1 /*
2  * Copyright (c) 2012-2017 Qualcomm Atheros, Inc.
3  * Copyright (c) 2018-2019, The Linux Foundation. All rights reserved.
4  *
5  * Permission to use, copy, modify, and/or distribute this software for any
6  * purpose with or without fee is hereby granted, provided that the above
7  * copyright notice and this permission notice appear in all copies.
8  *
9  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16  */
17 
18 #include <linux/moduleparam.h>
19 #include <linux/if_arp.h>
20 #include <linux/etherdevice.h>
21 #include <linux/rtnetlink.h>
22 
23 #include "wil6210.h"
24 #include "txrx.h"
25 #include "txrx_edma.h"
26 #include "wmi.h"
27 #include "boot_loader.h"
28 
29 #define WAIT_FOR_HALP_VOTE_MS 100
30 #define WAIT_FOR_SCAN_ABORT_MS 1000
31 #define WIL_DEFAULT_NUM_RX_STATUS_RINGS 1
32 #define WIL_BOARD_FILE_MAX_NAMELEN 128
33 
34 bool debug_fw; /* = false; */
35 module_param(debug_fw, bool, 0444);
36 MODULE_PARM_DESC(debug_fw, " do not perform card reset. For FW debug");
37 
38 static u8 oob_mode;
39 module_param(oob_mode, byte, 0444);
40 MODULE_PARM_DESC(oob_mode,
41 		 " enable out of the box (OOB) mode in FW, for diagnostics and certification");
42 
43 bool no_fw_recovery;
44 module_param(no_fw_recovery, bool, 0644);
45 MODULE_PARM_DESC(no_fw_recovery, " disable automatic FW error recovery");
46 
47 /* if not set via modparam, will be set to default value of 1/8 of
48  * rx ring size during init flow
49  */
50 unsigned short rx_ring_overflow_thrsh = WIL6210_RX_HIGH_TRSH_INIT;
51 module_param(rx_ring_overflow_thrsh, ushort, 0444);
52 MODULE_PARM_DESC(rx_ring_overflow_thrsh,
53 		 " RX ring overflow threshold in descriptors.");
54 
55 /* We allow allocation of more than 1 page buffers to support large packets.
56  * It is suboptimal behavior performance wise in case MTU above page size.
57  */
58 unsigned int mtu_max = TXRX_BUF_LEN_DEFAULT - WIL_MAX_MPDU_OVERHEAD;
59 static int mtu_max_set(const char *val, const struct kernel_param *kp)
60 {
61 	int ret;
62 
63 	/* sets mtu_max directly. no need to restore it in case of
64 	 * illegal value since we assume this will fail insmod
65 	 */
66 	ret = param_set_uint(val, kp);
67 	if (ret)
68 		return ret;
69 
70 	if (mtu_max < 68 || mtu_max > WIL_MAX_ETH_MTU)
71 		ret = -EINVAL;
72 
73 	return ret;
74 }
75 
76 static const struct kernel_param_ops mtu_max_ops = {
77 	.set = mtu_max_set,
78 	.get = param_get_uint,
79 };
80 
81 module_param_cb(mtu_max, &mtu_max_ops, &mtu_max, 0444);
82 MODULE_PARM_DESC(mtu_max, " Max MTU value.");
83 
84 static uint rx_ring_order;
85 static uint tx_ring_order = WIL_TX_RING_SIZE_ORDER_DEFAULT;
86 static uint bcast_ring_order = WIL_BCAST_RING_SIZE_ORDER_DEFAULT;
87 
88 static int ring_order_set(const char *val, const struct kernel_param *kp)
89 {
90 	int ret;
91 	uint x;
92 
93 	ret = kstrtouint(val, 0, &x);
94 	if (ret)
95 		return ret;
96 
97 	if ((x < WIL_RING_SIZE_ORDER_MIN) || (x > WIL_RING_SIZE_ORDER_MAX))
98 		return -EINVAL;
99 
100 	*((uint *)kp->arg) = x;
101 
102 	return 0;
103 }
104 
105 static const struct kernel_param_ops ring_order_ops = {
106 	.set = ring_order_set,
107 	.get = param_get_uint,
108 };
109 
110 module_param_cb(rx_ring_order, &ring_order_ops, &rx_ring_order, 0444);
111 MODULE_PARM_DESC(rx_ring_order, " Rx ring order; size = 1 << order");
112 module_param_cb(tx_ring_order, &ring_order_ops, &tx_ring_order, 0444);
113 MODULE_PARM_DESC(tx_ring_order, " Tx ring order; size = 1 << order");
114 module_param_cb(bcast_ring_order, &ring_order_ops, &bcast_ring_order, 0444);
115 MODULE_PARM_DESC(bcast_ring_order, " Bcast ring order; size = 1 << order");
116 
117 enum {
118 	WIL_BOOT_ERR,
119 	WIL_BOOT_VANILLA,
120 	WIL_BOOT_PRODUCTION,
121 	WIL_BOOT_DEVELOPMENT,
122 };
123 
124 enum {
125 	WIL_SIG_STATUS_VANILLA = 0x0,
126 	WIL_SIG_STATUS_DEVELOPMENT = 0x1,
127 	WIL_SIG_STATUS_PRODUCTION = 0x2,
128 	WIL_SIG_STATUS_CORRUPTED_PRODUCTION = 0x3,
129 };
130 
131 #define RST_DELAY (20) /* msec, for loop in @wil_wait_device_ready */
132 #define RST_COUNT (1 + 1000/RST_DELAY) /* round up to be above 1 sec total */
133 
134 #define PMU_READY_DELAY_MS (4) /* ms, for sleep in @wil_wait_device_ready */
135 
136 #define OTP_HW_DELAY (200) /* usec, loop in @wil_wait_device_ready_talyn_mb */
137 /* round up to be above 2 ms total */
138 #define OTP_HW_COUNT (1 + 2000 / OTP_HW_DELAY)
139 
140 /*
141  * Due to a hardware issue,
142  * one has to read/write to/from NIC in 32-bit chunks;
143  * regular memcpy_fromio and siblings will
144  * not work on 64-bit platform - it uses 64-bit transactions
145  *
146  * Force 32-bit transactions to enable NIC on 64-bit platforms
147  *
148  * To avoid byte swap on big endian host, __raw_{read|write}l
149  * should be used - {read|write}l would swap bytes to provide
150  * little endian on PCI value in host endianness.
151  */
152 void wil_memcpy_fromio_32(void *dst, const volatile void __iomem *src,
153 			  size_t count)
154 {
155 	u32 *d = dst;
156 	const volatile u32 __iomem *s = src;
157 
158 	for (; count >= 4; count -= 4)
159 		*d++ = __raw_readl(s++);
160 
161 	if (unlikely(count)) {
162 		/* count can be 1..3 */
163 		u32 tmp = __raw_readl(s);
164 
165 		memcpy(d, &tmp, count);
166 	}
167 }
168 
169 void wil_memcpy_toio_32(volatile void __iomem *dst, const void *src,
170 			size_t count)
171 {
172 	volatile u32 __iomem *d = dst;
173 	const u32 *s = src;
174 
175 	for (; count >= 4; count -= 4)
176 		__raw_writel(*s++, d++);
177 
178 	if (unlikely(count)) {
179 		/* count can be 1..3 */
180 		u32 tmp = 0;
181 
182 		memcpy(&tmp, s, count);
183 		__raw_writel(tmp, d);
184 	}
185 }
186 
187 /* Device memory access is prohibited while reset or suspend.
188  * wil_mem_access_lock protects accessing device memory in these cases
189  */
190 int wil_mem_access_lock(struct wil6210_priv *wil)
191 {
192 	if (!down_read_trylock(&wil->mem_lock))
193 		return -EBUSY;
194 
195 	if (test_bit(wil_status_suspending, wil->status) ||
196 	    test_bit(wil_status_suspended, wil->status)) {
197 		up_read(&wil->mem_lock);
198 		return -EBUSY;
199 	}
200 
201 	return 0;
202 }
203 
204 void wil_mem_access_unlock(struct wil6210_priv *wil)
205 {
206 	up_read(&wil->mem_lock);
207 }
208 
209 static void wil_ring_fini_tx(struct wil6210_priv *wil, int id)
210 {
211 	struct wil_ring *ring = &wil->ring_tx[id];
212 	struct wil_ring_tx_data *txdata = &wil->ring_tx_data[id];
213 
214 	lockdep_assert_held(&wil->mutex);
215 
216 	if (!ring->va)
217 		return;
218 
219 	wil_dbg_misc(wil, "vring_fini_tx: id=%d\n", id);
220 
221 	spin_lock_bh(&txdata->lock);
222 	txdata->dot1x_open = false;
223 	txdata->mid = U8_MAX;
224 	txdata->enabled = 0; /* no Tx can be in progress or start anew */
225 	spin_unlock_bh(&txdata->lock);
226 	/* napi_synchronize waits for completion of the current NAPI but will
227 	 * not prevent the next NAPI run.
