xref: /openbmc/linux/drivers/net/wireless/ath/ath12k/wmi.c (revision 0e73f1ba602d953ee8ceda5cea3a381bf212b80b)
1 // SPDX-License-Identifier: BSD-3-Clause-Clear
2 /*
3  * Copyright (c) 2018-2021 The Linux Foundation. All rights reserved.
4  * Copyright (c) 2021-2022 Qualcomm Innovation Center, Inc. All rights reserved.
5  */
6 #include <linux/skbuff.h>
7 #include <linux/ctype.h>
8 #include <net/mac80211.h>
9 #include <net/cfg80211.h>
10 #include <linux/completion.h>
11 #include <linux/if_ether.h>
12 #include <linux/types.h>
13 #include <linux/pci.h>
14 #include <linux/uuid.h>
15 #include <linux/time.h>
16 #include <linux/of.h>
17 #include "core.h"
18 #include "debug.h"
19 #include "mac.h"
20 #include "hw.h"
21 #include "peer.h"
22 
23 struct ath12k_wmi_svc_ready_parse {
24 	bool wmi_svc_bitmap_done;
25 };
26 
27 struct ath12k_wmi_dma_ring_caps_parse {
28 	struct ath12k_wmi_dma_ring_caps_params *dma_ring_caps;
29 	u32 n_dma_ring_caps;
30 };
31 
32 struct ath12k_wmi_service_ext_arg {
33 	u32 default_conc_scan_config_bits;
34 	u32 default_fw_config_bits;
35 	struct ath12k_wmi_ppe_threshold_arg ppet;
36 	u32 he_cap_info;
37 	u32 mpdu_density;
38 	u32 max_bssid_rx_filters;
39 	u32 num_hw_modes;
40 	u32 num_phy;
41 };
42 
43 struct ath12k_wmi_svc_rdy_ext_parse {
44 	struct ath12k_wmi_service_ext_arg arg;
45 	const struct ath12k_wmi_soc_mac_phy_hw_mode_caps_params *hw_caps;
46 	const struct ath12k_wmi_hw_mode_cap_params *hw_mode_caps;
47 	u32 n_hw_mode_caps;
48 	u32 tot_phy_id;
49 	struct ath12k_wmi_hw_mode_cap_params pref_hw_mode_caps;
50 	struct ath12k_wmi_mac_phy_caps_params *mac_phy_caps;
51 	u32 n_mac_phy_caps;
52 	const struct ath12k_wmi_soc_hal_reg_caps_params *soc_hal_reg_caps;
53 	const struct ath12k_wmi_hal_reg_caps_ext_params *ext_hal_reg_caps;
54 	u32 n_ext_hal_reg_caps;
55 	struct ath12k_wmi_dma_ring_caps_parse dma_caps_parse;
56 	bool hw_mode_done;
57 	bool mac_phy_done;
58 	bool ext_hal_reg_done;
59 	bool mac_phy_chainmask_combo_done;
60 	bool mac_phy_chainmask_cap_done;
61 	bool oem_dma_ring_cap_done;
62 	bool dma_ring_cap_done;
63 };
64 
65 struct ath12k_wmi_svc_rdy_ext2_arg {
66 	u32 reg_db_version;
67 	u32 hw_min_max_tx_power_2ghz;
68 	u32 hw_min_max_tx_power_5ghz;
69 	u32 chwidth_num_peer_caps;
70 	u32 preamble_puncture_bw;
71 	u32 max_user_per_ppdu_ofdma;
72 	u32 max_user_per_ppdu_mumimo;
73 	u32 target_cap_flags;
74 	u32 eht_cap_mac_info[WMI_MAX_EHTCAP_MAC_SIZE];
75 	u32 max_num_linkview_peers;
76 	u32 max_num_msduq_supported_per_tid;
77 	u32 default_num_msduq_supported_per_tid;
78 };
79 
80 struct ath12k_wmi_svc_rdy_ext2_parse {
81 	struct ath12k_wmi_svc_rdy_ext2_arg arg;
82 	struct ath12k_wmi_dma_ring_caps_parse dma_caps_parse;
83 	bool dma_ring_cap_done;
84 	bool spectral_bin_scaling_done;
85 	bool mac_phy_caps_ext_done;
86 };
87 
88 struct ath12k_wmi_rdy_parse {
89 	u32 num_extra_mac_addr;
90 };
91 
92 struct ath12k_wmi_dma_buf_release_arg {
93 	struct ath12k_wmi_dma_buf_release_fixed_params fixed;
94 	const struct ath12k_wmi_dma_buf_release_entry_params *buf_entry;
95 	const struct ath12k_wmi_dma_buf_release_meta_data_params *meta_data;
96 	u32 num_buf_entry;
97 	u32 num_meta;
98 	bool buf_entry_done;
99 	bool meta_data_done;
100 };
101 
102 struct ath12k_wmi_tlv_policy {
103 	size_t min_len;
104 };
105 
106 struct wmi_tlv_mgmt_rx_parse {
107 	const struct ath12k_wmi_mgmt_rx_params *fixed;
108 	const u8 *frame_buf;
109 	bool frame_buf_done;
110 };
111 
112 static const struct ath12k_wmi_tlv_policy ath12k_wmi_tlv_policies[] = {
113 	[WMI_TAG_ARRAY_BYTE] = { .min_len = 0 },
114 	[WMI_TAG_ARRAY_UINT32] = { .min_len = 0 },
115 	[WMI_TAG_SERVICE_READY_EVENT] = {
116 		.min_len = sizeof(struct wmi_service_ready_event) },
117 	[WMI_TAG_SERVICE_READY_EXT_EVENT] = {
118 		.min_len = sizeof(struct wmi_service_ready_ext_event) },
119 	[WMI_TAG_SOC_MAC_PHY_HW_MODE_CAPS] = {
120 		.min_len = sizeof(struct ath12k_wmi_soc_mac_phy_hw_mode_caps_params) },
121 	[WMI_TAG_SOC_HAL_REG_CAPABILITIES] = {
122 		.min_len = sizeof(struct ath12k_wmi_soc_hal_reg_caps_params) },
123 	[WMI_TAG_VDEV_START_RESPONSE_EVENT] = {
124 		.min_len = sizeof(struct wmi_vdev_start_resp_event) },
125 	[WMI_TAG_PEER_DELETE_RESP_EVENT] = {
126 		.min_len = sizeof(struct wmi_peer_delete_resp_event) },
127 	[WMI_TAG_OFFLOAD_BCN_TX_STATUS_EVENT] = {
128 		.min_len = sizeof(struct wmi_bcn_tx_status_event) },
129 	[WMI_TAG_VDEV_STOPPED_EVENT] = {
130 		.min_len = sizeof(struct wmi_vdev_stopped_event) },
131 	[WMI_TAG_REG_CHAN_LIST_CC_EXT_EVENT] = {
132 		.min_len = sizeof(struct wmi_reg_chan_list_cc_ext_event) },
133 	[WMI_TAG_MGMT_RX_HDR] = {
134 		.min_len = sizeof(struct ath12k_wmi_mgmt_rx_params) },
135 	[WMI_TAG_MGMT_TX_COMPL_EVENT] = {
136 		.min_len = sizeof(struct wmi_mgmt_tx_compl_event) },
137 	[WMI_TAG_SCAN_EVENT] = {
138 		.min_len = sizeof(struct wmi_scan_event) },
139 	[WMI_TAG_PEER_STA_KICKOUT_EVENT] = {
140 		.min_len = sizeof(struct wmi_peer_sta_kickout_event) },
141 	[WMI_TAG_ROAM_EVENT] = {
142 		.min_len = sizeof(struct wmi_roam_event) },
143 	[WMI_TAG_CHAN_INFO_EVENT] = {
144 		.min_len = sizeof(struct wmi_chan_info_event) },
145 	[WMI_TAG_PDEV_BSS_CHAN_INFO_EVENT] = {
146 		.min_len = sizeof(struct wmi_pdev_bss_chan_info_event) },
147 	[WMI_TAG_VDEV_INSTALL_KEY_COMPLETE_EVENT] = {
148 		.min_len = sizeof(struct wmi_vdev_install_key_compl_event) },
149 	[WMI_TAG_READY_EVENT] = {
150 		.min_len = sizeof(struct ath12k_wmi_ready_event_min_params) },
151 	[WMI_TAG_SERVICE_AVAILABLE_EVENT] = {
152 		.min_len = sizeof(struct wmi_service_available_event) },
153 	[WMI_TAG_PEER_ASSOC_CONF_EVENT] = {
154 		.min_len = sizeof(struct wmi_peer_assoc_conf_event) },
155 	[WMI_TAG_PDEV_CTL_FAILSAFE_CHECK_EVENT] = {
156 		.min_len = sizeof(struct wmi_pdev_ctl_failsafe_chk_event) },
157 	[WMI_TAG_HOST_SWFDA_EVENT] = {
158 		.min_len = sizeof(struct wmi_fils_discovery_event) },
159 	[WMI_TAG_OFFLOAD_PRB_RSP_TX_STATUS_EVENT] = {
160 		.min_len = sizeof(struct wmi_probe_resp_tx_status_event) },
161 	[WMI_TAG_VDEV_DELETE_RESP_EVENT] = {
162 		.min_len = sizeof(struct wmi_vdev_delete_resp_event) },
163 };
164 
165 static __le32 ath12k_wmi_tlv_hdr(u32 cmd, u32 len)
166 {
167 	return le32_encode_bits(cmd, WMI_TLV_TAG) |
168 		le32_encode_bits(len, WMI_TLV_LEN);
169 }
170 
171 static __le32 ath12k_wmi_tlv_cmd_hdr(u32 cmd, u32 len)
172 {
173 	return ath12k_wmi_tlv_hdr(cmd, len - TLV_HDR_SIZE);
174 }
175 
176 void ath12k_wmi_init_qcn9274(struct ath12k_base *ab,
177 			     struct ath12k_wmi_resource_config_arg *config)
178 {
179 	config->num_vdevs = ab->num_radios * TARGET_NUM_VDEVS;
180 
181 	if (ab->num_radios == 2) {
182 		config->num_peers = TARGET_NUM_PEERS(DBS);
183 		config->num_tids = TARGET_NUM_TIDS(DBS);
184 	} else if (ab->num_radios == 3) {
185 		config->num_peers = TARGET_NUM_PEERS(DBS_SBS);
186 		config->num_tids = TARGET_NUM_TIDS(DBS_SBS);
187 	} else {
188 		/* Control should not reach here */
189 		config->num_peers = TARGET_NUM_PEERS(SINGLE);
190 		config->num_tids = TARGET_NUM_TIDS(SINGLE);
191 	}
192 	config->num_offload_peers = TARGET_NUM_OFFLD_PEERS;
193 	config->num_offload_reorder_buffs = TARGET_NUM_OFFLD_REORDER_BUFFS;
194 	config->num_peer_keys = TARGET_NUM_PEER_KEYS;
195 	config->ast_skid_limit = TARGET_AST_SKID_LIMIT;
196 	config->tx_chain_mask = (1 << ab->target_caps.num_rf_chains) - 1;
197 	config->rx_chain_mask = (1 << ab->target_caps.num_rf_chains) - 1;
198 	config->rx_timeout_pri[0] = TARGET_RX_TIMEOUT_LO_PRI;
199 	config->rx_timeout_pri[1] = TARGET_RX_TIMEOUT_LO_PRI;
200 	config->rx_timeout_pri[2] = TARGET_RX_TIMEOUT_LO_PRI;
201 	config->rx_timeout_pri[3] = TARGET_RX_TIMEOUT_HI_PRI;
202 
203 	if (test_bit(ATH12K_FLAG_RAW_MODE, &ab->dev_flags))
204 		config->rx_decap_mode = TARGET_DECAP_MODE_RAW;
205 	else
206 		config->rx_decap_mode = TARGET_DECAP_MODE_NATIVE_WIFI;
207 
208 	config->scan_max_pending_req = TARGET_SCAN_MAX_PENDING_REQS;
209 	config->bmiss_offload_max_vdev = TARGET_BMISS_OFFLOAD_MAX_VDEV;
210 	config->roam_offload_max_vdev = TARGET_ROAM_OFFLOAD_MAX_VDEV;
211 	config->roam_offload_max_ap_profiles = TARGET_ROAM_OFFLOAD_MAX_AP_PROFILES;
212 	config->num_mcast_groups = TARGET_NUM_MCAST_GROUPS;
213 	config->num_mcast_table_elems = TARGET_NUM_MCAST_TABLE_ELEMS;
214 	config->mcast2ucast_mode = TARGET_MCAST2UCAST_MODE;
215 	config->tx_dbg_log_size = TARGET_TX_DBG_LOG_SIZE;
216 	config->num_wds_entries = TARGET_NUM_WDS_ENTRIES;
217 	config->dma_burst_size = TARGET_DMA_BURST_SIZE;
218 	config->rx_skip_defrag_timeout_dup_detection_check =
219 		TARGET_RX_SKIP_DEFRAG_TIMEOUT_DUP_DETECTION_CHECK;
220 	config->vow_config = TARGET_VOW_CONFIG;
221 	config->gtk_offload_max_vdev = TARGET_GTK_OFFLOAD_MAX_VDEV;
222 	config->num_msdu_desc = TARGET_NUM_MSDU_DESC;
223 	config->beacon_tx_offload_max_vdev = ab->num_radios * TARGET_MAX_BCN_OFFLD;
224 	config->rx_batchmode = TARGET_RX_BATCHMODE;
225 	/* Indicates host supports peer map v3 and unmap v2 support */
226 	config->peer_map_unmap_version = 0x32;
227 	config->twt_ap_pdev_count = ab->num_radios;
228 	config->twt_ap_sta_count = 1000;
229 }
230 
231 void ath12k_wmi_init_wcn7850(struct ath12k_base *ab,
232 			     struct ath12k_wmi_resource_config_arg *config)
233 {
234 	config->num_vdevs = 4;
235 	config->num_peers = 16;
236 	config->num_tids = 32;
237 
238 	config->num_offload_peers = 3;
239 	config->num_offload_reorder_buffs = 3;
240 	config->num_peer_keys = TARGET_NUM_PEER_KEYS;
241 	config->ast_skid_limit = TARGET_AST_SKID_LIMIT;
242 	config->tx_chain_mask = (1 << ab->target_caps.num_rf_chains) - 1;
243 	config->rx_chain_mask = (1 << ab->target_caps.num_rf_chains) - 1;
244 	config->rx_timeout_pri[0] = TARGET_RX_TIMEOUT_LO_PRI;
245 	config->rx_timeout_pri[1] = TARGET_RX_TIMEOUT_LO_PRI;
246 	config->rx_timeout_pri[2] = TARGET_RX_TIMEOUT_LO_PRI;
247 	config->rx_timeout_pri[3] = TARGET_RX_TIMEOUT_HI_PRI;
248 	config->rx_decap_mode = TARGET_DECAP_MODE_NATIVE_WIFI;
249 	config->scan_max_pending_req = TARGET_SCAN_MAX_PENDING_REQS;
250 	config->bmiss_offload_max_vdev = TARGET_BMISS_OFFLOAD_MAX_VDEV;
251 	config->roam_offload_max_vdev = TARGET_ROAM_OFFLOAD_MAX_VDEV;
252 	config->roam_offload_max_ap_profiles = TARGET_ROAM_OFFLOAD_MAX_AP_PROFILES;
253 	config->num_mcast_groups = 0;
254 	config->num_mcast_table_elems = 0;
255 	config->mcast2ucast_mode = 0;
256 	config->tx_dbg_log_size = TARGET_TX_DBG_LOG_SIZE;
257 	config->num_wds_entries = 0;
258 	config->dma_burst_size = 0;
259 	config->rx_skip_defrag_timeout_dup_detection_check = 0;
260 	config->vow_config = TARGET_VOW_CONFIG;
261 	config->gtk_offload_max_vdev = 2;
262 	config->num_msdu_desc = 0x400;
263 	config->beacon_tx_offload_max_vdev = 2;
264 	config->rx_batchmode = TARGET_RX_BATCHMODE;
265 
266 	config->peer_map_unmap_version = 0x1;
267 	config->use_pdev_id = 1;
268 	config->max_frag_entries = 0xa;
269 	config->num_tdls_vdevs = 0x1;
270 	config->num_tdls_conn_table_entries = 8;
271 	config->beacon_tx_offload_max_vdev = 0x2;
272 	config->num_multicast_filter_entries = 0x20;
273 	config->num_wow_filters = 0x16;
274 	config->num_keep_alive_pattern = 0;
275 }
276 
277 #define PRIMAP(_hw_mode_) \
278 	[_hw_mode_] = _hw_mode_##_PRI
279 
280 static const int ath12k_hw_mode_pri_map[] = {
281 	PRIMAP(WMI_HOST_HW_MODE_SINGLE),
282 	PRIMAP(WMI_HOST_HW_MODE_DBS),
283 	PRIMAP(WMI_HOST_HW_MODE_SBS_PASSIVE),
284 	PRIMAP(WMI_HOST_HW_MODE_SBS),
285 	PRIMAP(WMI_HOST_HW_MODE_DBS_SBS),
286 	PRIMAP(WMI_HOST_HW_MODE_DBS_OR_SBS),
287 	/* keep last */
288 	PRIMAP(WMI_HOST_HW_MODE_MAX),
289 };
290 
291 static int
292 ath12k_wmi_tlv_iter(struct ath12k_base *ab, const void *ptr, size_t len,
293 		    int (*iter)(struct ath12k_base *ab, u16 tag, u16 len,
294 				const void *ptr, void *data),
295 		    void *data)
296 {
297 	const void *begin = ptr;
298 	const struct wmi_tlv *tlv;
299 	u16 tlv_tag, tlv_len;
300 	int ret;
301 
302 	while (len > 0) {
303 		if (len < sizeof(*tlv)) {
304 			ath12k_err(ab, "wmi tlv parse failure at byte %zd (%zu bytes left, %zu expected)\n",
305 				   ptr - begin, len, sizeof(*tlv));
306 			return -EINVAL;
307 		}
308 
309 		tlv = ptr;
310 		tlv_tag = le32_get_bits(tlv->header, WMI_TLV_TAG);
311 		tlv_len = le32_get_bits(tlv->header, WMI_TLV_LEN);
312 		ptr += sizeof(*tlv);
313 		len -= sizeof(*tlv);
314 
315 		if (tlv_len > len) {
316 			ath12k_err(ab, "wmi tlv parse failure of tag %u at byte %zd (%zu bytes left, %u expected)\n",
317 				   tlv_tag, ptr - begin, len, tlv_len);
318 			return -EINVAL;
319 		}
320 
321 		if (tlv_tag < ARRAY_SIZE(ath12k_wmi_tlv_policies) &&
322 		    ath12k_wmi_tlv_policies[tlv_tag].min_len &&
323 		    ath12k_wmi_tlv_policies[tlv_tag].min_len > tlv_len) {
324 			ath12k_err(ab, "wmi tlv parse failure of tag %u at byte %zd (%u bytes is less than min length %zu)\n",
325 				   tlv_tag, ptr - begin, tlv_len,
326 				   ath12k_wmi_tlv_policies[tlv_tag].min_len);
327 			return -EINVAL;
328 		}
329 
330 		ret = iter(ab, tlv_tag, tlv_len, ptr, data);
331 		if (ret)
332 			return ret;
333 
334 		ptr += tlv_len;
335 		len -= tlv_len;
336 	}
337 
338 	return 0;
339 }
340 
341 static int ath12k_wmi_tlv_iter_parse(struct ath12k_base *ab, u16 tag, u16 len,
342 				     const void *ptr, void *data)
343 {
344 	const void **tb = data;
345 
346 	if (tag < WMI_TAG_MAX)
347 		tb[tag] = ptr;
348 
349 	return 0;
350 }
351 
352 static int ath12k_wmi_tlv_parse(struct ath12k_base *ar, const void **tb,
353 				const void *ptr, size_t len)
354 {
355 	return ath12k_wmi_tlv_iter(ar, ptr, len, ath12k_wmi_tlv_iter_parse,
356 				   (void *)tb);
357 }
358 
359 static const void **
360 ath12k_wmi_tlv_parse_alloc(struct ath12k_base *ab, const void *ptr,
361 			   size_t len, gfp_t gfp)
362 {
363 	const void **tb;
364 	int ret;
365 
366 	tb = kcalloc(WMI_TAG_MAX, sizeof(*tb), gfp);
367 	if (!tb)
368 		return ERR_PTR(-ENOMEM);
369 
370 	ret = ath12k_wmi_tlv_parse(ab, tb, ptr, len);
371 	if (ret) {
372 		kfree(tb);
373 		return ERR_PTR(ret);
374 	}
375 
376 	return tb;
377 }
378 
379 static int ath12k_wmi_cmd_send_nowait(struct ath12k_wmi_pdev *wmi, struct sk_buff *skb,
380 				      u32 cmd_id)
381 {
382 	struct ath12k_skb_cb *skb_cb = ATH12K_SKB_CB(skb);
383 	struct ath12k_base *ab = wmi->wmi_ab->ab;
384 	struct wmi_cmd_hdr *cmd_hdr;
385 	int ret;
386 
387 	if (!skb_push(skb, sizeof(struct wmi_cmd_hdr)))
388 		return -ENOMEM;
389 
390 	cmd_hdr = (struct wmi_cmd_hdr *)skb->data;
391 	cmd_hdr->cmd_id = le32_encode_bits(cmd_id, WMI_CMD_HDR_CMD_ID);
392 
393 	memset(skb_cb, 0, sizeof(*skb_cb));
394 	ret = ath12k_htc_send(&ab->htc, wmi->eid, skb);
395 
396 	if (ret)
397 		goto err_pull;
398 
399 	return 0;
400 
401 err_pull:
402 	skb_pull(skb, sizeof(struct wmi_cmd_hdr));
403 	return ret;
404 }
405 
406 int ath12k_wmi_cmd_send(struct ath12k_wmi_pdev *wmi, struct sk_buff *skb,
407 			u32 cmd_id)
408 {
409 	struct ath12k_wmi_base *wmi_sc = wmi->wmi_ab;
410 	int ret = -EOPNOTSUPP;
411 
412 	might_sleep();
413 
414 	wait_event_timeout(wmi_sc->tx_credits_wq, ({
415 		ret = ath12k_wmi_cmd_send_nowait(wmi, skb, cmd_id);
416 
417 		if (ret && test_bit(ATH12K_FLAG_CRASH_FLUSH, &wmi_sc->ab->dev_flags))
418 			ret = -ESHUTDOWN;
419 
420 		(ret != -EAGAIN);
421 	}), WMI_SEND_TIMEOUT_HZ);
422 
423 	if (ret == -EAGAIN)
424 		ath12k_warn(wmi_sc->ab, "wmi command %d timeout\n", cmd_id);
425 
426 	return ret;
427 }
428 
429 static int ath12k_pull_svc_ready_ext(struct ath12k_wmi_pdev *wmi_handle,
430 				     const void *ptr,
431 				     struct ath12k_wmi_service_ext_arg *arg)
432 {
433 	const struct wmi_service_ready_ext_event *ev = ptr;
434 	int i;
435 
436 	if (!ev)
437 		return -EINVAL;
438 
439 	/* Move this to host based bitmap */
440 	arg->default_conc_scan_config_bits =
441 		le32_to_cpu(ev->default_conc_scan_config_bits);
442 	arg->default_fw_config_bits = le32_to_cpu(ev->default_fw_config_bits);
443 	arg->he_cap_info = le32_to_cpu(ev->he_cap_info);
444 	arg->mpdu_density = le32_to_cpu(ev->mpdu_density);
445 	arg->max_bssid_rx_filters = le32_to_cpu(ev->max_bssid_rx_filters);
446 	arg->ppet.numss_m1 = le32_to_cpu(ev->ppet.numss_m1);
447 	arg->ppet.ru_bit_mask = le32_to_cpu(ev->ppet.ru_info);
448 
449 	for (i = 0; i < WMI_MAX_NUM_SS; i++)
450 		arg->ppet.ppet16_ppet8_ru3_ru0[i] =
451 			le32_to_cpu(ev->ppet.ppet16_ppet8_ru3_ru0[i]);
452 
453 	return 0;
454 }
455 
456 static int
457 ath12k_pull_mac_phy_cap_svc_ready_ext(struct ath12k_wmi_pdev *wmi_handle,
458 				      struct ath12k_wmi_svc_rdy_ext_parse *svc,
459 				      u8 hw_mode_id, u8 phy_id,
460 				      struct ath12k_pdev *pdev)
461 {
462 	const struct ath12k_wmi_mac_phy_caps_params *mac_caps;
463 	const struct ath12k_wmi_soc_mac_phy_hw_mode_caps_params *hw_caps = svc->hw_caps;
464 	const struct ath12k_wmi_hw_mode_cap_params *wmi_hw_mode_caps = svc->hw_mode_caps;
465 	const struct ath12k_wmi_mac_phy_caps_params *wmi_mac_phy_caps = svc->mac_phy_caps;
466 	struct ath12k_base *ab = wmi_handle->wmi_ab->ab;
467 	struct ath12k_band_cap *cap_band;
468 	struct ath12k_pdev_cap *pdev_cap = &pdev->cap;
469 	struct ath12k_fw_pdev *fw_pdev;
470 	u32 phy_map;
471 	u32 hw_idx, phy_idx = 0;
472 	int i;
473 
474 	if (!hw_caps || !wmi_hw_mode_caps || !svc->soc_hal_reg_caps)
475 		return -EINVAL;
476 
477 	for (hw_idx = 0; hw_idx < le32_to_cpu(hw_caps->num_hw_modes); hw_idx++) {
478 		if (hw_mode_id == le32_to_cpu(wmi_hw_mode_caps[hw_idx].hw_mode_id))
479 			break;
480 
481 		phy_map = le32_to_cpu(wmi_hw_mode_caps[hw_idx].phy_id_map);
482 		phy_idx = fls(phy_map);
483 	}
484 
485 	if (hw_idx == le32_to_cpu(hw_caps->num_hw_modes))
486 		return -EINVAL;
487 
488 	phy_idx += phy_id;
489 	if (phy_id >= le32_to_cpu(svc->soc_hal_reg_caps->num_phy))
490 		return -EINVAL;
491 
492 	mac_caps = wmi_mac_phy_caps + phy_idx;
493 
494 	pdev->pdev_id = le32_to_cpu(mac_caps->pdev_id);
495 	pdev_cap->supported_bands |= le32_to_cpu(mac_caps->supported_bands);
496 	pdev_cap->ampdu_density = le32_to_cpu(mac_caps->ampdu_density);
497 
498 	fw_pdev = &ab->fw_pdev[ab->fw_pdev_count];
499 	fw_pdev->supported_bands = le32_to_cpu(mac_caps->supported_bands);
500 	fw_pdev->pdev_id = le32_to_cpu(mac_caps->pdev_id);
501 	fw_pdev->phy_id = le32_to_cpu(mac_caps->phy_id);
502 	ab->fw_pdev_count++;
503 
504 	/* Take non-zero tx/rx chainmask. If tx/rx chainmask differs from
505 	 * band to band for a single radio, need to see how this should be
506 	 * handled.
507 	 */
508 	if (le32_to_cpu(mac_caps->supported_bands) & WMI_HOST_WLAN_2G_CAP) {
509 		pdev_cap->tx_chain_mask = le32_to_cpu(mac_caps->tx_chain_mask_2g);
510 		pdev_cap->rx_chain_mask = le32_to_cpu(mac_caps->rx_chain_mask_2g);
511 	} else if (le32_to_cpu(mac_caps->supported_bands) & WMI_HOST_WLAN_5G_CAP) {
512 		pdev_cap->vht_cap = le32_to_cpu(mac_caps->vht_cap_info_5g);
513 		pdev_cap->vht_mcs = le32_to_cpu(mac_caps->vht_supp_mcs_5g);
514 		pdev_cap->he_mcs = le32_to_cpu(mac_caps->he_supp_mcs_5g);
515 		pdev_cap->tx_chain_mask = le32_to_cpu(mac_caps->tx_chain_mask_5g);
516 		pdev_cap->rx_chain_mask = le32_to_cpu(mac_caps->rx_chain_mask_5g);
517 	} else {
518 		return -EINVAL;
519 	}
520 
521 	/* tx/rx chainmask reported from fw depends on the actual hw chains used,
522 	 * For example, for 4x4 capable macphys, first 4 chains can be used for first
523 	 * mac and the remaining 4 chains can be used for the second mac or vice-versa.
524 	 * In this case, tx/rx chainmask 0xf will be advertised for first mac and 0xf0
525 	 * will be advertised for second mac or vice-versa. Compute the shift value
526 	 * for tx/rx chainmask which will be used to advertise supported ht/vht rates to
527 	 * mac80211.
528 	 */
529 	pdev_cap->tx_chain_mask_shift =
530 			find_first_bit((unsigned long *)&pdev_cap->tx_chain_mask, 32);
531 	pdev_cap->rx_chain_mask_shift =
532 			find_first_bit((unsigned long *)&pdev_cap->rx_chain_mask, 32);
533 
534 	if (le32_to_cpu(mac_caps->supported_bands) & WMI_HOST_WLAN_2G_CAP) {
535 		cap_band = &pdev_cap->band[NL80211_BAND_2GHZ];
536 		cap_band->phy_id = le32_to_cpu(mac_caps->phy_id);
537 		cap_band->max_bw_supported = le32_to_cpu(mac_caps->max_bw_supported_2g);
538 		cap_band->ht_cap_info = le32_to_cpu(mac_caps->ht_cap_info_2g);
539 		cap_band->he_cap_info[0] = le32_to_cpu(mac_caps->he_cap_info_2g);
540 		cap_band->he_cap_info[1] = le32_to_cpu(mac_caps->he_cap_info_2g_ext);
541 		cap_band->he_mcs = le32_to_cpu(mac_caps->he_supp_mcs_2g);
542 		for (i = 0; i < WMI_MAX_HECAP_PHY_SIZE; i++)
543 			cap_band->he_cap_phy_info[i] =
544 				le32_to_cpu(mac_caps->he_cap_phy_info_2g[i]);
545 
546 		cap_band->he_ppet.numss_m1 = le32_to_cpu(mac_caps->he_ppet2g.numss_m1);
547 		cap_band->he_ppet.ru_bit_mask = le32_to_cpu(mac_caps->he_ppet2g.ru_info);
548 
549 		for (i = 0; i < WMI_MAX_NUM_SS; i++)
550 			cap_band->he_ppet.ppet16_ppet8_ru3_ru0[i] =
551 				le32_to_cpu(mac_caps->he_ppet2g.ppet16_ppet8_ru3_ru0[i]);
552 	}
553 
554 	if (le32_to_cpu(mac_caps->supported_bands) & WMI_HOST_WLAN_5G_CAP) {
555 		cap_band = &pdev_cap->band[NL80211_BAND_5GHZ];
556 		cap_band->phy_id = le32_to_cpu(mac_caps->phy_id);
557 		cap_band->max_bw_supported =
558 			le32_to_cpu(mac_caps->max_bw_supported_5g);
559 		cap_band->ht_cap_info = le32_to_cpu(mac_caps->ht_cap_info_5g);
560 		cap_band->he_cap_info[0] = le32_to_cpu(mac_caps->he_cap_info_5g);
561 		cap_band->he_cap_info[1] = le32_to_cpu(mac_caps->he_cap_info_5g_ext);
562 		cap_band->he_mcs = le32_to_cpu(mac_caps->he_supp_mcs_5g);
563 		for (i = 0; i < WMI_MAX_HECAP_PHY_SIZE; i++)
564 			cap_band->he_cap_phy_info[i] =
565 				le32_to_cpu(mac_caps->he_cap_phy_info_5g[i]);
566 
567 		cap_band->he_ppet.numss_m1 = le32_to_cpu(mac_caps->he_ppet5g.numss_m1);
568 		cap_band->he_ppet.ru_bit_mask = le32_to_cpu(mac_caps->he_ppet5g.ru_info);
569 
570 		for (i = 0; i < WMI_MAX_NUM_SS; i++)
571 			cap_band->he_ppet.ppet16_ppet8_ru3_ru0[i] =
572 				le32_to_cpu(mac_caps->he_ppet5g.ppet16_ppet8_ru3_ru0[i]);
573 
574 		cap_band = &pdev_cap->band[NL80211_BAND_6GHZ];
575 		cap_band->max_bw_supported =
576 			le32_to_cpu(mac_caps->max_bw_supported_5g);
577 		cap_band->ht_cap_info = le32_to_cpu(mac_caps->ht_cap_info_5g);
578 		cap_band->he_cap_info[0] = le32_to_cpu(mac_caps->he_cap_info_5g);
579 		cap_band->he_cap_info[1] = le32_to_cpu(mac_caps->he_cap_info_5g_ext);
580 		cap_band->he_mcs = le32_to_cpu(mac_caps->he_supp_mcs_5g);
581 		for (i = 0; i < WMI_MAX_HECAP_PHY_SIZE; i++)
582 			cap_band->he_cap_phy_info[i] =
583 				le32_to_cpu(mac_caps->he_cap_phy_info_5g[i]);
584 
585 		cap_band->he_ppet.numss_m1 = le32_to_cpu(mac_caps->he_ppet5g.numss_m1);
586 		cap_band->he_ppet.ru_bit_mask = le32_to_cpu(mac_caps->he_ppet5g.ru_info);
587 
588 		for (i = 0; i < WMI_MAX_NUM_SS; i++)
589 			cap_band->he_ppet.ppet16_ppet8_ru3_ru0[i] =
590 				le32_to_cpu(mac_caps->he_ppet5g.ppet16_ppet8_ru3_ru0[i]);
591 	}
592 
593 	return 0;
594 }
595 
596 static int
597 ath12k_pull_reg_cap_svc_rdy_ext(struct ath12k_wmi_pdev *wmi_handle,
598 				const struct ath12k_wmi_soc_hal_reg_caps_params *reg_caps,
599 				const struct ath12k_wmi_hal_reg_caps_ext_params *ext_caps,
600 				u8 phy_idx,
601 				struct ath12k_wmi_hal_reg_capabilities_ext_arg *param)
602 {
603 	const struct ath12k_wmi_hal_reg_caps_ext_params *ext_reg_cap;
604 
605 	if (!reg_caps || !ext_caps)
606 		return -EINVAL;
607 
608 	if (phy_idx >= le32_to_cpu(reg_caps->num_phy))
609 		return -EINVAL;
610 
611 	ext_reg_cap = &ext_caps[phy_idx];
612 
613 	param->phy_id = le32_to_cpu(ext_reg_cap->phy_id);
614 	param->eeprom_reg_domain = le32_to_cpu(ext_reg_cap->eeprom_reg_domain);
615 	param->eeprom_reg_domain_ext =
616 		le32_to_cpu(ext_reg_cap->eeprom_reg_domain_ext);
617 	param->regcap1 = le32_to_cpu(ext_reg_cap->regcap1);
618 	param->regcap2 = le32_to_cpu(ext_reg_cap->regcap2);
619 	/* check if param->wireless_mode is needed */
620 	param->low_2ghz_chan = le32_to_cpu(ext_reg_cap->low_2ghz_chan);
621 	param->high_2ghz_chan = le32_to_cpu(ext_reg_cap->high_2ghz_chan);
622 	param->low_5ghz_chan = le32_to_cpu(ext_reg_cap->low_5ghz_chan);
623 	param->high_5ghz_chan = le32_to_cpu(ext_reg_cap->high_5ghz_chan);
624 
625 	return 0;
626 }
627 
628 static int ath12k_pull_service_ready_tlv(struct ath12k_base *ab,
629 					 const void *evt_buf,
630 					 struct ath12k_wmi_target_cap_arg *cap)
631 {
632 	const struct wmi_service_ready_event *ev = evt_buf;
633 
634 	if (!ev) {
635 		ath12k_err(ab, "%s: failed by NULL param\n",
636 			   __func__);
637 		return -EINVAL;
638 	}
639 
640 	cap->phy_capability = le32_to_cpu(ev->phy_capability);
641 	cap->max_frag_entry = le32_to_cpu(ev->max_frag_entry);
642 	cap->num_rf_chains = le32_to_cpu(ev->num_rf_chains);
643 	cap->ht_cap_info = le32_to_cpu(ev->ht_cap_info);
644 	cap->vht_cap_info = le32_to_cpu(ev->vht_cap_info);
645 	cap->vht_supp_mcs = le32_to_cpu(ev->vht_supp_mcs);
646 	cap->hw_min_tx_power = le32_to_cpu(ev->hw_min_tx_power);
647 	cap->hw_max_tx_power = le32_to_cpu(ev->hw_max_tx_power);
648 	cap->sys_cap_info = le32_to_cpu(ev->sys_cap_info);
649 	cap->min_pkt_size_enable = le32_to_cpu(ev->min_pkt_size_enable);
650 	cap->max_bcn_ie_size = le32_to_cpu(ev->max_bcn_ie_size);
651 	cap->max_num_scan_channels = le32_to_cpu(ev->max_num_scan_channels);
652 	cap->max_supported_macs = le32_to_cpu(ev->max_supported_macs);
653 	cap->wmi_fw_sub_feat_caps = le32_to_cpu(ev->wmi_fw_sub_feat_caps);
654 	cap->txrx_chainmask = le32_to_cpu(ev->txrx_chainmask);
655 	cap->default_dbs_hw_mode_index = le32_to_cpu(ev->default_dbs_hw_mode_index);
656 	cap->num_msdu_desc = le32_to_cpu(ev->num_msdu_desc);
657 
658 	return 0;
659 }
660 
661 /* Save the wmi_service_bitmap into a linear bitmap. The wmi_services in
662  * wmi_service ready event are advertised in b0-b3 (LSB 4-bits) of each
663  * 4-byte word.
