1 /* 2 * Copyright (c) 2012-2017 Qualcomm Atheros, Inc. 3 * Copyright (c) 2018, The Linux Foundation. All rights reserved. 4 * 5 * Permission to use, copy, modify, and/or distribute this software for any 6 * purpose with or without fee is hereby granted, provided that the above 7 * copyright notice and this permission notice appear in all copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 */ 17 18 #include <linux/moduleparam.h> 19 #include <linux/etherdevice.h> 20 #include <linux/if_arp.h> 21 22 #include "wil6210.h" 23 #include "txrx.h" 24 #include "wmi.h" 25 #include "trace.h" 26 27 static uint max_assoc_sta = WIL6210_MAX_CID; 28 module_param(max_assoc_sta, uint, 0644); 29 MODULE_PARM_DESC(max_assoc_sta, " Max number of stations associated to the AP"); 30 31 int agg_wsize; /* = 0; */ 32 module_param(agg_wsize, int, 0644); 33 MODULE_PARM_DESC(agg_wsize, " Window size for Tx Block Ack after connect;" 34 " 0 - use default; < 0 - don't auto-establish"); 35 36 u8 led_id = WIL_LED_INVALID_ID; 37 module_param(led_id, byte, 0444); 38 MODULE_PARM_DESC(led_id, 39 " 60G device led enablement. Set the led ID (0-2) to enable"); 40 41 #define WIL_WAIT_FOR_SUSPEND_RESUME_COMP 200 42 #define WIL_WMI_CALL_GENERAL_TO_MS 100 43 44 /** 45 * WMI event receiving - theory of operations 46 * 47 * When firmware about to report WMI event, it fills memory area 48 * in the mailbox and raises misc. IRQ. Thread interrupt handler invoked for 49 * the misc IRQ, function @wmi_recv_cmd called by thread IRQ handler. 50 * 51 * @wmi_recv_cmd reads event, allocates memory chunk and attaches it to the 52 * event list @wil->pending_wmi_ev. Then, work queue @wil->wmi_wq wakes up 53 * and handles events within the @wmi_event_worker. Every event get detached 54 * from list, processed and deleted. 55 * 56 * Purpose for this mechanism is to release IRQ thread; otherwise, 57 * if WMI event handling involves another WMI command flow, this 2-nd flow 58 * won't be completed because of blocked IRQ thread. 59 */ 60 61 /** 62 * Addressing - theory of operations 63 * 64 * There are several buses present on the WIL6210 card. 65 * Same memory areas are visible at different address on 66 * the different busses. There are 3 main bus masters: 67 * - MAC CPU (ucode) 68 * - User CPU (firmware) 69 * - AHB (host) 70 * 71 * On the PCI bus, there is one BAR (BAR0) of 2Mb size, exposing 72 * AHB addresses starting from 0x880000 73 * 74 * Internally, firmware uses addresses that allow faster access but 75 * are invisible from the host. To read from these addresses, alternative 76 * AHB address must be used. 77 */ 78 79 /** 80 * @sparrow_fw_mapping provides memory remapping table for sparrow 81 * 82 * array size should be in sync with the declaration in the wil6210.h 83 * 84 * Sparrow memory mapping: 85 * Linker address PCI/Host address 86 * 0x880000 .. 0xa80000 2Mb BAR0 87 * 0x800000 .. 0x808000 0x900000 .. 0x908000 32k DCCM 88 * 0x840000 .. 0x860000 0x908000 .. 0x928000 128k PERIPH 89 */ 90 const struct fw_map sparrow_fw_mapping[] = { 91 /* FW code RAM 256k */ 92 {0x000000, 0x040000, 0x8c0000, "fw_code", true, true}, 93 /* FW data RAM 32k */ 94 {0x800000, 0x808000, 0x900000, "fw_data", true, true}, 95 /* periph data 128k */ 96 {0x840000, 0x860000, 0x908000, "fw_peri", true, true}, 97 /* various RGF 40k */ 98 {0x880000, 0x88a000, 0x880000, "rgf", true, true}, 99 /* AGC table 4k */ 100 {0x88a000, 0x88b000, 0x88a000, "AGC_tbl", true, true}, 101 /* Pcie_ext_rgf 4k */ 102 {0x88b000, 0x88c000, 0x88b000, "rgf_ext", true, true}, 103 /* mac_ext_rgf 512b */ 104 {0x88c000, 0x88c200, 0x88c000, "mac_rgf_ext", true, true}, 105 /* upper area 548k */ 106 {0x8c0000, 0x949000, 0x8c0000, "upper", true, true}, 107 /* UCODE areas - accessible by debugfs blobs but not by 108 * wmi_addr_remap. UCODE areas MUST be added AFTER FW areas! 109 */ 110 /* ucode code RAM 128k */ 111 {0x000000, 0x020000, 0x920000, "uc_code", false, false}, 112 /* ucode data RAM 16k */ 113 {0x800000, 0x804000, 0x940000, "uc_data", false, false}, 114 }; 115 116 /** 117 * @sparrow_d0_mac_rgf_ext - mac_rgf_ext section for Sparrow D0 118 * it is a bit larger to support extra features 119 */ 120 const struct fw_map sparrow_d0_mac_rgf_ext = { 121 0x88c000, 0x88c500, 0x88c000, "mac_rgf_ext", true, true 122 }; 123 124 /** 125 * @talyn_fw_mapping provides memory remapping table for Talyn 126 * 127 * array size should be in sync with the declaration in the wil6210.h 128 * 129 * Talyn memory mapping: 130 * Linker address PCI/Host address 131 * 0x880000 .. 0xc80000 4Mb BAR0 132 * 0x800000 .. 0x820000 0xa00000 .. 0xa20000 128k DCCM 133 * 0x840000 .. 0x858000 0xa20000 .. 