xref: /openbmc/linux/drivers/net/wireless/ath/ath11k/wmi.c (revision b0bc615df488abd0e95107e4a9ecefb9bf8c250a) 
1 // SPDX-License-Identifier: BSD-3-Clause-Clear
2 /*
3  * Copyright (c) 2018-2019 The Linux Foundation. All rights reserved.
4  * Copyright (c) 2021, Qualcomm Innovation Center, Inc. All rights reserved.
5  */
6 #include <linux/skbuff.h>
7 #include <linux/ctype.h>
8 #include <net/mac80211.h>
9 #include <net/cfg80211.h>
10 #include <linux/completion.h>
11 #include <linux/if_ether.h>
12 #include <linux/types.h>
13 #include <linux/pci.h>
14 #include <linux/uuid.h>
15 #include <linux/time.h>
16 #include <linux/of.h>
17 #include "core.h"
18 #include "debug.h"
19 #include "mac.h"
20 #include "hw.h"
21 #include "peer.h"
22 
23 struct wmi_tlv_policy {
24 	size_t min_len;
25 };
26 
27 struct wmi_tlv_svc_ready_parse {
28 	bool wmi_svc_bitmap_done;
29 };
30 
31 struct wmi_tlv_dma_ring_caps_parse {
32 	struct wmi_dma_ring_capabilities *dma_ring_caps;
33 	u32 n_dma_ring_caps;
34 };
35 
36 struct wmi_tlv_svc_rdy_ext_parse {
37 	struct ath11k_service_ext_param param;
38 	struct wmi_soc_mac_phy_hw_mode_caps *hw_caps;
39 	struct wmi_hw_mode_capabilities *hw_mode_caps;
40 	u32 n_hw_mode_caps;
41 	u32 tot_phy_id;
42 	struct wmi_hw_mode_capabilities pref_hw_mode_caps;
43 	struct wmi_mac_phy_capabilities *mac_phy_caps;
44 	u32 n_mac_phy_caps;
45 	struct wmi_soc_hal_reg_capabilities *soc_hal_reg_caps;
46 	struct wmi_hal_reg_capabilities_ext *ext_hal_reg_caps;
47 	u32 n_ext_hal_reg_caps;
48 	struct wmi_tlv_dma_ring_caps_parse dma_caps_parse;
49 	bool hw_mode_done;
50 	bool mac_phy_done;
51 	bool ext_hal_reg_done;
52 	bool mac_phy_chainmask_combo_done;
53 	bool mac_phy_chainmask_cap_done;
54 	bool oem_dma_ring_cap_done;
55 	bool dma_ring_cap_done;
56 };
57 
58 struct wmi_tlv_svc_rdy_ext2_parse {
59 	struct wmi_tlv_dma_ring_caps_parse dma_caps_parse;
60 	bool dma_ring_cap_done;
61 };
62 
63 struct wmi_tlv_rdy_parse {
64 	u32 num_extra_mac_addr;
65 };
66 
67 struct wmi_tlv_dma_buf_release_parse {
68 	struct ath11k_wmi_dma_buf_release_fixed_param fixed;
69 	struct wmi_dma_buf_release_entry *buf_entry;
70 	struct wmi_dma_buf_release_meta_data *meta_data;
71 	u32 num_buf_entry;
72 	u32 num_meta;
73 	bool buf_entry_done;
74 	bool meta_data_done;
75 };
76 
77 struct wmi_tlv_fw_stats_parse {
78 	const struct wmi_stats_event *ev;
79 	const struct wmi_per_chain_rssi_stats *rssi;
80 	struct ath11k_fw_stats *stats;
81 	int rssi_num;
82 	bool chain_rssi_done;
83 };
84 
85 static const struct wmi_tlv_policy wmi_tlv_policies[] = {
86 	[WMI_TAG_ARRAY_BYTE]
87 		= { .min_len = 0 },
88 	[WMI_TAG_ARRAY_UINT32]
89 		= { .min_len = 0 },
90 	[WMI_TAG_SERVICE_READY_EVENT]
91 		= { .min_len = sizeof(struct wmi_service_ready_event) },
92 	[WMI_TAG_SERVICE_READY_EXT_EVENT]
93 		= { .min_len =  sizeof(struct wmi_service_ready_ext_event) },
94 	[WMI_TAG_SOC_MAC_PHY_HW_MODE_CAPS]
95 		= { .min_len = sizeof(struct wmi_soc_mac_phy_hw_mode_caps) },
96 	[WMI_TAG_SOC_HAL_REG_CAPABILITIES]
97 		= { .min_len = sizeof(struct wmi_soc_hal_reg_capabilities) },
98 	[WMI_TAG_VDEV_START_RESPONSE_EVENT]
99 		= { .min_len = sizeof(struct wmi_vdev_start_resp_event) },
100 	[WMI_TAG_PEER_DELETE_RESP_EVENT]
101 		= { .min_len = sizeof(struct wmi_peer_delete_resp_event) },
102 	[WMI_TAG_OFFLOAD_BCN_TX_STATUS_EVENT]
103 		= { .min_len = sizeof(struct wmi_bcn_tx_status_event) },
104 	[WMI_TAG_VDEV_STOPPED_EVENT]
105 		= { .min_len = sizeof(struct wmi_vdev_stopped_event) },
106 	[WMI_TAG_REG_CHAN_LIST_CC_EVENT]
107 		= { .min_len = sizeof(struct wmi_reg_chan_list_cc_event) },
108 	[WMI_TAG_REG_CHAN_LIST_CC_EXT_EVENT]
109 		= { .min_len = sizeof(struct wmi_reg_chan_list_cc_ext_event) },
110 	[WMI_TAG_MGMT_RX_HDR]
111 		= { .min_len = sizeof(struct wmi_mgmt_rx_hdr) },
112 	[WMI_TAG_MGMT_TX_COMPL_EVENT]
113 		= { .min_len = sizeof(struct wmi_mgmt_tx_compl_event) },
114 	[WMI_TAG_SCAN_EVENT]
115 		= { .min_len = sizeof(struct wmi_scan_event) },
116 	[WMI_TAG_PEER_STA_KICKOUT_EVENT]
117 		= { .min_len = sizeof(struct wmi_peer_sta_kickout_event) },
118 	[WMI_TAG_ROAM_EVENT]
119 		= { .min_len = sizeof(struct wmi_roam_event) },
120 	[WMI_TAG_CHAN_INFO_EVENT]
121 		= { .min_len = sizeof(struct wmi_chan_info_event) },
122 	[WMI_TAG_PDEV_BSS_CHAN_INFO_EVENT]
123 		= { .min_len = sizeof(struct wmi_pdev_bss_chan_info_event) },
124 	[WMI_TAG_VDEV_INSTALL_KEY_COMPLETE_EVENT]
125 		= { .min_len = sizeof(struct wmi_vdev_install_key_compl_event) },
126 	[WMI_TAG_READY_EVENT] = {
127 		.min_len = sizeof(struct wmi_ready_event_min) },
128 	[WMI_TAG_SERVICE_AVAILABLE_EVENT]
129 		= {.min_len = sizeof(struct wmi_service_available_event) },
130 	[WMI_TAG_PEER_ASSOC_CONF_EVENT]
131 		= { .min_len = sizeof(struct wmi_peer_assoc_conf_event) },
132 	[WMI_TAG_STATS_EVENT]
133 		= { .min_len = sizeof(struct wmi_stats_event) },
134 	[WMI_TAG_PDEV_CTL_FAILSAFE_CHECK_EVENT]
135 		= { .min_len = sizeof(struct wmi_pdev_ctl_failsafe_chk_event) },
136 	[WMI_TAG_HOST_SWFDA_EVENT] = {
137 		.min_len = sizeof(struct wmi_fils_discovery_event) },
138 	[WMI_TAG_OFFLOAD_PRB_RSP_TX_STATUS_EVENT] = {
139 		.min_len = sizeof(struct wmi_probe_resp_tx_status_event) },
140 	[WMI_TAG_VDEV_DELETE_RESP_EVENT] = {
141 		.min_len = sizeof(struct wmi_vdev_delete_resp_event) },
142 	[WMI_TAG_OBSS_COLOR_COLLISION_EVT] = {
143 		.min_len = sizeof(struct wmi_obss_color_collision_event) },
144 	[WMI_TAG_11D_NEW_COUNTRY_EVENT] = {
145 		.min_len = sizeof(struct wmi_11d_new_cc_ev) },
146 	[WMI_TAG_PER_CHAIN_RSSI_STATS] = {
147 		.min_len = sizeof(struct wmi_per_chain_rssi_stats) },
148 	[WMI_TAG_TWT_ADD_DIALOG_COMPLETE_EVENT] = {
149 		.min_len = sizeof(struct wmi_twt_add_dialog_event) },
150 };
151 
152 #define PRIMAP(_hw_mode_) \
153 	[_hw_mode_] = _hw_mode_##_PRI
154 
155 static const int ath11k_hw_mode_pri_map[] = {
156 	PRIMAP(WMI_HOST_HW_MODE_SINGLE),
157 	PRIMAP(WMI_HOST_HW_MODE_DBS),
158 	PRIMAP(WMI_HOST_HW_MODE_SBS_PASSIVE),
159 	PRIMAP(WMI_HOST_HW_MODE_SBS),
160 	PRIMAP(WMI_HOST_HW_MODE_DBS_SBS),
161 	PRIMAP(WMI_HOST_HW_MODE_DBS_OR_SBS),
162 	/* keep last */
163 	PRIMAP(WMI_HOST_HW_MODE_MAX),
164 };
165 
166 static int
167 ath11k_wmi_tlv_iter(struct ath11k_base *ab, const void *ptr, size_t len,
168 		    int (*iter)(struct ath11k_base *ab, u16 tag, u16 len,
169 				const void *ptr, void *data),
170 		    void *data)
171 {
172 	const void *begin = ptr;
173 	const struct wmi_tlv *tlv;
174 	u16 tlv_tag, tlv_len;
175 	int ret;
176 
177 	while (len > 0) {
178 		if (len < sizeof(*tlv)) {
179 			ath11k_err(ab, "wmi tlv parse failure at byte %zd (%zu bytes left, %zu expected)\n",
180 				   ptr - begin, len, sizeof(*tlv));
181 			return -EINVAL;
182 		}
183 
184 		tlv = ptr;
185 		tlv_tag = FIELD_GET(WMI_TLV_TAG, tlv->header);
186 		tlv_len = FIELD_GET(WMI_TLV_LEN, tlv->header);
187 		ptr += sizeof(*tlv);
188 		len -= sizeof(*tlv);
189 
190 		if (tlv_len > len) {
191 			ath11k_err(ab, "wmi tlv parse failure of tag %u at byte %zd (%zu bytes left, %u expected)\n",
192 				   tlv_tag, ptr - begin, len, tlv_len);
193 			return -EINVAL;
194 		}
195 
196 		if (tlv_tag < ARRAY_SIZE(wmi_tlv_policies) &&
197 		    wmi_tlv_policies[tlv_tag].min_len &&
198 		    wmi_tlv_policies[tlv_tag].min_len > tlv_len) {
199 			ath11k_err(ab, "wmi tlv parse failure of tag %u at byte %zd (%u bytes is less than min length %zu)\n",
200 				   tlv_tag, ptr - begin, tlv_len,
201 				   wmi_tlv_policies[tlv_tag].min_len);
202 			return -EINVAL;
203 		}
204 
205 		ret = iter(ab, tlv_tag, tlv_len, ptr, data);
206 		if (ret)
207 			return ret;
208 
209 		ptr += tlv_len;
210 		len -= tlv_len;
211 	}
212 
213 	return 0;
214 }
215 
216 static int ath11k_wmi_tlv_iter_parse(struct ath11k_base *ab, u16 tag, u16 len,
217 				     const void *ptr, void *data)
218 {
219 	const void **tb = data;
220 
221 	if (tag < WMI_TAG_MAX)
222 		tb[tag] = ptr;
223 
224 	return 0;
225 }
226 
227 static int ath11k_wmi_tlv_parse(struct ath11k_base *ar, const void **tb,
228 				const void *ptr, size_t len)
229 {
230 	return ath11k_wmi_tlv_iter(ar, ptr, len, ath11k_wmi_tlv_iter_parse,
231 				   (void *)tb);
232 }
233 
234 static const void **
235 ath11k_wmi_tlv_parse_alloc(struct ath11k_base *ab, const void *ptr,
236 			   size_t len, gfp_t gfp)
237 {
238 	const void **tb;
239 	int ret;
240 
241 	tb = kcalloc(WMI_TAG_MAX, sizeof(*tb), gfp);
242 	if (!tb)
243 		return ERR_PTR(-ENOMEM);
244 
245 	ret = ath11k_wmi_tlv_parse(ab, tb, ptr, len);
246 	if (ret) {
247 		kfree(tb);
248 		return ERR_PTR(ret);
249 	}
250 
251 	return tb;
252 }
253 
254 static int ath11k_wmi_cmd_send_nowait(struct ath11k_pdev_wmi *wmi, struct sk_buff *skb,
255 				      u32 cmd_id)
256 {
257 	struct ath11k_skb_cb *skb_cb = ATH11K_SKB_CB(skb);
258 	struct ath11k_base *ab = wmi->wmi_ab->ab;
259 	struct wmi_cmd_hdr *cmd_hdr;
260 	int ret;
261 	u32 cmd = 0;
262 
263 	if (skb_push(skb, sizeof(struct wmi_cmd_hdr)) == NULL)
264 		return -ENOMEM;
265 
266 	cmd |= FIELD_PREP(WMI_CMD_HDR_CMD_ID, cmd_id);
267 
268 	cmd_hdr = (struct wmi_cmd_hdr *)skb->data;
269 	cmd_hdr->cmd_id = cmd;
270 
271 	trace_ath11k_wmi_cmd(ab, cmd_id, skb->data, skb->len);
272 
273 	memset(skb_cb, 0, sizeof(*skb_cb));
274 	ret = ath11k_htc_send(&ab->htc, wmi->eid, skb);
275 
276 	if (ret)
277 		goto err_pull;
278 
279 	return 0;
280 
281 err_pull:
282 	skb_pull(skb, sizeof(struct wmi_cmd_hdr));
283 	return ret;
284 }
285 
286 int ath11k_wmi_cmd_send(struct ath11k_pdev_wmi *wmi, struct sk_buff *skb,
287 			u32 cmd_id)
288 {
289 	struct ath11k_wmi_base *wmi_sc = wmi->wmi_ab;
290 	int ret = -EOPNOTSUPP;
291 	struct ath11k_base *ab = wmi_sc->ab;
292 
293 	might_sleep();
294 
295 	if (ab->hw_params.credit_flow) {
296 		wait_event_timeout(wmi_sc->tx_credits_wq, ({
297 			ret = ath11k_wmi_cmd_send_nowait(wmi, skb, cmd_id);
298 
299 			if (ret && test_bit(ATH11K_FLAG_CRASH_FLUSH,
300 					    &wmi_sc->ab->dev_flags))
301 				ret = -ESHUTDOWN;
302 
303 			(ret != -EAGAIN);
304 			}), WMI_SEND_TIMEOUT_HZ);
305 	} else {
306 		wait_event_timeout(wmi->tx_ce_desc_wq, ({
307 			ret = ath11k_wmi_cmd_send_nowait(wmi, skb, cmd_id);
308 
309 			if (ret && test_bit(ATH11K_FLAG_CRASH_FLUSH,
310 					    &wmi_sc->ab->dev_flags))
311 				ret = -ESHUTDOWN;
312 
313 			(ret != -ENOBUFS);
314 			}), WMI_SEND_TIMEOUT_HZ);
315 	}
316 
317 	if (ret == -EAGAIN)
318 		ath11k_warn(wmi_sc->ab, "wmi command %d timeout\n", cmd_id);
319 
320 	if (ret == -ENOBUFS)
321 		ath11k_warn(wmi_sc->ab, "ce desc not available for wmi command %d\n",
322 			    cmd_id);
323 
324 	return ret;
325 }
326 
327 static int ath11k_pull_svc_ready_ext(struct ath11k_pdev_wmi *wmi_handle,
328 				     const void *ptr,
329 				     struct ath11k_service_ext_param *param)
330 {
331 	const struct wmi_service_ready_ext_event *ev = ptr;
332 
333 	if (!ev)
334 		return -EINVAL;
335 
336 	/* Move this to host based bitmap */
337 	param->default_conc_scan_config_bits = ev->default_conc_scan_config_bits;
338 	param->default_fw_config_bits =	ev->default_fw_config_bits;
339 	param->he_cap_info = ev->he_cap_info;
340 	param->mpdu_density = ev->mpdu_density;
341 	param->max_bssid_rx_filters = ev->max_bssid_rx_filters;
342 	memcpy(&param->ppet, &ev->ppet, sizeof(param->ppet));
343 
344 	return 0;
345 }
346 
347 static int
348 ath11k_pull_mac_phy_cap_svc_ready_ext(struct ath11k_pdev_wmi *wmi_handle,
349 				      struct wmi_soc_mac_phy_hw_mode_caps *hw_caps,
350 				      struct wmi_hw_mode_capabilities *wmi_hw_mode_caps,
351 				      struct wmi_soc_hal_reg_capabilities *hal_reg_caps,
352 				      struct wmi_mac_phy_capabilities *wmi_mac_phy_caps,
353 				      u8 hw_mode_id, u8 phy_id,
354 				      struct ath11k_pdev *pdev)
355 {
356 	struct wmi_mac_phy_capabilities *mac_phy_caps;
357 	struct ath11k_base *ab = wmi_handle->wmi_ab->ab;
358 	struct ath11k_band_cap *cap_band;
359 	struct ath11k_pdev_cap *pdev_cap = &pdev->cap;
360 	u32 phy_map;
361 	u32 hw_idx, phy_idx = 0;
362 
363 	if (!hw_caps || !wmi_hw_mode_caps || !hal_reg_caps)
364 		return -EINVAL;
365 
366 	for (hw_idx = 0; hw_idx < hw_caps->num_hw_modes; hw_idx++) {
367 		if (hw_mode_id == wmi_hw_mode_caps[hw_idx].hw_mode_id)
368 			break;
369 
370 		phy_map = wmi_hw_mode_caps[hw_idx].phy_id_map;
371 		while (phy_map) {
372 			phy_map >>= 1;
373 			phy_idx++;
374 		}
375 	}
376 
377 	if (hw_idx == hw_caps->num_hw_modes)
378 		return -EINVAL;
379 
380 	phy_idx += phy_id;
381 	if (phy_id >= hal_reg_caps->num_phy)
382 		return -EINVAL;
383 
384 	mac_phy_caps = wmi_mac_phy_caps + phy_idx;
385 
386 	pdev->pdev_id = mac_phy_caps->pdev_id;
387 	pdev_cap->supported_bands |= mac_phy_caps->supported_bands;
388 	pdev_cap->ampdu_density = mac_phy_caps->ampdu_density;
389 	ab->target_pdev_ids[ab->target_pdev_count].supported_bands =
390 		mac_phy_caps->supported_bands;
391 	ab->target_pdev_ids[ab->target_pdev_count].pdev_id = mac_phy_caps->pdev_id;
392 	ab->target_pdev_count++;
393 
394 	if (!(mac_phy_caps->supported_bands & WMI_HOST_WLAN_2G_CAP) &&
395 	    !(mac_phy_caps->supported_bands & WMI_HOST_WLAN_5G_CAP))
396 		return -EINVAL;
397 
398 	/* Take non-zero tx/rx chainmask. If tx/rx chainmask differs from
399 	 * band to band for a single radio, need to see how this should be
400 	 * handled.
401 	 */
402 	if (mac_phy_caps->supported_bands & WMI_HOST_WLAN_2G_CAP) {
403 		pdev_cap->tx_chain_mask = mac_phy_caps->tx_chain_mask_2g;
404 		pdev_cap->rx_chain_mask = mac_phy_caps->rx_chain_mask_2g;
405 	}
406 
407 	if (mac_phy_caps->supported_bands & WMI_HOST_WLAN_5G_CAP) {
408 		pdev_cap->vht_cap = mac_phy_caps->vht_cap_info_5g;
409 		pdev_cap->vht_mcs = mac_phy_caps->vht_supp_mcs_5g;
410 		pdev_cap->he_mcs = mac_phy_caps->he_supp_mcs_5g;
411 		pdev_cap->tx_chain_mask = mac_phy_caps->tx_chain_mask_5g;
412 		pdev_cap->rx_chain_mask = mac_phy_caps->rx_chain_mask_5g;
413 		pdev_cap->nss_ratio_enabled =
414 			WMI_NSS_RATIO_ENABLE_DISABLE_GET(mac_phy_caps->nss_ratio);
415 		pdev_cap->nss_ratio_info =
416 			WMI_NSS_RATIO_INFO_GET(mac_phy_caps->nss_ratio);
417 	}
418 
419 	/* tx/rx chainmask reported from fw depends on the actual hw chains used,
420 	 * For example, for 4x4 capable macphys, first 4 chains can be used for first
421 	 * mac and the remaining 4 chains can be used for the second mac or vice-versa.
422 	 * In this case, tx/rx chainmask 0xf will be advertised for first mac and 0xf0
423 	 * will be advertised for second mac or vice-versa. Compute the shift value
424 	 * for tx/rx chainmask which will be used to advertise supported ht/vht rates to
425 	 * mac80211.
426 	 */
427 	pdev_cap->tx_chain_mask_shift =
428 			find_first_bit((unsigned long *)&pdev_cap->tx_chain_mask, 32);
429 	pdev_cap->rx_chain_mask_shift =
430 			find_first_bit((unsigned long *)&pdev_cap->rx_chain_mask, 32);
431 
432 	if (mac_phy_caps->supported_bands & WMI_HOST_WLAN_2G_CAP) {
433 		cap_band = &pdev_cap->band[NL80211_BAND_2GHZ];
434 		cap_band->phy_id = mac_phy_caps->phy_id;
435 		cap_band->max_bw_supported = mac_phy_caps->max_bw_supported_2g;
436 		cap_band->ht_cap_info = mac_phy_caps->ht_cap_info_2g;
437 		cap_band->he_cap_info[0] = mac_phy_caps->he_cap_info_2g;
438 		cap_band->he_cap_info[1] = mac_phy_caps->he_cap_info_2g_ext;
439 		cap_band->he_mcs = mac_phy_caps->he_supp_mcs_2g;
440 		memcpy(cap_band->he_cap_phy_info, &mac_phy_caps->he_cap_phy_info_2g,
441 		       sizeof(u32) * PSOC_HOST_MAX_PHY_SIZE);
442 		memcpy(&cap_band->he_ppet, &mac_phy_caps->he_ppet2g,
443 		       sizeof(struct ath11k_ppe_threshold));
444 	}
445 
446 	if (mac_phy_caps->supported_bands & WMI_HOST_WLAN_5G_CAP) {
447 		cap_band = &pdev_cap->band[NL80211_BAND_5GHZ];
448 		cap_band->phy_id = mac_phy_caps->phy_id;
449 		cap_band->max_bw_supported = mac_phy_caps->max_bw_supported_5g;
450 		cap_band->ht_cap_info = mac_phy_caps->ht_cap_info_5g;
451 		cap_band->he_cap_info[0] = mac_phy_caps->he_cap_info_5g;
452 		cap_band->he_cap_info[1] = mac_phy_caps->he_cap_info_5g_ext;
453 		cap_band->he_mcs = mac_phy_caps->he_supp_mcs_5g;
454 		memcpy(cap_band->he_cap_phy_info, &mac_phy_caps->he_cap_phy_info_5g,
455 		       sizeof(u32) * PSOC_HOST_MAX_PHY_SIZE);
456 		memcpy(&cap_band->he_ppet, &mac_phy_caps->he_ppet5g,
457 		       sizeof(struct ath11k_ppe_threshold));
458 
459 		cap_band = &pdev_cap->band[NL80211_BAND_6GHZ];
460 		cap_band->max_bw_supported = mac_phy_caps->max_bw_supported_5g;
461 		cap_band->ht_cap_info = mac_phy_caps->ht_cap_info_5g;
462 		cap_band->he_cap_info[0] = mac_phy_caps->he_cap_info_5g;
463 		cap_band->he_cap_info[1] = mac_phy_caps->he_cap_info_5g_ext;
464 		cap_band->he_mcs = mac_phy_caps->he_supp_mcs_5g;
465 		memcpy(cap_band->he_cap_phy_info, &mac_phy_caps->he_cap_phy_info_5g,
466 		       sizeof(u32) * PSOC_HOST_MAX_PHY_SIZE);
467 		memcpy(&cap_band->he_ppet, &mac_phy_caps->he_ppet5g,
468 		       sizeof(struct ath11k_ppe_threshold));
469 	}
470 
471 	return 0;
472 }
473 
474 static int
475 ath11k_pull_reg_cap_svc_rdy_ext(struct ath11k_pdev_wmi *wmi_handle,
476 				struct wmi_soc_hal_reg_capabilities *reg_caps,
477 				struct wmi_hal_reg_capabilities_ext *wmi_ext_reg_cap,
478 				u8 phy_idx,
479 				struct ath11k_hal_reg_capabilities_ext *param)
480 {
481 	struct wmi_hal_reg_capabilities_ext *ext_reg_cap;
482 
483 	if (!reg_caps || !wmi_ext_reg_cap)
484 		return -EINVAL;
485 
486 	if (phy_idx >= reg_caps->num_phy)
487 		return -EINVAL;
488 
489 	ext_reg_cap = &wmi_ext_reg_cap[phy_idx];
490 
491 	param->phy_id = ext_reg_cap->phy_id;
492 	param->eeprom_reg_domain = ext_reg_cap->eeprom_reg_domain;
493 	param->eeprom_reg_domain_ext =
494 			      ext_reg_cap->eeprom_reg_domain_ext;
495 	param->regcap1 = ext_reg_cap->regcap1;
496 	param->regcap2 = ext_reg_cap->regcap2;
497 	/* check if param->wireless_mode is needed */
498 	param->low_2ghz_chan = ext_reg_cap->low_2ghz_chan;
499 	param->high_2ghz_chan = ext_reg_cap->high_2ghz_chan;
500 	param->low_5ghz_chan = ext_reg_cap->low_5ghz_chan;
501 	param->high_5ghz_chan = ext_reg_cap->high_5ghz_chan;
502 
503 	return 0;
504 }
505 
506 static int ath11k_pull_service_ready_tlv(struct ath11k_base *ab,
507 					 const void *evt_buf,
508 					 struct ath11k_targ_cap *cap)
509 {
510 	const struct wmi_service_ready_event *ev = evt_buf;
511 
512 	if (!ev) {
513 		ath11k_err(ab, "%s: failed by NULL param\n",
514 			   __func__);
515 		return -EINVAL;
516 	}
517 
518 	cap->phy_capability = ev->phy_capability;
519 	cap->max_frag_entry = ev->max_frag_entry;
520 	cap->num_rf_chains = ev->num_rf_chains;
521 	cap->ht_cap_info = ev->ht_cap_info;
522 	cap->vht_cap_info = ev->vht_cap_info;
523 	cap->vht_supp_mcs = ev->vht_supp_mcs;
524 	cap->hw_min_tx_power = ev->hw_min_tx_power;
525 	cap->hw_max_tx_power = ev->hw_max_tx_power;
526 	cap->sys_cap_info = ev->sys_cap_info;
527 	cap->min_pkt_size_enable = ev->min_pkt_size_enable;
528 	cap->max_bcn_ie_size = ev->max_bcn_ie_size;
529 	cap->max_num_scan_channels = ev->max_num_scan_channels;
530 	cap->max_supported_macs = ev->max_supported_macs;
531 	cap->wmi_fw_sub_feat_caps = ev->wmi_fw_sub_feat_caps;
532 	cap->txrx_chainmask = ev->txrx_chainmask;
533 	cap->default_dbs_hw_mode_index = ev->default_dbs_hw_mode_index;
534 	cap->num_msdu_desc = ev->num_msdu_desc;
535 
536 	return 0;
537 }
538 
539 /* Save the wmi_service_bitmap into a linear bitmap. The wmi_services in
540  * wmi_service ready event are advertised in b0-b3 (LSB 4-bits) of each
541  * 4-byte word.
542  */
543 static void ath11k_wmi_service_bitmap_copy(struct ath11k_pdev_wmi *wmi,
544 					   const u32 *wmi_svc_bm)
545 {
546 	int i, j;
547 
548 	for (i = 0, j = 0; i < WMI_SERVICE_BM_SIZE && j < WMI_MAX_SERVICE; i++) {
549 		do {
550 			if (wmi_svc_bm[i] & BIT(j % WMI_SERVICE_BITS_IN_SIZE32))
551 				set_bit(j, wmi->wmi_ab->svc_map);
552 		} while (++j % WMI_SERVICE_BITS_IN_SIZE32);
553 	}
554 }
555 
556 static int ath11k_wmi_tlv_svc_rdy_parse(struct ath11k_base *ab, u16 tag, u16 len,
557 					const void *ptr, void *data)
558 {
559 	struct wmi_tlv_svc_ready_parse *svc_ready = data;
560 	struct ath11k_pdev_wmi *wmi_handle = &ab->wmi_ab.wmi[0];
561 	u16 expect_len;
562 
563 	switch (tag) {
564 	case WMI_TAG_SERVICE_READY_EVENT:
565 		if (ath11k_pull_service_ready_tlv(ab, ptr, &ab->target_caps))
566 			return -EINVAL;
567 		break;
568 
569 	case WMI_TAG_ARRAY_UINT32:
570 		if (!svc_ready->wmi_svc_bitmap_done) {
571 			expect_len = WMI_SERVICE_BM_SIZE * sizeof(u32);
572 			if (len < expect_len) {
573 				ath11k_warn(ab, "invalid len %d for the tag 0x%x\n",
574 					    len, tag);
575 				return -EINVAL;
576 			}
577 
578 			ath11k_wmi_service_bitmap_copy(wmi_handle, ptr);
579 
580 			svc_ready->wmi_svc_bitmap_done = true;
581 		}
582 		break;
583 	default:
584 		break;
585 	}
586 
587 	return 0;
588 }
589 
590 static int ath11k_service_ready_event(struct ath11k_base *ab, struct sk_buff *skb)
591 {
592 	struct wmi_tlv_svc_ready_parse svc_ready = { };
593 	int ret;
594 
595 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
596 				  ath11k_wmi_tlv_svc_rdy_parse,
597 				  &svc_ready);
598 	if (ret) {
599 		ath11k_warn(ab, "failed to parse tlv %d\n", ret);
600 		return ret;
601 	}
602 
603 	return 0;
604 }
605 
606 struct sk_buff *ath11k_wmi_alloc_skb(struct ath11k_wmi_base *wmi_sc, u32 len)
607 {
608 	struct sk_buff *skb;
609 	struct ath11k_base *ab = wmi_sc->ab;
610 	u32 round_len = roundup(len, 4);
611 
612 	skb = ath11k_htc_alloc_skb(ab, WMI_SKB_HEADROOM + round_len);
613 	if (!skb)
614 		return NULL;
615 
616 	skb_reserve(skb, WMI_SKB_HEADROOM);
617 	if (!IS_ALIGNED((unsigned long)skb->data, 4))
618 		ath11k_warn(ab, "unaligned WMI skb data\n");
619 
620 	skb_put(skb, round_len);
621 	memset(skb->data, 0, round_len);
622 
623 	return skb;
624 }
625 
626 static u32 ath11k_wmi_mgmt_get_freq(struct ath11k *ar,
627 				    struct ieee80211_tx_info *info)
628 {
629 	struct ath11k_base *ab = ar->ab;
630 	u32 freq = 0;
631 
632 	if (ab->hw_params.support_off_channel_tx &&
633 	    ar->scan.is_roc &&
634 	    (info->flags & IEEE80211_TX_CTL_TX_OFFCHAN))
635 		freq = ar->scan.roc_freq;
636 
637 	return freq;
638 }
639 
640 int ath11k_wmi_mgmt_send(struct ath11k *ar, u32 vdev_id, u32 buf_id,
641 			 struct sk_buff *frame)
642 {
643 	struct ath11k_pdev_wmi *wmi = ar->wmi;
644 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(frame);
645 	struct wmi_mgmt_send_cmd *cmd;
646 	struct wmi_tlv *frame_tlv;
647 	struct sk_buff *skb;
648 	u32 buf_len;
649 	int ret, len;
650 
651 	buf_len = frame->len < WMI_MGMT_SEND_DOWNLD_LEN ?
652 		  frame->len : WMI_MGMT_SEND_DOWNLD_LEN;
653 
654 	len = sizeof(*cmd) + sizeof(*frame_tlv) + roundup(buf_len, 4);
655 
656 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
657 	if (!skb)
658 		return -ENOMEM;
659 
660 	cmd = (struct wmi_mgmt_send_cmd *)skb->data;
661 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_MGMT_TX_SEND_CMD) |
662 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
663 	cmd->vdev_id = vdev_id;
664 	cmd->desc_id = buf_id;
665 	cmd->chanfreq = ath11k_wmi_mgmt_get_freq(ar, info);
666 	cmd->paddr_lo = lower_32_bits(ATH11K_SKB_CB(frame)->paddr);
667 	cmd->paddr_hi = upper_32_bits(ATH11K_SKB_CB(frame)->paddr);
668 	cmd->frame_len = frame->len;
669 	cmd->buf_len = buf_len;
670 	cmd->tx_params_valid = 0;
671 
672 	frame_tlv = (struct wmi_tlv *)(skb->data + sizeof(*cmd));
673 	frame_tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
674 			    FIELD_PREP(WMI_TLV_LEN, buf_len);
675 
676 	memcpy(frame_tlv->value, frame->data, buf_len);
677 
678 	ath11k_ce_byte_swap(frame_tlv->value, buf_len);
679 
680 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_MGMT_TX_SEND_CMDID);
681 	if (ret) {
682 		ath11k_warn(ar->ab,
683 			    "failed to submit WMI_MGMT_TX_SEND_CMDID cmd\n");
684 		dev_kfree_skb(skb);
685 	}
686 
687 	return ret;
688 }
689 
690 int ath11k_wmi_vdev_create(struct ath11k *ar, u8 *macaddr,
691 			   struct vdev_create_params *param)
692 {
693 	struct ath11k_pdev_wmi *wmi = ar->wmi;
694 	struct wmi_vdev_create_cmd *cmd;
695 	struct sk_buff *skb;
696 	struct wmi_vdev_txrx_streams *txrx_streams;
697 	struct wmi_tlv *tlv;
698 	int ret, len;
699 	void *ptr;
700 
701 	/* It can be optimized my sending tx/rx chain configuration
702 	 * only for supported bands instead of always sending it for
703 	 * both the bands.
704 	 */
705 	len = sizeof(*cmd) + TLV_HDR_SIZE +
706 		(WMI_NUM_SUPPORTED_BAND_MAX * sizeof(*txrx_streams));
707 
708 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
709 	if (!skb)
710 		return -ENOMEM;
711 
712 	cmd = (struct wmi_vdev_create_cmd *)skb->data;
713 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_CREATE_CMD) |
714 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
715 
716 	cmd->vdev_id = param->if_id;
717 	cmd->vdev_type = param->type;
718 	cmd->vdev_subtype = param->subtype;
719 	cmd->num_cfg_txrx_streams = WMI_NUM_SUPPORTED_BAND_MAX;
720 	cmd->pdev_id = param->pdev_id;
721 	ether_addr_copy(cmd->vdev_macaddr.addr, macaddr);
722 
723 	ptr = skb->data + sizeof(*cmd);
724 	len = WMI_NUM_SUPPORTED_BAND_MAX * sizeof(*txrx_streams);
725 
726 	tlv = ptr;
727 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
728 		      FIELD_PREP(WMI_TLV_LEN, len);
729 
730 	ptr += TLV_HDR_SIZE;
731 	txrx_streams = ptr;
732 	len = sizeof(*txrx_streams);
733 	txrx_streams->tlv_header =
734 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_TXRX_STREAMS) |
735 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
736 	txrx_streams->band = WMI_TPC_CHAINMASK_CONFIG_BAND_2G;
737 	txrx_streams->supported_tx_streams =
738 				 param->chains[NL80211_BAND_2GHZ].tx;
739 	txrx_streams->supported_rx_streams =
740 				 param->chains[NL80211_BAND_2GHZ].rx;
741 
742 	txrx_streams++;
743 	txrx_streams->tlv_header =
744 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_TXRX_STREAMS) |
745 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
746 	txrx_streams->band = WMI_TPC_CHAINMASK_CONFIG_BAND_5G;
747 	txrx_streams->supported_tx_streams =
748 				 param->chains[NL80211_BAND_5GHZ].tx;
749 	txrx_streams->supported_rx_streams =
750 				 param->chains[NL80211_BAND_5GHZ].rx;
751 
752 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_CREATE_CMDID);
753 	if (ret) {
754 		ath11k_warn(ar->ab,
755 			    "failed to submit WMI_VDEV_CREATE_CMDID\n");
756 		dev_kfree_skb(skb);
757 	}
758 
759 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
760 		   "WMI vdev create: id %d type %d subtype %d macaddr %pM pdevid %d\n",
761 		   param->if_id, param->type, param->subtype,
762 		   macaddr, param->pdev_id);
763 
764 	return ret;
765 }
766 
767 int ath11k_wmi_vdev_delete(struct ath11k *ar, u8 vdev_id)
768 {
769 	struct ath11k_pdev_wmi *wmi = ar->wmi;
770 	struct wmi_vdev_delete_cmd *cmd;
771 	struct sk_buff *skb;
772 	int ret;
773 
774 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
775 	if (!skb)
776 		return -ENOMEM;
777 
778 	cmd = (struct wmi_vdev_delete_cmd *)skb->data;
779 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_DELETE_CMD) |
780 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
781 	cmd->vdev_id = vdev_id;
782 
783 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_DELETE_CMDID);
784 	if (ret) {
785 		ath11k_warn(ar->ab, "failed to submit WMI_VDEV_DELETE_CMDID\n");
786 		dev_kfree_skb(skb);
787 	}
788 
789 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "WMI vdev delete id %d\n", vdev_id);
790 
791 	return ret;
792 }
793 
794 int ath11k_wmi_vdev_stop(struct ath11k *ar, u8 vdev_id)
795 {
796 	struct ath11k_pdev_wmi *wmi = ar->wmi;
797 	struct wmi_vdev_stop_cmd *cmd;
798 	struct sk_buff *skb;
799 	int ret;
800 
801 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
802 	if (!skb)
803 		return -ENOMEM;
804 
805 	cmd = (struct wmi_vdev_stop_cmd *)skb->data;
806 
807 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_STOP_CMD) |
808 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
809 	cmd->vdev_id = vdev_id;
810 
811 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_STOP_CMDID);
812 	if (ret) {
813 		ath11k_warn(ar->ab, "failed to submit WMI_VDEV_STOP cmd\n");
814 		dev_kfree_skb(skb);
815 	}
816 
817 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "WMI vdev stop id 0x%x\n", vdev_id);
818 
819 	return ret;
820 }
821 
822 int ath11k_wmi_vdev_down(struct ath11k *ar, u8 vdev_id)
823 {
824 	struct ath11k_pdev_wmi *wmi = ar->wmi;
825 	struct wmi_vdev_down_cmd *cmd;
826 	struct sk_buff *skb;
827 	int ret;
828 
829 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
830 	if (!skb)
831 		return -ENOMEM;
832 
833 	cmd = (struct wmi_vdev_down_cmd *)skb->data;
834 
835 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_DOWN_CMD) |
836 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
837 	cmd->vdev_id = vdev_id;
838 
839 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_DOWN_CMDID);
840 	if (ret) {
841 		ath11k_warn(ar->ab, "failed to submit WMI_VDEV_DOWN cmd\n");
842 		dev_kfree_skb(skb);
843 	}
844 
845 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "WMI vdev down id 0x%x\n", vdev_id);
846 
847 	return ret;
848 }
849 
850 static void ath11k_wmi_put_wmi_channel(struct wmi_channel *chan,
851 				       struct wmi_vdev_start_req_arg *arg)
852 {
853 	u32 center_freq1 = arg->channel.band_center_freq1;
854 
855 	memset(chan, 0, sizeof(*chan));
856 
857 	chan->mhz = arg->channel.freq;
858 	chan->band_center_freq1 = arg->channel.band_center_freq1;
859 
860 	if (arg->channel.mode == MODE_11AX_HE160) {
861 		if (arg->channel.freq > arg->channel.band_center_freq1)
862 			chan->band_center_freq1 = center_freq1 + 40;
863 		else
864 			chan->band_center_freq1 = center_freq1 - 40;
865 
866 		chan->band_center_freq2 = arg->channel.band_center_freq1;
867 
868 	} else if (arg->channel.mode == MODE_11AC_VHT80_80) {
869 		chan->band_center_freq2 = arg->channel.band_center_freq2;
870 	} else {
871 		chan->band_center_freq2 = 0;
872 	}
873 
874 	chan->info |= FIELD_PREP(WMI_CHAN_INFO_MODE, arg->channel.mode);
875 	if (arg->channel.passive)
876 		chan->info |= WMI_CHAN_INFO_PASSIVE;
877 	if (arg->channel.allow_ibss)
878 		chan->info |= WMI_CHAN_INFO_ADHOC_ALLOWED;
879 	if (arg->channel.allow_ht)
880 		chan->info |= WMI_CHAN_INFO_ALLOW_HT;
881 	if (arg->channel.allow_vht)
882 		chan->info |= WMI_CHAN_INFO_ALLOW_VHT;
883 	if (arg->channel.allow_he)
884 		chan->info |= WMI_CHAN_INFO_ALLOW_HE;
885 	if (arg->channel.ht40plus)
886 		chan->info |= WMI_CHAN_INFO_HT40_PLUS;
887 	if (arg->channel.chan_radar)
888 		chan->info |= WMI_CHAN_INFO_DFS;
889 	if (arg->channel.freq2_radar)
890 		chan->info |= WMI_CHAN_INFO_DFS_FREQ2;
891 
892 	chan->reg_info_1 = FIELD_PREP(WMI_CHAN_REG_INFO1_MAX_PWR,
893 				      arg->channel.max_power) |
894 		FIELD_PREP(WMI_CHAN_REG_INFO1_MAX_REG_PWR,
895 			   arg->channel.max_reg_power);
896 
897 	chan->reg_info_2 = FIELD_PREP(WMI_CHAN_REG_INFO2_ANT_MAX,
898 				      arg->channel.max_antenna_gain) |
899 		FIELD_PREP(WMI_CHAN_REG_INFO2_MAX_TX_PWR,
900 			   arg->channel.max_power);
901 }
902 
903 int ath11k_wmi_vdev_start(struct ath11k *ar, struct wmi_vdev_start_req_arg *arg,
904 			  bool restart)
905 {
906 	struct ath11k_pdev_wmi *wmi = ar->wmi;
907 	struct wmi_vdev_start_request_cmd *cmd;
908 	struct sk_buff *skb;
909 	struct wmi_channel *chan;
910 	struct wmi_tlv *tlv;
911 	void *ptr;
912 	int ret, len;
913 
914 	if (WARN_ON(arg->ssid_len > sizeof(cmd->ssid.ssid)))
915 		return -EINVAL;
916 
917 	len = sizeof(*cmd) + sizeof(*chan) + TLV_HDR_SIZE;
918 
919 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
920 	if (!skb)
921 		return -ENOMEM;
922 
923 	cmd = (struct wmi_vdev_start_request_cmd *)skb->data;
924 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
925 				     WMI_TAG_VDEV_START_REQUEST_CMD) |
926 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
927 	cmd->vdev_id = arg->vdev_id;
928 	cmd->beacon_interval = arg->bcn_intval;
929 	cmd->bcn_tx_rate = arg->bcn_tx_rate;
930 	cmd->dtim_period = arg->dtim_period;
931 	cmd->num_noa_descriptors = arg->num_noa_descriptors;
932 	cmd->preferred_rx_streams = arg->pref_rx_streams;
933 	cmd->preferred_tx_streams = arg->pref_tx_streams;
934 	cmd->cac_duration_ms = arg->cac_duration_ms;
935 	cmd->regdomain = arg->regdomain;
936 	cmd->he_ops = arg->he_ops;
937 
938 	if (!restart) {
939 		if (arg->ssid) {
940 			cmd->ssid.ssid_len = arg->ssid_len;
941 			memcpy(cmd->ssid.ssid, arg->ssid, arg->ssid_len);
942 		}
943 		if (arg->hidden_ssid)
944 			cmd->flags |= WMI_VDEV_START_HIDDEN_SSID;
945 		if (arg->pmf_enabled)
946 			cmd->flags |= WMI_VDEV_START_PMF_ENABLED;
947 	}
948 
949 	cmd->flags |= WMI_VDEV_START_LDPC_RX_ENABLED;
950 	if (test_bit(ATH11K_FLAG_HW_CRYPTO_DISABLED, &ar->ab->dev_flags))
951 		cmd->flags |= WMI_VDEV_START_HW_ENCRYPTION_DISABLED;
952 
953 	ptr = skb->data + sizeof(*cmd);
954 	chan = ptr;
955 
956 	ath11k_wmi_put_wmi_channel(chan, arg);
957 
958 	chan->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_CHANNEL) |
959 			   FIELD_PREP(WMI_TLV_LEN,
960 				      sizeof(*chan) - TLV_HDR_SIZE);
961 	ptr += sizeof(*chan);
962 
963 	tlv = ptr;
964 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
965 		      FIELD_PREP(WMI_TLV_LEN, 0);
966 
967 	/* Note: This is a nested TLV containing:
968 	 * [wmi_tlv][wmi_p2p_noa_descriptor][wmi_tlv]..
