xref: /openbmc/linux/drivers/net/wireless/ath/ath12k/wmi.c (revision f77d1a49)
1 // SPDX-License-Identifier: BSD-3-Clause-Clear
2 /*
3  * Copyright (c) 2018-2021 The Linux Foundation. All rights reserved.
4  * Copyright (c) 2021-2022 Qualcomm Innovation Center, Inc. All rights reserved.
5  */
6 #include <linux/skbuff.h>
7 #include <linux/ctype.h>
8 #include <net/mac80211.h>
9 #include <net/cfg80211.h>
10 #include <linux/completion.h>
11 #include <linux/if_ether.h>
12 #include <linux/types.h>
13 #include <linux/pci.h>
14 #include <linux/uuid.h>
15 #include <linux/time.h>
16 #include <linux/of.h>
17 #include "core.h"
18 #include "debug.h"
19 #include "mac.h"
20 #include "hw.h"
21 #include "peer.h"
22 
23 struct ath12k_wmi_svc_ready_parse {
24 	bool wmi_svc_bitmap_done;
25 };
26 
27 struct ath12k_wmi_dma_ring_caps_parse {
28 	struct ath12k_wmi_dma_ring_caps_params *dma_ring_caps;
29 	u32 n_dma_ring_caps;
30 };
31 
32 struct ath12k_wmi_service_ext_arg {
33 	u32 default_conc_scan_config_bits;
34 	u32 default_fw_config_bits;
35 	struct ath12k_wmi_ppe_threshold_arg ppet;
36 	u32 he_cap_info;
37 	u32 mpdu_density;
38 	u32 max_bssid_rx_filters;
39 	u32 num_hw_modes;
40 	u32 num_phy;
41 };
42 
43 struct ath12k_wmi_svc_rdy_ext_parse {
44 	struct ath12k_wmi_service_ext_arg arg;
45 	const struct ath12k_wmi_soc_mac_phy_hw_mode_caps_params *hw_caps;
46 	const struct ath12k_wmi_hw_mode_cap_params *hw_mode_caps;
47 	u32 n_hw_mode_caps;
48 	u32 tot_phy_id;
49 	struct ath12k_wmi_hw_mode_cap_params pref_hw_mode_caps;
50 	struct ath12k_wmi_mac_phy_caps_params *mac_phy_caps;
51 	u32 n_mac_phy_caps;
52 	const struct ath12k_wmi_soc_hal_reg_caps_params *soc_hal_reg_caps;
53 	const struct ath12k_wmi_hal_reg_caps_ext_params *ext_hal_reg_caps;
54 	u32 n_ext_hal_reg_caps;
55 	struct ath12k_wmi_dma_ring_caps_parse dma_caps_parse;
56 	bool hw_mode_done;
57 	bool mac_phy_done;
58 	bool ext_hal_reg_done;
59 	bool mac_phy_chainmask_combo_done;
60 	bool mac_phy_chainmask_cap_done;
61 	bool oem_dma_ring_cap_done;
62 	bool dma_ring_cap_done;
63 };
64 
65 struct ath12k_wmi_svc_rdy_ext2_parse {
66 	struct ath12k_wmi_dma_ring_caps_parse dma_caps_parse;
67 	bool dma_ring_cap_done;
68 };
69 
70 struct ath12k_wmi_rdy_parse {
71 	u32 num_extra_mac_addr;
72 };
73 
74 struct ath12k_wmi_dma_buf_release_arg {
75 	struct ath12k_wmi_dma_buf_release_fixed_params fixed;
76 	const struct ath12k_wmi_dma_buf_release_entry_params *buf_entry;
77 	const struct ath12k_wmi_dma_buf_release_meta_data_params *meta_data;
78 	u32 num_buf_entry;
79 	u32 num_meta;
80 	bool buf_entry_done;
81 	bool meta_data_done;
82 };
83 
84 struct ath12k_wmi_tlv_policy {
85 	size_t min_len;
86 };
87 
88 struct wmi_tlv_mgmt_rx_parse {
89 	const struct ath12k_wmi_mgmt_rx_params *fixed;
90 	const u8 *frame_buf;
91 	bool frame_buf_done;
92 };
93 
94 static const struct ath12k_wmi_tlv_policy ath12k_wmi_tlv_policies[] = {
95 	[WMI_TAG_ARRAY_BYTE] = { .min_len = 0 },
96 	[WMI_TAG_ARRAY_UINT32] = { .min_len = 0 },
97 	[WMI_TAG_SERVICE_READY_EVENT] = {
98 		.min_len = sizeof(struct wmi_service_ready_event) },
99 	[WMI_TAG_SERVICE_READY_EXT_EVENT] = {
100 		.min_len = sizeof(struct wmi_service_ready_ext_event) },
101 	[WMI_TAG_SOC_MAC_PHY_HW_MODE_CAPS] = {
102 		.min_len = sizeof(struct ath12k_wmi_soc_mac_phy_hw_mode_caps_params) },
103 	[WMI_TAG_SOC_HAL_REG_CAPABILITIES] = {
104 		.min_len = sizeof(struct ath12k_wmi_soc_hal_reg_caps_params) },
105 	[WMI_TAG_VDEV_START_RESPONSE_EVENT] = {
106 		.min_len = sizeof(struct wmi_vdev_start_resp_event) },
107 	[WMI_TAG_PEER_DELETE_RESP_EVENT] = {
108 		.min_len = sizeof(struct wmi_peer_delete_resp_event) },
109 	[WMI_TAG_OFFLOAD_BCN_TX_STATUS_EVENT] = {
110 		.min_len = sizeof(struct wmi_bcn_tx_status_event) },
111 	[WMI_TAG_VDEV_STOPPED_EVENT] = {
112 		.min_len = sizeof(struct wmi_vdev_stopped_event) },
113 	[WMI_TAG_REG_CHAN_LIST_CC_EXT_EVENT] = {
114 		.min_len = sizeof(struct wmi_reg_chan_list_cc_ext_event) },
115 	[WMI_TAG_MGMT_RX_HDR] = {
116 		.min_len = sizeof(struct ath12k_wmi_mgmt_rx_params) },
117 	[WMI_TAG_MGMT_TX_COMPL_EVENT] = {
118 		.min_len = sizeof(struct wmi_mgmt_tx_compl_event) },
119 	[WMI_TAG_SCAN_EVENT] = {
120 		.min_len = sizeof(struct wmi_scan_event) },
121 	[WMI_TAG_PEER_STA_KICKOUT_EVENT] = {
122 		.min_len = sizeof(struct wmi_peer_sta_kickout_event) },
123 	[WMI_TAG_ROAM_EVENT] = {
124 		.min_len = sizeof(struct wmi_roam_event) },
125 	[WMI_TAG_CHAN_INFO_EVENT] = {
126 		.min_len = sizeof(struct wmi_chan_info_event) },
127 	[WMI_TAG_PDEV_BSS_CHAN_INFO_EVENT] = {
128 		.min_len = sizeof(struct wmi_pdev_bss_chan_info_event) },
129 	[WMI_TAG_VDEV_INSTALL_KEY_COMPLETE_EVENT] = {
130 		.min_len = sizeof(struct wmi_vdev_install_key_compl_event) },
131 	[WMI_TAG_READY_EVENT] = {
132 		.min_len = sizeof(struct ath12k_wmi_ready_event_min_params) },
133 	[WMI_TAG_SERVICE_AVAILABLE_EVENT] = {
134 		.min_len = sizeof(struct wmi_service_available_event) },
135 	[WMI_TAG_PEER_ASSOC_CONF_EVENT] = {
136 		.min_len = sizeof(struct wmi_peer_assoc_conf_event) },
137 	[WMI_TAG_PDEV_CTL_FAILSAFE_CHECK_EVENT] = {
138 		.min_len = sizeof(struct wmi_pdev_ctl_failsafe_chk_event) },
139 	[WMI_TAG_HOST_SWFDA_EVENT] = {
140 		.min_len = sizeof(struct wmi_fils_discovery_event) },
141 	[WMI_TAG_OFFLOAD_PRB_RSP_TX_STATUS_EVENT] = {
142 		.min_len = sizeof(struct wmi_probe_resp_tx_status_event) },
143 	[WMI_TAG_VDEV_DELETE_RESP_EVENT] = {
144 		.min_len = sizeof(struct wmi_vdev_delete_resp_event) },
145 };
146 
147 static __le32 ath12k_wmi_tlv_hdr(u32 cmd, u32 len)
148 {
149 	return le32_encode_bits(cmd, WMI_TLV_TAG) |
150 		le32_encode_bits(len, WMI_TLV_LEN);
151 }
152 
153 static __le32 ath12k_wmi_tlv_cmd_hdr(u32 cmd, u32 len)
154 {
155 	return ath12k_wmi_tlv_hdr(cmd, len - TLV_HDR_SIZE);
156 }
157 
158 void ath12k_wmi_init_qcn9274(struct ath12k_base *ab,
159 			     struct ath12k_wmi_resource_config_arg *config)
160 {
161 	config->num_vdevs = ab->num_radios * TARGET_NUM_VDEVS;
162 
163 	if (ab->num_radios == 2) {
164 		config->num_peers = TARGET_NUM_PEERS(DBS);
165 		config->num_tids = TARGET_NUM_TIDS(DBS);
166 	} else if (ab->num_radios == 3) {
167 		config->num_peers = TARGET_NUM_PEERS(DBS_SBS);
168 		config->num_tids = TARGET_NUM_TIDS(DBS_SBS);
169 	} else {
170 		/* Control should not reach here */
171 		config->num_peers = TARGET_NUM_PEERS(SINGLE);
172 		config->num_tids = TARGET_NUM_TIDS(SINGLE);
173 	}
174 	config->num_offload_peers = TARGET_NUM_OFFLD_PEERS;
175 	config->num_offload_reorder_buffs = TARGET_NUM_OFFLD_REORDER_BUFFS;
176 	config->num_peer_keys = TARGET_NUM_PEER_KEYS;
177 	config->ast_skid_limit = TARGET_AST_SKID_LIMIT;
178 	config->tx_chain_mask = (1 << ab->target_caps.num_rf_chains) - 1;
179 	config->rx_chain_mask = (1 << ab->target_caps.num_rf_chains) - 1;
180 	config->rx_timeout_pri[0] = TARGET_RX_TIMEOUT_LO_PRI;
181 	config->rx_timeout_pri[1] = TARGET_RX_TIMEOUT_LO_PRI;
182 	config->rx_timeout_pri[2] = TARGET_RX_TIMEOUT_LO_PRI;
183 	config->rx_timeout_pri[3] = TARGET_RX_TIMEOUT_HI_PRI;
184 
185 	if (test_bit(ATH12K_FLAG_RAW_MODE, &ab->dev_flags))
186 		config->rx_decap_mode = TARGET_DECAP_MODE_RAW;
187 	else
188 		config->rx_decap_mode = TARGET_DECAP_MODE_NATIVE_WIFI;
189 
190 	config->scan_max_pending_req = TARGET_SCAN_MAX_PENDING_REQS;
191 	config->bmiss_offload_max_vdev = TARGET_BMISS_OFFLOAD_MAX_VDEV;
192 	config->roam_offload_max_vdev = TARGET_ROAM_OFFLOAD_MAX_VDEV;
193 	config->roam_offload_max_ap_profiles = TARGET_ROAM_OFFLOAD_MAX_AP_PROFILES;
194 	config->num_mcast_groups = TARGET_NUM_MCAST_GROUPS;
195 	config->num_mcast_table_elems = TARGET_NUM_MCAST_TABLE_ELEMS;
196 	config->mcast2ucast_mode = TARGET_MCAST2UCAST_MODE;
197 	config->tx_dbg_log_size = TARGET_TX_DBG_LOG_SIZE;
198 	config->num_wds_entries = TARGET_NUM_WDS_ENTRIES;
199 	config->dma_burst_size = TARGET_DMA_BURST_SIZE;
200 	config->rx_skip_defrag_timeout_dup_detection_check =
201 		TARGET_RX_SKIP_DEFRAG_TIMEOUT_DUP_DETECTION_CHECK;
202 	config->vow_config = TARGET_VOW_CONFIG;
203 	config->gtk_offload_max_vdev = TARGET_GTK_OFFLOAD_MAX_VDEV;
204 	config->num_msdu_desc = TARGET_NUM_MSDU_DESC;
205 	config->beacon_tx_offload_max_vdev = ab->num_radios * TARGET_MAX_BCN_OFFLD;
206 	config->rx_batchmode = TARGET_RX_BATCHMODE;
207 	/* Indicates host supports peer map v3 and unmap v2 support */
208 	config->peer_map_unmap_version = 0x32;
209 	config->twt_ap_pdev_count = ab->num_radios;
210 	config->twt_ap_sta_count = 1000;
211 }
212 
213 void ath12k_wmi_init_wcn7850(struct ath12k_base *ab,
214 			     struct ath12k_wmi_resource_config_arg *config)
215 {
216 	config->num_vdevs = 4;
217 	config->num_peers = 16;
218 	config->num_tids = 32;
219 
220 	config->num_offload_peers = 3;
221 	config->num_offload_reorder_buffs = 3;
222 	config->num_peer_keys = TARGET_NUM_PEER_KEYS;
223 	config->ast_skid_limit = TARGET_AST_SKID_LIMIT;
224 	config->tx_chain_mask = (1 << ab->target_caps.num_rf_chains) - 1;
225 	config->rx_chain_mask = (1 << ab->target_caps.num_rf_chains) - 1;
226 	config->rx_timeout_pri[0] = TARGET_RX_TIMEOUT_LO_PRI;
227 	config->rx_timeout_pri[1] = TARGET_RX_TIMEOUT_LO_PRI;
228 	config->rx_timeout_pri[2] = TARGET_RX_TIMEOUT_LO_PRI;
229 	config->rx_timeout_pri[3] = TARGET_RX_TIMEOUT_HI_PRI;
230 	config->rx_decap_mode = TARGET_DECAP_MODE_NATIVE_WIFI;
231 	config->scan_max_pending_req = TARGET_SCAN_MAX_PENDING_REQS;
232 	config->bmiss_offload_max_vdev = TARGET_BMISS_OFFLOAD_MAX_VDEV;
233 	config->roam_offload_max_vdev = TARGET_ROAM_OFFLOAD_MAX_VDEV;
234 	config->roam_offload_max_ap_profiles = TARGET_ROAM_OFFLOAD_MAX_AP_PROFILES;
235 	config->num_mcast_groups = 0;
236 	config->num_mcast_table_elems = 0;
237 	config->mcast2ucast_mode = 0;
238 	config->tx_dbg_log_size = TARGET_TX_DBG_LOG_SIZE;
239 	config->num_wds_entries = 0;
240 	config->dma_burst_size = 0;
241 	config->rx_skip_defrag_timeout_dup_detection_check = 0;
242 	config->vow_config = TARGET_VOW_CONFIG;
243 	config->gtk_offload_max_vdev = 2;
244 	config->num_msdu_desc = 0x400;
245 	config->beacon_tx_offload_max_vdev = 2;
246 	config->rx_batchmode = TARGET_RX_BATCHMODE;
247 
248 	config->peer_map_unmap_version = 0x1;
249 	config->use_pdev_id = 1;
250 	config->max_frag_entries = 0xa;
251 	config->num_tdls_vdevs = 0x1;
252 	config->num_tdls_conn_table_entries = 8;
253 	config->beacon_tx_offload_max_vdev = 0x2;
254 	config->num_multicast_filter_entries = 0x20;
255 	config->num_wow_filters = 0x16;
256 	config->num_keep_alive_pattern = 0;
257 }
258 
259 #define PRIMAP(_hw_mode_) \
260 	[_hw_mode_] = _hw_mode_##_PRI
261 
262 static const int ath12k_hw_mode_pri_map[] = {
263 	PRIMAP(WMI_HOST_HW_MODE_SINGLE),
264 	PRIMAP(WMI_HOST_HW_MODE_DBS),
265 	PRIMAP(WMI_HOST_HW_MODE_SBS_PASSIVE),
266 	PRIMAP(WMI_HOST_HW_MODE_SBS),
267 	PRIMAP(WMI_HOST_HW_MODE_DBS_SBS),
268 	PRIMAP(WMI_HOST_HW_MODE_DBS_OR_SBS),
269 	/* keep last */
270 	PRIMAP(WMI_HOST_HW_MODE_MAX),
271 };
272 
273 static int
274 ath12k_wmi_tlv_iter(struct ath12k_base *ab, const void *ptr, size_t len,
275 		    int (*iter)(struct ath12k_base *ab, u16 tag, u16 len,
276 				const void *ptr, void *data),
277 		    void *data)
278 {
279 	const void *begin = ptr;
280 	const struct wmi_tlv *tlv;
281 	u16 tlv_tag, tlv_len;
282 	int ret;
283 
284 	while (len > 0) {
285 		if (len < sizeof(*tlv)) {
286 			ath12k_err(ab, "wmi tlv parse failure at byte %zd (%zu bytes left, %zu expected)\n",
287 				   ptr - begin, len, sizeof(*tlv));
288 			return -EINVAL;
289 		}
290 
291 		tlv = ptr;
292 		tlv_tag = le32_get_bits(tlv->header, WMI_TLV_TAG);
293 		tlv_len = le32_get_bits(tlv->header, WMI_TLV_LEN);
294 		ptr += sizeof(*tlv);
295 		len -= sizeof(*tlv);
296 
297 		if (tlv_len > len) {
298 			ath12k_err(ab, "wmi tlv parse failure of tag %u at byte %zd (%zu bytes left, %u expected)\n",
299 				   tlv_tag, ptr - begin, len, tlv_len);
300 			return -EINVAL;
301 		}
302 
303 		if (tlv_tag < ARRAY_SIZE(ath12k_wmi_tlv_policies) &&
304 		    ath12k_wmi_tlv_policies[tlv_tag].min_len &&
305 		    ath12k_wmi_tlv_policies[tlv_tag].min_len > tlv_len) {
306 			ath12k_err(ab, "wmi tlv parse failure of tag %u at byte %zd (%u bytes is less than min length %zu)\n",
307 				   tlv_tag, ptr - begin, tlv_len,
308 				   ath12k_wmi_tlv_policies[tlv_tag].min_len);
309 			return -EINVAL;
310 		}
311 
312 		ret = iter(ab, tlv_tag, tlv_len, ptr, data);
313 		if (ret)
314 			return ret;
315 
316 		ptr += tlv_len;
317 		len -= tlv_len;
318 	}
319 
320 	return 0;
321 }
322 
323 static int ath12k_wmi_tlv_iter_parse(struct ath12k_base *ab, u16 tag, u16 len,
324 				     const void *ptr, void *data)
325 {
326 	const void **tb = data;
327 
328 	if (tag < WMI_TAG_MAX)
329 		tb[tag] = ptr;
330 
331 	return 0;
332 }
333 
334 static int ath12k_wmi_tlv_parse(struct ath12k_base *ar, const void **tb,
335 				const void *ptr, size_t len)
336 {
337 	return ath12k_wmi_tlv_iter(ar, ptr, len, ath12k_wmi_tlv_iter_parse,
338 				   (void *)tb);
339 }
340 
341 static const void **
342 ath12k_wmi_tlv_parse_alloc(struct ath12k_base *ab, const void *ptr,
343 			   size_t len, gfp_t gfp)
344 {
345 	const void **tb;
346 	int ret;
347 
348 	tb = kcalloc(WMI_TAG_MAX, sizeof(*tb), gfp);
349 	if (!tb)
350 		return ERR_PTR(-ENOMEM);
351 
352 	ret = ath12k_wmi_tlv_parse(ab, tb, ptr, len);
353 	if (ret) {
354 		kfree(tb);
355 		return ERR_PTR(ret);
356 	}
357 
358 	return tb;
359 }
360 
361 static int ath12k_wmi_cmd_send_nowait(struct ath12k_wmi_pdev *wmi, struct sk_buff *skb,
362 				      u32 cmd_id)
363 {
364 	struct ath12k_skb_cb *skb_cb = ATH12K_SKB_CB(skb);
365 	struct ath12k_base *ab = wmi->wmi_ab->ab;
366 	struct wmi_cmd_hdr *cmd_hdr;
367 	int ret;
368 
369 	if (!skb_push(skb, sizeof(struct wmi_cmd_hdr)))
370 		return -ENOMEM;
371 
372 	cmd_hdr = (struct wmi_cmd_hdr *)skb->data;
373 	cmd_hdr->cmd_id = le32_encode_bits(cmd_id, WMI_CMD_HDR_CMD_ID);
374 
375 	memset(skb_cb, 0, sizeof(*skb_cb));
376 	ret = ath12k_htc_send(&ab->htc, wmi->eid, skb);
377 
378 	if (ret)
379 		goto err_pull;
380 
381 	return 0;
382 
383 err_pull:
384 	skb_pull(skb, sizeof(struct wmi_cmd_hdr));
385 	return ret;
386 }
387 
388 int ath12k_wmi_cmd_send(struct ath12k_wmi_pdev *wmi, struct sk_buff *skb,
389 			u32 cmd_id)
390 {
391 	struct ath12k_wmi_base *wmi_sc = wmi->wmi_ab;
392 	int ret = -EOPNOTSUPP;
393 
394 	might_sleep();
395 
396 	wait_event_timeout(wmi_sc->tx_credits_wq, ({
397 		ret = ath12k_wmi_cmd_send_nowait(wmi, skb, cmd_id);
398 
399 		if (ret && test_bit(ATH12K_FLAG_CRASH_FLUSH, &wmi_sc->ab->dev_flags))
400 			ret = -ESHUTDOWN;
401 
402 		(ret != -EAGAIN);
403 	}), WMI_SEND_TIMEOUT_HZ);
404 
405 	if (ret == -EAGAIN)
406 		ath12k_warn(wmi_sc->ab, "wmi command %d timeout\n", cmd_id);
407 
408 	return ret;
409 }
410 
411 static int ath12k_pull_svc_ready_ext(struct ath12k_wmi_pdev *wmi_handle,
412 				     const void *ptr,
413 				     struct ath12k_wmi_service_ext_arg *arg)
414 {
415 	const struct wmi_service_ready_ext_event *ev = ptr;
416 	int i;
417 
418 	if (!ev)
419 		return -EINVAL;
420 
421 	/* Move this to host based bitmap */
422 	arg->default_conc_scan_config_bits =
423 		le32_to_cpu(ev->default_conc_scan_config_bits);
424 	arg->default_fw_config_bits = le32_to_cpu(ev->default_fw_config_bits);
425 	arg->he_cap_info = le32_to_cpu(ev->he_cap_info);
426 	arg->mpdu_density = le32_to_cpu(ev->mpdu_density);
427 	arg->max_bssid_rx_filters = le32_to_cpu(ev->max_bssid_rx_filters);
428 	arg->ppet.numss_m1 = le32_to_cpu(ev->ppet.numss_m1);
429 	arg->ppet.ru_bit_mask = le32_to_cpu(ev->ppet.ru_info);
430 
431 	for (i = 0; i < WMI_MAX_NUM_SS; i++)
432 		arg->ppet.ppet16_ppet8_ru3_ru0[i] =
433 			le32_to_cpu(ev->ppet.ppet16_ppet8_ru3_ru0[i]);
434 
435 	return 0;
436 }
437 
438 static int
439 ath12k_pull_mac_phy_cap_svc_ready_ext(struct ath12k_wmi_pdev *wmi_handle,
440 				      struct ath12k_wmi_svc_rdy_ext_parse *svc,
441 				      u8 hw_mode_id, u8 phy_id,
442 				      struct ath12k_pdev *pdev)
443 {
444 	const struct ath12k_wmi_mac_phy_caps_params *mac_caps;
445 	const struct ath12k_wmi_soc_mac_phy_hw_mode_caps_params *hw_caps = svc->hw_caps;
446 	const struct ath12k_wmi_hw_mode_cap_params *wmi_hw_mode_caps = svc->hw_mode_caps;
447 	const struct ath12k_wmi_mac_phy_caps_params *wmi_mac_phy_caps = svc->mac_phy_caps;
448 	struct ath12k_band_cap *cap_band;
449 	struct ath12k_pdev_cap *pdev_cap = &pdev->cap;
450 	u32 phy_map;
451 	u32 hw_idx, phy_idx = 0;
452 	int i;
453 
454 	if (!hw_caps || !wmi_hw_mode_caps || !svc->soc_hal_reg_caps)
455 		return -EINVAL;
456 
457 	for (hw_idx = 0; hw_idx < le32_to_cpu(hw_caps->num_hw_modes); hw_idx++) {
458 		if (hw_mode_id == le32_to_cpu(wmi_hw_mode_caps[hw_idx].hw_mode_id))
459 			break;
460 
461 		phy_map = le32_to_cpu(wmi_hw_mode_caps[hw_idx].phy_id_map);
462 		phy_idx = fls(phy_map);
463 	}
464 
465 	if (hw_idx == le32_to_cpu(hw_caps->num_hw_modes))
466 		return -EINVAL;
467 
468 	phy_idx += phy_id;
469 	if (phy_id >= le32_to_cpu(svc->soc_hal_reg_caps->num_phy))
470 		return -EINVAL;
471 
472 	mac_caps = wmi_mac_phy_caps + phy_idx;
473 
474 	pdev->pdev_id = le32_to_cpu(mac_caps->pdev_id);
475 	pdev_cap->supported_bands |= le32_to_cpu(mac_caps->supported_bands);
476 	pdev_cap->ampdu_density = le32_to_cpu(mac_caps->ampdu_density);
477 
478 	/* Take non-zero tx/rx chainmask. If tx/rx chainmask differs from
479 	 * band to band for a single radio, need to see how this should be
480 	 * handled.
481 	 */
482 	if (le32_to_cpu(mac_caps->supported_bands) & WMI_HOST_WLAN_2G_CAP) {
483 		pdev_cap->tx_chain_mask = le32_to_cpu(mac_caps->tx_chain_mask_2g);
484 		pdev_cap->rx_chain_mask = le32_to_cpu(mac_caps->rx_chain_mask_2g);
485 	} else if (le32_to_cpu(mac_caps->supported_bands) & WMI_HOST_WLAN_5G_CAP) {
486 		pdev_cap->vht_cap = le32_to_cpu(mac_caps->vht_cap_info_5g);
487 		pdev_cap->vht_mcs = le32_to_cpu(mac_caps->vht_supp_mcs_5g);
488 		pdev_cap->he_mcs = le32_to_cpu(mac_caps->he_supp_mcs_5g);
489 		pdev_cap->tx_chain_mask = le32_to_cpu(mac_caps->tx_chain_mask_5g);
490 		pdev_cap->rx_chain_mask = le32_to_cpu(mac_caps->rx_chain_mask_5g);
491 	} else {
492 		return -EINVAL;
493 	}
494 
495 	/* tx/rx chainmask reported from fw depends on the actual hw chains used,
496 	 * For example, for 4x4 capable macphys, first 4 chains can be used for first
497 	 * mac and the remaining 4 chains can be used for the second mac or vice-versa.
498 	 * In this case, tx/rx chainmask 0xf will be advertised for first mac and 0xf0
499 	 * will be advertised for second mac or vice-versa. Compute the shift value
500 	 * for tx/rx chainmask which will be used to advertise supported ht/vht rates to
501 	 * mac80211.
502 	 */
503 	pdev_cap->tx_chain_mask_shift =
504 			find_first_bit((unsigned long *)&pdev_cap->tx_chain_mask, 32);
505 	pdev_cap->rx_chain_mask_shift =
506 			find_first_bit((unsigned long *)&pdev_cap->rx_chain_mask, 32);
507 
508 	if (le32_to_cpu(mac_caps->supported_bands) & WMI_HOST_WLAN_2G_CAP) {
509 		cap_band = &pdev_cap->band[NL80211_BAND_2GHZ];
510 		cap_band->phy_id = le32_to_cpu(mac_caps->phy_id);
511 		cap_band->max_bw_supported = le32_to_cpu(mac_caps->max_bw_supported_2g);
512 		cap_band->ht_cap_info = le32_to_cpu(mac_caps->ht_cap_info_2g);
513 		cap_band->he_cap_info[0] = le32_to_cpu(mac_caps->he_cap_info_2g);
514 		cap_band->he_cap_info[1] = le32_to_cpu(mac_caps->he_cap_info_2g_ext);
515 		cap_band->he_mcs = le32_to_cpu(mac_caps->he_supp_mcs_2g);
516 		for (i = 0; i < WMI_MAX_HECAP_PHY_SIZE; i++)
517 			cap_band->he_cap_phy_info[i] =
518 				le32_to_cpu(mac_caps->he_cap_phy_info_2g[i]);
519 
520 		cap_band->he_ppet.numss_m1 = le32_to_cpu(mac_caps->he_ppet2g.numss_m1);
521 		cap_band->he_ppet.ru_bit_mask = le32_to_cpu(mac_caps->he_ppet2g.ru_info);
522 
523 		for (i = 0; i < WMI_MAX_NUM_SS; i++)
524 			cap_band->he_ppet.ppet16_ppet8_ru3_ru0[i] =
525 				le32_to_cpu(mac_caps->he_ppet2g.ppet16_ppet8_ru3_ru0[i]);
526 	}
527 
528 	if (le32_to_cpu(mac_caps->supported_bands) & WMI_HOST_WLAN_5G_CAP) {
529 		cap_band = &pdev_cap->band[NL80211_BAND_5GHZ];
530 		cap_band->phy_id = le32_to_cpu(mac_caps->phy_id);
531 		cap_band->max_bw_supported =
532 			le32_to_cpu(mac_caps->max_bw_supported_5g);
533 		cap_band->ht_cap_info = le32_to_cpu(mac_caps->ht_cap_info_5g);
534 		cap_band->he_cap_info[0] = le32_to_cpu(mac_caps->he_cap_info_5g);
535 		cap_band->he_cap_info[1] = le32_to_cpu(mac_caps->he_cap_info_5g_ext);
536 		cap_band->he_mcs = le32_to_cpu(mac_caps->he_supp_mcs_5g);
537 		for (i = 0; i < WMI_MAX_HECAP_PHY_SIZE; i++)
538 			cap_band->he_cap_phy_info[i] =
539 				le32_to_cpu(mac_caps->he_cap_phy_info_5g[i]);
540 
541 		cap_band->he_ppet.numss_m1 = le32_to_cpu(mac_caps->he_ppet5g.numss_m1);
542 		cap_band->he_ppet.ru_bit_mask = le32_to_cpu(mac_caps->he_ppet5g.ru_info);
543 
544 		for (i = 0; i < WMI_MAX_NUM_SS; i++)
545 			cap_band->he_ppet.ppet16_ppet8_ru3_ru0[i] =
546 				le32_to_cpu(mac_caps->he_ppet5g.ppet16_ppet8_ru3_ru0[i]);
547 
548 		cap_band = &pdev_cap->band[NL80211_BAND_6GHZ];
549 		cap_band->max_bw_supported =
550 			le32_to_cpu(mac_caps->max_bw_supported_5g);
551 		cap_band->ht_cap_info = le32_to_cpu(mac_caps->ht_cap_info_5g);
552 		cap_band->he_cap_info[0] = le32_to_cpu(mac_caps->he_cap_info_5g);
553 		cap_band->he_cap_info[1] = le32_to_cpu(mac_caps->he_cap_info_5g_ext);
554 		cap_band->he_mcs = le32_to_cpu(mac_caps->he_supp_mcs_5g);
555 		for (i = 0; i < WMI_MAX_HECAP_PHY_SIZE; i++)
556 			cap_band->he_cap_phy_info[i] =
557 				le32_to_cpu(mac_caps->he_cap_phy_info_5g[i]);
558 
559 		cap_band->he_ppet.numss_m1 = le32_to_cpu(mac_caps->he_ppet5g.numss_m1);
560 		cap_band->he_ppet.ru_bit_mask = le32_to_cpu(mac_caps->he_ppet5g.ru_info);
561 
562 		for (i = 0; i < WMI_MAX_NUM_SS; i++)
563 			cap_band->he_ppet.ppet16_ppet8_ru3_ru0[i] =
564 				le32_to_cpu(mac_caps->he_ppet5g.ppet16_ppet8_ru3_ru0[i]);
565 	}
566 
567 	return 0;
568 }
569 
570 static int
571 ath12k_pull_reg_cap_svc_rdy_ext(struct ath12k_wmi_pdev *wmi_handle,
572 				const struct ath12k_wmi_soc_hal_reg_caps_params *reg_caps,
573 				const struct ath12k_wmi_hal_reg_caps_ext_params *ext_caps,
574 				u8 phy_idx,
575 				struct ath12k_wmi_hal_reg_capabilities_ext_arg *param)
576 {
577 	const struct ath12k_wmi_hal_reg_caps_ext_params *ext_reg_cap;
578 
579 	if (!reg_caps || !ext_caps)
580 		return -EINVAL;
581 
582 	if (phy_idx >= le32_to_cpu(reg_caps->num_phy))
583 		return -EINVAL;
584 
585 	ext_reg_cap = &ext_caps[phy_idx];
586 
587 	param->phy_id = le32_to_cpu(ext_reg_cap->phy_id);
588 	param->eeprom_reg_domain = le32_to_cpu(ext_reg_cap->eeprom_reg_domain);
589 	param->eeprom_reg_domain_ext =
590 		le32_to_cpu(ext_reg_cap->eeprom_reg_domain_ext);
591 	param->regcap1 = le32_to_cpu(ext_reg_cap->regcap1);
592 	param->regcap2 = le32_to_cpu(ext_reg_cap->regcap2);
593 	/* check if param->wireless_mode is needed */
594 	param->low_2ghz_chan = le32_to_cpu(ext_reg_cap->low_2ghz_chan);
595 	param->high_2ghz_chan = le32_to_cpu(ext_reg_cap->high_2ghz_chan);
596 	param->low_5ghz_chan = le32_to_cpu(ext_reg_cap->low_5ghz_chan);
597 	param->high_5ghz_chan = le32_to_cpu(ext_reg_cap->high_5ghz_chan);
598 
599 	return 0;
600 }
601 
602 static int ath12k_pull_service_ready_tlv(struct ath12k_base *ab,
603 					 const void *evt_buf,
604 					 struct ath12k_wmi_target_cap_arg *cap)
605 {
606 	const struct wmi_service_ready_event *ev = evt_buf;
607 
608 	if (!ev) {
609 		ath12k_err(ab, "%s: failed by NULL param\n",
610 			   __func__);
611 		return -EINVAL;
612 	}
613 
614 	cap->phy_capability = le32_to_cpu(ev->phy_capability);
615 	cap->max_frag_entry = le32_to_cpu(ev->max_frag_entry);
616 	cap->num_rf_chains = le32_to_cpu(ev->num_rf_chains);
617 	cap->ht_cap_info = le32_to_cpu(ev->ht_cap_info);
618 	cap->vht_cap_info = le32_to_cpu(ev->vht_cap_info);
619 	cap->vht_supp_mcs = le32_to_cpu(ev->vht_supp_mcs);
620 	cap->hw_min_tx_power = le32_to_cpu(ev->hw_min_tx_power);
621 	cap->hw_max_tx_power = le32_to_cpu(ev->hw_max_tx_power);
622 	cap->sys_cap_info = le32_to_cpu(ev->sys_cap_info);
623 	cap->min_pkt_size_enable = le32_to_cpu(ev->min_pkt_size_enable);
624 	cap->max_bcn_ie_size = le32_to_cpu(ev->max_bcn_ie_size);
625 	cap->max_num_scan_channels = le32_to_cpu(ev->max_num_scan_channels);
626 	cap->max_supported_macs = le32_to_cpu(ev->max_supported_macs);
627 	cap->wmi_fw_sub_feat_caps = le32_to_cpu(ev->wmi_fw_sub_feat_caps);
628 	cap->txrx_chainmask = le32_to_cpu(ev->txrx_chainmask);
629 	cap->default_dbs_hw_mode_index = le32_to_cpu(ev->default_dbs_hw_mode_index);
630 	cap->num_msdu_desc = le32_to_cpu(ev->num_msdu_desc);
631 
632 	return 0;
633 }
634 
635 /* Save the wmi_service_bitmap into a linear bitmap. The wmi_services in
636  * wmi_service ready event are advertised in b0-b3 (LSB 4-bits) of each
637  * 4-byte word.