0xa38000 96k PERIPH 134 */ 135 const struct fw_map talyn_fw_mapping[] = { 136 /* FW code RAM 1M */ 137 {0x000000, 0x100000, 0x900000, "fw_code", true, true}, 138 /* FW data RAM 128k */ 139 {0x800000, 0x820000, 0xa00000, "fw_data", true, true}, 140 /* periph. data RAM 96k */ 141 {0x840000, 0x858000, 0xa20000, "fw_peri", true, true}, 142 /* various RGF 40k */ 143 {0x880000, 0x88a000, 0x880000, "rgf", true, true}, 144 /* AGC table 4k */ 145 {0x88a000, 0x88b000, 0x88a000, "AGC_tbl", true, true}, 146 /* Pcie_ext_rgf 4k */ 147 {0x88b000, 0x88c000, 0x88b000, "rgf_ext", true, true}, 148 /* mac_ext_rgf 1344b */ 149 {0x88c000, 0x88c540, 0x88c000, "mac_rgf_ext", true, true}, 150 /* ext USER RGF 4k */ 151 {0x88d000, 0x88e000, 0x88d000, "ext_user_rgf", true, true}, 152 /* OTP 4k */ 153 {0x8a0000, 0x8a1000, 0x8a0000, "otp", true, false}, 154 /* DMA EXT RGF 64k */ 155 {0x8b0000, 0x8c0000, 0x8b0000, "dma_ext_rgf", true, true}, 156 /* upper area 1536k */ 157 {0x900000, 0xa80000, 0x900000, "upper", true, true}, 158 /* UCODE areas - accessible by debugfs blobs but not by 159 * wmi_addr_remap. UCODE areas MUST be added AFTER FW areas! 160 */ 161 /* ucode code RAM 256k */ 162 {0x000000, 0x040000, 0xa38000, "uc_code", false, false}, 163 /* ucode data RAM 32k */ 164 {0x800000, 0x808000, 0xa78000, "uc_data", false, false}, 165 }; 166 167 /** 168 * @talyn_mb_fw_mapping provides memory remapping table for Talyn-MB 169 * 170 * array size should be in sync with the declaration in the wil6210.h 171 * 172 * Talyn MB memory mapping: 173 * Linker address PCI/Host address 174 * 0x880000 .. 0xc80000 4Mb BAR0 175 * 0x800000 .. 0x820000 0xa00000 .. 0xa20000 128k DCCM 176 * 0x840000 .. 0x858000 0xa20000 .. 0xa38000 96k PERIPH 177 */ 178 const struct fw_map talyn_mb_fw_mapping[] = { 179 /* FW code RAM 768k */ 180 {0x000000, 0x0c0000, 0x900000, "fw_code", true, true}, 181 /* FW data RAM 128k */ 182 {0x800000, 0x820000, 0xa00000, "fw_data", true, true}, 183 /* periph. data RAM 96k */ 184 {0x840000, 0x858000, 0xa20000, "fw_peri", true, true}, 185 /* various RGF 40k */ 186 {0x880000, 0x88a000, 0x880000, "rgf", true, true}, 187 /* AGC table 4k */ 188 {0x88a000, 0x88b000, 0x88a000, "AGC_tbl", true, true}, 189 /* Pcie_ext_rgf 4k */ 190 {0x88b000, 0x88c000, 0x88b000, "rgf_ext", true, true}, 191 /* mac_ext_rgf 2256b */ 192 {0x88c000, 0x88c8d0, 0x88c000, "mac_rgf_ext", true, true}, 193 /* ext USER RGF 4k */ 194 {0x88d000, 0x88e000, 0x88d000, "ext_user_rgf", true, true}, 195 /* SEC PKA 16k */ 196 {0x890000, 0x894000, 0x890000, "sec_pka", true, true}, 197 /* SEC KDF RGF 3096b */ 198 {0x898000, 0x898c18, 0x898000, "sec_kdf_rgf", true, true}, 199 /* SEC MAIN 2124b */ 200 {0x89a000, 0x89a84c, 0x89a000, "sec_main", true, true}, 201 /* OTP 4k */ 202 {0x8a0000, 0x8a1000, 0x8a0000, "otp", true, false}, 203 /* DMA EXT RGF 64k */ 204 {0x8b0000, 0x8c0000, 0x8b0000, "dma_ext_rgf", true, true}, 205 /* DUM USER RGF 528b */ 206 {0x8c0000, 0x8c0210, 0x8c0000, "dum_user_rgf", true, true}, 207 /* DMA OFU 296b */ 208 {0x8c2000, 0x8c2128, 0x8c2000, "dma_ofu", true, true}, 209 /* ucode debug 4k */ 210 {0x8c3000, 0x8c4000, 0x8c3000, "ucode_debug", true, true}, 211 /* upper area 1536k */ 212 {0x900000, 0xa80000, 0x900000, "upper", true, true}, 213 /* UCODE areas - accessible by debugfs blobs but not by 214 * wmi_addr_remap. UCODE areas MUST be added AFTER FW areas! 215 */ 216 /* ucode code RAM 256k */ 217 {0x000000, 0x040000, 0xa38000, "uc_code", false, false}, 218 /* ucode data RAM 32k */ 219 {0x800000, 0x808000, 0xa78000, "uc_data", false, false}, 220 }; 221 222 struct fw_map fw_mapping[MAX_FW_MAPPING_TABLE_SIZE]; 223 224 struct blink_on_off_time led_blink_time[] = { 225 {WIL_LED_BLINK_ON_SLOW_MS, WIL_LED_BLINK_OFF_SLOW_MS}, 226 {WIL_LED_BLINK_ON_MED_MS, WIL_LED_BLINK_OFF_MED_MS}, 227 {WIL_LED_BLINK_ON_FAST_MS, WIL_LED_BLINK_OFF_FAST_MS}, 228 }; 229 230 struct auth_no_hdr { 231 __le16 auth_alg; 232 __le16 auth_transaction; 233 __le16 status_code; 234 /* possibly followed by Challenge text */ 235 u8 variable[0]; 236 } __packed; 237 238 u8 led_polarity = LED_POLARITY_LOW_ACTIVE; 239 240 /** 241 * return AHB address for given firmware internal (linker) address 242 * @x - internal address 243 * If address have no valid AHB mapping, return 0 244 */ 245 static u32 wmi_addr_remap(u32 x) 246 { 247 uint i; 248 249 for (i = 0; i < ARRAY_SIZE(fw_mapping); i++) { 250 if (fw_mapping[i].fw && 251 ((x >= fw_mapping[i].from) && (x < fw_mapping[i].to))) 252 return x + fw_mapping[i].host - fw_mapping[i].from; 253 } 254 255 return 0; 256 } 257 258 /** 259 * find fw_mapping entry by section name 260 * @section - section name 261 * 262 * Return pointer to section or NULL if not found 263 */ 264 struct fw_map *wil_find_fw_mapping(const char *section) 265 { 266 int i; 267 268 for (i = 0; i < ARRAY_SIZE(fw_mapping); i++) 269 if (fw_mapping[i].name && 270 !strcmp(section, fw_mapping[i].name)) 271 return &fw_mapping[i]; 272 273 return NULL; 274 } 275 276 /** 277 * Check address validity for WMI buffer; remap if needed 278 * @ptr - internal (linker) fw/ucode address 279 * @size - if non zero, validate