969 	 */
970 
971 	ptr += sizeof(*tlv);
972 
973 	if (restart)
974 		ret = ath11k_wmi_cmd_send(wmi, skb,
975 					  WMI_VDEV_RESTART_REQUEST_CMDID);
976 	else
977 		ret = ath11k_wmi_cmd_send(wmi, skb,
978 					  WMI_VDEV_START_REQUEST_CMDID);
979 	if (ret) {
980 		ath11k_warn(ar->ab, "failed to submit vdev_%s cmd\n",
981 			    restart ? "restart" : "start");
982 		dev_kfree_skb(skb);
983 	}
984 
985 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "vdev %s id 0x%x freq 0x%x mode 0x%x\n",
986 		   restart ? "restart" : "start", arg->vdev_id,
987 		   arg->channel.freq, arg->channel.mode);
988 
989 	return ret;
990 }
991 
992 int ath11k_wmi_vdev_up(struct ath11k *ar, u32 vdev_id, u32 aid, const u8 *bssid)
993 {
994 	struct ath11k_pdev_wmi *wmi = ar->wmi;
995 	struct wmi_vdev_up_cmd *cmd;
996 	struct ieee80211_bss_conf *bss_conf;
997 	struct ath11k_vif *arvif;
998 	struct sk_buff *skb;
999 	int ret;
1000 
1001 	arvif = ath11k_mac_get_arvif(ar, vdev_id);
1002 
1003 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1004 	if (!skb)
1005 		return -ENOMEM;
1006 
1007 	cmd = (struct wmi_vdev_up_cmd *)skb->data;
1008 
1009 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_UP_CMD) |
1010 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1011 	cmd->vdev_id = vdev_id;
1012 	cmd->vdev_assoc_id = aid;
1013 
1014 	ether_addr_copy(cmd->vdev_bssid.addr, bssid);
1015 
1016 	if (arvif && arvif->vif->type == NL80211_IFTYPE_STATION) {
1017 		bss_conf = &arvif->vif->bss_conf;
1018 
1019 		if (bss_conf->nontransmitted) {
1020 			ether_addr_copy(cmd->trans_bssid.addr,
1021 					bss_conf->transmitter_bssid);
1022 			cmd->profile_idx = bss_conf->bssid_index;
1023 			cmd->profile_num = bss_conf->bssid_indicator;
1024 		}
1025 	}
1026 
1027 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_UP_CMDID);
1028 	if (ret) {
1029 		ath11k_warn(ar->ab, "failed to submit WMI_VDEV_UP cmd\n");
1030 		dev_kfree_skb(skb);
1031 	}
1032 
1033 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1034 		   "WMI mgmt vdev up id 0x%x assoc id %d bssid %pM\n",
1035 		   vdev_id, aid, bssid);
1036 
1037 	return ret;
1038 }
1039 
1040 int ath11k_wmi_send_peer_create_cmd(struct ath11k *ar,
1041 				    struct peer_create_params *param)
1042 {
1043 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1044 	struct wmi_peer_create_cmd *cmd;
1045 	struct sk_buff *skb;
1046 	int ret;
1047 
1048 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1049 	if (!skb)
1050 		return -ENOMEM;
1051 
1052 	cmd = (struct wmi_peer_create_cmd *)skb->data;
1053 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PEER_CREATE_CMD) |
1054 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1055 
1056 	ether_addr_copy(cmd->peer_macaddr.addr, param->peer_addr);
1057 	cmd->peer_type = param->peer_type;
1058 	cmd->vdev_id = param->vdev_id;
1059 
1060 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_CREATE_CMDID);
1061 	if (ret) {
1062 		ath11k_warn(ar->ab, "failed to submit WMI_PEER_CREATE cmd\n");
1063 		dev_kfree_skb(skb);
1064 	}
1065 
1066 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1067 		   "WMI peer create vdev_id %d peer_addr %pM\n",
1068 		   param->vdev_id, param->peer_addr);
1069 
1070 	return ret;
1071 }
1072 
1073 int ath11k_wmi_send_peer_delete_cmd(struct ath11k *ar,
1074 				    const u8 *peer_addr, u8 vdev_id)
1075 {
1076 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1077 	struct wmi_peer_delete_cmd *cmd;
1078 	struct sk_buff *skb;
1079 	int ret;
1080 
1081 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1082 	if (!skb)
1083 		return -ENOMEM;
1084 
1085 	cmd = (struct wmi_peer_delete_cmd *)skb->data;
1086 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PEER_DELETE_CMD) |
1087 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1088 
1089 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1090 	cmd->vdev_id = vdev_id;
1091 
1092 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1093 		   "WMI peer delete vdev_id %d peer_addr %pM\n",
1094 		   vdev_id,  peer_addr);
1095 
1096 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_DELETE_CMDID);
1097 	if (ret) {
1098 		ath11k_warn(ar->ab, "failed to send WMI_PEER_DELETE cmd\n");
1099 		dev_kfree_skb(skb);
1100 	}
1101 
1102 	return ret;
1103 }
1104 
1105 int ath11k_wmi_send_pdev_set_regdomain(struct ath11k *ar,
1106 				       struct pdev_set_regdomain_params *param)
1107 {
1108 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1109 	struct wmi_pdev_set_regdomain_cmd *cmd;
1110 	struct sk_buff *skb;
1111 	int ret;
1112 
1113 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1114 	if (!skb)
1115 		return -ENOMEM;
1116 
1117 	cmd = (struct wmi_pdev_set_regdomain_cmd *)skb->data;
1118 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1119 				     WMI_TAG_PDEV_SET_REGDOMAIN_CMD) |
1120 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1121 
1122 	cmd->reg_domain = param->current_rd_in_use;
1123 	cmd->reg_domain_2g = param->current_rd_2g;
1124 	cmd->reg_domain_5g = param->current_rd_5g;
1125 	cmd->conformance_test_limit_2g = param->ctl_2g;
1126 	cmd->conformance_test_limit_5g = param->ctl_5g;
1127 	cmd->dfs_domain = param->dfs_domain;
1128 	cmd->pdev_id = param->pdev_id;
1129 
1130 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1131 		   "WMI pdev regd rd %d rd2g %d rd5g %d domain %d pdev id %d\n",
1132 		   param->current_rd_in_use, param->current_rd_2g,
1133 		   param->current_rd_5g, param->dfs_domain, param->pdev_id);
1134 
1135 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_REGDOMAIN_CMDID);
1136 	if (ret) {
1137 		ath11k_warn(ar->ab,
1138 			    "failed to send WMI_PDEV_SET_REGDOMAIN cmd\n");
1139 		dev_kfree_skb(skb);
1140 	}
1141 
1142 	return ret;
1143 }
1144 
1145 int ath11k_wmi_set_peer_param(struct ath11k *ar, const u8 *peer_addr,
1146 			      u32 vdev_id, u32 param_id, u32 param_val)
1147 {
1148 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1149 	struct wmi_peer_set_param_cmd *cmd;
1150 	struct sk_buff *skb;
1151 	int ret;
1152 
1153 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1154 	if (!skb)
1155 		return -ENOMEM;
1156 
1157 	cmd = (struct wmi_peer_set_param_cmd *)skb->data;
1158 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PEER_SET_PARAM_CMD) |
1159 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1160 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1161 	cmd->vdev_id = vdev_id;
1162 	cmd->param_id = param_id;
1163 	cmd->param_value = param_val;
1164 
1165 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_SET_PARAM_CMDID);
1166 	if (ret) {
1167 		ath11k_warn(ar->ab, "failed to send WMI_PEER_SET_PARAM cmd\n");
1168 		dev_kfree_skb(skb);
1169 	}
1170 
1171 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1172 		   "WMI vdev %d peer 0x%pM set param %d value %d\n",
1173 		   vdev_id, peer_addr, param_id, param_val);
1174 
1175 	return ret;
1176 }
1177 
1178 int ath11k_wmi_send_peer_flush_tids_cmd(struct ath11k *ar,
1179 					u8 peer_addr[ETH_ALEN],
1180 					struct peer_flush_params *param)
1181 {
1182 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1183 	struct wmi_peer_flush_tids_cmd *cmd;
1184 	struct sk_buff *skb;
1185 	int ret;
1186 
1187 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1188 	if (!skb)
1189 		return -ENOMEM;
1190 
1191 	cmd = (struct wmi_peer_flush_tids_cmd *)skb->data;
1192 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PEER_FLUSH_TIDS_CMD) |
1193 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1194 
1195 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1196 	cmd->peer_tid_bitmap = param->peer_tid_bitmap;
1197 	cmd->vdev_id = param->vdev_id;
1198 
1199 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_FLUSH_TIDS_CMDID);
1200 	if (ret) {
1201 		ath11k_warn(ar->ab,
1202 			    "failed to send WMI_PEER_FLUSH_TIDS cmd\n");
1203 		dev_kfree_skb(skb);
1204 	}
1205 
1206 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1207 		   "WMI peer flush vdev_id %d peer_addr %pM tids %08x\n",
1208 		   param->vdev_id, peer_addr, param->peer_tid_bitmap);
1209 
1210 	return ret;
1211 }
1212 
1213 int ath11k_wmi_peer_rx_reorder_queue_setup(struct ath11k *ar,
1214 					   int vdev_id, const u8 *addr,
1215 					   dma_addr_t paddr, u8 tid,
1216 					   u8 ba_window_size_valid,
1217 					   u32 ba_window_size)
1218 {
1219 	struct wmi_peer_reorder_queue_setup_cmd *cmd;
1220 	struct sk_buff *skb;
1221 	int ret;
1222 
1223 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
1224 	if (!skb)
1225 		return -ENOMEM;
1226 
1227 	cmd = (struct wmi_peer_reorder_queue_setup_cmd *)skb->data;
1228 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1229 				     WMI_TAG_REORDER_QUEUE_SETUP_CMD) |
1230 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1231 
1232 	ether_addr_copy(cmd->peer_macaddr.addr, addr);
1233 	cmd->vdev_id = vdev_id;
1234 	cmd->tid = tid;
1235 	cmd->queue_ptr_lo = lower_32_bits(paddr);
1236 	cmd->queue_ptr_hi = upper_32_bits(paddr);
1237 	cmd->queue_no = tid;
1238 	cmd->ba_window_size_valid = ba_window_size_valid;
1239 	cmd->ba_window_size = ba_window_size;
1240 
1241 	ret = ath11k_wmi_cmd_send(ar->wmi, skb,
1242 				  WMI_PEER_REORDER_QUEUE_SETUP_CMDID);
1243 	if (ret) {
1244 		ath11k_warn(ar->ab,
1245 			    "failed to send WMI_PEER_REORDER_QUEUE_SETUP\n");
1246 		dev_kfree_skb(skb);
1247 	}
1248 
1249 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1250 		   "wmi rx reorder queue setup addr %pM vdev_id %d tid %d\n",
1251 		   addr, vdev_id, tid);
1252 
1253 	return ret;
1254 }
1255 
1256 int
1257 ath11k_wmi_rx_reord_queue_remove(struct ath11k *ar,
1258 				 struct rx_reorder_queue_remove_params *param)
1259 {
1260 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1261 	struct wmi_peer_reorder_queue_remove_cmd *cmd;
1262 	struct sk_buff *skb;
1263 	int ret;
1264 
1265 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1266 	if (!skb)
1267 		return -ENOMEM;
1268 
1269 	cmd = (struct wmi_peer_reorder_queue_remove_cmd *)skb->data;
1270 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1271 				     WMI_TAG_REORDER_QUEUE_REMOVE_CMD) |
1272 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1273 
1274 	ether_addr_copy(cmd->peer_macaddr.addr, param->peer_macaddr);
1275 	cmd->vdev_id = param->vdev_id;
1276 	cmd->tid_mask = param->peer_tid_bitmap;
1277 
1278 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1279 		   "%s: peer_macaddr %pM vdev_id %d, tid_map %d", __func__,
1280 		   param->peer_macaddr, param->vdev_id, param->peer_tid_bitmap);
1281 
1282 	ret = ath11k_wmi_cmd_send(wmi, skb,
1283 				  WMI_PEER_REORDER_QUEUE_REMOVE_CMDID);
1284 	if (ret) {
1285 		ath11k_warn(ar->ab,
1286 			    "failed to send WMI_PEER_REORDER_QUEUE_REMOVE_CMDID");
1287 		dev_kfree_skb(skb);
1288 	}
1289 
1290 	return ret;
1291 }
1292 
1293 int ath11k_wmi_pdev_set_param(struct ath11k *ar, u32 param_id,
1294 			      u32 param_value, u8 pdev_id)
1295 {
1296 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1297 	struct wmi_pdev_set_param_cmd *cmd;
1298 	struct sk_buff *skb;
1299 	int ret;
1300 
1301 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1302 	if (!skb)
1303 		return -ENOMEM;
1304 
1305 	cmd = (struct wmi_pdev_set_param_cmd *)skb->data;
1306 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SET_PARAM_CMD) |
1307 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1308 	cmd->pdev_id = pdev_id;
1309 	cmd->param_id = param_id;
1310 	cmd->param_value = param_value;
1311 
1312 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_PARAM_CMDID);
1313 	if (ret) {
1314 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_SET_PARAM cmd\n");
1315 		dev_kfree_skb(skb);
1316 	}
1317 
1318 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1319 		   "WMI pdev set param %d pdev id %d value %d\n",
1320 		   param_id, pdev_id, param_value);
1321 
1322 	return ret;
1323 }
1324 
1325 int ath11k_wmi_pdev_set_ps_mode(struct ath11k *ar, int vdev_id,
1326 				enum wmi_sta_ps_mode psmode)
1327 {
1328 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1329 	struct wmi_pdev_set_ps_mode_cmd *cmd;
1330 	struct sk_buff *skb;
1331 	int ret;
1332 
1333 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1334 	if (!skb)
1335 		return -ENOMEM;
1336 
1337 	cmd = (struct wmi_pdev_set_ps_mode_cmd *)skb->data;
1338 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_STA_POWERSAVE_MODE_CMD) |
1339 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1340 	cmd->vdev_id = vdev_id;
1341 	cmd->sta_ps_mode = psmode;
1342 
1343 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_STA_POWERSAVE_MODE_CMDID);
1344 	if (ret) {
1345 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_SET_PARAM cmd\n");
1346 		dev_kfree_skb(skb);
1347 	}
1348 
1349 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1350 		   "WMI vdev set psmode %d vdev id %d\n",
1351 		   psmode, vdev_id);
1352 
1353 	return ret;
1354 }
1355 
1356 int ath11k_wmi_pdev_suspend(struct ath11k *ar, u32 suspend_opt,
1357 			    u32 pdev_id)
1358 {
1359 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1360 	struct wmi_pdev_suspend_cmd *cmd;
1361 	struct sk_buff *skb;
1362 	int ret;
1363 
1364 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1365 	if (!skb)
1366 		return -ENOMEM;
1367 
1368 	cmd = (struct wmi_pdev_suspend_cmd *)skb->data;
1369 
1370 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SUSPEND_CMD) |
1371 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1372 
1373 	cmd->suspend_opt = suspend_opt;
1374 	cmd->pdev_id = pdev_id;
1375 
1376 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SUSPEND_CMDID);
1377 	if (ret) {
1378 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_SUSPEND cmd\n");
1379 		dev_kfree_skb(skb);
1380 	}
1381 
1382 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1383 		   "WMI pdev suspend pdev_id %d\n", pdev_id);
1384 
1385 	return ret;
1386 }
1387 
1388 int ath11k_wmi_pdev_resume(struct ath11k *ar, u32 pdev_id)
1389 {
1390 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1391 	struct wmi_pdev_resume_cmd *cmd;
1392 	struct sk_buff *skb;
1393 	int ret;
1394 
1395 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1396 	if (!skb)
1397 		return -ENOMEM;
1398 
1399 	cmd = (struct wmi_pdev_resume_cmd *)skb->data;
1400 
1401 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_RESUME_CMD) |
1402 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1403 	cmd->pdev_id = pdev_id;
1404 
1405 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1406 		   "WMI pdev resume pdev id %d\n", pdev_id);
1407 
1408 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_RESUME_CMDID);
1409 	if (ret) {
1410 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_RESUME cmd\n");
1411 		dev_kfree_skb(skb);
1412 	}
1413 
1414 	return ret;
1415 }
1416 
1417 /* TODO FW Support for the cmd is not available yet.
1418  * Can be tested once the command and corresponding
1419  * event is implemented in FW
1420  */
1421 int ath11k_wmi_pdev_bss_chan_info_request(struct ath11k *ar,
1422 					  enum wmi_bss_chan_info_req_type type)
1423 {
1424 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1425 	struct wmi_pdev_bss_chan_info_req_cmd *cmd;
1426 	struct sk_buff *skb;
1427 	int ret;
1428 
1429 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1430 	if (!skb)
1431 		return -ENOMEM;
1432 
1433 	cmd = (struct wmi_pdev_bss_chan_info_req_cmd *)skb->data;
1434 
1435 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1436 				     WMI_TAG_PDEV_BSS_CHAN_INFO_REQUEST) |
1437 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1438 	cmd->req_type = type;
1439 	cmd->pdev_id = ar->pdev->pdev_id;
1440 
1441 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1442 		   "WMI bss chan info req type %d\n", type);
1443 
1444 	ret = ath11k_wmi_cmd_send(wmi, skb,
1445 				  WMI_PDEV_BSS_CHAN_INFO_REQUEST_CMDID);
1446 	if (ret) {
1447 		ath11k_warn(ar->ab,
1448 			    "failed to send WMI_PDEV_BSS_CHAN_INFO_REQUEST cmd\n");
1449 		dev_kfree_skb(skb);
1450 	}
1451 
1452 	return ret;
1453 }
1454 
1455 int ath11k_wmi_send_set_ap_ps_param_cmd(struct ath11k *ar, u8 *peer_addr,
1456 					struct ap_ps_params *param)
1457 {
1458 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1459 	struct wmi_ap_ps_peer_cmd *cmd;
1460 	struct sk_buff *skb;
1461 	int ret;
1462 
1463 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1464 	if (!skb)
1465 		return -ENOMEM;
1466 
1467 	cmd = (struct wmi_ap_ps_peer_cmd *)skb->data;
1468 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_AP_PS_PEER_CMD) |
1469 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1470 
1471 	cmd->vdev_id = param->vdev_id;
1472 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1473 	cmd->param = param->param;
1474 	cmd->value = param->value;
1475 
1476 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_AP_PS_PEER_PARAM_CMDID);
1477 	if (ret) {
1478 		ath11k_warn(ar->ab,
1479 			    "failed to send WMI_AP_PS_PEER_PARAM_CMDID\n");
1480 		dev_kfree_skb(skb);
1481 	}
1482 
1483 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1484 		   "WMI set ap ps vdev id %d peer %pM param %d value %d\n",
1485 		   param->vdev_id, peer_addr, param->param, param->value);
1486 
1487 	return ret;
1488 }
1489 
1490 int ath11k_wmi_set_sta_ps_param(struct ath11k *ar, u32 vdev_id,
1491 				u32 param, u32 param_value)
1492 {
1493 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1494 	struct wmi_sta_powersave_param_cmd *cmd;
1495 	struct sk_buff *skb;
1496 	int ret;
1497 
1498 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1499 	if (!skb)
1500 		return -ENOMEM;
1501 
1502 	cmd = (struct wmi_sta_powersave_param_cmd *)skb->data;
1503 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1504 				     WMI_TAG_STA_POWERSAVE_PARAM_CMD) |
1505 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1506 
1507 	cmd->vdev_id = vdev_id;
1508 	cmd->param = param;
1509 	cmd->value = param_value;
1510 
1511 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1512 		   "WMI set sta ps vdev_id %d param %d value %d\n",
1513 		   vdev_id, param, param_value);
1514 
1515 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_STA_POWERSAVE_PARAM_CMDID);
1516 	if (ret) {
1517 		ath11k_warn(ar->ab, "failed to send WMI_STA_POWERSAVE_PARAM_CMDID");
1518 		dev_kfree_skb(skb);
1519 	}
1520 
1521 	return ret;
1522 }
1523 
1524 int ath11k_wmi_force_fw_hang_cmd(struct ath11k *ar, u32 type, u32 delay_time_ms)
1525 {
1526 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1527 	struct wmi_force_fw_hang_cmd *cmd;
1528 	struct sk_buff *skb;
1529 	int ret, len;
1530 
1531 	len = sizeof(*cmd);
1532 
1533 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
1534 	if (!skb)
1535 		return -ENOMEM;
1536 
1537 	cmd = (struct wmi_force_fw_hang_cmd *)skb->data;
1538 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_FORCE_FW_HANG_CMD) |
1539 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
1540 
1541 	cmd->type = type;
1542 	cmd->delay_time_ms = delay_time_ms;
1543 
1544 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_FORCE_FW_HANG_CMDID);
1545 
1546 	if (ret) {
1547 		ath11k_warn(ar->ab, "Failed to send WMI_FORCE_FW_HANG_CMDID");
1548 		dev_kfree_skb(skb);
1549 	}
1550 	return ret;
1551 }
1552 
1553 int ath11k_wmi_vdev_set_param_cmd(struct ath11k *ar, u32 vdev_id,
1554 				  u32 param_id, u32 param_value)
1555 {
1556 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1557 	struct wmi_vdev_set_param_cmd *cmd;
1558 	struct sk_buff *skb;
1559 	int ret;
1560 
1561 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1562 	if (!skb)
1563 		return -ENOMEM;
1564 
1565 	cmd = (struct wmi_vdev_set_param_cmd *)skb->data;
1566 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_SET_PARAM_CMD) |
1567 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1568 
1569 	cmd->vdev_id = vdev_id;
1570 	cmd->param_id = param_id;
1571 	cmd->param_value = param_value;
1572 
1573 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_SET_PARAM_CMDID);
1574 	if (ret) {
1575 		ath11k_warn(ar->ab,
1576 			    "failed to send WMI_VDEV_SET_PARAM_CMDID\n");
1577 		dev_kfree_skb(skb);
1578 	}
1579 
1580 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1581 		   "WMI vdev id 0x%x set param %d value %d\n",
1582 		   vdev_id, param_id, param_value);
1583 
1584 	return ret;
1585 }
1586 
1587 int ath11k_wmi_send_stats_request_cmd(struct ath11k *ar,
1588 				      struct stats_request_params *param)
1589 {
1590 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1591 	struct wmi_request_stats_cmd *cmd;
1592 	struct sk_buff *skb;
1593 	int ret;
1594 
1595 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1596 	if (!skb)
1597 		return -ENOMEM;
1598 
1599 	cmd = (struct wmi_request_stats_cmd *)skb->data;
1600 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_REQUEST_STATS_CMD) |
1601 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1602 
1603 	cmd->stats_id = param->stats_id;
1604 	cmd->vdev_id = param->vdev_id;
1605 	cmd->pdev_id = param->pdev_id;
1606 
1607 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_REQUEST_STATS_CMDID);
1608 	if (ret) {
1609 		ath11k_warn(ar->ab, "failed to send WMI_REQUEST_STATS cmd\n");
1610 		dev_kfree_skb(skb);
1611 	}
1612 
1613 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1614 		   "WMI request stats 0x%x vdev id %d pdev id %d\n",
1615 		   param->stats_id, param->vdev_id, param->pdev_id);
1616 
1617 	return ret;
1618 }
1619 
1620 int ath11k_wmi_send_pdev_temperature_cmd(struct ath11k *ar)
1621 {
1622 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1623 	struct wmi_get_pdev_temperature_cmd *cmd;
1624 	struct sk_buff *skb;
1625 	int ret;
1626 
1627 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1628 	if (!skb)
1629 		return -ENOMEM;
1630 
1631 	cmd = (struct wmi_get_pdev_temperature_cmd *)skb->data;
1632 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_GET_TEMPERATURE_CMD) |
1633 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1634 	cmd->pdev_id = ar->pdev->pdev_id;
1635 
1636 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_GET_TEMPERATURE_CMDID);
1637 	if (ret) {
1638 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_GET_TEMPERATURE cmd\n");
1639 		dev_kfree_skb(skb);
1640 	}
1641 
1642 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1643 		   "WMI pdev get temperature for pdev_id %d\n", ar->pdev->pdev_id);
1644 
1645 	return ret;
1646 }
1647 
1648 int ath11k_wmi_send_bcn_offload_control_cmd(struct ath11k *ar,
1649 					    u32 vdev_id, u32 bcn_ctrl_op)
1650 {
1651 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1652 	struct wmi_bcn_offload_ctrl_cmd *cmd;
1653 	struct sk_buff *skb;
1654 	int ret;
1655 
1656 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1657 	if (!skb)
1658 		return -ENOMEM;
1659 
1660 	cmd = (struct wmi_bcn_offload_ctrl_cmd *)skb->data;
1661 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1662 				     WMI_TAG_BCN_OFFLOAD_CTRL_CMD) |
1663 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1664 
1665 	cmd->vdev_id = vdev_id;
1666 	cmd->bcn_ctrl_op = bcn_ctrl_op;
1667 
1668 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1669 		   "WMI bcn ctrl offload vdev id %d ctrl_op %d\n",
1670 		   vdev_id, bcn_ctrl_op);
1671 
1672 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_BCN_OFFLOAD_CTRL_CMDID);
1673 	if (ret) {
1674 		ath11k_warn(ar->ab,
1675 			    "failed to send WMI_BCN_OFFLOAD_CTRL_CMDID\n");
1676 		dev_kfree_skb(skb);
1677 	}
1678 
1679 	return ret;
1680 }
1681 
1682 int ath11k_wmi_bcn_tmpl(struct ath11k *ar, u32 vdev_id,
1683 			struct ieee80211_mutable_offsets *offs,
1684 			struct sk_buff *bcn)
1685 {
1686 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1687 	struct wmi_bcn_tmpl_cmd *cmd;
1688 	struct wmi_bcn_prb_info *bcn_prb_info;
1689 	struct wmi_tlv *tlv;
1690 	struct sk_buff *skb;
1691 	void *ptr;
1692 	int ret, len;
1693 	size_t aligned_len = roundup(bcn->len, 4);
1694 	struct ieee80211_vif *vif;
1695 	struct ath11k_vif *arvif = ath11k_mac_get_arvif(ar, vdev_id);
1696 
1697 	if (!arvif) {
1698 		ath11k_warn(ar->ab, "failed to find arvif with vdev id %d\n", vdev_id);
1699 		return -EINVAL;
1700 	}
1701 
1702 	vif = arvif->vif;
1703 
1704 	len = sizeof(*cmd) + sizeof(*bcn_prb_info) + TLV_HDR_SIZE + aligned_len;
1705 
1706 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
1707 	if (!skb)
1708 		return -ENOMEM;
1709 
1710 	cmd = (struct wmi_bcn_tmpl_cmd *)skb->data;
1711 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_BCN_TMPL_CMD) |
1712 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1713 	cmd->vdev_id = vdev_id;
1714 	cmd->tim_ie_offset = offs->tim_offset;
1715 
1716 	if (vif->bss_conf.csa_active) {
1717 		cmd->csa_switch_count_offset = offs->cntdwn_counter_offs[0];
1718 		cmd->ext_csa_switch_count_offset = offs->cntdwn_counter_offs[1];
1719 	}
1720 
1721 	cmd->buf_len = bcn->len;
1722 
1723 	ptr = skb->data + sizeof(*cmd);
1724 
1725 	bcn_prb_info = ptr;
1726 	len = sizeof(*bcn_prb_info);
1727 	bcn_prb_info->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1728 					      WMI_TAG_BCN_PRB_INFO) |
1729 				   FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
1730 	bcn_prb_info->caps = 0;
1731 	bcn_prb_info->erp = 0;
1732 
1733 	ptr += sizeof(*bcn_prb_info);
1734 
1735 	tlv = ptr;
1736 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
1737 		      FIELD_PREP(WMI_TLV_LEN, aligned_len);
1738 	memcpy(tlv->value, bcn->data, bcn->len);
1739 
1740 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_BCN_TMPL_CMDID);
1741 	if (ret) {
1742 		ath11k_warn(ar->ab, "failed to send WMI_BCN_TMPL_CMDID\n");
1743 		dev_kfree_skb(skb);
1744 	}
1745 
1746 	return ret;
1747 }
1748 
1749 int ath11k_wmi_vdev_install_key(struct ath11k *ar,
1750 				struct wmi_vdev_install_key_arg *arg)
1751 {
1752 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1753 	struct wmi_vdev_install_key_cmd *cmd;
1754 	struct wmi_tlv *tlv;
1755 	struct sk_buff *skb;
1756 	int ret, len;
1757 	int key_len_aligned = roundup(arg->key_len, sizeof(uint32_t));
1758 
1759 	len = sizeof(*cmd) + TLV_HDR_SIZE + key_len_aligned;
1760 
1761 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
1762 	if (!skb)
1763 		return -ENOMEM;
1764 
1765 	cmd = (struct wmi_vdev_install_key_cmd *)skb->data;
1766 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VDEV_INSTALL_KEY_CMD) |
1767 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1768 	cmd->vdev_id = arg->vdev_id;
1769 	ether_addr_copy(cmd->peer_macaddr.addr, arg->macaddr);
1770 	cmd->key_idx = arg->key_idx;
1771 	cmd->key_flags = arg->key_flags;
1772 	cmd->key_cipher = arg->key_cipher;
1773 	cmd->key_len = arg->key_len;
1774 	cmd->key_txmic_len = arg->key_txmic_len;
1775 	cmd->key_rxmic_len = arg->key_rxmic_len;
1776 
1777 	if (arg->key_rsc_counter)
1778 		memcpy(&cmd->key_rsc_counter, &arg->key_rsc_counter,
1779 		       sizeof(struct wmi_key_seq_counter));
1780 
1781 	tlv = (struct wmi_tlv *)(skb->data + sizeof(*cmd));
1782 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
1783 		      FIELD_PREP(WMI_TLV_LEN, key_len_aligned);
1784 	if (arg->key_data)
1785 		memcpy(tlv->value, (u8 *)arg->key_data, key_len_aligned);
1786 
1787 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_VDEV_INSTALL_KEY_CMDID);
1788 	if (ret) {
1789 		ath11k_warn(ar->ab,
1790 			    "failed to send WMI_VDEV_INSTALL_KEY cmd\n");
1791 		dev_kfree_skb(skb);
1792 	}
1793 
1794 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
1795 		   "WMI vdev install key idx %d cipher %d len %d\n",
1796 		   arg->key_idx, arg->key_cipher, arg->key_len);
1797 
1798 	return ret;
1799 }
1800 
1801 static inline void
1802 ath11k_wmi_copy_peer_flags(struct wmi_peer_assoc_complete_cmd *cmd,
1803 			   struct peer_assoc_params *param,
1804 			   bool hw_crypto_disabled)
1805 {
1806 	cmd->peer_flags = 0;
1807 
1808 	if (param->is_wme_set) {
1809 		if (param->qos_flag)
1810 			cmd->peer_flags |= WMI_PEER_QOS;
1811 		if (param->apsd_flag)
1812 			cmd->peer_flags |= WMI_PEER_APSD;
1813 		if (param->ht_flag)
1814 			cmd->peer_flags |= WMI_PEER_HT;
1815 		if (param->bw_40)
1816 			cmd->peer_flags |= WMI_PEER_40MHZ;
1817 		if (param->bw_80)
1818 			cmd->peer_flags |= WMI_PEER_80MHZ;
1819 		if (param->bw_160)
1820 			cmd->peer_flags |= WMI_PEER_160MHZ;
1821 
1822 		/* Typically if STBC is enabled for VHT it should be enabled
1823 		 * for HT as well
1824 		 **/
1825 		if (param->stbc_flag)
1826 			cmd->peer_flags |= WMI_PEER_STBC;
1827 
1828 		/* Typically if LDPC is enabled for VHT it should be enabled
1829 		 * for HT as well
1830 		 **/
1831 		if (param->ldpc_flag)
1832 			cmd->peer_flags |= WMI_PEER_LDPC;
1833 
1834 		if (param->static_mimops_flag)
1835 			cmd->peer_flags |= WMI_PEER_STATIC_MIMOPS;
1836 		if (param->dynamic_mimops_flag)
1837 			cmd->peer_flags |= WMI_PEER_DYN_MIMOPS;
1838 		if (param->spatial_mux_flag)
1839 			cmd->peer_flags |= WMI_PEER_SPATIAL_MUX;
1840 		if (param->vht_flag)
1841 			cmd->peer_flags |= WMI_PEER_VHT;
1842 		if (param->he_flag)
1843 			cmd->peer_flags |= WMI_PEER_HE;
1844 		if (param->twt_requester)
1845 			cmd->peer_flags |= WMI_PEER_TWT_REQ;
1846 		if (param->twt_responder)
1847 			cmd->peer_flags |= WMI_PEER_TWT_RESP;
1848 	}
1849 
1850 	/* Suppress authorization for all AUTH modes that need 4-way handshake
1851 	 * (during re-association).
1852 	 * Authorization will be done for these modes on key installation.
1853 	 */
1854 	if (param->auth_flag)
1855 		cmd->peer_flags |= WMI_PEER_AUTH;
1856 	if (param->need_ptk_4_way) {
1857 		cmd->peer_flags |= WMI_PEER_NEED_PTK_4_WAY;
1858 		if (!hw_crypto_disabled && param->is_assoc)
1859 			cmd->peer_flags &= ~WMI_PEER_AUTH;
1860 	}
1861 	if (param->need_gtk_2_way)
1862 		cmd->peer_flags |= WMI_PEER_NEED_GTK_2_WAY;
1863 	/* safe mode bypass the 4-way handshake */
1864 	if (param->safe_mode_enabled)
1865 		cmd->peer_flags &= ~(WMI_PEER_NEED_PTK_4_WAY |
1866 				     WMI_PEER_NEED_GTK_2_WAY);
1867 
1868 	if (param->is_pmf_enabled)
1869 		cmd->peer_flags |= WMI_PEER_PMF;
1870 
1871 	/* Disable AMSDU for station transmit, if user configures it */
1872 	/* Disable AMSDU for AP transmit to 11n Stations, if user configures
1873 	 * it
1874 	 * if (param->amsdu_disable) Add after FW support
1875 	 **/
1876 
1877 	/* Target asserts if node is marked HT and all MCS is set to 0.
1878 	 * Mark the node as non-HT if all the mcs rates are disabled through
1879 	 * iwpriv
1880 	 **/
1881 	if (param->peer_ht_rates.num_rates == 0)
1882 		cmd->peer_flags &= ~WMI_PEER_HT;
1883 }
1884 
1885 int ath11k_wmi_send_peer_assoc_cmd(struct ath11k *ar,
1886 				   struct peer_assoc_params *param)
1887 {
1888 	struct ath11k_pdev_wmi *wmi = ar->wmi;
1889 	struct wmi_peer_assoc_complete_cmd *cmd;
1890 	struct wmi_vht_rate_set *mcs;
1891 	struct wmi_he_rate_set *he_mcs;
1892 	struct sk_buff *skb;
1893 	struct wmi_tlv *tlv;
1894 	void *ptr;
1895 	u32 peer_legacy_rates_align;
1896 	u32 peer_ht_rates_align;
1897 	int i, ret, len;
1898 
1899 	peer_legacy_rates_align = roundup(param->peer_legacy_rates.num_rates,
1900 					  sizeof(u32));
1901 	peer_ht_rates_align = roundup(param->peer_ht_rates.num_rates,
1902 				      sizeof(u32));
1903 
1904 	len = sizeof(*cmd) +
1905 	      TLV_HDR_SIZE + (peer_legacy_rates_align * sizeof(u8)) +
1906 	      TLV_HDR_SIZE + (peer_ht_rates_align * sizeof(u8)) +
1907 	      sizeof(*mcs) + TLV_HDR_SIZE +
1908 	      (sizeof(*he_mcs) * param->peer_he_mcs_count);
1909 
1910 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
1911 	if (!skb)
1912 		return -ENOMEM;
1913 
1914 	ptr = skb->data;
1915 
1916 	cmd = ptr;
1917 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
1918 				     WMI_TAG_PEER_ASSOC_COMPLETE_CMD) |
1919 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
1920 
1921 	cmd->vdev_id = param->vdev_id;
1922 
1923 	cmd->peer_new_assoc = param->peer_new_assoc;
1924 	cmd->peer_associd = param->peer_associd;
1925 
1926 	ath11k_wmi_copy_peer_flags(cmd, param,
1927 				   test_bit(ATH11K_FLAG_HW_CRYPTO_DISABLED,
1928 					    &ar->ab->dev_flags));
1929 
1930 	ether_addr_copy(cmd->peer_macaddr.addr, param->peer_mac);
1931 
1932 	cmd->peer_rate_caps = param->peer_rate_caps;
1933 	cmd->peer_caps = param->peer_caps;
1934 	cmd->peer_listen_intval = param->peer_listen_intval;
1935 	cmd->peer_ht_caps = param->peer_ht_caps;
1936 	cmd->peer_max_mpdu = param->peer_max_mpdu;
1937 	cmd->peer_mpdu_density = param->peer_mpdu_density;
1938 	cmd->peer_vht_caps = param->peer_vht_caps;
1939 	cmd->peer_phymode = param->peer_phymode;
1940 
1941 	/* Update 11ax capabilities */
1942 	cmd->peer_he_cap_info = param->peer_he_cap_macinfo[0];
1943 	cmd->peer_he_cap_info_ext = param->peer_he_cap_macinfo[1];
1944 	cmd->peer_he_cap_info_internal = param->peer_he_cap_macinfo_internal;
1945 	cmd->peer_he_caps_6ghz = param->peer_he_caps_6ghz;
1946 	cmd->peer_he_ops = param->peer_he_ops;
1947 	memcpy(&cmd->peer_he_cap_phy, &param->peer_he_cap_phyinfo,
1948 	       sizeof(param->peer_he_cap_phyinfo));
1949 	memcpy(&cmd->peer_ppet, &param->peer_ppet,
1950 	       sizeof(param->peer_ppet));
1951 
1952 	/* Update peer legacy rate information */
1953 	ptr += sizeof(*cmd);
1954 
1955 	tlv = ptr;
1956 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
1957 		      FIELD_PREP(WMI_TLV_LEN, peer_legacy_rates_align);
1958 
1959 	ptr += TLV_HDR_SIZE;
1960 
1961 	cmd->num_peer_legacy_rates = param->peer_legacy_rates.num_rates;
1962 	memcpy(ptr, param->peer_legacy_rates.rates,
1963 	       param->peer_legacy_rates.num_rates);
1964 
1965 	/* Update peer HT rate information */
1966 	ptr += peer_legacy_rates_align;
1967 
1968 	tlv = ptr;
1969 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
1970 		      FIELD_PREP(WMI_TLV_LEN, peer_ht_rates_align);
1971 	ptr += TLV_HDR_SIZE;
1972 	cmd->num_peer_ht_rates = param->peer_ht_rates.num_rates;
1973 	memcpy(ptr, param->peer_ht_rates.rates,
1974 	       param->peer_ht_rates.num_rates);
1975 
1976 	/* VHT Rates */
1977 	ptr += peer_ht_rates_align;
1978 
1979 	mcs = ptr;
1980 
1981 	mcs->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_VHT_RATE_SET) |
1982 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*mcs) - TLV_HDR_SIZE);
1983 
1984 	cmd->peer_nss = param->peer_nss;
1985 
1986 	/* Update bandwidth-NSS mapping */
1987 	cmd->peer_bw_rxnss_override = 0;
1988 	cmd->peer_bw_rxnss_override |= param->peer_bw_rxnss_override;
1989 
1990 	if (param->vht_capable) {
1991 		mcs->rx_max_rate = param->rx_max_rate;
1992 		mcs->rx_mcs_set = param->rx_mcs_set;
1993 		mcs->tx_max_rate = param->tx_max_rate;
1994 		mcs->tx_mcs_set = param->tx_mcs_set;
1995 	}
1996 
1997 	/* HE Rates */
1998 	cmd->peer_he_mcs = param->peer_he_mcs_count;
1999 	cmd->min_data_rate = param->min_data_rate;
2000 
2001 	ptr += sizeof(*mcs);
2002 
2003 	len = param->peer_he_mcs_count * sizeof(*he_mcs);
2004 
2005 	tlv = ptr;
2006 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
2007 		      FIELD_PREP(WMI_TLV_LEN, len);
2008 	ptr += TLV_HDR_SIZE;
2009 
2010 	/* Loop through the HE rate set */
2011 	for (i = 0; i < param->peer_he_mcs_count; i++) {
2012 		he_mcs = ptr;
2013 		he_mcs->tlv_header = FIELD_PREP(WMI_TLV_TAG,
2014 						WMI_TAG_HE_RATE_SET) |
2015 				     FIELD_PREP(WMI_TLV_LEN,
2016 						sizeof(*he_mcs) - TLV_HDR_SIZE);
2017 
2018 		he_mcs->rx_mcs_set = param->peer_he_tx_mcs_set[i];
2019 		he_mcs->tx_mcs_set = param->peer_he_rx_mcs_set[i];
2020 		ptr += sizeof(*he_mcs);
2021 	}
2022 
2023 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_PEER_ASSOC_CMDID);
2024 	if (ret) {
2025 		ath11k_warn(ar->ab,
2026 			    "failed to send WMI_PEER_ASSOC_CMDID\n");
2027 		dev_kfree_skb(skb);
2028 	}
2029 
2030 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2031 		   "wmi peer assoc vdev id %d assoc id %d peer mac %pM peer_flags %x rate_caps %x peer_caps %x listen_intval %d ht_caps %x max_mpdu %d nss %d phymode %d peer_mpdu_density %d vht_caps %x he cap_info %x he ops %x he cap_info_ext %x he phy %x %x %x peer_bw_rxnss_override %x\n",
2032 		   cmd->vdev_id, cmd->peer_associd, param->peer_mac,
2033 		   cmd->peer_flags, cmd->peer_rate_caps, cmd->peer_caps,
2034 		   cmd->peer_listen_intval, cmd->peer_ht_caps,
2035 		   cmd->peer_max_mpdu, cmd->peer_nss, cmd->peer_phymode,
2036 		   cmd->peer_mpdu_density,
2037 		   cmd->peer_vht_caps, cmd->peer_he_cap_info,
2038 		   cmd->peer_he_ops, cmd->peer_he_cap_info_ext,
2039 		   cmd->peer_he_cap_phy[0], cmd->peer_he_cap_phy[1],
2040 		   cmd->peer_he_cap_phy[2],
2041 		   cmd->peer_bw_rxnss_override);
2042 
2043 	return ret;
2044 }
2045 
2046 void ath11k_wmi_start_scan_init(struct ath11k *ar,
2047 				struct scan_req_params *arg)
2048 {
2049 	/* setup commonly used values */
2050 	arg->scan_req_id = 1;
2051 	if (ar->state_11d == ATH11K_11D_PREPARING)
2052 		arg->scan_priority = WMI_SCAN_PRIORITY_MEDIUM;
2053 	else
2054 		arg->scan_priority = WMI_SCAN_PRIORITY_LOW;
2055 	arg->dwell_time_active = 50;
2056 	arg->dwell_time_active_2g = 0;
2057 	arg->dwell_time_passive = 150;
2058 	arg->dwell_time_active_6g = 40;
2059 	arg->dwell_time_passive_6g = 30;
2060 	arg->min_rest_time = 50;
2061 	arg->max_rest_time = 500;
2062 	arg->repeat_probe_time = 0;
2063 	arg->probe_spacing_time = 0;
2064 	arg->idle_time = 0;
2065 	arg->max_scan_time = 20000;
2066 	arg->probe_delay = 5;
2067 	arg->notify_scan_events = WMI_SCAN_EVENT_STARTED |
2068 				  WMI_SCAN_EVENT_COMPLETED |
2069 				  WMI_SCAN_EVENT_BSS_CHANNEL |
2070 				  WMI_SCAN_EVENT_FOREIGN_CHAN |
2071 				  WMI_SCAN_EVENT_DEQUEUED;
2072 	arg->scan_flags |= WMI_SCAN_CHAN_STAT_EVENT;
2073 
2074 	if (test_bit(WMI_TLV_SERVICE_PASSIVE_SCAN_START_TIME_ENHANCE,
2075 		     ar->ab->wmi_ab.svc_map))
2076 		arg->scan_ctrl_flags_ext |=
2077 			WMI_SCAN_FLAG_EXT_PASSIVE_SCAN_START_TIME_ENHANCE;
2078 
2079 	arg->num_bssid = 1;
2080 
2081 	/* fill bssid_list[0] with 0xff, otherwise bssid and RA will be
2082 	 * ZEROs in probe request
2083 	 */
2084 	eth_broadcast_addr(arg->bssid_list[0].addr);
2085 }
2086 
2087 static inline void
2088 ath11k_wmi_copy_scan_event_cntrl_flags(struct wmi_start_scan_cmd *cmd,
2089 				       struct scan_req_params *param)
2090 {
2091 	/* Scan events subscription */
2092 	if (param->scan_ev_started)
2093 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_STARTED;
2094 	if (param->scan_ev_completed)
2095 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_COMPLETED;
2096 	if (param->scan_ev_bss_chan)
2097 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_BSS_CHANNEL;
2098 	if (param->scan_ev_foreign_chan)
2099 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_FOREIGN_CHAN;
2100 	if (param->scan_ev_dequeued)
2101 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_DEQUEUED;
2102 	if (param->scan_ev_preempted)
2103 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_PREEMPTED;
2104 	if (param->scan_ev_start_failed)
2105 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_START_FAILED;
2106 	if (param->scan_ev_restarted)
2107 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_RESTARTED;
2108 	if (param->scan_ev_foreign_chn_exit)
2109 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_FOREIGN_CHAN_EXIT;
2110 	if (param->scan_ev_suspended)
2111 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_SUSPENDED;
2112 	if (param->scan_ev_resumed)
2113 		cmd->notify_scan_events |=  WMI_SCAN_EVENT_RESUMED;
2114 
2115 	/** Set scan control flags */
2116 	cmd->scan_ctrl_flags = 0;
2117 	if (param->scan_f_passive)
2118 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_PASSIVE;
2119 	if (param->scan_f_strict_passive_pch)
2120 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_STRICT_PASSIVE_ON_PCHN;
2121 	if (param->scan_f_promisc_mode)
2122 		cmd->scan_ctrl_flags |=  WMI_SCAN_FILTER_PROMISCUOS;
2123 	if (param->scan_f_capture_phy_err)
2124 		cmd->scan_ctrl_flags |=  WMI_SCAN_CAPTURE_PHY_ERROR;
2125 	if (param->scan_f_half_rate)
2126 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_HALF_RATE_SUPPORT;
2127 	if (param->scan_f_quarter_rate)
2128 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_QUARTER_RATE_SUPPORT;
2129 	if (param->scan_f_cck_rates)
2130 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_CCK_RATES;
2131 	if (param->scan_f_ofdm_rates)
2132 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_OFDM_RATES;
2133 	if (param->scan_f_chan_stat_evnt)
2134 		cmd->scan_ctrl_flags |=  WMI_SCAN_CHAN_STAT_EVENT;
2135 	if (param->scan_f_filter_prb_req)
2136 		cmd->scan_ctrl_flags |=  WMI_SCAN_FILTER_PROBE_REQ;
2137 	if (param->scan_f_bcast_probe)
2138 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_BCAST_PROBE_REQ;
2139 	if (param->scan_f_offchan_mgmt_tx)
2140 		cmd->scan_ctrl_flags |=  WMI_SCAN_OFFCHAN_MGMT_TX;
2141 	if (param->scan_f_offchan_data_tx)
2142 		cmd->scan_ctrl_flags |=  WMI_SCAN_OFFCHAN_DATA_TX;
2143 	if (param->scan_f_force_active_dfs_chn)
2144 		cmd->scan_ctrl_flags |=  WMI_SCAN_FLAG_FORCE_ACTIVE_ON_DFS;
2145 	if (param->scan_f_add_tpc_ie_in_probe)
2146 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_TPC_IE_IN_PROBE_REQ;
2147 	if (param->scan_f_add_ds_ie_in_probe)
2148 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_DS_IE_IN_PROBE_REQ;
2149 	if (param->scan_f_add_spoofed_mac_in_probe)
2150 		cmd->scan_ctrl_flags |=  WMI_SCAN_ADD_SPOOF_MAC_IN_PROBE_REQ;
2151 	if (param->scan_f_add_rand_seq_in_probe)
2152 		cmd->scan_ctrl_flags |=  WMI_SCAN_RANDOM_SEQ_NO_IN_PROBE_REQ;
2153 	if (param->scan_f_en_ie_whitelist_in_probe)
2154 		cmd->scan_ctrl_flags |=
2155 			 WMI_SCAN_ENABLE_IE_WHTELIST_IN_PROBE_REQ;
2156 
2157 	/* for adaptive scan mode using 3 bits (21 - 23 bits) */
2158 	WMI_SCAN_SET_DWELL_MODE(cmd->scan_ctrl_flags,
2159 				param->adaptive_dwell_time_mode);
2160 
2161 	cmd->scan_ctrl_flags_ext = param->scan_ctrl_flags_ext;
2162 }
2163 
2164 int ath11k_wmi_send_scan_start_cmd(struct ath11k *ar,
2165 				   struct scan_req_params *params)
2166 {
2167 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2168 	struct wmi_start_scan_cmd *cmd;
2169 	struct wmi_ssid *ssid = NULL;
2170 	struct wmi_mac_addr *bssid;
2171 	struct sk_buff *skb;
2172 	struct wmi_tlv *tlv;
2173 	void *ptr;
2174 	int i, ret, len;
2175 	u32 *tmp_ptr;
2176 	u16 extraie_len_with_pad = 0;
2177 	struct hint_short_ssid *s_ssid = NULL;
2178 	struct hint_bssid *hint_bssid = NULL;
2179 
2180 	len = sizeof(*cmd);
2181 
2182 	len += TLV_HDR_SIZE;
2183 	if (params->num_chan)
2184 		len += params->num_chan * sizeof(u32);
2185 
2186 	len += TLV_HDR_SIZE;
2187 	if (params->num_ssids)
2188 		len += params->num_ssids * sizeof(*ssid);
2189 
2190 	len += TLV_HDR_SIZE;
2191 	if (params->num_bssid)
2192 		len += sizeof(*bssid) * params->num_bssid;
2193 
2194 	len += TLV_HDR_SIZE;
2195 	if (params->extraie.len && params->extraie.len <= 0xFFFF)
2196 		extraie_len_with_pad =
2197 			roundup(params->extraie.len, sizeof(u32));
2198 	len += extraie_len_with_pad;
2199 
2200 	if (params->num_hint_bssid)
2201 		len += TLV_HDR_SIZE +
2202 		       params->num_hint_bssid * sizeof(struct hint_bssid);
2203 
2204 	if (params->num_hint_s_ssid)
2205 		len += TLV_HDR_SIZE +
2206 		       params->num_hint_s_ssid * sizeof(struct hint_short_ssid);
2207 
2208 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
2209 	if (!skb)
2210 		return -ENOMEM;
2211 
2212 	ptr = skb->data;
2213 
2214 	cmd = ptr;
2215 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_START_SCAN_CMD) |
2216 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2217 
2218 	cmd->scan_id = params->scan_id;
2219 	cmd->scan_req_id = params->scan_req_id;
2220 	cmd->vdev_id = params->vdev_id;
2221 	cmd->scan_priority = params->scan_priority;
2222 	cmd->notify_scan_events = params->notify_scan_events;
2223 
2224 	ath11k_wmi_copy_scan_event_cntrl_flags(cmd, params);
2225 
2226 	cmd->dwell_time_active = params->dwell_time_active;
2227 	cmd->dwell_time_active_2g = params->dwell_time_active_2g;
2228 	cmd->dwell_time_passive = params->dwell_time_passive;
2229 	cmd->dwell_time_active_6g = params->dwell_time_active_6g;
2230 	cmd->dwell_time_passive_6g = params->dwell_time_passive_6g;
2231 	cmd->min_rest_time = params->min_rest_time;
2232 	cmd->max_rest_time = params->max_rest_time;
2233 	cmd->repeat_probe_time = params->repeat_probe_time;
2234 	cmd->probe_spacing_time = params->probe_spacing_time;
2235 	cmd->idle_time = params->idle_time;
2236 	cmd->max_scan_time = params->max_scan_time;
2237 	cmd->probe_delay = params->probe_delay;
2238 	cmd->burst_duration = params->burst_duration;
2239 	cmd->num_chan = params->num_chan;
2240 	cmd->num_bssid = params->num_bssid;
2241 	cmd->num_ssids = params->num_ssids;
2242 	cmd->ie_len = params->extraie.len;
2243 	cmd->n_probes = params->n_probes;
2244 	ether_addr_copy(cmd->mac_addr.addr, params->mac_addr.addr);
2245 	ether_addr_copy(cmd->mac_mask.addr, params->mac_mask.addr);
2246 
2247 	ptr += sizeof(*cmd);
2248 
2249 	len = params->num_chan * sizeof(u32);
2250 
2251 	tlv = ptr;
2252 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_UINT32) |
2253 		      FIELD_PREP(WMI_TLV_LEN, len);
2254 	ptr += TLV_HDR_SIZE;
2255 	tmp_ptr = (u32 *)ptr;
2256 
2257 	for (i = 0; i < params->num_chan; ++i)
2258 		tmp_ptr[i] = params->chan_list[i];
2259 
2260 	ptr += len;
2261 
2262 	len = params->num_ssids * sizeof(*ssid);
2263 	tlv = ptr;
2264 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) |
2265 		      FIELD_PREP(WMI_TLV_LEN, len);
2266 
2267 	ptr += TLV_HDR_SIZE;
2268 
2269 	if (params->num_ssids) {
2270 		ssid = ptr;
2271 		for (i = 0; i < params->num_ssids; ++i) {
2272 			ssid->ssid_len = params->ssid[i].length;
2273 			memcpy(ssid->ssid, params->ssid[i].ssid,
2274 			       params->ssid[i].length);
2275 			ssid++;
2276 		}
2277 	}
2278 
2279 	ptr += (params->num_ssids * sizeof(*ssid));
2280 	len = params->num_bssid * sizeof(*bssid);
2281 	tlv = ptr;
2282 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) |
2283 		      FIELD_PREP(WMI_TLV_LEN, len);
2284 
2285 	ptr += TLV_HDR_SIZE;
2286 	bssid = ptr;
2287 
2288 	if (params->num_bssid) {
2289 		for (i = 0; i < params->num_bssid; ++i) {
2290 			ether_addr_copy(bssid->addr,
2291 					params->bssid_list[i].addr);
2292 			bssid++;
2293 		}
2294 	}
2295 
2296 	ptr += params->num_bssid * sizeof(*bssid);
2297 
2298 	len = extraie_len_with_pad;
2299 	tlv = ptr;
2300 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
2301 		      FIELD_PREP(WMI_TLV_LEN, len);
2302 	ptr += TLV_HDR_SIZE;
2303 
2304 	if (extraie_len_with_pad)
2305 		memcpy(ptr, params->extraie.ptr,
2306 		       params->extraie.len);
2307 
2308 	ptr += extraie_len_with_pad;
2309 
2310 	if (params->num_hint_s_ssid) {
2311 		len = params->num_hint_s_ssid * sizeof(struct hint_short_ssid);
2312 		tlv = ptr;
2313 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) |
2314 			      FIELD_PREP(WMI_TLV_LEN, len);
2315 		ptr += TLV_HDR_SIZE;
2316 		s_ssid = ptr;
2317 		for (i = 0; i < params->num_hint_s_ssid; ++i) {
2318 			s_ssid->freq_flags = params->hint_s_ssid[i].freq_flags;
2319 			s_ssid->short_ssid = params->hint_s_ssid[i].short_ssid;
2320 			s_ssid++;
2321 		}
2322 		ptr += len;
2323 	}
2324 
2325 	if (params->num_hint_bssid) {
2326 		len = params->num_hint_bssid * sizeof(struct hint_bssid);
2327 		tlv = ptr;
2328 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_FIXED_STRUCT) |
2329 			      FIELD_PREP(WMI_TLV_LEN, len);
2330 		ptr += TLV_HDR_SIZE;
2331 		hint_bssid = ptr;
2332 		for (i = 0; i < params->num_hint_bssid; ++i) {
2333 			hint_bssid->freq_flags =
2334 				params->hint_bssid[i].freq_flags;
2335 			ether_addr_copy(&params->hint_bssid[i].bssid.addr[0],
2336 					&hint_bssid->bssid.addr[0]);
2337 			hint_bssid++;
2338 		}
2339 	}
2340 
2341 	ret = ath11k_wmi_cmd_send(wmi, skb,
2342 				  WMI_START_SCAN_CMDID);
2343 	if (ret) {
2344 		ath11k_warn(ar->ab, "failed to send WMI_START_SCAN_CMDID\n");
2345 		dev_kfree_skb(skb);
2346 	}
2347 
2348 	return ret;
2349 }
2350 
2351 int ath11k_wmi_send_scan_stop_cmd(struct ath11k *ar,
2352 				  struct scan_cancel_param *param)
2353 {
2354 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2355 	struct wmi_stop_scan_cmd *cmd;
2356 	struct sk_buff *skb;
2357 	int ret;
2358 
2359 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2360 	if (!skb)
2361 		return -ENOMEM;
2362 
2363 	cmd = (struct wmi_stop_scan_cmd *)skb->data;
2364 
2365 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_STOP_SCAN_CMD) |
2366 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2367 
2368 	cmd->vdev_id = param->vdev_id;
2369 	cmd->requestor = param->requester;
2370 	cmd->scan_id = param->scan_id;
2371 	cmd->pdev_id = param->pdev_id;
2372 	/* stop the scan with the corresponding scan_id */
2373 	if (param->req_type == WLAN_SCAN_CANCEL_PDEV_ALL) {
2374 		/* Cancelling all scans */
2375 		cmd->req_type =  WMI_SCAN_STOP_ALL;
2376 	} else if (param->req_type == WLAN_SCAN_CANCEL_VDEV_ALL) {
2377 		/* Cancelling VAP scans */
2378 		cmd->req_type =  WMI_SCN_STOP_VAP_ALL;
2379 	} else if (param->req_type == WLAN_SCAN_CANCEL_SINGLE) {
2380 		/* Cancelling specific scan */
2381 		cmd->req_type =  WMI_SCAN_STOP_ONE;
2382 	} else {
2383 		ath11k_warn(ar->ab, "invalid scan cancel param %d",
2384 			    param->req_type);
2385 		dev_kfree_skb(skb);
2386 		return -EINVAL;
2387 	}
