdy_ext->hw_mode_caps = (struct wmi_hw_mode_capabilities *)ptr;
4471 
4472 	ret = ath11k_wmi_tlv_iter(soc, ptr, len,
4473 				  ath11k_wmi_tlv_hw_mode_caps_parse,
4474 				  svc_rdy_ext);
4475 	if (ret) {
4476 		ath11k_warn(soc, "failed to parse tlv %d\n", ret);
4477 		return ret;
4478 	}
4479 
4480 	i = 0;
4481 	while (i < svc_rdy_ext->n_hw_mode_caps) {
4482 		hw_mode_caps = &svc_rdy_ext->hw_mode_caps[i];
4483 		mode = hw_mode_caps->hw_mode_id;
4484 		pref = soc->wmi_ab.preferred_hw_mode;
4485 
4486 		if (ath11k_hw_mode_pri_map[mode] < ath11k_hw_mode_pri_map[pref]) {
4487 			svc_rdy_ext->pref_hw_mode_caps = *hw_mode_caps;
4488 			soc->wmi_ab.preferred_hw_mode = mode;
4489 		}
4490 		i++;
4491 	}
4492 
4493 	ath11k_dbg(soc, ATH11K_DBG_WMI, "preferred_hw_mode:%d\n",
4494 		   soc->wmi_ab.preferred_hw_mode);
4495 	if (soc->wmi_ab.preferred_hw_mode == WMI_HOST_HW_MODE_MAX)
4496 		return -EINVAL;
4497 
4498 	return 0;
4499 }
4500 
4501 static int ath11k_wmi_tlv_mac_phy_caps_parse(struct ath11k_base *soc,
4502 					     u16 tag, u16 len,
4503 					     const void *ptr, void *data)
4504 {
4505 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4506 
4507 	if (tag != WMI_TAG_MAC_PHY_CAPABILITIES)
4508 		return -EPROTO;
4509 
4510 	if (svc_rdy_ext->n_mac_phy_caps >= svc_rdy_ext->tot_phy_id)
4511 		return -ENOBUFS;
4512 
4513 	len = min_t(u16, len, sizeof(struct wmi_mac_phy_capabilities));
4514 	if (!svc_rdy_ext->n_mac_phy_caps) {
4515 		svc_rdy_ext->mac_phy_caps = kcalloc(svc_rdy_ext->tot_phy_id,
4516 						    len, GFP_ATOMIC);
4517 		if (!svc_rdy_ext->mac_phy_caps)
4518 			return -ENOMEM;
4519 	}
4520 
4521 	memcpy(svc_rdy_ext->mac_phy_caps + svc_rdy_ext->n_mac_phy_caps, ptr, len);
4522 	svc_rdy_ext->n_mac_phy_caps++;
4523 	return 0;
4524 }
4525 
4526 static int ath11k_wmi_tlv_ext_hal_reg_caps_parse(struct ath11k_base *soc,
4527 						 u16 tag, u16 len,
4528 						 const void *ptr, void *data)
4529 {
4530 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4531 
4532 	if (tag != WMI_TAG_HAL_REG_CAPABILITIES_EXT)
4533 		return -EPROTO;
4534 
4535 	if (svc_rdy_ext->n_ext_hal_reg_caps >= svc_rdy_ext->param.num_phy)
4536 		return -ENOBUFS;
4537 
4538 	svc_rdy_ext->n_ext_hal_reg_caps++;
4539 	return 0;
4540 }
4541 
4542 static int ath11k_wmi_tlv_ext_hal_reg_caps(struct ath11k_base *soc,
4543 					   u16 len, const void *ptr, void *data)
4544 {
4545 	struct ath11k_pdev_wmi *wmi_handle = &soc->wmi_ab.wmi[0];
4546 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4547 	struct ath11k_hal_reg_capabilities_ext reg_cap;
4548 	int ret;
4549 	u32 i;
4550 
4551 	svc_rdy_ext->n_ext_hal_reg_caps = 0;
4552 	svc_rdy_ext->ext_hal_reg_caps = (struct wmi_hal_reg_capabilities_ext *)ptr;
4553 	ret = ath11k_wmi_tlv_iter(soc, ptr, len,
4554 				  ath11k_wmi_tlv_ext_hal_reg_caps_parse,
4555 				  svc_rdy_ext);
4556 	if (ret) {
4557 		ath11k_warn(soc, "failed to parse tlv %d\n", ret);
4558 		return ret;
4559 	}
4560 
4561 	for (i = 0; i < svc_rdy_ext->param.num_phy; i++) {
4562 		ret = ath11k_pull_reg_cap_svc_rdy_ext(wmi_handle,
4563 						      svc_rdy_ext->soc_hal_reg_caps,
4564 						      svc_rdy_ext->ext_hal_reg_caps, i,
4565 						      &reg_cap);
4566 		if (ret) {
4567 			ath11k_warn(soc, "failed to extract reg cap %d\n", i);
4568 			return ret;
4569 		}
4570 
4571 		memcpy(&soc->hal_reg_cap[reg_cap.phy_id],
4572 		       &reg_cap, sizeof(reg_cap));
4573 	}
4574 	return 0;
4575 }
4576 
4577 static int ath11k_wmi_tlv_ext_soc_hal_reg_caps_parse(struct ath11k_base *soc,
4578 						     u16 len, const void *ptr,
4579 						     void *data)
4580 {
4581 	struct ath11k_pdev_wmi *wmi_handle = &soc->wmi_ab.wmi[0];
4582 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4583 	u8 hw_mode_id = svc_rdy_ext->pref_hw_mode_caps.hw_mode_id;
4584 	u32 phy_id_map;
4585 	int pdev_index = 0;
4586 	int ret;
4587 
4588 	svc_rdy_ext->soc_hal_reg_caps = (struct wmi_soc_hal_reg_capabilities *)ptr;
4589 	svc_rdy_ext->param.num_phy = svc_rdy_ext->soc_hal_reg_caps->num_phy;
4590 
4591 	soc->num_radios = 0;
4592 	soc->target_pdev_count = 0;
4593 	phy_id_map = svc_rdy_ext->pref_hw_mode_caps.phy_id_map;
4594 
4595 	while (phy_id_map && soc->num_radios < MAX_RADIOS) {
4596 		ret = ath11k_pull_mac_phy_cap_svc_ready_ext(wmi_handle,
4597 							    svc_rdy_ext->hw_caps,
4598 							    svc_rdy_ext->hw_mode_caps,
4599 							    svc_rdy_ext->soc_hal_reg_caps,
4600 							    svc_rdy_ext->mac_phy_caps,
4601 							    hw_mode_id, soc->num_radios,
4602 							    &soc->pdevs[pdev_index]);
4603 		if (ret) {
4604 			ath11k_warn(soc, "failed to extract mac caps, idx :%d\n",
4605 				    soc->num_radios);
4606 			return ret;
4607 		}
4608 
4609 		soc->num_radios++;
4610 
4611 		/* For QCA6390, save mac_phy capability in the same pdev */
4612 		if (soc->hw_params.single_pdev_only)
4613 			pdev_index = 0;
4614 		else
4615 			pdev_index = soc->num_radios;
4616 
4617 		/* TODO: mac_phy_cap prints */
4618 		phy_id_map >>= 1;
4619 	}
4620 
4621 	/* For QCA6390, set num_radios to 1 because host manages
4622 	 * both 2G and 5G radio in one pdev.
4623 	 * Set pdev_id = 0 and 0 means soc level.
4624 	 */
4625 	if (soc->hw_params.single_pdev_only) {
4626 		soc->num_radios = 1;
4627 		soc->pdevs[0].pdev_id = 0;
4628 	}
4629 
4630 	return 0;
4631 }
4632 
4633 static int ath11k_wmi_tlv_dma_ring_caps_parse(struct ath11k_base *soc,
4634 					      u16 tag, u16 len,
4635 					      const void *ptr, void *data)
4636 {
4637 	struct wmi_tlv_dma_ring_caps_parse *parse = data;
4638 
4639 	if (tag != WMI_TAG_DMA_RING_CAPABILITIES)
4640 		return -EPROTO;
4641 
4642 	parse->n_dma_ring_caps++;
4643 	return 0;
4644 }
4645 
4646 static int ath11k_wmi_alloc_dbring_caps(struct ath11k_base *ab,
4647 					u32 num_cap)
4648 {
4649 	size_t sz;
4650 	void *ptr;
4651 
4652 	sz = num_cap * sizeof(struct ath11k_dbring_cap);
4653 	ptr = kzalloc(sz, GFP_ATOMIC);
4654 	if (!ptr)
4655 		return -ENOMEM;
4656 
4657 	ab->db_caps = ptr;
4658 	ab->num_db_cap = num_cap;
4659 
4660 	return 0;
4661 }
4662 
4663 static void ath11k_wmi_free_dbring_caps(struct ath11k_base *ab)
4664 {
4665 	kfree(ab->db_caps);
4666 	ab->db_caps = NULL;
4667 }
4668 
4669 static int ath11k_wmi_tlv_dma_ring_caps(struct ath11k_base *ab,
4670 					u16 len, const void *ptr, void *data)
4671 {
4672 	struct wmi_tlv_dma_ring_caps_parse *dma_caps_parse = data;
4673 	struct wmi_dma_ring_capabilities *dma_caps;
4674 	struct ath11k_dbring_cap *dir_buff_caps;
4675 	int ret;
4676 	u32 i;
4677 
4678 	dma_caps_parse->n_dma_ring_caps = 0;
4679 	dma_caps = (struct wmi_dma_ring_capabilities *)ptr;
4680 	ret = ath11k_wmi_tlv_iter(ab, ptr, len,
4681 				  ath11k_wmi_tlv_dma_ring_caps_parse,
4682 				  dma_caps_parse);
4683 	if (ret) {
4684 		ath11k_warn(ab, "failed to parse dma ring caps tlv %d\n", ret);
4685 		return ret;
4686 	}
4687 
4688 	if (!dma_caps_parse->n_dma_ring_caps)
4689 		return 0;
4690 
4691 	if (ab->num_db_cap) {
4692 		ath11k_warn(ab, "Already processed, so ignoring dma ring caps\n");
4693 		return 0;
4694 	}
4695 
4696 	ret = ath11k_wmi_alloc_dbring_caps(ab, dma_caps_parse->n_dma_ring_caps);
4697 	if (ret)
4698 		return ret;
4699 
4700 	dir_buff_caps = ab->db_caps;
4701 	for (i = 0; i < dma_caps_parse->n_dma_ring_caps; i++) {
4702 		if (dma_caps[i].module_id >= WMI_DIRECT_BUF_MAX) {
4703 			ath11k_warn(ab, "Invalid module id %d\n", dma_caps[i].module_id);
4704 			ret = -EINVAL;
4705 			goto free_dir_buff;
4706 		}
4707 
4708 		dir_buff_caps[i].id = dma_caps[i].module_id;
4709 		dir_buff_caps[i].pdev_id = DP_HW2SW_MACID(dma_caps[i].pdev_id);
4710 		dir_buff_caps[i].min_elem = dma_caps[i].min_elem;
4711 		dir_buff_caps[i].min_buf_sz = dma_caps[i].min_buf_sz;
4712 		dir_buff_caps[i].min_buf_align = dma_caps[i].min_buf_align;
4713 	}
4714 
4715 	return 0;
4716 
4717 free_dir_buff:
4718 	ath11k_wmi_free_dbring_caps(ab);
4719 	return ret;
4720 }
4721 
4722 static int ath11k_wmi_tlv_svc_rdy_ext_parse(struct ath11k_base *ab,
4723 					    u16 tag, u16 len,
4724 					    const void *ptr, void *data)
4725 {
4726 	struct ath11k_pdev_wmi *wmi_handle = &ab->wmi_ab.wmi[0];
4727 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4728 	int ret;
4729 
4730 	switch (tag) {
4731 	case WMI_TAG_SERVICE_READY_EXT_EVENT:
4732 		ret = ath11k_pull_svc_ready_ext(wmi_handle, ptr,
4733 						&svc_rdy_ext->param);
4734 		if (ret) {
4735 			ath11k_warn(ab, "unable to extract ext params\n");
4736 			return ret;
4737 		}
4738 		break;
4739 
4740 	case WMI_TAG_SOC_MAC_PHY_HW_MODE_CAPS:
4741 		svc_rdy_ext->hw_caps = (struct wmi_soc_mac_phy_hw_mode_caps *)ptr;
4742 		svc_rdy_ext->param.num_hw_modes = svc_rdy_ext->hw_caps->num_hw_modes;
4743 		break;
4744 
4745 	case WMI_TAG_SOC_HAL_REG_CAPABILITIES:
4746 		ret = ath11k_wmi_tlv_ext_soc_hal_reg_caps_parse(ab, len, ptr,
4747 								svc_rdy_ext);
4748 		if (ret)
4749 			return ret;
4750 		break;
4751 
4752 	case WMI_TAG_ARRAY_STRUCT:
4753 		if (!svc_rdy_ext->hw_mode_done) {
4754 			ret = ath11k_wmi_tlv_hw_mode_caps(ab, len, ptr,
4755 							  svc_rdy_ext);
4756 			if (ret)
4757 				return ret;
4758 
4759 			svc_rdy_ext->hw_mode_done = true;
4760 		} else if (!svc_rdy_ext->mac_phy_done) {
4761 			svc_rdy_ext->n_mac_phy_caps = 0;
4762 			ret = ath11k_wmi_tlv_iter(ab, ptr, len,
4763 						  ath11k_wmi_tlv_mac_phy_caps_parse,
4764 						  svc_rdy_ext);
4765 			if (ret) {
4766 				ath11k_warn(ab, "failed to parse tlv %d\n", ret);
4767 				return ret;
4768 			}
4769 
4770 			svc_rdy_ext->mac_phy_done = true;
4771 		} else if (!svc_rdy_ext->ext_hal_reg_done) {
4772 			ret = ath11k_wmi_tlv_ext_hal_reg_caps(ab, len, ptr,
4773 							      svc_rdy_ext);
4774 			if (ret)
4775 				return ret;
4776 
4777 			svc_rdy_ext->ext_hal_reg_done = true;
4778 		} else if (!svc_rdy_ext->mac_phy_chainmask_combo_done) {
4779 			svc_rdy_ext->mac_phy_chainmask_combo_done = true;
4780 		} else if (!svc_rdy_ext->mac_phy_chainmask_cap_done) {
4781 			svc_rdy_ext->mac_phy_chainmask_cap_done = true;
4782 		} else if (!svc_rdy_ext->oem_dma_ring_cap_done) {
4783 			svc_rdy_ext->oem_dma_ring_cap_done = true;
4784 		} else if (!svc_rdy_ext->dma_ring_cap_done) {
4785 			ret = ath11k_wmi_tlv_dma_ring_caps(ab, len, ptr,
4786 							   &svc_rdy_ext->dma_caps_parse);
4787 			if (ret)
4788 				return ret;
4789 
4790 			svc_rdy_ext->dma_ring_cap_done = true;
4791 		}
4792 		break;
4793 
4794 	default:
4795 		break;
4796 	}
4797 	return 0;
4798 }
4799 
4800 static int ath11k_service_ready_ext_event(struct ath11k_base *ab,
4801 					  struct sk_buff *skb)
4802 {
4803 	struct wmi_tlv_svc_rdy_ext_parse svc_rdy_ext = { };
4804 	int ret;
4805 
4806 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
4807 				  ath11k_wmi_tlv_svc_rdy_ext_parse,
4808 				  &svc_rdy_ext);
4809 	if (ret) {
4810 		ath11k_warn(ab, "failed to parse tlv %d\n", ret);
4811 		goto err;
4812 	}
4813 
4814 	if (!test_bit(WMI_TLV_SERVICE_EXT2_MSG, ab->wmi_ab.svc_map))
4815 		complete(&ab->wmi_ab.service_ready);
4816 
4817 	kfree(svc_rdy_ext.mac_phy_caps);
4818 	return 0;
4819 
4820 err:
4821 	ath11k_wmi_free_dbring_caps(ab);
4822 	return ret;
4823 }
4824 
4825 static int ath11k_wmi_tlv_svc_rdy_ext2_parse(struct ath11k_base *ab,
4826 					     u16 tag, u16 len,
4827 					     const void *ptr, void *data)
4828 {
4829 	struct wmi_tlv_svc_rdy_ext2_parse *parse = data;
4830 	int ret;
4831 
4832 	switch (tag) {
4833 	case WMI_TAG_ARRAY_STRUCT:
4834 		if (!parse->dma_ring_cap_done) {
4835 			ret = ath11k_wmi_tlv_dma_ring_caps(ab, len, ptr,
4836 							   &parse->dma_caps_parse);
4837 			if (ret)
4838 				return ret;
4839 
4840 			parse->dma_ring_cap_done = true;
4841 		}
4842 		break;
4843 	default:
4844 		break;
4845 	}
4846 
4847 	return 0;
4848 }
4849 
4850 static int ath11k_service_ready_ext2_event(struct ath11k_base *ab,
4851 					   struct sk_buff *skb)
4852 {
4853 	struct wmi_tlv_svc_rdy_ext2_parse svc_rdy_ext2 = { };
4854 	int ret;
4855 
4856 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
4857 				  ath11k_wmi_tlv_svc_rdy_ext2_parse,
4858 				  &svc_rdy_ext2);
4859 	if (ret) {
4860 		ath11k_warn(ab, "failed to parse ext2 event tlv %d\n", ret);
4861 		goto err;
4862 	}
4863 
4864 	complete(&ab->wmi_ab.service_ready);
4865 
4866 	return 0;
4867 
4868 err:
4869 	ath11k_wmi_free_dbring_caps(ab);
4870 	return ret;
4871 }
4872 
4873 static int ath11k_pull_vdev_start_resp_tlv(struct ath11k_base *ab, struct sk_buff *skb,
4874 					   struct wmi_vdev_start_resp_event *vdev_rsp)
4875 {
4876 	const void **tb;
4877 	const struct wmi_vdev_start_resp_event *ev;
4878 	int ret;
4879 
4880 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4881 	if (IS_ERR(tb)) {
4882 		ret = PTR_ERR(tb);
4883 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
4884 		return ret;
4885 	}
4886 
4887 	ev = tb[WMI_TAG_VDEV_START_RESPONSE_EVENT];
4888 	if (!ev) {
4889 		ath11k_warn(ab, "failed to fetch vdev start resp ev");
4890 		kfree(tb);
4891 		return -EPROTO;
4892 	}
4893 
4894 	memset(vdev_rsp, 0, sizeof(*vdev_rsp));
4895 
4896 	vdev_rsp->vdev_id = ev->vdev_id;
4897 	vdev_rsp->requestor_id = ev->requestor_id;
4898 	vdev_rsp->resp_type = ev->resp_type;
4899 	vdev_rsp->status = ev->status;
4900 	vdev_rsp->chain_mask = ev->chain_mask;
4901 	vdev_rsp->smps_mode = ev->smps_mode;
4902 	vdev_rsp->mac_id = ev->mac_id;
4903 	vdev_rsp->cfgd_tx_streams = ev->cfgd_tx_streams;
4904 	vdev_rsp->cfgd_rx_streams = ev->cfgd_rx_streams;
4905 
4906 	kfree(tb);
4907 	return 0;
4908 }
4909 
4910 static struct cur_reg_rule
4911 *create_reg_rules_from_wmi(u32 num_reg_rules,
4912 			   struct wmi_regulatory_rule_struct *wmi_reg_rule)
4913 {
4914 	struct cur_reg_rule *reg_rule_ptr;
4915 	u32 count;
4916 
4917 	reg_rule_ptr = kcalloc(num_reg_rules, sizeof(*reg_rule_ptr),
4918 			       GFP_ATOMIC);
4919 
4920 	if (!reg_rule_ptr)
4921 		return NULL;
4922 
4923 	for (count = 0; count < num_reg_rules; count++) {
4924 		reg_rule_ptr[count].start_freq =
4925 			FIELD_GET(REG_RULE_START_FREQ,
4926 				  wmi_reg_rule[count].freq_info);
4927 		reg_rule_ptr[count].end_freq =
4928 			FIELD_GET(REG_RULE_END_FREQ,
4929 				  wmi_reg_rule[count].freq_info);
4930 		reg_rule_ptr[count].max_bw =
4931 			FIELD_GET(REG_RULE_MAX_BW,
4932 				  wmi_reg_rule[count].bw_pwr_info);
4933 		reg_rule_ptr[count].reg_power =
4934 			FIELD_GET(REG_RULE_REG_PWR,
4935 				  wmi_reg_rule[count].bw_pwr_info);
4936 		reg_rule_ptr[count].ant_gain =
4937 			FIELD_GET(REG_RULE_ANT_GAIN,
4938 				  wmi_reg_rule[count].bw_pwr_info);
4939 		reg_rule_ptr[count].flags =
4940 			FIELD_GET(REG_RULE_FLAGS,
4941 				  wmi_reg_rule[count].flag_info);
4942 	}
4943 
4944 	return reg_rule_ptr;
4945 }
4946 
4947 static int ath11k_pull_reg_chan_list_update_ev(struct ath11k_base *ab,
4948 					       struct sk_buff *skb,
4949 					       struct cur_regulatory_info *reg_info)
4950 {
4951 	const void **tb;
4952 	const struct wmi_reg_chan_list_cc_event *chan_list_event_hdr;
4953 	struct wmi_regulatory_rule_struct *wmi_reg_rule;
4954 	u32 num_2g_reg_rules, num_5g_reg_rules;
4955 	int ret;
4956 
4957 	ath11k_dbg(ab, ATH11K_DBG_WMI, "processing regulatory channel list\n");
4958 
4959 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4960 	if (IS_ERR(tb)) {
4961 		ret = PTR_ERR(tb);
4962 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
4963 		return ret;
4964 	}
4965 
4966 	chan_list_event_hdr = tb[WMI_TAG_REG_CHAN_LIST_CC_EVENT];
4967 	if (!chan_list_event_hdr) {
4968 		ath11k_warn(ab, "failed to fetch reg chan list update ev\n");
4969 		kfree(tb);
4970 		return -EPROTO;
4971 	}
4972 
4973 	reg_info->num_2g_reg_rules = chan_list_event_hdr->num_2g_reg_rules;
4974 	reg_info->num_5g_reg_rules = chan_list_event_hdr->num_5g_reg_rules;
4975 
4976 	if (!(reg_info->num_2g_reg_rules + reg_info->num_5g_reg_rules)) {
4977 		ath11k_warn(ab, "No regulatory rules available in the event info\n");
4978 		kfree(tb);
4979 		return -EINVAL;
4980 	}
4981 
4982 	memcpy(reg_info->alpha2, &chan_list_event_hdr->alpha2,
4983 	       REG_ALPHA2_LEN);
4984 	reg_info->dfs_region = chan_list_event_hdr->dfs_region;
4985 	reg_info->phybitmap = chan_list_event_hdr->phybitmap;
4986 	reg_info->num_phy = chan_list_event_hdr->num_phy;
4987 	reg_info->phy_id = chan_list_event_hdr->phy_id;
4988 	reg_info->ctry_code = chan_list_event_hdr->country_id;
4989 	reg_info->reg_dmn_pair = chan_list_event_hdr->domain_code;
4990 	if (chan_list_event_hdr->status_code == WMI_REG_SET_CC_STATUS_PASS)
4991 		reg_info->status_code = REG_SET_CC_STATUS_PASS;
4992 	else if (chan_list_event_hdr->status_code == WMI_REG_CURRENT_ALPHA2_NOT_FOUND)
4993 		reg_info->status_code = REG_CURRENT_ALPHA2_NOT_FOUND;
4994 	else if (chan_list_event_hdr->status_code == WMI_REG_INIT_ALPHA2_NOT_FOUND)
4995 		reg_info->status_code = REG_INIT_ALPHA2_NOT_FOUND;
4996 	else if (chan_list_event_hdr->status_code == WMI_REG_SET_CC_CHANGE_NOT_ALLOWED)
4997 		reg_info->status_code = REG_SET_CC_CHANGE_NOT_ALLOWED;
4998 	else if (chan_list_event_hdr->status_code == WMI_REG_SET_CC_STATUS_NO_MEMORY)
4999 		reg_info->status_code = REG_SET_CC_STATUS_NO_MEMORY;
5000 	else if (chan_list_event_hdr->status_code == WMI_REG_SET_CC_STATUS_FAIL)
5001 		reg_info->status_code = REG_SET_CC_STATUS_FAIL;
5002 
5003 	reg_info->min_bw_2g = chan_list_event_hdr->min_bw_2g;
5004 	reg_info->max_bw_2g = chan_list_event_hdr->max_bw_2g;
5005 	reg_info->min_bw_5g = chan_list_event_hdr->min_bw_5g;
5006 	reg_info->max_bw_5g = chan_list_event_hdr->max_bw_5g;
5007 
5008 	num_2g_reg_rules = reg_info->num_2g_reg_rules;
5009 	num_5g_reg_rules = reg_info->num_5g_reg_rules;
5010 
5011 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5012 		   "%s:cc %s dsf %d BW: min_2g %d max_2g %d min_5g %d max_5g %d",
5013 		   __func__, reg_info->alpha2, reg_info->dfs_region,
5014 		   reg_info->min_bw_2g, reg_info->max_bw_2g,
5015 		   reg_info->min_bw_5g, reg_info->max_bw_5g);
5016 
5017 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5018 		   "%s: num_2g_reg_rules %d num_5g_reg_rules %d", __func__,
5019 		   num_2g_reg_rules, num_5g_reg_rules);
5020 
5021 	wmi_reg_rule =
5022 		(struct wmi_regulatory_rule_struct *)((u8 *)chan_list_event_hdr
5023 						+ sizeof(*chan_list_event_hdr)
5024 						+ sizeof(struct wmi_tlv));
5025 
5026 	if (num_2g_reg_rules) {
5027 		reg_info->reg_rules_2g_ptr = create_reg_rules_from_wmi(num_2g_reg_rules,
5028 								       wmi_reg_rule);
5029 		if (!reg_info->reg_rules_2g_ptr) {
5030 			kfree(tb);
5031 			ath11k_warn(ab, "Unable to Allocate memory for 2g rules\n");
5032 			return -ENOMEM;
5033 		}
5034 	}
5035 
5036 	if (num_5g_reg_rules) {
5037 		wmi_reg_rule += num_2g_reg_rules;
5038 		reg_info->reg_rules_5g_ptr = create_reg_rules_from_wmi(num_5g_reg_rules,
5039 								       wmi_reg_rule);
5040 		if (!reg_info->reg_rules_5g_ptr) {
5041 			kfree(tb);
5042 			ath11k_warn(ab, "Unable to Allocate memory for 5g rules\n");
5043 			return -ENOMEM;
5044 		}
5045 	}
5046 
5047 	ath11k_dbg(ab, ATH11K_DBG_WMI, "processed regulatory channel list\n");
5048 
5049 	kfree(tb);
5050 	return 0;
5051 }
5052 
5053 static int ath11k_pull_peer_del_resp_ev(struct ath11k_base *ab, struct sk_buff *skb,
5054 					struct wmi_peer_delete_resp_event *peer_del_resp)
5055 {
5056 	const void **tb;
5057 	const struct wmi_peer_delete_resp_event *ev;
5058 	int ret;
5059 
5060 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5061 	if (IS_ERR(tb)) {
5062 		ret = PTR_ERR(tb);
5063 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5064 		return ret;
5065 	}
5066 
5067 	ev = tb[WMI_TAG_PEER_DELETE_RESP_EVENT];
5068 	if (!ev) {
5069 		ath11k_warn(ab, "failed to fetch peer delete resp ev");
5070 		kfree(tb);
5071 		return -EPROTO;
5072 	}
5073 
5074 	memset(peer_del_resp, 0, sizeof(*peer_del_resp));
5075 
5076 	peer_del_resp->vdev_id = ev->vdev_id;
5077 	ether_addr_copy(peer_del_resp->peer_macaddr.addr,
5078 			ev->peer_macaddr.addr);
5079 
5080 	kfree(tb);
5081 	return 0;
5082 }
5083 
5084 static int ath11k_pull_vdev_del_resp_ev(struct ath11k_base *ab,
5085 					struct sk_buff *skb,
5086 					u32 *vdev_id)
5087 {
5088 	const void **tb;
5089 	const struct wmi_vdev_delete_resp_event *ev;
5090 	int ret;
5091 
5092 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5093 	if (IS_ERR(tb)) {
5094 		ret = PTR_ERR(tb);
5095 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5096 		return ret;
5097 	}
5098 
5099 	ev = tb[WMI_TAG_VDEV_DELETE_RESP_EVENT];
5100 	if (!ev) {
5101 		ath11k_warn(ab, "failed to fetch vdev delete resp ev");
5102 		kfree(tb);
5103 		return -EPROTO;
5104 	}