228 	 * Add a memory barrier to guarantee that txdata->enabled is zeroed
229 	 * before napi_synchronize so that the next scheduled NAPI will not
230 	 * handle this vring
231 	 */
232 	wmb();
233 	/* make sure NAPI won't touch this vring */
234 	if (test_bit(wil_status_napi_en, wil->status))
235 		napi_synchronize(&wil->napi_tx);
236 
237 	wil->txrx_ops.ring_fini_tx(wil, ring);
238 }
239 
240 static bool wil_vif_is_connected(struct wil6210_priv *wil, u8 mid)
241 {
242 	int i;
243 
244 	for (i = 0; i < wil->max_assoc_sta; i++) {
245 		if (wil->sta[i].mid == mid &&
246 		    wil->sta[i].status == wil_sta_connected)
247 			return true;
248 	}
249 
250 	return false;
251 }
252 
253 static void wil_disconnect_cid_complete(struct wil6210_vif *vif, int cid,
254 					u16 reason_code)
255 __acquires(&sta->tid_rx_lock) __releases(&sta->tid_rx_lock)
256 {
257 	uint i;
258 	struct wil6210_priv *wil = vif_to_wil(vif);
259 	struct net_device *ndev = vif_to_ndev(vif);
260 	struct wireless_dev *wdev = vif_to_wdev(vif);
261 	struct wil_sta_info *sta = &wil->sta[cid];
262 	int min_ring_id = wil_get_min_tx_ring_id(wil);
263 
264 	might_sleep();
265 	wil_dbg_misc(wil,
266 		     "disconnect_cid_complete: CID %d, MID %d, status %d\n",
267 		     cid, sta->mid, sta->status);
268 	/* inform upper layers */
269 	if (sta->status != wil_sta_unused) {
270 		if (vif->mid != sta->mid) {
271 			wil_err(wil, "STA MID mismatch with VIF MID(%d)\n",
272 				vif->mid);
273 		}
274 
275 		switch (wdev->iftype) {
276 		case NL80211_IFTYPE_AP:
277 		case NL80211_IFTYPE_P2P_GO:
278 			/* AP-like interface */
279 			cfg80211_del_sta(ndev, sta->addr, GFP_KERNEL);
280 			break;
281 		default:
282 			break;
283 		}
284 		sta->status = wil_sta_unused;
285 		sta->mid = U8_MAX;
286 	}
287 	/* reorder buffers */
288 	for (i = 0; i < WIL_STA_TID_NUM; i++) {
289 		struct wil_tid_ampdu_rx *r;
290 
291 		spin_lock_bh(&sta->tid_rx_lock);
292 
293 		r = sta->tid_rx[i];
294 		sta->tid_rx[i] = NULL;
295 		wil_tid_ampdu_rx_free(wil, r);
296 
297 		spin_unlock_bh(&sta->tid_rx_lock);
298 	}
299 	/* crypto context */
300 	memset(sta->tid_crypto_rx, 0, sizeof(sta->tid_crypto_rx));
301 	memset(&sta->group_crypto_rx, 0, sizeof(sta->group_crypto_rx));
302 	/* release vrings */
303 	for (i = min_ring_id; i < ARRAY_SIZE(wil->ring_tx); i++) {
304 		if (wil->ring2cid_tid[i][0] == cid)
305 			wil_ring_fini_tx(wil, i);
306 	}
307 	/* statistics */
308 	memset(&sta->stats, 0, sizeof(sta->stats));
309 	sta->stats.tx_latency_min_us = U32_MAX;
310 }
311 
312 static void _wil6210_disconnect_complete(struct wil6210_vif *vif,
313 					 const u8 *bssid, u16 reason_code)
314 {
315 	struct wil6210_priv *wil = vif_to_wil(vif);
316 	int cid = -ENOENT;
317 	struct net_device *ndev;
318 	struct wireless_dev *wdev;
319 
320 	ndev = vif_to_ndev(vif);
321 	wdev = vif_to_wdev(vif);
322 
323 	might_sleep();
324 	wil_info(wil, "disconnect_complete: bssid=%pM, reason=%d\n",
325 		 bssid, reason_code);
326 
327 	/* Cases are:
328 	 * - disconnect single STA, still connected
329 	 * - disconnect single STA, already disconnected
330 	 * - disconnect all
331 	 *
332 	 * For "disconnect all", there are 3 options:
333 	 * - bssid == NULL
334 	 * - bssid is broadcast address (ff:ff:ff:ff:ff:ff)
335 	 * - bssid is our MAC address
336 	 */
337 	if (bssid && !is_broadcast_ether_addr(bssid) &&
338 	    !ether_addr_equal_unaligned(ndev->dev_addr, bssid)) {
339 		cid = wil_find_cid(wil, vif->mid, bssid);
340 		wil_dbg_misc(wil,
341 			     "Disconnect complete %pM, CID=%d, reason=%d\n",
342 			     bssid, cid, reason_code);
343 		if (wil_cid_valid(wil, cid)) /* disconnect 1 peer */
344 			wil_disconnect_cid_complete(vif, cid, reason_code);
345 	} else { /* all */
346 		wil_dbg_misc(wil, "Disconnect complete all\n");
347 		for (cid = 0; cid < wil->max_assoc_sta; cid++)
348 			wil_disconnect_cid_complete(vif, cid, reason_code);
349 	}
350 
351 	/* link state */
352 	switch (wdev->iftype) {
353 	case NL80211_IFTYPE_STATION:
354 	case NL80211_IFTYPE_P2P_CLIENT:
355 		wil_bcast_fini(vif);
356 		wil_update_net_queues_bh(wil, vif, NULL, true);
357 		netif_carrier_off(ndev);
358 		if (!wil_has_other_active_ifaces(wil, ndev, false, true))
359 			wil6210_bus_request(wil, WIL_DEFAULT_BUS_REQUEST_KBPS);
360 
361 		if (test_and_clear_bit(wil_vif_fwconnected, vif->status)) {
362 			atomic_dec(&wil->connected_vifs);
363 			cfg80211_disconnected(ndev, reason_code,
364 					      NULL, 0,
365 					      vif->locally_generated_disc,
366 					      GFP_KERNEL);
367 			vif->locally_generated_disc = false;
368 		} else if (test_bit(wil_vif_fwconnecting, vif->status)) {
369 			cfg80211_connect_result(ndev, bssid, NULL, 0, NULL, 0,
370 						WLAN_STATUS_UNSPECIFIED_FAILURE,
371 						GFP_KERNEL);
372 			vif->bss = NULL;
373 		}
374 		clear_bit(wil_vif_fwconnecting, vif->status);
375 		clear_bit(wil_vif_ft_roam, vif->status);
376 		vif->ptk_rekey_state = WIL_REKEY_IDLE;
377 
378 		break;
379 	case NL80211_IFTYPE_AP:
380 	case NL80211_IFTYPE_P2P_GO:
381 		if (!wil_vif_is_connected(wil, vif->mid)) {
382 			wil_update_net_queues_bh(wil, vif, NULL, true);
383 			if (test_and_clear_bit(wil_vif_fwconnected,
384 					       vif->status))
385 				atomic_dec(&wil->connected_vifs);
386 		} else {
387 			wil_update_net_queues_bh(wil, vif, NULL, false);
388 		}
389 		break;
390 	default:
391 		break;
392 	}
393 }
394 
395 static int wil_disconnect_cid(struct wil6210_vif *vif, int cid,
396 			      u16 reason_code)
397 {
398 	struct wil6210_priv *wil = vif_to_wil(vif);
399 	struct wireless_dev *wdev = vif_to_wdev(vif);
400 	struct wil_sta_info *sta = &wil->sta[cid];
401 	bool del_sta = false;
402 
403 	might_sleep();
404 	wil_dbg_misc(wil, "disconnect_cid: CID %d, MID %d, status %d\n",
405 		     cid, sta->mid, sta->status);
406 
407 	if (sta->status == wil_sta_unused)
408 		return 0;
409 
410 	if (vif->mid != sta->mid) {
411 		wil_err(wil, "STA MID mismatch with VIF MID(%d)\n", vif->mid);
412 		return -EINVAL;
413 	}
414 
415 	/* inform lower layers */
416 	if (wdev->iftype == NL80211_IFTYPE_AP && disable_ap_sme)
417 		del_sta = true;
418 
419 	/* disconnect by sending command disconnect/del_sta and wait
420 	 * synchronously for WMI_DISCONNECT_EVENTID event.
421 	 */
422 	return wmi_disconnect_sta(vif, sta->addr, reason_code, del_sta);
423 }
424 
425 static void _wil6210_disconnect(struct wil6210_vif *vif, const u8 *bssid,
426 				u16 reason_code)
427 {
428 	struct wil6210_priv *wil;
429 	struct net_device *ndev;
430 	int cid = -ENOENT;
431 
432 	if (unlikely(!vif))
433 		return;
434 
435 	wil = vif_to_wil(vif);
436 	ndev = vif_to_ndev(vif);
437 
438 	might_sleep();
439 	wil_info(wil, "disconnect bssid=%pM, reason=%d\n", bssid, reason_code);
440 
441 	/* Cases are:
442 	 * - disconnect single STA, still connected
443 	 * - disconnect single STA, already disconnected
444 	 * - disconnect all
445 	 *
446 	 * For "disconnect all", there are 3 options:
447 	 * - bssid == NULL
448 	 * - bssid is broadcast address (ff:ff:ff:ff:ff:ff)
449 	 * - bssid is our MAC address
450 	 */
451 	if (bssid && !is_broadcast_ether_addr(bssid) &&
452 	    !ether_addr_equal_unaligned(ndev->dev_addr, bssid)) {
453 		cid = wil_find_cid(wil, vif->mid, bssid);
454 		wil_dbg_misc(wil, "Disconnect %pM, CID=%d, reason=%d\n",
455 			     bssid, cid, reason_code);
456 		if (wil_cid_valid(wil, cid)) /* disconnect 1 peer */
457 			wil_disconnect_cid(vif, cid, reason_code);
458 	} else { /* all */
459 		wil_dbg_misc(wil, "Disconnect all\n");
460 		for (cid = 0; cid < wil->max_assoc_sta; cid++)
461 			wil_disconnect_cid(vif, cid, reason_code);
462 	}
463 
464 	/* call event handler manually after processing wmi_call,
465 	 * to avoid deadlock - disconnect event handler acquires
466 	 * wil->mutex while it is already held here
467 	 */
468 	_wil6210_disconnect_complete(vif, bssid, reason_code);
469 }
470 
471 void wil_disconnect_worker(struct work_struct *work)
472 {
473 	struct wil6210_vif *vif = container_of(work,
474 			struct wil6210_vif, disconnect_worker);
475 	struct wil6210_priv *wil = vif_to_wil(vif);
476 	struct net_device *ndev = vif_to_ndev(vif);
477 	int rc;
478 	struct {
479 		struct wmi_cmd_hdr wmi;
480 		struct wmi_disconnect_event evt;
481 	} __packed reply;
482 
483 	if (test_bit(wil_vif_fwconnected, vif->status))
484 		/* connect succeeded after all */
485 		return;
486 
487 	if (!test_bit(wil_vif_fwconnecting, vif->status))
488 		/* already disconnected */
489 		return;
490 
491 	memset(&reply, 0, sizeof(reply));
492 
493 	rc = wmi_call(wil, WMI_DISCONNECT_CMDID, vif->mid, NULL, 0,
494 		      WMI_DISCONNECT_EVENTID, &reply, sizeof(reply),
495 		      WIL6210_DISCONNECT_TO_MS);
496 	if (rc) {
497 		wil_err(wil, "disconnect error %d\n", rc);
498 		return;
499 	}
500 
501 	wil_update_net_queues_bh(wil, vif, NULL, true);
502 	netif_carrier_off(ndev);
503 	cfg80211_connect_result(ndev, NULL, NULL, 0, NULL, 0,
504 				WLAN_STATUS_UNSPECIFIED_FAILURE, GFP_KERNEL);
505 	clear_bit(wil_vif_fwconnecting, vif->status);
506 }
507 
508 static int wil_wait_for_recovery(struct wil6210_priv *wil)
509 {
510 	if (wait_event_interruptible(wil->wq, wil->recovery_state !=
511 				     fw_recovery_pending)) {
512 		wil_err(wil, "Interrupt, canceling recovery\n");
513 		return -ERESTARTSYS;
514 	}
515 	if (wil->recovery_state != fw_recovery_running) {
516 		wil_info(wil, "Recovery cancelled\n");
517 		return -EINTR;
518 	}
519 	wil_info(wil, "Proceed with recovery\n");
520 	return 0;
521 }
522 
523 void wil_set_recovery_state(struct wil6210_priv *wil, int state)
524 {
525 	wil_dbg_misc(wil, "set_recovery_state: %d -> %d\n",
526 		     wil->recovery_state, state);
527 
528 	wil->recovery_state = state;
529 	wake_up_interruptible(&wil->wq);
530 }
531 
532 bool wil_is_recovery_blocked(struct wil6210_priv *wil)
533 {
534 	return no_fw_recovery && (wil->recovery_state == fw_recovery_pending);
535 }
536 
537 static void wil_fw_error_worker(struct work_struct *work)
538 {
539 	struct wil6210_priv *wil = container_of(work, struct wil6210_priv,
540 						fw_error_worker);
541 	struct net_device *ndev = wil->main_ndev;
542 	struct wireless_dev *wdev;
543 
544 	wil_dbg_misc(wil, "fw error worker\n");
545 
546 	if (!ndev || !(ndev->flags & IFF_UP)) {
547 		wil_info(wil, "No recovery - interface is down\n");
548 		return;
549 	}
550 	wdev = ndev->ieee80211_ptr;
551 
552 	/* increment @recovery_count if less then WIL6210_FW_RECOVERY_TO
553 	 * passed since last recovery attempt
554 	 */
555 	if (time_is_after_jiffies(wil->last_fw_recovery +
556 				  WIL6210_FW_RECOVERY_TO))
557 		wil->recovery_count++;
558 	else
559 		wil->recovery_count = 1; /* fw was alive for a long time */
560 
561 	if (wil->recovery_count > WIL6210_FW_RECOVERY_RETRIES) {
562 		wil_err(wil, "too many recovery attempts (%d), giving up\n",
563 			wil->recovery_count);
564 		return;
565 	}
566 
567 	wil->last_fw_recovery = jiffies;
568 
569 	wil_info(wil, "fw error recovery requested (try %d)...\n",
570 		 wil->recovery_count);
571 	if (!no_fw_recovery)
572 		wil->recovery_state = fw_recovery_running;
573 	if (wil_wait_for_recovery(wil) != 0)
574 		return;
575 
576 	rtnl_lock();
577 	mutex_lock(&wil->mutex);
578 	/* Needs adaptation for multiple VIFs
579 	 * need to go over all VIFs and consider the appropriate
580 	 * recovery because each one can have different iftype.