2388 
2389 	ret = ath11k_wmi_cmd_send(wmi, skb,
2390 				  WMI_STOP_SCAN_CMDID);
2391 	if (ret) {
2392 		ath11k_warn(ar->ab, "failed to send WMI_STOP_SCAN_CMDID\n");
2393 		dev_kfree_skb(skb);
2394 	}
2395 
2396 	return ret;
2397 }
2398 
2399 int ath11k_wmi_send_scan_chan_list_cmd(struct ath11k *ar,
2400 				       struct scan_chan_list_params *chan_list)
2401 {
2402 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2403 	struct wmi_scan_chan_list_cmd *cmd;
2404 	struct sk_buff *skb;
2405 	struct wmi_channel *chan_info;
2406 	struct channel_param *tchan_info;
2407 	struct wmi_tlv *tlv;
2408 	void *ptr;
2409 	int i, ret, len;
2410 	u16 num_send_chans, num_sends = 0, max_chan_limit = 0;
2411 	u32 *reg1, *reg2;
2412 
2413 	tchan_info = chan_list->ch_param;
2414 	while (chan_list->nallchans) {
2415 		len = sizeof(*cmd) + TLV_HDR_SIZE;
2416 		max_chan_limit = (wmi->wmi_ab->max_msg_len[ar->pdev_idx] - len) /
2417 			sizeof(*chan_info);
2418 
2419 		if (chan_list->nallchans > max_chan_limit)
2420 			num_send_chans = max_chan_limit;
2421 		else
2422 			num_send_chans = chan_list->nallchans;
2423 
2424 		chan_list->nallchans -= num_send_chans;
2425 		len += sizeof(*chan_info) * num_send_chans;
2426 
2427 		skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
2428 		if (!skb)
2429 			return -ENOMEM;
2430 
2431 		cmd = (struct wmi_scan_chan_list_cmd *)skb->data;
2432 		cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_SCAN_CHAN_LIST_CMD) |
2433 			FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2434 		cmd->pdev_id = chan_list->pdev_id;
2435 		cmd->num_scan_chans = num_send_chans;
2436 		if (num_sends)
2437 			cmd->flags |= WMI_APPEND_TO_EXISTING_CHAN_LIST_FLAG;
2438 
2439 		ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2440 			   "WMI no.of chan = %d len = %d pdev_id = %d num_sends = %d\n",
2441 			   num_send_chans, len, cmd->pdev_id, num_sends);
2442 
2443 		ptr = skb->data + sizeof(*cmd);
2444 
2445 		len = sizeof(*chan_info) * num_send_chans;
2446 		tlv = ptr;
2447 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
2448 			      FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
2449 		ptr += TLV_HDR_SIZE;
2450 
2451 		for (i = 0; i < num_send_chans; ++i) {
2452 			chan_info = ptr;
2453 			memset(chan_info, 0, sizeof(*chan_info));
2454 			len = sizeof(*chan_info);
2455 			chan_info->tlv_header = FIELD_PREP(WMI_TLV_TAG,
2456 							   WMI_TAG_CHANNEL) |
2457 						FIELD_PREP(WMI_TLV_LEN,
2458 							   len - TLV_HDR_SIZE);
2459 
2460 			reg1 = &chan_info->reg_info_1;
2461 			reg2 = &chan_info->reg_info_2;
2462 			chan_info->mhz = tchan_info->mhz;
2463 			chan_info->band_center_freq1 = tchan_info->cfreq1;
2464 			chan_info->band_center_freq2 = tchan_info->cfreq2;
2465 
2466 			if (tchan_info->is_chan_passive)
2467 				chan_info->info |= WMI_CHAN_INFO_PASSIVE;
2468 			if (tchan_info->allow_he)
2469 				chan_info->info |= WMI_CHAN_INFO_ALLOW_HE;
2470 			else if (tchan_info->allow_vht)
2471 				chan_info->info |= WMI_CHAN_INFO_ALLOW_VHT;
2472 			else if (tchan_info->allow_ht)
2473 				chan_info->info |= WMI_CHAN_INFO_ALLOW_HT;
2474 			if (tchan_info->half_rate)
2475 				chan_info->info |= WMI_CHAN_INFO_HALF_RATE;
2476 			if (tchan_info->quarter_rate)
2477 				chan_info->info |= WMI_CHAN_INFO_QUARTER_RATE;
2478 			if (tchan_info->psc_channel)
2479 				chan_info->info |= WMI_CHAN_INFO_PSC;
2480 			if (tchan_info->dfs_set)
2481 				chan_info->info |= WMI_CHAN_INFO_DFS;
2482 
2483 			chan_info->info |= FIELD_PREP(WMI_CHAN_INFO_MODE,
2484 						      tchan_info->phy_mode);
2485 			*reg1 |= FIELD_PREP(WMI_CHAN_REG_INFO1_MIN_PWR,
2486 					    tchan_info->minpower);
2487 			*reg1 |= FIELD_PREP(WMI_CHAN_REG_INFO1_MAX_PWR,
2488 					    tchan_info->maxpower);
2489 			*reg1 |= FIELD_PREP(WMI_CHAN_REG_INFO1_MAX_REG_PWR,
2490 					    tchan_info->maxregpower);
2491 			*reg1 |= FIELD_PREP(WMI_CHAN_REG_INFO1_REG_CLS,
2492 					    tchan_info->reg_class_id);
2493 			*reg2 |= FIELD_PREP(WMI_CHAN_REG_INFO2_ANT_MAX,
2494 					    tchan_info->antennamax);
2495 			*reg2 |= FIELD_PREP(WMI_CHAN_REG_INFO2_MAX_TX_PWR,
2496 					    tchan_info->maxregpower);
2497 
2498 			ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2499 				   "WMI chan scan list chan[%d] = %u, chan_info->info %8x\n",
2500 				   i, chan_info->mhz, chan_info->info);
2501 
2502 			ptr += sizeof(*chan_info);
2503 
2504 			tchan_info++;
2505 		}
2506 
2507 		ret = ath11k_wmi_cmd_send(wmi, skb, WMI_SCAN_CHAN_LIST_CMDID);
2508 		if (ret) {
2509 			ath11k_warn(ar->ab, "failed to send WMI_SCAN_CHAN_LIST cmd\n");
2510 			dev_kfree_skb(skb);
2511 			return ret;
2512 		}
2513 
2514 		num_sends++;
2515 	}
2516 
2517 	return 0;
2518 }
2519 
2520 int ath11k_wmi_send_wmm_update_cmd_tlv(struct ath11k *ar, u32 vdev_id,
2521 				       struct wmi_wmm_params_all_arg *param)
2522 {
2523 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2524 	struct wmi_vdev_set_wmm_params_cmd *cmd;
2525 	struct wmi_wmm_params *wmm_param;
2526 	struct wmi_wmm_params_arg *wmi_wmm_arg;
2527 	struct sk_buff *skb;
2528 	int ret, ac;
2529 
2530 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2531 	if (!skb)
2532 		return -ENOMEM;
2533 
2534 	cmd = (struct wmi_vdev_set_wmm_params_cmd *)skb->data;
2535 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
2536 				     WMI_TAG_VDEV_SET_WMM_PARAMS_CMD) |
2537 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2538 
2539 	cmd->vdev_id = vdev_id;
2540 	cmd->wmm_param_type = 0;
2541 
2542 	for (ac = 0; ac < WME_NUM_AC; ac++) {
2543 		switch (ac) {
2544 		case WME_AC_BE:
2545 			wmi_wmm_arg = &param->ac_be;
2546 			break;
2547 		case WME_AC_BK:
2548 			wmi_wmm_arg = &param->ac_bk;
2549 			break;
2550 		case WME_AC_VI:
2551 			wmi_wmm_arg = &param->ac_vi;
2552 			break;
2553 		case WME_AC_VO:
2554 			wmi_wmm_arg = &param->ac_vo;
2555 			break;
2556 		}
2557 
2558 		wmm_param = (struct wmi_wmm_params *)&cmd->wmm_params[ac];
2559 		wmm_param->tlv_header =
2560 				FIELD_PREP(WMI_TLV_TAG,
2561 					   WMI_TAG_VDEV_SET_WMM_PARAMS_CMD) |
2562 				FIELD_PREP(WMI_TLV_LEN,
2563 					   sizeof(*wmm_param) - TLV_HDR_SIZE);
2564 
2565 		wmm_param->aifs = wmi_wmm_arg->aifs;
2566 		wmm_param->cwmin = wmi_wmm_arg->cwmin;
2567 		wmm_param->cwmax = wmi_wmm_arg->cwmax;
2568 		wmm_param->txoplimit = wmi_wmm_arg->txop;
2569 		wmm_param->acm = wmi_wmm_arg->acm;
2570 		wmm_param->no_ack = wmi_wmm_arg->no_ack;
2571 
2572 		ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2573 			   "wmi wmm set ac %d aifs %d cwmin %d cwmax %d txop %d acm %d no_ack %d\n",
2574 			   ac, wmm_param->aifs, wmm_param->cwmin,
2575 			   wmm_param->cwmax, wmm_param->txoplimit,
2576 			   wmm_param->acm, wmm_param->no_ack);
2577 	}
2578 	ret = ath11k_wmi_cmd_send(wmi, skb,
2579 				  WMI_VDEV_SET_WMM_PARAMS_CMDID);
2580 	if (ret) {
2581 		ath11k_warn(ar->ab,
2582 			    "failed to send WMI_VDEV_SET_WMM_PARAMS_CMDID");
2583 		dev_kfree_skb(skb);
2584 	}
2585 
2586 	return ret;
2587 }
2588 
2589 int ath11k_wmi_send_dfs_phyerr_offload_enable_cmd(struct ath11k *ar,
2590 						  u32 pdev_id)
2591 {
2592 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2593 	struct wmi_dfs_phyerr_offload_cmd *cmd;
2594 	struct sk_buff *skb;
2595 	int ret;
2596 
2597 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2598 	if (!skb)
2599 		return -ENOMEM;
2600 
2601 	cmd = (struct wmi_dfs_phyerr_offload_cmd *)skb->data;
2602 	cmd->tlv_header =
2603 		FIELD_PREP(WMI_TLV_TAG,
2604 			   WMI_TAG_PDEV_DFS_PHYERR_OFFLOAD_ENABLE_CMD) |
2605 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2606 
2607 	cmd->pdev_id = pdev_id;
2608 
2609 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2610 		   "WMI dfs phy err offload enable pdev id %d\n", pdev_id);
2611 
2612 	ret = ath11k_wmi_cmd_send(wmi, skb,
2613 				  WMI_PDEV_DFS_PHYERR_OFFLOAD_ENABLE_CMDID);
2614 	if (ret) {
2615 		ath11k_warn(ar->ab,
2616 			    "failed to send WMI_PDEV_DFS_PHYERR_OFFLOAD_ENABLE cmd\n");
2617 		dev_kfree_skb(skb);
2618 	}
2619 
2620 	return ret;
2621 }
2622 
2623 int ath11k_wmi_delba_send(struct ath11k *ar, u32 vdev_id, const u8 *mac,
2624 			  u32 tid, u32 initiator, u32 reason)
2625 {
2626 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2627 	struct wmi_delba_send_cmd *cmd;
2628 	struct sk_buff *skb;
2629 	int ret;
2630 
2631 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2632 	if (!skb)
2633 		return -ENOMEM;
2634 
2635 	cmd = (struct wmi_delba_send_cmd *)skb->data;
2636 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_DELBA_SEND_CMD) |
2637 			FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2638 	cmd->vdev_id = vdev_id;
2639 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2640 	cmd->tid = tid;
2641 	cmd->initiator = initiator;
2642 	cmd->reasoncode = reason;
2643 
2644 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2645 		   "wmi delba send vdev_id 0x%X mac_addr %pM tid %u initiator %u reason %u\n",
2646 		   vdev_id, mac, tid, initiator, reason);
2647 
2648 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_DELBA_SEND_CMDID);
2649 
2650 	if (ret) {
2651 		ath11k_warn(ar->ab,
2652 			    "failed to send WMI_DELBA_SEND_CMDID cmd\n");
2653 		dev_kfree_skb(skb);
2654 	}
2655 
2656 	return ret;
2657 }
2658 
2659 int ath11k_wmi_addba_set_resp(struct ath11k *ar, u32 vdev_id, const u8 *mac,
2660 			      u32 tid, u32 status)
2661 {
2662 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2663 	struct wmi_addba_setresponse_cmd *cmd;
2664 	struct sk_buff *skb;
2665 	int ret;
2666 
2667 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2668 	if (!skb)
2669 		return -ENOMEM;
2670 
2671 	cmd = (struct wmi_addba_setresponse_cmd *)skb->data;
2672 	cmd->tlv_header =
2673 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ADDBA_SETRESPONSE_CMD) |
2674 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2675 	cmd->vdev_id = vdev_id;
2676 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2677 	cmd->tid = tid;
2678 	cmd->statuscode = status;
2679 
2680 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2681 		   "wmi addba set resp vdev_id 0x%X mac_addr %pM tid %u status %u\n",
2682 		   vdev_id, mac, tid, status);
2683 
2684 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_ADDBA_SET_RESP_CMDID);
2685 
2686 	if (ret) {
2687 		ath11k_warn(ar->ab,
2688 			    "failed to send WMI_ADDBA_SET_RESP_CMDID cmd\n");
2689 		dev_kfree_skb(skb);
2690 	}
2691 
2692 	return ret;
2693 }
2694 
2695 int ath11k_wmi_addba_send(struct ath11k *ar, u32 vdev_id, const u8 *mac,
2696 			  u32 tid, u32 buf_size)
2697 {
2698 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2699 	struct wmi_addba_send_cmd *cmd;
2700 	struct sk_buff *skb;
2701 	int ret;
2702 
2703 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2704 	if (!skb)
2705 		return -ENOMEM;
2706 
2707 	cmd = (struct wmi_addba_send_cmd *)skb->data;
2708 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ADDBA_SEND_CMD) |
2709 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2710 	cmd->vdev_id = vdev_id;
2711 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2712 	cmd->tid = tid;
2713 	cmd->buffersize = buf_size;
2714 
2715 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2716 		   "wmi addba send vdev_id 0x%X mac_addr %pM tid %u bufsize %u\n",
2717 		   vdev_id, mac, tid, buf_size);
2718 
2719 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_ADDBA_SEND_CMDID);
2720 
2721 	if (ret) {
2722 		ath11k_warn(ar->ab,
2723 			    "failed to send WMI_ADDBA_SEND_CMDID cmd\n");
2724 		dev_kfree_skb(skb);
2725 	}
2726 
2727 	return ret;
2728 }
2729 
2730 int ath11k_wmi_addba_clear_resp(struct ath11k *ar, u32 vdev_id, const u8 *mac)
2731 {
2732 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2733 	struct wmi_addba_clear_resp_cmd *cmd;
2734 	struct sk_buff *skb;
2735 	int ret;
2736 
2737 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2738 	if (!skb)
2739 		return -ENOMEM;
2740 
2741 	cmd = (struct wmi_addba_clear_resp_cmd *)skb->data;
2742 	cmd->tlv_header =
2743 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ADDBA_CLEAR_RESP_CMD) |
2744 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2745 	cmd->vdev_id = vdev_id;
2746 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2747 
2748 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2749 		   "wmi addba clear resp vdev_id 0x%X mac_addr %pM\n",
2750 		   vdev_id, mac);
2751 
2752 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_ADDBA_CLEAR_RESP_CMDID);
2753 
2754 	if (ret) {
2755 		ath11k_warn(ar->ab,
2756 			    "failed to send WMI_ADDBA_CLEAR_RESP_CMDID cmd\n");
2757 		dev_kfree_skb(skb);
2758 	}
2759 
2760 	return ret;
2761 }
2762 
2763 int ath11k_wmi_pdev_peer_pktlog_filter(struct ath11k *ar, u8 *addr, u8 enable)
2764 {
2765 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2766 	struct wmi_pdev_pktlog_filter_cmd *cmd;
2767 	struct wmi_pdev_pktlog_filter_info *info;
2768 	struct sk_buff *skb;
2769 	struct wmi_tlv *tlv;
2770 	void *ptr;
2771 	int ret, len;
2772 
2773 	len = sizeof(*cmd) + sizeof(*info) + TLV_HDR_SIZE;
2774 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
2775 	if (!skb)
2776 		return -ENOMEM;
2777 
2778 	cmd = (struct wmi_pdev_pktlog_filter_cmd *)skb->data;
2779 
2780 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_PEER_PKTLOG_FILTER_CMD) |
2781 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2782 
2783 	cmd->pdev_id = DP_HW2SW_MACID(ar->pdev->pdev_id);
2784 	cmd->num_mac = 1;
2785 	cmd->enable = enable;
2786 
2787 	ptr = skb->data + sizeof(*cmd);
2788 
2789 	tlv = ptr;
2790 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
2791 		      FIELD_PREP(WMI_TLV_LEN, sizeof(*info));
2792 
2793 	ptr += TLV_HDR_SIZE;
2794 	info = ptr;
2795 
2796 	ether_addr_copy(info->peer_macaddr.addr, addr);
2797 	info->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_PEER_PKTLOG_FILTER_INFO) |
2798 			   FIELD_PREP(WMI_TLV_LEN,
2799 				      sizeof(*info) - TLV_HDR_SIZE);
2800 
2801 	ret = ath11k_wmi_cmd_send(wmi, skb,
2802 				  WMI_PDEV_PKTLOG_FILTER_CMDID);
2803 	if (ret) {
2804 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_PKTLOG_ENABLE_CMDID\n");
2805 		dev_kfree_skb(skb);
2806 	}
2807 
2808 	return ret;
2809 }
2810 
2811 int
2812 ath11k_wmi_send_init_country_cmd(struct ath11k *ar,
2813 				 struct wmi_init_country_params init_cc_params)
2814 {
2815 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2816 	struct wmi_init_country_cmd *cmd;
2817 	struct sk_buff *skb;
2818 	int ret;
2819 
2820 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2821 	if (!skb)
2822 		return -ENOMEM;
2823 
2824 	cmd = (struct wmi_init_country_cmd *)skb->data;
2825 	cmd->tlv_header =
2826 		FIELD_PREP(WMI_TLV_TAG,
2827 			   WMI_TAG_SET_INIT_COUNTRY_CMD) |
2828 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2829 
2830 	cmd->pdev_id = ar->pdev->pdev_id;
2831 
2832 	switch (init_cc_params.flags) {
2833 	case ALPHA_IS_SET:
2834 		cmd->init_cc_type = WMI_COUNTRY_INFO_TYPE_ALPHA;
2835 		memcpy((u8 *)&cmd->cc_info.alpha2,
2836 		       init_cc_params.cc_info.alpha2, 3);
2837 		break;
2838 	case CC_IS_SET:
2839 		cmd->init_cc_type = WMI_COUNTRY_INFO_TYPE_COUNTRY_CODE;
2840 		cmd->cc_info.country_code = init_cc_params.cc_info.country_code;
2841 		break;
2842 	case REGDMN_IS_SET:
2843 		cmd->init_cc_type = WMI_COUNTRY_INFO_TYPE_REGDOMAIN;
2844 		cmd->cc_info.regdom_id = init_cc_params.cc_info.regdom_id;
2845 		break;
2846 	default:
2847 		ret = -EINVAL;
2848 		goto out;
2849 	}
2850 
2851 	ret = ath11k_wmi_cmd_send(wmi, skb,
2852 				  WMI_SET_INIT_COUNTRY_CMDID);
2853 
2854 out:
2855 	if (ret) {
2856 		ath11k_warn(ar->ab,
2857 			    "failed to send WMI_SET_INIT_COUNTRY CMD :%d\n",
2858 			    ret);
2859 		dev_kfree_skb(skb);
2860 	}
2861 
2862 	return ret;
2863 }
2864 
2865 int ath11k_wmi_send_set_current_country_cmd(struct ath11k *ar,
2866 					    struct wmi_set_current_country_params *param)
2867 {
2868 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2869 	struct wmi_set_current_country_cmd *cmd;
2870 	struct sk_buff *skb;
2871 	int ret;
2872 
2873 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2874 	if (!skb)
2875 		return -ENOMEM;
2876 
2877 	cmd = (struct wmi_set_current_country_cmd *)skb->data;
2878 	cmd->tlv_header =
2879 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_SET_CURRENT_COUNTRY_CMD) |
2880 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2881 
2882 	cmd->pdev_id = ar->pdev->pdev_id;
2883 	memcpy(&cmd->new_alpha2, &param->alpha2, 3);
2884 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_SET_CURRENT_COUNTRY_CMDID);
2885 
2886 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2887 		   "set current country pdev id %d alpha2 %c%c\n",
2888 		   ar->pdev->pdev_id,
2889 		   param->alpha2[0],
2890 		   param->alpha2[1]);
2891 
2892 	if (ret) {
2893 		ath11k_warn(ar->ab,
2894 			    "failed to send WMI_SET_CURRENT_COUNTRY_CMDID: %d\n", ret);
2895 		dev_kfree_skb(skb);
2896 	}
2897 
2898 	return ret;
2899 }
2900 
2901 int
2902 ath11k_wmi_send_thermal_mitigation_param_cmd(struct ath11k *ar,
2903 					     struct thermal_mitigation_params *param)
2904 {
2905 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2906 	struct wmi_therm_throt_config_request_cmd *cmd;
2907 	struct wmi_therm_throt_level_config_info *lvl_conf;
2908 	struct wmi_tlv *tlv;
2909 	struct sk_buff *skb;
2910 	int i, ret, len;
2911 
2912 	len = sizeof(*cmd) + TLV_HDR_SIZE +
2913 	      THERMAL_LEVELS * sizeof(struct wmi_therm_throt_level_config_info);
2914 
2915 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
2916 	if (!skb)
2917 		return -ENOMEM;
2918 
2919 	cmd = (struct wmi_therm_throt_config_request_cmd *)skb->data;
2920 
2921 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_THERM_THROT_CONFIG_REQUEST) |
2922 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2923 
2924 	cmd->pdev_id = ar->pdev->pdev_id;
2925 	cmd->enable = param->enable;
2926 	cmd->dc = param->dc;
2927 	cmd->dc_per_event = param->dc_per_event;
2928 	cmd->therm_throt_levels = THERMAL_LEVELS;
2929 
2930 	tlv = (struct wmi_tlv *)(skb->data + sizeof(*cmd));
2931 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
2932 		      FIELD_PREP(WMI_TLV_LEN,
2933 				 (THERMAL_LEVELS *
2934 				  sizeof(struct wmi_therm_throt_level_config_info)));
2935 
2936 	lvl_conf = (struct wmi_therm_throt_level_config_info *)(skb->data +
2937 								sizeof(*cmd) +
2938 								TLV_HDR_SIZE);
2939 	for (i = 0; i < THERMAL_LEVELS; i++) {
2940 		lvl_conf->tlv_header =
2941 			FIELD_PREP(WMI_TLV_TAG, WMI_TAG_THERM_THROT_LEVEL_CONFIG_INFO) |
2942 			FIELD_PREP(WMI_TLV_LEN, sizeof(*lvl_conf) - TLV_HDR_SIZE);
2943 
2944 		lvl_conf->temp_lwm = param->levelconf[i].tmplwm;
2945 		lvl_conf->temp_hwm = param->levelconf[i].tmphwm;
2946 		lvl_conf->dc_off_percent = param->levelconf[i].dcoffpercent;
2947 		lvl_conf->prio = param->levelconf[i].priority;
2948 		lvl_conf++;
2949 	}
2950 
2951 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_THERM_THROT_SET_CONF_CMDID);
2952 	if (ret) {
2953 		ath11k_warn(ar->ab, "failed to send THERM_THROT_SET_CONF cmd\n");
2954 		dev_kfree_skb(skb);
2955 	}
2956 
2957 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2958 		   "WMI vdev set thermal throt pdev_id %d enable %d dc %d dc_per_event %x levels %d\n",
2959 		   ar->pdev->pdev_id, param->enable, param->dc,
2960 		   param->dc_per_event, THERMAL_LEVELS);
2961 
2962 	return ret;
2963 }
2964 
2965 int ath11k_wmi_send_11d_scan_start_cmd(struct ath11k *ar,
2966 				       struct wmi_11d_scan_start_params *param)
2967 {
2968 	struct ath11k_pdev_wmi *wmi = ar->wmi;
2969 	struct wmi_11d_scan_start_cmd *cmd;
2970 	struct sk_buff *skb;
2971 	int ret;
2972 
2973 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2974 	if (!skb)
2975 		return -ENOMEM;
2976 
2977 	cmd = (struct wmi_11d_scan_start_cmd *)skb->data;
2978 	cmd->tlv_header =
2979 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_11D_SCAN_START_CMD) |
2980 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
2981 
2982 	cmd->vdev_id = param->vdev_id;
2983 	cmd->scan_period_msec = param->scan_period_msec;
2984 	cmd->start_interval_msec = param->start_interval_msec;
2985 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_11D_SCAN_START_CMDID);
2986 
2987 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
2988 		   "send 11d scan start vdev id %d period %d ms internal %d ms\n",
2989 		   cmd->vdev_id,
2990 		   cmd->scan_period_msec,
2991 		   cmd->start_interval_msec);
2992 
2993 	if (ret) {
2994 		ath11k_warn(ar->ab,
2995 			    "failed to send WMI_11D_SCAN_START_CMDID: %d\n", ret);
2996 		dev_kfree_skb(skb);
2997 	}
2998 
2999 	return ret;
3000 }
3001 
3002 int ath11k_wmi_send_11d_scan_stop_cmd(struct ath11k *ar, u32 vdev_id)
3003 {
3004 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3005 	struct wmi_11d_scan_stop_cmd *cmd;
3006 	struct sk_buff *skb;
3007 	int ret;
3008 
3009 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
3010 	if (!skb)
3011 		return -ENOMEM;
3012 
3013 	cmd = (struct wmi_11d_scan_stop_cmd *)skb->data;
3014 	cmd->tlv_header =
3015 		FIELD_PREP(WMI_TLV_TAG, WMI_TAG_11D_SCAN_STOP_CMD) |
3016 		FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3017 
3018 	cmd->vdev_id = vdev_id;
3019 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_11D_SCAN_STOP_CMDID);
3020 
3021 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3022 		   "send 11d scan stop vdev id %d\n",
3023 		   cmd->vdev_id);
3024 
3025 	if (ret) {
3026 		ath11k_warn(ar->ab,
3027 			    "failed to send WMI_11D_SCAN_STOP_CMDID: %d\n", ret);
3028 		dev_kfree_skb(skb);
3029 	}
3030 
3031 	return ret;
3032 }
3033 
3034 int ath11k_wmi_pdev_pktlog_enable(struct ath11k *ar, u32 pktlog_filter)
3035 {
3036 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3037 	struct wmi_pktlog_enable_cmd *cmd;
3038 	struct sk_buff *skb;
3039 	int ret;
3040 
3041 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
3042 	if (!skb)
3043 		return -ENOMEM;
3044 
3045 	cmd = (struct wmi_pktlog_enable_cmd *)skb->data;
3046 
3047 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_PKTLOG_ENABLE_CMD) |
3048 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3049 
3050 	cmd->pdev_id = DP_HW2SW_MACID(ar->pdev->pdev_id);
3051 	cmd->evlist = pktlog_filter;
3052 	cmd->enable = ATH11K_WMI_PKTLOG_ENABLE_FORCE;
3053 
3054 	ret = ath11k_wmi_cmd_send(wmi, skb,
3055 				  WMI_PDEV_PKTLOG_ENABLE_CMDID);
3056 	if (ret) {
3057 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_PKTLOG_ENABLE_CMDID\n");
3058 		dev_kfree_skb(skb);
3059 	}
3060 
3061 	return ret;
3062 }
3063 
3064 int ath11k_wmi_pdev_pktlog_disable(struct ath11k *ar)
3065 {
3066 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3067 	struct wmi_pktlog_disable_cmd *cmd;
3068 	struct sk_buff *skb;
3069 	int ret;
3070 
3071 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
3072 	if (!skb)
3073 		return -ENOMEM;
3074 
3075 	cmd = (struct wmi_pktlog_disable_cmd *)skb->data;
3076 
3077 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_PKTLOG_DISABLE_CMD) |
3078 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3079 
3080 	cmd->pdev_id = DP_HW2SW_MACID(ar->pdev->pdev_id);
3081 
3082 	ret = ath11k_wmi_cmd_send(wmi, skb,
3083 				  WMI_PDEV_PKTLOG_DISABLE_CMDID);
3084 	if (ret) {
3085 		ath11k_warn(ar->ab, "failed to send WMI_PDEV_PKTLOG_ENABLE_CMDID\n");
3086 		dev_kfree_skb(skb);
3087 	}
3088 
3089 	return ret;
3090 }
3091 
3092 void ath11k_wmi_fill_default_twt_params(struct wmi_twt_enable_params *twt_params)
3093 {
3094 	twt_params->sta_cong_timer_ms = ATH11K_TWT_DEF_STA_CONG_TIMER_MS;
3095 	twt_params->default_slot_size = ATH11K_TWT_DEF_DEFAULT_SLOT_SIZE;
3096 	twt_params->congestion_thresh_setup = ATH11K_TWT_DEF_CONGESTION_THRESH_SETUP;
3097 	twt_params->congestion_thresh_teardown =
3098 		ATH11K_TWT_DEF_CONGESTION_THRESH_TEARDOWN;
3099 	twt_params->congestion_thresh_critical =
3100 		ATH11K_TWT_DEF_CONGESTION_THRESH_CRITICAL;
3101 	twt_params->interference_thresh_teardown =
3102 		ATH11K_TWT_DEF_INTERFERENCE_THRESH_TEARDOWN;
3103 	twt_params->interference_thresh_setup =
3104 		ATH11K_TWT_DEF_INTERFERENCE_THRESH_SETUP;
3105 	twt_params->min_no_sta_setup = ATH11K_TWT_DEF_MIN_NO_STA_SETUP;
3106 	twt_params->min_no_sta_teardown = ATH11K_TWT_DEF_MIN_NO_STA_TEARDOWN;
3107 	twt_params->no_of_bcast_mcast_slots = ATH11K_TWT_DEF_NO_OF_BCAST_MCAST_SLOTS;
3108 	twt_params->min_no_twt_slots = ATH11K_TWT_DEF_MIN_NO_TWT_SLOTS;
3109 	twt_params->max_no_sta_twt = ATH11K_TWT_DEF_MAX_NO_STA_TWT;
3110 	twt_params->mode_check_interval = ATH11K_TWT_DEF_MODE_CHECK_INTERVAL;
3111 	twt_params->add_sta_slot_interval = ATH11K_TWT_DEF_ADD_STA_SLOT_INTERVAL;
3112 	twt_params->remove_sta_slot_interval =
3113 		ATH11K_TWT_DEF_REMOVE_STA_SLOT_INTERVAL;
3114 	/* TODO add MBSSID support */
3115 	twt_params->mbss_support = 0;
3116 }
3117 
3118 int ath11k_wmi_send_twt_enable_cmd(struct ath11k *ar, u32 pdev_id,
3119 				   struct wmi_twt_enable_params *params)
3120 {
3121 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3122 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3123 	struct wmi_twt_enable_params_cmd *cmd;
3124 	struct sk_buff *skb;
3125 	int ret, len;
3126 
3127 	len = sizeof(*cmd);
3128 
3129 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3130 	if (!skb)
3131 		return -ENOMEM;
3132 
3133 	cmd = (struct wmi_twt_enable_params_cmd *)skb->data;
3134 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_TWT_ENABLE_CMD) |
3135 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3136 	cmd->pdev_id = pdev_id;
3137 	cmd->sta_cong_timer_ms = params->sta_cong_timer_ms;
3138 	cmd->default_slot_size = params->default_slot_size;
3139 	cmd->congestion_thresh_setup = params->congestion_thresh_setup;
3140 	cmd->congestion_thresh_teardown = params->congestion_thresh_teardown;
3141 	cmd->congestion_thresh_critical = params->congestion_thresh_critical;
3142 	cmd->interference_thresh_teardown = params->interference_thresh_teardown;
3143 	cmd->interference_thresh_setup = params->interference_thresh_setup;
3144 	cmd->min_no_sta_setup = params->min_no_sta_setup;
3145 	cmd->min_no_sta_teardown = params->min_no_sta_teardown;
3146 	cmd->no_of_bcast_mcast_slots = params->no_of_bcast_mcast_slots;
3147 	cmd->min_no_twt_slots = params->min_no_twt_slots;
3148 	cmd->max_no_sta_twt = params->max_no_sta_twt;
3149 	cmd->mode_check_interval = params->mode_check_interval;
3150 	cmd->add_sta_slot_interval = params->add_sta_slot_interval;
3151 	cmd->remove_sta_slot_interval = params->remove_sta_slot_interval;
3152 	cmd->mbss_support = params->mbss_support;
3153 
3154 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_ENABLE_CMDID);
3155 	if (ret) {
3156 		ath11k_warn(ab, "Failed to send WMI_TWT_ENABLE_CMDID");
3157 		dev_kfree_skb(skb);
3158 	} else {
3159 		ar->twt_enabled = 1;
3160 	}
3161 	return ret;
3162 }
3163 
3164 int
3165 ath11k_wmi_send_twt_disable_cmd(struct ath11k *ar, u32 pdev_id)
3166 {
3167 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3168 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3169 	struct wmi_twt_disable_params_cmd *cmd;
3170 	struct sk_buff *skb;
3171 	int ret, len;
3172 
3173 	len = sizeof(*cmd);
3174 
3175 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3176 	if (!skb)
3177 		return -ENOMEM;
3178 
3179 	cmd = (struct wmi_twt_disable_params_cmd *)skb->data;
3180 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_TWT_DISABLE_CMD) |
3181 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3182 	cmd->pdev_id = pdev_id;
3183 
3184 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_DISABLE_CMDID);
3185 	if (ret) {
3186 		ath11k_warn(ab, "Failed to send WMI_TWT_DISABLE_CMDID");
3187 		dev_kfree_skb(skb);
3188 	} else {
3189 		ar->twt_enabled = 0;
3190 	}
3191 	return ret;
3192 }
3193 
3194 int ath11k_wmi_send_twt_add_dialog_cmd(struct ath11k *ar,
3195 				       struct wmi_twt_add_dialog_params *params)
3196 {
3197 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3198 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3199 	struct wmi_twt_add_dialog_params_cmd *cmd;
3200 	struct sk_buff *skb;
3201 	int ret, len;
3202 
3203 	len = sizeof(*cmd);
3204 
3205 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3206 	if (!skb)
3207 		return -ENOMEM;
3208 
3209 	cmd = (struct wmi_twt_add_dialog_params_cmd *)skb->data;
3210 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_TWT_ADD_DIALOG_CMD) |
3211 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3212 
3213 	cmd->vdev_id = params->vdev_id;
3214 	ether_addr_copy(cmd->peer_macaddr.addr, params->peer_macaddr);
3215 	cmd->dialog_id = params->dialog_id;
3216 	cmd->wake_intvl_us = params->wake_intvl_us;
3217 	cmd->wake_intvl_mantis = params->wake_intvl_mantis;
3218 	cmd->wake_dura_us = params->wake_dura_us;
3219 	cmd->sp_offset_us = params->sp_offset_us;
3220 	cmd->flags = params->twt_cmd;
3221 	if (params->flag_bcast)
3222 		cmd->flags |= WMI_TWT_ADD_DIALOG_FLAG_BCAST;
3223 	if (params->flag_trigger)
3224 		cmd->flags |= WMI_TWT_ADD_DIALOG_FLAG_TRIGGER;
3225 	if (params->flag_flow_type)
3226 		cmd->flags |= WMI_TWT_ADD_DIALOG_FLAG_FLOW_TYPE;
3227 	if (params->flag_protection)
3228 		cmd->flags |= WMI_TWT_ADD_DIALOG_FLAG_PROTECTION;
3229 
3230 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3231 		   "wmi add twt dialog vdev %u dialog id %u wake interval %u mantissa %u wake duration %u service period offset %u flags 0x%x\n",
3232 		   cmd->vdev_id, cmd->dialog_id, cmd->wake_intvl_us,
3233 		   cmd->wake_intvl_mantis, cmd->wake_dura_us, cmd->sp_offset_us,
3234 		   cmd->flags);
3235 
3236 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_ADD_DIALOG_CMDID);
3237 
3238 	if (ret) {
3239 		ath11k_warn(ab,
3240 			    "failed to send wmi command to add twt dialog: %d",
3241 			    ret);
3242 		dev_kfree_skb(skb);
3243 	}
3244 	return ret;
3245 }
3246 
3247 int ath11k_wmi_send_twt_del_dialog_cmd(struct ath11k *ar,
3248 				       struct wmi_twt_del_dialog_params *params)
3249 {
3250 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3251 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3252 	struct wmi_twt_del_dialog_params_cmd *cmd;
3253 	struct sk_buff *skb;
3254 	int ret, len;
3255 
3256 	len = sizeof(*cmd);
3257 
3258 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3259 	if (!skb)
3260 		return -ENOMEM;
3261 
3262 	cmd = (struct wmi_twt_del_dialog_params_cmd *)skb->data;
3263 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_TWT_DEL_DIALOG_CMD) |
3264 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3265 
3266 	cmd->vdev_id = params->vdev_id;
3267 	ether_addr_copy(cmd->peer_macaddr.addr, params->peer_macaddr);
3268 	cmd->dialog_id = params->dialog_id;
3269 
3270 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3271 		   "wmi delete twt dialog vdev %u dialog id %u\n",
3272 		   cmd->vdev_id, cmd->dialog_id);
3273 
3274 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_DEL_DIALOG_CMDID);
3275 	if (ret) {
3276 		ath11k_warn(ab,
3277 			    "failed to send wmi command to delete twt dialog: %d",
3278 			    ret);
3279 		dev_kfree_skb(skb);
3280 	}
3281 	return ret;
3282 }
3283 
3284 int ath11k_wmi_send_twt_pause_dialog_cmd(struct ath11k *ar,
3285 					 struct wmi_twt_pause_dialog_params *params)
3286 {
3287 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3288 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3289 	struct wmi_twt_pause_dialog_params_cmd *cmd;
3290 	struct sk_buff *skb;
3291 	int ret, len;
3292 
3293 	len = sizeof(*cmd);
3294 
3295 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3296 	if (!skb)
3297 		return -ENOMEM;
3298 
3299 	cmd = (struct wmi_twt_pause_dialog_params_cmd *)skb->data;
3300 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3301 				     WMI_TAG_TWT_PAUSE_DIALOG_CMD) |
3302 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3303 
3304 	cmd->vdev_id = params->vdev_id;
3305 	ether_addr_copy(cmd->peer_macaddr.addr, params->peer_macaddr);
3306 	cmd->dialog_id = params->dialog_id;
3307 
3308 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3309 		   "wmi pause twt dialog vdev %u dialog id %u\n",
3310 		   cmd->vdev_id, cmd->dialog_id);
3311 
3312 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_PAUSE_DIALOG_CMDID);
3313 	if (ret) {
3314 		ath11k_warn(ab,
3315 			    "failed to send wmi command to pause twt dialog: %d",
3316 			    ret);
3317 		dev_kfree_skb(skb);
3318 	}
3319 	return ret;
3320 }
3321 
3322 int ath11k_wmi_send_twt_resume_dialog_cmd(struct ath11k *ar,
3323 					  struct wmi_twt_resume_dialog_params *params)
3324 {
3325 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3326 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3327 	struct wmi_twt_resume_dialog_params_cmd *cmd;
3328 	struct sk_buff *skb;
3329 	int ret, len;
3330 
3331 	len = sizeof(*cmd);
3332 
3333 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3334 	if (!skb)
3335 		return -ENOMEM;
3336 
3337 	cmd = (struct wmi_twt_resume_dialog_params_cmd *)skb->data;
3338 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3339 				     WMI_TAG_TWT_RESUME_DIALOG_CMD) |
3340 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3341 
3342 	cmd->vdev_id = params->vdev_id;
3343 	ether_addr_copy(cmd->peer_macaddr.addr, params->peer_macaddr);
3344 	cmd->dialog_id = params->dialog_id;
3345 	cmd->sp_offset_us = params->sp_offset_us;
3346 	cmd->next_twt_size = params->next_twt_size;
3347 
3348 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3349 		   "wmi resume twt dialog vdev %u dialog id %u service period offset %u next twt subfield size %u\n",
3350 		   cmd->vdev_id, cmd->dialog_id, cmd->sp_offset_us,
3351 		   cmd->next_twt_size);
3352 
3353 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_TWT_RESUME_DIALOG_CMDID);
3354 	if (ret) {
3355 		ath11k_warn(ab,
3356 			    "failed to send wmi command to resume twt dialog: %d",
3357 			    ret);
3358 		dev_kfree_skb(skb);
3359 	}
3360 	return ret;
3361 }
3362 
3363 int
3364 ath11k_wmi_send_obss_spr_cmd(struct ath11k *ar, u32 vdev_id,
3365 			     struct ieee80211_he_obss_pd *he_obss_pd)
3366 {
3367 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3368 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3369 	struct wmi_obss_spatial_reuse_params_cmd *cmd;
3370 	struct sk_buff *skb;
3371 	int ret, len;
3372 
3373 	len = sizeof(*cmd);
3374 
3375 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3376 	if (!skb)
3377 		return -ENOMEM;
3378 
3379 	cmd = (struct wmi_obss_spatial_reuse_params_cmd *)skb->data;
3380 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3381 				     WMI_TAG_OBSS_SPATIAL_REUSE_SET_CMD) |
3382 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3383 	cmd->vdev_id = vdev_id;
3384 	cmd->enable = he_obss_pd->enable;
3385 	cmd->obss_min = he_obss_pd->min_offset;
3386 	cmd->obss_max = he_obss_pd->max_offset;
3387 
3388 	ret = ath11k_wmi_cmd_send(wmi, skb,
3389 				  WMI_PDEV_OBSS_PD_SPATIAL_REUSE_CMDID);
3390 	if (ret) {
3391 		ath11k_warn(ab,
3392 			    "Failed to send WMI_PDEV_OBSS_PD_SPATIAL_REUSE_CMDID");
3393 		dev_kfree_skb(skb);
3394 	}
3395 	return ret;
3396 }
3397 
3398 int
3399 ath11k_wmi_pdev_set_srg_bss_color_bitmap(struct ath11k *ar, u32 *bitmap)
3400 {
3401 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3402 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3403 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3404 	struct sk_buff *skb;
3405 	int ret, len;
3406 
3407 	len = sizeof(*cmd);
3408 
3409 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3410 	if (!skb)
3411 		return -ENOMEM;
3412 
3413 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3414 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3415 				     WMI_TAG_PDEV_SRG_BSS_COLOR_BITMAP_CMD) |
3416 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3417 	cmd->pdev_id = ar->pdev->pdev_id;
3418 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3419 
3420 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3421 		   "obss pd pdev_id %d bss color bitmap %08x %08x\n",
3422 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3423 
3424 	ret = ath11k_wmi_cmd_send(wmi, skb,
3425 				  WMI_PDEV_SET_SRG_BSS_COLOR_BITMAP_CMDID);
3426 	if (ret) {
3427 		ath11k_warn(ab,
3428 			    "failed to send WMI_PDEV_SET_SRG_BSS_COLOR_BITMAP_CMDID");
3429 		dev_kfree_skb(skb);
3430 	}
3431 
3432 	return ret;
3433 }
3434 
3435 int
3436 ath11k_wmi_pdev_set_srg_patial_bssid_bitmap(struct ath11k *ar, u32 *bitmap)
3437 {
3438 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3439 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3440 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3441 	struct sk_buff *skb;
3442 	int ret, len;
3443 
3444 	len = sizeof(*cmd);
3445 
3446 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3447 	if (!skb)
3448 		return -ENOMEM;
3449 
3450 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3451 	cmd->tlv_header =
3452 		FIELD_PREP(WMI_TLV_TAG,
3453 			   WMI_TAG_PDEV_SRG_PARTIAL_BSSID_BITMAP_CMD) |
3454 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3455 	cmd->pdev_id = ar->pdev->pdev_id;
3456 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3457 
3458 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3459 		   "obss pd pdev_id %d partial bssid bitmap %08x %08x\n",
3460 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3461 
3462 	ret = ath11k_wmi_cmd_send(wmi, skb,
3463 				  WMI_PDEV_SET_SRG_PARTIAL_BSSID_BITMAP_CMDID);
3464 	if (ret) {
3465 		ath11k_warn(ab,
3466 			    "failed to send WMI_PDEV_SET_SRG_PARTIAL_BSSID_BITMAP_CMDID");
3467 		dev_kfree_skb(skb);
3468 	}
3469 
3470 	return ret;
3471 }
3472 
3473 int
3474 ath11k_wmi_pdev_srg_obss_color_enable_bitmap(struct ath11k *ar, u32 *bitmap)
3475 {
3476 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3477 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3478 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3479 	struct sk_buff *skb;
3480 	int ret, len;
3481 
3482 	len = sizeof(*cmd);
3483 
3484 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3485 	if (!skb)
3486 		return -ENOMEM;
3487 
3488 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3489 	cmd->tlv_header =
3490 		FIELD_PREP(WMI_TLV_TAG,
3491 			   WMI_TAG_PDEV_SRG_OBSS_COLOR_ENABLE_BITMAP_CMD) |
3492 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3493 	cmd->pdev_id = ar->pdev->pdev_id;
3494 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3495 
3496 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3497 		   "obss pd srg pdev_id %d bss color enable bitmap %08x %08x\n",
3498 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3499 
3500 	ret = ath11k_wmi_cmd_send(wmi, skb,
3501 				  WMI_PDEV_SET_SRG_OBSS_COLOR_ENABLE_BITMAP_CMDID);
3502 	if (ret) {
3503 		ath11k_warn(ab,
3504 			    "failed to send WMI_PDEV_SET_SRG_OBSS_COLOR_ENABLE_BITMAP_CMDID");
3505 		dev_kfree_skb(skb);
3506 	}
3507 
3508 	return ret;
3509 }
3510 
3511 int
3512 ath11k_wmi_pdev_srg_obss_bssid_enable_bitmap(struct ath11k *ar, u32 *bitmap)
3513 {
3514 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3515 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3516 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3517 	struct sk_buff *skb;
3518 	int ret, len;
3519 
3520 	len = sizeof(*cmd);
3521 
3522 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3523 	if (!skb)
3524 		return -ENOMEM;
3525 
3526 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3527 	cmd->tlv_header =
3528 		FIELD_PREP(WMI_TLV_TAG,
3529 			   WMI_TAG_PDEV_SRG_OBSS_BSSID_ENABLE_BITMAP_CMD) |
3530 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3531 	cmd->pdev_id = ar->pdev->pdev_id;
3532 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3533 
3534 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3535 		   "obss pd srg pdev_id %d bssid enable bitmap %08x %08x\n",
3536 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3537 
3538 	ret = ath11k_wmi_cmd_send(wmi, skb,
3539 				  WMI_PDEV_SET_SRG_OBSS_BSSID_ENABLE_BITMAP_CMDID);
3540 	if (ret) {
3541 		ath11k_warn(ab,
3542 			    "failed to send WMI_PDEV_SET_SRG_OBSS_BSSID_ENABLE_BITMAP_CMDID");
3543 		dev_kfree_skb(skb);
3544 	}
3545 
3546 	return ret;
3547 }
3548 
3549 int
3550 ath11k_wmi_pdev_non_srg_obss_color_enable_bitmap(struct ath11k *ar, u32 *bitmap)
3551 {
3552 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3553 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3554 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3555 	struct sk_buff *skb;
3556 	int ret, len;
3557 
3558 	len = sizeof(*cmd);
3559 
3560 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3561 	if (!skb)
3562 		return -ENOMEM;
3563 
3564 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3565 	cmd->tlv_header =
3566 		FIELD_PREP(WMI_TLV_TAG,
3567 			   WMI_TAG_PDEV_NON_SRG_OBSS_COLOR_ENABLE_BITMAP_CMD) |
3568 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3569 	cmd->pdev_id = ar->pdev->pdev_id;
3570 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3571 
3572 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3573 		   "obss pd non_srg pdev_id %d bss color enable bitmap %08x %08x\n",
3574 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3575 
3576 	ret = ath11k_wmi_cmd_send(wmi, skb,
3577 				  WMI_PDEV_SET_NON_SRG_OBSS_COLOR_ENABLE_BITMAP_CMDID);
3578 	if (ret) {
3579 		ath11k_warn(ab,
3580 			    "failed to send WMI_PDEV_SET_NON_SRG_OBSS_COLOR_ENABLE_BITMAP_CMDID");
3581 		dev_kfree_skb(skb);
3582 	}
3583 
3584 	return ret;
3585 }
3586 
3587 int
3588 ath11k_wmi_pdev_non_srg_obss_bssid_enable_bitmap(struct ath11k *ar, u32 *bitmap)
3589 {
3590 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3591 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3592 	struct wmi_pdev_obss_pd_bitmap_cmd *cmd;
3593 	struct sk_buff *skb;
3594 	int ret, len;
3595 
3596 	len = sizeof(*cmd);
3597 
3598 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3599 	if (!skb)
3600 		return -ENOMEM;
3601 
3602 	cmd = (struct wmi_pdev_obss_pd_bitmap_cmd *)skb->data;
3603 	cmd->tlv_header =
3604 		FIELD_PREP(WMI_TLV_TAG,
3605 			   WMI_TAG_PDEV_NON_SRG_OBSS_BSSID_ENABLE_BITMAP_CMD) |
3606 		FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3607 	cmd->pdev_id = ar->pdev->pdev_id;
3608 	memcpy(cmd->bitmap, bitmap, sizeof(cmd->bitmap));
3609 
3610 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3611 		   "obss pd non_srg pdev_id %d bssid enable bitmap %08x %08x\n",
3612 		   cmd->pdev_id, cmd->bitmap[0], cmd->bitmap[1]);
3613 
3614 	ret = ath11k_wmi_cmd_send(wmi, skb,
3615 				  WMI_PDEV_SET_NON_SRG_OBSS_BSSID_ENABLE_BITMAP_CMDID);
3616 	if (ret) {
3617 		ath11k_warn(ab,
3618 			    "failed to send WMI_PDEV_SET_NON_SRG_OBSS_BSSID_ENABLE_BITMAP_CMDID");
3619 		dev_kfree_skb(skb);
3620 	}
3621 
3622 	return ret;
3623 }
3624 
3625 int
3626 ath11k_wmi_send_obss_color_collision_cfg_cmd(struct ath11k *ar, u32 vdev_id,
3627 					     u8 bss_color, u32 period,
3628 					     bool enable)
3629 {
3630 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3631 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3632 	struct wmi_obss_color_collision_cfg_params_cmd *cmd;
3633 	struct sk_buff *skb;
3634 	int ret, len;
3635 
3636 	len = sizeof(*cmd);
3637 
3638 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3639 	if (!skb)
3640 		return -ENOMEM;
3641 
3642 	cmd = (struct wmi_obss_color_collision_cfg_params_cmd *)skb->data;
3643 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3644 				     WMI_TAG_OBSS_COLOR_COLLISION_DET_CONFIG) |
3645 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3646 	cmd->vdev_id = vdev_id;
3647 	cmd->evt_type = enable ? ATH11K_OBSS_COLOR_COLLISION_DETECTION :
3648 				 ATH11K_OBSS_COLOR_COLLISION_DETECTION_DISABLE;
3649 	cmd->current_bss_color = bss_color;
3650 	cmd->detection_period_ms = period;
3651 	cmd->scan_period_ms = ATH11K_BSS_COLOR_COLLISION_SCAN_PERIOD_MS;
3652 	cmd->free_slot_expiry_time_ms = 0;
3653 	cmd->flags = 0;
3654 
3655 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3656 		   "wmi_send_obss_color_collision_cfg id %d type %d bss_color %d detect_period %d scan_period %d\n",
3657 		   cmd->vdev_id, cmd->evt_type, cmd->current_bss_color,
3658 		   cmd->detection_period_ms, cmd->scan_period_ms);
3659 
3660 	ret = ath11k_wmi_cmd_send(wmi, skb,
3661 				  WMI_OBSS_COLOR_COLLISION_DET_CONFIG_CMDID);
3662 	if (ret) {
3663 		ath11k_warn(ab, "Failed to send WMI_OBSS_COLOR_COLLISION_DET_CONFIG_CMDID");
3664 		dev_kfree_skb(skb);
3665 	}
3666 	return ret;
3667 }
3668 
3669 int ath11k_wmi_send_bss_color_change_enable_cmd(struct ath11k *ar, u32 vdev_id,
3670 						bool enable)
3671 {
3672 	struct ath11k_pdev_wmi *wmi = ar->wmi;
3673 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3674 	struct wmi_bss_color_change_enable_params_cmd *cmd;
3675 	struct sk_buff *skb;
3676 	int ret, len;
3677 
3678 	len = sizeof(*cmd);
3679 
3680 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
3681 	if (!skb)
3682 		return -ENOMEM;
3683 
3684 	cmd = (struct wmi_bss_color_change_enable_params_cmd *)skb->data;
3685 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_BSS_COLOR_CHANGE_ENABLE) |
3686 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3687 	cmd->vdev_id = vdev_id;
3688 	cmd->enable = enable ? 1 : 0;
3689 
3690 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3691 		   "wmi_send_bss_color_change_enable id %d enable %d\n",
3692 		   cmd->vdev_id, cmd->enable);
3693 
3694 	ret = ath11k_wmi_cmd_send(wmi, skb,
3695 				  WMI_BSS_COLOR_CHANGE_ENABLE_CMDID);
3696 	if (ret) {
3697 		ath11k_warn(ab, "Failed to send WMI_BSS_COLOR_CHANGE_ENABLE_CMDID");
3698 		dev_kfree_skb(skb);
3699 	}
3700 	return ret;
3701 }
3702 
3703 int ath11k_wmi_fils_discovery_tmpl(struct ath11k *ar, u32 vdev_id,
3704 				   struct sk_buff *tmpl)
3705 {
3706 	struct wmi_tlv *tlv;
3707 	struct sk_buff *skb;
3708 	void *ptr;
3709 	int ret, len;
3710 	size_t aligned_len;
3711 	struct wmi_fils_discovery_tmpl_cmd *cmd;
3712 
3713 	aligned_len = roundup(tmpl->len, 4);
3714 	len = sizeof(*cmd) + TLV_HDR_SIZE + aligned_len;
3715 
3716 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3717 		   "WMI vdev %i set FILS discovery template\n", vdev_id);
3718 
3719 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
3720 	if (!skb)
3721 		return -ENOMEM;
3722 
3723 	cmd = (struct wmi_fils_discovery_tmpl_cmd *)skb->data;
3724 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3725 				     WMI_TAG_FILS_DISCOVERY_TMPL_CMD) |
3726 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3727 	cmd->vdev_id = vdev_id;
3728 	cmd->buf_len = tmpl->len;
3729 	ptr = skb->data + sizeof(*cmd);
3730 
3731 	tlv = ptr;
3732 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
3733 		      FIELD_PREP(WMI_TLV_LEN, aligned_len);
3734 	memcpy(tlv->value, tmpl->data, tmpl->len);
3735 
3736 	ret = ath11k_wmi_cmd_send(ar->wmi, skb, WMI_FILS_DISCOVERY_TMPL_CMDID);
3737 	if (ret) {
3738 		ath11k_warn(ar->ab,
3739 			    "WMI vdev %i failed to send FILS discovery template command\n",
3740 			    vdev_id);
3741 		dev_kfree_skb(skb);
3742 	}
3743 	return ret;
3744 }
3745 
3746 int ath11k_wmi_probe_resp_tmpl(struct ath11k *ar, u32 vdev_id,
3747 			       struct sk_buff *tmpl)
3748 {
3749 	struct wmi_probe_tmpl_cmd *cmd;
3750 	struct wmi_bcn_prb_info *probe_info;
3751 	struct wmi_tlv *tlv;
3752 	struct sk_buff *skb;
3753 	void *ptr;
3754 	int ret, len;
3755 	size_t aligned_len = roundup(tmpl->len, 4);
3756 
3757 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3758 		   "WMI vdev %i set probe response template\n", vdev_id);
3759 
3760 	len = sizeof(*cmd) + sizeof(*probe_info) + TLV_HDR_SIZE + aligned_len;
3761 
3762 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
3763 	if (!skb)
3764 		return -ENOMEM;
3765 
3766 	cmd = (struct wmi_probe_tmpl_cmd *)skb->data;
3767 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PRB_TMPL_CMD) |
3768 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
3769 	cmd->vdev_id = vdev_id;
3770 	cmd->buf_len = tmpl->len;
3771 
3772 	ptr = skb->data + sizeof(*cmd);
3773 
3774 	probe_info = ptr;
3775 	len = sizeof(*probe_info);
3776 	probe_info->tlv_header = FIELD_PREP(WMI_TLV_TAG,
3777 					    WMI_TAG_BCN_PRB_INFO) |
3778 				 FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3779 	probe_info->caps = 0;
3780 	probe_info->erp = 0;
3781 
3782 	ptr += sizeof(*probe_info);
3783 
3784 	tlv = ptr;
3785 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
3786 		      FIELD_PREP(WMI_TLV_LEN, aligned_len);
3787 	memcpy(tlv->value, tmpl->data, tmpl->len);
3788 
3789 	ret = ath11k_wmi_cmd_send(ar->wmi, skb, WMI_PRB_TMPL_CMDID);
3790 	if (ret) {
3791 		ath11k_warn(ar->ab,
3792 			    "WMI vdev %i failed to send probe response template command\n",
3793 			    vdev_id);
3794 		dev_kfree_skb(skb);
3795 	}
3796 	return ret;
3797 }
3798 
3799 int ath11k_wmi_fils_discovery(struct ath11k *ar, u32 vdev_id, u32 interval,
3800 			      bool unsol_bcast_probe_resp_enabled)
3801 {
3802 	struct sk_buff *skb;
3803 	int ret, len;
3804 	struct wmi_fils_discovery_cmd *cmd;
3805 
3806 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
3807 		   "WMI vdev %i set %s interval to %u TU\n",
3808 		   vdev_id, unsol_bcast_probe_resp_enabled ?