638  */
639 static void ath12k_wmi_service_bitmap_copy(struct ath12k_wmi_pdev *wmi,
640 					   const u32 *wmi_svc_bm)
641 {
642 	int i, j;
643 
644 	for (i = 0, j = 0; i < WMI_SERVICE_BM_SIZE && j < WMI_MAX_SERVICE; i++) {
645 		do {
646 			if (wmi_svc_bm[i] & BIT(j % WMI_SERVICE_BITS_IN_SIZE32))
647 				set_bit(j, wmi->wmi_ab->svc_map);
648 		} while (++j % WMI_SERVICE_BITS_IN_SIZE32);
649 	}
650 }
651 
652 static int ath12k_wmi_svc_rdy_parse(struct ath12k_base *ab, u16 tag, u16 len,
653 				    const void *ptr, void *data)
654 {
655 	struct ath12k_wmi_svc_ready_parse *svc_ready = data;
656 	struct ath12k_wmi_pdev *wmi_handle = &ab->wmi_ab.wmi[0];
657 	u16 expect_len;
658 
659 	switch (tag) {
660 	case WMI_TAG_SERVICE_READY_EVENT:
661 		if (ath12k_pull_service_ready_tlv(ab, ptr, &ab->target_caps))
662 			return -EINVAL;
663 		break;
664 
665 	case WMI_TAG_ARRAY_UINT32:
666 		if (!svc_ready->wmi_svc_bitmap_done) {
667 			expect_len = WMI_SERVICE_BM_SIZE * sizeof(u32);
668 			if (len < expect_len) {
669 				ath12k_warn(ab, "invalid len %d for the tag 0x%x\n",
670 					    len, tag);
671 				return -EINVAL;
672 			}
673 
674 			ath12k_wmi_service_bitmap_copy(wmi_handle, ptr);
675 
676 			svc_ready->wmi_svc_bitmap_done = true;
677 		}
678 		break;
679 	default:
680 		break;
681 	}
682 
683 	return 0;
684 }
685 
686 static int ath12k_service_ready_event(struct ath12k_base *ab, struct sk_buff *skb)
687 {
688 	struct ath12k_wmi_svc_ready_parse svc_ready = { };
689 	int ret;
690 
691 	ret = ath12k_wmi_tlv_iter(ab, skb->data, skb->len,
692 				  ath12k_wmi_svc_rdy_parse,
693 				  &svc_ready);
694 	if (ret) {
695 		ath12k_warn(ab, "failed to parse tlv %d\n", ret);
696 		return ret;
697 	}
698 
699 	return 0;
700 }
701 
702 struct sk_buff *ath12k_wmi_alloc_skb(struct ath12k_wmi_base *wmi_sc, u32 len)
703 {
704 	struct sk_buff *skb;
705 	struct ath12k_base *ab = wmi_sc->ab;
706 	u32 round_len = roundup(len, 4);
707 
708 	skb = ath12k_htc_alloc_skb(ab, WMI_SKB_HEADROOM + round_len);
709 	if (!skb)
710 		return NULL;
711 
712 	skb_reserve(skb, WMI_SKB_HEADROOM);
713 	if (!IS_ALIGNED((unsigned long)skb->data, 4))
714 		ath12k_warn(ab, "unaligned WMI skb data\n");
715 
716 	skb_put(skb, round_len);
717 	memset(skb->data, 0, round_len);
718 
719 	return skb;
720 }
721 
722 int ath12k_wmi_mgmt_send(struct ath12k *ar, u32 vdev_id, u32 buf_id,
723 			 struct sk_buff *frame)
724 {
725 	struct ath12k_wmi_pdev *wmi = ar->wmi;
726 	struct wmi_mgmt_send_cmd *cmd;
727 	struct wmi_tlv *frame_tlv;
728 	struct sk_buff *skb;
729 	u32 buf_len;
730 	int ret, len;
731 
732 	buf_len = min_t(int, frame->len, WMI_MGMT_SEND_DOWNLD_LEN);
733 
734 	len = sizeof(*cmd) + sizeof(*frame_tlv) + roundup(buf_len, 4);
735 
736 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
737 	if (!skb)
738 		return -ENOMEM;
739 
740 	cmd = (struct wmi_mgmt_send_cmd *)skb->data;
741 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_MGMT_TX_SEND_CMD,
742 						 sizeof(*cmd));
743 	cmd->vdev_id = cpu_to_le32(vdev_id);
744 	cmd->desc_id = cpu_to_le32(buf_id);
745 	cmd->chanfreq = 0;
746 	cmd->paddr_lo = cpu_to_le32(lower_32_bits(ATH12K_SKB_CB(frame)->paddr));
747 	cmd->paddr_hi = cpu_to_le32(upper_32_bits(ATH12K_SKB_CB(frame)->paddr));
748 	cmd->frame_len = cpu_to_le32(frame->len);
749 	cmd->buf_len = cpu_to_le32(buf_len);
750 	cmd->tx_params_valid = 0;
751 
752 	frame_tlv = (struct wmi_tlv *)(skb->data + sizeof(*cmd));
753 	frame_tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_BYTE, buf_len);
754 
755 	memcpy(frame_tlv->value, frame->data, buf_len);
756 
757 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_MGMT_TX_SEND_CMDID);
758 	if (ret) {
759 		ath12k_warn(ar->ab,
760 			    "failed to submit WMI_MGMT_TX_SEND_CMDID cmd\n");
761 		dev_kfree_skb(skb);
762 	}
763 
764 	return ret;
765 }
766 
767 int ath12k_wmi_vdev_create(struct ath12k *ar, u8 *macaddr,
768 			   struct ath12k_wmi_vdev_create_arg *args)
769 {
770 	struct ath12k_wmi_pdev *wmi = ar->wmi;
771 	struct wmi_vdev_create_cmd *cmd;
772 	struct sk_buff *skb;
773 	struct ath12k_wmi_vdev_txrx_streams_params *txrx_streams;
774 	struct wmi_tlv *tlv;
775 	int ret, len;
776 	void *ptr;
777 
778 	/* It can be optimized my sending tx/rx chain configuration
779 	 * only for supported bands instead of always sending it for
780 	 * both the bands.
781 	 */
782 	len = sizeof(*cmd) + TLV_HDR_SIZE +
783 		(WMI_NUM_SUPPORTED_BAND_MAX * sizeof(*txrx_streams));
784 
785 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
786 	if (!skb)
787 		return -ENOMEM;
788 
789 	cmd = (struct wmi_vdev_create_cmd *)skb->data;
790 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_CREATE_CMD,
791 						 sizeof(*cmd));
792 
793 	cmd->vdev_id = cpu_to_le32(args->if_id);
794 	cmd->vdev_type = cpu_to_le32(args->type);
795 	cmd->vdev_subtype = cpu_to_le32(args->subtype);
796 	cmd->num_cfg_txrx_streams = cpu_to_le32(WMI_NUM_SUPPORTED_BAND_MAX);
797 	cmd->pdev_id = cpu_to_le32(args->pdev_id);
798 	cmd->vdev_stats_id = cpu_to_le32(args->if_stats_id);
799 	ether_addr_copy(cmd->vdev_macaddr.addr, macaddr);
800 
801 	ptr = skb->data + sizeof(*cmd);
802 	len = WMI_NUM_SUPPORTED_BAND_MAX * sizeof(*txrx_streams);
803 
804 	tlv = ptr;
805 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_STRUCT, len);
806 
807 	ptr += TLV_HDR_SIZE;
808 	txrx_streams = ptr;
809 	len = sizeof(*txrx_streams);
810 	txrx_streams->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_TXRX_STREAMS,
811 							  len);
812 	txrx_streams->band = WMI_TPC_CHAINMASK_CONFIG_BAND_2G;
813 	txrx_streams->supported_tx_streams =
814 				 args->chains[NL80211_BAND_2GHZ].tx;
815 	txrx_streams->supported_rx_streams =
816 				 args->chains[NL80211_BAND_2GHZ].rx;
817 
818 	txrx_streams++;
819 	txrx_streams->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_TXRX_STREAMS,
820 							  len);
821 	txrx_streams->band = WMI_TPC_CHAINMASK_CONFIG_BAND_5G;
822 	txrx_streams->supported_tx_streams =
823 				 args->chains[NL80211_BAND_5GHZ].tx;
824 	txrx_streams->supported_rx_streams =
825 				 args->chains[NL80211_BAND_5GHZ].rx;
826 
827 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
828 		   "WMI vdev create: id %d type %d subtype %d macaddr %pM pdevid %d\n",
829 		   args->if_id, args->type, args->subtype,
830 		   macaddr, args->pdev_id);
831 
832 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_VDEV_CREATE_CMDID);
833 	if (ret) {
834 		ath12k_warn(ar->ab,
835 			    "failed to submit WMI_VDEV_CREATE_CMDID\n");
836 		dev_kfree_skb(skb);
837 	}
838 
839 	return ret;
840 }
841 
842 int ath12k_wmi_vdev_delete(struct ath12k *ar, u8 vdev_id)
843 {
844 	struct ath12k_wmi_pdev *wmi = ar->wmi;
845 	struct wmi_vdev_delete_cmd *cmd;
846 	struct sk_buff *skb;
847 	int ret;
848 
849 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
850 	if (!skb)
851 		return -ENOMEM;
852 
853 	cmd = (struct wmi_vdev_delete_cmd *)skb->data;
854 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_DELETE_CMD,
855 						 sizeof(*cmd));
856 	cmd->vdev_id = cpu_to_le32(vdev_id);
857 
858 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI, "WMI vdev delete id %d\n", vdev_id);
859 
860 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_VDEV_DELETE_CMDID);
861 	if (ret) {
862 		ath12k_warn(ar->ab, "failed to submit WMI_VDEV_DELETE_CMDID\n");
863 		dev_kfree_skb(skb);
864 	}
865 
866 	return ret;
867 }
868 
869 int ath12k_wmi_vdev_stop(struct ath12k *ar, u8 vdev_id)
870 {
871 	struct ath12k_wmi_pdev *wmi = ar->wmi;
872 	struct wmi_vdev_stop_cmd *cmd;
873 	struct sk_buff *skb;
874 	int ret;
875 
876 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
877 	if (!skb)
878 		return -ENOMEM;
879 
880 	cmd = (struct wmi_vdev_stop_cmd *)skb->data;
881 
882 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_STOP_CMD,
883 						 sizeof(*cmd));
884 	cmd->vdev_id = cpu_to_le32(vdev_id);
885 
886 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI, "WMI vdev stop id 0x%x\n", vdev_id);
887 
888 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_VDEV_STOP_CMDID);
889 	if (ret) {
890 		ath12k_warn(ar->ab, "failed to submit WMI_VDEV_STOP cmd\n");
891 		dev_kfree_skb(skb);
892 	}
893 
894 	return ret;
895 }
896 
897 int ath12k_wmi_vdev_down(struct ath12k *ar, u8 vdev_id)
898 {
899 	struct ath12k_wmi_pdev *wmi = ar->wmi;
900 	struct wmi_vdev_down_cmd *cmd;
901 	struct sk_buff *skb;
902 	int ret;
903 
904 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
905 	if (!skb)
906 		return -ENOMEM;
907 
908 	cmd = (struct wmi_vdev_down_cmd *)skb->data;
909 
910 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_DOWN_CMD,
911 						 sizeof(*cmd));
912 	cmd->vdev_id = cpu_to_le32(vdev_id);
913 
914 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI, "WMI vdev down id 0x%x\n", vdev_id);
915 
916 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_VDEV_DOWN_CMDID);
917 	if (ret) {
918 		ath12k_warn(ar->ab, "failed to submit WMI_VDEV_DOWN cmd\n");
919 		dev_kfree_skb(skb);
920 	}
921 
922 	return ret;
923 }
924 
925 static void ath12k_wmi_put_wmi_channel(struct ath12k_wmi_channel_params *chan,
926 				       struct wmi_vdev_start_req_arg *arg)
927 {
928 	memset(chan, 0, sizeof(*chan));
929 
930 	chan->mhz = cpu_to_le32(arg->freq);
931 	chan->band_center_freq1 = cpu_to_le32(arg->band_center_freq1);
932 	if (arg->mode == MODE_11AC_VHT80_80)
933 		chan->band_center_freq2 = cpu_to_le32(arg->band_center_freq2);
934 	else
935 		chan->band_center_freq2 = 0;
936 
937 	chan->info |= le32_encode_bits(arg->mode, WMI_CHAN_INFO_MODE);
938 	if (arg->passive)
939 		chan->info |= cpu_to_le32(WMI_CHAN_INFO_PASSIVE);
940 	if (arg->allow_ibss)
941 		chan->info |= cpu_to_le32(WMI_CHAN_INFO_ADHOC_ALLOWED);
942 	if (arg->allow_ht)
943 		chan->info |= cpu_to_le32(WMI_CHAN_INFO_ALLOW_HT);
944 	if (arg->allow_vht)
945 		chan->info |= cpu_to_le32(WMI_CHAN_INFO_ALLOW_VHT);
946 	if (arg->allow_he)
947 		chan->info |= cpu_to_le32(WMI_CHAN_INFO_ALLOW_HE);
948 	if (arg->ht40plus)
949 		chan->info |= cpu_to_le32(WMI_CHAN_INFO_HT40_PLUS);
950 	if (arg->chan_radar)
951 		chan->info |= cpu_to_le32(WMI_CHAN_INFO_DFS);
952 	if (arg->freq2_radar)
953 		chan->info |= cpu_to_le32(WMI_CHAN_INFO_DFS_FREQ2);
954 
955 	chan->reg_info_1 = le32_encode_bits(arg->max_power,
956 					    WMI_CHAN_REG_INFO1_MAX_PWR) |
957 		le32_encode_bits(arg->max_reg_power,
958 				 WMI_CHAN_REG_INFO1_MAX_REG_PWR);
959 
960 	chan->reg_info_2 = le32_encode_bits(arg->max_antenna_gain,
961 					    WMI_CHAN_REG_INFO2_ANT_MAX) |
962 		le32_encode_bits(arg->max_power, WMI_CHAN_REG_INFO2_MAX_TX_PWR);
963 }
964 
965 int ath12k_wmi_vdev_start(struct ath12k *ar, struct wmi_vdev_start_req_arg *arg,
966 			  bool restart)
967 {
968 	struct ath12k_wmi_pdev *wmi = ar->wmi;
969 	struct wmi_vdev_start_request_cmd *cmd;
970 	struct sk_buff *skb;
971 	struct ath12k_wmi_channel_params *chan;
972 	struct wmi_tlv *tlv;
973 	void *ptr;
974 	int ret, len;
975 
976 	if (WARN_ON(arg->ssid_len > sizeof(cmd->ssid.ssid)))
977 		return -EINVAL;
978 
979 	len = sizeof(*cmd) + sizeof(*chan) + TLV_HDR_SIZE;
980 
981 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
982 	if (!skb)
983 		return -ENOMEM;
984 
985 	cmd = (struct wmi_vdev_start_request_cmd *)skb->data;
986 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_START_REQUEST_CMD,
987 						 sizeof(*cmd));
988 	cmd->vdev_id = cpu_to_le32(arg->vdev_id);
989 	cmd->beacon_interval = cpu_to_le32(arg->bcn_intval);
990 	cmd->bcn_tx_rate = cpu_to_le32(arg->bcn_tx_rate);
991 	cmd->dtim_period = cpu_to_le32(arg->dtim_period);
992 	cmd->num_noa_descriptors = cpu_to_le32(arg->num_noa_descriptors);
993 	cmd->preferred_rx_streams = cpu_to_le32(arg->pref_rx_streams);
994 	cmd->preferred_tx_streams = cpu_to_le32(arg->pref_tx_streams);
995 	cmd->cac_duration_ms = cpu_to_le32(arg->cac_duration_ms);
996 	cmd->regdomain = cpu_to_le32(arg->regdomain);
997 	cmd->he_ops = cpu_to_le32(arg->he_ops);
998 
999 	if (!restart) {
1000 		if (arg->ssid) {
1001 			cmd->ssid.ssid_len = cpu_to_le32(arg->ssid_len);
1002 			memcpy(cmd->ssid.ssid, arg->ssid, arg->ssid_len);
1003 		}
1004 		if (arg->hidden_ssid)
1005 			cmd->flags |= cpu_to_le32(WMI_VDEV_START_HIDDEN_SSID);
1006 		if (arg->pmf_enabled)
1007 			cmd->flags |= cpu_to_le32(WMI_VDEV_START_PMF_ENABLED);
1008 	}
1009 
1010 	cmd->flags |= cpu_to_le32(WMI_VDEV_START_LDPC_RX_ENABLED);
1011 
1012 	ptr = skb->data + sizeof(*cmd);
1013 	chan = ptr;
1014 
1015 	ath12k_wmi_put_wmi_channel(chan, arg);
1016 
1017 	chan->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_CHANNEL,
1018 						  sizeof(*chan));
1019 	ptr += sizeof(*chan);
1020 
1021 	tlv = ptr;
1022 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_STRUCT, 0);
1023 
1024 	/* Note: This is a nested TLV containing:
1025 	 * [wmi_tlv][wmi_p2p_noa_descriptor][wmi_tlv]..
1026 	 */
1027 
1028 	ptr += sizeof(*tlv);
1029 
1030 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI, "vdev %s id 0x%x freq 0x%x mode 0x%x\n",
1031 		   restart ? "restart" : "start", arg->vdev_id,
1032 		   arg->freq, arg->mode);
1033 
1034 	if (restart)
1035 		ret = ath12k_wmi_cmd_send(wmi, skb,
1036 					  WMI_VDEV_RESTART_REQUEST_CMDID);
1037 	else
1038 		ret = ath12k_wmi_cmd_send(wmi, skb,
1039 					  WMI_VDEV_START_REQUEST_CMDID);
1040 	if (ret) {
1041 		ath12k_warn(ar->ab, "failed to submit vdev_%s cmd\n",
1042 			    restart ? "restart" : "start");
1043 		dev_kfree_skb(skb);
1044 	}
1045 
1046 	return ret;
1047 }
1048 
1049 int ath12k_wmi_vdev_up(struct ath12k *ar, u32 vdev_id, u32 aid, const u8 *bssid)
1050 {
1051 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1052 	struct wmi_vdev_up_cmd *cmd;
1053 	struct sk_buff *skb;
1054 	int ret;
1055 
1056 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1057 	if (!skb)
1058 		return -ENOMEM;
1059 
1060 	cmd = (struct wmi_vdev_up_cmd *)skb->data;
1061 
1062 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_UP_CMD,
1063 						 sizeof(*cmd));
1064 	cmd->vdev_id = cpu_to_le32(vdev_id);
1065 	cmd->vdev_assoc_id = cpu_to_le32(aid);
1066 
1067 	ether_addr_copy(cmd->vdev_bssid.addr, bssid);
1068 
1069 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1070 		   "WMI mgmt vdev up id 0x%x assoc id %d bssid %pM\n",
1071 		   vdev_id, aid, bssid);
1072 
1073 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_VDEV_UP_CMDID);
1074 	if (ret) {
1075 		ath12k_warn(ar->ab, "failed to submit WMI_VDEV_UP cmd\n");
1076 		dev_kfree_skb(skb);
1077 	}
1078 
1079 	return ret;
1080 }
1081 
1082 int ath12k_wmi_send_peer_create_cmd(struct ath12k *ar,
1083 				    struct ath12k_wmi_peer_create_arg *arg)
1084 {
1085 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1086 	struct wmi_peer_create_cmd *cmd;
1087 	struct sk_buff *skb;
1088 	int ret;
1089 
1090 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1091 	if (!skb)
1092 		return -ENOMEM;
1093 
1094 	cmd = (struct wmi_peer_create_cmd *)skb->data;
1095 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PEER_CREATE_CMD,
1096 						 sizeof(*cmd));
1097 
1098 	ether_addr_copy(cmd->peer_macaddr.addr, arg->peer_addr);
1099 	cmd->peer_type = cpu_to_le32(arg->peer_type);
1100 	cmd->vdev_id = cpu_to_le32(arg->vdev_id);
1101 
1102 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1103 		   "WMI peer create vdev_id %d peer_addr %pM\n",
1104 		   arg->vdev_id, arg->peer_addr);
1105 
1106 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PEER_CREATE_CMDID);
1107 	if (ret) {
1108 		ath12k_warn(ar->ab, "failed to submit WMI_PEER_CREATE cmd\n");
1109 		dev_kfree_skb(skb);
1110 	}
1111 
1112 	return ret;
1113 }
1114 
1115 int ath12k_wmi_send_peer_delete_cmd(struct ath12k *ar,
1116 				    const u8 *peer_addr, u8 vdev_id)
1117 {
1118 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1119 	struct wmi_peer_delete_cmd *cmd;
1120 	struct sk_buff *skb;
1121 	int ret;
1122 
1123 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1124 	if (!skb)
1125 		return -ENOMEM;
1126 
1127 	cmd = (struct wmi_peer_delete_cmd *)skb->data;
1128 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PEER_DELETE_CMD,
1129 						 sizeof(*cmd));
1130 
1131 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1132 	cmd->vdev_id = cpu_to_le32(vdev_id);
1133 
1134 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1135 		   "WMI peer delete vdev_id %d peer_addr %pM\n",
1136 		   vdev_id,  peer_addr);
1137 
1138 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PEER_DELETE_CMDID);
1139 	if (ret) {
1140 		ath12k_warn(ar->ab, "failed to send WMI_PEER_DELETE cmd\n");
1141 		dev_kfree_skb(skb);
1142 	}
1143 
1144 	return ret;
1145 }
1146 
1147 int ath12k_wmi_send_pdev_set_regdomain(struct ath12k *ar,
1148 				       struct ath12k_wmi_pdev_set_regdomain_arg *arg)
1149 {
1150 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1151 	struct wmi_pdev_set_regdomain_cmd *cmd;
1152 	struct sk_buff *skb;
1153 	int ret;
1154 
1155 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1156 	if (!skb)
1157 		return -ENOMEM;
1158 
1159 	cmd = (struct wmi_pdev_set_regdomain_cmd *)skb->data;
1160 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_SET_REGDOMAIN_CMD,
1161 						 sizeof(*cmd));
1162 
1163 	cmd->reg_domain = cpu_to_le32(arg->current_rd_in_use);
1164 	cmd->reg_domain_2g = cpu_to_le32(arg->current_rd_2g);
1165 	cmd->reg_domain_5g = cpu_to_le32(arg->current_rd_5g);
1166 	cmd->conformance_test_limit_2g = cpu_to_le32(arg->ctl_2g);
1167 	cmd->conformance_test_limit_5g = cpu_to_le32(arg->ctl_5g);
1168 	cmd->dfs_domain = cpu_to_le32(arg->dfs_domain);
1169 	cmd->pdev_id = cpu_to_le32(arg->pdev_id);
1170 
1171 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1172 		   "WMI pdev regd rd %d rd2g %d rd5g %d domain %d pdev id %d\n",
1173 		   arg->current_rd_in_use, arg->current_rd_2g,
1174 		   arg->current_rd_5g, arg->dfs_domain, arg->pdev_id);
1175 
1176 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_REGDOMAIN_CMDID);
1177 	if (ret) {
1178 		ath12k_warn(ar->ab,
1179 			    "failed to send WMI_PDEV_SET_REGDOMAIN cmd\n");
1180 		dev_kfree_skb(skb);
1181 	}
1182 
1183 	return ret;
1184 }
1185 
1186 int ath12k_wmi_set_peer_param(struct ath12k *ar, const u8 *peer_addr,
1187 			      u32 vdev_id, u32 param_id, u32 param_val)
1188 {
1189 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1190 	struct wmi_peer_set_param_cmd *cmd;
1191 	struct sk_buff *skb;
1192 	int ret;
1193 
1194 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1195 	if (!skb)
1196 		return -ENOMEM;
1197 
1198 	cmd = (struct wmi_peer_set_param_cmd *)skb->data;
1199 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PEER_SET_PARAM_CMD,
1200 						 sizeof(*cmd));
1201 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1202 	cmd->vdev_id = cpu_to_le32(vdev_id);
1203 	cmd->param_id = cpu_to_le32(param_id);
1204 	cmd->param_value = cpu_to_le32(param_val);
1205 
1206 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1207 		   "WMI vdev %d peer 0x%pM set param %d value %d\n",
1208 		   vdev_id, peer_addr, param_id, param_val);
1209 
1210 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PEER_SET_PARAM_CMDID);
1211 	if (ret) {
1212 		ath12k_warn(ar->ab, "failed to send WMI_PEER_SET_PARAM cmd\n");
1213 		dev_kfree_skb(skb);
1214 	}
1215 
1216 	return ret;
1217 }
1218 
1219 int ath12k_wmi_send_peer_flush_tids_cmd(struct ath12k *ar,
1220 					u8 peer_addr[ETH_ALEN],
1221 					u32 peer_tid_bitmap,
1222 					u8 vdev_id)
1223 {
1224 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1225 	struct wmi_peer_flush_tids_cmd *cmd;
1226 	struct sk_buff *skb;
1227 	int ret;
1228 
1229 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1230 	if (!skb)
1231 		return -ENOMEM;
1232 
1233 	cmd = (struct wmi_peer_flush_tids_cmd *)skb->data;
1234 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PEER_FLUSH_TIDS_CMD,
1235 						 sizeof(*cmd));
1236 
1237 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1238 	cmd->peer_tid_bitmap = cpu_to_le32(peer_tid_bitmap);
1239 	cmd->vdev_id = cpu_to_le32(vdev_id);
1240 
1241 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1242 		   "WMI peer flush vdev_id %d peer_addr %pM tids %08x\n",
1243 		   vdev_id, peer_addr, peer_tid_bitmap);
1244 
1245 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PEER_FLUSH_TIDS_CMDID);
1246 	if (ret) {
1247 		ath12k_warn(ar->ab,
1248 			    "failed to send WMI_PEER_FLUSH_TIDS cmd\n");
1249 		dev_kfree_skb(skb);
1250 	}
1251 
1252 	return ret;
1253 }
1254 
1255 int ath12k_wmi_peer_rx_reorder_queue_setup(struct ath12k *ar,
1256 					   int vdev_id, const u8 *addr,
1257 					   dma_addr_t paddr, u8 tid,
1258 					   u8 ba_window_size_valid,
1259 					   u32 ba_window_size)
1260 {
1261 	struct wmi_peer_reorder_queue_setup_cmd *cmd;
1262 	struct sk_buff *skb;
1263 	int ret;
1264 
1265 	skb = ath12k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
1266 	if (!skb)
1267 		return -ENOMEM;
1268 
1269 	cmd = (struct wmi_peer_reorder_queue_setup_cmd *)skb->data;
1270 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_REORDER_QUEUE_SETUP_CMD,
1271 						 sizeof(*cmd));
1272 
1273 	ether_addr_copy(cmd->peer_macaddr.addr, addr);
1274 	cmd->vdev_id = cpu_to_le32(vdev_id);
1275 	cmd->tid = cpu_to_le32(tid);
1276 	cmd->queue_ptr_lo = cpu_to_le32(lower_32_bits(paddr));
1277 	cmd->queue_ptr_hi = cpu_to_le32(upper_32_bits(paddr));
1278 	cmd->queue_no = cpu_to_le32(tid);
1279 	cmd->ba_window_size_valid = cpu_to_le32(ba_window_size_valid);
1280 	cmd->ba_window_size = cpu_to_le32(ba_window_size);
1281 
1282 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1283 		   "wmi rx reorder queue setup addr %pM vdev_id %d tid %d\n",
1284 		   addr, vdev_id, tid);
1285 
1286 	ret = ath12k_wmi_cmd_send(ar->wmi, skb,
1287 				  WMI_PEER_REORDER_QUEUE_SETUP_CMDID);
1288 	if (ret) {
1289 		ath12k_warn(ar->ab,
1290 			    "failed to send WMI_PEER_REORDER_QUEUE_SETUP\n");
1291 		dev_kfree_skb(skb);
1292 	}
1293 
1294 	return ret;
1295 }
1296 
1297 int
1298 ath12k_wmi_rx_reord_queue_remove(struct ath12k *ar,
1299 				 struct ath12k_wmi_rx_reorder_queue_remove_arg *arg)
1300 {
1301 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1302 	struct wmi_peer_reorder_queue_remove_cmd *cmd;
1303 	struct sk_buff *skb;
1304 	int ret;
1305 
1306 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1307 	if (!skb)
1308 		return -ENOMEM;
1309 
1310 	cmd = (struct wmi_peer_reorder_queue_remove_cmd *)skb->data;
1311 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_REORDER_QUEUE_REMOVE_CMD,
1312 						 sizeof(*cmd));
1313 
1314 	ether_addr_copy(cmd->peer_macaddr.addr, arg->peer_macaddr);
1315 	cmd->vdev_id = cpu_to_le32(arg->vdev_id);
1316 	cmd->tid_mask = cpu_to_le32(arg->peer_tid_bitmap);
1317 
1318 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1319 		   "%s: peer_macaddr %pM vdev_id %d, tid_map %d", __func__,
1320 		   arg->peer_macaddr, arg->vdev_id, arg->peer_tid_bitmap);
1321 
1322 	ret = ath12k_wmi_cmd_send(wmi, skb,
1323 				  WMI_PEER_REORDER_QUEUE_REMOVE_CMDID);
1324 	if (ret) {
1325 		ath12k_warn(ar->ab,
1326 			    "failed to send WMI_PEER_REORDER_QUEUE_REMOVE_CMDID");
1327 		dev_kfree_skb(skb);
1328 	}
1329 
1330 	return ret;
1331 }
1332 
1333 int ath12k_wmi_pdev_set_param(struct ath12k *ar, u32 param_id,
1334 			      u32 param_value, u8 pdev_id)
1335 {
1336 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1337 	struct wmi_pdev_set_param_cmd *cmd;
1338 	struct sk_buff *skb;
1339 	int ret;
1340 
1341 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1342 	if (!skb)
1343 		return -ENOMEM;
1344 
1345 	cmd = (struct wmi_pdev_set_param_cmd *)skb->data;
1346 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_SET_PARAM_CMD,
1347 						 sizeof(*cmd));
1348 	cmd->pdev_id = cpu_to_le32(pdev_id);
1349 	cmd->param_id = cpu_to_le32(param_id);
1350 	cmd->param_value = cpu_to_le32(param_value);
1351 
1352 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1353 		   "WMI pdev set param %d pdev id %d value %d\n",
1354 		   param_id, pdev_id, param_value);
1355 
1356 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PDEV_SET_PARAM_CMDID);
1357 	if (ret) {
1358 		ath12k_warn(ar->ab, "failed to send WMI_PDEV_SET_PARAM cmd\n");
1359 		dev_kfree_skb(skb);
1360 	}
1361 
1362 	return ret;
1363 }
1364 
1365 int ath12k_wmi_pdev_set_ps_mode(struct ath12k *ar, int vdev_id, u32 enable)
1366 {
1367 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1368 	struct wmi_pdev_set_ps_mode_cmd *cmd;
1369 	struct sk_buff *skb;
1370 	int ret;
1371 
1372 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1373 	if (!skb)
1374 		return -ENOMEM;
1375 
1376 	cmd = (struct wmi_pdev_set_ps_mode_cmd *)skb->data;
1377 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_STA_POWERSAVE_MODE_CMD,
1378 						 sizeof(*cmd));
1379 	cmd->vdev_id = cpu_to_le32(vdev_id);
1380 	cmd->sta_ps_mode = cpu_to_le32(enable);
1381 
1382 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1383 		   "WMI vdev set psmode %d vdev id %d\n",
1384 		   enable, vdev_id);
1385 
1386 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_STA_POWERSAVE_MODE_CMDID);
1387 	if (ret) {
1388 		ath12k_warn(ar->ab, "failed to send WMI_PDEV_SET_PARAM cmd\n");
1389 		dev_kfree_skb(skb);
1390 	}
1391 
1392 	return ret;
1393 }
1394 
1395 int ath12k_wmi_pdev_suspend(struct ath12k *ar, u32 suspend_opt,
1396 			    u32 pdev_id)
1397 {
1398 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1399 	struct wmi_pdev_suspend_cmd *cmd;
1400 	struct sk_buff *skb;
1401 	int ret;
1402 
1403 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1404 	if (!skb)
1405 		return -ENOMEM;
1406 
1407 	cmd = (struct wmi_pdev_suspend_cmd *)skb->data;
1408 
1409 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_SUSPEND_CMD,
1410 						 sizeof(*cmd));
1411 
1412 	cmd->suspend_opt = cpu_to_le32(suspend_opt);
1413 	cmd->pdev_id = cpu_to_le32(pdev_id);
1414 
1415 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1416 		   "WMI pdev suspend pdev_id %d\n", pdev_id);
1417 
1418 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PDEV_SUSPEND_CMDID);
1419 	if (ret) {
1420 		ath12k_warn(ar->ab, "failed to send WMI_PDEV_SUSPEND cmd\n");
1421 		dev_kfree_skb(skb);
1422 	}
1423 
1424 	return ret;
1425 }
1426 
1427 int ath12k_wmi_pdev_resume(struct ath12k *ar, u32 pdev_id)
1428 {
1429 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1430 	struct wmi_pdev_resume_cmd *cmd;
1431 	struct sk_buff *skb;
1432 	int ret;
1433 
1434 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1435 	if (!skb)
1436 		return -ENOMEM;
1437 
1438 	cmd = (struct wmi_pdev_resume_cmd *)skb->data;
1439 
1440 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_RESUME_CMD,
1441 						 sizeof(*cmd));
1442 	cmd->pdev_id = cpu_to_le32(pdev_id);
1443 
1444 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1445 		   "WMI pdev resume pdev id %d\n", pdev_id);
1446 
1447 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PDEV_RESUME_CMDID);
1448 	if (ret) {
1449 		ath12k_warn(ar->ab, "failed to send WMI_PDEV_RESUME cmd\n");
1450 		dev_kfree_skb(skb);
1451 	}
1452 
1453 	return ret;
1454 }
1455 
1456 /* TODO FW Support for the cmd is not available yet.
1457  * Can be tested once the command and corresponding
1458  * event is implemented in FW
1459  */
1460 int ath12k_wmi_pdev_bss_chan_info_request(struct ath12k *ar,
1461 					  enum wmi_bss_chan_info_req_type type)
1462 {
1463 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1464 	struct wmi_pdev_bss_chan_info_req_cmd *cmd;
1465 	struct sk_buff *skb;
1466 	int ret;
1467 
1468 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1469 	if (!skb)
1470 		return -ENOMEM;
1471 
1472 	cmd = (struct wmi_pdev_bss_chan_info_req_cmd *)skb->data;
1473 
1474 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_BSS_CHAN_INFO_REQUEST,
1475 						 sizeof(*cmd));
1476 	cmd->req_type = cpu_to_le32(type);
1477 
1478 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1479 		   "WMI bss chan info req type %d\n", type);
1480 
1481 	ret = ath12k_wmi_cmd_send(wmi, skb,
1482 				  WMI_PDEV_BSS_CHAN_INFO_REQUEST_CMDID);
1483 	if (ret) {
1484 		ath12k_warn(ar->ab,
1485 			    "failed to send WMI_PDEV_BSS_CHAN_INFO_REQUEST cmd\n");
1486 		dev_kfree_skb(skb);
1487 	}
1488 
1489 	return ret;
1490 }
1491 
1492 int ath12k_wmi_send_set_ap_ps_param_cmd(struct ath12k *ar, u8 *peer_addr,
1493 					struct ath12k_wmi_ap_ps_arg *arg)
1494 {
1495 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1496 	struct wmi_ap_ps_peer_cmd *cmd;
1497 	struct sk_buff *skb;
1498 	int ret;
1499 
1500 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1501 	if (!skb)
1502 		return -ENOMEM;
1503 
1504 	cmd = (struct wmi_ap_ps_peer_cmd *)skb->data;
1505 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_AP_PS_PEER_CMD,
1506 						 sizeof(*cmd));
1507 
1508 	cmd->vdev_id = cpu_to_le32(arg->vdev_id);
1509 	ether_addr_copy(cmd->peer_macaddr.addr, peer_addr);
1510 	cmd->param = cpu_to_le32(arg->param);
1511 	cmd->value = cpu_to_le32(arg->value);
1512 
1513 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1514 		   "WMI set ap ps vdev id %d peer %pM param %d value %d\n",
1515 		   arg->vdev_id, peer_addr, arg->param, arg->value);
1516 
1517 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_AP_PS_PEER_PARAM_CMDID);
1518 	if (ret) {
1519 		ath12k_warn(ar->ab,
1520 			    "failed to send WMI_AP_PS_PEER_PARAM_CMDID\n");
1521 		dev_kfree_skb(skb);
1522 	}
1523 
1524 	return ret;
1525 }
1526 
1527 int ath12k_wmi_set_sta_ps_param(struct ath12k *ar, u32 vdev_id,
1528 				u32 param, u32 param_value)
1529 {
1530 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1531 	struct wmi_sta_powersave_param_cmd *cmd;
1532 	struct sk_buff *skb;
1533 	int ret;
1534 
1535 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1536 	if (!skb)
1537 		return -ENOMEM;
1538 
1539 	cmd = (struct wmi_sta_powersave_param_cmd *)skb->data;
1540 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_STA_POWERSAVE_PARAM_CMD,
1541 						 sizeof(*cmd));
1542 
1543 	cmd->vdev_id = cpu_to_le32(vdev_id);
1544 	cmd->param = cpu_to_le32(param);
1545 	cmd->value = cpu_to_le32(param_value);
1546 
1547 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1548 		   "WMI set sta ps vdev_id %d param %d value %d\n",
1549 		   vdev_id, param, param_value);
1550 
1551 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_STA_POWERSAVE_PARAM_CMDID);
1552 	if (ret) {
1553 		ath12k_warn(ar->ab, "failed to send WMI_STA_POWERSAVE_PARAM_CMDID");
1554 		dev_kfree_skb(skb);
1555 	}
1556 
1557 	return ret;
1558 }
1559 
1560 int ath12k_wmi_force_fw_hang_cmd(struct ath12k *ar, u32 type, u32 delay_time_ms)
1561 {
1562 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1563 	struct wmi_force_fw_hang_cmd *cmd;
1564 	struct sk_buff *skb;
1565 	int ret, len;
1566 
1567 	len = sizeof(*cmd);
1568 
1569 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
1570 	if (!skb)
1571 		return -ENOMEM;
1572 
1573 	cmd = (struct wmi_force_fw_hang_cmd *)skb->data;
1574 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_FORCE_FW_HANG_CMD,
1575 						 len);
1576 
1577 	cmd->type = cpu_to_le32(type);
1578 	cmd->delay_time_ms = cpu_to_le32(delay_time_ms);
1579 
1580 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_FORCE_FW_HANG_CMDID);
1581 
1582 	if (ret) {
1583 		ath12k_warn(ar->ab, "Failed to send WMI_FORCE_FW_HANG_CMDID");
1584 		dev_kfree_skb(skb);
1585 	}
1586 	return ret;
1587 }
1588 
1589 int ath12k_wmi_vdev_set_param_cmd(struct ath12k *ar, u32 vdev_id,
1590 				  u32 param_id, u32 param_value)
1591 {
1592 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1593 	struct wmi_vdev_set_param_cmd *cmd;
1594 	struct sk_buff *skb;
1595 	int ret;
1596 
1597 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1598 	if (!skb)
1599 		return -ENOMEM;
1600 
1601 	cmd = (struct wmi_vdev_set_param_cmd *)skb->data;
1602 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_SET_PARAM_CMD,
1603 						 sizeof(*cmd));
1604 
1605 	cmd->vdev_id = cpu_to_le32(vdev_id);
1606 	cmd->param_id = cpu_to_le32(param_id);
1607 	cmd->param_value = cpu_to_le32(param_value);
1608 
1609 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1610 		   "WMI vdev id 0x%x set param %d value %d\n",
1611 		   vdev_id, param_id, param_value);
1612 
1613 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_VDEV_SET_PARAM_CMDID);
1614 	if (ret) {
1615 		ath12k_warn(ar->ab,
1616 			    "failed to send WMI_VDEV_SET_PARAM_CMDID\n");
1617 		dev_kfree_skb(skb);
1618 	}
1619 
1620 	return ret;
1621 }
1622 
1623 int ath12k_wmi_send_pdev_temperature_cmd(struct ath12k *ar)
1624 {
1625 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1626 	struct wmi_get_pdev_temperature_cmd *cmd;
1627 	struct sk_buff *skb;
1628 	int ret;
1629 
1630 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1631 	if (!skb)
1632 		return -ENOMEM;
1633 
1634 	cmd = (struct wmi_get_pdev_temperature_cmd *)skb->data;
1635 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_GET_TEMPERATURE_CMD,
1636 						 sizeof(*cmd));
1637 	cmd->pdev_id = cpu_to_le32(ar->pdev->pdev_id);
1638 
1639 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1640 		   "WMI pdev get temperature for pdev_id %d\n", ar->pdev->pdev_id);
1641 
1642 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PDEV_GET_TEMPERATURE_CMDID);
1643 	if (ret) {
1644 		ath12k_warn(ar->ab, "failed to send WMI_PDEV_GET_TEMPERATURE cmd\n");
1645 		dev_kfree_skb(skb);
1646 	}
1647 
1648 	return ret;
1649 }
1650 
1651 int ath12k_wmi_send_bcn_offload_control_cmd(struct ath12k *ar,
1652 					    u32 vdev_id, u32 bcn_ctrl_op)
1653 {
1654 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1655 	struct wmi_bcn_offload_ctrl_cmd *cmd;
1656 	struct sk_buff *skb;
1657 	int ret;
1658 
1659 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
1660 	if (!skb)
1661 		return -ENOMEM;
1662 
1663 	cmd = (struct wmi_bcn_offload_ctrl_cmd *)skb->data;
1664 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_BCN_OFFLOAD_CTRL_CMD,
1665 						 sizeof(*cmd));
1666 
1667 	cmd->vdev_id = cpu_to_le32(vdev_id);
1668 	cmd->bcn_ctrl_op = cpu_to_le32(bcn_ctrl_op);
1669 
1670 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1671 		   "WMI bcn ctrl offload vdev id %d ctrl_op %d\n",
1672 		   vdev_id, bcn_ctrl_op);
1673 
1674 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_BCN_OFFLOAD_CTRL_CMDID);
1675 	if (ret) {
1676 		ath12k_warn(ar->ab,
1677 			    "failed to send WMI_BCN_OFFLOAD_CTRL_CMDID\n");
1678 		dev_kfree_skb(skb);
1679 	}
1680 
1681 	return ret;
1682 }
1683 
1684 int ath12k_wmi_bcn_tmpl(struct ath12k *ar, u32 vdev_id,
1685 			struct ieee80211_mutable_offsets *offs,
1686 			struct sk_buff *bcn)
1687 {
1688 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1689 	struct wmi_bcn_tmpl_cmd *cmd;
1690 	struct ath12k_wmi_bcn_prb_info_params *bcn_prb_info;
1691 	struct wmi_tlv *tlv;
1692 	struct sk_buff *skb;
1693 	void *ptr;
1694 	int ret, len;
1695 	size_t aligned_len = roundup(bcn->len, 4);
1696 
1697 	len = sizeof(*cmd) + sizeof(*bcn_prb_info) + TLV_HDR_SIZE + aligned_len;
1698 
1699 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
1700 	if (!skb)
1701 		return -ENOMEM;
1702 
1703 	cmd = (struct wmi_bcn_tmpl_cmd *)skb->data;
1704 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_BCN_TMPL_CMD,
1705 						 sizeof(*cmd));
1706 	cmd->vdev_id = cpu_to_le32(vdev_id);
1707 	cmd->tim_ie_offset = cpu_to_le32(offs->tim_offset);
1708 	cmd->csa_switch_count_offset = cpu_to_le32(offs->cntdwn_counter_offs[0]);
1709 	cmd->ext_csa_switch_count_offset = cpu_to_le32(offs->cntdwn_counter_offs[1]);
1710 	cmd->buf_len = cpu_to_le32(bcn->len);
1711 
1712 	ptr = skb->data + sizeof(*cmd);
1713 
1714 	bcn_prb_info = ptr;
1715 	len = sizeof(*bcn_prb_info);
1716 	bcn_prb_info->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_BCN_PRB_INFO,
1717 							  len);
1718 	bcn_prb_info->caps = 0;
1719 	bcn_prb_info->erp = 0;
1720 
1721 	ptr += sizeof(*bcn_prb_info);
1722 
1723 	tlv = ptr;
1724 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_BYTE, aligned_len);
1725 	memcpy(tlv->value, bcn->data, bcn->len);
1726 
1727 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_BCN_TMPL_CMDID);
1728 	if (ret) {
1729 		ath12k_warn(ar->ab, "failed to send WMI_BCN_TMPL_CMDID\n");
1730 		dev_kfree_skb(skb);
1731 	}
1732 
1733 	return ret;
1734 }
1735 
1736 int ath12k_wmi_vdev_install_key(struct ath12k *ar,
1737 				struct wmi_vdev_install_key_arg *arg)
1738 {
1739 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1740 	struct wmi_vdev_install_key_cmd *cmd;
1741 	struct wmi_tlv *tlv;
1742 	struct sk_buff *skb;
1743 	int ret, len, key_len_aligned;
1744 
1745 	/* WMI_TAG_ARRAY_BYTE needs to be aligned with 4, the actual key
1746 	 * length is specified in cmd->key_len.