the block does not 280 * exceed the device memory (bar) 281 * 282 * Valid buffer should be DWORD aligned 283 * 284 * return address for accessing buffer from the host; 285 * if buffer is not valid, return NULL. 286 */ 287 void __iomem *wmi_buffer_block(struct wil6210_priv *wil, __le32 ptr_, u32 size) 288 { 289 u32 off; 290 u32 ptr = le32_to_cpu(ptr_); 291 292 if (ptr % 4) 293 return NULL; 294 295 ptr = wmi_addr_remap(ptr); 296 if (ptr < WIL6210_FW_HOST_OFF) 297 return NULL; 298 299 off = HOSTADDR(ptr); 300 if (off > wil->bar_size - 4) 301 return NULL; 302 if (size && ((off + size > wil->bar_size) || (off + size < off))) 303 return NULL; 304 305 return wil->csr + off; 306 } 307 308 void __iomem *wmi_buffer(struct wil6210_priv *wil, __le32 ptr_) 309 { 310 return wmi_buffer_block(wil, ptr_, 0); 311 } 312 313 /** 314 * Check address validity 315 */ 316 void __iomem *wmi_addr(struct wil6210_priv *wil, u32 ptr) 317 { 318 u32 off; 319 320 if (ptr % 4) 321 return NULL; 322 323 if (ptr < WIL6210_FW_HOST_OFF) 324 return NULL; 325 326 off = HOSTADDR(ptr); 327 if (off > wil->bar_size - 4) 328 return NULL; 329 330 return wil->csr + off; 331 } 332 333 int wmi_read_hdr(struct wil6210_priv *wil, __le32 ptr, 334 struct wil6210_mbox_hdr *hdr) 335 { 336 void __iomem *src = wmi_buffer(wil, ptr); 337 338 if (!src) 339 return -EINVAL; 340 341 wil_memcpy_fromio_32(hdr, src, sizeof(*hdr)); 342 343 return 0; 344 } 345 346 static const char *cmdid2name(u16 cmdid) 347 { 348 switch (cmdid) { 349 case WMI_NOTIFY_REQ_CMDID: 350 return "WMI_NOTIFY_REQ_CMD"; 351 case WMI_START_SCAN_CMDID: 352 return "WMI_START_SCAN_CMD"; 353 case WMI_CONNECT_CMDID: 354 return "WMI_CONNECT_CMD"; 355 case WMI_DISCONNECT_CMDID: 356 return "WMI_DISCONNECT_CMD"; 357 case WMI_SW_TX_REQ_CMDID: 358 return "WMI_SW_TX_REQ_CMD"; 359 case WMI_GET_RF_SECTOR_PARAMS_CMDID: 360 return "WMI_GET_RF_SECTOR_PARAMS_CMD"; 361 case WMI_SET_RF_SECTOR_PARAMS_CMDID: 362 return "WMI_SET_RF_SECTOR_PARAMS_CMD"; 363 case WMI_GET_SELECTED_RF_SECTOR_INDEX_CMDID: 364 return "WMI_GET_SELECTED_RF_SECTOR_INDEX_CMD"; 365 case WMI_SET_SELECTED_RF_SECTOR_INDEX_CMDID: 366 return "WMI_SET_SELECTED_RF_SECTOR_INDEX_CMD"; 367 case WMI_BRP_SET_ANT_LIMIT_CMDID: 368 return "WMI_BRP_SET_ANT_LIMIT_CMD"; 369 case WMI_TOF_SESSION_START_CMDID: 370 return "WMI_TOF_SESSION_START_CMD"; 371 case WMI_AOA_MEAS_CMDID: 372 return "WMI_AOA_MEAS_CMD"; 373 case WMI_PMC_CMDID: 374 return "WMI_PMC_CMD"; 375 case WMI_TOF_GET_TX_RX_OFFSET_CMDID: 376 return "WMI_TOF_GET_TX_RX_OFFSET_CMD"; 377 case WMI_TOF_SET_TX_RX_OFFSET_CMDID: 378 return "WMI_TOF_SET_TX_RX_OFFSET_CMD"; 379 case WMI_VRING_CFG_CMDID: 380 return "WMI_VRING_CFG_CMD"; 381 case WMI_BCAST_VRING_CFG_CMDID: 382 return "WMI_BCAST_VRING_CFG_CMD"; 383 case WMI_TRAFFIC_SUSPEND_CMDID: 384 return "WMI_TRAFFIC_SUSPEND_CMD"; 385 case WMI_TRAFFIC_RESUME_CMDID: 386 return "WMI_TRAFFIC_RESUME_CMD"; 387 case WMI_ECHO_CMDID: 388 return "WMI_ECHO_CMD"; 389 case WMI_SET_MAC_ADDRESS_CMDID: 390 return "WMI_SET_MAC_ADDRESS_CMD"; 391 case WMI_LED_CFG_CMDID: 392 return "WMI_LED_CFG_CMD"; 393 case WMI_PCP_START_CMDID: 394 return "WMI_PCP_START_CMD"; 395 case WMI_PCP_STOP_CMDID: 396 return "WMI_PCP_STOP_CMD"; 397 case WMI_SET_SSID_CMDID: 398 return "WMI_SET_SSID_CMD"; 399 case WMI_GET_SSID_CMDID: 400 return "WMI_GET_SSID_CMD"; 401 case WMI_SET_PCP_CHANNEL_CMDID: 402 return "WMI_SET_PCP_CHANNEL_CMD"; 403 case WMI_GET_PCP_CHANNEL_CMDID: 404 return "WMI_GET_PCP_CHANNEL_CMD"; 405 case WMI_P2P_CFG_CMDID: 406 return "WMI_P2P_CFG_CMD"; 407 case WMI_PORT_ALLOCATE_CMDID: 408 return "WMI_PORT_ALLOCATE_CMD"; 409 case WMI_PORT_DELETE_CMDID: 410 return "WMI_PORT_DELETE_CMD"; 411 case WMI_START_LISTEN_CMDID: 412 return "WMI_START_LISTEN_CMD"; 413 case WMI_START_SEARCH_CMDID: 414 return "WMI_START_SEARCH_CMD"; 415 case WMI_DISCOVERY_STOP_CMDID: 416 return "WMI_DISCOVERY_STOP_CMD"; 417 case WMI_DELETE_CIPHER_KEY_CMDID: 418 return "WMI_DELETE_CIPHER_KEY_CMD"; 419 case WMI_ADD_CIPHER_KEY_CMDID: 420 return "WMI_ADD_CIPHER_KEY_CMD"; 421 case WMI_SET_APPIE_CMDID: 422 return "WMI_SET_APPIE_CMD"; 423 case WMI_CFG_RX_CHAIN_CMDID: 424 return "WMI_CFG_RX_CHAIN_CMD"; 425 case WMI_TEMP_SENSE_CMDID: 426 return "WMI_TEMP_SENSE_CMD"; 427 case WMI_DEL_STA_CMDID: 428 return "WMI_DEL_STA_CMD"; 429 case WMI_DISCONNECT_STA_CMDID: 430 return "WMI_DISCONNECT_STA_CMD"; 431 case WMI_RING_BA_EN_CMDID: 432 return "WMI_RING_BA_EN_CMD"; 433 case WMI_RING_BA_DIS_CMDID: 434 return "WMI_RING_BA_DIS_CMD"; 435 case WMI_RCP_DELBA_CMDID: 436 return "WMI_RCP_DELBA_CMD"; 437 case WMI_RCP_ADDBA_RESP_CMDID: 438 return "WMI_RCP_ADDBA_RESP_CMD"; 439 case WMI_RCP_ADDBA_RESP_EDMA_CMDID: 440 return "WMI_RCP_ADDBA_RESP_EDMA_CMD"; 441 case WMI_PS_DEV_PROFILE_CFG_CMDID: 442 return "WMI_PS_DEV_PROFILE_CFG_CMD"; 443 case WMI_SET_MGMT_RETRY_LIMIT_CMDID: 444 return "WMI_SET_MGMT_RETRY_LIMIT_CMD"; 445 case