5105 
5106 	*vdev_id = ev->vdev_id;
5107 
5108 	kfree(tb);
5109 	return 0;
5110 }
5111 
5112 static int ath11k_pull_bcn_tx_status_ev(struct ath11k_base *ab, void *evt_buf,
5113 					u32 len, u32 *vdev_id,
5114 					u32 *tx_status)
5115 {
5116 	const void **tb;
5117 	const struct wmi_bcn_tx_status_event *ev;
5118 	int ret;
5119 
5120 	tb = ath11k_wmi_tlv_parse_alloc(ab, evt_buf, len, GFP_ATOMIC);
5121 	if (IS_ERR(tb)) {
5122 		ret = PTR_ERR(tb);
5123 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5124 		return ret;
5125 	}
5126 
5127 	ev = tb[WMI_TAG_OFFLOAD_BCN_TX_STATUS_EVENT];
5128 	if (!ev) {
5129 		ath11k_warn(ab, "failed to fetch bcn tx status ev");
5130 		kfree(tb);
5131 		return -EPROTO;
5132 	}
5133 
5134 	*vdev_id   = ev->vdev_id;
5135 	*tx_status = ev->tx_status;
5136 
5137 	kfree(tb);
5138 	return 0;
5139 }
5140 
5141 static int ath11k_pull_vdev_stopped_param_tlv(struct ath11k_base *ab, struct sk_buff *skb,
5142 					      u32 *vdev_id)
5143 {
5144 	const void **tb;
5145 	const struct wmi_vdev_stopped_event *ev;
5146 	int ret;
5147 
5148 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5149 	if (IS_ERR(tb)) {
5150 		ret = PTR_ERR(tb);
5151 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5152 		return ret;
5153 	}
5154 
5155 	ev = tb[WMI_TAG_VDEV_STOPPED_EVENT];
5156 	if (!ev) {
5157 		ath11k_warn(ab, "failed to fetch vdev stop ev");
5158 		kfree(tb);
5159 		return -EPROTO;
5160 	}
5161 
5162 	*vdev_id =  ev->vdev_id;
5163 
5164 	kfree(tb);
5165 	return 0;
5166 }
5167 
5168 static int ath11k_pull_mgmt_rx_params_tlv(struct ath11k_base *ab,
5169 					  struct sk_buff *skb,
5170 					  struct mgmt_rx_event_params *hdr)
5171 {
5172 	const void **tb;
5173 	const struct wmi_mgmt_rx_hdr *ev;
5174 	const u8 *frame;
5175 	int ret;
5176 
5177 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5178 	if (IS_ERR(tb)) {
5179 		ret = PTR_ERR(tb);
5180 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5181 		return ret;
5182 	}
5183 
5184 	ev = tb[WMI_TAG_MGMT_RX_HDR];
5185 	frame = tb[WMI_TAG_ARRAY_BYTE];
5186 
5187 	if (!ev || !frame) {
5188 		ath11k_warn(ab, "failed to fetch mgmt rx hdr");
5189 		kfree(tb);
5190 		return -EPROTO;
5191 	}
5192 
5193 	hdr->pdev_id =  ev->pdev_id;
5194 	hdr->chan_freq = ev->chan_freq;
5195 	hdr->channel =  ev->channel;
5196 	hdr->snr =  ev->snr;
5197 	hdr->rate =  ev->rate;
5198 	hdr->phy_mode =  ev->phy_mode;
5199 	hdr->buf_len =  ev->buf_len;
5200 	hdr->status =  ev->status;
5201 	hdr->flags =  ev->flags;
5202 	hdr->rssi =  ev->rssi;
5203 	hdr->tsf_delta =  ev->tsf_delta;
5204 	memcpy(hdr->rssi_ctl, ev->rssi_ctl, sizeof(hdr->rssi_ctl));
5205 
5206 	if (skb->len < (frame - skb->data) + hdr->buf_len) {
5207 		ath11k_warn(ab, "invalid length in mgmt rx hdr ev");
5208 		kfree(tb);
5209 		return -EPROTO;
5210 	}
5211 
5212 	/* shift the sk_buff to point to `frame` */
5213 	skb_trim(skb, 0);
5214 	skb_put(skb, frame - skb->data);
5215 	skb_pull(skb, frame - skb->data);
5216 	skb_put(skb, hdr->buf_len);
5217 
5218 	ath11k_ce_byte_swap(skb->data, hdr->buf_len);
5219 
5220 	kfree(tb);
5221 	return 0;
5222 }
5223 
5224 static int wmi_process_mgmt_tx_comp(struct ath11k *ar, u32 desc_id,
5225 				    u32 status)
5226 {
5227 	struct sk_buff *msdu;
5228 	struct ieee80211_tx_info *info;
5229 	struct ath11k_skb_cb *skb_cb;
5230 	int num_mgmt;
5231 
5232 	spin_lock_bh(&ar->txmgmt_idr_lock);
5233 	msdu = idr_find(&ar->txmgmt_idr, desc_id);
5234 
5235 	if (!msdu) {
5236 		ath11k_warn(ar->ab, "received mgmt tx compl for invalid msdu_id: %d\n",
5237 			    desc_id);
5238 		spin_unlock_bh(&ar->txmgmt_idr_lock);
5239 		return -ENOENT;
5240 	}
5241 
5242 	idr_remove(&ar->txmgmt_idr, desc_id);
5243 	spin_unlock_bh(&ar->txmgmt_idr_lock);
5244 
5245 	skb_cb = ATH11K_SKB_CB(msdu);
5246 	dma_unmap_single(ar->ab->dev, skb_cb->paddr, msdu->len, DMA_TO_DEVICE);
5247 
5248 	info = IEEE80211_SKB_CB(msdu);
5249 	if ((!(info->flags & IEEE80211_TX_CTL_NO_ACK)) && !status)
5250 		info->flags |= IEEE80211_TX_STAT_ACK;
5251 
5252 	ieee80211_tx_status_irqsafe(ar->hw, msdu);
5253 
5254 	num_mgmt = atomic_dec_if_positive(&ar->num_pending_mgmt_tx);
5255 
5256 	/* WARN when we received this event without doing any mgmt tx */
5257 	if (num_mgmt < 0)
5258 		WARN_ON_ONCE(1);
5259 
5260 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
5261 		   "wmi mgmt tx comp pending %d desc id %d\n",
5262 		   num_mgmt, desc_id);
5263 
5264 	if (!num_mgmt)
5265 		wake_up(&ar->txmgmt_empty_waitq);
5266 
5267 	return 0;
5268 }
5269 
5270 static int ath11k_pull_mgmt_tx_compl_param_tlv(struct ath11k_base *ab,
5271 					       struct sk_buff *skb,
5272 					       struct wmi_mgmt_tx_compl_event *param)
5273 {
5274 	const void **tb;
5275 	const struct wmi_mgmt_tx_compl_event *ev;
5276 	int ret;
5277 
5278 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5279 	if (IS_ERR(tb)) {
5280 		ret = PTR_ERR(tb);
5281 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5282 		return ret;
5283 	}
5284 
5285 	ev = tb[WMI_TAG_MGMT_TX_COMPL_EVENT];
5286 	if (!ev) {
5287 		ath11k_warn(ab, "failed to fetch mgmt tx compl ev");
5288 		kfree(tb);
5289 		return -EPROTO;
5290 	}
5291 
5292 	param->pdev_id = ev->pdev_id;
5293 	param->desc_id = ev->desc_id;
5294 	param->status = ev->status;
5295 
5296 	kfree(tb);
5297 	return 0;
5298 }
5299 
5300 static void ath11k_wmi_event_scan_started(struct ath11k *ar)
5301 {
5302 	lockdep_assert_held(&ar->data_lock);
5303 
5304 	switch (ar->scan.state) {
5305 	case ATH11K_SCAN_IDLE:
5306 	case ATH11K_SCAN_RUNNING:
5307 	case ATH11K_SCAN_ABORTING:
5308 		ath11k_warn(ar->ab, "received scan started event in an invalid scan state: %s (%d)\n",
5309 			    ath11k_scan_state_str(ar->scan.state),
5310 			    ar->scan.state);
5311 		break;
5312 	case ATH11K_SCAN_STARTING:
5313 		ar->scan.state = ATH11K_SCAN_RUNNING;
5314 		if (ar->scan.is_roc)
5315 			ieee80211_ready_on_channel(ar->hw);
5316 		complete(&ar->scan.started);
5317 		break;
5318 	}
5319 }
5320 
5321 static void ath11k_wmi_event_scan_start_failed(struct ath11k *ar)
5322 {
5323 	lockdep_assert_held(&ar->data_lock);
5324 
5325 	switch (ar->scan.state) {
5326 	case ATH11K_SCAN_IDLE:
5327 	case ATH11K_SCAN_RUNNING:
5328 	case ATH11K_SCAN_ABORTING:
5329 		ath11k_warn(ar->ab, "received scan start failed event in an invalid scan state: %s (%d)\n",
5330 			    ath11k_scan_state_str(ar->scan.state),
5331 			    ar->scan.state);
5332 		break;
5333 	case ATH11K_SCAN_STARTING:
5334 		complete(&ar->scan.started);
5335 		__ath11k_mac_scan_finish(ar);
5336 		break;
5337 	}
5338 }
5339 
5340 static void ath11k_wmi_event_scan_completed(struct ath11k *ar)
5341 {
5342 	lockdep_assert_held(&ar->data_lock);
5343 
5344 	switch (ar->scan.state) {
5345 	case ATH11K_SCAN_IDLE:
5346 	case ATH11K_SCAN_STARTING:
5347 		/* One suspected reason scan can be completed while starting is
5348 		 * if firmware fails to deliver all scan events to the host,
5349 		 * e.g. when transport pipe is full. This has been observed
5350 		 * with spectral scan phyerr events starving wmi transport
5351 		 * pipe. In such case the "scan completed" event should be (and
5352 		 * is) ignored by the host as it may be just firmware's scan
5353 		 * state machine recovering.
5354 		 */
5355 		ath11k_warn(ar->ab, "received scan completed event in an invalid scan state: %s (%d)\n",
5356 			    ath11k_scan_state_str(ar->scan.state),
5357 			    ar->scan.state);
5358 		break;
5359 	case ATH11K_SCAN_RUNNING:
5360 	case ATH11K_SCAN_ABORTING:
5361 		__ath11k_mac_scan_finish(ar);
5362 		break;
5363 	}
5364 }
5365 
5366 static void ath11k_wmi_event_scan_bss_chan(struct ath11k *ar)
5367 {
5368 	lockdep_assert_held(&ar->data_lock);
5369 
5370 	switch (ar->scan.state) {
5371 	case ATH11K_SCAN_IDLE:
5372 	case ATH11K_SCAN_STARTING:
5373 		ath11k_warn(ar->ab, "received scan bss chan event in an invalid scan state: %s (%d)\n",
5374 			    ath11k_scan_state_str(ar->scan.state),
5375 			    ar->scan.state);
5376 		break;
5377 	case ATH11K_SCAN_RUNNING:
5378 	case ATH11K_SCAN_ABORTING:
5379 		ar->scan_channel = NULL;
5380 		break;
5381 	}
5382 }
5383 
5384 static void ath11k_wmi_event_scan_foreign_chan(struct ath11k *ar, u32 freq)
5385 {
5386 	lockdep_assert_held(&ar->data_lock);
5387 
5388 	switch (ar->scan.state) {
5389 	case ATH11K_SCAN_IDLE:
5390 	case ATH11K_SCAN_STARTING:
5391 		ath11k_warn(ar->ab, "received scan foreign chan event in an invalid scan state: %s (%d)\n",
5392 			    ath11k_scan_state_str(ar->scan.state),
5393 			    ar->scan.state);
5394 		break;
5395 	case ATH11K_SCAN_RUNNING:
5396 	case ATH11K_SCAN_ABORTING:
5397 		ar->scan_channel = ieee80211_get_channel(ar->hw->wiphy, freq);
5398 		if (ar->scan.is_roc && ar->scan.roc_freq == freq)
5399 			complete(&ar->scan.on_channel);
5400 		break;
5401 	}
5402 }
5403 
5404 static const char *
5405 ath11k_wmi_event_scan_type_str(enum wmi_scan_event_type type,
5406 			       enum wmi_scan_completion_reason reason)
5407 {
5408 	switch (type) {
5409 	case WMI_SCAN_EVENT_STARTED:
5410 		return "started";
5411 	case WMI_SCAN_EVENT_COMPLETED:
5412 		switch (reason) {
5413 		case WMI_SCAN_REASON_COMPLETED:
5414 			return "completed";
5415 		case WMI_SCAN_REASON_CANCELLED:
5416 			return "completed [cancelled]";
5417 		case WMI_SCAN_REASON_PREEMPTED:
5418 			return "completed [preempted]";
5419 		case WMI_SCAN_REASON_TIMEDOUT:
5420 			return "completed [timedout]";
5421 		case WMI_SCAN_REASON_INTERNAL_FAILURE:
5422 			return "completed [internal err]";
5423 		case WMI_SCAN_REASON_MAX:
5424 			break;
5425 		}
5426 		return "completed [unknown]";
5427 	case WMI_SCAN_EVENT_BSS_CHANNEL:
5428 		return "bss channel";
5429 	case WMI_SCAN_EVENT_FOREIGN_CHAN:
5430 		return "foreign channel";
5431 	case WMI_SCAN_EVENT_DEQUEUED:
5432 		return "dequeued";
5433 	case WMI_SCAN_EVENT_PREEMPTED:
5434 		return "preempted";
5435 	case WMI_SCAN_EVENT_START_FAILED:
5436 		return "start failed";
5437 	case WMI_SCAN_EVENT_RESTARTED:
5438 		return "restarted";
5439 	case WMI_SCAN_EVENT_FOREIGN_CHAN_EXIT:
5440 		return "foreign channel exit";
5441 	default:
5442 		return "unknown";
5443 	}
5444 }
5445 
5446 static int ath11k_pull_scan_ev(struct ath11k_base *ab, struct sk_buff *skb,
5447 			       struct wmi_scan_event *scan_evt_param)
5448 {
5449 	const void **tb;
5450 	const struct wmi_scan_event *ev;
5451 	int ret;
5452 
5453 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5454 	if (IS_ERR(tb)) {
5455 		ret = PTR_ERR(tb);
5456 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5457 		return ret;
5458 	}
5459 
5460 	ev = tb[WMI_TAG_SCAN_EVENT];
5461 	if (!ev) {
5462 		ath11k_warn(ab, "failed to fetch scan ev");
5463 		kfree(tb);
5464 		return -EPROTO;
5465 	}
5466 
5467 	scan_evt_param->event_type = ev->event_type;
5468 	scan_evt_param->reason = ev->reason;
5469 	scan_evt_param->channel_freq = ev->channel_freq;
5470 	scan_evt_param->scan_req_id = ev->scan_req_id;
5471 	scan_evt_param->scan_id = ev->scan_id;
5472 	scan_evt_param->vdev_id = ev->vdev_id;
5473 	scan_evt_param->tsf_timestamp = ev->tsf_timestamp;
5474 
5475 	kfree(tb);
5476 	return 0;
5477 }
5478 
5479 static int ath11k_pull_peer_sta_kickout_ev(struct ath11k_base *ab, struct sk_buff *skb,
5480 					   struct wmi_peer_sta_kickout_arg *arg)
5481 {
5482 	const void **tb;
5483 	const struct wmi_peer_sta_kickout_event *ev;
5484 	int ret;
5485 
5486 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5487 	if (IS_ERR(tb)) {
5488 		ret = PTR_ERR(tb);
5489 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5490 		return ret;
5491 	}
5492 
5493 	ev = tb[WMI_TAG_PEER_STA_KICKOUT_EVENT];
5494 	if (!ev) {
5495 		ath11k_warn(ab, "failed to fetch peer sta kickout ev");
5496 		kfree(tb);
5497 		return -EPROTO;
5498 	}
5499 
5500 	arg->mac_addr = ev->peer_macaddr.addr;
5501 
5502 	kfree(tb);
5503 	return 0;
5504 }
5505 
5506 static int ath11k_pull_roam_ev(struct ath11k_base *ab, struct sk_buff *skb,
5507 			       struct wmi_roam_event *roam_ev)
5508 {
5509 	const void **tb;
5510 	const struct wmi_roam_event *ev;
5511 	int ret;
5512 
5513 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5514 	if (IS_ERR(tb)) {
5515 		ret = PTR_ERR(tb);
5516 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5517 		return ret;
5518 	}
5519 
5520 	ev = tb[WMI_TAG_ROAM_EVENT];
5521 	if (!ev) {
5522 		ath11k_warn(ab, "failed to fetch roam ev");
5523 		kfree(tb);
5524 		return -EPROTO;
5525 	}
5526 
5527 	roam_ev->vdev_id = ev->vdev_id;
5528 	roam_ev->reason = ev->reason;
5529 	roam_ev->rssi = ev->rssi;
5530 
5531 	kfree(tb);
5532 	return 0;
5533 }
5534 
5535 static int freq_to_idx(struct ath11k *ar, int freq)
5536 {
5537 	struct ieee80211_supported_band *sband;
5538 	int band, ch, idx = 0;
5539 
5540 	for (band = NL80211_BAND_2GHZ; band < NUM_NL80211_BANDS; band++) {
5541 		sband = ar->hw->wiphy->bands[band];
5542 		if (!sband)
5543 			continue;
5544 
5545 		for (ch = 0; ch < sband->n_channels; ch++, idx++)
5546 			if (sband->channels[ch].center_freq == freq)
5547 				goto exit;
5548 	}
5549 
5550 exit:
5551 	return idx;
5552 }
5553 
5554 static int ath11k_pull_chan_info_ev(struct ath11k_base *ab, u8 *evt_buf,
5555 				    u32 len, struct wmi_chan_info_event *ch_info_ev)
5556 {
5557 	const void **tb;
5558 	const struct wmi_chan_info_event *ev;
5559 	int ret;
5560 
5561 	tb = ath11k_wmi_tlv_parse_alloc(ab, evt_buf, len, GFP_ATOMIC);
5562 	if (IS_ERR(tb)) {
5563 		ret = PTR_ERR(tb);
5564 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5565 		return ret;
5566 	}
5567 
5568 	ev = tb[WMI_TAG_CHAN_INFO_EVENT];
5569 	if (!ev) {
5570 		ath11k_warn(ab, "failed to fetch chan info ev");
5571 		kfree(tb);
5572 		return -EPROTO;
5573 	}
5574 
5575 	ch_info_ev->err_code = ev->err_code;
5576 	ch_info_ev->freq = ev->freq;
5577 	ch_info_ev->cmd_flags = ev->cmd_flags;
5578 	ch_info_ev->noise_floor = ev->noise_floor;
5579 	ch_info_ev->rx_clear_count = ev->rx_clear_count;
5580 	ch_info_ev->cycle_count = ev->cycle_count;
5581 	ch_info_ev->chan_tx_pwr_range = ev->chan_tx_pwr_range;
5582 	ch_info_ev->chan_tx_pwr_tp = ev->chan_tx_pwr_tp;
5583 	ch_info_ev->rx_frame_count = ev->rx_frame_count;
5584 	ch_info_ev->tx_frame_cnt = ev->tx_frame_cnt;
5585 	ch_info_ev->mac_clk_mhz = ev->mac_clk_mhz;
5586 	ch_info_ev->vdev_id = ev->vdev_id;
5587 
5588 	kfree(tb);
5589 	return 0;
5590 }
5591 
5592 static int
5593 ath11k_pull_pdev_bss_chan_info_ev(struct ath11k_base *ab, struct sk_buff *skb,
5594 				  struct wmi_pdev_bss_chan_info_event *bss_ch_info_ev)
5595 {
5596 	const void **tb;
5597 	const struct wmi_pdev_bss_chan_info_event *ev;
5598 	int ret;
5599 
5600 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5601 	if (IS_ERR(tb)) {
5602 		ret = PTR_ERR(tb);
5603 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5604 		return ret;
5605 	}
5606 
5607 	ev = tb[WMI_TAG_PDEV_BSS_CHAN_INFO_EVENT];
5608 	if (!ev) {
5609 		ath11k_warn(ab, "failed to fetch pdev bss chan info ev");
5610 		kfree(tb);
5611 		return -EPROTO;
5612 	}
5613 
5614 	bss_ch_info_ev->pdev_id = ev->pdev_id;
5615 	bss_ch_info_ev->freq = ev->freq;
5616 	bss_ch_info_ev->noise_floor = ev->noise_floor;
5617 	bss_ch_info_ev->rx_clear_count_low = ev->rx_clear_count_low;
5618 	bss_ch_info_ev->rx_clear_count_high = ev->rx_clear_count_high;
5619 	bss_ch_info_ev->cycle_count_low = ev->cycle_count_low;
5620 	bss_ch_info_ev->cycle_count_high = ev->cycle_count_high;
5621 	bss_ch_info_ev->tx_cycle_count_low = ev->tx_cycle_count_low;
5622 	bss_ch_info_ev->tx_cycle_count_high = ev->tx_cycle_count_high;
5623 	bss_ch_info_ev->rx_cycle_count_low = ev->rx_cycle_count_low;
5624 	bss_ch_info_ev->rx_cycle_count_high = ev->rx_cycle_count_high;
5625 	bss_ch_info_ev->rx_bss_cycle_count_low = ev->rx_bss_cycle_count_low;
5626 	bss_ch_info_ev->rx_bss_cycle_count_high = ev->rx_bss_cycle_count_high;
5627 
5628 	kfree(tb);
5629 	return 0;
5630 }
5631 
5632 static int
5633 ath11k_pull_vdev_install_key_compl_ev(struct ath11k_base *ab, struct sk_buff *skb,
5634 				      struct wmi_vdev_install_key_complete_arg *arg)
5635 {
5636 	const void **tb;
5637 	const struct wmi_vdev_install_key_compl_event *ev;
5638 	int ret;
5639 
5640 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5641 	if (IS_ERR(tb)) {
5642 		ret = PTR_ERR(tb);
5643 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5644 		return ret;
5645 	}
5646 
5647 	ev = tb[WMI_TAG_VDEV_INSTALL_KEY_COMPLETE_EVENT];
5648 	if (!ev) {
5649 		ath11k_warn(ab, "failed to fetch vdev install key compl ev");
5650 		kfree(tb);
5651 		return -EPROTO;
5652 	}
5653 
5654 	arg->vdev_id = ev->vdev_id;
5655 	arg->macaddr = ev->peer_macaddr.addr;
5656 	arg->key_idx = ev->key_idx;
5657 	arg->key_flags = ev->key_flags;
5658 	arg->status = ev->status;
5659 
5660 	kfree(tb);
5661 	return 0;
5662 }
5663 
5664 static int ath11k_pull_peer_assoc_conf_ev(struct ath11k_base *ab, struct sk_buff *skb,
5665 					  struct wmi_peer_assoc_conf_arg *peer_assoc_conf)
5666 {
5667 	const void **tb;
5668 	const struct wmi_peer_assoc_conf_event *ev;
5669 	int ret;
5670 
5671 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5672 	if (IS_ERR(tb)) {
5673 		ret = PTR_ERR(tb);
5674 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5675 		return ret;
5676 	}
5677 
5678 	ev = tb[WMI_TAG_PEER_ASSOC_CONF_EVENT];
5679 	if (!ev) {
5680 		ath11k_warn(ab, "failed to fetch peer assoc conf ev");
5681 		kfree(tb);
5682 		return -EPROTO;
5683 	}
5684 
5685 	peer_assoc_conf->vdev_id = ev->vdev_id;
5686 	peer_assoc_conf->macaddr = ev->peer_macaddr.addr;
5687 
5688 	kfree(tb);
5689 	return 0;
5690 }
5691 
5692 static void ath11k_wmi_pull_pdev_stats_base(const struct wmi_pdev_stats_base *src,
5693 					    struct ath11k_fw_stats_pdev *dst)
5694 {
5695 	dst->ch_noise_floor = src->chan_nf;
5696 	dst->tx_frame_count = src->tx_frame_count;
5697 	dst->rx_frame_count = src->rx_frame_count;
5698 	dst->rx_clear_count = src->rx_clear_count;
5699 	dst->cycle_count = src->cycle_count;
5700 	dst->phy_err_count = src->phy_err_count;
5701 	dst->chan_tx_power = src->chan_tx_pwr;
5702 }
5703 
5704 static void
5705 ath11k_wmi_pull_pdev_stats_tx(const struct wmi_pdev_stats_tx *src,
5706 			      struct ath11k_fw_stats_pdev *dst)
5707 {
5708 	dst->comp_queued = src->comp_queued;
5709 	dst->comp_delivered = src->comp_delivered;
5710 	dst->msdu_enqued = src->msdu_enqued;
5711 	dst->mpdu_enqued = src->mpdu_enqued;
5712 	dst->wmm_drop = src->wmm_drop;
5713 	dst->local_enqued = src->local_enqued;
5714 	dst->local_freed = src->local_freed;
5715 	dst->hw_queued = src->hw_queued;
5716 	dst->hw_reaped = src->hw_reaped;
5717 	dst->underrun = src->underrun;
5718 	dst->hw_paused = src->hw_paused;
5719 	dst->tx_abort = src->tx_abort;
5720 	dst->mpdus_requeued = src->mpdus_requeued;
5721 	dst->tx_ko = src->tx_ko;
5722 	dst->tx_xretry = src->tx_xretry;
5723 	dst->data_rc = src->data_rc;
5724 	dst->self_triggers = src->self_triggers;
5725 	dst->sw_retry_failure = src->sw_retry_failure;
5726 	dst->illgl_rate_phy_err = src->illgl_rate_phy_err;
5727 	dst->pdev_cont_xretry = src->pdev_cont_xretry;
5728 	dst->pdev_tx_timeout = src->pdev_tx_timeout;
5729 	dst->pdev_resets = src->pdev_resets;
5730 	dst->stateless_tid_alloc_failure = src->stateless_tid_alloc_failure;
5731 	dst->phy_underrun = src->phy_underrun;
5732 	dst->txop_ovf = src->txop_ovf;
5733 	dst->seq_posted = src->seq_posted;
5734 	dst->seq_failed_queueing = src->seq_failed_queueing;
5735 	dst->seq_completed = src->seq_completed;
5736 	dst->seq_restarted = src->seq_restarted;
5737 	dst->mu_seq_posted = src->mu_seq_posted;
5738 	dst->mpdus_sw_flush = src->mpdus_sw_flush;
5739 	dst->mpdus_hw_filter = src->mpdus_hw_filter;
5740 	dst->mpdus_truncated = src->mpdus_truncated;
5741 	dst->mpdus_ack_failed = src->mpdus_ack_failed;
5742 	dst->mpdus_expired = src->mpdus_expired;
5743 }
5744 
5745 static void ath11k_wmi_pull_pdev_stats_rx(const struct wmi_pdev_stats_rx *src,
5746 					  struct ath11k_fw_stats_pdev *dst)
5747 {
5748 	dst->mid_ppdu_route_change = src->mid_ppdu_route_change;
5749 	dst->status_rcvd = src->status_rcvd;
5750 	dst->r0_frags = src->r0_frags;
5751 	dst->r1_frags = src->r1_frags;
5752 	dst->r2_frags = src->r2_frags;
5753 	dst->r3_frags = src->r3_frags;
5754 	dst->htt_msdus = src->htt_msdus;
5755 	dst->htt_mpdus = src->htt_mpdus;
5756 	dst->loc_msdus = src->loc_msdus;
5757 	dst->loc_mpdus = src->loc_mpdus;
5758 	dst->oversize_amsdu = src->oversize_amsdu;
5759 	dst->phy_errs = src->phy_errs;
5760 	dst->phy_err_drop = src->phy_err_drop;
5761 	dst->mpdu_errs = src->mpdu_errs;