664  */
665 static void ath12k_wmi_service_bitmap_copy(struct ath12k_wmi_pdev *wmi,
666 					   const u32 *wmi_svc_bm)
667 {
668 	int i, j;
669 
670 	for (i = 0, j = 0; i < WMI_SERVICE_BM_SIZE && j < WMI_MAX_SERVICE; i++) {
671 		do {
672 			if (wmi_svc_bm[i] & BIT(j % WMI_SERVICE_BITS_IN_SIZE32))
673 				set_bit(j, wmi->wmi_ab->svc_map);
674 		} while (++j % WMI_SERVICE_BITS_IN_SIZE32);
675 	}
676 }
677 
678 static int ath12k_wmi_svc_rdy_parse(struct ath12k_base *ab, u16 tag, u16 len,
679 				    const void *ptr, void *data)
680 {
681 	struct ath12k_wmi_svc_ready_parse *svc_ready = data;
682 	struct ath12k_wmi_pdev *wmi_handle = &ab->wmi_ab.wmi[0];
683 	u16 expect_len;
684 
685 	switch (tag) {
686 	case WMI_TAG_SERVICE_READY_EVENT:
687 		if (ath12k_pull_service_ready_tlv(ab, ptr, &ab->target_caps))
688 			return -EINVAL;
689 		break;
690 
691 	case WMI_TAG_ARRAY_UINT32:
692 		if (!svc_ready->wmi_svc_bitmap_done) {
693 			expect_len = WMI_SERVICE_BM_SIZE * sizeof(u32);
694 			if (len < expect_len) {
695 				ath12k_warn(ab, "invalid len %d for the tag 0x%x\n",
696 					    len, tag);
697 				return -EINVAL;
698 			}
699 
700 			ath12k_wmi_service_bitmap_copy(wmi_handle, ptr);
701 
702 			svc_ready->wmi_svc_bitmap_done = true;
703 		}
704 		break;
705 	default:
706 		break;
707 	}
708 
709 	return 0;
710 }
711 
712 static int ath12k_service_ready_event(struct ath12k_base *ab, struct sk_buff *skb)
713 {
714 	struct ath12k_wmi_svc_ready_parse svc_ready = { };
715 	int ret;
716 
717 	ret = ath12k_wmi_tlv_iter(ab, skb->data, skb->len,
718 				  ath12k_wmi_svc_rdy_parse,
719 				  &svc_ready);
720 	if (ret) {
721 		ath12k_warn(ab, "failed to parse tlv %d\n", ret);
722 		return ret;
723 	}
724 
725 	return 0;
726 }
727 
728 struct sk_buff *ath12k_wmi_alloc_skb(struct ath12k_wmi_base *wmi_sc, u32 len)
729 {
730 	struct sk_buff *skb;
731 	struct ath12k_base *ab = wmi_sc->ab;
732 	u32 round_len = roundup(len, 4);
733 
734 	skb = ath12k_htc_alloc_skb(ab, WMI_SKB_HEADROOM + round_len);
735 	if (!skb)
736 		return NULL;
737 
738 	skb_reserve(skb, WMI_SKB_HEADROOM);
739 	if (!IS_ALIGNED((unsigned long)skb->data, 4))
740 		ath12k_warn(ab, "unaligned WMI skb data\n");
741 
742 	skb_put(skb, round_len);
743 	memset(skb->data, 0, round_len);
744 
745 	return skb;
746 }
747 
748 int ath12k_wmi_mgmt_send(struct ath12k *ar, u32 vdev_id, u32 buf_id,
749 			 struct sk_buff *frame)
750 {
751 	struct ath12k_wmi_pdev *wmi = ar->wmi;
752 	struct wmi_mgmt_send_cmd *cmd;
753 	struct wmi_tlv *frame_tlv;
754 	struct sk_buff *skb;
755 	u32 buf_len;
756 	int ret, len;
757 
758 	buf_len = min_t(int, frame->len, WMI_MGMT_SEND_DOWNLD_LEN);
759 
760 	len = sizeof(*cmd) + sizeof(*frame_tlv) + roundup(buf_len, 4);
761 
762 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
763 	if (!skb)
764 		return -ENOMEM;
765 
766 	cmd = (struct wmi_mgmt_send_cmd *)skb->data;
767 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_MGMT_TX_SEND_CMD,
768 						 sizeof(*cmd));
769 	cmd->vdev_id = cpu_to_le32(vdev_id);
770 	cmd->desc_id = cpu_to_le32(buf_id);
771 	cmd->chanfreq = 0;
772 	cmd->paddr_lo = cpu_to_le32(lower_32_bits(ATH12K_SKB_CB(frame)->paddr));
773 	cmd->paddr_hi = cpu_to_le32(upper_32_bits(ATH12K_SKB_CB(frame)->paddr));
774 	cmd->frame_len = cpu_to_le32(frame->len);
775 	cmd->buf_len = cpu_to_le32(buf_len);
776 	cmd->tx_params_valid = 0;
777 
778 	frame_tlv = (struct wmi_tlv *)(skb->data + sizeof(*cmd));
779 	frame_tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_BYTE, buf_len);
780 
781 	memcpy(frame_tlv->value, frame->data, buf_len);
782 
783 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_MGMT_TX_SEND_CMDID);
784 	if (ret) {
785 		ath12k_warn(ar->ab,
786 			    "failed to submit WMI_MGMT_TX_SEND_CMDID cmd\n");
787 		dev_kfree_skb(skb);
788 	}
789 
790 	return ret;
791 }
792 
793 int ath12k_wmi_vdev_create(struct ath12k *ar, u8 *macaddr,
794 			   struct ath12k_wmi_vdev_create_arg *args)
795 {
796 	struct ath12k_wmi_pdev *wmi = ar->wmi;
797 	struct wmi_vdev_create_cmd *cmd;
798 	struct sk_buff *skb;
799 	struct ath12k_wmi_vdev_txrx_streams_params *txrx_streams;
800 	struct wmi_tlv *tlv;
801 	int ret, len;
802 	void *ptr;
803 
804 	/* It can be optimized my sending tx/rx chain configuration
805 	 * only for supported bands instead of always sending it for
806 	 * both the bands.
807 	 */
808 	len = sizeof(*cmd) + TLV_HDR_SIZE +
809 		(WMI_NUM_SUPPORTED_BAND_MAX * sizeof(*txrx_streams));
810 
811 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
812 	if (!skb)
813 		return -ENOMEM;
814 
815 	cmd = (struct wmi_vdev_create_cmd *)skb->data;
816 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_CREATE_CMD,
817 						 sizeof(*cmd));
818 
819 	cmd->vdev_id = cpu_to_le32(args->if_id);
820 	cmd->vdev_type = cpu_to_le32(args->type);
821 	cmd->vdev_subtype = cpu_to_le32(args->subtype);
822 	cmd->num_cfg_txrx_streams = cpu_to_le32(WMI_NUM_SUPPORTED_BAND_MAX);
823 	cmd->pdev_id = cpu_to_le32(args->pdev_id);
824 	cmd->vdev_stats_id = cpu_to_le32(args->if_stats_id);
825 	ether_addr_copy(cmd->vdev_macaddr.addr, macaddr);
826 
827 	ptr = skb->data + sizeof(*cmd);
828 	len = WMI_NUM_SUPPORTED_BAND_MAX * sizeof(*txrx_streams);
829 
830 	tlv = ptr;
831 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_STRUCT, len);
832 
833 	ptr += TLV_HDR_SIZE;
834 	txrx_streams = ptr;
835 	len = sizeof(*txrx_streams);
836 	txrx_streams->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_TXRX_STREAMS,
837 							  len);
838 	txrx_streams->band = WMI_TPC_CHAINMASK_CONFIG_BAND_2G;
839 	txrx_streams->supported_tx_streams =
840 				 args->chains[NL80211_BAND_2GHZ].tx;
841 	txrx_streams->supported_rx_streams =
842 				 args->chains[NL80211_BAND_2GHZ].rx;
843 
844 	txrx_streams++;
845 	txrx_streams->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_TXRX_STREAMS,
846 							  len);
847 	txrx_streams->band = WMI_TPC_CHAINMASK_CONFIG_BAND_5G;
848 	txrx_streams->supported_tx_streams =
849 				 args->chains[NL80211_BAND_5GHZ].tx;
850 	txrx_streams->supported_rx_streams =
851 				 args->chains[NL80211_BAND_5GHZ].rx;
852 
853 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
854 		   "WMI vdev create: id %d type %d subtype %d macaddr %pM pdevid %d\n",
855 		   args->if_id, args->type, args->subtype,
856 		   macaddr, args->pdev_id);
857 
858 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_VDEV_CREATE_CMDID);
859 	if (ret) {
860 		ath12k_warn(ar->ab,
861 			    "failed to submit WMI_VDEV_CREATE_CMDID\n");
862 		dev_kfree_skb(skb);
863 	}
864 
865 	return ret;
866 }
867 
868 int ath12k_wmi_vdev_delete(struct ath12k *ar, u8 vdev_id)
869 {
870 	struct ath12k_wmi_pdev *wmi = ar->wmi;
871 	struct wmi_vdev_delete_cmd *cmd;
872 	struct sk_buff *skb;
873 	int ret;
874 
875 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
876 	if (!skb)
877 		return -ENOMEM;
878 
879 	cmd = (struct wmi_vdev_delete_cmd *)skb->data;
880 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_DELETE_CMD,
881 						 sizeof(*cmd));
882 	cmd->vdev_id = cpu_to_le32(vdev_id);
883 
884 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI, "WMI vdev delete id %d\n", vdev_id);
885 
886 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_VDEV_DELETE_CMDID);
887 	if (ret) {
888 		ath12k_warn(ar->ab, "failed to submit WMI_VDEV_DELETE_CMDID\n");
889 		dev_kfree_skb(skb);
890 	}
891 
892 	return ret;
893 }
894 
895 int ath12k_wmi_vdev_stop(struct ath12k *ar, u8 vdev_id)
896 {
897 	struct ath12k_wmi_pdev *wmi = ar->wmi;
898 	struct wmi_vdev_stop_cmd *cmd;
899 	struct sk_buff *skb;
900 	int ret;
901 
902 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
903 	if (!skb)
904 		return -ENOMEM;
905 
906 	cmd = (struct wmi_vdev_stop_cmd *)skb->data;
907 
908 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_STOP_CMD,
909 						 sizeof(*cmd));
910 	cmd->vdev_id = cpu_to_le32(vdev_id);
911 
912 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI, "WMI vdev stop id 0x%x\n", vdev_id);
913 
914 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_VDEV_STOP_CMDID);
915 	if (ret) {
916 		ath12k_warn(ar->ab, "failed to submit WMI_VDEV_STOP cmd\n");
917 		dev_kfree_skb(skb);
918 	}
919 
920 	return ret;
921 }
922 
923 int ath12k_wmi_vdev_down(struct ath12k *ar, u8 vdev_id)
924 {
925 	struct ath12k_wmi_pdev *wmi = ar->wmi;
926 	struct wmi_vdev_down_cmd *cmd;
927 	struct sk_buff *skb;
928 	int ret;
929 
930 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
931 	if (!skb)
932 		return -ENOMEM;
933 
934 	cmd = (struct wmi_vdev_down_cmd *)skb->data;
935 
936 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_DOWN_CMD,
937 						 sizeof(*cmd));
938 	cmd->vdev_id = cpu_to_le32(vdev_id);
939 
940 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI, "WMI vdev down id 0x%x\n", vdev_id);
941 
942 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_VDEV_DOWN_CMDID);
943 	if (ret) {
944 		ath12k_warn(ar->ab, "failed to submit WMI_VDEV_DOWN cmd\n");
945 		dev_kfree_skb(skb);
946 	}
947 
948 	return ret;
949 }
950 
951 static void ath12k_wmi_put_wmi_channel(struct ath12k_wmi_channel_params *chan,
952 				       struct wmi_vdev_start_req_arg *arg)
953 {
954 	memset(chan, 0, sizeof(*chan));
955 
956 	chan->mhz = cpu_to_le32(arg->freq);
957 	chan->band_center_freq1 = cpu_to_le32(arg->band_center_freq1);
958 	if (arg->mode == MODE_11AC_VHT80_80)
959 		chan->band_center_freq2 = cpu_to_le32(arg->band_center_freq2);
960 	else
961 		chan->band_center_freq2 = 0;
962 
963 	chan->info |= le32_encode_bits(arg->mode, WMI_CHAN_INFO_MODE);
964 	if (arg->passive)
965 		chan->info |= cpu_to_le32(WMI_CHAN_INFO_PASSIVE);
966 	if (arg->allow_ibss)
967 		chan->info |= cpu_to_le32(WMI_CHAN_INFO_ADHOC_ALLOWED);
968 	if (arg->allow_ht)
969 		chan->info |= cpu_to_le32(WMI_CHAN_INFO_ALLOW_HT);
970 	if (arg->allow_vht)
971 		chan->info |= cpu_to_le32(WMI_CHAN_INFO_ALLOW_VHT);
972 	if (arg->allow_he)
973 		chan->info |= cpu_to_le32(WMI_CHAN_INFO_ALLOW_HE);
974 	if (arg->ht40plus)
975 		chan->info |= cpu_to_le32(WMI_CHAN_INFO_HT40_PLUS);
976 	if (arg->chan_radar)
977 		chan->info |= cpu_to_le32(WMI_CHAN_INFO_DFS);
978 	if (arg->freq2_radar)
979 		chan->info |= cpu_to_le32(WMI_CHAN_INFO_DFS_FREQ2);
980 
981 	chan->reg_info_1 = le32_encode_bits(arg->max_power,
982 					    WMI_CHAN_REG_INFO1_MAX_PWR) |
983 		le32_encode_bits(arg->max_reg_power,
984 				 WMI_CHAN_REG_INFO1_MAX_REG_PWR);
985 
986 	chan->reg_info_2 = le32_encode_bits(arg->max_antenna_gain,
987 					    WMI_CHAN_REG_INFO2_ANT_MAX) |
988 		le32_encode_bits(arg->max_power, WMI_CHAN_REG_INFO2_MAX_TX_PWR);
989 }
990 
991 int ath12k_wmi_vdev_start(struct ath12k *ar, struct wmi_vdev_start_req_arg *arg,
992 			  bool restart)
993 {
994 	struct ath12k_wmi_pdev *wmi = ar->wmi;
995 	struct wmi_vdev_start_request_cmd *cmd;
996 	struct sk_buff *skb;
997 	struct ath12k_wmi_channel_params *chan;
998 	struct wmi_tlv *tlv;
999 	void *ptr;
1000 	int ret, len;
1001 
1002 	if (WARN_ON(arg->ssid_len > sizeof(cmd->ssid.ssid)))
1003 		return -EINVAL;
1004 
1005 	len = sizeof(*cmd) + sizeof(*chan) + TLV_HDR_SIZE;
1006 
1007 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
1008 	if (!skb)
1009 		return -ENOMEM;
1010 
1011 	cmd = (struct wmi_vdev_start_request_cmd *)skb->data;
1012 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_START_REQUEST_CMD,
1013 						 sizeof(*cmd));
1014 	cmd->vdev_id = cpu_to_le32(arg->vdev_id);
1015 	cmd->beacon_interval = cpu_to_le32(arg->bcn_intval);
1016 	cmd->bcn_tx_rate = cpu_to_le32(arg->bcn_tx_rate);
1017 	cmd->dtim_period = cpu_to_le32(arg->dtim_period);
1018 	cmd->num_noa_descriptors = cpu_to_le32(arg->num_noa_descriptors);
1019 	cmd->preferred_rx_streams = cpu_to_le32(arg->pref_rx_streams);
1020 	cmd->preferred_tx_streams = cpu_to_le32(arg->pref_tx_streams);
1021 	cmd->cac_duration_ms = cpu_to_le32(arg->cac_duration_ms);
1022 	cmd->regdomain = cpu_to_le32(arg->regdomain);
1023 	cmd->he_ops = cpu_to_le32(arg->he_ops);
1024 	cmd->punct_bitmap = cpu_to_le32(arg->punct_bitmap);
1025 
1026 	if (!restart) {
1027 		if (arg->ssid) {
1028 			cmd->ssid.ssid_len = cpu_to_le32(arg->ssid_len);
1029 			memcpy(cmd->ssid.ssid, arg->ssid, arg->ssid_len);
1030 		}
1031 		if (arg->hidden_ssid)
1032 			cmd->flags |= cpu_to_le32(WMI_VDEV_START_HIDDEN_SSID);
1033 		if (arg->pmf_enabled)
1034 			cmd->flags |= cpu_to_le32(WMI_VDEV_START_PMF_ENABLED);
1035 	}
1036 
1037 	cmd->flags |= cpu_to_le32(WMI_VDEV_START_LDPC_RX_ENABLED);
1038 
1039 	ptr = skb->data + sizeof(*cmd);
1040 	chan = ptr;
1041 
1042 	ath12k_wmi_put_wmi_channel(chan, arg);
1043 
1044 	chan->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_CHANNEL,
1045 						  sizeof(*chan));
1046 	ptr += sizeof(*chan);
1047 
1048 	tlv = ptr;
1049 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_STRUCT, 0);
1050 
1051 	/* Note: This is a nested TLV containing:
1052 	 * [wmi_tlv][wmi_p2p_noa_descriptor][wmi_tlv]..
1053 	 */
1054 
1055 	ptr += sizeof(*tlv);
1056 
1057 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI, "vdev %s id 0x%x freq 0x%x mode 0x%x\n",
1058 		   restart ? "restart" : "start", arg->vdev_id,
1059 		   arg->freq, arg->mode);
1060 
1061 	if (restart)
1062 		ret = ath12k_wmi_cmd_send(wmi, skb,
1063 					  WMI_VDEV_RESTART_REQUEST_CMDID);
1064 	else
1065 		ret = ath12k_wmi_cmd_send(wmi, skb,
1066 					  WMI_VDEV_START_REQUEST_CMDID);
1067 	if (ret) {
1068 		ath12k_warn(ar->ab, "failed to submit vdev_%s cmd\n",
1069 			    restart ? "restart" : "start");
1070 		dev_kfree_skb(skb);
1071 	}
1072 
1073 	return ret;
1074 }
1075 
1076 int ath12k_wmi_vdev_up(struct ath12k *ar, u32 vdev_id, u32 aid, const u8 *bssid)
1077 {
1078 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1079 	struct wmi_vdev_up_cmd *cmd;
1080 	struct sk_buff *skb;
1081 	int ret;
1082 
1083 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1084 	if (!skb)
1085 		return -ENOMEM;
1086 
1087 	cmd = (struct wmi_vdev_up_cmd *)skb->data;
1088 
1089 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_UP_CMD,
1090 						 sizeof(*cmd));
1091 	cmd->vdev_id = cpu_to_le32(vdev_id);
1092 	cmd->vdev_assoc_id = cpu_to_le32(aid);
1093 
1094 	ether_addr_copy(cmd->vdev_bssid.addr, bssid);
1095 
1096 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1097 		   "WMI mgmt vdev up id 0x%x assoc id %d bssid %pM\n",
1098 		   vdev_id, aid, bssid);
1099 
1100 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_VDEV_UP_CMDID);
1101 	if (ret) {
1102 		ath12k_warn(ar->ab, "failed to submit WMI_VDEV_UP cmd\n");
1103 		dev_kfree_skb(skb);
1104 	}
1105 
1106 	return ret;
1107 }
1108 
1109 int ath12k_wmi_send_peer_create_cmd(struct ath12k *ar,
1110 				    struct ath12k_wmi_peer_create_arg *arg)
1111 {
1112 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1113 	struct wmi_peer_create_cmd *cmd;
1114 	struct sk_buff *skb;
1115 	int ret;
1116 
1117 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1118 	if (!skb)
1119 		return -ENOMEM;
1120 
1121 	cmd = (struct wmi_peer_create_cmd *)skb->data;
1122 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PEER_CREATE_CMD,
1123 						 sizeof(*cmd));
1124 
1125 	ether_addr_copy(cmd->peer_macaddr.addr, arg->peer_addr);
1126 	cmd->peer_type = cpu_to_le32(arg->peer_type);
1127 	cmd->vdev_id = cpu_to_le32(arg->vdev_id);
1128 
1129 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1130 		   "WMI peer create vdev_id %d peer_addr %pM\n",
1131 		   arg->vdev_id, arg->peer_addr);
1132 
1133 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PEER_CREATE_CMDID);
1134 	if (ret) {
1135 		ath12k_warn(ar->ab, "failed to submit WMI_PEER_CREATE cmd\n");
1136 		dev_kfree_skb(skb);
1137 	}
1138 
1139 	return ret;
1140 }
1141 
1142 int ath12k_wmi_send_peer_delete_cmd(struct ath12k *ar,
1143 				    const u8 *peer_addr, u8 vdev_id)
1144 {
1145 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1146 	struct wmi_peer_delete_cmd *cmd;
1147 	struct sk_buff *skb;
1148 	int ret;
1149 
1150 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1151 	if (!skb)
1152 		return -ENOMEM;
1153 
1154 	cmd = (struct wmi_peer_delete_cmd *)skb->data;
1155 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PEER_DELETE_CMD,
1156 						 sizeof(*cmd));
1157 
1158 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1159 	cmd->vdev_id = cpu_to_le32(vdev_id);
1160 
1161 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1162 		   "WMI peer delete vdev_id %d peer_addr %pM\n",
1163 		   vdev_id,  peer_addr);
1164 
1165 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PEER_DELETE_CMDID);
1166 	if (ret) {
1167 		ath12k_warn(ar->ab, "failed to send WMI_PEER_DELETE cmd\n");
1168 		dev_kfree_skb(skb);
1169 	}
1170 
1171 	return ret;
1172 }
1173 
1174 int ath12k_wmi_send_pdev_set_regdomain(struct ath12k *ar,
1175 				       struct ath12k_wmi_pdev_set_regdomain_arg *arg)
1176 {
1177 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1178 	struct wmi_pdev_set_regdomain_cmd *cmd;
1179 	struct sk_buff *skb;
1180 	int ret;
1181 
1182 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1183 	if (!skb)
1184 		return -ENOMEM;
1185 
1186 	cmd = (struct wmi_pdev_set_regdomain_cmd *)skb->data;
1187 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_SET_REGDOMAIN_CMD,
1188 						 sizeof(*cmd));
1189 
1190 	cmd->reg_domain = cpu_to_le32(arg->current_rd_in_use);
1191 	cmd->reg_domain_2g = cpu_to_le32(arg->current_rd_2g);
1192 	cmd->reg_domain_5g = cpu_to_le32(arg->current_rd_5g);
1193 	cmd->conformance_test_limit_2g = cpu_to_le32(arg->ctl_2g);
1194 	cmd->conformance_test_limit_5g = cpu_to_le32(arg->ctl_5g);
1195 	cmd->dfs_domain = cpu_to_le32(arg->dfs_domain);
1196 	cmd->pdev_id = cpu_to_le32(arg->pdev_id);
1197 
1198 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1199 		   "WMI pdev regd rd %d rd2g %d rd5g %d domain %d pdev id %d\n",
1200 		   arg->current_rd_in_use, arg->current_rd_2g,
1201 		   arg->current_rd_5g, arg->dfs_domain, arg->pdev_id);
1202 
1203 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_REGDOMAIN_CMDID);
1204 	if (ret) {
1205 		ath12k_warn(ar->ab,
1206 			    "failed to send WMI_PDEV_SET_REGDOMAIN cmd\n");
1207 		dev_kfree_skb(skb);
1208 	}
1209 
1210 	return ret;
1211 }
1212 
1213 int ath12k_wmi_set_peer_param(struct ath12k *ar, const u8 *peer_addr,
1214 			      u32 vdev_id, u32 param_id, u32 param_val)
1215 {
1216 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1217 	struct wmi_peer_set_param_cmd *cmd;
1218 	struct sk_buff *skb;
1219 	int ret;
1220 
1221 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1222 	if (!skb)
1223 		return -ENOMEM;
1224 
1225 	cmd = (struct wmi_peer_set_param_cmd *)skb->data;
1226 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PEER_SET_PARAM_CMD,
1227 						 sizeof(*cmd));
1228 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1229 	cmd->vdev_id = cpu_to_le32(vdev_id);
1230 	cmd->param_id = cpu_to_le32(param_id);
1231 	cmd->param_value = cpu_to_le32(param_val);
1232 
1233 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1234 		   "WMI vdev %d peer 0x%pM set param %d value %d\n",
1235 		   vdev_id, peer_addr, param_id, param_val);
1236 
1237 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PEER_SET_PARAM_CMDID);
1238 	if (ret) {
1239 		ath12k_warn(ar->ab, "failed to send WMI_PEER_SET_PARAM cmd\n");
1240 		dev_kfree_skb(skb);
1241 	}
1242 
1243 	return ret;
1244 }
1245 
1246 int ath12k_wmi_send_peer_flush_tids_cmd(struct ath12k *ar,
1247 					u8 peer_addr[ETH_ALEN],
1248 					u32 peer_tid_bitmap,
1249 					u8 vdev_id)
1250 {
1251 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1252 	struct wmi_peer_flush_tids_cmd *cmd;
1253 	struct sk_buff *skb;
1254 	int ret;
1255 
1256 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1257 	if (!skb)
1258 		return -ENOMEM;
1259 
1260 	cmd = (struct wmi_peer_flush_tids_cmd *)skb->data;
1261 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PEER_FLUSH_TIDS_CMD,
1262 						 sizeof(*cmd));
1263 
1264 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1265 	cmd->peer_tid_bitmap = cpu_to_le32(peer_tid_bitmap);
1266 	cmd->vdev_id = cpu_to_le32(vdev_id);
1267 
1268 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1269 		   "WMI peer flush vdev_id %d peer_addr %pM tids %08x\n",
1270 		   vdev_id, peer_addr, peer_tid_bitmap);
1271 
1272 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PEER_FLUSH_TIDS_CMDID);
1273 	if (ret) {
1274 		ath12k_warn(ar->ab,
1275 			    "failed to send WMI_PEER_FLUSH_TIDS cmd\n");
1276 		dev_kfree_skb(skb);
1277 	}
1278 
1279 	return ret;
1280 }
1281 
1282 int ath12k_wmi_peer_rx_reorder_queue_setup(struct ath12k *ar,
1283 					   int vdev_id, const u8 *addr,
1284 					   dma_addr_t paddr, u8 tid,
1285 					   u8 ba_window_size_valid,
1286 					   u32 ba_window_size)
1287 {
1288 	struct wmi_peer_reorder_queue_setup_cmd *cmd;
1289 	struct sk_buff *skb;
1290 	int ret;
1291 
1292 	skb = ath12k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
1293 	if (!skb)
1294 		return -ENOMEM;
1295 
1296 	cmd = (struct wmi_peer_reorder_queue_setup_cmd *)skb->data;
1297 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_REORDER_QUEUE_SETUP_CMD,
1298 						 sizeof(*cmd));
1299 
1300 	ether_addr_copy(cmd->peer_macaddr.addr, addr);
1301 	cmd->vdev_id = cpu_to_le32(vdev_id);
1302 	cmd->tid = cpu_to_le32(tid);
1303 	cmd->queue_ptr_lo = cpu_to_le32(lower_32_bits(paddr));
1304 	cmd->queue_ptr_hi = cpu_to_le32(upper_32_bits(paddr));
1305 	cmd->queue_no = cpu_to_le32(tid);
1306 	cmd->ba_window_size_valid = cpu_to_le32(ba_window_size_valid);
1307 	cmd->ba_window_size = cpu_to_le32(ba_window_size);
1308 
1309 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1310 		   "wmi rx reorder queue setup addr %pM vdev_id %d tid %d\n",
1311 		   addr, vdev_id, tid);
1312 
1313 	ret = ath12k_wmi_cmd_send(ar->wmi, skb,
1314 				  WMI_PEER_REORDER_QUEUE_SETUP_CMDID);
1315 	if (ret) {
1316 		ath12k_warn(ar->ab,
1317 			    "failed to send WMI_PEER_REORDER_QUEUE_SETUP\n");
1318 		dev_kfree_skb(skb);
1319 	}
1320 
1321 	return ret;
1322 }
1323 
1324 int
1325 ath12k_wmi_rx_reord_queue_remove(struct ath12k *ar,
1326 				 struct ath12k_wmi_rx_reorder_queue_remove_arg *arg)
1327 {
1328 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1329 	struct wmi_peer_reorder_queue_remove_cmd *cmd;
1330 	struct sk_buff *skb;
1331 	int ret;
1332 
1333 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1334 	if (!skb)
1335 		return -ENOMEM;
1336 
1337 	cmd = (struct wmi_peer_reorder_queue_remove_cmd *)skb->data;
1338 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_REORDER_QUEUE_REMOVE_CMD,
1339 						 sizeof(*cmd));
1340 
1341 	ether_addr_copy(cmd->peer_macaddr.addr, arg->peer_macaddr);
1342 	cmd->vdev_id = cpu_to_le32(arg->vdev_id);
1343 	cmd->tid_mask = cpu_to_le32(arg->peer_tid_bitmap);
1344 
1345 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1346 		   "%s: peer_macaddr %pM vdev_id %d, tid_map %d", __func__,
1347 		   arg->peer_macaddr, arg->vdev_id, arg->peer_tid_bitmap);
1348 
1349 	ret = ath12k_wmi_cmd_send(wmi, skb,
1350 				  WMI_PEER_REORDER_QUEUE_REMOVE_CMDID);
1351 	if (ret) {
1352 		ath12k_warn(ar->ab,
1353 			    "failed to send WMI_PEER_REORDER_QUEUE_REMOVE_CMDID");
1354 		dev_kfree_skb(skb);
1355 	}
1356 
1357 	return ret;
1358 }
1359 
1360 int ath12k_wmi_pdev_set_param(struct ath12k *ar, u32 param_id,
1361 			      u32 param_value, u8 pdev_id)
1362 {
1363 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1364 	struct wmi_pdev_set_param_cmd *cmd;
1365 	struct sk_buff *skb;
1366 	int ret;
1367 
1368 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1369 	if (!skb)
1370 		return -ENOMEM;
1371 
1372 	cmd = (struct wmi_pdev_set_param_cmd *)skb->data;
1373 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_SET_PARAM_CMD,
1374 						 sizeof(*cmd));
1375 	cmd->pdev_id = cpu_to_le32(pdev_id);
1376 	cmd->param_id = cpu_to_le32(param_id);
1377 	cmd->param_value = cpu_to_le32(param_value);
1378 
1379 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1380 		   "WMI pdev set param %d pdev id %d value %d\n",
1381 		   param_id, pdev_id, param_value);
1382 
1383 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_PARAM_CMDID);
1384 	if (ret) {
1385 		ath12k_warn(ar->ab, "failed to send WMI_PDEV_SET_PARAM cmd\n");
1386 		dev_kfree_skb(skb);
1387 	}
1388 
1389 	return ret;
1390 }
1391 
1392 int ath12k_wmi_pdev_set_ps_mode(struct ath12k *ar, int vdev_id, u32 enable)
1393 {
1394 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1395 	struct wmi_pdev_set_ps_mode_cmd *cmd;
1396 	struct sk_buff *skb;
1397 	int ret;
1398 
1399 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1400 	if (!skb)
1401 		return -ENOMEM;
1402 
1403 	cmd = (struct wmi_pdev_set_ps_mode_cmd *)skb->data;
1404 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_STA_POWERSAVE_MODE_CMD,
1405 						 sizeof(*cmd));
1406 	cmd->vdev_id = cpu_to_le32(vdev_id);
1407 	cmd->sta_ps_mode = cpu_to_le32(enable);
1408 
1409 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1410 		   "WMI vdev set psmode %d vdev id %d\n",
1411 		   enable, vdev_id);
1412 
1413 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_STA_POWERSAVE_MODE_CMDID);
1414 	if (ret) {
1415 		ath12k_warn(ar->ab, "failed to send WMI_PDEV_SET_PARAM cmd\n");
1416 		dev_kfree_skb(skb);
1417 	}
1418 
1419 	return ret;
1420 }
1421 
1422 int ath12k_wmi_pdev_suspend(struct ath12k *ar, u32 suspend_opt,
1423 			    u32 pdev_id)
1424 {
1425 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1426 	struct wmi_pdev_suspend_cmd *cmd;
1427 	struct sk_buff *skb;
1428 	int ret;
1429 
1430 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1431 	if (!skb)
1432 		return -ENOMEM;
1433 
1434 	cmd = (struct wmi_pdev_suspend_cmd *)skb->data;
1435 
1436 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_SUSPEND_CMD,
1437 						 sizeof(*cmd));
1438 
1439 	cmd->suspend_opt = cpu_to_le32(suspend_opt);
1440 	cmd->pdev_id = cpu_to_le32(pdev_id);
1441 
1442 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1443 		   "WMI pdev suspend pdev_id %d\n", pdev_id);
1444 
1445 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PDEV_SUSPEND_CMDID);
1446 	if (ret) {
1447 		ath12k_warn(ar->ab, "failed to send WMI_PDEV_SUSPEND cmd\n");
1448 		dev_kfree_skb(skb);
1449 	}
1450 
1451 	return ret;
1452 }
1453 
1454 int ath12k_wmi_pdev_resume(struct ath12k *ar, u32 pdev_id)
1455 {
1456 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1457 	struct wmi_pdev_resume_cmd *cmd;
1458 	struct sk_buff *skb;
1459 	int ret;
1460 
1461 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1462 	if (!skb)
1463 		return -ENOMEM;
1464 
1465 	cmd = (struct wmi_pdev_resume_cmd *)skb->data;
1466 
1467 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_RESUME_CMD,
1468 						 sizeof(*cmd));
1469 	cmd->pdev_id = cpu_to_le32(pdev_id);
1470 
1471 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1472 		   "WMI pdev resume pdev id %d\n", pdev_id);
1473 
1474 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PDEV_RESUME_CMDID);
1475 	if (ret) {
1476 		ath12k_warn(ar->ab, "failed to send WMI_PDEV_RESUME cmd\n");
1477 		dev_kfree_skb(skb);
1478 	}
1479 
1480 	return ret;
1481 }
1482 
1483 /* TODO FW Support for the cmd is not available yet.
1484  * Can be tested once the command and corresponding
1485  * event is implemented in FW
1486  */
1487 int ath12k_wmi_pdev_bss_chan_info_request(struct ath12k *ar,
1488 					  enum wmi_bss_chan_info_req_type type)
1489 {
1490 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1491 	struct wmi_pdev_bss_chan_info_req_cmd *cmd;
1492 	struct sk_buff *skb;
1493 	int ret;
1494 
1495 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1496 	if (!skb)
1497 		return -ENOMEM;
1498 
1499 	cmd = (struct wmi_pdev_bss_chan_info_req_cmd *)skb->data;
1500 
1501 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_BSS_CHAN_INFO_REQUEST,
1502 						 sizeof(*cmd));
1503 	cmd->req_type = cpu_to_le32(type);
1504 
1505 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1506 		   "WMI bss chan info req type %d\n", type);
1507 
1508 	ret = ath12k_wmi_cmd_send(wmi, skb,
1509 				  WMI_PDEV_BSS_CHAN_INFO_REQUEST_CMDID);
1510 	if (ret) {
1511 		ath12k_warn(ar->ab,
1512 			    "failed to send WMI_PDEV_BSS_CHAN_INFO_REQUEST cmd\n");
1513 		dev_kfree_skb(skb);
1514 	}
1515 
1516 	return ret;
1517 }
1518 
1519 int ath12k_wmi_send_set_ap_ps_param_cmd(struct ath12k *ar, u8 *peer_addr,
1520 					struct ath12k_wmi_ap_ps_arg *arg)
1521 {
1522 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1523 	struct wmi_ap_ps_peer_cmd *cmd;
1524 	struct sk_buff *skb;
1525 	int ret;
1526 
1527 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1528 	if (!skb)
1529 		return -ENOMEM;
1530 
1531 	cmd = (struct wmi_ap_ps_peer_cmd *)skb->data;
1532 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_AP_PS_PEER_CMD,
1533 						 sizeof(*cmd));
1534 
1535 	cmd->vdev_id = cpu_to_le32(arg->vdev_id);
1536 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1537 	cmd->param = cpu_to_le32(arg->param);
1538 	cmd->value = cpu_to_le32(arg->value);
1539 
1540 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1541 		   "WMI set ap ps vdev id %d peer %pM param %d value %d\n",
1542 		   arg->vdev_id, peer_addr, arg->param, arg->value);
1543 
1544 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_AP_PS_PEER_PARAM_CMDID);
1545 	if (ret) {
1546 		ath12k_warn(ar->ab,
1547 			    "failed to send WMI_AP_PS_PEER_PARAM_CMDID\n");
1548 		dev_kfree_skb(skb);
1549 	}
1550 
1551 	return ret;
1552 }
1553 
1554 int ath12k_wmi_set_sta_ps_param(struct ath12k *ar, u32 vdev_id,
1555 				u32 param, u32 param_value)
1556 {
1557 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1558 	struct wmi_sta_powersave_param_cmd *cmd;
1559 	struct sk_buff *skb;
1560 	int ret;
1561 
1562 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1563 	if (!skb)
1564 		return -ENOMEM;
1565 
1566 	cmd = (struct wmi_sta_powersave_param_cmd *)skb->data;
1567 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_STA_POWERSAVE_PARAM_CMD,
1568 						 sizeof(*cmd));
1569 
1570 	cmd->vdev_id = cpu_to_le32(vdev_id);
1571 	cmd->param = cpu_to_le32(param);
1572 	cmd->value = cpu_to_le32(param_value);
1573 
1574 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1575 		   "WMI set sta ps vdev_id %d param %d value %d\n",
1576 		   vdev_id, param, param_value);
1577 
1578 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_STA_POWERSAVE_PARAM_CMDID);
1579 	if (ret) {
1580 		ath12k_warn(ar->ab, "failed to send WMI_STA_POWERSAVE_PARAM_CMDID");
1581 		dev_kfree_skb(skb);
1582 	}
1583 
1584 	return ret;
1585 }
1586 
1587 int ath12k_wmi_force_fw_hang_cmd(struct ath12k *ar, u32 type, u32 delay_time_ms)
1588 {
1589 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1590 	struct wmi_force_fw_hang_cmd *cmd;
1591 	struct sk_buff *skb;
1592 	int ret, len;
1593 
1594 	len = sizeof(*cmd);
1595 
1596 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
1597 	if (!skb)
1598 		return -ENOMEM;
1599 
1600 	cmd = (struct wmi_force_fw_hang_cmd *)skb->data;
1601 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_FORCE_FW_HANG_CMD,
1602 						 len);
1603 
1604 	cmd->type = cpu_to_le32(type);
1605 	cmd->delay_time_ms = cpu_to_le32(delay_time_ms);
1606 
1607 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_FORCE_FW_HANG_CMDID);
1608 
1609 	if (ret) {
1610 		ath12k_warn(ar->ab, "Failed to send WMI_FORCE_FW_HANG_CMDID");
1611 		dev_kfree_skb(skb);
1612 	}
1613 	return ret;
1614 }
1615 
1616 int ath12k_wmi_vdev_set_param_cmd(struct ath12k *ar, u32 vdev_id,
1617 				  u32 param_id, u32 param_value)
1618 {
1619 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1620 	struct wmi_vdev_set_param_cmd *cmd;
1621 	struct sk_buff *skb;
1622 	int ret;
1623 
1624 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1625 	if (!skb)
1626 		return -ENOMEM;
1627 
1628 	cmd = (struct wmi_vdev_set_param_cmd *)skb->data;
1629 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_SET_PARAM_CMD,
1630 						 sizeof(*cmd));
1631 
1632 	cmd->vdev_id = cpu_to_le32(vdev_id);
1633 	cmd->param_id = cpu_to_le32(param_id);
1634 	cmd->param_value = cpu_to_le32(param_value);
1635 
1636 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1637 		   "WMI vdev id 0x%x set param %d value %d\n",
1638 		   vdev_id, param_id, param_value);
1639 
1640 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_VDEV_SET_PARAM_CMDID);
1641 	if (ret) {
1642 		ath12k_warn(ar->ab,
1643 			    "failed to send WMI_VDEV_SET_PARAM_CMDID\n");
1644 		dev_kfree_skb(skb);
1645 	}
1646 
1647 	return ret;
1648 }
1649 
1650 int ath12k_wmi_send_pdev_temperature_cmd(struct ath12k *ar)
1651 {
1652 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1653 	struct wmi_get_pdev_temperature_cmd *cmd;
1654 	struct sk_buff *skb;
1655 	int ret;
1656 
1657 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1658 	if (!skb)
1659 		return -ENOMEM;
1660 
1661 	cmd = (struct wmi_get_pdev_temperature_cmd *)skb->data;
1662 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_GET_TEMPERATURE_CMD,
1663 						 sizeof(*cmd));
1664 	cmd->pdev_id = cpu_to_le32(ar->pdev->pdev_id);
1665 
1666 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1667 		   "WMI pdev get temperature for pdev_id %d\n", ar->pdev->pdev_id);
1668 
1669 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PDEV_GET_TEMPERATURE_CMDID);
1670 	if (ret) {
1671 		ath12k_warn(ar->ab, "failed to send WMI_PDEV_GET_TEMPERATURE cmd\n");
1672 		dev_kfree_skb(skb);
1673 	}
1674 
1675 	return ret;
1676 }
1677 
1678 int ath12k_wmi_send_bcn_offload_control_cmd(struct ath12k *ar,
1679 					    u32 vdev_id, u32 bcn_ctrl_op)
1680 {
1681 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1682 	struct wmi_bcn_offload_ctrl_cmd *cmd;
1683 	struct sk_buff *skb;
1684 	int ret;
1685 
1686 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1687 	if (!skb)
1688 		return -ENOMEM;
1689 
1690 	cmd = (struct wmi_bcn_offload_ctrl_cmd *)skb->data;
1691 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_BCN_OFFLOAD_CTRL_CMD,
1692 						 sizeof(*cmd));
1693 
1694 	cmd->vdev_id = cpu_to_le32(vdev_id);
1695 	cmd->bcn_ctrl_op = cpu_to_le32(bcn_ctrl_op);
1696 
1697 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1698 		   "WMI bcn ctrl offload vdev id %d ctrl_op %d\n",
1699 		   vdev_id, bcn_ctrl_op);
1700 
1701 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_BCN_OFFLOAD_CTRL_CMDID);
1702 	if (ret) {
1703 		ath12k_warn(ar->ab,
1704 			    "failed to send WMI_BCN_OFFLOAD_CTRL_CMDID\n");
1705 		dev_kfree_skb(skb);
1706 	}
1707 
1708 	return ret;
1709 }
1710 
1711 int ath12k_wmi_bcn_tmpl(struct ath12k *ar, u32 vdev_id,
1712 			struct ieee80211_mutable_offsets *offs,
1713 			struct sk_buff *bcn)
1714 {
1715 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1716 	struct wmi_bcn_tmpl_cmd *cmd;
1717 	struct ath12k_wmi_bcn_prb_info_params *bcn_prb_info;
1718 	struct wmi_tlv *tlv;
1719 	struct sk_buff *skb;
1720 	void *ptr;
1721 	int ret, len;
1722 	size_t aligned_len = roundup(bcn->len, 4);
1723 
1724 	len = sizeof(*cmd) + sizeof(*bcn_prb_info) + TLV_HDR_SIZE + aligned_len;
1725 
1726 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
1727 	if (!skb)
1728 		return -ENOMEM;
1729 
1730 	cmd = (struct wmi_bcn_tmpl_cmd *)skb->data;
1731 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_BCN_TMPL_CMD,
1732 						 sizeof(*cmd));
1733 	cmd->vdev_id = cpu_to_le32(vdev_id);
1734 	cmd->tim_ie_offset = cpu_to_le32(offs->tim_offset);
1735 	cmd->csa_switch_count_offset = cpu_to_le32(offs->cntdwn_counter_offs[0]);
1736 	cmd->ext_csa_switch_count_offset = cpu_to_le32(offs->cntdwn_counter_offs[1]);
1737 	cmd->buf_len = cpu_to_le32(bcn->len);
1738 
1739 	ptr = skb->data + sizeof(*cmd);
1740 
1741 	bcn_prb_info = ptr;
1742 	len = sizeof(*bcn_prb_info);
1743 	bcn_prb_info->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_BCN_PRB_INFO,
1744 							  len);
1745 	bcn_prb_info->caps = 0;
1746 	bcn_prb_info->erp = 0;
1747 
1748 	ptr += sizeof(*bcn_prb_info);
1749 
1750 	tlv = ptr;
1751 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_BYTE, aligned_len);
1752 	memcpy(tlv->value, bcn->data, bcn->len);
1753 
1754 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_BCN_TMPL_CMDID);
1755 	if (ret) {
1756 		ath12k_warn(ar->ab, "failed to send WMI_BCN_TMPL_CMDID\n");
1757 		dev_kfree_skb(skb);
1758 	}
1759 
1760 	return ret;
1761 }
1762 
1763 int ath12k_wmi_vdev_install_key(struct ath12k *ar,
1764 				struct wmi_vdev_install_key_arg *arg)
1765 {
1766 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1767 	struct wmi_vdev_install_key_cmd *cmd;
1768 	struct wmi_tlv *tlv;
1769 	struct sk_buff *skb;
1770 	int ret, len, key_len_aligned;
1771 
1772 	/* WMI_TAG_ARRAY_BYTE needs to be aligned with 4, the actual key
1773 	 * length is specified in cmd->key_len.