WMI_GET_MGMT_RETRY_LIMIT_CMDID: 446 return "WMI_GET_MGMT_RETRY_LIMIT_CMD"; 447 case WMI_ABORT_SCAN_CMDID: 448 return "WMI_ABORT_SCAN_CMD"; 449 case WMI_NEW_STA_CMDID: 450 return "WMI_NEW_STA_CMD"; 451 case WMI_SET_THERMAL_THROTTLING_CFG_CMDID: 452 return "WMI_SET_THERMAL_THROTTLING_CFG_CMD"; 453 case WMI_GET_THERMAL_THROTTLING_CFG_CMDID: 454 return "WMI_GET_THERMAL_THROTTLING_CFG_CMD"; 455 case WMI_LINK_MAINTAIN_CFG_WRITE_CMDID: 456 return "WMI_LINK_MAINTAIN_CFG_WRITE_CMD"; 457 case WMI_LO_POWER_CALIB_FROM_OTP_CMDID: 458 return "WMI_LO_POWER_CALIB_FROM_OTP_CMD"; 459 case WMI_START_SCHED_SCAN_CMDID: 460 return "WMI_START_SCHED_SCAN_CMD"; 461 case WMI_STOP_SCHED_SCAN_CMDID: 462 return "WMI_STOP_SCHED_SCAN_CMD"; 463 case WMI_TX_STATUS_RING_ADD_CMDID: 464 return "WMI_TX_STATUS_RING_ADD_CMD"; 465 case WMI_RX_STATUS_RING_ADD_CMDID: 466 return "WMI_RX_STATUS_RING_ADD_CMD"; 467 case WMI_TX_DESC_RING_ADD_CMDID: 468 return "WMI_TX_DESC_RING_ADD_CMD"; 469 case WMI_RX_DESC_RING_ADD_CMDID: 470 return "WMI_RX_DESC_RING_ADD_CMD"; 471 case WMI_BCAST_DESC_RING_ADD_CMDID: 472 return "WMI_BCAST_DESC_RING_ADD_CMD"; 473 case WMI_CFG_DEF_RX_OFFLOAD_CMDID: 474 return "WMI_CFG_DEF_RX_OFFLOAD_CMD"; 475 case WMI_LINK_STATS_CMDID: 476 return "WMI_LINK_STATS_CMD"; 477 case WMI_SW_TX_REQ_EXT_CMDID: 478 return "WMI_SW_TX_REQ_EXT_CMDID"; 479 case WMI_FT_AUTH_CMDID: 480 return "WMI_FT_AUTH_CMD"; 481 case WMI_FT_REASSOC_CMDID: 482 return "WMI_FT_REASSOC_CMD"; 483 case WMI_UPDATE_FT_IES_CMDID: 484 return "WMI_UPDATE_FT_IES_CMD"; 485 default: 486 return "Untracked CMD"; 487 } 488 } 489 490 static const char *eventid2name(u16 eventid) 491 { 492 switch (eventid) { 493 case WMI_NOTIFY_REQ_DONE_EVENTID: 494 return "WMI_NOTIFY_REQ_DONE_EVENT"; 495 case WMI_DISCONNECT_EVENTID: 496 return "WMI_DISCONNECT_EVENT"; 497 case WMI_SW_TX_COMPLETE_EVENTID: 498 return "WMI_SW_TX_COMPLETE_EVENT"; 499 case WMI_GET_RF_SECTOR_PARAMS_DONE_EVENTID: 500 return "WMI_GET_RF_SECTOR_PARAMS_DONE_EVENT"; 501 case WMI_SET_RF_SECTOR_PARAMS_DONE_EVENTID: 502 return "WMI_SET_RF_SECTOR_PARAMS_DONE_EVENT"; 503 case WMI_GET_SELECTED_RF_SECTOR_INDEX_DONE_EVENTID: 504 return "WMI_GET_SELECTED_RF_SECTOR_INDEX_DONE_EVENT"; 505 case WMI_SET_SELECTED_RF_SECTOR_INDEX_DONE_EVENTID: 506 return "WMI_SET_SELECTED_RF_SECTOR_INDEX_DONE_EVENT"; 507 case WMI_BRP_SET_ANT_LIMIT_EVENTID: 508 return "WMI_BRP_SET_ANT_LIMIT_EVENT"; 509 case WMI_FW_READY_EVENTID: 510 return "WMI_FW_READY_EVENT"; 511 case WMI_TRAFFIC_RESUME_EVENTID: 512 return "WMI_TRAFFIC_RESUME_EVENT"; 513 case WMI_TOF_GET_TX_RX_OFFSET_EVENTID: 514 return "WMI_TOF_GET_TX_RX_OFFSET_EVENT"; 515 case WMI_TOF_SET_TX_RX_OFFSET_EVENTID: 516 return "WMI_TOF_SET_TX_RX_OFFSET_EVENT"; 517 case WMI_VRING_CFG_DONE_EVENTID: 518 return "WMI_VRING_CFG_DONE_EVENT"; 519 case WMI_READY_EVENTID: 520 return "WMI_READY_EVENT"; 521 case WMI_RX_MGMT_PACKET_EVENTID: 522 return "WMI_RX_MGMT_PACKET_EVENT"; 523 case WMI_TX_MGMT_PACKET_EVENTID: 524 return "WMI_TX_MGMT_PACKET_EVENT"; 525 case WMI_SCAN_COMPLETE_EVENTID: 526 return "WMI_SCAN_COMPLETE_EVENT"; 527 case WMI_ACS_PASSIVE_SCAN_COMPLETE_EVENTID: 528 return "WMI_ACS_PASSIVE_SCAN_COMPLETE_EVENT"; 529 case WMI_CONNECT_EVENTID: 530 return "WMI_CONNECT_EVENT"; 531 case WMI_EAPOL_RX_EVENTID: 532 return "WMI_EAPOL_RX_EVENT"; 533 case WMI_BA_STATUS_EVENTID: 534 return "WMI_BA_STATUS_EVENT"; 535 case WMI_RCP_ADDBA_REQ_EVENTID: 536 return "WMI_RCP_ADDBA_REQ_EVENT"; 537 case WMI_DELBA_EVENTID: 538 return "WMI_DELBA_EVENT"; 539 case WMI_RING_EN_EVENTID: 540 return "WMI_RING_EN_EVENT"; 541 case WMI_DATA_PORT_OPEN_EVENTID: 542 return "WMI_DATA_PORT_OPEN_EVENT"; 543 case WMI_AOA_MEAS_EVENTID: 544 return "WMI_AOA_MEAS_EVENT"; 545 case WMI_TOF_SESSION_END_EVENTID: 546 return "WMI_TOF_SESSION_END_EVENT"; 547 case WMI_TOF_GET_CAPABILITIES_EVENTID: 548 return "WMI_TOF_GET_CAPABILITIES_EVENT"; 549 case WMI_TOF_SET_LCR_EVENTID: 550 return "WMI_TOF_SET_LCR_EVENT"; 551 case WMI_TOF_SET_LCI_EVENTID: 552 return "WMI_TOF_SET_LCI_EVENT"; 553 case WMI_TOF_FTM_PER_DEST_RES_EVENTID: 554 return "WMI_TOF_FTM_PER_DEST_RES_EVENT"; 555 case WMI_TOF_CHANNEL_INFO_EVENTID: 556 return "WMI_TOF_CHANNEL_INFO_EVENT"; 557 case WMI_TRAFFIC_SUSPEND_EVENTID: 558 return "WMI_TRAFFIC_SUSPEND_EVENT"; 559 case WMI_ECHO_RSP_EVENTID: 560 return "WMI_ECHO_RSP_EVENT"; 561 case WMI_LED_CFG_DONE_EVENTID: 562 return "WMI_LED_CFG_DONE_EVENT"; 563 case WMI_PCP_STARTED_EVENTID: 564 return "WMI_PCP_STARTED_EVENT"; 565 case WMI_PCP_STOPPED_EVENTID: 566 return "WMI_PCP_STOPPED_EVENT"; 567 case WMI_GET_SSID_EVENTID: 568 return "WMI_GET_SSID_EVENT"; 569 case WMI_GET_PCP_CHANNEL_EVENTID: 570 return "WMI_GET_PCP_CHANNEL_EVENT"; 571 case WMI_P2P_CFG_DONE_EVENTID: 572 return "WMI_P2P_CFG_DONE_EVENT"; 573 case WMI_PORT_ALLOCATED_EVENTID: 574 return "WMI_PORT_ALLOCATED_EVENT"; 575 case WMI_PORT_DELETED_EVENTID: 576 return "WMI_PORT_DELETED_EVENT"; 