581 	 */
582 	switch (wdev->iftype) {
583 	case NL80211_IFTYPE_STATION:
584 	case NL80211_IFTYPE_P2P_CLIENT:
585 	case NL80211_IFTYPE_MONITOR:
586 		/* silent recovery, upper layers will see disconnect */
587 		__wil_down(wil);
588 		__wil_up(wil);
589 		break;
590 	case NL80211_IFTYPE_AP:
591 	case NL80211_IFTYPE_P2P_GO:
592 		if (no_fw_recovery) /* upper layers do recovery */
593 			break;
594 		/* silent recovery, upper layers will see disconnect */
595 		__wil_down(wil);
596 		__wil_up(wil);
597 		mutex_unlock(&wil->mutex);
598 		wil_cfg80211_ap_recovery(wil);
599 		mutex_lock(&wil->mutex);
600 		wil_info(wil, "... completed\n");
601 		break;
602 	default:
603 		wil_err(wil, "No recovery - unknown interface type %d\n",
604 			wdev->iftype);
605 		break;
606 	}
607 
608 	mutex_unlock(&wil->mutex);
609 	rtnl_unlock();
610 }
611 
612 static int wil_find_free_ring(struct wil6210_priv *wil)
613 {
614 	int i;
615 	int min_ring_id = wil_get_min_tx_ring_id(wil);
616 
617 	for (i = min_ring_id; i < WIL6210_MAX_TX_RINGS; i++) {
618 		if (!wil->ring_tx[i].va)
619 			return i;
620 	}
621 	return -EINVAL;
622 }
623 
624 int wil_ring_init_tx(struct wil6210_vif *vif, int cid)
625 {
626 	struct wil6210_priv *wil = vif_to_wil(vif);
627 	int rc = -EINVAL, ringid;
628 
629 	if (cid < 0) {
630 		wil_err(wil, "No connection pending\n");
631 		goto out;
632 	}
633 	ringid = wil_find_free_ring(wil);
634 	if (ringid < 0) {
635 		wil_err(wil, "No free vring found\n");
636 		goto out;
637 	}
638 
639 	wil_dbg_wmi(wil, "Configure for connection CID %d MID %d ring %d\n",
640 		    cid, vif->mid, ringid);
641 
642 	rc = wil->txrx_ops.ring_init_tx(vif, ringid, 1 << tx_ring_order,
643 					cid, 0);
644 	if (rc)
645 		wil_err(wil, "init TX for CID %d MID %d vring %d failed\n",
646 			cid, vif->mid, ringid);
647 
648 out:
649 	return rc;
650 }
651 
652 int wil_bcast_init(struct wil6210_vif *vif)
653 {
654 	struct wil6210_priv *wil = vif_to_wil(vif);
655 	int ri = vif->bcast_ring, rc;
656 
657 	if (ri >= 0 && wil->ring_tx[ri].va)
658 		return 0;
659 
660 	ri = wil_find_free_ring(wil);
661 	if (ri < 0)
662 		return ri;
663 
664 	vif->bcast_ring = ri;
665 	rc = wil->txrx_ops.ring_init_bcast(vif, ri, 1 << bcast_ring_order);
666 	if (rc)
667 		vif->bcast_ring = -1;
668 
669 	return rc;
670 }
671 
672 void wil_bcast_fini(struct wil6210_vif *vif)
673 {
674 	struct wil6210_priv *wil = vif_to_wil(vif);
675 	int ri = vif->bcast_ring;
676 
677 	if (ri < 0)
678 		return;
679 
680 	vif->bcast_ring = -1;
681 	wil_ring_fini_tx(wil, ri);
682 }
683 
684 void wil_bcast_fini_all(struct wil6210_priv *wil)
685 {
686 	int i;
687 	struct wil6210_vif *vif;
688 
689 	for (i = 0; i < GET_MAX_VIFS(wil); i++) {
690 		vif = wil->vifs[i];
691 		if (vif)
692 			wil_bcast_fini(vif);
693 	}
694 }
695 
696 int wil_priv_init(struct wil6210_priv *wil)
697 {
698 	uint i;
699 
700 	wil_dbg_misc(wil, "priv_init\n");
701 
702 	memset(wil->sta, 0, sizeof(wil->sta));
703 	for (i = 0; i < WIL6210_MAX_CID; i++) {
704 		spin_lock_init(&wil->sta[i].tid_rx_lock);
705 		wil->sta[i].mid = U8_MAX;
706 	}
707 
708 	for (i = 0; i < WIL6210_MAX_TX_RINGS; i++) {
709 		spin_lock_init(&wil->ring_tx_data[i].lock);
710 		wil->ring2cid_tid[i][0] = WIL6210_MAX_CID;
711 	}
712 
713 	mutex_init(&wil->mutex);
714 	mutex_init(&wil->vif_mutex);
715 	mutex_init(&wil->wmi_mutex);
716 	mutex_init(&wil->halp.lock);
717 
718 	init_completion(&wil->wmi_ready);
719 	init_completion(&wil->wmi_call);
720 	init_completion(&wil->halp.comp);
721 
722 	INIT_WORK(&wil->wmi_event_worker, wmi_event_worker);
723 	INIT_WORK(&wil->fw_error_worker, wil_fw_error_worker);
724 
725 	INIT_LIST_HEAD(&wil->pending_wmi_ev);
726 	spin_lock_init(&wil->wmi_ev_lock);
727 	spin_lock_init(&wil->net_queue_lock);
728 	spin_lock_init(&wil->eap_lock);
729 
730 	init_waitqueue_head(&wil->wq);
731 	init_rwsem(&wil->mem_lock);
732 
733 	wil->wmi_wq = create_singlethread_workqueue(WIL_NAME "_wmi");
734 	if (!wil->wmi_wq)
735 		return -EAGAIN;
736 
737 	wil->wq_service = create_singlethread_workqueue(WIL_NAME "_service");
738 	if (!wil->wq_service)
739 		goto out_wmi_wq;
740 
741 	wil->last_fw_recovery = jiffies;
742 	wil->tx_interframe_timeout = WIL6210_ITR_TX_INTERFRAME_TIMEOUT_DEFAULT;
743 	wil->rx_interframe_timeout = WIL6210_ITR_RX_INTERFRAME_TIMEOUT_DEFAULT;
744 	wil->tx_max_burst_duration = WIL6210_ITR_TX_MAX_BURST_DURATION_DEFAULT;
745 	wil->rx_max_burst_duration = WIL6210_ITR_RX_MAX_BURST_DURATION_DEFAULT;
746 
747 	if (rx_ring_overflow_thrsh == WIL6210_RX_HIGH_TRSH_INIT)
748 		rx_ring_overflow_thrsh = WIL6210_RX_HIGH_TRSH_DEFAULT;
749 
750 	wil->ps_profile =  WMI_PS_PROFILE_TYPE_DEFAULT;
751 
752 	wil->wakeup_trigger = WMI_WAKEUP_TRIGGER_UCAST |
753 			      WMI_WAKEUP_TRIGGER_BCAST;
754 	memset(&wil->suspend_stats, 0, sizeof(wil->suspend_stats));
755 	wil->ring_idle_trsh = 16;
756 
757 	wil->reply_mid = U8_MAX;
758 	wil->max_vifs = 1;
759 	wil->max_assoc_sta = max_assoc_sta;
760 
761 	/* edma configuration can be updated via debugfs before allocation */
762 	wil->num_rx_status_rings = WIL_DEFAULT_NUM_RX_STATUS_RINGS;
763 	wil->tx_status_ring_order = WIL_TX_SRING_SIZE_ORDER_DEFAULT;
764 
765 	/* Rx status ring size should be bigger than the number of RX buffers
766 	 * in order to prevent backpressure on the status ring, which may
767 	 * cause HW freeze.
768 	 */
769 	wil->rx_status_ring_order = WIL_RX_SRING_SIZE_ORDER_DEFAULT;
770 	/* Number of RX buffer IDs should be bigger than the RX descriptor
771 	 * ring size as in HW reorder flow, the HW can consume additional
772 	 * buffers before releasing the previous ones.