1774 	 */
1775 	key_len_aligned = roundup(arg->key_len, 4);
1776 
1777 	len = sizeof(*cmd) + TLV_HDR_SIZE + key_len_aligned;
1778 
1779 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
1780 	if (!skb)
1781 		return -ENOMEM;
1782 
1783 	cmd = (struct wmi_vdev_install_key_cmd *)skb->data;
1784 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_INSTALL_KEY_CMD,
1785 						 sizeof(*cmd));
1786 	cmd->vdev_id = cpu_to_le32(arg->vdev_id);
1787 	ether_addr_copy(cmd->peer_macaddr.addr, arg->macaddr);
1788 	cmd->key_idx = cpu_to_le32(arg->key_idx);
1789 	cmd->key_flags = cpu_to_le32(arg->key_flags);
1790 	cmd->key_cipher = cpu_to_le32(arg->key_cipher);
1791 	cmd->key_len = cpu_to_le32(arg->key_len);
1792 	cmd->key_txmic_len = cpu_to_le32(arg->key_txmic_len);
1793 	cmd->key_rxmic_len = cpu_to_le32(arg->key_rxmic_len);
1794 
1795 	if (arg->key_rsc_counter)
1796 		cmd->key_rsc_counter = cpu_to_le64(arg->key_rsc_counter);
1797 
1798 	tlv = (struct wmi_tlv *)(skb->data + sizeof(*cmd));
1799 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_BYTE, key_len_aligned);
1800 	memcpy(tlv->value, arg->key_data, arg->key_len);
1801 
1802 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1803 		   "WMI vdev install key idx %d cipher %d len %d\n",
1804 		   arg->key_idx, arg->key_cipher, arg->key_len);
1805 
1806 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_VDEV_INSTALL_KEY_CMDID);
1807 	if (ret) {
1808 		ath12k_warn(ar->ab,
1809 			    "failed to send WMI_VDEV_INSTALL_KEY cmd\n");
1810 		dev_kfree_skb(skb);
1811 	}
1812 
1813 	return ret;
1814 }
1815 
1816 static void ath12k_wmi_copy_peer_flags(struct wmi_peer_assoc_complete_cmd *cmd,
1817 				       struct ath12k_wmi_peer_assoc_arg *arg,
1818 				       bool hw_crypto_disabled)
1819 {
1820 	cmd->peer_flags = 0;
1821 	cmd->peer_flags_ext = 0;
1822 
1823 	if (arg->is_wme_set) {
1824 		if (arg->qos_flag)
1825 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_QOS);
1826 		if (arg->apsd_flag)
1827 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_APSD);
1828 		if (arg->ht_flag)
1829 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_HT);
1830 		if (arg->bw_40)
1831 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_40MHZ);
1832 		if (arg->bw_80)
1833 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_80MHZ);
1834 		if (arg->bw_160)
1835 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_160MHZ);
1836 		if (arg->bw_320)
1837 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_EXT_320MHZ);
1838 
1839 		/* Typically if STBC is enabled for VHT it should be enabled
1840 		 * for HT as well
1841 		 **/
1842 		if (arg->stbc_flag)
1843 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_STBC);
1844 
1845 		/* Typically if LDPC is enabled for VHT it should be enabled
1846 		 * for HT as well
1847 		 **/
1848 		if (arg->ldpc_flag)
1849 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_LDPC);
1850 
1851 		if (arg->static_mimops_flag)
1852 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_STATIC_MIMOPS);
1853 		if (arg->dynamic_mimops_flag)
1854 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_DYN_MIMOPS);
1855 		if (arg->spatial_mux_flag)
1856 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_SPATIAL_MUX);
1857 		if (arg->vht_flag)
1858 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_VHT);
1859 		if (arg->he_flag)
1860 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_HE);
1861 		if (arg->twt_requester)
1862 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_TWT_REQ);
1863 		if (arg->twt_responder)
1864 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_TWT_RESP);
1865 		if (arg->eht_flag)
1866 			cmd->peer_flags_ext |= cpu_to_le32(WMI_PEER_EXT_EHT);
1867 	}
1868 
1869 	/* Suppress authorization for all AUTH modes that need 4-way handshake
1870 	 * (during re-association).
1871 	 * Authorization will be done for these modes on key installation.
1872 	 */
1873 	if (arg->auth_flag)
1874 		cmd->peer_flags |= cpu_to_le32(WMI_PEER_AUTH);
1875 	if (arg->need_ptk_4_way) {
1876 		cmd->peer_flags |= cpu_to_le32(WMI_PEER_NEED_PTK_4_WAY);
1877 		if (!hw_crypto_disabled)
1878 			cmd->peer_flags &= cpu_to_le32(~WMI_PEER_AUTH);
1879 	}
1880 	if (arg->need_gtk_2_way)
1881 		cmd->peer_flags |= cpu_to_le32(WMI_PEER_NEED_GTK_2_WAY);
1882 	/* safe mode bypass the 4-way handshake */
1883 	if (arg->safe_mode_enabled)
1884 		cmd->peer_flags &= cpu_to_le32(~(WMI_PEER_NEED_PTK_4_WAY |
1885 						 WMI_PEER_NEED_GTK_2_WAY));
1886 
1887 	if (arg->is_pmf_enabled)
1888 		cmd->peer_flags |= cpu_to_le32(WMI_PEER_PMF);
1889 
1890 	/* Disable AMSDU for station transmit, if user configures it */
1891 	/* Disable AMSDU for AP transmit to 11n Stations, if user configures
1892 	 * it
1893 	 * if (arg->amsdu_disable) Add after FW support
1894 	 **/
1895 
1896 	/* Target asserts if node is marked HT and all MCS is set to 0.
1897 	 * Mark the node as non-HT if all the mcs rates are disabled through
1898 	 * iwpriv
1899 	 **/
1900 	if (arg->peer_ht_rates.num_rates == 0)
1901 		cmd->peer_flags &= cpu_to_le32(~WMI_PEER_HT);
1902 }
1903 
1904 int ath12k_wmi_send_peer_assoc_cmd(struct ath12k *ar,
1905 				   struct ath12k_wmi_peer_assoc_arg *arg)
1906 {
1907 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1908 	struct wmi_peer_assoc_complete_cmd *cmd;
1909 	struct ath12k_wmi_vht_rate_set_params *mcs;
1910 	struct ath12k_wmi_he_rate_set_params *he_mcs;
1911 	struct ath12k_wmi_eht_rate_set_params *eht_mcs;
1912 	struct sk_buff *skb;
1913 	struct wmi_tlv *tlv;
1914 	void *ptr;
1915 	u32 peer_legacy_rates_align;
1916 	u32 peer_ht_rates_align;
1917 	int i, ret, len;
1918 
1919 	peer_legacy_rates_align = roundup(arg->peer_legacy_rates.num_rates,
1920 					  sizeof(u32));
1921 	peer_ht_rates_align = roundup(arg->peer_ht_rates.num_rates,
1922 				      sizeof(u32));
1923 
1924 	len = sizeof(*cmd) +
1925 	      TLV_HDR_SIZE + (peer_legacy_rates_align * sizeof(u8)) +
1926 	      TLV_HDR_SIZE + (peer_ht_rates_align * sizeof(u8)) +
1927 	      sizeof(*mcs) + TLV_HDR_SIZE +
1928 	      (sizeof(*he_mcs) * arg->peer_he_mcs_count) +
1929 	      TLV_HDR_SIZE + (sizeof(*eht_mcs) * arg->peer_eht_mcs_count) +
1930 	      TLV_HDR_SIZE + TLV_HDR_SIZE;
1931 
1932 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
1933 	if (!skb)
1934 		return -ENOMEM;
1935 
1936 	ptr = skb->data;
1937 
1938 	cmd = ptr;
1939 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PEER_ASSOC_COMPLETE_CMD,
1940 						 sizeof(*cmd));
1941 
1942 	cmd->vdev_id = cpu_to_le32(arg->vdev_id);
1943 
1944 	cmd->peer_new_assoc = cpu_to_le32(arg->peer_new_assoc);
1945 	cmd->peer_associd = cpu_to_le32(arg->peer_associd);
1946 	cmd->punct_bitmap = cpu_to_le32(arg->punct_bitmap);
1947 
1948 	ath12k_wmi_copy_peer_flags(cmd, arg,
1949 				   test_bit(ATH12K_FLAG_HW_CRYPTO_DISABLED,
1950 					    &ar->ab->dev_flags));
1951 
1952 	ether_addr_copy(cmd->peer_macaddr.addr, arg->peer_mac);
1953 
1954 	cmd->peer_rate_caps = cpu_to_le32(arg->peer_rate_caps);
1955 	cmd->peer_caps = cpu_to_le32(arg->peer_caps);
1956 	cmd->peer_listen_intval = cpu_to_le32(arg->peer_listen_intval);
1957 	cmd->peer_ht_caps = cpu_to_le32(arg->peer_ht_caps);
1958 	cmd->peer_max_mpdu = cpu_to_le32(arg->peer_max_mpdu);
1959 	cmd->peer_mpdu_density = cpu_to_le32(arg->peer_mpdu_density);
1960 	cmd->peer_vht_caps = cpu_to_le32(arg->peer_vht_caps);
1961 	cmd->peer_phymode = cpu_to_le32(arg->peer_phymode);
1962 
1963 	/* Update 11ax capabilities */
1964 	cmd->peer_he_cap_info = cpu_to_le32(arg->peer_he_cap_macinfo[0]);
1965 	cmd->peer_he_cap_info_ext = cpu_to_le32(arg->peer_he_cap_macinfo[1]);
1966 	cmd->peer_he_cap_info_internal = cpu_to_le32(arg->peer_he_cap_macinfo_internal);
1967 	cmd->peer_he_caps_6ghz = cpu_to_le32(arg->peer_he_caps_6ghz);
1968 	cmd->peer_he_ops = cpu_to_le32(arg->peer_he_ops);
1969 	for (i = 0; i < WMI_MAX_HECAP_PHY_SIZE; i++)
1970 		cmd->peer_he_cap_phy[i] =
1971 			cpu_to_le32(arg->peer_he_cap_phyinfo[i]);
1972 	cmd->peer_ppet.numss_m1 = cpu_to_le32(arg->peer_ppet.numss_m1);
1973 	cmd->peer_ppet.ru_info = cpu_to_le32(arg->peer_ppet.ru_bit_mask);
1974 	for (i = 0; i < WMI_MAX_NUM_SS; i++)
1975 		cmd->peer_ppet.ppet16_ppet8_ru3_ru0[i] =
1976 			cpu_to_le32(arg->peer_ppet.ppet16_ppet8_ru3_ru0[i]);
1977 
1978 	/* Update 11be capabilities */
1979 	memcpy_and_pad(cmd->peer_eht_cap_mac, sizeof(cmd->peer_eht_cap_mac),
1980 		       arg->peer_eht_cap_mac, sizeof(arg->peer_eht_cap_mac),
1981 		       0);
1982 	memcpy_and_pad(cmd->peer_eht_cap_phy, sizeof(cmd->peer_eht_cap_phy),
1983 		       arg->peer_eht_cap_phy, sizeof(arg->peer_eht_cap_phy),
1984 		       0);
1985 	memcpy_and_pad(&cmd->peer_eht_ppet, sizeof(cmd->peer_eht_ppet),
1986 		       &arg->peer_eht_ppet, sizeof(arg->peer_eht_ppet), 0);
1987 
1988 	/* Update peer legacy rate information */
1989 	ptr += sizeof(*cmd);
1990 
1991 	tlv = ptr;
1992 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_BYTE, peer_legacy_rates_align);
1993 
1994 	ptr += TLV_HDR_SIZE;
1995 
1996 	cmd->num_peer_legacy_rates = cpu_to_le32(arg->peer_legacy_rates.num_rates);
1997 	memcpy(ptr, arg->peer_legacy_rates.rates,
1998 	       arg->peer_legacy_rates.num_rates);
1999 
2000 	/* Update peer HT rate information */
2001 	ptr += peer_legacy_rates_align;
2002 
2003 	tlv = ptr;
2004 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_BYTE, peer_ht_rates_align);
2005 	ptr += TLV_HDR_SIZE;
2006 	cmd->num_peer_ht_rates = cpu_to_le32(arg->peer_ht_rates.num_rates);
2007 	memcpy(ptr, arg->peer_ht_rates.rates,
2008 	       arg->peer_ht_rates.num_rates);
2009 
2010 	/* VHT Rates */
2011 	ptr += peer_ht_rates_align;
2012 
2013 	mcs = ptr;
2014 
2015 	mcs->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VHT_RATE_SET,
2016 						 sizeof(*mcs));
2017 
2018 	cmd->peer_nss = cpu_to_le32(arg->peer_nss);
2019 
2020 	/* Update bandwidth-NSS mapping */
2021 	cmd->peer_bw_rxnss_override = 0;
2022 	cmd->peer_bw_rxnss_override |= cpu_to_le32(arg->peer_bw_rxnss_override);
2023 
2024 	if (arg->vht_capable) {
2025 		mcs->rx_max_rate = cpu_to_le32(arg->rx_max_rate);
2026 		mcs->rx_mcs_set = cpu_to_le32(arg->rx_mcs_set);
2027 		mcs->tx_max_rate = cpu_to_le32(arg->tx_max_rate);
2028 		mcs->tx_mcs_set = cpu_to_le32(arg->tx_mcs_set);
2029 	}
2030 
2031 	/* HE Rates */
2032 	cmd->peer_he_mcs = cpu_to_le32(arg->peer_he_mcs_count);
2033 	cmd->min_data_rate = cpu_to_le32(arg->min_data_rate);
2034 
2035 	ptr += sizeof(*mcs);
2036 
2037 	len = arg->peer_he_mcs_count * sizeof(*he_mcs);
2038 
2039 	tlv = ptr;
2040 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_STRUCT, len);
2041 	ptr += TLV_HDR_SIZE;
2042 
2043 	/* Loop through the HE rate set */
2044 	for (i = 0; i < arg->peer_he_mcs_count; i++) {
2045 		he_mcs = ptr;
2046 		he_mcs->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_HE_RATE_SET,
2047 							    sizeof(*he_mcs));
2048 
2049 		he_mcs->rx_mcs_set = cpu_to_le32(arg->peer_he_rx_mcs_set[i]);
2050 		he_mcs->tx_mcs_set = cpu_to_le32(arg->peer_he_tx_mcs_set[i]);
2051 		ptr += sizeof(*he_mcs);
2052 	}
2053 
2054 	/* MLO header tag with 0 length */
2055 	len = 0;
2056 	tlv = ptr;
2057 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_STRUCT, len);
2058 	ptr += TLV_HDR_SIZE;
2059 
2060 	/* Loop through the EHT rate set */
2061 	len = arg->peer_eht_mcs_count * sizeof(*eht_mcs);
2062 	tlv = ptr;
2063 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_STRUCT, len);
2064 	ptr += TLV_HDR_SIZE;
2065 
2066 	for (i = 0; i < arg->peer_eht_mcs_count; i++) {
2067 		eht_mcs = ptr;
2068 		eht_mcs->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_HE_RATE_SET,
2069 							     sizeof(*eht_mcs));
2070 
2071 		eht_mcs->rx_mcs_set = cpu_to_le32(arg->peer_eht_rx_mcs_set[i]);
2072 		eht_mcs->tx_mcs_set = cpu_to_le32(arg->peer_eht_tx_mcs_set[i]);
2073 		ptr += sizeof(*eht_mcs);
2074 	}
2075 
2076 	/* ML partner links tag with 0 length */
2077 	len = 0;
2078 	tlv = ptr;
2079 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_STRUCT, len);
2080 	ptr += TLV_HDR_SIZE;
2081 
2082 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2083 		   "wmi peer assoc vdev id %d assoc id %d peer mac %pM peer_flags %x rate_caps %x peer_caps %x listen_intval %d ht_caps %x max_mpdu %d nss %d phymode %d peer_mpdu_density %d vht_caps %x he cap_info %x he ops %x he cap_info_ext %x he phy %x %x %x peer_bw_rxnss_override %x peer_flags_ext %x eht mac_cap %x %x eht phy_cap %x %x %x\n",
2084 		   cmd->vdev_id, cmd->peer_associd, arg->peer_mac,
2085 		   cmd->peer_flags, cmd->peer_rate_caps, cmd->peer_caps,
2086 		   cmd->peer_listen_intval, cmd->peer_ht_caps,
2087 		   cmd->peer_max_mpdu, cmd->peer_nss, cmd->peer_phymode,
2088 		   cmd->peer_mpdu_density,
2089 		   cmd->peer_vht_caps, cmd->peer_he_cap_info,
2090 		   cmd->peer_he_ops, cmd->peer_he_cap_info_ext,
2091 		   cmd->peer_he_cap_phy[0], cmd->peer_he_cap_phy[1],
2092 		   cmd->peer_he_cap_phy[2],
2093 		   cmd->peer_bw_rxnss_override, cmd->peer_flags_ext,
2094 		   cmd->peer_eht_cap_mac[0], cmd->peer_eht_cap_mac[1],
2095 		   cmd->peer_eht_cap_phy[0], cmd->peer_eht_cap_phy[1],
2096 		   cmd->peer_eht_cap_phy[2]);
2097 
2098 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PEER_ASSOC_CMDID);
2099 	if (ret) {
2100 		ath12k_warn(ar->ab,
2101 			    "failed to send WMI_PEER_ASSOC_CMDID\n");
2102 		dev_kfree_skb(skb);
2103 	}
2104 
2105 	return ret;
2106 }
2107 
2108 void ath12k_wmi_start_scan_init(struct ath12k *ar,
2109 				struct ath12k_wmi_scan_req_arg *arg)
2110 {
2111 	/* setup commonly used values */
2112 	arg->scan_req_id = 1;
2113 	arg->scan_priority = WMI_SCAN_PRIORITY_LOW;
2114 	arg->dwell_time_active = 50;
2115 	arg->dwell_time_active_2g = 0;
2116 	arg->dwell_time_passive = 150;
2117 	arg->dwell_time_active_6g = 40;
2118 	arg->dwell_time_passive_6g = 30;
2119 	arg->min_rest_time = 50;
2120 	arg->max_rest_time = 500;
2121 	arg->repeat_probe_time = 0;
2122 	arg->probe_spacing_time = 0;
2123 	arg->idle_time = 0;
2124 	arg->max_scan_time = 20000;
2125 	arg->probe_delay = 5;
2126 	arg->notify_scan_events = WMI_SCAN_EVENT_STARTED |
2127 				  WMI_SCAN_EVENT_COMPLETED |
2128 				  WMI_SCAN_EVENT_BSS_CHANNEL |
2129 				  WMI_SCAN_EVENT_FOREIGN_CHAN |
2130 				  WMI_SCAN_EVENT_DEQUEUED;
2131 	arg->scan_flags |= WMI_SCAN_CHAN_STAT_EVENT;
2132 	arg->num_bssid = 1;
2133 
2134 	/* fill bssid_list[0] with 0xff, otherwise bssid and RA will be
2135 	 * ZEROs in probe request
2136 	 */
2137 	eth_broadcast_addr(arg->bssid_list[0].addr);
2138 }
2139 
2140 static void ath12k_wmi_copy_scan_event_cntrl_flags(struct wmi_start_scan_cmd *cmd,
2141 						   struct ath12k_wmi_scan_req_arg *arg)
2142 {
2143 	/* Scan events subscription */
2144 	if (arg->scan_ev_started)
2145 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_STARTED);
2146 	if (arg->scan_ev_completed)
2147 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_COMPLETED);
2148 	if (arg->scan_ev_bss_chan)
2149 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_BSS_CHANNEL);
2150 	if (arg->scan_ev_foreign_chan)
2151 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_FOREIGN_CHAN);
2152 	if (arg->scan_ev_dequeued)
2153 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_DEQUEUED);
2154 	if (arg->scan_ev_preempted)
2155 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_PREEMPTED);
2156 	if (arg->scan_ev_start_failed)
2157 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_START_FAILED);
2158 	if (arg->scan_ev_restarted)
2159 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_RESTARTED);
2160 	if (arg->scan_ev_foreign_chn_exit)
2161 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_FOREIGN_CHAN_EXIT);
2162 	if (arg->scan_ev_suspended)
2163 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_SUSPENDED);
2164 	if (arg->scan_ev_resumed)
2165 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_RESUMED);
2166 
2167 	/** Set scan control flags */
2168 	cmd->scan_ctrl_flags = 0;
2169 	if (arg->scan_f_passive)
2170 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_FLAG_PASSIVE);
2171 	if (arg->scan_f_strict_passive_pch)
2172 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_FLAG_STRICT_PASSIVE_ON_PCHN);
2173 	if (arg->scan_f_promisc_mode)
2174 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_FILTER_PROMISCUOS);
2175 	if (arg->scan_f_capture_phy_err)
2176 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_CAPTURE_PHY_ERROR);
2177 	if (arg->scan_f_half_rate)
2178 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_FLAG_HALF_RATE_SUPPORT);
2179 	if (arg->scan_f_quarter_rate)
2180 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_FLAG_QUARTER_RATE_SUPPORT);
2181 	if (arg->scan_f_cck_rates)
2182 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_ADD_CCK_RATES);
2183 	if (arg->scan_f_ofdm_rates)
2184 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_ADD_OFDM_RATES);
2185 	if (arg->scan_f_chan_stat_evnt)
2186 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_CHAN_STAT_EVENT);
2187 	if (arg->scan_f_filter_prb_req)
2188 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_FILTER_PROBE_REQ);
2189 	if (arg->scan_f_bcast_probe)
2190 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_ADD_BCAST_PROBE_REQ);
2191 	if (arg->scan_f_offchan_mgmt_tx)
2192 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_OFFCHAN_MGMT_TX);
2193 	if (arg->scan_f_offchan_data_tx)
2194 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_OFFCHAN_DATA_TX);
2195 	if (arg->scan_f_force_active_dfs_chn)
2196 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_FLAG_FORCE_ACTIVE_ON_DFS);
2197 	if (arg->scan_f_add_tpc_ie_in_probe)
2198 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_ADD_TPC_IE_IN_PROBE_REQ);
2199 	if (arg->scan_f_add_ds_ie_in_probe)
2200 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_ADD_DS_IE_IN_PROBE_REQ);
2201 	if (arg->scan_f_add_spoofed_mac_in_probe)
2202 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_ADD_SPOOF_MAC_IN_PROBE_REQ);
2203 	if (arg->scan_f_add_rand_seq_in_probe)
2204 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_RANDOM_SEQ_NO_IN_PROBE_REQ);
2205 	if (arg->scan_f_en_ie_whitelist_in_probe)
2206 		cmd->scan_ctrl_flags |=
2207 			cpu_to_le32(WMI_SCAN_ENABLE_IE_WHTELIST_IN_PROBE_REQ);
2208 
2209 	cmd->scan_ctrl_flags |= le32_encode_bits(arg->adaptive_dwell_time_mode,
2210 						 WMI_SCAN_DWELL_MODE_MASK);
2211 }
2212 
2213 int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
2214 				   struct ath12k_wmi_scan_req_arg *arg)
2215 {
2216 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2217 	struct wmi_start_scan_cmd *cmd;
2218 	struct ath12k_wmi_ssid_params *ssid = NULL;
2219 	struct ath12k_wmi_mac_addr_params *bssid;
2220 	struct sk_buff *skb;
2221 	struct wmi_tlv *tlv;
2222 	void *ptr;
2223 	int i, ret, len;
2224 	u32 *tmp_ptr, extraie_len_with_pad = 0;
2225 	struct ath12k_wmi_hint_short_ssid_arg *s_ssid = NULL;
2226 	struct ath12k_wmi_hint_bssid_arg *hint_bssid = NULL;
2227 
2228 	len = sizeof(*cmd);
2229 
2230 	len += TLV_HDR_SIZE;
2231 	if (arg->num_chan)
2232 		len += arg->num_chan * sizeof(u32);
2233 
2234 	len += TLV_HDR_SIZE;
2235 	if (arg->num_ssids)
2236 		len += arg->num_ssids * sizeof(*ssid);
2237 
2238 	len += TLV_HDR_SIZE;
2239 	if (arg->num_bssid)
2240 		len += sizeof(*bssid) * arg->num_bssid;
2241 
2242 	if (arg->num_hint_bssid)
2243 		len += TLV_HDR_SIZE +
2244 		       arg->num_hint_bssid * sizeof(*hint_bssid);
2245 
2246 	if (arg->num_hint_s_ssid)
2247 		len += TLV_HDR_SIZE +
2248 		       arg->num_hint_s_ssid * sizeof(*s_ssid);
2249 
2250 	len += TLV_HDR_SIZE;
2251 	if (arg->extraie.len)
2252 		extraie_len_with_pad =
2253 			roundup(arg->extraie.len, sizeof(u32));
2254 	if (extraie_len_with_pad <= (wmi->wmi_ab->max_msg_len[ar->pdev_idx] - len)) {
2255 		len += extraie_len_with_pad;
2256 	} else {
2257 		ath12k_warn(ar->ab, "discard large size %d bytes extraie for scan start\n",
2258 			    arg->extraie.len);
2259 		extraie_len_with_pad = 0;
2260 	}
2261 
2262 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
2263 	if (!skb)
2264 		return -ENOMEM;
2265 
2266 	ptr = skb->data;
2267 
2268 	cmd = ptr;
2269 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_START_SCAN_CMD,
2270 						 sizeof(*cmd));
2271 
2272 	cmd->scan_id = cpu_to_le32(arg->scan_id);
2273 	cmd->scan_req_id = cpu_to_le32(arg->scan_req_id);
2274 	cmd->vdev_id = cpu_to_le32(arg->vdev_id);
2275 	cmd->scan_priority = cpu_to_le32(arg->scan_priority);
2276 	cmd->notify_scan_events = cpu_to_le32(arg->notify_scan_events);
2277 
2278 	ath12k_wmi_copy_scan_event_cntrl_flags(cmd, arg);
2279 
2280 	cmd->dwell_time_active = cpu_to_le32(arg->dwell_time_active);
2281 	cmd->dwell_time_active_2g = cpu_to_le32(arg->dwell_time_active_2g);
2282 	cmd->dwell_time_passive = cpu_to_le32(arg->dwell_time_passive);
2283 	cmd->dwell_time_active_6g = cpu_to_le32(arg->dwell_time_active_6g);
2284 	cmd->dwell_time_passive_6g = cpu_to_le32(arg->dwell_time_passive_6g);
2285 	cmd->min_rest_time = cpu_to_le32(arg->min_rest_time);
2286 	cmd->max_rest_time = cpu_to_le32(arg->max_rest_time);
2287 	cmd->repeat_probe_time = cpu_to_le32(arg->repeat_probe_time);
2288 	cmd->probe_spacing_time = cpu_to_le32(arg->probe_spacing_time);
2289 	cmd->idle_time = cpu_to_le32(arg->idle_time);
2290 	cmd->max_scan_time = cpu_to_le32(arg->max_scan_time);
2291 	cmd->probe_delay = cpu_to_le32(arg->probe_delay);
2292 	cmd->burst_duration = cpu_to_le32(arg->burst_duration);
2293 	cmd->num_chan = cpu_to_le32(arg->num_chan);
2294 	cmd->num_bssid = cpu_to_le32(arg->num_bssid);
2295 	cmd->num_ssids = cpu_to_le32(arg->num_ssids);
2296 	cmd->ie_len = cpu_to_le32(arg->extraie.len);
2297 	cmd->n_probes = cpu_to_le32(arg->n_probes);
2298 
2299 	ptr += sizeof(*cmd);
2300 
2301 	len = arg->num_chan * sizeof(u32);
2302 
2303 	tlv = ptr;
2304 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_UINT32, len);
2305 	ptr += TLV_HDR_SIZE;
2306 	tmp_ptr = (u32 *)ptr;
2307 
2308 	memcpy(tmp_ptr, arg->chan_list, arg->num_chan * 4);
2309 
2310 	ptr += len;
2311 
2312 	len = arg->num_ssids * sizeof(*ssid);
2313 	tlv = ptr;
2314 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_FIXED_STRUCT, len);
2315 
2316 	ptr += TLV_HDR_SIZE;
2317 
2318 	if (arg->num_ssids) {
2319 		ssid = ptr;
2320 		for (i = 0; i < arg->num_ssids; ++i) {
2321 			ssid->ssid_len = cpu_to_le32(arg->ssid[i].ssid_len);
2322 			memcpy(ssid->ssid, arg->ssid[i].ssid,
2323 			       arg->ssid[i].ssid_len);
2324 			ssid++;
2325 		}
2326 	}
2327 
2328 	ptr += (arg->num_ssids * sizeof(*ssid));
2329 	len = arg->num_bssid * sizeof(*bssid);
2330 	tlv = ptr;
2331 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_FIXED_STRUCT, len);
2332 
2333 	ptr += TLV_HDR_SIZE;
2334 	bssid = ptr;
2335 
2336 	if (arg->num_bssid) {
2337 		for (i = 0; i < arg->num_bssid; ++i) {
2338 			ether_addr_copy(bssid->addr,
2339 					arg->bssid_list[i].addr);
2340 			bssid++;
2341 		}
2342 	}
2343 
2344 	ptr += arg->num_bssid * sizeof(*bssid);
2345 
2346 	len = extraie_len_with_pad;
2347 	tlv = ptr;
2348 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_BYTE, len);
2349 	ptr += TLV_HDR_SIZE;
2350 
2351 	if (extraie_len_with_pad)
2352 		memcpy(ptr, arg->extraie.ptr,
2353 		       arg->extraie.len);
2354 
2355 	ptr += extraie_len_with_pad;
2356 
2357 	if (arg->num_hint_s_ssid) {
2358 		len = arg->num_hint_s_ssid * sizeof(*s_ssid);
2359 		tlv = ptr;
2360 		tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_FIXED_STRUCT, len);
2361 		ptr += TLV_HDR_SIZE;
2362 		s_ssid = ptr;
2363 		for (i = 0; i < arg->num_hint_s_ssid; ++i) {
2364 			s_ssid->freq_flags = arg->hint_s_ssid[i].freq_flags;
2365 			s_ssid->short_ssid = arg->hint_s_ssid[i].short_ssid;
2366 			s_ssid++;
2367 		}
2368 		ptr += len;
2369 	}
2370 
2371 	if (arg->num_hint_bssid) {
2372 		len = arg->num_hint_bssid * sizeof(struct ath12k_wmi_hint_bssid_arg);
2373 		tlv = ptr;
2374 		tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_FIXED_STRUCT, len);
2375 		ptr += TLV_HDR_SIZE;
2376 		hint_bssid = ptr;
2377 		for (i = 0; i < arg->num_hint_bssid; ++i) {
2378 			hint_bssid->freq_flags =
2379 				arg->hint_bssid[i].freq_flags;
2380 			ether_addr_copy(&arg->hint_bssid[i].bssid.addr[0],
2381 					&hint_bssid->bssid.addr[0]);
2382 			hint_bssid++;
2383 		}
2384 	}
2385 
2386 	ret = ath12k_wmi_cmd_send(wmi, skb,
2387 				  WMI_START_SCAN_CMDID);
2388 	if (ret) {
2389 		ath12k_warn(ar->ab, "failed to send WMI_START_SCAN_CMDID\n");
2390 		dev_kfree_skb(skb);
2391 	}
2392 
2393 	return ret;
2394 }
2395 
2396 int ath12k_wmi_send_scan_stop_cmd(struct ath12k *ar,
2397 				  struct ath12k_wmi_scan_cancel_arg *arg)
2398 {
2399 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2400 	struct wmi_stop_scan_cmd *cmd;
2401 	struct sk_buff *skb;
2402 	int ret;
2403 
2404 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2405 	if (!skb)
2406 		return -ENOMEM;
2407 
2408 	cmd = (struct wmi_stop_scan_cmd *)skb->data;
2409 
2410 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_STOP_SCAN_CMD,
2411 						 sizeof(*cmd));
2412 
2413 	cmd->vdev_id = cpu_to_le32(arg->vdev_id);
2414 	cmd->requestor = cpu_to_le32(arg->requester);
2415 	cmd->scan_id = cpu_to_le32(arg->scan_id);
2416 	cmd->pdev_id = cpu_to_le32(arg->pdev_id);
2417 	/* stop the scan with the corresponding scan_id */
2418 	if (arg->req_type == WLAN_SCAN_CANCEL_PDEV_ALL) {
2419 		/* Cancelling all scans */
2420 		cmd->req_type = cpu_to_le32(WMI_SCAN_STOP_ALL);
2421 	} else if (arg->req_type == WLAN_SCAN_CANCEL_VDEV_ALL) {
2422 		/* Cancelling VAP scans */
2423 		cmd->req_type = cpu_to_le32(WMI_SCAN_STOP_VAP_ALL);
2424 	} else if (arg->req_type == WLAN_SCAN_CANCEL_SINGLE) {
2425 		/* Cancelling specific scan */
2426 		cmd->req_type = WMI_SCAN_STOP_ONE;
2427 	} else {
2428 		ath12k_warn(ar->ab, "invalid scan cancel req_type %d",
2429 			    arg->req_type);
2430 		dev_kfree_skb(skb);
2431 		return -EINVAL;
2432 	}
2433 
2434 	ret = ath12k_wmi_cmd_send(wmi, skb,
2435 				  WMI_STOP_SCAN_CMDID);
2436 	if (ret) {
2437 		ath12k_warn(ar->ab, "failed to send WMI_STOP_SCAN_CMDID\n");
2438 		dev_kfree_skb(skb);
2439 	}
2440 
2441 	return ret;
2442 }
2443 
2444 int ath12k_wmi_send_scan_chan_list_cmd(struct ath12k *ar,
2445 				       struct ath12k_wmi_scan_chan_list_arg *arg)
2446 {
2447 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2448 	struct wmi_scan_chan_list_cmd *cmd;
2449 	struct sk_buff *skb;
2450 	struct ath12k_wmi_channel_params *chan_info;
2451 	struct ath12k_wmi_channel_arg *channel_arg;
2452 	struct wmi_tlv *tlv;
2453 	void *ptr;
2454 	int i, ret, len;
2455 	u16 num_send_chans, num_sends = 0, max_chan_limit = 0;
2456 	__le32 *reg1, *reg2;
2457 
2458 	channel_arg = &arg->channel[0];
2459 	while (arg->nallchans) {
2460 		len = sizeof(*cmd) + TLV_HDR_SIZE;
2461 		max_chan_limit = (wmi->wmi_ab->max_msg_len[ar->pdev_idx] - len) /
2462 			sizeof(*chan_info);
2463 
2464 		num_send_chans = min(arg->nallchans, max_chan_limit);
2465 
2466 		arg->nallchans -= num_send_chans;
2467 		len += sizeof(*chan_info) * num_send_chans;
2468 
2469 		skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
2470 		if (!skb)
2471 			return -ENOMEM;
2472 
2473 		cmd = (struct wmi_scan_chan_list_cmd *)skb->data;
2474 		cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_SCAN_CHAN_LIST_CMD,
2475 							 sizeof(*cmd));
2476 		cmd->pdev_id = cpu_to_le32(arg->pdev_id);
2477 		cmd->num_scan_chans = cpu_to_le32(num_send_chans);
2478 		if (num_sends)
2479 			cmd->flags |= cpu_to_le32(WMI_APPEND_TO_EXISTING_CHAN_LIST_FLAG);
2480 
2481 		ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2482 			   "WMI no.of chan = %d len = %d pdev_id = %d num_sends = %d\n",
2483 			   num_send_chans, len, cmd->pdev_id, num_sends);
2484 
2485 		ptr = skb->data + sizeof(*cmd);
2486 
2487 		len = sizeof(*chan_info) * num_send_chans;
2488 		tlv = ptr;
2489 		tlv->header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_ARRAY_STRUCT,
2490 						     len);
2491 		ptr += TLV_HDR_SIZE;
2492 
2493 		for (i = 0; i < num_send_chans; ++i) {
2494 			chan_info = ptr;
2495 			memset(chan_info, 0, sizeof(*chan_info));
2496 			len = sizeof(*chan_info);
2497 			chan_info->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_CHANNEL,
2498 								       len);
2499 
2500 			reg1 = &chan_info->reg_info_1;
2501 			reg2 = &chan_info->reg_info_2;
2502 			chan_info->mhz = cpu_to_le32(channel_arg->mhz);
2503 			chan_info->band_center_freq1 = cpu_to_le32(channel_arg->cfreq1);
2504 			chan_info->band_center_freq2 = cpu_to_le32(channel_arg->cfreq2);
2505 
2506 			if (channel_arg->is_chan_passive)
2507 				chan_info->info |= cpu_to_le32(WMI_CHAN_INFO_PASSIVE);
2508 			if (channel_arg->allow_he)
2509 				chan_info->info |= cpu_to_le32(WMI_CHAN_INFO_ALLOW_HE);
2510 			else if (channel_arg->allow_vht)