577 case WMI_LISTEN_STARTED_EVENTID: 578 return "WMI_LISTEN_STARTED_EVENT"; 579 case WMI_SEARCH_STARTED_EVENTID: 580 return "WMI_SEARCH_STARTED_EVENT"; 581 case WMI_DISCOVERY_STOPPED_EVENTID: 582 return "WMI_DISCOVERY_STOPPED_EVENT"; 583 case WMI_CFG_RX_CHAIN_DONE_EVENTID: 584 return "WMI_CFG_RX_CHAIN_DONE_EVENT"; 585 case WMI_TEMP_SENSE_DONE_EVENTID: 586 return "WMI_TEMP_SENSE_DONE_EVENT"; 587 case WMI_RCP_ADDBA_RESP_SENT_EVENTID: 588 return "WMI_RCP_ADDBA_RESP_SENT_EVENT"; 589 case WMI_PS_DEV_PROFILE_CFG_EVENTID: 590 return "WMI_PS_DEV_PROFILE_CFG_EVENT"; 591 case WMI_SET_MGMT_RETRY_LIMIT_EVENTID: 592 return "WMI_SET_MGMT_RETRY_LIMIT_EVENT"; 593 case WMI_GET_MGMT_RETRY_LIMIT_EVENTID: 594 return "WMI_GET_MGMT_RETRY_LIMIT_EVENT"; 595 case WMI_SET_THERMAL_THROTTLING_CFG_EVENTID: 596 return "WMI_SET_THERMAL_THROTTLING_CFG_EVENT"; 597 case WMI_GET_THERMAL_THROTTLING_CFG_EVENTID: 598 return "WMI_GET_THERMAL_THROTTLING_CFG_EVENT"; 599 case WMI_LINK_MAINTAIN_CFG_WRITE_DONE_EVENTID: 600 return "WMI_LINK_MAINTAIN_CFG_WRITE_DONE_EVENT"; 601 case WMI_LO_POWER_CALIB_FROM_OTP_EVENTID: 602 return "WMI_LO_POWER_CALIB_FROM_OTP_EVENT"; 603 case WMI_START_SCHED_SCAN_EVENTID: 604 return "WMI_START_SCHED_SCAN_EVENT"; 605 case WMI_STOP_SCHED_SCAN_EVENTID: 606 return "WMI_STOP_SCHED_SCAN_EVENT"; 607 case WMI_SCHED_SCAN_RESULT_EVENTID: 608 return "WMI_SCHED_SCAN_RESULT_EVENT"; 609 case WMI_TX_STATUS_RING_CFG_DONE_EVENTID: 610 return "WMI_TX_STATUS_RING_CFG_DONE_EVENT"; 611 case WMI_RX_STATUS_RING_CFG_DONE_EVENTID: 612 return "WMI_RX_STATUS_RING_CFG_DONE_EVENT"; 613 case WMI_TX_DESC_RING_CFG_DONE_EVENTID: 614 return "WMI_TX_DESC_RING_CFG_DONE_EVENT"; 615 case WMI_RX_DESC_RING_CFG_DONE_EVENTID: 616 return "WMI_RX_DESC_RING_CFG_DONE_EVENT"; 617 case WMI_CFG_DEF_RX_OFFLOAD_DONE_EVENTID: 618 return "WMI_CFG_DEF_RX_OFFLOAD_DONE_EVENT"; 619 case WMI_LINK_STATS_CONFIG_DONE_EVENTID: 620 return "WMI_LINK_STATS_CONFIG_DONE_EVENT"; 621 case WMI_LINK_STATS_EVENTID: 622 return "WMI_LINK_STATS_EVENT"; 623 case WMI_COMMAND_NOT_SUPPORTED_EVENTID: 624 return "WMI_COMMAND_NOT_SUPPORTED_EVENT"; 625 case WMI_FT_AUTH_STATUS_EVENTID: 626 return "WMI_FT_AUTH_STATUS_EVENT"; 627 case WMI_FT_REASSOC_STATUS_EVENTID: 628 return "WMI_FT_REASSOC_STATUS_EVENT"; 629 default: 630 return "Untracked EVENT"; 631 } 632 } 633 634 static int __wmi_send(struct wil6210_priv *wil, u16 cmdid, u8 mid, 635 void *buf, u16 len) 636 { 637 struct { 638 struct wil6210_mbox_hdr hdr; 639 struct wmi_cmd_hdr wmi; 640 } __packed cmd = { 641 .hdr = { 642 .type = WIL_MBOX_HDR_TYPE_WMI, 643 .flags = 0, 644 .len = cpu_to_le16(sizeof(cmd.wmi) + len), 645 }, 646 .wmi = { 647 .mid = mid, 648 .command_id = cpu_to_le16(cmdid), 649 }, 650 }; 651 struct wil6210_mbox_ring *r = &wil->mbox_ctl.tx; 652 struct wil6210_mbox_ring_desc d_head; 653 u32 next_head; 654 void __iomem *dst; 655 void __iomem *head = wmi_addr(wil, r->head); 656 uint retry; 657 int rc = 0; 658 659 if (len > r->entry_size - sizeof(cmd)) { 660 wil_err(wil, "WMI size too large: %d bytes, max is %d\n", 661 (int)(sizeof(cmd) + len), r->entry_size); 662 return -ERANGE; 663 } 664 665 might_sleep(); 666 667 if (!test_bit(wil_status_fwready, wil->status)) { 668 wil_err(wil, "WMI: cannot send command while FW not ready\n"); 669 return -EAGAIN; 670 } 671 672 /* Allow sending only suspend / resume commands during susepnd flow */ 673 if ((test_bit(wil_status_suspending, wil->status) || 674 test_bit(wil_status_suspended, wil->status) || 675 test_bit(wil_status_resuming, wil->status)) && 676 ((cmdid != WMI_TRAFFIC_SUSPEND_CMDID) && 677 (cmdid != WMI_TRAFFIC_RESUME_CMDID))) { 678 wil_err(wil, "WMI: reject send_command during suspend\n"); 679 return -EINVAL; 680 } 681 682 if (!head) { 683 wil_err(wil, "WMI head is garbage: 0x%08x\n", r->head); 684 return -EINVAL; 685 } 686 687 wil_halp_vote(wil); 688 689 /* read Tx head till it is not busy */ 690 for (retry = 5; retry > 0; retry--) { 691 wil_memcpy_fromio_32(&d_head, head, sizeof(d_head)); 692 if (d_head.sync == 0) 693 break; 694 msleep(20); 695 } 696 if (d_head.sync != 0) { 697 wil_err(wil, "WMI head busy\n"); 698 rc = -EBUSY; 699 goto out; 700 } 701 /* next head */ 702 next_head = r->base + ((r->head - r->base + sizeof(d_head)) % r->size); 703 wil_dbg_wmi(wil, "Head 0x%08x -> 0x%08x\n", r->head, next_head); 704 /* wait till FW finish with previous command */ 705 for (retry = 5; retry > 0; retry--) { 706 if (!test_bit(wil_status_fwready, wil->status)) { 707 wil_err(wil, "WMI: cannot send command while FW not ready\n"); 708 rc = -EAGAIN; 709 goto out; 710 } 711 r->tail = wil_r(wil, RGF_MBOX + 712 offsetof(struct wil6210_mbox_ctl, tx.tail)); 713 if (next_head != r->tail) 714 break; 715 msleep(20); 716 } 717 if (next_head == r->tail) { 718 wil_err(wil, "WMI ring full\n"); 719 rc = -EBUSY; 720 goto out; 721 } 722 dst = wmi_buffer(wil, d_head.addr); 723 if (!dst) { 724 