773 	 */
774 	wil->rx_buff_id_count = WIL_RX_BUFF_ARR_SIZE_DEFAULT;
775 
776 	wil->amsdu_en = 1;
777 
778 	return 0;
779 
780 out_wmi_wq:
781 	destroy_workqueue(wil->wmi_wq);
782 
783 	return -EAGAIN;
784 }
785 
786 void wil6210_bus_request(struct wil6210_priv *wil, u32 kbps)
787 {
788 	if (wil->platform_ops.bus_request) {
789 		wil->bus_request_kbps = kbps;
790 		wil->platform_ops.bus_request(wil->platform_handle, kbps);
791 	}
792 }
793 
794 /**
795  * wil6210_disconnect - disconnect one connection
796  * @vif: virtual interface context
797  * @bssid: peer to disconnect, NULL to disconnect all
798  * @reason_code: Reason code for the Disassociation frame
799  *
800  * Disconnect and release associated resources. Issue WMI
801  * command(s) to trigger MAC disconnect. When command was issued
802  * successfully, call the wil6210_disconnect_complete function
803  * to handle the event synchronously
804  */
805 void wil6210_disconnect(struct wil6210_vif *vif, const u8 *bssid,
806 			u16 reason_code)
807 {
808 	struct wil6210_priv *wil = vif_to_wil(vif);
809 
810 	wil_dbg_misc(wil, "disconnecting\n");
811 
812 	del_timer_sync(&vif->connect_timer);
813 	_wil6210_disconnect(vif, bssid, reason_code);
814 }
815 
816 /**
817  * wil6210_disconnect_complete - handle disconnect event
818  * @vif: virtual interface context
819  * @bssid: peer to disconnect, NULL to disconnect all
820  * @reason_code: Reason code for the Disassociation frame
821  *
822  * Release associated resources and indicate upper layers the
823  * connection is terminated.
824  */
825 void wil6210_disconnect_complete(struct wil6210_vif *vif, const u8 *bssid,
826 				 u16 reason_code)
827 {
828 	struct wil6210_priv *wil = vif_to_wil(vif);
829 
830 	wil_dbg_misc(wil, "got disconnect\n");
831 
832 	del_timer_sync(&vif->connect_timer);
833 	_wil6210_disconnect_complete(vif, bssid, reason_code);
834 }
835 
836 void wil_priv_deinit(struct wil6210_priv *wil)
837 {
838 	wil_dbg_misc(wil, "priv_deinit\n");
839 
840 	wil_set_recovery_state(wil, fw_recovery_idle);
841 	cancel_work_sync(&wil->fw_error_worker);
842 	wmi_event_flush(wil);
843 	destroy_workqueue(wil->wq_service);
844 	destroy_workqueue(wil->wmi_wq);
845 	kfree(wil->brd_info);
846 }
847 
848 static void wil_shutdown_bl(struct wil6210_priv *wil)
849 {
850 	u32 val;
851 
852 	wil_s(wil, RGF_USER_BL +
853 	      offsetof(struct bl_dedicated_registers_v1,
854 		       bl_shutdown_handshake), BL_SHUTDOWN_HS_GRTD);
855 
856 	usleep_range(100, 150);
857 
858 	val = wil_r(wil, RGF_USER_BL +
859 		    offsetof(struct bl_dedicated_registers_v1,
860 			     bl_shutdown_handshake));
861 	if (val & BL_SHUTDOWN_HS_RTD) {
862 		wil_dbg_misc(wil, "BL is ready for halt\n");
863 		return;
864 	}
865 
866 	wil_err(wil, "BL did not report ready for halt\n");
867 }
868 
869 /* this format is used by ARC embedded CPU for instruction memory */
870 static inline u32 ARC_me_imm32(u32 d)
871 {
872 	return ((d & 0xffff0000) >> 16) | ((d & 0x0000ffff) << 16);
873 }
874 
875 /* defines access to interrupt vectors for wil_freeze_bl */
876 #define ARC_IRQ_VECTOR_OFFSET(N)	((N) * 8)
877 /* ARC long jump instruction */
878 #define ARC_JAL_INST			(0x20200f80)
879 
880 static void wil_freeze_bl(struct wil6210_priv *wil)
881 {
882 	u32 jal, upc, saved;
883 	u32 ivt3 = ARC_IRQ_VECTOR_OFFSET(3);
884 
885 	jal = wil_r(wil, wil->iccm_base + ivt3);
886 	if (jal != ARC_me_imm32(ARC_JAL_INST)) {
887 		wil_dbg_misc(wil, "invalid IVT entry found, skipping\n");
888 		return;
889 	}
890 
891 	/* prevent the target from entering deep sleep
892 	 * and disabling memory access
893 	 */
894 	saved = wil_r(wil, RGF_USER_USAGE_8);
895 	wil_w(wil, RGF_USER_USAGE_8, saved | BIT_USER_PREVENT_DEEP_SLEEP);
896 	usleep_range(20, 25); /* let the BL process the bit */
897 
898 	/* redirect to endless loop in the INT_L1 context and let it trap */
899 	wil_w(wil, wil->iccm_base + ivt3 + 4, ARC_me_imm32(ivt3));
900 	usleep_range(20, 25); /* let the BL get into the trap */
901 
902 	/* verify the BL is frozen */
903 	upc = wil_r(wil, RGF_USER_CPU_PC);
904 	if (upc < ivt3 || (upc > (ivt3 + 8)))
905 		wil_dbg_misc(wil, "BL freeze failed, PC=0x%08X\n", upc);
906 
907 	wil_w(wil, RGF_USER_USAGE_8, saved);
908 }
909 
910 static void wil_bl_prepare_halt(struct wil6210_priv *wil)
911 {
912 	u32 tmp, ver;
913 
914 	/* before halting device CPU driver must make sure BL is not accessing
915 	 * host memory. This is done differently depending on BL version:
916 	 * 1. For very old BL versions the procedure is skipped
917 	 * (not supported).
918 	 * 2. For old BL version we use a special trick to freeze the BL
919 	 * 3. For new BL versions we shutdown the BL using handshake procedure.
920 	 */
921 	tmp = wil_r(wil, RGF_USER_BL +
922 		    offsetof(struct bl_dedicated_registers_v0,
923 			     boot_loader_struct_version));
924 	if (!tmp) {
925 		wil_dbg_misc(wil, "old BL, skipping halt preparation\n");
926 		return;
927 	}
928 
929 	tmp = wil_r(wil, RGF_USER_BL +
930 		    offsetof(struct bl_dedicated_registers_v1,
931 			     bl_shutdown_handshake));
932 	ver = BL_SHUTDOWN_HS_PROT_VER(tmp);
933 
934 	if (ver > 0)
935 		wil_shutdown_bl(wil);
936 	else
937 		wil_freeze_bl(wil);
938 }
939 
940 static inline void wil_halt_cpu(struct wil6210_priv *wil)
941 {
942 	if (wil->hw_version >= HW_VER_TALYN_MB) {
943 		wil_w(wil, RGF_USER_USER_CPU_0_TALYN_MB,
944 		      BIT_USER_USER_CPU_MAN_RST);
945 		wil_w(wil, RGF_USER_MAC_CPU_0_TALYN_MB,
946 		      BIT_USER_MAC_CPU_MAN_RST);
947 	} else {
948 		wil_w(wil, RGF_USER_USER_CPU_0, BIT_USER_USER_CPU_MAN_RST);
949 		wil_w(wil, RGF_USER_MAC_CPU_0,  BIT_USER_MAC_CPU_MAN_RST);
950 	}
951 }
952 
953 static inline void wil_release_cpu(struct wil6210_priv *wil)
954 {
955 	/* Start CPU */
956 	if (wil->hw_version >= HW_VER_TALYN_MB)
957 		wil_w(wil, RGF_USER_USER_CPU_0_TALYN_MB, 1);
958 	else
959 		wil_w(wil, RGF_USER_USER_CPU_0, 1);
960 }
961 
962 static void wil_set_oob_mode(struct wil6210_priv *wil, u8 mode)
963 {
964 	wil_info(wil, "oob_mode to %d\n", mode);
965 	switch (mode) {
966 	case 0:
967 		wil_c(wil, RGF_USER_USAGE_6, BIT_USER_OOB_MODE |
968 		      BIT_USER_OOB_R2_MODE);
969 		break;
970 	case 1:
971 		wil_c(wil, RGF_USER_USAGE_6, BIT_USER_OOB_R2_MODE);
972 		wil_s(wil, RGF_USER_USAGE_6, BIT_USER_OOB_MODE);
973 		break;
974 	case 2:
975 		wil_c(wil, RGF_USER_USAGE_6, BIT_USER_OOB_MODE);
976 		wil_s(wil, RGF_USER_USAGE_6, BIT_USER_OOB_R2_MODE);
977 		break;
978 	default:
979 		wil_err(wil, "invalid oob_mode: %d\n", mode);
980 	}
981 }
982 
983 static int wil_wait_device_ready(struct wil6210_priv *wil, int no_flash)
984 {
985 	int delay = 0;
986 	u32 x, x1 = 0;
987 
988 	/* wait until device ready. */
989 	if (no_flash) {
990 		msleep(PMU_READY_DELAY_MS);
991 
992 		wil_dbg_misc(wil, "Reset completed\n");
993 	} else {
994 		do {
995 			msleep(RST_DELAY);
996 			x = wil_r(wil, RGF_USER_BL +
997 				  offsetof(struct bl_dedicated_registers_v0,
998 					   boot_loader_ready));
999 			if (x1 != x) {
1000 				wil_dbg_misc(wil, "BL.ready 0x%08x => 0x%08x\n",
1001 					     x1, x);
1002 				x1 = x;
1003 			}
1004 			if (delay++ > RST_COUNT) {
1005 				wil_err(wil, "Reset not completed, bl.ready 0x%08x\n",
1006 					x);
1007 				return -ETIME;
1008 			}
1009 		} while (x != BL_READY);
1010 
1011 		wil_dbg_misc(wil, "Reset completed in %d ms\n",
1012 			     delay * RST_DELAY);
1013 	}
1014 
1015 	return 0;
1016 }
1017 
1018 static int wil_wait_device_ready_talyn_mb(struct wil6210_priv *wil)
1019 {
1020 	u32 otp_hw;
1021 	u8 signature_status;
1022 	bool otp_signature_err;
1023 	bool hw_section_done;
1024 	u32 otp_qc_secured;
1025 	int delay = 0;
1026 
1027 	/* Wait for OTP signature test to complete */
1028 	usleep_range(2000, 2200);
1029 
1030 	wil->boot_config = WIL_BOOT_ERR;
1031 
1032 	/* Poll until OTP signature status is valid.
1033 	 * In vanilla and development modes, when signature test is complete
1034 	 * HW sets BIT_OTP_SIGNATURE_ERR_TALYN_MB.
1035 	 * In production mode BIT_OTP_SIGNATURE_ERR_TALYN_MB remains 0, poll
1036 	 * for signature status change to 2 or 3.
