1 // SPDX-License-Identifier: ISC
2 /*
3  * Copyright (c) 2012-2017 Qualcomm Atheros, Inc.
4  * Copyright (c) 2018-2019, The Linux Foundation. All rights reserved.
5  */
6 
7 #include <linux/moduleparam.h>
8 #include <linux/if_arp.h>
9 #include <linux/etherdevice.h>
10 #include <linux/rtnetlink.h>
11 
12 #include "wil6210.h"
13 #include "txrx.h"
14 #include "txrx_edma.h"
15 #include "wmi.h"
16 #include "boot_loader.h"
17 
18 #define WAIT_FOR_HALP_VOTE_MS 100
19 #define WAIT_FOR_SCAN_ABORT_MS 1000
20 #define WIL_DEFAULT_NUM_RX_STATUS_RINGS 1
21 #define WIL_BOARD_FILE_MAX_NAMELEN 128
22 
23 bool debug_fw; /* = false; */
24 module_param(debug_fw, bool, 0444);
25 MODULE_PARM_DESC(debug_fw, " do not perform card reset. For FW debug");
26 
27 static u8 oob_mode;
28 module_param(oob_mode, byte, 0444);
29 MODULE_PARM_DESC(oob_mode,
30 		 " enable out of the box (OOB) mode in FW, for diagnostics and certification");
31 
32 bool no_fw_recovery;
33 module_param(no_fw_recovery, bool, 0644);
34 MODULE_PARM_DESC(no_fw_recovery, " disable automatic FW error recovery");
35 
36 /* if not set via modparam, will be set to default value of 1/8 of
37  * rx ring size during init flow
38  */
39 unsigned short rx_ring_overflow_thrsh = WIL6210_RX_HIGH_TRSH_INIT;
40 module_param(rx_ring_overflow_thrsh, ushort, 0444);
41 MODULE_PARM_DESC(rx_ring_overflow_thrsh,
42 		 " RX ring overflow threshold in descriptors.");
43 
44 /* We allow allocation of more than 1 page buffers to support large packets.
45  * It is suboptimal behavior performance wise in case MTU above page size.
46  */
47 unsigned int mtu_max = TXRX_BUF_LEN_DEFAULT - WIL_MAX_MPDU_OVERHEAD;
48 static int mtu_max_set(const char *val, const struct kernel_param *kp)
49 {
50 	int ret;
51 
52 	/* sets mtu_max directly. no need to restore it in case of
53 	 * illegal value since we assume this will fail insmod
54 	 */
55 	ret = param_set_uint(val, kp);
56 	if (ret)
57 		return ret;
58 
59 	if (mtu_max < 68 || mtu_max > WIL_MAX_ETH_MTU)
60 		ret = -EINVAL;
61 
62 	return ret;
63 }
64 
65 static const struct kernel_param_ops mtu_max_ops = {
66 	.set = mtu_max_set,
67 	.get = param_get_uint,
68 };
69 
70 module_param_cb(mtu_max, &mtu_max_ops, &mtu_max, 0444);
71 MODULE_PARM_DESC(mtu_max, " Max MTU value.");
72 
73 static uint rx_ring_order;
74 static uint tx_ring_order = WIL_TX_RING_SIZE_ORDER_DEFAULT;
75 static uint bcast_ring_order = WIL_BCAST_RING_SIZE_ORDER_DEFAULT;
76 
77 static int ring_order_set(const char *val, const struct kernel_param *kp)
78 {
79 	int ret;
80 	uint x;
81 
82 	ret = kstrtouint(val, 0, &x);
83 	if (ret)
84 		return ret;
85 
86 	if ((x < WIL_RING_SIZE_ORDER_MIN) || (x > WIL_RING_SIZE_ORDER_MAX))
87 		return -EINVAL;
88 
89 	*((uint *)kp->arg) = x;
90 
91 	return 0;
92 }
93 
94 static const struct kernel_param_ops ring_order_ops = {
95 	.set = ring_order_set,
96 	.get = param_get_uint,
97 };
98 
99 module_param_cb(rx_ring_order, &ring_order_ops, &rx_ring_order, 0444);
100 MODULE_PARM_DESC(rx_ring_order, " Rx ring order; size = 1 << order");
101 module_param_cb(tx_ring_order, &ring_order_ops, &tx_ring_order, 0444);
102 MODULE_PARM_DESC(tx_ring_order, " Tx ring order; size = 1 << order");
103 module_param_cb(bcast_ring_order, &ring_order_ops, &bcast_ring_order, 0444);
104 MODULE_PARM_DESC(bcast_ring_order, " Bcast ring order; size = 1 << order");
105 
106 enum {
107 	WIL_BOOT_ERR,
108 	WIL_BOOT_VANILLA,
109 	WIL_BOOT_PRODUCTION,
110 	WIL_BOOT_DEVELOPMENT,
111 };
112 
113 enum {
114 	WIL_SIG_STATUS_VANILLA = 0x0,
115 	WIL_SIG_STATUS_DEVELOPMENT = 0x1,
116 	WIL_SIG_STATUS_PRODUCTION = 0x2,
117 	WIL_SIG_STATUS_CORRUPTED_PRODUCTION = 0x3,
118 };
119 
120 #define RST_DELAY (20) /* msec, for loop in @wil_wait_device_ready */
121 #define RST_COUNT (1 + 1000/RST_DELAY) /* round up to be above 1 sec total */
122 
123 #define PMU_READY_DELAY_MS (4) /* ms, for sleep in @wil_wait_device_ready */
124 
125 #define OTP_HW_DELAY (200) /* usec, loop in @wil_wait_device_ready_talyn_mb */
126 /* round up to be above 2 ms total */
127 #define OTP_HW_COUNT (1 + 2000 / OTP_HW_DELAY)
128 
129 /*
130  * Due to a hardware issue,
131  * one has to read/write to/from NIC in 32-bit chunks;
132  * regular memcpy_fromio and siblings will
133  * not work on 64-bit platform - it uses 64-bit transactions
134  *
135  * Force 32-bit transactions to enable NIC on 64-bit platforms
136  *
137  * To avoid byte swap on big endian host, __raw_{read|write}l
138  * should be used - {read|write}l would swap bytes to provide
139  * little endian on PCI value in host endianness.
140  */
141 void wil_memcpy_fromio_32(void *dst, const volatile void __iomem *src,
142 			  size_t count)
143 {
144 	u32 *d = dst;
145 	const volatile u32 __iomem *s = src;
146 
147 	for (; count >= 4; count -= 4)
148 		*d++ = __raw_readl(s++);
149 
150 	if (unlikely(count)) {
151 		/* count can be 1..3 */
152 		u32 tmp = __raw_readl(s);
153 
154 		memcpy(d, &tmp, count);
155 	}
156 }
157 
158 void wil_memcpy_toio_32(volatile void __iomem *dst, const void *src,
159 			size_t count)
160 {
161 	volatile u32 __iomem *d = dst;
162 	const u32 *s = src;
163 
164 	for (; count >= 4; count -= 4)
165 		__raw_writel(*s++, d++);
166 
167 	if (unlikely(count)) {
168 		/* count can be 1..3 */
169 		u32 tmp = 0;
170 
171 		memcpy(&tmp, s, count);
172 		__raw_writel(tmp, d);
173 	}
174 }
175 
176 /* Device memory access is prohibited while reset or suspend.
177  * wil_mem_access_lock protects accessing device memory in these cases
178  */
179 int wil_mem_access_lock(struct wil6210_priv *wil)
180 {
181 	if (!down_read_trylock(&wil->mem_lock))
182 		return -EBUSY;
183 
184 	if (test_bit(wil_status_suspending, wil->status) ||
185 	    test_bit(wil_status_suspended, wil->status)) {
186 		up_read(&wil->mem_lock);
187 		return -EBUSY;
188 	}
189 
190 	return 0;
191 }
192 
193 void wil_mem_access_unlock(struct wil6210_priv *wil)
194 {
195 	up_read(&wil->mem_lock);
196 }
197 
198 static void wil_ring_fini_tx(struct wil6210_priv *wil, int id)
199 {
200 	struct wil_ring *ring = &wil->ring_tx[id];
201 	struct wil_ring_tx_data *txdata = &wil->ring_tx_data[id];
202 
203 	lockdep_assert_held(&wil->mutex);
204 
205 	if (!ring->va)
206 		return;
207 
208 	wil_dbg_misc(wil, "vring_fini_tx: id=%d\n", id);
209 
210 	spin_lock_bh(&txdata->lock);
211 	txdata->dot1x_open = false;
212 	txdata->mid = U8_MAX;
213 	txdata->enabled = 0; /* no Tx can be in progress or start anew */
214 	spin_unlock_bh(&txdata->lock);
215 	/* napi_synchronize waits for completion of the current NAPI but will
216 	 * not prevent the next NAPI run.