wil_err(wil, "invalid WMI buffer: 0x%08x\n", 725 le32_to_cpu(d_head.addr)); 726 rc = -EAGAIN; 727 goto out; 728 } 729 cmd.hdr.seq = cpu_to_le16(++wil->wmi_seq); 730 /* set command */ 731 wil_dbg_wmi(wil, "sending %s (0x%04x) [%d] mid %d\n", 732 cmdid2name(cmdid), cmdid, len, mid); 733 wil_hex_dump_wmi("Cmd ", DUMP_PREFIX_OFFSET, 16, 1, &cmd, 734 sizeof(cmd), true); 735 wil_hex_dump_wmi("cmd ", DUMP_PREFIX_OFFSET, 16, 1, buf, 736 len, true); 737 wil_memcpy_toio_32(dst, &cmd, sizeof(cmd)); 738 wil_memcpy_toio_32(dst + sizeof(cmd), buf, len); 739 /* mark entry as full */ 740 wil_w(wil, r->head + offsetof(struct wil6210_mbox_ring_desc, sync), 1); 741 /* advance next ptr */ 742 wil_w(wil, RGF_MBOX + offsetof(struct wil6210_mbox_ctl, tx.head), 743 r->head = next_head); 744 745 trace_wil6210_wmi_cmd(&cmd.wmi, buf, len); 746 747 /* interrupt to FW */ 748 wil_w(wil, RGF_USER_USER_ICR + offsetof(struct RGF_ICR, ICS), 749 SW_INT_MBOX); 750 751 out: 752 wil_halp_unvote(wil); 753 return rc; 754 } 755 756 int wmi_send(struct wil6210_priv *wil, u16 cmdid, u8 mid, void *buf, u16 len) 757 { 758 int rc; 759 760 mutex_lock(&wil->wmi_mutex); 761 rc = __wmi_send(wil, cmdid, mid, buf, len); 762 mutex_unlock(&wil->wmi_mutex); 763 764 return rc; 765 } 766 767 /*=== Event handlers ===*/ 768 static void wmi_evt_ready(struct wil6210_vif *vif, int id, void *d, int len) 769 { 770 struct wil6210_priv *wil = vif_to_wil(vif); 771 struct wiphy *wiphy = wil_to_wiphy(wil); 772 struct wmi_ready_event *evt = d; 773 774 wil_info(wil, "FW ver. %s(SW %d); MAC %pM; %d MID's\n", 775 wil->fw_version, le32_to_cpu(evt->sw_version), 776 evt->mac, evt->numof_additional_mids); 777 if (evt->numof_additional_mids + 1 < wil->max_vifs) { 778 wil_err(wil, "FW does not support enough MIDs (need %d)", 779 wil->max_vifs - 1); 780 return; /* FW load will fail after timeout */ 781 } 782 /* ignore MAC address, we already have it from the boot loader */ 783 strlcpy(wiphy->fw_version, wil->fw_version, sizeof(wiphy->fw_version)); 784 785 if (len > offsetof(struct wmi_ready_event, rfc_read_calib_result)) { 786 wil_dbg_wmi(wil, "rfc calibration result %d\n", 787 evt->rfc_read_calib_result); 788 wil->fw_calib_result = evt->rfc_read_calib_result; 789 } 790 wil_set_recovery_state(wil, fw_recovery_idle); 791 set_bit(wil_status_fwready, wil->status); 792 /* let the reset sequence continue */ 793 complete(&wil->wmi_ready); 794 } 795 796 static void wmi_evt_rx_mgmt(struct wil6210_vif *vif, int id, void *d, int len) 797 { 798 struct wil6210_priv *wil = vif_to_wil(vif); 799 struct wmi_rx_mgmt_packet_event *data = d; 800 struct wiphy *wiphy = wil_to_wiphy(wil); 801 struct ieee80211_mgmt *rx_mgmt_frame = 802 (struct ieee80211_mgmt *)data->payload; 803 int flen = len - offsetof(struct wmi_rx_mgmt_packet_event, payload); 804 int ch_no; 805 u32 freq; 806 struct ieee80211_channel *channel; 807 s32 signal; 808 __le16 fc; 809 u32 d_len; 810 u16 d_status; 811 812 if (flen < 0) { 813 wil_err(wil, "MGMT Rx: short event, len %d\n", len); 814 return; 815 } 816 817 d_len = le32_to_cpu(data->info.len); 818 if (d_len != flen) { 819 wil_err(wil, 820 "MGMT Rx: length mismatch, d_len %d should be %d\n", 821 d_len, flen); 822 return; 823 } 824 825 ch_no = data->info.channel + 1; 826 freq = ieee80211_channel_to_frequency(ch_no, NL80211_BAND_60GHZ); 827 channel = ieee80211_get_channel(wiphy, freq); 828 if (test_bit(WMI_FW_CAPABILITY_RSSI_REPORTING, wil->fw_capabilities)) 829 signal = 100 * data->info.rssi; 830 else 831 signal = data->info.sqi; 832 d_status = le16_to_cpu(data->info.status); 833 fc = rx_mgmt_frame->frame_control; 834 835 wil_dbg_wmi(wil, "MGMT Rx: channel %d MCS %d RSSI %d SQI %d%%\n", 836 data->info.channel, data->info.mcs, data->info.rssi, 837 data->info.sqi); 838 wil_dbg_wmi(wil, "status 0x%04x len %d fc 0x%04x\n", d_status, d_len, 839 le16_to_cpu(fc)); 840 wil_dbg_wmi(wil, "qid %d mid %d cid %d\n", 841 data->info.qid, data->info.mid, data->info.cid); 842 wil_hex_dump_wmi("MGMT Rx ", DUMP_PREFIX_OFFSET, 16, 1, rx_mgmt_frame, 843 d_len, true); 844 845 if (!channel) { 846 wil_err(wil, "Frame on unsupported channel\n"); 847 return; 848 } 849 850 if (ieee80211_is_beacon(fc) || ieee80211_is_probe_resp(fc)) { 851 struct cfg80211_bss *bss; 852 u64 tsf = le64_to_cpu(rx_mgmt_frame->u.beacon.timestamp); 853 u16 cap = le16_to_cpu(rx_mgmt_frame->u.beacon.capab_info); 854 u16 bi = le16_to_cpu(rx_mgmt_frame->u.beacon.beacon_int); 855 const u8 *ie_buf = rx_mgmt_frame->u.beacon.variable; 856 size_t ie_len = d_len - offsetof(struct ieee80211_mgmt, 857 u.beacon.variable); 858 wil_dbg_wmi(wil, "Capability info : 0x%04x\n", cap); 859 wil_dbg_wmi(wil, "TSF : 0x%016llx\n", tsf); 860 wil_dbg_wmi(wil, "Beacon interval : %d\n", bi); 861 wil_hex_dump_wmi("IE ", DUMP_PREFIX_OFFSET, 16, 1, ie_buf, 862 ie_len, true); 863 864 wil_dbg_wmi(wil, "Capability info : 0x%04x\n", cap); 865 