2511 				chan_info->info |= cpu_to_le32(WMI_CHAN_INFO_ALLOW_VHT);
2512 			else if (channel_arg->allow_ht)
2513 				chan_info->info |= cpu_to_le32(WMI_CHAN_INFO_ALLOW_HT);
2514 			if (channel_arg->half_rate)
2515 				chan_info->info |= cpu_to_le32(WMI_CHAN_INFO_HALF_RATE);
2516 			if (channel_arg->quarter_rate)
2517 				chan_info->info |=
2518 					cpu_to_le32(WMI_CHAN_INFO_QUARTER_RATE);
2519 
2520 			if (channel_arg->psc_channel)
2521 				chan_info->info |= cpu_to_le32(WMI_CHAN_INFO_PSC);
2522 
2523 			if (channel_arg->dfs_set)
2524 				chan_info->info |= cpu_to_le32(WMI_CHAN_INFO_DFS);
2525 
2526 			chan_info->info |= le32_encode_bits(channel_arg->phy_mode,
2527 							    WMI_CHAN_INFO_MODE);
2528 			*reg1 |= le32_encode_bits(channel_arg->minpower,
2529 						  WMI_CHAN_REG_INFO1_MIN_PWR);
2530 			*reg1 |= le32_encode_bits(channel_arg->maxpower,
2531 						  WMI_CHAN_REG_INFO1_MAX_PWR);
2532 			*reg1 |= le32_encode_bits(channel_arg->maxregpower,
2533 						  WMI_CHAN_REG_INFO1_MAX_REG_PWR);
2534 			*reg1 |= le32_encode_bits(channel_arg->reg_class_id,
2535 						  WMI_CHAN_REG_INFO1_REG_CLS);
2536 			*reg2 |= le32_encode_bits(channel_arg->antennamax,
2537 						  WMI_CHAN_REG_INFO2_ANT_MAX);
2538 
2539 			ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2540 				   "WMI chan scan list chan[%d] = %u, chan_info->info %8x\n",
2541 				   i, chan_info->mhz, chan_info->info);
2542 
2543 			ptr += sizeof(*chan_info);
2544 
2545 			channel_arg++;
2546 		}
2547 
2548 		ret = ath12k_wmi_cmd_send(wmi, skb, WMI_SCAN_CHAN_LIST_CMDID);
2549 		if (ret) {
2550 			ath12k_warn(ar->ab, "failed to send WMI_SCAN_CHAN_LIST cmd\n");
2551 			dev_kfree_skb(skb);
2552 			return ret;
2553 		}
2554 
2555 		num_sends++;
2556 	}
2557 
2558 	return 0;
2559 }
2560 
2561 int ath12k_wmi_send_wmm_update_cmd(struct ath12k *ar, u32 vdev_id,
2562 				   struct wmi_wmm_params_all_arg *param)
2563 {
2564 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2565 	struct wmi_vdev_set_wmm_params_cmd *cmd;
2566 	struct wmi_wmm_params *wmm_param;
2567 	struct wmi_wmm_params_arg *wmi_wmm_arg;
2568 	struct sk_buff *skb;
2569 	int ret, ac;
2570 
2571 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2572 	if (!skb)
2573 		return -ENOMEM;
2574 
2575 	cmd = (struct wmi_vdev_set_wmm_params_cmd *)skb->data;
2576 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_SET_WMM_PARAMS_CMD,
2577 						 sizeof(*cmd));
2578 
2579 	cmd->vdev_id = cpu_to_le32(vdev_id);
2580 	cmd->wmm_param_type = 0;
2581 
2582 	for (ac = 0; ac < WME_NUM_AC; ac++) {
2583 		switch (ac) {
2584 		case WME_AC_BE:
2585 			wmi_wmm_arg = &param->ac_be;
2586 			break;
2587 		case WME_AC_BK:
2588 			wmi_wmm_arg = &param->ac_bk;
2589 			break;
2590 		case WME_AC_VI:
2591 			wmi_wmm_arg = &param->ac_vi;
2592 			break;
2593 		case WME_AC_VO:
2594 			wmi_wmm_arg = &param->ac_vo;
2595 			break;
2596 		}
2597 
2598 		wmm_param = (struct wmi_wmm_params *)&cmd->wmm_params[ac];
2599 		wmm_param->tlv_header =
2600 			ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_SET_WMM_PARAMS_CMD,
2601 					       sizeof(*wmm_param));
2602 
2603 		wmm_param->aifs = cpu_to_le32(wmi_wmm_arg->aifs);
2604 		wmm_param->cwmin = cpu_to_le32(wmi_wmm_arg->cwmin);
2605 		wmm_param->cwmax = cpu_to_le32(wmi_wmm_arg->cwmax);
2606 		wmm_param->txoplimit = cpu_to_le32(wmi_wmm_arg->txop);
2607 		wmm_param->acm = cpu_to_le32(wmi_wmm_arg->acm);
2608 		wmm_param->no_ack = cpu_to_le32(wmi_wmm_arg->no_ack);
2609 
2610 		ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2611 			   "wmi wmm set ac %d aifs %d cwmin %d cwmax %d txop %d acm %d no_ack %d\n",
2612 			   ac, wmm_param->aifs, wmm_param->cwmin,
2613 			   wmm_param->cwmax, wmm_param->txoplimit,
2614 			   wmm_param->acm, wmm_param->no_ack);
2615 	}
2616 	ret = ath12k_wmi_cmd_send(wmi, skb,
2617 				  WMI_VDEV_SET_WMM_PARAMS_CMDID);
2618 	if (ret) {
2619 		ath12k_warn(ar->ab,
2620 			    "failed to send WMI_VDEV_SET_WMM_PARAMS_CMDID");
2621 		dev_kfree_skb(skb);
2622 	}
2623 
2624 	return ret;
2625 }
2626 
2627 int ath12k_wmi_send_dfs_phyerr_offload_enable_cmd(struct ath12k *ar,
2628 						  u32 pdev_id)
2629 {
2630 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2631 	struct wmi_dfs_phyerr_offload_cmd *cmd;
2632 	struct sk_buff *skb;
2633 	int ret;
2634 
2635 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2636 	if (!skb)
2637 		return -ENOMEM;
2638 
2639 	cmd = (struct wmi_dfs_phyerr_offload_cmd *)skb->data;
2640 	cmd->tlv_header =
2641 		ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_DFS_PHYERR_OFFLOAD_ENABLE_CMD,
2642 				       sizeof(*cmd));
2643 
2644 	cmd->pdev_id = cpu_to_le32(pdev_id);
2645 
2646 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2647 		   "WMI dfs phy err offload enable pdev id %d\n", pdev_id);
2648 
2649 	ret = ath12k_wmi_cmd_send(wmi, skb,
2650 				  WMI_PDEV_DFS_PHYERR_OFFLOAD_ENABLE_CMDID);
2651 	if (ret) {
2652 		ath12k_warn(ar->ab,
2653 			    "failed to send WMI_PDEV_DFS_PHYERR_OFFLOAD_ENABLE cmd\n");
2654 		dev_kfree_skb(skb);
2655 	}
2656 
2657 	return ret;
2658 }
2659 
2660 int ath12k_wmi_delba_send(struct ath12k *ar, u32 vdev_id, const u8 *mac,
2661 			  u32 tid, u32 initiator, u32 reason)
2662 {
2663 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2664 	struct wmi_delba_send_cmd *cmd;
2665 	struct sk_buff *skb;
2666 	int ret;
2667 
2668 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2669 	if (!skb)
2670 		return -ENOMEM;
2671 
2672 	cmd = (struct wmi_delba_send_cmd *)skb->data;
2673 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_DELBA_SEND_CMD,
2674 						 sizeof(*cmd));
2675 	cmd->vdev_id = cpu_to_le32(vdev_id);
2676 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2677 	cmd->tid = cpu_to_le32(tid);
2678 	cmd->initiator = cpu_to_le32(initiator);
2679 	cmd->reasoncode = cpu_to_le32(reason);
2680 
2681 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2682 		   "wmi delba send vdev_id 0x%X mac_addr %pM tid %u initiator %u reason %u\n",
2683 		   vdev_id, mac, tid, initiator, reason);
2684 
2685 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_DELBA_SEND_CMDID);
2686 
2687 	if (ret) {
2688 		ath12k_warn(ar->ab,
2689 			    "failed to send WMI_DELBA_SEND_CMDID cmd\n");
2690 		dev_kfree_skb(skb);
2691 	}
2692 
2693 	return ret;
2694 }
2695 
2696 int ath12k_wmi_addba_set_resp(struct ath12k *ar, u32 vdev_id, const u8 *mac,
2697 			      u32 tid, u32 status)
2698 {
2699 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2700 	struct wmi_addba_setresponse_cmd *cmd;
2701 	struct sk_buff *skb;
2702 	int ret;
2703 
2704 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2705 	if (!skb)
2706 		return -ENOMEM;
2707 
2708 	cmd = (struct wmi_addba_setresponse_cmd *)skb->data;
2709 	cmd->tlv_header =
2710 		ath12k_wmi_tlv_cmd_hdr(WMI_TAG_ADDBA_SETRESPONSE_CMD,
2711 				       sizeof(*cmd));
2712 	cmd->vdev_id = cpu_to_le32(vdev_id);
2713 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2714 	cmd->tid = cpu_to_le32(tid);
2715 	cmd->statuscode = cpu_to_le32(status);
2716 
2717 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2718 		   "wmi addba set resp vdev_id 0x%X mac_addr %pM tid %u status %u\n",
2719 		   vdev_id, mac, tid, status);
2720 
2721 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_ADDBA_SET_RESP_CMDID);
2722 
2723 	if (ret) {
2724 		ath12k_warn(ar->ab,
2725 			    "failed to send WMI_ADDBA_SET_RESP_CMDID cmd\n");
2726 		dev_kfree_skb(skb);
2727 	}
2728 
2729 	return ret;
2730 }
2731 
2732 int ath12k_wmi_addba_send(struct ath12k *ar, u32 vdev_id, const u8 *mac,
2733 			  u32 tid, u32 buf_size)
2734 {
2735 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2736 	struct wmi_addba_send_cmd *cmd;
2737 	struct sk_buff *skb;
2738 	int ret;
2739 
2740 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2741 	if (!skb)
2742 		return -ENOMEM;
2743 
2744 	cmd = (struct wmi_addba_send_cmd *)skb->data;
2745 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_ADDBA_SEND_CMD,
2746 						 sizeof(*cmd));
2747 	cmd->vdev_id = cpu_to_le32(vdev_id);
2748 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2749 	cmd->tid = cpu_to_le32(tid);
2750 	cmd->buffersize = cpu_to_le32(buf_size);
2751 
2752 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2753 		   "wmi addba send vdev_id 0x%X mac_addr %pM tid %u bufsize %u\n",
2754 		   vdev_id, mac, tid, buf_size);
2755 
2756 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_ADDBA_SEND_CMDID);
2757 
2758 	if (ret) {
2759 		ath12k_warn(ar->ab,
2760 			    "failed to send WMI_ADDBA_SEND_CMDID cmd\n");
2761 		dev_kfree_skb(skb);
2762 	}
2763 
2764 	return ret;
2765 }
2766 
2767 int ath12k_wmi_addba_clear_resp(struct ath12k *ar, u32 vdev_id, const u8 *mac)
2768 {
2769 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2770 	struct wmi_addba_clear_resp_cmd *cmd;
2771 	struct sk_buff *skb;
2772 	int ret;
2773 
2774 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2775 	if (!skb)
2776 		return -ENOMEM;
2777 
2778 	cmd = (struct wmi_addba_clear_resp_cmd *)skb->data;
2779 	cmd->tlv_header =
2780 		ath12k_wmi_tlv_cmd_hdr(WMI_TAG_ADDBA_CLEAR_RESP_CMD,
2781 				       sizeof(*cmd));
2782 	cmd->vdev_id = cpu_to_le32(vdev_id);
2783 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2784 
2785 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2786 		   "wmi addba clear resp vdev_id 0x%X mac_addr %pM\n",
2787 		   vdev_id, mac);
2788 
2789 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_ADDBA_CLEAR_RESP_CMDID);
2790 
2791 	if (ret) {
2792 		ath12k_warn(ar->ab,
2793 			    "failed to send WMI_ADDBA_CLEAR_RESP_CMDID cmd\n");
2794 		dev_kfree_skb(skb);
2795 	}
2796 
2797 	return ret;
2798 }
2799 
2800 int ath12k_wmi_send_init_country_cmd(struct ath12k *ar,
2801 				     struct ath12k_wmi_init_country_arg *arg)
2802 {
2803 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2804 	struct wmi_init_country_cmd *cmd;
2805 	struct sk_buff *skb;
2806 	int ret;
2807 
2808 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2809 	if (!skb)
2810 		return -ENOMEM;
2811 
2812 	cmd = (struct wmi_init_country_cmd *)skb->data;
2813 	cmd->tlv_header =
2814 		ath12k_wmi_tlv_cmd_hdr(WMI_TAG_SET_INIT_COUNTRY_CMD,
2815 				       sizeof(*cmd));
2816 
2817 	cmd->pdev_id = cpu_to_le32(ar->pdev->pdev_id);
2818 
2819 	switch (arg->flags) {
2820 	case ALPHA_IS_SET:
2821 		cmd->init_cc_type = WMI_COUNTRY_INFO_TYPE_ALPHA;
2822 		memcpy(&cmd->cc_info.alpha2, arg->cc_info.alpha2, 3);
2823 		break;
2824 	case CC_IS_SET:
2825 		cmd->init_cc_type = cpu_to_le32(WMI_COUNTRY_INFO_TYPE_COUNTRY_CODE);
2826 		cmd->cc_info.country_code =
2827 			cpu_to_le32(arg->cc_info.country_code);
2828 		break;
2829 	case REGDMN_IS_SET:
2830 		cmd->init_cc_type = cpu_to_le32(WMI_COUNTRY_INFO_TYPE_REGDOMAIN);
2831 		cmd->cc_info.regdom_id = cpu_to_le32(arg->cc_info.regdom_id);
2832 		break;
2833 	default:
2834 		ret = -EINVAL;
2835 		goto out;
2836 	}
2837 
2838 	ret = ath12k_wmi_cmd_send(wmi, skb,
2839 				  WMI_SET_INIT_COUNTRY_CMDID);
2840 
2841 out:
2842 	if (ret) {
2843 		ath12k_warn(ar->ab,
2844 			    "failed to send WMI_SET_INIT_COUNTRY CMD :%d\n",
2845 			    ret);
2846 		dev_kfree_skb(skb);
2847 	}
2848 
2849 	return ret;
2850 }
2851 
2852 int
2853 ath12k_wmi_send_twt_enable_cmd(struct ath12k *ar, u32 pdev_id)
2854 {
2855 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2856 	struct ath12k_base *ab = wmi->wmi_ab->ab;
2857 	struct wmi_twt_enable_params_cmd *cmd;
2858 	struct sk_buff *skb;
2859 	int ret, len;
2860 
2861 	len = sizeof(*cmd);
2862 
2863 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
2864 	if (!skb)
2865 		return -ENOMEM;
2866 
2867 	cmd = (struct wmi_twt_enable_params_cmd *)skb->data;
2868 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_TWT_ENABLE_CMD,
2869 						 len);
2870 	cmd->pdev_id = cpu_to_le32(pdev_id);
2871 	cmd->sta_cong_timer_ms = cpu_to_le32(ATH12K_TWT_DEF_STA_CONG_TIMER_MS);
2872 	cmd->default_slot_size = cpu_to_le32(ATH12K_TWT_DEF_DEFAULT_SLOT_SIZE);
2873 	cmd->congestion_thresh_setup =
2874 		cpu_to_le32(ATH12K_TWT_DEF_CONGESTION_THRESH_SETUP);
2875 	cmd->congestion_thresh_teardown =
2876 		cpu_to_le32(ATH12K_TWT_DEF_CONGESTION_THRESH_TEARDOWN);
2877 	cmd->congestion_thresh_critical =
2878 		cpu_to_le32(ATH12K_TWT_DEF_CONGESTION_THRESH_CRITICAL);
2879 	cmd->interference_thresh_teardown =
2880 		cpu_to_le32(ATH12K_TWT_DEF_INTERFERENCE_THRESH_TEARDOWN);
2881 	cmd->interference_thresh_setup =
2882 		cpu_to_le32(ATH12K_TWT_DEF_INTERFERENCE_THRESH_SETUP);
2883 	cmd->min_no_sta_setup = cpu_to_le32(ATH12K_TWT_DEF_MIN_NO_STA_SETUP);
2884 	cmd->min_no_sta_teardown = cpu_to_le32(ATH12K_TWT_DEF_MIN_NO_STA_TEARDOWN);
2885 	cmd->no_of_bcast_mcast_slots =
2886 		cpu_to_le32(ATH12K_TWT_DEF_NO_OF_BCAST_MCAST_SLOTS);
2887 	cmd->min_no_twt_slots = cpu_to_le32(ATH12K_TWT_DEF_MIN_NO_TWT_SLOTS);
2888 	cmd->max_no_sta_twt = cpu_to_le32(ATH12K_TWT_DEF_MAX_NO_STA_TWT);
2889 	cmd->mode_check_interval = cpu_to_le32(ATH12K_TWT_DEF_MODE_CHECK_INTERVAL);
2890 	cmd->add_sta_slot_interval = cpu_to_le32(ATH12K_TWT_DEF_ADD_STA_SLOT_INTERVAL);
2891 	cmd->remove_sta_slot_interval =
2892 		cpu_to_le32(ATH12K_TWT_DEF_REMOVE_STA_SLOT_INTERVAL);
2893 	/* TODO add MBSSID support */
2894 	cmd->mbss_support = 0;
2895 
2896 	ret = ath12k_wmi_cmd_send(wmi, skb,
2897 				  WMI_TWT_ENABLE_CMDID);
2898 	if (ret) {
2899 		ath12k_warn(ab, "Failed to send WMI_TWT_ENABLE_CMDID");
2900 		dev_kfree_skb(skb);
2901 	}
2902 	return ret;
2903 }
2904 
2905 int
2906 ath12k_wmi_send_twt_disable_cmd(struct ath12k *ar, u32 pdev_id)
2907 {
2908 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2909 	struct ath12k_base *ab = wmi->wmi_ab->ab;
2910 	struct wmi_twt_disable_params_cmd *cmd;
2911 	struct sk_buff *skb;
2912 	int ret, len;
2913 
2914 	len = sizeof(*cmd);
2915 
2916 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
2917 	if (!skb)
2918 		return -ENOMEM;
2919 
2920 	cmd = (struct wmi_twt_disable_params_cmd *)skb->data;
2921 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_TWT_DISABLE_CMD,
2922 						 len);
2923 	cmd->pdev_id = cpu_to_le32(pdev_id);
2924 
2925 	ret = ath12k_wmi_cmd_send(wmi, skb,
2926 				  WMI_TWT_DISABLE_CMDID);
2927 	if (ret) {
2928 		ath12k_warn(ab, "Failed to send WMI_TWT_DISABLE_CMDID");
2929 		dev_kfree_skb(skb);
2930 	}
2931 	return ret;
2932 }
2933 
2934 int
2935 ath12k_wmi_send_obss_spr_cmd(struct ath12k *ar, u32 vdev_id,
2936 			     struct ieee80211_he_obss_pd *he_obss_pd)
2937 {
2938 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2939 	struct ath12k_base *ab = wmi->wmi_ab->ab;
2940 	struct wmi_obss_spatial_reuse_params_cmd *cmd;
2941 	struct sk_buff *skb;
2942 	int ret, len;
2943 
2944 	len = sizeof(*cmd);
2945 
2946 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
2947 	if (!skb)
2948 		return -ENOMEM;
2949 
2950 	cmd = (struct wmi_obss_spatial_reuse_params_cmd *)skb->data;
2951 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_OBSS_SPATIAL_REUSE_SET_CMD,
2952 						 len);
2953 	cmd->vdev_id = cpu_to_le32(vdev_id);
2954 	cmd->enable = cpu_to_le32(he_obss_pd->enable);
2955 	cmd->obss_min = a_cpu_to_sle32(he_obss_pd->min_offset);
2956 	cmd->obss_max = a_cpu_to_sle32(he_obss_pd->max_offset);
2957 
2958 	ret = ath12k_wmi_cmd_send(wmi, skb,
2959 				  WMI_PDEV_OBSS_PD_SPATIAL_REUSE_CMDID);
2960 	if (ret) {
2961 		ath12k_warn(ab,
2962 			    "Failed to send WMI_PDEV_OBSS_PD_SPATIAL_REUSE_CMDID");
2963 		dev_kfree_skb(skb);
2964 	}
2965 	return ret;
2966 }
2967 
2968 int ath12k_wmi_obss_color_cfg_cmd(struct ath12k *ar, u32 vdev_id,
2969 				  u8 bss_color, u32 period,
2970 				  bool enable)
2971 {
2972 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2973 	struct ath12k_base *ab = wmi->wmi_ab->ab;
2974 	struct wmi_obss_color_collision_cfg_params_cmd *cmd;
2975 	struct sk_buff *skb;
2976 	int ret, len;
2977 
2978 	len = sizeof(*cmd);
2979 
2980 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
2981 	if (!skb)
2982 		return -ENOMEM;
2983 
2984 	cmd = (struct wmi_obss_color_collision_cfg_params_cmd *)skb->data;
2985 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_OBSS_COLOR_COLLISION_DET_CONFIG,
2986 						 len);
2987 	cmd->vdev_id = cpu_to_le32(vdev_id);
2988 	cmd->evt_type = enable ? cpu_to_le32(ATH12K_OBSS_COLOR_COLLISION_DETECTION) :
2989 		cpu_to_le32(ATH12K_OBSS_COLOR_COLLISION_DETECTION_DISABLE);
2990 	cmd->current_bss_color = cpu_to_le32(bss_color);
2991 	cmd->detection_period_ms = cpu_to_le32(period);
2992 	cmd->scan_period_ms = cpu_to_le32(ATH12K_BSS_COLOR_COLLISION_SCAN_PERIOD_MS);
2993 	cmd->free_slot_expiry_time_ms = 0;
2994 	cmd->flags = 0;
2995 
2996 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2997 		   "wmi_send_obss_color_collision_cfg id %d type %d bss_color %d detect_period %d scan_period %d\n",
2998 		   cmd->vdev_id, cmd->evt_type, cmd->current_bss_color,
2999 		   cmd->detection_period_ms, cmd->scan_period_ms);
3000 
3001 	ret = ath12k_wmi_cmd_send(wmi, skb,
3002 				  WMI_OBSS_COLOR_COLLISION_DET_CONFIG_CMDID);
3003 	if (ret) {
3004 		ath12k_warn(ab, "Failed to send WMI_OBSS_COLOR_COLLISION_DET_CONFIG_CMDID");
3005 		dev_kfree_skb(skb);
3006 	}
3007 	return ret;
3008 }
3009 
3010 int ath12k_wmi_send_bss_color_change_enable_cmd(struct ath12k *ar, u32 vdev_id,
3011 						bool enable)
3012 {
3013 	struct ath12k_wmi_pdev *wmi = ar->wmi;
3014 	struct ath12k_base *ab = wmi->wmi_ab->ab;
3015 	struct wmi_bss_color_change_enable_params_cmd *cmd;
3016 	struct sk_buff *skb;
3017 	int ret, len;
3018 
3019 	len = sizeof(*cmd);
3020 
3021 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
3022 	if (!skb)
3023 		return -ENOMEM;
3024 
3025 	cmd = (struct wmi_bss_color_change_enable_params_cmd *)skb->data;
3026 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_BSS_COLOR_CHANGE_ENABLE,
3027 						 len);
3028 	cmd->vdev_id = cpu_to_le32(vdev_id);
3029 	cmd->enable = enable ? cpu_to_le32(1) : 0;
3030 
3031 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
3032 		   "wmi_send_bss_color_change_enable id %d enable %d\n",
3033 		   cmd->vdev_id, cmd->enable);
3034 
3035 	ret = ath12k_wmi_cmd_send(wmi, skb,
3036 				  WMI_BSS_COLOR_CHANGE_ENABLE_CMDID);
3037 	if (ret) {
3038 		ath12k_warn(ab, "Failed to send WMI_BSS_COLOR_CHANGE_ENABLE_CMDID");
3039 		dev_kfree_skb(skb);
3040 	}
3041 	return ret;
3042 }
3043 
3044 int ath12k_wmi_fils_discovery_tmpl(struct ath12k *ar, u32 vdev_id,
3045 				   struct sk_buff *tmpl)
3046 {
3047 	struct wmi_tlv *tlv;
3048 	struct sk_buff *skb;
3049 	void *ptr;
3050 	int ret, len;
3051 	size_t aligned_len;
3052 	struct wmi_fils_discovery_tmpl_cmd *cmd;
3053 
3054 	aligned_len = roundup(tmpl->len, 4);
3055 	len = sizeof(*cmd) + TLV_HDR_SIZE + aligned_len;
3056 
3057 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
3058 		   "WMI vdev %i set FILS discovery template\n", vdev_id);
3059 
3060 	skb = ath12k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
3061 	if (!skb)
3062 		return -ENOMEM;
3063 
3064 	cmd = (struct wmi_fils_discovery_tmpl_cmd *)skb->data;
3065 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_FILS_DISCOVERY_TMPL_CMD,
3066 						 sizeof(*cmd));
3067 	cmd->vdev_id = cpu_to_le32(vdev_id);
3068 	cmd->buf_len = cpu_to_le32(tmpl->len);
3069 	ptr = skb->data + sizeof(*cmd);
3070 
3071 	tlv = ptr;
3072 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_BYTE, aligned_len);
3073 	memcpy(tlv->value, tmpl->data, tmpl->len);
3074 
3075 	ret = ath12k_wmi_cmd_send(ar->wmi, skb, WMI_FILS_DISCOVERY_TMPL_CMDID);
3076 	if (ret) {
3077 		ath12k_warn(ar->ab,
3078 			    "WMI vdev %i failed to send FILS discovery template command\n",
3079 			    vdev_id);
3080 		dev_kfree_skb(skb);
3081 	}
3082 	return ret;
3083 }
3084 
3085 int ath12k_wmi_probe_resp_tmpl(struct ath12k *ar, u32 vdev_id,
3086 			       struct sk_buff *tmpl)
3087 {
3088 	struct wmi_probe_tmpl_cmd *cmd;
3089 	struct ath12k_wmi_bcn_prb_info_params *probe_info;
3090 	struct wmi_tlv *tlv;
3091 	struct sk_buff *skb;
3092 	void *ptr;
3093 	int ret, len;
3094 	size_t aligned_len = roundup(tmpl->len, 4);
3095 
3096 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
3097 		   "WMI vdev %i set probe response template\n", vdev_id);
3098 
3099 	len = sizeof(*cmd) + sizeof(*probe_info) + TLV_HDR_SIZE + aligned_len;
3100 
3101 	skb = ath12k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
3102 	if (!skb)
3103 		return -ENOMEM;
3104 
3105 	cmd = (struct wmi_probe_tmpl_cmd *)skb->data;
3106 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PRB_TMPL_CMD,
3107 						 sizeof(*cmd));
3108 	cmd->vdev_id = cpu_to_le32(vdev_id);
3109 	cmd->buf_len = cpu_to_le32(tmpl->len);
3110 
3111 	ptr = skb->data + sizeof(*cmd);
3112 
3113 	probe_info = ptr;
3114 	len = sizeof(*probe_info);
3115 	probe_info->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_BCN_PRB_INFO,
3116 							len);
3117 	probe_info->caps = 0;
3118 	probe_info->erp = 0;
3119 
3120 	ptr += sizeof(*probe_info);
3121 
3122 	tlv = ptr;
3123 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_BYTE, aligned_len);
3124 	memcpy(tlv->value, tmpl->data, tmpl->len);
3125 
3126 	ret = ath12k_wmi_cmd_send(ar->wmi, skb, WMI_PRB_TMPL_CMDID);
3127 	if (ret) {
3128 		ath12k_warn(ar->ab,
3129 			    "WMI vdev %i failed to send probe response template command\n",
3130 			    vdev_id);
3131 		dev_kfree_skb(skb);
3132 	}
3133 	return ret;
3134 }
3135 
3136 int ath12k_wmi_fils_discovery(struct ath12k *ar, u32 vdev_id, u32 interval,
3137 			      bool unsol_bcast_probe_resp_enabled)
3138 {
3139 	struct sk_buff *skb;
3140 	int ret, len;
3141 	struct wmi_fils_discovery_cmd *cmd;
3142 
3143 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
3144 		   "WMI vdev %i set %s interval to %u TU\n",
3145 		   vdev_id, unsol_bcast_probe_resp_enabled ?
3146 		   "unsolicited broadcast probe response" : "FILS discovery",
3147 		   interval);
3148 
3149 	len = sizeof(*cmd);
3150 	skb = ath12k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
3151 	if (!skb)
3152 		return -ENOMEM;
3153 
3154 	cmd = (struct wmi_fils_discovery_cmd *)skb->data;
3155 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_ENABLE_FILS_CMD,
3156 						 len);
3157 	cmd->vdev_id = cpu_to_le32(vdev_id);
3158 	cmd->interval = cpu_to_le32(interval);
3159 	cmd->config = cpu_to_le32(unsol_bcast_probe_resp_enabled);
3160 
3161 	ret = ath12k_wmi_cmd_send(ar->wmi, skb, WMI_ENABLE_FILS_CMDID);
3162 	if (ret) {
3163 		ath12k_warn(ar->ab,
3164 			    "WMI vdev %i failed to send FILS discovery enable/disable command\n",
3165 			    vdev_id);
3166 		dev_kfree_skb(skb);
3167 	}
3168 	return ret;
3169 }
3170 
3171 static void
3172 ath12k_fill_band_to_mac_param(struct ath12k_base  *soc,
3173 			      struct ath12k_wmi_pdev_band_arg *arg)
3174 {
3175 	u8 i;
3176 	struct ath12k_wmi_hal_reg_capabilities_ext_arg *hal_reg_cap;
3177 	struct ath12k_pdev *pdev;
3178 
3179 	for (i = 0; i < soc->num_radios; i++) {
3180 		pdev = &soc->pdevs[i];
3181 		hal_reg_cap = &soc->hal_reg_cap[i];
3182 		arg[i].pdev_id = pdev->pdev_id;
3183 
3184 		switch (pdev->cap.supported_bands) {
3185 		case WMI_HOST_WLAN_2G_5G_CAP:
3186 			arg[i].start_freq = hal_reg_cap->low_2ghz_chan;
3187 			arg[i].end_freq = hal_reg_cap->high_5ghz_chan;
3188 			break;
3189 		case WMI_HOST_WLAN_2G_CAP:
3190 			arg[i].start_freq = hal_reg_cap->low_2ghz_chan;
3191 			arg[i].end_freq = hal_reg_cap->high_2ghz_chan;
3192 			break;
3193 		case WMI_HOST_WLAN_5G_CAP:
3194 			arg[i].start_freq = hal_reg_cap->low_5ghz_chan;
3195 			arg[i].end_freq = hal_reg_cap->high_5ghz_chan;
3196 			break;
3197 		default:
3198 			break;
3199 		}
3200 	}
3201 }
3202 
3203 static void
3204 ath12k_wmi_copy_resource_config(struct ath12k_wmi_resource_config_params *wmi_cfg,
3205 				struct ath12k_wmi_resource_config_arg *tg_cfg)
3206 {
3207 	wmi_cfg->num_vdevs = cpu_to_le32(tg_cfg->num_vdevs);
3208 	wmi_cfg->num_peers = cpu_to_le32(tg_cfg->num_peers);
3209 	wmi_cfg->num_offload_peers = cpu_to_le32(tg_cfg->num_offload_peers);
3210 	wmi_cfg->num_offload_reorder_buffs =
3211 		cpu_to_le32(tg_cfg->num_offload_reorder_buffs);
3212 	wmi_cfg->num_peer_keys = cpu_to_le32(tg_cfg->num_peer_keys);
3213 	wmi_cfg->num_tids = cpu_to_le32(tg_cfg->num_tids);
3214 	wmi_cfg->ast_skid_limit = cpu_to_le32(tg_cfg->ast_skid_limit);
3215 	wmi_cfg->tx_chain_mask = cpu_to_le32(tg_cfg->tx_chain_mask);
3216 	wmi_cfg->rx_chain_mask = cpu_to_le32(tg_cfg->rx_chain_mask);
3217 	wmi_cfg->rx_timeout_pri[0] = cpu_to_le32(tg_cfg->rx_timeout_pri[0]);
3218 	wmi_cfg->rx_timeout_pri[1] = cpu_to_le32(tg_cfg->rx_timeout_pri[1]);
3219 	wmi_cfg->rx_timeout_pri[2] = cpu_to_le32(tg_cfg->rx_timeout_pri[2]);
3220 	wmi_cfg->rx_timeout_pri[3] = cpu_to_le32(tg_cfg->rx_timeout_pri[3]);
3221 	wmi_cfg->rx_decap_mode = cpu_to_le32(tg_cfg->rx_decap_mode);
3222 	wmi_cfg->scan_max_pending_req = cpu_to_le32(tg_cfg->scan_max_pending_req);
3223 	wmi_cfg->bmiss_offload_max_vdev = cpu_to_le32(tg_cfg->bmiss_offload_max_vdev);
3224 	wmi_cfg->roam_offload_max_vdev = cpu_to_le32(tg_cfg->roam_offload_max_vdev);
3225 	wmi_cfg->roam_offload_max_ap_profiles =
3226 		cpu_to_le32(tg_cfg->roam_offload_max_ap_profiles);
3227 	wmi_cfg->num_mcast_groups = cpu_to_le32(tg_cfg->num_mcast_groups);
3228 	wmi_cfg->num_mcast_table_elems = cpu_to_le32(tg_cfg->num_mcast_table_elems);
3229 	wmi_cfg->mcast2ucast_mode = cpu_to_le32(tg_cfg->mcast2ucast_mode);
3230 	wmi_cfg->tx_dbg_log_size = cpu_to_le32(tg_cfg->tx_dbg_log_size);
3231 	wmi_cfg->num_wds_entries = cpu_to_le32(tg_cfg->num_wds_entries);
3232 	wmi_cfg->dma_burst_size = cpu_to_le32(tg_cfg->dma_burst_size);
3233 	wmi_cfg->mac_aggr_delim = cpu_to_le32(tg_cfg->mac_aggr_delim);
3234 	wmi_cfg->rx_skip_defrag_timeout_dup_detection_check =
3235 		cpu_to_le32(tg_cfg->rx_skip_defrag_timeout_dup_detection_check);
3236 	wmi_cfg->vow_config = cpu_to_le32(tg_cfg->vow_config);
3237 	wmi_cfg->gtk_offload_max_vdev = cpu_to_le32(tg_cfg->gtk_offload_max_vdev);
3238 	wmi_cfg->num_msdu_desc = cpu_to_le32(tg_cfg->num_msdu_desc);
3239 	wmi_cfg->max_frag_entries = cpu_to_le32(tg_cfg->max_frag_entries);
3240 	wmi_cfg->num_tdls_vdevs = cpu_to_le32(tg_cfg->num_tdls_vdevs);
3241 	wmi_cfg->num_tdls_conn_table_entries =
3242 		cpu_to_le32(tg_cfg->num_tdls_conn_table_entries);
3243 	wmi_cfg->beacon_tx_offload_max_vdev =
3244 		cpu_to_le32(tg_cfg->beacon_tx_offload_max_vdev);
3245 	wmi_cfg->num_multicast_filter_entries =
3246 		cpu_to_le32(tg_cfg->num_multicast_filter_entries);
3247 	wmi_cfg->num_wow_filters = cpu_to_le32(tg_cfg->num_wow_filters);
3248 	wmi_cfg->num_keep_alive_pattern = cpu_to_le32(tg_cfg->num_keep_alive_pattern);
3249 	wmi_cfg->keep_alive_pattern_size = cpu_to_le32(tg_cfg->keep_alive_pattern_size);
3250 	wmi_cfg->max_tdls_concurrent_sleep_sta =
3251 		cpu_to_le32(tg_cfg->max_tdls_concurrent_sleep_sta);
3252 	wmi_cfg->max_tdls_concurrent_buffer_sta =
3253 		cpu_to_le32(tg_cfg->max_tdls_concurrent_buffer_sta);
3254 	wmi_cfg->wmi_send_separate = cpu_to_le32(tg_cfg->wmi_send_separate);
3255 	wmi_cfg->num_ocb_vdevs = cpu_to_le32(tg_cfg->num_ocb_vdevs);
3256 	wmi_cfg->num_ocb_channels = cpu_to_le32(tg_cfg->num_ocb_channels);
3257 	wmi_cfg->num_ocb_schedules = cpu_to_le32(tg_cfg->num_ocb_schedules);
3258 	wmi_cfg->bpf_instruction_size = cpu_to_le32(tg_cfg->bpf_instruction_size);
3259 	wmi_cfg->max_bssid_rx_filters = cpu_to_le32(tg_cfg->max_bssid_rx_filters);
3260 	wmi_cfg->use_pdev_id = cpu_to_le32(tg_cfg->use_pdev_id);
3261 	wmi_cfg->flag1 = cpu_to_le32(tg_cfg->atf_config);
3262 	wmi_cfg->peer_map_unmap_version = cpu_to_le32(tg_cfg->peer_map_unmap_version);
3263 	wmi_cfg->sched_params = cpu_to_le32(tg_cfg->sched_params);
3264 	wmi_cfg->twt_ap_pdev_count = cpu_to_le32(tg_cfg->twt_ap_pdev_count);
3265 	wmi_cfg->twt_ap_sta_count = cpu_to_le32(tg_cfg->twt_ap_sta_count);
3266 	wmi_cfg->host_service_flags = cpu_to_le32(tg_cfg->is_reg_cc_ext_event_supported <<
3267 				WMI_RSRC_CFG_HOST_SVC_FLAG_REG_CC_EXT_SUPPORT_BIT);
3268 }
3269 
3270 static int ath12k_init_cmd_send(struct ath12k_wmi_pdev *wmi,
3271 				struct ath12k_wmi_init_cmd_arg *arg)
3272 {
3273 	struct ath12k_base *ab = wmi->wmi_ab->ab;
3274 	struct sk_buff *skb;
3275 	struct wmi_init_cmd *cmd;
3276 	struct ath12k_wmi_resource_config_params *cfg;
3277 	struct ath12k_wmi_pdev_set_hw_mode_cmd *hw_mode;
3278 	struct ath12k_wmi_pdev_band_to_mac_params *band_to_mac;
3279 	struct ath12k_wmi_host_mem_chunk_params *host_mem_chunks;
3280 	struct wmi_tlv *tlv;
3281 	size_t ret, len;
3282 	void *ptr;
3283 	u32 hw_mode_len = 0;
3284 	u16 idx;
3285 
3286 	if (arg->hw_mode_id != WMI_HOST_HW_MODE_MAX)
3287 		hw_mode_len = sizeof(*hw_mode) + TLV_HDR_SIZE +
3288 			      (arg->num_band_to_mac * sizeof(*band_to_mac));
3289 
3290 	len = sizeof(*cmd) + TLV_HDR_SIZE + sizeof(*cfg) + hw_mode_len +