3809 		   "unsolicited broadcast probe response" : "FILS discovery",
3810 		   interval);
3811 
3812 	len = sizeof(*cmd);
3813 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
3814 	if (!skb)
3815 		return -ENOMEM;
3816 
3817 	cmd = (struct wmi_fils_discovery_cmd *)skb->data;
3818 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ENABLE_FILS_CMD) |
3819 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
3820 	cmd->vdev_id = vdev_id;
3821 	cmd->interval = interval;
3822 	cmd->config = unsol_bcast_probe_resp_enabled;
3823 
3824 	ret = ath11k_wmi_cmd_send(ar->wmi, skb, WMI_ENABLE_FILS_CMDID);
3825 	if (ret) {
3826 		ath11k_warn(ar->ab,
3827 			    "WMI vdev %i failed to send FILS discovery enable/disable command\n",
3828 			    vdev_id);
3829 		dev_kfree_skb(skb);
3830 	}
3831 	return ret;
3832 }
3833 
3834 static void
3835 ath11k_wmi_obss_color_collision_event(struct ath11k_base *ab, struct sk_buff *skb)
3836 {
3837 	const void **tb;
3838 	const struct wmi_obss_color_collision_event *ev;
3839 	struct ath11k_vif *arvif;
3840 	int ret;
3841 
3842 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
3843 	if (IS_ERR(tb)) {
3844 		ret = PTR_ERR(tb);
3845 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
3846 		return;
3847 	}
3848 
3849 	rcu_read_lock();
3850 
3851 	ev = tb[WMI_TAG_OBSS_COLOR_COLLISION_EVT];
3852 	if (!ev) {
3853 		ath11k_warn(ab, "failed to fetch obss color collision ev");
3854 		goto exit;
3855 	}
3856 
3857 	arvif = ath11k_mac_get_arvif_by_vdev_id(ab, ev->vdev_id);
3858 	if (!arvif) {
3859 		ath11k_warn(ab, "failed to find arvif with vedv id %d in obss_color_collision_event\n",
3860 			    ev->vdev_id);
3861 		goto exit;
3862 	}
3863 
3864 	switch (ev->evt_type) {
3865 	case WMI_BSS_COLOR_COLLISION_DETECTION:
3866 		ieee80211_obss_color_collision_notify(arvif->vif, ev->obss_color_bitmap,
3867 						      GFP_KERNEL);
3868 		ath11k_dbg(ab, ATH11K_DBG_WMI,
3869 			   "OBSS color collision detected vdev:%d, event:%d, bitmap:%08llx\n",
3870 			   ev->vdev_id, ev->evt_type, ev->obss_color_bitmap);
3871 		break;
3872 	case WMI_BSS_COLOR_COLLISION_DISABLE:
3873 	case WMI_BSS_COLOR_FREE_SLOT_TIMER_EXPIRY:
3874 	case WMI_BSS_COLOR_FREE_SLOT_AVAILABLE:
3875 		break;
3876 	default:
3877 		ath11k_warn(ab, "received unknown obss color collision detection event\n");
3878 	}
3879 
3880 exit:
3881 	kfree(tb);
3882 	rcu_read_unlock();
3883 }
3884 
3885 static void
3886 ath11k_fill_band_to_mac_param(struct ath11k_base  *soc,
3887 			      struct wmi_host_pdev_band_to_mac *band_to_mac)
3888 {
3889 	u8 i;
3890 	struct ath11k_hal_reg_capabilities_ext *hal_reg_cap;
3891 	struct ath11k_pdev *pdev;
3892 
3893 	for (i = 0; i < soc->num_radios; i++) {
3894 		pdev = &soc->pdevs[i];
3895 		hal_reg_cap = &soc->hal_reg_cap[i];
3896 		band_to_mac[i].pdev_id = pdev->pdev_id;
3897 
3898 		switch (pdev->cap.supported_bands) {
3899 		case WMI_HOST_WLAN_2G_5G_CAP:
3900 			band_to_mac[i].start_freq = hal_reg_cap->low_2ghz_chan;
3901 			band_to_mac[i].end_freq = hal_reg_cap->high_5ghz_chan;
3902 			break;
3903 		case WMI_HOST_WLAN_2G_CAP:
3904 			band_to_mac[i].start_freq = hal_reg_cap->low_2ghz_chan;
3905 			band_to_mac[i].end_freq = hal_reg_cap->high_2ghz_chan;
3906 			break;
3907 		case WMI_HOST_WLAN_5G_CAP:
3908 			band_to_mac[i].start_freq = hal_reg_cap->low_5ghz_chan;
3909 			band_to_mac[i].end_freq = hal_reg_cap->high_5ghz_chan;
3910 			break;
3911 		default:
3912 			break;
3913 		}
3914 	}
3915 }
3916 
3917 static void
3918 ath11k_wmi_copy_resource_config(struct wmi_resource_config *wmi_cfg,
3919 				struct target_resource_config *tg_cfg)
3920 {
3921 	wmi_cfg->num_vdevs = tg_cfg->num_vdevs;
3922 	wmi_cfg->num_peers = tg_cfg->num_peers;
3923 	wmi_cfg->num_offload_peers = tg_cfg->num_offload_peers;
3924 	wmi_cfg->num_offload_reorder_buffs = tg_cfg->num_offload_reorder_buffs;
3925 	wmi_cfg->num_peer_keys = tg_cfg->num_peer_keys;
3926 	wmi_cfg->num_tids = tg_cfg->num_tids;
3927 	wmi_cfg->ast_skid_limit = tg_cfg->ast_skid_limit;
3928 	wmi_cfg->tx_chain_mask = tg_cfg->tx_chain_mask;
3929 	wmi_cfg->rx_chain_mask = tg_cfg->rx_chain_mask;
3930 	wmi_cfg->rx_timeout_pri[0] = tg_cfg->rx_timeout_pri[0];
3931 	wmi_cfg->rx_timeout_pri[1] = tg_cfg->rx_timeout_pri[1];
3932 	wmi_cfg->rx_timeout_pri[2] = tg_cfg->rx_timeout_pri[2];
3933 	wmi_cfg->rx_timeout_pri[3] = tg_cfg->rx_timeout_pri[3];
3934 	wmi_cfg->rx_decap_mode = tg_cfg->rx_decap_mode;
3935 	wmi_cfg->scan_max_pending_req = tg_cfg->scan_max_pending_req;
3936 	wmi_cfg->bmiss_offload_max_vdev = tg_cfg->bmiss_offload_max_vdev;
3937 	wmi_cfg->roam_offload_max_vdev = tg_cfg->roam_offload_max_vdev;
3938 	wmi_cfg->roam_offload_max_ap_profiles =
3939 		tg_cfg->roam_offload_max_ap_profiles;
3940 	wmi_cfg->num_mcast_groups = tg_cfg->num_mcast_groups;
3941 	wmi_cfg->num_mcast_table_elems = tg_cfg->num_mcast_table_elems;
3942 	wmi_cfg->mcast2ucast_mode = tg_cfg->mcast2ucast_mode;
3943 	wmi_cfg->tx_dbg_log_size = tg_cfg->tx_dbg_log_size;
3944 	wmi_cfg->num_wds_entries = tg_cfg->num_wds_entries;
3945 	wmi_cfg->dma_burst_size = tg_cfg->dma_burst_size;
3946 	wmi_cfg->mac_aggr_delim = tg_cfg->mac_aggr_delim;
3947 	wmi_cfg->rx_skip_defrag_timeout_dup_detection_check =
3948 		tg_cfg->rx_skip_defrag_timeout_dup_detection_check;
3949 	wmi_cfg->vow_config = tg_cfg->vow_config;
3950 	wmi_cfg->gtk_offload_max_vdev = tg_cfg->gtk_offload_max_vdev;
3951 	wmi_cfg->num_msdu_desc = tg_cfg->num_msdu_desc;
3952 	wmi_cfg->max_frag_entries = tg_cfg->max_frag_entries;
3953 	wmi_cfg->num_tdls_vdevs = tg_cfg->num_tdls_vdevs;
3954 	wmi_cfg->num_tdls_conn_table_entries =
3955 		tg_cfg->num_tdls_conn_table_entries;
3956 	wmi_cfg->beacon_tx_offload_max_vdev =
3957 		tg_cfg->beacon_tx_offload_max_vdev;
3958 	wmi_cfg->num_multicast_filter_entries =
3959 		tg_cfg->num_multicast_filter_entries;
3960 	wmi_cfg->num_wow_filters = tg_cfg->num_wow_filters;
3961 	wmi_cfg->num_keep_alive_pattern = tg_cfg->num_keep_alive_pattern;
3962 	wmi_cfg->keep_alive_pattern_size = tg_cfg->keep_alive_pattern_size;
3963 	wmi_cfg->max_tdls_concurrent_sleep_sta =
3964 		tg_cfg->max_tdls_concurrent_sleep_sta;
3965 	wmi_cfg->max_tdls_concurrent_buffer_sta =
3966 		tg_cfg->max_tdls_concurrent_buffer_sta;
3967 	wmi_cfg->wmi_send_separate = tg_cfg->wmi_send_separate;
3968 	wmi_cfg->num_ocb_vdevs = tg_cfg->num_ocb_vdevs;
3969 	wmi_cfg->num_ocb_channels = tg_cfg->num_ocb_channels;
3970 	wmi_cfg->num_ocb_schedules = tg_cfg->num_ocb_schedules;
3971 	wmi_cfg->bpf_instruction_size = tg_cfg->bpf_instruction_size;
3972 	wmi_cfg->max_bssid_rx_filters = tg_cfg->max_bssid_rx_filters;
3973 	wmi_cfg->use_pdev_id = tg_cfg->use_pdev_id;
3974 	wmi_cfg->flag1 = tg_cfg->flag1;
3975 	wmi_cfg->peer_map_unmap_v2_support = tg_cfg->peer_map_unmap_v2_support;
3976 	wmi_cfg->sched_params = tg_cfg->sched_params;
3977 	wmi_cfg->twt_ap_pdev_count = tg_cfg->twt_ap_pdev_count;
3978 	wmi_cfg->twt_ap_sta_count = tg_cfg->twt_ap_sta_count;
3979 	wmi_cfg->host_service_flags &=
3980 		~(1 << WMI_CFG_HOST_SERVICE_FLAG_REG_CC_EXT);
3981 	wmi_cfg->host_service_flags |= (tg_cfg->is_reg_cc_ext_event_supported <<
3982 					WMI_CFG_HOST_SERVICE_FLAG_REG_CC_EXT);
3983 }
3984 
3985 static int ath11k_init_cmd_send(struct ath11k_pdev_wmi *wmi,
3986 				struct wmi_init_cmd_param *param)
3987 {
3988 	struct ath11k_base *ab = wmi->wmi_ab->ab;
3989 	struct sk_buff *skb;
3990 	struct wmi_init_cmd *cmd;
3991 	struct wmi_resource_config *cfg;
3992 	struct wmi_pdev_set_hw_mode_cmd_param *hw_mode;
3993 	struct wmi_pdev_band_to_mac *band_to_mac;
3994 	struct wlan_host_mem_chunk *host_mem_chunks;
3995 	struct wmi_tlv *tlv;
3996 	size_t ret, len;
3997 	void *ptr;
3998 	u32 hw_mode_len = 0;
3999 	u16 idx;
4000 
4001 	if (param->hw_mode_id != WMI_HOST_HW_MODE_MAX)
4002 		hw_mode_len = sizeof(*hw_mode) + TLV_HDR_SIZE +
4003 			      (param->num_band_to_mac * sizeof(*band_to_mac));
4004 
4005 	len = sizeof(*cmd) + TLV_HDR_SIZE + sizeof(*cfg) + hw_mode_len +
4006 	      (param->num_mem_chunks ? (sizeof(*host_mem_chunks) * WMI_MAX_MEM_REQS) : 0);
4007 
4008 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
4009 	if (!skb)
4010 		return -ENOMEM;
4011 
4012 	cmd = (struct wmi_init_cmd *)skb->data;
4013 
4014 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_INIT_CMD) |
4015 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4016 
4017 	ptr = skb->data + sizeof(*cmd);
4018 	cfg = ptr;
4019 
4020 	ath11k_wmi_copy_resource_config(cfg, param->res_cfg);
4021 
4022 	cfg->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_RESOURCE_CONFIG) |
4023 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cfg) - TLV_HDR_SIZE);
4024 
4025 	ptr += sizeof(*cfg);
4026 	host_mem_chunks = ptr + TLV_HDR_SIZE;
4027 	len = sizeof(struct wlan_host_mem_chunk);
4028 
4029 	for (idx = 0; idx < param->num_mem_chunks; ++idx) {
4030 		host_mem_chunks[idx].tlv_header =
4031 				FIELD_PREP(WMI_TLV_TAG,
4032 					   WMI_TAG_WLAN_HOST_MEMORY_CHUNK) |
4033 				FIELD_PREP(WMI_TLV_LEN, len);
4034 
4035 		host_mem_chunks[idx].ptr = param->mem_chunks[idx].paddr;
4036 		host_mem_chunks[idx].size = param->mem_chunks[idx].len;
4037 		host_mem_chunks[idx].req_id = param->mem_chunks[idx].req_id;
4038 
4039 		ath11k_dbg(ab, ATH11K_DBG_WMI,
4040 			   "WMI host mem chunk req_id %d paddr 0x%llx len %d\n",
4041 			   param->mem_chunks[idx].req_id,
4042 			   (u64)param->mem_chunks[idx].paddr,
4043 			   param->mem_chunks[idx].len);
4044 	}
4045 	cmd->num_host_mem_chunks = param->num_mem_chunks;
4046 	len = sizeof(struct wlan_host_mem_chunk) * param->num_mem_chunks;
4047 
4048 	/* num_mem_chunks is zero */
4049 	tlv = ptr;
4050 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
4051 		      FIELD_PREP(WMI_TLV_LEN, len);
4052 	ptr += TLV_HDR_SIZE + len;
4053 
4054 	if (param->hw_mode_id != WMI_HOST_HW_MODE_MAX) {
4055 		hw_mode = (struct wmi_pdev_set_hw_mode_cmd_param *)ptr;
4056 		hw_mode->tlv_header = FIELD_PREP(WMI_TLV_TAG,
4057 						 WMI_TAG_PDEV_SET_HW_MODE_CMD) |
4058 				      FIELD_PREP(WMI_TLV_LEN,
4059 						 sizeof(*hw_mode) - TLV_HDR_SIZE);
4060 
4061 		hw_mode->hw_mode_index = param->hw_mode_id;
4062 		hw_mode->num_band_to_mac = param->num_band_to_mac;
4063 
4064 		ptr += sizeof(*hw_mode);
4065 
4066 		len = param->num_band_to_mac * sizeof(*band_to_mac);
4067 		tlv = ptr;
4068 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
4069 			      FIELD_PREP(WMI_TLV_LEN, len);
4070 
4071 		ptr += TLV_HDR_SIZE;
4072 		len = sizeof(*band_to_mac);
4073 
4074 		for (idx = 0; idx < param->num_band_to_mac; idx++) {
4075 			band_to_mac = (void *)ptr;
4076 
4077 			band_to_mac->tlv_header = FIELD_PREP(WMI_TLV_TAG,
4078 							     WMI_TAG_PDEV_BAND_TO_MAC) |
4079 						  FIELD_PREP(WMI_TLV_LEN,
4080 							     len - TLV_HDR_SIZE);
4081 			band_to_mac->pdev_id = param->band_to_mac[idx].pdev_id;
4082 			band_to_mac->start_freq =
4083 				param->band_to_mac[idx].start_freq;
4084 			band_to_mac->end_freq =
4085 				param->band_to_mac[idx].end_freq;
4086 			ptr += sizeof(*band_to_mac);
4087 		}
4088 	}
4089 
4090 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_INIT_CMDID);
4091 	if (ret) {
4092 		ath11k_warn(ab, "failed to send WMI_INIT_CMDID\n");
4093 		dev_kfree_skb(skb);
4094 	}
4095 
4096 	return ret;
4097 }
4098 
4099 int ath11k_wmi_pdev_lro_cfg(struct ath11k *ar,
4100 			    int pdev_id)
4101 {
4102 	struct ath11k_wmi_pdev_lro_config_cmd *cmd;
4103 	struct sk_buff *skb;
4104 	int ret;
4105 
4106 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
4107 	if (!skb)
4108 		return -ENOMEM;
4109 
4110 	cmd = (struct ath11k_wmi_pdev_lro_config_cmd *)skb->data;
4111 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_LRO_INFO_CMD) |
4112 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4113 
4114 	get_random_bytes(cmd->th_4, sizeof(uint32_t) * ATH11K_IPV4_TH_SEED_SIZE);
4115 	get_random_bytes(cmd->th_6, sizeof(uint32_t) * ATH11K_IPV6_TH_SEED_SIZE);
4116 
4117 	cmd->pdev_id = pdev_id;
4118 
4119 	ret = ath11k_wmi_cmd_send(ar->wmi, skb, WMI_LRO_CONFIG_CMDID);
4120 	if (ret) {
4121 		ath11k_warn(ar->ab,
4122 			    "failed to send lro cfg req wmi cmd\n");
4123 		goto err;
4124 	}
4125 
4126 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
4127 		   "WMI lro cfg cmd pdev_id 0x%x\n", pdev_id);
4128 	return 0;
4129 err:
4130 	dev_kfree_skb(skb);
4131 	return ret;
4132 }
4133 
4134 int ath11k_wmi_wait_for_service_ready(struct ath11k_base *ab)
4135 {
4136 	unsigned long time_left;
4137 
4138 	time_left = wait_for_completion_timeout(&ab->wmi_ab.service_ready,
4139 						WMI_SERVICE_READY_TIMEOUT_HZ);
4140 	if (!time_left)
4141 		return -ETIMEDOUT;
4142 
4143 	return 0;
4144 }
4145 
4146 int ath11k_wmi_wait_for_unified_ready(struct ath11k_base *ab)
4147 {
4148 	unsigned long time_left;
4149 
4150 	time_left = wait_for_completion_timeout(&ab->wmi_ab.unified_ready,
4151 						WMI_SERVICE_READY_TIMEOUT_HZ);
4152 	if (!time_left)
4153 		return -ETIMEDOUT;
4154 
4155 	return 0;
4156 }
4157 
4158 int ath11k_wmi_set_hw_mode(struct ath11k_base *ab,
4159 			   enum wmi_host_hw_mode_config_type mode)
4160 {
4161 	struct wmi_pdev_set_hw_mode_cmd_param *cmd;
4162 	struct sk_buff *skb;
4163 	struct ath11k_wmi_base *wmi_ab = &ab->wmi_ab;
4164 	int len;
4165 	int ret;
4166 
4167 	len = sizeof(*cmd);
4168 
4169 	skb = ath11k_wmi_alloc_skb(wmi_ab, len);
4170 	if (!skb)
4171 		return -ENOMEM;
4172 
4173 	cmd = (struct wmi_pdev_set_hw_mode_cmd_param *)skb->data;
4174 
4175 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SET_HW_MODE_CMD) |
4176 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4177 
4178 	cmd->pdev_id = WMI_PDEV_ID_SOC;
4179 	cmd->hw_mode_index = mode;
4180 
4181 	ret = ath11k_wmi_cmd_send(&wmi_ab->wmi[0], skb, WMI_PDEV_SET_HW_MODE_CMDID);
4182 	if (ret) {
4183 		ath11k_warn(ab, "failed to send WMI_PDEV_SET_HW_MODE_CMDID\n");
4184 		dev_kfree_skb(skb);
4185 	}
4186 
4187 	return ret;
4188 }
4189 
4190 int ath11k_wmi_cmd_init(struct ath11k_base *ab)
4191 {
4192 	struct ath11k_wmi_base *wmi_sc = &ab->wmi_ab;
4193 	struct wmi_init_cmd_param init_param;
4194 	struct target_resource_config  config;
4195 
4196 	memset(&init_param, 0, sizeof(init_param));
4197 	memset(&config, 0, sizeof(config));
4198 
4199 	ab->hw_params.hw_ops->wmi_init_config(ab, &config);
4200 
4201 	if (test_bit(WMI_TLV_SERVICE_REG_CC_EXT_EVENT_SUPPORT,
4202 		     ab->wmi_ab.svc_map))
4203 		config.is_reg_cc_ext_event_supported = 1;
4204 
4205 	memcpy(&wmi_sc->wlan_resource_config, &config, sizeof(config));
4206 
4207 	init_param.res_cfg = &wmi_sc->wlan_resource_config;
4208 	init_param.num_mem_chunks = wmi_sc->num_mem_chunks;
4209 	init_param.hw_mode_id = wmi_sc->preferred_hw_mode;
4210 	init_param.mem_chunks = wmi_sc->mem_chunks;
4211 
4212 	if (ab->hw_params.single_pdev_only)
4213 		init_param.hw_mode_id = WMI_HOST_HW_MODE_MAX;
4214 
4215 	init_param.num_band_to_mac = ab->num_radios;
4216 	ath11k_fill_band_to_mac_param(ab, init_param.band_to_mac);
4217 
4218 	return ath11k_init_cmd_send(&wmi_sc->wmi[0], &init_param);
4219 }
4220 
4221 int ath11k_wmi_vdev_spectral_conf(struct ath11k *ar,
4222 				  struct ath11k_wmi_vdev_spectral_conf_param *param)
4223 {
4224 	struct ath11k_wmi_vdev_spectral_conf_cmd *cmd;
4225 	struct sk_buff *skb;
4226 	int ret;
4227 
4228 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
4229 	if (!skb)
4230 		return -ENOMEM;
4231 
4232 	cmd = (struct ath11k_wmi_vdev_spectral_conf_cmd *)skb->data;
4233 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
4234 				     WMI_TAG_VDEV_SPECTRAL_CONFIGURE_CMD) |
4235 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4236 
4237 	memcpy(&cmd->param, param, sizeof(*param));
4238 
4239 	ret = ath11k_wmi_cmd_send(ar->wmi, skb,
4240 				  WMI_VDEV_SPECTRAL_SCAN_CONFIGURE_CMDID);
4241 	if (ret) {
4242 		ath11k_warn(ar->ab,
4243 			    "failed to send spectral scan config wmi cmd\n");
4244 		goto err;
4245 	}
4246 
4247 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
4248 		   "WMI spectral scan config cmd vdev_id 0x%x\n",
4249 		   param->vdev_id);
4250 
4251 	return 0;
4252 err:
4253 	dev_kfree_skb(skb);
4254 	return ret;
4255 }
4256 
4257 int ath11k_wmi_vdev_spectral_enable(struct ath11k *ar, u32 vdev_id,
4258 				    u32 trigger, u32 enable)
4259 {
4260 	struct ath11k_wmi_vdev_spectral_enable_cmd *cmd;
4261 	struct sk_buff *skb;
4262 	int ret;
4263 
4264 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
4265 	if (!skb)
4266 		return -ENOMEM;
4267 
4268 	cmd = (struct ath11k_wmi_vdev_spectral_enable_cmd *)skb->data;
4269 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
4270 				     WMI_TAG_VDEV_SPECTRAL_ENABLE_CMD) |
4271 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4272 
4273 	cmd->vdev_id = vdev_id;
4274 	cmd->trigger_cmd = trigger;
4275 	cmd->enable_cmd = enable;
4276 
4277 	ret = ath11k_wmi_cmd_send(ar->wmi, skb,
4278 				  WMI_VDEV_SPECTRAL_SCAN_ENABLE_CMDID);
4279 	if (ret) {
4280 		ath11k_warn(ar->ab,
4281 			    "failed to send spectral enable wmi cmd\n");
4282 		goto err;
4283 	}
4284 
4285 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
4286 		   "WMI spectral enable cmd vdev id 0x%x\n",
4287 		   vdev_id);
4288 
4289 	return 0;
4290 err:
4291 	dev_kfree_skb(skb);
4292 	return ret;
4293 }
4294 
4295 int ath11k_wmi_pdev_dma_ring_cfg(struct ath11k *ar,
4296 				 struct ath11k_wmi_pdev_dma_ring_cfg_req_cmd *param)
4297 {
4298 	struct ath11k_wmi_pdev_dma_ring_cfg_req_cmd *cmd;
4299 	struct sk_buff *skb;
4300 	int ret;
4301 
4302 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
4303 	if (!skb)
4304 		return -ENOMEM;
4305 
4306 	cmd = (struct ath11k_wmi_pdev_dma_ring_cfg_req_cmd *)skb->data;
4307 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_DMA_RING_CFG_REQ) |
4308 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
4309 
4310 	cmd->pdev_id		= param->pdev_id;
4311 	cmd->module_id		= param->module_id;
4312 	cmd->base_paddr_lo	= param->base_paddr_lo;
4313 	cmd->base_paddr_hi	= param->base_paddr_hi;
4314 	cmd->head_idx_paddr_lo	= param->head_idx_paddr_lo;
4315 	cmd->head_idx_paddr_hi	= param->head_idx_paddr_hi;
4316 	cmd->tail_idx_paddr_lo	= param->tail_idx_paddr_lo;
4317 	cmd->tail_idx_paddr_hi	= param->tail_idx_paddr_hi;
4318 	cmd->num_elems		= param->num_elems;
4319 	cmd->buf_size		= param->buf_size;
4320 	cmd->num_resp_per_event	= param->num_resp_per_event;
4321 	cmd->event_timeout_ms	= param->event_timeout_ms;
4322 
4323 	ret = ath11k_wmi_cmd_send(ar->wmi, skb,
4324 				  WMI_PDEV_DMA_RING_CFG_REQ_CMDID);
4325 	if (ret) {
4326 		ath11k_warn(ar->ab,
4327 			    "failed to send dma ring cfg req wmi cmd\n");
4328 		goto err;
4329 	}
4330 
4331 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
4332 		   "WMI DMA ring cfg req cmd pdev_id 0x%x\n",
4333 		   param->pdev_id);
4334 
4335 	return 0;
4336 err:
4337 	dev_kfree_skb(skb);
4338 	return ret;
4339 }
4340 
4341 static int ath11k_wmi_tlv_dma_buf_entry_parse(struct ath11k_base *soc,
4342 					      u16 tag, u16 len,
4343 					      const void *ptr, void *data)
4344 {
4345 	struct wmi_tlv_dma_buf_release_parse *parse = data;
4346 
4347 	if (tag != WMI_TAG_DMA_BUF_RELEASE_ENTRY)
4348 		return -EPROTO;
4349 
4350 	if (parse->num_buf_entry >= parse->fixed.num_buf_release_entry)
4351 		return -ENOBUFS;
4352 
4353 	parse->num_buf_entry++;
4354 	return 0;
4355 }
4356 
4357 static int ath11k_wmi_tlv_dma_buf_meta_parse(struct ath11k_base *soc,
4358 					     u16 tag, u16 len,
4359 					     const void *ptr, void *data)
4360 {
4361 	struct wmi_tlv_dma_buf_release_parse *parse = data;
4362 
4363 	if (tag != WMI_TAG_DMA_BUF_RELEASE_SPECTRAL_META_DATA)
4364 		return -EPROTO;
4365 
4366 	if (parse->num_meta >= parse->fixed.num_meta_data_entry)
4367 		return -ENOBUFS;
4368 
4369 	parse->num_meta++;
4370 	return 0;
4371 }
4372 
4373 static int ath11k_wmi_tlv_dma_buf_parse(struct ath11k_base *ab,
4374 					u16 tag, u16 len,
4375 					const void *ptr, void *data)
4376 {
4377 	struct wmi_tlv_dma_buf_release_parse *parse = data;
4378 	int ret;
4379 
4380 	switch (tag) {
4381 	case WMI_TAG_DMA_BUF_RELEASE:
4382 		memcpy(&parse->fixed, ptr,
4383 		       sizeof(struct ath11k_wmi_dma_buf_release_fixed_param));
4384 		parse->fixed.pdev_id = DP_HW2SW_MACID(parse->fixed.pdev_id);
4385 		break;
4386 	case WMI_TAG_ARRAY_STRUCT:
4387 		if (!parse->buf_entry_done) {
4388 			parse->num_buf_entry = 0;
4389 			parse->buf_entry = (struct wmi_dma_buf_release_entry *)ptr;
4390 
4391 			ret = ath11k_wmi_tlv_iter(ab, ptr, len,
4392 						  ath11k_wmi_tlv_dma_buf_entry_parse,
4393 						  parse);
4394 			if (ret) {
4395 				ath11k_warn(ab, "failed to parse dma buf entry tlv %d\n",
4396 					    ret);
4397 				return ret;
4398 			}
4399 
4400 			parse->buf_entry_done = true;
4401 		} else if (!parse->meta_data_done) {
4402 			parse->num_meta = 0;
4403 			parse->meta_data = (struct wmi_dma_buf_release_meta_data *)ptr;
4404 
4405 			ret = ath11k_wmi_tlv_iter(ab, ptr, len,
4406 						  ath11k_wmi_tlv_dma_buf_meta_parse,
4407 						  parse);
4408 			if (ret) {
4409 				ath11k_warn(ab, "failed to parse dma buf meta tlv %d\n",
4410 					    ret);
4411 				return ret;
4412 			}
4413 
4414 			parse->meta_data_done = true;
4415 		}
4416 		break;
4417 	default:
4418 		break;
4419 	}
4420 	return 0;
4421 }
4422 
4423 static void ath11k_wmi_pdev_dma_ring_buf_release_event(struct ath11k_base *ab,
4424 						       struct sk_buff *skb)
4425 {
4426 	struct wmi_tlv_dma_buf_release_parse parse = { };
4427 	struct ath11k_dbring_buf_release_event param;
4428 	int ret;
4429 
4430 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
4431 				  ath11k_wmi_tlv_dma_buf_parse,
4432 				  &parse);
4433 	if (ret) {
4434 		ath11k_warn(ab, "failed to parse dma buf release tlv %d\n", ret);
4435 		return;
4436 	}
4437 
4438 	param.fixed		= parse.fixed;
4439 	param.buf_entry		= parse.buf_entry;
4440 	param.num_buf_entry	= parse.num_buf_entry;
4441 	param.meta_data		= parse.meta_data;
4442 	param.num_meta		= parse.num_meta;
4443 
4444 	ret = ath11k_dbring_buffer_release_event(ab, &param);
4445 	if (ret) {
4446 		ath11k_warn(ab, "failed to handle dma buf release event %d\n", ret);
4447 		return;
4448 	}
4449 }
4450 
4451 static int ath11k_wmi_tlv_hw_mode_caps_parse(struct ath11k_base *soc,
4452 					     u16 tag, u16 len,
4453 					     const void *ptr, void *data)
4454 {
4455 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4456 	struct wmi_hw_mode_capabilities *hw_mode_cap;
4457 	u32 phy_map = 0;
4458 
4459 	if (tag != WMI_TAG_HW_MODE_CAPABILITIES)
4460 		return -EPROTO;
4461 
4462 	if (svc_rdy_ext->n_hw_mode_caps >= svc_rdy_ext->param.num_hw_modes)
4463 		return -ENOBUFS;
4464 
4465 	hw_mode_cap = container_of(ptr, struct wmi_hw_mode_capabilities,
4466 				   hw_mode_id);
4467 	svc_rdy_ext->n_hw_mode_caps++;
4468 
4469 	phy_map = hw_mode_cap->phy_id_map;
4470 	while (phy_map) {
4471 		svc_rdy_ext->tot_phy_id++;
4472 		phy_map = phy_map >> 1;
4473 	}
4474 
4475 	return 0;
4476 }
4477 
4478 static int ath11k_wmi_tlv_hw_mode_caps(struct ath11k_base *soc,
4479 				       u16 len, const void *ptr, void *data)
4480 {
4481 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4482 	struct wmi_hw_mode_capabilities *hw_mode_caps;
4483 	enum wmi_host_hw_mode_config_type mode, pref;
4484 	u32 i;
4485 	int ret;
4486 
4487 	svc_rdy_ext->n_hw_mode_caps = 0;
4488 	svc_rdy_ext->hw_mode_caps = (struct wmi_hw_mode_capabilities *)ptr;
4489 
4490 	ret = ath11k_wmi_tlv_iter(soc, ptr, len,
4491 				  ath11k_wmi_tlv_hw_mode_caps_parse,
4492 				  svc_rdy_ext);
4493 	if (ret) {
4494 		ath11k_warn(soc, "failed to parse tlv %d\n", ret);
4495 		return ret;
4496 	}
4497 
4498 	i = 0;
4499 	while (i < svc_rdy_ext->n_hw_mode_caps) {
4500 		hw_mode_caps = &svc_rdy_ext->hw_mode_caps[i];
4501 		mode = hw_mode_caps->hw_mode_id;
4502 		pref = soc->wmi_ab.preferred_hw_mode;
4503 
4504 		if (ath11k_hw_mode_pri_map[mode] < ath11k_hw_mode_pri_map[pref]) {
4505 			svc_rdy_ext->pref_hw_mode_caps = *hw_mode_caps;
4506 			soc->wmi_ab.preferred_hw_mode = mode;
4507 		}
4508 		i++;
4509 	}
4510 
4511 	ath11k_dbg(soc, ATH11K_DBG_WMI, "preferred_hw_mode:%d\n",
4512 		   soc->wmi_ab.preferred_hw_mode);
4513 	if (soc->wmi_ab.preferred_hw_mode == WMI_HOST_HW_MODE_MAX)
4514 		return -EINVAL;
4515 
4516 	return 0;
4517 }
4518 
4519 static int ath11k_wmi_tlv_mac_phy_caps_parse(struct ath11k_base *soc,
4520 					     u16 tag, u16 len,
4521 					     const void *ptr, void *data)
4522 {
4523 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4524 
4525 	if (tag != WMI_TAG_MAC_PHY_CAPABILITIES)
4526 		return -EPROTO;
4527 
4528 	if (svc_rdy_ext->n_mac_phy_caps >= svc_rdy_ext->tot_phy_id)
4529 		return -ENOBUFS;
4530 
4531 	len = min_t(u16, len, sizeof(struct wmi_mac_phy_capabilities));
4532 	if (!svc_rdy_ext->n_mac_phy_caps) {
4533 		svc_rdy_ext->mac_phy_caps = kcalloc(svc_rdy_ext->tot_phy_id,
4534 						    len, GFP_ATOMIC);
4535 		if (!svc_rdy_ext->mac_phy_caps)
4536 			return -ENOMEM;
4537 	}
4538 
4539 	memcpy(svc_rdy_ext->mac_phy_caps + svc_rdy_ext->n_mac_phy_caps, ptr, len);
4540 	svc_rdy_ext->n_mac_phy_caps++;
4541 	return 0;
4542 }
4543 
4544 static int ath11k_wmi_tlv_ext_hal_reg_caps_parse(struct ath11k_base *soc,
4545 						 u16 tag, u16 len,
4546 						 const void *ptr, void *data)
4547 {
4548 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4549 
4550 	if (tag != WMI_TAG_HAL_REG_CAPABILITIES_EXT)
4551 		return -EPROTO;
4552 
4553 	if (svc_rdy_ext->n_ext_hal_reg_caps >= svc_rdy_ext->param.num_phy)
4554 		return -ENOBUFS;
4555 
4556 	svc_rdy_ext->n_ext_hal_reg_caps++;
4557 	return 0;
4558 }
4559 
4560 static int ath11k_wmi_tlv_ext_hal_reg_caps(struct ath11k_base *soc,
4561 					   u16 len, const void *ptr, void *data)
4562 {
4563 	struct ath11k_pdev_wmi *wmi_handle = &soc->wmi_ab.wmi[0];
4564 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4565 	struct ath11k_hal_reg_capabilities_ext reg_cap;
4566 	int ret;
4567 	u32 i;
4568 
4569 	svc_rdy_ext->n_ext_hal_reg_caps = 0;
4570 	svc_rdy_ext->ext_hal_reg_caps = (struct wmi_hal_reg_capabilities_ext *)ptr;
4571 	ret = ath11k_wmi_tlv_iter(soc, ptr, len,
4572 				  ath11k_wmi_tlv_ext_hal_reg_caps_parse,
4573 				  svc_rdy_ext);
4574 	if (ret) {
4575 		ath11k_warn(soc, "failed to parse tlv %d\n", ret);
4576 		return ret;
4577 	}
4578 
4579 	for (i = 0; i < svc_rdy_ext->param.num_phy; i++) {
4580 		ret = ath11k_pull_reg_cap_svc_rdy_ext(wmi_handle,
4581 						      svc_rdy_ext->soc_hal_reg_caps,
4582 						      svc_rdy_ext->ext_hal_reg_caps, i,
4583 						      &reg_cap);
4584 		if (ret) {
4585 			ath11k_warn(soc, "failed to extract reg cap %d\n", i);
4586 			return ret;
4587 		}
4588 
4589 		memcpy(&soc->hal_reg_cap[reg_cap.phy_id],
4590 		       &reg_cap, sizeof(reg_cap));
4591 	}
4592 	return 0;
4593 }
4594 
4595 static int ath11k_wmi_tlv_ext_soc_hal_reg_caps_parse(struct ath11k_base *soc,
4596 						     u16 len, const void *ptr,
4597 						     void *data)
4598 {
4599 	struct ath11k_pdev_wmi *wmi_handle = &soc->wmi_ab.wmi[0];
4600 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4601 	u8 hw_mode_id = svc_rdy_ext->pref_hw_mode_caps.hw_mode_id;
4602 	u32 phy_id_map;
4603 	int pdev_index = 0;
4604 	int ret;
4605 
4606 	svc_rdy_ext->soc_hal_reg_caps = (struct wmi_soc_hal_reg_capabilities *)ptr;
4607 	svc_rdy_ext->param.num_phy = svc_rdy_ext->soc_hal_reg_caps->num_phy;
4608 
4609 	soc->num_radios = 0;
4610 	soc->target_pdev_count = 0;
4611 	phy_id_map = svc_rdy_ext->pref_hw_mode_caps.phy_id_map;
4612 
4613 	while (phy_id_map && soc->num_radios < MAX_RADIOS) {
4614 		ret = ath11k_pull_mac_phy_cap_svc_ready_ext(wmi_handle,
4615 							    svc_rdy_ext->hw_caps,
4616 							    svc_rdy_ext->hw_mode_caps,
4617 							    svc_rdy_ext->soc_hal_reg_caps,
4618 							    svc_rdy_ext->mac_phy_caps,
4619 							    hw_mode_id, soc->num_radios,
4620 							    &soc->pdevs[pdev_index]);
4621 		if (ret) {
4622 			ath11k_warn(soc, "failed to extract mac caps, idx :%d\n",
4623 				    soc->num_radios);
4624 			return ret;
4625 		}
4626 
4627 		soc->num_radios++;
4628 
4629 		/* For QCA6390, save mac_phy capability in the same pdev */
4630 		if (soc->hw_params.single_pdev_only)
4631 			pdev_index = 0;
4632 		else
4633 			pdev_index = soc->num_radios;
4634 
4635 		/* TODO: mac_phy_cap prints */
4636 		phy_id_map >>= 1;
4637 	}
4638 
4639 	/* For QCA6390, set num_radios to 1 because host manages
4640 	 * both 2G and 5G radio in one pdev.
4641 	 * Set pdev_id = 0 and 0 means soc level.