5762 	dst->rx_ovfl_errs = src->rx_ovfl_errs;
5763 }
5764 
5765 static void
5766 ath11k_wmi_pull_vdev_stats(const struct wmi_vdev_stats *src,
5767 			   struct ath11k_fw_stats_vdev *dst)
5768 {
5769 	int i;
5770 
5771 	dst->vdev_id = src->vdev_id;
5772 	dst->beacon_snr = src->beacon_snr;
5773 	dst->data_snr = src->data_snr;
5774 	dst->num_rx_frames = src->num_rx_frames;
5775 	dst->num_rts_fail = src->num_rts_fail;
5776 	dst->num_rts_success = src->num_rts_success;
5777 	dst->num_rx_err = src->num_rx_err;
5778 	dst->num_rx_discard = src->num_rx_discard;
5779 	dst->num_tx_not_acked = src->num_tx_not_acked;
5780 
5781 	for (i = 0; i < ARRAY_SIZE(src->num_tx_frames); i++)
5782 		dst->num_tx_frames[i] = src->num_tx_frames[i];
5783 
5784 	for (i = 0; i < ARRAY_SIZE(src->num_tx_frames_retries); i++)
5785 		dst->num_tx_frames_retries[i] = src->num_tx_frames_retries[i];
5786 
5787 	for (i = 0; i < ARRAY_SIZE(src->num_tx_frames_failures); i++)
5788 		dst->num_tx_frames_failures[i] = src->num_tx_frames_failures[i];
5789 
5790 	for (i = 0; i < ARRAY_SIZE(src->tx_rate_history); i++)
5791 		dst->tx_rate_history[i] = src->tx_rate_history[i];
5792 
5793 	for (i = 0; i < ARRAY_SIZE(src->beacon_rssi_history); i++)
5794 		dst->beacon_rssi_history[i] = src->beacon_rssi_history[i];
5795 }
5796 
5797 static void
5798 ath11k_wmi_pull_bcn_stats(const struct wmi_bcn_stats *src,
5799 			  struct ath11k_fw_stats_bcn *dst)
5800 {
5801 	dst->vdev_id = src->vdev_id;
5802 	dst->tx_bcn_succ_cnt = src->tx_bcn_succ_cnt;
5803 	dst->tx_bcn_outage_cnt = src->tx_bcn_outage_cnt;
5804 }
5805 
5806 static int ath11k_wmi_tlv_rssi_chain_parse(struct ath11k_base *ab,
5807 					   u16 tag, u16 len,
5808 					   const void *ptr, void *data)
5809 {
5810 	struct wmi_tlv_fw_stats_parse *parse = data;
5811 	const struct wmi_stats_event *ev = parse->ev;
5812 	struct ath11k_fw_stats *stats = parse->stats;
5813 	struct ath11k *ar;
5814 	struct ath11k_vif *arvif;
5815 	struct ieee80211_sta *sta;
5816 	struct ath11k_sta *arsta;
5817 	const struct wmi_rssi_stats *stats_rssi = (const struct wmi_rssi_stats *)ptr;
5818 	int j, ret = 0;
5819 
5820 	if (tag != WMI_TAG_RSSI_STATS)
5821 		return -EPROTO;
5822 
5823 	rcu_read_lock();
5824 
5825 	ar = ath11k_mac_get_ar_by_pdev_id(ab, ev->pdev_id);
5826 	stats->stats_id = WMI_REQUEST_RSSI_PER_CHAIN_STAT;
5827 
5828 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5829 		   "wmi stats vdev id %d mac %pM\n",
5830 		   stats_rssi->vdev_id, stats_rssi->peer_macaddr.addr);
5831 
5832 	arvif = ath11k_mac_get_arvif(ar, stats_rssi->vdev_id);
5833 	if (!arvif) {
5834 		ath11k_warn(ab, "not found vif for vdev id %d\n",
5835 			    stats_rssi->vdev_id);
5836 		ret = -EPROTO;
5837 		goto exit;
5838 	}
5839 
5840 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5841 		   "wmi stats bssid %pM vif %pK\n",
5842 		   arvif->bssid, arvif->vif);
5843 
5844 	sta = ieee80211_find_sta_by_ifaddr(ar->hw,
5845 					   arvif->bssid,
5846 					   NULL);
5847 	if (!sta) {
5848 		ath11k_dbg(ab, ATH11K_DBG_WMI,
5849 			   "not found station of bssid %pM for rssi chain\n",
5850 			   arvif->bssid);
5851 		goto exit;
5852 	}
5853 
5854 	arsta = (struct ath11k_sta *)sta->drv_priv;
5855 
5856 	BUILD_BUG_ON(ARRAY_SIZE(arsta->chain_signal) >
5857 		     ARRAY_SIZE(stats_rssi->rssi_avg_beacon));
5858 
5859 	for (j = 0; j < ARRAY_SIZE(arsta->chain_signal); j++) {
5860 		arsta->chain_signal[j] = stats_rssi->rssi_avg_beacon[j];
5861 		ath11k_dbg(ab, ATH11K_DBG_WMI,
5862 			   "wmi stats beacon rssi[%d] %d data rssi[%d] %d\n",
5863 			   j,
5864 			   stats_rssi->rssi_avg_beacon[j],
5865 			   j,
5866 			   stats_rssi->rssi_avg_data[j]);
5867 	}
5868 
5869 exit:
5870 	rcu_read_unlock();
5871 	return ret;
5872 }
5873 
5874 static int ath11k_wmi_tlv_fw_stats_data_parse(struct ath11k_base *ab,
5875 					      struct wmi_tlv_fw_stats_parse *parse,
5876 					      const void *ptr,
5877 					      u16 len)
5878 {
5879 	struct ath11k_fw_stats *stats = parse->stats;
5880 	const struct wmi_stats_event *ev = parse->ev;
5881 	struct ath11k *ar;
5882 	struct ath11k_vif *arvif;
5883 	struct ieee80211_sta *sta;
5884 	struct ath11k_sta *arsta;
5885 	int i, ret = 0;
5886 	const void *data = ptr;
5887 
5888 	if (!ev) {
5889 		ath11k_warn(ab, "failed to fetch update stats ev");
5890 		return -EPROTO;
5891 	}
5892 
5893 	stats->stats_id = 0;
5894 
5895 	rcu_read_lock();
5896 
5897 	ar = ath11k_mac_get_ar_by_pdev_id(ab, ev->pdev_id);
5898 
5899 	for (i = 0; i < ev->num_pdev_stats; i++) {
5900 		const struct wmi_pdev_stats *src;
5901 		struct ath11k_fw_stats_pdev *dst;
5902 
5903 		src = data;
5904 		if (len < sizeof(*src)) {
5905 			ret = -EPROTO;
5906 			goto exit;
5907 		}
5908 
5909 		stats->stats_id = WMI_REQUEST_PDEV_STAT;
5910 
5911 		data += sizeof(*src);
5912 		len -= sizeof(*src);
5913 
5914 		dst = kzalloc(sizeof(*dst), GFP_ATOMIC);
5915 		if (!dst)
5916 			continue;
5917 
5918 		ath11k_wmi_pull_pdev_stats_base(&src->base, dst);
5919 		ath11k_wmi_pull_pdev_stats_tx(&src->tx, dst);
5920 		ath11k_wmi_pull_pdev_stats_rx(&src->rx, dst);
5921 		list_add_tail(&dst->list, &stats->pdevs);
5922 	}
5923 
5924 	for (i = 0; i < ev->num_vdev_stats; i++) {
5925 		const struct wmi_vdev_stats *src;
5926 		struct ath11k_fw_stats_vdev *dst;
5927 
5928 		src = data;
5929 		if (len < sizeof(*src)) {
5930 			ret = -EPROTO;
5931 			goto exit;
5932 		}
5933 
5934 		stats->stats_id = WMI_REQUEST_VDEV_STAT;
5935 
5936 		arvif = ath11k_mac_get_arvif(ar, src->vdev_id);
5937 		if (arvif) {
5938 			sta = ieee80211_find_sta_by_ifaddr(ar->hw,
5939 							   arvif->bssid,
5940 							   NULL);
5941 			if (sta) {
5942 				arsta = (struct ath11k_sta *)sta->drv_priv;
5943 				arsta->rssi_beacon = src->beacon_snr;
5944 				ath11k_dbg(ab, ATH11K_DBG_WMI,
5945 					   "wmi stats vdev id %d snr %d\n",
5946 					   src->vdev_id, src->beacon_snr);
5947 			} else {
5948 				ath11k_dbg(ab, ATH11K_DBG_WMI,
5949 					   "not found station of bssid %pM for vdev stat\n",
5950 					   arvif->bssid);
5951 			}
5952 		}
5953 
5954 		data += sizeof(*src);
5955 		len -= sizeof(*src);
5956 
5957 		dst = kzalloc(sizeof(*dst), GFP_ATOMIC);
5958 		if (!dst)
5959 			continue;
5960 
5961 		ath11k_wmi_pull_vdev_stats(src, dst);
5962 		list_add_tail(&dst->list, &stats->vdevs);
5963 	}
5964 
5965 	for (i = 0; i < ev->num_bcn_stats; i++) {
5966 		const struct wmi_bcn_stats *src;
5967 		struct ath11k_fw_stats_bcn *dst;
5968 
5969 		src = data;
5970 		if (len < sizeof(*src)) {
5971 			ret = -EPROTO;
5972 			goto exit;
5973 		}
5974 
5975 		stats->stats_id = WMI_REQUEST_BCN_STAT;
5976 
5977 		data += sizeof(*src);
5978 		len -= sizeof(*src);
5979 
5980 		dst = kzalloc(sizeof(*dst), GFP_ATOMIC);
5981 		if (!dst)
5982 			continue;
5983 
5984 		ath11k_wmi_pull_bcn_stats(src, dst);
5985 		list_add_tail(&dst->list, &stats->bcn);
5986 	}
5987 
5988 exit:
5989 	rcu_read_unlock();
5990 	return ret;
5991 }
5992 
5993 static int ath11k_wmi_tlv_fw_stats_parse(struct ath11k_base *ab,
5994 					 u16 tag, u16 len,
5995 					 const void *ptr, void *data)
5996 {
5997 	struct wmi_tlv_fw_stats_parse *parse = data;
5998 	int ret = 0;
5999 
6000 	switch (tag) {
6001 	case WMI_TAG_STATS_EVENT:
6002 		parse->ev = (struct wmi_stats_event *)ptr;
6003 		parse->stats->pdev_id = parse->ev->pdev_id;
6004 		break;
6005 	case WMI_TAG_ARRAY_BYTE:
6006 		ret = ath11k_wmi_tlv_fw_stats_data_parse(ab, parse, ptr, len);
6007 		break;
6008 	case WMI_TAG_PER_CHAIN_RSSI_STATS:
6009 		parse->rssi = (struct wmi_per_chain_rssi_stats *)ptr;
6010 
6011 		if (parse->ev->stats_id & WMI_REQUEST_RSSI_PER_CHAIN_STAT)
6012 			parse->rssi_num = parse->rssi->num_per_chain_rssi_stats;
6013 
6014 		ath11k_dbg(ab, ATH11K_DBG_WMI,
6015 			   "wmi stats id 0x%x num chain %d\n",
6016 			   parse->ev->stats_id,
6017 			   parse->rssi_num);
6018 		break;
6019 	case WMI_TAG_ARRAY_STRUCT:
6020 		if (parse->rssi_num && !parse->chain_rssi_done) {
6021 			ret = ath11k_wmi_tlv_iter(ab, ptr, len,
6022 						  ath11k_wmi_tlv_rssi_chain_parse,
6023 						  parse);
6024 			if (ret) {
6025 				ath11k_warn(ab, "failed to parse rssi chain %d\n",
6026 					    ret);
6027 				return ret;
6028 			}
6029 			parse->chain_rssi_done = true;
6030 		}
6031 		break;
6032 	default:
6033 		break;
6034 	}
6035 	return ret;
6036 }
6037 
6038 int ath11k_wmi_pull_fw_stats(struct ath11k_base *ab, struct sk_buff *skb,
6039 			     struct ath11k_fw_stats *stats)
6040 {
6041 	struct wmi_tlv_fw_stats_parse parse = { };
6042 
6043 	stats->stats_id = 0;
6044 	parse.stats = stats;
6045 
6046 	return ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
6047 				   ath11k_wmi_tlv_fw_stats_parse,
6048 				   &parse);
6049 }
6050 
6051 size_t ath11k_wmi_fw_stats_num_vdevs(struct list_head *head)
6052 {
6053 	struct ath11k_fw_stats_vdev *i;
6054 	size_t num = 0;
6055 
6056 	list_for_each_entry(i, head, list)
6057 		++num;
6058 
6059 	return num;
6060 }
6061 
6062 static size_t ath11k_wmi_fw_stats_num_bcn(struct list_head *head)
6063 {
6064 	struct ath11k_fw_stats_bcn *i;
6065 	size_t num = 0;
6066 
6067 	list_for_each_entry(i, head, list)
6068 		++num;
6069 
6070 	return num;
6071 }
6072 
6073 static void
6074 ath11k_wmi_fw_pdev_base_stats_fill(const struct ath11k_fw_stats_pdev *pdev,
6075 				   char *buf, u32 *length)
6076 {
6077 	u32 len = *length;
6078 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6079 
6080 	len += scnprintf(buf + len, buf_len - len, "\n");
6081 	len += scnprintf(buf + len, buf_len - len, "%30s\n",
6082 			"ath11k PDEV stats");
6083 	len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6084 			"=================");
6085 
6086 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6087 			"Channel noise floor", pdev->ch_noise_floor);
6088 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6089 			"Channel TX power", pdev->chan_tx_power);
6090 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6091 			"TX frame count", pdev->tx_frame_count);
6092 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6093 			"RX frame count", pdev->rx_frame_count);
6094 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6095 			"RX clear count", pdev->rx_clear_count);
6096 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6097 			"Cycle count", pdev->cycle_count);
6098 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6099 			"PHY error count", pdev->phy_err_count);
6100 
6101 	*length = len;
6102 }
6103 
6104 static void
6105 ath11k_wmi_fw_pdev_tx_stats_fill(const struct ath11k_fw_stats_pdev *pdev,
6106 				 char *buf, u32 *length)
6107 {
6108 	u32 len = *length;
6109 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6110 
6111 	len += scnprintf(buf + len, buf_len - len, "\n%30s\n",
6112 			 "ath11k PDEV TX stats");
6113 	len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6114 			 "====================");
6115 
6116 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6117 			 "HTT cookies queued", pdev->comp_queued);
6118 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6119 			 "HTT cookies disp.", pdev->comp_delivered);
6120 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6121 			 "MSDU queued", pdev->msdu_enqued);
6122 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6123 			 "MPDU queued", pdev->mpdu_enqued);
6124 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6125 			 "MSDUs dropped", pdev->wmm_drop);
6126 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6127 			 "Local enqued", pdev->local_enqued);
6128 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6129 			 "Local freed", pdev->local_freed);
6130 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6131 			 "HW queued", pdev->hw_queued);
6132 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6133 			 "PPDUs reaped", pdev->hw_reaped);
6134 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6135 			 "Num underruns", pdev->underrun);
6136 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6137 			 "Num HW Paused", pdev->hw_paused);
6138 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6139 			 "PPDUs cleaned", pdev->tx_abort);
6140 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6141 			 "MPDUs requeued", pdev->mpdus_requeued);
6142 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6143 			 "PPDU OK", pdev->tx_ko);
6144 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6145 			 "Excessive retries", pdev->tx_xretry);
6146 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6147 			 "HW rate", pdev->data_rc);
6148 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6149 			 "Sched self triggers", pdev->self_triggers);
6150 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6151 			 "Dropped due to SW retries",
6152 			 pdev->sw_retry_failure);
6153 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6154 			 "Illegal rate phy errors",
6155 			 pdev->illgl_rate_phy_err);
6156 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6157 			 "PDEV continuous xretry", pdev->pdev_cont_xretry);
6158 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6159 			 "TX timeout", pdev->pdev_tx_timeout);
6160 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6161 			 "PDEV resets", pdev->pdev_resets);
6162 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6163 			 "Stateless TIDs alloc failures",
6164 			 pdev->stateless_tid_alloc_failure);
6165 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6166 			 "PHY underrun", pdev->phy_underrun);
6167 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6168 			 "MPDU is more than txop limit", pdev->txop_ovf);
6169 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6170 			 "Num sequences posted", pdev->seq_posted);
6171 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6172 			 "Num seq failed queueing ", pdev->seq_failed_queueing);
6173 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6174 			 "Num sequences completed ", pdev->seq_completed);
6175 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6176 			 "Num sequences restarted ", pdev->seq_restarted);
6177 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6178 			 "Num of MU sequences posted ", pdev->mu_seq_posted);
6179 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6180 			 "Num of MPDUS SW flushed ", pdev->mpdus_sw_flush);
6181 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6182 			 "Num of MPDUS HW filtered ", pdev->mpdus_hw_filter);
6183 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6184 			 "Num of MPDUS truncated ", pdev->mpdus_truncated);
6185 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6186 			 "Num of MPDUS ACK failed ", pdev->mpdus_ack_failed);
6187 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6188 			 "Num of MPDUS expired ", pdev->mpdus_expired);
6189 	*length = len;
6190 }
6191 
6192 static void
6193 ath11k_wmi_fw_pdev_rx_stats_fill(const struct ath11k_fw_stats_pdev *pdev,
6194 				 char *buf, u32 *length)
6195 {
6196 	u32 len = *length;
6197 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6198 
6199 	len += scnprintf(buf + len, buf_len - len, "\n%30s\n",
6200 			 "ath11k PDEV RX stats");
6201 	len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6202 			 "====================");
6203 
6204 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6205 			 "Mid PPDU route change",
6206 			 pdev->mid_ppdu_route_change);
6207 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6208 			 "Tot. number of statuses", pdev->status_rcvd);
6209 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6210 			 "Extra frags on rings 0", pdev->r0_frags);
6211 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6212 			 "Extra frags on rings 1", pdev->r1_frags);
6213 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6214 			 "Extra frags on rings 2", pdev->r2_frags);
6215 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6216 			 "Extra frags on rings 3", pdev->r3_frags);
6217 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6218 			 "MSDUs delivered to HTT", pdev->htt_msdus);
6219 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6220 			 "MPDUs delivered to HTT", pdev->htt_mpdus);
6221 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6222 			 "MSDUs delivered to stack", pdev->loc_msdus);
6223 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6224 			 "MPDUs delivered to stack", pdev->loc_mpdus);
6225 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6226 			 "Oversized AMSUs", pdev->oversize_amsdu);
6227 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6228 			 "PHY errors", pdev->phy_errs);
6229 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6230 			 "PHY errors drops", pdev->phy_err_drop);
6231 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6232 			 "MPDU errors (FCS, MIC, ENC)", pdev->mpdu_errs);
6233 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6234 			 "Overflow errors", pdev->rx_ovfl_errs);
6235 	*length = len;
6236 }
6237 
6238 static void
6239 ath11k_wmi_fw_vdev_stats_fill(struct ath11k *ar,
6240 			      const struct ath11k_fw_stats_vdev *vdev,
6241 			      char *buf, u32 *length)
6242 {
6243 	u32 len = *length;
6244 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6245 	struct ath11k_vif *arvif = ath11k_mac_get_arvif(ar, vdev->vdev_id);
6246 	u8 *vif_macaddr;
6247 	int i;
6248 
6249 	/* VDEV stats has all the active VDEVs of other PDEVs as well,
6250 	 * ignoring those not part of requested PDEV
6251 	 */
6252 	if (!arvif)
6253 		return;
6254 
6255 	vif_macaddr = arvif->vif->addr;
6256 
6257 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6258 			 "VDEV ID", vdev->vdev_id);
6259 	len += scnprintf(buf + len, buf_len - len, "%30s %pM\n",
6260 			 "VDEV MAC address", vif_macaddr);
6261 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6262 			 "beacon snr", vdev->beacon_snr);
6263 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6264 			 "data snr", vdev->data_snr);
6265 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6266 			 "num rx frames", vdev->num_rx_frames);
6267 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6268 			 "num rts fail", vdev->num_rts_fail);
6269 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6270 			 "num rts success", vdev->num_rts_success);
6271 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6272 			 "num rx err", vdev->num_rx_err);
6273 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6274 			 "num rx discard", vdev->num_rx_discard);
6275 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6276 			 "num tx not acked", vdev->num_tx_not_acked);
6277 
6278 	for (i = 0 ; i < ARRAY_SIZE(vdev->num_tx_frames); i++)
6279 		len += scnprintf(buf + len, buf_len - len,
6280 				"%25s [%02d] %u\n",
6281 				"num tx frames", i,
6282 				vdev->num_tx_frames[i]);
6283 
6284 	for (i = 0 ; i < ARRAY_SIZE(vdev->num_tx_frames_retries); i++)
6285 		len += scnprintf(buf + len, buf_len - len,
6286 				"%25s [%02d] %u\n",
6287 				"num tx frames retries", i,
6288 				vdev->num_tx_frames_retries[i]);
6289 
6290 	for (i = 0 ; i < ARRAY_SIZE(vdev->num_tx_frames_failures); i++)
6291 		len += scnprintf(buf + len, buf_len - len,
6292 				"%25s [%02d] %u\n",
6293 				"num tx frames failures", i,
6294 				vdev->num_tx_frames_failures[i]);
6295 
6296 	for (i = 0 ; i < ARRAY_SIZE(vdev->tx_rate_history); i++)
6297 		len += scnprintf(buf + len, buf_len - len,
6298 				"%25s [%02d] 0x%08x\n",
6299 				"tx rate history", i,
6300 				vdev->tx_rate_history[i]);
6301 
6302 	for (i = 0 ; i < ARRAY_SIZE(vdev->beacon_rssi_history); i++)
6303 		len += scnprintf(buf + len, buf_len - len,
6304 				"%25s [%02d] %u\n",
6305 				"beacon rssi history", i,
6306 				vdev->beacon_rssi_history[i]);
6307 
6308 	len += scnprintf(buf + len, buf_len - len, "\n");
6309 	*length = len;
6310 }
6311 
6312 static void
6313 ath11k_wmi_fw_bcn_stats_fill(struct ath11k *ar,
6314 			     const struct ath11k_fw_stats_bcn *bcn,
6315 			     char *buf, u32 *length)
6316 {
6317 	u32 len = *length;
6318 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6319 	struct ath11k_vif *arvif = ath11k_mac_get_arvif(ar, bcn->vdev_id);
6320 	u8 *vdev_macaddr;
6321 
6322 	if (!arvif) {
6323 		ath11k_warn(ar->ab, "invalid vdev id %d in bcn stats",
6324 			    bcn->vdev_id);
6325 		return;
6326 	}
6327 
6328 	vdev_macaddr = arvif->vif->addr;
6329 
6330 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6331 			 "VDEV ID", bcn->vdev_id);
6332 	len += scnprintf(buf + len, buf_len - len, "%30s %pM\n",
6333 			 "VDEV MAC address", vdev_macaddr);