1747 	 */
1748 	key_len_aligned = roundup(arg->key_len, 4);
1749 
1750 	len = sizeof(*cmd) + TLV_HDR_SIZE + key_len_aligned;
1751 
1752 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
1753 	if (!skb)
1754 		return -ENOMEM;
1755 
1756 	cmd = (struct wmi_vdev_install_key_cmd *)skb->data;
1757 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_INSTALL_KEY_CMD,
1758 						 sizeof(*cmd));
1759 	cmd->vdev_id = cpu_to_le32(arg->vdev_id);
1760 	ether_addr_copy(cmd->peer_macaddr.addr, arg->macaddr);
1761 	cmd->key_idx = cpu_to_le32(arg->key_idx);
1762 	cmd->key_flags = cpu_to_le32(arg->key_flags);
1763 	cmd->key_cipher = cpu_to_le32(arg->key_cipher);
1764 	cmd->key_len = cpu_to_le32(arg->key_len);
1765 	cmd->key_txmic_len = cpu_to_le32(arg->key_txmic_len);
1766 	cmd->key_rxmic_len = cpu_to_le32(arg->key_rxmic_len);
1767 
1768 	if (arg->key_rsc_counter)
1769 		cmd->key_rsc_counter = cpu_to_le64(arg->key_rsc_counter);
1770 
1771 	tlv = (struct wmi_tlv *)(skb->data + sizeof(*cmd));
1772 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_BYTE, key_len_aligned);
1773 	memcpy(tlv->value, arg->key_data, arg->key_len);
1774 
1775 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
1776 		   "WMI vdev install key idx %d cipher %d len %d\n",
1777 		   arg->key_idx, arg->key_cipher, arg->key_len);
1778 
1779 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_VDEV_INSTALL_KEY_CMDID);
1780 	if (ret) {
1781 		ath12k_warn(ar->ab,
1782 			    "failed to send WMI_VDEV_INSTALL_KEY cmd\n");
1783 		dev_kfree_skb(skb);
1784 	}
1785 
1786 	return ret;
1787 }
1788 
1789 static void ath12k_wmi_copy_peer_flags(struct wmi_peer_assoc_complete_cmd *cmd,
1790 				       struct ath12k_wmi_peer_assoc_arg *arg,
1791 				       bool hw_crypto_disabled)
1792 {
1793 	cmd->peer_flags = 0;
1794 
1795 	if (arg->is_wme_set) {
1796 		if (arg->qos_flag)
1797 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_QOS);
1798 		if (arg->apsd_flag)
1799 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_APSD);
1800 		if (arg->ht_flag)
1801 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_HT);
1802 		if (arg->bw_40)
1803 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_40MHZ);
1804 		if (arg->bw_80)
1805 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_80MHZ);
1806 		if (arg->bw_160)
1807 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_160MHZ);
1808 
1809 		/* Typically if STBC is enabled for VHT it should be enabled
1810 		 * for HT as well
1811 		 **/
1812 		if (arg->stbc_flag)
1813 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_STBC);
1814 
1815 		/* Typically if LDPC is enabled for VHT it should be enabled
1816 		 * for HT as well
1817 		 **/
1818 		if (arg->ldpc_flag)
1819 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_LDPC);
1820 
1821 		if (arg->static_mimops_flag)
1822 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_STATIC_MIMOPS);
1823 		if (arg->dynamic_mimops_flag)
1824 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_DYN_MIMOPS);
1825 		if (arg->spatial_mux_flag)
1826 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_SPATIAL_MUX);
1827 		if (arg->vht_flag)
1828 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_VHT);
1829 		if (arg->he_flag)
1830 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_HE);
1831 		if (arg->twt_requester)
1832 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_TWT_REQ);
1833 		if (arg->twt_responder)
1834 			cmd->peer_flags |= cpu_to_le32(WMI_PEER_TWT_RESP);
1835 	}
1836 
1837 	/* Suppress authorization for all AUTH modes that need 4-way handshake
1838 	 * (during re-association).
1839 	 * Authorization will be done for these modes on key installation.
1840 	 */
1841 	if (arg->auth_flag)
1842 		cmd->peer_flags |= cpu_to_le32(WMI_PEER_AUTH);
1843 	if (arg->need_ptk_4_way) {
1844 		cmd->peer_flags |= cpu_to_le32(WMI_PEER_NEED_PTK_4_WAY);
1845 		if (!hw_crypto_disabled)
1846 			cmd->peer_flags &= cpu_to_le32(~WMI_PEER_AUTH);
1847 	}
1848 	if (arg->need_gtk_2_way)
1849 		cmd->peer_flags |= cpu_to_le32(WMI_PEER_NEED_GTK_2_WAY);
1850 	/* safe mode bypass the 4-way handshake */
1851 	if (arg->safe_mode_enabled)
1852 		cmd->peer_flags &= cpu_to_le32(~(WMI_PEER_NEED_PTK_4_WAY |
1853 						 WMI_PEER_NEED_GTK_2_WAY));
1854 
1855 	if (arg->is_pmf_enabled)
1856 		cmd->peer_flags |= cpu_to_le32(WMI_PEER_PMF);
1857 
1858 	/* Disable AMSDU for station transmit, if user configures it */
1859 	/* Disable AMSDU for AP transmit to 11n Stations, if user configures
1860 	 * it
1861 	 * if (arg->amsdu_disable) Add after FW support
1862 	 **/
1863 
1864 	/* Target asserts if node is marked HT and all MCS is set to 0.
1865 	 * Mark the node as non-HT if all the mcs rates are disabled through
1866 	 * iwpriv
1867 	 **/
1868 	if (arg->peer_ht_rates.num_rates == 0)
1869 		cmd->peer_flags &= cpu_to_le32(~WMI_PEER_HT);
1870 }
1871 
1872 int ath12k_wmi_send_peer_assoc_cmd(struct ath12k *ar,
1873 				   struct ath12k_wmi_peer_assoc_arg *arg)
1874 {
1875 	struct ath12k_wmi_pdev *wmi = ar->wmi;
1876 	struct wmi_peer_assoc_complete_cmd *cmd;
1877 	struct ath12k_wmi_vht_rate_set_params *mcs;
1878 	struct ath12k_wmi_he_rate_set_params *he_mcs;
1879 	struct sk_buff *skb;
1880 	struct wmi_tlv *tlv;
1881 	void *ptr;
1882 	u32 peer_legacy_rates_align;
1883 	u32 peer_ht_rates_align;
1884 	int i, ret, len;
1885 
1886 	peer_legacy_rates_align = roundup(arg->peer_legacy_rates.num_rates,
1887 					  sizeof(u32));
1888 	peer_ht_rates_align = roundup(arg->peer_ht_rates.num_rates,
1889 				      sizeof(u32));
1890 
1891 	len = sizeof(*cmd) +
1892 	      TLV_HDR_SIZE + (peer_legacy_rates_align * sizeof(u8)) +
1893 	      TLV_HDR_SIZE + (peer_ht_rates_align * sizeof(u8)) +
1894 	      sizeof(*mcs) + TLV_HDR_SIZE +
1895 	      (sizeof(*he_mcs) * arg->peer_he_mcs_count);
1896 
1897 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
1898 	if (!skb)
1899 		return -ENOMEM;
1900 
1901 	ptr = skb->data;
1902 
1903 	cmd = ptr;
1904 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PEER_ASSOC_COMPLETE_CMD,
1905 						 sizeof(*cmd));
1906 
1907 	cmd->vdev_id = cpu_to_le32(arg->vdev_id);
1908 
1909 	cmd->peer_new_assoc = cpu_to_le32(arg->peer_new_assoc);
1910 	cmd->peer_associd = cpu_to_le32(arg->peer_associd);
1911 
1912 	ath12k_wmi_copy_peer_flags(cmd, arg,
1913 				   test_bit(ATH12K_FLAG_HW_CRYPTO_DISABLED,
1914 					    &ar->ab->dev_flags));
1915 
1916 	ether_addr_copy(cmd->peer_macaddr.addr, arg->peer_mac);
1917 
1918 	cmd->peer_rate_caps = cpu_to_le32(arg->peer_rate_caps);
1919 	cmd->peer_caps = cpu_to_le32(arg->peer_caps);
1920 	cmd->peer_listen_intval = cpu_to_le32(arg->peer_listen_intval);
1921 	cmd->peer_ht_caps = cpu_to_le32(arg->peer_ht_caps);
1922 	cmd->peer_max_mpdu = cpu_to_le32(arg->peer_max_mpdu);
1923 	cmd->peer_mpdu_density = cpu_to_le32(arg->peer_mpdu_density);
1924 	cmd->peer_vht_caps = cpu_to_le32(arg->peer_vht_caps);
1925 	cmd->peer_phymode = cpu_to_le32(arg->peer_phymode);
1926 
1927 	/* Update 11ax capabilities */
1928 	cmd->peer_he_cap_info = cpu_to_le32(arg->peer_he_cap_macinfo[0]);
1929 	cmd->peer_he_cap_info_ext = cpu_to_le32(arg->peer_he_cap_macinfo[1]);
1930 	cmd->peer_he_cap_info_internal = cpu_to_le32(arg->peer_he_cap_macinfo_internal);
1931 	cmd->peer_he_caps_6ghz = cpu_to_le32(arg->peer_he_caps_6ghz);
1932 	cmd->peer_he_ops = cpu_to_le32(arg->peer_he_ops);
1933 	for (i = 0; i < WMI_MAX_HECAP_PHY_SIZE; i++)
1934 		cmd->peer_he_cap_phy[i] =
1935 			cpu_to_le32(arg->peer_he_cap_phyinfo[i]);
1936 	cmd->peer_ppet.numss_m1 = cpu_to_le32(arg->peer_ppet.numss_m1);
1937 	cmd->peer_ppet.ru_info = cpu_to_le32(arg->peer_ppet.ru_bit_mask);
1938 	for (i = 0; i < WMI_MAX_NUM_SS; i++)
1939 		cmd->peer_ppet.ppet16_ppet8_ru3_ru0[i] =
1940 			cpu_to_le32(arg->peer_ppet.ppet16_ppet8_ru3_ru0[i]);
1941 
1942 	/* Update peer legacy rate information */
1943 	ptr += sizeof(*cmd);
1944 
1945 	tlv = ptr;
1946 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_BYTE, peer_legacy_rates_align);
1947 
1948 	ptr += TLV_HDR_SIZE;
1949 
1950 	cmd->num_peer_legacy_rates = cpu_to_le32(arg->peer_legacy_rates.num_rates);
1951 	memcpy(ptr, arg->peer_legacy_rates.rates,
1952 	       arg->peer_legacy_rates.num_rates);
1953 
1954 	/* Update peer HT rate information */
1955 	ptr += peer_legacy_rates_align;
1956 
1957 	tlv = ptr;
1958 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_BYTE, peer_ht_rates_align);
1959 	ptr += TLV_HDR_SIZE;
1960 	cmd->num_peer_ht_rates = cpu_to_le32(arg->peer_ht_rates.num_rates);
1961 	memcpy(ptr, arg->peer_ht_rates.rates,
1962 	       arg->peer_ht_rates.num_rates);
1963 
1964 	/* VHT Rates */
1965 	ptr += peer_ht_rates_align;
1966 
1967 	mcs = ptr;
1968 
1969 	mcs->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VHT_RATE_SET,
1970 						 sizeof(*mcs));
1971 
1972 	cmd->peer_nss = cpu_to_le32(arg->peer_nss);
1973 
1974 	/* Update bandwidth-NSS mapping */
1975 	cmd->peer_bw_rxnss_override = 0;
1976 	cmd->peer_bw_rxnss_override |= cpu_to_le32(arg->peer_bw_rxnss_override);
1977 
1978 	if (arg->vht_capable) {
1979 		mcs->rx_max_rate = cpu_to_le32(arg->rx_max_rate);
1980 		mcs->rx_mcs_set = cpu_to_le32(arg->rx_mcs_set);
1981 		mcs->tx_max_rate = cpu_to_le32(arg->tx_max_rate);
1982 		mcs->tx_mcs_set = cpu_to_le32(arg->tx_mcs_set);
1983 	}
1984 
1985 	/* HE Rates */
1986 	cmd->peer_he_mcs = cpu_to_le32(arg->peer_he_mcs_count);
1987 	cmd->min_data_rate = cpu_to_le32(arg->min_data_rate);
1988 
1989 	ptr += sizeof(*mcs);
1990 
1991 	len = arg->peer_he_mcs_count * sizeof(*he_mcs);
1992 
1993 	tlv = ptr;
1994 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_STRUCT, len);
1995 	ptr += TLV_HDR_SIZE;
1996 
1997 	/* Loop through the HE rate set */
1998 	for (i = 0; i < arg->peer_he_mcs_count; i++) {
1999 		he_mcs = ptr;
2000 		he_mcs->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_HE_RATE_SET,
2001 							    sizeof(*he_mcs));
2002 
2003 		he_mcs->rx_mcs_set = cpu_to_le32(arg->peer_he_rx_mcs_set[i]);
2004 		he_mcs->tx_mcs_set = cpu_to_le32(arg->peer_he_tx_mcs_set[i]);
2005 		ptr += sizeof(*he_mcs);
2006 	}
2007 
2008 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2009 		   "wmi peer assoc vdev id %d assoc id %d peer mac %pM peer_flags %x rate_caps %x peer_caps %x listen_intval %d ht_caps %x max_mpdu %d nss %d phymode %d peer_mpdu_density %d vht_caps %x he cap_info %x he ops %x he cap_info_ext %x he phy %x %x %x peer_bw_rxnss_override %x\n",
2010 		   cmd->vdev_id, cmd->peer_associd, arg->peer_mac,
2011 		   cmd->peer_flags, cmd->peer_rate_caps, cmd->peer_caps,
2012 		   cmd->peer_listen_intval, cmd->peer_ht_caps,
2013 		   cmd->peer_max_mpdu, cmd->peer_nss, cmd->peer_phymode,
2014 		   cmd->peer_mpdu_density,
2015 		   cmd->peer_vht_caps, cmd->peer_he_cap_info,
2016 		   cmd->peer_he_ops, cmd->peer_he_cap_info_ext,
2017 		   cmd->peer_he_cap_phy[0], cmd->peer_he_cap_phy[1],
2018 		   cmd->peer_he_cap_phy[2],
2019 		   cmd->peer_bw_rxnss_override);
2020 
2021 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_PEER_ASSOC_CMDID);
2022 	if (ret) {
2023 		ath12k_warn(ar->ab,
2024 			    "failed to send WMI_PEER_ASSOC_CMDID\n");
2025 		dev_kfree_skb(skb);
2026 	}
2027 
2028 	return ret;
2029 }
2030 
2031 void ath12k_wmi_start_scan_init(struct ath12k *ar,
2032 				struct ath12k_wmi_scan_req_arg *arg)
2033 {
2034 	/* setup commonly used values */
2035 	arg->scan_req_id = 1;
2036 	arg->scan_priority = WMI_SCAN_PRIORITY_LOW;
2037 	arg->dwell_time_active = 50;
2038 	arg->dwell_time_active_2g = 0;
2039 	arg->dwell_time_passive = 150;
2040 	arg->dwell_time_active_6g = 40;
2041 	arg->dwell_time_passive_6g = 30;
2042 	arg->min_rest_time = 50;
2043 	arg->max_rest_time = 500;
2044 	arg->repeat_probe_time = 0;
2045 	arg->probe_spacing_time = 0;
2046 	arg->idle_time = 0;
2047 	arg->max_scan_time = 20000;
2048 	arg->probe_delay = 5;
2049 	arg->notify_scan_events = WMI_SCAN_EVENT_STARTED |
2050 				  WMI_SCAN_EVENT_COMPLETED |
2051 				  WMI_SCAN_EVENT_BSS_CHANNEL |
2052 				  WMI_SCAN_EVENT_FOREIGN_CHAN |
2053 				  WMI_SCAN_EVENT_DEQUEUED;
2054 	arg->scan_flags |= WMI_SCAN_CHAN_STAT_EVENT;
2055 	arg->num_bssid = 1;
2056 
2057 	/* fill bssid_list[0] with 0xff, otherwise bssid and RA will be
2058 	 * ZEROs in probe request
2059 	 */
2060 	eth_broadcast_addr(arg->bssid_list[0].addr);
2061 }
2062 
2063 static void ath12k_wmi_copy_scan_event_cntrl_flags(struct wmi_start_scan_cmd *cmd,
2064 						   struct ath12k_wmi_scan_req_arg *arg)
2065 {
2066 	/* Scan events subscription */
2067 	if (arg->scan_ev_started)
2068 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_STARTED);
2069 	if (arg->scan_ev_completed)
2070 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_COMPLETED);
2071 	if (arg->scan_ev_bss_chan)
2072 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_BSS_CHANNEL);
2073 	if (arg->scan_ev_foreign_chan)
2074 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_FOREIGN_CHAN);
2075 	if (arg->scan_ev_dequeued)
2076 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_DEQUEUED);
2077 	if (arg->scan_ev_preempted)
2078 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_PREEMPTED);
2079 	if (arg->scan_ev_start_failed)
2080 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_START_FAILED);
2081 	if (arg->scan_ev_restarted)
2082 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_RESTARTED);
2083 	if (arg->scan_ev_foreign_chn_exit)
2084 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_FOREIGN_CHAN_EXIT);
2085 	if (arg->scan_ev_suspended)
2086 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_SUSPENDED);
2087 	if (arg->scan_ev_resumed)
2088 		cmd->notify_scan_events |= cpu_to_le32(WMI_SCAN_EVENT_RESUMED);
2089 
2090 	/** Set scan control flags */
2091 	cmd->scan_ctrl_flags = 0;
2092 	if (arg->scan_f_passive)
2093 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_FLAG_PASSIVE);
2094 	if (arg->scan_f_strict_passive_pch)
2095 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_FLAG_STRICT_PASSIVE_ON_PCHN);
2096 	if (arg->scan_f_promisc_mode)
2097 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_FILTER_PROMISCUOS);
2098 	if (arg->scan_f_capture_phy_err)
2099 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_CAPTURE_PHY_ERROR);
2100 	if (arg->scan_f_half_rate)
2101 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_FLAG_HALF_RATE_SUPPORT);
2102 	if (arg->scan_f_quarter_rate)
2103 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_FLAG_QUARTER_RATE_SUPPORT);
2104 	if (arg->scan_f_cck_rates)
2105 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_ADD_CCK_RATES);
2106 	if (arg->scan_f_ofdm_rates)
2107 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_ADD_OFDM_RATES);
2108 	if (arg->scan_f_chan_stat_evnt)
2109 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_CHAN_STAT_EVENT);
2110 	if (arg->scan_f_filter_prb_req)
2111 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_FILTER_PROBE_REQ);
2112 	if (arg->scan_f_bcast_probe)
2113 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_ADD_BCAST_PROBE_REQ);
2114 	if (arg->scan_f_offchan_mgmt_tx)
2115 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_OFFCHAN_MGMT_TX);
2116 	if (arg->scan_f_offchan_data_tx)
2117 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_OFFCHAN_DATA_TX);
2118 	if (arg->scan_f_force_active_dfs_chn)
2119 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_FLAG_FORCE_ACTIVE_ON_DFS);
2120 	if (arg->scan_f_add_tpc_ie_in_probe)
2121 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_ADD_TPC_IE_IN_PROBE_REQ);
2122 	if (arg->scan_f_add_ds_ie_in_probe)
2123 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_ADD_DS_IE_IN_PROBE_REQ);
2124 	if (arg->scan_f_add_spoofed_mac_in_probe)
2125 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_ADD_SPOOF_MAC_IN_PROBE_REQ);
2126 	if (arg->scan_f_add_rand_seq_in_probe)
2127 		cmd->scan_ctrl_flags |= cpu_to_le32(WMI_SCAN_RANDOM_SEQ_NO_IN_PROBE_REQ);
2128 	if (arg->scan_f_en_ie_whitelist_in_probe)
2129 		cmd->scan_ctrl_flags |=
2130 			cpu_to_le32(WMI_SCAN_ENABLE_IE_WHTELIST_IN_PROBE_REQ);
2131 
2132 	cmd->scan_ctrl_flags |= le32_encode_bits(arg->adaptive_dwell_time_mode,
2133 						 WMI_SCAN_DWELL_MODE_MASK);
2134 }
2135 
2136 int ath12k_wmi_send_scan_start_cmd(struct ath12k *ar,
2137 				   struct ath12k_wmi_scan_req_arg *arg)
2138 {
2139 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2140 	struct wmi_start_scan_cmd *cmd;
2141 	struct ath12k_wmi_ssid_params *ssid = NULL;
2142 	struct ath12k_wmi_mac_addr_params *bssid;
2143 	struct sk_buff *skb;
2144 	struct wmi_tlv *tlv;
2145 	void *ptr;
2146 	int i, ret, len;
2147 	u32 *tmp_ptr;
2148 	u8 extraie_len_with_pad = 0;
2149 	struct ath12k_wmi_hint_short_ssid_arg *s_ssid = NULL;
2150 	struct ath12k_wmi_hint_bssid_arg *hint_bssid = NULL;
2151 
2152 	len = sizeof(*cmd);
2153 
2154 	len += TLV_HDR_SIZE;
2155 	if (arg->num_chan)
2156 		len += arg->num_chan * sizeof(u32);
2157 
2158 	len += TLV_HDR_SIZE;
2159 	if (arg->num_ssids)
2160 		len += arg->num_ssids * sizeof(*ssid);
2161 
2162 	len += TLV_HDR_SIZE;
2163 	if (arg->num_bssid)
2164 		len += sizeof(*bssid) * arg->num_bssid;
2165 
2166 	len += TLV_HDR_SIZE;
2167 	if (arg->extraie.len)
2168 		extraie_len_with_pad =
2169 			roundup(arg->extraie.len, sizeof(u32));
2170 	len += extraie_len_with_pad;
2171 
2172 	if (arg->num_hint_bssid)
2173 		len += TLV_HDR_SIZE +
2174 		       arg->num_hint_bssid * sizeof(*hint_bssid);
2175 
2176 	if (arg->num_hint_s_ssid)
2177 		len += TLV_HDR_SIZE +
2178 		       arg->num_hint_s_ssid * sizeof(*s_ssid);
2179 
2180 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
2181 	if (!skb)
2182 		return -ENOMEM;
2183 
2184 	ptr = skb->data;
2185 
2186 	cmd = ptr;
2187 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_START_SCAN_CMD,
2188 						 sizeof(*cmd));
2189 
2190 	cmd->scan_id = cpu_to_le32(arg->scan_id);
2191 	cmd->scan_req_id = cpu_to_le32(arg->scan_req_id);
2192 	cmd->vdev_id = cpu_to_le32(arg->vdev_id);
2193 	cmd->scan_priority = cpu_to_le32(arg->scan_priority);
2194 	cmd->notify_scan_events = cpu_to_le32(arg->notify_scan_events);
2195 
2196 	ath12k_wmi_copy_scan_event_cntrl_flags(cmd, arg);
2197 
2198 	cmd->dwell_time_active = cpu_to_le32(arg->dwell_time_active);
2199 	cmd->dwell_time_active_2g = cpu_to_le32(arg->dwell_time_active_2g);
2200 	cmd->dwell_time_passive = cpu_to_le32(arg->dwell_time_passive);
2201 	cmd->dwell_time_active_6g = cpu_to_le32(arg->dwell_time_active_6g);
2202 	cmd->dwell_time_passive_6g = cpu_to_le32(arg->dwell_time_passive_6g);
2203 	cmd->min_rest_time = cpu_to_le32(arg->min_rest_time);
2204 	cmd->max_rest_time = cpu_to_le32(arg->max_rest_time);
2205 	cmd->repeat_probe_time = cpu_to_le32(arg->repeat_probe_time);
2206 	cmd->probe_spacing_time = cpu_to_le32(arg->probe_spacing_time);
2207 	cmd->idle_time = cpu_to_le32(arg->idle_time);
2208 	cmd->max_scan_time = cpu_to_le32(arg->max_scan_time);
2209 	cmd->probe_delay = cpu_to_le32(arg->probe_delay);
2210 	cmd->burst_duration = cpu_to_le32(arg->burst_duration);
2211 	cmd->num_chan = cpu_to_le32(arg->num_chan);
2212 	cmd->num_bssid = cpu_to_le32(arg->num_bssid);
2213 	cmd->num_ssids = cpu_to_le32(arg->num_ssids);
2214 	cmd->ie_len = cpu_to_le32(arg->extraie.len);
2215 	cmd->n_probes = cpu_to_le32(arg->n_probes);
2216 
2217 	ptr += sizeof(*cmd);
2218 
2219 	len = arg->num_chan * sizeof(u32);
2220 
2221 	tlv = ptr;
2222 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_UINT32, len);
2223 	ptr += TLV_HDR_SIZE;
2224 	tmp_ptr = (u32 *)ptr;
2225 
2226 	memcpy(tmp_ptr, arg->chan_list, arg->num_chan * 4);
2227 
2228 	ptr += len;
2229 
2230 	len = arg->num_ssids * sizeof(*ssid);
2231 	tlv = ptr;
2232 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_FIXED_STRUCT, len);
2233 
2234 	ptr += TLV_HDR_SIZE;
2235 
2236 	if (arg->num_ssids) {
2237 		ssid = ptr;
2238 		for (i = 0; i < arg->num_ssids; ++i) {
2239 			ssid->ssid_len = cpu_to_le32(arg->ssid[i].ssid_len);
2240 			memcpy(ssid->ssid, arg->ssid[i].ssid,
2241 			       arg->ssid[i].ssid_len);
2242 			ssid++;
2243 		}
2244 	}
2245 
2246 	ptr += (arg->num_ssids * sizeof(*ssid));
2247 	len = arg->num_bssid * sizeof(*bssid);
2248 	tlv = ptr;
2249 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_FIXED_STRUCT, len);
2250 
2251 	ptr += TLV_HDR_SIZE;
2252 	bssid = ptr;
2253 
2254 	if (arg->num_bssid) {
2255 		for (i = 0; i < arg->num_bssid; ++i) {
2256 			ether_addr_copy(bssid->addr,
2257 					arg->bssid_list[i].addr);
2258 			bssid++;
2259 		}
2260 	}
2261 
2262 	ptr += arg->num_bssid * sizeof(*bssid);
2263 
2264 	len = extraie_len_with_pad;
2265 	tlv = ptr;
2266 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_BYTE, len);
2267 	ptr += TLV_HDR_SIZE;
2268 
2269 	if (arg->extraie.len)
2270 		memcpy(ptr, arg->extraie.ptr,
2271 		       arg->extraie.len);
2272 
2273 	ptr += extraie_len_with_pad;
2274 
2275 	if (arg->num_hint_s_ssid) {
2276 		len = arg->num_hint_s_ssid * sizeof(*s_ssid);
2277 		tlv = ptr;
2278 		tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_FIXED_STRUCT, len);
2279 		ptr += TLV_HDR_SIZE;
2280 		s_ssid = ptr;
2281 		for (i = 0; i < arg->num_hint_s_ssid; ++i) {
2282 			s_ssid->freq_flags = arg->hint_s_ssid[i].freq_flags;
2283 			s_ssid->short_ssid = arg->hint_s_ssid[i].short_ssid;
2284 			s_ssid++;
2285 		}
2286 		ptr += len;
2287 	}
2288 
2289 	if (arg->num_hint_bssid) {
2290 		len = arg->num_hint_bssid * sizeof(struct ath12k_wmi_hint_bssid_arg);
2291 		tlv = ptr;
2292 		tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_FIXED_STRUCT, len);
2293 		ptr += TLV_HDR_SIZE;
2294 		hint_bssid = ptr;
2295 		for (i = 0; i < arg->num_hint_bssid; ++i) {
2296 			hint_bssid->freq_flags =
2297 				arg->hint_bssid[i].freq_flags;
2298 			ether_addr_copy(&arg->hint_bssid[i].bssid.addr[0],
2299 					&hint_bssid->bssid.addr[0]);
2300 			hint_bssid++;
2301 		}
2302 	}
2303 
2304 	ret = ath12k_wmi_cmd_send(wmi, skb,
2305 				  WMI_START_SCAN_CMDID);
2306 	if (ret) {
2307 		ath12k_warn(ar->ab, "failed to send WMI_START_SCAN_CMDID\n");
2308 		dev_kfree_skb(skb);
2309 	}
2310 
2311 	return ret;
2312 }
2313 
2314 int ath12k_wmi_send_scan_stop_cmd(struct ath12k *ar,
2315 				  struct ath12k_wmi_scan_cancel_arg *arg)
2316 {
2317 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2318 	struct wmi_stop_scan_cmd *cmd;
2319 	struct sk_buff *skb;
2320 	int ret;
2321 
2322 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2323 	if (!skb)
2324 		return -ENOMEM;
2325 
2326 	cmd = (struct wmi_stop_scan_cmd *)skb->data;
2327 
2328 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_STOP_SCAN_CMD,
2329 						 sizeof(*cmd));
2330 
2331 	cmd->vdev_id = cpu_to_le32(arg->vdev_id);
2332 	cmd->requestor = cpu_to_le32(arg->requester);
2333 	cmd->scan_id = cpu_to_le32(arg->scan_id);
2334 	cmd->pdev_id = cpu_to_le32(arg->pdev_id);
2335 	/* stop the scan with the corresponding scan_id */
2336 	if (arg->req_type == WLAN_SCAN_CANCEL_PDEV_ALL) {
2337 		/* Cancelling all scans */
2338 		cmd->req_type = cpu_to_le32(WMI_SCAN_STOP_ALL);
2339 	} else if (arg->req_type == WLAN_SCAN_CANCEL_VDEV_ALL) {
2340 		/* Cancelling VAP scans */
2341 		cmd->req_type = cpu_to_le32(WMI_SCAN_STOP_VAP_ALL);
2342 	} else if (arg->req_type == WLAN_SCAN_CANCEL_SINGLE) {
2343 		/* Cancelling specific scan */
2344 		cmd->req_type = WMI_SCAN_STOP_ONE;
2345 	} else {
2346 		ath12k_warn(ar->ab, "invalid scan cancel req_type %d",
2347 			    arg->req_type);
2348 		dev_kfree_skb(skb);
2349 		return -EINVAL;
2350 	}
2351 
2352 	ret = ath12k_wmi_cmd_send(wmi, skb,
2353 				  WMI_STOP_SCAN_CMDID);
2354 	if (ret) {
2355 		ath12k_warn(ar->ab, "failed to send WMI_STOP_SCAN_CMDID\n");
2356 		dev_kfree_skb(skb);
2357 	}
2358 
2359 	return ret;
2360 }
2361 
2362 int ath12k_wmi_send_scan_chan_list_cmd(struct ath12k *ar,
2363 				       struct ath12k_wmi_scan_chan_list_arg *arg)
2364 {
2365 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2366 	struct wmi_scan_chan_list_cmd *cmd;
2367 	struct sk_buff *skb;
2368 	struct ath12k_wmi_channel_params *chan_info;
2369 	struct ath12k_wmi_channel_arg *channel_arg;
2370 	struct wmi_tlv *tlv;
2371 	void *ptr;
2372 	int i, ret, len;
2373 	u16 num_send_chans, num_sends = 0, max_chan_limit = 0;
2374 	__le32 *reg1, *reg2;
2375 
2376 	channel_arg = &arg->channel[0];
2377 	while (arg->nallchans) {
2378 		len = sizeof(*cmd) + TLV_HDR_SIZE;
2379 		max_chan_limit = (wmi->wmi_ab->max_msg_len[ar->pdev_idx] - len) /
2380 			sizeof(*chan_info);
2381 
2382 		num_send_chans = min(arg->nallchans, max_chan_limit);
2383 
2384 		arg->nallchans -= num_send_chans;
2385 		len += sizeof(*chan_info) * num_send_chans;
2386 
2387 		skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
2388 		if (!skb)
2389 			return -ENOMEM;
2390 
2391 		cmd = (struct wmi_scan_chan_list_cmd *)skb->data;
2392 		cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_SCAN_CHAN_LIST_CMD,
2393 							 sizeof(*cmd));
2394 		cmd->pdev_id = cpu_to_le32(arg->pdev_id);
2395 		cmd->num_scan_chans = cpu_to_le32(num_send_chans);
2396 		if (num_sends)
2397 			cmd->flags |= cpu_to_le32(WMI_APPEND_TO_EXISTING_CHAN_LIST_FLAG);
2398 
2399 		ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2400 			   "WMI no.of chan = %d len = %d pdev_id = %d num_sends = %d\n",
2401 			   num_send_chans, len, cmd->pdev_id, num_sends);
2402 
2403 		ptr = skb->data + sizeof(*cmd);
2404 
2405 		len = sizeof(*chan_info) * num_send_chans;
2406 		tlv = ptr;
2407 		tlv->header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_ARRAY_STRUCT,
2408 						     len);
2409 		ptr += TLV_HDR_SIZE;
2410 
2411 		for (i = 0; i < num_send_chans; ++i) {
2412 			chan_info = ptr;
2413 			memset(chan_info, 0, sizeof(*chan_info));
2414 			len = sizeof(*chan_info);
2415 			chan_info->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_CHANNEL,
2416 								       len);
2417 
2418 			reg1 = &chan_info->reg_info_1;
2419 			reg2 = &chan_info->reg_info_2;
2420 			chan_info->mhz = cpu_to_le32(channel_arg->mhz);
2421 			chan_info->band_center_freq1 = cpu_to_le32(channel_arg->cfreq1);
2422 			chan_info->band_center_freq2 = cpu_to_le32(channel_arg->cfreq2);
2423 
2424 			if (channel_arg->is_chan_passive)
2425 				chan_info->info |= cpu_to_le32(WMI_CHAN_INFO_PASSIVE);
2426 			if (channel_arg->allow_he)
2427 				chan_info->info |= cpu_to_le32(WMI_CHAN_INFO_ALLOW_HE);
2428 			else if (channel_arg->allow_vht)
2429 				chan_info->info |= cpu_to_le32(WMI_CHAN_INFO_ALLOW_VHT);
2430 			else if (channel_arg->allow_ht)
2431 				chan_info->info |= cpu_to_le32(WMI_CHAN_INFO_ALLOW_HT);
2432 			if (channel_arg->half_rate)
2433 				chan_info->info |= cpu_to_le32(WMI_CHAN_INFO_HALF_RATE);
2434 			if (channel_arg->quarter_rate)
2435 				chan_info->info |=
2436 					cpu_to_le32(WMI_CHAN_INFO_QUARTER_RATE);
2437 
2438 			if (channel_arg->psc_channel)
2439 				chan_info->info |= cpu_to_le32(WMI_CHAN_INFO_PSC);
2440 
2441 			if (channel_arg->dfs_set)
2442 				chan_info->info |= cpu_to_le32(WMI_CHAN_INFO_DFS);
2443 
2444 			chan_info->info |= le32_encode_bits(channel_arg->phy_mode,
2445 							    WMI_CHAN_INFO_MODE);
2446 			*reg1 |= le32_encode_bits(channel_arg->minpower,
2447 						  WMI_CHAN_REG_INFO1_MIN_PWR);
2448 			*reg1 |= le32_encode_bits(channel_arg->maxpower,
2449 						  WMI_CHAN_REG_INFO1_MAX_PWR);
2450 			*reg1 |= le32_encode_bits(channel_arg->maxregpower,
2451 						  WMI_CHAN_REG_INFO1_MAX_REG_PWR);
2452 			*reg1 |= le32_encode_bits(channel_arg->reg_class_id,
2453 						  WMI_CHAN_REG_INFO1_REG_CLS);
2454 			*reg2 |= le32_encode_bits(channel_arg->antennamax,
2455 						  WMI_CHAN_REG_INFO2_ANT_MAX);
2456 
2457 			ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2458 				   "WMI chan scan list chan[%d] = %u, chan_info->info %8x\n",
2459 				   i, chan_info->mhz, chan_info->info);
2460 
2461 			ptr += sizeof(*chan_info);
2462 
2463 			channel_arg++;
2464 		}
2465 
2466 		ret = ath12k_wmi_cmd_send(wmi, skb, WMI_SCAN_CHAN_LIST_CMDID);
2467 		if (ret) {
2468 			ath12k_warn(ar->ab, "failed to send WMI_SCAN_CHAN_LIST cmd\n");
2469 			dev_kfree_skb(skb);
2470 			return ret;
2471 		}
2472 
2473 		num_sends++;
2474 	}
2475 
2476 	return 0;
2477 }
2478 
2479 int ath12k_wmi_send_wmm_update_cmd(struct ath12k *ar, u32 vdev_id,
2480 				   struct wmi_wmm_params_all_arg *param)
2481 {
2482 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2483 	struct wmi_vdev_set_wmm_params_cmd *cmd;
2484 	struct wmi_wmm_params *wmm_param;
2485 	struct wmi_wmm_params_arg *wmi_wmm_arg;
2486 	struct sk_buff *skb;
2487 	int ret, ac;
2488 
2489 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2490 	if (!skb)
2491 		return -ENOMEM;
2492 
2493 	cmd = (struct wmi_vdev_set_wmm_params_cmd *)skb->data;
2494 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_SET_WMM_PARAMS_CMD,
2495 						 sizeof(*cmd));
2496 
2497 	cmd->vdev_id = cpu_to_le32(vdev_id);
2498 	cmd->wmm_param_type = 0;
2499 
2500 	for (ac = 0; ac < WME_NUM_AC; ac++) {
2501 		switch (ac) {
2502 		case WME_AC_BE:
2503 			wmi_wmm_arg = &param->ac_be;
2504 			break;
2505 		case WME_AC_BK:
2506 			wmi_wmm_arg = &param->ac_bk;
2507 			break;
2508 		case WME_AC_VI:
2509 			wmi_wmm_arg = &param->ac_vi;
2510 			break;
2511 		case WME_AC_VO:
2512 			wmi_wmm_arg = &param->ac_vo;
2513 			break;
2514 		}
2515 
2516 		wmm_param = (struct wmi_wmm_params *)&cmd->wmm_params[ac];
2517 		wmm_param->tlv_header =
2518 			ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_SET_WMM_PARAMS_CMD,
2519 					       sizeof(*wmm_param));
2520 
2521 		wmm_param->aifs = cpu_to_le32(wmi_wmm_arg->aifs);
2522 		wmm_param->cwmin = cpu_to_le32(wmi_wmm_arg->cwmin);
2523 		wmm_param->cwmax = cpu_to_le32(wmi_wmm_arg->cwmax);
2524 		wmm_param->txoplimit = cpu_to_le32(wmi_wmm_arg->txop);
2525 		wmm_param->acm = cpu_to_le32(wmi_wmm_arg->acm);
2526 		wmm_param->no_ack = cpu_to_le32(wmi_wmm_arg->no_ack);
2527 