3291 	      (arg->num_mem_chunks ? (sizeof(*host_mem_chunks) * WMI_MAX_MEM_REQS) : 0);
3292 
3293 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
3294 	if (!skb)
3295 		return -ENOMEM;
3296 
3297 	cmd = (struct wmi_init_cmd *)skb->data;
3298 
3299 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_INIT_CMD,
3300 						 sizeof(*cmd));
3301 
3302 	ptr = skb->data + sizeof(*cmd);
3303 	cfg = ptr;
3304 
3305 	ath12k_wmi_copy_resource_config(cfg, &arg->res_cfg);
3306 
3307 	cfg->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_RESOURCE_CONFIG,
3308 						 sizeof(*cfg));
3309 
3310 	ptr += sizeof(*cfg);
3311 	host_mem_chunks = ptr + TLV_HDR_SIZE;
3312 	len = sizeof(struct ath12k_wmi_host_mem_chunk_params);
3313 
3314 	for (idx = 0; idx < arg->num_mem_chunks; ++idx) {
3315 		host_mem_chunks[idx].tlv_header =
3316 			ath12k_wmi_tlv_hdr(WMI_TAG_WLAN_HOST_MEMORY_CHUNK,
3317 					   len);
3318 
3319 		host_mem_chunks[idx].ptr = cpu_to_le32(arg->mem_chunks[idx].paddr);
3320 		host_mem_chunks[idx].size = cpu_to_le32(arg->mem_chunks[idx].len);
3321 		host_mem_chunks[idx].req_id = cpu_to_le32(arg->mem_chunks[idx].req_id);
3322 
3323 		ath12k_dbg(ab, ATH12K_DBG_WMI,
3324 			   "WMI host mem chunk req_id %d paddr 0x%llx len %d\n",
3325 			   arg->mem_chunks[idx].req_id,
3326 			   (u64)arg->mem_chunks[idx].paddr,
3327 			   arg->mem_chunks[idx].len);
3328 	}
3329 	cmd->num_host_mem_chunks = cpu_to_le32(arg->num_mem_chunks);
3330 	len = sizeof(struct ath12k_wmi_host_mem_chunk_params) * arg->num_mem_chunks;
3331 
3332 	/* num_mem_chunks is zero */
3333 	tlv = ptr;
3334 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_STRUCT, len);
3335 	ptr += TLV_HDR_SIZE + len;
3336 
3337 	if (arg->hw_mode_id != WMI_HOST_HW_MODE_MAX) {
3338 		hw_mode = (struct ath12k_wmi_pdev_set_hw_mode_cmd *)ptr;
3339 		hw_mode->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_SET_HW_MODE_CMD,
3340 							     sizeof(*hw_mode));
3341 
3342 		hw_mode->hw_mode_index = cpu_to_le32(arg->hw_mode_id);
3343 		hw_mode->num_band_to_mac = cpu_to_le32(arg->num_band_to_mac);
3344 
3345 		ptr += sizeof(*hw_mode);
3346 
3347 		len = arg->num_band_to_mac * sizeof(*band_to_mac);
3348 		tlv = ptr;
3349 		tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_STRUCT, len);
3350 
3351 		ptr += TLV_HDR_SIZE;
3352 		len = sizeof(*band_to_mac);
3353 
3354 		for (idx = 0; idx < arg->num_band_to_mac; idx++) {
3355 			band_to_mac = (void *)ptr;
3356 
3357 			band_to_mac->tlv_header =
3358 				ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_BAND_TO_MAC,
3359 						       len);
3360 			band_to_mac->pdev_id = cpu_to_le32(arg->band_to_mac[idx].pdev_id);
3361 			band_to_mac->start_freq =
3362 				cpu_to_le32(arg->band_to_mac[idx].start_freq);
3363 			band_to_mac->end_freq =
3364 				cpu_to_le32(arg->band_to_mac[idx].end_freq);
3365 			ptr += sizeof(*band_to_mac);
3366 		}
3367 	}
3368 
3369 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_INIT_CMDID);
3370 	if (ret) {
3371 		ath12k_warn(ab, "failed to send WMI_INIT_CMDID\n");
3372 		dev_kfree_skb(skb);
3373 	}
3374 
3375 	return ret;
3376 }
3377 
3378 int ath12k_wmi_pdev_lro_cfg(struct ath12k *ar,
3379 			    int pdev_id)
3380 {
3381 	struct ath12k_wmi_pdev_lro_config_cmd *cmd;
3382 	struct sk_buff *skb;
3383 	int ret;
3384 
3385 	skb = ath12k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
3386 	if (!skb)
3387 		return -ENOMEM;
3388 
3389 	cmd = (struct ath12k_wmi_pdev_lro_config_cmd *)skb->data;
3390 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_LRO_INFO_CMD,
3391 						 sizeof(*cmd));
3392 
3393 	get_random_bytes(cmd->th_4, sizeof(cmd->th_4));
3394 	get_random_bytes(cmd->th_6, sizeof(cmd->th_6));
3395 
3396 	cmd->pdev_id = cpu_to_le32(pdev_id);
3397 
3398 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
3399 		   "WMI lro cfg cmd pdev_id 0x%x\n", pdev_id);
3400 
3401 	ret = ath12k_wmi_cmd_send(ar->wmi, skb, WMI_LRO_CONFIG_CMDID);
3402 	if (ret) {
3403 		ath12k_warn(ar->ab,
3404 			    "failed to send lro cfg req wmi cmd\n");
3405 		goto err;
3406 	}
3407 
3408 	return 0;
3409 err:
3410 	dev_kfree_skb(skb);
3411 	return ret;
3412 }
3413 
3414 int ath12k_wmi_wait_for_service_ready(struct ath12k_base *ab)
3415 {
3416 	unsigned long time_left;
3417 
3418 	time_left = wait_for_completion_timeout(&ab->wmi_ab.service_ready,
3419 						WMI_SERVICE_READY_TIMEOUT_HZ);
3420 	if (!time_left)
3421 		return -ETIMEDOUT;
3422 
3423 	return 0;
3424 }
3425 
3426 int ath12k_wmi_wait_for_unified_ready(struct ath12k_base *ab)
3427 {
3428 	unsigned long time_left;
3429 
3430 	time_left = wait_for_completion_timeout(&ab->wmi_ab.unified_ready,
3431 						WMI_SERVICE_READY_TIMEOUT_HZ);
3432 	if (!time_left)
3433 		return -ETIMEDOUT;
3434 
3435 	return 0;
3436 }
3437 
3438 int ath12k_wmi_set_hw_mode(struct ath12k_base *ab,
3439 			   enum wmi_host_hw_mode_config_type mode)
3440 {
3441 	struct ath12k_wmi_pdev_set_hw_mode_cmd *cmd;
3442 	struct sk_buff *skb;
3443 	struct ath12k_wmi_base *wmi_ab = &ab->wmi_ab;
3444 	int len;
3445 	int ret;
3446 
3447 	len = sizeof(*cmd);
3448 
3449 	skb = ath12k_wmi_alloc_skb(wmi_ab, len);
3450 	if (!skb)
3451 		return -ENOMEM;
3452 
3453 	cmd = (struct ath12k_wmi_pdev_set_hw_mode_cmd *)skb->data;
3454 
3455 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_SET_HW_MODE_CMD,
3456 						 sizeof(*cmd));
3457 
3458 	cmd->pdev_id = WMI_PDEV_ID_SOC;
3459 	cmd->hw_mode_index = cpu_to_le32(mode);
3460 
3461 	ret = ath12k_wmi_cmd_send(&wmi_ab->wmi[0], skb, WMI_PDEV_SET_HW_MODE_CMDID);
3462 	if (ret) {
3463 		ath12k_warn(ab, "failed to send WMI_PDEV_SET_HW_MODE_CMDID\n");
3464 		dev_kfree_skb(skb);
3465 	}
3466 
3467 	return ret;
3468 }
3469 
3470 int ath12k_wmi_cmd_init(struct ath12k_base *ab)
3471 {
3472 	struct ath12k_wmi_base *wmi_sc = &ab->wmi_ab;
3473 	struct ath12k_wmi_init_cmd_arg arg = {};
3474 
3475 	if (test_bit(WMI_TLV_SERVICE_REG_CC_EXT_EVENT_SUPPORT,
3476 		     ab->wmi_ab.svc_map))
3477 		arg.res_cfg.is_reg_cc_ext_event_supported = true;
3478 
3479 	ab->hw_params->wmi_init(ab, &arg.res_cfg);
3480 
3481 	arg.num_mem_chunks = wmi_sc->num_mem_chunks;
3482 	arg.hw_mode_id = wmi_sc->preferred_hw_mode;
3483 	arg.mem_chunks = wmi_sc->mem_chunks;
3484 
3485 	if (ab->hw_params->single_pdev_only)
3486 		arg.hw_mode_id = WMI_HOST_HW_MODE_MAX;
3487 
3488 	arg.num_band_to_mac = ab->num_radios;
3489 	ath12k_fill_band_to_mac_param(ab, arg.band_to_mac);
3490 
3491 	return ath12k_init_cmd_send(&wmi_sc->wmi[0], &arg);
3492 }
3493 
3494 int ath12k_wmi_vdev_spectral_conf(struct ath12k *ar,
3495 				  struct ath12k_wmi_vdev_spectral_conf_arg *arg)
3496 {
3497 	struct ath12k_wmi_vdev_spectral_conf_cmd *cmd;
3498 	struct sk_buff *skb;
3499 	int ret;
3500 
3501 	skb = ath12k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
3502 	if (!skb)
3503 		return -ENOMEM;
3504 
3505 	cmd = (struct ath12k_wmi_vdev_spectral_conf_cmd *)skb->data;
3506 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_SPECTRAL_CONFIGURE_CMD,
3507 						 sizeof(*cmd));
3508 	cmd->vdev_id = cpu_to_le32(arg->vdev_id);
3509 	cmd->scan_count = cpu_to_le32(arg->scan_count);
3510 	cmd->scan_period = cpu_to_le32(arg->scan_period);
3511 	cmd->scan_priority = cpu_to_le32(arg->scan_priority);
3512 	cmd->scan_fft_size = cpu_to_le32(arg->scan_fft_size);
3513 	cmd->scan_gc_ena = cpu_to_le32(arg->scan_gc_ena);
3514 	cmd->scan_restart_ena = cpu_to_le32(arg->scan_restart_ena);
3515 	cmd->scan_noise_floor_ref = cpu_to_le32(arg->scan_noise_floor_ref);
3516 	cmd->scan_init_delay = cpu_to_le32(arg->scan_init_delay);
3517 	cmd->scan_nb_tone_thr = cpu_to_le32(arg->scan_nb_tone_thr);
3518 	cmd->scan_str_bin_thr = cpu_to_le32(arg->scan_str_bin_thr);
3519 	cmd->scan_wb_rpt_mode = cpu_to_le32(arg->scan_wb_rpt_mode);
3520 	cmd->scan_rssi_rpt_mode = cpu_to_le32(arg->scan_rssi_rpt_mode);
3521 	cmd->scan_rssi_thr = cpu_to_le32(arg->scan_rssi_thr);
3522 	cmd->scan_pwr_format = cpu_to_le32(arg->scan_pwr_format);
3523 	cmd->scan_rpt_mode = cpu_to_le32(arg->scan_rpt_mode);
3524 	cmd->scan_bin_scale = cpu_to_le32(arg->scan_bin_scale);
3525 	cmd->scan_dbm_adj = cpu_to_le32(arg->scan_dbm_adj);
3526 	cmd->scan_chn_mask = cpu_to_le32(arg->scan_chn_mask);
3527 
3528 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
3529 		   "WMI spectral scan config cmd vdev_id 0x%x\n",
3530 		   arg->vdev_id);
3531 
3532 	ret = ath12k_wmi_cmd_send(ar->wmi, skb,
3533 				  WMI_VDEV_SPECTRAL_SCAN_CONFIGURE_CMDID);
3534 	if (ret) {
3535 		ath12k_warn(ar->ab,
3536 			    "failed to send spectral scan config wmi cmd\n");
3537 		goto err;
3538 	}
3539 
3540 	return 0;
3541 err:
3542 	dev_kfree_skb(skb);
3543 	return ret;
3544 }
3545 
3546 int ath12k_wmi_vdev_spectral_enable(struct ath12k *ar, u32 vdev_id,
3547 				    u32 trigger, u32 enable)
3548 {
3549 	struct ath12k_wmi_vdev_spectral_enable_cmd *cmd;
3550 	struct sk_buff *skb;
3551 	int ret;
3552 
3553 	skb = ath12k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
3554 	if (!skb)
3555 		return -ENOMEM;
3556 
3557 	cmd = (struct ath12k_wmi_vdev_spectral_enable_cmd *)skb->data;
3558 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_SPECTRAL_ENABLE_CMD,
3559 						 sizeof(*cmd));
3560 
3561 	cmd->vdev_id = cpu_to_le32(vdev_id);
3562 	cmd->trigger_cmd = cpu_to_le32(trigger);
3563 	cmd->enable_cmd = cpu_to_le32(enable);
3564 
3565 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
3566 		   "WMI spectral enable cmd vdev id 0x%x\n",
3567 		   vdev_id);
3568 
3569 	ret = ath12k_wmi_cmd_send(ar->wmi, skb,
3570 				  WMI_VDEV_SPECTRAL_SCAN_ENABLE_CMDID);
3571 	if (ret) {
3572 		ath12k_warn(ar->ab,
3573 			    "failed to send spectral enable wmi cmd\n");
3574 		goto err;
3575 	}
3576 
3577 	return 0;
3578 err:
3579 	dev_kfree_skb(skb);
3580 	return ret;
3581 }
3582 
3583 int ath12k_wmi_pdev_dma_ring_cfg(struct ath12k *ar,
3584 				 struct ath12k_wmi_pdev_dma_ring_cfg_arg *arg)
3585 {
3586 	struct ath12k_wmi_pdev_dma_ring_cfg_req_cmd *cmd;
3587 	struct sk_buff *skb;
3588 	int ret;
3589 
3590 	skb = ath12k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
3591 	if (!skb)
3592 		return -ENOMEM;
3593 
3594 	cmd = (struct ath12k_wmi_pdev_dma_ring_cfg_req_cmd *)skb->data;
3595 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_DMA_RING_CFG_REQ,
3596 						 sizeof(*cmd));
3597 
3598 	cmd->pdev_id = cpu_to_le32(DP_SW2HW_MACID(arg->pdev_id));
3599 	cmd->module_id = cpu_to_le32(arg->module_id);
3600 	cmd->base_paddr_lo = cpu_to_le32(arg->base_paddr_lo);
3601 	cmd->base_paddr_hi = cpu_to_le32(arg->base_paddr_hi);
3602 	cmd->head_idx_paddr_lo = cpu_to_le32(arg->head_idx_paddr_lo);
3603 	cmd->head_idx_paddr_hi = cpu_to_le32(arg->head_idx_paddr_hi);
3604 	cmd->tail_idx_paddr_lo = cpu_to_le32(arg->tail_idx_paddr_lo);
3605 	cmd->tail_idx_paddr_hi = cpu_to_le32(arg->tail_idx_paddr_hi);
3606 	cmd->num_elems = cpu_to_le32(arg->num_elems);
3607 	cmd->buf_size = cpu_to_le32(arg->buf_size);
3608 	cmd->num_resp_per_event = cpu_to_le32(arg->num_resp_per_event);
3609 	cmd->event_timeout_ms = cpu_to_le32(arg->event_timeout_ms);
3610 
3611 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
3612 		   "WMI DMA ring cfg req cmd pdev_id 0x%x\n",
3613 		   arg->pdev_id);
3614 
3615 	ret = ath12k_wmi_cmd_send(ar->wmi, skb,
3616 				  WMI_PDEV_DMA_RING_CFG_REQ_CMDID);
3617 	if (ret) {
3618 		ath12k_warn(ar->ab,
3619 			    "failed to send dma ring cfg req wmi cmd\n");
3620 		goto err;
3621 	}
3622 
3623 	return 0;
3624 err:
3625 	dev_kfree_skb(skb);
3626 	return ret;
3627 }
3628 
3629 static int ath12k_wmi_dma_buf_entry_parse(struct ath12k_base *soc,
3630 					  u16 tag, u16 len,
3631 					  const void *ptr, void *data)
3632 {
3633 	struct ath12k_wmi_dma_buf_release_arg *arg = data;
3634 
3635 	if (tag != WMI_TAG_DMA_BUF_RELEASE_ENTRY)
3636 		return -EPROTO;
3637 
3638 	if (arg->num_buf_entry >= le32_to_cpu(arg->fixed.num_buf_release_entry))
3639 		return -ENOBUFS;
3640 
3641 	arg->num_buf_entry++;
3642 	return 0;
3643 }
3644 
3645 static int ath12k_wmi_dma_buf_meta_parse(struct ath12k_base *soc,
3646 					 u16 tag, u16 len,
3647 					 const void *ptr, void *data)
3648 {
3649 	struct ath12k_wmi_dma_buf_release_arg *arg = data;
3650 
3651 	if (tag != WMI_TAG_DMA_BUF_RELEASE_SPECTRAL_META_DATA)
3652 		return -EPROTO;
3653 
3654 	if (arg->num_meta >= le32_to_cpu(arg->fixed.num_meta_data_entry))
3655 		return -ENOBUFS;
3656 
3657 	arg->num_meta++;
3658 
3659 	return 0;
3660 }
3661 
3662 static int ath12k_wmi_dma_buf_parse(struct ath12k_base *ab,
3663 				    u16 tag, u16 len,
3664 				    const void *ptr, void *data)
3665 {
3666 	struct ath12k_wmi_dma_buf_release_arg *arg = data;
3667 	const struct ath12k_wmi_dma_buf_release_fixed_params *fixed;
3668 	u32 pdev_id;
3669 	int ret;
3670 
3671 	switch (tag) {
3672 	case WMI_TAG_DMA_BUF_RELEASE:
3673 		fixed = ptr;
3674 		arg->fixed = *fixed;
3675 		pdev_id = DP_HW2SW_MACID(le32_to_cpu(fixed->pdev_id));
3676 		arg->fixed.pdev_id = cpu_to_le32(pdev_id);
3677 		break;
3678 	case WMI_TAG_ARRAY_STRUCT:
3679 		if (!arg->buf_entry_done) {
3680 			arg->num_buf_entry = 0;
3681 			arg->buf_entry = ptr;
3682 
3683 			ret = ath12k_wmi_tlv_iter(ab, ptr, len,
3684 						  ath12k_wmi_dma_buf_entry_parse,
3685 						  arg);
3686 			if (ret) {
3687 				ath12k_warn(ab, "failed to parse dma buf entry tlv %d\n",
3688 					    ret);
3689 				return ret;
3690 			}
3691 
3692 			arg->buf_entry_done = true;
3693 		} else if (!arg->meta_data_done) {
3694 			arg->num_meta = 0;
3695 			arg->meta_data = ptr;
3696 
3697 			ret = ath12k_wmi_tlv_iter(ab, ptr, len,
3698 						  ath12k_wmi_dma_buf_meta_parse,
3699 						  arg);
3700 			if (ret) {
3701 				ath12k_warn(ab, "failed to parse dma buf meta tlv %d\n",
3702 					    ret);
3703 				return ret;
3704 			}
3705 
3706 			arg->meta_data_done = true;
3707 		}
3708 		break;
3709 	default:
3710 		break;
3711 	}
3712 	return 0;
3713 }
3714 
3715 static void ath12k_wmi_pdev_dma_ring_buf_release_event(struct ath12k_base *ab,
3716 						       struct sk_buff *skb)
3717 {
3718 	struct ath12k_wmi_dma_buf_release_arg arg = {};
3719 	struct ath12k_dbring_buf_release_event param;
3720 	int ret;
3721 
3722 	ret = ath12k_wmi_tlv_iter(ab, skb->data, skb->len,
3723 				  ath12k_wmi_dma_buf_parse,
3724 				  &arg);
3725 	if (ret) {
3726 		ath12k_warn(ab, "failed to parse dma buf release tlv %d\n", ret);
3727 		return;
3728 	}
3729 
3730 	param.fixed = arg.fixed;
3731 	param.buf_entry = arg.buf_entry;
3732 	param.num_buf_entry = arg.num_buf_entry;
3733 	param.meta_data = arg.meta_data;
3734 	param.num_meta = arg.num_meta;
3735 
3736 	ret = ath12k_dbring_buffer_release_event(ab, &param);
3737 	if (ret) {
3738 		ath12k_warn(ab, "failed to handle dma buf release event %d\n", ret);
3739 		return;
3740 	}
3741 }
3742 
3743 static int ath12k_wmi_hw_mode_caps_parse(struct ath12k_base *soc,
3744 					 u16 tag, u16 len,
3745 					 const void *ptr, void *data)
3746 {
3747 	struct ath12k_wmi_svc_rdy_ext_parse *svc_rdy_ext = data;
3748 	struct ath12k_wmi_hw_mode_cap_params *hw_mode_cap;
3749 	u32 phy_map = 0;
3750 
3751 	if (tag != WMI_TAG_HW_MODE_CAPABILITIES)
3752 		return -EPROTO;
3753 
3754 	if (svc_rdy_ext->n_hw_mode_caps >= svc_rdy_ext->arg.num_hw_modes)
3755 		return -ENOBUFS;
3756 
3757 	hw_mode_cap = container_of(ptr, struct ath12k_wmi_hw_mode_cap_params,
3758 				   hw_mode_id);
3759 	svc_rdy_ext->n_hw_mode_caps++;
3760 
3761 	phy_map = le32_to_cpu(hw_mode_cap->phy_id_map);
3762 	svc_rdy_ext->tot_phy_id += fls(phy_map);
3763 
3764 	return 0;
3765 }
3766 
3767 static int ath12k_wmi_hw_mode_caps(struct ath12k_base *soc,
3768 				   u16 len, const void *ptr, void *data)
3769 {
3770 	struct ath12k_wmi_svc_rdy_ext_parse *svc_rdy_ext = data;
3771 	const struct ath12k_wmi_hw_mode_cap_params *hw_mode_caps;
3772 	enum wmi_host_hw_mode_config_type mode, pref;
3773 	u32 i;
3774 	int ret;
3775 
3776 	svc_rdy_ext->n_hw_mode_caps = 0;
3777 	svc_rdy_ext->hw_mode_caps = ptr;
3778 
3779 	ret = ath12k_wmi_tlv_iter(soc, ptr, len,
3780 				  ath12k_wmi_hw_mode_caps_parse,
3781 				  svc_rdy_ext);
3782 	if (ret) {
3783 		ath12k_warn(soc, "failed to parse tlv %d\n", ret);
3784 		return ret;
3785 	}
3786 
3787 	for (i = 0 ; i < svc_rdy_ext->n_hw_mode_caps; i++) {
3788 		hw_mode_caps = &svc_rdy_ext->hw_mode_caps[i];
3789 		mode = le32_to_cpu(hw_mode_caps->hw_mode_id);
3790 
3791 		if (mode >= WMI_HOST_HW_MODE_MAX)
3792 			continue;
3793 
3794 		pref = soc->wmi_ab.preferred_hw_mode;
3795 
3796 		if (ath12k_hw_mode_pri_map[mode] < ath12k_hw_mode_pri_map[pref]) {
3797 			svc_rdy_ext->pref_hw_mode_caps = *hw_mode_caps;
3798 			soc->wmi_ab.preferred_hw_mode = mode;
3799 		}
3800 	}
3801 
3802 	ath12k_dbg(soc, ATH12K_DBG_WMI, "preferred_hw_mode:%d\n",
3803 		   soc->wmi_ab.preferred_hw_mode);
3804 	if (soc->wmi_ab.preferred_hw_mode == WMI_HOST_HW_MODE_MAX)
3805 		return -EINVAL;
3806 
3807 	return 0;
3808 }
3809 
3810 static int ath12k_wmi_mac_phy_caps_parse(struct ath12k_base *soc,
3811 					 u16 tag, u16 len,
3812 					 const void *ptr, void *data)
3813 {
3814 	struct ath12k_wmi_svc_rdy_ext_parse *svc_rdy_ext = data;
3815 
3816 	if (tag != WMI_TAG_MAC_PHY_CAPABILITIES)
3817 		return -EPROTO;
3818 
3819 	if (svc_rdy_ext->n_mac_phy_caps >= svc_rdy_ext->tot_phy_id)
3820 		return -ENOBUFS;
3821 
3822 	len = min_t(u16, len, sizeof(struct ath12k_wmi_mac_phy_caps_params));
3823 	if (!svc_rdy_ext->n_mac_phy_caps) {
3824 		svc_rdy_ext->mac_phy_caps = kzalloc((svc_rdy_ext->tot_phy_id) * len,
3825 						    GFP_ATOMIC);
3826 		if (!svc_rdy_ext->mac_phy_caps)
3827 			return -ENOMEM;
3828 	}
3829 
3830 	memcpy(svc_rdy_ext->mac_phy_caps + svc_rdy_ext->n_mac_phy_caps, ptr, len);
3831 	svc_rdy_ext->n_mac_phy_caps++;
3832 	return 0;
3833 }
3834 
3835 static int ath12k_wmi_ext_hal_reg_caps_parse(struct ath12k_base *soc,
3836 					     u16 tag, u16 len,
3837 					     const void *ptr, void *data)
3838 {
3839 	struct ath12k_wmi_svc_rdy_ext_parse *svc_rdy_ext = data;
3840 
3841 	if (tag != WMI_TAG_HAL_REG_CAPABILITIES_EXT)
3842 		return -EPROTO;
3843 
3844 	if (svc_rdy_ext->n_ext_hal_reg_caps >= svc_rdy_ext->arg.num_phy)
3845 		return -ENOBUFS;
3846 
3847 	svc_rdy_ext->n_ext_hal_reg_caps++;
3848 	return 0;
3849 }
3850 
3851 static int ath12k_wmi_ext_hal_reg_caps(struct ath12k_base *soc,
3852 				       u16 len, const void *ptr, void *data)
3853 {
3854 	struct ath12k_wmi_pdev *wmi_handle = &soc->wmi_ab.wmi[0];
3855 	struct ath12k_wmi_svc_rdy_ext_parse *svc_rdy_ext = data;
3856 	struct ath12k_wmi_hal_reg_capabilities_ext_arg reg_cap;
3857 	int ret;
3858 	u32 i;
3859 
3860 	svc_rdy_ext->n_ext_hal_reg_caps = 0;
3861 	svc_rdy_ext->ext_hal_reg_caps = ptr;
3862 	ret = ath12k_wmi_tlv_iter(soc, ptr, len,
3863 				  ath12k_wmi_ext_hal_reg_caps_parse,
3864 				  svc_rdy_ext);
3865 	if (ret) {
3866 		ath12k_warn(soc, "failed to parse tlv %d\n", ret);
3867 		return ret;
3868 	}
3869 
3870 	for (i = 0; i < svc_rdy_ext->arg.num_phy; i++) {
3871 		ret = ath12k_pull_reg_cap_svc_rdy_ext(wmi_handle,
3872 						      svc_rdy_ext->soc_hal_reg_caps,
3873 						      svc_rdy_ext->ext_hal_reg_caps, i,
3874 						      &reg_cap);
3875 		if (ret) {
3876 			ath12k_warn(soc, "failed to extract reg cap %d\n", i);
3877 			return ret;
3878 		}
3879 
3880 		if (reg_cap.phy_id >= MAX_RADIOS) {
3881 			ath12k_warn(soc, "unexpected phy id %u\n", reg_cap.phy_id);
3882 			return -EINVAL;
3883 		}
3884 
3885 		soc->hal_reg_cap[reg_cap.phy_id] = reg_cap;
3886 	}
3887 	return 0;
3888 }
3889 
3890 static int ath12k_wmi_ext_soc_hal_reg_caps_parse(struct ath12k_base *soc,
3891 						 u16 len, const void *ptr,
3892 						 void *data)
3893 {
3894 	struct ath12k_wmi_pdev *wmi_handle = &soc->wmi_ab.wmi[0];
3895 	struct ath12k_wmi_svc_rdy_ext_parse *svc_rdy_ext = data;
3896 	u8 hw_mode_id = le32_to_cpu(svc_rdy_ext->pref_hw_mode_caps.hw_mode_id);
3897 	u32 phy_id_map;
3898 	int pdev_index = 0;
3899 	int ret;
3900 
3901 	svc_rdy_ext->soc_hal_reg_caps = ptr;
3902 	svc_rdy_ext->arg.num_phy = le32_to_cpu(svc_rdy_ext->soc_hal_reg_caps->num_phy);
3903 
3904 	soc->num_radios = 0;
3905 	phy_id_map = le32_to_cpu(svc_rdy_ext->pref_hw_mode_caps.phy_id_map);
3906 	soc->fw_pdev_count = 0;
3907 
3908 	while (phy_id_map && soc->num_radios < MAX_RADIOS) {
3909 		ret = ath12k_pull_mac_phy_cap_svc_ready_ext(wmi_handle,
3910 							    svc_rdy_ext,
3911 							    hw_mode_id, soc->num_radios,
3912 							    &soc->pdevs[pdev_index]);
3913 		if (ret) {
3914 			ath12k_warn(soc, "failed to extract mac caps, idx :%d\n",
3915 				    soc->num_radios);
3916 			return ret;
3917 		}
3918 
3919 		soc->num_radios++;
3920 
3921 		/* For single_pdev_only targets,
3922 		 * save mac_phy capability in the same pdev
3923 		 */
3924 		if (soc->hw_params->single_pdev_only)
3925 			pdev_index = 0;
3926 		else
3927 			pdev_index = soc->num_radios;
3928 
3929 		/* TODO: mac_phy_cap prints */
3930 		phy_id_map >>= 1;
3931 	}
3932 
3933 	if (soc->hw_params->single_pdev_only) {
3934 		soc->num_radios = 1;
3935 		soc->pdevs[0].pdev_id = 0;
3936 	}
3937 
3938 	return 0;
3939 }
3940 
3941 static int ath12k_wmi_dma_ring_caps_parse(struct ath12k_base *soc,
3942 					  u16 tag, u16 len,
3943 					  const void *ptr, void *data)
3944 {
3945 	struct ath12k_wmi_dma_ring_caps_parse *parse = data;
3946 
3947 	if (tag != WMI_TAG_DMA_RING_CAPABILITIES)
3948 		return -EPROTO;
3949 
3950 	parse->n_dma_ring_caps++;
3951 	return 0;
3952 }
3953 
3954 static int ath12k_wmi_alloc_dbring_caps(struct ath12k_base *ab,
3955 					u32 num_cap)
3956 {
3957 	size_t sz;
3958 	void *ptr;
3959 
3960 	sz = num_cap * sizeof(struct ath12k_dbring_cap);
3961 	ptr = kzalloc(sz, GFP_ATOMIC);
3962 	if (!ptr)
3963 		return -ENOMEM;
3964 
3965 	ab->db_caps = ptr;
3966 	ab->num_db_cap = num_cap;
3967 
3968 	return 0;
3969 }
3970 
3971 static void ath12k_wmi_free_dbring_caps(struct ath12k_base *ab)
3972 {
3973 	kfree(ab->db_caps);
3974 	ab->db_caps = NULL;
3975 }
3976 
3977 static int ath12k_wmi_dma_ring_caps(struct ath12k_base *ab,
3978 				    u16 len, const void *ptr, void *data)
3979 {
3980 	struct ath12k_wmi_dma_ring_caps_parse *dma_caps_parse = data;
3981 	struct ath12k_wmi_dma_ring_caps_params *dma_caps;
3982 	struct ath12k_dbring_cap *dir_buff_caps;
3983 	int ret;
3984 	u32 i;
3985 
3986 	dma_caps_parse->n_dma_ring_caps = 0;
3987 	dma_caps = (struct ath12k_wmi_dma_ring_caps_params *)ptr;
3988 	ret = ath12k_wmi_tlv_iter(ab, ptr, len,
3989 				  ath12k_wmi_dma_ring_caps_parse,
3990 				  dma_caps_parse);
3991 	if (ret) {
3992 		ath12k_warn(ab, "failed to parse dma ring caps tlv %d\n", ret);
3993 		return ret;
3994 	}
3995 
3996 	if (!dma_caps_parse->n_dma_ring_caps)
3997 		return 0;
3998 
3999 	if (ab->num_db_cap) {
4000 		ath12k_warn(ab, "Already processed, so ignoring dma ring caps\n");
4001 		return 0;
4002 	}
4003 
4004 	ret = ath12k_wmi_alloc_dbring_caps(ab, dma_caps_parse->n_dma_ring_caps);
4005 	if (ret)
4006 		return ret;
4007 
4008 	dir_buff_caps = ab->db_caps;
4009 	for (i = 0; i < dma_caps_parse->n_dma_ring_caps; i++) {
4010 		if (le32_to_cpu(dma_caps[i].module_id) >= WMI_DIRECT_BUF_MAX) {
4011 			ath12k_warn(ab, "Invalid module id %d\n",
4012 				    le32_to_cpu(dma_caps[i].module_id));
4013 			ret = -EINVAL;
4014 			goto free_dir_buff;
4015 		}
4016 
4017 		dir_buff_caps[i].id = le32_to_cpu(dma_caps[i].module_id);
4018 		dir_buff_caps[i].pdev_id =
4019 			DP_HW2SW_MACID(le32_to_cpu(dma_caps[i].pdev_id));
4020 		dir_buff_caps[i].min_elem = le32_to_cpu(dma_caps[i].min_elem);
4021 		dir_buff_caps[i].min_buf_sz = le32_to_cpu(dma_caps[i].min_buf_sz);
4022 		dir_buff_caps[i].min_buf_align = le32_to_cpu(dma_caps[i].min_buf_align);
4023 	}
4024 
4025 	return 0;
4026 
4027 free_dir_buff:
4028 	ath12k_wmi_free_dbring_caps(ab);
4029 	return ret;
4030 }
4031 
4032 static int ath12k_wmi_svc_rdy_ext_parse(struct ath12k_base *ab,
4033 					u16 tag, u16 len,
4034 					const void *ptr, void *data)
4035 {
4036 	struct ath12k_wmi_pdev *wmi_handle = &ab->wmi_ab.wmi[0];
4037 	struct ath12k_wmi_svc_rdy_ext_parse *svc_rdy_ext = data;
4038 	int ret;
4039 
4040 	switch (tag) {
4041 	case WMI_TAG_SERVICE_READY_EXT_EVENT:
4042 		ret = ath12k_pull_svc_ready_ext(wmi_handle, ptr,
4043 						&svc_rdy_ext->arg);
4044 		if (ret) {
4045 			ath12k_warn(ab, "unable to extract ext params\n");
4046 			return ret;
4047 		}
4048 		break;
4049 
4050 	case WMI_TAG_SOC_MAC_PHY_HW_MODE_CAPS:
4051 		svc_rdy_ext->hw_caps = ptr;
4052 		svc_rdy_ext->arg.num_hw_modes =
4053 			le32_to_cpu(svc_rdy_ext->hw_caps->num_hw_modes);
4054 		break;
4055 
4056 	case WMI_TAG_SOC_HAL_REG_CAPABILITIES:
4057 		ret = ath12k_wmi_ext_soc_hal_reg_caps_parse(ab, len, ptr,
4058 							    svc_rdy_ext);
4059 		if (ret)
4060 			return ret;
4061 		break;
4062 
4063 	case WMI_TAG_ARRAY_STRUCT:
4064 		if (!svc_rdy_ext->hw_mode_done) {
4065 			ret = ath12k_wmi_hw_mode_caps(ab, len, ptr, svc_rdy_ext);
4066 			if (ret)
4067 				return ret;
4068 
4069 			svc_rdy_ext->hw_mode_done = true;
4070 		} else if (!svc_rdy_ext->mac_phy_done) {
4071 			svc_rdy_ext->n_mac_phy_caps = 0;
4072 			ret = ath12k_wmi_tlv_iter(ab, ptr, len,
4073 						  ath12k_wmi_mac_phy_caps_parse,
4074 						  svc_rdy_ext);
4075 			if (ret) {
4076 				ath12k_warn(ab, "failed to parse tlv %d\n", ret);
4077 				return ret;
4078 			}
4079 
4080 			svc_rdy_ext->mac_phy_done = true;
4081 		} else if (!svc_rdy_ext->ext_hal_reg_done) {
4082 			ret = ath12k_wmi_ext_hal_reg_caps(ab, len, ptr, svc_rdy_ext);
4083 			if (ret)
4084 				return ret;
4085 
4086 			svc_rdy_ext->ext_hal_reg_done = true;
4087 		} else if (!svc_rdy_ext->mac_phy_chainmask_combo_done) {
4088 			svc_rdy_ext->mac_phy_chainmask_combo_done = true;
4089 		} else if (!svc_rdy_ext->mac_phy_chainmask_cap_done) {
4090 			svc_rdy_ext->mac_phy_chainmask_cap_done = true;
4091 		} else if (!svc_rdy_ext->oem_dma_ring_cap_done) {
4092 			svc_rdy_ext->oem_dma_ring_cap_done = true;
4093 		} else if (!svc_rdy_ext->dma_ring_cap_done) {
4094 			ret = ath12k_wmi_dma_ring_caps(ab, len, ptr,
4095 						       &svc_rdy_ext->dma_caps_parse);
4096 			if (ret)
4097 				return ret;
4098 
4099 			svc_rdy_ext->dma_ring_cap_done = true;
4100 		}
4101 		break;
4102 
4103 	default:
4104 		break;
4105 	}
4106 	return 0;
4107 }
4108 
4109 static int ath12k_service_ready_ext_event(struct ath12k_base *ab,
4110 					  struct sk_buff *skb)
4111 {
4112 	struct ath12k_wmi_svc_rdy_ext_parse svc_rdy_ext = { };
4113 	int ret;
4114 
4115 	ret = ath12k_wmi_tlv_iter(ab, skb->data, skb->len,
4116 				  ath12k_wmi_svc_rdy_ext_parse,
4117 				  &svc_rdy_ext);
4118 	if (ret) {
4119 		ath12k_warn(ab, "failed to parse tlv %d\n", ret);
4120 		goto err;
4121 	}
4122 
4123 	if (!test_bit(WMI_TLV_SERVICE_EXT2_MSG, ab->wmi_ab.svc_map))
4124 		complete(&ab->wmi_ab.service_ready);
4125 
4126 	kfree(svc_rdy_ext.mac_phy_caps);
4127 	return 0;
4128 
4129 err:
4130 	ath12k_wmi_free_dbring_caps(ab);
4131 	return ret;
4132 }
4133 
4134 static int ath12k_pull_svc_ready_ext2(struct ath12k_wmi_pdev *wmi_handle,
4135 				      const void *ptr,
4136 				      struct ath12k_wmi_svc_rdy_ext2_arg *arg)
4137 {
4138 	const struct wmi_service_ready_ext2_event *ev = ptr;
4139 
4140 	if (!ev)
4141 		return -EINVAL;
4142 
4143 	arg->reg_db_version = le32_to_cpu(ev->reg_db_version);
4144 	arg->hw_min_max_tx_power_2ghz = le32_to_cpu(ev->hw_min_max_tx_power_2ghz);
4145 	arg->hw_min_max_tx_power_5ghz = le32_to_cpu(ev->hw_min_max_tx_power_5ghz);
4146 	arg->chwidth_num_peer_caps = le32_to_cpu(ev->chwidth_num_peer_caps);
4147 	arg->preamble_puncture_bw = le32_to_cpu(ev->preamble_puncture_bw);
4148 	arg->max_user_per_ppdu_ofdma = le32_to_cpu(ev->max_user_per_ppdu_ofdma);
4149 	arg->max_user_per_ppdu_mumimo = le32_to_cpu(ev->max_user_per_ppdu_mumimo);
4150 	arg->target_cap_flags = le32_to_cpu(ev->target_cap_flags);
4151 	return 0;
4152 }
4153 
4154 static void ath12k_wmi_eht_caps_parse(struct ath12k_pdev *pdev, u32 band,
4155 				      const __le32 cap_mac_info[],
4156 				      const __le32 cap_phy_info[],
4157 				      const __le32 supp_mcs[],
4158 				      const struct ath12k_wmi_ppe_threshold_params *ppet,
4159 				       __le32 cap_info_internal)
4160 {
4161 	struct ath12k_band_cap *cap_band = &pdev->cap.band[band];
4162 	u8 i;
4163 
4164 	for (i = 0; i < WMI_MAX_EHTCAP_MAC_SIZE; i++)
4165 		cap_band->eht_cap_mac_info[i] = le32_to_cpu(cap_mac_info[i]);
4166 
4167 	for (i = 0; i < WMI_MAX_EHTCAP_PHY_SIZE; i++)
4168 		cap_band->eht_cap_phy_info[i] = le32_to_cpu(cap_phy_info[i]);
4169 
4170 	cap_band->eht_mcs_20_only = le32_to_cpu(supp_mcs[0]);
4171 	cap_band->eht_mcs_80 = le32_to_cpu(supp_mcs[1]);
4172 	if (band != NL80211_BAND_2GHZ) {
4173 		cap_band->eht_mcs_160 = le32_to_cpu(supp_mcs[2]);
4174 		cap_band->eht_mcs_320 = le32_to_cpu(supp_mcs[3]);
4175 	}
4176 