217 	 * Add a memory barrier to guarantee that txdata->enabled is zeroed
218 	 * before napi_synchronize so that the next scheduled NAPI will not
219 	 * handle this vring
220 	 */
221 	wmb();
222 	/* make sure NAPI won't touch this vring */
223 	if (test_bit(wil_status_napi_en, wil->status))
224 		napi_synchronize(&wil->napi_tx);
225 
226 	wil->txrx_ops.ring_fini_tx(wil, ring);
227 }
228 
229 static bool wil_vif_is_connected(struct wil6210_priv *wil, u8 mid)
230 {
231 	int i;
232 
233 	for (i = 0; i < wil->max_assoc_sta; i++) {
234 		if (wil->sta[i].mid == mid &&
235 		    wil->sta[i].status == wil_sta_connected)
236 			return true;
237 	}
238 
239 	return false;
240 }
241 
242 static void wil_disconnect_cid_complete(struct wil6210_vif *vif, int cid,
243 					u16 reason_code)
244 __acquires(&sta->tid_rx_lock) __releases(&sta->tid_rx_lock)
245 {
246 	uint i;
247 	struct wil6210_priv *wil = vif_to_wil(vif);
248 	struct net_device *ndev = vif_to_ndev(vif);
249 	struct wireless_dev *wdev = vif_to_wdev(vif);
250 	struct wil_sta_info *sta = &wil->sta[cid];
251 	int min_ring_id = wil_get_min_tx_ring_id(wil);
252 
253 	might_sleep();
254 	wil_dbg_misc(wil,
255 		     "disconnect_cid_complete: CID %d, MID %d, status %d\n",
256 		     cid, sta->mid, sta->status);
257 	/* inform upper layers */
258 	if (sta->status != wil_sta_unused) {
259 		if (vif->mid != sta->mid) {
260 			wil_err(wil, "STA MID mismatch with VIF MID(%d)\n",
261 				vif->mid);
262 		}
263 
264 		switch (wdev->iftype) {
265 		case NL80211_IFTYPE_AP:
266 		case NL80211_IFTYPE_P2P_GO:
267 			/* AP-like interface */
268 			cfg80211_del_sta(ndev, sta->addr, GFP_KERNEL);
269 			break;
270 		default:
271 			break;
272 		}
273 		sta->status = wil_sta_unused;
274 		sta->mid = U8_MAX;
275 	}
276 	/* reorder buffers */
277 	for (i = 0; i < WIL_STA_TID_NUM; i++) {
278 		struct wil_tid_ampdu_rx *r;
279 
280 		spin_lock_bh(&sta->tid_rx_lock);
281 
282 		r = sta->tid_rx[i];
283 		sta->tid_rx[i] = NULL;
284 		wil_tid_ampdu_rx_free(wil, r);
285 
286 		spin_unlock_bh(&sta->tid_rx_lock);
287 	}
288 	/* crypto context */
289 	memset(sta->tid_crypto_rx, 0, sizeof(sta->tid_crypto_rx));
290 	memset(&sta->group_crypto_rx, 0, sizeof(sta->group_crypto_rx));
291 	/* release vrings */
292 	for (i = min_ring_id; i < ARRAY_SIZE(wil->ring_tx); i++) {
293 		if (wil->ring2cid_tid[i][0] == cid)
294 			wil_ring_fini_tx(wil, i);
295 	}
296 	/* statistics */
297 	memset(&sta->stats, 0, sizeof(sta->stats));
298 	sta->stats.tx_latency_min_us = U32_MAX;
299 }
300 
301 static void _wil6210_disconnect_complete(struct wil6210_vif *vif,
302 					 const u8 *bssid, u16 reason_code)
303 {
304 	struct wil6210_priv *wil = vif_to_wil(vif);
305 	int cid = -ENOENT;
306 	struct net_device *ndev;
307 	struct wireless_dev *wdev;
308 
309 	ndev = vif_to_ndev(vif);
310 	wdev = vif_to_wdev(vif);
311 
312 	might_sleep();
313 	wil_info(wil, "disconnect_complete: bssid=%pM, reason=%d\n",
314 		 bssid, reason_code);
315 
316 	/* Cases are:
317 	 * - disconnect single STA, still connected
318 	 * - disconnect single STA, already disconnected
319 	 * - disconnect all
320 	 *
321 	 * For "disconnect all", there are 3 options:
322 	 * - bssid == NULL
323 	 * - bssid is broadcast address (ff:ff:ff:ff:ff:ff)
324 	 * - bssid is our MAC address
325 	 */
326 	if (bssid && !is_broadcast_ether_addr(bssid) &&
327 	    !ether_addr_equal_unaligned(ndev->dev_addr, bssid)) {
328 		cid = wil_find_cid(wil, vif->mid, bssid);
329 		wil_dbg_misc(wil,
330 			     "Disconnect complete %pM, CID=%d, reason=%d\n",
331 			     bssid, cid, reason_code);
332 		if (wil_cid_valid(wil, cid)) /* disconnect 1 peer */
333 			wil_disconnect_cid_complete(vif, cid, reason_code);
334 	} else { /* all */
335 		wil_dbg_misc(wil, "Disconnect complete all\n");
336 		for (cid = 0; cid < wil->max_assoc_sta; cid++)
337 			wil_disconnect_cid_complete(vif, cid, reason_code);
338 	}
339 
340 	/* link state */
341 	switch (wdev->iftype) {
342 	case NL80211_IFTYPE_STATION:
343 	case NL80211_IFTYPE_P2P_CLIENT:
344 		wil_bcast_fini(vif);
345 		wil_update_net_queues_bh(wil, vif, NULL, true);
346 		netif_carrier_off(ndev);
347 		if (!wil_has_other_active_ifaces(wil, ndev, false, true))
348 			wil6210_bus_request(wil, WIL_DEFAULT_BUS_REQUEST_KBPS);
349 
350 		if (test_and_clear_bit(wil_vif_fwconnected, vif->status)) {
351 			atomic_dec(&wil->connected_vifs);
352 			cfg80211_disconnected(ndev, reason_code,
353 					      NULL, 0,
354 					      vif->locally_generated_disc,
355 					      GFP_KERNEL);
356 			vif->locally_generated_disc = false;
357 		} else if (test_bit(wil_vif_fwconnecting, vif->status)) {
358 			cfg80211_connect_result(ndev, bssid, NULL, 0, NULL, 0,
359 						WLAN_STATUS_UNSPECIFIED_FAILURE,
360 						GFP_KERNEL);
361 			vif->bss = NULL;
362 		}
363 		clear_bit(wil_vif_fwconnecting, vif->status);
364 		clear_bit(wil_vif_ft_roam, vif->status);
365 		vif->ptk_rekey_state = WIL_REKEY_IDLE;
366 
367 		break;
368 	case NL80211_IFTYPE_AP:
369 	case NL80211_IFTYPE_P2P_GO:
370 		if (!wil_vif_is_connected(wil, vif->mid)) {
371 			wil_update_net_queues_bh(wil, vif, NULL, true);
372 			if (test_and_clear_bit(wil_vif_fwconnected,
373 					       vif->status))
374 				atomic_dec(&wil->connected_vifs);
375 		} else {
376 			wil_update_net_queues_bh(wil, vif, NULL, false);
377 		}
378 		break;
379 	default:
380 		break;
381 	}
382 }
383 
384 static int wil_disconnect_cid(struct wil6210_vif *vif, int cid,
385 			      u16 reason_code)
386 {
387 	struct wil6210_priv *wil = vif_to_wil(vif);
388 	struct wireless_dev *wdev = vif_to_wdev(vif);
389 	struct wil_sta_info *sta = &wil->sta[cid];
390 	bool del_sta = false;
391 
392 	might_sleep();
393 	wil_dbg_misc(wil, "disconnect_cid: CID %d, MID %d, status %d\n",
394 		     cid, sta->mid, sta->status);
395 
396 	if (sta->status == wil_sta_unused)
397 		return 0;
398 
399 	if (vif->mid != sta->mid) {
400 		wil_err(wil, "STA MID mismatch with VIF MID(%d)\n", vif->mid);
401 		return -EINVAL;
402 	}
403 
404 	/* inform lower layers */
405 	if (wdev->iftype == NL80211_IFTYPE_AP && disable_ap_sme)
406 		del_sta = true;
407 
408 	/* disconnect by sending command disconnect/del_sta and wait
409 	 * synchronously for WMI_DISCONNECT_EVENTID event.
410 	 */
411 	return wmi_disconnect_sta(vif, sta->addr, reason_code, del_sta);
412 }
413 
414 static void _wil6210_disconnect(struct wil6210_vif *vif, const u8 *bssid,
415 				u16 reason_code)
416 {
417 	struct wil6210_priv *wil;
418 	struct net_device *ndev;
419 	int cid = -ENOENT;
420 
421 	if (unlikely(!vif))
422 		return;
423 
424 	wil = vif_to_wil(vif);
425 	ndev = vif_to_ndev(vif);
426 
427 	might_sleep();
428 	wil_info(wil, "disconnect bssid=%pM, reason=%d\n", bssid, reason_code);
429 
430 	/* Cases are:
431 	 * - disconnect single STA, still connected
432 	 * - disconnect single STA, already disconnected
433 	 * - disconnect all
434 	 *
435 	 * For "disconnect all", there are 3 options:
436 	 * - bssid == NULL
437 	 * - bssid is broadcast address (ff:ff:ff:ff:ff:ff)
438 	 * - bssid is our MAC address
439 	 */
440 	if (bssid && !is_broadcast_ether_addr(bssid) &&
441 	    !ether_addr_equal_unaligned(ndev->dev_addr, bssid)) {
442 		cid = wil_find_cid(wil, vif->mid, bssid);
443 		wil_dbg_misc(wil, "Disconnect %pM, CID=%d, reason=%d\n",
444 			     bssid, cid, reason_code);
445 		if (wil_cid_valid(wil, cid)) /* disconnect 1 peer */
446 			wil_disconnect_cid(vif, cid, reason_code);
447 	} else { /* all */
448 		wil_dbg_misc(wil, "Disconnect all\n");
449 		for (cid = 0; cid < wil->max_assoc_sta; cid++)
450 			wil_disconnect_cid(vif, cid, reason_code);
451 	}
452 
453 	/* call event handler manually after processing wmi_call,
454 	 * to avoid deadlock - disconnect event handler acquires
455 	 * wil->mutex while it is already held here
456 	 */
457 	_wil6210_disconnect_complete(vif, bssid, reason_code);
458 }
459 
460 void wil_disconnect_worker(struct work_struct *work)
461 {
462 	struct wil6210_vif *vif = container_of(work,
463 			struct wil6210_vif, disconnect_worker);
464 	struct wil6210_priv *wil = vif_to_wil(vif);
465 	struct net_device *ndev = vif_to_ndev(vif);
466 	int rc;
467 	struct {
468 		struct wmi_cmd_hdr wmi;
469 		struct wmi_disconnect_event evt;
470 	} __packed reply;
471 
472 	if (test_bit(wil_vif_fwconnected, vif->status))
473 		/* connect succeeded after all */
474 		return;
475 
476 	if (!test_bit(wil_vif_fwconnecting, vif->status))
477 		/* already disconnected */
478 		return;
479 
480 	memset(&reply, 0, sizeof(reply));
481 
482 	rc = wmi_call(wil, WMI_DISCONNECT_CMDID, vif->mid, NULL, 0,
483 		      WMI_DISCONNECT_EVENTID, &reply, sizeof(reply),
484 		      WIL6210_DISCONNECT_TO_MS);
485 	if (rc) {
486 		wil_err(wil, "disconnect error %d\n", rc);
487 		return;
488 	}
489 
490 	wil_update_net_queues_bh(wil, vif, NULL, true);
491 	netif_carrier_off(ndev);
492 	cfg80211_connect_result(ndev, NULL, NULL, 0, NULL, 0,
493 				WLAN_STATUS_UNSPECIFIED_FAILURE, GFP_KERNEL);
494 	clear_bit(wil_vif_fwconnecting, vif->status);
495 }
496 
497 static int wil_wait_for_recovery(struct wil6210_priv *wil)
498 {
499 	if (wait_event_interruptible(wil->wq, wil->recovery_state !=
500 				     fw_recovery_pending)) {
501 		wil_err(wil, "Interrupt, canceling recovery\n");
502 		return -ERESTARTSYS;
503 	}
504 	if (wil->recovery_state != fw_recovery_running) {
505 		wil_info(wil, "Recovery cancelled\n");
506 		return -EINTR;
507 	}
508 	wil_info(wil, "Proceed with recovery\n");
509 	return 0;
510 }
511 
512 void wil_set_recovery_state(struct wil6210_priv *wil, int state)
513 {
514 	wil_dbg_misc(wil, "set_recovery_state: %d -> %d\n",
515 		     wil->recovery_state, state);
516 
517 	wil->recovery_state = state;
518 	wake_up_interruptible(&wil->wq);
519 }
520 
521 bool wil_is_recovery_blocked(struct wil6210_priv *wil)
522 {
523 	return no_fw_recovery && (wil->recovery_state == fw_recovery_pending);
524 }
525 
526 static void wil_fw_error_worker(struct work_struct *work)
527 {
528 	struct wil6210_priv *wil = container_of(work, struct wil6210_priv,
529 						fw_error_worker);
530 	struct net_device *ndev = wil->main_ndev;
531 	struct wireless_dev *wdev;
532 
533 	wil_dbg_misc(wil, "fw error worker\n");
534 
535 	if (!ndev || !(ndev->flags & IFF_UP)) {
536 		wil_info(wil, "No recovery - interface is down\n");
537 		return;
538 	}
539 	wdev = ndev->ieee80211_ptr;
540 
541 	/* increment @recovery_count if less then WIL6210_FW_RECOVERY_TO
542 	 * passed since last recovery attempt
543 	 */
544 	if (time_is_after_jiffies(wil->last_fw_recovery +
545 				  WIL6210_FW_RECOVERY_TO))
546 		wil->recovery_count++;
547 	else
548 		wil->recovery_count = 1; /* fw was alive for a long time */
549 
550 	if (wil->recovery_count > WIL6210_FW_RECOVERY_RETRIES) {
551 		wil_err(wil, "too many recovery attempts (%d), giving up\n",
552 			wil->recovery_count);
553 		return;
554 	}
555 
556 	wil->last_fw_recovery = jiffies;
557 
558 	wil_info(wil, "fw error recovery requested (try %d)...\n",
559 		 wil->recovery_count);
560 	if (!no_fw_recovery)
561 		wil->recovery_state = fw_recovery_running;
562 	if (wil_wait_for_recovery(wil) != 0)
563 		return;
564 
565 	rtnl_lock();
566 	mutex_lock(&wil->mutex);
567 	/* Needs adaptation for multiple VIFs
568 	 * need to go over all VIFs and consider the appropriate
569 	 * recovery because each one can have different iftype.