2528 		ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2529 			   "wmi wmm set ac %d aifs %d cwmin %d cwmax %d txop %d acm %d no_ack %d\n",
2530 			   ac, wmm_param->aifs, wmm_param->cwmin,
2531 			   wmm_param->cwmax, wmm_param->txoplimit,
2532 			   wmm_param->acm, wmm_param->no_ack);
2533 	}
2534 	ret = ath12k_wmi_cmd_send(wmi, skb,
2535 				  WMI_VDEV_SET_WMM_PARAMS_CMDID);
2536 	if (ret) {
2537 		ath12k_warn(ar->ab,
2538 			    "failed to send WMI_VDEV_SET_WMM_PARAMS_CMDID");
2539 		dev_kfree_skb(skb);
2540 	}
2541 
2542 	return ret;
2543 }
2544 
2545 int ath12k_wmi_send_dfs_phyerr_offload_enable_cmd(struct ath12k *ar,
2546 						  u32 pdev_id)
2547 {
2548 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2549 	struct wmi_dfs_phyerr_offload_cmd *cmd;
2550 	struct sk_buff *skb;
2551 	int ret;
2552 
2553 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2554 	if (!skb)
2555 		return -ENOMEM;
2556 
2557 	cmd = (struct wmi_dfs_phyerr_offload_cmd *)skb->data;
2558 	cmd->tlv_header =
2559 		ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_DFS_PHYERR_OFFLOAD_ENABLE_CMD,
2560 				       sizeof(*cmd));
2561 
2562 	cmd->pdev_id = cpu_to_le32(pdev_id);
2563 
2564 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2565 		   "WMI dfs phy err offload enable pdev id %d\n", pdev_id);
2566 
2567 	ret = ath12k_wmi_cmd_send(wmi, skb,
2568 				  WMI_PDEV_DFS_PHYERR_OFFLOAD_ENABLE_CMDID);
2569 	if (ret) {
2570 		ath12k_warn(ar->ab,
2571 			    "failed to send WMI_PDEV_DFS_PHYERR_OFFLOAD_ENABLE cmd\n");
2572 		dev_kfree_skb(skb);
2573 	}
2574 
2575 	return ret;
2576 }
2577 
2578 int ath12k_wmi_delba_send(struct ath12k *ar, u32 vdev_id, const u8 *mac,
2579 			  u32 tid, u32 initiator, u32 reason)
2580 {
2581 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2582 	struct wmi_delba_send_cmd *cmd;
2583 	struct sk_buff *skb;
2584 	int ret;
2585 
2586 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2587 	if (!skb)
2588 		return -ENOMEM;
2589 
2590 	cmd = (struct wmi_delba_send_cmd *)skb->data;
2591 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_DELBA_SEND_CMD,
2592 						 sizeof(*cmd));
2593 	cmd->vdev_id = cpu_to_le32(vdev_id);
2594 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2595 	cmd->tid = cpu_to_le32(tid);
2596 	cmd->initiator = cpu_to_le32(initiator);
2597 	cmd->reasoncode = cpu_to_le32(reason);
2598 
2599 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2600 		   "wmi delba send vdev_id 0x%X mac_addr %pM tid %u initiator %u reason %u\n",
2601 		   vdev_id, mac, tid, initiator, reason);
2602 
2603 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_DELBA_SEND_CMDID);
2604 
2605 	if (ret) {
2606 		ath12k_warn(ar->ab,
2607 			    "failed to send WMI_DELBA_SEND_CMDID cmd\n");
2608 		dev_kfree_skb(skb);
2609 	}
2610 
2611 	return ret;
2612 }
2613 
2614 int ath12k_wmi_addba_set_resp(struct ath12k *ar, u32 vdev_id, const u8 *mac,
2615 			      u32 tid, u32 status)
2616 {
2617 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2618 	struct wmi_addba_setresponse_cmd *cmd;
2619 	struct sk_buff *skb;
2620 	int ret;
2621 
2622 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2623 	if (!skb)
2624 		return -ENOMEM;
2625 
2626 	cmd = (struct wmi_addba_setresponse_cmd *)skb->data;
2627 	cmd->tlv_header =
2628 		ath12k_wmi_tlv_cmd_hdr(WMI_TAG_ADDBA_SETRESPONSE_CMD,
2629 				       sizeof(*cmd));
2630 	cmd->vdev_id = cpu_to_le32(vdev_id);
2631 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2632 	cmd->tid = cpu_to_le32(tid);
2633 	cmd->statuscode = cpu_to_le32(status);
2634 
2635 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2636 		   "wmi addba set resp vdev_id 0x%X mac_addr %pM tid %u status %u\n",
2637 		   vdev_id, mac, tid, status);
2638 
2639 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_ADDBA_SET_RESP_CMDID);
2640 
2641 	if (ret) {
2642 		ath12k_warn(ar->ab,
2643 			    "failed to send WMI_ADDBA_SET_RESP_CMDID cmd\n");
2644 		dev_kfree_skb(skb);
2645 	}
2646 
2647 	return ret;
2648 }
2649 
2650 int ath12k_wmi_addba_send(struct ath12k *ar, u32 vdev_id, const u8 *mac,
2651 			  u32 tid, u32 buf_size)
2652 {
2653 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2654 	struct wmi_addba_send_cmd *cmd;
2655 	struct sk_buff *skb;
2656 	int ret;
2657 
2658 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2659 	if (!skb)
2660 		return -ENOMEM;
2661 
2662 	cmd = (struct wmi_addba_send_cmd *)skb->data;
2663 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_ADDBA_SEND_CMD,
2664 						 sizeof(*cmd));
2665 	cmd->vdev_id = cpu_to_le32(vdev_id);
2666 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2667 	cmd->tid = cpu_to_le32(tid);
2668 	cmd->buffersize = cpu_to_le32(buf_size);
2669 
2670 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2671 		   "wmi addba send vdev_id 0x%X mac_addr %pM tid %u bufsize %u\n",
2672 		   vdev_id, mac, tid, buf_size);
2673 
2674 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_ADDBA_SEND_CMDID);
2675 
2676 	if (ret) {
2677 		ath12k_warn(ar->ab,
2678 			    "failed to send WMI_ADDBA_SEND_CMDID cmd\n");
2679 		dev_kfree_skb(skb);
2680 	}
2681 
2682 	return ret;
2683 }
2684 
2685 int ath12k_wmi_addba_clear_resp(struct ath12k *ar, u32 vdev_id, const u8 *mac)
2686 {
2687 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2688 	struct wmi_addba_clear_resp_cmd *cmd;
2689 	struct sk_buff *skb;
2690 	int ret;
2691 
2692 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2693 	if (!skb)
2694 		return -ENOMEM;
2695 
2696 	cmd = (struct wmi_addba_clear_resp_cmd *)skb->data;
2697 	cmd->tlv_header =
2698 		ath12k_wmi_tlv_cmd_hdr(WMI_TAG_ADDBA_CLEAR_RESP_CMD,
2699 				       sizeof(*cmd));
2700 	cmd->vdev_id = cpu_to_le32(vdev_id);
2701 	ether_addr_copy(cmd->peer_macaddr.addr, mac);
2702 
2703 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2704 		   "wmi addba clear resp vdev_id 0x%X mac_addr %pM\n",
2705 		   vdev_id, mac);
2706 
2707 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_ADDBA_CLEAR_RESP_CMDID);
2708 
2709 	if (ret) {
2710 		ath12k_warn(ar->ab,
2711 			    "failed to send WMI_ADDBA_CLEAR_RESP_CMDID cmd\n");
2712 		dev_kfree_skb(skb);
2713 	}
2714 
2715 	return ret;
2716 }
2717 
2718 int ath12k_wmi_send_init_country_cmd(struct ath12k *ar,
2719 				     struct ath12k_wmi_init_country_arg *arg)
2720 {
2721 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2722 	struct wmi_init_country_cmd *cmd;
2723 	struct sk_buff *skb;
2724 	int ret;
2725 
2726 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, sizeof(*cmd));
2727 	if (!skb)
2728 		return -ENOMEM;
2729 
2730 	cmd = (struct wmi_init_country_cmd *)skb->data;
2731 	cmd->tlv_header =
2732 		ath12k_wmi_tlv_cmd_hdr(WMI_TAG_SET_INIT_COUNTRY_CMD,
2733 				       sizeof(*cmd));
2734 
2735 	cmd->pdev_id = cpu_to_le32(ar->pdev->pdev_id);
2736 
2737 	switch (arg->flags) {
2738 	case ALPHA_IS_SET:
2739 		cmd->init_cc_type = WMI_COUNTRY_INFO_TYPE_ALPHA;
2740 		memcpy(&cmd->cc_info.alpha2, arg->cc_info.alpha2, 3);
2741 		break;
2742 	case CC_IS_SET:
2743 		cmd->init_cc_type = cpu_to_le32(WMI_COUNTRY_INFO_TYPE_COUNTRY_CODE);
2744 		cmd->cc_info.country_code =
2745 			cpu_to_le32(arg->cc_info.country_code);
2746 		break;
2747 	case REGDMN_IS_SET:
2748 		cmd->init_cc_type = cpu_to_le32(WMI_COUNTRY_INFO_TYPE_REGDOMAIN);
2749 		cmd->cc_info.regdom_id = cpu_to_le32(arg->cc_info.regdom_id);
2750 		break;
2751 	default:
2752 		ret = -EINVAL;
2753 		goto out;
2754 	}
2755 
2756 	ret = ath12k_wmi_cmd_send(wmi, skb,
2757 				  WMI_SET_INIT_COUNTRY_CMDID);
2758 
2759 out:
2760 	if (ret) {
2761 		ath12k_warn(ar->ab,
2762 			    "failed to send WMI_SET_INIT_COUNTRY CMD :%d\n",
2763 			    ret);
2764 		dev_kfree_skb(skb);
2765 	}
2766 
2767 	return ret;
2768 }
2769 
2770 int
2771 ath12k_wmi_send_twt_enable_cmd(struct ath12k *ar, u32 pdev_id)
2772 {
2773 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2774 	struct ath12k_base *ab = wmi->wmi_ab->ab;
2775 	struct wmi_twt_enable_params_cmd *cmd;
2776 	struct sk_buff *skb;
2777 	int ret, len;
2778 
2779 	len = sizeof(*cmd);
2780 
2781 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
2782 	if (!skb)
2783 		return -ENOMEM;
2784 
2785 	cmd = (struct wmi_twt_enable_params_cmd *)skb->data;
2786 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_TWT_ENABLE_CMD,
2787 						 len);
2788 	cmd->pdev_id = cpu_to_le32(pdev_id);
2789 	cmd->sta_cong_timer_ms = cpu_to_le32(ATH12K_TWT_DEF_STA_CONG_TIMER_MS);
2790 	cmd->default_slot_size = cpu_to_le32(ATH12K_TWT_DEF_DEFAULT_SLOT_SIZE);
2791 	cmd->congestion_thresh_setup =
2792 		cpu_to_le32(ATH12K_TWT_DEF_CONGESTION_THRESH_SETUP);
2793 	cmd->congestion_thresh_teardown =
2794 		cpu_to_le32(ATH12K_TWT_DEF_CONGESTION_THRESH_TEARDOWN);
2795 	cmd->congestion_thresh_critical =
2796 		cpu_to_le32(ATH12K_TWT_DEF_CONGESTION_THRESH_CRITICAL);
2797 	cmd->interference_thresh_teardown =
2798 		cpu_to_le32(ATH12K_TWT_DEF_INTERFERENCE_THRESH_TEARDOWN);
2799 	cmd->interference_thresh_setup =
2800 		cpu_to_le32(ATH12K_TWT_DEF_INTERFERENCE_THRESH_SETUP);
2801 	cmd->min_no_sta_setup = cpu_to_le32(ATH12K_TWT_DEF_MIN_NO_STA_SETUP);
2802 	cmd->min_no_sta_teardown = cpu_to_le32(ATH12K_TWT_DEF_MIN_NO_STA_TEARDOWN);
2803 	cmd->no_of_bcast_mcast_slots =
2804 		cpu_to_le32(ATH12K_TWT_DEF_NO_OF_BCAST_MCAST_SLOTS);
2805 	cmd->min_no_twt_slots = cpu_to_le32(ATH12K_TWT_DEF_MIN_NO_TWT_SLOTS);
2806 	cmd->max_no_sta_twt = cpu_to_le32(ATH12K_TWT_DEF_MAX_NO_STA_TWT);
2807 	cmd->mode_check_interval = cpu_to_le32(ATH12K_TWT_DEF_MODE_CHECK_INTERVAL);
2808 	cmd->add_sta_slot_interval = cpu_to_le32(ATH12K_TWT_DEF_ADD_STA_SLOT_INTERVAL);
2809 	cmd->remove_sta_slot_interval =
2810 		cpu_to_le32(ATH12K_TWT_DEF_REMOVE_STA_SLOT_INTERVAL);
2811 	/* TODO add MBSSID support */
2812 	cmd->mbss_support = 0;
2813 
2814 	ret = ath12k_wmi_cmd_send(wmi, skb,
2815 				  WMI_TWT_ENABLE_CMDID);
2816 	if (ret) {
2817 		ath12k_warn(ab, "Failed to send WMI_TWT_ENABLE_CMDID");
2818 		dev_kfree_skb(skb);
2819 	}
2820 	return ret;
2821 }
2822 
2823 int
2824 ath12k_wmi_send_twt_disable_cmd(struct ath12k *ar, u32 pdev_id)
2825 {
2826 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2827 	struct ath12k_base *ab = wmi->wmi_ab->ab;
2828 	struct wmi_twt_disable_params_cmd *cmd;
2829 	struct sk_buff *skb;
2830 	int ret, len;
2831 
2832 	len = sizeof(*cmd);
2833 
2834 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
2835 	if (!skb)
2836 		return -ENOMEM;
2837 
2838 	cmd = (struct wmi_twt_disable_params_cmd *)skb->data;
2839 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_TWT_DISABLE_CMD,
2840 						 len);
2841 	cmd->pdev_id = cpu_to_le32(pdev_id);
2842 
2843 	ret = ath12k_wmi_cmd_send(wmi, skb,
2844 				  WMI_TWT_DISABLE_CMDID);
2845 	if (ret) {
2846 		ath12k_warn(ab, "Failed to send WMI_TWT_DISABLE_CMDID");
2847 		dev_kfree_skb(skb);
2848 	}
2849 	return ret;
2850 }
2851 
2852 int
2853 ath12k_wmi_send_obss_spr_cmd(struct ath12k *ar, u32 vdev_id,
2854 			     struct ieee80211_he_obss_pd *he_obss_pd)
2855 {
2856 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2857 	struct ath12k_base *ab = wmi->wmi_ab->ab;
2858 	struct wmi_obss_spatial_reuse_params_cmd *cmd;
2859 	struct sk_buff *skb;
2860 	int ret, len;
2861 
2862 	len = sizeof(*cmd);
2863 
2864 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
2865 	if (!skb)
2866 		return -ENOMEM;
2867 
2868 	cmd = (struct wmi_obss_spatial_reuse_params_cmd *)skb->data;
2869 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_OBSS_SPATIAL_REUSE_SET_CMD,
2870 						 len);
2871 	cmd->vdev_id = cpu_to_le32(vdev_id);
2872 	cmd->enable = cpu_to_le32(he_obss_pd->enable);
2873 	cmd->obss_min = a_cpu_to_sle32(he_obss_pd->min_offset);
2874 	cmd->obss_max = a_cpu_to_sle32(he_obss_pd->max_offset);
2875 
2876 	ret = ath12k_wmi_cmd_send(wmi, skb,
2877 				  WMI_PDEV_OBSS_PD_SPATIAL_REUSE_CMDID);
2878 	if (ret) {
2879 		ath12k_warn(ab,
2880 			    "Failed to send WMI_PDEV_OBSS_PD_SPATIAL_REUSE_CMDID");
2881 		dev_kfree_skb(skb);
2882 	}
2883 	return ret;
2884 }
2885 
2886 int ath12k_wmi_obss_color_cfg_cmd(struct ath12k *ar, u32 vdev_id,
2887 				  u8 bss_color, u32 period,
2888 				  bool enable)
2889 {
2890 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2891 	struct ath12k_base *ab = wmi->wmi_ab->ab;
2892 	struct wmi_obss_color_collision_cfg_params_cmd *cmd;
2893 	struct sk_buff *skb;
2894 	int ret, len;
2895 
2896 	len = sizeof(*cmd);
2897 
2898 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
2899 	if (!skb)
2900 		return -ENOMEM;
2901 
2902 	cmd = (struct wmi_obss_color_collision_cfg_params_cmd *)skb->data;
2903 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_OBSS_COLOR_COLLISION_DET_CONFIG,
2904 						 len);
2905 	cmd->vdev_id = cpu_to_le32(vdev_id);
2906 	cmd->evt_type = enable ? cpu_to_le32(ATH12K_OBSS_COLOR_COLLISION_DETECTION) :
2907 		cpu_to_le32(ATH12K_OBSS_COLOR_COLLISION_DETECTION_DISABLE);
2908 	cmd->current_bss_color = cpu_to_le32(bss_color);
2909 	cmd->detection_period_ms = cpu_to_le32(period);
2910 	cmd->scan_period_ms = cpu_to_le32(ATH12K_BSS_COLOR_COLLISION_SCAN_PERIOD_MS);
2911 	cmd->free_slot_expiry_time_ms = 0;
2912 	cmd->flags = 0;
2913 
2914 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2915 		   "wmi_send_obss_color_collision_cfg id %d type %d bss_color %d detect_period %d scan_period %d\n",
2916 		   cmd->vdev_id, cmd->evt_type, cmd->current_bss_color,
2917 		   cmd->detection_period_ms, cmd->scan_period_ms);
2918 
2919 	ret = ath12k_wmi_cmd_send(wmi, skb,
2920 				  WMI_OBSS_COLOR_COLLISION_DET_CONFIG_CMDID);
2921 	if (ret) {
2922 		ath12k_warn(ab, "Failed to send WMI_OBSS_COLOR_COLLISION_DET_CONFIG_CMDID");
2923 		dev_kfree_skb(skb);
2924 	}
2925 	return ret;
2926 }
2927 
2928 int ath12k_wmi_send_bss_color_change_enable_cmd(struct ath12k *ar, u32 vdev_id,
2929 						bool enable)
2930 {
2931 	struct ath12k_wmi_pdev *wmi = ar->wmi;
2932 	struct ath12k_base *ab = wmi->wmi_ab->ab;
2933 	struct wmi_bss_color_change_enable_params_cmd *cmd;
2934 	struct sk_buff *skb;
2935 	int ret, len;
2936 
2937 	len = sizeof(*cmd);
2938 
2939 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
2940 	if (!skb)
2941 		return -ENOMEM;
2942 
2943 	cmd = (struct wmi_bss_color_change_enable_params_cmd *)skb->data;
2944 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_BSS_COLOR_CHANGE_ENABLE,
2945 						 len);
2946 	cmd->vdev_id = cpu_to_le32(vdev_id);
2947 	cmd->enable = enable ? cpu_to_le32(1) : 0;
2948 
2949 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2950 		   "wmi_send_bss_color_change_enable id %d enable %d\n",
2951 		   cmd->vdev_id, cmd->enable);
2952 
2953 	ret = ath12k_wmi_cmd_send(wmi, skb,
2954 				  WMI_BSS_COLOR_CHANGE_ENABLE_CMDID);
2955 	if (ret) {
2956 		ath12k_warn(ab, "Failed to send WMI_BSS_COLOR_CHANGE_ENABLE_CMDID");
2957 		dev_kfree_skb(skb);
2958 	}
2959 	return ret;
2960 }
2961 
2962 int ath12k_wmi_fils_discovery_tmpl(struct ath12k *ar, u32 vdev_id,
2963 				   struct sk_buff *tmpl)
2964 {
2965 	struct wmi_tlv *tlv;
2966 	struct sk_buff *skb;
2967 	void *ptr;
2968 	int ret, len;
2969 	size_t aligned_len;
2970 	struct wmi_fils_discovery_tmpl_cmd *cmd;
2971 
2972 	aligned_len = roundup(tmpl->len, 4);
2973 	len = sizeof(*cmd) + TLV_HDR_SIZE + aligned_len;
2974 
2975 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
2976 		   "WMI vdev %i set FILS discovery template\n", vdev_id);
2977 
2978 	skb = ath12k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
2979 	if (!skb)
2980 		return -ENOMEM;
2981 
2982 	cmd = (struct wmi_fils_discovery_tmpl_cmd *)skb->data;
2983 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_FILS_DISCOVERY_TMPL_CMD,
2984 						 sizeof(*cmd));
2985 	cmd->vdev_id = cpu_to_le32(vdev_id);
2986 	cmd->buf_len = cpu_to_le32(tmpl->len);
2987 	ptr = skb->data + sizeof(*cmd);
2988 
2989 	tlv = ptr;
2990 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_BYTE, aligned_len);
2991 	memcpy(tlv->value, tmpl->data, tmpl->len);
2992 
2993 	ret = ath12k_wmi_cmd_send(ar->wmi, skb, WMI_FILS_DISCOVERY_TMPL_CMDID);
2994 	if (ret) {
2995 		ath12k_warn(ar->ab,
2996 			    "WMI vdev %i failed to send FILS discovery template command\n",
2997 			    vdev_id);
2998 		dev_kfree_skb(skb);
2999 	}
3000 	return ret;
3001 }
3002 
3003 int ath12k_wmi_probe_resp_tmpl(struct ath12k *ar, u32 vdev_id,
3004 			       struct sk_buff *tmpl)
3005 {
3006 	struct wmi_probe_tmpl_cmd *cmd;
3007 	struct ath12k_wmi_bcn_prb_info_params *probe_info;
3008 	struct wmi_tlv *tlv;
3009 	struct sk_buff *skb;
3010 	void *ptr;
3011 	int ret, len;
3012 	size_t aligned_len = roundup(tmpl->len, 4);
3013 
3014 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
3015 		   "WMI vdev %i set probe response template\n", vdev_id);
3016 
3017 	len = sizeof(*cmd) + sizeof(*probe_info) + TLV_HDR_SIZE + aligned_len;
3018 
3019 	skb = ath12k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
3020 	if (!skb)
3021 		return -ENOMEM;
3022 
3023 	cmd = (struct wmi_probe_tmpl_cmd *)skb->data;
3024 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PRB_TMPL_CMD,
3025 						 sizeof(*cmd));
3026 	cmd->vdev_id = cpu_to_le32(vdev_id);
3027 	cmd->buf_len = cpu_to_le32(tmpl->len);
3028 
3029 	ptr = skb->data + sizeof(*cmd);
3030 
3031 	probe_info = ptr;
3032 	len = sizeof(*probe_info);
3033 	probe_info->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_BCN_PRB_INFO,
3034 							len);
3035 	probe_info->caps = 0;
3036 	probe_info->erp = 0;
3037 
3038 	ptr += sizeof(*probe_info);
3039 
3040 	tlv = ptr;
3041 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_BYTE, aligned_len);
3042 	memcpy(tlv->value, tmpl->data, tmpl->len);
3043 
3044 	ret = ath12k_wmi_cmd_send(ar->wmi, skb, WMI_PRB_TMPL_CMDID);
3045 	if (ret) {
3046 		ath12k_warn(ar->ab,
3047 			    "WMI vdev %i failed to send probe response template command\n",
3048 			    vdev_id);
3049 		dev_kfree_skb(skb);
3050 	}
3051 	return ret;
3052 }
3053 
3054 int ath12k_wmi_fils_discovery(struct ath12k *ar, u32 vdev_id, u32 interval,
3055 			      bool unsol_bcast_probe_resp_enabled)
3056 {
3057 	struct sk_buff *skb;
3058 	int ret, len;
3059 	struct wmi_fils_discovery_cmd *cmd;
3060 
3061 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
3062 		   "WMI vdev %i set %s interval to %u TU\n",
3063 		   vdev_id, unsol_bcast_probe_resp_enabled ?
3064 		   "unsolicited broadcast probe response" : "FILS discovery",
3065 		   interval);
3066 
3067 	len = sizeof(*cmd);
3068 	skb = ath12k_wmi_alloc_skb(ar->wmi->wmi_ab, len);
3069 	if (!skb)
3070 		return -ENOMEM;
3071 
3072 	cmd = (struct wmi_fils_discovery_cmd *)skb->data;
3073 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_ENABLE_FILS_CMD,
3074 						 len);
3075 	cmd->vdev_id = cpu_to_le32(vdev_id);
3076 	cmd->interval = cpu_to_le32(interval);
3077 	cmd->config = cpu_to_le32(unsol_bcast_probe_resp_enabled);
3078 
3079 	ret = ath12k_wmi_cmd_send(ar->wmi, skb, WMI_ENABLE_FILS_CMDID);
3080 	if (ret) {
3081 		ath12k_warn(ar->ab,
3082 			    "WMI vdev %i failed to send FILS discovery enable/disable command\n",
3083 			    vdev_id);
3084 		dev_kfree_skb(skb);
3085 	}
3086 	return ret;
3087 }
3088 
3089 static void
3090 ath12k_fill_band_to_mac_param(struct ath12k_base  *soc,
3091 			      struct ath12k_wmi_pdev_band_arg *arg)
3092 {
3093 	u8 i;
3094 	struct ath12k_wmi_hal_reg_capabilities_ext_arg *hal_reg_cap;
3095 	struct ath12k_pdev *pdev;
3096 
3097 	for (i = 0; i < soc->num_radios; i++) {
3098 		pdev = &soc->pdevs[i];
3099 		hal_reg_cap = &soc->hal_reg_cap[i];
3100 		arg[i].pdev_id = pdev->pdev_id;
3101 
3102 		switch (pdev->cap.supported_bands) {
3103 		case WMI_HOST_WLAN_2G_5G_CAP:
3104 			arg[i].start_freq = hal_reg_cap->low_2ghz_chan;
3105 			arg[i].end_freq = hal_reg_cap->high_5ghz_chan;
3106 			break;
3107 		case WMI_HOST_WLAN_2G_CAP:
3108 			arg[i].start_freq = hal_reg_cap->low_2ghz_chan;
3109 			arg[i].end_freq = hal_reg_cap->high_2ghz_chan;
3110 			break;
3111 		case WMI_HOST_WLAN_5G_CAP:
3112 			arg[i].start_freq = hal_reg_cap->low_5ghz_chan;
3113 			arg[i].end_freq = hal_reg_cap->high_5ghz_chan;
3114 			break;
3115 		default:
3116 			break;
3117 		}
3118 	}
3119 }
3120 
3121 static void
3122 ath12k_wmi_copy_resource_config(struct ath12k_wmi_resource_config_params *wmi_cfg,
3123 				struct ath12k_wmi_resource_config_arg *tg_cfg)
3124 {
3125 	wmi_cfg->num_vdevs = cpu_to_le32(tg_cfg->num_vdevs);
3126 	wmi_cfg->num_peers = cpu_to_le32(tg_cfg->num_peers);
3127 	wmi_cfg->num_offload_peers = cpu_to_le32(tg_cfg->num_offload_peers);
3128 	wmi_cfg->num_offload_reorder_buffs =
3129 		cpu_to_le32(tg_cfg->num_offload_reorder_buffs);
3130 	wmi_cfg->num_peer_keys = cpu_to_le32(tg_cfg->num_peer_keys);
3131 	wmi_cfg->num_tids = cpu_to_le32(tg_cfg->num_tids);
3132 	wmi_cfg->ast_skid_limit = cpu_to_le32(tg_cfg->ast_skid_limit);
3133 	wmi_cfg->tx_chain_mask = cpu_to_le32(tg_cfg->tx_chain_mask);
3134 	wmi_cfg->rx_chain_mask = cpu_to_le32(tg_cfg->rx_chain_mask);
3135 	wmi_cfg->rx_timeout_pri[0] = cpu_to_le32(tg_cfg->rx_timeout_pri[0]);
3136 	wmi_cfg->rx_timeout_pri[1] = cpu_to_le32(tg_cfg->rx_timeout_pri[1]);
3137 	wmi_cfg->rx_timeout_pri[2] = cpu_to_le32(tg_cfg->rx_timeout_pri[2]);
3138 	wmi_cfg->rx_timeout_pri[3] = cpu_to_le32(tg_cfg->rx_timeout_pri[3]);
3139 	wmi_cfg->rx_decap_mode = cpu_to_le32(tg_cfg->rx_decap_mode);
3140 	wmi_cfg->scan_max_pending_req = cpu_to_le32(tg_cfg->scan_max_pending_req);
3141 	wmi_cfg->bmiss_offload_max_vdev = cpu_to_le32(tg_cfg->bmiss_offload_max_vdev);
3142 	wmi_cfg->roam_offload_max_vdev = cpu_to_le32(tg_cfg->roam_offload_max_vdev);
3143 	wmi_cfg->roam_offload_max_ap_profiles =
3144 		cpu_to_le32(tg_cfg->roam_offload_max_ap_profiles);
3145 	wmi_cfg->num_mcast_groups = cpu_to_le32(tg_cfg->num_mcast_groups);
3146 	wmi_cfg->num_mcast_table_elems = cpu_to_le32(tg_cfg->num_mcast_table_elems);
3147 	wmi_cfg->mcast2ucast_mode = cpu_to_le32(tg_cfg->mcast2ucast_mode);
3148 	wmi_cfg->tx_dbg_log_size = cpu_to_le32(tg_cfg->tx_dbg_log_size);
3149 	wmi_cfg->num_wds_entries = cpu_to_le32(tg_cfg->num_wds_entries);
3150 	wmi_cfg->dma_burst_size = cpu_to_le32(tg_cfg->dma_burst_size);
3151 	wmi_cfg->mac_aggr_delim = cpu_to_le32(tg_cfg->mac_aggr_delim);
3152 	wmi_cfg->rx_skip_defrag_timeout_dup_detection_check =
3153 		cpu_to_le32(tg_cfg->rx_skip_defrag_timeout_dup_detection_check);
3154 	wmi_cfg->vow_config = cpu_to_le32(tg_cfg->vow_config);
3155 	wmi_cfg->gtk_offload_max_vdev = cpu_to_le32(tg_cfg->gtk_offload_max_vdev);
3156 	wmi_cfg->num_msdu_desc = cpu_to_le32(tg_cfg->num_msdu_desc);
3157 	wmi_cfg->max_frag_entries = cpu_to_le32(tg_cfg->max_frag_entries);
3158 	wmi_cfg->num_tdls_vdevs = cpu_to_le32(tg_cfg->num_tdls_vdevs);
3159 	wmi_cfg->num_tdls_conn_table_entries =
3160 		cpu_to_le32(tg_cfg->num_tdls_conn_table_entries);
3161 	wmi_cfg->beacon_tx_offload_max_vdev =
3162 		cpu_to_le32(tg_cfg->beacon_tx_offload_max_vdev);
3163 	wmi_cfg->num_multicast_filter_entries =
3164 		cpu_to_le32(tg_cfg->num_multicast_filter_entries);
3165 	wmi_cfg->num_wow_filters = cpu_to_le32(tg_cfg->num_wow_filters);
3166 	wmi_cfg->num_keep_alive_pattern = cpu_to_le32(tg_cfg->num_keep_alive_pattern);
3167 	wmi_cfg->keep_alive_pattern_size = cpu_to_le32(tg_cfg->keep_alive_pattern_size);
3168 	wmi_cfg->max_tdls_concurrent_sleep_sta =
3169 		cpu_to_le32(tg_cfg->max_tdls_concurrent_sleep_sta);
3170 	wmi_cfg->max_tdls_concurrent_buffer_sta =
3171 		cpu_to_le32(tg_cfg->max_tdls_concurrent_buffer_sta);
3172 	wmi_cfg->wmi_send_separate = cpu_to_le32(tg_cfg->wmi_send_separate);
3173 	wmi_cfg->num_ocb_vdevs = cpu_to_le32(tg_cfg->num_ocb_vdevs);
3174 	wmi_cfg->num_ocb_channels = cpu_to_le32(tg_cfg->num_ocb_channels);
3175 	wmi_cfg->num_ocb_schedules = cpu_to_le32(tg_cfg->num_ocb_schedules);
3176 	wmi_cfg->bpf_instruction_size = cpu_to_le32(tg_cfg->bpf_instruction_size);
3177 	wmi_cfg->max_bssid_rx_filters = cpu_to_le32(tg_cfg->max_bssid_rx_filters);
3178 	wmi_cfg->use_pdev_id = cpu_to_le32(tg_cfg->use_pdev_id);
3179 	wmi_cfg->flag1 = cpu_to_le32(tg_cfg->atf_config);
3180 	wmi_cfg->peer_map_unmap_version = cpu_to_le32(tg_cfg->peer_map_unmap_version);
3181 	wmi_cfg->sched_params = cpu_to_le32(tg_cfg->sched_params);
3182 	wmi_cfg->twt_ap_pdev_count = cpu_to_le32(tg_cfg->twt_ap_pdev_count);
3183 	wmi_cfg->twt_ap_sta_count = cpu_to_le32(tg_cfg->twt_ap_sta_count);
3184 	wmi_cfg->host_service_flags = cpu_to_le32(tg_cfg->is_reg_cc_ext_event_supported <<
3185 				WMI_RSRC_CFG_HOST_SVC_FLAG_REG_CC_EXT_SUPPORT_BIT);
3186 }
3187 
3188 static int ath12k_init_cmd_send(struct ath12k_wmi_pdev *wmi,
3189 				struct ath12k_wmi_init_cmd_arg *arg)
3190 {
3191 	struct ath12k_base *ab = wmi->wmi_ab->ab;
3192 	struct sk_buff *skb;
3193 	struct wmi_init_cmd *cmd;
3194 	struct ath12k_wmi_resource_config_params *cfg;
3195 	struct ath12k_wmi_pdev_set_hw_mode_cmd *hw_mode;
3196 	struct ath12k_wmi_pdev_band_to_mac_params *band_to_mac;
3197 	struct ath12k_wmi_host_mem_chunk_params *host_mem_chunks;
3198 	struct wmi_tlv *tlv;
3199 	size_t ret, len;
3200 	void *ptr;
3201 	u32 hw_mode_len = 0;
3202 	u16 idx;
3203 
3204 	if (arg->hw_mode_id != WMI_HOST_HW_MODE_MAX)
3205 		hw_mode_len = sizeof(*hw_mode) + TLV_HDR_SIZE +
3206 			      (arg->num_band_to_mac * sizeof(*band_to_mac));
3207 
3208 	len = sizeof(*cmd) + TLV_HDR_SIZE + sizeof(*cfg) + hw_mode_len +
3209 	      (arg->num_mem_chunks ? (sizeof(*host_mem_chunks) * WMI_MAX_MEM_REQS) : 0);
3210 
3211 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, len);
3212 	if (!skb)
3213 		return -ENOMEM;
3214 
3215 	cmd = (struct wmi_init_cmd *)skb->data;
3216 
3217 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_INIT_CMD,
3218 						 sizeof(*cmd));
3219 
3220 	ptr = skb->data + sizeof(*cmd);
3221 	cfg = ptr;
3222 
3223 	ath12k_wmi_copy_resource_config(cfg, &arg->res_cfg);
3224 
3225 	cfg->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_RESOURCE_CONFIG,
3226 						 sizeof(*cfg));
3227 
3228 	ptr += sizeof(*cfg);
3229 	host_mem_chunks = ptr + TLV_HDR_SIZE;
3230 	len = sizeof(struct ath12k_wmi_host_mem_chunk_params);
3231 
3232 	for (idx = 0; idx < arg->num_mem_chunks; ++idx) {
3233 		host_mem_chunks[idx].tlv_header =
3234 			ath12k_wmi_tlv_hdr(WMI_TAG_WLAN_HOST_MEMORY_CHUNK,
3235 					   len);
3236 
3237 		host_mem_chunks[idx].ptr = cpu_to_le32(arg->mem_chunks[idx].paddr);
3238 		host_mem_chunks[idx].size = cpu_to_le32(arg->mem_chunks[idx].len);
3239 		host_mem_chunks[idx].req_id = cpu_to_le32(arg->mem_chunks[idx].req_id);
3240 
3241 		ath12k_dbg(ab, ATH12K_DBG_WMI,
3242 			   "WMI host mem chunk req_id %d paddr 0x%llx len %d\n",
3243 			   arg->mem_chunks[idx].req_id,
3244 			   (u64)arg->mem_chunks[idx].paddr,
3245 			   arg->mem_chunks[idx].len);
3246 	}
3247 	cmd->num_host_mem_chunks = cpu_to_le32(arg->num_mem_chunks);
3248 	len = sizeof(struct ath12k_wmi_host_mem_chunk_params) * arg->num_mem_chunks;
3249 
3250 	/* num_mem_chunks is zero */
3251 	tlv = ptr;
3252 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_STRUCT, len);
3253 	ptr += TLV_HDR_SIZE + len;
3254 
3255 	if (arg->hw_mode_id != WMI_HOST_HW_MODE_MAX) {
3256 		hw_mode = (struct ath12k_wmi_pdev_set_hw_mode_cmd *)ptr;
3257 		hw_mode->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_SET_HW_MODE_CMD,
3258 							     sizeof(*hw_mode));
3259 
3260 		hw_mode->hw_mode_index = cpu_to_le32(arg->hw_mode_id);
3261 		hw_mode->num_band_to_mac = cpu_to_le32(arg->num_band_to_mac);
3262 
3263 		ptr += sizeof(*hw_mode);
3264 
3265 		len = arg->num_band_to_mac * sizeof(*band_to_mac);
3266 		tlv = ptr;
3267 		tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_STRUCT, len);
3268 
3269 		ptr += TLV_HDR_SIZE;
3270 		len = sizeof(*band_to_mac);
3271 
3272 		for (idx = 0; idx < arg->num_band_to_mac; idx++) {
3273 			band_to_mac = (void *)ptr;
3274 
3275 			band_to_mac->tlv_header =
3276 				ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_BAND_TO_MAC,
3277 						       len);
3278 			band_to_mac->pdev_id = cpu_to_le32(arg->band_to_mac[idx].pdev_id);
3279 			band_to_mac->start_freq =
3280 				cpu_to_le32(arg->band_to_mac[idx].start_freq);
3281 			band_to_mac->end_freq =
3282 				cpu_to_le32(arg->band_to_mac[idx].end_freq);
3283 			ptr += sizeof(*band_to_mac);
3284 		}
3285 	}
3286 
3287 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_INIT_CMDID);
3288 	if (ret) {
3289 		ath12k_warn(ab, "failed to send WMI_INIT_CMDID\n");
3290 		dev_kfree_skb(skb);
3291 	}
3292 
3293 	return ret;
3294 }
3295 
3296 int ath12k_wmi_pdev_lro_cfg(struct ath12k *ar,
3297 			    int pdev_id)
3298 {
3299 	struct ath12k_wmi_pdev_lro_config_cmd *cmd;
3300 	struct sk_buff *skb;
3301 	int ret;
3302 
3303 	skb = ath12k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
3304 	if (!skb)
3305 		return -ENOMEM;
3306 
3307 	cmd = (struct ath12k_wmi_pdev_lro_config_cmd *)skb->data;
3308 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_LRO_INFO_CMD,
3309 						 sizeof(*cmd));
3310 
3311 	get_random_bytes(cmd->th_4, sizeof(cmd->th_4));
3312 	get_random_bytes(cmd->th_6, sizeof(cmd->th_6));
3313 
3314 	cmd->pdev_id = cpu_to_le32(pdev_id);
3315 
3316 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
3317 		   "WMI lro cfg cmd pdev_id 0x%x\n", pdev_id);
3318 
3319 	ret = ath12k_wmi_cmd_send(ar->wmi, skb, WMI_LRO_CONFIG_CMDID);
3320 	if (ret) {
3321 		ath12k_warn(ar->ab,
3322 			    "failed to send lro cfg req wmi cmd\n");
3323 		goto err;
3324 	}
3325 
3326 	return 0;
3327 err:
3328 	dev_kfree_skb(skb);
3329 	return ret;
3330 }
3331 
3332 int ath12k_wmi_wait_for_service_ready(struct ath12k_base *ab)
3333 {
3334 	unsigned long time_left;
3335 
3336 	time_left = wait_for_completion_timeout(&ab->wmi_ab.service_ready,
3337 						WMI_SERVICE_READY_TIMEOUT_HZ);
3338 	if (!time_left)
3339 		return -ETIMEDOUT;
3340 
3341 	return 0;
3342 }
3343 
3344 int ath12k_wmi_wait_for_unified_ready(struct ath12k_base *ab)