4642 	 */
4643 	if (soc->hw_params.single_pdev_only) {
4644 		soc->num_radios = 1;
4645 		soc->pdevs[0].pdev_id = 0;
4646 	}
4647 
4648 	return 0;
4649 }
4650 
4651 static int ath11k_wmi_tlv_dma_ring_caps_parse(struct ath11k_base *soc,
4652 					      u16 tag, u16 len,
4653 					      const void *ptr, void *data)
4654 {
4655 	struct wmi_tlv_dma_ring_caps_parse *parse = data;
4656 
4657 	if (tag != WMI_TAG_DMA_RING_CAPABILITIES)
4658 		return -EPROTO;
4659 
4660 	parse->n_dma_ring_caps++;
4661 	return 0;
4662 }
4663 
4664 static int ath11k_wmi_alloc_dbring_caps(struct ath11k_base *ab,
4665 					u32 num_cap)
4666 {
4667 	size_t sz;
4668 	void *ptr;
4669 
4670 	sz = num_cap * sizeof(struct ath11k_dbring_cap);
4671 	ptr = kzalloc(sz, GFP_ATOMIC);
4672 	if (!ptr)
4673 		return -ENOMEM;
4674 
4675 	ab->db_caps = ptr;
4676 	ab->num_db_cap = num_cap;
4677 
4678 	return 0;
4679 }
4680 
4681 static void ath11k_wmi_free_dbring_caps(struct ath11k_base *ab)
4682 {
4683 	kfree(ab->db_caps);
4684 	ab->db_caps = NULL;
4685 }
4686 
4687 static int ath11k_wmi_tlv_dma_ring_caps(struct ath11k_base *ab,
4688 					u16 len, const void *ptr, void *data)
4689 {
4690 	struct wmi_tlv_dma_ring_caps_parse *dma_caps_parse = data;
4691 	struct wmi_dma_ring_capabilities *dma_caps;
4692 	struct ath11k_dbring_cap *dir_buff_caps;
4693 	int ret;
4694 	u32 i;
4695 
4696 	dma_caps_parse->n_dma_ring_caps = 0;
4697 	dma_caps = (struct wmi_dma_ring_capabilities *)ptr;
4698 	ret = ath11k_wmi_tlv_iter(ab, ptr, len,
4699 				  ath11k_wmi_tlv_dma_ring_caps_parse,
4700 				  dma_caps_parse);
4701 	if (ret) {
4702 		ath11k_warn(ab, "failed to parse dma ring caps tlv %d\n", ret);
4703 		return ret;
4704 	}
4705 
4706 	if (!dma_caps_parse->n_dma_ring_caps)
4707 		return 0;
4708 
4709 	if (ab->num_db_cap) {
4710 		ath11k_warn(ab, "Already processed, so ignoring dma ring caps\n");
4711 		return 0;
4712 	}
4713 
4714 	ret = ath11k_wmi_alloc_dbring_caps(ab, dma_caps_parse->n_dma_ring_caps);
4715 	if (ret)
4716 		return ret;
4717 
4718 	dir_buff_caps = ab->db_caps;
4719 	for (i = 0; i < dma_caps_parse->n_dma_ring_caps; i++) {
4720 		if (dma_caps[i].module_id >= WMI_DIRECT_BUF_MAX) {
4721 			ath11k_warn(ab, "Invalid module id %d\n", dma_caps[i].module_id);
4722 			ret = -EINVAL;
4723 			goto free_dir_buff;
4724 		}
4725 
4726 		dir_buff_caps[i].id = dma_caps[i].module_id;
4727 		dir_buff_caps[i].pdev_id = DP_HW2SW_MACID(dma_caps[i].pdev_id);
4728 		dir_buff_caps[i].min_elem = dma_caps[i].min_elem;
4729 		dir_buff_caps[i].min_buf_sz = dma_caps[i].min_buf_sz;
4730 		dir_buff_caps[i].min_buf_align = dma_caps[i].min_buf_align;
4731 	}
4732 
4733 	return 0;
4734 
4735 free_dir_buff:
4736 	ath11k_wmi_free_dbring_caps(ab);
4737 	return ret;
4738 }
4739 
4740 static int ath11k_wmi_tlv_svc_rdy_ext_parse(struct ath11k_base *ab,
4741 					    u16 tag, u16 len,
4742 					    const void *ptr, void *data)
4743 {
4744 	struct ath11k_pdev_wmi *wmi_handle = &ab->wmi_ab.wmi[0];
4745 	struct wmi_tlv_svc_rdy_ext_parse *svc_rdy_ext = data;
4746 	int ret;
4747 
4748 	switch (tag) {
4749 	case WMI_TAG_SERVICE_READY_EXT_EVENT:
4750 		ret = ath11k_pull_svc_ready_ext(wmi_handle, ptr,
4751 						&svc_rdy_ext->param);
4752 		if (ret) {
4753 			ath11k_warn(ab, "unable to extract ext params\n");
4754 			return ret;
4755 		}
4756 		break;
4757 
4758 	case WMI_TAG_SOC_MAC_PHY_HW_MODE_CAPS:
4759 		svc_rdy_ext->hw_caps = (struct wmi_soc_mac_phy_hw_mode_caps *)ptr;
4760 		svc_rdy_ext->param.num_hw_modes = svc_rdy_ext->hw_caps->num_hw_modes;
4761 		break;
4762 
4763 	case WMI_TAG_SOC_HAL_REG_CAPABILITIES:
4764 		ret = ath11k_wmi_tlv_ext_soc_hal_reg_caps_parse(ab, len, ptr,
4765 								svc_rdy_ext);
4766 		if (ret)
4767 			return ret;
4768 		break;
4769 
4770 	case WMI_TAG_ARRAY_STRUCT:
4771 		if (!svc_rdy_ext->hw_mode_done) {
4772 			ret = ath11k_wmi_tlv_hw_mode_caps(ab, len, ptr,
4773 							  svc_rdy_ext);
4774 			if (ret)
4775 				return ret;
4776 
4777 			svc_rdy_ext->hw_mode_done = true;
4778 		} else if (!svc_rdy_ext->mac_phy_done) {
4779 			svc_rdy_ext->n_mac_phy_caps = 0;
4780 			ret = ath11k_wmi_tlv_iter(ab, ptr, len,
4781 						  ath11k_wmi_tlv_mac_phy_caps_parse,
4782 						  svc_rdy_ext);
4783 			if (ret) {
4784 				ath11k_warn(ab, "failed to parse tlv %d\n", ret);
4785 				return ret;
4786 			}
4787 
4788 			svc_rdy_ext->mac_phy_done = true;
4789 		} else if (!svc_rdy_ext->ext_hal_reg_done) {
4790 			ret = ath11k_wmi_tlv_ext_hal_reg_caps(ab, len, ptr,
4791 							      svc_rdy_ext);
4792 			if (ret)
4793 				return ret;
4794 
4795 			svc_rdy_ext->ext_hal_reg_done = true;
4796 		} else if (!svc_rdy_ext->mac_phy_chainmask_combo_done) {
4797 			svc_rdy_ext->mac_phy_chainmask_combo_done = true;
4798 		} else if (!svc_rdy_ext->mac_phy_chainmask_cap_done) {
4799 			svc_rdy_ext->mac_phy_chainmask_cap_done = true;
4800 		} else if (!svc_rdy_ext->oem_dma_ring_cap_done) {
4801 			svc_rdy_ext->oem_dma_ring_cap_done = true;
4802 		} else if (!svc_rdy_ext->dma_ring_cap_done) {
4803 			ret = ath11k_wmi_tlv_dma_ring_caps(ab, len, ptr,
4804 							   &svc_rdy_ext->dma_caps_parse);
4805 			if (ret)
4806 				return ret;
4807 
4808 			svc_rdy_ext->dma_ring_cap_done = true;
4809 		}
4810 		break;
4811 
4812 	default:
4813 		break;
4814 	}
4815 	return 0;
4816 }
4817 
4818 static int ath11k_service_ready_ext_event(struct ath11k_base *ab,
4819 					  struct sk_buff *skb)
4820 {
4821 	struct wmi_tlv_svc_rdy_ext_parse svc_rdy_ext = { };
4822 	int ret;
4823 
4824 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
4825 				  ath11k_wmi_tlv_svc_rdy_ext_parse,
4826 				  &svc_rdy_ext);
4827 	if (ret) {
4828 		ath11k_warn(ab, "failed to parse tlv %d\n", ret);
4829 		goto err;
4830 	}
4831 
4832 	if (!test_bit(WMI_TLV_SERVICE_EXT2_MSG, ab->wmi_ab.svc_map))
4833 		complete(&ab->wmi_ab.service_ready);
4834 
4835 	kfree(svc_rdy_ext.mac_phy_caps);
4836 	return 0;
4837 
4838 err:
4839 	ath11k_wmi_free_dbring_caps(ab);
4840 	return ret;
4841 }
4842 
4843 static int ath11k_wmi_tlv_svc_rdy_ext2_parse(struct ath11k_base *ab,
4844 					     u16 tag, u16 len,
4845 					     const void *ptr, void *data)
4846 {
4847 	struct wmi_tlv_svc_rdy_ext2_parse *parse = data;
4848 	int ret;
4849 
4850 	switch (tag) {
4851 	case WMI_TAG_ARRAY_STRUCT:
4852 		if (!parse->dma_ring_cap_done) {
4853 			ret = ath11k_wmi_tlv_dma_ring_caps(ab, len, ptr,
4854 							   &parse->dma_caps_parse);
4855 			if (ret)
4856 				return ret;
4857 
4858 			parse->dma_ring_cap_done = true;
4859 		}
4860 		break;
4861 	default:
4862 		break;
4863 	}
4864 
4865 	return 0;
4866 }
4867 
4868 static int ath11k_service_ready_ext2_event(struct ath11k_base *ab,
4869 					   struct sk_buff *skb)
4870 {
4871 	struct wmi_tlv_svc_rdy_ext2_parse svc_rdy_ext2 = { };
4872 	int ret;
4873 
4874 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
4875 				  ath11k_wmi_tlv_svc_rdy_ext2_parse,
4876 				  &svc_rdy_ext2);
4877 	if (ret) {
4878 		ath11k_warn(ab, "failed to parse ext2 event tlv %d\n", ret);
4879 		goto err;
4880 	}
4881 
4882 	complete(&ab->wmi_ab.service_ready);
4883 
4884 	return 0;
4885 
4886 err:
4887 	ath11k_wmi_free_dbring_caps(ab);
4888 	return ret;
4889 }
4890 
4891 static int ath11k_pull_vdev_start_resp_tlv(struct ath11k_base *ab, struct sk_buff *skb,
4892 					   struct wmi_vdev_start_resp_event *vdev_rsp)
4893 {
4894 	const void **tb;
4895 	const struct wmi_vdev_start_resp_event *ev;
4896 	int ret;
4897 
4898 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4899 	if (IS_ERR(tb)) {
4900 		ret = PTR_ERR(tb);
4901 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
4902 		return ret;
4903 	}
4904 
4905 	ev = tb[WMI_TAG_VDEV_START_RESPONSE_EVENT];
4906 	if (!ev) {
4907 		ath11k_warn(ab, "failed to fetch vdev start resp ev");
4908 		kfree(tb);
4909 		return -EPROTO;
4910 	}
4911 
4912 	memset(vdev_rsp, 0, sizeof(*vdev_rsp));
4913 
4914 	vdev_rsp->vdev_id = ev->vdev_id;
4915 	vdev_rsp->requestor_id = ev->requestor_id;
4916 	vdev_rsp->resp_type = ev->resp_type;
4917 	vdev_rsp->status = ev->status;
4918 	vdev_rsp->chain_mask = ev->chain_mask;
4919 	vdev_rsp->smps_mode = ev->smps_mode;
4920 	vdev_rsp->mac_id = ev->mac_id;
4921 	vdev_rsp->cfgd_tx_streams = ev->cfgd_tx_streams;
4922 	vdev_rsp->cfgd_rx_streams = ev->cfgd_rx_streams;
4923 
4924 	kfree(tb);
4925 	return 0;
4926 }
4927 
4928 static void ath11k_print_reg_rule(struct ath11k_base *ab, const char *band,
4929 				  u32 num_reg_rules,
4930 				  struct cur_reg_rule *reg_rule_ptr)
4931 {
4932 	struct cur_reg_rule *reg_rule = reg_rule_ptr;
4933 	u32 count;
4934 
4935 	ath11k_dbg(ab, ATH11K_DBG_WMI, "number of reg rules in %s band: %d\n",
4936 		   band, num_reg_rules);
4937 
4938 	for (count = 0; count < num_reg_rules; count++) {
4939 		ath11k_dbg(ab, ATH11K_DBG_WMI,
4940 			   "reg rule %d: (%d - %d @ %d) (%d, %d) (FLAGS %d)\n",
4941 			   count + 1, reg_rule->start_freq, reg_rule->end_freq,
4942 			   reg_rule->max_bw, reg_rule->ant_gain,
4943 			   reg_rule->reg_power, reg_rule->flags);
4944 		reg_rule++;
4945 	}
4946 }
4947 
4948 static struct cur_reg_rule
4949 *create_reg_rules_from_wmi(u32 num_reg_rules,
4950 			   struct wmi_regulatory_rule_struct *wmi_reg_rule)
4951 {
4952 	struct cur_reg_rule *reg_rule_ptr;
4953 	u32 count;
4954 
4955 	reg_rule_ptr = kcalloc(num_reg_rules, sizeof(*reg_rule_ptr),
4956 			       GFP_ATOMIC);
4957 
4958 	if (!reg_rule_ptr)
4959 		return NULL;
4960 
4961 	for (count = 0; count < num_reg_rules; count++) {
4962 		reg_rule_ptr[count].start_freq =
4963 			FIELD_GET(REG_RULE_START_FREQ,
4964 				  wmi_reg_rule[count].freq_info);
4965 		reg_rule_ptr[count].end_freq =
4966 			FIELD_GET(REG_RULE_END_FREQ,
4967 				  wmi_reg_rule[count].freq_info);
4968 		reg_rule_ptr[count].max_bw =
4969 			FIELD_GET(REG_RULE_MAX_BW,
4970 				  wmi_reg_rule[count].bw_pwr_info);
4971 		reg_rule_ptr[count].reg_power =
4972 			FIELD_GET(REG_RULE_REG_PWR,
4973 				  wmi_reg_rule[count].bw_pwr_info);
4974 		reg_rule_ptr[count].ant_gain =
4975 			FIELD_GET(REG_RULE_ANT_GAIN,
4976 				  wmi_reg_rule[count].bw_pwr_info);
4977 		reg_rule_ptr[count].flags =
4978 			FIELD_GET(REG_RULE_FLAGS,
4979 				  wmi_reg_rule[count].flag_info);
4980 	}
4981 
4982 	return reg_rule_ptr;
4983 }
4984 
4985 static int ath11k_pull_reg_chan_list_update_ev(struct ath11k_base *ab,
4986 					       struct sk_buff *skb,
4987 					       struct cur_regulatory_info *reg_info)
4988 {
4989 	const void **tb;
4990 	const struct wmi_reg_chan_list_cc_event *chan_list_event_hdr;
4991 	struct wmi_regulatory_rule_struct *wmi_reg_rule;
4992 	u32 num_2ghz_reg_rules, num_5ghz_reg_rules;
4993 	int ret;
4994 
4995 	ath11k_dbg(ab, ATH11K_DBG_WMI, "processing regulatory channel list\n");
4996 
4997 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4998 	if (IS_ERR(tb)) {
4999 		ret = PTR_ERR(tb);
5000 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5001 		return ret;
5002 	}
5003 
5004 	chan_list_event_hdr = tb[WMI_TAG_REG_CHAN_LIST_CC_EVENT];
5005 	if (!chan_list_event_hdr) {
5006 		ath11k_warn(ab, "failed to fetch reg chan list update ev\n");
5007 		kfree(tb);
5008 		return -EPROTO;
5009 	}
5010 
5011 	reg_info->num_2ghz_reg_rules = chan_list_event_hdr->num_2ghz_reg_rules;
5012 	reg_info->num_5ghz_reg_rules = chan_list_event_hdr->num_5ghz_reg_rules;
5013 
5014 	if (!(reg_info->num_2ghz_reg_rules + reg_info->num_5ghz_reg_rules)) {
5015 		ath11k_warn(ab, "No regulatory rules available in the event info\n");
5016 		kfree(tb);
5017 		return -EINVAL;
5018 	}
5019 
5020 	memcpy(reg_info->alpha2, &chan_list_event_hdr->alpha2,
5021 	       REG_ALPHA2_LEN);
5022 	reg_info->dfs_region = chan_list_event_hdr->dfs_region;
5023 	reg_info->phybitmap = chan_list_event_hdr->phybitmap;
5024 	reg_info->num_phy = chan_list_event_hdr->num_phy;
5025 	reg_info->phy_id = chan_list_event_hdr->phy_id;
5026 	reg_info->ctry_code = chan_list_event_hdr->country_id;
5027 	reg_info->reg_dmn_pair = chan_list_event_hdr->domain_code;
5028 
5029 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5030 		   "status_code %s",
5031 		   ath11k_cc_status_to_str(reg_info->status_code));
5032 
5033 	reg_info->status_code =
5034 		ath11k_wmi_cc_setting_code_to_reg(chan_list_event_hdr->status_code);
5035 
5036 	reg_info->is_ext_reg_event = false;
5037 
5038 	reg_info->min_bw_2ghz = chan_list_event_hdr->min_bw_2ghz;
5039 	reg_info->max_bw_2ghz = chan_list_event_hdr->max_bw_2ghz;
5040 	reg_info->min_bw_5ghz = chan_list_event_hdr->min_bw_5ghz;
5041 	reg_info->max_bw_5ghz = chan_list_event_hdr->max_bw_5ghz;
5042 
5043 	num_2ghz_reg_rules = reg_info->num_2ghz_reg_rules;
5044 	num_5ghz_reg_rules = reg_info->num_5ghz_reg_rules;
5045 
5046 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5047 		   "cc %s dsf %d BW: min_2ghz %d max_2ghz %d min_5ghz %d max_5ghz %d",
5048 		   reg_info->alpha2, reg_info->dfs_region,
5049 		   reg_info->min_bw_2ghz, reg_info->max_bw_2ghz,
5050 		   reg_info->min_bw_5ghz, reg_info->max_bw_5ghz);
5051 
5052 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5053 		   "num_2ghz_reg_rules %d num_5ghz_reg_rules %d",
5054 		   num_2ghz_reg_rules, num_5ghz_reg_rules);
5055 
5056 	wmi_reg_rule =
5057 		(struct wmi_regulatory_rule_struct *)((u8 *)chan_list_event_hdr
5058 						+ sizeof(*chan_list_event_hdr)
5059 						+ sizeof(struct wmi_tlv));
5060 
5061 	if (num_2ghz_reg_rules) {
5062 		reg_info->reg_rules_2ghz_ptr =
5063 				create_reg_rules_from_wmi(num_2ghz_reg_rules,
5064 							  wmi_reg_rule);
5065 		if (!reg_info->reg_rules_2ghz_ptr) {
5066 			kfree(tb);
5067 			ath11k_warn(ab, "Unable to Allocate memory for 2 GHz rules\n");
5068 			return -ENOMEM;
5069 		}
5070 
5071 		ath11k_print_reg_rule(ab, "2 GHz",
5072 				      num_2ghz_reg_rules,
5073 				      reg_info->reg_rules_2ghz_ptr);
5074 	}
5075 
5076 	if (num_5ghz_reg_rules) {
5077 		wmi_reg_rule += num_2ghz_reg_rules;
5078 		reg_info->reg_rules_5ghz_ptr =
5079 				create_reg_rules_from_wmi(num_5ghz_reg_rules,
5080 							  wmi_reg_rule);
5081 		if (!reg_info->reg_rules_5ghz_ptr) {
5082 			kfree(tb);
5083 			ath11k_warn(ab, "Unable to Allocate memory for 5 GHz rules\n");
5084 			return -ENOMEM;
5085 		}
5086 
5087 		ath11k_print_reg_rule(ab, "5 GHz",
5088 				      num_5ghz_reg_rules,
5089 				      reg_info->reg_rules_5ghz_ptr);
5090 	}
5091 
5092 	ath11k_dbg(ab, ATH11K_DBG_WMI, "processed regulatory channel list\n");
5093 
5094 	kfree(tb);
5095 	return 0;
5096 }
5097 
5098 static struct cur_reg_rule
5099 *create_ext_reg_rules_from_wmi(u32 num_reg_rules,
5100 			       struct wmi_regulatory_ext_rule *wmi_reg_rule)
5101 {
5102 	struct cur_reg_rule *reg_rule_ptr;
5103 	u32 count;
5104 
5105 	reg_rule_ptr =  kcalloc(num_reg_rules, sizeof(*reg_rule_ptr), GFP_ATOMIC);
5106 
5107 	if (!reg_rule_ptr)
5108 		return NULL;
5109 
5110 	for (count = 0; count < num_reg_rules; count++) {
5111 		reg_rule_ptr[count].start_freq =
5112 			u32_get_bits(wmi_reg_rule[count].freq_info,
5113 				     REG_RULE_START_FREQ);
5114 		reg_rule_ptr[count].end_freq =
5115 			u32_get_bits(wmi_reg_rule[count].freq_info,
5116 				     REG_RULE_END_FREQ);
5117 		reg_rule_ptr[count].max_bw =
5118 			u32_get_bits(wmi_reg_rule[count].bw_pwr_info,
5119 				     REG_RULE_MAX_BW);
5120 		reg_rule_ptr[count].reg_power =
5121 			u32_get_bits(wmi_reg_rule[count].bw_pwr_info,
5122 				     REG_RULE_REG_PWR);
5123 		reg_rule_ptr[count].ant_gain =
5124 			u32_get_bits(wmi_reg_rule[count].bw_pwr_info,
5125 				     REG_RULE_ANT_GAIN);
5126 		reg_rule_ptr[count].flags =
5127 			u32_get_bits(wmi_reg_rule[count].flag_info,
5128 				     REG_RULE_FLAGS);
5129 		reg_rule_ptr[count].psd_flag =
5130 			u32_get_bits(wmi_reg_rule[count].psd_power_info,
5131 				     REG_RULE_PSD_INFO);
5132 		reg_rule_ptr[count].psd_eirp =
5133 			u32_get_bits(wmi_reg_rule[count].psd_power_info,
5134 				     REG_RULE_PSD_EIRP);
5135 	}
5136 
5137 	return reg_rule_ptr;
5138 }
5139 
5140 static u8
5141 ath11k_invalid_5ghz_reg_ext_rules_from_wmi(u32 num_reg_rules,
5142 					   const struct wmi_regulatory_ext_rule *rule)
5143 {
5144 	u8 num_invalid_5ghz_rules = 0;
5145 	u32 count, start_freq;
5146 
5147 	for (count = 0; count < num_reg_rules; count++) {
5148 		start_freq = u32_get_bits(rule[count].freq_info,
5149 					  REG_RULE_START_FREQ);
5150 
5151 		if (start_freq >= ATH11K_MIN_6G_FREQ)
5152 			num_invalid_5ghz_rules++;
5153 	}
5154 
5155 	return num_invalid_5ghz_rules;
5156 }
5157 
5158 static int ath11k_pull_reg_chan_list_ext_update_ev(struct ath11k_base *ab,
5159 						   struct sk_buff *skb,
5160 						   struct cur_regulatory_info *reg_info)
5161 {
5162 	const void **tb;
5163 	const struct wmi_reg_chan_list_cc_ext_event *ev;
5164 	struct wmi_regulatory_ext_rule *ext_wmi_reg_rule;
5165 	u32 num_2ghz_reg_rules, num_5ghz_reg_rules;
5166 	u32 num_6ghz_reg_rules_ap[WMI_REG_CURRENT_MAX_AP_TYPE];
5167 	u32 num_6ghz_client[WMI_REG_CURRENT_MAX_AP_TYPE][WMI_REG_MAX_CLIENT_TYPE];
5168 	u32 total_reg_rules = 0;
5169 	int ret, i, j, num_invalid_5ghz_ext_rules = 0;
5170 
5171 	ath11k_dbg(ab, ATH11K_DBG_WMI, "processing regulatory ext channel list\n");
5172 
5173 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5174 	if (IS_ERR(tb)) {
5175 		ret = PTR_ERR(tb);
5176 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5177 		return ret;
5178 	}
5179 
5180 	ev = tb[WMI_TAG_REG_CHAN_LIST_CC_EXT_EVENT];
5181 	if (!ev) {
5182 		ath11k_warn(ab, "failed to fetch reg chan list ext update ev\n");
5183 		kfree(tb);
5184 		return -EPROTO;
5185 	}
5186 
5187 	reg_info->num_2ghz_reg_rules = ev->num_2ghz_reg_rules;
5188 	reg_info->num_5ghz_reg_rules = ev->num_5ghz_reg_rules;
5189 	reg_info->num_6ghz_rules_ap[WMI_REG_INDOOR_AP] =
5190 			ev->num_6ghz_reg_rules_ap_lpi;
5191 	reg_info->num_6ghz_rules_ap[WMI_REG_STANDARD_POWER_AP] =
5192 			ev->num_6ghz_reg_rules_ap_sp;
5193 	reg_info->num_6ghz_rules_ap[WMI_REG_VERY_LOW_POWER_AP] =
5194 			ev->num_6ghz_reg_rules_ap_vlp;
5195 
5196 	for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
5197 		reg_info->num_6ghz_rules_client[WMI_REG_INDOOR_AP][i] =
5198 			ev->num_6ghz_reg_rules_client_lpi[i];
5199 		reg_info->num_6ghz_rules_client[WMI_REG_STANDARD_POWER_AP][i] =
5200 			ev->num_6ghz_reg_rules_client_sp[i];
5201 		reg_info->num_6ghz_rules_client[WMI_REG_VERY_LOW_POWER_AP][i] =
5202 			ev->num_6ghz_reg_rules_client_vlp[i];
5203 	}
5204 
5205 	num_2ghz_reg_rules = reg_info->num_2ghz_reg_rules;
5206 	num_5ghz_reg_rules = reg_info->num_5ghz_reg_rules;
5207 
5208 	total_reg_rules += num_2ghz_reg_rules;
5209 	total_reg_rules += num_5ghz_reg_rules;
5210 
5211 	if ((num_2ghz_reg_rules > MAX_REG_RULES) ||
5212 	    (num_5ghz_reg_rules > MAX_REG_RULES)) {
5213 		ath11k_warn(ab, "Num reg rules for 2.4 GHz/5 GHz exceeds max limit (num_2ghz_reg_rules: %d num_5ghz_reg_rules: %d max_rules: %d)\n",
5214 			    num_2ghz_reg_rules, num_5ghz_reg_rules, MAX_REG_RULES);
5215 		kfree(tb);
5216 		return -EINVAL;
5217 	}
5218 
5219 	for (i = 0; i < WMI_REG_CURRENT_MAX_AP_TYPE; i++) {
5220 		num_6ghz_reg_rules_ap[i] = reg_info->num_6ghz_rules_ap[i];
5221 
5222 		if (num_6ghz_reg_rules_ap[i] > MAX_6GHZ_REG_RULES) {
5223 			ath11k_warn(ab, "Num 6 GHz reg rules for AP mode(%d) exceeds max limit (num_6ghz_reg_rules_ap: %d, max_rules: %d)\n",
5224 				    i, num_6ghz_reg_rules_ap[i], MAX_6GHZ_REG_RULES);
5225 			kfree(tb);
5226 			return -EINVAL;
5227 		}
5228 
5229 		total_reg_rules += num_6ghz_reg_rules_ap[i];
5230 	}
5231 
5232 	for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
5233 		num_6ghz_client[WMI_REG_INDOOR_AP][i] =
5234 			reg_info->num_6ghz_rules_client[WMI_REG_INDOOR_AP][i];
5235 		total_reg_rules += num_6ghz_client[WMI_REG_INDOOR_AP][i];
5236 
5237 		num_6ghz_client[WMI_REG_STANDARD_POWER_AP][i] =
5238 			reg_info->num_6ghz_rules_client[WMI_REG_STANDARD_POWER_AP][i];
5239 		total_reg_rules += num_6ghz_client[WMI_REG_STANDARD_POWER_AP][i];
5240 
5241 		num_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][i] =
5242 			reg_info->num_6ghz_rules_client[WMI_REG_VERY_LOW_POWER_AP][i];
5243 		total_reg_rules += num_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][i];
5244 
5245 		if ((num_6ghz_client[WMI_REG_INDOOR_AP][i] > MAX_6GHZ_REG_RULES) ||
5246 		    (num_6ghz_client[WMI_REG_STANDARD_POWER_AP][i] >
5247 							     MAX_6GHZ_REG_RULES) ||
5248 		    (num_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][i] >
5249 							     MAX_6GHZ_REG_RULES)) {
5250 			ath11k_warn(ab,
5251 				    "Num 6 GHz client reg rules exceeds max limit, for client(type: %d)\n",
5252 				    i);
5253 			kfree(tb);
5254 			return -EINVAL;
5255 		}
5256 	}
5257 
5258 	if (!total_reg_rules) {
5259 		ath11k_warn(ab, "No reg rules available\n");
5260 		kfree(tb);
5261 		return -EINVAL;
5262 	}
5263 
5264 	memcpy(reg_info->alpha2, &ev->alpha2, REG_ALPHA2_LEN);
5265 
5266 	reg_info->dfs_region = ev->dfs_region;
5267 	reg_info->phybitmap = ev->phybitmap;
5268 	reg_info->num_phy = ev->num_phy;
5269 	reg_info->phy_id = ev->phy_id;
5270 	reg_info->ctry_code = ev->country_id;
5271 	reg_info->reg_dmn_pair = ev->domain_code;
5272 
5273 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5274 		   "status_code %s",
5275 		   ath11k_cc_status_to_str(reg_info->status_code));
5276 
5277 	reg_info->status_code =
5278 		ath11k_wmi_cc_setting_code_to_reg(ev->status_code);
5279 
5280 	reg_info->is_ext_reg_event = true;
5281 
5282 	reg_info->min_bw_2ghz = ev->min_bw_2ghz;
5283 	reg_info->max_bw_2ghz = ev->max_bw_2ghz;
5284 	reg_info->min_bw_5ghz = ev->min_bw_5ghz;
5285 	reg_info->max_bw_5ghz = ev->max_bw_5ghz;
5286 
5287 	reg_info->min_bw_6ghz_ap[WMI_REG_INDOOR_AP] =
5288 			ev->min_bw_6ghz_ap_lpi;
5289 	reg_info->max_bw_6ghz_ap[WMI_REG_INDOOR_AP] =
5290 			ev->max_bw_6ghz_ap_lpi;
5291 	reg_info->min_bw_6ghz_ap[WMI_REG_STANDARD_POWER_AP] =
5292 			ev->min_bw_6ghz_ap_sp;
5293 	reg_info->max_bw_6ghz_ap[WMI_REG_STANDARD_POWER_AP] =
5294 			ev->max_bw_6ghz_ap_sp;
5295 	reg_info->min_bw_6ghz_ap[WMI_REG_VERY_LOW_POWER_AP] =
5296 			ev->min_bw_6ghz_ap_vlp;
5297 	reg_info->max_bw_6ghz_ap[WMI_REG_VERY_LOW_POWER_AP] =
5298 			ev->max_bw_6ghz_ap_vlp;
5299 
5300 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5301 		   "6 GHz AP BW: LPI (%d - %d), SP (%d - %d), VLP (%d - %d)\n",
5302 		   reg_info->min_bw_6ghz_ap[WMI_REG_INDOOR_AP],
5303 		   reg_info->max_bw_6ghz_ap[WMI_REG_INDOOR_AP],
5304 		   reg_info->min_bw_6ghz_ap[WMI_REG_STANDARD_POWER_AP],
5305 		   reg_info->max_bw_6ghz_ap[WMI_REG_STANDARD_POWER_AP],
5306 		   reg_info->min_bw_6ghz_ap[WMI_REG_VERY_LOW_POWER_AP],
5307 		   reg_info->max_bw_6ghz_ap[WMI_REG_VERY_LOW_POWER_AP]);
5308 
5309 	for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
5310 		reg_info->min_bw_6ghz_client[WMI_REG_INDOOR_AP][i] =
5311 				ev->min_bw_6ghz_client_lpi[i];
5312 		reg_info->max_bw_6ghz_client[WMI_REG_INDOOR_AP][i] =
5313 				ev->max_bw_6ghz_client_lpi[i];
5314 		reg_info->min_bw_6ghz_client[WMI_REG_STANDARD_POWER_AP][i] =
5315 				ev->min_bw_6ghz_client_sp[i];
5316 		reg_info->max_bw_6ghz_client[WMI_REG_STANDARD_POWER_AP][i] =
5317 				ev->max_bw_6ghz_client_sp[i];
5318 		reg_info->min_bw_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][i] =
5319 				ev->min_bw_6ghz_client_vlp[i];
5320 		reg_info->max_bw_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][i] =
5321 				ev->max_bw_6ghz_client_vlp[i];
5322 
5323 		ath11k_dbg(ab, ATH11K_DBG_WMI,
5324 			   "6 GHz %s BW: LPI (%d - %d), SP (%d - %d), VLP (%d - %d)\n",
5325 			   ath11k_6ghz_client_type_to_str(i),
5326 			   reg_info->min_bw_6ghz_client[WMI_REG_INDOOR_AP][i],
5327 			   reg_info->max_bw_6ghz_client[WMI_REG_INDOOR_AP][i],
5328 			   reg_info->min_bw_6ghz_client[WMI_REG_STANDARD_POWER_AP][i],
5329 			   reg_info->max_bw_6ghz_client[WMI_REG_STANDARD_POWER_AP][i],
5330 			   reg_info->min_bw_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][i],
5331 			   reg_info->max_bw_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][i]);
5332 	}
5333 
5334 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5335 		   "cc_ext %s dsf %d BW: min_2ghz %d max_2ghz %d min_5ghz %d max_5ghz %d",
5336 		   reg_info->alpha2, reg_info->dfs_region,
5337 		   reg_info->min_bw_2ghz, reg_info->max_bw_2ghz,
5338 		   reg_info->min_bw_5ghz, reg_info->max_bw_5ghz);
5339 
5340 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5341 		   "num_2ghz_reg_rules %d num_5ghz_reg_rules %d",
5342 		   num_2ghz_reg_rules, num_5ghz_reg_rules);
5343 
5344 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5345 		   "num_6ghz_reg_rules_ap_lpi: %d num_6ghz_reg_rules_ap_sp: %d num_6ghz_reg_rules_ap_vlp: %d",
5346 		   num_6ghz_reg_rules_ap[WMI_REG_INDOOR_AP],
5347 		   num_6ghz_reg_rules_ap[WMI_REG_STANDARD_POWER_AP],
5348 		   num_6ghz_reg_rules_ap[WMI_REG_VERY_LOW_POWER_AP]);
5349 
5350 	j = WMI_REG_DEFAULT_CLIENT;
5351 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5352 		   "6 GHz Regular client: num_6ghz_reg_rules_lpi: %d num_6ghz_reg_rules_sp: %d num_6ghz_reg_rules_vlp: %d",
5353 		   num_6ghz_client[WMI_REG_INDOOR_AP][j],
5354 		   num_6ghz_client[WMI_REG_STANDARD_POWER_AP][j],
5355 		   num_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][j]);
5356 
5357 	j = WMI_REG_SUBORDINATE_CLIENT;
5358 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5359 		   "6 GHz Subordinate client: num_6ghz_reg_rules_lpi: %d num_6ghz_reg_rules_sp: %d num_6ghz_reg_rules_vlp: %d",
5360 		   num_6ghz_client[WMI_REG_INDOOR_AP][j],
5361 		   num_6ghz_client[WMI_REG_STANDARD_POWER_AP][j],
5362 		   num_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][j]);
5363 
5364 	ext_wmi_reg_rule =
5365 		(struct wmi_regulatory_ext_rule *)((u8 *)ev + sizeof(*ev) +
5366 						   sizeof(struct wmi_tlv));
5367 	if (num_2ghz_reg_rules) {
5368 		reg_info->reg_rules_2ghz_ptr =
5369 			create_ext_reg_rules_from_wmi(num_2ghz_reg_rules,
5370 						      ext_wmi_reg_rule);
5371 
5372 		if (!reg_info->reg_rules_2ghz_ptr) {
5373 			kfree(tb);
5374 			ath11k_warn(ab, "Unable to Allocate memory for 2 GHz rules\n");
5375 			return -ENOMEM;
5376 		}
5377 
5378 		ath11k_print_reg_rule(ab, "2 GHz",
5379 				      num_2ghz_reg_rules,
5380 				      reg_info->reg_rules_2ghz_ptr);
5381 	}
5382 
5383 	ext_wmi_reg_rule += num_2ghz_reg_rules;
5384 
5385 	/* Firmware might include 6 GHz reg rule in 5 GHz rule list
5386 	 * for few countries along with separate 6 GHz rule.
5387 	 * Having same 6 GHz reg rule in 5 GHz and 6 GHz rules list
5388 	 * causes intersect check to be true, and same rules will be
5389 	 * shown multiple times in iw cmd.
5390 	 * Hence, avoid parsing 6 GHz rule from 5 GHz reg rule list
5391 	 */
5392 	num_invalid_5ghz_ext_rules =
5393 		ath11k_invalid_5ghz_reg_ext_rules_from_wmi(num_5ghz_reg_rules,
5394 							   ext_wmi_reg_rule);
5395 
5396 	if (num_invalid_5ghz_ext_rules) {
5397 		ath11k_dbg(ab, ATH11K_DBG_WMI,
5398 			   "CC: %s 5 GHz reg rules number %d from fw, %d number of invalid 5 GHz rules",
5399 			   reg_info->alpha2, reg_info->num_5ghz_reg_rules,
5400 			   num_invalid_5ghz_ext_rules);
5401 
5402 		num_5ghz_reg_rules = num_5ghz_reg_rules - num_invalid_5ghz_ext_rules;
5403 		reg_info->num_5ghz_reg_rules = num_5ghz_reg_rules;
5404 	}
5405 
5406 	if (num_5ghz_reg_rules) {
5407 		reg_info->reg_rules_5ghz_ptr =
5408 			create_ext_reg_rules_from_wmi(num_5ghz_reg_rules,
5409 						      ext_wmi_reg_rule);
5410 
5411 		if (!reg_info->reg_rules_5ghz_ptr) {
5412 			kfree(tb);
5413 			ath11k_warn(ab, "Unable to Allocate memory for 5 GHz rules\n");
5414 			return -ENOMEM;
5415 		}
5416 
5417 		ath11k_print_reg_rule(ab, "5 GHz",
5418 				      num_5ghz_reg_rules,
5419 				      reg_info->reg_rules_5ghz_ptr);
5420 	}
5421 
5422 	/* We have adjusted the number of 5 GHz reg rules above. But still those
5423 	 * many rules needs to be adjusted in ext_wmi_reg_rule.
5424 	 *
5425 	 * NOTE: num_invalid_5ghz_ext_rules will be 0 for rest other cases.
5426 	 */
5427 	ext_wmi_reg_rule += (num_5ghz_reg_rules + num_invalid_5ghz_ext_rules);
5428 
5429 	for (i = 0; i < WMI_REG_CURRENT_MAX_AP_TYPE; i++) {
5430 		reg_info->reg_rules_6ghz_ap_ptr[i] =
5431 			create_ext_reg_rules_from_wmi(num_6ghz_reg_rules_ap[i],
5432 						      ext_wmi_reg_rule);
5433 
5434 		if (!reg_info->reg_rules_6ghz_ap_ptr[i]) {
5435 			kfree(tb);
5436 			ath11k_warn(ab, "Unable to Allocate memory for 6 GHz AP rules\n");
5437 			return -ENOMEM;
5438 		}
5439 
5440 		ath11k_print_reg_rule(ab, ath11k_6ghz_ap_type_to_str(i),
5441 				      num_6ghz_reg_rules_ap[i],
5442 				      reg_info->reg_rules_6ghz_ap_ptr[i]);
5443 
5444 		ext_wmi_reg_rule += num_6ghz_reg_rules_ap[i];
5445 	}
5446 
5447 	for (j = 0; j < WMI_REG_CURRENT_MAX_AP_TYPE; j++) {
5448 		ath11k_dbg(ab, ATH11K_DBG_WMI,
5449 			   "6 GHz AP type %s", ath11k_6ghz_ap_type_to_str(j));
5450 
5451 		for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
5452 			reg_info->reg_rules_6ghz_client_ptr[j][i] =
5453 				create_ext_reg_rules_from_wmi(num_6ghz_client[j][i],
5454 							      ext_wmi_reg_rule);
5455 
5456 			if (!reg_info->reg_rules_6ghz_client_ptr[j][i]) {
5457 				kfree(tb);
5458 				ath11k_warn(ab, "Unable to Allocate memory for 6 GHz client rules\n");
5459 				return -ENOMEM;
5460 			}
5461 
5462 			ath11k_print_reg_rule(ab,
5463 					      ath11k_6ghz_client_type_to_str(i),
5464 					      num_6ghz_client[j][i],
5465 					      reg_info->reg_rules_6ghz_client_ptr[j][i]);
5466 
5467 			ext_wmi_reg_rule += num_6ghz_client[j][i];
5468 		}
5469 	}
5470 
5471 	reg_info->client_type = ev->client_type;
5472 	reg_info->rnr_tpe_usable = ev->rnr_tpe_usable;
5473 	reg_info->unspecified_ap_usable =
5474 			ev->unspecified_ap_usable;
5475 	reg_info->domain_code_6ghz_ap[WMI_REG_INDOOR_AP] =
5476 			ev->domain_code_6ghz_ap_lpi;
5477 	reg_info->domain_code_6ghz_ap[WMI_REG_STANDARD_POWER_AP] =
5478 			ev->domain_code_6ghz_ap_sp;
5479 	reg_info->domain_code_6ghz_ap[WMI_REG_VERY_LOW_POWER_AP] =
5480 			ev->domain_code_6ghz_ap_vlp;
5481 
5482 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5483 		   "6 GHz reg info client type %s rnr_tpe_usable %d unspecified_ap_usable %d AP sub domain: lpi %s, sp %s, vlp %s\n",
5484 		   ath11k_6ghz_client_type_to_str(reg_info->client_type),
5485 		   reg_info->rnr_tpe_usable,
5486 		   reg_info->unspecified_ap_usable,
5487 		   ath11k_sub_reg_6ghz_to_str(ev->domain_code_6ghz_ap_lpi),
5488 		   ath11k_sub_reg_6ghz_to_str(ev->domain_code_6ghz_ap_sp),
5489 		   ath11k_sub_reg_6ghz_to_str(ev->domain_code_6ghz_ap_vlp));
5490 
5491 	for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
5492 		reg_info->domain_code_6ghz_client[WMI_REG_INDOOR_AP][i] =
5493 				ev->domain_code_6ghz_client_lpi[i];
5494 		reg_info->domain_code_6ghz_client[WMI_REG_STANDARD_POWER_AP][i] =
5495 				ev->domain_code_6ghz_client_sp[i];
5496 		reg_info->domain_code_6ghz_client[WMI_REG_VERY_LOW_POWER_AP][i] =
5497 				ev->domain_code_6ghz_client_vlp[i];
5498 
5499 		ath11k_dbg(ab, ATH11K_DBG_WMI,
5500 			   "6 GHz client type %s client sub domain: lpi %s, sp %s, vlp %s\n",
5501 			   ath11k_6ghz_client_type_to_str(i),
5502 			   ath11k_sub_reg_6ghz_to_str(ev->domain_code_6ghz_client_lpi[i]),
5503 			   ath11k_sub_reg_6ghz_to_str(ev->domain_code_6ghz_client_sp[i]),
5504 			   ath11k_sub_reg_6ghz_to_str(ev->domain_code_6ghz_client_vlp[i])
5505 			  );
5506 	}
5507 
5508 	reg_info->domain_code_6ghz_super_id = ev->domain_code_6ghz_super_id;
5509 
5510 	ath11k_dbg(ab, ATH11K_DBG_WMI,
5511 		   "6 GHz client_type %s 6 GHz super domain %s",
5512 		   ath11k_6ghz_client_type_to_str(reg_info->client_type),
5513 		   ath11k_super_reg_6ghz_to_str(reg_info->domain_code_6ghz_super_id));
5514 
5515 	ath11k_dbg(ab, ATH11K_DBG_WMI, "processed regulatory ext channel list\n");
5516 
5517 	kfree(tb);
5518 	return 0;
5519 }
5520 
5521 static int ath11k_pull_peer_del_resp_ev(struct ath11k_base *ab, struct sk_buff *skb,
5522 					struct wmi_peer_delete_resp_event *peer_del_resp)
5523 {
5524 	const void **tb;
5525 	const struct wmi_peer_delete_resp_event *ev;
5526 	int ret;
5527 
5528 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5529 	if (IS_ERR(tb)) {
5530 		ret = PTR_ERR(tb);
5531 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5532 		return ret;
5533 	}
5534 
5535 	ev = tb[WMI_TAG_PEER_DELETE_RESP_EVENT];
5536 	if (!ev) {
5537 		ath11k_warn(ab, "failed to fetch peer delete resp ev");
5538 		kfree(tb);
5539 		return -EPROTO;
5540 	}
5541 
5542 	memset(peer_del_resp, 0, sizeof(*peer_del_resp));
5543 
5544 	peer_del_resp->vdev_id = ev->vdev_id;
5545 	ether_addr_copy(peer_del_resp->peer_macaddr.addr,
5546 			ev->peer_macaddr.addr);
5547 
5548 	kfree(tb);
5549 	return 0;
5550 }
5551 
5552 static int ath11k_pull_vdev_del_resp_ev(struct ath11k_base *ab,
5553 					struct sk_buff *skb,
5554 					u32 *vdev_id)
5555 {
5556 	const void **tb;
5557 	const struct wmi_vdev_delete_resp_event *ev;
5558 	int ret;
5559 
5560 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5561 	if (IS_ERR(tb)) {
5562 		ret = PTR_ERR(tb);
5563 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5564 		return ret;
5565 	}
5566 
5567 	ev = tb[WMI_TAG_VDEV_DELETE_RESP_EVENT];
5568 	if (!ev) {
5569 		ath11k_warn(ab, "failed to fetch vdev delete resp ev");
5570 		kfree(tb);
5571 		return -EPROTO;
5572 	}
5573 
5574 	*vdev_id = ev->vdev_id;
5575 
5576 	kfree(tb);
5577 	return 0;
5578 }
5579 
5580 static int ath11k_pull_bcn_tx_status_ev(struct ath11k_base *ab, void *evt_buf,
5581 					u32 len, u32 *vdev_id,
5582 					u32 *tx_status)
5583 {
5584 	const void **tb;
5585 	const struct wmi_bcn_tx_status_event *ev;
5586 	int ret;
5587 
5588 	tb = ath11k_wmi_tlv_parse_alloc(ab, evt_buf, len, GFP_ATOMIC);
5589 	if (IS_ERR(tb)) {
5590 		ret = PTR_ERR(tb);
5591 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5592 		return ret;
5593 	}
5594 
5595 	ev = tb[WMI_TAG_OFFLOAD_BCN_TX_STATUS_EVENT];
5596 	if (!ev) {
5597 		ath11k_warn(ab, "failed to fetch bcn tx status ev");
5598 		kfree(tb);
5599 		return -EPROTO;
5600 	}
5601 
5602 	*vdev_id   = ev->vdev_id;
5603 	*tx_status = ev->tx_status;
5604 
5605 	kfree(tb);
5606 	return 0;
5607 }
5608 
5609 static int ath11k_pull_vdev_stopped_param_tlv(struct ath11k_base *ab, struct sk_buff *skb,
5610 					      u32 *vdev_id)
5611 {
5612 	const void **tb;
5613 	const struct wmi_vdev_stopped_event *ev;
5614 	int ret;
5615 
5616 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5617 	if (IS_ERR(tb)) {
5618 		ret = PTR_ERR(tb);
5619 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5620 		return ret;
5621 	}
5622 
5623 	ev = tb[WMI_TAG_VDEV_STOPPED_EVENT];
5624 	if (!ev) {
5625 		ath11k_warn(ab, "failed to fetch vdev stop ev");
5626 		kfree(tb);
5627 		return -EPROTO;
5628 	}
5629 
5630 	*vdev_id =  ev->vdev_id;
5631 
5632 	kfree(tb);
5633 	return 0;
5634 }
5635 
5636 static int ath11k_pull_mgmt_rx_params_tlv(struct ath11k_base *ab,
5637 					  struct sk_buff *skb,
5638 					  struct mgmt_rx_event_params *hdr)
5639 {
5640 	const void **tb;
5641 	const struct wmi_mgmt_rx_hdr *ev;
5642 	const u8 *frame;
5643 	int ret;
5644 
5645 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5646 	if (IS_ERR(tb)) {
5647 		ret = PTR_ERR(tb);
5648 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5649 		return ret;
5650 	}
5651 
5652 	ev = tb[WMI_TAG_MGMT_RX_HDR];
5653 	frame = tb[WMI_TAG_ARRAY_BYTE];
5654 
5655 	if (!ev || !frame) {
5656 		ath11k_warn(ab, "failed to fetch mgmt rx hdr");
5657 		kfree(tb);
5658 		return -EPROTO;
5659 	}
5660 
5661 	hdr->pdev_id =  ev->pdev_id;
5662 	hdr->chan_freq = ev->chan_freq;
5663 	hdr->channel =  ev->channel;
5664 	hdr->snr =  ev->snr;
5665 	hdr->rate =  ev->rate;
5666 	hdr->phy_mode =  ev->phy_mode;
5667 	hdr->buf_len =  ev->buf_len;
5668 	hdr->status =  ev->status;
5669 	hdr->flags =  ev->flags;
5670 	hdr->rssi =  ev->rssi;
5671 	hdr->tsf_delta =  ev->tsf_delta;
5672 	memcpy(hdr->rssi_ctl, ev->rssi_ctl, sizeof(hdr->rssi_ctl));
5673 
5674 	if (skb->len < (frame - skb->data) + hdr->buf_len) {
5675 		ath11k_warn(ab, "invalid length in mgmt rx hdr ev");
5676 		kfree(tb);
5677 		return -EPROTO;
5678 	}
5679 
5680 	/* shift the sk_buff to point to `frame` */
5681 	skb_trim(skb, 0);
5682 	skb_put(skb, frame - skb->data);
5683 	skb_pull(skb, frame - skb->data);
5684 	skb_put(skb, hdr->buf_len);
5685 
5686 	ath11k_ce_byte_swap(skb->data, hdr->buf_len);
5687 
5688 	kfree(tb);
5689 	return 0;
5690 }
5691 
5692 static int wmi_process_mgmt_tx_comp(struct ath11k *ar,
5693 				    struct wmi_mgmt_tx_compl_event *tx_compl_param)
5694 {
5695 	struct sk_buff *msdu;
5696 	struct ieee80211_tx_info *info;
5697 	struct ath11k_skb_cb *skb_cb;
5698 	int num_mgmt;
5699 
5700 	spin_lock_bh(&ar->txmgmt_idr_lock);
5701 	msdu = idr_find(&ar->txmgmt_idr, tx_compl_param->desc_id);
5702 
5703 	if (!msdu) {
5704 		ath11k_warn(ar->ab, "received mgmt tx compl for invalid msdu_id: %d\n",
5705 			    tx_compl_param->desc_id);
5706 		spin_unlock_bh(&ar->txmgmt_idr_lock);
5707 		return -ENOENT;
5708 	}
5709 
5710 	idr_remove(&ar->txmgmt_idr, tx_compl_param->desc_id);
5711 	spin_unlock_bh(&ar->txmgmt_idr_lock);
5712 
5713 	skb_cb = ATH11K_SKB_CB(msdu);
5714 	dma_unmap_single(ar->ab->dev, skb_cb->paddr, msdu->len, DMA_TO_DEVICE);
5715 
5716 	info = IEEE80211_SKB_CB(msdu);
5717 	if ((!(info->flags & IEEE80211_TX_CTL_NO_ACK)) &&
5718 	    !tx_compl_param->status) {
5719 		info->flags |= IEEE80211_TX_STAT_ACK;
5720 		if (test_bit(WMI_TLV_SERVICE_TX_DATA_MGMT_ACK_RSSI,
5721 			     ar->ab->wmi_ab.svc_map))
5722 			info->status.ack_signal = tx_compl_param->ack_rssi;
5723 	}
5724 
5725 	ieee80211_tx_status_irqsafe(ar->hw, msdu);
5726 
5727 	num_mgmt = atomic_dec_if_positive(&ar->num_pending_mgmt_tx);
5728 
5729 	/* WARN when we received this event without doing any mgmt tx */
5730 	if (num_mgmt < 0)
5731 		WARN_ON_ONCE(1);
5732 
5733 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
5734 		   "wmi mgmt tx comp pending %d desc id %d\n",
5735 		   num_mgmt, tx_compl_param->desc_id);
5736 
5737 	if (!num_mgmt)
5738 		wake_up(&ar->txmgmt_empty_waitq);
5739 
5740 	return 0;
5741 }
5742 
5743 static int ath11k_pull_mgmt_tx_compl_param_tlv(struct ath11k_base *ab,
5744 					       struct sk_buff *skb,
5745 					       struct wmi_mgmt_tx_compl_event *param)
5746 {
5747 	const void **tb;
5748 	const struct wmi_mgmt_tx_compl_event *ev;
5749 	int ret;
5750 
5751 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5752 	if (IS_ERR(tb)) {
5753 		ret = PTR_ERR(tb);
5754 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5755 		return ret;
5756 	}
5757 
5758 	ev = tb[WMI_TAG_MGMT_TX_COMPL_EVENT];
5759 	if (!ev) {
5760 		ath11k_warn(ab, "failed to fetch mgmt tx compl ev");
5761 		kfree(tb);
5762 		return -EPROTO;
5763 	}
5764 
5765 	param->pdev_id = ev->pdev_id;
5766 	param->desc_id = ev->desc_id;
5767 	param->status = ev->status;
5768 	param->ack_rssi = ev->ack_rssi;
5769 
5770 	kfree(tb);
5771 	return 0;
5772 }
5773 
5774 static void ath11k_wmi_event_scan_started(struct ath11k *ar)
5775 {
5776 	lockdep_assert_held(&ar->data_lock);
5777 
5778 	switch (ar->scan.state) {
5779 	case ATH11K_SCAN_IDLE:
5780 	case ATH11K_SCAN_RUNNING:
5781 	case ATH11K_SCAN_ABORTING:
5782 		ath11k_warn(ar->ab, "received scan started event in an invalid scan state: %s (%d)\n",
5783 			    ath11k_scan_state_str(ar->scan.state),
5784 			    ar->scan.state);
5785 		break;
5786 	case ATH11K_SCAN_STARTING:
5787 		ar->scan.state = ATH11K_SCAN_RUNNING;
5788 		if (ar->scan.is_roc)
5789 			ieee80211_ready_on_channel(ar->hw);
5790 		complete(&ar->scan.started);
5791 		break;
5792 	}
5793 }
5794 
5795 static void ath11k_wmi_event_scan_start_failed(struct ath11k *ar)
5796 {
5797 	lockdep_assert_held(&ar->data_lock);
5798 
5799 	switch (ar->scan.state) {
5800 	case ATH11K_SCAN_IDLE:
5801 	case ATH11K_SCAN_RUNNING:
5802 	case ATH11K_SCAN_ABORTING:
5803 		ath11k_warn(ar->ab, "received scan start failed event in an invalid scan state: %s (%d)\n",
5804 			    ath11k_scan_state_str(ar->scan.state),
5805 			    ar->scan.state);
5806 		break;
5807 	case ATH11K_SCAN_STARTING:
5808 		complete(&ar->scan.started);
5809 		__ath11k_mac_scan_finish(ar);
5810 		break;
5811 	}
5812 }
5813 
5814 static void ath11k_wmi_event_scan_completed(struct ath11k *ar)
5815 {
5816 	lockdep_assert_held(&ar->data_lock);
5817 
5818 	switch (ar->scan.state) {
5819 	case ATH11K_SCAN_IDLE:
5820 	case ATH11K_SCAN_STARTING:
5821 		/* One suspected reason scan can be completed while starting is
5822 		 * if firmware fails to deliver all scan events to the host,
5823 		 * e.g. when transport pipe is full. This has been observed
5824 		 * with spectral scan phyerr events starving wmi transport
5825 		 * pipe. In such case the "scan completed" event should be (and
5826 		 * is) ignored by the host as it may be just firmware's scan
5827 		 * state machine recovering.