866 bss = cfg80211_inform_bss_frame(wiphy, channel, rx_mgmt_frame, 867 d_len, signal, GFP_KERNEL); 868 if (bss) { 869 wil_dbg_wmi(wil, "Added BSS %pM\n", 870 rx_mgmt_frame->bssid); 871 cfg80211_put_bss(wiphy, bss); 872 } else { 873 wil_err(wil, "cfg80211_inform_bss_frame() failed\n"); 874 } 875 } else { 876 mutex_lock(&wil->vif_mutex); 877 cfg80211_rx_mgmt(vif_to_radio_wdev(wil, vif), freq, signal, 878 (void *)rx_mgmt_frame, d_len, 0); 879 mutex_unlock(&wil->vif_mutex); 880 } 881 } 882 883 static void wmi_evt_tx_mgmt(struct wil6210_vif *vif, int id, void *d, int len) 884 { 885 struct wmi_tx_mgmt_packet_event *data = d; 886 struct ieee80211_mgmt *mgmt_frame = 887 (struct ieee80211_mgmt *)data->payload; 888 int flen = len - offsetof(struct wmi_tx_mgmt_packet_event, payload); 889 890 wil_hex_dump_wmi("MGMT Tx ", DUMP_PREFIX_OFFSET, 16, 1, mgmt_frame, 891 flen, true); 892 } 893 894 static void wmi_evt_scan_complete(struct wil6210_vif *vif, int id, 895 void *d, int len) 896 { 897 struct wil6210_priv *wil = vif_to_wil(vif); 898 899 mutex_lock(&wil->vif_mutex); 900 if (vif->scan_request) { 901 struct wmi_scan_complete_event *data = d; 902 int status = le32_to_cpu(data->status); 903 struct cfg80211_scan_info info = { 904 .aborted = ((status != WMI_SCAN_SUCCESS) && 905 (status != WMI_SCAN_ABORT_REJECTED)), 906 }; 907 908 wil_dbg_wmi(wil, "SCAN_COMPLETE(0x%08x)\n", status); 909 wil_dbg_misc(wil, "Complete scan_request 0x%p aborted %d\n", 910 vif->scan_request, info.aborted); 911 del_timer_sync(&vif->scan_timer); 912 cfg80211_scan_done(vif->scan_request, &info); 913 if (vif->mid == 0) 914 wil->radio_wdev = wil->main_ndev->ieee80211_ptr; 915 vif->scan_request = NULL; 916 wake_up_interruptible(&wil->wq); 917 if (vif->p2p.pending_listen_wdev) { 918 wil_dbg_misc(wil, "Scheduling delayed listen\n"); 919 schedule_work(&vif->p2p.delayed_listen_work); 920 } 921 } else { 922 wil_err(wil, "SCAN_COMPLETE while not scanning\n"); 923 } 924 mutex_unlock(&wil->vif_mutex); 925 } 926 927 static void wmi_evt_connect(struct wil6210_vif *vif, int id, void *d, int len) 928 { 929 struct wil6210_priv *wil = vif_to_wil(vif); 930 struct net_device *ndev = vif_to_ndev(vif); 931 struct wireless_dev *wdev = vif_to_wdev(vif); 932 struct wmi_connect_event *evt = d; 933 int ch; /* channel number */ 934 struct station_info *sinfo; 935 u8 *assoc_req_ie, *assoc_resp_ie; 936 size_t assoc_req_ielen, assoc_resp_ielen; 937 /* capinfo(u16) + listen_interval(u16) + IEs */ 938 const size_t assoc_req_ie_offset = sizeof(u16) * 2; 939 /* capinfo(u16) + status_code(u16) + associd(u16) + IEs */ 940 const size_t assoc_resp_ie_offset = sizeof(u16) * 3; 941 int rc; 942 943 if (len < sizeof(*evt)) { 944 wil_err(wil, "Connect event too short : %d bytes\n", len); 945 return; 946 } 947 if (len != sizeof(*evt) + evt->beacon_ie_len + evt->assoc_req_len + 948 evt->assoc_resp_len) { 949 wil_err(wil, 950 "Connect event corrupted : %d != %d + %d + %d + %d\n", 951 len, (int)sizeof(*evt), evt->beacon_ie_len, 952 evt->assoc_req_len, evt->assoc_resp_len); 953 return; 954 } 955 if (evt->cid >= WIL6210_MAX_CID) { 956 wil_err(wil, "Connect CID invalid : %d\n", evt->cid); 957 return; 958 } 959 960 ch = evt->channel + 1; 961 wil_info(wil, "Connect %pM channel [%d] cid %d aid %d\n", 962 evt->bssid, ch, evt->cid, evt->aid); 963 wil_hex_dump_wmi("connect AI : ", DUMP_PREFIX_OFFSET, 16, 1, 964 evt->assoc_info, len - sizeof(*evt), true); 965 966 /* figure out IE's */ 967 assoc_req_ie = &evt->assoc_info[evt->beacon_ie_len + 968 assoc_req_ie_offset]; 969 assoc_req_ielen = evt->assoc_req_len - assoc_req_ie_offset; 970 if (evt->assoc_req_len <= assoc_req_ie_offset) { 971 assoc_req_ie = NULL; 972 assoc_req_ielen = 0; 973 } 974 975 assoc_resp_ie = &evt->assoc_info[evt->beacon_ie_len + 976 evt->assoc_req_len + 977 assoc_resp_ie_offset]; 978 assoc_resp_ielen = evt->assoc_resp_len - assoc_resp_ie_offset; 979 if (evt->assoc_resp_len <= assoc_resp_ie_offset) { 980 assoc_resp_ie = NULL; 981 assoc_resp_ielen = 0; 982 } 983 984 if (test_bit(wil_status_resetting, wil->status) || 985 !test_bit(wil_status_fwready, wil->status)) { 986 wil_err(wil, "status_resetting, cancel connect event, CID %d\n", 987 evt->cid); 988 /* no need for cleanup, wil_reset will do that */ 989 return; 990 } 991 992 mutex_lock(&wil->mutex); 993 994 if ((wdev->iftype == NL80211_IFTYPE_STATION) || 995 (wdev->iftype == NL80211_IFTYPE_P2P_CLIENT)) { 996 if (!test_bit(wil_vif_fwconnecting, vif->status)) { 997 wil_err(wil, "Not in connecting state\n"); 998 mutex_unlock(&wil->mutex); 999 return; 1000 } 1001 del_timer_sync(&vif->connect_timer); 1002 } else if ((wdev->iftype == NL80211_IFTYPE_AP) || 1003 (wdev->iftype == NL80211_IFTYPE_P2P_GO)) { 1004 if (wil->sta[evt->cid].status != wil_sta_unused) { 1005 wil_err(wil, "AP: Invalid status %d for CID %d\n", 1006 wil->sta[evt->cid].status, evt->cid); 1007 