1037 	 */
1038 	do {
1039 		otp_hw = wil_r(wil, RGF_USER_OTP_HW_RD_MACHINE_1);
1040 		signature_status = WIL_GET_BITS(otp_hw, 8, 9);
1041 		otp_signature_err = otp_hw & BIT_OTP_SIGNATURE_ERR_TALYN_MB;
1042 
1043 		if (otp_signature_err &&
1044 		    signature_status == WIL_SIG_STATUS_VANILLA) {
1045 			wil->boot_config = WIL_BOOT_VANILLA;
1046 			break;
1047 		}
1048 		if (otp_signature_err &&
1049 		    signature_status == WIL_SIG_STATUS_DEVELOPMENT) {
1050 			wil->boot_config = WIL_BOOT_DEVELOPMENT;
1051 			break;
1052 		}
1053 		if (!otp_signature_err &&
1054 		    signature_status == WIL_SIG_STATUS_PRODUCTION) {
1055 			wil->boot_config = WIL_BOOT_PRODUCTION;
1056 			break;
1057 		}
1058 		if  (!otp_signature_err &&
1059 		     signature_status ==
1060 		     WIL_SIG_STATUS_CORRUPTED_PRODUCTION) {
1061 			/* Unrecognized OTP signature found. Possibly a
1062 			 * corrupted production signature, access control
1063 			 * is applied as in production mode, therefore
1064 			 * do not fail
1065 			 */
1066 			wil->boot_config = WIL_BOOT_PRODUCTION;
1067 			break;
1068 		}
1069 		if (delay++ > OTP_HW_COUNT)
1070 			break;
1071 
1072 		usleep_range(OTP_HW_DELAY, OTP_HW_DELAY + 10);
1073 	} while (!otp_signature_err && signature_status == 0);
1074 
1075 	if (wil->boot_config == WIL_BOOT_ERR) {
1076 		wil_err(wil,
1077 			"invalid boot config, signature_status %d otp_signature_err %d\n",
1078 			signature_status, otp_signature_err);
1079 		return -ETIME;
1080 	}
1081 
1082 	wil_dbg_misc(wil,
1083 		     "signature test done in %d usec, otp_hw 0x%x, boot_config %d\n",
1084 		     delay * OTP_HW_DELAY, otp_hw, wil->boot_config);
1085 
1086 	if (wil->boot_config == WIL_BOOT_VANILLA)
1087 		/* Assuming not SPI boot (currently not supported) */
1088 		goto out;
1089 
1090 	hw_section_done = otp_hw & BIT_OTP_HW_SECTION_DONE_TALYN_MB;
1091 	delay = 0;
1092 
1093 	while (!hw_section_done) {
1094 		msleep(RST_DELAY);
1095 
1096 		otp_hw = wil_r(wil, RGF_USER_OTP_HW_RD_MACHINE_1);
1097 		hw_section_done = otp_hw & BIT_OTP_HW_SECTION_DONE_TALYN_MB;
1098 
1099 		if (delay++ > RST_COUNT) {
1100 			wil_err(wil, "TO waiting for hw_section_done\n");
1101 			return -ETIME;
1102 		}
1103 	}
1104 
1105 	wil_dbg_misc(wil, "HW section done in %d ms\n", delay * RST_DELAY);
1106 
1107 	otp_qc_secured = wil_r(wil, RGF_OTP_QC_SECURED);
1108 	wil->secured_boot = otp_qc_secured & BIT_BOOT_FROM_ROM ? 1 : 0;
1109 	wil_dbg_misc(wil, "secured boot is %sabled\n",
1110 		     wil->secured_boot ? "en" : "dis");
1111 
1112 out:
1113 	wil_dbg_misc(wil, "Reset completed\n");
1114 
1115 	return 0;
1116 }
1117 
1118 static int wil_target_reset(struct wil6210_priv *wil, int no_flash)
1119 {
1120 	u32 x;
1121 	int rc;
1122 
1123 	wil_dbg_misc(wil, "Resetting \"%s\"...\n", wil->hw_name);
1124 
1125 	if (wil->hw_version < HW_VER_TALYN) {
1126 		/* Clear MAC link up */
1127 		wil_s(wil, RGF_HP_CTRL, BIT(15));
1128 		wil_s(wil, RGF_USER_CLKS_CTL_SW_RST_MASK_0,
1129 		      BIT_HPAL_PERST_FROM_PAD);
1130 		wil_s(wil, RGF_USER_CLKS_CTL_SW_RST_MASK_0, BIT_CAR_PERST_RST);
1131 	}
1132 
1133 	wil_halt_cpu(wil);
1134 
1135 	if (!no_flash) {
1136 		/* clear all boot loader "ready" bits */
1137 		wil_w(wil, RGF_USER_BL +
1138 		      offsetof(struct bl_dedicated_registers_v0,
1139 			       boot_loader_ready), 0);
1140 		/* this should be safe to write even with old BLs */
1141 		wil_w(wil, RGF_USER_BL +
1142 		      offsetof(struct bl_dedicated_registers_v1,
1143 			       bl_shutdown_handshake), 0);
1144 	}
1145 	/* Clear Fw Download notification */
1146 	wil_c(wil, RGF_USER_USAGE_6, BIT(0));
1147 
1148 	wil_s(wil, RGF_CAF_OSC_CONTROL, BIT_CAF_OSC_XTAL_EN);
1149 	/* XTAL stabilization should take about 3ms */
1150 	usleep_range(5000, 7000);
1151 	x = wil_r(wil, RGF_CAF_PLL_LOCK_STATUS);
1152 	if (!(x & BIT_CAF_OSC_DIG_XTAL_STABLE)) {
1153 		wil_err(wil, "Xtal stabilization timeout\n"
1154 			"RGF_CAF_PLL_LOCK_STATUS = 0x%08x\n", x);
1155 		return -ETIME;
1156 	}
1157 	/* switch 10k to XTAL*/
1158 	wil_c(wil, RGF_USER_SPARROW_M_4, BIT_SPARROW_M_4_SEL_SLEEP_OR_REF);
1159 	/* 40 MHz */
1160 	wil_c(wil, RGF_USER_CLKS_CTL_0, BIT_USER_CLKS_CAR_AHB_SW_SEL);
1161 
1162 	wil_w(wil, RGF_USER_CLKS_CTL_EXT_SW_RST_VEC_0, 0x3ff81f);
1163 	wil_w(wil, RGF_USER_CLKS_CTL_EXT_SW_RST_VEC_1, 0xf);
1164 
1165 	if (wil->hw_version >= HW_VER_TALYN_MB) {
1166 		wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_2, 0x7e000000);
1167 		wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_1, 0x0000003f);
1168 		wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_3, 0xc00000f0);
1169 		wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_0, 0xffe7fe00);
1170 	} else {
1171 		wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_2, 0xfe000000);
1172 		wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_1, 0x0000003f);
1173 		wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_3, 0x000000f0);
1174 		wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_0, 0xffe7fe00);
1175 	}
1176 
1177 	wil_w(wil, RGF_USER_CLKS_CTL_EXT_SW_RST_VEC_0, 0x0);
1178 	wil_w(wil, RGF_USER_CLKS_CTL_EXT_SW_RST_VEC_1, 0x0);
1179 
1180 	wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_3, 0);
1181 	wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_2, 0);
1182 	wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_1, 0);
1183 	wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_0, 0);
1184 
1185 	wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_3, 0x00000003);
1186 	/* reset A2 PCIE AHB */
1187 	wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_2, 0x00008000);
1188 
1189 	wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_0, 0);
1190 
1191 	if (wil->hw_version == HW_VER_TALYN_MB)
1192 		rc = wil_wait_device_ready_talyn_mb(wil);
1193 	else
1194 		rc = wil_wait_device_ready(wil, no_flash);
1195 	if (rc)
1196 		return rc;
1197 
1198 	wil_c(wil, RGF_USER_CLKS_CTL_0, BIT_USER_CLKS_RST_PWGD);
1199 
1200 	/* enable fix for HW bug related to the SA/DA swap in AP Rx */
1201 	wil_s(wil, RGF_DMA_OFUL_NID_0, BIT_DMA_OFUL_NID_0_RX_EXT_TR_EN |
1202 	      BIT_DMA_OFUL_NID_0_RX_EXT_A3_SRC);
1203 
1204 	if (wil->hw_version < HW_VER_TALYN_MB && no_flash) {
1205 		/* Reset OTP HW vectors to fit 40MHz */
1206 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME1, 0x60001);
1207 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME2, 0x20027);
1208 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME3, 0x1);
1209 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME4, 0x20027);
1210 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME5, 0x30003);
1211 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME6, 0x20002);
1212 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME7, 0x60001);
1213 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME8, 0x60001);
1214 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME9, 0x60001);
1215 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME10, 0x60001);
1216 		wil_w(wil, RGF_USER_XPM_RD_DOUT_SAMPLE_TIME, 0x57);
1217 	}
1218 
1219 	return 0;
1220 }
1221 
1222 static void wil_collect_fw_info(struct wil6210_priv *wil)
1223 {
1224 	struct wiphy *wiphy = wil_to_wiphy(wil);
1225 	u8 retry_short;
1226 	int rc;
1227 
1228 	wil_refresh_fw_capabilities(wil);
1229 
1230 	rc = wmi_get_mgmt_retry(wil, &retry_short);
1231 	if (!rc) {
1232 		wiphy->retry_short = retry_short;
1233 		wil_dbg_misc(wil, "FW retry_short: %d\n", retry_short);
1234 	}
1235 }
1236 
1237 void wil_refresh_fw_capabilities(struct wil6210_priv *wil)
1238 {
1239 	struct wiphy *wiphy = wil_to_wiphy(wil);
1240 	int features;
1241 
1242 	wil->keep_radio_on_during_sleep =
1243 		test_bit(WIL_PLATFORM_CAPA_RADIO_ON_IN_SUSPEND,
1244 			 wil->platform_capa) &&
1245 		test_bit(WMI_FW_CAPABILITY_D3_SUSPEND, wil->fw_capabilities);
1246 
1247 	wil_info(wil, "keep_radio_on_during_sleep (%d)\n",
1248 		 wil->keep_radio_on_during_sleep);
1249 
1250 	if (test_bit(WMI_FW_CAPABILITY_RSSI_REPORTING, wil->fw_capabilities))
1251 		wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM;
1252 	else
1253 		wiphy->signal_type = CFG80211_SIGNAL_TYPE_UNSPEC;
1254 
1255 	if (test_bit(WMI_FW_CAPABILITY_PNO, wil->fw_capabilities)) {
1256 		wiphy->max_sched_scan_reqs = 1;
1257 		wiphy->max_sched_scan_ssids = WMI_MAX_PNO_SSID_NUM;
1258 		wiphy->max_match_sets = WMI_MAX_PNO_SSID_NUM;
1259 		wiphy->max_sched_scan_ie_len = WMI_MAX_IE_LEN;
1260 		wiphy->max_sched_scan_plans = WMI_MAX_PLANS_NUM;
1261 	}
1262 
1263 	if (test_bit(WMI_FW_CAPABILITY_TX_REQ_EXT, wil->fw_capabilities))
1264 		wiphy->flags |= WIPHY_FLAG_OFFCHAN_TX;
1265 
1266 	if (wil->platform_ops.set_features) {
1267 		features = (test_bit(WMI_FW_CAPABILITY_REF_CLOCK_CONTROL,
1268 				     wil->fw_capabilities) &&
1269 			    test_bit(WIL_PLATFORM_CAPA_EXT_CLK,
1270 				     wil->platform_capa)) ?