3345 {
3346 	unsigned long time_left;
3347 
3348 	time_left = wait_for_completion_timeout(&ab->wmi_ab.unified_ready,
3349 						WMI_SERVICE_READY_TIMEOUT_HZ);
3350 	if (!time_left)
3351 		return -ETIMEDOUT;
3352 
3353 	return 0;
3354 }
3355 
3356 int ath12k_wmi_set_hw_mode(struct ath12k_base *ab,
3357 			   enum wmi_host_hw_mode_config_type mode)
3358 {
3359 	struct ath12k_wmi_pdev_set_hw_mode_cmd *cmd;
3360 	struct sk_buff *skb;
3361 	struct ath12k_wmi_base *wmi_ab = &ab->wmi_ab;
3362 	int len;
3363 	int ret;
3364 
3365 	len = sizeof(*cmd);
3366 
3367 	skb = ath12k_wmi_alloc_skb(wmi_ab, len);
3368 	if (!skb)
3369 		return -ENOMEM;
3370 
3371 	cmd = (struct ath12k_wmi_pdev_set_hw_mode_cmd *)skb->data;
3372 
3373 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_PDEV_SET_HW_MODE_CMD,
3374 						 sizeof(*cmd));
3375 
3376 	cmd->pdev_id = WMI_PDEV_ID_SOC;
3377 	cmd->hw_mode_index = cpu_to_le32(mode);
3378 
3379 	ret = ath12k_wmi_cmd_send(&wmi_ab->wmi[0], skb, WMI_PDEV_SET_HW_MODE_CMDID);
3380 	if (ret) {
3381 		ath12k_warn(ab, "failed to send WMI_PDEV_SET_HW_MODE_CMDID\n");
3382 		dev_kfree_skb(skb);
3383 	}
3384 
3385 	return ret;
3386 }
3387 
3388 int ath12k_wmi_cmd_init(struct ath12k_base *ab)
3389 {
3390 	struct ath12k_wmi_base *wmi_sc = &ab->wmi_ab;
3391 	struct ath12k_wmi_init_cmd_arg arg = {};
3392 
3393 	if (test_bit(WMI_TLV_SERVICE_REG_CC_EXT_EVENT_SUPPORT,
3394 		     ab->wmi_ab.svc_map))
3395 		arg.res_cfg.is_reg_cc_ext_event_supported = true;
3396 
3397 	ab->hw_params->wmi_init(ab, &arg.res_cfg);
3398 
3399 	arg.num_mem_chunks = wmi_sc->num_mem_chunks;
3400 	arg.hw_mode_id = wmi_sc->preferred_hw_mode;
3401 	arg.mem_chunks = wmi_sc->mem_chunks;
3402 
3403 	if (ab->hw_params->single_pdev_only)
3404 		arg.hw_mode_id = WMI_HOST_HW_MODE_MAX;
3405 
3406 	arg.num_band_to_mac = ab->num_radios;
3407 	ath12k_fill_band_to_mac_param(ab, arg.band_to_mac);
3408 
3409 	return ath12k_init_cmd_send(&wmi_sc->wmi[0], &arg);
3410 }
3411 
3412 int ath12k_wmi_vdev_spectral_conf(struct ath12k *ar,
3413 				  struct ath12k_wmi_vdev_spectral_conf_arg *arg)
3414 {
3415 	struct ath12k_wmi_vdev_spectral_conf_cmd *cmd;
3416 	struct sk_buff *skb;
3417 	int ret;
3418 
3419 	skb = ath12k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
3420 	if (!skb)
3421 		return -ENOMEM;
3422 
3423 	cmd = (struct ath12k_wmi_vdev_spectral_conf_cmd *)skb->data;
3424 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_SPECTRAL_CONFIGURE_CMD,
3425 						 sizeof(*cmd));
3426 	cmd->vdev_id = cpu_to_le32(arg->vdev_id);
3427 	cmd->scan_count = cpu_to_le32(arg->scan_count);
3428 	cmd->scan_period = cpu_to_le32(arg->scan_period);
3429 	cmd->scan_priority = cpu_to_le32(arg->scan_priority);
3430 	cmd->scan_fft_size = cpu_to_le32(arg->scan_fft_size);
3431 	cmd->scan_gc_ena = cpu_to_le32(arg->scan_gc_ena);
3432 	cmd->scan_restart_ena = cpu_to_le32(arg->scan_restart_ena);
3433 	cmd->scan_noise_floor_ref = cpu_to_le32(arg->scan_noise_floor_ref);
3434 	cmd->scan_init_delay = cpu_to_le32(arg->scan_init_delay);
3435 	cmd->scan_nb_tone_thr = cpu_to_le32(arg->scan_nb_tone_thr);
3436 	cmd->scan_str_bin_thr = cpu_to_le32(arg->scan_str_bin_thr);
3437 	cmd->scan_wb_rpt_mode = cpu_to_le32(arg->scan_wb_rpt_mode);
3438 	cmd->scan_rssi_rpt_mode = cpu_to_le32(arg->scan_rssi_rpt_mode);
3439 	cmd->scan_rssi_thr = cpu_to_le32(arg->scan_rssi_thr);
3440 	cmd->scan_pwr_format = cpu_to_le32(arg->scan_pwr_format);
3441 	cmd->scan_rpt_mode = cpu_to_le32(arg->scan_rpt_mode);
3442 	cmd->scan_bin_scale = cpu_to_le32(arg->scan_bin_scale);
3443 	cmd->scan_dbm_adj = cpu_to_le32(arg->scan_dbm_adj);
3444 	cmd->scan_chn_mask = cpu_to_le32(arg->scan_chn_mask);
3445 
3446 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
3447 		   "WMI spectral scan config cmd vdev_id 0x%x\n",
3448 		   arg->vdev_id);
3449 
3450 	ret = ath12k_wmi_cmd_send(ar->wmi, skb,
3451 				  WMI_VDEV_SPECTRAL_SCAN_CONFIGURE_CMDID);
3452 	if (ret) {
3453 		ath12k_warn(ar->ab,
3454 			    "failed to send spectral scan config wmi cmd\n");
3455 		goto err;
3456 	}
3457 
3458 	return 0;
3459 err:
3460 	dev_kfree_skb(skb);
3461 	return ret;
3462 }
3463 
3464 int ath12k_wmi_vdev_spectral_enable(struct ath12k *ar, u32 vdev_id,
3465 				    u32 trigger, u32 enable)
3466 {
3467 	struct ath12k_wmi_vdev_spectral_enable_cmd *cmd;
3468 	struct sk_buff *skb;
3469 	int ret;
3470 
3471 	skb = ath12k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
3472 	if (!skb)
3473 		return -ENOMEM;
3474 
3475 	cmd = (struct ath12k_wmi_vdev_spectral_enable_cmd *)skb->data;
3476 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_VDEV_SPECTRAL_ENABLE_CMD,
3477 						 sizeof(*cmd));
3478 
3479 	cmd->vdev_id = cpu_to_le32(vdev_id);
3480 	cmd->trigger_cmd = cpu_to_le32(trigger);
3481 	cmd->enable_cmd = cpu_to_le32(enable);
3482 
3483 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
3484 		   "WMI spectral enable cmd vdev id 0x%x\n",
3485 		   vdev_id);
3486 
3487 	ret = ath12k_wmi_cmd_send(ar->wmi, skb,
3488 				  WMI_VDEV_SPECTRAL_SCAN_ENABLE_CMDID);
3489 	if (ret) {
3490 		ath12k_warn(ar->ab,
3491 			    "failed to send spectral enable wmi cmd\n");
3492 		goto err;
3493 	}
3494 
3495 	return 0;
3496 err:
3497 	dev_kfree_skb(skb);
3498 	return ret;
3499 }
3500 
3501 int ath12k_wmi_pdev_dma_ring_cfg(struct ath12k *ar,
3502 				 struct ath12k_wmi_pdev_dma_ring_cfg_arg *arg)
3503 {
3504 	struct ath12k_wmi_pdev_dma_ring_cfg_req_cmd *cmd;
3505 	struct sk_buff *skb;
3506 	int ret;
3507 
3508 	skb = ath12k_wmi_alloc_skb(ar->wmi->wmi_ab, sizeof(*cmd));
3509 	if (!skb)
3510 		return -ENOMEM;
3511 
3512 	cmd = (struct ath12k_wmi_pdev_dma_ring_cfg_req_cmd *)skb->data;
3513 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_DMA_RING_CFG_REQ,
3514 						 sizeof(*cmd));
3515 
3516 	cmd->pdev_id = cpu_to_le32(DP_SW2HW_MACID(arg->pdev_id));
3517 	cmd->module_id = cpu_to_le32(arg->module_id);
3518 	cmd->base_paddr_lo = cpu_to_le32(arg->base_paddr_lo);
3519 	cmd->base_paddr_hi = cpu_to_le32(arg->base_paddr_hi);
3520 	cmd->head_idx_paddr_lo = cpu_to_le32(arg->head_idx_paddr_lo);
3521 	cmd->head_idx_paddr_hi = cpu_to_le32(arg->head_idx_paddr_hi);
3522 	cmd->tail_idx_paddr_lo = cpu_to_le32(arg->tail_idx_paddr_lo);
3523 	cmd->tail_idx_paddr_hi = cpu_to_le32(arg->tail_idx_paddr_hi);
3524 	cmd->num_elems = cpu_to_le32(arg->num_elems);
3525 	cmd->buf_size = cpu_to_le32(arg->buf_size);
3526 	cmd->num_resp_per_event = cpu_to_le32(arg->num_resp_per_event);
3527 	cmd->event_timeout_ms = cpu_to_le32(arg->event_timeout_ms);
3528 
3529 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
3530 		   "WMI DMA ring cfg req cmd pdev_id 0x%x\n",
3531 		   arg->pdev_id);
3532 
3533 	ret = ath12k_wmi_cmd_send(ar->wmi, skb,
3534 				  WMI_PDEV_DMA_RING_CFG_REQ_CMDID);
3535 	if (ret) {
3536 		ath12k_warn(ar->ab,
3537 			    "failed to send dma ring cfg req wmi cmd\n");
3538 		goto err;
3539 	}
3540 
3541 	return 0;
3542 err:
3543 	dev_kfree_skb(skb);
3544 	return ret;
3545 }
3546 
3547 static int ath12k_wmi_dma_buf_entry_parse(struct ath12k_base *soc,
3548 					  u16 tag, u16 len,
3549 					  const void *ptr, void *data)
3550 {
3551 	struct ath12k_wmi_dma_buf_release_arg *arg = data;
3552 
3553 	if (tag != WMI_TAG_DMA_BUF_RELEASE_ENTRY)
3554 		return -EPROTO;
3555 
3556 	if (arg->num_buf_entry >= le32_to_cpu(arg->fixed.num_buf_release_entry))
3557 		return -ENOBUFS;
3558 
3559 	arg->num_buf_entry++;
3560 	return 0;
3561 }
3562 
3563 static int ath12k_wmi_dma_buf_meta_parse(struct ath12k_base *soc,
3564 					 u16 tag, u16 len,
3565 					 const void *ptr, void *data)
3566 {
3567 	struct ath12k_wmi_dma_buf_release_arg *arg = data;
3568 
3569 	if (tag != WMI_TAG_DMA_BUF_RELEASE_SPECTRAL_META_DATA)
3570 		return -EPROTO;
3571 
3572 	if (arg->num_meta >= le32_to_cpu(arg->fixed.num_meta_data_entry))
3573 		return -ENOBUFS;
3574 
3575 	arg->num_meta++;
3576 
3577 	return 0;
3578 }
3579 
3580 static int ath12k_wmi_dma_buf_parse(struct ath12k_base *ab,
3581 				    u16 tag, u16 len,
3582 				    const void *ptr, void *data)
3583 {
3584 	struct ath12k_wmi_dma_buf_release_arg *arg = data;
3585 	const struct ath12k_wmi_dma_buf_release_fixed_params *fixed;
3586 	u32 pdev_id;
3587 	int ret;
3588 
3589 	switch (tag) {
3590 	case WMI_TAG_DMA_BUF_RELEASE:
3591 		fixed = ptr;
3592 		arg->fixed = *fixed;
3593 		pdev_id = DP_HW2SW_MACID(le32_to_cpu(fixed->pdev_id));
3594 		arg->fixed.pdev_id = cpu_to_le32(pdev_id);
3595 		break;
3596 	case WMI_TAG_ARRAY_STRUCT:
3597 		if (!arg->buf_entry_done) {
3598 			arg->num_buf_entry = 0;
3599 			arg->buf_entry = ptr;
3600 
3601 			ret = ath12k_wmi_tlv_iter(ab, ptr, len,
3602 						  ath12k_wmi_dma_buf_entry_parse,
3603 						  arg);
3604 			if (ret) {
3605 				ath12k_warn(ab, "failed to parse dma buf entry tlv %d\n",
3606 					    ret);
3607 				return ret;
3608 			}
3609 
3610 			arg->buf_entry_done = true;
3611 		} else if (!arg->meta_data_done) {
3612 			arg->num_meta = 0;
3613 			arg->meta_data = ptr;
3614 
3615 			ret = ath12k_wmi_tlv_iter(ab, ptr, len,
3616 						  ath12k_wmi_dma_buf_meta_parse,
3617 						  arg);
3618 			if (ret) {
3619 				ath12k_warn(ab, "failed to parse dma buf meta tlv %d\n",
3620 					    ret);
3621 				return ret;
3622 			}
3623 
3624 			arg->meta_data_done = true;
3625 		}
3626 		break;
3627 	default:
3628 		break;
3629 	}
3630 	return 0;
3631 }
3632 
3633 static void ath12k_wmi_pdev_dma_ring_buf_release_event(struct ath12k_base *ab,
3634 						       struct sk_buff *skb)
3635 {
3636 	struct ath12k_wmi_dma_buf_release_arg arg = {};
3637 	struct ath12k_dbring_buf_release_event param;
3638 	int ret;
3639 
3640 	ret = ath12k_wmi_tlv_iter(ab, skb->data, skb->len,
3641 				  ath12k_wmi_dma_buf_parse,
3642 				  &arg);
3643 	if (ret) {
3644 		ath12k_warn(ab, "failed to parse dma buf release tlv %d\n", ret);
3645 		return;
3646 	}
3647 
3648 	param.fixed = arg.fixed;
3649 	param.buf_entry = arg.buf_entry;
3650 	param.num_buf_entry = arg.num_buf_entry;
3651 	param.meta_data = arg.meta_data;
3652 	param.num_meta = arg.num_meta;
3653 
3654 	ret = ath12k_dbring_buffer_release_event(ab, &param);
3655 	if (ret) {
3656 		ath12k_warn(ab, "failed to handle dma buf release event %d\n", ret);
3657 		return;
3658 	}
3659 }
3660 
3661 static int ath12k_wmi_hw_mode_caps_parse(struct ath12k_base *soc,
3662 					 u16 tag, u16 len,
3663 					 const void *ptr, void *data)
3664 {
3665 	struct ath12k_wmi_svc_rdy_ext_parse *svc_rdy_ext = data;
3666 	struct ath12k_wmi_hw_mode_cap_params *hw_mode_cap;
3667 	u32 phy_map = 0;
3668 
3669 	if (tag != WMI_TAG_HW_MODE_CAPABILITIES)
3670 		return -EPROTO;
3671 
3672 	if (svc_rdy_ext->n_hw_mode_caps >= svc_rdy_ext->arg.num_hw_modes)
3673 		return -ENOBUFS;
3674 
3675 	hw_mode_cap = container_of(ptr, struct ath12k_wmi_hw_mode_cap_params,
3676 				   hw_mode_id);
3677 	svc_rdy_ext->n_hw_mode_caps++;
3678 
3679 	phy_map = le32_to_cpu(hw_mode_cap->phy_id_map);
3680 	svc_rdy_ext->tot_phy_id += fls(phy_map);
3681 
3682 	return 0;
3683 }
3684 
3685 static int ath12k_wmi_hw_mode_caps(struct ath12k_base *soc,
3686 				   u16 len, const void *ptr, void *data)
3687 {
3688 	struct ath12k_wmi_svc_rdy_ext_parse *svc_rdy_ext = data;
3689 	const struct ath12k_wmi_hw_mode_cap_params *hw_mode_caps;
3690 	enum wmi_host_hw_mode_config_type mode, pref;
3691 	u32 i;
3692 	int ret;
3693 
3694 	svc_rdy_ext->n_hw_mode_caps = 0;
3695 	svc_rdy_ext->hw_mode_caps = ptr;
3696 
3697 	ret = ath12k_wmi_tlv_iter(soc, ptr, len,
3698 				  ath12k_wmi_hw_mode_caps_parse,
3699 				  svc_rdy_ext);
3700 	if (ret) {
3701 		ath12k_warn(soc, "failed to parse tlv %d\n", ret);
3702 		return ret;
3703 	}
3704 
3705 	for (i = 0 ; i < svc_rdy_ext->n_hw_mode_caps; i++) {
3706 		hw_mode_caps = &svc_rdy_ext->hw_mode_caps[i];
3707 		mode = le32_to_cpu(hw_mode_caps->hw_mode_id);
3708 		pref = soc->wmi_ab.preferred_hw_mode;
3709 
3710 		if (ath12k_hw_mode_pri_map[mode] < ath12k_hw_mode_pri_map[pref]) {
3711 			svc_rdy_ext->pref_hw_mode_caps = *hw_mode_caps;
3712 			soc->wmi_ab.preferred_hw_mode = mode;
3713 		}
3714 	}
3715 
3716 	ath12k_dbg(soc, ATH12K_DBG_WMI, "preferred_hw_mode:%d\n",
3717 		   soc->wmi_ab.preferred_hw_mode);
3718 	if (soc->wmi_ab.preferred_hw_mode == WMI_HOST_HW_MODE_MAX)
3719 		return -EINVAL;
3720 
3721 	return 0;
3722 }
3723 
3724 static int ath12k_wmi_mac_phy_caps_parse(struct ath12k_base *soc,
3725 					 u16 tag, u16 len,
3726 					 const void *ptr, void *data)
3727 {
3728 	struct ath12k_wmi_svc_rdy_ext_parse *svc_rdy_ext = data;
3729 
3730 	if (tag != WMI_TAG_MAC_PHY_CAPABILITIES)
3731 		return -EPROTO;
3732 
3733 	if (svc_rdy_ext->n_mac_phy_caps >= svc_rdy_ext->tot_phy_id)
3734 		return -ENOBUFS;
3735 
3736 	len = min_t(u16, len, sizeof(struct ath12k_wmi_mac_phy_caps_params));
3737 	if (!svc_rdy_ext->n_mac_phy_caps) {
3738 		svc_rdy_ext->mac_phy_caps = kzalloc((svc_rdy_ext->tot_phy_id) * len,
3739 						    GFP_ATOMIC);
3740 		if (!svc_rdy_ext->mac_phy_caps)
3741 			return -ENOMEM;
3742 	}
3743 
3744 	memcpy(svc_rdy_ext->mac_phy_caps + svc_rdy_ext->n_mac_phy_caps, ptr, len);
3745 	svc_rdy_ext->n_mac_phy_caps++;
3746 	return 0;
3747 }
3748 
3749 static int ath12k_wmi_ext_hal_reg_caps_parse(struct ath12k_base *soc,
3750 					     u16 tag, u16 len,
3751 					     const void *ptr, void *data)
3752 {
3753 	struct ath12k_wmi_svc_rdy_ext_parse *svc_rdy_ext = data;
3754 
3755 	if (tag != WMI_TAG_HAL_REG_CAPABILITIES_EXT)
3756 		return -EPROTO;
3757 
3758 	if (svc_rdy_ext->n_ext_hal_reg_caps >= svc_rdy_ext->arg.num_phy)
3759 		return -ENOBUFS;
3760 
3761 	svc_rdy_ext->n_ext_hal_reg_caps++;
3762 	return 0;
3763 }
3764 
3765 static int ath12k_wmi_ext_hal_reg_caps(struct ath12k_base *soc,
3766 				       u16 len, const void *ptr, void *data)
3767 {
3768 	struct ath12k_wmi_pdev *wmi_handle = &soc->wmi_ab.wmi[0];
3769 	struct ath12k_wmi_svc_rdy_ext_parse *svc_rdy_ext = data;
3770 	struct ath12k_wmi_hal_reg_capabilities_ext_arg reg_cap;
3771 	int ret;
3772 	u32 i;
3773 
3774 	svc_rdy_ext->n_ext_hal_reg_caps = 0;
3775 	svc_rdy_ext->ext_hal_reg_caps = ptr;
3776 	ret = ath12k_wmi_tlv_iter(soc, ptr, len,
3777 				  ath12k_wmi_ext_hal_reg_caps_parse,
3778 				  svc_rdy_ext);
3779 	if (ret) {
3780 		ath12k_warn(soc, "failed to parse tlv %d\n", ret);
3781 		return ret;
3782 	}
3783 
3784 	for (i = 0; i < svc_rdy_ext->arg.num_phy; i++) {
3785 		ret = ath12k_pull_reg_cap_svc_rdy_ext(wmi_handle,
3786 						      svc_rdy_ext->soc_hal_reg_caps,
3787 						      svc_rdy_ext->ext_hal_reg_caps, i,
3788 						      &reg_cap);
3789 		if (ret) {
3790 			ath12k_warn(soc, "failed to extract reg cap %d\n", i);
3791 			return ret;
3792 		}
3793 		soc->hal_reg_cap[reg_cap.phy_id] = reg_cap;
3794 	}
3795 	return 0;
3796 }
3797 
3798 static int ath12k_wmi_ext_soc_hal_reg_caps_parse(struct ath12k_base *soc,
3799 						 u16 len, const void *ptr,
3800 						 void *data)
3801 {
3802 	struct ath12k_wmi_pdev *wmi_handle = &soc->wmi_ab.wmi[0];
3803 	struct ath12k_wmi_svc_rdy_ext_parse *svc_rdy_ext = data;
3804 	u8 hw_mode_id = le32_to_cpu(svc_rdy_ext->pref_hw_mode_caps.hw_mode_id);
3805 	u32 phy_id_map;
3806 	int pdev_index = 0;
3807 	int ret;
3808 
3809 	svc_rdy_ext->soc_hal_reg_caps = ptr;
3810 	svc_rdy_ext->arg.num_phy = le32_to_cpu(svc_rdy_ext->soc_hal_reg_caps->num_phy);
3811 
3812 	soc->num_radios = 0;
3813 	phy_id_map = le32_to_cpu(svc_rdy_ext->pref_hw_mode_caps.phy_id_map);
3814 
3815 	while (phy_id_map && soc->num_radios < MAX_RADIOS) {
3816 		ret = ath12k_pull_mac_phy_cap_svc_ready_ext(wmi_handle,
3817 							    svc_rdy_ext,
3818 							    hw_mode_id, soc->num_radios,
3819 							    &soc->pdevs[pdev_index]);
3820 		if (ret) {
3821 			ath12k_warn(soc, "failed to extract mac caps, idx :%d\n",
3822 				    soc->num_radios);
3823 			return ret;
3824 		}
3825 
3826 		soc->num_radios++;
3827 
3828 		/* For single_pdev_only targets,
3829 		 * save mac_phy capability in the same pdev
3830 		 */
3831 		if (soc->hw_params->single_pdev_only)
3832 			pdev_index = 0;
3833 		else
3834 			pdev_index = soc->num_radios;
3835 
3836 		/* TODO: mac_phy_cap prints */
3837 		phy_id_map >>= 1;
3838 	}
3839 
3840 	if (soc->hw_params->single_pdev_only) {
3841 		soc->num_radios = 1;
3842 		soc->pdevs[0].pdev_id = 0;
3843 	}
3844 
3845 	return 0;
3846 }
3847 
3848 static int ath12k_wmi_dma_ring_caps_parse(struct ath12k_base *soc,
3849 					  u16 tag, u16 len,
3850 					  const void *ptr, void *data)
3851 {
3852 	struct ath12k_wmi_dma_ring_caps_parse *parse = data;
3853 
3854 	if (tag != WMI_TAG_DMA_RING_CAPABILITIES)
3855 		return -EPROTO;
3856 
3857 	parse->n_dma_ring_caps++;
3858 	return 0;
3859 }
3860 
3861 static int ath12k_wmi_alloc_dbring_caps(struct ath12k_base *ab,
3862 					u32 num_cap)
3863 {
3864 	size_t sz;
3865 	void *ptr;
3866 
3867 	sz = num_cap * sizeof(struct ath12k_dbring_cap);
3868 	ptr = kzalloc(sz, GFP_ATOMIC);
3869 	if (!ptr)
3870 		return -ENOMEM;
3871 
3872 	ab->db_caps = ptr;
3873 	ab->num_db_cap = num_cap;
3874 
3875 	return 0;
3876 }
3877 
3878 static void ath12k_wmi_free_dbring_caps(struct ath12k_base *ab)
3879 {
3880 	kfree(ab->db_caps);
3881 	ab->db_caps = NULL;
3882 }
3883 
3884 static int ath12k_wmi_dma_ring_caps(struct ath12k_base *ab,
3885 				    u16 len, const void *ptr, void *data)
3886 {
3887 	struct ath12k_wmi_dma_ring_caps_parse *dma_caps_parse = data;
3888 	struct ath12k_wmi_dma_ring_caps_params *dma_caps;
3889 	struct ath12k_dbring_cap *dir_buff_caps;
3890 	int ret;
3891 	u32 i;
3892 
3893 	dma_caps_parse->n_dma_ring_caps = 0;
3894 	dma_caps = (struct ath12k_wmi_dma_ring_caps_params *)ptr;
3895 	ret = ath12k_wmi_tlv_iter(ab, ptr, len,
3896 				  ath12k_wmi_dma_ring_caps_parse,
3897 				  dma_caps_parse);
3898 	if (ret) {
3899 		ath12k_warn(ab, "failed to parse dma ring caps tlv %d\n", ret);
3900 		return ret;
3901 	}
3902 
3903 	if (!dma_caps_parse->n_dma_ring_caps)
3904 		return 0;
3905 
3906 	if (ab->num_db_cap) {
3907 		ath12k_warn(ab, "Already processed, so ignoring dma ring caps\n");
3908 		return 0;
3909 	}
3910 
3911 	ret = ath12k_wmi_alloc_dbring_caps(ab, dma_caps_parse->n_dma_ring_caps);
3912 	if (ret)
3913 		return ret;
3914 
3915 	dir_buff_caps = ab->db_caps;
3916 	for (i = 0; i < dma_caps_parse->n_dma_ring_caps; i++) {
3917 		if (le32_to_cpu(dma_caps[i].module_id) >= WMI_DIRECT_BUF_MAX) {
3918 			ath12k_warn(ab, "Invalid module id %d\n",
3919 				    le32_to_cpu(dma_caps[i].module_id));
3920 			ret = -EINVAL;
3921 			goto free_dir_buff;
3922 		}
3923 
3924 		dir_buff_caps[i].id = le32_to_cpu(dma_caps[i].module_id);
3925 		dir_buff_caps[i].pdev_id =
3926 			DP_HW2SW_MACID(le32_to_cpu(dma_caps[i].pdev_id));
3927 		dir_buff_caps[i].min_elem = le32_to_cpu(dma_caps[i].min_elem);
3928 		dir_buff_caps[i].min_buf_sz = le32_to_cpu(dma_caps[i].min_buf_sz);
3929 		dir_buff_caps[i].min_buf_align = le32_to_cpu(dma_caps[i].min_buf_align);
3930 	}
3931 
3932 	return 0;
3933 
3934 free_dir_buff:
3935 	ath12k_wmi_free_dbring_caps(ab);
3936 	return ret;
3937 }
3938 
3939 static int ath12k_wmi_svc_rdy_ext_parse(struct ath12k_base *ab,
3940 					u16 tag, u16 len,
3941 					const void *ptr, void *data)
3942 {
3943 	struct ath12k_wmi_pdev *wmi_handle = &ab->wmi_ab.wmi[0];
3944 	struct ath12k_wmi_svc_rdy_ext_parse *svc_rdy_ext = data;
3945 	int ret;
3946 
3947 	switch (tag) {
3948 	case WMI_TAG_SERVICE_READY_EXT_EVENT:
3949 		ret = ath12k_pull_svc_ready_ext(wmi_handle, ptr,
3950 						&svc_rdy_ext->arg);
3951 		if (ret) {
3952 			ath12k_warn(ab, "unable to extract ext params\n");
3953 			return ret;
3954 		}
3955 		break;
3956 
3957 	case WMI_TAG_SOC_MAC_PHY_HW_MODE_CAPS:
3958 		svc_rdy_ext->hw_caps = ptr;
3959 		svc_rdy_ext->arg.num_hw_modes =
3960 			le32_to_cpu(svc_rdy_ext->hw_caps->num_hw_modes);
3961 		break;
3962 
3963 	case WMI_TAG_SOC_HAL_REG_CAPABILITIES:
3964 		ret = ath12k_wmi_ext_soc_hal_reg_caps_parse(ab, len, ptr,
3965 							    svc_rdy_ext);
3966 		if (ret)
3967 			return ret;
3968 		break;
3969 
3970 	case WMI_TAG_ARRAY_STRUCT:
3971 		if (!svc_rdy_ext->hw_mode_done) {
3972 			ret = ath12k_wmi_hw_mode_caps(ab, len, ptr, svc_rdy_ext);
3973 			if (ret)
3974 				return ret;
3975 
3976 			svc_rdy_ext->hw_mode_done = true;
3977 		} else if (!svc_rdy_ext->mac_phy_done) {
3978 			svc_rdy_ext->n_mac_phy_caps = 0;
3979 			ret = ath12k_wmi_tlv_iter(ab, ptr, len,
3980 						  ath12k_wmi_mac_phy_caps_parse,
3981 						  svc_rdy_ext);
3982 			if (ret) {
3983 				ath12k_warn(ab, "failed to parse tlv %d\n", ret);
3984 				return ret;
3985 			}
3986 
3987 			svc_rdy_ext->mac_phy_done = true;
3988 		} else if (!svc_rdy_ext->ext_hal_reg_done) {
3989 			ret = ath12k_wmi_ext_hal_reg_caps(ab, len, ptr, svc_rdy_ext);
3990 			if (ret)
3991 				return ret;
3992 
3993 			svc_rdy_ext->ext_hal_reg_done = true;
3994 		} else if (!svc_rdy_ext->mac_phy_chainmask_combo_done) {
3995 			svc_rdy_ext->mac_phy_chainmask_combo_done = true;
3996 		} else if (!svc_rdy_ext->mac_phy_chainmask_cap_done) {
3997 			svc_rdy_ext->mac_phy_chainmask_cap_done = true;
3998 		} else if (!svc_rdy_ext->oem_dma_ring_cap_done) {
3999 			svc_rdy_ext->oem_dma_ring_cap_done = true;
4000 		} else if (!svc_rdy_ext->dma_ring_cap_done) {
4001 			ret = ath12k_wmi_dma_ring_caps(ab, len, ptr,
4002 						       &svc_rdy_ext->dma_caps_parse);
4003 			if (ret)
4004 				return ret;
4005 
4006 			svc_rdy_ext->dma_ring_cap_done = true;
4007 		}
4008 		break;
4009 
4010 	default:
4011 		break;
4012 	}
4013 	return 0;
4014 }
4015 
4016 static int ath12k_service_ready_ext_event(struct ath12k_base *ab,
4017 					  struct sk_buff *skb)
4018 {
4019 	struct ath12k_wmi_svc_rdy_ext_parse svc_rdy_ext = { };
4020 	int ret;
4021 
4022 	ret = ath12k_wmi_tlv_iter(ab, skb->data, skb->len,
4023 				  ath12k_wmi_svc_rdy_ext_parse,
4024 				  &svc_rdy_ext);
4025 	if (ret) {
4026 		ath12k_warn(ab, "failed to parse tlv %d\n", ret);
4027 		goto err;
4028 	}
4029 
4030 	if (!test_bit(WMI_TLV_SERVICE_EXT2_MSG, ab->wmi_ab.svc_map))
4031 		complete(&ab->wmi_ab.service_ready);
4032 
4033 	kfree(svc_rdy_ext.mac_phy_caps);
4034 	return 0;
4035 
4036 err:
4037 	ath12k_wmi_free_dbring_caps(ab);
4038 	return ret;
4039 }
4040 
4041 static int ath12k_wmi_svc_rdy_ext2_parse(struct ath12k_base *ab,
4042 					 u16 tag, u16 len,
4043 					 const void *ptr, void *data)
4044 {
4045 	struct ath12k_wmi_svc_rdy_ext2_parse *parse = data;
4046 	int ret;
4047 
4048 	switch (tag) {
4049 	case WMI_TAG_ARRAY_STRUCT:
4050 		if (!parse->dma_ring_cap_done) {
4051 			ret = ath12k_wmi_dma_ring_caps(ab, len, ptr,
4052 						       &parse->dma_caps_parse);
4053 			if (ret)
4054 				return ret;
4055 
4056 			parse->dma_ring_cap_done = true;
4057 		}
4058 		break;
4059 	default:
4060 		break;
4061 	}
4062 
4063 	return 0;
4064 }
4065 
4066 static int ath12k_service_ready_ext2_event(struct ath12k_base *ab,
4067 					   struct sk_buff *skb)
4068 {
4069 	struct ath12k_wmi_svc_rdy_ext2_parse svc_rdy_ext2 = { };
4070 	int ret;
4071 
4072 	ret = ath12k_wmi_tlv_iter(ab, skb->data, skb->len,
4073 				  ath12k_wmi_svc_rdy_ext2_parse,
4074 				  &svc_rdy_ext2);
4075 	if (ret) {
4076 		ath12k_warn(ab, "failed to parse ext2 event tlv %d\n", ret);
4077 		goto err;
4078 	}
4079 
4080 	complete(&ab->wmi_ab.service_ready);
4081 
4082 	return 0;
4083 
4084 err:
4085 	ath12k_wmi_free_dbring_caps(ab);
4086 	return ret;
4087 }
4088 
4089 static int ath12k_pull_vdev_start_resp_tlv(struct ath12k_base *ab, struct sk_buff *skb,
4090 					   struct wmi_vdev_start_resp_event *vdev_rsp)
4091 {
4092 	const void **tb;
4093 	const struct wmi_vdev_start_resp_event *ev;
4094 	int ret;
4095 
4096 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4097 	if (IS_ERR(tb)) {
4098 		ret = PTR_ERR(tb);
4099 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
4100 		return ret;
4101 	}
4102 
4103 	ev = tb[WMI_TAG_VDEV_START_RESPONSE_EVENT];
4104 	if (!ev) {
4105 		ath12k_warn(ab, "failed to fetch vdev start resp ev");
4106 		kfree(tb);
4107 		return -EPROTO;
4108 	}
4109 
4110 	*vdev_rsp = *ev;
4111 
4112 	kfree(tb);
4113 	return 0;
4114 }
4115 
4116 static struct ath12k_reg_rule
4117 *create_ext_reg_rules_from_wmi(u32 num_reg_rules,
4118 			       struct ath12k_wmi_reg_rule_ext_params *wmi_reg_rule)
4119 {
4120 	struct ath12k_reg_rule *reg_rule_ptr;
4121 	u32 count;
4122 
4123 	reg_rule_ptr = kzalloc((num_reg_rules * sizeof(*reg_rule_ptr)),
4124 			       GFP_ATOMIC);
4125 
4126 	if (!reg_rule_ptr)
4127 		return NULL;
4128 
4129 	for (count = 0; count < num_reg_rules; count++) {
4130 		reg_rule_ptr[count].start_freq =
4131 			le32_get_bits(wmi_reg_rule[count].freq_info,
4132 				      REG_RULE_START_FREQ);
4133 		reg_rule_ptr[count].end_freq =
4134 			le32_get_bits(wmi_reg_rule[count].freq_info,
4135 				      REG_RULE_END_FREQ);
4136 		reg_rule_ptr[count].max_bw =
4137 			le32_get_bits(wmi_reg_rule[count].bw_pwr_info,
4138 				      REG_RULE_MAX_BW);
4139 		reg_rule_ptr[count].reg_power =
4140 			le32_get_bits(wmi_reg_rule[count].bw_pwr_info,
4141 				      REG_RULE_REG_PWR);
4142 		reg_rule_ptr[count].ant_gain =
4143 			le32_get_bits(wmi_reg_rule[count].bw_pwr_info,
4144 				      REG_RULE_ANT_GAIN);
4145 		reg_rule_ptr[count].flags =
4146 			le32_get_bits(wmi_reg_rule[count].flag_info,
4147 				      REG_RULE_FLAGS);
4148 		reg_rule_ptr[count].psd_flag =
4149 			le32_get_bits(wmi_reg_rule[count].psd_power_info,
4150 				      REG_RULE_PSD_INFO);
4151 		reg_rule_ptr[count].psd_eirp =
4152 			le32_get_bits(wmi_reg_rule[count].psd_power_info,
4153 				      REG_RULE_PSD_EIRP);
4154 	}
4155 
4156 	return reg_rule_ptr;
4157 }
4158 
4159 static int ath12k_pull_reg_chan_list_ext_update_ev(struct ath12k_base *ab,
4160 						   struct sk_buff *skb,
4161 						   struct ath12k_reg_info *reg_info)
4162 {
4163 	const void **tb;
4164 	const struct wmi_reg_chan_list_cc_ext_event *ev;
4165 	struct ath12k_wmi_reg_rule_ext_params *ext_wmi_reg_rule;
4166 	u32 num_2g_reg_rules, num_5g_reg_rules;
4167 	u32 num_6g_reg_rules_ap[WMI_REG_CURRENT_MAX_AP_TYPE];
4168 	u32 num_6g_reg_rules_cl[WMI_REG_CURRENT_MAX_AP_TYPE][WMI_REG_MAX_CLIENT_TYPE];
4169 	u32 total_reg_rules = 0;
4170 	int ret, i, j;
4171 
4172 	ath12k_dbg(ab, ATH12K_DBG_WMI, "processing regulatory ext channel list\n");
4173 
4174 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4175 	if (IS_ERR(tb)) {
4176 		ret = PTR_ERR(tb);
4177 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
4178 		return ret;
4179 	}
4180 
4181 	ev = tb[WMI_TAG_REG_CHAN_LIST_CC_EXT_EVENT];
4182 	if (!ev) {
4183 		ath12k_warn(ab, "failed to fetch reg chan list ext update ev\n");
4184 		kfree(tb);
4185 		return -EPROTO;
4186 	}
4187 
4188 	reg_info->num_2g_reg_rules = le32_to_cpu(ev->num_2g_reg_rules);
4189 	reg_info->num_5g_reg_rules = le32_to_cpu(ev->num_5g_reg_rules);
4190 	reg_info->num_6g_reg_rules_ap[WMI_REG_INDOOR_AP] =
4191 		le32_to_cpu(ev->num_6g_reg_rules_ap_lpi);
4192 	reg_info->num_6g_reg_rules_ap[WMI_REG_STD_POWER_AP] =
4193 		le32_to_cpu(ev->num_6g_reg_rules_ap_sp);
4194 	reg_info->num_6g_reg_rules_ap[WMI_REG_VLP_AP] =
4195 		le32_to_cpu(ev->num_6g_reg_rules_ap_vlp);
4196 
4197 	for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
4198 		reg_info->num_6g_reg_rules_cl[WMI_REG_INDOOR_AP][i] =
4199 			le32_to_cpu(ev->num_6g_reg_rules_cl_lpi[i]);
4200 		reg_info->num_6g_reg_rules_cl[WMI_REG_STD_POWER_AP][i] =
4201 			le32_to_cpu(ev->num_6g_reg_rules_cl_sp[i]);
4202 		reg_info->num_6g_reg_rules_cl[WMI_REG_VLP_AP][i] =
4203 			le32_to_cpu(ev->num_6g_reg_rules_cl_vlp[i]);
4204 	}
4205 
4206 	num_2g_reg_rules = reg_info->num_2g_reg_rules;
4207 	total_reg_rules += num_2g_reg_rules;
4208 	num_5g_reg_rules = reg_info->num_5g_reg_rules;
4209 	total_reg_rules += num_5g_reg_rules;
4210 
4211 	if (num_2g_reg_rules > MAX_REG_RULES || num_5g_reg_rules > MAX_REG_RULES) {
4212 		ath12k_warn(ab, "Num reg rules for 2G/5G exceeds max limit (num_2g_reg_rules: %d num_5g_reg_rules: %d max_rules: %d)\n",
4213 			    num_2g_reg_rules, num_5g_reg_rules, MAX_REG_RULES);
4214 		kfree(tb);
4215 		return -EINVAL;
4216 	}
4217 
4218 	for (i = 0; i < WMI_REG_CURRENT_MAX_AP_TYPE; i++) {
4219 		num_6g_reg_rules_ap[i] = reg_info->num_6g_reg_rules_ap[i];
4220 
4221 		if (num_6g_reg_rules_ap[i] > MAX_6G_REG_RULES) {
4222 			ath12k_warn(ab, "Num 6G reg rules for AP mode(%d) exceeds max limit (num_6g_reg_rules_ap: %d, max_rules: %d)\n",
4223 				    i, num_6g_reg_rules_ap[i], MAX_6G_REG_RULES);
4224 			kfree(tb);
4225 			return -EINVAL;
4226 		}
4227 
4228 		total_reg_rules += num_6g_reg_rules_ap[i];
4229 	}
4230 
4231 	for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
4232 		num_6g_reg_rules_cl[WMI_REG_INDOOR_AP][i] =
4233 				reg_info->num_6g_reg_rules_cl[WMI_REG_INDOOR_AP][i];
4234 		total_reg_rules += num_6g_reg_rules_cl[WMI_REG_INDOOR_AP][i];
4235 
4236 		num_6g_reg_rules_cl[WMI_REG_STD_POWER_AP][i] =
4237 				reg_info->num_6g_reg_rules_cl[WMI_REG_STD_POWER_AP][i];
4238 		total_reg_rules += num_6g_reg_rules_cl[WMI_REG_STD_POWER_AP][i];
4239 
4240 		num_6g_reg_rules_cl[WMI_REG_VLP_AP][i] =
4241 				reg_info->num_6g_reg_rules_cl[WMI_REG_VLP_AP][i];
4242 		total_reg_rules += num_6g_reg_rules_cl[WMI_REG_VLP_AP][i];
4243 
4244 		if (num_6g_reg_rules_cl[WMI_REG_INDOOR_AP][i] > MAX_6G_REG_RULES ||
4245 		    num_6g_reg_rules_cl[WMI_REG_STD_POWER_AP][i] > MAX_6G_REG_RULES ||
4246 		    num_6g_reg_rules_cl[WMI_REG_VLP_AP][i] >  MAX_6G_REG_RULES) {
4247 			ath12k_warn(ab, "Num 6g client reg rules exceeds max limit, for client(type: %d)\n",
4248 				    i);
4249 			kfree(tb);
4250 			return -EINVAL;
4251 		}
4252 	}
4253 
4254 	if (!total_reg_rules) {
4255 		ath12k_warn(ab, "No reg rules available\n");
4256 		kfree(tb);
4257 		return -EINVAL;
4258 	}
4259 
4260 	memcpy(reg_info->alpha2, &ev->alpha2, REG_ALPHA2_LEN);
4261 
4262 	/* FIXME: Currently FW includes 6G reg rule also in 5G rule
4263 	 * list for country US.