6334 	len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6335 			 "================");
6336 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6337 			 "Num of beacon tx success", bcn->tx_bcn_succ_cnt);
6338 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6339 			 "Num of beacon tx failures", bcn->tx_bcn_outage_cnt);
6340 
6341 	len += scnprintf(buf + len, buf_len - len, "\n");
6342 	*length = len;
6343 }
6344 
6345 void ath11k_wmi_fw_stats_fill(struct ath11k *ar,
6346 			      struct ath11k_fw_stats *fw_stats,
6347 			      u32 stats_id, char *buf)
6348 {
6349 	u32 len = 0;
6350 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6351 	const struct ath11k_fw_stats_pdev *pdev;
6352 	const struct ath11k_fw_stats_vdev *vdev;
6353 	const struct ath11k_fw_stats_bcn *bcn;
6354 	size_t num_bcn;
6355 
6356 	spin_lock_bh(&ar->data_lock);
6357 
6358 	if (stats_id == WMI_REQUEST_PDEV_STAT) {
6359 		pdev = list_first_entry_or_null(&fw_stats->pdevs,
6360 						struct ath11k_fw_stats_pdev, list);
6361 		if (!pdev) {
6362 			ath11k_warn(ar->ab, "failed to get pdev stats\n");
6363 			goto unlock;
6364 		}
6365 
6366 		ath11k_wmi_fw_pdev_base_stats_fill(pdev, buf, &len);
6367 		ath11k_wmi_fw_pdev_tx_stats_fill(pdev, buf, &len);
6368 		ath11k_wmi_fw_pdev_rx_stats_fill(pdev, buf, &len);
6369 	}
6370 
6371 	if (stats_id == WMI_REQUEST_VDEV_STAT) {
6372 		len += scnprintf(buf + len, buf_len - len, "\n");
6373 		len += scnprintf(buf + len, buf_len - len, "%30s\n",
6374 				 "ath11k VDEV stats");
6375 		len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6376 				 "=================");
6377 
6378 		list_for_each_entry(vdev, &fw_stats->vdevs, list)
6379 			ath11k_wmi_fw_vdev_stats_fill(ar, vdev, buf, &len);
6380 	}
6381 
6382 	if (stats_id == WMI_REQUEST_BCN_STAT) {
6383 		num_bcn = ath11k_wmi_fw_stats_num_bcn(&fw_stats->bcn);
6384 
6385 		len += scnprintf(buf + len, buf_len - len, "\n");
6386 		len += scnprintf(buf + len, buf_len - len, "%30s (%zu)\n",
6387 				 "ath11k Beacon stats", num_bcn);
6388 		len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6389 				 "===================");
6390 
6391 		list_for_each_entry(bcn, &fw_stats->bcn, list)
6392 			ath11k_wmi_fw_bcn_stats_fill(ar, bcn, buf, &len);
6393 	}
6394 
6395 unlock:
6396 	spin_unlock_bh(&ar->data_lock);
6397 
6398 	if (len >= buf_len)
6399 		buf[len - 1] = 0;
6400 	else
6401 		buf[len] = 0;
6402 }
6403 
6404 static void ath11k_wmi_op_ep_tx_credits(struct ath11k_base *ab)
6405 {
6406 	/* try to send pending beacons first. they take priority */
6407 	wake_up(&ab->wmi_ab.tx_credits_wq);
6408 }
6409 
6410 static int ath11k_reg_11d_new_cc_event(struct ath11k_base *ab, struct sk_buff *skb)
6411 {
6412 	const struct wmi_11d_new_cc_ev *ev;
6413 	struct ath11k *ar;
6414 	struct ath11k_pdev *pdev;
6415 	const void **tb;
6416 	int ret, i;
6417 
6418 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6419 	if (IS_ERR(tb)) {
6420 		ret = PTR_ERR(tb);
6421 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
6422 		return ret;
6423 	}
6424 
6425 	ev = tb[WMI_TAG_11D_NEW_COUNTRY_EVENT];
6426 	if (!ev) {
6427 		kfree(tb);
6428 		ath11k_warn(ab, "failed to fetch 11d new cc ev");
6429 		return -EPROTO;
6430 	}
6431 
6432 	spin_lock_bh(&ab->base_lock);
6433 	memcpy(&ab->new_alpha2, &ev->new_alpha2, 2);
6434 	spin_unlock_bh(&ab->base_lock);
6435 
6436 	ath11k_dbg(ab, ATH11K_DBG_WMI, "wmi 11d new cc %c%c\n",
6437 		   ab->new_alpha2[0],
6438 		   ab->new_alpha2[1]);
6439 
6440 	kfree(tb);
6441 
6442 	for (i = 0; i < ab->num_radios; i++) {
6443 		pdev = &ab->pdevs[i];
6444 		ar = pdev->ar;
6445 		ar->state_11d = ATH11K_11D_IDLE;
6446 		complete(&ar->completed_11d_scan);
6447 	}
6448 
6449 	queue_work(ab->workqueue, &ab->update_11d_work);
6450 
6451 	return 0;
6452 }
6453 
6454 static void ath11k_wmi_htc_tx_complete(struct ath11k_base *ab,
6455 				       struct sk_buff *skb)
6456 {
6457 	struct ath11k_pdev_wmi *wmi = NULL;
6458 	u32 i;
6459 	u8 wmi_ep_count;
6460 	u8 eid;
6461 
6462 	eid = ATH11K_SKB_CB(skb)->eid;
6463 	dev_kfree_skb(skb);
6464 
6465 	if (eid >= ATH11K_HTC_EP_COUNT)
6466 		return;
6467 
6468 	wmi_ep_count = ab->htc.wmi_ep_count;
6469 	if (wmi_ep_count > ab->hw_params.max_radios)
6470 		return;
6471 
6472 	for (i = 0; i < ab->htc.wmi_ep_count; i++) {
6473 		if (ab->wmi_ab.wmi[i].eid == eid) {
6474 			wmi = &ab->wmi_ab.wmi[i];
6475 			break;
6476 		}
6477 	}
6478 
6479 	if (wmi)
6480 		wake_up(&wmi->tx_ce_desc_wq);
6481 }
6482 
6483 static bool ath11k_reg_is_world_alpha(char *alpha)
6484 {
6485 	if (alpha[0] == '0' && alpha[1] == '0')
6486 		return true;
6487 
6488 	if (alpha[0] == 'n' && alpha[1] == 'a')
6489 		return true;
6490 
6491 	return false;
6492 }
6493 
6494 static int ath11k_reg_chan_list_event(struct ath11k_base *ab, struct sk_buff *skb)
6495 {
6496 	struct cur_regulatory_info *reg_info = NULL;
6497 	struct ieee80211_regdomain *regd = NULL;
6498 	bool intersect = false;
6499 	int ret = 0, pdev_idx;
6500 	struct ath11k *ar;
6501 
6502 	reg_info = kzalloc(sizeof(*reg_info), GFP_ATOMIC);
6503 	if (!reg_info) {
6504 		ret = -ENOMEM;
6505 		goto fallback;
6506 	}
6507 
6508 	ret = ath11k_pull_reg_chan_list_update_ev(ab, skb, reg_info);
6509 	if (ret) {
6510 		ath11k_warn(ab, "failed to extract regulatory info from received event\n");
6511 		goto fallback;
6512 	}
6513 
6514 	if (reg_info->status_code != REG_SET_CC_STATUS_PASS) {
6515 		/* In case of failure to set the requested ctry,
6516 		 * fw retains the current regd. We print a failure info
6517 		 * and return from here.
6518 		 */
6519 		ath11k_warn(ab, "Failed to set the requested Country regulatory setting\n");
6520 		goto mem_free;
6521 	}
6522 
6523 	pdev_idx = reg_info->phy_id;
6524 
6525 	/* Avoid default reg rule updates sent during FW recovery if
6526 	 * it is already available
6527 	 */
6528 	spin_lock(&ab->base_lock);
6529 	if (test_bit(ATH11K_FLAG_RECOVERY, &ab->dev_flags) &&
6530 	    ab->default_regd[pdev_idx]) {
6531 		spin_unlock(&ab->base_lock);
6532 		goto mem_free;
6533 	}
6534 	spin_unlock(&ab->base_lock);
6535 
6536 	if (pdev_idx >= ab->num_radios) {
6537 		/* Process the event for phy0 only if single_pdev_only
6538 		 * is true. If pdev_idx is valid but not 0, discard the
6539 		 * event. Otherwise, it goes to fallback.
6540 		 */
6541 		if (ab->hw_params.single_pdev_only &&
6542 		    pdev_idx < ab->hw_params.num_rxmda_per_pdev)
6543 			goto mem_free;
6544 		else
6545 			goto fallback;
6546 	}
6547 
6548 	/* Avoid multiple overwrites to default regd, during core
6549 	 * stop-start after mac registration.
6550 	 */
6551 	if (ab->default_regd[pdev_idx] && !ab->new_regd[pdev_idx] &&
6552 	    !memcmp((char *)ab->default_regd[pdev_idx]->alpha2,
6553 		    (char *)reg_info->alpha2, 2))
6554 		goto mem_free;
6555 
6556 	/* Intersect new rules with default regd if a new country setting was
6557 	 * requested, i.e a default regd was already set during initialization
6558 	 * and the regd coming from this event has a valid country info.
6559 	 */
6560 	if (ab->default_regd[pdev_idx] &&
6561 	    !ath11k_reg_is_world_alpha((char *)
6562 		ab->default_regd[pdev_idx]->alpha2) &&
6563 	    !ath11k_reg_is_world_alpha((char *)reg_info->alpha2))
6564 		intersect = true;
6565 
6566 	regd = ath11k_reg_build_regd(ab, reg_info, intersect);
6567 	if (!regd) {
6568 		ath11k_warn(ab, "failed to build regd from reg_info\n");
6569 		goto fallback;
6570 	}
6571 
6572 	spin_lock(&ab->base_lock);
6573 	if (ab->default_regd[pdev_idx]) {
6574 		/* The initial rules from FW after WMI Init is to build
6575 		 * the default regd. From then on, any rules updated for
6576 		 * the pdev could be due to user reg changes.
6577 		 * Free previously built regd before assigning the newly
6578 		 * generated regd to ar. NULL pointer handling will be
6579 		 * taken care by kfree itself.
6580 		 */
6581 		ar = ab->pdevs[pdev_idx].ar;
6582 		kfree(ab->new_regd[pdev_idx]);
6583 		ab->new_regd[pdev_idx] = regd;
6584 		queue_work(ab->workqueue, &ar->regd_update_work);
6585 	} else {
6586 		/* This regd would be applied during mac registration and is
6587 		 * held constant throughout for regd intersection purpose
6588 		 */
6589 		ab->default_regd[pdev_idx] = regd;
6590 	}
6591 	ab->dfs_region = reg_info->dfs_region;
6592 	spin_unlock(&ab->base_lock);
6593 
6594 	goto mem_free;
6595 
6596 fallback:
6597 	/* Fallback to older reg (by sending previous country setting
6598 	 * again if fw has succeeded and we failed to process here.
6599 	 * The Regdomain should be uniform across driver and fw. Since the
6600 	 * FW has processed the command and sent a success status, we expect
6601 	 * this function to succeed as well. If it doesn't, CTRY needs to be
6602 	 * reverted at the fw and the old SCAN_CHAN_LIST cmd needs to be sent.
6603 	 */
6604 	/* TODO: This is rare, but still should also be handled */
6605 	WARN_ON(1);
6606 mem_free:
6607 	if (reg_info) {
6608 		kfree(reg_info->reg_rules_2g_ptr);
6609 		kfree(reg_info->reg_rules_5g_ptr);
6610 		kfree(reg_info);
6611 	}
6612 	return ret;
6613 }
6614 
6615 static int ath11k_wmi_tlv_rdy_parse(struct ath11k_base *ab, u16 tag, u16 len,
6616 				    const void *ptr, void *data)
6617 {
6618 	struct wmi_tlv_rdy_parse *rdy_parse = data;
6619 	struct wmi_ready_event fixed_param;
6620 	struct wmi_mac_addr *addr_list;
6621 	struct ath11k_pdev *pdev;
6622 	u32 num_mac_addr;
6623 	int i;
6624 
6625 	switch (tag) {
6626 	case WMI_TAG_READY_EVENT:
6627 		memset(&fixed_param, 0, sizeof(fixed_param));
6628 		memcpy(&fixed_param, (struct wmi_ready_event *)ptr,
6629 		       min_t(u16, sizeof(fixed_param), len));
6630 		ab->wlan_init_status = fixed_param.ready_event_min.status;
6631 		rdy_parse->num_extra_mac_addr =
6632 			fixed_param.ready_event_min.num_extra_mac_addr;
6633 
6634 		ether_addr_copy(ab->mac_addr,
6635 				fixed_param.ready_event_min.mac_addr.addr);
6636 		ab->pktlog_defs_checksum = fixed_param.pktlog_defs_checksum;
6637 		ab->wmi_ready = true;
6638 		break;
6639 	case WMI_TAG_ARRAY_FIXED_STRUCT:
6640 		addr_list = (struct wmi_mac_addr *)ptr;
6641 		num_mac_addr = rdy_parse->num_extra_mac_addr;
6642 
6643 		if (!(ab->num_radios > 1 && num_mac_addr >= ab->num_radios))
6644 			break;
6645 
6646 		for (i = 0; i < ab->num_radios; i++) {
6647 			pdev = &ab->pdevs[i];
6648 			ether_addr_copy(pdev->mac_addr, addr_list[i].addr);
6649 		}
6650 		ab->pdevs_macaddr_valid = true;
6651 		break;
6652 	default:
6653 		break;
6654 	}
6655 
6656 	return 0;
6657 }
6658 
6659 static int ath11k_ready_event(struct ath11k_base *ab, struct sk_buff *skb)
6660 {
6661 	struct wmi_tlv_rdy_parse rdy_parse = { };
6662 	int ret;
6663 
6664 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
6665 				  ath11k_wmi_tlv_rdy_parse, &rdy_parse);
6666 	if (ret) {
6667 		ath11k_warn(ab, "failed to parse tlv %d\n", ret);
6668 		return ret;
6669 	}
6670 
6671 	complete(&ab->wmi_ab.unified_ready);
6672 	return 0;
6673 }
6674 
6675 static void ath11k_peer_delete_resp_event(struct ath11k_base *ab, struct sk_buff *skb)
6676 {
6677 	struct wmi_peer_delete_resp_event peer_del_resp;
6678 	struct ath11k *ar;
6679 
6680 	if (ath11k_pull_peer_del_resp_ev(ab, skb, &peer_del_resp) != 0) {
6681 		ath11k_warn(ab, "failed to extract peer delete resp");
6682 		return;
6683 	}
6684 
6685 	rcu_read_lock();
6686 	ar = ath11k_mac_get_ar_by_vdev_id(ab, peer_del_resp.vdev_id);
6687 	if (!ar) {
6688 		ath11k_warn(ab, "invalid vdev id in peer delete resp ev %d",
6689 			    peer_del_resp.vdev_id);
6690 		rcu_read_unlock();
6691 		return;
6692 	}
6693 
6694 	complete(&ar->peer_delete_done);
6695 	rcu_read_unlock();
6696 	ath11k_dbg(ab, ATH11K_DBG_WMI, "peer delete resp for vdev id %d addr %pM\n",
6697 		   peer_del_resp.vdev_id, peer_del_resp.peer_macaddr.addr);
6698 }
6699 
6700 static void ath11k_vdev_delete_resp_event(struct ath11k_base *ab,
6701 					  struct sk_buff *skb)
6702 {
6703 	struct ath11k *ar;
6704 	u32 vdev_id = 0;
6705 
6706 	if (ath11k_pull_vdev_del_resp_ev(ab, skb, &vdev_id) != 0) {
6707 		ath11k_warn(ab, "failed to extract vdev delete resp");
6708 		return;
6709 	}
6710 
6711 	rcu_read_lock();
6712 	ar = ath11k_mac_get_ar_by_vdev_id(ab, vdev_id);
6713 	if (!ar) {
6714 		ath11k_warn(ab, "invalid vdev id in vdev delete resp ev %d",
6715 			    vdev_id);
6716 		rcu_read_unlock();
6717 		return;
6718 	}
6719 
6720 	complete(&ar->vdev_delete_done);
6721 
6722 	rcu_read_unlock();
6723 
6724 	ath11k_dbg(ab, ATH11K_DBG_WMI, "vdev delete resp for vdev id %d\n",
6725 		   vdev_id);
6726 }
6727 
6728 static inline const char *ath11k_wmi_vdev_resp_print(u32 vdev_resp_status)
6729 {
6730 	switch (vdev_resp_status) {
6731 	case WMI_VDEV_START_RESPONSE_INVALID_VDEVID:
6732 		return "invalid vdev id";
6733 	case WMI_VDEV_START_RESPONSE_NOT_SUPPORTED:
6734 		return "not supported";
6735 	case WMI_VDEV_START_RESPONSE_DFS_VIOLATION:
6736 		return "dfs violation";
6737 	case WMI_VDEV_START_RESPONSE_INVALID_REGDOMAIN:
6738 		return "invalid regdomain";
6739 	default:
6740 		return "unknown";
6741 	}
6742 }
6743 
6744 static void ath11k_vdev_start_resp_event(struct ath11k_base *ab, struct sk_buff *skb)
6745 {
6746 	struct wmi_vdev_start_resp_event vdev_start_resp;
6747 	struct ath11k *ar;
6748 	u32 status;
6749 
6750 	if (ath11k_pull_vdev_start_resp_tlv(ab, skb, &vdev_start_resp) != 0) {
6751 		ath11k_warn(ab, "failed to extract vdev start resp");
6752 		return;
6753 	}
6754 
6755 	rcu_read_lock();
6756 	ar = ath11k_mac_get_ar_by_vdev_id(ab, vdev_start_resp.vdev_id);
6757 	if (!ar) {
6758 		ath11k_warn(ab, "invalid vdev id in vdev start resp ev %d",
6759 			    vdev_start_resp.vdev_id);
6760 		rcu_read_unlock();
6761 		return;
6762 	}
6763 
6764 	ar->last_wmi_vdev_start_status = 0;
6765 
6766 	status = vdev_start_resp.status;
6767 
6768 	if (WARN_ON_ONCE(status)) {
6769 		ath11k_warn(ab, "vdev start resp error status %d (%s)\n",
6770 			    status, ath11k_wmi_vdev_resp_print(status));
6771 		ar->last_wmi_vdev_start_status = status;
6772 	}
6773 
6774 	complete(&ar->vdev_setup_done);
6775 
6776 	rcu_read_unlock();
6777 
6778 	ath11k_dbg(ab, ATH11K_DBG_WMI, "vdev start resp for vdev id %d",
6779 		   vdev_start_resp.vdev_id);
6780 }
6781 
6782 static void ath11k_bcn_tx_status_event(struct ath11k_base *ab, struct sk_buff *skb)
6783 {
6784 	struct ath11k_vif *arvif;
6785 	u32 vdev_id, tx_status;
6786 
6787 	if (ath11k_pull_bcn_tx_status_ev(ab, skb->data, skb->len,
6788 					 &vdev_id, &tx_status) != 0) {
6789 		ath11k_warn(ab, "failed to extract bcn tx status");
6790 		return;
6791 	}
6792 
6793 	rcu_read_lock();
6794 	arvif = ath11k_mac_get_arvif_by_vdev_id(ab, vdev_id);
6795 	if (!arvif) {
6796 		ath11k_warn(ab, "invalid vdev id %d in bcn_tx_status",
6797 			    vdev_id);
6798 		rcu_read_unlock();
6799 		return;
6800 	}
6801 	ath11k_mac_bcn_tx_event(arvif);
6802 	rcu_read_unlock();
6803 }
6804 
6805 static void ath11k_wmi_event_peer_sta_ps_state_chg(struct ath11k_base *ab,
6806 						   struct sk_buff *skb)
6807 {
6808 	const struct wmi_peer_sta_ps_state_chg_event *ev;
6809 	struct ieee80211_sta *sta;
6810 	struct ath11k_peer *peer;
6811 	struct ath11k *ar;
6812 	struct ath11k_sta *arsta;
6813 	const void **tb;
6814 	enum ath11k_wmi_peer_ps_state peer_previous_ps_state;
6815 	int ret;
6816 
6817 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6818 	if (IS_ERR(tb)) {
6819 		ret = PTR_ERR(tb);
6820 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
6821 		return;
6822 	}
6823 
6824 	ev = tb[WMI_TAG_PEER_STA_PS_STATECHANGE_EVENT];
6825 	if (!ev) {
6826 		ath11k_warn(ab, "failed to fetch sta ps change ev");
6827 		kfree(tb);
6828 		return;
6829 	}
6830 
6831 	ath11k_dbg(ab, ATH11K_DBG_WMI,
6832 		   "peer sta ps change ev addr %pM state %u sup_bitmap %x ps_valid %u ts %u\n",
6833 		   ev->peer_macaddr.addr, ev->peer_ps_state,
6834 		   ev->ps_supported_bitmap, ev->peer_ps_valid,
6835 		   ev->peer_ps_timestamp);
6836 
6837 	rcu_read_lock();
6838 
6839 	spin_lock_bh(&ab->base_lock);
6840 
6841 	peer = ath11k_peer_find_by_addr(ab, ev->peer_macaddr.addr);
6842 
6843 	if (!peer) {
6844 		spin_unlock_bh(&ab->base_lock);
6845 		ath11k_warn(ab, "peer not found %pM\n", ev->peer_macaddr.addr);
6846 		goto exit;
6847 	}
6848 
6849 	ar = ath11k_mac_get_ar_by_vdev_id(ab, peer->vdev_id);
6850 
6851 	if (!ar) {
6852 		spin_unlock_bh(&ab->base_lock);
6853 		ath11k_warn(ab, "invalid vdev id in peer sta ps state change ev %d",
6854 			    peer->vdev_id);
6855 
6856 		goto exit;
6857 	}
6858 
6859 	sta = peer->sta;
6860 
6861 	spin_unlock_bh(&ab->base_lock);
6862 
6863 	if (!sta) {
6864 		ath11k_warn(ab, "failed to find station entry %pM\n",
6865 			    ev->peer_macaddr.addr);
6866 		goto exit;
6867 	}
6868 
6869 	arsta = (struct ath11k_sta *)sta->drv_priv;
6870 
6871 	spin_lock_bh(&ar->data_lock);
6872 
6873 	peer_previous_ps_state = arsta->peer_ps_state;
6874 	arsta->peer_ps_state = ev->peer_ps_state;
6875 	arsta->peer_current_ps_valid = !!ev->peer_ps_valid;
6876 
6877 	if (test_bit(WMI_TLV_SERVICE_PEER_POWER_SAVE_DURATION_SUPPORT,
6878 		     ar->ab->wmi_ab.svc_map)) {
6879 		if (!(ev->ps_supported_bitmap & WMI_PEER_PS_VALID) ||
6880 		    !(ev->ps_supported_bitmap & WMI_PEER_PS_STATE_TIMESTAMP) ||
6881 		    !ev->peer_ps_valid)
6882 			goto out;
6883 
6884 		if (arsta->peer_ps_state == WMI_PEER_PS_STATE_ON) {
6885 			arsta->ps_start_time = ev->peer_ps_timestamp;
6886 			arsta->ps_start_jiffies = jiffies;
6887 		} else if (arsta->peer_ps_state == WMI_PEER_PS_STATE_OFF &&
6888 			   peer_previous_ps_state == WMI_PEER_PS_STATE_ON) {
6889 			arsta->ps_total_duration = arsta->ps_total_duration +
6890 					(ev->peer_ps_timestamp - arsta->ps_start_time);
6891 		}
6892 
6893 		if (ar->ps_timekeeper_enable)
6894 			trace_ath11k_ps_timekeeper(ar, ev->peer_macaddr.addr,
6895 						   ev->peer_ps_timestamp,
6896 						   arsta->peer_ps_state);
6897 	}
6898 
6899 out:
6900 	spin_unlock_bh(&ar->data_lock);
6901 exit:
6902 	rcu_read_unlock();
6903 	kfree(tb);
6904 }
6905 
6906 static void ath11k_vdev_stopped_event(struct ath11k_base *ab, struct sk_buff *skb)
6907 {
6908 	struct ath11k *ar;
6909 	u32 vdev_id = 0;
6910 
6911 	if (ath11k_pull_vdev_stopped_param_tlv(ab, skb, &vdev_id) != 0) {
6912 		ath11k_warn(ab, "failed to extract vdev stopped event");
6913 		return;
6914 	}
6915 
6916 	rcu_read_lock();
6917 	ar = ath11k_mac_get_ar_by_vdev_id(ab, vdev_id);
6918 	if (!ar) {
6919 		ath11k_warn(ab, "invalid vdev id in vdev stopped ev %d",
6920 			    vdev_id);
6921 		rcu_read_unlock();
6922 		return;
6923 	}
6924 
6925 	complete(&ar->vdev_setup_done);
6926 
6927 	rcu_read_unlock();
6928 
6929 	ath11k_dbg(ab, ATH11K_DBG_WMI, "vdev stopped for vdev id %d", vdev_id);
6930 }
6931 
6932 static void ath11k_mgmt_rx_event(struct ath11k_base *ab, struct sk_buff *skb)
6933 {
6934 	struct mgmt_rx_event_params rx_ev = {0};
6935 	struct ath11k *ar;
6936 	struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
6937 	struct ieee80211_hdr *hdr;
6938 	u16 fc;
6939 	struct ieee80211_supported_band *sband;
6940 
6941 	if (ath11k_pull_mgmt_rx_params_tlv(ab, skb, &rx_ev) != 0) {
6942 		ath11k_warn(ab, "failed to extract mgmt rx event");
6943 		dev_kfree_skb(skb);
6944 		return;
6945 	}
6946 
6947 	memset(status, 0, sizeof(*status));
6948 
6949 	ath11k_dbg(ab, ATH11K_DBG_MGMT, "mgmt rx event status %08x\n",
6950 		   rx_ev.status);
6951 
6952 	rcu_read_lock();
6953 	ar = ath11k_mac_get_ar_by_pdev_id(ab, rx_ev.pdev_id);
6954 
6955 	if (!ar) {
6956 		ath11k_warn(ab, "invalid pdev_id %d in mgmt_rx_event\n",
6957 			    rx_ev.pdev_id);
6958 		dev_kfree_skb(skb);
6959 		goto exit;
6960 	}
6961 
6962 	if ((test_bit(ATH11K_CAC_RUNNING, &ar->dev_flags)) ||
6963 	    (rx_ev.status & (WMI_RX_STATUS_ERR_DECRYPT |
6964 	    WMI_RX_STATUS_ERR_KEY_CACHE_MISS | WMI_RX_STATUS_ERR_CRC))) {
6965 		dev_kfree_skb(skb);
6966 		goto exit;
6967 	}
6968 
6969 	if (rx_ev.status & WMI_RX_STATUS_ERR_MIC)
6970 		status->flag |= RX_FLAG_MMIC_ERROR;
6971 
6972 	if (rx_ev.chan_freq >= ATH11K_MIN_6G_FREQ &&
6973 	    rx_ev.chan_freq <= ATH11K_MAX_6G_FREQ) {
6974 		status->band = NL80211_BAND_6GHZ;
6975 		status->freq = rx_ev.chan_freq;
6976 	} else if (rx_ev.channel >= 1 && rx_ev.channel <= 14) {
6977 		status->band = NL80211_BAND_2GHZ;
6978 	} else if (rx_ev.channel >= 36 && rx_ev.channel <= ATH11K_MAX_5G_CHAN) {
6979 		status->band = NL80211_BAND_5GHZ;
6980 	} else {
6981 		/* Shouldn't happen unless list of advertised channels to
6982 		 * mac80211 has been changed.