4177 	cap_band->eht_ppet.numss_m1 = le32_to_cpu(ppet->numss_m1);
4178 	cap_band->eht_ppet.ru_bit_mask = le32_to_cpu(ppet->ru_info);
4179 	for (i = 0; i < WMI_MAX_NUM_SS; i++)
4180 		cap_band->eht_ppet.ppet16_ppet8_ru3_ru0[i] =
4181 			le32_to_cpu(ppet->ppet16_ppet8_ru3_ru0[i]);
4182 
4183 	cap_band->eht_cap_info_internal = le32_to_cpu(cap_info_internal);
4184 }
4185 
4186 static int
4187 ath12k_wmi_tlv_mac_phy_caps_ext_parse(struct ath12k_base *ab,
4188 				      const struct ath12k_wmi_caps_ext_params *caps,
4189 				      struct ath12k_pdev *pdev)
4190 {
4191 	u32 bands;
4192 	int i;
4193 
4194 	if (ab->hw_params->single_pdev_only) {
4195 		for (i = 0; i < ab->fw_pdev_count; i++) {
4196 			struct ath12k_fw_pdev *fw_pdev = &ab->fw_pdev[i];
4197 
4198 			if (fw_pdev->pdev_id == le32_to_cpu(caps->pdev_id) &&
4199 			    fw_pdev->phy_id == le32_to_cpu(caps->phy_id)) {
4200 				bands = fw_pdev->supported_bands;
4201 				break;
4202 			}
4203 		}
4204 
4205 		if (i == ab->fw_pdev_count)
4206 			return -EINVAL;
4207 	} else {
4208 		bands = pdev->cap.supported_bands;
4209 	}
4210 
4211 	if (bands & WMI_HOST_WLAN_2G_CAP) {
4212 		ath12k_wmi_eht_caps_parse(pdev, NL80211_BAND_2GHZ,
4213 					  caps->eht_cap_mac_info_2ghz,
4214 					  caps->eht_cap_phy_info_2ghz,
4215 					  caps->eht_supp_mcs_ext_2ghz,
4216 					  &caps->eht_ppet_2ghz,
4217 					  caps->eht_cap_info_internal);
4218 	}
4219 
4220 	if (bands & WMI_HOST_WLAN_5G_CAP) {
4221 		ath12k_wmi_eht_caps_parse(pdev, NL80211_BAND_5GHZ,
4222 					  caps->eht_cap_mac_info_5ghz,
4223 					  caps->eht_cap_phy_info_5ghz,
4224 					  caps->eht_supp_mcs_ext_5ghz,
4225 					  &caps->eht_ppet_5ghz,
4226 					  caps->eht_cap_info_internal);
4227 
4228 		ath12k_wmi_eht_caps_parse(pdev, NL80211_BAND_6GHZ,
4229 					  caps->eht_cap_mac_info_5ghz,
4230 					  caps->eht_cap_phy_info_5ghz,
4231 					  caps->eht_supp_mcs_ext_5ghz,
4232 					  &caps->eht_ppet_5ghz,
4233 					  caps->eht_cap_info_internal);
4234 	}
4235 
4236 	return 0;
4237 }
4238 
4239 static int ath12k_wmi_tlv_mac_phy_caps_ext(struct ath12k_base *ab, u16 tag,
4240 					   u16 len, const void *ptr,
4241 					   void *data)
4242 {
4243 	const struct ath12k_wmi_caps_ext_params *caps = ptr;
4244 	int i = 0, ret;
4245 
4246 	if (tag != WMI_TAG_MAC_PHY_CAPABILITIES_EXT)
4247 		return -EPROTO;
4248 
4249 	if (ab->hw_params->single_pdev_only) {
4250 		if (ab->wmi_ab.preferred_hw_mode != le32_to_cpu(caps->hw_mode_id))
4251 			return 0;
4252 	} else {
4253 		for (i = 0; i < ab->num_radios; i++) {
4254 			if (ab->pdevs[i].pdev_id == le32_to_cpu(caps->pdev_id))
4255 				break;
4256 		}
4257 
4258 		if (i == ab->num_radios)
4259 			return -EINVAL;
4260 	}
4261 
4262 	ret = ath12k_wmi_tlv_mac_phy_caps_ext_parse(ab, caps, &ab->pdevs[i]);
4263 	if (ret) {
4264 		ath12k_warn(ab,
4265 			    "failed to parse extended MAC PHY capabilities for pdev %d: %d\n",
4266 			    ret, ab->pdevs[i].pdev_id);
4267 		return ret;
4268 	}
4269 
4270 	return 0;
4271 }
4272 
4273 static int ath12k_wmi_svc_rdy_ext2_parse(struct ath12k_base *ab,
4274 					 u16 tag, u16 len,
4275 					 const void *ptr, void *data)
4276 {
4277 	struct ath12k_wmi_pdev *wmi_handle = &ab->wmi_ab.wmi[0];
4278 	struct ath12k_wmi_svc_rdy_ext2_parse *parse = data;
4279 	int ret;
4280 
4281 	switch (tag) {
4282 	case WMI_TAG_SERVICE_READY_EXT2_EVENT:
4283 		ret = ath12k_pull_svc_ready_ext2(wmi_handle, ptr,
4284 						 &parse->arg);
4285 		if (ret) {
4286 			ath12k_warn(ab,
4287 				    "failed to extract wmi service ready ext2 parameters: %d\n",
4288 				    ret);
4289 			return ret;
4290 		}
4291 		break;
4292 
4293 	case WMI_TAG_ARRAY_STRUCT:
4294 		if (!parse->dma_ring_cap_done) {
4295 			ret = ath12k_wmi_dma_ring_caps(ab, len, ptr,
4296 						       &parse->dma_caps_parse);
4297 			if (ret)
4298 				return ret;
4299 
4300 			parse->dma_ring_cap_done = true;
4301 		} else if (!parse->spectral_bin_scaling_done) {
4302 			/* TODO: This is a place-holder as WMI tag for
4303 			 * spectral scaling is before
4304 			 * WMI_TAG_MAC_PHY_CAPABILITIES_EXT
4305 			 */
4306 			parse->spectral_bin_scaling_done = true;
4307 		} else if (!parse->mac_phy_caps_ext_done) {
4308 			ret = ath12k_wmi_tlv_iter(ab, ptr, len,
4309 						  ath12k_wmi_tlv_mac_phy_caps_ext,
4310 						  parse);
4311 			if (ret) {
4312 				ath12k_warn(ab, "failed to parse extended MAC PHY capabilities WMI TLV: %d\n",
4313 					    ret);
4314 				return ret;
4315 			}
4316 
4317 			parse->mac_phy_caps_ext_done = true;
4318 		}
4319 		break;
4320 	default:
4321 		break;
4322 	}
4323 
4324 	return 0;
4325 }
4326 
4327 static int ath12k_service_ready_ext2_event(struct ath12k_base *ab,
4328 					   struct sk_buff *skb)
4329 {
4330 	struct ath12k_wmi_svc_rdy_ext2_parse svc_rdy_ext2 = { };
4331 	int ret;
4332 
4333 	ret = ath12k_wmi_tlv_iter(ab, skb->data, skb->len,
4334 				  ath12k_wmi_svc_rdy_ext2_parse,
4335 				  &svc_rdy_ext2);
4336 	if (ret) {
4337 		ath12k_warn(ab, "failed to parse ext2 event tlv %d\n", ret);
4338 		goto err;
4339 	}
4340 
4341 	complete(&ab->wmi_ab.service_ready);
4342 
4343 	return 0;
4344 
4345 err:
4346 	ath12k_wmi_free_dbring_caps(ab);
4347 	return ret;
4348 }
4349 
4350 static int ath12k_pull_vdev_start_resp_tlv(struct ath12k_base *ab, struct sk_buff *skb,
4351 					   struct wmi_vdev_start_resp_event *vdev_rsp)
4352 {
4353 	const void **tb;
4354 	const struct wmi_vdev_start_resp_event *ev;
4355 	int ret;
4356 
4357 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4358 	if (IS_ERR(tb)) {
4359 		ret = PTR_ERR(tb);
4360 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
4361 		return ret;
4362 	}
4363 
4364 	ev = tb[WMI_TAG_VDEV_START_RESPONSE_EVENT];
4365 	if (!ev) {
4366 		ath12k_warn(ab, "failed to fetch vdev start resp ev");
4367 		kfree(tb);
4368 		return -EPROTO;
4369 	}
4370 
4371 	*vdev_rsp = *ev;
4372 
4373 	kfree(tb);
4374 	return 0;
4375 }
4376 
4377 static struct ath12k_reg_rule
4378 *create_ext_reg_rules_from_wmi(u32 num_reg_rules,
4379 			       struct ath12k_wmi_reg_rule_ext_params *wmi_reg_rule)
4380 {
4381 	struct ath12k_reg_rule *reg_rule_ptr;
4382 	u32 count;
4383 
4384 	reg_rule_ptr = kzalloc((num_reg_rules * sizeof(*reg_rule_ptr)),
4385 			       GFP_ATOMIC);
4386 
4387 	if (!reg_rule_ptr)
4388 		return NULL;
4389 
4390 	for (count = 0; count < num_reg_rules; count++) {
4391 		reg_rule_ptr[count].start_freq =
4392 			le32_get_bits(wmi_reg_rule[count].freq_info,
4393 				      REG_RULE_START_FREQ);
4394 		reg_rule_ptr[count].end_freq =
4395 			le32_get_bits(wmi_reg_rule[count].freq_info,
4396 				      REG_RULE_END_FREQ);
4397 		reg_rule_ptr[count].max_bw =
4398 			le32_get_bits(wmi_reg_rule[count].bw_pwr_info,
4399 				      REG_RULE_MAX_BW);
4400 		reg_rule_ptr[count].reg_power =
4401 			le32_get_bits(wmi_reg_rule[count].bw_pwr_info,
4402 				      REG_RULE_REG_PWR);
4403 		reg_rule_ptr[count].ant_gain =
4404 			le32_get_bits(wmi_reg_rule[count].bw_pwr_info,
4405 				      REG_RULE_ANT_GAIN);
4406 		reg_rule_ptr[count].flags =
4407 			le32_get_bits(wmi_reg_rule[count].flag_info,
4408 				      REG_RULE_FLAGS);
4409 		reg_rule_ptr[count].psd_flag =
4410 			le32_get_bits(wmi_reg_rule[count].psd_power_info,
4411 				      REG_RULE_PSD_INFO);
4412 		reg_rule_ptr[count].psd_eirp =
4413 			le32_get_bits(wmi_reg_rule[count].psd_power_info,
4414 				      REG_RULE_PSD_EIRP);
4415 	}
4416 
4417 	return reg_rule_ptr;
4418 }
4419 
4420 static int ath12k_pull_reg_chan_list_ext_update_ev(struct ath12k_base *ab,
4421 						   struct sk_buff *skb,
4422 						   struct ath12k_reg_info *reg_info)
4423 {
4424 	const void **tb;
4425 	const struct wmi_reg_chan_list_cc_ext_event *ev;
4426 	struct ath12k_wmi_reg_rule_ext_params *ext_wmi_reg_rule;
4427 	u32 num_2g_reg_rules, num_5g_reg_rules;
4428 	u32 num_6g_reg_rules_ap[WMI_REG_CURRENT_MAX_AP_TYPE];
4429 	u32 num_6g_reg_rules_cl[WMI_REG_CURRENT_MAX_AP_TYPE][WMI_REG_MAX_CLIENT_TYPE];
4430 	u32 total_reg_rules = 0;
4431 	int ret, i, j;
4432 
4433 	ath12k_dbg(ab, ATH12K_DBG_WMI, "processing regulatory ext channel list\n");
4434 
4435 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4436 	if (IS_ERR(tb)) {
4437 		ret = PTR_ERR(tb);
4438 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
4439 		return ret;
4440 	}
4441 
4442 	ev = tb[WMI_TAG_REG_CHAN_LIST_CC_EXT_EVENT];
4443 	if (!ev) {
4444 		ath12k_warn(ab, "failed to fetch reg chan list ext update ev\n");
4445 		kfree(tb);
4446 		return -EPROTO;
4447 	}
4448 
4449 	reg_info->num_2g_reg_rules = le32_to_cpu(ev->num_2g_reg_rules);
4450 	reg_info->num_5g_reg_rules = le32_to_cpu(ev->num_5g_reg_rules);
4451 	reg_info->num_6g_reg_rules_ap[WMI_REG_INDOOR_AP] =
4452 		le32_to_cpu(ev->num_6g_reg_rules_ap_lpi);
4453 	reg_info->num_6g_reg_rules_ap[WMI_REG_STD_POWER_AP] =
4454 		le32_to_cpu(ev->num_6g_reg_rules_ap_sp);
4455 	reg_info->num_6g_reg_rules_ap[WMI_REG_VLP_AP] =
4456 		le32_to_cpu(ev->num_6g_reg_rules_ap_vlp);
4457 
4458 	for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
4459 		reg_info->num_6g_reg_rules_cl[WMI_REG_INDOOR_AP][i] =
4460 			le32_to_cpu(ev->num_6g_reg_rules_cl_lpi[i]);
4461 		reg_info->num_6g_reg_rules_cl[WMI_REG_STD_POWER_AP][i] =
4462 			le32_to_cpu(ev->num_6g_reg_rules_cl_sp[i]);
4463 		reg_info->num_6g_reg_rules_cl[WMI_REG_VLP_AP][i] =
4464 			le32_to_cpu(ev->num_6g_reg_rules_cl_vlp[i]);
4465 	}
4466 
4467 	num_2g_reg_rules = reg_info->num_2g_reg_rules;
4468 	total_reg_rules += num_2g_reg_rules;
4469 	num_5g_reg_rules = reg_info->num_5g_reg_rules;
4470 	total_reg_rules += num_5g_reg_rules;
4471 
4472 	if (num_2g_reg_rules > MAX_REG_RULES || num_5g_reg_rules > MAX_REG_RULES) {
4473 		ath12k_warn(ab, "Num reg rules for 2G/5G exceeds max limit (num_2g_reg_rules: %d num_5g_reg_rules: %d max_rules: %d)\n",
4474 			    num_2g_reg_rules, num_5g_reg_rules, MAX_REG_RULES);
4475 		kfree(tb);
4476 		return -EINVAL;
4477 	}
4478 
4479 	for (i = 0; i < WMI_REG_CURRENT_MAX_AP_TYPE; i++) {
4480 		num_6g_reg_rules_ap[i] = reg_info->num_6g_reg_rules_ap[i];
4481 
4482 		if (num_6g_reg_rules_ap[i] > MAX_6G_REG_RULES) {
4483 			ath12k_warn(ab, "Num 6G reg rules for AP mode(%d) exceeds max limit (num_6g_reg_rules_ap: %d, max_rules: %d)\n",
4484 				    i, num_6g_reg_rules_ap[i], MAX_6G_REG_RULES);
4485 			kfree(tb);
4486 			return -EINVAL;
4487 		}
4488 
4489 		total_reg_rules += num_6g_reg_rules_ap[i];
4490 	}
4491 
4492 	for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
4493 		num_6g_reg_rules_cl[WMI_REG_INDOOR_AP][i] =
4494 				reg_info->num_6g_reg_rules_cl[WMI_REG_INDOOR_AP][i];
4495 		total_reg_rules += num_6g_reg_rules_cl[WMI_REG_INDOOR_AP][i];
4496 
4497 		num_6g_reg_rules_cl[WMI_REG_STD_POWER_AP][i] =
4498 				reg_info->num_6g_reg_rules_cl[WMI_REG_STD_POWER_AP][i];
4499 		total_reg_rules += num_6g_reg_rules_cl[WMI_REG_STD_POWER_AP][i];
4500 
4501 		num_6g_reg_rules_cl[WMI_REG_VLP_AP][i] =
4502 				reg_info->num_6g_reg_rules_cl[WMI_REG_VLP_AP][i];
4503 		total_reg_rules += num_6g_reg_rules_cl[WMI_REG_VLP_AP][i];
4504 
4505 		if (num_6g_reg_rules_cl[WMI_REG_INDOOR_AP][i] > MAX_6G_REG_RULES ||
4506 		    num_6g_reg_rules_cl[WMI_REG_STD_POWER_AP][i] > MAX_6G_REG_RULES ||
4507 		    num_6g_reg_rules_cl[WMI_REG_VLP_AP][i] >  MAX_6G_REG_RULES) {
4508 			ath12k_warn(ab, "Num 6g client reg rules exceeds max limit, for client(type: %d)\n",
4509 				    i);
4510 			kfree(tb);
4511 			return -EINVAL;
4512 		}
4513 	}
4514 
4515 	if (!total_reg_rules) {
4516 		ath12k_warn(ab, "No reg rules available\n");
4517 		kfree(tb);
4518 		return -EINVAL;
4519 	}
4520 
4521 	memcpy(reg_info->alpha2, &ev->alpha2, REG_ALPHA2_LEN);
4522 
4523 	/* FIXME: Currently FW includes 6G reg rule also in 5G rule
4524 	 * list for country US.
4525 	 * Having same 6G reg rule in 5G and 6G rules list causes
4526 	 * intersect check to be true, and same rules will be shown
4527 	 * multiple times in iw cmd. So added hack below to avoid
4528 	 * parsing 6G rule from 5G reg rule list, and this can be
4529 	 * removed later, after FW updates to remove 6G reg rule
4530 	 * from 5G rules list.
4531 	 */
4532 	if (memcmp(reg_info->alpha2, "US", 2) == 0) {
4533 		reg_info->num_5g_reg_rules = REG_US_5G_NUM_REG_RULES;
4534 		num_5g_reg_rules = reg_info->num_5g_reg_rules;
4535 	}
4536 
4537 	reg_info->dfs_region = le32_to_cpu(ev->dfs_region);
4538 	reg_info->phybitmap = le32_to_cpu(ev->phybitmap);
4539 	reg_info->num_phy = le32_to_cpu(ev->num_phy);
4540 	reg_info->phy_id = le32_to_cpu(ev->phy_id);
4541 	reg_info->ctry_code = le32_to_cpu(ev->country_id);
4542 	reg_info->reg_dmn_pair = le32_to_cpu(ev->domain_code);
4543 
4544 	switch (le32_to_cpu(ev->status_code)) {
4545 	case WMI_REG_SET_CC_STATUS_PASS:
4546 		reg_info->status_code = REG_SET_CC_STATUS_PASS;
4547 		break;
4548 	case WMI_REG_CURRENT_ALPHA2_NOT_FOUND:
4549 		reg_info->status_code = REG_CURRENT_ALPHA2_NOT_FOUND;
4550 		break;
4551 	case WMI_REG_INIT_ALPHA2_NOT_FOUND:
4552 		reg_info->status_code = REG_INIT_ALPHA2_NOT_FOUND;
4553 		break;
4554 	case WMI_REG_SET_CC_CHANGE_NOT_ALLOWED:
4555 		reg_info->status_code = REG_SET_CC_CHANGE_NOT_ALLOWED;
4556 		break;
4557 	case WMI_REG_SET_CC_STATUS_NO_MEMORY:
4558 		reg_info->status_code = REG_SET_CC_STATUS_NO_MEMORY;
4559 		break;
4560 	case WMI_REG_SET_CC_STATUS_FAIL:
4561 		reg_info->status_code = REG_SET_CC_STATUS_FAIL;
4562 		break;
4563 	}
4564 
4565 	reg_info->is_ext_reg_event = true;
4566 
4567 	reg_info->min_bw_2g = le32_to_cpu(ev->min_bw_2g);
4568 	reg_info->max_bw_2g = le32_to_cpu(ev->max_bw_2g);
4569 	reg_info->min_bw_5g = le32_to_cpu(ev->min_bw_5g);
4570 	reg_info->max_bw_5g = le32_to_cpu(ev->max_bw_5g);
4571 	reg_info->min_bw_6g_ap[WMI_REG_INDOOR_AP] = le32_to_cpu(ev->min_bw_6g_ap_lpi);
4572 	reg_info->max_bw_6g_ap[WMI_REG_INDOOR_AP] = le32_to_cpu(ev->max_bw_6g_ap_lpi);
4573 	reg_info->min_bw_6g_ap[WMI_REG_STD_POWER_AP] = le32_to_cpu(ev->min_bw_6g_ap_sp);
4574 	reg_info->max_bw_6g_ap[WMI_REG_STD_POWER_AP] = le32_to_cpu(ev->max_bw_6g_ap_sp);
4575 	reg_info->min_bw_6g_ap[WMI_REG_VLP_AP] = le32_to_cpu(ev->min_bw_6g_ap_vlp);
4576 	reg_info->max_bw_6g_ap[WMI_REG_VLP_AP] = le32_to_cpu(ev->max_bw_6g_ap_vlp);
4577 
4578 	for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
4579 		reg_info->min_bw_6g_client[WMI_REG_INDOOR_AP][i] =
4580 			le32_to_cpu(ev->min_bw_6g_client_lpi[i]);
4581 		reg_info->max_bw_6g_client[WMI_REG_INDOOR_AP][i] =
4582 			le32_to_cpu(ev->max_bw_6g_client_lpi[i]);
4583 		reg_info->min_bw_6g_client[WMI_REG_STD_POWER_AP][i] =
4584 			le32_to_cpu(ev->min_bw_6g_client_sp[i]);
4585 		reg_info->max_bw_6g_client[WMI_REG_STD_POWER_AP][i] =
4586 			le32_to_cpu(ev->max_bw_6g_client_sp[i]);
4587 		reg_info->min_bw_6g_client[WMI_REG_VLP_AP][i] =
4588 			le32_to_cpu(ev->min_bw_6g_client_vlp[i]);
4589 		reg_info->max_bw_6g_client[WMI_REG_VLP_AP][i] =
4590 			le32_to_cpu(ev->max_bw_6g_client_vlp[i]);
4591 	}
4592 
4593 	ath12k_dbg(ab, ATH12K_DBG_WMI,
4594 		   "%s:cc_ext %s dsf %d BW: min_2g %d max_2g %d min_5g %d max_5g %d",
4595 		   __func__, reg_info->alpha2, reg_info->dfs_region,
4596 		   reg_info->min_bw_2g, reg_info->max_bw_2g,
4597 		   reg_info->min_bw_5g, reg_info->max_bw_5g);
4598 
4599 	ath12k_dbg(ab, ATH12K_DBG_WMI,
4600 		   "num_2g_reg_rules %d num_5g_reg_rules %d",
4601 		   num_2g_reg_rules, num_5g_reg_rules);
4602 
4603 	ath12k_dbg(ab, ATH12K_DBG_WMI,
4604 		   "num_6g_reg_rules_ap_lpi: %d num_6g_reg_rules_ap_sp: %d num_6g_reg_rules_ap_vlp: %d",
4605 		   num_6g_reg_rules_ap[WMI_REG_INDOOR_AP],
4606 		   num_6g_reg_rules_ap[WMI_REG_STD_POWER_AP],
4607 		   num_6g_reg_rules_ap[WMI_REG_VLP_AP]);
4608 
4609 	ath12k_dbg(ab, ATH12K_DBG_WMI,
4610 		   "6g Regular client: num_6g_reg_rules_lpi: %d num_6g_reg_rules_sp: %d num_6g_reg_rules_vlp: %d",
4611 		   num_6g_reg_rules_cl[WMI_REG_INDOOR_AP][WMI_REG_DEFAULT_CLIENT],
4612 		   num_6g_reg_rules_cl[WMI_REG_STD_POWER_AP][WMI_REG_DEFAULT_CLIENT],
4613 		   num_6g_reg_rules_cl[WMI_REG_VLP_AP][WMI_REG_DEFAULT_CLIENT]);
4614 
4615 	ath12k_dbg(ab, ATH12K_DBG_WMI,
4616 		   "6g Subordinate client: num_6g_reg_rules_lpi: %d num_6g_reg_rules_sp: %d num_6g_reg_rules_vlp: %d",
4617 		   num_6g_reg_rules_cl[WMI_REG_INDOOR_AP][WMI_REG_SUBORDINATE_CLIENT],
4618 		   num_6g_reg_rules_cl[WMI_REG_STD_POWER_AP][WMI_REG_SUBORDINATE_CLIENT],
4619 		   num_6g_reg_rules_cl[WMI_REG_VLP_AP][WMI_REG_SUBORDINATE_CLIENT]);
4620 
4621 	ext_wmi_reg_rule =
4622 		(struct ath12k_wmi_reg_rule_ext_params *)((u8 *)ev
4623 			+ sizeof(*ev)
4624 			+ sizeof(struct wmi_tlv));
4625 
4626 	if (num_2g_reg_rules) {
4627 		reg_info->reg_rules_2g_ptr =
4628 			create_ext_reg_rules_from_wmi(num_2g_reg_rules,
4629 						      ext_wmi_reg_rule);
4630 
4631 		if (!reg_info->reg_rules_2g_ptr) {
4632 			kfree(tb);
4633 			ath12k_warn(ab, "Unable to Allocate memory for 2g rules\n");
4634 			return -ENOMEM;
4635 		}
4636 	}
4637 
4638 	if (num_5g_reg_rules) {
4639 		ext_wmi_reg_rule += num_2g_reg_rules;
4640 		reg_info->reg_rules_5g_ptr =
4641 			create_ext_reg_rules_from_wmi(num_5g_reg_rules,
4642 						      ext_wmi_reg_rule);
4643 
4644 		if (!reg_info->reg_rules_5g_ptr) {
4645 			kfree(tb);
4646 			ath12k_warn(ab, "Unable to Allocate memory for 5g rules\n");
4647 			return -ENOMEM;
4648 		}
4649 	}
4650 
4651 	ext_wmi_reg_rule += num_5g_reg_rules;
4652 
4653 	for (i = 0; i < WMI_REG_CURRENT_MAX_AP_TYPE; i++) {
4654 		reg_info->reg_rules_6g_ap_ptr[i] =
4655 			create_ext_reg_rules_from_wmi(num_6g_reg_rules_ap[i],
4656 						      ext_wmi_reg_rule);
4657 
4658 		if (!reg_info->reg_rules_6g_ap_ptr[i]) {
4659 			kfree(tb);
4660 			ath12k_warn(ab, "Unable to Allocate memory for 6g ap rules\n");
4661 			return -ENOMEM;
4662 		}
4663 
4664 		ext_wmi_reg_rule += num_6g_reg_rules_ap[i];
4665 	}
4666 
4667 	for (j = 0; j < WMI_REG_CURRENT_MAX_AP_TYPE; j++) {
4668 		for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
4669 			reg_info->reg_rules_6g_client_ptr[j][i] =
4670 				create_ext_reg_rules_from_wmi(num_6g_reg_rules_cl[j][i],
4671 							      ext_wmi_reg_rule);
4672 
4673 			if (!reg_info->reg_rules_6g_client_ptr[j][i]) {
4674 				kfree(tb);
4675 				ath12k_warn(ab, "Unable to Allocate memory for 6g client rules\n");
4676 				return -ENOMEM;
4677 			}
4678 
4679 			ext_wmi_reg_rule += num_6g_reg_rules_cl[j][i];
4680 		}
4681 	}
4682 
4683 	reg_info->client_type = le32_to_cpu(ev->client_type);
4684 	reg_info->rnr_tpe_usable = ev->rnr_tpe_usable;
4685 	reg_info->unspecified_ap_usable = ev->unspecified_ap_usable;
4686 	reg_info->domain_code_6g_ap[WMI_REG_INDOOR_AP] =
4687 		le32_to_cpu(ev->domain_code_6g_ap_lpi);
4688 	reg_info->domain_code_6g_ap[WMI_REG_STD_POWER_AP] =
4689 		le32_to_cpu(ev->domain_code_6g_ap_sp);
4690 	reg_info->domain_code_6g_ap[WMI_REG_VLP_AP] =
4691 		le32_to_cpu(ev->domain_code_6g_ap_vlp);
4692 
4693 	for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
4694 		reg_info->domain_code_6g_client[WMI_REG_INDOOR_AP][i] =
4695 			le32_to_cpu(ev->domain_code_6g_client_lpi[i]);
4696 		reg_info->domain_code_6g_client[WMI_REG_STD_POWER_AP][i] =
4697 			le32_to_cpu(ev->domain_code_6g_client_sp[i]);
4698 		reg_info->domain_code_6g_client[WMI_REG_VLP_AP][i] =
4699 			le32_to_cpu(ev->domain_code_6g_client_vlp[i]);
4700 	}
4701 
4702 	reg_info->domain_code_6g_super_id = le32_to_cpu(ev->domain_code_6g_super_id);
4703 
4704 	ath12k_dbg(ab, ATH12K_DBG_WMI, "6g client_type: %d domain_code_6g_super_id: %d",
4705 		   reg_info->client_type, reg_info->domain_code_6g_super_id);
4706 
4707 	ath12k_dbg(ab, ATH12K_DBG_WMI, "processed regulatory ext channel list\n");
4708 
4709 	kfree(tb);
4710 	return 0;
4711 }
4712 
4713 static int ath12k_pull_peer_del_resp_ev(struct ath12k_base *ab, struct sk_buff *skb,
4714 					struct wmi_peer_delete_resp_event *peer_del_resp)
4715 {
4716 	const void **tb;
4717 	const struct wmi_peer_delete_resp_event *ev;
4718 	int ret;
4719 
4720 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4721 	if (IS_ERR(tb)) {
4722 		ret = PTR_ERR(tb);
4723 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
4724 		return ret;
4725 	}
4726 
4727 	ev = tb[WMI_TAG_PEER_DELETE_RESP_EVENT];
4728 	if (!ev) {
4729 		ath12k_warn(ab, "failed to fetch peer delete resp ev");
4730 		kfree(tb);
4731 		return -EPROTO;
4732 	}
4733 
4734 	memset(peer_del_resp, 0, sizeof(*peer_del_resp));
4735 
4736 	peer_del_resp->vdev_id = ev->vdev_id;
4737 	ether_addr_copy(peer_del_resp->peer_macaddr.addr,
4738 			ev->peer_macaddr.addr);
4739 
4740 	kfree(tb);
4741 	return 0;
4742 }
4743 
4744 static int ath12k_pull_vdev_del_resp_ev(struct ath12k_base *ab,
4745 					struct sk_buff *skb,
4746 					u32 *vdev_id)
4747 {
4748 	const void **tb;
4749 	const struct wmi_vdev_delete_resp_event *ev;
4750 	int ret;
4751 
4752 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4753 	if (IS_ERR(tb)) {
4754 		ret = PTR_ERR(tb);
4755 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
4756 		return ret;
4757 	}
4758 
4759 	ev = tb[WMI_TAG_VDEV_DELETE_RESP_EVENT];
4760 	if (!ev) {
4761 		ath12k_warn(ab, "failed to fetch vdev delete resp ev");
4762 		kfree(tb);
4763 		return -EPROTO;
4764 	}
4765 
4766 	*vdev_id = le32_to_cpu(ev->vdev_id);
4767 
4768 	kfree(tb);
4769 	return 0;
4770 }
4771 
4772 static int ath12k_pull_bcn_tx_status_ev(struct ath12k_base *ab, void *evt_buf,
4773 					u32 len, u32 *vdev_id,
4774 					u32 *tx_status)
4775 {
4776 	const void **tb;
4777 	const struct wmi_bcn_tx_status_event *ev;
4778 	int ret;
4779 
4780 	tb = ath12k_wmi_tlv_parse_alloc(ab, evt_buf, len, GFP_ATOMIC);
4781 	if (IS_ERR(tb)) {
4782 		ret = PTR_ERR(tb);
4783 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
4784 		return ret;
4785 	}
4786 
4787 	ev = tb[WMI_TAG_OFFLOAD_BCN_TX_STATUS_EVENT];
4788 	if (!ev) {
4789 		ath12k_warn(ab, "failed to fetch bcn tx status ev");
4790 		kfree(tb);
4791 		return -EPROTO;
4792 	}
4793 
4794 	*vdev_id = le32_to_cpu(ev->vdev_id);
4795 	*tx_status = le32_to_cpu(ev->tx_status);
4796 
4797 	kfree(tb);
4798 	return 0;
4799 }
4800 
4801 static int ath12k_pull_vdev_stopped_param_tlv(struct ath12k_base *ab, struct sk_buff *skb,
4802 					      u32 *vdev_id)
4803 {
4804 	const void **tb;
4805 	const struct wmi_vdev_stopped_event *ev;
4806 	int ret;
4807 
4808 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4809 	if (IS_ERR(tb)) {
4810 		ret = PTR_ERR(tb);
4811 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
4812 		return ret;
4813 	}
4814 
4815 	ev = tb[WMI_TAG_VDEV_STOPPED_EVENT];
4816 	if (!ev) {
4817 		ath12k_warn(ab, "failed to fetch vdev stop ev");
4818 		kfree(tb);
4819 		return -EPROTO;
4820 	}
4821 
4822 	*vdev_id = le32_to_cpu(ev->vdev_id);
4823 
4824 	kfree(tb);
4825 	return 0;
4826 }
4827 
4828 static int ath12k_wmi_tlv_mgmt_rx_parse(struct ath12k_base *ab,
4829 					u16 tag, u16 len,
4830 					const void *ptr, void *data)
4831 {
4832 	struct wmi_tlv_mgmt_rx_parse *parse = data;
4833 
4834 	switch (tag) {
4835 	case WMI_TAG_MGMT_RX_HDR:
4836 		parse->fixed = ptr;
4837 		break;
4838 	case WMI_TAG_ARRAY_BYTE:
4839 		if (!parse->frame_buf_done) {
4840 			parse->frame_buf = ptr;
4841 			parse->frame_buf_done = true;
4842 		}
4843 		break;
4844 	}
4845 	return 0;
4846 }
4847 
4848 static int ath12k_pull_mgmt_rx_params_tlv(struct ath12k_base *ab,
4849 					  struct sk_buff *skb,
4850 					  struct ath12k_wmi_mgmt_rx_arg *hdr)
4851 {
4852 	struct wmi_tlv_mgmt_rx_parse parse = { };
4853 	const struct ath12k_wmi_mgmt_rx_params *ev;
4854 	const u8 *frame;
4855 	int i, ret;
4856 
4857 	ret = ath12k_wmi_tlv_iter(ab, skb->data, skb->len,
4858 				  ath12k_wmi_tlv_mgmt_rx_parse,
4859 				  &parse);
4860 	if (ret) {
4861 		ath12k_warn(ab, "failed to parse mgmt rx tlv %d\n", ret);
4862 		return ret;
4863 	}
4864 
4865 	ev = parse.fixed;
4866 	frame = parse.frame_buf;
4867 
4868 	if (!ev || !frame) {
4869 		ath12k_warn(ab, "failed to fetch mgmt rx hdr");
4870 		return -EPROTO;
4871 	}
4872 
4873 	hdr->pdev_id = le32_to_cpu(ev->pdev_id);
4874 	hdr->chan_freq = le32_to_cpu(ev->chan_freq);
4875 	hdr->channel = le32_to_cpu(ev->channel);
4876 	hdr->snr = le32_to_cpu(ev->snr);
4877 	hdr->rate = le32_to_cpu(ev->rate);
4878 	hdr->phy_mode = le32_to_cpu(ev->phy_mode);
4879 	hdr->buf_len = le32_to_cpu(ev->buf_len);
4880 	hdr->status = le32_to_cpu(ev->status);
4881 	hdr->flags = le32_to_cpu(ev->flags);
4882 	hdr->rssi = a_sle32_to_cpu(ev->rssi);
4883 	hdr->tsf_delta = le32_to_cpu(ev->tsf_delta);
4884 
4885 	for (i = 0; i < ATH_MAX_ANTENNA; i++)
4886 		hdr->rssi_ctl[i] = le32_to_cpu(ev->rssi_ctl[i]);
4887 
4888 	if (skb->len < (frame - skb->data) + hdr->buf_len) {
4889 		ath12k_warn(ab, "invalid length in mgmt rx hdr ev");
4890 		return -EPROTO;
4891 	}
4892 
4893 	/* shift the sk_buff to point to `frame` */
4894 	skb_trim(skb, 0);
4895 	skb_put(skb, frame - skb->data);
4896 	skb_pull(skb, frame - skb->data);
4897 	skb_put(skb, hdr->buf_len);
4898 
4899 	return 0;
4900 }
4901 
4902 static int wmi_process_mgmt_tx_comp(struct ath12k *ar, u32 desc_id,
4903 				    u32 status)
4904 {
4905 	struct sk_buff *msdu;
4906 	struct ieee80211_tx_info *info;
4907 	struct ath12k_skb_cb *skb_cb;
4908 	int num_mgmt;
4909 
4910 	spin_lock_bh(&ar->txmgmt_idr_lock);
4911 	msdu = idr_find(&ar->txmgmt_idr, desc_id);
4912 
4913 	if (!msdu) {
4914 		ath12k_warn(ar->ab, "received mgmt tx compl for invalid msdu_id: %d\n",
4915 			    desc_id);
4916 		spin_unlock_bh(&ar->txmgmt_idr_lock);
4917 		return -ENOENT;
4918 	}
4919 
4920 	idr_remove(&ar->txmgmt_idr, desc_id);
4921 	spin_unlock_bh(&ar->txmgmt_idr_lock);
4922 
4923 	skb_cb = ATH12K_SKB_CB(msdu);
4924 	dma_unmap_single(ar->ab->dev, skb_cb->paddr, msdu->len, DMA_TO_DEVICE);
4925 
4926 	info = IEEE80211_SKB_CB(msdu);
4927 	if ((!(info->flags & IEEE80211_TX_CTL_NO_ACK)) && !status)
4928 		info->flags |= IEEE80211_TX_STAT_ACK;
4929 
4930 	ieee80211_tx_status_irqsafe(ar->hw, msdu);
4931 
4932 	num_mgmt = atomic_dec_if_positive(&ar->num_pending_mgmt_tx);
4933 
4934 	/* WARN when we received this event without doing any mgmt tx */
4935 	if (num_mgmt < 0)
4936 		WARN_ON_ONCE(1);
4937 
4938 	if (!num_mgmt)
4939 		wake_up(&ar->txmgmt_empty_waitq);
4940 
4941 	return 0;
4942 }
4943 
4944 static int ath12k_pull_mgmt_tx_compl_param_tlv(struct ath12k_base *ab,
4945 					       struct sk_buff *skb,
4946 					       struct wmi_mgmt_tx_compl_event *param)
4947 {
4948 	const void **tb;
4949 	const struct wmi_mgmt_tx_compl_event *ev;
4950 	int ret;
4951 
4952 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4953 	if (IS_ERR(tb)) {
4954 		ret = PTR_ERR(tb);
4955 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
4956 		return ret;
4957 	}
4958 
4959 	ev = tb[WMI_TAG_MGMT_TX_COMPL_EVENT];
4960 	if (!ev) {
4961 		ath12k_warn(ab, "failed to fetch mgmt tx compl ev");
4962 		kfree(tb);
4963 		return -EPROTO;
4964 	}
4965 
4966 	param->pdev_id = ev->pdev_id;
4967 	param->desc_id = ev->desc_id;
4968 	param->status = ev->status;
4969 
4970 	kfree(tb);
4971 	return 0;
4972 }
4973 
4974 static void ath12k_wmi_event_scan_started(struct ath12k *ar)
4975 {
4976 	lockdep_assert_held(&ar->data_lock);
4977 
4978 	switch (ar->scan.state) {
4979 	case ATH12K_SCAN_IDLE:
4980 	case ATH12K_SCAN_RUNNING:
4981 	case ATH12K_SCAN_ABORTING:
4982 		ath12k_warn(ar->ab, "received scan started event in an invalid scan state: %s (%d)\n",
4983 			    ath12k_scan_state_str(ar->scan.state),
4984 			    ar->scan.state);
4985 		break;
4986 	case ATH12K_SCAN_STARTING:
4987 		ar->scan.state = ATH12K_SCAN_RUNNING;
4988 		complete(&ar->scan.started);
4989 		break;
4990 	}
4991 }
4992 
4993 static void ath12k_wmi_event_scan_start_failed(struct ath12k *ar)
4994 {
4995 	lockdep_assert_held(&ar->data_lock);
4996 
4997 	switch (ar->scan.state) {
4998 	case ATH12K_SCAN_IDLE:
4999 	case ATH12K_SCAN_RUNNING:
5000 	case ATH12K_SCAN_ABORTING:
5001 		ath12k_warn(ar->ab, "received scan start failed event in an invalid scan state: %s (%d)\n",
5002 			    ath12k_scan_state_str(ar->scan.state),
5003 			    ar->scan.state);
5004 		break;
5005 	case ATH12K_SCAN_STARTING:
5006 		complete(&ar->scan.started);
5007 		__ath12k_mac_scan_finish(ar);
5008 		break;
5009 	}
5010 }
5011 
5012 static void ath12k_wmi_event_scan_completed(struct ath12k *ar)
5013 {
5014 	lockdep_assert_held(&ar->data_lock);
5015 
5016 	switch (ar->scan.state) {
5017 	case ATH12K_SCAN_IDLE:
5018 	case ATH12K_SCAN_STARTING:
5019 		/* One suspected reason scan can be completed while starting is
5020 		 * if firmware fails to deliver all scan events to the host,
5021 		 * e.g. when transport pipe is full. This has been observed
5022 		 * with spectral scan phyerr events starving wmi transport
5023 		 * pipe. In such case the "scan completed" event should be (and
5024 		 * is) ignored by the host as it may be just firmware's scan
5025 		 * state machine recovering.