570 	 */
571 	switch (wdev->iftype) {
572 	case NL80211_IFTYPE_STATION:
573 	case NL80211_IFTYPE_P2P_CLIENT:
574 	case NL80211_IFTYPE_MONITOR:
575 		/* silent recovery, upper layers will see disconnect */
576 		__wil_down(wil);
577 		__wil_up(wil);
578 		break;
579 	case NL80211_IFTYPE_AP:
580 	case NL80211_IFTYPE_P2P_GO:
581 		if (no_fw_recovery) /* upper layers do recovery */
582 			break;
583 		/* silent recovery, upper layers will see disconnect */
584 		__wil_down(wil);
585 		__wil_up(wil);
586 		mutex_unlock(&wil->mutex);
587 		wil_cfg80211_ap_recovery(wil);
588 		mutex_lock(&wil->mutex);
589 		wil_info(wil, "... completed\n");
590 		break;
591 	default:
592 		wil_err(wil, "No recovery - unknown interface type %d\n",
593 			wdev->iftype);
594 		break;
595 	}
596 
597 	mutex_unlock(&wil->mutex);
598 	rtnl_unlock();
599 }
600 
601 static int wil_find_free_ring(struct wil6210_priv *wil)
602 {
603 	int i;
604 	int min_ring_id = wil_get_min_tx_ring_id(wil);
605 
606 	for (i = min_ring_id; i < WIL6210_MAX_TX_RINGS; i++) {
607 		if (!wil->ring_tx[i].va)
608 			return i;
609 	}
610 	return -EINVAL;
611 }
612 
613 int wil_ring_init_tx(struct wil6210_vif *vif, int cid)
614 {
615 	struct wil6210_priv *wil = vif_to_wil(vif);
616 	int rc = -EINVAL, ringid;
617 
618 	if (cid < 0) {
619 		wil_err(wil, "No connection pending\n");
620 		goto out;
621 	}
622 	ringid = wil_find_free_ring(wil);
623 	if (ringid < 0) {
624 		wil_err(wil, "No free vring found\n");
625 		goto out;
626 	}
627 
628 	wil_dbg_wmi(wil, "Configure for connection CID %d MID %d ring %d\n",
629 		    cid, vif->mid, ringid);
630 
631 	rc = wil->txrx_ops.ring_init_tx(vif, ringid, 1 << tx_ring_order,
632 					cid, 0);
633 	if (rc)
634 		wil_err(wil, "init TX for CID %d MID %d vring %d failed\n",
635 			cid, vif->mid, ringid);
636 
637 out:
638 	return rc;
639 }
640 
641 int wil_bcast_init(struct wil6210_vif *vif)
642 {
643 	struct wil6210_priv *wil = vif_to_wil(vif);
644 	int ri = vif->bcast_ring, rc;
645 
646 	if (ri >= 0 && wil->ring_tx[ri].va)
647 		return 0;
648 
649 	ri = wil_find_free_ring(wil);
650 	if (ri < 0)
651 		return ri;
652 
653 	vif->bcast_ring = ri;
654 	rc = wil->txrx_ops.ring_init_bcast(vif, ri, 1 << bcast_ring_order);
655 	if (rc)
656 		vif->bcast_ring = -1;
657 
658 	return rc;
659 }
660 
661 void wil_bcast_fini(struct wil6210_vif *vif)
662 {
663 	struct wil6210_priv *wil = vif_to_wil(vif);
664 	int ri = vif->bcast_ring;
665 
666 	if (ri < 0)
667 		return;
668 
669 	vif->bcast_ring = -1;
670 	wil_ring_fini_tx(wil, ri);
671 }
672 
673 void wil_bcast_fini_all(struct wil6210_priv *wil)
674 {
675 	int i;
676 	struct wil6210_vif *vif;
677 
678 	for (i = 0; i < GET_MAX_VIFS(wil); i++) {
679 		vif = wil->vifs[i];
680 		if (vif)
681 			wil_bcast_fini(vif);
682 	}
683 }
684 
685 int wil_priv_init(struct wil6210_priv *wil)
686 {
687 	uint i;
688 
689 	wil_dbg_misc(wil, "priv_init\n");
690 
691 	memset(wil->sta, 0, sizeof(wil->sta));
692 	for (i = 0; i < WIL6210_MAX_CID; i++) {
693 		spin_lock_init(&wil->sta[i].tid_rx_lock);
694 		wil->sta[i].mid = U8_MAX;
695 	}
696 
697 	for (i = 0; i < WIL6210_MAX_TX_RINGS; i++) {
698 		spin_lock_init(&wil->ring_tx_data[i].lock);
699 		wil->ring2cid_tid[i][0] = WIL6210_MAX_CID;
700 	}
701 
702 	mutex_init(&wil->mutex);
703 	mutex_init(&wil->vif_mutex);
704 	mutex_init(&wil->wmi_mutex);
705 	mutex_init(&wil->halp.lock);
706 
707 	init_completion(&wil->wmi_ready);
708 	init_completion(&wil->wmi_call);
709 	init_completion(&wil->halp.comp);
710 
711 	INIT_WORK(&wil->wmi_event_worker, wmi_event_worker);
712 	INIT_WORK(&wil->fw_error_worker, wil_fw_error_worker);
713 
714 	INIT_LIST_HEAD(&wil->pending_wmi_ev);
715 	spin_lock_init(&wil->wmi_ev_lock);
716 	spin_lock_init(&wil->net_queue_lock);
717 	spin_lock_init(&wil->eap_lock);
718 
719 	init_waitqueue_head(&wil->wq);
720 	init_rwsem(&wil->mem_lock);
721 
722 	wil->wmi_wq = create_singlethread_workqueue(WIL_NAME "_wmi");
723 	if (!wil->wmi_wq)
724 		return -EAGAIN;
725 
726 	wil->wq_service = create_singlethread_workqueue(WIL_NAME "_service");
727 	if (!wil->wq_service)
728 		goto out_wmi_wq;
729 
730 	wil->last_fw_recovery = jiffies;
731 	wil->tx_interframe_timeout = WIL6210_ITR_TX_INTERFRAME_TIMEOUT_DEFAULT;
732 	wil->rx_interframe_timeout = WIL6210_ITR_RX_INTERFRAME_TIMEOUT_DEFAULT;
733 	wil->tx_max_burst_duration = WIL6210_ITR_TX_MAX_BURST_DURATION_DEFAULT;
734 	wil->rx_max_burst_duration = WIL6210_ITR_RX_MAX_BURST_DURATION_DEFAULT;
735 
736 	if (rx_ring_overflow_thrsh == WIL6210_RX_HIGH_TRSH_INIT)
737 		rx_ring_overflow_thrsh = WIL6210_RX_HIGH_TRSH_DEFAULT;
738 
739 	wil->ps_profile =  WMI_PS_PROFILE_TYPE_DEFAULT;
740 
741 	wil->wakeup_trigger = WMI_WAKEUP_TRIGGER_UCAST |
742 			      WMI_WAKEUP_TRIGGER_BCAST;
743 	memset(&wil->suspend_stats, 0, sizeof(wil->suspend_stats));
744 	wil->ring_idle_trsh = 16;
745 
746 	wil->reply_mid = U8_MAX;
747 	wil->max_vifs = 1;
748 	wil->max_assoc_sta = max_assoc_sta;
749 
750 	/* edma configuration can be updated via debugfs before allocation */
751 	wil->num_rx_status_rings = WIL_DEFAULT_NUM_RX_STATUS_RINGS;
752 	wil->tx_status_ring_order = WIL_TX_SRING_SIZE_ORDER_DEFAULT;
753 
754 	/* Rx status ring size should be bigger than the number of RX buffers
755 	 * in order to prevent backpressure on the status ring, which may
756 	 * cause HW freeze.
757 	 */
758 	wil->rx_status_ring_order = WIL_RX_SRING_SIZE_ORDER_DEFAULT;
759 	/* Number of RX buffer IDs should be bigger than the RX descriptor
760 	 * ring size as in HW reorder flow, the HW can consume additional
761 	 * buffers before releasing the previous ones.