6983 		 */
6984 		WARN_ON_ONCE(1);
6985 		dev_kfree_skb(skb);
6986 		goto exit;
6987 	}
6988 
6989 	if (rx_ev.phy_mode == MODE_11B &&
6990 	    (status->band == NL80211_BAND_5GHZ || status->band == NL80211_BAND_6GHZ))
6991 		ath11k_dbg(ab, ATH11K_DBG_WMI,
6992 			   "wmi mgmt rx 11b (CCK) on 5/6GHz, band = %d\n", status->band);
6993 
6994 	sband = &ar->mac.sbands[status->band];
6995 
6996 	if (status->band != NL80211_BAND_6GHZ)
6997 		status->freq = ieee80211_channel_to_frequency(rx_ev.channel,
6998 							      status->band);
6999 
7000 	status->signal = rx_ev.snr + ATH11K_DEFAULT_NOISE_FLOOR;
7001 	status->rate_idx = ath11k_mac_bitrate_to_idx(sband, rx_ev.rate / 100);
7002 
7003 	hdr = (struct ieee80211_hdr *)skb->data;
7004 	fc = le16_to_cpu(hdr->frame_control);
7005 
7006 	/* Firmware is guaranteed to report all essential management frames via
7007 	 * WMI while it can deliver some extra via HTT. Since there can be
7008 	 * duplicates split the reporting wrt monitor/sniffing.
7009 	 */
7010 	status->flag |= RX_FLAG_SKIP_MONITOR;
7011 
7012 	/* In case of PMF, FW delivers decrypted frames with Protected Bit set.
7013 	 * Don't clear that. Also, FW delivers broadcast management frames
7014 	 * (ex: group privacy action frames in mesh) as encrypted payload.
7015 	 */
7016 	if (ieee80211_has_protected(hdr->frame_control) &&
7017 	    !is_multicast_ether_addr(ieee80211_get_DA(hdr))) {
7018 		status->flag |= RX_FLAG_DECRYPTED;
7019 
7020 		if (!ieee80211_is_robust_mgmt_frame(skb)) {
7021 			status->flag |= RX_FLAG_IV_STRIPPED |
7022 					RX_FLAG_MMIC_STRIPPED;
7023 			hdr->frame_control = __cpu_to_le16(fc &
7024 					     ~IEEE80211_FCTL_PROTECTED);
7025 		}
7026 	}
7027 
7028 	if (ieee80211_is_beacon(hdr->frame_control))
7029 		ath11k_mac_handle_beacon(ar, skb);
7030 
7031 	ath11k_dbg(ab, ATH11K_DBG_MGMT,
7032 		   "event mgmt rx skb %pK len %d ftype %02x stype %02x\n",
7033 		   skb, skb->len,
7034 		   fc & IEEE80211_FCTL_FTYPE, fc & IEEE80211_FCTL_STYPE);
7035 
7036 	ath11k_dbg(ab, ATH11K_DBG_MGMT,
7037 		   "event mgmt rx freq %d band %d snr %d, rate_idx %d\n",
7038 		   status->freq, status->band, status->signal,
7039 		   status->rate_idx);
7040 
7041 	ieee80211_rx_ni(ar->hw, skb);
7042 
7043 exit:
7044 	rcu_read_unlock();
7045 }
7046 
7047 static void ath11k_mgmt_tx_compl_event(struct ath11k_base *ab, struct sk_buff *skb)
7048 {
7049 	struct wmi_mgmt_tx_compl_event tx_compl_param = {0};
7050 	struct ath11k *ar;
7051 
7052 	if (ath11k_pull_mgmt_tx_compl_param_tlv(ab, skb, &tx_compl_param) != 0) {
7053 		ath11k_warn(ab, "failed to extract mgmt tx compl event");
7054 		return;
7055 	}
7056 
7057 	rcu_read_lock();
7058 	ar = ath11k_mac_get_ar_by_pdev_id(ab, tx_compl_param.pdev_id);
7059 	if (!ar) {
7060 		ath11k_warn(ab, "invalid pdev id %d in mgmt_tx_compl_event\n",
7061 			    tx_compl_param.pdev_id);
7062 		goto exit;
7063 	}
7064 
7065 	wmi_process_mgmt_tx_comp(ar, tx_compl_param.desc_id,
7066 				 tx_compl_param.status);
7067 
7068 	ath11k_dbg(ab, ATH11K_DBG_MGMT,
7069 		   "mgmt tx compl ev pdev_id %d, desc_id %d, status %d",
7070 		   tx_compl_param.pdev_id, tx_compl_param.desc_id,
7071 		   tx_compl_param.status);
7072 
7073 exit:
7074 	rcu_read_unlock();
7075 }
7076 
7077 static struct ath11k *ath11k_get_ar_on_scan_state(struct ath11k_base *ab,
7078 						  u32 vdev_id,
7079 						  enum ath11k_scan_state state)
7080 {
7081 	int i;
7082 	struct ath11k_pdev *pdev;
7083 	struct ath11k *ar;
7084 
7085 	for (i = 0; i < ab->num_radios; i++) {
7086 		pdev = rcu_dereference(ab->pdevs_active[i]);
7087 		if (pdev && pdev->ar) {
7088 			ar = pdev->ar;
7089 
7090 			spin_lock_bh(&ar->data_lock);
7091 			if (ar->scan.state == state &&
7092 			    ar->scan.vdev_id == vdev_id) {
7093 				spin_unlock_bh(&ar->data_lock);
7094 				return ar;
7095 			}
7096 			spin_unlock_bh(&ar->data_lock);
7097 		}
7098 	}
7099 	return NULL;
7100 }
7101 
7102 static void ath11k_scan_event(struct ath11k_base *ab, struct sk_buff *skb)
7103 {
7104 	struct ath11k *ar;
7105 	struct wmi_scan_event scan_ev = {0};
7106 
7107 	if (ath11k_pull_scan_ev(ab, skb, &scan_ev) != 0) {
7108 		ath11k_warn(ab, "failed to extract scan event");
7109 		return;
7110 	}
7111 
7112 	rcu_read_lock();
7113 
7114 	/* In case the scan was cancelled, ex. during interface teardown,
7115 	 * the interface will not be found in active interfaces.
7116 	 * Rather, in such scenarios, iterate over the active pdev's to
7117 	 * search 'ar' if the corresponding 'ar' scan is ABORTING and the
7118 	 * aborting scan's vdev id matches this event info.
7119 	 */
7120 	if (scan_ev.event_type == WMI_SCAN_EVENT_COMPLETED &&
7121 	    scan_ev.reason == WMI_SCAN_REASON_CANCELLED) {
7122 		ar = ath11k_get_ar_on_scan_state(ab, scan_ev.vdev_id,
7123 						 ATH11K_SCAN_ABORTING);
7124 		if (!ar)
7125 			ar = ath11k_get_ar_on_scan_state(ab, scan_ev.vdev_id,
7126 							 ATH11K_SCAN_RUNNING);
7127 	} else {
7128 		ar = ath11k_mac_get_ar_by_vdev_id(ab, scan_ev.vdev_id);
7129 	}
7130 
7131 	if (!ar) {
7132 		ath11k_warn(ab, "Received scan event for unknown vdev");
7133 		rcu_read_unlock();
7134 		return;
7135 	}
7136 
7137 	spin_lock_bh(&ar->data_lock);
7138 
7139 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7140 		   "scan event %s type %d reason %d freq %d req_id %d scan_id %d vdev_id %d state %s (%d)\n",
7141 		   ath11k_wmi_event_scan_type_str(scan_ev.event_type, scan_ev.reason),
7142 		   scan_ev.event_type, scan_ev.reason, scan_ev.channel_freq,
7143 		   scan_ev.scan_req_id, scan_ev.scan_id, scan_ev.vdev_id,
7144 		   ath11k_scan_state_str(ar->scan.state), ar->scan.state);
7145 
7146 	switch (scan_ev.event_type) {
7147 	case WMI_SCAN_EVENT_STARTED:
7148 		ath11k_wmi_event_scan_started(ar);
7149 		break;
7150 	case WMI_SCAN_EVENT_COMPLETED:
7151 		ath11k_wmi_event_scan_completed(ar);
7152 		break;
7153 	case WMI_SCAN_EVENT_BSS_CHANNEL:
7154 		ath11k_wmi_event_scan_bss_chan(ar);
7155 		break;
7156 	case WMI_SCAN_EVENT_FOREIGN_CHAN:
7157 		ath11k_wmi_event_scan_foreign_chan(ar, scan_ev.channel_freq);
7158 		break;
7159 	case WMI_SCAN_EVENT_START_FAILED:
7160 		ath11k_warn(ab, "received scan start failure event\n");
7161 		ath11k_wmi_event_scan_start_failed(ar);
7162 		break;
7163 	case WMI_SCAN_EVENT_DEQUEUED:
7164 		__ath11k_mac_scan_finish(ar);
7165 		break;
7166 	case WMI_SCAN_EVENT_PREEMPTED:
7167 	case WMI_SCAN_EVENT_RESTARTED:
7168 	case WMI_SCAN_EVENT_FOREIGN_CHAN_EXIT:
7169 	default:
7170 		break;
7171 	}
7172 
7173 	spin_unlock_bh(&ar->data_lock);
7174 
7175 	rcu_read_unlock();
7176 }
7177 
7178 static void ath11k_peer_sta_kickout_event(struct ath11k_base *ab, struct sk_buff *skb)
7179 {
7180 	struct wmi_peer_sta_kickout_arg arg = {};
7181 	struct ieee80211_sta *sta;
7182 	struct ath11k_peer *peer;
7183 	struct ath11k *ar;
7184 	u32 vdev_id;
7185 
7186 	if (ath11k_pull_peer_sta_kickout_ev(ab, skb, &arg) != 0) {
7187 		ath11k_warn(ab, "failed to extract peer sta kickout event");
7188 		return;
7189 	}
7190 
7191 	rcu_read_lock();
7192 
7193 	spin_lock_bh(&ab->base_lock);
7194 
7195 	peer = ath11k_peer_find_by_addr(ab, arg.mac_addr);
7196 
7197 	if (!peer) {
7198 		ath11k_warn(ab, "peer not found %pM\n",
7199 			    arg.mac_addr);
7200 		spin_unlock_bh(&ab->base_lock);
7201 		goto exit;
7202 	}
7203 
7204 	vdev_id = peer->vdev_id;
7205 
7206 	spin_unlock_bh(&ab->base_lock);
7207 
7208 	ar = ath11k_mac_get_ar_by_vdev_id(ab, vdev_id);
7209 	if (!ar) {
7210 		ath11k_warn(ab, "invalid vdev id in peer sta kickout ev %d",
7211 			    peer->vdev_id);
7212 		goto exit;
7213 	}
7214 
7215 	sta = ieee80211_find_sta_by_ifaddr(ar->hw,
7216 					   arg.mac_addr, NULL);
7217 	if (!sta) {
7218 		ath11k_warn(ab, "Spurious quick kickout for STA %pM\n",
7219 			    arg.mac_addr);
7220 		goto exit;
7221 	}
7222 
7223 	ath11k_dbg(ab, ATH11K_DBG_WMI, "peer sta kickout event %pM",
7224 		   arg.mac_addr);
7225 
7226 	ieee80211_report_low_ack(sta, 10);
7227 
7228 exit:
7229 	rcu_read_unlock();
7230 }
7231 
7232 static void ath11k_roam_event(struct ath11k_base *ab, struct sk_buff *skb)
7233 {
7234 	struct wmi_roam_event roam_ev = {};
7235 	struct ath11k *ar;
7236 
7237 	if (ath11k_pull_roam_ev(ab, skb, &roam_ev) != 0) {
7238 		ath11k_warn(ab, "failed to extract roam event");
7239 		return;
7240 	}
7241 
7242 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7243 		   "wmi roam event vdev %u reason 0x%08x rssi %d\n",
7244 		   roam_ev.vdev_id, roam_ev.reason, roam_ev.rssi);
7245 
7246 	rcu_read_lock();
7247 	ar = ath11k_mac_get_ar_by_vdev_id(ab, roam_ev.vdev_id);
7248 	if (!ar) {
7249 		ath11k_warn(ab, "invalid vdev id in roam ev %d",
7250 			    roam_ev.vdev_id);
7251 		rcu_read_unlock();
7252 		return;
7253 	}
7254 
7255 	if (roam_ev.reason >= WMI_ROAM_REASON_MAX)
7256 		ath11k_warn(ab, "ignoring unknown roam event reason %d on vdev %i\n",
7257 			    roam_ev.reason, roam_ev.vdev_id);
7258 
7259 	switch (roam_ev.reason) {
7260 	case WMI_ROAM_REASON_BEACON_MISS:
7261 		ath11k_mac_handle_beacon_miss(ar, roam_ev.vdev_id);
7262 		break;
7263 	case WMI_ROAM_REASON_BETTER_AP:
7264 	case WMI_ROAM_REASON_LOW_RSSI:
7265 	case WMI_ROAM_REASON_SUITABLE_AP_FOUND:
7266 	case WMI_ROAM_REASON_HO_FAILED:
7267 		ath11k_warn(ab, "ignoring not implemented roam event reason %d on vdev %i\n",
7268 			    roam_ev.reason, roam_ev.vdev_id);
7269 		break;
7270 	}
7271 
7272 	rcu_read_unlock();
7273 }
7274 
7275 static void ath11k_chan_info_event(struct ath11k_base *ab, struct sk_buff *skb)
7276 {
7277 	struct wmi_chan_info_event ch_info_ev = {0};
7278 	struct ath11k *ar;
7279 	struct survey_info *survey;
7280 	int idx;
7281 	/* HW channel counters frequency value in hertz */
7282 	u32 cc_freq_hz = ab->cc_freq_hz;
7283 
7284 	if (ath11k_pull_chan_info_ev(ab, skb->data, skb->len, &ch_info_ev) != 0) {
7285 		ath11k_warn(ab, "failed to extract chan info event");
7286 		return;
7287 	}
7288 
7289 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7290 		   "chan info vdev_id %d err_code %d freq %d cmd_flags %d noise_floor %d rx_clear_count %d cycle_count %d mac_clk_mhz %d\n",
7291 		   ch_info_ev.vdev_id, ch_info_ev.err_code, ch_info_ev.freq,
7292 		   ch_info_ev.cmd_flags, ch_info_ev.noise_floor,
7293 		   ch_info_ev.rx_clear_count, ch_info_ev.cycle_count,
7294 		   ch_info_ev.mac_clk_mhz);
7295 
7296 	if (ch_info_ev.cmd_flags == WMI_CHAN_INFO_END_RESP) {
7297 		ath11k_dbg(ab, ATH11K_DBG_WMI, "chan info report completed\n");
7298 		return;
7299 	}
7300 
7301 	rcu_read_lock();
7302 	ar = ath11k_mac_get_ar_by_vdev_id(ab, ch_info_ev.vdev_id);
7303 	if (!ar) {
7304 		ath11k_warn(ab, "invalid vdev id in chan info ev %d",
7305 			    ch_info_ev.vdev_id);
7306 		rcu_read_unlock();
7307 		return;
7308 	}
7309 	spin_lock_bh(&ar->data_lock);
7310 
7311 	switch (ar->scan.state) {
7312 	case ATH11K_SCAN_IDLE:
7313 	case ATH11K_SCAN_STARTING:
7314 		ath11k_warn(ab, "received chan info event without a scan request, ignoring\n");
7315 		goto exit;
7316 	case ATH11K_SCAN_RUNNING:
7317 	case ATH11K_SCAN_ABORTING:
7318 		break;
7319 	}
7320 
7321 	idx = freq_to_idx(ar, ch_info_ev.freq);
7322 	if (idx >= ARRAY_SIZE(ar->survey)) {
7323 		ath11k_warn(ab, "chan info: invalid frequency %d (idx %d out of bounds)\n",
7324 			    ch_info_ev.freq, idx);
7325 		goto exit;
7326 	}
7327 
7328 	/* If FW provides MAC clock frequency in Mhz, overriding the initialized
7329 	 * HW channel counters frequency value
7330 	 */
7331 	if (ch_info_ev.mac_clk_mhz)
7332 		cc_freq_hz = (ch_info_ev.mac_clk_mhz * 1000);
7333 
7334 	if (ch_info_ev.cmd_flags == WMI_CHAN_INFO_START_RESP) {
7335 		survey = &ar->survey[idx];
7336 		memset(survey, 0, sizeof(*survey));
7337 		survey->noise = ch_info_ev.noise_floor;
7338 		survey->filled = SURVEY_INFO_NOISE_DBM | SURVEY_INFO_TIME |
7339 				 SURVEY_INFO_TIME_BUSY;
7340 		survey->time = div_u64(ch_info_ev.cycle_count, cc_freq_hz);
7341 		survey->time_busy = div_u64(ch_info_ev.rx_clear_count, cc_freq_hz);
7342 	}
7343 exit:
7344 	spin_unlock_bh(&ar->data_lock);
7345 	rcu_read_unlock();
7346 }
7347 
7348 static void
7349 ath11k_pdev_bss_chan_info_event(struct ath11k_base *ab, struct sk_buff *skb)
7350 {
7351 	struct wmi_pdev_bss_chan_info_event bss_ch_info_ev = {};
7352 	struct survey_info *survey;
7353 	struct ath11k *ar;
7354 	u32 cc_freq_hz = ab->cc_freq_hz;
7355 	u64 busy, total, tx, rx, rx_bss;
7356 	int idx;
7357 
7358 	if (ath11k_pull_pdev_bss_chan_info_ev(ab, skb, &bss_ch_info_ev) != 0) {
7359 		ath11k_warn(ab, "failed to extract pdev bss chan info event");
7360 		return;
7361 	}
7362 
7363 	busy = (u64)(bss_ch_info_ev.rx_clear_count_high) << 32 |
7364 			bss_ch_info_ev.rx_clear_count_low;
7365 
7366 	total = (u64)(bss_ch_info_ev.cycle_count_high) << 32 |
7367 			bss_ch_info_ev.cycle_count_low;
7368 
7369 	tx = (u64)(bss_ch_info_ev.tx_cycle_count_high) << 32 |
7370 			bss_ch_info_ev.tx_cycle_count_low;
7371 
7372 	rx = (u64)(bss_ch_info_ev.rx_cycle_count_high) << 32 |
7373 			bss_ch_info_ev.rx_cycle_count_low;
7374 
7375 	rx_bss = (u64)(bss_ch_info_ev.rx_bss_cycle_count_high) << 32 |
7376 			bss_ch_info_ev.rx_bss_cycle_count_low;
7377 
7378 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7379 		   "pdev bss chan info:\n pdev_id: %d freq: %d noise: %d cycle: busy %llu total %llu tx %llu rx %llu rx_bss %llu\n",
7380 		   bss_ch_info_ev.pdev_id, bss_ch_info_ev.freq,
7381 		   bss_ch_info_ev.noise_floor, busy, total,
7382 		   tx, rx, rx_bss);
7383 
7384 	rcu_read_lock();
7385 	ar = ath11k_mac_get_ar_by_pdev_id(ab, bss_ch_info_ev.pdev_id);
7386 
7387 	if (!ar) {
7388 		ath11k_warn(ab, "invalid pdev id %d in bss_chan_info event\n",
7389 			    bss_ch_info_ev.pdev_id);
7390 		rcu_read_unlock();
7391 		return;
7392 	}
7393 
7394 	spin_lock_bh(&ar->data_lock);
7395 	idx = freq_to_idx(ar, bss_ch_info_ev.freq);
7396 	if (idx >= ARRAY_SIZE(ar->survey)) {
7397 		ath11k_warn(ab, "bss chan info: invalid frequency %d (idx %d out of bounds)\n",
7398 			    bss_ch_info_ev.freq, idx);
7399 		goto exit;
7400 	}
7401 
7402 	survey = &ar->survey[idx];
7403 
7404 	survey->noise     = bss_ch_info_ev.noise_floor;
7405 	survey->time      = div_u64(total, cc_freq_hz);
7406 	survey->time_busy = div_u64(busy, cc_freq_hz);
7407 	survey->time_rx   = div_u64(rx_bss, cc_freq_hz);
7408 	survey->time_tx   = div_u64(tx, cc_freq_hz);
7409 	survey->filled   |= (SURVEY_INFO_NOISE_DBM |
7410 			     SURVEY_INFO_TIME |
7411 			     SURVEY_INFO_TIME_BUSY |
7412 			     SURVEY_INFO_TIME_RX |
7413 			     SURVEY_INFO_TIME_TX);
7414 exit:
7415 	spin_unlock_bh(&ar->data_lock);
7416 	complete(&ar->bss_survey_done);
7417 
7418 	rcu_read_unlock();
7419 }
7420 
7421 static void ath11k_vdev_install_key_compl_event(struct ath11k_base *ab,
7422 						struct sk_buff *skb)
7423 {
7424 	struct wmi_vdev_install_key_complete_arg install_key_compl = {0};
7425 	struct ath11k *ar;
7426 
7427 	if (ath11k_pull_vdev_install_key_compl_ev(ab, skb, &install_key_compl) != 0) {
7428 		ath11k_warn(ab, "failed to extract install key compl event");
7429 		return;
7430 	}
7431 
7432 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7433 		   "vdev install key ev idx %d flags %08x macaddr %pM status %d\n",
7434 		   install_key_compl.key_idx, install_key_compl.key_flags,
7435 		   install_key_compl.macaddr, install_key_compl.status);
7436 
7437 	rcu_read_lock();
7438 	ar = ath11k_mac_get_ar_by_vdev_id(ab, install_key_compl.vdev_id);
7439 	if (!ar) {
7440 		ath11k_warn(ab, "invalid vdev id in install key compl ev %d",
7441 			    install_key_compl.vdev_id);
7442 		rcu_read_unlock();
7443 		return;
7444 	}
7445 
7446 	ar->install_key_status = 0;
7447 
7448 	if (install_key_compl.status != WMI_VDEV_INSTALL_KEY_COMPL_STATUS_SUCCESS) {
7449 		ath11k_warn(ab, "install key failed for %pM status %d\n",
7450 			    install_key_compl.macaddr, install_key_compl.status);
7451 		ar->install_key_status = install_key_compl.status;
7452 	}
7453 
7454 	complete(&ar->install_key_done);
7455 	rcu_read_unlock();
7456 }
7457 
7458 static int  ath11k_wmi_tlv_services_parser(struct ath11k_base *ab,
7459 					   u16 tag, u16 len,
7460 					   const void *ptr, void *data)
7461 {
7462 	const struct wmi_service_available_event *ev;
7463 	u32 *wmi_ext2_service_bitmap;
7464 	int i, j;
7465 
7466 	switch (tag) {
7467 	case WMI_TAG_SERVICE_AVAILABLE_EVENT:
7468 		ev = (struct wmi_service_available_event *)ptr;
7469 		for (i = 0, j = WMI_MAX_SERVICE;
7470 			i < WMI_SERVICE_SEGMENT_BM_SIZE32 && j < WMI_MAX_EXT_SERVICE;
7471 			i++) {
7472 			do {
7473 				if (ev->wmi_service_segment_bitmap[i] &
7474 				    BIT(j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32))
7475 					set_bit(j, ab->wmi_ab.svc_map);
7476 			} while (++j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32);
7477 		}
7478 
7479 		ath11k_dbg(ab, ATH11K_DBG_WMI,
7480 			   "wmi_ext_service_bitmap 0:0x%04x, 1:0x%04x, 2:0x%04x, 3:0x%04x",
7481 			   ev->wmi_service_segment_bitmap[0],
7482 			   ev->wmi_service_segment_bitmap[1],
7483 			   ev->wmi_service_segment_bitmap[2],
7484 			   ev->wmi_service_segment_bitmap[3]);
7485 		break;
7486 	case WMI_TAG_ARRAY_UINT32:
7487 		wmi_ext2_service_bitmap = (u32 *)ptr;
7488 		for (i = 0, j = WMI_MAX_EXT_SERVICE;
7489 			i < WMI_SERVICE_SEGMENT_BM_SIZE32 && j < WMI_MAX_EXT2_SERVICE;
7490 			i++) {
7491 			do {
7492 				if (wmi_ext2_service_bitmap[i] &
7493 				    BIT(j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32))
7494 					set_bit(j, ab->wmi_ab.svc_map);
7495 			} while (++j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32);
7496 		}
7497 
7498 		ath11k_dbg(ab, ATH11K_DBG_WMI,
7499 			   "wmi_ext2_service__bitmap  0:0x%04x, 1:0x%04x, 2:0x%04x, 3:0x%04x",
7500 			   wmi_ext2_service_bitmap[0], wmi_ext2_service_bitmap[1],
7501 			   wmi_ext2_service_bitmap[2], wmi_ext2_service_bitmap[3]);
7502 		break;
7503 	}
7504 	return 0;
7505 }
7506 
7507 static void ath11k_service_available_event(struct ath11k_base *ab, struct sk_buff *skb)
7508 {
7509 	int ret;
7510 
7511 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
7512 				  ath11k_wmi_tlv_services_parser,
7513 				  NULL);
7514 	if (ret)
7515 		ath11k_warn(ab, "failed to parse services available tlv %d\n", ret);
7516 }
7517 
7518 static void ath11k_peer_assoc_conf_event(struct ath11k_base *ab, struct sk_buff *skb)
7519 {
7520 	struct wmi_peer_assoc_conf_arg peer_assoc_conf = {0};
7521 	struct ath11k *ar;
7522 
7523 	if (ath11k_pull_peer_assoc_conf_ev(ab, skb, &peer_assoc_conf) != 0) {
7524 		ath11k_warn(ab, "failed to extract peer assoc conf event");
7525 		return;
7526 	}
7527 
7528 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7529 		   "peer assoc conf ev vdev id %d macaddr %pM\n",
7530 		   peer_assoc_conf.vdev_id, peer_assoc_conf.macaddr);
7531 
7532 	rcu_read_lock();
7533 	ar = ath11k_mac_get_ar_by_vdev_id(ab, peer_assoc_conf.vdev_id);
7534 
7535 	if (!ar) {
7536 		ath11k_warn(ab, "invalid vdev id in peer assoc conf ev %d",
7537 			    peer_assoc_conf.vdev_id);
7538 		rcu_read_unlock();
7539 		return;
7540 	}
7541 
7542 	complete(&ar->peer_assoc_done);
7543 	rcu_read_unlock();
7544 }
7545 
7546 static void ath11k_update_stats_event(struct ath11k_base *ab, struct sk_buff *skb)
7547 {
7548 	struct ath11k_fw_stats stats = {};
7549 	struct ath11k *ar;
7550 	int ret;
7551 
7552 	INIT_LIST_HEAD(&stats.pdevs);
7553 	INIT_LIST_HEAD(&stats.vdevs);
7554 	INIT_LIST_HEAD(&stats.bcn);
7555 
7556 	ret = ath11k_wmi_pull_fw_stats(ab, skb, &stats);
7557 	if (ret) {
7558 		ath11k_warn(ab, "failed to pull fw stats: %d\n", ret);
7559 		goto free;
7560 	}
7561 
7562 	rcu_read_lock();
7563 	ar = ath11k_mac_get_ar_by_pdev_id(ab, stats.pdev_id);
7564 	if (!ar) {
7565 		rcu_read_unlock();
7566 		ath11k_warn(ab, "failed to get ar for pdev_id %d: %d\n",
7567 			    stats.pdev_id, ret);
7568 		goto free;
7569 	}
7570 
7571 	spin_lock_bh(&ar->data_lock);
7572 
7573 	/* WMI_REQUEST_PDEV_STAT can be requested via .get_txpower mac ops or via
7574 	 * debugfs fw stats. Therefore, processing it separately.