5828 		 */
5829 		ath11k_warn(ar->ab, "received scan completed event in an invalid scan state: %s (%d)\n",
5830 			    ath11k_scan_state_str(ar->scan.state),
5831 			    ar->scan.state);
5832 		break;
5833 	case ATH11K_SCAN_RUNNING:
5834 	case ATH11K_SCAN_ABORTING:
5835 		__ath11k_mac_scan_finish(ar);
5836 		break;
5837 	}
5838 }
5839 
5840 static void ath11k_wmi_event_scan_bss_chan(struct ath11k *ar)
5841 {
5842 	lockdep_assert_held(&ar->data_lock);
5843 
5844 	switch (ar->scan.state) {
5845 	case ATH11K_SCAN_IDLE:
5846 	case ATH11K_SCAN_STARTING:
5847 		ath11k_warn(ar->ab, "received scan bss chan event in an invalid scan state: %s (%d)\n",
5848 			    ath11k_scan_state_str(ar->scan.state),
5849 			    ar->scan.state);
5850 		break;
5851 	case ATH11K_SCAN_RUNNING:
5852 	case ATH11K_SCAN_ABORTING:
5853 		ar->scan_channel = NULL;
5854 		break;
5855 	}
5856 }
5857 
5858 static void ath11k_wmi_event_scan_foreign_chan(struct ath11k *ar, u32 freq)
5859 {
5860 	lockdep_assert_held(&ar->data_lock);
5861 
5862 	switch (ar->scan.state) {
5863 	case ATH11K_SCAN_IDLE:
5864 	case ATH11K_SCAN_STARTING:
5865 		ath11k_warn(ar->ab, "received scan foreign chan event in an invalid scan state: %s (%d)\n",
5866 			    ath11k_scan_state_str(ar->scan.state),
5867 			    ar->scan.state);
5868 		break;
5869 	case ATH11K_SCAN_RUNNING:
5870 	case ATH11K_SCAN_ABORTING:
5871 		ar->scan_channel = ieee80211_get_channel(ar->hw->wiphy, freq);
5872 		if (ar->scan.is_roc && ar->scan.roc_freq == freq)
5873 			complete(&ar->scan.on_channel);
5874 		break;
5875 	}
5876 }
5877 
5878 static const char *
5879 ath11k_wmi_event_scan_type_str(enum wmi_scan_event_type type,
5880 			       enum wmi_scan_completion_reason reason)
5881 {
5882 	switch (type) {
5883 	case WMI_SCAN_EVENT_STARTED:
5884 		return "started";
5885 	case WMI_SCAN_EVENT_COMPLETED:
5886 		switch (reason) {
5887 		case WMI_SCAN_REASON_COMPLETED:
5888 			return "completed";
5889 		case WMI_SCAN_REASON_CANCELLED:
5890 			return "completed [cancelled]";
5891 		case WMI_SCAN_REASON_PREEMPTED:
5892 			return "completed [preempted]";
5893 		case WMI_SCAN_REASON_TIMEDOUT:
5894 			return "completed [timedout]";
5895 		case WMI_SCAN_REASON_INTERNAL_FAILURE:
5896 			return "completed [internal err]";
5897 		case WMI_SCAN_REASON_MAX:
5898 			break;
5899 		}
5900 		return "completed [unknown]";
5901 	case WMI_SCAN_EVENT_BSS_CHANNEL:
5902 		return "bss channel";
5903 	case WMI_SCAN_EVENT_FOREIGN_CHAN:
5904 		return "foreign channel";
5905 	case WMI_SCAN_EVENT_DEQUEUED:
5906 		return "dequeued";
5907 	case WMI_SCAN_EVENT_PREEMPTED:
5908 		return "preempted";
5909 	case WMI_SCAN_EVENT_START_FAILED:
5910 		return "start failed";
5911 	case WMI_SCAN_EVENT_RESTARTED:
5912 		return "restarted";
5913 	case WMI_SCAN_EVENT_FOREIGN_CHAN_EXIT:
5914 		return "foreign channel exit";
5915 	default:
5916 		return "unknown";
5917 	}
5918 }
5919 
5920 static int ath11k_pull_scan_ev(struct ath11k_base *ab, struct sk_buff *skb,
5921 			       struct wmi_scan_event *scan_evt_param)
5922 {
5923 	const void **tb;
5924 	const struct wmi_scan_event *ev;
5925 	int ret;
5926 
5927 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5928 	if (IS_ERR(tb)) {
5929 		ret = PTR_ERR(tb);
5930 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5931 		return ret;
5932 	}
5933 
5934 	ev = tb[WMI_TAG_SCAN_EVENT];
5935 	if (!ev) {
5936 		ath11k_warn(ab, "failed to fetch scan ev");
5937 		kfree(tb);
5938 		return -EPROTO;
5939 	}
5940 
5941 	scan_evt_param->event_type = ev->event_type;
5942 	scan_evt_param->reason = ev->reason;
5943 	scan_evt_param->channel_freq = ev->channel_freq;
5944 	scan_evt_param->scan_req_id = ev->scan_req_id;
5945 	scan_evt_param->scan_id = ev->scan_id;
5946 	scan_evt_param->vdev_id = ev->vdev_id;
5947 	scan_evt_param->tsf_timestamp = ev->tsf_timestamp;
5948 
5949 	kfree(tb);
5950 	return 0;
5951 }
5952 
5953 static int ath11k_pull_peer_sta_kickout_ev(struct ath11k_base *ab, struct sk_buff *skb,
5954 					   struct wmi_peer_sta_kickout_arg *arg)
5955 {
5956 	const void **tb;
5957 	const struct wmi_peer_sta_kickout_event *ev;
5958 	int ret;
5959 
5960 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5961 	if (IS_ERR(tb)) {
5962 		ret = PTR_ERR(tb);
5963 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5964 		return ret;
5965 	}
5966 
5967 	ev = tb[WMI_TAG_PEER_STA_KICKOUT_EVENT];
5968 	if (!ev) {
5969 		ath11k_warn(ab, "failed to fetch peer sta kickout ev");
5970 		kfree(tb);
5971 		return -EPROTO;
5972 	}
5973 
5974 	arg->mac_addr = ev->peer_macaddr.addr;
5975 
5976 	kfree(tb);
5977 	return 0;
5978 }
5979 
5980 static int ath11k_pull_roam_ev(struct ath11k_base *ab, struct sk_buff *skb,
5981 			       struct wmi_roam_event *roam_ev)
5982 {
5983 	const void **tb;
5984 	const struct wmi_roam_event *ev;
5985 	int ret;
5986 
5987 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5988 	if (IS_ERR(tb)) {
5989 		ret = PTR_ERR(tb);
5990 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
5991 		return ret;
5992 	}
5993 
5994 	ev = tb[WMI_TAG_ROAM_EVENT];
5995 	if (!ev) {
5996 		ath11k_warn(ab, "failed to fetch roam ev");
5997 		kfree(tb);
5998 		return -EPROTO;
5999 	}
6000 
6001 	roam_ev->vdev_id = ev->vdev_id;
6002 	roam_ev->reason = ev->reason;
6003 	roam_ev->rssi = ev->rssi;
6004 
6005 	kfree(tb);
6006 	return 0;
6007 }
6008 
6009 static int freq_to_idx(struct ath11k *ar, int freq)
6010 {
6011 	struct ieee80211_supported_band *sband;
6012 	int band, ch, idx = 0;
6013 
6014 	for (band = NL80211_BAND_2GHZ; band < NUM_NL80211_BANDS; band++) {
6015 		sband = ar->hw->wiphy->bands[band];
6016 		if (!sband)
6017 			continue;
6018 
6019 		for (ch = 0; ch < sband->n_channels; ch++, idx++)
6020 			if (sband->channels[ch].center_freq == freq)
6021 				goto exit;
6022 	}
6023 
6024 exit:
6025 	return idx;
6026 }
6027 
6028 static int ath11k_pull_chan_info_ev(struct ath11k_base *ab, u8 *evt_buf,
6029 				    u32 len, struct wmi_chan_info_event *ch_info_ev)
6030 {
6031 	const void **tb;
6032 	const struct wmi_chan_info_event *ev;
6033 	int ret;
6034 
6035 	tb = ath11k_wmi_tlv_parse_alloc(ab, evt_buf, len, GFP_ATOMIC);
6036 	if (IS_ERR(tb)) {
6037 		ret = PTR_ERR(tb);
6038 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
6039 		return ret;
6040 	}
6041 
6042 	ev = tb[WMI_TAG_CHAN_INFO_EVENT];
6043 	if (!ev) {
6044 		ath11k_warn(ab, "failed to fetch chan info ev");
6045 		kfree(tb);
6046 		return -EPROTO;
6047 	}
6048 
6049 	ch_info_ev->err_code = ev->err_code;
6050 	ch_info_ev->freq = ev->freq;
6051 	ch_info_ev->cmd_flags = ev->cmd_flags;
6052 	ch_info_ev->noise_floor = ev->noise_floor;
6053 	ch_info_ev->rx_clear_count = ev->rx_clear_count;
6054 	ch_info_ev->cycle_count = ev->cycle_count;
6055 	ch_info_ev->chan_tx_pwr_range = ev->chan_tx_pwr_range;
6056 	ch_info_ev->chan_tx_pwr_tp = ev->chan_tx_pwr_tp;
6057 	ch_info_ev->rx_frame_count = ev->rx_frame_count;
6058 	ch_info_ev->tx_frame_cnt = ev->tx_frame_cnt;
6059 	ch_info_ev->mac_clk_mhz = ev->mac_clk_mhz;
6060 	ch_info_ev->vdev_id = ev->vdev_id;
6061 
6062 	kfree(tb);
6063 	return 0;
6064 }
6065 
6066 static int
6067 ath11k_pull_pdev_bss_chan_info_ev(struct ath11k_base *ab, struct sk_buff *skb,
6068 				  struct wmi_pdev_bss_chan_info_event *bss_ch_info_ev)
6069 {
6070 	const void **tb;
6071 	const struct wmi_pdev_bss_chan_info_event *ev;
6072 	int ret;
6073 
6074 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6075 	if (IS_ERR(tb)) {
6076 		ret = PTR_ERR(tb);
6077 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
6078 		return ret;
6079 	}
6080 
6081 	ev = tb[WMI_TAG_PDEV_BSS_CHAN_INFO_EVENT];
6082 	if (!ev) {
6083 		ath11k_warn(ab, "failed to fetch pdev bss chan info ev");
6084 		kfree(tb);
6085 		return -EPROTO;
6086 	}
6087 
6088 	bss_ch_info_ev->pdev_id = ev->pdev_id;
6089 	bss_ch_info_ev->freq = ev->freq;
6090 	bss_ch_info_ev->noise_floor = ev->noise_floor;
6091 	bss_ch_info_ev->rx_clear_count_low = ev->rx_clear_count_low;
6092 	bss_ch_info_ev->rx_clear_count_high = ev->rx_clear_count_high;
6093 	bss_ch_info_ev->cycle_count_low = ev->cycle_count_low;
6094 	bss_ch_info_ev->cycle_count_high = ev->cycle_count_high;
6095 	bss_ch_info_ev->tx_cycle_count_low = ev->tx_cycle_count_low;
6096 	bss_ch_info_ev->tx_cycle_count_high = ev->tx_cycle_count_high;
6097 	bss_ch_info_ev->rx_cycle_count_low = ev->rx_cycle_count_low;
6098 	bss_ch_info_ev->rx_cycle_count_high = ev->rx_cycle_count_high;
6099 	bss_ch_info_ev->rx_bss_cycle_count_low = ev->rx_bss_cycle_count_low;
6100 	bss_ch_info_ev->rx_bss_cycle_count_high = ev->rx_bss_cycle_count_high;
6101 
6102 	kfree(tb);
6103 	return 0;
6104 }
6105 
6106 static int
6107 ath11k_pull_vdev_install_key_compl_ev(struct ath11k_base *ab, struct sk_buff *skb,
6108 				      struct wmi_vdev_install_key_complete_arg *arg)
6109 {
6110 	const void **tb;
6111 	const struct wmi_vdev_install_key_compl_event *ev;
6112 	int ret;
6113 
6114 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6115 	if (IS_ERR(tb)) {
6116 		ret = PTR_ERR(tb);
6117 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
6118 		return ret;
6119 	}
6120 
6121 	ev = tb[WMI_TAG_VDEV_INSTALL_KEY_COMPLETE_EVENT];
6122 	if (!ev) {
6123 		ath11k_warn(ab, "failed to fetch vdev install key compl ev");
6124 		kfree(tb);
6125 		return -EPROTO;
6126 	}
6127 
6128 	arg->vdev_id = ev->vdev_id;
6129 	arg->macaddr = ev->peer_macaddr.addr;
6130 	arg->key_idx = ev->key_idx;
6131 	arg->key_flags = ev->key_flags;
6132 	arg->status = ev->status;
6133 
6134 	kfree(tb);
6135 	return 0;
6136 }
6137 
6138 static int ath11k_pull_peer_assoc_conf_ev(struct ath11k_base *ab, struct sk_buff *skb,
6139 					  struct wmi_peer_assoc_conf_arg *peer_assoc_conf)
6140 {
6141 	const void **tb;
6142 	const struct wmi_peer_assoc_conf_event *ev;
6143 	int ret;
6144 
6145 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6146 	if (IS_ERR(tb)) {
6147 		ret = PTR_ERR(tb);
6148 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
6149 		return ret;
6150 	}
6151 
6152 	ev = tb[WMI_TAG_PEER_ASSOC_CONF_EVENT];
6153 	if (!ev) {
6154 		ath11k_warn(ab, "failed to fetch peer assoc conf ev");
6155 		kfree(tb);
6156 		return -EPROTO;
6157 	}
6158 
6159 	peer_assoc_conf->vdev_id = ev->vdev_id;
6160 	peer_assoc_conf->macaddr = ev->peer_macaddr.addr;
6161 
6162 	kfree(tb);
6163 	return 0;
6164 }
6165 
6166 static void ath11k_wmi_pull_pdev_stats_base(const struct wmi_pdev_stats_base *src,
6167 					    struct ath11k_fw_stats_pdev *dst)
6168 {
6169 	dst->ch_noise_floor = src->chan_nf;
6170 	dst->tx_frame_count = src->tx_frame_count;
6171 	dst->rx_frame_count = src->rx_frame_count;
6172 	dst->rx_clear_count = src->rx_clear_count;
6173 	dst->cycle_count = src->cycle_count;
6174 	dst->phy_err_count = src->phy_err_count;
6175 	dst->chan_tx_power = src->chan_tx_pwr;
6176 }
6177 
6178 static void
6179 ath11k_wmi_pull_pdev_stats_tx(const struct wmi_pdev_stats_tx *src,
6180 			      struct ath11k_fw_stats_pdev *dst)
6181 {
6182 	dst->comp_queued = src->comp_queued;
6183 	dst->comp_delivered = src->comp_delivered;
6184 	dst->msdu_enqued = src->msdu_enqued;
6185 	dst->mpdu_enqued = src->mpdu_enqued;
6186 	dst->wmm_drop = src->wmm_drop;
6187 	dst->local_enqued = src->local_enqued;
6188 	dst->local_freed = src->local_freed;
6189 	dst->hw_queued = src->hw_queued;
6190 	dst->hw_reaped = src->hw_reaped;
6191 	dst->underrun = src->underrun;
6192 	dst->hw_paused = src->hw_paused;
6193 	dst->tx_abort = src->tx_abort;
6194 	dst->mpdus_requeued = src->mpdus_requeued;
6195 	dst->tx_ko = src->tx_ko;
6196 	dst->tx_xretry = src->tx_xretry;
6197 	dst->data_rc = src->data_rc;
6198 	dst->self_triggers = src->self_triggers;
6199 	dst->sw_retry_failure = src->sw_retry_failure;
6200 	dst->illgl_rate_phy_err = src->illgl_rate_phy_err;
6201 	dst->pdev_cont_xretry = src->pdev_cont_xretry;
6202 	dst->pdev_tx_timeout = src->pdev_tx_timeout;
6203 	dst->pdev_resets = src->pdev_resets;
6204 	dst->stateless_tid_alloc_failure = src->stateless_tid_alloc_failure;
6205 	dst->phy_underrun = src->phy_underrun;
6206 	dst->txop_ovf = src->txop_ovf;
6207 	dst->seq_posted = src->seq_posted;
6208 	dst->seq_failed_queueing = src->seq_failed_queueing;
6209 	dst->seq_completed = src->seq_completed;
6210 	dst->seq_restarted = src->seq_restarted;
6211 	dst->mu_seq_posted = src->mu_seq_posted;
6212 	dst->mpdus_sw_flush = src->mpdus_sw_flush;
6213 	dst->mpdus_hw_filter = src->mpdus_hw_filter;
6214 	dst->mpdus_truncated = src->mpdus_truncated;
6215 	dst->mpdus_ack_failed = src->mpdus_ack_failed;
6216 	dst->mpdus_expired = src->mpdus_expired;
6217 }
6218 
6219 static void ath11k_wmi_pull_pdev_stats_rx(const struct wmi_pdev_stats_rx *src,
6220 					  struct ath11k_fw_stats_pdev *dst)
6221 {
6222 	dst->mid_ppdu_route_change = src->mid_ppdu_route_change;
6223 	dst->status_rcvd = src->status_rcvd;
6224 	dst->r0_frags = src->r0_frags;
6225 	dst->r1_frags = src->r1_frags;
6226 	dst->r2_frags = src->r2_frags;
6227 	dst->r3_frags = src->r3_frags;
6228 	dst->htt_msdus = src->htt_msdus;
6229 	dst->htt_mpdus = src->htt_mpdus;
6230 	dst->loc_msdus = src->loc_msdus;
6231 	dst->loc_mpdus = src->loc_mpdus;
6232 	dst->oversize_amsdu = src->oversize_amsdu;
6233 	dst->phy_errs = src->phy_errs;
6234 	dst->phy_err_drop = src->phy_err_drop;
6235 	dst->mpdu_errs = src->mpdu_errs;
6236 	dst->rx_ovfl_errs = src->rx_ovfl_errs;
6237 }
6238 
6239 static void
6240 ath11k_wmi_pull_vdev_stats(const struct wmi_vdev_stats *src,
6241 			   struct ath11k_fw_stats_vdev *dst)
6242 {
6243 	int i;
6244 
6245 	dst->vdev_id = src->vdev_id;
6246 	dst->beacon_snr = src->beacon_snr;
6247 	dst->data_snr = src->data_snr;
6248 	dst->num_rx_frames = src->num_rx_frames;
6249 	dst->num_rts_fail = src->num_rts_fail;
6250 	dst->num_rts_success = src->num_rts_success;
6251 	dst->num_rx_err = src->num_rx_err;
6252 	dst->num_rx_discard = src->num_rx_discard;
6253 	dst->num_tx_not_acked = src->num_tx_not_acked;
6254 
6255 	for (i = 0; i < ARRAY_SIZE(src->num_tx_frames); i++)
6256 		dst->num_tx_frames[i] = src->num_tx_frames[i];
6257 
6258 	for (i = 0; i < ARRAY_SIZE(src->num_tx_frames_retries); i++)
6259 		dst->num_tx_frames_retries[i] = src->num_tx_frames_retries[i];
6260 
6261 	for (i = 0; i < ARRAY_SIZE(src->num_tx_frames_failures); i++)
6262 		dst->num_tx_frames_failures[i] = src->num_tx_frames_failures[i];
6263 
6264 	for (i = 0; i < ARRAY_SIZE(src->tx_rate_history); i++)
6265 		dst->tx_rate_history[i] = src->tx_rate_history[i];
6266 
6267 	for (i = 0; i < ARRAY_SIZE(src->beacon_rssi_history); i++)
6268 		dst->beacon_rssi_history[i] = src->beacon_rssi_history[i];
6269 }
6270 
6271 static void
6272 ath11k_wmi_pull_bcn_stats(const struct wmi_bcn_stats *src,
6273 			  struct ath11k_fw_stats_bcn *dst)
6274 {
6275 	dst->vdev_id = src->vdev_id;
6276 	dst->tx_bcn_succ_cnt = src->tx_bcn_succ_cnt;
6277 	dst->tx_bcn_outage_cnt = src->tx_bcn_outage_cnt;
6278 }
6279 
6280 static int ath11k_wmi_tlv_rssi_chain_parse(struct ath11k_base *ab,
6281 					   u16 tag, u16 len,
6282 					   const void *ptr, void *data)
6283 {
6284 	struct wmi_tlv_fw_stats_parse *parse = data;
6285 	const struct wmi_stats_event *ev = parse->ev;
6286 	struct ath11k_fw_stats *stats = parse->stats;
6287 	struct ath11k *ar;
6288 	struct ath11k_vif *arvif;
6289 	struct ieee80211_sta *sta;
6290 	struct ath11k_sta *arsta;
6291 	const struct wmi_rssi_stats *stats_rssi = (const struct wmi_rssi_stats *)ptr;
6292 	int j, ret = 0;
6293 
6294 	if (tag != WMI_TAG_RSSI_STATS)
6295 		return -EPROTO;
6296 
6297 	rcu_read_lock();
6298 
6299 	ar = ath11k_mac_get_ar_by_pdev_id(ab, ev->pdev_id);
6300 	stats->stats_id = WMI_REQUEST_RSSI_PER_CHAIN_STAT;
6301 
6302 	ath11k_dbg(ab, ATH11K_DBG_WMI,
6303 		   "wmi stats vdev id %d mac %pM\n",
6304 		   stats_rssi->vdev_id, stats_rssi->peer_macaddr.addr);
6305 
6306 	arvif = ath11k_mac_get_arvif(ar, stats_rssi->vdev_id);
6307 	if (!arvif) {
6308 		ath11k_warn(ab, "not found vif for vdev id %d\n",
6309 			    stats_rssi->vdev_id);
6310 		ret = -EPROTO;
6311 		goto exit;
6312 	}
6313 
6314 	ath11k_dbg(ab, ATH11K_DBG_WMI,
6315 		   "wmi stats bssid %pM vif %pK\n",
6316 		   arvif->bssid, arvif->vif);
6317 
6318 	sta = ieee80211_find_sta_by_ifaddr(ar->hw,
6319 					   arvif->bssid,
6320 					   NULL);
6321 	if (!sta) {
6322 		ath11k_dbg(ab, ATH11K_DBG_WMI,
6323 			   "not found station of bssid %pM for rssi chain\n",
6324 			   arvif->bssid);
6325 		goto exit;
6326 	}
6327 
6328 	arsta = (struct ath11k_sta *)sta->drv_priv;
6329 
6330 	BUILD_BUG_ON(ARRAY_SIZE(arsta->chain_signal) >
6331 		     ARRAY_SIZE(stats_rssi->rssi_avg_beacon));
6332 
6333 	for (j = 0; j < ARRAY_SIZE(arsta->chain_signal); j++) {
6334 		arsta->chain_signal[j] = stats_rssi->rssi_avg_beacon[j];
6335 		ath11k_dbg(ab, ATH11K_DBG_WMI,
6336 			   "wmi stats beacon rssi[%d] %d data rssi[%d] %d\n",
6337 			   j,
6338 			   stats_rssi->rssi_avg_beacon[j],
6339 			   j,
6340 			   stats_rssi->rssi_avg_data[j]);
6341 	}
6342 
6343 exit:
6344 	rcu_read_unlock();
6345 	return ret;
6346 }
6347 
6348 static int ath11k_wmi_tlv_fw_stats_data_parse(struct ath11k_base *ab,
6349 					      struct wmi_tlv_fw_stats_parse *parse,
6350 					      const void *ptr,
6351 					      u16 len)
6352 {
6353 	struct ath11k_fw_stats *stats = parse->stats;
6354 	const struct wmi_stats_event *ev = parse->ev;
6355 	struct ath11k *ar;
6356 	struct ath11k_vif *arvif;
6357 	struct ieee80211_sta *sta;
6358 	struct ath11k_sta *arsta;
6359 	int i, ret = 0;
6360 	const void *data = ptr;
6361 
6362 	if (!ev) {
6363 		ath11k_warn(ab, "failed to fetch update stats ev");
6364 		return -EPROTO;
6365 	}
6366 
6367 	stats->stats_id = 0;
6368 
6369 	rcu_read_lock();
6370 
6371 	ar = ath11k_mac_get_ar_by_pdev_id(ab, ev->pdev_id);
6372 
6373 	for (i = 0; i < ev->num_pdev_stats; i++) {
6374 		const struct wmi_pdev_stats *src;
6375 		struct ath11k_fw_stats_pdev *dst;
6376 
6377 		src = data;
6378 		if (len < sizeof(*src)) {
6379 			ret = -EPROTO;
6380 			goto exit;
6381 		}
6382 
6383 		stats->stats_id = WMI_REQUEST_PDEV_STAT;
6384 
6385 		data += sizeof(*src);
6386 		len -= sizeof(*src);
6387 
6388 		dst = kzalloc(sizeof(*dst), GFP_ATOMIC);
6389 		if (!dst)
6390 			continue;
6391 
6392 		ath11k_wmi_pull_pdev_stats_base(&src->base, dst);
6393 		ath11k_wmi_pull_pdev_stats_tx(&src->tx, dst);
6394 		ath11k_wmi_pull_pdev_stats_rx(&src->rx, dst);
6395 		list_add_tail(&dst->list, &stats->pdevs);
6396 	}
6397 
6398 	for (i = 0; i < ev->num_vdev_stats; i++) {
6399 		const struct wmi_vdev_stats *src;
6400 		struct ath11k_fw_stats_vdev *dst;
6401 
6402 		src = data;
6403 		if (len < sizeof(*src)) {
6404 			ret = -EPROTO;
6405 			goto exit;
6406 		}
6407 
6408 		stats->stats_id = WMI_REQUEST_VDEV_STAT;
6409 
6410 		arvif = ath11k_mac_get_arvif(ar, src->vdev_id);
6411 		if (arvif) {
6412 			sta = ieee80211_find_sta_by_ifaddr(ar->hw,
6413 							   arvif->bssid,
6414 							   NULL);
6415 			if (sta) {
6416 				arsta = (struct ath11k_sta *)sta->drv_priv;
6417 				arsta->rssi_beacon = src->beacon_snr;
6418 				ath11k_dbg(ab, ATH11K_DBG_WMI,
6419 					   "wmi stats vdev id %d snr %d\n",
6420 					   src->vdev_id, src->beacon_snr);
6421 			} else {
6422 				ath11k_dbg(ab, ATH11K_DBG_WMI,
6423 					   "not found station of bssid %pM for vdev stat\n",
6424 					   arvif->bssid);
6425 			}
6426 		}
6427 
6428 		data += sizeof(*src);
6429 		len -= sizeof(*src);
6430 
6431 		dst = kzalloc(sizeof(*dst), GFP_ATOMIC);
6432 		if (!dst)
6433 			continue;
6434 
6435 		ath11k_wmi_pull_vdev_stats(src, dst);
6436 		list_add_tail(&dst->list, &stats->vdevs);
6437 	}
6438 
6439 	for (i = 0; i < ev->num_bcn_stats; i++) {
6440 		const struct wmi_bcn_stats *src;
6441 		struct ath11k_fw_stats_bcn *dst;
6442 
6443 		src = data;
6444 		if (len < sizeof(*src)) {
6445 			ret = -EPROTO;
6446 			goto exit;
6447 		}
6448 
6449 		stats->stats_id = WMI_REQUEST_BCN_STAT;
6450 
6451 		data += sizeof(*src);
6452 		len -= sizeof(*src);
6453 
6454 		dst = kzalloc(sizeof(*dst), GFP_ATOMIC);
6455 		if (!dst)
6456 			continue;
6457 
6458 		ath11k_wmi_pull_bcn_stats(src, dst);
6459 		list_add_tail(&dst->list, &stats->bcn);
6460 	}
6461 
6462 exit:
6463 	rcu_read_unlock();
6464 	return ret;
6465 }
6466 
6467 static int ath11k_wmi_tlv_fw_stats_parse(struct ath11k_base *ab,
6468 					 u16 tag, u16 len,
6469 					 const void *ptr, void *data)
6470 {
6471 	struct wmi_tlv_fw_stats_parse *parse = data;
6472 	int ret = 0;
6473 
6474 	switch (tag) {
6475 	case WMI_TAG_STATS_EVENT:
6476 		parse->ev = (struct wmi_stats_event *)ptr;
6477 		parse->stats->pdev_id = parse->ev->pdev_id;
6478 		break;
6479 	case WMI_TAG_ARRAY_BYTE:
6480 		ret = ath11k_wmi_tlv_fw_stats_data_parse(ab, parse, ptr, len);
6481 		break;
6482 	case WMI_TAG_PER_CHAIN_RSSI_STATS:
6483 		parse->rssi = (struct wmi_per_chain_rssi_stats *)ptr;
6484 
6485 		if (parse->ev->stats_id & WMI_REQUEST_RSSI_PER_CHAIN_STAT)
6486 			parse->rssi_num = parse->rssi->num_per_chain_rssi_stats;
6487 
6488 		ath11k_dbg(ab, ATH11K_DBG_WMI,
6489 			   "wmi stats id 0x%x num chain %d\n",
6490 			   parse->ev->stats_id,
6491 			   parse->rssi_num);
6492 		break;
6493 	case WMI_TAG_ARRAY_STRUCT:
6494 		if (parse->rssi_num && !parse->chain_rssi_done) {
6495 			ret = ath11k_wmi_tlv_iter(ab, ptr, len,
6496 						  ath11k_wmi_tlv_rssi_chain_parse,
6497 						  parse);
6498 			if (ret) {
6499 				ath11k_warn(ab, "failed to parse rssi chain %d\n",
6500 					    ret);
6501 				return ret;
6502 			}
6503 			parse->chain_rssi_done = true;
6504 		}
6505 		break;
6506 	default:
6507 		break;
6508 	}
6509 	return ret;
6510 }
6511 
6512 int ath11k_wmi_pull_fw_stats(struct ath11k_base *ab, struct sk_buff *skb,
6513 			     struct ath11k_fw_stats *stats)
6514 {
6515 	struct wmi_tlv_fw_stats_parse parse = { };
6516 
6517 	stats->stats_id = 0;
6518 	parse.stats = stats;
6519 
6520 	return ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
6521 				   ath11k_wmi_tlv_fw_stats_parse,
6522 				   &parse);
6523 }
6524 
6525 size_t ath11k_wmi_fw_stats_num_vdevs(struct list_head *head)
6526 {
6527 	struct ath11k_fw_stats_vdev *i;
6528 	size_t num = 0;
6529 
6530 	list_for_each_entry(i, head, list)
6531 		++num;
6532 
6533 	return num;
6534 }
6535 
6536 static size_t ath11k_wmi_fw_stats_num_bcn(struct list_head *head)
6537 {
6538 	struct ath11k_fw_stats_bcn *i;
6539 	size_t num = 0;
6540 
6541 	list_for_each_entry(i, head, list)
6542 		++num;
6543 
6544 	return num;
6545 }
6546 
6547 static void
6548 ath11k_wmi_fw_pdev_base_stats_fill(const struct ath11k_fw_stats_pdev *pdev,
6549 				   char *buf, u32 *length)
6550 {
6551 	u32 len = *length;
6552 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6553 
6554 	len += scnprintf(buf + len, buf_len - len, "\n");
6555 	len += scnprintf(buf + len, buf_len - len, "%30s\n",
6556 			"ath11k PDEV stats");
6557 	len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6558 			"=================");
6559 
6560 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6561 			"Channel noise floor", pdev->ch_noise_floor);
6562 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6563 			"Channel TX power", pdev->chan_tx_power);
6564 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6565 			"TX frame count", pdev->tx_frame_count);
6566 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6567 			"RX frame count", pdev->rx_frame_count);
6568 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6569 			"RX clear count", pdev->rx_clear_count);
6570 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6571 			"Cycle count", pdev->cycle_count);
6572 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6573 			"PHY error count", pdev->phy_err_count);
6574 
6575 	*length = len;
6576 }
6577 
6578 static void
6579 ath11k_wmi_fw_pdev_tx_stats_fill(const struct ath11k_fw_stats_pdev *pdev,
6580 				 char *buf, u32 *length)
6581 {
6582 	u32 len = *length;
6583 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6584 
6585 	len += scnprintf(buf + len, buf_len - len, "\n%30s\n",
6586 			 "ath11k PDEV TX stats");
6587 	len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6588 			 "====================");
6589 
6590 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6591 			 "HTT cookies queued", pdev->comp_queued);
6592 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6593 			 "HTT cookies disp.", pdev->comp_delivered);
6594 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6595 			 "MSDU queued", pdev->msdu_enqued);
6596 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6597 			 "MPDU queued", pdev->mpdu_enqued);
6598 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6599 			 "MSDUs dropped", pdev->wmm_drop);
6600 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6601 			 "Local enqued", pdev->local_enqued);
6602 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6603 			 "Local freed", pdev->local_freed);
6604 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6605 			 "HW queued", pdev->hw_queued);
6606 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6607 			 "PPDUs reaped", pdev->hw_reaped);
6608 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6609 			 "Num underruns", pdev->underrun);
6610 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6611 			 "Num HW Paused", pdev->hw_paused);
6612 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6613 			 "PPDUs cleaned", pdev->tx_abort);
6614 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6615 			 "MPDUs requeued", pdev->mpdus_requeued);
6616 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6617 			 "PPDU OK", pdev->tx_ko);
6618 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6619 			 "Excessive retries", pdev->tx_xretry);
6620 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6621 			 "HW rate", pdev->data_rc);
6622 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6623 			 "Sched self triggers", pdev->self_triggers);
6624 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6625 			 "Dropped due to SW retries",
6626 			 pdev->sw_retry_failure);
6627 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6628 			 "Illegal rate phy errors",
6629 			 pdev->illgl_rate_phy_err);
6630 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6631 			 "PDEV continuous xretry", pdev->pdev_cont_xretry);
6632 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6633 			 "TX timeout", pdev->pdev_tx_timeout);
6634 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6635 			 "PDEV resets", pdev->pdev_resets);
6636 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6637 			 "Stateless TIDs alloc failures",
6638 			 pdev->stateless_tid_alloc_failure);
6639 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6640 			 "PHY underrun", pdev->phy_underrun);
6641 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6642 			 "MPDU is more than txop limit", pdev->txop_ovf);
6643 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6644 			 "Num sequences posted", pdev->seq_posted);
6645 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6646 			 "Num seq failed queueing ", pdev->seq_failed_queueing);
6647 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6648 			 "Num sequences completed ", pdev->seq_completed);
6649 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6650 			 "Num sequences restarted ", pdev->seq_restarted);
6651 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6652 			 "Num of MU sequences posted ", pdev->mu_seq_posted);
6653 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6654 			 "Num of MPDUS SW flushed ", pdev->mpdus_sw_flush);
6655 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6656 			 "Num of MPDUS HW filtered ", pdev->mpdus_hw_filter);
6657 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6658 			 "Num of MPDUS truncated ", pdev->mpdus_truncated);
6659 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6660 			 "Num of MPDUS ACK failed ", pdev->mpdus_ack_failed);
6661 	len += scnprintf(buf + len, buf_len - len, "%30s %10u\n",
6662 			 "Num of MPDUS expired ", pdev->mpdus_expired);
6663 	*length = len;
6664 }
6665 
6666 static void
6667 ath11k_wmi_fw_pdev_rx_stats_fill(const struct ath11k_fw_stats_pdev *pdev,
6668 				 char *buf, u32 *length)
6669 {
6670 	u32 len = *length;
6671 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6672 
6673 	len += scnprintf(buf + len, buf_len - len, "\n%30s\n",
6674 			 "ath11k PDEV RX stats");
6675 	len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6676 			 "====================");
6677 
6678 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6679 			 "Mid PPDU route change",
6680 			 pdev->mid_ppdu_route_change);
6681 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6682 			 "Tot. number of statuses", pdev->status_rcvd);
6683 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6684 			 "Extra frags on rings 0", pdev->r0_frags);
6685 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6686 			 "Extra frags on rings 1", pdev->r1_frags);
6687 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6688 			 "Extra frags on rings 2", pdev->r2_frags);
6689 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6690 			 "Extra frags on rings 3", pdev->r3_frags);
6691 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6692 			 "MSDUs delivered to HTT", pdev->htt_msdus);
6693 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6694 			 "MPDUs delivered to HTT", pdev->htt_mpdus);
6695 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6696 			 "MSDUs delivered to stack", pdev->loc_msdus);
6697 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6698 			 "MPDUs delivered to stack", pdev->loc_mpdus);
6699 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6700 			 "Oversized AMSUs", pdev->oversize_amsdu);
6701 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6702 			 "PHY errors", pdev->phy_errs);
6703 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6704 			 "PHY errors drops", pdev->phy_err_drop);
6705 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6706 			 "MPDU errors (FCS, MIC, ENC)", pdev->mpdu_errs);
6707 	len += scnprintf(buf + len, buf_len - len, "%30s %10d\n",
6708 			 "Overflow errors", pdev->rx_ovfl_errs);
6709 	*length = len;
6710 }
6711 
6712 static void
6713 ath11k_wmi_fw_vdev_stats_fill(struct ath11k *ar,
6714 			      const struct ath11k_fw_stats_vdev *vdev,
6715 			      char *buf, u32 *length)
6716 {
6717 	u32 len = *length;
6718 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6719 	struct ath11k_vif *arvif = ath11k_mac_get_arvif(ar, vdev->vdev_id);
6720 	u8 *vif_macaddr;
6721 	int i;
6722 
6723 	/* VDEV stats has all the active VDEVs of other PDEVs as well,
6724 	 * ignoring those not part of requested PDEV
6725 	 */
6726 	if (!arvif)
6727 		return;
6728 
6729 	vif_macaddr = arvif->vif->addr;
6730 
6731 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6732 			 "VDEV ID", vdev->vdev_id);
6733 	len += scnprintf(buf + len, buf_len - len, "%30s %pM\n",
6734 			 "VDEV MAC address", vif_macaddr);
6735 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6736 			 "beacon snr", vdev->beacon_snr);
6737 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6738 			 "data snr", vdev->data_snr);
6739 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6740 			 "num rx frames", vdev->num_rx_frames);
6741 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6742 			 "num rts fail", vdev->num_rts_fail);
6743 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6744 			 "num rts success", vdev->num_rts_success);
6745 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6746 			 "num rx err", vdev->num_rx_err);
6747 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6748 			 "num rx discard", vdev->num_rx_discard);
6749 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6750 			 "num tx not acked", vdev->num_tx_not_acked);
6751 
6752 	for (i = 0 ; i < ARRAY_SIZE(vdev->num_tx_frames); i++)
6753 		len += scnprintf(buf + len, buf_len - len,
6754 				"%25s [%02d] %u\n",
6755 				"num tx frames", i,
6756 				vdev->num_tx_frames[i]);
6757 
6758 	for (i = 0 ; i < ARRAY_SIZE(vdev->num_tx_frames_retries); i++)
6759 		len += scnprintf(buf + len, buf_len - len,
6760 				"%25s [%02d] %u\n",
6761 				"num tx frames retries", i,
6762 				vdev->num_tx_frames_retries[i]);
6763 
6764 	for (i = 0 ; i < ARRAY_SIZE(vdev->num_tx_frames_failures); i++)
6765 		len += scnprintf(buf + len, buf_len - len,
6766 				"%25s [%02d] %u\n",
6767 				"num tx frames failures", i,
6768 				vdev->num_tx_frames_failures[i]);
6769 
6770 	for (i = 0 ; i < ARRAY_SIZE(vdev->tx_rate_history); i++)
6771 		len += scnprintf(buf + len, buf_len - len,
6772 				"%25s [%02d] 0x%08x\n",
6773 				"tx rate history", i,
6774 				vdev->tx_rate_history[i]);
6775 
6776 	for (i = 0 ; i < ARRAY_SIZE(vdev->beacon_rssi_history); i++)
6777 		len += scnprintf(buf + len, buf_len - len,
6778 				"%25s [%02d] %u\n",
6779 				"beacon rssi history", i,
6780 				vdev->beacon_rssi_history[i]);
6781 
6782 	len += scnprintf(buf + len, buf_len - len, "\n");
6783 	*length = len;
6784 }
6785 
6786 static void
6787 ath11k_wmi_fw_bcn_stats_fill(struct ath11k *ar,
6788 			     const struct ath11k_fw_stats_bcn *bcn,
6789 			     char *buf, u32 *length)
6790 {
6791 	u32 len = *length;
6792 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6793 	struct ath11k_vif *arvif = ath11k_mac_get_arvif(ar, bcn->vdev_id);
6794 	u8 *vdev_macaddr;
6795 
6796 	if (!arvif) {
6797 		ath11k_warn(ar->ab, "invalid vdev id %d in bcn stats",
6798 			    bcn->vdev_id);
6799 		return;
6800 	}
6801 
6802 	vdev_macaddr = arvif->vif->addr;
6803 
6804 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6805 			 "VDEV ID", bcn->vdev_id);
6806 	len += scnprintf(buf + len, buf_len - len, "%30s %pM\n",
6807 			 "VDEV MAC address", vdev_macaddr);
6808 	len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6809 			 "================");
6810 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6811 			 "Num of beacon tx success", bcn->tx_bcn_succ_cnt);
6812 	len += scnprintf(buf + len, buf_len - len, "%30s %u\n",
6813 			 "Num of beacon tx failures", bcn->tx_bcn_outage_cnt);
6814 
6815 	len += scnprintf(buf + len, buf_len - len, "\n");
6816 	*length = len;
6817 }
6818 
6819 void ath11k_wmi_fw_stats_fill(struct ath11k *ar,
6820 			      struct ath11k_fw_stats *fw_stats,
6821 			      u32 stats_id, char *buf)
6822 {
6823 	u32 len = 0;
6824 	u32 buf_len = ATH11K_FW_STATS_BUF_SIZE;
6825 	const struct ath11k_fw_stats_pdev *pdev;
6826 	const struct ath11k_fw_stats_vdev *vdev;
6827 	const struct ath11k_fw_stats_bcn *bcn;
6828 	size_t num_bcn;
6829 
6830 	spin_lock_bh(&ar->data_lock);
6831 
6832 	if (stats_id == WMI_REQUEST_PDEV_STAT) {
6833 		pdev = list_first_entry_or_null(&fw_stats->pdevs,
6834 						struct ath11k_fw_stats_pdev, list);
6835 		if (!pdev) {
6836 			ath11k_warn(ar->ab, "failed to get pdev stats\n");
6837 			goto unlock;
6838 		}
6839 
6840 		ath11k_wmi_fw_pdev_base_stats_fill(pdev, buf, &len);
6841 		ath11k_wmi_fw_pdev_tx_stats_fill(pdev, buf, &len);
6842 		ath11k_wmi_fw_pdev_rx_stats_fill(pdev, buf, &len);
6843 	}
6844 
6845 	if (stats_id == WMI_REQUEST_VDEV_STAT) {
6846 		len += scnprintf(buf + len, buf_len - len, "\n");
6847 		len += scnprintf(buf + len, buf_len - len, "%30s\n",
6848 				 "ath11k VDEV stats");
6849 		len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6850 				 "=================");
6851 
6852 		list_for_each_entry(vdev, &fw_stats->vdevs, list)
6853 			ath11k_wmi_fw_vdev_stats_fill(ar, vdev, buf, &len);
6854 	}
6855 
6856 	if (stats_id == WMI_REQUEST_BCN_STAT) {
6857 		num_bcn = ath11k_wmi_fw_stats_num_bcn(&fw_stats->bcn);
6858 
6859 		len += scnprintf(buf + len, buf_len - len, "\n");
6860 		len += scnprintf(buf + len, buf_len - len, "%30s (%zu)\n",
6861 				 "ath11k Beacon stats", num_bcn);
6862 		len += scnprintf(buf + len, buf_len - len, "%30s\n\n",
6863 				 "===================");
6864 
6865 		list_for_each_entry(bcn, &fw_stats->bcn, list)
6866 			ath11k_wmi_fw_bcn_stats_fill(ar, bcn, buf, &len);
6867 	}
6868 
6869 unlock:
6870 	spin_unlock_bh(&ar->data_lock);
6871 
6872 	if (len >= buf_len)
6873 		buf[len - 1] = 0;
6874 	else
6875 		buf[len] = 0;
6876 }
6877 
6878 static void ath11k_wmi_op_ep_tx_credits(struct ath11k_base *ab)
6879 {
6880 	/* try to send pending beacons first. they take priority */
6881 	wake_up(&ab->wmi_ab.tx_credits_wq);
6882 }
6883 
6884 static int ath11k_reg_11d_new_cc_event(struct ath11k_base *ab, struct sk_buff *skb)
6885 {
6886 	const struct wmi_11d_new_cc_ev *ev;
6887 	struct ath11k *ar;
6888 	struct ath11k_pdev *pdev;
6889 	const void **tb;
6890 	int ret, i;
6891 
6892 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6893 	if (IS_ERR(tb)) {
6894 		ret = PTR_ERR(tb);
6895 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
6896 		return ret;
6897 	}
6898 
6899 	ev = tb[WMI_TAG_11D_NEW_COUNTRY_EVENT];
6900 	if (!ev) {
6901 		kfree(tb);
6902 		ath11k_warn(ab, "failed to fetch 11d new cc ev");
6903 		return -EPROTO;
6904 	}
6905 
6906 	spin_lock_bh(&ab->base_lock);
6907 	memcpy(&ab->new_alpha2, &ev->new_alpha2, 2);
6908 	spin_unlock_bh(&ab->base_lock);
6909 
6910 	ath11k_dbg(ab, ATH11K_DBG_WMI, "wmi 11d new cc %c%c\n",
6911 		   ab->new_alpha2[0],
6912 		   ab->new_alpha2[1]);
6913 
6914 	kfree(tb);
6915 
6916 	for (i = 0; i < ab->num_radios; i++) {
6917 		pdev = &ab->pdevs[i];
6918 		ar = pdev->ar;
6919 		ar->state_11d = ATH11K_11D_IDLE;
6920 		complete(&ar->completed_11d_scan);
6921 	}
6922 
6923 	queue_work(ab->workqueue, &ab->update_11d_work);
6924 
6925 	return 0;
6926 }
6927 
6928 static void ath11k_wmi_htc_tx_complete(struct ath11k_base *ab,
6929 				       struct sk_buff *skb)
6930 {
6931 	struct ath11k_pdev_wmi *wmi = NULL;
6932 	u32 i;
6933 	u8 wmi_ep_count;
6934 	u8 eid;
6935 
6936 	eid = ATH11K_SKB_CB(skb)->eid;
6937 	dev_kfree_skb(skb);
6938 
6939 	if (eid >= ATH11K_HTC_EP_COUNT)
6940 		return;
6941 
6942 	wmi_ep_count = ab->htc.wmi_ep_count;
6943 	if (wmi_ep_count > ab->hw_params.max_radios)
6944 		return;
6945 
6946 	for (i = 0; i < ab->htc.wmi_ep_count; i++) {
6947 		if (ab->wmi_ab.wmi[i].eid == eid) {
6948 			wmi = &ab->wmi_ab.wmi[i];
6949 			break;
6950 		}
6951 	}
6952 
6953 	if (wmi)
6954 		wake_up(&wmi->tx_ce_desc_wq);
6955 }
6956 
6957 static bool ath11k_reg_is_world_alpha(char *alpha)
6958 {
6959 	if (alpha[0] == '0' && alpha[1] == '0')
6960 		return true;
6961 
6962 	if (alpha[0] == 'n' && alpha[1] == 'a')
6963 		return true;
6964 
6965 	return false;
6966 }
6967 
6968 static int ath11k_reg_chan_list_event(struct ath11k_base *ab,
6969 				      struct sk_buff *skb,
6970 				      enum wmi_reg_chan_list_cmd_type id)
6971 {
6972 	struct cur_regulatory_info *reg_info = NULL;
6973 	struct ieee80211_regdomain *regd = NULL;
6974 	bool intersect = false;
6975 	int ret = 0, pdev_idx, i, j;
6976 	struct ath11k *ar;
6977 
6978 	reg_info = kzalloc(sizeof(*reg_info), GFP_ATOMIC);
6979 	if (!reg_info) {
6980 		ret = -ENOMEM;
6981 		goto fallback;
6982 	}
6983 
6984 	if (id == WMI_REG_CHAN_LIST_CC_ID)
6985 		ret = ath11k_pull_reg_chan_list_update_ev(ab, skb, reg_info);
6986 	else
6987 		ret = ath11k_pull_reg_chan_list_ext_update_ev(ab, skb, reg_info);
6988 
6989 	if (ret) {
6990 		ath11k_warn(ab, "failed to extract regulatory info from received event\n");
6991 		goto fallback;
6992 	}
6993 
6994 	if (reg_info->status_code != REG_SET_CC_STATUS_PASS) {
6995 		/* In case of failure to set the requested ctry,
6996 		 * fw retains the current regd. We print a failure info
6997 		 * and return from here.
6998 		 */
6999 		ath11k_warn(ab, "Failed to set the requested Country regulatory setting\n");
7000 		goto mem_free;
7001 	}
7002 
7003 	pdev_idx = reg_info->phy_id;
7004 
7005 	/* Avoid default reg rule updates sent during FW recovery if
7006 	 * it is already available
7007 	 */
7008 	spin_lock(&ab->base_lock);
7009 	if (test_bit(ATH11K_FLAG_RECOVERY, &ab->dev_flags) &&
7010 	    ab->default_regd[pdev_idx]) {
7011 		spin_unlock(&ab->base_lock);
7012 		goto mem_free;
7013 	}
7014 	spin_unlock(&ab->base_lock);
7015 
7016 	if (pdev_idx >= ab->num_radios) {
7017 		/* Process the event for phy0 only if single_pdev_only
7018 		 * is true. If pdev_idx is valid but not 0, discard the
7019 		 * event. Otherwise, it goes to fallback.
7020 		 */
7021 		if (ab->hw_params.single_pdev_only &&
7022 		    pdev_idx < ab->hw_params.num_rxmda_per_pdev)
7023 			goto mem_free;
7024 		else
7025 			goto fallback;
7026 	}
7027 
7028 	/* Avoid multiple overwrites to default regd, during core
7029 	 * stop-start after mac registration.
7030 	 */
7031 	if (ab->default_regd[pdev_idx] && !ab->new_regd[pdev_idx] &&
7032 	    !memcmp((char *)ab->default_regd[pdev_idx]->alpha2,
7033 		    (char *)reg_info->alpha2, 2))
7034 		goto mem_free;
7035 
7036 	/* Intersect new rules with default regd if a new country setting was
7037 	 * requested, i.e a default regd was already set during initialization
7038 	 * and the regd coming from this event has a valid country info.
7039 	 */
7040 	if (ab->default_regd[pdev_idx] &&
7041 	    !ath11k_reg_is_world_alpha((char *)
7042 		ab->default_regd[pdev_idx]->alpha2) &&
7043 	    !ath11k_reg_is_world_alpha((char *)reg_info->alpha2))
7044 		intersect = true;
7045 
7046 	regd = ath11k_reg_build_regd(ab, reg_info, intersect);
7047 	if (!regd) {
7048 		ath11k_warn(ab, "failed to build regd from reg_info\n");
7049 		goto fallback;
7050 	}
7051 
7052 	spin_lock(&ab->base_lock);
7053 	if (ab->default_regd[pdev_idx]) {
7054 		/* The initial rules from FW after WMI Init is to build
7055 		 * the default regd. From then on, any rules updated for
7056 		 * the pdev could be due to user reg changes.
7057 		 * Free previously built regd before assigning the newly
7058 		 * generated regd to ar. NULL pointer handling will be
7059 		 * taken care by kfree itself.
7060 		 */
7061 		ar = ab->pdevs[pdev_idx].ar;
7062 		kfree(ab->new_regd[pdev_idx]);
7063 		ab->new_regd[pdev_idx] = regd;
7064 		queue_work(ab->workqueue, &ar->regd_update_work);
7065 	} else {
7066 		/* This regd would be applied during mac registration and is
7067 		 * held constant throughout for regd intersection purpose
7068 		 */
7069 		ab->default_regd[pdev_idx] = regd;
7070 	}
7071 	ab->dfs_region = reg_info->dfs_region;
7072 	spin_unlock(&ab->base_lock);
7073 
7074 	goto mem_free;
7075 
7076 fallback:
7077 	/* Fallback to older reg (by sending previous country setting
7078 	 * again if fw has succeeded and we failed to process here.
7079 	 * The Regdomain should be uniform across driver and fw. Since the
7080 	 * FW has processed the command and sent a success status, we expect
7081 	 * this function to succeed as well. If it doesn't, CTRY needs to be
7082 	 * reverted at the fw and the old SCAN_CHAN_LIST cmd needs to be sent.
7083 	 */
7084 	/* TODO: This is rare, but still should also be handled */
7085 	WARN_ON(1);
7086 mem_free:
7087 	if (reg_info) {
7088 		kfree(reg_info->reg_rules_2ghz_ptr);
7089 		kfree(reg_info->reg_rules_5ghz_ptr);
7090 		if (reg_info->is_ext_reg_event) {
7091 			for (i = 0; i < WMI_REG_CURRENT_MAX_AP_TYPE; i++)
7092 				kfree(reg_info->reg_rules_6ghz_ap_ptr[i]);
7093 
7094 			for (j = 0; j < WMI_REG_CURRENT_MAX_AP_TYPE; j++)
7095 				for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++)
7096 					kfree(reg_info->reg_rules_6ghz_client_ptr[j][i]);
7097 		}
7098 		kfree(reg_info);
7099 	}
7100 	return ret;
7101 }
7102 
7103 static int ath11k_wmi_tlv_rdy_parse(struct ath11k_base *ab, u16 tag, u16 len,
7104 				    const void *ptr, void *data)
7105 {
7106 	struct wmi_tlv_rdy_parse *rdy_parse = data;
7107 	struct wmi_ready_event fixed_param;
7108 	struct wmi_mac_addr *addr_list;
7109 	struct ath11k_pdev *pdev;
7110 	u32 num_mac_addr;
7111 	int i;
7112 
7113 	switch (tag) {
7114 	case WMI_TAG_READY_EVENT:
7115 		memset(&fixed_param, 0, sizeof(fixed_param));
7116 		memcpy(&fixed_param, (struct wmi_ready_event *)ptr,
7117 		       min_t(u16, sizeof(fixed_param), len));
7118 		ab->wlan_init_status = fixed_param.ready_event_min.status;
7119 		rdy_parse->num_extra_mac_addr =
7120 			fixed_param.ready_event_min.num_extra_mac_addr;
7121 
7122 		ether_addr_copy(ab->mac_addr,
7123 				fixed_param.ready_event_min.mac_addr.addr);
7124 		ab->pktlog_defs_checksum = fixed_param.pktlog_defs_checksum;
7125 		ab->wmi_ready = true;
7126 		break;
7127 	case WMI_TAG_ARRAY_FIXED_STRUCT:
7128 		addr_list = (struct wmi_mac_addr *)ptr;
7129 		num_mac_addr = rdy_parse->num_extra_mac_addr;
7130 
7131 		if (!(ab->num_radios > 1 && num_mac_addr >= ab->num_radios))
7132 			break;
7133 
7134 		for (i = 0; i < ab->num_radios; i++) {
7135 			pdev = &ab->pdevs[i];
7136 			ether_addr_copy(pdev->mac_addr, addr_list[i].addr);
7137 		}
7138 		ab->pdevs_macaddr_valid = true;
7139 		break;
7140 	default:
7141 		break;
7142 	}
7143 
7144 	return 0;
7145 }
7146 
7147 static int ath11k_ready_event(struct ath11k_base *ab, struct sk_buff *skb)
7148 {
7149 	struct wmi_tlv_rdy_parse rdy_parse = { };
7150 	int ret;
7151 
7152 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
7153 				  ath11k_wmi_tlv_rdy_parse, &rdy_parse);
7154 	if (ret) {
7155 		ath11k_warn(ab, "failed to parse tlv %d\n", ret);
7156 		return ret;
7157 	}
7158 
7159 	complete(&ab->wmi_ab.unified_ready);
7160 	return 0;
7161 }
7162 
7163 static void ath11k_peer_delete_resp_event(struct ath11k_base *ab, struct sk_buff *skb)
7164 {
7165 	struct wmi_peer_delete_resp_event peer_del_resp;
7166 	struct ath11k *ar;
7167 
7168 	if (ath11k_pull_peer_del_resp_ev(ab, skb, &peer_del_resp) != 0) {
7169 		ath11k_warn(ab, "failed to extract peer delete resp");
7170 		return;
7171 	}
7172 
7173 	rcu_read_lock();
7174 	ar = ath11k_mac_get_ar_by_vdev_id(ab, peer_del_resp.vdev_id);
7175 	if (!ar) {
7176 		ath11k_warn(ab, "invalid vdev id in peer delete resp ev %d",
7177 			    peer_del_resp.vdev_id);
7178 		rcu_read_unlock();
7179 		return;
7180 	}
7181 
7182 	complete(&ar->peer_delete_done);
7183 	rcu_read_unlock();
7184 	ath11k_dbg(ab, ATH11K_DBG_WMI, "peer delete resp for vdev id %d addr %pM\n",
7185 		   peer_del_resp.vdev_id, peer_del_resp.peer_macaddr.addr);
7186 }
7187 
7188 static void ath11k_vdev_delete_resp_event(struct ath11k_base *ab,
7189 					  struct sk_buff *skb)
7190 {
7191 	struct ath11k *ar;
7192 	u32 vdev_id = 0;
7193 
7194 	if (ath11k_pull_vdev_del_resp_ev(ab, skb, &vdev_id) != 0) {
7195 		ath11k_warn(ab, "failed to extract vdev delete resp");
7196 		return;
7197 	}
7198 
7199 	rcu_read_lock();
7200 	ar = ath11k_mac_get_ar_by_vdev_id(ab, vdev_id);
7201 	if (!ar) {
7202 		ath11k_warn(ab, "invalid vdev id in vdev delete resp ev %d",
7203 			    vdev_id);
7204 		rcu_read_unlock();
7205 		return;
7206 	}
7207 
7208 	complete(&ar->vdev_delete_done);
7209 
7210 	rcu_read_unlock();
7211 
7212 	ath11k_dbg(ab, ATH11K_DBG_WMI, "vdev delete resp for vdev id %d\n",
7213 		   vdev_id);
7214 }
7215 
7216 static inline const char *ath11k_wmi_vdev_resp_print(u32 vdev_resp_status)
7217 {
7218 	switch (vdev_resp_status) {
7219 	case WMI_VDEV_START_RESPONSE_INVALID_VDEVID:
7220 		return "invalid vdev id";
7221 	case WMI_VDEV_START_RESPONSE_NOT_SUPPORTED:
7222 		return "not supported";
7223 	case WMI_VDEV_START_RESPONSE_DFS_VIOLATION:
7224 		return "dfs violation";
7225 	case WMI_VDEV_START_RESPONSE_INVALID_REGDOMAIN:
7226 		return "invalid regdomain";
7227 	default:
7228 		return "unknown";
7229 	}
7230 }
7231 
7232 static void ath11k_vdev_start_resp_event(struct ath11k_base *ab, struct sk_buff *skb)
7233 {
7234 	struct wmi_vdev_start_resp_event vdev_start_resp;
7235 	struct ath11k *ar;
7236 	u32 status;
7237 
7238 	if (ath11k_pull_vdev_start_resp_tlv(ab, skb, &vdev_start_resp) != 0) {
7239 		ath11k_warn(ab, "failed to extract vdev start resp");
7240 		return;
7241 	}
7242 
7243 	rcu_read_lock();
7244 	ar = ath11k_mac_get_ar_by_vdev_id(ab, vdev_start_resp.vdev_id);
7245 	if (!ar) {
7246 		ath11k_warn(ab, "invalid vdev id in vdev start resp ev %d",
7247 			    vdev_start_resp.vdev_id);
7248 		rcu_read_unlock();
7249 		return;
7250 	}
7251 
7252 	ar->last_wmi_vdev_start_status = 0;
7253 
7254 	status = vdev_start_resp.status;
7255 
7256 	if (WARN_ON_ONCE(status)) {
7257 		ath11k_warn(ab, "vdev start resp error status %d (%s)\n",
7258 			    status, ath11k_wmi_vdev_resp_print(status));
7259 		ar->last_wmi_vdev_start_status = status;
7260 	}
7261 
7262 	complete(&ar->vdev_setup_done);
7263 
7264 	rcu_read_unlock();
7265 
7266 	ath11k_dbg(ab, ATH11K_DBG_WMI, "vdev start resp for vdev id %d",
7267 		   vdev_start_resp.vdev_id);
7268 }
7269 
7270 static void ath11k_bcn_tx_status_event(struct ath11k_base *ab, struct sk_buff *skb)
7271 {
7272 	struct ath11k_vif *arvif;
7273 	u32 vdev_id, tx_status;
7274 
7275 	if (ath11k_pull_bcn_tx_status_ev(ab, skb->data, skb->len,
7276 					 &vdev_id, &tx_status) != 0) {
7277 		ath11k_warn(ab, "failed to extract bcn tx status");
7278 		return;
7279 	}
7280 
7281 	rcu_read_lock();
7282 	arvif = ath11k_mac_get_arvif_by_vdev_id(ab, vdev_id);
7283 	if (!arvif) {
7284 		ath11k_warn(ab, "invalid vdev id %d in bcn_tx_status",
7285 			    vdev_id);
7286 		rcu_read_unlock();
7287 		return;
7288 	}
7289 	ath11k_mac_bcn_tx_event(arvif);
7290 	rcu_read_unlock();
7291 }
7292 
7293 static void ath11k_wmi_event_peer_sta_ps_state_chg(struct ath11k_base *ab,
7294 						   struct sk_buff *skb)
7295 {
7296 	const struct wmi_peer_sta_ps_state_chg_event *ev;
7297 	struct ieee80211_sta *sta;
7298 	struct ath11k_peer *peer;
7299 	struct ath11k *ar;
7300 	struct ath11k_sta *arsta;
7301 	const void **tb;
7302 	enum ath11k_wmi_peer_ps_state peer_previous_ps_state;
7303 	int ret;
7304 
7305 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
7306 	if (IS_ERR(tb)) {
7307 		ret = PTR_ERR(tb);
7308 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
7309 		return;
7310 	}
7311 
7312 	ev = tb[WMI_TAG_PEER_STA_PS_STATECHANGE_EVENT];
7313 	if (!ev) {
7314 		ath11k_warn(ab, "failed to fetch sta ps change ev");
7315 		kfree(tb);
7316 		return;
7317 	}
7318 
7319 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7320 		   "peer sta ps change ev addr %pM state %u sup_bitmap %x ps_valid %u ts %u\n",
7321 		   ev->peer_macaddr.addr, ev->peer_ps_state,
7322 		   ev->ps_supported_bitmap, ev->peer_ps_valid,
7323 		   ev->peer_ps_timestamp);
7324 
7325 	rcu_read_lock();
7326 
7327 	spin_lock_bh(&ab->base_lock);
7328 
7329 	peer = ath11k_peer_find_by_addr(ab, ev->peer_macaddr.addr);
7330 
7331 	if (!peer) {
7332 		spin_unlock_bh(&ab->base_lock);
7333 		ath11k_warn(ab, "peer not found %pM\n", ev->peer_macaddr.addr);
7334 		goto exit;
7335 	}
7336 
7337 	ar = ath11k_mac_get_ar_by_vdev_id(ab, peer->vdev_id);
7338 
7339 	if (!ar) {
7340 		spin_unlock_bh(&ab->base_lock);
7341 		ath11k_warn(ab, "invalid vdev id in peer sta ps state change ev %d",
7342 			    peer->vdev_id);
7343 
7344 		goto exit;
7345 	}
7346 
7347 	sta = peer->sta;
7348 
7349 	spin_unlock_bh(&ab->base_lock);
7350 
7351 	if (!sta) {
7352 		ath11k_warn(ab, "failed to find station entry %pM\n",
7353 			    ev->peer_macaddr.addr);
7354 		goto exit;
7355 	}
7356 
7357 	arsta = (struct ath11k_sta *)sta->drv_priv;
7358 
7359 	spin_lock_bh(&ar->data_lock);
7360 
7361 	peer_previous_ps_state = arsta->peer_ps_state;
7362 	arsta->peer_ps_state = ev->peer_ps_state;
7363 	arsta->peer_current_ps_valid = !!ev->peer_ps_valid;
7364 
7365 	if (test_bit(WMI_TLV_SERVICE_PEER_POWER_SAVE_DURATION_SUPPORT,
7366 		     ar->ab->wmi_ab.svc_map)) {
7367 		if (!(ev->ps_supported_bitmap & WMI_PEER_PS_VALID) ||
7368 		    !(ev->ps_supported_bitmap & WMI_PEER_PS_STATE_TIMESTAMP) ||
7369 		    !ev->peer_ps_valid)
7370 			goto out;
7371 
7372 		if (arsta->peer_ps_state == WMI_PEER_PS_STATE_ON) {
7373 			arsta->ps_start_time = ev->peer_ps_timestamp;
7374 			arsta->ps_start_jiffies = jiffies;
7375 		} else if (arsta->peer_ps_state == WMI_PEER_PS_STATE_OFF &&
7376 			   peer_previous_ps_state == WMI_PEER_PS_STATE_ON) {
7377 			arsta->ps_total_duration = arsta->ps_total_duration +
7378 					(ev->peer_ps_timestamp - arsta->ps_start_time);
7379 		}
7380 
7381 		if (ar->ps_timekeeper_enable)
7382 			trace_ath11k_ps_timekeeper(ar, ev->peer_macaddr.addr,
7383 						   ev->peer_ps_timestamp,
7384 						   arsta->peer_ps_state);
7385 	}
7386 
7387 out:
7388 	spin_unlock_bh(&ar->data_lock);
7389 exit:
7390 	rcu_read_unlock();
7391 	kfree(tb);
7392 }
7393 
7394 static void ath11k_vdev_stopped_event(struct ath11k_base *ab, struct sk_buff *skb)
7395 {
7396 	struct ath11k *ar;
7397 	u32 vdev_id = 0;
7398 
7399 	if (ath11k_pull_vdev_stopped_param_tlv(ab, skb, &vdev_id) != 0) {
7400 		ath11k_warn(ab, "failed to extract vdev stopped event");
7401 		return;
7402 	}
7403 
7404 	rcu_read_lock();
7405 	ar = ath11k_mac_get_ar_by_vdev_id(ab, vdev_id);
7406 	if (!ar) {
7407 		ath11k_warn(ab, "invalid vdev id in vdev stopped ev %d",
7408 			    vdev_id);
7409 		rcu_read_unlock();
7410 		return;
7411 	}
7412 
7413 	complete(&ar->vdev_setup_done);
7414 
7415 	rcu_read_unlock();
7416 
7417 	ath11k_dbg(ab, ATH11K_DBG_WMI, "vdev stopped for vdev id %d", vdev_id);
7418 }
7419 
7420 static void ath11k_mgmt_rx_event(struct ath11k_base *ab, struct sk_buff *skb)
7421 {
7422 	struct mgmt_rx_event_params rx_ev = {0};
7423 	struct ath11k *ar;
7424 	struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
7425 	struct ieee80211_hdr *hdr;
7426 	u16 fc;
7427 	struct ieee80211_supported_band *sband;
7428 
7429 	if (ath11k_pull_mgmt_rx_params_tlv(ab, skb, &rx_ev) != 0) {
7430 		ath11k_warn(ab, "failed to extract mgmt rx event");
7431 		dev_kfree_skb(skb);
7432 		return;
7433 	}
7434 
7435 	memset(status, 0, sizeof(*status));
7436 
7437 	ath11k_dbg(ab, ATH11K_DBG_MGMT, "mgmt rx event status %08x\n",
7438 		   rx_ev.status);
7439 
7440 	rcu_read_lock();
7441 	ar = ath11k_mac_get_ar_by_pdev_id(ab, rx_ev.pdev_id);
7442 
7443 	if (!ar) {
7444 		ath11k_warn(ab, "invalid pdev_id %d in mgmt_rx_event\n",
7445 			    rx_ev.pdev_id);
7446 		dev_kfree_skb(skb);
7447 		goto exit;
7448 	}
7449 
7450 	if ((test_bit(ATH11K_CAC_RUNNING, &ar->dev_flags)) ||
7451 	    (rx_ev.status & (WMI_RX_STATUS_ERR_DECRYPT |
7452 	    WMI_RX_STATUS_ERR_KEY_CACHE_MISS | WMI_RX_STATUS_ERR_CRC))) {
7453 		dev_kfree_skb(skb);
7454 		goto exit;
7455 	}
7456 
7457 	if (rx_ev.status & WMI_RX_STATUS_ERR_MIC)
7458 		status->flag |= RX_FLAG_MMIC_ERROR;
7459 
7460 	if (rx_ev.chan_freq >= ATH11K_MIN_6G_FREQ &&
7461 	    rx_ev.chan_freq <= ATH11K_MAX_6G_FREQ) {
7462 		status->band = NL80211_BAND_6GHZ;
7463 		status->freq = rx_ev.chan_freq;
7464 	} else if (rx_ev.channel >= 1 && rx_ev.channel <= 14) {
7465 		status->band = NL80211_BAND_2GHZ;
7466 	} else if (rx_ev.channel >= 36 && rx_ev.channel <= ATH11K_MAX_5G_CHAN) {
7467 		status->band = NL80211_BAND_5GHZ;
7468 	} else {
7469 		/* Shouldn't happen unless list of advertised channels to
7470 		 * mac80211 has been changed.