762 	 */
763 	wil->rx_buff_id_count = WIL_RX_BUFF_ARR_SIZE_DEFAULT;
764 
765 	wil->amsdu_en = true;
766 
767 	return 0;
768 
769 out_wmi_wq:
770 	destroy_workqueue(wil->wmi_wq);
771 
772 	return -EAGAIN;
773 }
774 
775 void wil6210_bus_request(struct wil6210_priv *wil, u32 kbps)
776 {
777 	if (wil->platform_ops.bus_request) {
778 		wil->bus_request_kbps = kbps;
779 		wil->platform_ops.bus_request(wil->platform_handle, kbps);
780 	}
781 }
782 
783 /**
784  * wil6210_disconnect - disconnect one connection
785  * @vif: virtual interface context
786  * @bssid: peer to disconnect, NULL to disconnect all
787  * @reason_code: Reason code for the Disassociation frame
788  *
789  * Disconnect and release associated resources. Issue WMI
790  * command(s) to trigger MAC disconnect. When command was issued
791  * successfully, call the wil6210_disconnect_complete function
792  * to handle the event synchronously
793  */
794 void wil6210_disconnect(struct wil6210_vif *vif, const u8 *bssid,
795 			u16 reason_code)
796 {
797 	struct wil6210_priv *wil = vif_to_wil(vif);
798 
799 	wil_dbg_misc(wil, "disconnecting\n");
800 
801 	del_timer_sync(&vif->connect_timer);
802 	_wil6210_disconnect(vif, bssid, reason_code);
803 }
804 
805 /**
806  * wil6210_disconnect_complete - handle disconnect event
807  * @vif: virtual interface context
808  * @bssid: peer to disconnect, NULL to disconnect all
809  * @reason_code: Reason code for the Disassociation frame
810  *
811  * Release associated resources and indicate upper layers the
812  * connection is terminated.
813  */
814 void wil6210_disconnect_complete(struct wil6210_vif *vif, const u8 *bssid,
815 				 u16 reason_code)
816 {
817 	struct wil6210_priv *wil = vif_to_wil(vif);
818 
819 	wil_dbg_misc(wil, "got disconnect\n");
820 
821 	del_timer_sync(&vif->connect_timer);
822 	_wil6210_disconnect_complete(vif, bssid, reason_code);
823 }
824 
825 void wil_priv_deinit(struct wil6210_priv *wil)
826 {
827 	wil_dbg_misc(wil, "priv_deinit\n");
828 
829 	wil_set_recovery_state(wil, fw_recovery_idle);
830 	cancel_work_sync(&wil->fw_error_worker);
831 	wmi_event_flush(wil);
832 	destroy_workqueue(wil->wq_service);
833 	destroy_workqueue(wil->wmi_wq);
834 	kfree(wil->brd_info);
835 }
836 
837 static void wil_shutdown_bl(struct wil6210_priv *wil)
838 {
839 	u32 val;
840 
841 	wil_s(wil, RGF_USER_BL +
842 	      offsetof(struct bl_dedicated_registers_v1,
843 		       bl_shutdown_handshake), BL_SHUTDOWN_HS_GRTD);
844 
845 	usleep_range(100, 150);
846 
847 	val = wil_r(wil, RGF_USER_BL +
848 		    offsetof(struct bl_dedicated_registers_v1,
849 			     bl_shutdown_handshake));
850 	if (val & BL_SHUTDOWN_HS_RTD) {
851 		wil_dbg_misc(wil, "BL is ready for halt\n");
852 		return;
853 	}
854 
855 	wil_err(wil, "BL did not report ready for halt\n");
856 }
857 
858 /* this format is used by ARC embedded CPU for instruction memory */
859 static inline u32 ARC_me_imm32(u32 d)
860 {
861 	return ((d & 0xffff0000) >> 16) | ((d & 0x0000ffff) << 16);
862 }
863 
864 /* defines access to interrupt vectors for wil_freeze_bl */
865 #define ARC_IRQ_VECTOR_OFFSET(N)	((N) * 8)
866 /* ARC long jump instruction */
867 #define ARC_JAL_INST			(0x20200f80)
868 
869 static void wil_freeze_bl(struct wil6210_priv *wil)
870 {
871 	u32 jal, upc, saved;
872 	u32 ivt3 = ARC_IRQ_VECTOR_OFFSET(3);
873 
874 	jal = wil_r(wil, wil->iccm_base + ivt3);
875 	if (jal != ARC_me_imm32(ARC_JAL_INST)) {
876 		wil_dbg_misc(wil, "invalid IVT entry found, skipping\n");
877 		return;
878 	}
879 
880 	/* prevent the target from entering deep sleep
881 	 * and disabling memory access
882 	 */
883 	saved = wil_r(wil, RGF_USER_USAGE_8);
884 	wil_w(wil, RGF_USER_USAGE_8, saved | BIT_USER_PREVENT_DEEP_SLEEP);
885 	usleep_range(20, 25); /* let the BL process the bit */
886 
887 	/* redirect to endless loop in the INT_L1 context and let it trap */
888 	wil_w(wil, wil->iccm_base + ivt3 + 4, ARC_me_imm32(ivt3));
889 	usleep_range(20, 25); /* let the BL get into the trap */
890 
891 	/* verify the BL is frozen */
892 	upc = wil_r(wil, RGF_USER_CPU_PC);
893 	if (upc < ivt3 || (upc > (ivt3 + 8)))
894 		wil_dbg_misc(wil, "BL freeze failed, PC=0x%08X\n", upc);
895 
896 	wil_w(wil, RGF_USER_USAGE_8, saved);
897 }
898 
899 static void wil_bl_prepare_halt(struct wil6210_priv *wil)
900 {
901 	u32 tmp, ver;
902 
903 	/* before halting device CPU driver must make sure BL is not accessing
904 	 * host memory. This is done differently depending on BL version:
905 	 * 1. For very old BL versions the procedure is skipped
906 	 * (not supported).
907 	 * 2. For old BL version we use a special trick to freeze the BL
908 	 * 3. For new BL versions we shutdown the BL using handshake procedure.
909 	 */
910 	tmp = wil_r(wil, RGF_USER_BL +
911 		    offsetof(struct bl_dedicated_registers_v0,
912 			     boot_loader_struct_version));
913 	if (!tmp) {
914 		wil_dbg_misc(wil, "old BL, skipping halt preparation\n");
915 		return;
916 	}
917 
918 	tmp = wil_r(wil, RGF_USER_BL +
919 		    offsetof(struct bl_dedicated_registers_v1,
920 			     bl_shutdown_handshake));
921 	ver = BL_SHUTDOWN_HS_PROT_VER(tmp);
922 
923 	if (ver > 0)
924 		wil_shutdown_bl(wil);
925 	else
926 		wil_freeze_bl(wil);
927 }
928 
929 static inline void wil_halt_cpu(struct wil6210_priv *wil)
930 {
931 	if (wil->hw_version >= HW_VER_TALYN_MB) {
932 		wil_w(wil, RGF_USER_USER_CPU_0_TALYN_MB,
933 		      BIT_USER_USER_CPU_MAN_RST);
934 		wil_w(wil, RGF_USER_MAC_CPU_0_TALYN_MB,
935 		      BIT_USER_MAC_CPU_MAN_RST);
936 	} else {
937 		wil_w(wil, RGF_USER_USER_CPU_0, BIT_USER_USER_CPU_MAN_RST);
938 		wil_w(wil, RGF_USER_MAC_CPU_0,  BIT_USER_MAC_CPU_MAN_RST);
939 	}
940 }
941 
942 static inline void wil_release_cpu(struct wil6210_priv *wil)
943 {
944 	/* Start CPU */
945 	if (wil->hw_version >= HW_VER_TALYN_MB)
946 		wil_w(wil, RGF_USER_USER_CPU_0_TALYN_MB, 1);
947 	else
948 		wil_w(wil, RGF_USER_USER_CPU_0, 1);
949 }
950 
951 static void wil_set_oob_mode(struct wil6210_priv *wil, u8 mode)
952 {
953 	wil_info(wil, "oob_mode to %d\n", mode);
954 	switch (mode) {
955 	case 0:
956 		wil_c(wil, RGF_USER_USAGE_6, BIT_USER_OOB_MODE |
957 		      BIT_USER_OOB_R2_MODE);
958 		break;
959 	case 1:
960 		wil_c(wil, RGF_USER_USAGE_6, BIT_USER_OOB_R2_MODE);
961 		wil_s(wil, RGF_USER_USAGE_6, BIT_USER_OOB_MODE);
962 		break;
963 	case 2:
964 		wil_c(wil, RGF_USER_USAGE_6, BIT_USER_OOB_MODE);
965 		wil_s(wil, RGF_USER_USAGE_6, BIT_USER_OOB_R2_MODE);
966 		break;
967 	default:
968 		wil_err(wil, "invalid oob_mode: %d\n", mode);
969 	}
970 }
971 
972 static int wil_wait_device_ready(struct wil6210_priv *wil, int no_flash)
973 {
974 	int delay = 0;
975 	u32 x, x1 = 0;
976 
977 	/* wait until device ready. */
978 	if (no_flash) {
979 		msleep(PMU_READY_DELAY_MS);
980 
981 		wil_dbg_misc(wil, "Reset completed\n");
982 	} else {
983 		do {
984 			msleep(RST_DELAY);
985 			x = wil_r(wil, RGF_USER_BL +
986 				  offsetof(struct bl_dedicated_registers_v0,
987 					   boot_loader_ready));
988 			if (x1 != x) {
989 				wil_dbg_misc(wil, "BL.ready 0x%08x => 0x%08x\n",
990 					     x1, x);
991 				x1 = x;
992 			}
993 			if (delay++ > RST_COUNT) {
994 				wil_err(wil, "Reset not completed, bl.ready 0x%08x\n",
995 					x);
996 				return -ETIME;
997 			}
998 		} while (x != BL_READY);
999 
1000 		wil_dbg_misc(wil, "Reset completed in %d ms\n",
1001 			     delay * RST_DELAY);
1002 	}
1003 
1004 	return 0;
1005 }
1006 
1007 static int wil_wait_device_ready_talyn_mb(struct wil6210_priv *wil)
1008 {
1009 	u32 otp_hw;
1010 	u8 signature_status;
1011 	bool otp_signature_err;
1012 	bool hw_section_done;
1013 	u32 otp_qc_secured;
1014 	int delay = 0;
1015 
1016 	/* Wait for OTP signature test to complete */
1017 	usleep_range(2000, 2200);
1018 
1019 	wil->boot_config = WIL_BOOT_ERR;
1020 
1021 	/* Poll until OTP signature status is valid.
1022 	 * In vanilla and development modes, when signature test is complete
1023 	 * HW sets BIT_OTP_SIGNATURE_ERR_TALYN_MB.
1024 	 * In production mode BIT_OTP_SIGNATURE_ERR_TALYN_MB remains 0, poll
1025 	 * for signature status change to 2 or 3.