7575 	 */
7576 	if (stats.stats_id == WMI_REQUEST_PDEV_STAT) {
7577 		list_splice_tail_init(&stats.pdevs, &ar->fw_stats.pdevs);
7578 		ar->fw_stats_done = true;
7579 		goto complete;
7580 	}
7581 
7582 	/* WMI_REQUEST_VDEV_STAT, WMI_REQUEST_BCN_STAT and WMI_REQUEST_RSSI_PER_CHAIN_STAT
7583 	 * are currently requested only via debugfs fw stats. Hence, processing these
7584 	 * in debugfs context
7585 	 */
7586 	ath11k_debugfs_fw_stats_process(ar, &stats);
7587 
7588 complete:
7589 	complete(&ar->fw_stats_complete);
7590 	rcu_read_unlock();
7591 	spin_unlock_bh(&ar->data_lock);
7592 
7593 free:
7594 	ath11k_fw_stats_free(&stats);
7595 }
7596 
7597 /* PDEV_CTL_FAILSAFE_CHECK_EVENT is received from FW when the frequency scanned
7598  * is not part of BDF CTL(Conformance test limits) table entries.
7599  */
7600 static void ath11k_pdev_ctl_failsafe_check_event(struct ath11k_base *ab,
7601 						 struct sk_buff *skb)
7602 {
7603 	const void **tb;
7604 	const struct wmi_pdev_ctl_failsafe_chk_event *ev;
7605 	int ret;
7606 
7607 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7608 	if (IS_ERR(tb)) {
7609 		ret = PTR_ERR(tb);
7610 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
7611 		return;
7612 	}
7613 
7614 	ev = tb[WMI_TAG_PDEV_CTL_FAILSAFE_CHECK_EVENT];
7615 	if (!ev) {
7616 		ath11k_warn(ab, "failed to fetch pdev ctl failsafe check ev");
7617 		kfree(tb);
7618 		return;
7619 	}
7620 
7621 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7622 		   "pdev ctl failsafe check ev status %d\n",
7623 		   ev->ctl_failsafe_status);
7624 
7625 	/* If ctl_failsafe_status is set to 1 FW will max out the Transmit power
7626 	 * to 10 dBm else the CTL power entry in the BDF would be picked up.
7627 	 */
7628 	if (ev->ctl_failsafe_status != 0)
7629 		ath11k_warn(ab, "pdev ctl failsafe failure status %d",
7630 			    ev->ctl_failsafe_status);
7631 
7632 	kfree(tb);
7633 }
7634 
7635 static void
7636 ath11k_wmi_process_csa_switch_count_event(struct ath11k_base *ab,
7637 					  const struct wmi_pdev_csa_switch_ev *ev,
7638 					  const u32 *vdev_ids)
7639 {
7640 	int i;
7641 	struct ath11k_vif *arvif;
7642 
7643 	/* Finish CSA once the switch count becomes NULL */
7644 	if (ev->current_switch_count)
7645 		return;
7646 
7647 	rcu_read_lock();
7648 	for (i = 0; i < ev->num_vdevs; i++) {
7649 		arvif = ath11k_mac_get_arvif_by_vdev_id(ab, vdev_ids[i]);
7650 
7651 		if (!arvif) {
7652 			ath11k_warn(ab, "Recvd csa status for unknown vdev %d",
7653 				    vdev_ids[i]);
7654 			continue;
7655 		}
7656 
7657 		if (arvif->is_up && arvif->vif->bss_conf.csa_active)
7658 			ieee80211_csa_finish(arvif->vif);
7659 	}
7660 	rcu_read_unlock();
7661 }
7662 
7663 static void
7664 ath11k_wmi_pdev_csa_switch_count_status_event(struct ath11k_base *ab,
7665 					      struct sk_buff *skb)
7666 {
7667 	const void **tb;
7668 	const struct wmi_pdev_csa_switch_ev *ev;
7669 	const u32 *vdev_ids;
7670 	int ret;
7671 
7672 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7673 	if (IS_ERR(tb)) {
7674 		ret = PTR_ERR(tb);
7675 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
7676 		return;
7677 	}
7678 
7679 	ev = tb[WMI_TAG_PDEV_CSA_SWITCH_COUNT_STATUS_EVENT];
7680 	vdev_ids = tb[WMI_TAG_ARRAY_UINT32];
7681 
7682 	if (!ev || !vdev_ids) {
7683 		ath11k_warn(ab, "failed to fetch pdev csa switch count ev");
7684 		kfree(tb);
7685 		return;
7686 	}
7687 
7688 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7689 		   "pdev csa switch count %d for pdev %d, num_vdevs %d",
7690 		   ev->current_switch_count, ev->pdev_id,
7691 		   ev->num_vdevs);
7692 
7693 	ath11k_wmi_process_csa_switch_count_event(ab, ev, vdev_ids);
7694 
7695 	kfree(tb);
7696 }
7697 
7698 static void
7699 ath11k_wmi_pdev_dfs_radar_detected_event(struct ath11k_base *ab, struct sk_buff *skb)
7700 {
7701 	const void **tb;
7702 	const struct wmi_pdev_radar_ev *ev;
7703 	struct ath11k *ar;
7704 	int ret;
7705 
7706 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7707 	if (IS_ERR(tb)) {
7708 		ret = PTR_ERR(tb);
7709 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
7710 		return;
7711 	}
7712 
7713 	ev = tb[WMI_TAG_PDEV_DFS_RADAR_DETECTION_EVENT];
7714 
7715 	if (!ev) {
7716 		ath11k_warn(ab, "failed to fetch pdev dfs radar detected ev");
7717 		kfree(tb);
7718 		return;
7719 	}
7720 
7721 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7722 		   "pdev dfs radar detected on pdev %d, detection mode %d, chan freq %d, chan_width %d, detector id %d, seg id %d, timestamp %d, chirp %d, freq offset %d, sidx %d",
7723 		   ev->pdev_id, ev->detection_mode, ev->chan_freq, ev->chan_width,
7724 		   ev->detector_id, ev->segment_id, ev->timestamp, ev->is_chirp,
7725 		   ev->freq_offset, ev->sidx);
7726 
7727 	ar = ath11k_mac_get_ar_by_pdev_id(ab, ev->pdev_id);
7728 
7729 	if (!ar) {
7730 		ath11k_warn(ab, "radar detected in invalid pdev %d\n",
7731 			    ev->pdev_id);
7732 		goto exit;
7733 	}
7734 
7735 	ath11k_dbg(ar->ab, ATH11K_DBG_REG, "DFS Radar Detected in pdev %d\n",
7736 		   ev->pdev_id);
7737 
7738 	if (ar->dfs_block_radar_events)
7739 		ath11k_info(ab, "DFS Radar detected, but ignored as requested\n");
7740 	else
7741 		ieee80211_radar_detected(ar->hw);
7742 
7743 exit:
7744 	kfree(tb);
7745 }
7746 
7747 static void
7748 ath11k_wmi_pdev_temperature_event(struct ath11k_base *ab,
7749 				  struct sk_buff *skb)
7750 {
7751 	struct ath11k *ar;
7752 	const void **tb;
7753 	const struct wmi_pdev_temperature_event *ev;
7754 	int ret;
7755 
7756 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7757 	if (IS_ERR(tb)) {
7758 		ret = PTR_ERR(tb);
7759 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
7760 		return;
7761 	}
7762 
7763 	ev = tb[WMI_TAG_PDEV_TEMPERATURE_EVENT];
7764 	if (!ev) {
7765 		ath11k_warn(ab, "failed to fetch pdev temp ev");
7766 		kfree(tb);
7767 		return;
7768 	}
7769 
7770 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7771 		   "pdev temperature ev temp %d pdev_id %d\n", ev->temp, ev->pdev_id);
7772 
7773 	ar = ath11k_mac_get_ar_by_pdev_id(ab, ev->pdev_id);
7774 	if (!ar) {
7775 		ath11k_warn(ab, "invalid pdev id in pdev temperature ev %d", ev->pdev_id);
7776 		kfree(tb);
7777 		return;
7778 	}
7779 
7780 	ath11k_thermal_event_temperature(ar, ev->temp);
7781 
7782 	kfree(tb);
7783 }
7784 
7785 static void ath11k_fils_discovery_event(struct ath11k_base *ab,
7786 					struct sk_buff *skb)
7787 {
7788 	const void **tb;
7789 	const struct wmi_fils_discovery_event *ev;
7790 	int ret;
7791 
7792 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7793 	if (IS_ERR(tb)) {
7794 		ret = PTR_ERR(tb);
7795 		ath11k_warn(ab,
7796 			    "failed to parse FILS discovery event tlv %d\n",
7797 			    ret);
7798 		return;
7799 	}
7800 
7801 	ev = tb[WMI_TAG_HOST_SWFDA_EVENT];
7802 	if (!ev) {
7803 		ath11k_warn(ab, "failed to fetch FILS discovery event\n");
7804 		kfree(tb);
7805 		return;
7806 	}
7807 
7808 	ath11k_warn(ab,
7809 		    "FILS discovery frame expected from host for vdev_id: %u, transmission scheduled at %u, next TBTT: %u\n",
7810 		    ev->vdev_id, ev->fils_tt, ev->tbtt);
7811 
7812 	kfree(tb);
7813 }
7814 
7815 static void ath11k_probe_resp_tx_status_event(struct ath11k_base *ab,
7816 					      struct sk_buff *skb)
7817 {
7818 	const void **tb;
7819 	const struct wmi_probe_resp_tx_status_event *ev;
7820 	int ret;
7821 
7822 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7823 	if (IS_ERR(tb)) {
7824 		ret = PTR_ERR(tb);
7825 		ath11k_warn(ab,
7826 			    "failed to parse probe response transmission status event tlv: %d\n",
7827 			    ret);
7828 		return;
7829 	}
7830 
7831 	ev = tb[WMI_TAG_OFFLOAD_PRB_RSP_TX_STATUS_EVENT];
7832 	if (!ev) {
7833 		ath11k_warn(ab,
7834 			    "failed to fetch probe response transmission status event");
7835 		kfree(tb);
7836 		return;
7837 	}
7838 
7839 	if (ev->tx_status)
7840 		ath11k_warn(ab,
7841 			    "Probe response transmission failed for vdev_id %u, status %u\n",
7842 			    ev->vdev_id, ev->tx_status);
7843 
7844 	kfree(tb);
7845 }
7846 
7847 static int ath11k_wmi_tlv_wow_wakeup_host_parse(struct ath11k_base *ab,
7848 						u16 tag, u16 len,
7849 						const void *ptr, void *data)
7850 {
7851 	struct wmi_wow_ev_arg *ev = data;
7852 	const char *wow_pg_fault;
7853 	int wow_pg_len;
7854 
7855 	switch (tag) {
7856 	case WMI_TAG_WOW_EVENT_INFO:
7857 		memcpy(ev, ptr, sizeof(*ev));
7858 		ath11k_dbg(ab, ATH11K_DBG_WMI, "wow wakeup host reason %d %s\n",
7859 			   ev->wake_reason, wow_reason(ev->wake_reason));
7860 		break;
7861 
7862 	case WMI_TAG_ARRAY_BYTE:
7863 		if (ev && ev->wake_reason == WOW_REASON_PAGE_FAULT) {
7864 			wow_pg_fault = ptr;
7865 			/* the first 4 bytes are length */
7866 			wow_pg_len = *(int *)wow_pg_fault;
7867 			wow_pg_fault += sizeof(int);
7868 			ath11k_dbg(ab, ATH11K_DBG_WMI, "wow data_len = %d\n",
7869 				   wow_pg_len);
7870 			ath11k_dbg_dump(ab, ATH11K_DBG_WMI,
7871 					"wow_event_info_type packet present",
7872 					"wow_pg_fault ",
7873 					wow_pg_fault,
7874 					wow_pg_len);
7875 		}
7876 		break;
7877 	default:
7878 		break;
7879 	}
7880 
7881 	return 0;
7882 }
7883 
7884 static void ath11k_wmi_event_wow_wakeup_host(struct ath11k_base *ab, struct sk_buff *skb)
7885 {
7886 	struct wmi_wow_ev_arg ev = { };
7887 	int ret;
7888 
7889 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
7890 				  ath11k_wmi_tlv_wow_wakeup_host_parse,
7891 				  &ev);
7892 	if (ret) {
7893 		ath11k_warn(ab, "failed to parse wmi wow tlv: %d\n", ret);
7894 		return;
7895 	}
7896 
7897 	complete(&ab->wow.wakeup_completed);
7898 }
7899 
7900 static void
7901 ath11k_wmi_diag_event(struct ath11k_base *ab,
7902 		      struct sk_buff *skb)
7903 {
7904 	trace_ath11k_wmi_diag(ab, skb->data, skb->len);
7905 }
7906 
7907 static const char *ath11k_wmi_twt_add_dialog_event_status(u32 status)
7908 {
7909 	switch (status) {
7910 	case WMI_ADD_TWT_STATUS_OK:
7911 		return "ok";
7912 	case WMI_ADD_TWT_STATUS_TWT_NOT_ENABLED:
7913 		return "twt disabled";
7914 	case WMI_ADD_TWT_STATUS_USED_DIALOG_ID:
7915 		return "dialog id in use";
7916 	case WMI_ADD_TWT_STATUS_INVALID_PARAM:
7917 		return "invalid parameters";
7918 	case WMI_ADD_TWT_STATUS_NOT_READY:
7919 		return "not ready";
7920 	case WMI_ADD_TWT_STATUS_NO_RESOURCE:
7921 		return "resource unavailable";
7922 	case WMI_ADD_TWT_STATUS_NO_ACK:
7923 		return "no ack";
7924 	case WMI_ADD_TWT_STATUS_NO_RESPONSE:
7925 		return "no response";
7926 	case WMI_ADD_TWT_STATUS_DENIED:
7927 		return "denied";
7928 	case WMI_ADD_TWT_STATUS_UNKNOWN_ERROR:
7929 		fallthrough;
7930 	default:
7931 		return "unknown error";
7932 	}
7933 }
7934 
7935 static void ath11k_wmi_twt_add_dialog_event(struct ath11k_base *ab,
7936 					    struct sk_buff *skb)
7937 {
7938 	const void **tb;
7939 	const struct wmi_twt_add_dialog_event *ev;
7940 	int ret;
7941 
7942 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7943 	if (IS_ERR(tb)) {
7944 		ret = PTR_ERR(tb);
7945 		ath11k_warn(ab,
7946 			    "failed to parse wmi twt add dialog status event tlv: %d\n",
7947 			    ret);
7948 		return;
7949 	}
7950 
7951 	ev = tb[WMI_TAG_TWT_ADD_DIALOG_COMPLETE_EVENT];
7952 	if (!ev) {
7953 		ath11k_warn(ab, "failed to fetch twt add dialog wmi event\n");
7954 		goto exit;
7955 	}
7956 
7957 	if (ev->status)
7958 		ath11k_warn(ab,
7959 			    "wmi add twt dialog event vdev %d dialog id %d status %s\n",
7960 			    ev->vdev_id, ev->dialog_id,
7961 			    ath11k_wmi_twt_add_dialog_event_status(ev->status));
7962 
7963 exit:
7964 	kfree(tb);
7965 }
7966 
7967 static void ath11k_wmi_gtk_offload_status_event(struct ath11k_base *ab,
7968 						struct sk_buff *skb)
7969 {
7970 	const void **tb;
7971 	const struct wmi_gtk_offload_status_event *ev;
7972 	struct ath11k_vif *arvif;
7973 	__be64 replay_ctr_be;
7974 	u64    replay_ctr;
7975 	int ret;
7976 
7977 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7978 	if (IS_ERR(tb)) {
7979 		ret = PTR_ERR(tb);
7980 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
7981 		return;
7982 	}
7983 
7984 	ev = tb[WMI_TAG_GTK_OFFLOAD_STATUS_EVENT];
7985 	if (!ev) {
7986 		ath11k_warn(ab, "failed to fetch gtk offload status ev");
7987 		kfree(tb);
7988 		return;
7989 	}
7990 
7991 	arvif = ath11k_mac_get_arvif_by_vdev_id(ab, ev->vdev_id);
7992 	if (!arvif) {
7993 		ath11k_warn(ab, "failed to get arvif for vdev_id:%d\n",
7994 			    ev->vdev_id);
7995 		kfree(tb);
7996 		return;
7997 	}
7998 
7999 	ath11k_dbg(ab, ATH11K_DBG_WMI, "wmi gtk offload event refresh_cnt %d\n",
8000 		   ev->refresh_cnt);
8001 	ath11k_dbg_dump(ab, ATH11K_DBG_WMI, "replay_cnt",
8002 			NULL, ev->replay_ctr.counter, GTK_REPLAY_COUNTER_BYTES);
8003 
8004 	replay_ctr =  ev->replay_ctr.word1;
8005 	replay_ctr = (replay_ctr << 32) | ev->replay_ctr.word0;
8006 	arvif->rekey_data.replay_ctr = replay_ctr;
8007 
8008 	/* supplicant expects big-endian replay counter */
8009 	replay_ctr_be = cpu_to_be64(replay_ctr);
8010 
8011 	ieee80211_gtk_rekey_notify(arvif->vif, arvif->bssid,
8012 				   (void *)&replay_ctr_be, GFP_ATOMIC);
8013 
8014 	kfree(tb);
8015 }
8016 
8017 static void ath11k_wmi_tlv_op_rx(struct ath11k_base *ab, struct sk_buff *skb)
8018 {
8019 	struct wmi_cmd_hdr *cmd_hdr;
8020 	enum wmi_tlv_event_id id;
8021 
8022 	cmd_hdr = (struct wmi_cmd_hdr *)skb->data;
8023 	id = FIELD_GET(WMI_CMD_HDR_CMD_ID, (cmd_hdr->cmd_id));
8024 
8025 	trace_ath11k_wmi_event(ab, id, skb->data, skb->len);
8026 
8027 	if (skb_pull(skb, sizeof(struct wmi_cmd_hdr)) == NULL)
8028 		goto out;
8029 
8030 	switch (id) {
8031 		/* Process all the WMI events here */
8032 	case WMI_SERVICE_READY_EVENTID:
8033 		ath11k_service_ready_event(ab, skb);
8034 		break;
8035 	case WMI_SERVICE_READY_EXT_EVENTID:
8036 		ath11k_service_ready_ext_event(ab, skb);
8037 		break;
8038 	case WMI_SERVICE_READY_EXT2_EVENTID:
8039 		ath11k_service_ready_ext2_event(ab, skb);
8040 		break;
8041 	case WMI_REG_CHAN_LIST_CC_EVENTID:
8042 		ath11k_reg_chan_list_event(ab, skb);
8043 		break;
8044 	case WMI_READY_EVENTID:
8045 		ath11k_ready_event(ab, skb);
8046 		break;
8047 	case WMI_PEER_DELETE_RESP_EVENTID:
8048 		ath11k_peer_delete_resp_event(ab, skb);
8049 		break;
8050 	case WMI_VDEV_START_RESP_EVENTID:
8051 		ath11k_vdev_start_resp_event(ab, skb);
8052 		break;
8053 	case WMI_OFFLOAD_BCN_TX_STATUS_EVENTID:
8054 		ath11k_bcn_tx_status_event(ab, skb);
8055 		break;
8056 	case WMI_VDEV_STOPPED_EVENTID:
8057 		ath11k_vdev_stopped_event(ab, skb);
8058 		break;
8059 	case WMI_MGMT_RX_EVENTID:
8060 		ath11k_mgmt_rx_event(ab, skb);
8061 		/* mgmt_rx_event() owns the skb now! */
8062 		return;
8063 	case WMI_MGMT_TX_COMPLETION_EVENTID:
8064 		ath11k_mgmt_tx_compl_event(ab, skb);
8065 		break;
8066 	case WMI_SCAN_EVENTID:
8067 		ath11k_scan_event(ab, skb);
8068 		break;
8069 	case WMI_PEER_STA_KICKOUT_EVENTID:
8070 		ath11k_peer_sta_kickout_event(ab, skb);
8071 		break;
8072 	case WMI_ROAM_EVENTID:
8073 		ath11k_roam_event(ab, skb);
8074 		break;
8075 	case WMI_CHAN_INFO_EVENTID:
8076 		ath11k_chan_info_event(ab, skb);
8077 		break;
8078 	case WMI_PDEV_BSS_CHAN_INFO_EVENTID:
8079 		ath11k_pdev_bss_chan_info_event(ab, skb);
8080 		break;
8081 	case WMI_VDEV_INSTALL_KEY_COMPLETE_EVENTID:
8082 		ath11k_vdev_install_key_compl_event(ab, skb);
8083 		break;
8084 	case WMI_SERVICE_AVAILABLE_EVENTID:
8085 		ath11k_service_available_event(ab, skb);
8086 		break;
8087 	case WMI_PEER_ASSOC_CONF_EVENTID:
8088 		ath11k_peer_assoc_conf_event(ab, skb);
8089 		break;
8090 	case WMI_UPDATE_STATS_EVENTID:
8091 		ath11k_update_stats_event(ab, skb);
8092 		break;
8093 	case WMI_PDEV_CTL_FAILSAFE_CHECK_EVENTID:
8094 		ath11k_pdev_ctl_failsafe_check_event(ab, skb);
8095 		break;
8096 	case WMI_PDEV_CSA_SWITCH_COUNT_STATUS_EVENTID:
8097 		ath11k_wmi_pdev_csa_switch_count_status_event(ab, skb);
8098 		break;
8099 	case WMI_PDEV_TEMPERATURE_EVENTID:
8100 		ath11k_wmi_pdev_temperature_event(ab, skb);
8101 		break;
8102 	case WMI_PDEV_DMA_RING_BUF_RELEASE_EVENTID:
8103 		ath11k_wmi_pdev_dma_ring_buf_release_event(ab, skb);
8104 		break;
8105 	case WMI_HOST_FILS_DISCOVERY_EVENTID:
8106 		ath11k_fils_discovery_event(ab, skb);
8107 		break;
8108 	case WMI_OFFLOAD_PROB_RESP_TX_STATUS_EVENTID:
8109 		ath11k_probe_resp_tx_status_event(ab, skb);
8110 		break;
8111 	case WMI_OBSS_COLOR_COLLISION_DETECTION_EVENTID:
8112 		ath11k_wmi_obss_color_collision_event(ab, skb);
8113 		break;
8114 	case WMI_TWT_ADD_DIALOG_EVENTID:
8115 		ath11k_wmi_twt_add_dialog_event(ab, skb);
8116 		break;
8117 	/* add Unsupported events here */
8118 	case WMI_TBTTOFFSET_EXT_UPDATE_EVENTID:
8119 	case WMI_PEER_OPER_MODE_CHANGE_EVENTID:
8120 	case WMI_TWT_ENABLE_EVENTID:
8121 	case WMI_TWT_DISABLE_EVENTID:
8122 	case WMI_TWT_DEL_DIALOG_EVENTID:
8123 	case WMI_TWT_PAUSE_DIALOG_EVENTID:
8124 	case WMI_TWT_RESUME_DIALOG_EVENTID:
8125 	case WMI_PDEV_DMA_RING_CFG_RSP_EVENTID:
8126 	case WMI_PEER_CREATE_CONF_EVENTID:
8127 		ath11k_dbg(ab, ATH11K_DBG_WMI,
8128 			   "ignoring unsupported event 0x%x\n", id);
8129 		break;
8130 	case WMI_PDEV_DFS_RADAR_DETECTION_EVENTID:
8131 		ath11k_wmi_pdev_dfs_radar_detected_event(ab, skb);
8132 		break;
8133 	case WMI_VDEV_DELETE_RESP_EVENTID:
8134 		ath11k_vdev_delete_resp_event(ab, skb);
8135 		break;
8136 	case WMI_WOW_WAKEUP_HOST_EVENTID:
8137 		ath11k_wmi_event_wow_wakeup_host(ab, skb);
8138 		break;
8139 	case WMI_11D_NEW_COUNTRY_EVENTID:
8140 		ath11k_reg_11d_new_cc_event(ab, skb);
8141 		break;
8142 	case WMI_DIAG_EVENTID:
8143 		ath11k_wmi_diag_event(ab, skb);
8144 		break;