1271 			BIT(WIL_PLATFORM_FEATURE_FW_EXT_CLK_CONTROL) : 0;
1272 
1273 		if (wil->n_msi == 3)
1274 			features |= BIT(WIL_PLATFORM_FEATURE_TRIPLE_MSI);
1275 
1276 		wil->platform_ops.set_features(wil->platform_handle, features);
1277 	}
1278 
1279 	if (test_bit(WMI_FW_CAPABILITY_BACK_WIN_SIZE_64,
1280 		     wil->fw_capabilities)) {
1281 		wil->max_agg_wsize = WIL_MAX_AGG_WSIZE_64;
1282 		wil->max_ampdu_size = WIL_MAX_AMPDU_SIZE_128;
1283 	} else {
1284 		wil->max_agg_wsize = WIL_MAX_AGG_WSIZE;
1285 		wil->max_ampdu_size = WIL_MAX_AMPDU_SIZE;
1286 	}
1287 
1288 	update_supported_bands(wil);
1289 }
1290 
1291 void wil_mbox_ring_le2cpus(struct wil6210_mbox_ring *r)
1292 {
1293 	le32_to_cpus(&r->base);
1294 	le16_to_cpus(&r->entry_size);
1295 	le16_to_cpus(&r->size);
1296 	le32_to_cpus(&r->tail);
1297 	le32_to_cpus(&r->head);
1298 }
1299 
1300 /* construct actual board file name to use */
1301 void wil_get_board_file(struct wil6210_priv *wil, char *buf, size_t len)
1302 {
1303 	const char *board_file;
1304 	const char *wil_talyn_fw_name = ftm_mode ? WIL_FW_NAME_FTM_TALYN :
1305 			      WIL_FW_NAME_TALYN;
1306 
1307 	if (wil->board_file) {
1308 		board_file = wil->board_file;
1309 	} else {
1310 		/* If specific FW file is used for Talyn,
1311 		 * use specific board file
1312 		 */
1313 		if (strcmp(wil->wil_fw_name, wil_talyn_fw_name) == 0)
1314 			board_file = WIL_BRD_NAME_TALYN;
1315 		else
1316 			board_file = WIL_BOARD_FILE_NAME;
1317 	}
1318 
1319 	strlcpy(buf, board_file, len);
1320 }
1321 
1322 static int wil_get_bl_info(struct wil6210_priv *wil)
1323 {
1324 	struct net_device *ndev = wil->main_ndev;
1325 	struct wiphy *wiphy = wil_to_wiphy(wil);
1326 	union {
1327 		struct bl_dedicated_registers_v0 bl0;
1328 		struct bl_dedicated_registers_v1 bl1;
1329 	} bl;
1330 	u32 bl_ver;
1331 	u8 *mac;
1332 	u16 rf_status;
1333 
1334 	wil_memcpy_fromio_32(&bl, wil->csr + HOSTADDR(RGF_USER_BL),
1335 			     sizeof(bl));
1336 	bl_ver = le32_to_cpu(bl.bl0.boot_loader_struct_version);
1337 	mac = bl.bl0.mac_address;
1338 
1339 	if (bl_ver == 0) {
1340 		le32_to_cpus(&bl.bl0.rf_type);
1341 		le32_to_cpus(&bl.bl0.baseband_type);
1342 		rf_status = 0; /* actually, unknown */
1343 		wil_info(wil,
1344 			 "Boot Loader struct v%d: MAC = %pM RF = 0x%08x bband = 0x%08x\n",
1345 			 bl_ver, mac,
1346 			 bl.bl0.rf_type, bl.bl0.baseband_type);
1347 		wil_info(wil, "Boot Loader build unknown for struct v0\n");
1348 	} else {
1349 		le16_to_cpus(&bl.bl1.rf_type);
1350 		rf_status = le16_to_cpu(bl.bl1.rf_status);
1351 		le32_to_cpus(&bl.bl1.baseband_type);
1352 		le16_to_cpus(&bl.bl1.bl_version_subminor);
1353 		le16_to_cpus(&bl.bl1.bl_version_build);
1354 		wil_info(wil,
1355 			 "Boot Loader struct v%d: MAC = %pM RF = 0x%04x (status 0x%04x) bband = 0x%08x\n",
1356 			 bl_ver, mac,
1357 			 bl.bl1.rf_type, rf_status,
1358 			 bl.bl1.baseband_type);
1359 		wil_info(wil, "Boot Loader build %d.%d.%d.%d\n",
1360 			 bl.bl1.bl_version_major, bl.bl1.bl_version_minor,
1361 			 bl.bl1.bl_version_subminor, bl.bl1.bl_version_build);
1362 	}
1363 
1364 	if (!is_valid_ether_addr(mac)) {
1365 		wil_err(wil, "BL: Invalid MAC %pM\n", mac);
1366 		return -EINVAL;
1367 	}
1368 
1369 	ether_addr_copy(ndev->perm_addr, mac);
1370 	ether_addr_copy(wiphy->perm_addr, mac);
1371 	if (!is_valid_ether_addr(ndev->dev_addr))
1372 		ether_addr_copy(ndev->dev_addr, mac);
1373 
1374 	if (rf_status) {/* bad RF cable? */
1375 		wil_err(wil, "RF communication error 0x%04x",
1376 			rf_status);
1377 		return -EAGAIN;
1378 	}
1379 
1380 	return 0;
1381 }
1382 
1383 static void wil_bl_crash_info(struct wil6210_priv *wil, bool is_err)
1384 {
1385 	u32 bl_assert_code, bl_assert_blink, bl_magic_number;
1386 	u32 bl_ver = wil_r(wil, RGF_USER_BL +
1387 			   offsetof(struct bl_dedicated_registers_v0,
1388 				    boot_loader_struct_version));
1389 
1390 	if (bl_ver < 2)
1391 		return;
1392 
1393 	bl_assert_code = wil_r(wil, RGF_USER_BL +
1394 			       offsetof(struct bl_dedicated_registers_v1,
1395 					bl_assert_code));
1396 	bl_assert_blink = wil_r(wil, RGF_USER_BL +
1397 				offsetof(struct bl_dedicated_registers_v1,
1398 					 bl_assert_blink));
1399 	bl_magic_number = wil_r(wil, RGF_USER_BL +
1400 				offsetof(struct bl_dedicated_registers_v1,
1401 					 bl_magic_number));
1402 
1403 	if (is_err) {
1404 		wil_err(wil,
1405 			"BL assert code 0x%08x blink 0x%08x magic 0x%08x\n",
1406 			bl_assert_code, bl_assert_blink, bl_magic_number);
1407 	} else {
1408 		wil_dbg_misc(wil,
1409 			     "BL assert code 0x%08x blink 0x%08x magic 0x%08x\n",
1410 			     bl_assert_code, bl_assert_blink, bl_magic_number);
1411 	}
1412 }
1413 
1414 static int wil_get_otp_info(struct wil6210_priv *wil)
1415 {
1416 	struct net_device *ndev = wil->main_ndev;
1417 	struct wiphy *wiphy = wil_to_wiphy(wil);
1418 	u8 mac[8];
1419 	int mac_addr;
1420 
1421 	/* OEM MAC has precedence */
1422 	mac_addr = RGF_OTP_OEM_MAC;
1423 	wil_memcpy_fromio_32(mac, wil->csr + HOSTADDR(mac_addr), sizeof(mac));
1424 
1425 	if (is_valid_ether_addr(mac)) {
1426 		wil_info(wil, "using OEM MAC %pM\n", mac);
1427 	} else {
1428 		if (wil->hw_version >= HW_VER_TALYN_MB)
1429 			mac_addr = RGF_OTP_MAC_TALYN_MB;
1430 		else
1431 			mac_addr = RGF_OTP_MAC;
1432 
1433 		wil_memcpy_fromio_32(mac, wil->csr + HOSTADDR(mac_addr),
1434 				     sizeof(mac));
1435 	}
1436 
1437 	if (!is_valid_ether_addr(mac)) {
1438 		wil_err(wil, "Invalid MAC %pM\n", mac);
1439 		return -EINVAL;
1440 	}
1441 
1442 	ether_addr_copy(ndev->perm_addr, mac);
1443 	ether_addr_copy(wiphy->perm_addr, mac);
1444 	if (!is_valid_ether_addr(ndev->dev_addr))
1445 		ether_addr_copy(ndev->dev_addr, mac);
1446 
1447 	return 0;
1448 }
1449 
1450 static int wil_wait_for_fw_ready(struct wil6210_priv *wil)
1451 {
1452 	ulong to = msecs_to_jiffies(2000);
1453 	ulong left = wait_for_completion_timeout(&wil->wmi_ready, to);
1454 
1455 	if (0 == left) {
1456 		wil_err(wil, "Firmware not ready\n");
1457 		return -ETIME;
1458 	} else {
1459 		wil_info(wil, "FW ready after %d ms. HW version 0x%08x\n",
1460 			 jiffies_to_msecs(to-left), wil->hw_version);
1461 	}
1462 	return 0;
1463 }
1464 
1465 void wil_abort_scan(struct wil6210_vif *vif, bool sync)
1466 {
1467 	struct wil6210_priv *wil = vif_to_wil(vif);
1468 	int rc;
1469 	struct cfg80211_scan_info info = {
1470 		.aborted = true,
1471 	};
1472 
1473 	lockdep_assert_held(&wil->vif_mutex);
1474 
1475 	if (!vif->scan_request)
1476 		return;
1477 
1478 	wil_dbg_misc(wil, "Abort scan_request 0x%p\n", vif->scan_request);
1479 	del_timer_sync(&vif->scan_timer);
1480 	mutex_unlock(&wil->vif_mutex);
1481 	rc = wmi_abort_scan(vif);
1482 	if (!rc && sync)
1483 		wait_event_interruptible_timeout(wil->wq, !vif->scan_request,
1484 						 msecs_to_jiffies(
1485 						 WAIT_FOR_SCAN_ABORT_MS));
1486 
1487 	mutex_lock(&wil->vif_mutex);
1488 	if (vif->scan_request) {
1489 		cfg80211_scan_done(vif->scan_request, &info);
1490 		vif->scan_request = NULL;
1491 	}
1492 }
1493 
1494 void wil_abort_scan_all_vifs(struct wil6210_priv *wil, bool sync)
1495 {
1496 	int i;
1497 
1498 	lockdep_assert_held(&wil->vif_mutex);
1499 
1500 	for (i = 0; i < GET_MAX_VIFS(wil); i++) {
1501 		struct wil6210_vif *vif = wil->vifs[i];
1502 
1503 		if (vif)
1504 			wil_abort_scan(vif, sync);
1505 	}
1506 }
1507 
1508 int wil_ps_update(struct wil6210_priv *wil, enum wmi_ps_profile_type ps_profile)
1509 {
1510 	int rc;
1511 
1512 	if (!test_bit(WMI_FW_CAPABILITY_PS_CONFIG, wil->fw_capabilities)) {
1513 		wil_err(wil, "set_power_mgmt not supported\n");
1514 		return -EOPNOTSUPP;
1515 	}
1516 
1517 	rc  = wmi_ps_dev_profile_cfg(wil, ps_profile);
1518 	if (rc)
1519 		wil_err(wil, "wmi_ps_dev_profile_cfg failed (%d)\n", rc);
1520 	else
1521 		wil->ps_profile = ps_profile;
1522 
1523 	return rc;
1524 }
1525 
1526 static void wil_pre_fw_config(struct wil6210_priv *wil)
1527 {
1528 	wil_clear_fw_log_addr(wil);
1529 	/* Mark FW as loaded from host */
1530 	wil_s(wil, RGF_USER_USAGE_6, 1);
1531 
1532 	/* clear any interrupts which on-card-firmware
1533 	 * may have set
1534 	 */
1535 	wil6210_clear_irq(wil);
1536 	/* CAF_ICR - clear and mask */
1537 	/* it is W1C, clear by writing back same value */
1538 	if (wil->hw_version < HW_VER_TALYN_MB) {
1539 		wil_s(wil, RGF_CAF_ICR + offsetof(struct RGF_ICR, ICR), 0);
1540 		wil_w(wil, RGF_CAF_ICR + offsetof(struct RGF_ICR, IMV), ~0);
1541 	}
1542 	/* clear PAL_UNIT_ICR (potential D0->D3 leftover)
1543 	 * In Talyn-MB host cannot access this register due to