1026 	 */
1027 	do {
1028 		otp_hw = wil_r(wil, RGF_USER_OTP_HW_RD_MACHINE_1);
1029 		signature_status = WIL_GET_BITS(otp_hw, 8, 9);
1030 		otp_signature_err = otp_hw & BIT_OTP_SIGNATURE_ERR_TALYN_MB;
1031 
1032 		if (otp_signature_err &&
1033 		    signature_status == WIL_SIG_STATUS_VANILLA) {
1034 			wil->boot_config = WIL_BOOT_VANILLA;
1035 			break;
1036 		}
1037 		if (otp_signature_err &&
1038 		    signature_status == WIL_SIG_STATUS_DEVELOPMENT) {
1039 			wil->boot_config = WIL_BOOT_DEVELOPMENT;
1040 			break;
1041 		}
1042 		if (!otp_signature_err &&
1043 		    signature_status == WIL_SIG_STATUS_PRODUCTION) {
1044 			wil->boot_config = WIL_BOOT_PRODUCTION;
1045 			break;
1046 		}
1047 		if  (!otp_signature_err &&
1048 		     signature_status ==
1049 		     WIL_SIG_STATUS_CORRUPTED_PRODUCTION) {
1050 			/* Unrecognized OTP signature found. Possibly a
1051 			 * corrupted production signature, access control
1052 			 * is applied as in production mode, therefore
1053 			 * do not fail
1054 			 */
1055 			wil->boot_config = WIL_BOOT_PRODUCTION;
1056 			break;
1057 		}
1058 		if (delay++ > OTP_HW_COUNT)
1059 			break;
1060 
1061 		usleep_range(OTP_HW_DELAY, OTP_HW_DELAY + 10);
1062 	} while (!otp_signature_err && signature_status == 0);
1063 
1064 	if (wil->boot_config == WIL_BOOT_ERR) {
1065 		wil_err(wil,
1066 			"invalid boot config, signature_status %d otp_signature_err %d\n",
1067 			signature_status, otp_signature_err);
1068 		return -ETIME;
1069 	}
1070 
1071 	wil_dbg_misc(wil,
1072 		     "signature test done in %d usec, otp_hw 0x%x, boot_config %d\n",
1073 		     delay * OTP_HW_DELAY, otp_hw, wil->boot_config);
1074 
1075 	if (wil->boot_config == WIL_BOOT_VANILLA)
1076 		/* Assuming not SPI boot (currently not supported) */
1077 		goto out;
1078 
1079 	hw_section_done = otp_hw & BIT_OTP_HW_SECTION_DONE_TALYN_MB;
1080 	delay = 0;
1081 
1082 	while (!hw_section_done) {
1083 		msleep(RST_DELAY);
1084 
1085 		otp_hw = wil_r(wil, RGF_USER_OTP_HW_RD_MACHINE_1);
1086 		hw_section_done = otp_hw & BIT_OTP_HW_SECTION_DONE_TALYN_MB;
1087 
1088 		if (delay++ > RST_COUNT) {
1089 			wil_err(wil, "TO waiting for hw_section_done\n");
1090 			return -ETIME;
1091 		}
1092 	}
1093 
1094 	wil_dbg_misc(wil, "HW section done in %d ms\n", delay * RST_DELAY);
1095 
1096 	otp_qc_secured = wil_r(wil, RGF_OTP_QC_SECURED);
1097 	wil->secured_boot = otp_qc_secured & BIT_BOOT_FROM_ROM ? 1 : 0;
1098 	wil_dbg_misc(wil, "secured boot is %sabled\n",
1099 		     wil->secured_boot ? "en" : "dis");
1100 
1101 out:
1102 	wil_dbg_misc(wil, "Reset completed\n");
1103 
1104 	return 0;
1105 }
1106 
1107 static int wil_target_reset(struct wil6210_priv *wil, int no_flash)
1108 {
1109 	u32 x;
1110 	int rc;
1111 
1112 	wil_dbg_misc(wil, "Resetting \"%s\"...\n", wil->hw_name);
1113 
1114 	if (wil->hw_version < HW_VER_TALYN) {
1115 		/* Clear MAC link up */
1116 		wil_s(wil, RGF_HP_CTRL, BIT(15));
1117 		wil_s(wil, RGF_USER_CLKS_CTL_SW_RST_MASK_0,
1118 		      BIT_HPAL_PERST_FROM_PAD);
1119 		wil_s(wil, RGF_USER_CLKS_CTL_SW_RST_MASK_0, BIT_CAR_PERST_RST);
1120 	}
1121 
1122 	wil_halt_cpu(wil);
1123 
1124 	if (!no_flash) {
1125 		/* clear all boot loader "ready" bits */
1126 		wil_w(wil, RGF_USER_BL +
1127 		      offsetof(struct bl_dedicated_registers_v0,
1128 			       boot_loader_ready), 0);
1129 		/* this should be safe to write even with old BLs */
1130 		wil_w(wil, RGF_USER_BL +
1131 		      offsetof(struct bl_dedicated_registers_v1,
1132 			       bl_shutdown_handshake), 0);
1133 	}
1134 	/* Clear Fw Download notification */
1135 	wil_c(wil, RGF_USER_USAGE_6, BIT(0));
1136 
1137 	wil_s(wil, RGF_CAF_OSC_CONTROL, BIT_CAF_OSC_XTAL_EN);
1138 	/* XTAL stabilization should take about 3ms */
1139 	usleep_range(5000, 7000);
1140 	x = wil_r(wil, RGF_CAF_PLL_LOCK_STATUS);
1141 	if (!(x & BIT_CAF_OSC_DIG_XTAL_STABLE)) {
1142 		wil_err(wil, "Xtal stabilization timeout\n"
1143 			"RGF_CAF_PLL_LOCK_STATUS = 0x%08x\n", x);
1144 		return -ETIME;
1145 	}
1146 	/* switch 10k to XTAL*/
1147 	wil_c(wil, RGF_USER_SPARROW_M_4, BIT_SPARROW_M_4_SEL_SLEEP_OR_REF);
1148 	/* 40 MHz */
1149 	wil_c(wil, RGF_USER_CLKS_CTL_0, BIT_USER_CLKS_CAR_AHB_SW_SEL);
1150 
1151 	wil_w(wil, RGF_USER_CLKS_CTL_EXT_SW_RST_VEC_0, 0x3ff81f);
1152 	wil_w(wil, RGF_USER_CLKS_CTL_EXT_SW_RST_VEC_1, 0xf);
1153 
1154 	if (wil->hw_version >= HW_VER_TALYN_MB) {
1155 		wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_2, 0x7e000000);
1156 		wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_1, 0x0000003f);
1157 		wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_3, 0xc00000f0);
1158 		wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_0, 0xffe7fe00);
1159 	} else {
1160 		wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_2, 0xfe000000);
1161 		wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_1, 0x0000003f);
1162 		wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_3, 0x000000f0);
1163 		wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_0, 0xffe7fe00);
1164 	}
1165 
1166 	wil_w(wil, RGF_USER_CLKS_CTL_EXT_SW_RST_VEC_0, 0x0);
1167 	wil_w(wil, RGF_USER_CLKS_CTL_EXT_SW_RST_VEC_1, 0x0);
1168 
1169 	wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_3, 0);
1170 	wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_2, 0);
1171 	wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_1, 0);
1172 	wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_0, 0);
1173 
1174 	wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_3, 0x00000003);
1175 	/* reset A2 PCIE AHB */
1176 	wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_2, 0x00008000);
1177 
1178 	wil_w(wil, RGF_USER_CLKS_CTL_SW_RST_VEC_0, 0);
1179 
1180 	if (wil->hw_version == HW_VER_TALYN_MB)
1181 		rc = wil_wait_device_ready_talyn_mb(wil);
1182 	else
1183 		rc = wil_wait_device_ready(wil, no_flash);
1184 	if (rc)
1185 		return rc;
1186 
1187 	wil_c(wil, RGF_USER_CLKS_CTL_0, BIT_USER_CLKS_RST_PWGD);
1188 
1189 	/* enable fix for HW bug related to the SA/DA swap in AP Rx */
1190 	wil_s(wil, RGF_DMA_OFUL_NID_0, BIT_DMA_OFUL_NID_0_RX_EXT_TR_EN |
1191 	      BIT_DMA_OFUL_NID_0_RX_EXT_A3_SRC);
1192 
1193 	if (wil->hw_version < HW_VER_TALYN_MB && no_flash) {
1194 		/* Reset OTP HW vectors to fit 40MHz */
1195 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME1, 0x60001);
1196 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME2, 0x20027);
1197 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME3, 0x1);
1198 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME4, 0x20027);
1199 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME5, 0x30003);
1200 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME6, 0x20002);
1201 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME7, 0x60001);
1202 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME8, 0x60001);
1203 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME9, 0x60001);
1204 		wil_w(wil, RGF_USER_XPM_IFC_RD_TIME10, 0x60001);
1205 		wil_w(wil, RGF_USER_XPM_RD_DOUT_SAMPLE_TIME, 0x57);
1206 	}
1207 
1208 	return 0;
1209 }
1210 
1211 static void wil_collect_fw_info(struct wil6210_priv *wil)
1212 {
1213 	struct wiphy *wiphy = wil_to_wiphy(wil);
1214 	u8 retry_short;
1215 	int rc;
1216 
1217 	wil_refresh_fw_capabilities(wil);
1218 
1219 	rc = wmi_get_mgmt_retry(wil, &retry_short);
1220 	if (!rc) {
1221 		wiphy->retry_short = retry_short;
1222 		wil_dbg_misc(wil, "FW retry_short: %d\n", retry_short);
1223 	}
1224 }
1225 
1226 void wil_refresh_fw_capabilities(struct wil6210_priv *wil)
1227 {
1228 	struct wiphy *wiphy = wil_to_wiphy(wil);
1229 	int features;
1230 
1231 	wil->keep_radio_on_during_sleep =
1232 		test_bit(WIL_PLATFORM_CAPA_RADIO_ON_IN_SUSPEND,
1233 			 wil->platform_capa) &&
1234 		test_bit(WMI_FW_CAPABILITY_D3_SUSPEND, wil->fw_capabilities);
1235 
1236 	wil_info(wil, "keep_radio_on_during_sleep (%d)\n",
1237 		 wil->keep_radio_on_during_sleep);
1238 
1239 	if (test_bit(WMI_FW_CAPABILITY_RSSI_REPORTING, wil->fw_capabilities))
1240 		wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM;
1241 	else
1242 		wiphy->signal_type = CFG80211_SIGNAL_TYPE_UNSPEC;
1243 
1244 	if (test_bit(WMI_FW_CAPABILITY_PNO, wil->fw_capabilities)) {
1245 		wiphy->max_sched_scan_reqs = 1;
1246 		wiphy->max_sched_scan_ssids = WMI_MAX_PNO_SSID_NUM;
1247 		wiphy->max_match_sets = WMI_MAX_PNO_SSID_NUM;
1248 		wiphy->max_sched_scan_ie_len = WMI_MAX_IE_LEN;
1249 		wiphy->max_sched_scan_plans = WMI_MAX_PLANS_NUM;
1250 	}
1251 
1252 	if (test_bit(WMI_FW_CAPABILITY_TX_REQ_EXT, wil->fw_capabilities))
1253 		wiphy->flags |= WIPHY_FLAG_OFFCHAN_TX;
1254 
1255 	if (wil->platform_ops.set_features) {
1256 		features = (test_bit(WMI_FW_CAPABILITY_REF_CLOCK_CONTROL,
1257 				     wil->fw_capabilities) &&
1258 			    test_bit(WIL_PLATFORM_CAPA_EXT_CLK,
1259 				     wil->platform_capa)) ?