4264 	 * Having same 6G reg rule in 5G and 6G rules list causes
4265 	 * intersect check to be true, and same rules will be shown
4266 	 * multiple times in iw cmd. So added hack below to avoid
4267 	 * parsing 6G rule from 5G reg rule list, and this can be
4268 	 * removed later, after FW updates to remove 6G reg rule
4269 	 * from 5G rules list.
4270 	 */
4271 	if (memcmp(reg_info->alpha2, "US", 2) == 0) {
4272 		reg_info->num_5g_reg_rules = REG_US_5G_NUM_REG_RULES;
4273 		num_5g_reg_rules = reg_info->num_5g_reg_rules;
4274 	}
4275 
4276 	reg_info->dfs_region = le32_to_cpu(ev->dfs_region);
4277 	reg_info->phybitmap = le32_to_cpu(ev->phybitmap);
4278 	reg_info->num_phy = le32_to_cpu(ev->num_phy);
4279 	reg_info->phy_id = le32_to_cpu(ev->phy_id);
4280 	reg_info->ctry_code = le32_to_cpu(ev->country_id);
4281 	reg_info->reg_dmn_pair = le32_to_cpu(ev->domain_code);
4282 
4283 	switch (le32_to_cpu(ev->status_code)) {
4284 	case WMI_REG_SET_CC_STATUS_PASS:
4285 		reg_info->status_code = REG_SET_CC_STATUS_PASS;
4286 		break;
4287 	case WMI_REG_CURRENT_ALPHA2_NOT_FOUND:
4288 		reg_info->status_code = REG_CURRENT_ALPHA2_NOT_FOUND;
4289 		break;
4290 	case WMI_REG_INIT_ALPHA2_NOT_FOUND:
4291 		reg_info->status_code = REG_INIT_ALPHA2_NOT_FOUND;
4292 		break;
4293 	case WMI_REG_SET_CC_CHANGE_NOT_ALLOWED:
4294 		reg_info->status_code = REG_SET_CC_CHANGE_NOT_ALLOWED;
4295 		break;
4296 	case WMI_REG_SET_CC_STATUS_NO_MEMORY:
4297 		reg_info->status_code = REG_SET_CC_STATUS_NO_MEMORY;
4298 		break;
4299 	case WMI_REG_SET_CC_STATUS_FAIL:
4300 		reg_info->status_code = REG_SET_CC_STATUS_FAIL;
4301 		break;
4302 	}
4303 
4304 	reg_info->is_ext_reg_event = true;
4305 
4306 	reg_info->min_bw_2g = le32_to_cpu(ev->min_bw_2g);
4307 	reg_info->max_bw_2g = le32_to_cpu(ev->max_bw_2g);
4308 	reg_info->min_bw_5g = le32_to_cpu(ev->min_bw_5g);
4309 	reg_info->max_bw_5g = le32_to_cpu(ev->max_bw_5g);
4310 	reg_info->min_bw_6g_ap[WMI_REG_INDOOR_AP] = le32_to_cpu(ev->min_bw_6g_ap_lpi);
4311 	reg_info->max_bw_6g_ap[WMI_REG_INDOOR_AP] = le32_to_cpu(ev->max_bw_6g_ap_lpi);
4312 	reg_info->min_bw_6g_ap[WMI_REG_STD_POWER_AP] = le32_to_cpu(ev->min_bw_6g_ap_sp);
4313 	reg_info->max_bw_6g_ap[WMI_REG_STD_POWER_AP] = le32_to_cpu(ev->max_bw_6g_ap_sp);
4314 	reg_info->min_bw_6g_ap[WMI_REG_VLP_AP] = le32_to_cpu(ev->min_bw_6g_ap_vlp);
4315 	reg_info->max_bw_6g_ap[WMI_REG_VLP_AP] = le32_to_cpu(ev->max_bw_6g_ap_vlp);
4316 
4317 	for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
4318 		reg_info->min_bw_6g_client[WMI_REG_INDOOR_AP][i] =
4319 			le32_to_cpu(ev->min_bw_6g_client_lpi[i]);
4320 		reg_info->max_bw_6g_client[WMI_REG_INDOOR_AP][i] =
4321 			le32_to_cpu(ev->max_bw_6g_client_lpi[i]);
4322 		reg_info->min_bw_6g_client[WMI_REG_STD_POWER_AP][i] =
4323 			le32_to_cpu(ev->min_bw_6g_client_sp[i]);
4324 		reg_info->max_bw_6g_client[WMI_REG_STD_POWER_AP][i] =
4325 			le32_to_cpu(ev->max_bw_6g_client_sp[i]);
4326 		reg_info->min_bw_6g_client[WMI_REG_VLP_AP][i] =
4327 			le32_to_cpu(ev->min_bw_6g_client_vlp[i]);
4328 		reg_info->max_bw_6g_client[WMI_REG_VLP_AP][i] =
4329 			le32_to_cpu(ev->max_bw_6g_client_vlp[i]);
4330 	}
4331 
4332 	ath12k_dbg(ab, ATH12K_DBG_WMI,
4333 		   "%s:cc_ext %s dsf %d BW: min_2g %d max_2g %d min_5g %d max_5g %d",
4334 		   __func__, reg_info->alpha2, reg_info->dfs_region,
4335 		   reg_info->min_bw_2g, reg_info->max_bw_2g,
4336 		   reg_info->min_bw_5g, reg_info->max_bw_5g);
4337 
4338 	ath12k_dbg(ab, ATH12K_DBG_WMI,
4339 		   "num_2g_reg_rules %d num_5g_reg_rules %d",
4340 		   num_2g_reg_rules, num_5g_reg_rules);
4341 
4342 	ath12k_dbg(ab, ATH12K_DBG_WMI,
4343 		   "num_6g_reg_rules_ap_lpi: %d num_6g_reg_rules_ap_sp: %d num_6g_reg_rules_ap_vlp: %d",
4344 		   num_6g_reg_rules_ap[WMI_REG_INDOOR_AP],
4345 		   num_6g_reg_rules_ap[WMI_REG_STD_POWER_AP],
4346 		   num_6g_reg_rules_ap[WMI_REG_VLP_AP]);
4347 
4348 	ath12k_dbg(ab, ATH12K_DBG_WMI,
4349 		   "6g Regular client: num_6g_reg_rules_lpi: %d num_6g_reg_rules_sp: %d num_6g_reg_rules_vlp: %d",
4350 		   num_6g_reg_rules_cl[WMI_REG_INDOOR_AP][WMI_REG_DEFAULT_CLIENT],
4351 		   num_6g_reg_rules_cl[WMI_REG_STD_POWER_AP][WMI_REG_DEFAULT_CLIENT],
4352 		   num_6g_reg_rules_cl[WMI_REG_VLP_AP][WMI_REG_DEFAULT_CLIENT]);
4353 
4354 	ath12k_dbg(ab, ATH12K_DBG_WMI,
4355 		   "6g Subordinate client: num_6g_reg_rules_lpi: %d num_6g_reg_rules_sp: %d num_6g_reg_rules_vlp: %d",
4356 		   num_6g_reg_rules_cl[WMI_REG_INDOOR_AP][WMI_REG_SUBORDINATE_CLIENT],
4357 		   num_6g_reg_rules_cl[WMI_REG_STD_POWER_AP][WMI_REG_SUBORDINATE_CLIENT],
4358 		   num_6g_reg_rules_cl[WMI_REG_VLP_AP][WMI_REG_SUBORDINATE_CLIENT]);
4359 
4360 	ext_wmi_reg_rule =
4361 		(struct ath12k_wmi_reg_rule_ext_params *)((u8 *)ev
4362 			+ sizeof(*ev)
4363 			+ sizeof(struct wmi_tlv));
4364 
4365 	if (num_2g_reg_rules) {
4366 		reg_info->reg_rules_2g_ptr =
4367 			create_ext_reg_rules_from_wmi(num_2g_reg_rules,
4368 						      ext_wmi_reg_rule);
4369 
4370 		if (!reg_info->reg_rules_2g_ptr) {
4371 			kfree(tb);
4372 			ath12k_warn(ab, "Unable to Allocate memory for 2g rules\n");
4373 			return -ENOMEM;
4374 		}
4375 	}
4376 
4377 	if (num_5g_reg_rules) {
4378 		ext_wmi_reg_rule += num_2g_reg_rules;
4379 		reg_info->reg_rules_5g_ptr =
4380 			create_ext_reg_rules_from_wmi(num_5g_reg_rules,
4381 						      ext_wmi_reg_rule);
4382 
4383 		if (!reg_info->reg_rules_5g_ptr) {
4384 			kfree(tb);
4385 			ath12k_warn(ab, "Unable to Allocate memory for 5g rules\n");
4386 			return -ENOMEM;
4387 		}
4388 	}
4389 
4390 	ext_wmi_reg_rule += num_5g_reg_rules;
4391 
4392 	for (i = 0; i < WMI_REG_CURRENT_MAX_AP_TYPE; i++) {
4393 		reg_info->reg_rules_6g_ap_ptr[i] =
4394 			create_ext_reg_rules_from_wmi(num_6g_reg_rules_ap[i],
4395 						      ext_wmi_reg_rule);
4396 
4397 		if (!reg_info->reg_rules_6g_ap_ptr[i]) {
4398 			kfree(tb);
4399 			ath12k_warn(ab, "Unable to Allocate memory for 6g ap rules\n");
4400 			return -ENOMEM;
4401 		}
4402 
4403 		ext_wmi_reg_rule += num_6g_reg_rules_ap[i];
4404 	}
4405 
4406 	for (j = 0; j < WMI_REG_CURRENT_MAX_AP_TYPE; j++) {
4407 		for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
4408 			reg_info->reg_rules_6g_client_ptr[j][i] =
4409 				create_ext_reg_rules_from_wmi(num_6g_reg_rules_cl[j][i],
4410 							      ext_wmi_reg_rule);
4411 
4412 			if (!reg_info->reg_rules_6g_client_ptr[j][i]) {
4413 				kfree(tb);
4414 				ath12k_warn(ab, "Unable to Allocate memory for 6g client rules\n");
4415 				return -ENOMEM;
4416 			}
4417 
4418 			ext_wmi_reg_rule += num_6g_reg_rules_cl[j][i];
4419 		}
4420 	}
4421 
4422 	reg_info->client_type = le32_to_cpu(ev->client_type);
4423 	reg_info->rnr_tpe_usable = ev->rnr_tpe_usable;
4424 	reg_info->unspecified_ap_usable = ev->unspecified_ap_usable;
4425 	reg_info->domain_code_6g_ap[WMI_REG_INDOOR_AP] =
4426 		le32_to_cpu(ev->domain_code_6g_ap_lpi);
4427 	reg_info->domain_code_6g_ap[WMI_REG_STD_POWER_AP] =
4428 		le32_to_cpu(ev->domain_code_6g_ap_sp);
4429 	reg_info->domain_code_6g_ap[WMI_REG_VLP_AP] =
4430 		le32_to_cpu(ev->domain_code_6g_ap_vlp);
4431 
4432 	for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++) {
4433 		reg_info->domain_code_6g_client[WMI_REG_INDOOR_AP][i] =
4434 			le32_to_cpu(ev->domain_code_6g_client_lpi[i]);
4435 		reg_info->domain_code_6g_client[WMI_REG_STD_POWER_AP][i] =
4436 			le32_to_cpu(ev->domain_code_6g_client_sp[i]);
4437 		reg_info->domain_code_6g_client[WMI_REG_VLP_AP][i] =
4438 			le32_to_cpu(ev->domain_code_6g_client_vlp[i]);
4439 	}
4440 
4441 	reg_info->domain_code_6g_super_id = le32_to_cpu(ev->domain_code_6g_super_id);
4442 
4443 	ath12k_dbg(ab, ATH12K_DBG_WMI, "6g client_type: %d domain_code_6g_super_id: %d",
4444 		   reg_info->client_type, reg_info->domain_code_6g_super_id);
4445 
4446 	ath12k_dbg(ab, ATH12K_DBG_WMI, "processed regulatory ext channel list\n");
4447 
4448 	kfree(tb);
4449 	return 0;
4450 }
4451 
4452 static int ath12k_pull_peer_del_resp_ev(struct ath12k_base *ab, struct sk_buff *skb,
4453 					struct wmi_peer_delete_resp_event *peer_del_resp)
4454 {
4455 	const void **tb;
4456 	const struct wmi_peer_delete_resp_event *ev;
4457 	int ret;
4458 
4459 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4460 	if (IS_ERR(tb)) {
4461 		ret = PTR_ERR(tb);
4462 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
4463 		return ret;
4464 	}
4465 
4466 	ev = tb[WMI_TAG_PEER_DELETE_RESP_EVENT];
4467 	if (!ev) {
4468 		ath12k_warn(ab, "failed to fetch peer delete resp ev");
4469 		kfree(tb);
4470 		return -EPROTO;
4471 	}
4472 
4473 	memset(peer_del_resp, 0, sizeof(*peer_del_resp));
4474 
4475 	peer_del_resp->vdev_id = ev->vdev_id;
4476 	ether_addr_copy(peer_del_resp->peer_macaddr.addr,
4477 			ev->peer_macaddr.addr);
4478 
4479 	kfree(tb);
4480 	return 0;
4481 }
4482 
4483 static int ath12k_pull_vdev_del_resp_ev(struct ath12k_base *ab,
4484 					struct sk_buff *skb,
4485 					u32 *vdev_id)
4486 {
4487 	const void **tb;
4488 	const struct wmi_vdev_delete_resp_event *ev;
4489 	int ret;
4490 
4491 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4492 	if (IS_ERR(tb)) {
4493 		ret = PTR_ERR(tb);
4494 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
4495 		return ret;
4496 	}
4497 
4498 	ev = tb[WMI_TAG_VDEV_DELETE_RESP_EVENT];
4499 	if (!ev) {
4500 		ath12k_warn(ab, "failed to fetch vdev delete resp ev");
4501 		kfree(tb);
4502 		return -EPROTO;
4503 	}
4504 
4505 	*vdev_id = le32_to_cpu(ev->vdev_id);
4506 
4507 	kfree(tb);
4508 	return 0;
4509 }
4510 
4511 static int ath12k_pull_bcn_tx_status_ev(struct ath12k_base *ab, void *evt_buf,
4512 					u32 len, u32 *vdev_id,
4513 					u32 *tx_status)
4514 {
4515 	const void **tb;
4516 	const struct wmi_bcn_tx_status_event *ev;
4517 	int ret;
4518 
4519 	tb = ath12k_wmi_tlv_parse_alloc(ab, evt_buf, len, GFP_ATOMIC);
4520 	if (IS_ERR(tb)) {
4521 		ret = PTR_ERR(tb);
4522 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
4523 		return ret;
4524 	}
4525 
4526 	ev = tb[WMI_TAG_OFFLOAD_BCN_TX_STATUS_EVENT];
4527 	if (!ev) {
4528 		ath12k_warn(ab, "failed to fetch bcn tx status ev");
4529 		kfree(tb);
4530 		return -EPROTO;
4531 	}
4532 
4533 	*vdev_id = le32_to_cpu(ev->vdev_id);
4534 	*tx_status = le32_to_cpu(ev->tx_status);
4535 
4536 	kfree(tb);
4537 	return 0;
4538 }
4539 
4540 static int ath12k_pull_vdev_stopped_param_tlv(struct ath12k_base *ab, struct sk_buff *skb,
4541 					      u32 *vdev_id)
4542 {
4543 	const void **tb;
4544 	const struct wmi_vdev_stopped_event *ev;
4545 	int ret;
4546 
4547 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4548 	if (IS_ERR(tb)) {
4549 		ret = PTR_ERR(tb);
4550 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
4551 		return ret;
4552 	}
4553 
4554 	ev = tb[WMI_TAG_VDEV_STOPPED_EVENT];
4555 	if (!ev) {
4556 		ath12k_warn(ab, "failed to fetch vdev stop ev");
4557 		kfree(tb);
4558 		return -EPROTO;
4559 	}
4560 
4561 	*vdev_id = le32_to_cpu(ev->vdev_id);
4562 
4563 	kfree(tb);
4564 	return 0;
4565 }
4566 
4567 static int ath12k_wmi_tlv_mgmt_rx_parse(struct ath12k_base *ab,
4568 					u16 tag, u16 len,
4569 					const void *ptr, void *data)
4570 {
4571 	struct wmi_tlv_mgmt_rx_parse *parse = data;
4572 
4573 	switch (tag) {
4574 	case WMI_TAG_MGMT_RX_HDR:
4575 		parse->fixed = ptr;
4576 		break;
4577 	case WMI_TAG_ARRAY_BYTE:
4578 		if (!parse->frame_buf_done) {
4579 			parse->frame_buf = ptr;
4580 			parse->frame_buf_done = true;
4581 		}
4582 		break;
4583 	}
4584 	return 0;
4585 }
4586 
4587 static int ath12k_pull_mgmt_rx_params_tlv(struct ath12k_base *ab,
4588 					  struct sk_buff *skb,
4589 					  struct ath12k_wmi_mgmt_rx_arg *hdr)
4590 {
4591 	struct wmi_tlv_mgmt_rx_parse parse = { };
4592 	const struct ath12k_wmi_mgmt_rx_params *ev;
4593 	const u8 *frame;
4594 	int i, ret;
4595 
4596 	ret = ath12k_wmi_tlv_iter(ab, skb->data, skb->len,
4597 				  ath12k_wmi_tlv_mgmt_rx_parse,
4598 				  &parse);
4599 	if (ret) {
4600 		ath12k_warn(ab, "failed to parse mgmt rx tlv %d\n", ret);
4601 		return ret;
4602 	}
4603 
4604 	ev = parse.fixed;
4605 	frame = parse.frame_buf;
4606 
4607 	if (!ev || !frame) {
4608 		ath12k_warn(ab, "failed to fetch mgmt rx hdr");
4609 		return -EPROTO;
4610 	}
4611 
4612 	hdr->pdev_id = le32_to_cpu(ev->pdev_id);
4613 	hdr->chan_freq = le32_to_cpu(ev->chan_freq);
4614 	hdr->channel = le32_to_cpu(ev->channel);
4615 	hdr->snr = le32_to_cpu(ev->snr);
4616 	hdr->rate = le32_to_cpu(ev->rate);
4617 	hdr->phy_mode = le32_to_cpu(ev->phy_mode);
4618 	hdr->buf_len = le32_to_cpu(ev->buf_len);
4619 	hdr->status = le32_to_cpu(ev->status);
4620 	hdr->flags = le32_to_cpu(ev->flags);
4621 	hdr->rssi = a_sle32_to_cpu(ev->rssi);
4622 	hdr->tsf_delta = le32_to_cpu(ev->tsf_delta);
4623 
4624 	for (i = 0; i < ATH_MAX_ANTENNA; i++)
4625 		hdr->rssi_ctl[i] = le32_to_cpu(ev->rssi_ctl[i]);
4626 
4627 	if (skb->len < (frame - skb->data) + hdr->buf_len) {
4628 		ath12k_warn(ab, "invalid length in mgmt rx hdr ev");
4629 		return -EPROTO;
4630 	}
4631 
4632 	/* shift the sk_buff to point to `frame` */
4633 	skb_trim(skb, 0);
4634 	skb_put(skb, frame - skb->data);
4635 	skb_pull(skb, frame - skb->data);
4636 	skb_put(skb, hdr->buf_len);
4637 
4638 	return 0;
4639 }
4640 
4641 static int wmi_process_mgmt_tx_comp(struct ath12k *ar, u32 desc_id,
4642 				    u32 status)
4643 {
4644 	struct sk_buff *msdu;
4645 	struct ieee80211_tx_info *info;
4646 	struct ath12k_skb_cb *skb_cb;
4647 	int num_mgmt;
4648 
4649 	spin_lock_bh(&ar->txmgmt_idr_lock);
4650 	msdu = idr_find(&ar->txmgmt_idr, desc_id);
4651 
4652 	if (!msdu) {
4653 		ath12k_warn(ar->ab, "received mgmt tx compl for invalid msdu_id: %d\n",
4654 			    desc_id);
4655 		spin_unlock_bh(&ar->txmgmt_idr_lock);
4656 		return -ENOENT;
4657 	}
4658 
4659 	idr_remove(&ar->txmgmt_idr, desc_id);
4660 	spin_unlock_bh(&ar->txmgmt_idr_lock);
4661 
4662 	skb_cb = ATH12K_SKB_CB(msdu);
4663 	dma_unmap_single(ar->ab->dev, skb_cb->paddr, msdu->len, DMA_TO_DEVICE);
4664 
4665 	info = IEEE80211_SKB_CB(msdu);
4666 	if ((!(info->flags & IEEE80211_TX_CTL_NO_ACK)) && !status)
4667 		info->flags |= IEEE80211_TX_STAT_ACK;
4668 
4669 	ieee80211_tx_status_irqsafe(ar->hw, msdu);
4670 
4671 	num_mgmt = atomic_dec_if_positive(&ar->num_pending_mgmt_tx);
4672 
4673 	/* WARN when we received this event without doing any mgmt tx */
4674 	if (num_mgmt < 0)
4675 		WARN_ON_ONCE(1);
4676 
4677 	if (!num_mgmt)
4678 		wake_up(&ar->txmgmt_empty_waitq);
4679 
4680 	return 0;
4681 }
4682 
4683 static int ath12k_pull_mgmt_tx_compl_param_tlv(struct ath12k_base *ab,
4684 					       struct sk_buff *skb,
4685 					       struct wmi_mgmt_tx_compl_event *param)
4686 {
4687 	const void **tb;
4688 	const struct wmi_mgmt_tx_compl_event *ev;
4689 	int ret;
4690 
4691 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4692 	if (IS_ERR(tb)) {
4693 		ret = PTR_ERR(tb);
4694 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
4695 		return ret;
4696 	}
4697 
4698 	ev = tb[WMI_TAG_MGMT_TX_COMPL_EVENT];
4699 	if (!ev) {
4700 		ath12k_warn(ab, "failed to fetch mgmt tx compl ev");
4701 		kfree(tb);
4702 		return -EPROTO;
4703 	}
4704 
4705 	param->pdev_id = ev->pdev_id;
4706 	param->desc_id = ev->desc_id;
4707 	param->status = ev->status;
4708 
4709 	kfree(tb);
4710 	return 0;
4711 }
4712 
4713 static void ath12k_wmi_event_scan_started(struct ath12k *ar)
4714 {
4715 	lockdep_assert_held(&ar->data_lock);
4716 
4717 	switch (ar->scan.state) {
4718 	case ATH12K_SCAN_IDLE:
4719 	case ATH12K_SCAN_RUNNING:
4720 	case ATH12K_SCAN_ABORTING:
4721 		ath12k_warn(ar->ab, "received scan started event in an invalid scan state: %s (%d)\n",
4722 			    ath12k_scan_state_str(ar->scan.state),
4723 			    ar->scan.state);
4724 		break;
4725 	case ATH12K_SCAN_STARTING:
4726 		ar->scan.state = ATH12K_SCAN_RUNNING;
4727 		complete(&ar->scan.started);
4728 		break;
4729 	}
4730 }
4731 
4732 static void ath12k_wmi_event_scan_start_failed(struct ath12k *ar)
4733 {
4734 	lockdep_assert_held(&ar->data_lock);
4735 
4736 	switch (ar->scan.state) {
4737 	case ATH12K_SCAN_IDLE:
4738 	case ATH12K_SCAN_RUNNING:
4739 	case ATH12K_SCAN_ABORTING:
4740 		ath12k_warn(ar->ab, "received scan start failed event in an invalid scan state: %s (%d)\n",
4741 			    ath12k_scan_state_str(ar->scan.state),
4742 			    ar->scan.state);
4743 		break;
4744 	case ATH12K_SCAN_STARTING:
4745 		complete(&ar->scan.started);
4746 		__ath12k_mac_scan_finish(ar);
4747 		break;
4748 	}
4749 }
4750 
4751 static void ath12k_wmi_event_scan_completed(struct ath12k *ar)
4752 {
4753 	lockdep_assert_held(&ar->data_lock);
4754 
4755 	switch (ar->scan.state) {
4756 	case ATH12K_SCAN_IDLE:
4757 	case ATH12K_SCAN_STARTING:
4758 		/* One suspected reason scan can be completed while starting is
4759 		 * if firmware fails to deliver all scan events to the host,
4760 		 * e.g. when transport pipe is full. This has been observed
4761 		 * with spectral scan phyerr events starving wmi transport
4762 		 * pipe. In such case the "scan completed" event should be (and
4763 		 * is) ignored by the host as it may be just firmware's scan
4764 		 * state machine recovering.