1544 	 * access control, hence PAL_UNIT_ICR is cleared by the FW
1545 	 */
1546 	if (wil->hw_version < HW_VER_TALYN_MB)
1547 		wil_s(wil, RGF_PAL_UNIT_ICR + offsetof(struct RGF_ICR, ICR),
1548 		      0);
1549 
1550 	if (wil->fw_calib_result > 0) {
1551 		__le32 val = cpu_to_le32(wil->fw_calib_result |
1552 						(CALIB_RESULT_SIGNATURE << 8));
1553 		wil_w(wil, RGF_USER_FW_CALIB_RESULT, (u32 __force)val);
1554 	}
1555 }
1556 
1557 static int wil_restore_vifs(struct wil6210_priv *wil)
1558 {
1559 	struct wil6210_vif *vif;
1560 	struct net_device *ndev;
1561 	struct wireless_dev *wdev;
1562 	int i, rc;
1563 
1564 	for (i = 0; i < GET_MAX_VIFS(wil); i++) {
1565 		vif = wil->vifs[i];
1566 		if (!vif)
1567 			continue;
1568 		vif->ap_isolate = 0;
1569 		if (vif->mid) {
1570 			ndev = vif_to_ndev(vif);
1571 			wdev = vif_to_wdev(vif);
1572 			rc = wmi_port_allocate(wil, vif->mid, ndev->dev_addr,
1573 					       wdev->iftype);
1574 			if (rc) {
1575 				wil_err(wil, "fail to restore VIF %d type %d, rc %d\n",
1576 					i, wdev->iftype, rc);
1577 				return rc;
1578 			}
1579 		}
1580 	}
1581 
1582 	return 0;
1583 }
1584 
1585 /*
1586  * Clear FW and ucode log start addr to indicate FW log is not ready. The host
1587  * driver clears the addresses before FW starts and FW initializes the address
1588  * when it is ready to send logs.
1589  */
1590 void wil_clear_fw_log_addr(struct wil6210_priv *wil)
1591 {
1592 	/* FW log addr */
1593 	wil_w(wil, RGF_USER_USAGE_1, 0);
1594 	/* ucode log addr */
1595 	wil_w(wil, RGF_USER_USAGE_2, 0);
1596 	wil_dbg_misc(wil, "Cleared FW and ucode log address");
1597 }
1598 
1599 /*
1600  * We reset all the structures, and we reset the UMAC.
1601  * After calling this routine, you're expected to reload
1602  * the firmware.
1603  */
1604 int wil_reset(struct wil6210_priv *wil, bool load_fw)
1605 {
1606 	int rc, i;
1607 	unsigned long status_flags = BIT(wil_status_resetting);
1608 	int no_flash;
1609 	struct wil6210_vif *vif;
1610 
1611 	wil_dbg_misc(wil, "reset\n");
1612 
1613 	WARN_ON(!mutex_is_locked(&wil->mutex));
1614 	WARN_ON(test_bit(wil_status_napi_en, wil->status));
1615 
1616 	if (debug_fw) {
1617 		static const u8 mac[ETH_ALEN] = {
1618 			0x00, 0xde, 0xad, 0x12, 0x34, 0x56,
1619 		};
1620 		struct net_device *ndev = wil->main_ndev;
1621 
1622 		ether_addr_copy(ndev->perm_addr, mac);
1623 		ether_addr_copy(ndev->dev_addr, ndev->perm_addr);
1624 		return 0;
1625 	}
1626 
1627 	if (wil->hw_version == HW_VER_UNKNOWN)
1628 		return -ENODEV;
1629 
1630 	if (test_bit(WIL_PLATFORM_CAPA_T_PWR_ON_0, wil->platform_capa) &&
1631 	    wil->hw_version < HW_VER_TALYN_MB) {
1632 		wil_dbg_misc(wil, "Notify FW to set T_POWER_ON=0\n");
1633 		wil_s(wil, RGF_USER_USAGE_8, BIT_USER_SUPPORT_T_POWER_ON_0);
1634 	}
1635 
1636 	if (test_bit(WIL_PLATFORM_CAPA_EXT_CLK, wil->platform_capa)) {
1637 		wil_dbg_misc(wil, "Notify FW on ext clock configuration\n");
1638 		wil_s(wil, RGF_USER_USAGE_8, BIT_USER_EXT_CLK);
1639 	}
1640 
1641 	if (wil->platform_ops.notify) {
1642 		rc = wil->platform_ops.notify(wil->platform_handle,
1643 					      WIL_PLATFORM_EVT_PRE_RESET);
1644 		if (rc)
1645 			wil_err(wil, "PRE_RESET platform notify failed, rc %d\n",
1646 				rc);
1647 	}
1648 
1649 	set_bit(wil_status_resetting, wil->status);
1650 	mutex_lock(&wil->vif_mutex);
1651 	wil_abort_scan_all_vifs(wil, false);
1652 	mutex_unlock(&wil->vif_mutex);
1653 
1654 	for (i = 0; i < GET_MAX_VIFS(wil); i++) {
1655 		vif = wil->vifs[i];
1656 		if (vif) {
1657 			cancel_work_sync(&vif->disconnect_worker);
1658 			wil6210_disconnect(vif, NULL,
1659 					   WLAN_REASON_DEAUTH_LEAVING);
1660 			vif->ptk_rekey_state = WIL_REKEY_IDLE;
1661 		}
1662 	}
1663 	wil_bcast_fini_all(wil);
1664 
1665 	/* Disable device led before reset*/
1666 	wmi_led_cfg(wil, false);
1667 
1668 	/* prevent NAPI from being scheduled and prevent wmi commands */
1669 	mutex_lock(&wil->wmi_mutex);
1670 	if (test_bit(wil_status_suspending, wil->status))
1671 		status_flags |= BIT(wil_status_suspending);
1672 	bitmap_and(wil->status, wil->status, &status_flags,
1673 		   wil_status_last);
1674 	wil_dbg_misc(wil, "wil->status (0x%lx)\n", *wil->status);
1675 	mutex_unlock(&wil->wmi_mutex);
1676 
1677 	wil_mask_irq(wil);
1678 
1679 	wmi_event_flush(wil);
1680 
1681 	flush_workqueue(wil->wq_service);
1682 	flush_workqueue(wil->wmi_wq);
1683 
1684 	no_flash = test_bit(hw_capa_no_flash, wil->hw_capa);
1685 	if (!no_flash)
1686 		wil_bl_crash_info(wil, false);
1687 	wil_disable_irq(wil);
1688 	rc = wil_target_reset(wil, no_flash);
1689 	wil6210_clear_irq(wil);
1690 	wil_enable_irq(wil);
1691 	wil->txrx_ops.rx_fini(wil);
1692 	wil->txrx_ops.tx_fini(wil);
1693 	if (rc) {
1694 		if (!no_flash)
1695 			wil_bl_crash_info(wil, true);
1696 		goto out;
1697 	}
1698 
1699 	if (no_flash) {
1700 		rc = wil_get_otp_info(wil);
1701 	} else {
1702 		rc = wil_get_bl_info(wil);
1703 		if (rc == -EAGAIN && !load_fw)
1704 			/* ignore RF error if not going up */
1705 			rc = 0;
1706 	}
1707 	if (rc)
1708 		goto out;
1709 
1710 	wil_set_oob_mode(wil, oob_mode);
1711 	if (load_fw) {
1712 		char board_file[WIL_BOARD_FILE_MAX_NAMELEN];
1713 
1714 		if  (wil->secured_boot) {
1715 			wil_err(wil, "secured boot is not supported\n");
1716 			return -ENOTSUPP;
1717 		}
1718 
1719 		board_file[0] = '\0';
1720 		wil_get_board_file(wil, board_file, sizeof(board_file));
1721 		wil_info(wil, "Use firmware <%s> + board <%s>\n",
1722 			 wil->wil_fw_name, board_file);
1723 
1724 		if (!no_flash)
1725 			wil_bl_prepare_halt(wil);
1726 
1727 		wil_halt_cpu(wil);
1728 		memset(wil->fw_version, 0, sizeof(wil->fw_version));
1729 		/* Loading f/w from the file */
1730 		rc = wil_request_firmware(wil, wil->wil_fw_name, true);
1731 		if (rc)
1732 			goto out;
1733 		if (wil->num_of_brd_entries)
1734 			rc = wil_request_board(wil, board_file);
1735 		else
1736 			rc = wil_request_firmware(wil, board_file, true);
1737 		if (rc)
1738 			goto out;
1739 
1740 		wil_pre_fw_config(wil);
1741 		wil_release_cpu(wil);
1742 	}
1743 
1744 	/* init after reset */
1745 	reinit_completion(&wil->wmi_ready);
1746 	reinit_completion(&wil->wmi_call);
1747 	reinit_completion(&wil->halp.comp);
1748 
1749 	clear_bit(wil_status_resetting, wil->status);
1750 
1751 	if (load_fw) {
1752 		wil_unmask_irq(wil);
1753 
1754 		/* we just started MAC, wait for FW ready */
1755 		rc = wil_wait_for_fw_ready(wil);
1756 		if (rc)
1757 			return rc;
1758 
1759 		/* check FW is responsive */
1760 		rc = wmi_echo(wil);
1761 		if (rc) {
1762 			wil_err(wil, "wmi_echo failed, rc %d\n", rc);
1763 			return rc;
1764 		}
1765 
1766 		wil->txrx_ops.configure_interrupt_moderation(wil);
1767 
1768 		/* Enable OFU rdy valid bug fix, to prevent hang in oful34_rx
1769 		 * while there is back-pressure from Host during RX
1770 		 */
1771 		if (wil->hw_version >= HW_VER_TALYN_MB)
1772 			wil_s(wil, RGF_DMA_MISC_CTL,
1773 			      BIT_OFUL34_RDY_VALID_BUG_FIX_EN);
1774 
1775 		rc = wil_restore_vifs(wil);
1776 		if (rc) {
1777 			wil_err(wil, "failed to restore vifs, rc %d\n", rc);
1778 			return rc;
1779 		}
1780 
1781 		wil_collect_fw_info(wil);
1782 
1783 		if (wil->ps_profile != WMI_PS_PROFILE_TYPE_DEFAULT)
1784 			wil_ps_update(wil, wil->ps_profile);
1785 
1786 		if (wil->platform_ops.notify) {
1787 			rc = wil->platform_ops.notify(wil->platform_handle,
1788 						      WIL_PLATFORM_EVT_FW_RDY);
1789 			if (rc) {
1790 				wil_err(wil, "FW_RDY notify failed, rc %d\n",
1791 					rc);
1792 				rc = 0;
1793 			}
1794 		}
1795 	}
1796 
1797 	return rc;
1798 
1799 out:
1800 	clear_bit(wil_status_resetting, wil->status);
1801 	return rc;
1802 }
1803 
1804 void wil_fw_error_recovery(struct wil6210_priv *wil)
1805 {
1806 	wil_dbg_misc(wil, "starting fw error recovery\n");
1807 
1808 	if (test_bit(wil_status_resetting, wil->status)) {
1809 		wil_info(wil, "Reset already in progress\n");
1810 		return;
1811 	}
1812 
1813 	wil->recovery_state = fw_recovery_pending;
1814 	schedule_work(&wil->fw_error_worker);
1815 }
1816 
1817 int __wil_up(struct wil6210_priv *wil)
1818 {
1819 	struct net_device *ndev = wil->main_ndev;
1820 	struct wireless_dev *wdev = ndev->ieee80211_ptr;
1821 	int rc;
1822 
1823 	WARN_ON(!mutex_is_locked(&wil->mutex));
1824 
1825 	down_write(&wil->mem_lock);
1826 	rc = wil_reset(wil, true);
1827 	up_write(&wil->mem_lock);
1828 	if (rc)
1829 		return rc;
1830 
1831 	/* Rx RING. After MAC and beacon */
1832 	if (rx_ring_order == 0)
1833 		rx_ring_order = wil->hw_version < HW_VER_TALYN_MB ?