1260 			BIT(WIL_PLATFORM_FEATURE_FW_EXT_CLK_CONTROL) : 0;
1261 
1262 		if (wil->n_msi == 3)
1263 			features |= BIT(WIL_PLATFORM_FEATURE_TRIPLE_MSI);
1264 
1265 		wil->platform_ops.set_features(wil->platform_handle, features);
1266 	}
1267 
1268 	if (test_bit(WMI_FW_CAPABILITY_BACK_WIN_SIZE_64,
1269 		     wil->fw_capabilities)) {
1270 		wil->max_agg_wsize = WIL_MAX_AGG_WSIZE_64;
1271 		wil->max_ampdu_size = WIL_MAX_AMPDU_SIZE_128;
1272 	} else {
1273 		wil->max_agg_wsize = WIL_MAX_AGG_WSIZE;
1274 		wil->max_ampdu_size = WIL_MAX_AMPDU_SIZE;
1275 	}
1276 
1277 	update_supported_bands(wil);
1278 }
1279 
1280 void wil_mbox_ring_le2cpus(struct wil6210_mbox_ring *r)
1281 {
1282 	le32_to_cpus(&r->base);
1283 	le16_to_cpus(&r->entry_size);
1284 	le16_to_cpus(&r->size);
1285 	le32_to_cpus(&r->tail);
1286 	le32_to_cpus(&r->head);
1287 }
1288 
1289 /* construct actual board file name to use */
1290 void wil_get_board_file(struct wil6210_priv *wil, char *buf, size_t len)
1291 {
1292 	const char *board_file;
1293 	const char *wil_talyn_fw_name = ftm_mode ? WIL_FW_NAME_FTM_TALYN :
1294 			      WIL_FW_NAME_TALYN;
1295 
1296 	if (wil->board_file) {
1297 		board_file = wil->board_file;
1298 	} else {
1299 		/* If specific FW file is used for Talyn,
1300 		 * use specific board file
1301 		 */
1302 		if (strcmp(wil->wil_fw_name, wil_talyn_fw_name) == 0)
1303 			board_file = WIL_BRD_NAME_TALYN;
1304 		else
1305 			board_file = WIL_BOARD_FILE_NAME;
1306 	}
1307 
1308 	strlcpy(buf, board_file, len);
1309 }
1310 
1311 static int wil_get_bl_info(struct wil6210_priv *wil)
1312 {
1313 	struct net_device *ndev = wil->main_ndev;
1314 	struct wiphy *wiphy = wil_to_wiphy(wil);
1315 	union {
1316 		struct bl_dedicated_registers_v0 bl0;
1317 		struct bl_dedicated_registers_v1 bl1;
1318 	} bl;
1319 	u32 bl_ver;
1320 	u8 *mac;
1321 	u16 rf_status;
1322 
1323 	wil_memcpy_fromio_32(&bl, wil->csr + HOSTADDR(RGF_USER_BL),
1324 			     sizeof(bl));
1325 	bl_ver = le32_to_cpu(bl.bl0.boot_loader_struct_version);
1326 	mac = bl.bl0.mac_address;
1327 
1328 	if (bl_ver == 0) {
1329 		le32_to_cpus(&bl.bl0.rf_type);
1330 		le32_to_cpus(&bl.bl0.baseband_type);
1331 		rf_status = 0; /* actually, unknown */
1332 		wil_info(wil,
1333 			 "Boot Loader struct v%d: MAC = %pM RF = 0x%08x bband = 0x%08x\n",
1334 			 bl_ver, mac,
1335 			 bl.bl0.rf_type, bl.bl0.baseband_type);
1336 		wil_info(wil, "Boot Loader build unknown for struct v0\n");
1337 	} else {
1338 		le16_to_cpus(&bl.bl1.rf_type);
1339 		rf_status = le16_to_cpu(bl.bl1.rf_status);
1340 		le32_to_cpus(&bl.bl1.baseband_type);
1341 		le16_to_cpus(&bl.bl1.bl_version_subminor);
1342 		le16_to_cpus(&bl.bl1.bl_version_build);
1343 		wil_info(wil,
1344 			 "Boot Loader struct v%d: MAC = %pM RF = 0x%04x (status 0x%04x) bband = 0x%08x\n",
1345 			 bl_ver, mac,
1346 			 bl.bl1.rf_type, rf_status,
1347 			 bl.bl1.baseband_type);
1348 		wil_info(wil, "Boot Loader build %d.%d.%d.%d\n",
1349 			 bl.bl1.bl_version_major, bl.bl1.bl_version_minor,
1350 			 bl.bl1.bl_version_subminor, bl.bl1.bl_version_build);
1351 	}
1352 
1353 	if (!is_valid_ether_addr(mac)) {
1354 		wil_err(wil, "BL: Invalid MAC %pM\n", mac);
1355 		return -EINVAL;
1356 	}
1357 
1358 	ether_addr_copy(ndev->perm_addr, mac);
1359 	ether_addr_copy(wiphy->perm_addr, mac);
1360 	if (!is_valid_ether_addr(ndev->dev_addr))
1361 		ether_addr_copy(ndev->dev_addr, mac);
1362 
1363 	if (rf_status) {/* bad RF cable? */
1364 		wil_err(wil, "RF communication error 0x%04x",
1365 			rf_status);
1366 		return -EAGAIN;
1367 	}
1368 
1369 	return 0;
1370 }
1371 
1372 static void wil_bl_crash_info(struct wil6210_priv *wil, bool is_err)
1373 {
1374 	u32 bl_assert_code, bl_assert_blink, bl_magic_number;
1375 	u32 bl_ver = wil_r(wil, RGF_USER_BL +
1376 			   offsetof(struct bl_dedicated_registers_v0,
1377 				    boot_loader_struct_version));
1378 
1379 	if (bl_ver < 2)
1380 		return;
1381 
1382 	bl_assert_code = wil_r(wil, RGF_USER_BL +
1383 			       offsetof(struct bl_dedicated_registers_v1,
1384 					bl_assert_code));
1385 	bl_assert_blink = wil_r(wil, RGF_USER_BL +
1386 				offsetof(struct bl_dedicated_registers_v1,
1387 					 bl_assert_blink));
1388 	bl_magic_number = wil_r(wil, RGF_USER_BL +
1389 				offsetof(struct bl_dedicated_registers_v1,
1390 					 bl_magic_number));
1391 
1392 	if (is_err) {
1393 		wil_err(wil,
1394 			"BL assert code 0x%08x blink 0x%08x magic 0x%08x\n",
1395 			bl_assert_code, bl_assert_blink, bl_magic_number);
1396 	} else {
1397 		wil_dbg_misc(wil,
1398 			     "BL assert code 0x%08x blink 0x%08x magic 0x%08x\n",
1399 			     bl_assert_code, bl_assert_blink, bl_magic_number);
1400 	}
1401 }
1402 
1403 static int wil_get_otp_info(struct wil6210_priv *wil)
1404 {
1405 	struct net_device *ndev = wil->main_ndev;
1406 	struct wiphy *wiphy = wil_to_wiphy(wil);
1407 	u8 mac[8];
1408 	int mac_addr;
1409 
1410 	/* OEM MAC has precedence */
1411 	mac_addr = RGF_OTP_OEM_MAC;
1412 	wil_memcpy_fromio_32(mac, wil->csr + HOSTADDR(mac_addr), sizeof(mac));
1413 
1414 	if (is_valid_ether_addr(mac)) {
1415 		wil_info(wil, "using OEM MAC %pM\n", mac);
1416 	} else {
1417 		if (wil->hw_version >= HW_VER_TALYN_MB)
1418 			mac_addr = RGF_OTP_MAC_TALYN_MB;
1419 		else
1420 			mac_addr = RGF_OTP_MAC;
1421 
1422 		wil_memcpy_fromio_32(mac, wil->csr + HOSTADDR(mac_addr),
1423 				     sizeof(mac));
1424 	}
1425 
1426 	if (!is_valid_ether_addr(mac)) {
1427 		wil_err(wil, "Invalid MAC %pM\n", mac);
1428 		return -EINVAL;
1429 	}
1430 
1431 	ether_addr_copy(ndev->perm_addr, mac);
1432 	ether_addr_copy(wiphy->perm_addr, mac);
1433 	if (!is_valid_ether_addr(ndev->dev_addr))
1434 		ether_addr_copy(ndev->dev_addr, mac);
1435 
1436 	return 0;
1437 }
1438 
1439 static int wil_wait_for_fw_ready(struct wil6210_priv *wil)
1440 {
1441 	ulong to = msecs_to_jiffies(2000);
1442 	ulong left = wait_for_completion_timeout(&wil->wmi_ready, to);
1443 
1444 	if (0 == left) {
1445 		wil_err(wil, "Firmware not ready\n");
1446 		return -ETIME;
1447 	} else {
1448 		wil_info(wil, "FW ready after %d ms. HW version 0x%08x\n",
1449 			 jiffies_to_msecs(to-left), wil->hw_version);
1450 	}
1451 	return 0;
1452 }
1453 
1454 void wil_abort_scan(struct wil6210_vif *vif, bool sync)
1455 {
1456 	struct wil6210_priv *wil = vif_to_wil(vif);
1457 	int rc;
1458 	struct cfg80211_scan_info info = {
1459 		.aborted = true,
1460 	};
1461 
1462 	lockdep_assert_held(&wil->vif_mutex);
1463 
1464 	if (!vif->scan_request)
1465 		return;
1466 
1467 	wil_dbg_misc(wil, "Abort scan_request 0x%p\n", vif->scan_request);
1468 	del_timer_sync(&vif->scan_timer);
1469 	mutex_unlock(&wil->vif_mutex);
1470 	rc = wmi_abort_scan(vif);
1471 	if (!rc && sync)
1472 		wait_event_interruptible_timeout(wil->wq, !vif->scan_request,
1473 						 msecs_to_jiffies(
1474 						 WAIT_FOR_SCAN_ABORT_MS));
1475 
1476 	mutex_lock(&wil->vif_mutex);
1477 	if (vif->scan_request) {
1478 		cfg80211_scan_done(vif->scan_request, &info);
1479 		vif->scan_request = NULL;
1480 	}
1481 }
1482 
1483 void wil_abort_scan_all_vifs(struct wil6210_priv *wil, bool sync)
1484 {
1485 	int i;
1486 
1487 	lockdep_assert_held(&wil->vif_mutex);
1488 
1489 	for (i = 0; i < GET_MAX_VIFS(wil); i++) {
1490 		struct wil6210_vif *vif = wil->vifs[i];
1491 
1492 		if (vif)
1493 			wil_abort_scan(vif, sync);
1494 	}
1495 }
1496 
1497 int wil_ps_update(struct wil6210_priv *wil, enum wmi_ps_profile_type ps_profile)