4765 		 */
4766 		ath12k_warn(ar->ab, "received scan completed event in an invalid scan state: %s (%d)\n",
4767 			    ath12k_scan_state_str(ar->scan.state),
4768 			    ar->scan.state);
4769 		break;
4770 	case ATH12K_SCAN_RUNNING:
4771 	case ATH12K_SCAN_ABORTING:
4772 		__ath12k_mac_scan_finish(ar);
4773 		break;
4774 	}
4775 }
4776 
4777 static void ath12k_wmi_event_scan_bss_chan(struct ath12k *ar)
4778 {
4779 	lockdep_assert_held(&ar->data_lock);
4780 
4781 	switch (ar->scan.state) {
4782 	case ATH12K_SCAN_IDLE:
4783 	case ATH12K_SCAN_STARTING:
4784 		ath12k_warn(ar->ab, "received scan bss chan event in an invalid scan state: %s (%d)\n",
4785 			    ath12k_scan_state_str(ar->scan.state),
4786 			    ar->scan.state);
4787 		break;
4788 	case ATH12K_SCAN_RUNNING:
4789 	case ATH12K_SCAN_ABORTING:
4790 		ar->scan_channel = NULL;
4791 		break;
4792 	}
4793 }
4794 
4795 static void ath12k_wmi_event_scan_foreign_chan(struct ath12k *ar, u32 freq)
4796 {
4797 	lockdep_assert_held(&ar->data_lock);
4798 
4799 	switch (ar->scan.state) {
4800 	case ATH12K_SCAN_IDLE:
4801 	case ATH12K_SCAN_STARTING:
4802 		ath12k_warn(ar->ab, "received scan foreign chan event in an invalid scan state: %s (%d)\n",
4803 			    ath12k_scan_state_str(ar->scan.state),
4804 			    ar->scan.state);
4805 		break;
4806 	case ATH12K_SCAN_RUNNING:
4807 	case ATH12K_SCAN_ABORTING:
4808 		ar->scan_channel = ieee80211_get_channel(ar->hw->wiphy, freq);
4809 		break;
4810 	}
4811 }
4812 
4813 static const char *
4814 ath12k_wmi_event_scan_type_str(enum wmi_scan_event_type type,
4815 			       enum wmi_scan_completion_reason reason)
4816 {
4817 	switch (type) {
4818 	case WMI_SCAN_EVENT_STARTED:
4819 		return "started";
4820 	case WMI_SCAN_EVENT_COMPLETED:
4821 		switch (reason) {
4822 		case WMI_SCAN_REASON_COMPLETED:
4823 			return "completed";
4824 		case WMI_SCAN_REASON_CANCELLED:
4825 			return "completed [cancelled]";
4826 		case WMI_SCAN_REASON_PREEMPTED:
4827 			return "completed [preempted]";
4828 		case WMI_SCAN_REASON_TIMEDOUT:
4829 			return "completed [timedout]";
4830 		case WMI_SCAN_REASON_INTERNAL_FAILURE:
4831 			return "completed [internal err]";
4832 		case WMI_SCAN_REASON_MAX:
4833 			break;
4834 		}
4835 		return "completed [unknown]";
4836 	case WMI_SCAN_EVENT_BSS_CHANNEL:
4837 		return "bss channel";
4838 	case WMI_SCAN_EVENT_FOREIGN_CHAN:
4839 		return "foreign channel";
4840 	case WMI_SCAN_EVENT_DEQUEUED:
4841 		return "dequeued";
4842 	case WMI_SCAN_EVENT_PREEMPTED:
4843 		return "preempted";
4844 	case WMI_SCAN_EVENT_START_FAILED:
4845 		return "start failed";
4846 	case WMI_SCAN_EVENT_RESTARTED:
4847 		return "restarted";
4848 	case WMI_SCAN_EVENT_FOREIGN_CHAN_EXIT:
4849 		return "foreign channel exit";
4850 	default:
4851 		return "unknown";
4852 	}
4853 }
4854 
4855 static int ath12k_pull_scan_ev(struct ath12k_base *ab, struct sk_buff *skb,
4856 			       struct wmi_scan_event *scan_evt_param)
4857 {
4858 	const void **tb;
4859 	const struct wmi_scan_event *ev;
4860 	int ret;
4861 
4862 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4863 	if (IS_ERR(tb)) {
4864 		ret = PTR_ERR(tb);
4865 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
4866 		return ret;
4867 	}
4868 
4869 	ev = tb[WMI_TAG_SCAN_EVENT];
4870 	if (!ev) {
4871 		ath12k_warn(ab, "failed to fetch scan ev");
4872 		kfree(tb);
4873 		return -EPROTO;
4874 	}
4875 
4876 	scan_evt_param->event_type = ev->event_type;
4877 	scan_evt_param->reason = ev->reason;
4878 	scan_evt_param->channel_freq = ev->channel_freq;
4879 	scan_evt_param->scan_req_id = ev->scan_req_id;
4880 	scan_evt_param->scan_id = ev->scan_id;
4881 	scan_evt_param->vdev_id = ev->vdev_id;
4882 	scan_evt_param->tsf_timestamp = ev->tsf_timestamp;
4883 
4884 	kfree(tb);
4885 	return 0;
4886 }
4887 
4888 static int ath12k_pull_peer_sta_kickout_ev(struct ath12k_base *ab, struct sk_buff *skb,
4889 					   struct wmi_peer_sta_kickout_arg *arg)
4890 {
4891 	const void **tb;
4892 	const struct wmi_peer_sta_kickout_event *ev;
4893 	int ret;
4894 
4895 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4896 	if (IS_ERR(tb)) {
4897 		ret = PTR_ERR(tb);
4898 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
4899 		return ret;
4900 	}
4901 
4902 	ev = tb[WMI_TAG_PEER_STA_KICKOUT_EVENT];
4903 	if (!ev) {
4904 		ath12k_warn(ab, "failed to fetch peer sta kickout ev");
4905 		kfree(tb);
4906 		return -EPROTO;
4907 	}
4908 
4909 	arg->mac_addr = ev->peer_macaddr.addr;
4910 
4911 	kfree(tb);
4912 	return 0;
4913 }
4914 
4915 static int ath12k_pull_roam_ev(struct ath12k_base *ab, struct sk_buff *skb,
4916 			       struct wmi_roam_event *roam_ev)
4917 {
4918 	const void **tb;
4919 	const struct wmi_roam_event *ev;
4920 	int ret;
4921 
4922 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
4923 	if (IS_ERR(tb)) {
4924 		ret = PTR_ERR(tb);
4925 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
4926 		return ret;
4927 	}
4928 
4929 	ev = tb[WMI_TAG_ROAM_EVENT];
4930 	if (!ev) {
4931 		ath12k_warn(ab, "failed to fetch roam ev");
4932 		kfree(tb);
4933 		return -EPROTO;
4934 	}
4935 
4936 	roam_ev->vdev_id = ev->vdev_id;
4937 	roam_ev->reason = ev->reason;
4938 	roam_ev->rssi = ev->rssi;
4939 
4940 	kfree(tb);
4941 	return 0;
4942 }
4943 
4944 static int freq_to_idx(struct ath12k *ar, int freq)
4945 {
4946 	struct ieee80211_supported_band *sband;
4947 	int band, ch, idx = 0;
4948 
4949 	for (band = NL80211_BAND_2GHZ; band < NUM_NL80211_BANDS; band++) {
4950 		if (!ar->mac.sbands[band].channels)
4951 			continue;
4952 
4953 		sband = ar->hw->wiphy->bands[band];
4954 		if (!sband)
4955 			continue;
4956 
4957 		for (ch = 0; ch < sband->n_channels; ch++, idx++)
4958 			if (sband->channels[ch].center_freq == freq)
4959 				goto exit;
4960 	}
4961 
4962 exit:
4963 	return idx;
4964 }
4965 
4966 static int ath12k_pull_chan_info_ev(struct ath12k_base *ab, u8 *evt_buf,
4967 				    u32 len, struct wmi_chan_info_event *ch_info_ev)
4968 {
4969 	const void **tb;
4970 	const struct wmi_chan_info_event *ev;
4971 	int ret;
4972 
4973 	tb = ath12k_wmi_tlv_parse_alloc(ab, evt_buf, len, GFP_ATOMIC);
4974 	if (IS_ERR(tb)) {
4975 		ret = PTR_ERR(tb);
4976 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
4977 		return ret;
4978 	}
4979 
4980 	ev = tb[WMI_TAG_CHAN_INFO_EVENT];
4981 	if (!ev) {
4982 		ath12k_warn(ab, "failed to fetch chan info ev");
4983 		kfree(tb);
4984 		return -EPROTO;
4985 	}
4986 
4987 	ch_info_ev->err_code = ev->err_code;
4988 	ch_info_ev->freq = ev->freq;
4989 	ch_info_ev->cmd_flags = ev->cmd_flags;
4990 	ch_info_ev->noise_floor = ev->noise_floor;
4991 	ch_info_ev->rx_clear_count = ev->rx_clear_count;
4992 	ch_info_ev->cycle_count = ev->cycle_count;
4993 	ch_info_ev->chan_tx_pwr_range = ev->chan_tx_pwr_range;
4994 	ch_info_ev->chan_tx_pwr_tp = ev->chan_tx_pwr_tp;
4995 	ch_info_ev->rx_frame_count = ev->rx_frame_count;
4996 	ch_info_ev->tx_frame_cnt = ev->tx_frame_cnt;
4997 	ch_info_ev->mac_clk_mhz = ev->mac_clk_mhz;
4998 	ch_info_ev->vdev_id = ev->vdev_id;
4999 
5000 	kfree(tb);
5001 	return 0;
5002 }
5003 
5004 static int
5005 ath12k_pull_pdev_bss_chan_info_ev(struct ath12k_base *ab, struct sk_buff *skb,
5006 				  struct wmi_pdev_bss_chan_info_event *bss_ch_info_ev)
5007 {
5008 	const void **tb;
5009 	const struct wmi_pdev_bss_chan_info_event *ev;
5010 	int ret;
5011 
5012 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5013 	if (IS_ERR(tb)) {
5014 		ret = PTR_ERR(tb);
5015 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
5016 		return ret;
5017 	}
5018 
5019 	ev = tb[WMI_TAG_PDEV_BSS_CHAN_INFO_EVENT];
5020 	if (!ev) {
5021 		ath12k_warn(ab, "failed to fetch pdev bss chan info ev");
5022 		kfree(tb);
5023 		return -EPROTO;
5024 	}
5025 
5026 	bss_ch_info_ev->pdev_id = ev->pdev_id;
5027 	bss_ch_info_ev->freq = ev->freq;
5028 	bss_ch_info_ev->noise_floor = ev->noise_floor;
5029 	bss_ch_info_ev->rx_clear_count_low = ev->rx_clear_count_low;
5030 	bss_ch_info_ev->rx_clear_count_high = ev->rx_clear_count_high;
5031 	bss_ch_info_ev->cycle_count_low = ev->cycle_count_low;
5032 	bss_ch_info_ev->cycle_count_high = ev->cycle_count_high;
5033 	bss_ch_info_ev->tx_cycle_count_low = ev->tx_cycle_count_low;
5034 	bss_ch_info_ev->tx_cycle_count_high = ev->tx_cycle_count_high;
5035 	bss_ch_info_ev->rx_cycle_count_low = ev->rx_cycle_count_low;
5036 	bss_ch_info_ev->rx_cycle_count_high = ev->rx_cycle_count_high;
5037 	bss_ch_info_ev->rx_bss_cycle_count_low = ev->rx_bss_cycle_count_low;
5038 	bss_ch_info_ev->rx_bss_cycle_count_high = ev->rx_bss_cycle_count_high;
5039 
5040 	kfree(tb);
5041 	return 0;
5042 }
5043 
5044 static int
5045 ath12k_pull_vdev_install_key_compl_ev(struct ath12k_base *ab, struct sk_buff *skb,
5046 				      struct wmi_vdev_install_key_complete_arg *arg)
5047 {
5048 	const void **tb;
5049 	const struct wmi_vdev_install_key_compl_event *ev;
5050 	int ret;
5051 
5052 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5053 	if (IS_ERR(tb)) {
5054 		ret = PTR_ERR(tb);
5055 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
5056 		return ret;
5057 	}
5058 
5059 	ev = tb[WMI_TAG_VDEV_INSTALL_KEY_COMPLETE_EVENT];
5060 	if (!ev) {
5061 		ath12k_warn(ab, "failed to fetch vdev install key compl ev");
5062 		kfree(tb);
5063 		return -EPROTO;
5064 	}
5065 
5066 	arg->vdev_id = le32_to_cpu(ev->vdev_id);
5067 	arg->macaddr = ev->peer_macaddr.addr;
5068 	arg->key_idx = le32_to_cpu(ev->key_idx);
5069 	arg->key_flags = le32_to_cpu(ev->key_flags);
5070 	arg->status = le32_to_cpu(ev->status);
5071 
5072 	kfree(tb);
5073 	return 0;
5074 }
5075 
5076 static int ath12k_pull_peer_assoc_conf_ev(struct ath12k_base *ab, struct sk_buff *skb,
5077 					  struct wmi_peer_assoc_conf_arg *peer_assoc_conf)
5078 {
5079 	const void **tb;
5080 	const struct wmi_peer_assoc_conf_event *ev;
5081 	int ret;
5082 
5083 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
5084 	if (IS_ERR(tb)) {
5085 		ret = PTR_ERR(tb);
5086 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
5087 		return ret;
5088 	}
5089 
5090 	ev = tb[WMI_TAG_PEER_ASSOC_CONF_EVENT];
5091 	if (!ev) {
5092 		ath12k_warn(ab, "failed to fetch peer assoc conf ev");
5093 		kfree(tb);
5094 		return -EPROTO;
5095 	}
5096 
5097 	peer_assoc_conf->vdev_id = le32_to_cpu(ev->vdev_id);
5098 	peer_assoc_conf->macaddr = ev->peer_macaddr.addr;
5099 
5100 	kfree(tb);
5101 	return 0;
5102 }
5103 
5104 static int
5105 ath12k_pull_pdev_temp_ev(struct ath12k_base *ab, u8 *evt_buf,
5106 			 u32 len, const struct wmi_pdev_temperature_event *ev)
5107 {
5108 	const void **tb;
5109 	int ret;
5110 
5111 	tb = ath12k_wmi_tlv_parse_alloc(ab, evt_buf, len, GFP_ATOMIC);
5112 	if (IS_ERR(tb)) {
5113 		ret = PTR_ERR(tb);
5114 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
5115 		return ret;
5116 	}
5117 
5118 	ev = tb[WMI_TAG_PDEV_TEMPERATURE_EVENT];
5119 	if (!ev) {
5120 		ath12k_warn(ab, "failed to fetch pdev temp ev");
5121 		kfree(tb);
5122 		return -EPROTO;
5123 	}
5124 
5125 	kfree(tb);
5126 	return 0;
5127 }
5128 
5129 static void ath12k_wmi_op_ep_tx_credits(struct ath12k_base *ab)
5130 {
5131 	/* try to send pending beacons first. they take priority */
5132 	wake_up(&ab->wmi_ab.tx_credits_wq);
5133 }
5134 
5135 static void ath12k_wmi_htc_tx_complete(struct ath12k_base *ab,
5136 				       struct sk_buff *skb)
5137 {
5138 	dev_kfree_skb(skb);
5139 }
5140 
5141 static bool ath12k_reg_is_world_alpha(char *alpha)
5142 {
5143 	return alpha[0] == '0' && alpha[1] == '0';
5144 }
5145 
5146 static int ath12k_reg_chan_list_event(struct ath12k_base *ab, struct sk_buff *skb)
5147 {
5148 	struct ath12k_reg_info *reg_info = NULL;
5149 	struct ieee80211_regdomain *regd = NULL;
5150 	bool intersect = false;
5151 	int ret = 0, pdev_idx, i, j;
5152 	struct ath12k *ar;
5153 
5154 	reg_info = kzalloc(sizeof(*reg_info), GFP_ATOMIC);
5155 	if (!reg_info) {
5156 		ret = -ENOMEM;
5157 		goto fallback;
5158 	}
5159 
5160 	ret = ath12k_pull_reg_chan_list_ext_update_ev(ab, skb, reg_info);
5161 
5162 	if (ret) {
5163 		ath12k_warn(ab, "failed to extract regulatory info from received event\n");
5164 		goto fallback;
5165 	}
5166 
5167 	if (reg_info->status_code != REG_SET_CC_STATUS_PASS) {
5168 		/* In case of failure to set the requested ctry,
5169 		 * fw retains the current regd. We print a failure info
5170 		 * and return from here.
5171 		 */
5172 		ath12k_warn(ab, "Failed to set the requested Country regulatory setting\n");
5173 		goto mem_free;
5174 	}
5175 
5176 	pdev_idx = reg_info->phy_id;
5177 
5178 	if (pdev_idx >= ab->num_radios) {
5179 		/* Process the event for phy0 only if single_pdev_only
5180 		 * is true. If pdev_idx is valid but not 0, discard the
5181 		 * event. Otherwise, it goes to fallback.
5182 		 */
5183 		if (ab->hw_params->single_pdev_only &&
5184 		    pdev_idx < ab->hw_params->num_rxmda_per_pdev)
5185 			goto mem_free;
5186 		else
5187 			goto fallback;
5188 	}
5189 
5190 	/* Avoid multiple overwrites to default regd, during core
5191 	 * stop-start after mac registration.
5192 	 */
5193 	if (ab->default_regd[pdev_idx] && !ab->new_regd[pdev_idx] &&
5194 	    !memcmp(ab->default_regd[pdev_idx]->alpha2,
5195 		    reg_info->alpha2, 2))
5196 		goto mem_free;
5197 
5198 	/* Intersect new rules with default regd if a new country setting was
5199 	 * requested, i.e a default regd was already set during initialization
5200 	 * and the regd coming from this event has a valid country info.
5201 	 */
5202 	if (ab->default_regd[pdev_idx] &&
5203 	    !ath12k_reg_is_world_alpha((char *)
5204 		ab->default_regd[pdev_idx]->alpha2) &&
5205 	    !ath12k_reg_is_world_alpha((char *)reg_info->alpha2))
5206 		intersect = true;
5207 
5208 	regd = ath12k_reg_build_regd(ab, reg_info, intersect);
5209 	if (!regd) {
5210 		ath12k_warn(ab, "failed to build regd from reg_info\n");
5211 		goto fallback;
5212 	}
5213 
5214 	spin_lock(&ab->base_lock);
5215 	if (test_bit(ATH12K_FLAG_REGISTERED, &ab->dev_flags)) {
5216 		/* Once mac is registered, ar is valid and all CC events from
5217 		 * fw is considered to be received due to user requests
5218 		 * currently.
5219 		 * Free previously built regd before assigning the newly
5220 		 * generated regd to ar. NULL pointer handling will be
5221 		 * taken care by kfree itself.
5222 		 */
5223 		ar = ab->pdevs[pdev_idx].ar;
5224 		kfree(ab->new_regd[pdev_idx]);
5225 		ab->new_regd[pdev_idx] = regd;
5226 		ieee80211_queue_work(ar->hw, &ar->regd_update_work);
5227 	} else {
5228 		/* Multiple events for the same *ar is not expected. But we
5229 		 * can still clear any previously stored default_regd if we
5230 		 * are receiving this event for the same radio by mistake.
5231 		 * NULL pointer handling will be taken care by kfree itself.
5232 		 */
5233 		kfree(ab->default_regd[pdev_idx]);
5234 		/* This regd would be applied during mac registration */
5235 		ab->default_regd[pdev_idx] = regd;
5236 	}
5237 	ab->dfs_region = reg_info->dfs_region;
5238 	spin_unlock(&ab->base_lock);
5239 
5240 	goto mem_free;
5241 
5242 fallback:
5243 	/* Fallback to older reg (by sending previous country setting
5244 	 * again if fw has succeeded and we failed to process here.
5245 	 * The Regdomain should be uniform across driver and fw. Since the
5246 	 * FW has processed the command and sent a success status, we expect
5247 	 * this function to succeed as well. If it doesn't, CTRY needs to be
5248 	 * reverted at the fw and the old SCAN_CHAN_LIST cmd needs to be sent.
5249 	 */
5250 	/* TODO: This is rare, but still should also be handled */
5251 	WARN_ON(1);
5252 mem_free:
5253 	if (reg_info) {
5254 		kfree(reg_info->reg_rules_2g_ptr);
5255 		kfree(reg_info->reg_rules_5g_ptr);
5256 		if (reg_info->is_ext_reg_event) {
5257 			for (i = 0; i < WMI_REG_CURRENT_MAX_AP_TYPE; i++)
5258 				kfree(reg_info->reg_rules_6g_ap_ptr[i]);
5259 
5260 			for (j = 0; j < WMI_REG_CURRENT_MAX_AP_TYPE; j++)
5261 				for (i = 0; i < WMI_REG_MAX_CLIENT_TYPE; i++)
5262 					kfree(reg_info->reg_rules_6g_client_ptr[j][i]);
5263 		}
5264 		kfree(reg_info);
5265 	}
5266 	return ret;
5267 }
5268 
5269 static int ath12k_wmi_rdy_parse(struct ath12k_base *ab, u16 tag, u16 len,
5270 				const void *ptr, void *data)
5271 {
5272 	struct ath12k_wmi_rdy_parse *rdy_parse = data;
5273 	struct wmi_ready_event fixed_param;
5274 	struct ath12k_wmi_mac_addr_params *addr_list;
5275 	struct ath12k_pdev *pdev;
5276 	u32 num_mac_addr;
5277 	int i;
5278 
5279 	switch (tag) {
5280 	case WMI_TAG_READY_EVENT:
5281 		memset(&fixed_param, 0, sizeof(fixed_param));
5282 		memcpy(&fixed_param, (struct wmi_ready_event *)ptr,
5283 		       min_t(u16, sizeof(fixed_param), len));
5284 		ab->wlan_init_status = le32_to_cpu(fixed_param.ready_event_min.status);
5285 		rdy_parse->num_extra_mac_addr =
5286 			le32_to_cpu(fixed_param.ready_event_min.num_extra_mac_addr);
5287 
5288 		ether_addr_copy(ab->mac_addr,
5289 				fixed_param.ready_event_min.mac_addr.addr);
5290 		ab->pktlog_defs_checksum = le32_to_cpu(fixed_param.pktlog_defs_checksum);
5291 		ab->wmi_ready = true;
5292 		break;
5293 	case WMI_TAG_ARRAY_FIXED_STRUCT:
5294 		addr_list = (struct ath12k_wmi_mac_addr_params *)ptr;
5295 		num_mac_addr = rdy_parse->num_extra_mac_addr;
5296 
5297 		if (!(ab->num_radios > 1 && num_mac_addr >= ab->num_radios))
5298 			break;
5299 
5300 		for (i = 0; i < ab->num_radios; i++) {
5301 			pdev = &ab->pdevs[i];
5302 			ether_addr_copy(pdev->mac_addr, addr_list[i].addr);
5303 		}
5304 		ab->pdevs_macaddr_valid = true;
5305 		break;
5306 	default:
5307 		break;
5308 	}
5309 
5310 	return 0;
5311 }
5312 
5313 static int ath12k_ready_event(struct ath12k_base *ab, struct sk_buff *skb)
5314 {
5315 	struct ath12k_wmi_rdy_parse rdy_parse = { };
5316 	int ret;
5317 
5318 	ret = ath12k_wmi_tlv_iter(ab, skb->data, skb->len,
5319 				  ath12k_wmi_rdy_parse, &rdy_parse);
5320 	if (ret) {
5321 		ath12k_warn(ab, "failed to parse tlv %d\n", ret);
5322 		return ret;
5323 	}
5324 
5325 	complete(&ab->wmi_ab.unified_ready);
5326 	return 0;
5327 }
5328 
5329 static void ath12k_peer_delete_resp_event(struct ath12k_base *ab, struct sk_buff *skb)
5330 {
5331 	struct wmi_peer_delete_resp_event peer_del_resp;
5332 	struct ath12k *ar;
5333 
5334 	if (ath12k_pull_peer_del_resp_ev(ab, skb, &peer_del_resp) != 0) {
5335 		ath12k_warn(ab, "failed to extract peer delete resp");
5336 		return;
5337 	}
5338 
5339 	rcu_read_lock();
5340 	ar = ath12k_mac_get_ar_by_vdev_id(ab, le32_to_cpu(peer_del_resp.vdev_id));
5341 	if (!ar) {
5342 		ath12k_warn(ab, "invalid vdev id in peer delete resp ev %d",
5343 			    peer_del_resp.vdev_id);
5344 		rcu_read_unlock();
5345 		return;
5346 	}
5347 
5348 	complete(&ar->peer_delete_done);
5349 	rcu_read_unlock();
5350 	ath12k_dbg(ab, ATH12K_DBG_WMI, "peer delete resp for vdev id %d addr %pM\n",
5351 		   peer_del_resp.vdev_id, peer_del_resp.peer_macaddr.addr);
5352 }
5353 
5354 static void ath12k_vdev_delete_resp_event(struct ath12k_base *ab,
5355 					  struct sk_buff *skb)
5356 {
5357 	struct ath12k *ar;
5358 	u32 vdev_id = 0;
5359 
5360 	if (ath12k_pull_vdev_del_resp_ev(ab, skb, &vdev_id) != 0) {
5361 		ath12k_warn(ab, "failed to extract vdev delete resp");
5362 		return;
5363 	}
5364 
5365 	rcu_read_lock();
5366 	ar = ath12k_mac_get_ar_by_vdev_id(ab, vdev_id);
5367 	if (!ar) {
5368 		ath12k_warn(ab, "invalid vdev id in vdev delete resp ev %d",
5369 			    vdev_id);
5370 		rcu_read_unlock();
5371 		return;
5372 	}
5373 
5374 	complete(&ar->vdev_delete_done);
5375 
5376 	rcu_read_unlock();
5377 
5378 	ath12k_dbg(ab, ATH12K_DBG_WMI, "vdev delete resp for vdev id %d\n",
5379 		   vdev_id);
5380 }
5381 
5382 static const char *ath12k_wmi_vdev_resp_print(u32 vdev_resp_status)
5383 {
5384 	switch (vdev_resp_status) {
5385 	case WMI_VDEV_START_RESPONSE_INVALID_VDEVID:
5386 		return "invalid vdev id";
5387 	case WMI_VDEV_START_RESPONSE_NOT_SUPPORTED:
5388 		return "not supported";
5389 	case WMI_VDEV_START_RESPONSE_DFS_VIOLATION:
5390 		return "dfs violation";
5391 	case WMI_VDEV_START_RESPONSE_INVALID_REGDOMAIN:
5392 		return "invalid regdomain";
5393 	default:
5394 		return "unknown";
5395 	}
5396 }
5397 
5398 static void ath12k_vdev_start_resp_event(struct ath12k_base *ab, struct sk_buff *skb)
5399 {
5400 	struct wmi_vdev_start_resp_event vdev_start_resp;
5401 	struct ath12k *ar;
5402 	u32 status;
5403 
5404 	if (ath12k_pull_vdev_start_resp_tlv(ab, skb, &vdev_start_resp) != 0) {
5405 		ath12k_warn(ab, "failed to extract vdev start resp");
5406 		return;
5407 	}
5408 
5409 	rcu_read_lock();
5410 	ar = ath12k_mac_get_ar_by_vdev_id(ab, le32_to_cpu(vdev_start_resp.vdev_id));
5411 	if (!ar) {
5412 		ath12k_warn(ab, "invalid vdev id in vdev start resp ev %d",
5413 			    vdev_start_resp.vdev_id);
5414 		rcu_read_unlock();
5415 		return;
5416 	}
5417 
5418 	ar->last_wmi_vdev_start_status = 0;
5419 
5420 	status = le32_to_cpu(vdev_start_resp.status);
5421 
5422 	if (WARN_ON_ONCE(status)) {
5423 		ath12k_warn(ab, "vdev start resp error status %d (%s)\n",
5424 			    status, ath12k_wmi_vdev_resp_print(status));
5425 		ar->last_wmi_vdev_start_status = status;
5426 	}
5427 
5428 	complete(&ar->vdev_setup_done);
5429 
5430 	rcu_read_unlock();
5431 
5432 	ath12k_dbg(ab, ATH12K_DBG_WMI, "vdev start resp for vdev id %d",
5433 		   vdev_start_resp.vdev_id);
5434 }
5435 
5436 static void ath12k_bcn_tx_status_event(struct ath12k_base *ab, struct sk_buff *skb)
5437 {
5438 	u32 vdev_id, tx_status;
5439 
5440 	if (ath12k_pull_bcn_tx_status_ev(ab, skb->data, skb->len,
5441 					 &vdev_id, &tx_status) != 0) {
5442 		ath12k_warn(ab, "failed to extract bcn tx status");
5443 		return;
5444 	}
5445 }
5446 
5447 static void ath12k_vdev_stopped_event(struct ath12k_base *ab, struct sk_buff *skb)
5448 {
5449 	struct ath12k *ar;
5450 	u32 vdev_id = 0;
5451 
5452 	if (ath12k_pull_vdev_stopped_param_tlv(ab, skb, &vdev_id) != 0) {
5453 		ath12k_warn(ab, "failed to extract vdev stopped event");
5454 		return;
5455 	}
5456 
5457 	rcu_read_lock();
5458 	ar = ath12k_mac_get_ar_by_vdev_id(ab, vdev_id);
5459 	if (!ar) {
5460 		ath12k_warn(ab, "invalid vdev id in vdev stopped ev %d",
5461 			    vdev_id);
5462 		rcu_read_unlock();
5463 		return;
5464 	}
5465 
5466 	complete(&ar->vdev_setup_done);
5467 
5468 	rcu_read_unlock();
5469 
5470 	ath12k_dbg(ab, ATH12K_DBG_WMI, "vdev stopped for vdev id %d", vdev_id);
5471 }
5472 
5473 static void ath12k_mgmt_rx_event(struct ath12k_base *ab, struct sk_buff *skb)
5474 {
5475 	struct ath12k_wmi_mgmt_rx_arg rx_ev = {0};
5476 	struct ath12k *ar;
5477 	struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
5478 	struct ieee80211_hdr *hdr;
5479 	u16 fc;
5480 	struct ieee80211_supported_band *sband;
5481 
5482 	if (ath12k_pull_mgmt_rx_params_tlv(ab, skb, &rx_ev) != 0) {
5483 		ath12k_warn(ab, "failed to extract mgmt rx event");
5484 		dev_kfree_skb(skb);
5485 		return;
5486 	}
5487 
5488 	memset(status, 0, sizeof(*status));
5489 
5490 	ath12k_dbg(ab, ATH12K_DBG_MGMT, "mgmt rx event status %08x\n",
5491 		   rx_ev.status);
5492 
5493 	rcu_read_lock();
5494 	ar = ath12k_mac_get_ar_by_pdev_id(ab, rx_ev.pdev_id);
5495 
5496 	if (!ar) {
5497 		ath12k_warn(ab, "invalid pdev_id %d in mgmt_rx_event\n",
5498 			    rx_ev.pdev_id);
5499 		dev_kfree_skb(skb);
5500 		goto exit;
5501 	}
5502 
5503 	if ((test_bit(ATH12K_CAC_RUNNING, &ar->dev_flags)) ||
5504 	    (rx_ev.status & (WMI_RX_STATUS_ERR_DECRYPT |
5505 			     WMI_RX_STATUS_ERR_KEY_CACHE_MISS |
5506 			     WMI_RX_STATUS_ERR_CRC))) {
5507 		dev_kfree_skb(skb);
5508 		goto exit;
5509 	}
5510 
5511 	if (rx_ev.status & WMI_RX_STATUS_ERR_MIC)
5512 		status->flag |= RX_FLAG_MMIC_ERROR;
5513 
5514 	if (rx_ev.chan_freq >= ATH12K_MIN_6G_FREQ) {
5515 		status->band = NL80211_BAND_6GHZ;
5516 	} else if (rx_ev.channel >= 1 && rx_ev.channel <= 14) {
5517 		status->band = NL80211_BAND_2GHZ;
5518 	} else if (rx_ev.channel >= 36 && rx_ev.channel <= ATH12K_MAX_5G_CHAN) {
5519 		status->band = NL80211_BAND_5GHZ;
5520 	} else {
5521 		/* Shouldn't happen unless list of advertised channels to
5522 		 * mac80211 has been changed.
5523 		 */
5524 		WARN_ON_ONCE(1);
5525 		dev_kfree_skb(skb);
5526 		goto exit;
5527 	}
5528 
5529 	if (rx_ev.phy_mode == MODE_11B &&
5530 	    (status->band == NL80211_BAND_5GHZ || status->band == NL80211_BAND_6GHZ))
5531 		ath12k_dbg(ab, ATH12K_DBG_WMI,
5532 			   "wmi mgmt rx 11b (CCK) on 5/6GHz, band = %d\n", status->band);
5533 
5534 	sband = &ar->mac.sbands[status->band];
5535 
5536 	status->freq = ieee80211_channel_to_frequency(rx_ev.channel,
5537 						      status->band);
5538 	status->signal = rx_ev.snr + ATH12K_DEFAULT_NOISE_FLOOR;
5539 	status->rate_idx = ath12k_mac_bitrate_to_idx(sband, rx_ev.rate / 100);
5540 
5541 	hdr = (struct ieee80211_hdr *)skb->data;
5542 	fc = le16_to_cpu(hdr->frame_control);
5543 
5544 	/* Firmware is guaranteed to report all essential management frames via
5545 	 * WMI while it can deliver some extra via HTT. Since there can be
5546 	 * duplicates split the reporting wrt monitor/sniffing.
5547 	 */
5548 	status->flag |= RX_FLAG_SKIP_MONITOR;
5549 
5550 	/* In case of PMF, FW delivers decrypted frames with Protected Bit set
5551 	 * including group privacy action frames.
5552 	 */
5553 	if (ieee80211_has_protected(hdr->frame_control)) {
5554 		status->flag |= RX_FLAG_DECRYPTED;
5555 
5556 		if (!ieee80211_is_robust_mgmt_frame(skb)) {
5557 			status->flag |= RX_FLAG_IV_STRIPPED |
5558 					RX_FLAG_MMIC_STRIPPED;
5559 			hdr->frame_control = __cpu_to_le16(fc &
5560 					     ~IEEE80211_FCTL_PROTECTED);
5561 		}
5562 	}
5563 
5564 	/* TODO: Pending handle beacon implementation
5565 	 *if (ieee80211_is_beacon(hdr->frame_control))
5566 	 *	ath12k_mac_handle_beacon(ar, skb);
5567 	 */
5568 
5569 	ath12k_dbg(ab, ATH12K_DBG_MGMT,
5570 		   "event mgmt rx skb %pK len %d ftype %02x stype %02x\n",
5571 		   skb, skb->len,
5572 		   fc & IEEE80211_FCTL_FTYPE, fc & IEEE80211_FCTL_STYPE);
5573 
5574 	ath12k_dbg(ab, ATH12K_DBG_MGMT,
5575 		   "event mgmt rx freq %d band %d snr %d, rate_idx %d\n",
5576 		   status->freq, status->band, status->signal,
5577 		   status->rate_idx);
5578 
5579 	ieee80211_rx_ni(ar->hw, skb);
5580 
5581 exit:
5582 	rcu_read_unlock();
5583 }
5584 
5585 static void ath12k_mgmt_tx_compl_event(struct ath12k_base *ab, struct sk_buff *skb)
5586 {
5587 	struct wmi_mgmt_tx_compl_event tx_compl_param = {0};
5588 	struct ath12k *ar;
5589 
5590 	if (ath12k_pull_mgmt_tx_compl_param_tlv(ab, skb, &tx_compl_param) != 0) {
5591 		ath12k_warn(ab, "failed to extract mgmt tx compl event");
5592 		return;
5593 	}
5594 
5595 	rcu_read_lock();
5596 	ar = ath12k_mac_get_ar_by_pdev_id(ab, le32_to_cpu(tx_compl_param.pdev_id));
5597 	if (!ar) {
5598 		ath12k_warn(ab, "invalid pdev id %d in mgmt_tx_compl_event\n",
5599 			    tx_compl_param.pdev_id);
5600 		goto exit;
5601 	}
5602 
5603 	wmi_process_mgmt_tx_comp(ar, le32_to_cpu(tx_compl_param.desc_id),
5604 				 le32_to_cpu(tx_compl_param.status));
5605 
5606 	ath12k_dbg(ab, ATH12K_DBG_MGMT,
5607 		   "mgmt tx compl ev pdev_id %d, desc_id %d, status %d",
5608 		   tx_compl_param.pdev_id, tx_compl_param.desc_id,
5609 		   tx_compl_param.status);
5610 
5611 exit:
5612 	rcu_read_unlock();
5613 }
5614 
5615 static struct ath12k *ath12k_get_ar_on_scan_abort(struct ath12k_base *ab,
5616 						  u32 vdev_id)
5617 {
5618 	int i;
5619 	struct ath12k_pdev *pdev;
5620 	struct ath12k *ar;
5621 
5622 	for (i = 0; i < ab->num_radios; i++) {
5623 		pdev = rcu_dereference(ab->pdevs_active[i]);
5624 		if (pdev && pdev->ar) {
5625 			ar = pdev->ar;
5626 
5627 			spin_lock_bh(&ar->data_lock);
5628 			if (ar->scan.state == ATH12K_SCAN_ABORTING &&
5629 			    ar->scan.vdev_id == vdev_id) {
5630 				spin_unlock_bh(&ar->data_lock);
5631 				return ar;
5632 			}
5633 			spin_unlock_bh(&ar->data_lock);
5634 		}
5635 	}
5636 	return NULL;
5637 }
5638 
5639 static void ath12k_scan_event(struct ath12k_base *ab, struct sk_buff *skb)
5640 {
5641 	struct ath12k *ar;
5642 	struct wmi_scan_event scan_ev = {0};
5643 
5644 	if (ath12k_pull_scan_ev(ab, skb, &scan_ev) != 0) {
5645 		ath12k_warn(ab, "failed to extract scan event");
5646 		return;
5647 	}
5648 
5649 	rcu_read_lock();
5650 
5651 	/* In case the scan was cancelled, ex. during interface teardown,
5652 	 * the interface will not be found in active interfaces.
5653 	 * Rather, in such scenarios, iterate over the active pdev's to
5654 	 * search 'ar' if the corresponding 'ar' scan is ABORTING and the
5655 	 * aborting scan's vdev id matches this event info.