7471 		 */
7472 		WARN_ON_ONCE(1);
7473 		dev_kfree_skb(skb);
7474 		goto exit;
7475 	}
7476 
7477 	if (rx_ev.phy_mode == MODE_11B &&
7478 	    (status->band == NL80211_BAND_5GHZ || status->band == NL80211_BAND_6GHZ))
7479 		ath11k_dbg(ab, ATH11K_DBG_WMI,
7480 			   "wmi mgmt rx 11b (CCK) on 5/6GHz, band = %d\n", status->band);
7481 
7482 	sband = &ar->mac.sbands[status->band];
7483 
7484 	if (status->band != NL80211_BAND_6GHZ)
7485 		status->freq = ieee80211_channel_to_frequency(rx_ev.channel,
7486 							      status->band);
7487 
7488 	status->signal = rx_ev.snr + ATH11K_DEFAULT_NOISE_FLOOR;
7489 	status->rate_idx = ath11k_mac_bitrate_to_idx(sband, rx_ev.rate / 100);
7490 
7491 	hdr = (struct ieee80211_hdr *)skb->data;
7492 	fc = le16_to_cpu(hdr->frame_control);
7493 
7494 	/* Firmware is guaranteed to report all essential management frames via
7495 	 * WMI while it can deliver some extra via HTT. Since there can be
7496 	 * duplicates split the reporting wrt monitor/sniffing.
7497 	 */
7498 	status->flag |= RX_FLAG_SKIP_MONITOR;
7499 
7500 	/* In case of PMF, FW delivers decrypted frames with Protected Bit set.
7501 	 * Don't clear that. Also, FW delivers broadcast management frames
7502 	 * (ex: group privacy action frames in mesh) as encrypted payload.
7503 	 */
7504 	if (ieee80211_has_protected(hdr->frame_control) &&
7505 	    !is_multicast_ether_addr(ieee80211_get_DA(hdr))) {
7506 		status->flag |= RX_FLAG_DECRYPTED;
7507 
7508 		if (!ieee80211_is_robust_mgmt_frame(skb)) {
7509 			status->flag |= RX_FLAG_IV_STRIPPED |
7510 					RX_FLAG_MMIC_STRIPPED;
7511 			hdr->frame_control = __cpu_to_le16(fc &
7512 					     ~IEEE80211_FCTL_PROTECTED);
7513 		}
7514 	}
7515 
7516 	if (ieee80211_is_beacon(hdr->frame_control))
7517 		ath11k_mac_handle_beacon(ar, skb);
7518 
7519 	ath11k_dbg(ab, ATH11K_DBG_MGMT,
7520 		   "event mgmt rx skb %pK len %d ftype %02x stype %02x\n",
7521 		   skb, skb->len,
7522 		   fc & IEEE80211_FCTL_FTYPE, fc & IEEE80211_FCTL_STYPE);
7523 
7524 	ath11k_dbg(ab, ATH11K_DBG_MGMT,
7525 		   "event mgmt rx freq %d band %d snr %d, rate_idx %d\n",
7526 		   status->freq, status->band, status->signal,
7527 		   status->rate_idx);
7528 
7529 	ieee80211_rx_ni(ar->hw, skb);
7530 
7531 exit:
7532 	rcu_read_unlock();
7533 }
7534 
7535 static void ath11k_mgmt_tx_compl_event(struct ath11k_base *ab, struct sk_buff *skb)
7536 {
7537 	struct wmi_mgmt_tx_compl_event tx_compl_param = {0};
7538 	struct ath11k *ar;
7539 
7540 	if (ath11k_pull_mgmt_tx_compl_param_tlv(ab, skb, &tx_compl_param) != 0) {
7541 		ath11k_warn(ab, "failed to extract mgmt tx compl event");
7542 		return;
7543 	}
7544 
7545 	rcu_read_lock();
7546 	ar = ath11k_mac_get_ar_by_pdev_id(ab, tx_compl_param.pdev_id);
7547 	if (!ar) {
7548 		ath11k_warn(ab, "invalid pdev id %d in mgmt_tx_compl_event\n",
7549 			    tx_compl_param.pdev_id);
7550 		goto exit;
7551 	}
7552 
7553 	wmi_process_mgmt_tx_comp(ar, &tx_compl_param);
7554 
7555 	ath11k_dbg(ab, ATH11K_DBG_MGMT,
7556 		   "mgmt tx compl ev pdev_id %d, desc_id %d, status %d ack_rssi %d",
7557 		   tx_compl_param.pdev_id, tx_compl_param.desc_id,
7558 		   tx_compl_param.status, tx_compl_param.ack_rssi);
7559 
7560 exit:
7561 	rcu_read_unlock();
7562 }
7563 
7564 static struct ath11k *ath11k_get_ar_on_scan_state(struct ath11k_base *ab,
7565 						  u32 vdev_id,
7566 						  enum ath11k_scan_state state)
7567 {
7568 	int i;
7569 	struct ath11k_pdev *pdev;
7570 	struct ath11k *ar;
7571 
7572 	for (i = 0; i < ab->num_radios; i++) {
7573 		pdev = rcu_dereference(ab->pdevs_active[i]);
7574 		if (pdev && pdev->ar) {
7575 			ar = pdev->ar;
7576 
7577 			spin_lock_bh(&ar->data_lock);
7578 			if (ar->scan.state == state &&
7579 			    ar->scan.vdev_id == vdev_id) {
7580 				spin_unlock_bh(&ar->data_lock);
7581 				return ar;
7582 			}
7583 			spin_unlock_bh(&ar->data_lock);
7584 		}
7585 	}
7586 	return NULL;
7587 }
7588 
7589 static void ath11k_scan_event(struct ath11k_base *ab, struct sk_buff *skb)
7590 {
7591 	struct ath11k *ar;
7592 	struct wmi_scan_event scan_ev = {0};
7593 
7594 	if (ath11k_pull_scan_ev(ab, skb, &scan_ev) != 0) {
7595 		ath11k_warn(ab, "failed to extract scan event");
7596 		return;
7597 	}
7598 
7599 	rcu_read_lock();
7600 
7601 	/* In case the scan was cancelled, ex. during interface teardown,
7602 	 * the interface will not be found in active interfaces.
7603 	 * Rather, in such scenarios, iterate over the active pdev's to
7604 	 * search 'ar' if the corresponding 'ar' scan is ABORTING and the
7605 	 * aborting scan's vdev id matches this event info.
7606 	 */
7607 	if (scan_ev.event_type == WMI_SCAN_EVENT_COMPLETED &&
7608 	    scan_ev.reason == WMI_SCAN_REASON_CANCELLED) {
7609 		ar = ath11k_get_ar_on_scan_state(ab, scan_ev.vdev_id,
7610 						 ATH11K_SCAN_ABORTING);
7611 		if (!ar)
7612 			ar = ath11k_get_ar_on_scan_state(ab, scan_ev.vdev_id,
7613 							 ATH11K_SCAN_RUNNING);
7614 	} else {
7615 		ar = ath11k_mac_get_ar_by_vdev_id(ab, scan_ev.vdev_id);
7616 	}
7617 
7618 	if (!ar) {
7619 		ath11k_warn(ab, "Received scan event for unknown vdev");
7620 		rcu_read_unlock();
7621 		return;
7622 	}
7623 
7624 	spin_lock_bh(&ar->data_lock);
7625 
7626 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7627 		   "scan event %s type %d reason %d freq %d req_id %d scan_id %d vdev_id %d state %s (%d)\n",
7628 		   ath11k_wmi_event_scan_type_str(scan_ev.event_type, scan_ev.reason),
7629 		   scan_ev.event_type, scan_ev.reason, scan_ev.channel_freq,
7630 		   scan_ev.scan_req_id, scan_ev.scan_id, scan_ev.vdev_id,
7631 		   ath11k_scan_state_str(ar->scan.state), ar->scan.state);
7632 
7633 	switch (scan_ev.event_type) {
7634 	case WMI_SCAN_EVENT_STARTED:
7635 		ath11k_wmi_event_scan_started(ar);
7636 		break;
7637 	case WMI_SCAN_EVENT_COMPLETED:
7638 		ath11k_wmi_event_scan_completed(ar);
7639 		break;
7640 	case WMI_SCAN_EVENT_BSS_CHANNEL:
7641 		ath11k_wmi_event_scan_bss_chan(ar);
7642 		break;
7643 	case WMI_SCAN_EVENT_FOREIGN_CHAN:
7644 		ath11k_wmi_event_scan_foreign_chan(ar, scan_ev.channel_freq);
7645 		break;
7646 	case WMI_SCAN_EVENT_START_FAILED:
7647 		ath11k_warn(ab, "received scan start failure event\n");
7648 		ath11k_wmi_event_scan_start_failed(ar);
7649 		break;
7650 	case WMI_SCAN_EVENT_DEQUEUED:
7651 		__ath11k_mac_scan_finish(ar);
7652 		break;
7653 	case WMI_SCAN_EVENT_PREEMPTED:
7654 	case WMI_SCAN_EVENT_RESTARTED:
7655 	case WMI_SCAN_EVENT_FOREIGN_CHAN_EXIT:
7656 	default:
7657 		break;
7658 	}
7659 
7660 	spin_unlock_bh(&ar->data_lock);
7661 
7662 	rcu_read_unlock();
7663 }
7664 
7665 static void ath11k_peer_sta_kickout_event(struct ath11k_base *ab, struct sk_buff *skb)
7666 {
7667 	struct wmi_peer_sta_kickout_arg arg = {};
7668 	struct ieee80211_sta *sta;
7669 	struct ath11k_peer *peer;
7670 	struct ath11k *ar;
7671 	u32 vdev_id;
7672 
7673 	if (ath11k_pull_peer_sta_kickout_ev(ab, skb, &arg) != 0) {
7674 		ath11k_warn(ab, "failed to extract peer sta kickout event");
7675 		return;
7676 	}
7677 
7678 	rcu_read_lock();
7679 
7680 	spin_lock_bh(&ab->base_lock);
7681 
7682 	peer = ath11k_peer_find_by_addr(ab, arg.mac_addr);
7683 
7684 	if (!peer) {
7685 		ath11k_warn(ab, "peer not found %pM\n",
7686 			    arg.mac_addr);
7687 		spin_unlock_bh(&ab->base_lock);
7688 		goto exit;
7689 	}
7690 
7691 	vdev_id = peer->vdev_id;
7692 
7693 	spin_unlock_bh(&ab->base_lock);
7694 
7695 	ar = ath11k_mac_get_ar_by_vdev_id(ab, vdev_id);
7696 	if (!ar) {
7697 		ath11k_warn(ab, "invalid vdev id in peer sta kickout ev %d",
7698 			    peer->vdev_id);
7699 		goto exit;
7700 	}
7701 
7702 	sta = ieee80211_find_sta_by_ifaddr(ar->hw,
7703 					   arg.mac_addr, NULL);
7704 	if (!sta) {
7705 		ath11k_warn(ab, "Spurious quick kickout for STA %pM\n",
7706 			    arg.mac_addr);
7707 		goto exit;
7708 	}
7709 
7710 	ath11k_dbg(ab, ATH11K_DBG_WMI, "peer sta kickout event %pM",
7711 		   arg.mac_addr);
7712 
7713 	ieee80211_report_low_ack(sta, 10);
7714 
7715 exit:
7716 	rcu_read_unlock();
7717 }
7718 
7719 static void ath11k_roam_event(struct ath11k_base *ab, struct sk_buff *skb)
7720 {
7721 	struct wmi_roam_event roam_ev = {};
7722 	struct ath11k *ar;
7723 
7724 	if (ath11k_pull_roam_ev(ab, skb, &roam_ev) != 0) {
7725 		ath11k_warn(ab, "failed to extract roam event");
7726 		return;
7727 	}
7728 
7729 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7730 		   "wmi roam event vdev %u reason 0x%08x rssi %d\n",
7731 		   roam_ev.vdev_id, roam_ev.reason, roam_ev.rssi);
7732 
7733 	rcu_read_lock();
7734 	ar = ath11k_mac_get_ar_by_vdev_id(ab, roam_ev.vdev_id);
7735 	if (!ar) {
7736 		ath11k_warn(ab, "invalid vdev id in roam ev %d",
7737 			    roam_ev.vdev_id);
7738 		rcu_read_unlock();
7739 		return;
7740 	}
7741 
7742 	if (roam_ev.reason >= WMI_ROAM_REASON_MAX)
7743 		ath11k_warn(ab, "ignoring unknown roam event reason %d on vdev %i\n",
7744 			    roam_ev.reason, roam_ev.vdev_id);
7745 
7746 	switch (roam_ev.reason) {
7747 	case WMI_ROAM_REASON_BEACON_MISS:
7748 		ath11k_mac_handle_beacon_miss(ar, roam_ev.vdev_id);
7749 		break;
7750 	case WMI_ROAM_REASON_BETTER_AP:
7751 	case WMI_ROAM_REASON_LOW_RSSI:
7752 	case WMI_ROAM_REASON_SUITABLE_AP_FOUND:
7753 	case WMI_ROAM_REASON_HO_FAILED:
7754 		ath11k_warn(ab, "ignoring not implemented roam event reason %d on vdev %i\n",
7755 			    roam_ev.reason, roam_ev.vdev_id);
7756 		break;
7757 	}
7758 
7759 	rcu_read_unlock();
7760 }
7761 
7762 static void ath11k_chan_info_event(struct ath11k_base *ab, struct sk_buff *skb)
7763 {
7764 	struct wmi_chan_info_event ch_info_ev = {0};
7765 	struct ath11k *ar;
7766 	struct survey_info *survey;
7767 	int idx;
7768 	/* HW channel counters frequency value in hertz */
7769 	u32 cc_freq_hz = ab->cc_freq_hz;
7770 
7771 	if (ath11k_pull_chan_info_ev(ab, skb->data, skb->len, &ch_info_ev) != 0) {
7772 		ath11k_warn(ab, "failed to extract chan info event");
7773 		return;
7774 	}
7775 
7776 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7777 		   "chan info vdev_id %d err_code %d freq %d cmd_flags %d noise_floor %d rx_clear_count %d cycle_count %d mac_clk_mhz %d\n",
7778 		   ch_info_ev.vdev_id, ch_info_ev.err_code, ch_info_ev.freq,
7779 		   ch_info_ev.cmd_flags, ch_info_ev.noise_floor,
7780 		   ch_info_ev.rx_clear_count, ch_info_ev.cycle_count,
7781 		   ch_info_ev.mac_clk_mhz);
7782 
7783 	if (ch_info_ev.cmd_flags == WMI_CHAN_INFO_END_RESP) {
7784 		ath11k_dbg(ab, ATH11K_DBG_WMI, "chan info report completed\n");
7785 		return;
7786 	}
7787 
7788 	rcu_read_lock();
7789 	ar = ath11k_mac_get_ar_by_vdev_id(ab, ch_info_ev.vdev_id);
7790 	if (!ar) {
7791 		ath11k_warn(ab, "invalid vdev id in chan info ev %d",
7792 			    ch_info_ev.vdev_id);
7793 		rcu_read_unlock();
7794 		return;
7795 	}
7796 	spin_lock_bh(&ar->data_lock);
7797 
7798 	switch (ar->scan.state) {
7799 	case ATH11K_SCAN_IDLE:
7800 	case ATH11K_SCAN_STARTING:
7801 		ath11k_warn(ab, "received chan info event without a scan request, ignoring\n");
7802 		goto exit;
7803 	case ATH11K_SCAN_RUNNING:
7804 	case ATH11K_SCAN_ABORTING:
7805 		break;
7806 	}
7807 
7808 	idx = freq_to_idx(ar, ch_info_ev.freq);
7809 	if (idx >= ARRAY_SIZE(ar->survey)) {
7810 		ath11k_warn(ab, "chan info: invalid frequency %d (idx %d out of bounds)\n",
7811 			    ch_info_ev.freq, idx);
7812 		goto exit;
7813 	}
7814 
7815 	/* If FW provides MAC clock frequency in Mhz, overriding the initialized
7816 	 * HW channel counters frequency value
7817 	 */
7818 	if (ch_info_ev.mac_clk_mhz)
7819 		cc_freq_hz = (ch_info_ev.mac_clk_mhz * 1000);
7820 
7821 	if (ch_info_ev.cmd_flags == WMI_CHAN_INFO_START_RESP) {
7822 		survey = &ar->survey[idx];
7823 		memset(survey, 0, sizeof(*survey));
7824 		survey->noise = ch_info_ev.noise_floor;
7825 		survey->filled = SURVEY_INFO_NOISE_DBM | SURVEY_INFO_TIME |
7826 				 SURVEY_INFO_TIME_BUSY;
7827 		survey->time = div_u64(ch_info_ev.cycle_count, cc_freq_hz);
7828 		survey->time_busy = div_u64(ch_info_ev.rx_clear_count, cc_freq_hz);
7829 	}
7830 exit:
7831 	spin_unlock_bh(&ar->data_lock);
7832 	rcu_read_unlock();
7833 }
7834 
7835 static void
7836 ath11k_pdev_bss_chan_info_event(struct ath11k_base *ab, struct sk_buff *skb)
7837 {
7838 	struct wmi_pdev_bss_chan_info_event bss_ch_info_ev = {};
7839 	struct survey_info *survey;
7840 	struct ath11k *ar;
7841 	u32 cc_freq_hz = ab->cc_freq_hz;
7842 	u64 busy, total, tx, rx, rx_bss;
7843 	int idx;
7844 
7845 	if (ath11k_pull_pdev_bss_chan_info_ev(ab, skb, &bss_ch_info_ev) != 0) {
7846 		ath11k_warn(ab, "failed to extract pdev bss chan info event");
7847 		return;
7848 	}
7849 
7850 	busy = (u64)(bss_ch_info_ev.rx_clear_count_high) << 32 |
7851 			bss_ch_info_ev.rx_clear_count_low;
7852 
7853 	total = (u64)(bss_ch_info_ev.cycle_count_high) << 32 |
7854 			bss_ch_info_ev.cycle_count_low;
7855 
7856 	tx = (u64)(bss_ch_info_ev.tx_cycle_count_high) << 32 |
7857 			bss_ch_info_ev.tx_cycle_count_low;
7858 
7859 	rx = (u64)(bss_ch_info_ev.rx_cycle_count_high) << 32 |
7860 			bss_ch_info_ev.rx_cycle_count_low;
7861 
7862 	rx_bss = (u64)(bss_ch_info_ev.rx_bss_cycle_count_high) << 32 |
7863 			bss_ch_info_ev.rx_bss_cycle_count_low;
7864 
7865 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7866 		   "pdev bss chan info:\n pdev_id: %d freq: %d noise: %d cycle: busy %llu total %llu tx %llu rx %llu rx_bss %llu\n",
7867 		   bss_ch_info_ev.pdev_id, bss_ch_info_ev.freq,
7868 		   bss_ch_info_ev.noise_floor, busy, total,
7869 		   tx, rx, rx_bss);
7870 
7871 	rcu_read_lock();
7872 	ar = ath11k_mac_get_ar_by_pdev_id(ab, bss_ch_info_ev.pdev_id);
7873 
7874 	if (!ar) {
7875 		ath11k_warn(ab, "invalid pdev id %d in bss_chan_info event\n",
7876 			    bss_ch_info_ev.pdev_id);
7877 		rcu_read_unlock();
7878 		return;
7879 	}
7880 
7881 	spin_lock_bh(&ar->data_lock);
7882 	idx = freq_to_idx(ar, bss_ch_info_ev.freq);
7883 	if (idx >= ARRAY_SIZE(ar->survey)) {
7884 		ath11k_warn(ab, "bss chan info: invalid frequency %d (idx %d out of bounds)\n",
7885 			    bss_ch_info_ev.freq, idx);
7886 		goto exit;
7887 	}
7888 
7889 	survey = &ar->survey[idx];
7890 
7891 	survey->noise     = bss_ch_info_ev.noise_floor;
7892 	survey->time      = div_u64(total, cc_freq_hz);
7893 	survey->time_busy = div_u64(busy, cc_freq_hz);
7894 	survey->time_rx   = div_u64(rx_bss, cc_freq_hz);
7895 	survey->time_tx   = div_u64(tx, cc_freq_hz);
7896 	survey->filled   |= (SURVEY_INFO_NOISE_DBM |
7897 			     SURVEY_INFO_TIME |
7898 			     SURVEY_INFO_TIME_BUSY |
7899 			     SURVEY_INFO_TIME_RX |
7900 			     SURVEY_INFO_TIME_TX);
7901 exit:
7902 	spin_unlock_bh(&ar->data_lock);
7903 	complete(&ar->bss_survey_done);
7904 
7905 	rcu_read_unlock();
7906 }
7907 
7908 static void ath11k_vdev_install_key_compl_event(struct ath11k_base *ab,
7909 						struct sk_buff *skb)
7910 {
7911 	struct wmi_vdev_install_key_complete_arg install_key_compl = {0};
7912 	struct ath11k *ar;
7913 
7914 	if (ath11k_pull_vdev_install_key_compl_ev(ab, skb, &install_key_compl) != 0) {
7915 		ath11k_warn(ab, "failed to extract install key compl event");
7916 		return;
7917 	}
7918 
7919 	ath11k_dbg(ab, ATH11K_DBG_WMI,
7920 		   "vdev install key ev idx %d flags %08x macaddr %pM status %d\n",
7921 		   install_key_compl.key_idx, install_key_compl.key_flags,
7922 		   install_key_compl.macaddr, install_key_compl.status);
7923 
7924 	rcu_read_lock();
7925 	ar = ath11k_mac_get_ar_by_vdev_id(ab, install_key_compl.vdev_id);
7926 	if (!ar) {
7927 		ath11k_warn(ab, "invalid vdev id in install key compl ev %d",
7928 			    install_key_compl.vdev_id);
7929 		rcu_read_unlock();
7930 		return;
7931 	}
7932 
7933 	ar->install_key_status = 0;
7934 
7935 	if (install_key_compl.status != WMI_VDEV_INSTALL_KEY_COMPL_STATUS_SUCCESS) {
7936 		ath11k_warn(ab, "install key failed for %pM status %d\n",
7937 			    install_key_compl.macaddr, install_key_compl.status);
7938 		ar->install_key_status = install_key_compl.status;
7939 	}
7940 
7941 	complete(&ar->install_key_done);
7942 	rcu_read_unlock();
7943 }
7944 
7945 static int  ath11k_wmi_tlv_services_parser(struct ath11k_base *ab,
7946 					   u16 tag, u16 len,
7947 					   const void *ptr, void *data)
7948 {
7949 	const struct wmi_service_available_event *ev;
7950 	u32 *wmi_ext2_service_bitmap;
7951 	int i, j;
7952 
7953 	switch (tag) {
7954 	case WMI_TAG_SERVICE_AVAILABLE_EVENT:
7955 		ev = (struct wmi_service_available_event *)ptr;
7956 		for (i = 0, j = WMI_MAX_SERVICE;
7957 			i < WMI_SERVICE_SEGMENT_BM_SIZE32 && j < WMI_MAX_EXT_SERVICE;
7958 			i++) {
7959 			do {
7960 				if (ev->wmi_service_segment_bitmap[i] &
7961 				    BIT(j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32))
7962 					set_bit(j, ab->wmi_ab.svc_map);
7963 			} while (++j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32);
7964 		}
7965 
7966 		ath11k_dbg(ab, ATH11K_DBG_WMI,
7967 			   "wmi_ext_service_bitmap 0:0x%04x, 1:0x%04x, 2:0x%04x, 3:0x%04x",
7968 			   ev->wmi_service_segment_bitmap[0],
7969 			   ev->wmi_service_segment_bitmap[1],
7970 			   ev->wmi_service_segment_bitmap[2],
7971 			   ev->wmi_service_segment_bitmap[3]);
7972 		break;
7973 	case WMI_TAG_ARRAY_UINT32:
7974 		wmi_ext2_service_bitmap = (u32 *)ptr;
7975 		for (i = 0, j = WMI_MAX_EXT_SERVICE;
7976 			i < WMI_SERVICE_SEGMENT_BM_SIZE32 && j < WMI_MAX_EXT2_SERVICE;
7977 			i++) {
7978 			do {
7979 				if (wmi_ext2_service_bitmap[i] &
7980 				    BIT(j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32))
7981 					set_bit(j, ab->wmi_ab.svc_map);
7982 			} while (++j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32);
7983 		}
7984 
7985 		ath11k_dbg(ab, ATH11K_DBG_WMI,
7986 			   "wmi_ext2_service__bitmap  0:0x%04x, 1:0x%04x, 2:0x%04x, 3:0x%04x",
7987 			   wmi_ext2_service_bitmap[0], wmi_ext2_service_bitmap[1],
7988 			   wmi_ext2_service_bitmap[2], wmi_ext2_service_bitmap[3]);
7989 		break;
7990 	}
7991 	return 0;
7992 }
7993 
7994 static void ath11k_service_available_event(struct ath11k_base *ab, struct sk_buff *skb)
7995 {
7996 	int ret;
7997 
7998 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
7999 				  ath11k_wmi_tlv_services_parser,
8000 				  NULL);
8001 	if (ret)
8002 		ath11k_warn(ab, "failed to parse services available tlv %d\n", ret);
8003 }
8004 
8005 static void ath11k_peer_assoc_conf_event(struct ath11k_base *ab, struct sk_buff *skb)
8006 {
8007 	struct wmi_peer_assoc_conf_arg peer_assoc_conf = {0};
8008 	struct ath11k *ar;
8009 
8010 	if (ath11k_pull_peer_assoc_conf_ev(ab, skb, &peer_assoc_conf) != 0) {
8011 		ath11k_warn(ab, "failed to extract peer assoc conf event");
8012 		return;
8013 	}
8014 
8015 	ath11k_dbg(ab, ATH11K_DBG_WMI,
8016 		   "peer assoc conf ev vdev id %d macaddr %pM\n",
8017 		   peer_assoc_conf.vdev_id, peer_assoc_conf.macaddr);
8018 
8019 	rcu_read_lock();
8020 	ar = ath11k_mac_get_ar_by_vdev_id(ab, peer_assoc_conf.vdev_id);
8021 
8022 	if (!ar) {
8023 		ath11k_warn(ab, "invalid vdev id in peer assoc conf ev %d",
8024 			    peer_assoc_conf.vdev_id);
8025 		rcu_read_unlock();
8026 		return;
8027 	}
8028 
8029 	complete(&ar->peer_assoc_done);
8030 	rcu_read_unlock();
8031 }
8032 
8033 static void ath11k_update_stats_event(struct ath11k_base *ab, struct sk_buff *skb)
8034 {
8035 	struct ath11k_fw_stats stats = {};
8036 	struct ath11k *ar;
8037 	int ret;
8038 
8039 	INIT_LIST_HEAD(&stats.pdevs);
8040 	INIT_LIST_HEAD(&stats.vdevs);
8041 	INIT_LIST_HEAD(&stats.bcn);
8042 
8043 	ret = ath11k_wmi_pull_fw_stats(ab, skb, &stats);
8044 	if (ret) {
8045 		ath11k_warn(ab, "failed to pull fw stats: %d\n", ret);
8046 		goto free;
8047 	}
8048 
8049 	rcu_read_lock();
8050 	ar = ath11k_mac_get_ar_by_pdev_id(ab, stats.pdev_id);
8051 	if (!ar) {
8052 		rcu_read_unlock();
8053 		ath11k_warn(ab, "failed to get ar for pdev_id %d: %d\n",
8054 			    stats.pdev_id, ret);
8055 		goto free;
8056 	}
8057 
8058 	spin_lock_bh(&ar->data_lock);
8059 
8060 	/* WMI_REQUEST_PDEV_STAT can be requested via .get_txpower mac ops or via
8061 	 * debugfs fw stats. Therefore, processing it separately.
8062 	 */
8063 	if (stats.stats_id == WMI_REQUEST_PDEV_STAT) {
8064 		list_splice_tail_init(&stats.pdevs, &ar->fw_stats.pdevs);
8065 		ar->fw_stats_done = true;
8066 		goto complete;
8067 	}
8068 
8069 	/* WMI_REQUEST_VDEV_STAT, WMI_REQUEST_BCN_STAT and WMI_REQUEST_RSSI_PER_CHAIN_STAT
8070 	 * are currently requested only via debugfs fw stats. Hence, processing these
8071 	 * in debugfs context
8072 	 */
8073 	ath11k_debugfs_fw_stats_process(ar, &stats);
8074 
8075 complete:
8076 	complete(&ar->fw_stats_complete);
8077 	rcu_read_unlock();
8078 	spin_unlock_bh(&ar->data_lock);
8079 
8080 free:
8081 	ath11k_fw_stats_free(&stats);
8082 }
8083 
8084 /* PDEV_CTL_FAILSAFE_CHECK_EVENT is received from FW when the frequency scanned
8085  * is not part of BDF CTL(Conformance test limits) table entries.
8086  */
8087 static void ath11k_pdev_ctl_failsafe_check_event(struct ath11k_base *ab,
8088 						 struct sk_buff *skb)
8089 {
8090 	const void **tb;
8091 	const struct wmi_pdev_ctl_failsafe_chk_event *ev;
8092 	int ret;
8093 
8094 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
8095 	if (IS_ERR(tb)) {
8096 		ret = PTR_ERR(tb);
8097 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
8098 		return;
8099 	}
8100 
8101 	ev = tb[WMI_TAG_PDEV_CTL_FAILSAFE_CHECK_EVENT];
8102 	if (!ev) {
8103 		ath11k_warn(ab, "failed to fetch pdev ctl failsafe check ev");
8104 		kfree(tb);
8105 		return;
8106 	}
8107 
8108 	ath11k_dbg(ab, ATH11K_DBG_WMI,
8109 		   "pdev ctl failsafe check ev status %d\n",
8110 		   ev->ctl_failsafe_status);
8111 
8112 	/* If ctl_failsafe_status is set to 1 FW will max out the Transmit power
8113 	 * to 10 dBm else the CTL power entry in the BDF would be picked up.
8114 	 */
8115 	if (ev->ctl_failsafe_status != 0)
8116 		ath11k_warn(ab, "pdev ctl failsafe failure status %d",
8117 			    ev->ctl_failsafe_status);
8118 
8119 	kfree(tb);
8120 }
8121 
8122 static void
8123 ath11k_wmi_process_csa_switch_count_event(struct ath11k_base *ab,
8124 					  const struct wmi_pdev_csa_switch_ev *ev,
8125 					  const u32 *vdev_ids)
8126 {
8127 	int i;
8128 	struct ath11k_vif *arvif;
8129 
8130 	/* Finish CSA once the switch count becomes NULL */
8131 	if (ev->current_switch_count)
8132 		return;
8133 
8134 	rcu_read_lock();
8135 	for (i = 0; i < ev->num_vdevs; i++) {
8136 		arvif = ath11k_mac_get_arvif_by_vdev_id(ab, vdev_ids[i]);
8137 
8138 		if (!arvif) {
8139 			ath11k_warn(ab, "Recvd csa status for unknown vdev %d",
8140 				    vdev_ids[i]);
8141 			continue;
8142 		}
8143 
8144 		if (arvif->is_up && arvif->vif->bss_conf.csa_active)
8145 			ieee80211_csa_finish(arvif->vif);
8146 	}
8147 	rcu_read_unlock();
8148 }
8149 
8150 static void
8151 ath11k_wmi_pdev_csa_switch_count_status_event(struct ath11k_base *ab,
8152 					      struct sk_buff *skb)
8153 {
8154 	const void **tb;
8155 	const struct wmi_pdev_csa_switch_ev *ev;
8156 	const u32 *vdev_ids;
8157 	int ret;
8158 
8159 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
8160 	if (IS_ERR(tb)) {
8161 		ret = PTR_ERR(tb);
8162 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
8163 		return;
8164 	}
8165 
8166 	ev = tb[WMI_TAG_PDEV_CSA_SWITCH_COUNT_STATUS_EVENT];
8167 	vdev_ids = tb[WMI_TAG_ARRAY_UINT32];
8168 
8169 	if (!ev || !vdev_ids) {
8170 		ath11k_warn(ab, "failed to fetch pdev csa switch count ev");
8171 		kfree(tb);
8172 		return;
8173 	}
8174 
8175 	ath11k_dbg(ab, ATH11K_DBG_WMI,
8176 		   "pdev csa switch count %d for pdev %d, num_vdevs %d",
8177 		   ev->current_switch_count, ev->pdev_id,
8178 		   ev->num_vdevs);
8179 
8180 	ath11k_wmi_process_csa_switch_count_event(ab, ev, vdev_ids);
8181 
8182 	kfree(tb);
8183 }
8184 
8185 static void
8186 ath11k_wmi_pdev_dfs_radar_detected_event(struct ath11k_base *ab, struct sk_buff *skb)
8187 {
8188 	const void **tb;
8189 	const struct wmi_pdev_radar_ev *ev;
8190 	struct ath11k *ar;
8191 	int ret;
8192 
8193 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
8194 	if (IS_ERR(tb)) {
8195 		ret = PTR_ERR(tb);
8196 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
8197 		return;
8198 	}
8199 
8200 	ev = tb[WMI_TAG_PDEV_DFS_RADAR_DETECTION_EVENT];
8201 
8202 	if (!ev) {
8203 		ath11k_warn(ab, "failed to fetch pdev dfs radar detected ev");
8204 		kfree(tb);
8205 		return;
8206 	}
8207 
8208 	ath11k_dbg(ab, ATH11K_DBG_WMI,
8209 		   "pdev dfs radar detected on pdev %d, detection mode %d, chan freq %d, chan_width %d, detector id %d, seg id %d, timestamp %d, chirp %d, freq offset %d, sidx %d",
8210 		   ev->pdev_id, ev->detection_mode, ev->chan_freq, ev->chan_width,
8211 		   ev->detector_id, ev->segment_id, ev->timestamp, ev->is_chirp,
8212 		   ev->freq_offset, ev->sidx);
8213 
8214 	ar = ath11k_mac_get_ar_by_pdev_id(ab, ev->pdev_id);
8215 
8216 	if (!ar) {
8217 		ath11k_warn(ab, "radar detected in invalid pdev %d\n",
8218 			    ev->pdev_id);
8219 		goto exit;
8220 	}
8221 
8222 	ath11k_dbg(ar->ab, ATH11K_DBG_REG, "DFS Radar Detected in pdev %d\n",
8223 		   ev->pdev_id);
8224 
8225 	if (ar->dfs_block_radar_events)
8226 		ath11k_info(ab, "DFS Radar detected, but ignored as requested\n");
8227 	else
8228 		ieee80211_radar_detected(ar->hw);
8229 
8230 exit:
8231 	kfree(tb);
8232 }
8233 
8234 static void
8235 ath11k_wmi_pdev_temperature_event(struct ath11k_base *ab,
8236 				  struct sk_buff *skb)
8237 {
8238 	struct ath11k *ar;
8239 	const void **tb;
8240 	const struct wmi_pdev_temperature_event *ev;
8241 	int ret;
8242 
8243 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
8244 	if (IS_ERR(tb)) {
8245 		ret = PTR_ERR(tb);
8246 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
8247 		return;
8248 	}
8249 
8250 	ev = tb[WMI_TAG_PDEV_TEMPERATURE_EVENT];
8251 	if (!ev) {
8252 		ath11k_warn(ab, "failed to fetch pdev temp ev");
8253 		kfree(tb);
8254 		return;
8255 	}
8256 
8257 	ath11k_dbg(ab, ATH11K_DBG_WMI,
8258 		   "pdev temperature ev temp %d pdev_id %d\n", ev->temp, ev->pdev_id);
8259 
8260 	ar = ath11k_mac_get_ar_by_pdev_id(ab, ev->pdev_id);
8261 	if (!ar) {
8262 		ath11k_warn(ab, "invalid pdev id in pdev temperature ev %d", ev->pdev_id);
8263 		kfree(tb);
8264 		return;
8265 	}
8266 
8267 	ath11k_thermal_event_temperature(ar, ev->temp);
8268 
8269 	kfree(tb);
8270 }
8271 
8272 static void ath11k_fils_discovery_event(struct ath11k_base *ab,
8273 					struct sk_buff *skb)
8274 {
8275 	const void **tb;
8276 	const struct wmi_fils_discovery_event *ev;
8277 	int ret;
8278 
8279 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
8280 	if (IS_ERR(tb)) {
8281 		ret = PTR_ERR(tb);
8282 		ath11k_warn(ab,
8283 			    "failed to parse FILS discovery event tlv %d\n",
8284 			    ret);
8285 		return;
8286 	}
8287 
8288 	ev = tb[WMI_TAG_HOST_SWFDA_EVENT];
8289 	if (!ev) {
8290 		ath11k_warn(ab, "failed to fetch FILS discovery event\n");
8291 		kfree(tb);
8292 		return;
8293 	}
8294 
8295 	ath11k_warn(ab,
8296 		    "FILS discovery frame expected from host for vdev_id: %u, transmission scheduled at %u, next TBTT: %u\n",
8297 		    ev->vdev_id, ev->fils_tt, ev->tbtt);
8298 
8299 	kfree(tb);
8300 }
8301 
8302 static void ath11k_probe_resp_tx_status_event(struct ath11k_base *ab,
8303 					      struct sk_buff *skb)
8304 {
8305 	const void **tb;
8306 	const struct wmi_probe_resp_tx_status_event *ev;
8307 	int ret;
8308 
8309 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
8310 	if (IS_ERR(tb)) {
8311 		ret = PTR_ERR(tb);
8312 		ath11k_warn(ab,
8313 			    "failed to parse probe response transmission status event tlv: %d\n",
8314 			    ret);
8315 		return;
8316 	}
8317 
8318 	ev = tb[WMI_TAG_OFFLOAD_PRB_RSP_TX_STATUS_EVENT];
8319 	if (!ev) {
8320 		ath11k_warn(ab,
8321 			    "failed to fetch probe response transmission status event");
8322 		kfree(tb);
8323 		return;
8324 	}
8325 
8326 	if (ev->tx_status)
8327 		ath11k_warn(ab,
8328 			    "Probe response transmission failed for vdev_id %u, status %u\n",
8329 			    ev->vdev_id, ev->tx_status);
8330 
8331 	kfree(tb);
8332 }
8333 
8334 static int ath11k_wmi_tlv_wow_wakeup_host_parse(struct ath11k_base *ab,
8335 						u16 tag, u16 len,
8336 						const void *ptr, void *data)
8337 {
8338 	struct wmi_wow_ev_arg *ev = data;
8339 	const char *wow_pg_fault;
8340 	int wow_pg_len;
8341 
8342 	switch (tag) {
8343 	case WMI_TAG_WOW_EVENT_INFO:
8344 		memcpy(ev, ptr, sizeof(*ev));
8345 		ath11k_dbg(ab, ATH11K_DBG_WMI, "wow wakeup host reason %d %s\n",
8346 			   ev->wake_reason, wow_reason(ev->wake_reason));
8347 		break;
8348 
8349 	case WMI_TAG_ARRAY_BYTE:
8350 		if (ev && ev->wake_reason == WOW_REASON_PAGE_FAULT) {
8351 			wow_pg_fault = ptr;
8352 			/* the first 4 bytes are length */
8353 			wow_pg_len = *(int *)wow_pg_fault;
8354 			wow_pg_fault += sizeof(int);
8355 			ath11k_dbg(ab, ATH11K_DBG_WMI, "wow data_len = %d\n",
8356 				   wow_pg_len);
8357 			ath11k_dbg_dump(ab, ATH11K_DBG_WMI,
8358 					"wow_event_info_type packet present",
8359 					"wow_pg_fault ",
8360 					wow_pg_fault,
8361 					wow_pg_len);
8362 		}
8363 		break;
8364 	default:
8365 		break;
8366 	}
8367 
8368 	return 0;
8369 }
8370 
8371 static void ath11k_wmi_event_wow_wakeup_host(struct ath11k_base *ab, struct sk_buff *skb)
8372 {
8373 	struct wmi_wow_ev_arg ev = { };
8374 	int ret;
8375 
8376 	ret = ath11k_wmi_tlv_iter(ab, skb->data, skb->len,
8377 				  ath11k_wmi_tlv_wow_wakeup_host_parse,
8378 				  &ev);
8379 	if (ret) {
8380 		ath11k_warn(ab, "failed to parse wmi wow tlv: %d\n", ret);
8381 		return;
8382 	}
8383 
8384 	complete(&ab->wow.wakeup_completed);
8385 }
8386 
8387 static void
8388 ath11k_wmi_diag_event(struct ath11k_base *ab,
8389 		      struct sk_buff *skb)
8390 {
8391 	trace_ath11k_wmi_diag(ab, skb->data, skb->len);
8392 }
8393 
8394 static const char *ath11k_wmi_twt_add_dialog_event_status(u32 status)
8395 {
8396 	switch (status) {
8397 	case WMI_ADD_TWT_STATUS_OK:
8398 		return "ok";
8399 	case WMI_ADD_TWT_STATUS_TWT_NOT_ENABLED:
8400 		return "twt disabled";
8401 	case WMI_ADD_TWT_STATUS_USED_DIALOG_ID:
8402 		return "dialog id in use";
8403 	case WMI_ADD_TWT_STATUS_INVALID_PARAM:
8404 		return "invalid parameters";
8405 	case WMI_ADD_TWT_STATUS_NOT_READY:
8406 		return "not ready";
8407 	case WMI_ADD_TWT_STATUS_NO_RESOURCE:
8408 		return "resource unavailable";
8409 	case WMI_ADD_TWT_STATUS_NO_ACK:
8410 		return "no ack";
8411 	case WMI_ADD_TWT_STATUS_NO_RESPONSE:
8412 		return "no response";
8413 	case WMI_ADD_TWT_STATUS_DENIED:
8414 		return "denied";
8415 	case WMI_ADD_TWT_STATUS_UNKNOWN_ERROR:
8416 		fallthrough;
8417 	default:
8418 		return "unknown error";
8419 	}
8420 }
8421 
8422 static void ath11k_wmi_twt_add_dialog_event(struct ath11k_base *ab,
8423 					    struct sk_buff *skb)
8424 {
8425 	const void **tb;
8426 	const struct wmi_twt_add_dialog_event *ev;
8427 	int ret;
8428 
8429 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
8430 	if (IS_ERR(tb)) {
8431 		ret = PTR_ERR(tb);
8432 		ath11k_warn(ab,
8433 			    "failed to parse wmi twt add dialog status event tlv: %d\n",
8434 			    ret);
8435 		return;
8436 	}
8437 
8438 	ev = tb[WMI_TAG_TWT_ADD_DIALOG_COMPLETE_EVENT];
8439 	if (!ev) {
8440 		ath11k_warn(ab, "failed to fetch twt add dialog wmi event\n");
8441 		goto exit;
8442 	}
8443 
8444 	if (ev->status)
8445 		ath11k_warn(ab,
8446 			    "wmi add twt dialog event vdev %d dialog id %d status %s\n",
8447 			    ev->vdev_id, ev->dialog_id,
8448 			    ath11k_wmi_twt_add_dialog_event_status(ev->status));
8449 
8450 exit:
8451 	kfree(tb);
8452 }
8453 
8454 static void ath11k_wmi_gtk_offload_status_event(struct ath11k_base *ab,
8455 						struct sk_buff *skb)
8456 {
8457 	const void **tb;
8458 	const struct wmi_gtk_offload_status_event *ev;
8459 	struct ath11k_vif *arvif;
8460 	__be64 replay_ctr_be;
8461 	u64    replay_ctr;
8462 	int ret;
8463 
8464 	tb = ath11k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
8465 	if (IS_ERR(tb)) {
8466 		ret = PTR_ERR(tb);
8467 		ath11k_warn(ab, "failed to parse tlv: %d\n", ret);
8468 		return;
8469 	}
8470 
8471 	ev = tb[WMI_TAG_GTK_OFFLOAD_STATUS_EVENT];
8472 	if (!ev) {
8473 		ath11k_warn(ab, "failed to fetch gtk offload status ev");
8474 		kfree(tb);
8475 		return;
8476 	}
8477 
8478 	arvif = ath11k_mac_get_arvif_by_vdev_id(ab, ev->vdev_id);
8479 	if (!arvif) {
8480 		ath11k_warn(ab, "failed to get arvif for vdev_id:%d\n",
8481 			    ev->vdev_id);
8482 		kfree(tb);
8483 		return;
8484 	}
8485 
8486 	ath11k_dbg(ab, ATH11K_DBG_WMI, "wmi gtk offload event refresh_cnt %d\n",
8487 		   ev->refresh_cnt);
8488 	ath11k_dbg_dump(ab, ATH11K_DBG_WMI, "replay_cnt",
8489 			NULL, ev->replay_ctr.counter, GTK_REPLAY_COUNTER_BYTES);
8490 
8491 	replay_ctr =  ev->replay_ctr.word1;
8492 	replay_ctr = (replay_ctr << 32) | ev->replay_ctr.word0;
8493 	arvif->rekey_data.replay_ctr = replay_ctr;
8494 
8495 	/* supplicant expects big-endian replay counter */
8496 	replay_ctr_be = cpu_to_be64(replay_ctr);
8497 
8498 	ieee80211_gtk_rekey_notify(arvif->vif, arvif->bssid,
8499 				   (void *)&replay_ctr_be, GFP_ATOMIC);
8500 
8501 	kfree(tb);
8502 }
8503 
8504 static void ath11k_wmi_tlv_op_rx(struct ath11k_base *ab, struct sk_buff *skb)
8505 {
8506 	struct wmi_cmd_hdr *cmd_hdr;
8507 	enum wmi_tlv_event_id id;
8508 
8509 	cmd_hdr = (struct wmi_cmd_hdr *)skb->data;
8510 	id = FIELD_GET(WMI_CMD_HDR_CMD_ID, (cmd_hdr->cmd_id));
8511 
8512 	trace_ath11k_wmi_event(ab, id, skb->data, skb->len);
8513 
8514 	if (skb_pull(skb, sizeof(struct wmi_cmd_hdr)) == NULL)
8515 		goto out;
8516 
8517 	switch (id) {
8518 		/* Process all the WMI events here */
8519 	case WMI_SERVICE_READY_EVENTID:
8520 		ath11k_service_ready_event(ab, skb);
8521 		break;
8522 	case WMI_SERVICE_READY_EXT_EVENTID:
8523 		ath11k_service_ready_ext_event(ab, skb);
8524 		break;
8525 	case WMI_SERVICE_READY_EXT2_EVENTID:
8526 		ath11k_service_ready_ext2_event(ab, skb);
8527 		break;
8528 	case WMI_REG_CHAN_LIST_CC_EVENTID:
8529 		ath11k_reg_chan_list_event(ab, skb, WMI_REG_CHAN_LIST_CC_ID);
8530 		break;
8531 	case WMI_REG_CHAN_LIST_CC_EXT_EVENTID:
8532 		ath11k_reg_chan_list_event(ab, skb, WMI_REG_CHAN_LIST_CC_EXT_ID);
8533 		break;
8534 	case WMI_READY_EVENTID:
8535 		ath11k_ready_event(ab, skb);
8536 		break;
8537 	case WMI_PEER_DELETE_RESP_EVENTID:
8538 		ath11k_peer_delete_resp_event(ab, skb);
8539 		break;
8540 	case WMI_VDEV_START_RESP_EVENTID:
8541 		ath11k_vdev_start_resp_event(ab, skb);
8542 		break;
8543 	case WMI_OFFLOAD_BCN_TX_STATUS_EVENTID:
8544 		ath11k_bcn_tx_status_event(ab, skb);
8545 		break;
8546 	case WMI_VDEV_STOPPED_EVENTID:
8547 		ath11k_vdev_stopped_event(ab, skb);
8548 		break;
8549 	case WMI_MGMT_RX_EVENTID:
8550 		ath11k_mgmt_rx_event(ab, skb);
8551 		/* mgmt_rx_event() owns the skb now! */
8552 		return;
8553 	case WMI_MGMT_TX_COMPLETION_EVENTID:
8554 		ath11k_mgmt_tx_compl_event(ab, skb);
8555 		break;
8556 	case WMI_SCAN_EVENTID:
8557 		ath11k_scan_event(ab, skb);
8558 		break;
8559 	case WMI_PEER_STA_KICKOUT_EVENTID:
8560 		ath11k_peer_sta_kickout_event(ab, skb);
8561 		break;
8562 	case WMI_ROAM_EVENTID:
8563 		ath11k_roam_event(ab, skb);
8564 		break;
8565 	case WMI_CHAN_INFO_EVENTID:
8566 		ath11k_chan_info_event(ab, skb);
8567 		break;
8568 	case WMI_PDEV_BSS_CHAN_INFO_EVENTID:
8569 		ath11k_pdev_bss_chan_info_event(ab, skb);
8570 		break;
8571 	case WMI_VDEV_INSTALL_KEY_COMPLETE_EVENTID:
8572 		ath11k_vdev_install_key_compl_event(ab, skb);
8573 		break;
8574 	case WMI_SERVICE_AVAILABLE_EVENTID:
8575 		ath11k_service_available_event(ab, skb);
8576 		break;
8577 	case WMI_PEER_ASSOC_CONF_EVENTID:
8578 		ath11k_peer_assoc_conf_event(ab, skb);
8579 		break;
8580 	case WMI_UPDATE_STATS_EVENTID:
8581 		ath11k_update_stats_event(ab, skb);
8582 		break;
8583 	case WMI_PDEV_CTL_FAILSAFE_CHECK_EVENTID:
8584 		ath11k_pdev_ctl_failsafe_check_event(ab, skb);
8585 		break;
8586 	case WMI_PDEV_CSA_SWITCH_COUNT_STATUS_EVENTID:
8587 		ath11k_wmi_pdev_csa_switch_count_status_event(ab, skb);
8588 		break;
8589 	case WMI_PDEV_TEMPERATURE_EVENTID:
8590 		ath11k_wmi_pdev_temperature_event(ab, skb);
8591 		break;
8592 	case WMI_PDEV_DMA_RING_BUF_RELEASE_EVENTID:
8593 		ath11k_wmi_pdev_dma_ring_buf_release_event(ab, skb);
8594 		break;
8595 	case WMI_HOST_FILS_DISCOVERY_EVENTID:
8596 		ath11k_fils_discovery_event(ab, skb);
8597 		break;
8598 	case WMI_OFFLOAD_PROB_RESP_TX_STATUS_EVENTID:
8599 		ath11k_probe_resp_tx_status_event(ab, skb);
8600 		break;
8601 	case WMI_OBSS_COLOR_COLLISION_DETECTION_EVENTID:
8602 		ath11k_wmi_obss_color_collision_event(ab, skb);
8603 		break;
8604 	case WMI_TWT_ADD_DIALOG_EVENTID:
8605 		ath11k_wmi_twt_add_dialog_event(ab, skb);
8606 		break;
8607 	/* add Unsupported events here */
8608 	case WMI_TBTTOFFSET_EXT_UPDATE_EVENTID:
8609 	case WMI_PEER_OPER_MODE_CHANGE_EVENTID:
8610 	case WMI_TWT_ENABLE_EVENTID:
8611 	case WMI_TWT_DISABLE_EVENTID:
8612 	case WMI_TWT_DEL_DIALOG_EVENTID:
8613 	case WMI_TWT_PAUSE_DIALOG_EVENTID:
8614 	case WMI_TWT_RESUME_DIALOG_EVENTID:
8615 	case WMI_PDEV_DMA_RING_CFG_RSP_EVENTID:
8616 	case WMI_PEER_CREATE_CONF_EVENTID:
8617 		ath11k_dbg(ab, ATH11K_DBG_WMI,
8618 			   "ignoring unsupported event 0x%x\n", id);
8619 		break;
8620 	case WMI_PDEV_DFS_RADAR_DETECTION_EVENTID:
8621 		ath11k_wmi_pdev_dfs_radar_detected_event(ab, skb);
8622 		break;
8623 	case WMI_VDEV_DELETE_RESP_EVENTID:
8624 		ath11k_vdev_delete_resp_event(ab, skb);
8625 		break;
8626 	case WMI_WOW_WAKEUP_HOST_EVENTID:
8627 		ath11k_wmi_event_wow_wakeup_host(ab, skb);
8628 		break;
8629 	case WMI_11D_NEW_COUNTRY_EVENTID:
8630 		ath11k_reg_11d_new_cc_event(ab, skb);
8631 		break;
8632 	case WMI_DIAG_EVENTID:
8633 		ath11k_wmi_diag_event(ab, skb);
8634 		break;
8635 	case WMI_PEER_STA_PS_STATECHG_EVENTID:
8636 		ath11k_wmi_event_peer_sta_ps_state_chg(ab, skb);
8637 		break;
8638 	case WMI_GTK_OFFLOAD_STATUS_EVENTID:
8639 		ath11k_wmi_gtk_offload_status_event(ab, skb);
8640 		break;
8641 	/* TODO: Add remaining events */
8642 	default:
8643 		ath11k_dbg(ab, ATH11K_DBG_WMI, "Unknown eventid: 0x%x\n", id);
8644 		break;
8645 	}
8646 
8647 out:
8648 	dev_kfree_skb(skb);
8649 }
8650 
8651 static int ath11k_connect_pdev_htc_service(struct ath11k_base *ab,
8652 					   u32 pdev_idx)
8653 {
8654 	int status;
8655 	u32 svc_id[] = { ATH11K_HTC_SVC_ID_WMI_CONTROL,
8656 			 ATH11K_HTC_SVC_ID_WMI_CONTROL_MAC1,
8657 			 ATH11K_HTC_SVC_ID_WMI_CONTROL_MAC2 };
8658 
8659 	struct ath11k_htc_svc_conn_req conn_req;
8660 	struct ath11k_htc_svc_conn_resp conn_resp;
8661 
8662 	memset(&conn_req, 0, sizeof(conn_req));
8663 	memset(&conn_resp, 0, sizeof(conn_resp));
8664 
8665 	/* these fields are the same for all service endpoints */
8666 	conn_req.ep_ops.ep_tx_complete = ath11k_wmi_htc_tx_complete;
8667 	conn_req.ep_ops.ep_rx_complete = ath11k_wmi_tlv_op_rx;
8668 	conn_req.ep_ops.ep_tx_credits = ath11k_wmi_op_ep_tx_credits;
8669 
8670 	/* connect to control service */
8671 	conn_req.service_id = svc_id[pdev_idx];
8672 
8673 	status = ath11k_htc_connect_service(&ab->htc, &conn_req, &conn_resp);
8674 	if (status) {
8675 		ath11k_warn(ab, "failed to connect to WMI CONTROL service status: %d\n",
8676 			    status);
8677 		return status;
8678 	}
8679 
8680 	ab->wmi_ab.wmi_endpoint_id[pdev_idx] = conn_resp.eid;
8681 	ab->wmi_ab.wmi[pdev_idx].eid = conn_resp.eid;
8682 	ab->wmi_ab.max_msg_len[pdev_idx] = conn_resp.max_msg_len;
8683 	init_waitqueue_head(&ab->wmi_ab.wmi[pdev_idx].tx_ce_desc_wq);
8684 
8685 	return 0;
8686 }
8687 
8688 static int
8689 ath11k_wmi_send_unit_test_cmd(struct ath11k *ar,
8690 			      struct wmi_unit_test_cmd ut_cmd,
8691 			      u32 *test_args)
8692 {
8693 	struct ath11k_pdev_wmi *wmi = ar->wmi;
8694 	struct wmi_unit_test_cmd *cmd;
8695 	struct sk_buff *skb;
8696 	struct wmi_tlv *tlv;
8697 	void *ptr;
8698 	u32 *ut_cmd_args;
8699 	int buf_len, arg_len;
8700 	int ret;
8701 	int i;
8702 
8703 	arg_len = sizeof(u32) * ut_cmd.num_args;
8704 	buf_len = sizeof(ut_cmd) + arg_len + TLV_HDR_SIZE;
8705 
8706 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, buf_len);
8707 	if (!skb)
8708 		return -ENOMEM;
8709 
8710 	cmd = (struct wmi_unit_test_cmd *)skb->data;
8711 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_UNIT_TEST_CMD) |
8712 			  FIELD_PREP(WMI_TLV_LEN, sizeof(ut_cmd) - TLV_HDR_SIZE);
8713 
8714 	cmd->vdev_id = ut_cmd.vdev_id;
8715 	cmd->module_id = ut_cmd.module_id;
8716 	cmd->num_args = ut_cmd.num_args;
8717 	cmd->diag_token = ut_cmd.diag_token;
8718 
8719 	ptr = skb->data + sizeof(ut_cmd);
8720 
8721 	tlv = ptr;
8722 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_UINT32) |
8723 		      FIELD_PREP(WMI_TLV_LEN, arg_len);
8724 
8725 	ptr += TLV_HDR_SIZE;
8726 
8727 	ut_cmd_args = ptr;
8728 	for (i = 0; i < ut_cmd.num_args; i++)
8729 		ut_cmd_args[i] = test_args[i];
8730 
8731 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_UNIT_TEST_CMDID);
8732 
8733 	if (ret) {
8734 		ath11k_warn(ar->ab, "failed to send WMI_UNIT_TEST CMD :%d\n",
8735 			    ret);
8736 		dev_kfree_skb(skb);
8737 	}
8738 
8739 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
8740 		   "WMI unit test : module %d vdev %d n_args %d token %d\n",
8741 		   cmd->module_id, cmd->vdev_id, cmd->num_args,
8742 		   cmd->diag_token);
8743 
8744 	return ret;
8745 }
8746 
8747 int ath11k_wmi_simulate_radar(struct ath11k *ar)
8748 {
8749 	struct ath11k_vif *arvif;
8750 	u32 dfs_args[DFS_MAX_TEST_ARGS];
8751 	struct wmi_unit_test_cmd wmi_ut;
8752 	bool arvif_found = false;
8753 
8754 	list_for_each_entry(arvif, &ar->arvifs, list) {
8755 		if (arvif->is_started && arvif->vdev_type == WMI_VDEV_TYPE_AP) {
8756 			arvif_found = true;
8757 			break;
8758 		}
8759 	}
8760 
8761 	if (!arvif_found)
8762 		return -EINVAL;
8763 
8764 	dfs_args[DFS_TEST_CMDID] = 0;
8765 	dfs_args[DFS_TEST_PDEV_ID] = ar->pdev->pdev_id;
8766 	/* Currently we could pass segment_id(b0 - b1), chirp(b2)
8767 	 * freq offset (b3 - b10) to unit test. For simulation
8768 	 * purpose this can be set to 0 which is valid.