1498 {
1499 	int rc;
1500 
1501 	if (!test_bit(WMI_FW_CAPABILITY_PS_CONFIG, wil->fw_capabilities)) {
1502 		wil_err(wil, "set_power_mgmt not supported\n");
1503 		return -EOPNOTSUPP;
1504 	}
1505 
1506 	rc  = wmi_ps_dev_profile_cfg(wil, ps_profile);
1507 	if (rc)
1508 		wil_err(wil, "wmi_ps_dev_profile_cfg failed (%d)\n", rc);
1509 	else
1510 		wil->ps_profile = ps_profile;
1511 
1512 	return rc;
1513 }
1514 
1515 static void wil_pre_fw_config(struct wil6210_priv *wil)
1516 {
1517 	wil_clear_fw_log_addr(wil);
1518 	/* Mark FW as loaded from host */
1519 	wil_s(wil, RGF_USER_USAGE_6, 1);
1520 
1521 	/* clear any interrupts which on-card-firmware
1522 	 * may have set
1523 	 */
1524 	wil6210_clear_irq(wil);
1525 	/* CAF_ICR - clear and mask */
1526 	/* it is W1C, clear by writing back same value */
1527 	if (wil->hw_version < HW_VER_TALYN_MB) {
1528 		wil_s(wil, RGF_CAF_ICR + offsetof(struct RGF_ICR, ICR), 0);
1529 		wil_w(wil, RGF_CAF_ICR + offsetof(struct RGF_ICR, IMV), ~0);
1530 	}
1531 	/* clear PAL_UNIT_ICR (potential D0->D3 leftover)
1532 	 * In Talyn-MB host cannot access this register due to
1533 	 * access control, hence PAL_UNIT_ICR is cleared by the FW
1534 	 */
1535 	if (wil->hw_version < HW_VER_TALYN_MB)
1536 		wil_s(wil, RGF_PAL_UNIT_ICR + offsetof(struct RGF_ICR, ICR),
1537 		      0);
1538 
1539 	if (wil->fw_calib_result > 0) {
1540 		__le32 val = cpu_to_le32(wil->fw_calib_result |
1541 						(CALIB_RESULT_SIGNATURE << 8));
1542 		wil_w(wil, RGF_USER_FW_CALIB_RESULT, (u32 __force)val);
1543 	}
1544 }
1545 
1546 static int wil_restore_vifs(struct wil6210_priv *wil)
1547 {
1548 	struct wil6210_vif *vif;
1549 	struct net_device *ndev;
1550 	struct wireless_dev *wdev;
1551 	int i, rc;
1552 
1553 	for (i = 0; i < GET_MAX_VIFS(wil); i++) {
1554 		vif = wil->vifs[i];
1555 		if (!vif)
1556 			continue;
1557 		vif->ap_isolate = 0;
1558 		if (vif->mid) {
1559 			ndev = vif_to_ndev(vif);
1560 			wdev = vif_to_wdev(vif);
1561 			rc = wmi_port_allocate(wil, vif->mid, ndev->dev_addr,
1562 					       wdev->iftype);
1563 			if (rc) {
1564 				wil_err(wil, "fail to restore VIF %d type %d, rc %d\n",
1565 					i, wdev->iftype, rc);
1566 				return rc;
1567 			}
1568 		}
1569 	}
1570 
1571 	return 0;
1572 }
1573 
1574 /*
1575  * Clear FW and ucode log start addr to indicate FW log is not ready. The host
1576  * driver clears the addresses before FW starts and FW initializes the address
1577  * when it is ready to send logs.
1578  */
1579 void wil_clear_fw_log_addr(struct wil6210_priv *wil)
1580 {
1581 	/* FW log addr */
1582 	wil_w(wil, RGF_USER_USAGE_1, 0);
1583 	/* ucode log addr */
1584 	wil_w(wil, RGF_USER_USAGE_2, 0);
1585 	wil_dbg_misc(wil, "Cleared FW and ucode log address");
1586 }
1587 
1588 /*
1589  * We reset all the structures, and we reset the UMAC.
1590  * After calling this routine, you're expected to reload
1591  * the firmware.
1592  */
1593 int wil_reset(struct wil6210_priv *wil, bool load_fw)
1594 {
1595 	int rc, i;
1596 	unsigned long status_flags = BIT(wil_status_resetting);
1597 	int no_flash;
1598 	struct wil6210_vif *vif;
1599 
1600 	wil_dbg_misc(wil, "reset\n");
1601 
1602 	WARN_ON(!mutex_is_locked(&wil->mutex));
1603 	WARN_ON(test_bit(wil_status_napi_en, wil->status));
1604 
1605 	if (debug_fw) {
1606 		static const u8 mac[ETH_ALEN] = {
1607 			0x00, 0xde, 0xad, 0x12, 0x34, 0x56,
1608 		};
1609 		struct net_device *ndev = wil->main_ndev;
1610 
1611 		ether_addr_copy(ndev->perm_addr, mac);
1612 		ether_addr_copy(ndev->dev_addr, ndev->perm_addr);
1613 		return 0;
1614 	}
1615 
1616 	if (wil->hw_version == HW_VER_UNKNOWN)
1617 		return -ENODEV;
1618 
1619 	if (test_bit(WIL_PLATFORM_CAPA_T_PWR_ON_0, wil->platform_capa) &&
1620 	    wil->hw_version < HW_VER_TALYN_MB) {
1621 		wil_dbg_misc(wil, "Notify FW to set T_POWER_ON=0\n");
1622 		wil_s(wil, RGF_USER_USAGE_8, BIT_USER_SUPPORT_T_POWER_ON_0);
1623 	}
1624 
1625 	if (test_bit(WIL_PLATFORM_CAPA_EXT_CLK, wil->platform_capa)) {
1626 		wil_dbg_misc(wil, "Notify FW on ext clock configuration\n");
1627 		wil_s(wil, RGF_USER_USAGE_8, BIT_USER_EXT_CLK);
1628 	}
1629 
1630 	if (wil->platform_ops.notify) {
1631 		rc = wil->platform_ops.notify(wil->platform_handle,
1632 					      WIL_PLATFORM_EVT_PRE_RESET);
1633 		if (rc)
1634 			wil_err(wil, "PRE_RESET platform notify failed, rc %d\n",
1635 				rc);
1636 	}
1637 
1638 	set_bit(wil_status_resetting, wil->status);
1639 	mutex_lock(&wil->vif_mutex);
1640 	wil_abort_scan_all_vifs(wil, false);
1641 	mutex_unlock(&wil->vif_mutex);
1642 
1643 	for (i = 0; i < GET_MAX_VIFS(wil); i++) {
1644 		vif = wil->vifs[i];
1645 		if (vif) {
1646 			cancel_work_sync(&vif->disconnect_worker);
1647 			wil6210_disconnect(vif, NULL,
1648 					   WLAN_REASON_DEAUTH_LEAVING);
1649 			vif->ptk_rekey_state = WIL_REKEY_IDLE;
1650 		}
1651 	}
1652 	wil_bcast_fini_all(wil);
1653 
1654 	/* Disable device led before reset*/
1655 	wmi_led_cfg(wil, false);
1656 
1657 	down_write(&wil->mem_lock);
1658 
1659 	/* prevent NAPI from being scheduled and prevent wmi commands */
1660 	mutex_lock(&wil->wmi_mutex);
1661 	if (test_bit(wil_status_suspending, wil->status))
1662 		status_flags |= BIT(wil_status_suspending);
1663 	bitmap_and(wil->status, wil->status, &status_flags,
1664 		   wil_status_last);
1665 	wil_dbg_misc(wil, "wil->status (0x%lx)\n", *wil->status);
1666 	mutex_unlock(&wil->wmi_mutex);
1667 
1668 	wil_mask_irq(wil);
1669 
1670 	wmi_event_flush(wil);
1671 
1672 	flush_workqueue(wil->wq_service);
1673 	flush_workqueue(wil->wmi_wq);
1674 
1675 	no_flash = test_bit(hw_capa_no_flash, wil->hw_capa);
1676 	if (!no_flash)
1677 		wil_bl_crash_info(wil, false);
1678 	wil_disable_irq(wil);
1679 	rc = wil_target_reset(wil, no_flash);
1680 	wil6210_clear_irq(wil);
1681 	wil_enable_irq(wil);
1682 	wil->txrx_ops.rx_fini(wil);
1683 	wil->txrx_ops.tx_fini(wil);
1684 	if (rc) {
1685 		if (!no_flash)
1686 			wil_bl_crash_info(wil, true);
1687 		goto out;
1688 	}
1689 
1690 	if (no_flash) {
1691 		rc = wil_get_otp_info(wil);
1692 	} else {
1693 		rc = wil_get_bl_info(wil);
1694 		if (rc == -EAGAIN && !load_fw)
1695 			/* ignore RF error if not going up */
1696 			rc = 0;
1697 	}
1698 	if (rc)
1699 		goto out;
1700 
1701 	wil_set_oob_mode(wil, oob_mode);
1702 	if (load_fw) {
1703 		char board_file[WIL_BOARD_FILE_MAX_NAMELEN];
1704 
1705 		if  (wil->secured_boot) {
1706 			wil_err(wil, "secured boot is not supported\n");
1707 			up_write(&wil->mem_lock);
1708 			return -ENOTSUPP;
1709 		}
1710 
1711 		board_file[0] = '\0';
1712 		wil_get_board_file(wil, board_file, sizeof(board_file));
1713 		wil_info(wil, "Use firmware <%s> + board <%s>\n",
1714 			 wil->wil_fw_name, board_file);
1715 
1716 		if (!no_flash)
1717 			wil_bl_prepare_halt(wil);
1718 
1719 		wil_halt_cpu(wil);
1720 		memset(wil->fw_version, 0, sizeof(wil->fw_version));
1721 		/* Loading f/w from the file */
1722 		rc = wil_request_firmware(wil, wil->wil_fw_name, true);
1723 		if (rc)
1724 			goto out;
1725 		if (wil->num_of_brd_entries)
1726 			rc = wil_request_board(wil, board_file);
1727 		else
1728 			rc = wil_request_firmware(wil, board_file, true);
1729 		if (rc)
1730 			goto out;
1731 
1732 		wil_pre_fw_config(wil);
1733 		wil_release_cpu(wil);
1734 	}
1735 
1736 	/* init after reset */
1737 	reinit_completion(&wil->wmi_ready);
1738 	reinit_completion(&wil->wmi_call);