5656 	 */
5657 	if (le32_to_cpu(scan_ev.event_type) == WMI_SCAN_EVENT_COMPLETED &&
5658 	    le32_to_cpu(scan_ev.reason) == WMI_SCAN_REASON_CANCELLED)
5659 		ar = ath12k_get_ar_on_scan_abort(ab, le32_to_cpu(scan_ev.vdev_id));
5660 	else
5661 		ar = ath12k_mac_get_ar_by_vdev_id(ab, le32_to_cpu(scan_ev.vdev_id));
5662 
5663 	if (!ar) {
5664 		ath12k_warn(ab, "Received scan event for unknown vdev");
5665 		rcu_read_unlock();
5666 		return;
5667 	}
5668 
5669 	spin_lock_bh(&ar->data_lock);
5670 
5671 	ath12k_dbg(ab, ATH12K_DBG_WMI,
5672 		   "scan event %s type %d reason %d freq %d req_id %d scan_id %d vdev_id %d state %s (%d)\n",
5673 		   ath12k_wmi_event_scan_type_str(le32_to_cpu(scan_ev.event_type),
5674 						  le32_to_cpu(scan_ev.reason)),
5675 		   le32_to_cpu(scan_ev.event_type),
5676 		   le32_to_cpu(scan_ev.reason),
5677 		   le32_to_cpu(scan_ev.channel_freq),
5678 		   le32_to_cpu(scan_ev.scan_req_id),
5679 		   le32_to_cpu(scan_ev.scan_id),
5680 		   le32_to_cpu(scan_ev.vdev_id),
5681 		   ath12k_scan_state_str(ar->scan.state), ar->scan.state);
5682 
5683 	switch (le32_to_cpu(scan_ev.event_type)) {
5684 	case WMI_SCAN_EVENT_STARTED:
5685 		ath12k_wmi_event_scan_started(ar);
5686 		break;
5687 	case WMI_SCAN_EVENT_COMPLETED:
5688 		ath12k_wmi_event_scan_completed(ar);
5689 		break;
5690 	case WMI_SCAN_EVENT_BSS_CHANNEL:
5691 		ath12k_wmi_event_scan_bss_chan(ar);
5692 		break;
5693 	case WMI_SCAN_EVENT_FOREIGN_CHAN:
5694 		ath12k_wmi_event_scan_foreign_chan(ar, le32_to_cpu(scan_ev.channel_freq));
5695 		break;
5696 	case WMI_SCAN_EVENT_START_FAILED:
5697 		ath12k_warn(ab, "received scan start failure event\n");
5698 		ath12k_wmi_event_scan_start_failed(ar);
5699 		break;
5700 	case WMI_SCAN_EVENT_DEQUEUED:
5701 	case WMI_SCAN_EVENT_PREEMPTED:
5702 	case WMI_SCAN_EVENT_RESTARTED:
5703 	case WMI_SCAN_EVENT_FOREIGN_CHAN_EXIT:
5704 	default:
5705 		break;
5706 	}
5707 
5708 	spin_unlock_bh(&ar->data_lock);
5709 
5710 	rcu_read_unlock();
5711 }
5712 
5713 static void ath12k_peer_sta_kickout_event(struct ath12k_base *ab, struct sk_buff *skb)
5714 {
5715 	struct wmi_peer_sta_kickout_arg arg = {};
5716 	struct ieee80211_sta *sta;
5717 	struct ath12k_peer *peer;
5718 	struct ath12k *ar;
5719 
5720 	if (ath12k_pull_peer_sta_kickout_ev(ab, skb, &arg) != 0) {
5721 		ath12k_warn(ab, "failed to extract peer sta kickout event");
5722 		return;
5723 	}
5724 
5725 	rcu_read_lock();
5726 
5727 	spin_lock_bh(&ab->base_lock);
5728 
5729 	peer = ath12k_peer_find_by_addr(ab, arg.mac_addr);
5730 
5731 	if (!peer) {
5732 		ath12k_warn(ab, "peer not found %pM\n",
5733 			    arg.mac_addr);
5734 		goto exit;
5735 	}
5736 
5737 	ar = ath12k_mac_get_ar_by_vdev_id(ab, peer->vdev_id);
5738 	if (!ar) {
5739 		ath12k_warn(ab, "invalid vdev id in peer sta kickout ev %d",
5740 			    peer->vdev_id);
5741 		goto exit;
5742 	}
5743 
5744 	sta = ieee80211_find_sta_by_ifaddr(ar->hw,
5745 					   arg.mac_addr, NULL);
5746 	if (!sta) {
5747 		ath12k_warn(ab, "Spurious quick kickout for STA %pM\n",
5748 			    arg.mac_addr);
5749 		goto exit;
5750 	}
5751 
5752 	ath12k_dbg(ab, ATH12K_DBG_WMI, "peer sta kickout event %pM",
5753 		   arg.mac_addr);
5754 
5755 	ieee80211_report_low_ack(sta, 10);
5756 
5757 exit:
5758 	spin_unlock_bh(&ab->base_lock);
5759 	rcu_read_unlock();
5760 }
5761 
5762 static void ath12k_roam_event(struct ath12k_base *ab, struct sk_buff *skb)
5763 {
5764 	struct wmi_roam_event roam_ev = {};
5765 	struct ath12k *ar;
5766 
5767 	if (ath12k_pull_roam_ev(ab, skb, &roam_ev) != 0) {
5768 		ath12k_warn(ab, "failed to extract roam event");
5769 		return;
5770 	}
5771 
5772 	ath12k_dbg(ab, ATH12K_DBG_WMI,
5773 		   "wmi roam event vdev %u reason 0x%08x rssi %d\n",
5774 		   roam_ev.vdev_id, roam_ev.reason, roam_ev.rssi);
5775 
5776 	rcu_read_lock();
5777 	ar = ath12k_mac_get_ar_by_vdev_id(ab, le32_to_cpu(roam_ev.vdev_id));
5778 	if (!ar) {
5779 		ath12k_warn(ab, "invalid vdev id in roam ev %d",
5780 			    roam_ev.vdev_id);
5781 		rcu_read_unlock();
5782 		return;
5783 	}
5784 
5785 	if (le32_to_cpu(roam_ev.reason) >= WMI_ROAM_REASON_MAX)
5786 		ath12k_warn(ab, "ignoring unknown roam event reason %d on vdev %i\n",
5787 			    roam_ev.reason, roam_ev.vdev_id);
5788 
5789 	switch (le32_to_cpu(roam_ev.reason)) {
5790 	case WMI_ROAM_REASON_BEACON_MISS:
5791 		/* TODO: Pending beacon miss and connection_loss_work
5792 		 * implementation
5793 		 * ath12k_mac_handle_beacon_miss(ar, vdev_id);
5794 		 */
5795 		break;
5796 	case WMI_ROAM_REASON_BETTER_AP:
5797 	case WMI_ROAM_REASON_LOW_RSSI:
5798 	case WMI_ROAM_REASON_SUITABLE_AP_FOUND:
5799 	case WMI_ROAM_REASON_HO_FAILED:
5800 		ath12k_warn(ab, "ignoring not implemented roam event reason %d on vdev %i\n",
5801 			    roam_ev.reason, roam_ev.vdev_id);
5802 		break;
5803 	}
5804 
5805 	rcu_read_unlock();
5806 }
5807 
5808 static void ath12k_chan_info_event(struct ath12k_base *ab, struct sk_buff *skb)
5809 {
5810 	struct wmi_chan_info_event ch_info_ev = {0};
5811 	struct ath12k *ar;
5812 	struct survey_info *survey;
5813 	int idx;
5814 	/* HW channel counters frequency value in hertz */
5815 	u32 cc_freq_hz = ab->cc_freq_hz;
5816 
5817 	if (ath12k_pull_chan_info_ev(ab, skb->data, skb->len, &ch_info_ev) != 0) {
5818 		ath12k_warn(ab, "failed to extract chan info event");
5819 		return;
5820 	}
5821 
5822 	ath12k_dbg(ab, ATH12K_DBG_WMI,
5823 		   "chan info vdev_id %d err_code %d freq %d cmd_flags %d noise_floor %d rx_clear_count %d cycle_count %d mac_clk_mhz %d\n",
5824 		   ch_info_ev.vdev_id, ch_info_ev.err_code, ch_info_ev.freq,
5825 		   ch_info_ev.cmd_flags, ch_info_ev.noise_floor,
5826 		   ch_info_ev.rx_clear_count, ch_info_ev.cycle_count,
5827 		   ch_info_ev.mac_clk_mhz);
5828 
5829 	if (le32_to_cpu(ch_info_ev.cmd_flags) == WMI_CHAN_INFO_END_RESP) {
5830 		ath12k_dbg(ab, ATH12K_DBG_WMI, "chan info report completed\n");
5831 		return;
5832 	}
5833 
5834 	rcu_read_lock();
5835 	ar = ath12k_mac_get_ar_by_vdev_id(ab, le32_to_cpu(ch_info_ev.vdev_id));
5836 	if (!ar) {
5837 		ath12k_warn(ab, "invalid vdev id in chan info ev %d",
5838 			    ch_info_ev.vdev_id);
5839 		rcu_read_unlock();
5840 		return;
5841 	}
5842 	spin_lock_bh(&ar->data_lock);
5843 
5844 	switch (ar->scan.state) {
5845 	case ATH12K_SCAN_IDLE:
5846 	case ATH12K_SCAN_STARTING:
5847 		ath12k_warn(ab, "received chan info event without a scan request, ignoring\n");
5848 		goto exit;
5849 	case ATH12K_SCAN_RUNNING:
5850 	case ATH12K_SCAN_ABORTING:
5851 		break;
5852 	}
5853 
5854 	idx = freq_to_idx(ar, le32_to_cpu(ch_info_ev.freq));
5855 	if (idx >= ARRAY_SIZE(ar->survey)) {
5856 		ath12k_warn(ab, "chan info: invalid frequency %d (idx %d out of bounds)\n",
5857 			    ch_info_ev.freq, idx);
5858 		goto exit;
5859 	}
5860 
5861 	/* If FW provides MAC clock frequency in Mhz, overriding the initialized
5862 	 * HW channel counters frequency value
5863 	 */
5864 	if (ch_info_ev.mac_clk_mhz)
5865 		cc_freq_hz = (le32_to_cpu(ch_info_ev.mac_clk_mhz) * 1000);
5866 
5867 	if (ch_info_ev.cmd_flags == WMI_CHAN_INFO_START_RESP) {
5868 		survey = &ar->survey[idx];
5869 		memset(survey, 0, sizeof(*survey));
5870 		survey->noise = le32_to_cpu(ch_info_ev.noise_floor);
5871 		survey->filled = SURVEY_INFO_NOISE_DBM | SURVEY_INFO_TIME |
5872 				 SURVEY_INFO_TIME_BUSY;
5873 		survey->time = div_u64(le32_to_cpu(ch_info_ev.cycle_count), cc_freq_hz);
5874 		survey->time_busy = div_u64(le32_to_cpu(ch_info_ev.rx_clear_count),
5875 					    cc_freq_hz);
5876 	}
5877 exit:
5878 	spin_unlock_bh(&ar->data_lock);
5879 	rcu_read_unlock();
5880 }
5881 
5882 static void
5883 ath12k_pdev_bss_chan_info_event(struct ath12k_base *ab, struct sk_buff *skb)
5884 {
5885 	struct wmi_pdev_bss_chan_info_event bss_ch_info_ev = {};
5886 	struct survey_info *survey;
5887 	struct ath12k *ar;
5888 	u32 cc_freq_hz = ab->cc_freq_hz;
5889 	u64 busy, total, tx, rx, rx_bss;
5890 	int idx;
5891 
5892 	if (ath12k_pull_pdev_bss_chan_info_ev(ab, skb, &bss_ch_info_ev) != 0) {
5893 		ath12k_warn(ab, "failed to extract pdev bss chan info event");
5894 		return;
5895 	}
5896 
5897 	busy = (u64)(le32_to_cpu(bss_ch_info_ev.rx_clear_count_high)) << 32 |
5898 		le32_to_cpu(bss_ch_info_ev.rx_clear_count_low);
5899 
5900 	total = (u64)(le32_to_cpu(bss_ch_info_ev.cycle_count_high)) << 32 |
5901 		le32_to_cpu(bss_ch_info_ev.cycle_count_low);
5902 
5903 	tx = (u64)(le32_to_cpu(bss_ch_info_ev.tx_cycle_count_high)) << 32 |
5904 		le32_to_cpu(bss_ch_info_ev.tx_cycle_count_low);
5905 
5906 	rx = (u64)(le32_to_cpu(bss_ch_info_ev.rx_cycle_count_high)) << 32 |
5907 		le32_to_cpu(bss_ch_info_ev.rx_cycle_count_low);
5908 
5909 	rx_bss = (u64)(le32_to_cpu(bss_ch_info_ev.rx_bss_cycle_count_high)) << 32 |
5910 		le32_to_cpu(bss_ch_info_ev.rx_bss_cycle_count_low);
5911 
5912 	ath12k_dbg(ab, ATH12K_DBG_WMI,
5913 		   "pdev bss chan info:\n pdev_id: %d freq: %d noise: %d cycle: busy %llu total %llu tx %llu rx %llu rx_bss %llu\n",
5914 		   bss_ch_info_ev.pdev_id, bss_ch_info_ev.freq,
5915 		   bss_ch_info_ev.noise_floor, busy, total,
5916 		   tx, rx, rx_bss);
5917 
5918 	rcu_read_lock();
5919 	ar = ath12k_mac_get_ar_by_pdev_id(ab, le32_to_cpu(bss_ch_info_ev.pdev_id));
5920 
5921 	if (!ar) {
5922 		ath12k_warn(ab, "invalid pdev id %d in bss_chan_info event\n",
5923 			    bss_ch_info_ev.pdev_id);
5924 		rcu_read_unlock();
5925 		return;
5926 	}
5927 
5928 	spin_lock_bh(&ar->data_lock);
5929 	idx = freq_to_idx(ar, le32_to_cpu(bss_ch_info_ev.freq));
5930 	if (idx >= ARRAY_SIZE(ar->survey)) {
5931 		ath12k_warn(ab, "bss chan info: invalid frequency %d (idx %d out of bounds)\n",
5932 			    bss_ch_info_ev.freq, idx);
5933 		goto exit;
5934 	}
5935 
5936 	survey = &ar->survey[idx];
5937 
5938 	survey->noise     = le32_to_cpu(bss_ch_info_ev.noise_floor);
5939 	survey->time      = div_u64(total, cc_freq_hz);
5940 	survey->time_busy = div_u64(busy, cc_freq_hz);
5941 	survey->time_rx   = div_u64(rx_bss, cc_freq_hz);
5942 	survey->time_tx   = div_u64(tx, cc_freq_hz);
5943 	survey->filled   |= (SURVEY_INFO_NOISE_DBM |
5944 			     SURVEY_INFO_TIME |
5945 			     SURVEY_INFO_TIME_BUSY |
5946 			     SURVEY_INFO_TIME_RX |
5947 			     SURVEY_INFO_TIME_TX);
5948 exit:
5949 	spin_unlock_bh(&ar->data_lock);
5950 	complete(&ar->bss_survey_done);
5951 
5952 	rcu_read_unlock();
5953 }
5954 
5955 static void ath12k_vdev_install_key_compl_event(struct ath12k_base *ab,
5956 						struct sk_buff *skb)
5957 {
5958 	struct wmi_vdev_install_key_complete_arg install_key_compl = {0};
5959 	struct ath12k *ar;
5960 
5961 	if (ath12k_pull_vdev_install_key_compl_ev(ab, skb, &install_key_compl) != 0) {
5962 		ath12k_warn(ab, "failed to extract install key compl event");
5963 		return;
5964 	}
5965 
5966 	ath12k_dbg(ab, ATH12K_DBG_WMI,
5967 		   "vdev install key ev idx %d flags %08x macaddr %pM status %d\n",
5968 		   install_key_compl.key_idx, install_key_compl.key_flags,
5969 		   install_key_compl.macaddr, install_key_compl.status);
5970 
5971 	rcu_read_lock();
5972 	ar = ath12k_mac_get_ar_by_vdev_id(ab, install_key_compl.vdev_id);
5973 	if (!ar) {
5974 		ath12k_warn(ab, "invalid vdev id in install key compl ev %d",
5975 			    install_key_compl.vdev_id);
5976 		rcu_read_unlock();
5977 		return;
5978 	}
5979 
5980 	ar->install_key_status = 0;
5981 
5982 	if (install_key_compl.status != WMI_VDEV_INSTALL_KEY_COMPL_STATUS_SUCCESS) {
5983 		ath12k_warn(ab, "install key failed for %pM status %d\n",
5984 			    install_key_compl.macaddr, install_key_compl.status);
5985 		ar->install_key_status = install_key_compl.status;
5986 	}
5987 
5988 	complete(&ar->install_key_done);
5989 	rcu_read_unlock();
5990 }
5991 
5992 static int ath12k_wmi_tlv_services_parser(struct ath12k_base *ab,
5993 					  u16 tag, u16 len,
5994 					  const void *ptr,
5995 					  void *data)
5996 {
5997 	const struct wmi_service_available_event *ev;
5998 	u32 *wmi_ext2_service_bitmap;
5999 	int i, j;
6000 	u16 expected_len;
6001 
6002 	expected_len = WMI_SERVICE_SEGMENT_BM_SIZE32 * sizeof(u32);
6003 	if (len < expected_len) {
6004 		ath12k_warn(ab, "invalid length %d for the WMI services available tag 0x%x\n",
6005 			    len, tag);
6006 		return -EINVAL;
6007 	}
6008 
6009 	switch (tag) {
6010 	case WMI_TAG_SERVICE_AVAILABLE_EVENT:
6011 		ev = (struct wmi_service_available_event *)ptr;
6012 		for (i = 0, j = WMI_MAX_SERVICE;
6013 		     i < WMI_SERVICE_SEGMENT_BM_SIZE32 && j < WMI_MAX_EXT_SERVICE;
6014 		     i++) {
6015 			do {
6016 				if (le32_to_cpu(ev->wmi_service_segment_bitmap[i]) &
6017 				    BIT(j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32))
6018 					set_bit(j, ab->wmi_ab.svc_map);
6019 			} while (++j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32);
6020 		}
6021 
6022 		ath12k_dbg(ab, ATH12K_DBG_WMI,
6023 			   "wmi_ext_service_bitmap 0x%x 0x%x 0x%x 0x%x",
6024 			   ev->wmi_service_segment_bitmap[0],
6025 			   ev->wmi_service_segment_bitmap[1],
6026 			   ev->wmi_service_segment_bitmap[2],
6027 			   ev->wmi_service_segment_bitmap[3]);
6028 		break;
6029 	case WMI_TAG_ARRAY_UINT32:
6030 		wmi_ext2_service_bitmap = (u32 *)ptr;
6031 		for (i = 0, j = WMI_MAX_EXT_SERVICE;
6032 		     i < WMI_SERVICE_SEGMENT_BM_SIZE32 && j < WMI_MAX_EXT2_SERVICE;
6033 		     i++) {
6034 			do {
6035 				if (wmi_ext2_service_bitmap[i] &
6036 				    BIT(j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32))
6037 					set_bit(j, ab->wmi_ab.svc_map);
6038 			} while (++j % WMI_AVAIL_SERVICE_BITS_IN_SIZE32);
6039 		}
6040 
6041 		ath12k_dbg(ab, ATH12K_DBG_WMI,
6042 			   "wmi_ext2_service_bitmap 0x%04x 0x%04x 0x%04x 0x%04x",
6043 			   wmi_ext2_service_bitmap[0], wmi_ext2_service_bitmap[1],
6044 			   wmi_ext2_service_bitmap[2], wmi_ext2_service_bitmap[3]);
6045 		break;
6046 	}
6047 	return 0;
6048 }
6049 
6050 static int ath12k_service_available_event(struct ath12k_base *ab, struct sk_buff *skb)
6051 {
6052 	int ret;
6053 
6054 	ret = ath12k_wmi_tlv_iter(ab, skb->data, skb->len,
6055 				  ath12k_wmi_tlv_services_parser,
6056 				  NULL);
6057 	return ret;
6058 }
6059 
6060 static void ath12k_peer_assoc_conf_event(struct ath12k_base *ab, struct sk_buff *skb)
6061 {
6062 	struct wmi_peer_assoc_conf_arg peer_assoc_conf = {0};
6063 	struct ath12k *ar;
6064 
6065 	if (ath12k_pull_peer_assoc_conf_ev(ab, skb, &peer_assoc_conf) != 0) {
6066 		ath12k_warn(ab, "failed to extract peer assoc conf event");
6067 		return;
6068 	}
6069 
6070 	ath12k_dbg(ab, ATH12K_DBG_WMI,
6071 		   "peer assoc conf ev vdev id %d macaddr %pM\n",
6072 		   peer_assoc_conf.vdev_id, peer_assoc_conf.macaddr);
6073 
6074 	rcu_read_lock();
6075 	ar = ath12k_mac_get_ar_by_vdev_id(ab, peer_assoc_conf.vdev_id);
6076 
6077 	if (!ar) {
6078 		ath12k_warn(ab, "invalid vdev id in peer assoc conf ev %d",
6079 			    peer_assoc_conf.vdev_id);
6080 		rcu_read_unlock();
6081 		return;
6082 	}
6083 
6084 	complete(&ar->peer_assoc_done);
6085 	rcu_read_unlock();
6086 }
6087 
6088 static void ath12k_update_stats_event(struct ath12k_base *ab, struct sk_buff *skb)
6089 {
6090 }
6091 
6092 /* PDEV_CTL_FAILSAFE_CHECK_EVENT is received from FW when the frequency scanned
6093  * is not part of BDF CTL(Conformance test limits) table entries.
6094  */
6095 static void ath12k_pdev_ctl_failsafe_check_event(struct ath12k_base *ab,
6096 						 struct sk_buff *skb)
6097 {
6098 	const void **tb;
6099 	const struct wmi_pdev_ctl_failsafe_chk_event *ev;
6100 	int ret;
6101 
6102 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6103 	if (IS_ERR(tb)) {
6104 		ret = PTR_ERR(tb);
6105 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
6106 		return;
6107 	}
6108 
6109 	ev = tb[WMI_TAG_PDEV_CTL_FAILSAFE_CHECK_EVENT];
6110 	if (!ev) {
6111 		ath12k_warn(ab, "failed to fetch pdev ctl failsafe check ev");
6112 		kfree(tb);
6113 		return;
6114 	}
6115 
6116 	ath12k_dbg(ab, ATH12K_DBG_WMI,
6117 		   "pdev ctl failsafe check ev status %d\n",
6118 		   ev->ctl_failsafe_status);
6119 
6120 	/* If ctl_failsafe_status is set to 1 FW will max out the Transmit power
6121 	 * to 10 dBm else the CTL power entry in the BDF would be picked up.
6122 	 */
6123 	if (ev->ctl_failsafe_status != 0)
6124 		ath12k_warn(ab, "pdev ctl failsafe failure status %d",
6125 			    ev->ctl_failsafe_status);
6126 
6127 	kfree(tb);
6128 }
6129 
6130 static void
6131 ath12k_wmi_process_csa_switch_count_event(struct ath12k_base *ab,
6132 					  const struct ath12k_wmi_pdev_csa_event *ev,
6133 					  const u32 *vdev_ids)
6134 {
6135 	int i;
6136 	struct ath12k_vif *arvif;
6137 
6138 	/* Finish CSA once the switch count becomes NULL */
6139 	if (ev->current_switch_count)
6140 		return;
6141 
6142 	rcu_read_lock();
6143 	for (i = 0; i < le32_to_cpu(ev->num_vdevs); i++) {
6144 		arvif = ath12k_mac_get_arvif_by_vdev_id(ab, vdev_ids[i]);
6145 
6146 		if (!arvif) {
6147 			ath12k_warn(ab, "Recvd csa status for unknown vdev %d",
6148 				    vdev_ids[i]);
6149 			continue;
6150 		}
6151 
6152 		if (arvif->is_up && arvif->vif->bss_conf.csa_active)
6153 			ieee80211_csa_finish(arvif->vif);
6154 	}
6155 	rcu_read_unlock();
6156 }
6157 
6158 static void
6159 ath12k_wmi_pdev_csa_switch_count_status_event(struct ath12k_base *ab,
6160 					      struct sk_buff *skb)
6161 {
6162 	const void **tb;
6163 	const struct ath12k_wmi_pdev_csa_event *ev;
6164 	const u32 *vdev_ids;
6165 	int ret;
6166 
6167 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6168 	if (IS_ERR(tb)) {
6169 		ret = PTR_ERR(tb);
6170 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
6171 		return;
6172 	}
6173 
6174 	ev = tb[WMI_TAG_PDEV_CSA_SWITCH_COUNT_STATUS_EVENT];
6175 	vdev_ids = tb[WMI_TAG_ARRAY_UINT32];
6176 
6177 	if (!ev || !vdev_ids) {
6178 		ath12k_warn(ab, "failed to fetch pdev csa switch count ev");
6179 		kfree(tb);
6180 		return;
6181 	}
6182 
6183 	ath12k_dbg(ab, ATH12K_DBG_WMI,
6184 		   "pdev csa switch count %d for pdev %d, num_vdevs %d",
6185 		   ev->current_switch_count, ev->pdev_id,
6186 		   ev->num_vdevs);
6187 
6188 	ath12k_wmi_process_csa_switch_count_event(ab, ev, vdev_ids);
6189 
6190 	kfree(tb);
6191 }
6192 
6193 static void
6194 ath12k_wmi_pdev_dfs_radar_detected_event(struct ath12k_base *ab, struct sk_buff *skb)
6195 {
6196 	const void **tb;
6197 	const struct ath12k_wmi_pdev_radar_event *ev;
6198 	struct ath12k *ar;
6199 	int ret;
6200 
6201 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6202 	if (IS_ERR(tb)) {
6203 		ret = PTR_ERR(tb);
6204 		ath12k_warn(ab, "failed to parse tlv: %d\n", ret);
6205 		return;
6206 	}
6207 
6208 	ev = tb[WMI_TAG_PDEV_DFS_RADAR_DETECTION_EVENT];
6209 
6210 	if (!ev) {
6211 		ath12k_warn(ab, "failed to fetch pdev dfs radar detected ev");
6212 		kfree(tb);
6213 		return;
6214 	}
6215 
6216 	ath12k_dbg(ab, ATH12K_DBG_WMI,
6217 		   "pdev dfs radar detected on pdev %d, detection mode %d, chan freq %d, chan_width %d, detector id %d, seg id %d, timestamp %d, chirp %d, freq offset %d, sidx %d",
6218 		   ev->pdev_id, ev->detection_mode, ev->chan_freq, ev->chan_width,
6219 		   ev->detector_id, ev->segment_id, ev->timestamp, ev->is_chirp,
6220 		   ev->freq_offset, ev->sidx);
6221 
6222 	ar = ath12k_mac_get_ar_by_pdev_id(ab, le32_to_cpu(ev->pdev_id));
6223 
6224 	if (!ar) {
6225 		ath12k_warn(ab, "radar detected in invalid pdev %d\n",
6226 			    ev->pdev_id);
6227 		goto exit;
6228 	}
6229 
6230 	ath12k_dbg(ar->ab, ATH12K_DBG_REG, "DFS Radar Detected in pdev %d\n",
6231 		   ev->pdev_id);
6232 
6233 	if (ar->dfs_block_radar_events)
6234 		ath12k_info(ab, "DFS Radar detected, but ignored as requested\n");
6235 	else
6236 		ieee80211_radar_detected(ar->hw);
6237 
6238 exit:
6239 	kfree(tb);
6240 }
6241 
6242 static void
6243 ath12k_wmi_pdev_temperature_event(struct ath12k_base *ab,
6244 				  struct sk_buff *skb)
6245 {
6246 	struct ath12k *ar;
6247 	struct wmi_pdev_temperature_event ev = {0};
6248 
6249 	if (ath12k_pull_pdev_temp_ev(ab, skb->data, skb->len, &ev) != 0) {
6250 		ath12k_warn(ab, "failed to extract pdev temperature event");
6251 		return;
6252 	}
6253 
6254 	ath12k_dbg(ab, ATH12K_DBG_WMI,
6255 		   "pdev temperature ev temp %d pdev_id %d\n", ev.temp, ev.pdev_id);
6256 
6257 	ar = ath12k_mac_get_ar_by_pdev_id(ab, le32_to_cpu(ev.pdev_id));
6258 	if (!ar) {
6259 		ath12k_warn(ab, "invalid pdev id in pdev temperature ev %d", ev.pdev_id);
6260 		return;
6261 	}
6262 }
6263 
6264 static void ath12k_fils_discovery_event(struct ath12k_base *ab,
6265 					struct sk_buff *skb)
6266 {
6267 	const void **tb;
6268 	const struct wmi_fils_discovery_event *ev;
6269 	int ret;
6270 
6271 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6272 	if (IS_ERR(tb)) {
6273 		ret = PTR_ERR(tb);
6274 		ath12k_warn(ab,
6275 			    "failed to parse FILS discovery event tlv %d\n",
6276 			    ret);
6277 		return;
6278 	}
6279 
6280 	ev = tb[WMI_TAG_HOST_SWFDA_EVENT];
6281 	if (!ev) {
6282 		ath12k_warn(ab, "failed to fetch FILS discovery event\n");
6283 		kfree(tb);
6284 		return;
6285 	}
6286 
6287 	ath12k_warn(ab,
6288 		    "FILS discovery frame expected from host for vdev_id: %u, transmission scheduled at %u, next TBTT: %u\n",
6289 		    ev->vdev_id, ev->fils_tt, ev->tbtt);
6290 
6291 	kfree(tb);
6292 }
6293 
6294 static void ath12k_probe_resp_tx_status_event(struct ath12k_base *ab,
6295 					      struct sk_buff *skb)
6296 {
6297 	const void **tb;
6298 	const struct wmi_probe_resp_tx_status_event *ev;
6299 	int ret;
6300 
6301 	tb = ath12k_wmi_tlv_parse_alloc(ab, skb->data, skb->len, GFP_ATOMIC);
6302 	if (IS_ERR(tb)) {
6303 		ret = PTR_ERR(tb);
6304 		ath12k_warn(ab,
6305 			    "failed to parse probe response transmission status event tlv: %d\n",
6306 			    ret);
6307 		return;
6308 	}
6309 
6310 	ev = tb[WMI_TAG_OFFLOAD_PRB_RSP_TX_STATUS_EVENT];
6311 	if (!ev) {
6312 		ath12k_warn(ab,
6313 			    "failed to fetch probe response transmission status event");
6314 		kfree(tb);
6315 		return;
6316 	}
6317 
6318 	if (ev->tx_status)
6319 		ath12k_warn(ab,
6320 			    "Probe response transmission failed for vdev_id %u, status %u\n",
6321 			    ev->vdev_id, ev->tx_status);
6322 
6323 	kfree(tb);
6324 }
6325 
6326 static void ath12k_wmi_op_rx(struct ath12k_base *ab, struct sk_buff *skb)
6327 {
6328 	struct wmi_cmd_hdr *cmd_hdr;
6329 	enum wmi_tlv_event_id id;
6330 
6331 	cmd_hdr = (struct wmi_cmd_hdr *)skb->data;
6332 	id = le32_get_bits(cmd_hdr->cmd_id, WMI_CMD_HDR_CMD_ID);
6333 
6334 	if (!skb_pull(skb, sizeof(struct wmi_cmd_hdr)))
6335 		goto out;
6336 
6337 	switch (id) {
6338 		/* Process all the WMI events here */
6339 	case WMI_SERVICE_READY_EVENTID:
6340 		ath12k_service_ready_event(ab, skb);
6341 		break;
6342 	case WMI_SERVICE_READY_EXT_EVENTID:
6343 		ath12k_service_ready_ext_event(ab, skb);
6344 		break;
6345 	case WMI_SERVICE_READY_EXT2_EVENTID:
6346 		ath12k_service_ready_ext2_event(ab, skb);
6347 		break;
6348 	case WMI_REG_CHAN_LIST_CC_EXT_EVENTID:
6349 		ath12k_reg_chan_list_event(ab, skb);
6350 		break;
6351 	case WMI_READY_EVENTID:
6352 		ath12k_ready_event(ab, skb);
6353 		break;
6354 	case WMI_PEER_DELETE_RESP_EVENTID:
6355 		ath12k_peer_delete_resp_event(ab, skb);
6356 		break;
6357 	case WMI_VDEV_START_RESP_EVENTID:
6358 		ath12k_vdev_start_resp_event(ab, skb);
6359 		break;
6360 	case WMI_OFFLOAD_BCN_TX_STATUS_EVENTID:
6361 		ath12k_bcn_tx_status_event(ab, skb);
6362 		break;
6363 	case WMI_VDEV_STOPPED_EVENTID:
6364 		ath12k_vdev_stopped_event(ab, skb);
6365 		break;
6366 	case WMI_MGMT_RX_EVENTID:
6367 		ath12k_mgmt_rx_event(ab, skb);
6368 		/* mgmt_rx_event() owns the skb now! */
6369 		return;
6370 	case WMI_MGMT_TX_COMPLETION_EVENTID:
6371 		ath12k_mgmt_tx_compl_event(ab, skb);
6372 		break;
6373 	case WMI_SCAN_EVENTID:
6374 		ath12k_scan_event(ab, skb);
6375 		break;
6376 	case WMI_PEER_STA_KICKOUT_EVENTID:
6377 		ath12k_peer_sta_kickout_event(ab, skb);
6378 		break;
6379 	case WMI_ROAM_EVENTID:
6380 		ath12k_roam_event(ab, skb);
6381 		break;
6382 	case WMI_CHAN_INFO_EVENTID:
6383 		ath12k_chan_info_event(ab, skb);
6384 		break;
6385 	case WMI_PDEV_BSS_CHAN_INFO_EVENTID:
6386 		ath12k_pdev_bss_chan_info_event(ab, skb);
6387 		break;
6388 	case WMI_VDEV_INSTALL_KEY_COMPLETE_EVENTID:
6389 		ath12k_vdev_install_key_compl_event(ab, skb);
6390 		break;
6391 	case WMI_SERVICE_AVAILABLE_EVENTID:
6392 		ath12k_service_available_event(ab, skb);
6393 		break;
6394 	case WMI_PEER_ASSOC_CONF_EVENTID:
6395 		ath12k_peer_assoc_conf_event(ab, skb);
6396 		break;
6397 	case WMI_UPDATE_STATS_EVENTID:
6398 		ath12k_update_stats_event(ab, skb);
6399 		break;
6400 	case WMI_PDEV_CTL_FAILSAFE_CHECK_EVENTID:
6401 		ath12k_pdev_ctl_failsafe_check_event(ab, skb);
6402 		break;
6403 	case WMI_PDEV_CSA_SWITCH_COUNT_STATUS_EVENTID:
6404 		ath12k_wmi_pdev_csa_switch_count_status_event(ab, skb);
6405 		break;
6406 	case WMI_PDEV_TEMPERATURE_EVENTID:
6407 		ath12k_wmi_pdev_temperature_event(ab, skb);
6408 		break;
6409 	case WMI_PDEV_DMA_RING_BUF_RELEASE_EVENTID:
6410 		ath12k_wmi_pdev_dma_ring_buf_release_event(ab, skb);
6411 		break;
6412 	case WMI_HOST_FILS_DISCOVERY_EVENTID:
6413 		ath12k_fils_discovery_event(ab, skb);
6414 		break;
6415 	case WMI_OFFLOAD_PROB_RESP_TX_STATUS_EVENTID:
6416 		ath12k_probe_resp_tx_status_event(ab, skb);
6417 		break;
6418 	/* add Unsupported events here */
6419 	case WMI_TBTTOFFSET_EXT_UPDATE_EVENTID:
6420 	case WMI_PEER_OPER_MODE_CHANGE_EVENTID:
6421 	case WMI_TWT_ENABLE_EVENTID:
6422 	case WMI_TWT_DISABLE_EVENTID:
6423 	case WMI_PDEV_DMA_RING_CFG_RSP_EVENTID:
6424 		ath12k_dbg(ab, ATH12K_DBG_WMI,
6425 			   "ignoring unsupported event 0x%x\n", id);
6426 		break;
6427 	case WMI_PDEV_DFS_RADAR_DETECTION_EVENTID:
6428 		ath12k_wmi_pdev_dfs_radar_detected_event(ab, skb);
6429 		break;
6430 	case WMI_VDEV_DELETE_RESP_EVENTID:
6431 		ath12k_vdev_delete_resp_event(ab, skb);
6432 		break;
6433 	/* TODO: Add remaining events */
6434 	default:
6435 		ath12k_dbg(ab, ATH12K_DBG_WMI, "Unknown eventid: 0x%x\n", id);
6436 		break;
6437 	}
6438 
6439 out:
6440 	dev_kfree_skb(skb);
6441 }
6442 
6443 static int ath12k_connect_pdev_htc_service(struct ath12k_base *ab,
6444 					   u32 pdev_idx)
6445 {
6446 	int status;
6447 	u32 svc_id[] = { ATH12K_HTC_SVC_ID_WMI_CONTROL,
6448 			 ATH12K_HTC_SVC_ID_WMI_CONTROL_MAC1,
6449 			 ATH12K_HTC_SVC_ID_WMI_CONTROL_MAC2 };
6450 	struct ath12k_htc_svc_conn_req conn_req = {};
6451 	struct ath12k_htc_svc_conn_resp conn_resp = {};
6452 
6453 	/* these fields are the same for all service endpoints */
6454 	conn_req.ep_ops.ep_tx_complete = ath12k_wmi_htc_tx_complete;
6455 	conn_req.ep_ops.ep_rx_complete = ath12k_wmi_op_rx;
6456 	conn_req.ep_ops.ep_tx_credits = ath12k_wmi_op_ep_tx_credits;
6457 
6458 	/* connect to control service */
6459 	conn_req.service_id = svc_id[pdev_idx];
6460 
6461 	status = ath12k_htc_connect_service(&ab->htc, &conn_req, &conn_resp);
6462 	if (status) {
6463 		ath12k_warn(ab, "failed to connect to WMI CONTROL service status: %d\n",
6464 			    status);
6465 		return status;
6466 	}
6467 
6468 	ab->wmi_ab.wmi_endpoint_id[pdev_idx] = conn_resp.eid;
6469 	ab->wmi_ab.wmi[pdev_idx].eid = conn_resp.eid;
6470 	ab->wmi_ab.max_msg_len[pdev_idx] = conn_resp.max_msg_len;
6471 
6472 	return 0;
6473 }
6474 
6475 static int
6476 ath12k_wmi_send_unit_test_cmd(struct ath12k *ar,
6477 			      struct wmi_unit_test_cmd ut_cmd,
6478 			      u32 *test_args)
6479 {
6480 	struct ath12k_wmi_pdev *wmi = ar->wmi;
6481 	struct wmi_unit_test_cmd *cmd;
6482 	struct sk_buff *skb;
6483 	struct wmi_tlv *tlv;
6484 	void *ptr;
6485 	u32 *ut_cmd_args;
6486 	int buf_len, arg_len;
6487 	int ret;
6488 	int i;
6489 
6490 	arg_len = sizeof(u32) * le32_to_cpu(ut_cmd.num_args);
6491 	buf_len = sizeof(ut_cmd) + arg_len + TLV_HDR_SIZE;
6492 
6493 	skb = ath12k_wmi_alloc_skb(wmi->wmi_ab, buf_len);
6494 	if (!skb)
6495 		return -ENOMEM;
6496 
6497 	cmd = (struct wmi_unit_test_cmd *)skb->data;
6498 	cmd->tlv_header = ath12k_wmi_tlv_cmd_hdr(WMI_TAG_UNIT_TEST_CMD,
6499 						 sizeof(ut_cmd));
6500 
6501 	cmd->vdev_id = ut_cmd.vdev_id;
6502 	cmd->module_id = ut_cmd.module_id;
6503 	cmd->num_args = ut_cmd.num_args;
6504 	cmd->diag_token = ut_cmd.diag_token;
6505 
6506 	ptr = skb->data + sizeof(ut_cmd);
6507 
6508 	tlv = ptr;
6509 	tlv->header = ath12k_wmi_tlv_hdr(WMI_TAG_ARRAY_UINT32, arg_len);
6510 
6511 	ptr += TLV_HDR_SIZE;
6512 
6513 	ut_cmd_args = ptr;
6514 	for (i = 0; i < le32_to_cpu(ut_cmd.num_args); i++)
6515 		ut_cmd_args[i] = test_args[i];
6516 
6517 	ath12k_dbg(ar->ab, ATH12K_DBG_WMI,
6518 		   "WMI unit test : module %d vdev %d n_args %d token %d\n",
6519 		   cmd->module_id, cmd->vdev_id, cmd->num_args,
6520 		   cmd->diag_token);
6521 
6522 	ret = ath12k_wmi_cmd_send(wmi, skb, WMI_UNIT_TEST_CMDID);
6523 
6524 	if (ret) {
6525 		ath12k_warn(ar->ab, "failed to send WMI_UNIT_TEST CMD :%d\n",
6526 			    ret);
6527 		dev_kfree_skb(skb);
6528 	}
6529 
6530 	return ret;
6531 }
6532 
6533 int ath12k_wmi_simulate_radar(struct ath12k *ar)
6534 {
6535 	struct ath12k_vif *arvif;
6536 	u32 dfs_args[DFS_MAX_TEST_ARGS];
6537 	struct wmi_unit_test_cmd wmi_ut;
6538 	bool arvif_found = false;
6539 
6540 	list_for_each_entry(arvif, &ar->arvifs, list) {
6541 		if (arvif->is_started && arvif->vdev_type == WMI_VDEV_TYPE_AP) {
6542 			arvif_found = true;
6543 			break;
6544 		}
6545 	}
6546 
6547 	if (!arvif_found)
6548 		return -EINVAL;
6549 
6550 	dfs_args[DFS_TEST_CMDID] = 0;
6551 	dfs_args[DFS_TEST_PDEV_ID] = ar->pdev->pdev_id;
6552 	/* Currently we could pass segment_id(b0 - b1), chirp(b2)
6553 	 * freq offset (b3 - b10) to unit test. For simulation
6554 	 * purpose this can be set to 0 which is valid.
6555 	 */
6556 	dfs_args[DFS_TEST_RADAR_PARAM] = 0;
6557 
6558 	wmi_ut.vdev_id = cpu_to_le32(arvif->vdev_id);
6559 	wmi_ut.module_id = cpu_to_le32(DFS_UNIT_TEST_MODULE);
6560 	wmi_ut.num_args = cpu_to_le32(DFS_MAX_TEST_ARGS);
6561 	wmi_ut.diag_token = cpu_to_le32(DFS_UNIT_TEST_TOKEN);
6562 
6563 	ath12k_dbg(ar->ab, ATH12K_DBG_REG, "Triggering Radar Simulation\n");
6564 
6565 	return ath12k_wmi_send_unit_test_cmd(ar, wmi_ut, dfs_args);
6566 }
6567 
6568 int ath12k_wmi_connect(struct ath12k_base *ab)
6569 {
6570 	u32 i;
6571 	u8 wmi_ep_count;
6572 
6573 	wmi_ep_count = ab->htc.wmi_ep_count;
6574 	if (wmi_ep_count > ab->hw_params->max_radios)
6575 		return -1;
6576 
6577 	for (i = 0; i < wmi_ep_count; i++)
6578 		ath12k_connect_pdev_htc_service(ab, i);
6579 
6580 	return 0;
6581 }
6582 
6583 static void ath12k_wmi_pdev_detach(struct ath12k_base *ab, u8 pdev_id)
6584 {
6585 	if (WARN_ON(pdev_id >= MAX_RADIOS))
6586 		return;
6587 
6588 	/* TODO: Deinit any pdev specific wmi resource */
6589 }
6590 
6591 int ath12k_wmi_pdev_attach(struct ath12k_base *ab,
6592 			   u8 pdev_id)
6593 {
6594 	struct ath12k_wmi_pdev *wmi_handle;
6595 
6596 	if (pdev_id >= ab->hw_params->max_radios)
6597 		return -EINVAL;
6598 
6599 	wmi_handle = &ab->wmi_ab.wmi[pdev_id];
6600 
6601 	wmi_handle->wmi_ab = &ab->wmi_ab;
6602 
6603 	ab->wmi_ab.ab = ab;
6604 	/* TODO: Init remaining resource specific to pdev */
6605 
6606 	return 0;
6607 }
6608 
6609 int ath12k_wmi_attach(struct ath12k_base *ab)
6610 {
6611 	int ret;
6612 
6613 	ret = ath12k_wmi_pdev_attach(ab, 0);
6614 	if (ret)
6615 		return ret;
6616 
6617 	ab->wmi_ab.ab = ab;
6618 	ab->wmi_ab.preferred_hw_mode = WMI_HOST_HW_MODE_MAX;
6619 
6620 	/* It's overwritten when service_ext_ready is handled */
6621 	if (ab->hw_params->single_pdev_only)
6622 		ab->wmi_ab.preferred_hw_mode = WMI_HOST_HW_MODE_SINGLE;
6623 
6624 	/* TODO: Init remaining wmi soc resources required */
6625 	init_completion(&ab->wmi_ab.service_ready);
6626 	init_completion(&ab->wmi_ab.unified_ready);
6627 
6628 	return 0;
6629 }
6630 
6631 void ath12k_wmi_detach(struct ath12k_base *ab)
6632 {
6633 	int i;
6634 
6635 	/* TODO: Deinit wmi resource specific to SOC as required */
6636 
6637 	for (i = 0; i < ab->htc.wmi_ep_count; i++)
6638 		ath12k_wmi_pdev_detach(ab, i);
6639 
6640 	ath12k_wmi_free_dbring_caps(ab);
6641 }
6642