8145 	case WMI_PEER_STA_PS_STATECHG_EVENTID:
8146 		ath11k_wmi_event_peer_sta_ps_state_chg(ab, skb);
8147 		break;
8148 	case WMI_GTK_OFFLOAD_STATUS_EVENTID:
8149 		ath11k_wmi_gtk_offload_status_event(ab, skb);
8150 		break;
8151 	/* TODO: Add remaining events */
8152 	default:
8153 		ath11k_dbg(ab, ATH11K_DBG_WMI, "Unknown eventid: 0x%x\n", id);
8154 		break;
8155 	}
8156 
8157 out:
8158 	dev_kfree_skb(skb);
8159 }
8160 
8161 static int ath11k_connect_pdev_htc_service(struct ath11k_base *ab,
8162 					   u32 pdev_idx)
8163 {
8164 	int status;
8165 	u32 svc_id[] = { ATH11K_HTC_SVC_ID_WMI_CONTROL,
8166 			 ATH11K_HTC_SVC_ID_WMI_CONTROL_MAC1,
8167 			 ATH11K_HTC_SVC_ID_WMI_CONTROL_MAC2 };
8168 
8169 	struct ath11k_htc_svc_conn_req conn_req;
8170 	struct ath11k_htc_svc_conn_resp conn_resp;
8171 
8172 	memset(&conn_req, 0, sizeof(conn_req));
8173 	memset(&conn_resp, 0, sizeof(conn_resp));
8174 
8175 	/* these fields are the same for all service endpoints */
8176 	conn_req.ep_ops.ep_tx_complete = ath11k_wmi_htc_tx_complete;
8177 	conn_req.ep_ops.ep_rx_complete = ath11k_wmi_tlv_op_rx;
8178 	conn_req.ep_ops.ep_tx_credits = ath11k_wmi_op_ep_tx_credits;
8179 
8180 	/* connect to control service */
8181 	conn_req.service_id = svc_id[pdev_idx];
8182 
8183 	status = ath11k_htc_connect_service(&ab->htc, &conn_req, &conn_resp);
8184 	if (status) {
8185 		ath11k_warn(ab, "failed to connect to WMI CONTROL service status: %d\n",
8186 			    status);
8187 		return status;
8188 	}
8189 
8190 	ab->wmi_ab.wmi_endpoint_id[pdev_idx] = conn_resp.eid;
8191 	ab->wmi_ab.wmi[pdev_idx].eid = conn_resp.eid;
8192 	ab->wmi_ab.max_msg_len[pdev_idx] = conn_resp.max_msg_len;
8193 	init_waitqueue_head(&ab->wmi_ab.wmi[pdev_idx].tx_ce_desc_wq);
8194 
8195 	return 0;
8196 }
8197 
8198 static int
8199 ath11k_wmi_send_unit_test_cmd(struct ath11k *ar,
8200 			      struct wmi_unit_test_cmd ut_cmd,
8201 			      u32 *test_args)
8202 {
8203 	struct ath11k_pdev_wmi *wmi = ar->wmi;
8204 	struct wmi_unit_test_cmd *cmd;
8205 	struct sk_buff *skb;
8206 	struct wmi_tlv *tlv;
8207 	void *ptr;
8208 	u32 *ut_cmd_args;
8209 	int buf_len, arg_len;
8210 	int ret;
8211 	int i;
8212 
8213 	arg_len = sizeof(u32) * ut_cmd.num_args;
8214 	buf_len = sizeof(ut_cmd) + arg_len + TLV_HDR_SIZE;
8215 
8216 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, buf_len);
8217 	if (!skb)
8218 		return -ENOMEM;
8219 
8220 	cmd = (struct wmi_unit_test_cmd *)skb->data;
8221 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_UNIT_TEST_CMD) |
8222 			  FIELD_PREP(WMI_TLV_LEN, sizeof(ut_cmd) - TLV_HDR_SIZE);
8223 
8224 	cmd->vdev_id = ut_cmd.vdev_id;
8225 	cmd->module_id = ut_cmd.module_id;
8226 	cmd->num_args = ut_cmd.num_args;
8227 	cmd->diag_token = ut_cmd.diag_token;
8228 
8229 	ptr = skb->data + sizeof(ut_cmd);
8230 
8231 	tlv = ptr;
8232 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_UINT32) |
8233 		      FIELD_PREP(WMI_TLV_LEN, arg_len);
8234 
8235 	ptr += TLV_HDR_SIZE;
8236 
8237 	ut_cmd_args = ptr;
8238 	for (i = 0; i < ut_cmd.num_args; i++)
8239 		ut_cmd_args[i] = test_args[i];
8240 
8241 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_UNIT_TEST_CMDID);
8242 
8243 	if (ret) {
8244 		ath11k_warn(ar->ab, "failed to send WMI_UNIT_TEST CMD :%d\n",
8245 			    ret);
8246 		dev_kfree_skb(skb);
8247 	}
8248 
8249 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
8250 		   "WMI unit test : module %d vdev %d n_args %d token %d\n",
8251 		   cmd->module_id, cmd->vdev_id, cmd->num_args,
8252 		   cmd->diag_token);
8253 
8254 	return ret;
8255 }
8256 
8257 int ath11k_wmi_simulate_radar(struct ath11k *ar)
8258 {
8259 	struct ath11k_vif *arvif;
8260 	u32 dfs_args[DFS_MAX_TEST_ARGS];
8261 	struct wmi_unit_test_cmd wmi_ut;
8262 	bool arvif_found = false;
8263 
8264 	list_for_each_entry(arvif, &ar->arvifs, list) {
8265 		if (arvif->is_started && arvif->vdev_type == WMI_VDEV_TYPE_AP) {
8266 			arvif_found = true;
8267 			break;
8268 		}
8269 	}
8270 
8271 	if (!arvif_found)
8272 		return -EINVAL;
8273 
8274 	dfs_args[DFS_TEST_CMDID] = 0;
8275 	dfs_args[DFS_TEST_PDEV_ID] = ar->pdev->pdev_id;
8276 	/* Currently we could pass segment_id(b0 - b1), chirp(b2)
8277 	 * freq offset (b3 - b10) to unit test. For simulation
8278 	 * purpose this can be set to 0 which is valid.
8279 	 */
8280 	dfs_args[DFS_TEST_RADAR_PARAM] = 0;
8281 
8282 	wmi_ut.vdev_id = arvif->vdev_id;
8283 	wmi_ut.module_id = DFS_UNIT_TEST_MODULE;
8284 	wmi_ut.num_args = DFS_MAX_TEST_ARGS;
8285 	wmi_ut.diag_token = DFS_UNIT_TEST_TOKEN;
8286 
8287 	ath11k_dbg(ar->ab, ATH11K_DBG_REG, "Triggering Radar Simulation\n");
8288 
8289 	return ath11k_wmi_send_unit_test_cmd(ar, wmi_ut, dfs_args);
8290 }
8291 
8292 int ath11k_wmi_fw_dbglog_cfg(struct ath11k *ar, u32 *module_id_bitmap,
8293 			     struct ath11k_fw_dbglog *dbglog)
8294 {
8295 	struct ath11k_pdev_wmi *wmi = ar->wmi;
8296 	struct wmi_debug_log_config_cmd_fixed_param *cmd;
8297 	struct sk_buff *skb;
8298 	struct wmi_tlv *tlv;
8299 	int ret, len;
8300 
8301 	len = sizeof(*cmd) + TLV_HDR_SIZE + (MAX_MODULE_ID_BITMAP_WORDS * sizeof(u32));
8302 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
8303 	if (!skb)
8304 		return -ENOMEM;
8305 
8306 	cmd = (struct wmi_debug_log_config_cmd_fixed_param *)skb->data;
8307 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_DEBUG_LOG_CONFIG_CMD) |
8308 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8309 	cmd->dbg_log_param = dbglog->param;
8310 
8311 	tlv = (struct wmi_tlv *)((u8 *)cmd + sizeof(*cmd));
8312 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_UINT32) |
8313 		      FIELD_PREP(WMI_TLV_LEN, MAX_MODULE_ID_BITMAP_WORDS * sizeof(u32));
8314 
8315 	switch (dbglog->param) {
8316 	case WMI_DEBUG_LOG_PARAM_LOG_LEVEL:
8317 	case WMI_DEBUG_LOG_PARAM_VDEV_ENABLE:
8318 	case WMI_DEBUG_LOG_PARAM_VDEV_DISABLE:
8319 	case WMI_DEBUG_LOG_PARAM_VDEV_ENABLE_BITMAP:
8320 		cmd->value = dbglog->value;
8321 		break;
8322 	case WMI_DEBUG_LOG_PARAM_MOD_ENABLE_BITMAP:
8323 	case WMI_DEBUG_LOG_PARAM_WOW_MOD_ENABLE_BITMAP:
8324 		cmd->value = dbglog->value;
8325 		memcpy(tlv->value, module_id_bitmap,
8326 		       MAX_MODULE_ID_BITMAP_WORDS * sizeof(u32));
8327 		/* clear current config to be used for next user config */
8328 		memset(module_id_bitmap, 0,
8329 		       MAX_MODULE_ID_BITMAP_WORDS * sizeof(u32));
8330 		break;
8331 	default:
8332 		dev_kfree_skb(skb);
8333 		return -EINVAL;
8334 	}
8335 
8336 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_DBGLOG_CFG_CMDID);
8337 	if (ret) {
8338 		ath11k_warn(ar->ab,
8339 			    "failed to send WMI_DBGLOG_CFG_CMDID\n");
8340 		dev_kfree_skb(skb);
8341 	}
8342 	return ret;
8343 }
8344 
8345 int ath11k_wmi_connect(struct ath11k_base *ab)
8346 {
8347 	u32 i;
8348 	u8 wmi_ep_count;
8349 
8350 	wmi_ep_count = ab->htc.wmi_ep_count;
8351 	if (wmi_ep_count > ab->hw_params.max_radios)
8352 		return -1;
8353 
8354 	for (i = 0; i < wmi_ep_count; i++)
8355 		ath11k_connect_pdev_htc_service(ab, i);
8356 
8357 	return 0;
8358 }
8359 
8360 static void ath11k_wmi_pdev_detach(struct ath11k_base *ab, u8 pdev_id)
8361 {
8362 	if (WARN_ON(pdev_id >= MAX_RADIOS))
8363 		return;
8364 
8365 	/* TODO: Deinit any pdev specific wmi resource */
8366 }
8367 
8368 int ath11k_wmi_pdev_attach(struct ath11k_base *ab,
8369 			   u8 pdev_id)
8370 {
8371 	struct ath11k_pdev_wmi *wmi_handle;
8372 
8373 	if (pdev_id >= ab->hw_params.max_radios)
8374 		return -EINVAL;
8375 
8376 	wmi_handle = &ab->wmi_ab.wmi[pdev_id];
8377 
8378 	wmi_handle->wmi_ab = &ab->wmi_ab;
8379 
8380 	ab->wmi_ab.ab = ab;
8381 	/* TODO: Init remaining resource specific to pdev */
8382 
8383 	return 0;
8384 }
8385 
8386 int ath11k_wmi_attach(struct ath11k_base *ab)
8387 {
8388 	int ret;
8389 
8390 	ret = ath11k_wmi_pdev_attach(ab, 0);
8391 	if (ret)
8392 		return ret;
8393 
8394 	ab->wmi_ab.ab = ab;
8395 	ab->wmi_ab.preferred_hw_mode = WMI_HOST_HW_MODE_MAX;
8396 
8397 	/* It's overwritten when service_ext_ready is handled */
8398 	if (ab->hw_params.single_pdev_only && ab->hw_params.num_rxmda_per_pdev > 1)
8399 		ab->wmi_ab.preferred_hw_mode = WMI_HOST_HW_MODE_SINGLE;
8400 
8401 	/* TODO: Init remaining wmi soc resources required */
8402 	init_completion(&ab->wmi_ab.service_ready);
8403 	init_completion(&ab->wmi_ab.unified_ready);
8404 
8405 	return 0;
8406 }
8407 
8408 void ath11k_wmi_detach(struct ath11k_base *ab)
8409 {
8410 	int i;
8411 
8412 	/* TODO: Deinit wmi resource specific to SOC as required */
8413 
8414 	for (i = 0; i < ab->htc.wmi_ep_count; i++)
8415 		ath11k_wmi_pdev_detach(ab, i);
8416 
8417 	ath11k_wmi_free_dbring_caps(ab);
8418 }
8419 
8420 int ath11k_wmi_hw_data_filter_cmd(struct ath11k *ar, u32 vdev_id,
8421 				  u32 filter_bitmap, bool enable)
8422 {
8423 	struct wmi_hw_data_filter_cmd *cmd;
8424 	struct sk_buff *skb;
8425 	int len;
8426 
8427 	len = sizeof(*cmd);
8428 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8429 
8430 	if (!skb)
8431 		return -ENOMEM;
8432 
8433 	cmd = (struct wmi_hw_data_filter_cmd *)skb->data;
8434 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_HW_DATA_FILTER_CMD) |
8435 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8436 
8437 	cmd->vdev_id = vdev_id;
8438 	cmd->enable = enable;
8439 
8440 	/* Set all modes in case of disable */
8441 	if (cmd->enable)
8442 		cmd->hw_filter_bitmap = filter_bitmap;
8443 	else
8444 		cmd->hw_filter_bitmap = ((u32)~0U);
8445 
8446 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
8447 		   "wmi hw data filter enable %d filter_bitmap 0x%x\n",
8448 		   enable, filter_bitmap);
8449 
8450 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_HW_DATA_FILTER_CMDID);
8451 }
8452 
8453 int ath11k_wmi_wow_host_wakeup_ind(struct ath11k *ar)
8454 {
8455 	struct wmi_wow_host_wakeup_ind *cmd;
8456 	struct sk_buff *skb;
8457 	size_t len;
8458 
8459 	len = sizeof(*cmd);
8460 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8461 	if (!skb)
8462 		return -ENOMEM;
8463 
8464 	cmd = (struct wmi_wow_host_wakeup_ind *)skb->data;
8465 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
8466 				     WMI_TAG_WOW_HOSTWAKEUP_FROM_SLEEP_CMD) |
8467 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8468 
8469 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi tlv wow host wakeup ind\n");
8470 
8471 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_HOSTWAKEUP_FROM_SLEEP_CMDID);
8472 }
8473 
8474 int ath11k_wmi_wow_enable(struct ath11k *ar)
8475 {
8476 	struct wmi_wow_enable_cmd *cmd;
8477 	struct sk_buff *skb;
8478 	int len;
8479 
8480 	len = sizeof(*cmd);
8481 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8482 	if (!skb)
8483 		return -ENOMEM;
8484 
8485 	cmd = (struct wmi_wow_enable_cmd *)skb->data;
8486 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_WOW_ENABLE_CMD) |
8487 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8488 
8489 	cmd->enable = 1;
8490 	cmd->pause_iface_config = WOW_IFACE_PAUSE_ENABLED;
8491 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi tlv wow enable\n");
8492 
8493 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_ENABLE_CMDID);
8494 }
8495 
8496 int ath11k_wmi_scan_prob_req_oui(struct ath11k *ar,
8497 				 const u8 mac_addr[ETH_ALEN])
8498 {
8499 	struct sk_buff *skb;
8500 	struct wmi_scan_prob_req_oui_cmd *cmd;
8501 	u32 prob_req_oui;
8502 	int len;
8503 
8504 	prob_req_oui = (((u32)mac_addr[0]) << 16) |
8505 		       (((u32)mac_addr[1]) << 8) | mac_addr[2];
8506 
8507 	len = sizeof(*cmd);
8508 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8509 	if (!skb)
8510 		return -ENOMEM;
8511 
8512 	cmd = (struct wmi_scan_prob_req_oui_cmd *)skb->data;
8513 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
8514 				     WMI_TAG_SCAN_PROB_REQ_OUI_CMD) |
8515 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8516 	cmd->prob_req_oui = prob_req_oui;
8517 
8518 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi scan prob req oui %d\n",
8519 		   prob_req_oui);
8520 
8521 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_SCAN_PROB_REQ_OUI_CMDID);
8522 }
8523 
8524 int ath11k_wmi_wow_add_wakeup_event(struct ath11k *ar, u32 vdev_id,
8525 				    enum wmi_wow_wakeup_event event,
8526 				u32 enable)
8527 {
8528 	struct wmi_wow_add_del_event_cmd *cmd;
8529 	struct sk_buff *skb;
8530 	size_t len;
8531 
8532 	len = sizeof(*cmd);
8533 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8534 	if (!skb)
8535 		return -ENOMEM;
8536 
8537 	cmd = (struct wmi_wow_add_del_event_cmd *)skb->data;
8538 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_WOW_ADD_DEL_EVT_CMD) |
8539 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8540 
8541 	cmd->vdev_id = vdev_id;
8542 	cmd->is_add = enable;
8543 	cmd->event_bitmap = (1 << event);
8544 
8545 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi tlv wow add wakeup event %s enable %d vdev_id %d\n",
8546 		   wow_wakeup_event(event), enable, vdev_id);
8547 
8548 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_ENABLE_DISABLE_WAKE_EVENT_CMDID);
8549 }
8550 
8551 int ath11k_wmi_wow_add_pattern(struct ath11k *ar, u32 vdev_id, u32 pattern_id,
8552 			       const u8 *pattern, const u8 *mask,
8553 			   int pattern_len, int pattern_offset)
8554 {
8555 	struct wmi_wow_add_pattern_cmd *cmd;
8556 	struct wmi_wow_bitmap_pattern *bitmap;
8557 	struct wmi_tlv *tlv;
8558 	struct sk_buff *skb;
8559 	u8 *ptr;
8560 	size_t len;
8561 
8562 	len = sizeof(*cmd) +
8563 	      sizeof(*tlv) +			/* array struct */
8564 	      sizeof(*bitmap) +			/* bitmap */
8565 	      sizeof(*tlv) +			/* empty ipv4 sync */
8566 	      sizeof(*tlv) +			/* empty ipv6 sync */
8567 	      sizeof(*tlv) +			/* empty magic */
8568 	      sizeof(*tlv) +			/* empty info timeout */
8569 	      sizeof(*tlv) + sizeof(u32);	/* ratelimit interval */
8570 
8571 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8572 	if (!skb)
8573 		return -ENOMEM;
8574 
8575 	/* cmd */
8576 	ptr = (u8 *)skb->data;
8577 	cmd = (struct wmi_wow_add_pattern_cmd *)ptr;
8578 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
8579 				     WMI_TAG_WOW_ADD_PATTERN_CMD) |
8580 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8581 
8582 	cmd->vdev_id = vdev_id;
8583 	cmd->pattern_id = pattern_id;
8584 	cmd->pattern_type = WOW_BITMAP_PATTERN;
8585 
8586 	ptr += sizeof(*cmd);
8587 
8588 	/* bitmap */
8589 	tlv = (struct wmi_tlv *)ptr;
8590 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
8591 				 WMI_TAG_ARRAY_STRUCT) |
8592 		      FIELD_PREP(WMI_TLV_LEN, sizeof(*bitmap));
8593 
8594 	ptr += sizeof(*tlv);
8595 
8596 	bitmap = (struct wmi_wow_bitmap_pattern *)ptr;
8597 	bitmap->tlv_header = FIELD_PREP(WMI_TLV_TAG,
8598 					WMI_TAG_WOW_BITMAP_PATTERN_T) |
8599 			     FIELD_PREP(WMI_TLV_LEN, sizeof(*bitmap) - TLV_HDR_SIZE);
8600 
8601 	memcpy(bitmap->patternbuf, pattern, pattern_len);
8602 	ath11k_ce_byte_swap(bitmap->patternbuf, roundup(pattern_len, 4));
8603 	memcpy(bitmap->bitmaskbuf, mask, pattern_len);
8604 	ath11k_ce_byte_swap(bitmap->bitmaskbuf, roundup(pattern_len, 4));
8605 	bitmap->pattern_offset = pattern_offset;
8606 	bitmap->pattern_len = pattern_len;
8607 	bitmap->bitmask_len = pattern_len;
8608 	bitmap->pattern_id = pattern_id;
8609 
8610 	ptr += sizeof(*bitmap);
8611 
8612 	/* ipv4 sync */
8613 	tlv = (struct wmi_tlv *)ptr;
8614 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
8615 				 WMI_TAG_ARRAY_STRUCT) |
8616 		      FIELD_PREP(WMI_TLV_LEN, 0);
8617 
8618 	ptr += sizeof(*tlv);
8619 
8620 	/* ipv6 sync */
8621 	tlv = (struct wmi_tlv *)ptr;
8622 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
8623 				 WMI_TAG_ARRAY_STRUCT) |
8624 		      FIELD_PREP(WMI_TLV_LEN, 0);
8625 
8626 	ptr += sizeof(*tlv);
8627 
8628 	/* magic */
8629 	tlv = (struct wmi_tlv *)ptr;
8630 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
8631 				 WMI_TAG_ARRAY_STRUCT) |
8632 		      FIELD_PREP(WMI_TLV_LEN, 0);
8633 
8634 	ptr += sizeof(*tlv);
8635 
8636 	/* pattern info timeout */
8637 	tlv = (struct wmi_tlv *)ptr;
8638 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
8639 				 WMI_TAG_ARRAY_UINT32) |
8640 		      FIELD_PREP(WMI_TLV_LEN, 0);
8641 
8642 	ptr += sizeof(*tlv);
8643 
8644 	/* ratelimit interval */
8645 	tlv = (struct wmi_tlv *)ptr;
8646 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
8647 				 WMI_TAG_ARRAY_UINT32) |
8648 		      FIELD_PREP(WMI_TLV_LEN, sizeof(u32));
8649 
8650 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi tlv wow add pattern vdev_id %d pattern_id %d pattern_offset %d\n",
8651 		   vdev_id, pattern_id, pattern_offset);
8652 
8653 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_ADD_WAKE_PATTERN_CMDID);
8654 }
8655 
8656 int ath11k_wmi_wow_del_pattern(struct ath11k *ar, u32 vdev_id, u32 pattern_id)
8657 {
8658 	struct wmi_wow_del_pattern_cmd *cmd;
8659 	struct sk_buff *skb;
8660 	size_t len;
8661 
8662 	len = sizeof(*cmd);
8663 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8664 	if (!skb)
8665 		return -ENOMEM;
8666 
8667 	cmd = (struct wmi_wow_del_pattern_cmd *)skb->data;
8668 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
8669 				     WMI_TAG_WOW_DEL_PATTERN_CMD) |
8670 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8671 
8672 	cmd->vdev_id = vdev_id;
8673 	cmd->pattern_id = pattern_id;
8674 	cmd->pattern_type = WOW_BITMAP_PATTERN;
8675 
8676 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi tlv wow del pattern vdev_id %d pattern_id %d\n",
8677 		   vdev_id, pattern_id);
8678 
8679 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_DEL_WAKE_PATTERN_CMDID);