1739 	reinit_completion(&wil->halp.comp);
1740 
1741 	clear_bit(wil_status_resetting, wil->status);
1742 
1743 	up_write(&wil->mem_lock);
1744 
1745 	if (load_fw) {
1746 		wil_unmask_irq(wil);
1747 
1748 		/* we just started MAC, wait for FW ready */
1749 		rc = wil_wait_for_fw_ready(wil);
1750 		if (rc)
1751 			return rc;
1752 
1753 		/* check FW is responsive */
1754 		rc = wmi_echo(wil);
1755 		if (rc) {
1756 			wil_err(wil, "wmi_echo failed, rc %d\n", rc);
1757 			return rc;
1758 		}
1759 
1760 		wil->txrx_ops.configure_interrupt_moderation(wil);
1761 
1762 		/* Enable OFU rdy valid bug fix, to prevent hang in oful34_rx
1763 		 * while there is back-pressure from Host during RX
1764 		 */
1765 		if (wil->hw_version >= HW_VER_TALYN_MB)
1766 			wil_s(wil, RGF_DMA_MISC_CTL,
1767 			      BIT_OFUL34_RDY_VALID_BUG_FIX_EN);
1768 
1769 		rc = wil_restore_vifs(wil);
1770 		if (rc) {
1771 			wil_err(wil, "failed to restore vifs, rc %d\n", rc);
1772 			return rc;
1773 		}
1774 
1775 		wil_collect_fw_info(wil);
1776 
1777 		if (wil->ps_profile != WMI_PS_PROFILE_TYPE_DEFAULT)
1778 			wil_ps_update(wil, wil->ps_profile);
1779 
1780 		if (wil->platform_ops.notify) {
1781 			rc = wil->platform_ops.notify(wil->platform_handle,
1782 						      WIL_PLATFORM_EVT_FW_RDY);
1783 			if (rc) {
1784 				wil_err(wil, "FW_RDY notify failed, rc %d\n",
1785 					rc);
1786 				rc = 0;
1787 			}
1788 		}
1789 	}
1790 
1791 	return rc;
1792 
1793 out:
1794 	up_write(&wil->mem_lock);
1795 	clear_bit(wil_status_resetting, wil->status);
1796 	return rc;
1797 }
1798 
1799 void wil_fw_error_recovery(struct wil6210_priv *wil)
1800 {
1801 	wil_dbg_misc(wil, "starting fw error recovery\n");
1802 
1803 	if (test_bit(wil_status_resetting, wil->status)) {
1804 		wil_info(wil, "Reset already in progress\n");
1805 		return;
1806 	}
1807 
1808 	wil->recovery_state = fw_recovery_pending;
1809 	schedule_work(&wil->fw_error_worker);
1810 }
1811 
1812 int __wil_up(struct wil6210_priv *wil)
1813 {
1814 	struct net_device *ndev = wil->main_ndev;
1815 	struct wireless_dev *wdev = ndev->ieee80211_ptr;
1816 	int rc;
1817 
1818 	WARN_ON(!mutex_is_locked(&wil->mutex));
1819 
1820 	rc = wil_reset(wil, true);
1821 	if (rc)
1822 		return rc;
1823 
1824 	/* Rx RING. After MAC and beacon */
1825 	if (rx_ring_order == 0)
1826 		rx_ring_order = wil->hw_version < HW_VER_TALYN_MB ?
1827 			WIL_RX_RING_SIZE_ORDER_DEFAULT :
1828 			WIL_RX_RING_SIZE_ORDER_TALYN_DEFAULT;
1829 
1830 	rc = wil->txrx_ops.rx_init(wil, rx_ring_order);
1831 	if (rc)
1832 		return rc;
1833 
1834 	rc = wil->txrx_ops.tx_init(wil);
1835 	if (rc)
1836 		return rc;
1837 
1838 	switch (wdev->iftype) {
1839 	case NL80211_IFTYPE_STATION:
1840 		wil_dbg_misc(wil, "type: STATION\n");
1841 		ndev->type = ARPHRD_ETHER;
1842 		break;
1843 	case NL80211_IFTYPE_AP:
1844 		wil_dbg_misc(wil, "type: AP\n");
1845 		ndev->type = ARPHRD_ETHER;
1846 		break;
1847 	case NL80211_IFTYPE_P2P_CLIENT:
1848 		wil_dbg_misc(wil, "type: P2P_CLIENT\n");
1849 		ndev->type = ARPHRD_ETHER;
1850 		break;
1851 	case NL80211_IFTYPE_P2P_GO:
1852 		wil_dbg_misc(wil, "type: P2P_GO\n");
1853 		ndev->type = ARPHRD_ETHER;
1854 		break;
1855 	case NL80211_IFTYPE_MONITOR:
1856 		wil_dbg_misc(wil, "type: Monitor\n");
1857 		ndev->type = ARPHRD_IEEE80211_RADIOTAP;
1858 		/* ARPHRD_IEEE80211 or ARPHRD_IEEE80211_RADIOTAP ? */
1859 		break;
1860 	default:
1861 		return -EOPNOTSUPP;
1862 	}
1863 
1864 	/* MAC address - pre-requisite for other commands */
1865 	wmi_set_mac_address(wil, ndev->dev_addr);
1866 
1867 	wil_dbg_misc(wil, "NAPI enable\n");
1868 	napi_enable(&wil->napi_rx);
1869 	napi_enable(&wil->napi_tx);
1870 	set_bit(wil_status_napi_en, wil->status);
1871 
1872 	wil6210_bus_request(wil, WIL_DEFAULT_BUS_REQUEST_KBPS);
1873 
1874 	return 0;
1875 }
1876 
1877 int wil_up(struct wil6210_priv *wil)
1878 {
1879 	int rc;
1880 
1881 	wil_dbg_misc(wil, "up\n");
1882 
1883 	mutex_lock(&wil->mutex);
1884 	rc = __wil_up(wil);
1885 	mutex_unlock(&wil->mutex);
1886 
1887 	return rc;
1888 }
1889 
1890 int __wil_down(struct wil6210_priv *wil)
1891 {
1892 	int rc;
1893 	WARN_ON(!mutex_is_locked(&wil->mutex));
1894 
1895 	set_bit(wil_status_resetting, wil->status);
1896 
1897 	wil6210_bus_request(wil, 0);
1898 
1899 	wil_disable_irq(wil);
1900 	if (test_and_clear_bit(wil_status_napi_en, wil->status)) {
1901 		napi_disable(&wil->napi_rx);
1902 		napi_disable(&wil->napi_tx);
1903 		wil_dbg_misc(wil, "NAPI disable\n");
1904 	}
1905 	wil_enable_irq(wil);
1906 
1907 	mutex_lock(&wil->vif_mutex);
1908 	wil_p2p_stop_radio_operations(wil);
1909 	wil_abort_scan_all_vifs(wil, false);
1910 	mutex_unlock(&wil->vif_mutex);
1911 
1912 	rc = wil_reset(wil, false);
1913 
1914 	return rc;
1915 }
1916 
1917 int wil_down(struct wil6210_priv *wil)
1918 {
1919 	int rc;
1920 
1921 	wil_dbg_misc(wil, "down\n");
1922 
1923 	wil_set_recovery_state(wil, fw_recovery_idle);
1924 	mutex_lock(&wil->mutex);
1925 	rc = __wil_down(wil);
1926 	mutex_unlock(&wil->mutex);
1927 
1928 	return rc;
1929 }
1930 
1931 int wil_find_cid(struct wil6210_priv *wil, u8 mid, const u8 *mac)
1932 {
1933 	int i;
1934 	int rc = -ENOENT;
1935 
1936 	for (i = 0; i < wil->max_assoc_sta; i++) {
1937 		if (wil->sta[i].mid == mid &&
1938 		    wil->sta[i].status != wil_sta_unused &&
1939 		    ether_addr_equal(wil->sta[i].addr, mac)) {
1940 			rc = i;
1941 			break;
1942 		}
1943 	}
1944 
1945 	return rc;
1946 }
1947 
1948 void wil_halp_vote(struct wil6210_priv *wil)
1949 {
1950 	unsigned long rc;
1951 	unsigned long to_jiffies = msecs_to_jiffies(WAIT_FOR_HALP_VOTE_MS);
1952 
1953 	if (wil->hw_version >= HW_VER_TALYN_MB)
1954 		return;
1955 
1956 	mutex_lock(&wil->halp.lock);
1957 
1958 	wil_dbg_irq(wil, "halp_vote: start, HALP ref_cnt (%d)\n",
1959 		    wil->halp.ref_cnt);
1960 
1961 	if (++wil->halp.ref_cnt == 1) {
1962 		reinit_completion(&wil->halp.comp);
1963 		/* mark to IRQ context to handle HALP ICR */
1964 		wil->halp.handle_icr = true;
1965 		wil6210_set_halp(wil);
1966 		rc = wait_for_completion_timeout(&wil->halp.comp, to_jiffies);
1967 		if (!rc) {
1968 			wil_err(wil, "HALP vote timed out\n");
1969 			/* Mask HALP as done in case the interrupt is raised */
1970 			wil->halp.handle_icr = false;
1971 			wil6210_mask_halp(wil);
1972 		} else {
1973 			wil_dbg_irq(wil,
1974 				    "halp_vote: HALP vote completed after %d ms\n",
1975 				    jiffies_to_msecs(to_jiffies - rc));
1976 		}
1977 	}
1978 
1979 	wil_dbg_irq(wil, "halp_vote: end, HALP ref_cnt (%d)\n",
1980 		    wil->halp.ref_cnt);
1981 
1982 	mutex_unlock(&wil->halp.lock);
1983 }
1984 
1985 void wil_halp_unvote(struct wil6210_priv *wil)
1986 {
1987 	if (wil->hw_version >= HW_VER_TALYN_MB)
1988 		return;
1989 
1990 	WARN_ON(wil->halp.ref_cnt == 0);
1991 
1992 	mutex_lock(&wil->halp.lock);
1993 
1994 	wil_dbg_irq(wil, "halp_unvote: start, HALP ref_cnt (%d)\n",
1995 		    wil->halp.ref_cnt);
1996 
1997 	if (--wil->halp.ref_cnt == 0) {
1998 		wil6210_clear_halp(wil);
1999 		wil_dbg_irq(wil, "HALP unvote\n");
2000 	}
2001 
2002 	wil_dbg_irq(wil, "halp_unvote:end, HALP ref_cnt (%d)\n",
2003 		    wil->halp.ref_cnt);
2004 
2005 	mutex_unlock(&wil->halp.lock);
2006 }
2007 
2008 void wil_init_txrx_ops(struct wil6210_priv *wil)
2009 {
2010 	if (wil->use_enhanced_dma_hw)
2011 		wil_init_txrx_ops_edma(wil);
2012 	else
2013 		wil_init_txrx_ops_legacy_dma(wil);
2014 }
2015