8769 	 */
8770 	dfs_args[DFS_TEST_RADAR_PARAM] = 0;
8771 
8772 	wmi_ut.vdev_id = arvif->vdev_id;
8773 	wmi_ut.module_id = DFS_UNIT_TEST_MODULE;
8774 	wmi_ut.num_args = DFS_MAX_TEST_ARGS;
8775 	wmi_ut.diag_token = DFS_UNIT_TEST_TOKEN;
8776 
8777 	ath11k_dbg(ar->ab, ATH11K_DBG_REG, "Triggering Radar Simulation\n");
8778 
8779 	return ath11k_wmi_send_unit_test_cmd(ar, wmi_ut, dfs_args);
8780 }
8781 
8782 int ath11k_wmi_fw_dbglog_cfg(struct ath11k *ar, u32 *module_id_bitmap,
8783 			     struct ath11k_fw_dbglog *dbglog)
8784 {
8785 	struct ath11k_pdev_wmi *wmi = ar->wmi;
8786 	struct wmi_debug_log_config_cmd_fixed_param *cmd;
8787 	struct sk_buff *skb;
8788 	struct wmi_tlv *tlv;
8789 	int ret, len;
8790 
8791 	len = sizeof(*cmd) + TLV_HDR_SIZE + (MAX_MODULE_ID_BITMAP_WORDS * sizeof(u32));
8792 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
8793 	if (!skb)
8794 		return -ENOMEM;
8795 
8796 	cmd = (struct wmi_debug_log_config_cmd_fixed_param *)skb->data;
8797 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_DEBUG_LOG_CONFIG_CMD) |
8798 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8799 	cmd->dbg_log_param = dbglog->param;
8800 
8801 	tlv = (struct wmi_tlv *)((u8 *)cmd + sizeof(*cmd));
8802 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_UINT32) |
8803 		      FIELD_PREP(WMI_TLV_LEN, MAX_MODULE_ID_BITMAP_WORDS * sizeof(u32));
8804 
8805 	switch (dbglog->param) {
8806 	case WMI_DEBUG_LOG_PARAM_LOG_LEVEL:
8807 	case WMI_DEBUG_LOG_PARAM_VDEV_ENABLE:
8808 	case WMI_DEBUG_LOG_PARAM_VDEV_DISABLE:
8809 	case WMI_DEBUG_LOG_PARAM_VDEV_ENABLE_BITMAP:
8810 		cmd->value = dbglog->value;
8811 		break;
8812 	case WMI_DEBUG_LOG_PARAM_MOD_ENABLE_BITMAP:
8813 	case WMI_DEBUG_LOG_PARAM_WOW_MOD_ENABLE_BITMAP:
8814 		cmd->value = dbglog->value;
8815 		memcpy(tlv->value, module_id_bitmap,
8816 		       MAX_MODULE_ID_BITMAP_WORDS * sizeof(u32));
8817 		/* clear current config to be used for next user config */
8818 		memset(module_id_bitmap, 0,
8819 		       MAX_MODULE_ID_BITMAP_WORDS * sizeof(u32));
8820 		break;
8821 	default:
8822 		dev_kfree_skb(skb);
8823 		return -EINVAL;
8824 	}
8825 
8826 	ret = ath11k_wmi_cmd_send(wmi, skb, WMI_DBGLOG_CFG_CMDID);
8827 	if (ret) {
8828 		ath11k_warn(ar->ab,
8829 			    "failed to send WMI_DBGLOG_CFG_CMDID\n");
8830 		dev_kfree_skb(skb);
8831 	}
8832 	return ret;
8833 }
8834 
8835 int ath11k_wmi_connect(struct ath11k_base *ab)
8836 {
8837 	u32 i;
8838 	u8 wmi_ep_count;
8839 
8840 	wmi_ep_count = ab->htc.wmi_ep_count;
8841 	if (wmi_ep_count > ab->hw_params.max_radios)
8842 		return -1;
8843 
8844 	for (i = 0; i < wmi_ep_count; i++)
8845 		ath11k_connect_pdev_htc_service(ab, i);
8846 
8847 	return 0;
8848 }
8849 
8850 static void ath11k_wmi_pdev_detach(struct ath11k_base *ab, u8 pdev_id)
8851 {
8852 	if (WARN_ON(pdev_id >= MAX_RADIOS))
8853 		return;
8854 
8855 	/* TODO: Deinit any pdev specific wmi resource */
8856 }
8857 
8858 int ath11k_wmi_pdev_attach(struct ath11k_base *ab,
8859 			   u8 pdev_id)
8860 {
8861 	struct ath11k_pdev_wmi *wmi_handle;
8862 
8863 	if (pdev_id >= ab->hw_params.max_radios)
8864 		return -EINVAL;
8865 
8866 	wmi_handle = &ab->wmi_ab.wmi[pdev_id];
8867 
8868 	wmi_handle->wmi_ab = &ab->wmi_ab;
8869 
8870 	ab->wmi_ab.ab = ab;
8871 	/* TODO: Init remaining resource specific to pdev */
8872 
8873 	return 0;
8874 }
8875 
8876 int ath11k_wmi_attach(struct ath11k_base *ab)
8877 {
8878 	int ret;
8879 
8880 	ret = ath11k_wmi_pdev_attach(ab, 0);
8881 	if (ret)
8882 		return ret;
8883 
8884 	ab->wmi_ab.ab = ab;
8885 	ab->wmi_ab.preferred_hw_mode = WMI_HOST_HW_MODE_MAX;
8886 
8887 	/* It's overwritten when service_ext_ready is handled */
8888 	if (ab->hw_params.single_pdev_only && ab->hw_params.num_rxmda_per_pdev > 1)
8889 		ab->wmi_ab.preferred_hw_mode = WMI_HOST_HW_MODE_SINGLE;
8890 
8891 	/* TODO: Init remaining wmi soc resources required */
8892 	init_completion(&ab->wmi_ab.service_ready);
8893 	init_completion(&ab->wmi_ab.unified_ready);
8894 
8895 	return 0;
8896 }
8897 
8898 void ath11k_wmi_detach(struct ath11k_base *ab)
8899 {
8900 	int i;
8901 
8902 	/* TODO: Deinit wmi resource specific to SOC as required */
8903 
8904 	for (i = 0; i < ab->htc.wmi_ep_count; i++)
8905 		ath11k_wmi_pdev_detach(ab, i);
8906 
8907 	ath11k_wmi_free_dbring_caps(ab);
8908 }
8909 
8910 int ath11k_wmi_hw_data_filter_cmd(struct ath11k *ar, u32 vdev_id,
8911 				  u32 filter_bitmap, bool enable)
8912 {
8913 	struct wmi_hw_data_filter_cmd *cmd;
8914 	struct sk_buff *skb;
8915 	int len;
8916 
8917 	len = sizeof(*cmd);
8918 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8919 
8920 	if (!skb)
8921 		return -ENOMEM;
8922 
8923 	cmd = (struct wmi_hw_data_filter_cmd *)skb->data;
8924 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_HW_DATA_FILTER_CMD) |
8925 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8926 
8927 	cmd->vdev_id = vdev_id;
8928 	cmd->enable = enable;
8929 
8930 	/* Set all modes in case of disable */
8931 	if (cmd->enable)
8932 		cmd->hw_filter_bitmap = filter_bitmap;
8933 	else
8934 		cmd->hw_filter_bitmap = ((u32)~0U);
8935 
8936 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
8937 		   "wmi hw data filter enable %d filter_bitmap 0x%x\n",
8938 		   enable, filter_bitmap);
8939 
8940 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_HW_DATA_FILTER_CMDID);
8941 }
8942 
8943 int ath11k_wmi_wow_host_wakeup_ind(struct ath11k *ar)
8944 {
8945 	struct wmi_wow_host_wakeup_ind *cmd;
8946 	struct sk_buff *skb;
8947 	size_t len;
8948 
8949 	len = sizeof(*cmd);
8950 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8951 	if (!skb)
8952 		return -ENOMEM;
8953 
8954 	cmd = (struct wmi_wow_host_wakeup_ind *)skb->data;
8955 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
8956 				     WMI_TAG_WOW_HOSTWAKEUP_FROM_SLEEP_CMD) |
8957 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8958 
8959 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi tlv wow host wakeup ind\n");
8960 
8961 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_HOSTWAKEUP_FROM_SLEEP_CMDID);
8962 }
8963 
8964 int ath11k_wmi_wow_enable(struct ath11k *ar)
8965 {
8966 	struct wmi_wow_enable_cmd *cmd;
8967 	struct sk_buff *skb;
8968 	int len;
8969 
8970 	len = sizeof(*cmd);
8971 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8972 	if (!skb)
8973 		return -ENOMEM;
8974 
8975 	cmd = (struct wmi_wow_enable_cmd *)skb->data;
8976 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_WOW_ENABLE_CMD) |
8977 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
8978 
8979 	cmd->enable = 1;
8980 	cmd->pause_iface_config = WOW_IFACE_PAUSE_ENABLED;
8981 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi tlv wow enable\n");
8982 
8983 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_ENABLE_CMDID);
8984 }
8985 
8986 int ath11k_wmi_scan_prob_req_oui(struct ath11k *ar,
8987 				 const u8 mac_addr[ETH_ALEN])
8988 {
8989 	struct sk_buff *skb;
8990 	struct wmi_scan_prob_req_oui_cmd *cmd;
8991 	u32 prob_req_oui;
8992 	int len;
8993 
8994 	prob_req_oui = (((u32)mac_addr[0]) << 16) |
8995 		       (((u32)mac_addr[1]) << 8) | mac_addr[2];
8996 
8997 	len = sizeof(*cmd);
8998 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
8999 	if (!skb)
9000 		return -ENOMEM;
9001 
9002 	cmd = (struct wmi_scan_prob_req_oui_cmd *)skb->data;
9003 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
9004 				     WMI_TAG_SCAN_PROB_REQ_OUI_CMD) |
9005 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9006 	cmd->prob_req_oui = prob_req_oui;
9007 
9008 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi scan prob req oui %d\n",
9009 		   prob_req_oui);
9010 
9011 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_SCAN_PROB_REQ_OUI_CMDID);
9012 }
9013 
9014 int ath11k_wmi_wow_add_wakeup_event(struct ath11k *ar, u32 vdev_id,
9015 				    enum wmi_wow_wakeup_event event,
9016 				u32 enable)
9017 {
9018 	struct wmi_wow_add_del_event_cmd *cmd;
9019 	struct sk_buff *skb;
9020 	size_t len;
9021 
9022 	len = sizeof(*cmd);
9023 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9024 	if (!skb)
9025 		return -ENOMEM;
9026 
9027 	cmd = (struct wmi_wow_add_del_event_cmd *)skb->data;
9028 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_WOW_ADD_DEL_EVT_CMD) |
9029 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9030 
9031 	cmd->vdev_id = vdev_id;
9032 	cmd->is_add = enable;
9033 	cmd->event_bitmap = (1 << event);
9034 
9035 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi tlv wow add wakeup event %s enable %d vdev_id %d\n",
9036 		   wow_wakeup_event(event), enable, vdev_id);
9037 
9038 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_ENABLE_DISABLE_WAKE_EVENT_CMDID);
9039 }
9040 
9041 int ath11k_wmi_wow_add_pattern(struct ath11k *ar, u32 vdev_id, u32 pattern_id,
9042 			       const u8 *pattern, const u8 *mask,
9043 			   int pattern_len, int pattern_offset)
9044 {
9045 	struct wmi_wow_add_pattern_cmd *cmd;
9046 	struct wmi_wow_bitmap_pattern *bitmap;
9047 	struct wmi_tlv *tlv;
9048 	struct sk_buff *skb;
9049 	u8 *ptr;
9050 	size_t len;
9051 
9052 	len = sizeof(*cmd) +
9053 	      sizeof(*tlv) +			/* array struct */
9054 	      sizeof(*bitmap) +			/* bitmap */
9055 	      sizeof(*tlv) +			/* empty ipv4 sync */
9056 	      sizeof(*tlv) +			/* empty ipv6 sync */
9057 	      sizeof(*tlv) +			/* empty magic */
9058 	      sizeof(*tlv) +			/* empty info timeout */
9059 	      sizeof(*tlv) + sizeof(u32);	/* ratelimit interval */
9060 
9061 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9062 	if (!skb)
9063 		return -ENOMEM;
9064 
9065 	/* cmd */
9066 	ptr = (u8 *)skb->data;
9067 	cmd = (struct wmi_wow_add_pattern_cmd *)ptr;
9068 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
9069 				     WMI_TAG_WOW_ADD_PATTERN_CMD) |
9070 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9071 
9072 	cmd->vdev_id = vdev_id;
9073 	cmd->pattern_id = pattern_id;
9074 	cmd->pattern_type = WOW_BITMAP_PATTERN;
9075 
9076 	ptr += sizeof(*cmd);
9077 
9078 	/* bitmap */
9079 	tlv = (struct wmi_tlv *)ptr;
9080 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
9081 				 WMI_TAG_ARRAY_STRUCT) |
9082 		      FIELD_PREP(WMI_TLV_LEN, sizeof(*bitmap));
9083 
9084 	ptr += sizeof(*tlv);
9085 
9086 	bitmap = (struct wmi_wow_bitmap_pattern *)ptr;
9087 	bitmap->tlv_header = FIELD_PREP(WMI_TLV_TAG,
9088 					WMI_TAG_WOW_BITMAP_PATTERN_T) |
9089 			     FIELD_PREP(WMI_TLV_LEN, sizeof(*bitmap) - TLV_HDR_SIZE);
9090 
9091 	memcpy(bitmap->patternbuf, pattern, pattern_len);
9092 	ath11k_ce_byte_swap(bitmap->patternbuf, roundup(pattern_len, 4));
9093 	memcpy(bitmap->bitmaskbuf, mask, pattern_len);
9094 	ath11k_ce_byte_swap(bitmap->bitmaskbuf, roundup(pattern_len, 4));
9095 	bitmap->pattern_offset = pattern_offset;
9096 	bitmap->pattern_len = pattern_len;
9097 	bitmap->bitmask_len = pattern_len;
9098 	bitmap->pattern_id = pattern_id;
9099 
9100 	ptr += sizeof(*bitmap);
9101 
9102 	/* ipv4 sync */
9103 	tlv = (struct wmi_tlv *)ptr;
9104 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
9105 				 WMI_TAG_ARRAY_STRUCT) |
9106 		      FIELD_PREP(WMI_TLV_LEN, 0);
9107 
9108 	ptr += sizeof(*tlv);
9109 
9110 	/* ipv6 sync */
9111 	tlv = (struct wmi_tlv *)ptr;
9112 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
9113 				 WMI_TAG_ARRAY_STRUCT) |
9114 		      FIELD_PREP(WMI_TLV_LEN, 0);
9115 
9116 	ptr += sizeof(*tlv);
9117 
9118 	/* magic */
9119 	tlv = (struct wmi_tlv *)ptr;
9120 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
9121 				 WMI_TAG_ARRAY_STRUCT) |
9122 		      FIELD_PREP(WMI_TLV_LEN, 0);
9123 
9124 	ptr += sizeof(*tlv);
9125 
9126 	/* pattern info timeout */
9127 	tlv = (struct wmi_tlv *)ptr;
9128 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
9129 				 WMI_TAG_ARRAY_UINT32) |
9130 		      FIELD_PREP(WMI_TLV_LEN, 0);
9131 
9132 	ptr += sizeof(*tlv);
9133 
9134 	/* ratelimit interval */
9135 	tlv = (struct wmi_tlv *)ptr;
9136 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
9137 				 WMI_TAG_ARRAY_UINT32) |
9138 		      FIELD_PREP(WMI_TLV_LEN, sizeof(u32));
9139 
9140 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi tlv wow add pattern vdev_id %d pattern_id %d pattern_offset %d\n",
9141 		   vdev_id, pattern_id, pattern_offset);
9142 
9143 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_ADD_WAKE_PATTERN_CMDID);
9144 }
9145 
9146 int ath11k_wmi_wow_del_pattern(struct ath11k *ar, u32 vdev_id, u32 pattern_id)
9147 {
9148 	struct wmi_wow_del_pattern_cmd *cmd;
9149 	struct sk_buff *skb;
9150 	size_t len;
9151 
9152 	len = sizeof(*cmd);
9153 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9154 	if (!skb)
9155 		return -ENOMEM;
9156 
9157 	cmd = (struct wmi_wow_del_pattern_cmd *)skb->data;
9158 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
9159 				     WMI_TAG_WOW_DEL_PATTERN_CMD) |
9160 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9161 
9162 	cmd->vdev_id = vdev_id;
9163 	cmd->pattern_id = pattern_id;
9164 	cmd->pattern_type = WOW_BITMAP_PATTERN;
9165 
9166 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi tlv wow del pattern vdev_id %d pattern_id %d\n",
9167 		   vdev_id, pattern_id);
9168 
9169 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_WOW_DEL_WAKE_PATTERN_CMDID);
9170 }
9171 
9172 static struct sk_buff *
9173 ath11k_wmi_op_gen_config_pno_start(struct ath11k *ar,
9174 				   u32 vdev_id,
9175 				       struct wmi_pno_scan_req *pno)
9176 {
9177 	struct nlo_configured_parameters *nlo_list;
9178 	struct wmi_wow_nlo_config_cmd *cmd;
9179 	struct wmi_tlv *tlv;
9180 	struct sk_buff *skb;
9181 	u32 *channel_list;
9182 	size_t len, nlo_list_len, channel_list_len;
9183 	u8 *ptr;
9184 	u32 i;
9185 
9186 	len = sizeof(*cmd) +
9187 	      sizeof(*tlv) +
9188 	      /* TLV place holder for array of structures
9189 	       * nlo_configured_parameters(nlo_list)
9190 	       */
9191 	      sizeof(*tlv);
9192 	      /* TLV place holder for array of uint32 channel_list */
9193 
9194 	channel_list_len = sizeof(u32) * pno->a_networks[0].channel_count;
9195 	len += channel_list_len;
9196 
9197 	nlo_list_len = sizeof(*nlo_list) * pno->uc_networks_count;
9198 	len += nlo_list_len;
9199 
9200 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9201 	if (!skb)
9202 		return ERR_PTR(-ENOMEM);
9203 
9204 	ptr = (u8 *)skb->data;
9205 	cmd = (struct wmi_wow_nlo_config_cmd *)ptr;
9206 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_NLO_CONFIG_CMD) |
9207 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9208 
9209 	cmd->vdev_id = pno->vdev_id;
9210 	cmd->flags = WMI_NLO_CONFIG_START | WMI_NLO_CONFIG_SSID_HIDE_EN;
9211 
9212 	/* current FW does not support min-max range for dwell time */
9213 	cmd->active_dwell_time = pno->active_max_time;
9214 	cmd->passive_dwell_time = pno->passive_max_time;
9215 
9216 	if (pno->do_passive_scan)
9217 		cmd->flags |= WMI_NLO_CONFIG_SCAN_PASSIVE;
9218 
9219 	cmd->fast_scan_period = pno->fast_scan_period;
9220 	cmd->slow_scan_period = pno->slow_scan_period;
9221 	cmd->fast_scan_max_cycles = pno->fast_scan_max_cycles;
9222 	cmd->delay_start_time = pno->delay_start_time;
9223 
9224 	if (pno->enable_pno_scan_randomization) {
9225 		cmd->flags |= WMI_NLO_CONFIG_SPOOFED_MAC_IN_PROBE_REQ |
9226 				WMI_NLO_CONFIG_RANDOM_SEQ_NO_IN_PROBE_REQ;
9227 		ether_addr_copy(cmd->mac_addr.addr, pno->mac_addr);
9228 		ether_addr_copy(cmd->mac_mask.addr, pno->mac_addr_mask);
9229 		ath11k_ce_byte_swap(cmd->mac_addr.addr, 8);
9230 		ath11k_ce_byte_swap(cmd->mac_mask.addr, 8);
9231 	}
9232 
9233 	ptr += sizeof(*cmd);
9234 
9235 	/* nlo_configured_parameters(nlo_list) */
9236 	cmd->no_of_ssids = pno->uc_networks_count;
9237 	tlv = (struct wmi_tlv *)ptr;
9238 	tlv->header = FIELD_PREP(WMI_TLV_TAG,
9239 				 WMI_TAG_ARRAY_STRUCT) |
9240 		      FIELD_PREP(WMI_TLV_LEN, nlo_list_len);
9241 
9242 	ptr += sizeof(*tlv);
9243 	nlo_list = (struct nlo_configured_parameters *)ptr;
9244 	for (i = 0; i < cmd->no_of_ssids; i++) {
9245 		tlv = (struct wmi_tlv *)(&nlo_list[i].tlv_header);
9246 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
9247 			      FIELD_PREP(WMI_TLV_LEN, sizeof(*nlo_list) - sizeof(*tlv));
9248 
9249 		nlo_list[i].ssid.valid = true;
9250 		nlo_list[i].ssid.ssid.ssid_len = pno->a_networks[i].ssid.ssid_len;
9251 		memcpy(nlo_list[i].ssid.ssid.ssid,
9252 		       pno->a_networks[i].ssid.ssid,
9253 		       nlo_list[i].ssid.ssid.ssid_len);
9254 		ath11k_ce_byte_swap(nlo_list[i].ssid.ssid.ssid,
9255 				    roundup(nlo_list[i].ssid.ssid.ssid_len, 4));
9256 
9257 		if (pno->a_networks[i].rssi_threshold &&
9258 		    pno->a_networks[i].rssi_threshold > -300) {
9259 			nlo_list[i].rssi_cond.valid = true;
9260 			nlo_list[i].rssi_cond.rssi =
9261 				pno->a_networks[i].rssi_threshold;
9262 		}
9263 
9264 		nlo_list[i].bcast_nw_type.valid = true;
9265 		nlo_list[i].bcast_nw_type.bcast_nw_type =
9266 			pno->a_networks[i].bcast_nw_type;
9267 	}
9268 
9269 	ptr += nlo_list_len;
9270 	cmd->num_of_channels = pno->a_networks[0].channel_count;
9271 	tlv = (struct wmi_tlv *)ptr;
9272 	tlv->header =  FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_UINT32) |
9273 		       FIELD_PREP(WMI_TLV_LEN, channel_list_len);
9274 	ptr += sizeof(*tlv);
9275 	channel_list = (u32 *)ptr;
9276 	for (i = 0; i < cmd->num_of_channels; i++)
9277 		channel_list[i] = pno->a_networks[0].channels[i];
9278 
9279 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi tlv start pno config vdev_id %d\n",
9280 		   vdev_id);
9281 
9282 	return skb;
9283 }
9284 
9285 static struct sk_buff *ath11k_wmi_op_gen_config_pno_stop(struct ath11k *ar,
9286 							 u32 vdev_id)
9287 {
9288 	struct wmi_wow_nlo_config_cmd *cmd;
9289 	struct sk_buff *skb;
9290 	size_t len;
9291 
9292 	len = sizeof(*cmd);
9293 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9294 	if (!skb)
9295 		return ERR_PTR(-ENOMEM);
9296 
9297 	cmd = (struct wmi_wow_nlo_config_cmd *)skb->data;
9298 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_NLO_CONFIG_CMD) |
9299 			  FIELD_PREP(WMI_TLV_LEN, len - TLV_HDR_SIZE);
9300 
9301 	cmd->vdev_id = vdev_id;
9302 	cmd->flags = WMI_NLO_CONFIG_STOP;
9303 
9304 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
9305 		   "wmi tlv stop pno config vdev_id %d\n", vdev_id);
9306 	return skb;
9307 }
9308 
9309 int ath11k_wmi_wow_config_pno(struct ath11k *ar, u32 vdev_id,
9310 			      struct wmi_pno_scan_req  *pno_scan)
9311 {
9312 	struct sk_buff *skb;
9313 
9314 	if (pno_scan->enable)
9315 		skb = ath11k_wmi_op_gen_config_pno_start(ar, vdev_id, pno_scan);
9316 	else
9317 		skb = ath11k_wmi_op_gen_config_pno_stop(ar, vdev_id);
9318 
9319 	if (IS_ERR_OR_NULL(skb))
9320 		return -ENOMEM;
9321 
9322 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_NETWORK_LIST_OFFLOAD_CONFIG_CMDID);
9323 }
9324 
9325 static void ath11k_wmi_fill_ns_offload(struct ath11k *ar,
9326 				       struct ath11k_arp_ns_offload *offload,
9327 				       u8 **ptr,
9328 				       bool enable,
9329 				       bool ext)
9330 {
9331 	struct wmi_ns_offload_tuple *ns;
9332 	struct wmi_tlv *tlv;
9333 	u8 *buf_ptr = *ptr;
9334 	u32 ns_cnt, ns_ext_tuples;
9335 	int i, max_offloads;
9336 
9337 	ns_cnt = offload->ipv6_count;
9338 
9339 	tlv  = (struct wmi_tlv *)buf_ptr;
9340 
9341 	if (ext) {
9342 		ns_ext_tuples = offload->ipv6_count - WMI_MAX_NS_OFFLOADS;
9343 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
9344 			      FIELD_PREP(WMI_TLV_LEN, ns_ext_tuples * sizeof(*ns));
9345 		i = WMI_MAX_NS_OFFLOADS;
9346 		max_offloads = offload->ipv6_count;
9347 	} else {
9348 		tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
9349 			      FIELD_PREP(WMI_TLV_LEN, WMI_MAX_NS_OFFLOADS * sizeof(*ns));
9350 		i = 0;
9351 		max_offloads = WMI_MAX_NS_OFFLOADS;
9352 	}
9353 
9354 	buf_ptr += sizeof(*tlv);
9355 
9356 	for (; i < max_offloads; i++) {
9357 		ns = (struct wmi_ns_offload_tuple *)buf_ptr;
9358 		ns->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_NS_OFFLOAD_TUPLE) |
9359 				 FIELD_PREP(WMI_TLV_LEN, sizeof(*ns) - TLV_HDR_SIZE);
9360 
9361 		if (enable) {
9362 			if (i < ns_cnt)
9363 				ns->flags |= WMI_NSOL_FLAGS_VALID;
9364 
9365 			memcpy(ns->target_ipaddr[0], offload->ipv6_addr[i], 16);
9366 			memcpy(ns->solicitation_ipaddr, offload->self_ipv6_addr[i], 16);
9367 			ath11k_ce_byte_swap(ns->target_ipaddr[0], 16);
9368 			ath11k_ce_byte_swap(ns->solicitation_ipaddr, 16);
9369 
9370 			if (offload->ipv6_type[i])
9371 				ns->flags |= WMI_NSOL_FLAGS_IS_IPV6_ANYCAST;
9372 
9373 			memcpy(ns->target_mac.addr, offload->mac_addr, ETH_ALEN);
9374 			ath11k_ce_byte_swap(ns->target_mac.addr, 8);
9375 
9376 			if (ns->target_mac.word0 != 0 ||
9377 			    ns->target_mac.word1 != 0) {
9378 				ns->flags |= WMI_NSOL_FLAGS_MAC_VALID;
9379 			}
9380 
9381 			ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
9382 				   "wmi index %d ns_solicited %pI6 target %pI6",
9383 				   i, ns->solicitation_ipaddr,
9384 				   ns->target_ipaddr[0]);
9385 		}
9386 
9387 		buf_ptr += sizeof(*ns);
9388 	}
9389 
9390 	*ptr = buf_ptr;
9391 }
9392 
9393 static void ath11k_wmi_fill_arp_offload(struct ath11k *ar,
9394 					struct ath11k_arp_ns_offload *offload,
9395 					u8 **ptr,
9396 					bool enable)
9397 {
9398 	struct wmi_arp_offload_tuple *arp;
9399 	struct wmi_tlv *tlv;
9400 	u8 *buf_ptr = *ptr;
9401 	int i;
9402 
9403 	/* fill arp tuple */
9404 	tlv = (struct wmi_tlv *)buf_ptr;
9405 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_STRUCT) |
9406 		      FIELD_PREP(WMI_TLV_LEN, WMI_MAX_ARP_OFFLOADS * sizeof(*arp));
9407 	buf_ptr += sizeof(*tlv);
9408 
9409 	for (i = 0; i < WMI_MAX_ARP_OFFLOADS; i++) {
9410 		arp = (struct wmi_arp_offload_tuple *)buf_ptr;
9411 		arp->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARP_OFFLOAD_TUPLE) |
9412 				  FIELD_PREP(WMI_TLV_LEN, sizeof(*arp) - TLV_HDR_SIZE);
9413 
9414 		if (enable && i < offload->ipv4_count) {
9415 			/* Copy the target ip addr and flags */
9416 			arp->flags = WMI_ARPOL_FLAGS_VALID;
9417 			memcpy(arp->target_ipaddr, offload->ipv4_addr[i], 4);
9418 			ath11k_ce_byte_swap(arp->target_ipaddr, 4);
9419 
9420 			ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "wmi arp offload address %pI4",
9421 				   arp->target_ipaddr);
9422 		}
9423 
9424 		buf_ptr += sizeof(*arp);
9425 	}
9426 
9427 	*ptr = buf_ptr;
9428 }
9429 
9430 int ath11k_wmi_arp_ns_offload(struct ath11k *ar,
9431 			      struct ath11k_vif *arvif, bool enable)
9432 {
9433 	struct ath11k_arp_ns_offload *offload;
9434 	struct wmi_set_arp_ns_offload_cmd *cmd;
9435 	struct wmi_tlv *tlv;
9436 	struct sk_buff *skb;
9437 	u8 *buf_ptr;
9438 	size_t len;
9439 	u8 ns_cnt, ns_ext_tuples = 0;
9440 
9441 	offload = &arvif->arp_ns_offload;
9442 	ns_cnt = offload->ipv6_count;
9443 
9444 	len = sizeof(*cmd) +
9445 	      sizeof(*tlv) +
9446 	      WMI_MAX_NS_OFFLOADS * sizeof(struct wmi_ns_offload_tuple) +
9447 	      sizeof(*tlv) +
9448 	      WMI_MAX_ARP_OFFLOADS * sizeof(struct wmi_arp_offload_tuple);
9449 
9450 	if (ns_cnt > WMI_MAX_NS_OFFLOADS) {
9451 		ns_ext_tuples = ns_cnt - WMI_MAX_NS_OFFLOADS;
9452 		len += sizeof(*tlv) +
9453 		       ns_ext_tuples * sizeof(struct wmi_ns_offload_tuple);
9454 	}
9455 
9456 	skb = ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9457 	if (!skb)
9458 		return -ENOMEM;
9459 
9460 	buf_ptr = skb->data;
9461 	cmd = (struct wmi_set_arp_ns_offload_cmd *)buf_ptr;
9462 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
9463 				     WMI_TAG_SET_ARP_NS_OFFLOAD_CMD) |
9464 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9465 
9466 	cmd->flags = 0;
9467 	cmd->vdev_id = arvif->vdev_id;
9468 	cmd->num_ns_ext_tuples = ns_ext_tuples;
9469 
9470 	buf_ptr += sizeof(*cmd);
9471 
9472 	ath11k_wmi_fill_ns_offload(ar, offload, &buf_ptr, enable, 0);
9473 	ath11k_wmi_fill_arp_offload(ar, offload, &buf_ptr, enable);
9474 
9475 	if (ns_ext_tuples)
9476 		ath11k_wmi_fill_ns_offload(ar, offload, &buf_ptr, enable, 1);
9477 
9478 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_SET_ARP_NS_OFFLOAD_CMDID);
9479 }
9480 
9481 int ath11k_wmi_gtk_rekey_offload(struct ath11k *ar,
9482 				 struct ath11k_vif *arvif, bool enable)
9483 {
9484 	struct wmi_gtk_rekey_offload_cmd *cmd;
9485 	struct ath11k_rekey_data *rekey_data = &arvif->rekey_data;
9486 	int len;
9487 	struct sk_buff *skb;
9488 	__le64 replay_ctr;
9489 
9490 	len = sizeof(*cmd);
9491 	skb =  ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9492 	if (!skb)
9493 		return -ENOMEM;
9494 
9495 	cmd = (struct wmi_gtk_rekey_offload_cmd *)skb->data;
9496 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_GTK_OFFLOAD_CMD) |
9497 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9498 
9499 	cmd->vdev_id = arvif->vdev_id;
9500 
9501 	if (enable) {
9502 		cmd->flags = GTK_OFFLOAD_ENABLE_OPCODE;
9503 
9504 		/* the length in rekey_data and cmd is equal */
9505 		memcpy(cmd->kck, rekey_data->kck, sizeof(cmd->kck));
9506 		ath11k_ce_byte_swap(cmd->kck, GTK_OFFLOAD_KEK_BYTES);
9507 		memcpy(cmd->kek, rekey_data->kek, sizeof(cmd->kek));
9508 		ath11k_ce_byte_swap(cmd->kek, GTK_OFFLOAD_KEK_BYTES);
9509 
9510 		replay_ctr = cpu_to_le64(rekey_data->replay_ctr);
9511 		memcpy(cmd->replay_ctr, &replay_ctr,
9512 		       sizeof(replay_ctr));
9513 		ath11k_ce_byte_swap(cmd->replay_ctr, GTK_REPLAY_COUNTER_BYTES);
9514 	} else {
9515 		cmd->flags = GTK_OFFLOAD_DISABLE_OPCODE;
9516 	}
9517 
9518 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "offload gtk rekey vdev: %d %d\n",
9519 		   arvif->vdev_id, enable);
9520 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_GTK_OFFLOAD_CMDID);
9521 }
9522 
9523 int ath11k_wmi_gtk_rekey_getinfo(struct ath11k *ar,
9524 				 struct ath11k_vif *arvif)
9525 {
9526 	struct wmi_gtk_rekey_offload_cmd *cmd;
9527 	int len;
9528 	struct sk_buff *skb;
9529 
9530 	len = sizeof(*cmd);
9531 	skb =  ath11k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
9532 	if (!skb)
9533 		return -ENOMEM;
9534 
9535 	cmd = (struct wmi_gtk_rekey_offload_cmd *)skb->data;
9536 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_GTK_OFFLOAD_CMD) |
9537 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9538 
9539 	cmd->vdev_id = arvif->vdev_id;
9540 	cmd->flags = GTK_OFFLOAD_REQUEST_STATUS_OPCODE;
9541 
9542 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI, "get gtk rekey vdev_id: %d\n",
9543 		   arvif->vdev_id);
9544 	return ath11k_wmi_cmd_send(ar->wmi, skb, WMI_GTK_OFFLOAD_CMDID);
9545 }
9546 
9547 int ath11k_wmi_pdev_set_bios_sar_table_param(struct ath11k *ar, const u8 *sar_val)
9548 {	struct ath11k_pdev_wmi *wmi = ar->wmi;
9549 	struct wmi_pdev_set_sar_table_cmd *cmd;
9550 	struct wmi_tlv *tlv;
9551 	struct sk_buff *skb;
9552 	u8 *buf_ptr;
9553 	u32 len, sar_len_aligned, rsvd_len_aligned;
9554 
9555 	sar_len_aligned = roundup(BIOS_SAR_TABLE_LEN, sizeof(u32));
9556 	rsvd_len_aligned = roundup(BIOS_SAR_RSVD1_LEN, sizeof(u32));
9557 	len = sizeof(*cmd) +
9558 	      TLV_HDR_SIZE + sar_len_aligned +
9559 	      TLV_HDR_SIZE + rsvd_len_aligned;
9560 
9561 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
9562 	if (!skb)
9563 		return -ENOMEM;
9564 
9565 	cmd = (struct wmi_pdev_set_sar_table_cmd *)skb->data;
9566 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SET_BIOS_SAR_TABLE_CMD) |
9567 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9568 	cmd->pdev_id = ar->pdev->pdev_id;
9569 	cmd->sar_len = BIOS_SAR_TABLE_LEN;
9570 	cmd->rsvd_len = BIOS_SAR_RSVD1_LEN;
9571 
9572 	buf_ptr = skb->data + sizeof(*cmd);
9573 	tlv = (struct wmi_tlv *)buf_ptr;
9574 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
9575 		      FIELD_PREP(WMI_TLV_LEN, sar_len_aligned);
9576 	buf_ptr += TLV_HDR_SIZE;
9577 	memcpy(buf_ptr, sar_val, BIOS_SAR_TABLE_LEN);
9578 
9579 	buf_ptr += sar_len_aligned;
9580 	tlv = (struct wmi_tlv *)buf_ptr;
9581 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
9582 		      FIELD_PREP(WMI_TLV_LEN, rsvd_len_aligned);
9583 
9584 	return ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_BIOS_SAR_TABLE_CMDID);
9585 }
9586 
9587 int ath11k_wmi_pdev_set_bios_geo_table_param(struct ath11k *ar)
9588 {
9589 	struct ath11k_pdev_wmi *wmi = ar->wmi;
9590 	struct wmi_pdev_set_geo_table_cmd *cmd;
9591 	struct wmi_tlv *tlv;
9592 	struct sk_buff *skb;
9593 	u8 *buf_ptr;
9594 	u32 len, rsvd_len_aligned;
9595 
9596 	rsvd_len_aligned = roundup(BIOS_SAR_RSVD2_LEN, sizeof(u32));
9597 	len = sizeof(*cmd) + TLV_HDR_SIZE + rsvd_len_aligned;
9598 
9599 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
9600 	if (!skb)
9601 		return -ENOMEM;
9602 
9603 	cmd = (struct wmi_pdev_set_geo_table_cmd *)skb->data;
9604 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_PDEV_SET_BIOS_GEO_TABLE_CMD) |
9605 			  FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9606 	cmd->pdev_id = ar->pdev->pdev_id;
9607 	cmd->rsvd_len = BIOS_SAR_RSVD2_LEN;
9608 
9609 	buf_ptr = skb->data + sizeof(*cmd);
9610 	tlv = (struct wmi_tlv *)buf_ptr;
9611 	tlv->header = FIELD_PREP(WMI_TLV_TAG, WMI_TAG_ARRAY_BYTE) |
9612 		      FIELD_PREP(WMI_TLV_LEN, rsvd_len_aligned);
9613 
9614 	return ath11k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_BIOS_GEO_TABLE_CMDID);
9615 }
9616 
9617 int ath11k_wmi_sta_keepalive(struct ath11k *ar,
9618 			     const struct wmi_sta_keepalive_arg *arg)
9619 {
9620 	struct ath11k_pdev_wmi *wmi = ar->wmi;
9621 	struct wmi_sta_keepalive_cmd *cmd;
9622 	struct wmi_sta_keepalive_arp_resp *arp;
9623 	struct sk_buff *skb;
9624 	size_t len;
9625 
9626 	len = sizeof(*cmd) + sizeof(*arp);
9627 	skb = ath11k_wmi_alloc_skb(wmi->wmi_ab, len);
9628 	if (!skb)
9629 		return -ENOMEM;
9630 
9631 	cmd = (struct wmi_sta_keepalive_cmd *)skb->data;
9632 	cmd->tlv_header = FIELD_PREP(WMI_TLV_TAG,
9633 				     WMI_TAG_STA_KEEPALIVE_CMD) |
9634 				     FIELD_PREP(WMI_TLV_LEN, sizeof(*cmd) - TLV_HDR_SIZE);
9635 	cmd->vdev_id = arg->vdev_id;
9636 	cmd->enabled = arg->enabled;
9637 	cmd->interval = arg->interval;
9638 	cmd->method = arg->method;
9639 
9640 	arp = (struct wmi_sta_keepalive_arp_resp *)(cmd + 1);
9641 	arp->tlv_header = FIELD_PREP(WMI_TLV_TAG,
9642 				     WMI_TAG_STA_KEEPALIVE_ARP_RESPONSE) |
9643 			 FIELD_PREP(WMI_TLV_LEN, sizeof(*arp) - TLV_HDR_SIZE);
9644 
9645 	if (arg->method == WMI_STA_KEEPALIVE_METHOD_UNSOLICITED_ARP_RESPONSE ||
9646 	    arg->method == WMI_STA_KEEPALIVE_METHOD_GRATUITOUS_ARP_REQUEST) {
9647 		arp->src_ip4_addr = arg->src_ip4_addr;
9648 		arp->dest_ip4_addr = arg->dest_ip4_addr;
9649 		ether_addr_copy(arp->dest_mac_addr.addr, arg->dest_mac_addr);
9650 	}
9651 
9652 	ath11k_dbg(ar->ab, ATH11K_DBG_WMI,
9653 		   "wmi sta keepalive vdev %d enabled %d method %d interval %d\n",
9654 		   arg->vdev_id, arg->enabled, arg->method, arg->interval);
9655 
9656 	return ath11k_wmi_cmd_send(wmi, skb, WMI_STA_KEEPALIVE_CMDID);
9657 }
9658