5026 		 */
5027 		ath12k_warn(ar->ab, "received scan completed event in an invalid scan state: %s (%d)\n",
5028 			    ath12k_scan_state_str(ar->scan.state),
5029 			    ar->scan.state);
5030 		break;
5031 	case ATH12K_SCAN_RUNNING:
5032 	case ATH12K_SCAN_ABORTING:
5033 		__ath12k_mac_scan_finish(ar);
5034 		break;
5035 	}
5036 }
5037 
5038 static void ath12k_wmi_event_scan_bss_chan(struct ath12k *ar)
5039 {
5040 	lockdep_assert_held(&ar->data_lock);
5041 
5042 	switch (ar->scan.state) {
5043 	case ATH12K_SCAN_IDLE:
5044 	case ATH12K_SCAN_STARTING:
5045 		ath12k_warn(ar->ab, "received scan bss chan event in an invalid scan state: %s (%d)\n",
5046 			    ath12k_scan_state_str(ar->scan.state),
5047 			    ar->scan.state);
5048 		break;
5049 	case ATH12K_SCAN_RUNNING:
5050 	case ATH12K_SCAN_ABORTING:
5051 		ar->scan_channel = NULL;
5052 		break;
5053 	}
5054 }
5055 
5056 static void ath12k_wmi_event_scan_foreign_chan(struct ath12k *ar, u32 freq)
5057 {
5058 	lockdep_assert_held(&ar->data_lock);
5059 
5060 	switch (ar->scan.state) {
5061 	case ATH12K_SCAN_IDLE:
5062 	case ATH12K_SCAN_STARTING:
5063 		ath12k_warn(ar->ab, "received scan foreign chan event in an invalid scan state: %s (%d)\n",
5064 			    ath12k_scan_state_str(ar->scan.state),
5065 			    ar->scan.state);
5066 		break;
5067 	case ATH12K_SCAN_RUNNING:
5068 	case ATH12K_SCAN_ABORTING:
5069 		ar->scan_channel = ieee80211_get_channel(ar->hw->wiphy, freq);
5070 		break;
5071 	}
5072 }
5073 
5074 static const char *
5075 ath12k_wmi_event_scan_type_str(enum wmi_scan_event_type type,
5076 			       enum wmi_scan_completion_reason reason)
5077 {
5078 	switch (type) {
5079 	case WMI_SCAN_EVENT_STARTED:
5080 		return "started";
5081 	case WMI_SCAN_EVENT_COMPLETED:
5082 		switch (reason) {
5083 		case WMI_SCAN_REASON_COMPLETED:
5084 			return "completed";
5085 		case WMI_SCAN_REASON_CANCELLED:
5086 			return "completed [cancelled]";
5087 		case WMI_SCAN_REASON_PREEMPTED:
5088 			return "completed [preempted]";
5089 		case WMI_SCAN_REASON_TIMEDOUT:
5090 			return "completed [timedout]";
5091 		case WMI_SCAN_REASON_INTERNAL_FAILURE:
5092 			return "completed [internal err]";
5093 		case WMI_SCAN_REASON_MAX:
5094 			break;
5095 		}
5096 		return "completed [unknown]";
5097 	case WMI_SCAN_EVENT_BSS_CHANNEL:
5098 		return "bss channel";
5099 	case WMI_SCAN_EVENT_FOREIGN_CHAN:
5100 		return "foreign channel";
5101 	case WMI_SCAN_EVENT_DEQUEUED:
5102 		return "dequeued";
5103 	case WMI_SCAN_EVENT_PREEMPTED:
5104 		return "preempted";
5105 	case WMI_SCAN_EVENT_START_FAILED:
5106 		return "start failed";
5107 	case WMI_SCAN_EVENT_RESTARTED:
5108 		return "restarted";
5109 	case WMI_SCAN_EVENT_FOREIGN_CHAN_EXIT:
5110 		return "foreign channel exit";
5111 	default:
5112 		return "unknown";
5113 	}
5114 }
5115 
5116 static int ath12k_pull_scan_ev(struct ath12k_base *ab, struct sk_buff *skb,
5117 			       struct wmi_scan_event *scan_evt_param)
5118 {
5119 	const void **tb;
5120 	const struct wmi_scan_event *ev;
5121 	int ret;
5122 
5123 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5124 	if (IS_ERR(tb)) {
5125 		ret = PTR_ERR(tb);
5126 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
5127 		return ret;
5128 	}
5129 
5130 	ev = tb[WMI_TAG_SCAN_EVENT];
5131 	if (!ev) {
5132 		ath12k_warn(ab, "failed to fetch scan ev");
5133 		kfree(tb);
5134 		return -EPROTO;
5135 	}
5136 
5137 	scan_evt_param->event_type = ev->event_type;
5138 	scan_evt_param->reason = ev->reason;
5139 	scan_evt_param->channel_freq = ev->channel_freq;
5140 	scan_evt_param->scan_req_id = ev->scan_req_id;
5141 	scan_evt_param->scan_id = ev->scan_id;
5142 	scan_evt_param->vdev_id = ev->vdev_id;
5143 	scan_evt_param->tsf_timestamp = ev->tsf_timestamp;
5144 
5145 	kfree(tb);
5146 	return 0;
5147 }
5148 
5149 static int ath12k_pull_peer_sta_kickout_ev(struct ath12k_base *ab, struct sk_buff *skb,
5150 					   struct wmi_peer_sta_kickout_arg *arg)
5151 {
5152 	const void **tb;
5153 	const struct wmi_peer_sta_kickout_event *ev;
5154 	int ret;
5155 
5156 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5157 	if (IS_ERR(tb)) {
5158 		ret = PTR_ERR(tb);
5159 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
5160 		return ret;
5161 	}
5162 
5163 	ev = tb[WMI_TAG_PEER_STA_KICKOUT_EVENT];
5164 	if (!ev) {
5165 		ath12k_warn(ab, "failed to fetch peer sta kickout ev");
5166 		kfree(tb);
5167 		return -EPROTO;
5168 	}
5169 
5170 	arg->mac_addr = ev->peer_macaddr.addr;
5171 
5172 	kfree(tb);
5173 	return 0;
5174 }
5175 
5176 static int ath12k_pull_roam_ev(struct ath12k_base *ab, struct sk_buff *skb,
5177 			       struct wmi_roam_event *roam_ev)
5178 {
5179 	const void **tb;
5180 	const struct wmi_roam_event *ev;
5181 	int ret;
5182 
5183 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5184 	if (IS_ERR(tb)) {
5185 		ret = PTR_ERR(tb);
5186 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
5187 		return ret;
5188 	}
5189 
5190 	ev = tb[WMI_TAG_ROAM_EVENT];
5191 	if (!ev) {
5192 		ath12k_warn(ab, "failed to fetch roam ev");
5193 		kfree(tb);
5194 		return -EPROTO;
5195 	}
5196 
5197 	roam_ev->vdev_id = ev->vdev_id;
5198 	roam_ev->reason = ev->reason;
5199 	roam_ev->rssi = ev->rssi;
5200 
5201 	kfree(tb);
5202 	return 0;
5203 }
5204 
5205 static int freq_to_idx(struct ath12k *ar, int freq)
5206 {
5207 	struct ieee80211_supported_band *sband;
5208 	int band, ch, idx = 0;
5209 
5210 	for (band = NL80211_BAND_2GHZ; band < NUM_NL80211_BANDS; band++) {
5211 		if (!ar->mac.sbands[band].channels)
5212 			continue;
5213 
5214 		sband = ar->hw->wiphy->bands[band];
5215 		if (!sband)
5216 			continue;
5217 
5218 		for (ch = 0; ch < sband->n_channels; ch++, idx++)
5219 			if (sband->channels[ch].center_freq == freq)
5220 				goto exit;
5221 	}
5222 
5223 exit:
5224 	return idx;
5225 }
5226 
5227 static int ath12k_pull_chan_info_ev(struct ath12k_base *ab, u8 *evt_buf,
5228 				    u32 len, struct wmi_chan_info_event *ch_info_ev)
5229 {
5230 	const void **tb;
5231 	const struct wmi_chan_info_event *ev;
5232 	int ret;
5233 
5234 	tb = ath12k_wmi_tlv_parse_alloc(ab, evt_buf, len, GFP_ATOMIC);
5235 	if (IS_ERR(tb)) {
5236 		ret = PTR_ERR(tb);
5237 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
5238 		return ret;
5239 	}
5240 
5241 	ev = tb[WMI_TAG_CHAN_INFO_EVENT];
5242 	if (!ev) {
5243 		ath12k_warn(ab, "failed to fetch chan info ev");
5244 		kfree(tb);
5245 		return -EPROTO;
5246 	}
5247 
5248 	ch_info_ev->err_code = ev->err_code;
5249 	ch_info_ev->freq = ev->freq;
5250 	ch_info_ev->cmd_flags = ev->cmd_flags;
5251 	ch_info_ev->noise_floor = ev->noise_floor;
5252 	ch_info_ev->rx_clear_count = ev->rx_clear_count;
5253 	ch_info_ev->cycle_count = ev->cycle_count;
5254 	ch_info_ev->chan_tx_pwr_range = ev->chan_tx_pwr_range;
5255 	ch_info_ev->chan_tx_pwr_tp = ev->chan_tx_pwr_tp;
5256 	ch_info_ev->rx_frame_count = ev->rx_frame_count;
5257 	ch_info_ev->tx_frame_cnt = ev->tx_frame_cnt;
5258 	ch_info_ev->mac_clk_mhz = ev->mac_clk_mhz;
5259 	ch_info_ev->vdev_id = ev->vdev_id;
5260 
5261 	kfree(tb);
5262 	return 0;
5263 }
5264 
5265 static int
5266 ath12k_pull_pdev_bss_chan_info_ev(struct ath12k_base *ab, struct sk_buff *skb,
5267 				  struct wmi_pdev_bss_chan_info_event *bss_ch_info_ev)
5268 {
5269 	const void **tb;
5270 	const struct wmi_pdev_bss_chan_info_event *ev;
5271 	int ret;
5272 
5273 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5274 	if (IS_ERR(tb)) {
5275 		ret = PTR_ERR(tb);
5276 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
5277 		return ret;
5278 	}
5279 
5280 	ev = tb[WMI_TAG_PDEV_BSS_CHAN_INFO_EVENT];
5281 	if (!ev) {
5282 		ath12k_warn(ab, "failed to fetch pdev bss chan info ev");
5283 		kfree(tb);
5284 		return -EPROTO;
5285 	}
5286 
5287 	bss_ch_info_ev->pdev_id = ev->pdev_id;
5288 	bss_ch_info_ev->freq = ev->freq;
5289 	bss_ch_info_ev->noise_floor = ev->noise_floor;
5290 	bss_ch_info_ev->rx_clear_count_low = ev->rx_clear_count_low;
5291 	bss_ch_info_ev->rx_clear_count_high = ev->rx_clear_count_high;
5292 	bss_ch_info_ev->cycle_count_low = ev->cycle_count_low;
5293 	bss_ch_info_ev->cycle_count_high = ev->cycle_count_high;
5294 	bss_ch_info_ev->tx_cycle_count_low = ev->tx_cycle_count_low;
5295 	bss_ch_info_ev->tx_cycle_count_high = ev->tx_cycle_count_high;
5296 	bss_ch_info_ev->rx_cycle_count_low = ev->rx_cycle_count_low;
5297 	bss_ch_info_ev->rx_cycle_count_high = ev->rx_cycle_count_high;
5298 	bss_ch_info_ev->rx_bss_cycle_count_low = ev->rx_bss_cycle_count_low;
5299 	bss_ch_info_ev->rx_bss_cycle_count_high = ev->rx_bss_cycle_count_high;
5300 
5301 	kfree(tb);
5302 	return 0;
5303 }
5304 
5305 static int
5306 ath12k_pull_vdev_install_key_compl_ev(struct ath12k_base *ab, struct sk_buff *skb,
5307 				      struct wmi_vdev_install_key_complete_arg *arg)
5308 {
5309 	const void **tb;
5310 	const struct wmi_vdev_install_key_compl_event *ev;
5311 	int ret;
5312 
5313 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5314 	if (IS_ERR(tb)) {
5315 		ret = PTR_ERR(tb);
5316 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
5317 		return ret;
5318 	}
5319 
5320 	ev = tb[WMI_TAG_VDEV_INSTALL_KEY_COMPLETE_EVENT];
5321 	if (!ev) {
5322 		ath12k_warn(ab, "failed to fetch vdev install key compl ev");
5323 		kfree(tb);
5324 		return -EPROTO;
5325 	}
5326 
5327 	arg->vdev_id = le32_to_cpu(ev->vdev_id);
5328 	arg->macaddr = ev->peer_macaddr.addr;
5329 	arg->key_idx = le32_to_cpu(ev->key_idx);
5330 	arg->key_flags = le32_to_cpu(ev->key_flags);
5331 	arg->status = le32_to_cpu(ev->status);
5332 
5333 	kfree(tb);
5334 	return 0;
5335 }
5336 
5337 static int ath12k_pull_peer_assoc_conf_ev(struct ath12k_base *ab, struct sk_buff *skb,
5338 					  struct wmi_peer_assoc_conf_arg *peer_assoc_conf)
5339 {
5340 	const void **tb;
5341 	const struct wmi_peer_assoc_conf_event *ev;
5342 	int ret;
5343 
5344 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5345 	if (IS_ERR(tb)) {
5346 		ret = PTR_ERR(tb);
5347 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
5348 		return ret;
5349 	}
5350 
5351 	ev = tb[WMI_TAG_PEER_ASSOC_CONF_EVENT];
5352 	if (!ev) {
5353 		ath12k_warn(ab, "failed to fetch peer assoc conf ev");
5354 		kfree(tb);
5355 		return -EPROTO;
5356 	}
5357 
5358 	peer_assoc_conf->vdev_id = le32_to_cpu(ev->vdev_id);
5359 	peer_assoc_conf->macaddr = ev->peer_macaddr.addr;
5360 
5361 	kfree(tb);
5362 	return 0;
5363 }
5364 
5365 static int
5366 ath12k_pull_pdev_temp_ev(struct ath12k_base *ab, u8 *evt_buf,
5367 			 u32 len, const struct wmi_pdev_temperature_event *ev)
5368 {
5369 	const void **tb;
5370 	int ret;
5371 
5372 	tb = ath12k_wmi_tlv_parse_alloc(ab, evt_buf, len, GFP_ATOMIC);
5373 	if (IS_ERR(tb)) {
5374 		ret = PTR_ERR(tb);
5375 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
5376 		return ret;
5377 	}
5378 
5379 	ev = tb[WMI_TAG_PDEV_TEMPERATURE_EVENT];
5380 	if (!ev) {
5381 		ath12k_warn(ab, "failed to fetch pdev temp ev");
5382 		kfree(tb);
5383 		return -EPROTO;
5384 	}
5385 
5386 	kfree(tb);
5387 	return 0;
5388 }
5389 
5390 static void ath12k_wmi_op_ep_tx_credits(struct ath12k_base *ab)
5391 {
5392 	/* try to send pending beacons first. they take priority */
5393 	wake_up(&ab->wmi_ab.tx_credits_wq);
5394 }
5395 
5396 static void ath12k_wmi_htc_tx_complete(struct ath12k_base *ab,
5397 				       struct sk_buff *skb)
5398 {
5399 	dev_kfree_skb(skb);
5400 }
5401 
5402 static bool ath12k_reg_is_world_alpha(char *alpha)
5403 {
5404 	return alpha[0] == '0' && alpha[1] == '0';
5405 }
5406 
5407 static int ath12k_reg_chan_list_event(struct ath12k_base *ab, struct sk_buff *skb)
5408 {
5409 	struct ath12k_reg_info *reg_info = NULL;
5410 	struct ieee80211_regdomain *regd = NULL;
5411 	bool intersect = false;
5412 	int ret = 0, pdev_idx, i, j;
5413 	struct ath12k *ar;
5414 
5415 	reg_info = kzalloc(sizeof(*reg_info), GFP_ATOMIC);
5416 	if (!reg_info) {
5417 		ret = -ENOMEM;
5418 		goto fallback;
5419 	}
5420 
5421 	ret = ath12k_pull_reg_chan_list_ext_update_ev(ab, skb, reg_info);
5422 
5423 	if (ret) {
5424 		ath12k_warn(ab, "failed to extract regulatory info from received event\n");
5425 		goto fallback;
5426 	}
5427 
5428 	if (reg_info->status_code != REG_SET_CC_STATUS_PASS) {
5429 		/* In case of failure to set the requested ctry,
5430 		 * fw retains the current regd. We print a failure info
5431 		 * and return from here.
5432 		 */
5433 		ath12k_warn(ab, "Failed to set the requested Country regulatory setting\n");
5434 		goto mem_free;
5435 	}
5436 
5437 	pdev_idx = reg_info->phy_id;
5438 
5439 	if (pdev_idx >= ab->num_radios) {
5440 		/* Process the event for phy0 only if single_pdev_only
5441 		 * is true. If pdev_idx is valid but not 0, discard the
5442 		 * event. Otherwise, it goes to fallback.
5443 		 */
5444 		if (ab->hw_params->single_pdev_only &&
5445 		    pdev_idx < ab->hw_params->num_rxmda_per_pdev)
5446 			goto mem_free;
5447 		else
5448 			goto fallback;
5449 	}
5450 
5451 	/* Avoid multiple overwrites to default regd, during core
5452 	 * stop-start after mac registration.
5453 	 */
5454 	if (ab->default_regd[pdev_idx] && !ab->new_regd[pdev_idx] &&
5455 	    !memcmp(ab->default_regd[pdev_idx]->alpha2,
5456 		    reg_info->alpha2, 2))
5457 		goto mem_free;
5458 
5459 	/* Intersect new rules with default regd if a new country setting was
5460 	 * requested, i.e a default regd was already set during initialization
5461 	 * and the regd coming from this event has a valid country info.
5462 	 */
5463 	if (ab->default_regd[pdev_idx] &&
5464 	    !ath12k_reg_is_world_alpha((char *)
5465 		ab->default_regd[pdev_idx]->alpha2) &&
5466 	    !ath12k_reg_is_world_alpha((char *)reg_info->alpha2))
5467 		intersect = true;
5468 
5469 	regd = ath12k_reg_build_regd(ab, reg_info, intersect);
5470 	if (!regd) {
5471 		ath12k_warn(ab, "failed to build regd from reg_info\n");
5472 		goto fallback;
5473 	}
5474 
5475 	spin_lock(&ab->base_lock);
5476 	if (test_bit(ATH12K_FLAG_REGISTERED, &ab->dev_flags)) {
5477 		/* Once mac is registered, ar is valid and all CC events from
5478 		 * fw is considered to be received due to user requests
5479 		 * currently.
5480 		 * Free previously built regd before assigning the newly
5481 		 * generated regd to ar. NULL pointer handling will be
5482 		 * taken care by kfree itself.
5483 		 */
5484 		ar = ab->pdevs[pdev_idx].ar;
5485 		kfree(ab->new_regd[pdev_idx]);
5486 		ab->new_regd[pdev_idx] = regd;
5487 		queue_work(ab->workqueue, &ar->regd_update_work);
5488 	} else {
5489 		/* Multiple events for the same *ar is not expected. But we
5490 		 * can still clear any previously stored default_regd if we
5491 		 * are receiving this event for the same radio by mistake.
5492 		 * NULL pointer handling will be taken care by kfree itself.
5493 		 */
5494 		kfree(ab->default_regd[pdev_idx]);
5495 		/* This regd would be applied during mac registration */
5496 		ab->default_regd[pdev_idx] = regd;
5497 	}
5498 	ab->dfs_region = reg_info->dfs_region;
5499 	spin_unlock(&ab->base_lock);
5500 
5501 	goto mem_free;
5502 
5503 fallback:
5504 	/* Fallback to older reg (by sending previous country setting
5505 	 * again if fw has succeeded and we failed to process here.
5506 	 * The Regdomain should be uniform across driver and fw. Since the
5507 	 * FW has processed the command and sent a success status, we expect
5508 	 * this function to succeed as well. If it doesn't, CTRY needs to be
5509 	 * reverted at the fw and the old SCAN_CHAN_LIST cmd needs to be sent.
5510 	 */
5511 	/* TODO: This is rare, but still should also be handled */
5512 	WARN_ON(1);
5513 mem_free:
5514 	if (reg_info) {
5515 		kfree(reg_info->reg_rules_2g_ptr);
5516 		kfree(reg_info->reg_rules_5g_ptr);
5517 		if (reg_info->is_ext_reg_event) {
5518 			for (i = 0; i < WMI_REG_CURRENT_MAX_AP_TYPE; i++)
5519 				kfree(reg_info->reg_rules_6g_ap_ptr[i]);
5520 
5521 			for (j = 0; j < WMI_REG_CURRENT_MAX_AP_TYPE; j++)
5522 				for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++)
5523 					kfree(reg_info->reg_rules_6g_client_ptr[j][i]);
5524 		}
5525 		kfree(reg_info);
5526 	}
5527 	return ret;
5528 }
5529 
5530 static int ath12k_wmi_rdy_parse(struct ath12k_base *ab, u16 tag, u16 len,
5531 				const void *ptr, void *data)
5532 {
5533 	struct ath12k_wmi_rdy_parse *rdy_parse = data;
5534 	struct wmi_ready_event fixed_param;
5535 	struct ath12k_wmi_mac_addr_params *addr_list;
5536 	struct ath12k_pdev *pdev;
5537 	u32 num_mac_addr;
5538 	int i;
5539 
5540 	switch (tag) {
5541 	case WMI_TAG_READY_EVENT:
5542 		memset(&fixed_param, 0, sizeof(fixed_param));
5543 		memcpy(&fixed_param, (struct wmi_ready_event *)ptr,
5544 		       min_t(u16, sizeof(fixed_param), len));
5545 		ab->wlan_init_status = le32_to_cpu(fixed_param.ready_event_min.status);
5546 		rdy_parse->num_extra_mac_addr =
5547 			le32_to_cpu(fixed_param.ready_event_min.num_extra_mac_addr);
5548 
5549 		ether_addr_copy(ab->mac_addr,
5550 				fixed_param.ready_event_min.mac_addr.addr);
5551 		ab->pktlog_defs_checksum = le32_to_cpu(fixed_param.pktlog_defs_checksum);
5552 		ab->wmi_ready = true;
5553 		break;
5554 	case WMI_TAG_ARRAY_FIXED_STRUCT:
5555 		addr_list = (struct ath12k_wmi_mac_addr_params *)ptr;
5556 		num_mac_addr = rdy_parse->num_extra_mac_addr;
5557 
5558 		if (!(ab->num_radios > 1 && num_mac_addr >= ab->num_radios))
5559 			break;
5560 
5561 		for (i = 0; i < ab->num_radios; i++) {
5562 			pdev = &ab->pdevs[i];
5563 			ether_addr_copy(pdev->mac_addr, addr_list[i].addr);
5564 		}
5565 		ab->pdevs_macaddr_valid = true;
5566 		break;
5567 	default:
5568 		break;
5569 	}
5570 
5571 	return 0;
5572 }
5573 
5574 static int ath12k_ready_event(struct ath12k_base *ab, struct sk_buff *skb)
5575 {
5576 	struct ath12k_wmi_rdy_parse rdy_parse = { };
5577 	int ret;
5578 
5579 	ret = ath12k_wmi_tlv_iter(ab, skb->data, skb->len,
5580 				  ath12k_wmi_rdy_parse, &rdy_parse);
5581 	if (ret) {
5582 		ath12k_warn(ab, "failed to parse tlv %d\n", ret);
5583 		return ret;
5584 	}
5585 
5586 	complete(&ab->wmi_ab.unified_ready);
5587 	return 0;
5588 }
5589 
5590 static void ath12k_peer_delete_resp_event(struct ath12k_base *ab, struct sk_buff *skb)
5591 {
5592 	struct wmi_peer_delete_resp_event peer_del_resp;
5593 	struct ath12k *ar;
5594 
5595 	if (ath12k_pull_peer_del_resp_ev(ab, skb, &peer_del_resp) != 0) {
5596 		ath12k_warn(ab, "failed to extract peer delete resp");
5597 		return;
5598 	}
5599 
5600 	rcu_read_lock();
5601 	ar = ath12k_mac_get_ar_by_vdev_id(ab, le32_to_cpu(peer_del_resp.vdev_id));
5602 	if (!ar) {
5603 		ath12k_warn(ab, "invalid vdev id in peer delete resp ev %d",
5604 			    peer_del_resp.vdev_id);
5605 		rcu_read_unlock();
5606 		return;
5607 	}
5608 
5609 	complete(&ar->peer_delete_done);
5610 	rcu_read_unlock();
5611 	ath12k_dbg(ab, ATH12K_DBG_WMI, "peer delete resp for vdev id %d addr %pM\n",
5612 		   peer_del_resp.vdev_id, peer_del_resp.peer_macaddr.addr);
5613 }
5614 
5615 static void ath12k_vdev_delete_resp_event(struct ath12k_base *ab,
5616 					  struct sk_buff *skb)
5617 {
5618 	struct ath12k *ar;
5619 	u32 vdev_id = 0;
5620 
5621 	if (ath12k_pull_vdev_del_resp_ev(ab, skb, &vdev_id) != 0) {
5622 		ath12k_warn(ab, "failed to extract vdev delete resp");
5623 		return;
5624 	}
5625 
5626 	rcu_read_lock();
5627 	ar = ath12k_mac_get_ar_by_vdev_id(ab, vdev_id);
5628 	if (!ar) {
5629 		ath12k_warn(ab, "invalid vdev id in vdev delete resp ev %d",
5630 			    vdev_id);
5631 		rcu_read_unlock();
5632 		return;
5633 	}
5634 
5635 	complete(&ar->vdev_delete_done);
5636 
5637 	rcu_read_unlock();
5638 
5639 	ath12k_dbg(ab, ATH12K_DBG_WMI, "vdev delete resp for vdev id %d\n",
5640 		   vdev_id);
5641 }
5642 
5643 static const char *ath12k_wmi_vdev_resp_print(u32 vdev_resp_status)
5644 {
5645 	switch (vdev_resp_status) {
5646 	case WMI_VDEV_START_RESPONSE_INVALID_VDEVID:
5647 		return "invalid vdev id";
5648 	case WMI_VDEV_START_RESPONSE_NOT_SUPPORTED:
5649 		return "not supported";
5650 	case WMI_VDEV_START_RESPONSE_DFS_VIOLATION:
5651 		return "dfs violation";
5652 	case WMI_VDEV_START_RESPONSE_INVALID_REGDOMAIN:
5653 		return "invalid regdomain";
5654 	default:
5655 		return "unknown";
5656 	}
5657 }
5658 
5659 static void ath12k_vdev_start_resp_event(struct ath12k_base *ab, struct sk_buff *skb)
5660 {
5661 	struct wmi_vdev_start_resp_event vdev_start_resp;
5662 	struct ath12k *ar;
5663 	u32 status;
5664 
5665 	if (ath12k_pull_vdev_start_resp_tlv(ab, skb, &vdev_start_resp) != 0) {
5666 		ath12k_warn(ab, "failed to extract vdev start resp");
5667 		return;
5668 	}
5669 
5670 	rcu_read_lock();
5671 	ar = ath12k_mac_get_ar_by_vdev_id(ab, le32_to_cpu(vdev_start_resp.vdev_id));
5672 	if (!ar) {
5673 		ath12k_warn(ab, "invalid vdev id in vdev start resp ev %d",
5674 			    vdev_start_resp.vdev_id);
5675 		rcu_read_unlock();
5676 		return;
5677 	}
5678 
5679 	ar->last_wmi_vdev_start_status = 0;
5680 
5681 	status = le32_to_cpu(vdev_start_resp.status);
5682 
5683 	if (WARN_ON_ONCE(status)) {
5684 		ath12k_warn(ab, "vdev start resp error status %d (%s)\n",
5685 			    status, ath12k_wmi_vdev_resp_print(status));
5686 		ar->last_wmi_vdev_start_status = status;
5687 	}
5688 
5689 	complete(&ar->vdev_setup_done);
5690 
5691 	rcu_read_unlock();
5692 
5693 	ath12k_dbg(ab, ATH12K_DBG_WMI, "vdev start resp for vdev id %d",
5694 		   vdev_start_resp.vdev_id);
5695 }
5696 
5697 static void ath12k_bcn_tx_status_event(struct ath12k_base *ab, struct sk_buff *skb)
5698 {
5699 	u32 vdev_id, tx_status;
5700 
5701 	if (ath12k_pull_bcn_tx_status_ev(ab, skb->data, skb->len,
5702 					 &vdev_id, &tx_status) != 0) {
5703 		ath12k_warn(ab, "failed to extract bcn tx status");
5704 		return;
5705 	}
5706 }
5707 
5708 static void ath12k_vdev_stopped_event(struct ath12k_base *ab, struct sk_buff *skb)
5709 {
5710 	struct ath12k *ar;
5711 	u32 vdev_id = 0;
5712 
5713 	if (ath12k_pull_vdev_stopped_param_tlv(ab, skb, &vdev_id) != 0) {
5714 		ath12k_warn(ab, "failed to extract vdev stopped event");
5715 		return;
5716 	}
5717 
5718 	rcu_read_lock();
5719 	ar = ath12k_mac_get_ar_by_vdev_id(ab, vdev_id);
5720 	if (!ar) {
5721 		ath12k_warn(ab, "invalid vdev id in vdev stopped ev %d",
5722 			    vdev_id);
5723 		rcu_read_unlock();
5724 		return;
5725 	}
5726 
5727 	complete(&ar->vdev_setup_done);
5728 
5729 	rcu_read_unlock();
5730 
5731 	ath12k_dbg(ab, ATH12K_DBG_WMI, "vdev stopped for vdev id %d", vdev_id);
5732 }
5733 
5734 static void ath12k_mgmt_rx_event(struct ath12k_base *ab, struct sk_buff *skb)
5735 {
5736 	struct ath12k_wmi_mgmt_rx_arg rx_ev = {0};
5737 	struct ath12k *ar;
5738 	struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
5739 	struct ieee80211_hdr *hdr;
5740 	u16 fc;
5741 	struct ieee80211_supported_band *sband;
5742 
5743 	if (ath12k_pull_mgmt_rx_params_tlv(ab, skb, &rx_ev) != 0) {
5744 		ath12k_warn(ab, "failed to extract mgmt rx event");
5745 		dev_kfree_skb(skb);
5746 		return;
5747 	}
5748 
5749 	memset(status, 0, sizeof(*status));
5750 
5751 	ath12k_dbg(ab, ATH12K_DBG_MGMT, "mgmt rx event status %08x\n",
5752 		   rx_ev.status);
5753 
5754 	rcu_read_lock();
5755 	ar = ath12k_mac_get_ar_by_pdev_id(ab, rx_ev.pdev_id);
5756 
5757 	if (!ar) {
5758 		ath12k_warn(ab, "invalid pdev_id %d in mgmt_rx_event\n",
5759 			    rx_ev.pdev_id);
5760 		dev_kfree_skb(skb);
5761 		goto exit;
5762 	}
5763 
5764 	if ((test_bit(ATH12K_CAC_RUNNING, &ar->dev_flags)) ||
5765 	    (rx_ev.status & (WMI_RX_STATUS_ERR_DECRYPT |
5766 			     WMI_RX_STATUS_ERR_KEY_CACHE_MISS |
5767 			     WMI_RX_STATUS_ERR_CRC))) {
5768 		dev_kfree_skb(skb);
5769 		goto exit;
5770 	}
5771 
5772 	if (rx_ev.status & WMI_RX_STATUS_ERR_MIC)
5773 		status->flag |= RX_FLAG_MMIC_ERROR;
5774 
5775 	if (rx_ev.chan_freq >= ATH12K_MIN_6G_FREQ) {
5776 		status->band = NL80211_BAND_6GHZ;
5777 	} else if (rx_ev.channel >= 1 && rx_ev.channel <= 14) {
5778 		status->band = NL80211_BAND_2GHZ;
5779 	} else if (rx_ev.channel >= 36 && rx_ev.channel <= ATH12K_MAX_5G_CHAN) {
5780 		status->band = NL80211_BAND_5GHZ;
5781 	} else {
5782 		/* Shouldn't happen unless list of advertised channels to
5783 		 * mac80211 has been changed.
5784 		 */
5785 		WARN_ON_ONCE(1);
5786 		dev_kfree_skb(skb);
5787 		goto exit;
5788 	}
5789 
5790 	if (rx_ev.phy_mode == MODE_11B &&
5791 	    (status->band == NL80211_BAND_5GHZ || status->band == NL80211_BAND_6GHZ))
5792 		ath12k_dbg(ab, ATH12K_DBG_WMI,
5793 			   "wmi mgmt rx 11b (CCK) on 5/6GHz, band = %d\n", status->band);
5794 
5795 	sband = &ar->mac.sbands[status->band];
5796 
5797 	status->freq = ieee80211_channel_to_frequency(rx_ev.channel,
5798 						      status->band);
5799 	status->signal = rx_ev.snr + ATH12K_DEFAULT_NOISE_FLOOR;
5800 	status->rate_idx = ath12k_mac_bitrate_to_idx(sband, rx_ev.rate / 100);
5801 
5802 	hdr = (struct ieee80211_hdr *)skb->data;
5803 	fc = le16_to_cpu(hdr->frame_control);
5804 
5805 	/* Firmware is guaranteed to report all essential management frames via
5806 	 * WMI while it can deliver some extra via HTT. Since there can be
5807 	 * duplicates split the reporting wrt monitor/sniffing.
5808 	 */
5809 	status->flag |= RX_FLAG_SKIP_MONITOR;
5810 
5811 	/* In case of PMF, FW delivers decrypted frames with Protected Bit set
5812 	 * including group privacy action frames.
5813 	 */
5814 	if (ieee80211_has_protected(hdr->frame_control)) {
5815 		status->flag |= RX_FLAG_DECRYPTED;
5816 
5817 		if (!ieee80211_is_robust_mgmt_frame(skb)) {
5818 			status->flag |= RX_FLAG_IV_STRIPPED |
5819 					RX_FLAG_MMIC_STRIPPED;
5820 			hdr->frame_control = __cpu_to_le16(fc &
5821 					     ~IEEE80211_FCTL_PROTECTED);
5822 		}
5823 	}
5824 
5825 	/* TODO: Pending handle beacon implementation
5826 	 *if (ieee80211_is_beacon(hdr->frame_control))
5827 	 *	ath12k_mac_handle_beacon(ar, skb);
5828 	 */
5829 
5830 	ath12k_dbg(ab, ATH12K_DBG_MGMT,
5831 		   "event mgmt rx skb %pK len %d ftype %02x stype %02x\n",
5832 		   skb, skb->len,
5833 		   fc & IEEE80211_FCTL_FTYPE, fc & IEEE80211_FCTL_STYPE);
5834 
5835 	ath12k_dbg(ab, ATH12K_DBG_MGMT,
5836 		   "event mgmt rx freq %d band %d snr %d, rate_idx %d\n",
5837 		   status->freq, status->band, status->signal,
5838 		   status->rate_idx);
5839 
5840 	ieee80211_rx_ni(ar->hw, skb);
5841 
5842 exit:
5843 	rcu_read_unlock();
5844 }
5845 
5846 static void ath12k_mgmt_tx_compl_event(struct ath12k_base *ab, struct sk_buff *skb)
5847 {
5848 	struct wmi_mgmt_tx_compl_event tx_compl_param = {0};
5849 	struct ath12k *ar;
5850 
5851 	if (ath12k_pull_mgmt_tx_compl_param_tlv(ab, skb, &tx_compl_param) != 0) {
5852 		ath12k_warn(ab, "failed to extract mgmt tx compl event");
5853 		return;
5854 	}
5855 
5856 	rcu_read_lock();
5857 	ar = ath12k_mac_get_ar_by_pdev_id(ab, le32_to_cpu(tx_compl_param.pdev_id));
5858 	if (!ar) {
5859 		ath12k_warn(ab, "invalid pdev id %d in mgmt_tx_compl_event\n",
5860 			    tx_compl_param.pdev_id);
5861 		goto exit;
5862 	}
5863 
5864 	wmi_process_mgmt_tx_comp(ar, le32_to_cpu(tx_compl_param.desc_id),
5865 				 le32_to_cpu(tx_compl_param.status));
5866 
5867 	ath12k_dbg(ab, ATH12K_DBG_MGMT,
5868 		   "mgmt tx compl ev pdev_id %d, desc_id %d, status %d",
5869 		   tx_compl_param.pdev_id, tx_compl_param.desc_id,
5870 		   tx_compl_param.status);
5871 
5872 exit:
5873 	rcu_read_unlock();
5874 }
5875 
5876 static struct ath12k *ath12k_get_ar_on_scan_abort(struct ath12k_base *ab,
5877 						  u32 vdev_id)
5878 {
5879 	int i;
5880 	struct ath12k_pdev *pdev;
5881 	struct ath12k *ar;
5882 
5883 	for (i = 0; i < ab->num_radios; i++) {
5884 		pdev = rcu_dereference(ab->pdevs_active[i]);
5885 		if (pdev && pdev->ar) {
5886 			ar = pdev->ar;
5887 
5888 			spin_lock_bh(&ar->data_lock);
5889 			if (ar->scan.state == ATH12K_SCAN_ABORTING &&
5890 			    ar->scan.vdev_id == vdev_id) {
5891 				spin_unlock_bh(&ar->data_lock);
5892 				return ar;
5893 			}
5894 			spin_unlock_bh(&ar->data_lock);
5895 		}
5896 	}
5897 	return NULL;
5898 }
5899 
5900 static void ath12k_scan_event(struct ath12k_base *ab, struct sk_buff *skb)
5901 {
5902 	struct ath12k *ar;
5903 	struct wmi_scan_event scan_ev = {0};
5904 
5905 	if (ath12k_pull_scan_ev(ab, skb, &scan_ev) != 0) {
5906 		ath12k_warn(ab, "failed to extract scan event");
5907 		return;
5908 	}
5909 
5910 	rcu_read_lock();
5911 
5912 	/* In case the scan was cancelled, ex. during interface teardown,
5913 	 * the interface will not be found in active interfaces.
5914 	 * Rather, in such scenarios, iterate over the active pdev's to
5915 	 * search 'ar' if the corresponding 'ar' scan is ABORTING and the
5916 	 * aborting scan's vdev id matches this event info.