8680 }
8681 
8682 static struct sk_buff *
8683 ath11k_wmi_op_gen_config_pno_start(struct ath11k *ar,
8684 				   u32 vdev_id,
8685 				       struct wmi_pno_scan_req *pno)
8686 {
8687 	struct nlo_configured_parameters *nlo_list;
8688 	struct wmi_wow_nlo_config_cmd *cmd;
8689 	struct wmi_tlv *tlv;
8690 	struct sk_buff *skb;
8691 	u32 *channel_list;
8692 	size_t len, nlo_list_len, channel_list_len;
8693 	u8 *ptr;
8694 	u32 i;
8695 
8696 	len = sizeof(*cmd) +
8697 	      sizeof(*tlv) +
8698 	      /* TLV place holder for array of structures
8699 	       * nlo_configured_parameters(nlo_list)
8700 	       */
8701 	      sizeof(*tlv);
8702 	      /* TLV place holder for array of uint32 channel_list */
8703 
8704 	channel_list_len = sizeof(u32) * pno->a_networks[0].channel_count;
8705 	len += channel_list_len;
8706 
8707 	nlo_list_len = sizeof(*nlo_list) * pno->uc_networks_count;
8708 	len += nlo_list_len;
8709 
8710 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8711 	if (!skb)
8712 		return ERR_PTR(-ENOMEM);
8713 
8714 	ptr = (u8 *)skb->data;
8715 	cmd = (struct wmi_wow_nlo_config_cmd *)ptr;
8716 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_NLO_CONFIG_CMD) |
8717 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8718 
8719 	cmd->vdev_id = pno->vdev_id;
8720 	cmd->flags = WMI_NLO_CONFIG_START | WMI_NLO_CONFIG_SSID_HIDE_EN;
8721 
8722 	/* current FW does not support min-max range for dwell time */
8723 	cmd->active_dwell_time = pno->active_max_time;
8724 	cmd->passive_dwell_time = pno->passive_max_time;
8725 
8726 	if (pno->do_passive_scan)
8727 		cmd->flags |= WMI_NLO_CONFIG_SCAN_PASSIVE;
8728 
8729 	cmd->fast_scan_period = pno->fast_scan_period;
8730 	cmd->slow_scan_period = pno->slow_scan_period;
8731 	cmd->fast_scan_max_cycles = pno->fast_scan_max_cycles;
8732 	cmd->delay_start_time = pno->delay_start_time;
8733 
8734 	if (pno->enable_pno_scan_randomization) {
8735 		cmd->flags |= WMI_NLO_CONFIG_SPOOFED_MAC_IN_PROBE_REQ |
8736 				WMI_NLO_CONFIG_RANDOM_SEQ_NO_IN_PROBE_REQ;
8737 		ether_addr_copy(cmd->mac_addr.addr, pno->mac_addr);
8738 		ether_addr_copy(cmd->mac_mask.addr, pno->mac_addr_mask);
8739 		ath11k_ce_byte_swap(cmd->mac_addr.addr, 8);
8740 		ath11k_ce_byte_swap(cmd->mac_mask.addr, 8);
8741 	}
8742 
8743 	ptr += sizeof(*cmd);
8744 
8745 	/* nlo_configured_parameters(nlo_list) */
8746 	cmd->no_of_ssids = pno->uc_networks_count;
8747 	tlv = (struct wmi_tlv *)ptr;
8748 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
8749 				 WMI_TAG_ARRAY_STRUCT) |
8750 		      FIELD_PREP(WMI_TLV_LEN, nlo_list_len);
8751 
8752 	ptr += sizeof(*tlv);
8753 	nlo_list = (struct nlo_configured_parameters *)ptr;
8754 	for (i = 0; i < cmd->no_of_ssids; i++) {
8755 		tlv = (struct wmi_tlv *)(&nlo_list[i].tlv_header);
8756 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
8757 			      FIELD_PREP(WMI_TLV_LEN, sizeof(*nlo_list) - sizeof(*tlv));
8758 
8759 		nlo_list[i].ssid.valid = true;
8760 		nlo_list[i].ssid.ssid.ssid_len = pno->a_networks[i].ssid.ssid_len;
8761 		memcpy(nlo_list[i].ssid.ssid.ssid,
8762 		       pno->a_networks[i].ssid.ssid,
8763 		       nlo_list[i].ssid.ssid.ssid_len);
8764 		ath11k_ce_byte_swap(nlo_list[i].ssid.ssid.ssid,
8765 				    roundup(nlo_list[i].ssid.ssid.ssid_len, 4));
8766 
8767 		if (pno->a_networks[i].rssi_threshold &&
8768 		    pno->a_networks[i].rssi_threshold > -300) {
8769 			nlo_list[i].rssi_cond.valid = true;
8770 			nlo_list[i].rssi_cond.rssi =
8771 				pno->a_networks[i].rssi_threshold;
8772 		}
8773 
8774 		nlo_list[i].bcast_nw_type.valid = true;
8775 		nlo_list[i].bcast_nw_type.bcast_nw_type =
8776 			pno->a_networks[i].bcast_nw_type;
8777 	}
8778 
8779 	ptr += nlo_list_len;
8780 	cmd->num_of_channels = pno->a_networks[0].channel_count;
8781 	tlv = (struct wmi_tlv *)ptr;
8782 	tlv->header =  FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_UINT32) |
8783 		       FIELD_PREP(WMI_TLV_LEN, channel_list_len);
8784 	ptr += sizeof(*tlv);
8785 	channel_list = (u32 *)ptr;
8786 	for (i = 0; i < cmd->num_of_channels; i++)
8787 		channel_list[i] = pno->a_networks[0].channels[i];
8788 
8789 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi tlv start pno config vdev_id %d\n",
8790 		   vdev_id);
8791 
8792 	return skb;
8793 }
8794 
8795 static struct sk_buff *ath11k_wmi_op_gen_config_pno_stop(struct ath11k *ar,
8796 							 u32 vdev_id)
8797 {
8798 	struct wmi_wow_nlo_config_cmd *cmd;
8799 	struct sk_buff *skb;
8800 	size_t len;
8801 
8802 	len = sizeof(*cmd);
8803 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8804 	if (!skb)
8805 		return ERR_PTR(-ENOMEM);
8806 
8807 	cmd = (struct wmi_wow_nlo_config_cmd *)skb->data;
8808 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_NLO_CONFIG_CMD) |
8809 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
8810 
8811 	cmd->vdev_id = vdev_id;
8812 	cmd->flags = WMI_NLO_CONFIG_STOP;
8813 
8814 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
8815 		   "wmi tlv stop pno config vdev_id %d\n", vdev_id);
8816 	return skb;
8817 }
8818 
8819 int ath11k_wmi_wow_config_pno(struct ath11k *ar, u32 vdev_id,
8820 			      struct wmi_pno_scan_req  *pno_scan)
8821 {
8822 	struct sk_buff *skb;
8823 
8824 	if (pno_scan->enable)
8825 		skb = ath11k_wmi_op_gen_config_pno_start(ar, vdev_id, pno_scan);
8826 	else
8827 		skb = ath11k_wmi_op_gen_config_pno_stop(ar, vdev_id);
8828 
8829 	if (IS_ERR_OR_NULL(skb))
8830 		return -ENOMEM;
8831 
8832 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_NETWORK_LIST_OFFLOAD_CONFIG_CMDID);
8833 }
8834 
8835 static void ath11k_wmi_fill_ns_offload(struct ath11k *ar,
8836 				       struct ath11k_arp_ns_offload *offload,
8837 				       u8 **ptr,
8838 				       bool enable,
8839 				       bool ext)
8840 {
8841 	struct wmi_ns_offload_tuple *ns;
8842 	struct wmi_tlv *tlv;
8843 	u8 *buf_ptr = *ptr;
8844 	u32 ns_cnt, ns_ext_tuples;
8845 	int i, max_offloads;
8846 
8847 	ns_cnt = offload->ipv6_count;
8848 
8849 	tlv  = (struct wmi_tlv *)buf_ptr;
8850 
8851 	if (ext) {
8852 		ns_ext_tuples = offload->ipv6_count - WMI_MAX_NS_OFFLOADS;
8853 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
8854 			      FIELD_PREP(WMI_TLV_LEN, ns_ext_tuples * sizeof(*ns));
8855 		i = WMI_MAX_NS_OFFLOADS;
8856 		max_offloads = offload->ipv6_count;
8857 	} else {
8858 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
8859 			      FIELD_PREP(WMI_TLV_LEN, WMI_MAX_NS_OFFLOADS * sizeof(*ns));
8860 		i = 0;
8861 		max_offloads = WMI_MAX_NS_OFFLOADS;
8862 	}
8863 
8864 	buf_ptr += sizeof(*tlv);
8865 
8866 	for (; i < max_offloads; i++) {
8867 		ns = (struct wmi_ns_offload_tuple *)buf_ptr;
8868 		ns->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_NS_OFFLOAD_TUPLE) |
8869 				 FIELD_PREP(WMI_TLV_LEN, sizeof(*ns) - TLV_HDR_SIZE);
8870 
8871 		if (enable) {
8872 			if (i < ns_cnt)
8873 				ns->flags |= WMI_NSOL_FLAGS_VALID;
8874 
8875 			memcpy(ns->target_ipaddr[0], offload->ipv6_addr[i], 16);
8876 			memcpy(ns->solicitation_ipaddr, offload->self_ipv6_addr[i], 16);
8877 			ath11k_ce_byte_swap(ns->target_ipaddr[0], 16);
8878 			ath11k_ce_byte_swap(ns->solicitation_ipaddr, 16);
8879 
8880 			if (offload->ipv6_type[i])
8881 				ns->flags |= WMI_NSOL_FLAGS_IS_IPV6_ANYCAST;
8882 
8883 			memcpy(ns->target_mac.addr, offload->mac_addr, ETH_ALEN);
8884 			ath11k_ce_byte_swap(ns->target_mac.addr, 8);
8885 
8886 			if (ns->target_mac.word0 != 0 ||
8887 			    ns->target_mac.word1 != 0) {
8888 				ns->flags |= WMI_NSOL_FLAGS_MAC_VALID;
8889 			}
8890 
8891 			ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
8892 				   "wmi index %d ns_solicited %pI6 target %pI6",
8893 				   i, ns->solicitation_ipaddr,
8894 				   ns->target_ipaddr[0]);
8895 		}
8896 
8897 		buf_ptr += sizeof(*ns);
8898 	}
8899 
8900 	*ptr = buf_ptr;
8901 }
8902 
8903 static void ath11k_wmi_fill_arp_offload(struct ath11k *ar,
8904 					struct ath11k_arp_ns_offload *offload,
8905 					u8 **ptr,
8906 					bool enable)
8907 {
8908 	struct wmi_arp_offload_tuple *arp;
8909 	struct wmi_tlv *tlv;
8910 	u8 *buf_ptr = *ptr;
8911 	int i;
8912 
8913 	/* fill arp tuple */
8914 	tlv = (struct wmi_tlv *)buf_ptr;
8915 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
8916 		      FIELD_PREP(WMI_TLV_LEN, WMI_MAX_ARP_OFFLOADS * sizeof(*arp));
8917 	buf_ptr += sizeof(*tlv);
8918 
8919 	for (i = 0; i < WMI_MAX_ARP_OFFLOADS; i++) {
8920 		arp = (struct wmi_arp_offload_tuple *)buf_ptr;
8921 		arp->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARP_OFFLOAD_TUPLE) |
8922 				  FIELD_PREP(WMI_TLV_LEN, sizeof(*arp) - TLV_HDR_SIZE);
8923 
8924 		if (enable && i < offload->ipv4_count) {
8925 			/* Copy the target ip addr and flags */
8926 			arp->flags = WMI_ARPOL_FLAGS_VALID;
8927 			memcpy(arp->target_ipaddr, offload->ipv4_addr[i], 4);
8928 			ath11k_ce_byte_swap(arp->target_ipaddr, 4);
8929 
8930 			ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi arp offload address %pI4",
8931 				   arp->target_ipaddr);
8932 		}
8933 
8934 		buf_ptr += sizeof(*arp);
8935 	}
8936 
8937 	*ptr = buf_ptr;
8938 }
8939 
8940 int ath11k_wmi_arp_ns_offload(struct ath11k *ar,
8941 			      struct ath11k_vif *arvif, bool enable)
8942 {
8943 	struct ath11k_arp_ns_offload *offload;
8944 	struct wmi_set_arp_ns_offload_cmd *cmd;
8945 	struct wmi_tlv *tlv;
8946 	struct sk_buff *skb;
8947 	u8 *buf_ptr;
8948 	size_t len;
8949 	u8 ns_cnt, ns_ext_tuples = 0;
8950 
8951 	offload = &arvif->arp_ns_offload;
8952 	ns_cnt = offload->ipv6_count;
8953 
8954 	len = sizeof(*cmd) +
8955 	      sizeof(*tlv) +
8956 	      WMI_MAX_NS_OFFLOADS * sizeof(struct wmi_ns_offload_tuple) +
8957 	      sizeof(*tlv) +
8958 	      WMI_MAX_ARP_OFFLOADS * sizeof(struct wmi_arp_offload_tuple);
8959 
8960 	if (ns_cnt > WMI_MAX_NS_OFFLOADS) {
8961 		ns_ext_tuples = ns_cnt - WMI_MAX_NS_OFFLOADS;
8962 		len += sizeof(*tlv) +
8963 		       ns_ext_tuples * sizeof(struct wmi_ns_offload_tuple);
8964 	}
8965 
8966 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8967 	if (!skb)
8968 		return -ENOMEM;
8969 
8970 	buf_ptr = skb->data;
8971 	cmd = (struct wmi_set_arp_ns_offload_cmd *)buf_ptr;
8972 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
8973 				     WMI_TAG_SET_ARP_NS_OFFLOAD_CMD) |
8974 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8975 
8976 	cmd->flags = 0;
8977 	cmd->vdev_id = arvif->vdev_id;
8978 	cmd->num_ns_ext_tuples = ns_ext_tuples;
8979 
8980 	buf_ptr += sizeof(*cmd);
8981 
8982 	ath11k_wmi_fill_ns_offload(ar, offload, &buf_ptr, enable, 0);
8983 	ath11k_wmi_fill_arp_offload(ar, offload, &buf_ptr, enable);
8984 
8985 	if (ns_ext_tuples)
8986 		ath11k_wmi_fill_ns_offload(ar, offload, &buf_ptr, enable, 1);
8987 
8988 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_SET_ARP_NS_OFFLOAD_CMDID);
8989 }
8990 
8991 int ath11k_wmi_gtk_rekey_offload(struct ath11k *ar,
8992 				 struct ath11k_vif *arvif, bool enable)
8993 {
8994 	struct wmi_gtk_rekey_offload_cmd *cmd;
8995 	struct ath11k_rekey_data *rekey_data = &arvif->rekey_data;
8996 	int len;
8997 	struct sk_buff *skb;
8998 	__le64 replay_ctr;
8999 
9000 	len = sizeof(*cmd);
9001 	skb =  ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9002 	if (!skb)
9003 		return -ENOMEM;
9004 
9005 	cmd = (struct wmi_gtk_rekey_offload_cmd *)skb->data;
9006 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_GTK_OFFLOAD_CMD) |
9007 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9008 
9009 	cmd->vdev_id = arvif->vdev_id;
9010 
9011 	if (enable) {
9012 		cmd->flags = GTK_OFFLOAD_ENABLE_OPCODE;
9013 
9014 		/* the length in rekey_data and cmd is equal */
9015 		memcpy(cmd->kck, rekey_data->kck, sizeof(cmd->kck));
9016 		ath11k_ce_byte_swap(cmd->kck, GTK_OFFLOAD_KEK_BYTES);
9017 		memcpy(cmd->kek, rekey_data->kek, sizeof(cmd->kek));
9018 		ath11k_ce_byte_swap(cmd->kek, GTK_OFFLOAD_KEK_BYTES);
9019 
9020 		replay_ctr = cpu_to_le64(rekey_data->replay_ctr);
9021 		memcpy(cmd->replay_ctr, &replay_ctr,
9022 		       sizeof(replay_ctr));
9023 		ath11k_ce_byte_swap(cmd->replay_ctr, GTK_REPLAY_COUNTER_BYTES);
9024 	} else {
9025 		cmd->flags = GTK_OFFLOAD_DISABLE_OPCODE;
9026 	}
9027 
9028 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "offload gtk rekey vdev: %d %d\n",
9029 		   arvif->vdev_id, enable);
9030 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_GTK_OFFLOAD_CMDID);
9031 }
9032 
9033 int ath11k_wmi_gtk_rekey_getinfo(struct ath11k *ar,
9034 				 struct ath11k_vif *arvif)
9035 {
9036 	struct wmi_gtk_rekey_offload_cmd *cmd;
9037 	int len;
9038 	struct sk_buff *skb;
9039 
9040 	len = sizeof(*cmd);
9041 	skb =  ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9042 	if (!skb)
9043 		return -ENOMEM;
9044 
9045 	cmd = (struct wmi_gtk_rekey_offload_cmd *)skb->data;
9046 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_GTK_OFFLOAD_CMD) |
9047 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9048 
9049 	cmd->vdev_id = arvif->vdev_id;
9050 	cmd->flags = GTK_OFFLOAD_REQUEST_STATUS_OPCODE;
9051 
9052 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "get gtk rekey vdev_id: %d\n",
9053 		   arvif->vdev_id);
9054 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_GTK_OFFLOAD_CMDID);
9055 }
9056 
9057 int ath11k_wmi_pdev_set_bios_sar_table_param(struct ath11k *ar, const u8 *sar_val)
9058 {	struct ath11k_pdev_wmi *wmi = ar->wmi;
9059 	struct wmi_pdev_set_sar_table_cmd *cmd;
9060 	struct wmi_tlv *tlv;
9061 	struct sk_buff *skb;
9062 	u8 *buf_ptr;
9063 	u32 len, sar_len_aligned, rsvd_len_aligned;
9064 
9065 	sar_len_aligned = roundup(BIOS_SAR_TABLE_LEN, sizeof(u32));
9066 	rsvd_len_aligned = roundup(BIOS_SAR_RSVD1_LEN, sizeof(u32));
9067 	len = sizeof(*cmd) +
9068 	      TLV_HDR_SIZE + sar_len_aligned +
9069 	      TLV_HDR_SIZE + rsvd_len_aligned;
9070 
9071 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
9072 	if (!skb)
9073 		return -ENOMEM;
9074 
9075 	cmd = (struct wmi_pdev_set_sar_table_cmd *)skb->data;
9076 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SET_BIOS_SAR_TABLE_CMD) |
9077 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9078 	cmd->pdev_id = ar->pdev->pdev_id;
9079 	cmd->sar_len = BIOS_SAR_TABLE_LEN;
9080 	cmd->rsvd_len = BIOS_SAR_RSVD1_LEN;
9081 
9082 	buf_ptr = skb->data + sizeof(*cmd);
9083 	tlv = (struct wmi_tlv *)buf_ptr;
9084 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
9085 		      FIELD_PREP(WMI_TLV_LEN, sar_len_aligned);
9086 	buf_ptr += TLV_HDR_SIZE;
9087 	memcpy(buf_ptr, sar_val, BIOS_SAR_TABLE_LEN);
9088 
9089 	buf_ptr += sar_len_aligned;
9090 	tlv = (struct wmi_tlv *)buf_ptr;
9091 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
9092 		      FIELD_PREP(WMI_TLV_LEN, rsvd_len_aligned);
9093 
9094 	return ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_BIOS_SAR_TABLE_CMDID);
9095 }
9096 
9097 int ath11k_wmi_pdev_set_bios_geo_table_param(struct ath11k *ar)
9098 {
9099 	struct ath11k_pdev_wmi *wmi = ar->wmi;
9100 	struct wmi_pdev_set_geo_table_cmd *cmd;
9101 	struct wmi_tlv *tlv;
9102 	struct sk_buff *skb;
9103 	u8 *buf_ptr;
9104 	u32 len, rsvd_len_aligned;
9105 
9106 	rsvd_len_aligned = roundup(BIOS_SAR_RSVD2_LEN, sizeof(u32));
9107 	len = sizeof(*cmd) + TLV_HDR_SIZE + rsvd_len_aligned;
9108 
9109 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
9110 	if (!skb)
9111 		return -ENOMEM;
9112 
9113 	cmd = (struct wmi_pdev_set_geo_table_cmd *)skb->data;
9114 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SET_BIOS_GEO_TABLE_CMD) |
9115 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9116 	cmd->pdev_id = ar->pdev->pdev_id;
9117 	cmd->rsvd_len = BIOS_SAR_RSVD2_LEN;
9118 
9119 	buf_ptr = skb->data + sizeof(*cmd);
9120 	tlv = (struct wmi_tlv *)buf_ptr;
9121 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
9122 		      FIELD_PREP(WMI_TLV_LEN, rsvd_len_aligned);
9123 
9124 	return ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_BIOS_GEO_TABLE_CMDID);
9125 }
9126 
9127 int ath11k_wmi_sta_keepalive(struct ath11k *ar,
9128 			     const struct wmi_sta_keepalive_arg *arg)
9129 {
9130 	struct ath11k_pdev_wmi *wmi = ar->wmi;
9131 	struct wmi_sta_keepalive_cmd *cmd;
9132 	struct wmi_sta_keepalive_arp_resp *arp;
9133 	struct sk_buff *skb;
9134 	size_t len;
9135 
9136 	len = sizeof(*cmd) + sizeof(*arp);
9137 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
9138 	if (!skb)
9139 		return -ENOMEM;
9140 
9141 	cmd = (struct wmi_sta_keepalive_cmd *)skb->data;
9142 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
9143 				     WMI_TAG_STA_KEEPALIVE_CMD) |
9144 				     FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9145 	cmd->vdev_id = arg->vdev_id;
9146 	cmd->enabled = arg->enabled;
9147 	cmd->interval = arg->interval;
9148 	cmd->method = arg->method;
9149 
9150 	arp = (struct wmi_sta_keepalive_arp_resp *)(cmd + 1);
9151 	arp->tlv_header = FIELD_PREP(WMI_TLV_TAG,
9152 				     WMI_TAG_STA_KEEPALIVE_ARP_RESPONSE) |
9153 			 FIELD_PREP(WMI_TLV_LEN, sizeof(*arp) - TLV_HDR_SIZE);
9154 
9155 	if (arg->method == WMI_STA_KEEPALIVE_METHOD_UNSOLICITED_ARP_RESPONSE ||
9156 	    arg->method == WMI_STA_KEEPALIVE_METHOD_GRATUITOUS_ARP_REQUEST) {
9157 		arp->src_ip4_addr = arg->src_ip4_addr;
9158 		arp->dest_ip4_addr = arg->dest_ip4_addr;
9159 		ether_addr_copy(arp->dest_mac_addr.addr, arg->dest_mac_addr);
9160 	}
9161 
9162 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
9163 		   "wmi sta keepalive vdev %d enabled %d method %d interval %d\n",
9164 		   arg->vdev_id, arg->enabled, arg->method, arg->interval);
9165 
9166 	return ath11k_wmi_cmd_send(wmi, skb, WMI_STA_KEEPALIVE_CMDID);
9167 }
9168