1834 			WIL_RX_RING_SIZE_ORDER_DEFAULT :
1835 			WIL_RX_RING_SIZE_ORDER_TALYN_DEFAULT;
1836 
1837 	rc = wil->txrx_ops.rx_init(wil, rx_ring_order);
1838 	if (rc)
1839 		return rc;
1840 
1841 	rc = wil->txrx_ops.tx_init(wil);
1842 	if (rc)
1843 		return rc;
1844 
1845 	switch (wdev->iftype) {
1846 	case NL80211_IFTYPE_STATION:
1847 		wil_dbg_misc(wil, "type: STATION\n");
1848 		ndev->type = ARPHRD_ETHER;
1849 		break;
1850 	case NL80211_IFTYPE_AP:
1851 		wil_dbg_misc(wil, "type: AP\n");
1852 		ndev->type = ARPHRD_ETHER;
1853 		break;
1854 	case NL80211_IFTYPE_P2P_CLIENT:
1855 		wil_dbg_misc(wil, "type: P2P_CLIENT\n");
1856 		ndev->type = ARPHRD_ETHER;
1857 		break;
1858 	case NL80211_IFTYPE_P2P_GO:
1859 		wil_dbg_misc(wil, "type: P2P_GO\n");
1860 		ndev->type = ARPHRD_ETHER;
1861 		break;
1862 	case NL80211_IFTYPE_MONITOR:
1863 		wil_dbg_misc(wil, "type: Monitor\n");
1864 		ndev->type = ARPHRD_IEEE80211_RADIOTAP;
1865 		/* ARPHRD_IEEE80211 or ARPHRD_IEEE80211_RADIOTAP ? */
1866 		break;
1867 	default:
1868 		return -EOPNOTSUPP;
1869 	}
1870 
1871 	/* MAC address - pre-requisite for other commands */
1872 	wmi_set_mac_address(wil, ndev->dev_addr);
1873 
1874 	wil_dbg_misc(wil, "NAPI enable\n");
1875 	napi_enable(&wil->napi_rx);
1876 	napi_enable(&wil->napi_tx);
1877 	set_bit(wil_status_napi_en, wil->status);
1878 
1879 	wil6210_bus_request(wil, WIL_DEFAULT_BUS_REQUEST_KBPS);
1880 
1881 	return 0;
1882 }
1883 
1884 int wil_up(struct wil6210_priv *wil)
1885 {
1886 	int rc;
1887 
1888 	wil_dbg_misc(wil, "up\n");
1889 
1890 	mutex_lock(&wil->mutex);
1891 	rc = __wil_up(wil);
1892 	mutex_unlock(&wil->mutex);
1893 
1894 	return rc;
1895 }
1896 
1897 int __wil_down(struct wil6210_priv *wil)
1898 {
1899 	int rc;
1900 	WARN_ON(!mutex_is_locked(&wil->mutex));
1901 
1902 	set_bit(wil_status_resetting, wil->status);
1903 
1904 	wil6210_bus_request(wil, 0);
1905 
1906 	wil_disable_irq(wil);
1907 	if (test_and_clear_bit(wil_status_napi_en, wil->status)) {
1908 		napi_disable(&wil->napi_rx);
1909 		napi_disable(&wil->napi_tx);
1910 		wil_dbg_misc(wil, "NAPI disable\n");
1911 	}
1912 	wil_enable_irq(wil);
1913 
1914 	mutex_lock(&wil->vif_mutex);
1915 	wil_p2p_stop_radio_operations(wil);
1916 	wil_abort_scan_all_vifs(wil, false);
1917 	mutex_unlock(&wil->vif_mutex);
1918 
1919 	down_write(&wil->mem_lock);
1920 	rc = wil_reset(wil, false);
1921 	up_write(&wil->mem_lock);
1922 
1923 	return rc;
1924 }
1925 
1926 int wil_down(struct wil6210_priv *wil)
1927 {
1928 	int rc;
1929 
1930 	wil_dbg_misc(wil, "down\n");
1931 
1932 	wil_set_recovery_state(wil, fw_recovery_idle);
1933 	mutex_lock(&wil->mutex);
1934 	rc = __wil_down(wil);
1935 	mutex_unlock(&wil->mutex);
1936 
1937 	return rc;
1938 }
1939 
1940 int wil_find_cid(struct wil6210_priv *wil, u8 mid, const u8 *mac)
1941 {
1942 	int i;
1943 	int rc = -ENOENT;
1944 
1945 	for (i = 0; i < wil->max_assoc_sta; i++) {
1946 		if (wil->sta[i].mid == mid &&
1947 		    wil->sta[i].status != wil_sta_unused &&
1948 		    ether_addr_equal(wil->sta[i].addr, mac)) {
1949 			rc = i;
1950 			break;
1951 		}
1952 	}
1953 
1954 	return rc;
1955 }
1956 
1957 void wil_halp_vote(struct wil6210_priv *wil)
1958 {
1959 	unsigned long rc;
1960 	unsigned long to_jiffies = msecs_to_jiffies(WAIT_FOR_HALP_VOTE_MS);
1961 
1962 	if (wil->hw_version >= HW_VER_TALYN_MB)
1963 		return;
1964 
1965 	mutex_lock(&wil->halp.lock);
1966 
1967 	wil_dbg_irq(wil, "halp_vote: start, HALP ref_cnt (%d)\n",
1968 		    wil->halp.ref_cnt);
1969 
1970 	if (++wil->halp.ref_cnt == 1) {
1971 		reinit_completion(&wil->halp.comp);
1972 		/* mark to IRQ context to handle HALP ICR */
1973 		wil->halp.handle_icr = true;
1974 		wil6210_set_halp(wil);
1975 		rc = wait_for_completion_timeout(&wil->halp.comp, to_jiffies);
1976 		if (!rc) {
1977 			wil_err(wil, "HALP vote timed out\n");
1978 			/* Mask HALP as done in case the interrupt is raised */
1979 			wil->halp.handle_icr = false;
1980 			wil6210_mask_halp(wil);
1981 		} else {
1982 			wil_dbg_irq(wil,
1983 				    "halp_vote: HALP vote completed after %d ms\n",
1984 				    jiffies_to_msecs(to_jiffies - rc));
1985 		}
1986 	}
1987 
1988 	wil_dbg_irq(wil, "halp_vote: end, HALP ref_cnt (%d)\n",
1989 		    wil->halp.ref_cnt);
1990 
1991 	mutex_unlock(&wil->halp.lock);
1992 }
1993 
1994 void wil_halp_unvote(struct wil6210_priv *wil)
1995 {
1996 	if (wil->hw_version >= HW_VER_TALYN_MB)
1997 		return;
1998 
1999 	WARN_ON(wil->halp.ref_cnt == 0);
2000 
2001 	mutex_lock(&wil->halp.lock);
2002 
2003 	wil_dbg_irq(wil, "halp_unvote: start, HALP ref_cnt (%d)\n",
2004 		    wil->halp.ref_cnt);
2005 
2006 	if (--wil->halp.ref_cnt == 0) {
2007 		wil6210_clear_halp(wil);
2008 		wil_dbg_irq(wil, "HALP unvote\n");
2009 	}
2010 
2011 	wil_dbg_irq(wil, "halp_unvote:end, HALP ref_cnt (%d)\n",
2012 		    wil->halp.ref_cnt);
2013 
2014 	mutex_unlock(&wil->halp.lock);
2015 }
2016 
2017 void wil_init_txrx_ops(struct wil6210_priv *wil)
2018 {
2019 	if (wil->use_enhanced_dma_hw)
2020 		wil_init_txrx_ops_edma(wil);
2021 	else
2022 		wil_init_txrx_ops_legacy_dma(wil);
2023 }
2024