5917 	 */
5918 	if (le32_to_cpu(scan_ev.event_type) == WMI_SCAN_EVENT_COMPLETED &&
5919 	    le32_to_cpu(scan_ev.reason) == WMI_SCAN_REASON_CANCELLED)
5920 		ar = ath12k_get_ar_on_scan_abort(ab, le32_to_cpu(scan_ev.vdev_id));
5921 	else
5922 		ar = ath12k_mac_get_ar_by_vdev_id(ab, le32_to_cpu(scan_ev.vdev_id));
5923 
5924 	if (!ar) {
5925 		ath12k_warn(ab, "Received scan event for unknown vdev");
5926 		rcu_read_unlock();
5927 		return;
5928 	}
5929 
5930 	spin_lock_bh(&ar->data_lock);
5931 
5932 	ath12k_dbg(ab, ATH12K_DBG_WMI,
5933 		   "scan event %s type %d reason %d freq %d req_id %d scan_id %d vdev_id %d state %s (%d)\n",
5934 		   ath12k_wmi_event_scan_type_str(le32_to_cpu(scan_ev.event_type),
5935 						  le32_to_cpu(scan_ev.reason)),
5936 		   le32_to_cpu(scan_ev.event_type),
5937 		   le32_to_cpu(scan_ev.reason),
5938 		   le32_to_cpu(scan_ev.channel_freq),
5939 		   le32_to_cpu(scan_ev.scan_req_id),
5940 		   le32_to_cpu(scan_ev.scan_id),
5941 		   le32_to_cpu(scan_ev.vdev_id),
5942 		   ath12k_scan_state_str(ar->scan.state), ar->scan.state);
5943 
5944 	switch (le32_to_cpu(scan_ev.event_type)) {
5945 	case WMI_SCAN_EVENT_STARTED:
5946 		ath12k_wmi_event_scan_started(ar);
5947 		break;
5948 	case WMI_SCAN_EVENT_COMPLETED:
5949 		ath12k_wmi_event_scan_completed(ar);
5950 		break;
5951 	case WMI_SCAN_EVENT_BSS_CHANNEL:
5952 		ath12k_wmi_event_scan_bss_chan(ar);
5953 		break;
5954 	case WMI_SCAN_EVENT_FOREIGN_CHAN:
5955 		ath12k_wmi_event_scan_foreign_chan(ar, le32_to_cpu(scan_ev.channel_freq));
5956 		break;
5957 	case WMI_SCAN_EVENT_START_FAILED:
5958 		ath12k_warn(ab, "received scan start failure event\n");
5959 		ath12k_wmi_event_scan_start_failed(ar);
5960 		break;
5961 	case WMI_SCAN_EVENT_DEQUEUED:
5962 		__ath12k_mac_scan_finish(ar);
5963 		break;
5964 	case WMI_SCAN_EVENT_PREEMPTED:
5965 	case WMI_SCAN_EVENT_RESTARTED:
5966 	case WMI_SCAN_EVENT_FOREIGN_CHAN_EXIT:
5967 	default:
5968 		break;
5969 	}
5970 
5971 	spin_unlock_bh(&ar->data_lock);
5972 
5973 	rcu_read_unlock();
5974 }
5975 
5976 static void ath12k_peer_sta_kickout_event(struct ath12k_base *ab, struct sk_buff *skb)
5977 {
5978 	struct wmi_peer_sta_kickout_arg arg = {};
5979 	struct ieee80211_sta *sta;
5980 	struct ath12k_peer *peer;
5981 	struct ath12k *ar;
5982 
5983 	if (ath12k_pull_peer_sta_kickout_ev(ab, skb, &arg) != 0) {
5984 		ath12k_warn(ab, "failed to extract peer sta kickout event");
5985 		return;
5986 	}
5987 
5988 	rcu_read_lock();
5989 
5990 	spin_lock_bh(&ab->base_lock);
5991 
5992 	peer = ath12k_peer_find_by_addr(ab, arg.mac_addr);
5993 
5994 	if (!peer) {
5995 		ath12k_warn(ab, "peer not found %pM\n",
5996 			    arg.mac_addr);
5997 		goto exit;
5998 	}
5999 
6000 	ar = ath12k_mac_get_ar_by_vdev_id(ab, peer->vdev_id);
6001 	if (!ar) {
6002 		ath12k_warn(ab, "invalid vdev id in peer sta kickout ev %d",
6003 			    peer->vdev_id);
6004 		goto exit;
6005 	}
6006 
6007 	sta = ieee80211_find_sta_by_ifaddr(ar->hw,
6008 					   arg.mac_addr, NULL);
6009 	if (!sta) {
6010 		ath12k_warn(ab, "Spurious quick kickout for STA %pM\n",
6011 			    arg.mac_addr);
6012 		goto exit;
6013 	}
6014 
6015 	ath12k_dbg(ab, ATH12K_DBG_WMI, "peer sta kickout event %pM",
6016 		   arg.mac_addr);
6017 
6018 	ieee80211_report_low_ack(sta, 10);
6019 
6020 exit:
6021 	spin_unlock_bh(&ab->base_lock);
6022 	rcu_read_unlock();
6023 }
6024 
6025 static void ath12k_roam_event(struct ath12k_base *ab, struct sk_buff *skb)
6026 {
6027 	struct wmi_roam_event roam_ev = {};
6028 	struct ath12k *ar;
6029 
6030 	if (ath12k_pull_roam_ev(ab, skb, &roam_ev) != 0) {
6031 		ath12k_warn(ab, "failed to extract roam event");
6032 		return;
6033 	}
6034 
6035 	ath12k_dbg(ab, ATH12K_DBG_WMI,
6036 		   "wmi roam event vdev %u reason 0x%08x rssi %d\n",
6037 		   roam_ev.vdev_id, roam_ev.reason, roam_ev.rssi);
6038 
6039 	rcu_read_lock();
6040 	ar = ath12k_mac_get_ar_by_vdev_id(ab, le32_to_cpu(roam_ev.vdev_id));
6041 	if (!ar) {
6042 		ath12k_warn(ab, "invalid vdev id in roam ev %d",
6043 			    roam_ev.vdev_id);
6044 		rcu_read_unlock();
6045 		return;
6046 	}
6047 
6048 	if (le32_to_cpu(roam_ev.reason) >= WMI_ROAM_REASON_MAX)
6049 		ath12k_warn(ab, "ignoring unknown roam event reason %d on vdev %i\n",
6050 			    roam_ev.reason, roam_ev.vdev_id);
6051 
6052 	switch (le32_to_cpu(roam_ev.reason)) {
6053 	case WMI_ROAM_REASON_BEACON_MISS:
6054 		/* TODO: Pending beacon miss and connection_loss_work
6055 		 * implementation
6056 		 * ath12k_mac_handle_beacon_miss(ar, vdev_id);
6057 		 */
6058 		break;
6059 	case WMI_ROAM_REASON_BETTER_AP:
6060 	case WMI_ROAM_REASON_LOW_RSSI:
6061 	case WMI_ROAM_REASON_SUITABLE_AP_FOUND:
6062 	case WMI_ROAM_REASON_HO_FAILED:
6063 		ath12k_warn(ab, "ignoring not implemented roam event reason %d on vdev %i\n",
6064 			    roam_ev.reason, roam_ev.vdev_id);
6065 		break;
6066 	}
6067 
6068 	rcu_read_unlock();
6069 }
6070 
6071 static void ath12k_chan_info_event(struct ath12k_base *ab, struct sk_buff *skb)
6072 {
6073 	struct wmi_chan_info_event ch_info_ev = {0};
6074 	struct ath12k *ar;
6075 	struct survey_info *survey;
6076 	int idx;
6077 	/* HW channel counters frequency value in hertz */
6078 	u32 cc_freq_hz = ab->cc_freq_hz;
6079 
6080 	if (ath12k_pull_chan_info_ev(ab, skb->data, skb->len, &ch_info_ev) != 0) {
6081 		ath12k_warn(ab, "failed to extract chan info event");
6082 		return;
6083 	}
6084 
6085 	ath12k_dbg(ab, ATH12K_DBG_WMI,
6086 		   "chan info vdev_id %d err_code %d freq %d cmd_flags %d noise_floor %d rx_clear_count %d cycle_count %d mac_clk_mhz %d\n",
6087 		   ch_info_ev.vdev_id, ch_info_ev.err_code, ch_info_ev.freq,
6088 		   ch_info_ev.cmd_flags, ch_info_ev.noise_floor,
6089 		   ch_info_ev.rx_clear_count, ch_info_ev.cycle_count,
6090 		   ch_info_ev.mac_clk_mhz);
6091 
6092 	if (le32_to_cpu(ch_info_ev.cmd_flags) == WMI_CHAN_INFO_END_RESP) {
6093 		ath12k_dbg(ab, ATH12K_DBG_WMI, "chan info report completed\n");
6094 		return;
6095 	}
6096 
6097 	rcu_read_lock();
6098 	ar = ath12k_mac_get_ar_by_vdev_id(ab, le32_to_cpu(ch_info_ev.vdev_id));
6099 	if (!ar) {
6100 		ath12k_warn(ab, "invalid vdev id in chan info ev %d",
6101 			    ch_info_ev.vdev_id);
6102 		rcu_read_unlock();
6103 		return;
6104 	}
6105 	spin_lock_bh(&ar->data_lock);
6106 
6107 	switch (ar->scan.state) {
6108 	case ATH12K_SCAN_IDLE:
6109 	case ATH12K_SCAN_STARTING:
6110 		ath12k_warn(ab, "received chan info event without a scan request, ignoring\n");
6111 		goto exit;
6112 	case ATH12K_SCAN_RUNNING:
6113 	case ATH12K_SCAN_ABORTING:
6114 		break;
6115 	}
6116 
6117 	idx = freq_to_idx(ar, le32_to_cpu(ch_info_ev.freq));
6118 	if (idx >= ARRAY_SIZE(ar->survey)) {
6119 		ath12k_warn(ab, "chan info: invalid frequency %d (idx %d out of bounds)\n",
6120 			    ch_info_ev.freq, idx);
6121 		goto exit;
6122 	}
6123 
6124 	/* If FW provides MAC clock frequency in Mhz, overriding the initialized
6125 	 * HW channel counters frequency value
6126 	 */
6127 	if (ch_info_ev.mac_clk_mhz)
6128 		cc_freq_hz = (le32_to_cpu(ch_info_ev.mac_clk_mhz) * 1000);
6129 
6130 	if (ch_info_ev.cmd_flags == WMI_CHAN_INFO_START_RESP) {
6131 		survey = &ar->survey[idx];
6132 		memset(survey, 0, sizeof(*survey));
6133 		survey->noise = le32_to_cpu(ch_info_ev.noise_floor);
6134 		survey->filled = SURVEY_INFO_NOISE_DBM | SURVEY_INFO_TIME |
6135 				 SURVEY_INFO_TIME_BUSY;
6136 		survey->time = div_u64(le32_to_cpu(ch_info_ev.cycle_count), cc_freq_hz);
6137 		survey->time_busy = div_u64(le32_to_cpu(ch_info_ev.rx_clear_count),
6138 					    cc_freq_hz);
6139 	}
6140 exit:
6141 	spin_unlock_bh(&ar->data_lock);
6142 	rcu_read_unlock();
6143 }
6144 
6145 static void
6146 ath12k_pdev_bss_chan_info_event(struct ath12k_base *ab, struct sk_buff *skb)
6147 {
6148 	struct wmi_pdev_bss_chan_info_event bss_ch_info_ev = {};
6149 	struct survey_info *survey;
6150 	struct ath12k *ar;
6151 	u32 cc_freq_hz = ab->cc_freq_hz;
6152 	u64 busy, total, tx, rx, rx_bss;
6153 	int idx;
6154 
6155 	if (ath12k_pull_pdev_bss_chan_info_ev(ab, skb, &bss_ch_info_ev) != 0) {
6156 		ath12k_warn(ab, "failed to extract pdev bss chan info event");
6157 		return;
6158 	}
6159 
6160 	busy = (u64)(le32_to_cpu(bss_ch_info_ev.rx_clear_count_high)) << 32 |
6161 		le32_to_cpu(bss_ch_info_ev.rx_clear_count_low);
6162 
6163 	total = (u64)(le32_to_cpu(bss_ch_info_ev.cycle_count_high)) << 32 |
6164 		le32_to_cpu(bss_ch_info_ev.cycle_count_low);
6165 
6166 	tx = (u64)(le32_to_cpu(bss_ch_info_ev.tx_cycle_count_high)) << 32 |
6167 		le32_to_cpu(bss_ch_info_ev.tx_cycle_count_low);
6168 
6169 	rx = (u64)(le32_to_cpu(bss_ch_info_ev.rx_cycle_count_high)) << 32 |
6170 		le32_to_cpu(bss_ch_info_ev.rx_cycle_count_low);
6171 
6172 	rx_bss = (u64)(le32_to_cpu(bss_ch_info_ev.rx_bss_cycle_count_high)) << 32 |
6173 		le32_to_cpu(bss_ch_info_ev.rx_bss_cycle_count_low);
6174 
6175 	ath12k_dbg(ab, ATH12K_DBG_WMI,
6176 		   "pdev bss chan info:\n pdev_id: %d freq: %d noise: %d cycle: busy %llu total %llu tx %llu rx %llu rx_bss %llu\n",
6177 		   bss_ch_info_ev.pdev_id, bss_ch_info_ev.freq,
6178 		   bss_ch_info_ev.noise_floor, busy, total,
6179 		   tx, rx, rx_bss);
6180 
6181 	rcu_read_lock();
6182 	ar = ath12k_mac_get_ar_by_pdev_id(ab, le32_to_cpu(bss_ch_info_ev.pdev_id));
6183 
6184 	if (!ar) {
6185 		ath12k_warn(ab, "invalid pdev id %d in bss_chan_info event\n",
6186 			    bss_ch_info_ev.pdev_id);
6187 		rcu_read_unlock();
6188 		return;
6189 	}
6190 
6191 	spin_lock_bh(&ar->data_lock);
6192 	idx = freq_to_idx(ar, le32_to_cpu(bss_ch_info_ev.freq));
6193 	if (idx >= ARRAY_SIZE(ar->survey)) {
6194 		ath12k_warn(ab, "bss chan info: invalid frequency %d (idx %d out of bounds)\n",
6195 			    bss_ch_info_ev.freq, idx);
6196 		goto exit;
6197 	}
6198 
6199 	survey = &ar->survey[idx];
6200 
6201 	survey->noise     = le32_to_cpu(bss_ch_info_ev.noise_floor);
6202 	survey->time      = div_u64(total, cc_freq_hz);
6203 	survey->time_busy = div_u64(busy, cc_freq_hz);
6204 	survey->time_rx   = div_u64(rx_bss, cc_freq_hz);
6205 	survey->time_tx   = div_u64(tx, cc_freq_hz);
6206 	survey->filled   |= (SURVEY_INFO_NOISE_DBM |
6207 			     SURVEY_INFO_TIME |
6208 			     SURVEY_INFO_TIME_BUSY |
6209 			     SURVEY_INFO_TIME_RX |
6210 			     SURVEY_INFO_TIME_TX);
6211 exit:
6212 	spin_unlock_bh(&ar->data_lock);
6213 	complete(&ar->bss_survey_done);
6214 
6215 	rcu_read_unlock();
6216 }
6217 
6218 static void ath12k_vdev_install_key_compl_event(struct ath12k_base *ab,
6219 						struct sk_buff *skb)
6220 {
6221 	struct wmi_vdev_install_key_complete_arg install_key_compl = {0};
6222 	struct ath12k *ar;
6223 
6224 	if (ath12k_pull_vdev_install_key_compl_ev(ab, skb, &install_key_compl) != 0) {
6225 		ath12k_warn(ab, "failed to extract install key compl event");
6226 		return;
6227 	}
6228 
6229 	ath12k_dbg(ab, ATH12K_DBG_WMI,
6230 		   "vdev install key ev idx %d flags %08x macaddr %pM status %d\n",
6231 		   install_key_compl.key_idx, install_key_compl.key_flags,
6232 		   install_key_compl.macaddr, install_key_compl.status);
6233 
6234 	rcu_read_lock();
6235 	ar = ath12k_mac_get_ar_by_vdev_id(ab, install_key_compl.vdev_id);
6236 	if (!ar) {
6237 		ath12k_warn(ab, "invalid vdev id in install key compl ev %d",
6238 			    install_key_compl.vdev_id);
6239 		rcu_read_unlock();
6240 		return;
6241 	}
6242 
6243 	ar->install_key_status = 0;
6244 
6245 	if (install_key_compl.status != WMI_VDEV_INSTALL_KEY_COMPL_STATUS_SUCCESS) {
6246 		ath12k_warn(ab, "install key failed for %pM status %d\n",
6247 			    install_key_compl.macaddr, install_key_compl.status);
6248 		ar->install_key_status = install_key_compl.status;
6249 	}
6250 
6251 	complete(&ar->install_key_done);
6252 	rcu_read_unlock();
6253 }
6254 
6255 static int ath12k_wmi_tlv_services_parser(struct ath12k_base *ab,
6256 					  u16 tag, u16 len,
6257 					  const void *ptr,
6258 					  void *data)
6259 {
6260 	const struct wmi_service_available_event *ev;
6261 	u32 *wmi_ext2_service_bitmap;
6262 	int i, j;
6263 	u16 expected_len;
6264 
6265 	expected_len = WMI_SERVICE_SEGMENT_BM_SIZE32 * sizeof(u32);
6266 	if (len < expected_len) {
6267 		ath12k_warn(ab, "invalid length %d for the WMI services available tag 0x%x\n",
6268 			    len, tag);
6269 		return -EINVAL;
6270 	}
6271 
6272 	switch (tag) {
6273 	case WMI_TAG_SERVICE_AVAILABLE_EVENT:
6274 		ev = (struct wmi_service_available_event *)ptr;
6275 		for (i = 0, j = WMI_MAX_SERVICE;
6276 		     i < WMI_SERVICE_SEGMENT_BM_SIZE32 && j < WMI_MAX_EXT_SERVICE;
6277 		     i++) {
6278 			do {
6279 				if (le32_to_cpu(ev->wmi_service_segment_bitmap[i]) &
6280 				    BIT(j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32))
6281 					set_bit(j, ab->wmi_ab.svc_map);
6282 			} while (++j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32);
6283 		}
6284 
6285 		ath12k_dbg(ab, ATH12K_DBG_WMI,
6286 			   "wmi_ext_service_bitmap 0x%x 0x%x 0x%x 0x%x",
6287 			   ev->wmi_service_segment_bitmap[0],
6288 			   ev->wmi_service_segment_bitmap[1],
6289 			   ev->wmi_service_segment_bitmap[2],
6290 			   ev->wmi_service_segment_bitmap[3]);
6291 		break;
6292 	case WMI_TAG_ARRAY_UINT32:
6293 		wmi_ext2_service_bitmap = (u32 *)ptr;
6294 		for (i = 0, j = WMI_MAX_EXT_SERVICE;
6295 		     i < WMI_SERVICE_SEGMENT_BM_SIZE32 && j < WMI_MAX_EXT2_SERVICE;
6296 		     i++) {
6297 			do {
6298 				if (wmi_ext2_service_bitmap[i] &
6299 				    BIT(j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32))
6300 					set_bit(j, ab->wmi_ab.svc_map);
6301 			} while (++j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32);
6302 		}
6303 
6304 		ath12k_dbg(ab, ATH12K_DBG_WMI,
6305 			   "wmi_ext2_service_bitmap 0x%04x 0x%04x 0x%04x 0x%04x",
6306 			   wmi_ext2_service_bitmap[0], wmi_ext2_service_bitmap[1],
6307 			   wmi_ext2_service_bitmap[2], wmi_ext2_service_bitmap[3]);
6308 		break;
6309 	}
6310 	return 0;
6311 }
6312 
6313 static int ath12k_service_available_event(struct ath12k_base *ab, struct sk_buff *skb)
6314 {
6315 	int ret;
6316 
6317 	ret = ath12k_wmi_tlv_iter(ab, skb->data, skb->len,
6318 				  ath12k_wmi_tlv_services_parser,
6319 				  NULL);
6320 	return ret;
6321 }
6322 
6323 static void ath12k_peer_assoc_conf_event(struct ath12k_base *ab, struct sk_buff *skb)
6324 {
6325 	struct wmi_peer_assoc_conf_arg peer_assoc_conf = {0};
6326 	struct ath12k *ar;
6327 
6328 	if (ath12k_pull_peer_assoc_conf_ev(ab, skb, &peer_assoc_conf) != 0) {
6329 		ath12k_warn(ab, "failed to extract peer assoc conf event");
6330 		return;
6331 	}
6332 
6333 	ath12k_dbg(ab, ATH12K_DBG_WMI,
6334 		   "peer assoc conf ev vdev id %d macaddr %pM\n",
6335 		   peer_assoc_conf.vdev_id, peer_assoc_conf.macaddr);
6336 
6337 	rcu_read_lock();
6338 	ar = ath12k_mac_get_ar_by_vdev_id(ab, peer_assoc_conf.vdev_id);
6339 
6340 	if (!ar) {
6341 		ath12k_warn(ab, "invalid vdev id in peer assoc conf ev %d",
6342 			    peer_assoc_conf.vdev_id);
6343 		rcu_read_unlock();
6344 		return;
6345 	}
6346 
6347 	complete(&ar->peer_assoc_done);
6348 	rcu_read_unlock();
6349 }
6350 
6351 static void ath12k_update_stats_event(struct ath12k_base *ab, struct sk_buff *skb)
6352 {
6353 }
6354 
6355 /* PDEV_CTL_FAILSAFE_CHECK_EVENT is received from FW when the frequency scanned
6356  * is not part of BDF CTL(Conformance test limits) table entries.
6357  */
6358 static void ath12k_pdev_ctl_failsafe_check_event(struct ath12k_base *ab,
6359 						 struct sk_buff *skb)
6360 {
6361 	const void **tb;
6362 	const struct wmi_pdev_ctl_failsafe_chk_event *ev;
6363 	int ret;
6364 
6365 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6366 	if (IS_ERR(tb)) {
6367 		ret = PTR_ERR(tb);
6368 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
6369 		return;
6370 	}
6371 
6372 	ev = tb[WMI_TAG_PDEV_CTL_FAILSAFE_CHECK_EVENT];
6373 	if (!ev) {
6374 		ath12k_warn(ab, "failed to fetch pdev ctl failsafe check ev");
6375 		kfree(tb);
6376 		return;
6377 	}
6378 
6379 	ath12k_dbg(ab, ATH12K_DBG_WMI,
6380 		   "pdev ctl failsafe check ev status %d\n",
6381 		   ev->ctl_failsafe_status);
6382 
6383 	/* If ctl_failsafe_status is set to 1 FW will max out the Transmit power
6384 	 * to 10 dBm else the CTL power entry in the BDF would be picked up.
6385 	 */
6386 	if (ev->ctl_failsafe_status != 0)
6387 		ath12k_warn(ab, "pdev ctl failsafe failure status %d",
6388 			    ev->ctl_failsafe_status);
6389 
6390 	kfree(tb);
6391 }
6392 
6393 static void
6394 ath12k_wmi_process_csa_switch_count_event(struct ath12k_base *ab,
6395 					  const struct ath12k_wmi_pdev_csa_event *ev,
6396 					  const u32 *vdev_ids)
6397 {
6398 	int i;
6399 	struct ath12k_vif *arvif;
6400 
6401 	/* Finish CSA once the switch count becomes NULL */
6402 	if (ev->current_switch_count)
6403 		return;
6404 
6405 	rcu_read_lock();
6406 	for (i = 0; i < le32_to_cpu(ev->num_vdevs); i++) {
6407 		arvif = ath12k_mac_get_arvif_by_vdev_id(ab, vdev_ids[i]);
6408 
6409 		if (!arvif) {
6410 			ath12k_warn(ab, "Recvd csa status for unknown vdev %d",
6411 				    vdev_ids[i]);
6412 			continue;
6413 		}
6414 
6415 		if (arvif->is_up && arvif->vif->bss_conf.csa_active)
6416 			ieee80211_csa_finish(arvif->vif);
6417 	}
6418 	rcu_read_unlock();
6419 }
6420 
6421 static void
6422 ath12k_wmi_pdev_csa_switch_count_status_event(struct ath12k_base *ab,
6423 					      struct sk_buff *skb)
6424 {
6425 	const void **tb;
6426 	const struct ath12k_wmi_pdev_csa_event *ev;
6427 	const u32 *vdev_ids;
6428 	int ret;
6429 
6430 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6431 	if (IS_ERR(tb)) {
6432 		ret = PTR_ERR(tb);
6433 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
6434 		return;
6435 	}
6436 
6437 	ev = tb[WMI_TAG_PDEV_CSA_SWITCH_COUNT_STATUS_EVENT];
6438 	vdev_ids = tb[WMI_TAG_ARRAY_UINT32];
6439 
6440 	if (!ev || !vdev_ids) {
6441 		ath12k_warn(ab, "failed to fetch pdev csa switch count ev");
6442 		kfree(tb);
6443 		return;
6444 	}
6445 
6446 	ath12k_dbg(ab, ATH12K_DBG_WMI,
6447 		   "pdev csa switch count %d for pdev %d, num_vdevs %d",
6448 		   ev->current_switch_count, ev->pdev_id,
6449 		   ev->num_vdevs);
6450 
6451 	ath12k_wmi_process_csa_switch_count_event(ab, ev, vdev_ids);
6452 
6453 	kfree(tb);
6454 }
6455 
6456 static void
6457 ath12k_wmi_pdev_dfs_radar_detected_event(struct ath12k_base *ab, struct sk_buff *skb)
6458 {
6459 	const void **tb;
6460 	const struct ath12k_wmi_pdev_radar_event *ev;
6461 	struct ath12k *ar;
6462 	int ret;
6463 
6464 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6465 	if (IS_ERR(tb)) {
6466 		ret = PTR_ERR(tb);
6467 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
6468 		return;
6469 	}
6470 
6471 	ev = tb[WMI_TAG_PDEV_DFS_RADAR_DETECTION_EVENT];
6472 
6473 	if (!ev) {
6474 		ath12k_warn(ab, "failed to fetch pdev dfs radar detected ev");
6475 		kfree(tb);
6476 		return;
6477 	}
6478 
6479 	ath12k_dbg(ab, ATH12K_DBG_WMI,
6480 		   "pdev dfs radar detected on pdev %d, detection mode %d, chan freq %d, chan_width %d, detector id %d, seg id %d, timestamp %d, chirp %d, freq offset %d, sidx %d",
6481 		   ev->pdev_id, ev->detection_mode, ev->chan_freq, ev->chan_width,
6482 		   ev->detector_id, ev->segment_id, ev->timestamp, ev->is_chirp,
6483 		   ev->freq_offset, ev->sidx);
6484 
6485 	rcu_read_lock();
6486 
6487 	ar = ath12k_mac_get_ar_by_pdev_id(ab, le32_to_cpu(ev->pdev_id));
6488 
6489 	if (!ar) {
6490 		ath12k_warn(ab, "radar detected in invalid pdev %d\n",
6491 			    ev->pdev_id);
6492 		goto exit;
6493 	}
6494 
6495 	ath12k_dbg(ar->ab, ATH12K_DBG_REG, "DFS Radar Detected in pdev %d\n",
6496 		   ev->pdev_id);
6497 
6498 	if (ar->dfs_block_radar_events)
6499 		ath12k_info(ab, "DFS Radar detected, but ignored as requested\n");
6500 	else
6501 		ieee80211_radar_detected(ar->hw);
6502 
6503 exit:
6504 	rcu_read_unlock();
6505 
6506 	kfree(tb);
6507 }
6508 
6509 static void
6510 ath12k_wmi_pdev_temperature_event(struct ath12k_base *ab,
6511 				  struct sk_buff *skb)
6512 {
6513 	struct ath12k *ar;
6514 	struct wmi_pdev_temperature_event ev = {0};
6515 
6516 	if (ath12k_pull_pdev_temp_ev(ab, skb->data, skb->len, &ev) != 0) {
6517 		ath12k_warn(ab, "failed to extract pdev temperature event");
6518 		return;
6519 	}
6520 
6521 	ath12k_dbg(ab, ATH12K_DBG_WMI,
6522 		   "pdev temperature ev temp %d pdev_id %d\n", ev.temp, ev.pdev_id);
6523 
6524 	rcu_read_lock();
6525 
6526 	ar = ath12k_mac_get_ar_by_pdev_id(ab, le32_to_cpu(ev.pdev_id));
6527 	if (!ar) {
6528 		ath12k_warn(ab, "invalid pdev id in pdev temperature ev %d", ev.pdev_id);
6529 		goto exit;
6530 	}
6531 
6532 exit:
6533 	rcu_read_unlock();
6534 }
6535 
6536 static void ath12k_fils_discovery_event(struct ath12k_base *ab,
6537 					struct sk_buff *skb)
6538 {
6539 	const void **tb;
6540 	const struct wmi_fils_discovery_event *ev;
6541 	int ret;
6542 
6543 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6544 	if (IS_ERR(tb)) {
6545 		ret = PTR_ERR(tb);
6546 		ath12k_warn(ab,
6547 			    "failed to parse FILS discovery event tlv %d\n",
6548 			    ret);
6549 		return;
6550 	}
6551 
6552 	ev = tb[WMI_TAG_HOST_SWFDA_EVENT];
6553 	if (!ev) {
6554 		ath12k_warn(ab, "failed to fetch FILS discovery event\n");
6555 		kfree(tb);
6556 		return;
6557 	}
6558 
6559 	ath12k_warn(ab,
6560 		    "FILS discovery frame expected from host for vdev_id: %u, transmission scheduled at %u, next TBTT: %u\n",
6561 		    ev->vdev_id, ev->fils_tt, ev->tbtt);
6562 
6563 	kfree(tb);
6564 }
6565 
6566 static void ath12k_probe_resp_tx_status_event(struct ath12k_base *ab,
6567 					      struct sk_buff *skb)
6568 {
6569 	const void **tb;
6570 	const struct wmi_probe_resp_tx_status_event *ev;
6571 	int ret;
6572 
6573 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6574 	if (IS_ERR(tb)) {
6575 		ret = PTR_ERR(tb);
6576 		ath12k_warn(ab,
6577 			    "failed to parse probe response transmission status event tlv: %d\n",
6578 			    ret);
6579 		return;
6580 	}
6581 
6582 	ev = tb[WMI_TAG_OFFLOAD_PRB_RSP_TX_STATUS_EVENT];
6583 	if (!ev) {
6584 		ath12k_warn(ab,
6585 			    "failed to fetch probe response transmission status event");
6586 		kfree(tb);
6587 		return;
6588 	}
6589 
6590 	if (ev->tx_status)
6591 		ath12k_warn(ab,
6592 			    "Probe response transmission failed for vdev_id %u, status %u\n",
6593 			    ev->vdev_id, ev->tx_status);
6594 
6595 	kfree(tb);
6596 }
6597 
6598 static void ath12k_wmi_op_rx(struct ath12k_base *ab, struct sk_buff *skb)
6599 {
6600 	struct wmi_cmd_hdr *cmd_hdr;
6601 	enum wmi_tlv_event_id id;
6602 
6603 	cmd_hdr = (struct wmi_cmd_hdr *)skb->data;
6604 	id = le32_get_bits(cmd_hdr->cmd_id, WMI_CMD_HDR_CMD_ID);
6605 
6606 	if (!skb_pull(skb, sizeof(struct wmi_cmd_hdr)))
6607 		goto out;
6608 
6609 	switch (id) {
6610 		/* Process all the WMI events here */
6611 	case WMI_SERVICE_READY_EVENTID:
6612 		ath12k_service_ready_event(ab, skb);
6613 		break;
6614 	case WMI_SERVICE_READY_EXT_EVENTID:
6615 		ath12k_service_ready_ext_event(ab, skb);
6616 		break;
6617 	case WMI_SERVICE_READY_EXT2_EVENTID:
6618 		ath12k_service_ready_ext2_event(ab, skb);
6619 		break;
6620 	case WMI_REG_CHAN_LIST_CC_EXT_EVENTID:
6621 		ath12k_reg_chan_list_event(ab, skb);
6622 		break;
6623 	case WMI_READY_EVENTID:
6624 		ath12k_ready_event(ab, skb);
6625 		break;
6626 	case WMI_PEER_DELETE_RESP_EVENTID:
6627 		ath12k_peer_delete_resp_event(ab, skb);
6628 		break;
6629 	case WMI_VDEV_START_RESP_EVENTID:
6630 		ath12k_vdev_start_resp_event(ab, skb);
6631 		break;
6632 	case WMI_OFFLOAD_BCN_TX_STATUS_EVENTID:
6633 		ath12k_bcn_tx_status_event(ab, skb);
6634 		break;
6635 	case WMI_VDEV_STOPPED_EVENTID:
6636 		ath12k_vdev_stopped_event(ab, skb);
6637 		break;
6638 	case WMI_MGMT_RX_EVENTID:
6639 		ath12k_mgmt_rx_event(ab, skb);
6640 		/* mgmt_rx_event() owns the skb now! */
6641 		return;
6642 	case WMI_MGMT_TX_COMPLETION_EVENTID:
6643 		ath12k_mgmt_tx_compl_event(ab, skb);
6644 		break;
6645 	case WMI_SCAN_EVENTID:
6646 		ath12k_scan_event(ab, skb);
6647 		break;
6648 	case WMI_PEER_STA_KICKOUT_EVENTID:
6649 		ath12k_peer_sta_kickout_event(ab, skb);
6650 		break;
6651 	case WMI_ROAM_EVENTID:
6652 		ath12k_roam_event(ab, skb);
6653 		break;
6654 	case WMI_CHAN_INFO_EVENTID:
6655 		ath12k_chan_info_event(ab, skb);
6656 		break;
6657 	case WMI_PDEV_BSS_CHAN_INFO_EVENTID:
6658 		ath12k_pdev_bss_chan_info_event(ab, skb);
6659 		break;
6660 	case WMI_VDEV_INSTALL_KEY_COMPLETE_EVENTID:
6661 		ath12k_vdev_install_key_compl_event(ab, skb);
6662 		break;
6663 	case WMI_SERVICE_AVAILABLE_EVENTID:
6664 		ath12k_service_available_event(ab, skb);
6665 		break;
6666 	case WMI_PEER_ASSOC_CONF_EVENTID:
6667 		ath12k_peer_assoc_conf_event(ab, skb);
6668 		break;
6669 	case WMI_UPDATE_STATS_EVENTID:
6670 		ath12k_update_stats_event(ab, skb);
6671 		break;
6672 	case WMI_PDEV_CTL_FAILSAFE_CHECK_EVENTID:
6673 		ath12k_pdev_ctl_failsafe_check_event(ab, skb);
6674 		break;
6675 	case WMI_PDEV_CSA_SWITCH_COUNT_STATUS_EVENTID:
6676 		ath12k_wmi_pdev_csa_switch_count_status_event(ab, skb);
6677 		break;
6678 	case WMI_PDEV_TEMPERATURE_EVENTID:
6679 		ath12k_wmi_pdev_temperature_event(ab, skb);
6680 		break;
6681 	case WMI_PDEV_DMA_RING_BUF_RELEASE_EVENTID:
6682 		ath12k_wmi_pdev_dma_ring_buf_release_event(ab, skb);
6683 		break;
6684 	case WMI_HOST_FILS_DISCOVERY_EVENTID:
6685 		ath12k_fils_discovery_event(ab, skb);
6686 		break;
6687 	case WMI_OFFLOAD_PROB_RESP_TX_STATUS_EVENTID:
6688 		ath12k_probe_resp_tx_status_event(ab, skb);
6689 		break;
6690 	/* add Unsupported events here */
6691 	case WMI_TBTTOFFSET_EXT_UPDATE_EVENTID:
6692 	case WMI_PEER_OPER_MODE_CHANGE_EVENTID:
6693 	case WMI_TWT_ENABLE_EVENTID:
6694 	case WMI_TWT_DISABLE_EVENTID:
6695 	case WMI_PDEV_DMA_RING_CFG_RSP_EVENTID:
6696 		ath12k_dbg(ab, ATH12K_DBG_WMI,
6697 			   "ignoring unsupported event 0x%x\n", id);
6698 		break;
6699 	case WMI_PDEV_DFS_RADAR_DETECTION_EVENTID:
6700 		ath12k_wmi_pdev_dfs_radar_detected_event(ab, skb);
6701 		break;
6702 	case WMI_VDEV_DELETE_RESP_EVENTID:
6703 		ath12k_vdev_delete_resp_event(ab, skb);
6704 		break;
6705 	/* TODO: Add remaining events */
6706 	default:
6707 		ath12k_dbg(ab, ATH12K_DBG_WMI, "Unknown eventid: 0x%x\n", id);
6708 		break;
6709 	}
6710 
6711 out:
6712 	dev_kfree_skb(skb);
6713 }
6714 
6715 static int ath12k_connect_pdev_htc_service(struct ath12k_base *ab,
6716 					   u32 pdev_idx)
6717 {
6718 	int status;
6719 	u32 svc_id[] = { ATH12K_HTC_SVC_ID_WMI_CONTROL,
6720 			 ATH12K_HTC_SVC_ID_WMI_CONTROL_MAC1,
6721 			 ATH12K_HTC_SVC_ID_WMI_CONTROL_MAC2 };
6722 	struct ath12k_htc_svc_conn_req conn_req = {};
6723 	struct ath12k_htc_svc_conn_resp conn_resp = {};
6724 
6725 	/* these fields are the same for all service endpoints */
6726 	conn_req.ep_ops.ep_tx_complete = ath12k_wmi_htc_tx_complete;
6727 	conn_req.ep_ops.ep_rx_complete = ath12k_wmi_op_rx;
6728 	conn_req.ep_ops.ep_tx_credits = ath12k_wmi_op_ep_tx_credits;
6729 
6730 	/* connect to control service */
6731 	conn_req.service_id = svc_id[pdev_idx];
6732 
6733 	status = ath12k_htc_connect_service(&ab->htc, &conn_req, &conn_resp);
6734 	if (status) {
6735 		ath12k_warn(ab, "failed to connect to WMI CONTROL service status: %d\n",
6736 			    status);
6737 		return status;
6738 	}
6739 
6740 	ab->wmi_ab.wmi_endpoint_id[pdev_idx] = conn_resp.eid;
6741 	ab->wmi_ab.wmi[pdev_idx].eid = conn_resp.eid;
6742 	ab->wmi_ab.max_msg_len[pdev_idx] = conn_resp.max_msg_len;
6743 
6744 	return 0;
6745 }
6746 
6747 static int
6748 ath12k_wmi_send_unit_test_cmd(struct ath12k *ar,
6749 			      struct wmi_unit_test_cmd ut_cmd,
6750 			      u32 *test_args)
6751 {
6752 	struct ath12k_wmi_pdev *wmi = ar->wmi;
6753 	struct wmi_unit_test_cmd *cmd;
6754 	struct sk_buff *skb;
6755 	struct wmi_tlv *tlv;
6756 	void *ptr;
6757 	u32 *ut_cmd_args;
6758 	int buf_len, arg_len;
6759 	int ret;
6760 	int i;
6761 
6762 	arg_len = sizeof(u32) * le32_to_cpu(ut_cmd.num_args);
6763 	buf_len = sizeof(ut_cmd) + arg_len + TLV_HDR_SIZE;
6764 
6765 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, buf_len);
6766 	if (!skb)
6767 		return -ENOMEM;
6768 
6769 	cmd = (struct wmi_unit_test_cmd *)skb->data;
6770 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_UNIT_TEST_CMD,
6771 						 sizeof(ut_cmd));
6772 
6773 	cmd->vdev_id = ut_cmd.vdev_id;
6774 	cmd->module_id = ut_cmd.module_id;
6775 	cmd->num_args = ut_cmd.num_args;
6776 	cmd->diag_token = ut_cmd.diag_token;
6777 
6778 	ptr = skb->data + sizeof(ut_cmd);
6779 
6780 	tlv = ptr;
6781 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_UINT32, arg_len);
6782 
6783 	ptr += TLV_HDR_SIZE;
6784 
6785 	ut_cmd_args = ptr;
6786 	for (i = 0; i < le32_to_cpu(ut_cmd.num_args); i++)
6787 		ut_cmd_args[i] = test_args[i];
6788 
6789 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
6790 		   "WMI unit test : module %d vdev %d n_args %d token %d\n",
6791 		   cmd->module_id, cmd->vdev_id, cmd->num_args,
6792 		   cmd->diag_token);
6793 
6794 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_UNIT_TEST_CMDID);
6795 
6796 	if (ret) {
6797 		ath12k_warn(ar->ab, "failed to send WMI_UNIT_TEST CMD :%d\n",
6798 			    ret);
6799 		dev_kfree_skb(skb);
6800 	}
6801 
6802 	return ret;
6803 }
6804 
6805 int ath12k_wmi_simulate_radar(struct ath12k *ar)
6806 {
6807 	struct ath12k_vif *arvif;
6808 	u32 dfs_args[DFS_MAX_TEST_ARGS];
6809 	struct wmi_unit_test_cmd wmi_ut;
6810 	bool arvif_found = false;
6811 
6812 	list_for_each_entry(arvif, &ar->arvifs, list) {
6813 		if (arvif->is_started && arvif->vdev_type == WMI_VDEV_TYPE_AP) {
6814 			arvif_found = true;
6815 			break;
6816 		}
6817 	}
6818 
6819 	if (!arvif_found)
6820 		return -EINVAL;
6821 
6822 	dfs_args[DFS_TEST_CMDID] = 0;
6823 	dfs_args[DFS_TEST_PDEV_ID] = ar->pdev->pdev_id;
6824 	/* Currently we could pass segment_id(b0 - b1), chirp(b2)
6825 	 * freq offset (b3 - b10) to unit test. For simulation
6826 	 * purpose this can be set to 0 which is valid.
6827 	 */
6828 	dfs_args[DFS_TEST_RADAR_PARAM] = 0;
6829 
6830 	wmi_ut.vdev_id = cpu_to_le32(arvif->vdev_id);
6831 	wmi_ut.module_id = cpu_to_le32(DFS_UNIT_TEST_MODULE);
6832 	wmi_ut.num_args = cpu_to_le32(DFS_MAX_TEST_ARGS);
6833 	wmi_ut.diag_token = cpu_to_le32(DFS_UNIT_TEST_TOKEN);
6834 
6835 	ath12k_dbg(ar->ab, ATH12K_DBG_REG, "Triggering Radar Simulation\n");
6836 
6837 	return ath12k_wmi_send_unit_test_cmd(ar, wmi_ut, dfs_args);
6838 }
6839 
6840 int ath12k_wmi_connect(struct ath12k_base *ab)
6841 {
6842 	u32 i;
6843 	u8 wmi_ep_count;
6844 
6845 	wmi_ep_count = ab->htc.wmi_ep_count;
6846 	if (wmi_ep_count > ab->hw_params->max_radios)
6847 		return -1;
6848 
6849 	for (i = 0; i < wmi_ep_count; i++)
6850 		ath12k_connect_pdev_htc_service(ab, i);
6851 
6852 	return 0;
6853 }
6854 
6855 static void ath12k_wmi_pdev_detach(struct ath12k_base *ab, u8 pdev_id)
6856 {
6857 	if (WARN_ON(pdev_id >= MAX_RADIOS))
6858 		return;
6859 
6860 	/* TODO: Deinit any pdev specific wmi resource */
6861 }
6862 
6863 int ath12k_wmi_pdev_attach(struct ath12k_base *ab,
6864 			   u8 pdev_id)
6865 {
6866 	struct ath12k_wmi_pdev *wmi_handle;
6867 
6868 	if (pdev_id >= ab->hw_params->max_radios)
6869 		return -EINVAL;
6870 
6871 	wmi_handle = &ab->wmi_ab.wmi[pdev_id];
6872 
6873 	wmi_handle->wmi_ab = &ab->wmi_ab;
6874 
6875 	ab->wmi_ab.ab = ab;
6876 	/* TODO: Init remaining resource specific to pdev */
6877 
6878 	return 0;
6879 }
6880 
6881 int ath12k_wmi_attach(struct ath12k_base *ab)
6882 {
6883 	int ret;
6884 
6885 	ret = ath12k_wmi_pdev_attach(ab, 0);
6886 	if (ret)
6887 		return ret;
6888 
6889 	ab->wmi_ab.ab = ab;
6890 	ab->wmi_ab.preferred_hw_mode = WMI_HOST_HW_MODE_MAX;
6891 
6892 	/* It's overwritten when service_ext_ready is handled */
6893 	if (ab->hw_params->single_pdev_only)
6894 		ab->wmi_ab.preferred_hw_mode = WMI_HOST_HW_MODE_SINGLE;
6895 
6896 	/* TODO: Init remaining wmi soc resources required */
6897 	init_completion(&ab->wmi_ab.service_ready);
6898 	init_completion(&ab->wmi_ab.unified_ready);
6899 
6900 	return 0;
6901 }
6902 
6903 void ath12k_wmi_detach(struct ath12k_base *ab)
6904 {
6905 	int i;
6906 
6907 	/* TODO: Deinit wmi resource specific to SOC as required */
6908 
6909 	for (i = 0; i < ab->htc.wmi_ep_count; i++)
6910 		ath12k_wmi_pdev_detach(ab, i);
6911 
6912 	ath12k_wmi_free_dbring_caps(ab);
6913 }
6914