mutex_unlock(&wil->mutex); 1008 return; 1009 } 1010 } 1011 1012 ether_addr_copy(wil->sta[evt->cid].addr, evt->bssid); 1013 wil->sta[evt->cid].mid = vif->mid; 1014 wil->sta[evt->cid].status = wil_sta_conn_pending; 1015 1016 rc = wil_ring_init_tx(vif, evt->cid); 1017 if (rc) { 1018 wil_err(wil, "config tx vring failed for CID %d, rc (%d)\n", 1019 evt->cid, rc); 1020 wmi_disconnect_sta(vif, wil->sta[evt->cid].addr, 1021 WLAN_REASON_UNSPECIFIED, false); 1022 } else { 1023 wil_info(wil, "successful connection to CID %d\n", evt->cid); 1024 } 1025 1026 if ((wdev->iftype == NL80211_IFTYPE_STATION) || 1027 (wdev->iftype == NL80211_IFTYPE_P2P_CLIENT)) { 1028 if (rc) { 1029 netif_carrier_off(ndev); 1030 wil6210_bus_request(wil, WIL_DEFAULT_BUS_REQUEST_KBPS); 1031 wil_err(wil, "cfg80211_connect_result with failure\n"); 1032 cfg80211_connect_result(ndev, evt->bssid, NULL, 0, 1033 NULL, 0, 1034 WLAN_STATUS_UNSPECIFIED_FAILURE, 1035 GFP_KERNEL); 1036 goto out; 1037 } else { 1038 struct wiphy *wiphy = wil_to_wiphy(wil); 1039 1040 cfg80211_ref_bss(wiphy, vif->bss); 1041 cfg80211_connect_bss(ndev, evt->bssid, vif->bss, 1042 assoc_req_ie, assoc_req_ielen, 1043 assoc_resp_ie, assoc_resp_ielen, 1044 WLAN_STATUS_SUCCESS, GFP_KERNEL, 1045 NL80211_TIMEOUT_UNSPECIFIED); 1046 } 1047 vif->bss = NULL; 1048 } else if ((wdev->iftype == NL80211_IFTYPE_AP) || 1049 (wdev->iftype == NL80211_IFTYPE_P2P_GO)) { 1050 1051 if (rc) { 1052 if (disable_ap_sme) 1053 /* notify new_sta has failed */ 1054 cfg80211_del_sta(ndev, evt->bssid, GFP_KERNEL); 1055 goto out; 1056 } 1057 1058 sinfo = kzalloc(sizeof(*sinfo), GFP_KERNEL); 1059 if (!sinfo) { 1060 rc = -ENOMEM; 1061 goto out; 1062 } 1063 1064 sinfo->generation = wil->sinfo_gen++; 1065 1066 if (assoc_req_ie) { 1067 sinfo->assoc_req_ies = assoc_req_ie; 1068 sinfo->assoc_req_ies_len = assoc_req_ielen; 1069 } 1070 1071 cfg80211_new_sta(ndev, evt->bssid, sinfo, GFP_KERNEL); 1072 1073 kfree(sinfo); 1074 } else { 1075 wil_err(wil, "unhandled iftype %d for CID %d\n", wdev->iftype, 1076 evt->cid); 1077 goto out; 1078 } 1079 1080 wil->sta[evt->cid].status = wil_sta_connected; 1081 wil->sta[evt->cid].aid = evt->aid; 1082 if (!test_and_set_bit(wil_vif_fwconnected, vif->status)) 1083 atomic_inc(&wil->connected_vifs); 1084 wil_update_net_queues_bh(wil, vif, NULL, false); 1085 1086 out: 1087 if (rc) { 1088 wil->sta[evt->cid].status = wil_sta_unused; 1089 wil->sta[evt->cid].mid = U8_MAX; 1090 } 1091 clear_bit(wil_vif_fwconnecting, vif->status); 1092 mutex_unlock(&wil->mutex); 1093 } 1094 1095 static void wmi_evt_disconnect(struct wil6210_vif *vif, int id, 1096 void *d, int len) 1097 { 1098 struct wil6210_priv *wil = vif_to_wil(vif); 1099 struct wmi_disconnect_event *evt = d; 1100 u16 reason_code = le16_to_cpu(evt->protocol_reason_status); 1101 1102 wil_info(wil, "Disconnect %pM reason [proto %d wmi %d]\n", 1103 evt->bssid, reason_code, evt->disconnect_reason); 1104 1105 wil->sinfo_gen++; 1106 1107 if (test_bit(wil_status_resetting, wil->status) || 1108 !test_bit(wil_status_fwready, wil->status)) { 1109 wil_err(wil, "status_resetting, cancel disconnect event\n"); 1110 /* no need for cleanup, wil_reset will do that */ 1111 return; 1112 } 1113 1114 mutex_lock(&wil->mutex); 1115 wil6210_disconnect_complete(vif, evt->bssid, reason_code); 1116 if (disable_ap_sme) { 1117 struct wireless_dev *wdev = vif_to_wdev(vif); 1118 struct net_device *ndev = vif_to_ndev(vif); 1119 1120 /* disconnect event in disable_ap_sme mode means link loss */ 1121 switch (wdev->iftype) { 1122 /* AP-like interface */ 1123 case NL80211_IFTYPE_AP: 1124 case NL80211_IFTYPE_P2P_GO: 1125 /* notify hostapd about link loss */ 1126 cfg80211_cqm_pktloss_notify(ndev, evt->bssid, 0, 1127 GFP_KERNEL); 1128 break; 1129 default: 1130 break; 1131 } 1132 } 1133 mutex_unlock(&wil->mutex); 1134 } 1135 1136 /* 1137 * Firmware reports EAPOL frame using WME event. 1138 * Reconstruct Ethernet frame and deliver it via normal Rx 1139 */ 1140 static void wmi_evt_eapol_rx(struct wil6210_vif *vif, int id, void *d, int len) 1141 { 1142 struct wil6210_priv *wil = vif_to_wil(vif); 1143 struct net_device *ndev = vif_to_ndev(vif); 1144 struct wmi_eapol_rx_event *evt = d; 1145 u16 eapol_len = le16_to_cpu(evt->eapol_len); 1146 int sz = eapol_len + ETH_HLEN; 1147 struct sk_buff *skb; 1148 struct ethhdr *eth; 1149 int cid; 1150 struct wil_net_stats *stats = NULL; 1151 1152 wil_dbg_wmi(wil, "EAPOL len %d from %pM MID %d\n", eapol_len, 1153 evt->src_mac, vif->mid); 1154 1155 cid = wil_find_cid(wil, vif->mid, evt->src_mac); 1156 if (cid >= 0) 1157 stats = &wil->sta[cid].stats; 1158 1159 if (eapol_len > 196) { /* TODO: revisit size limit */ 1160 wil_err(wil, "EAPOL too large\n"); 1161 return; 1162 } 1163 1164 skb = alloc_skb(sz, GFP_KERNEL); 1165 if (!skb) { 1166 wil_err(wil, "Failed to allocate skb\n"); 1167 return; 1168 } 1169 1170 eth = skb_put(skb, ETH_HLEN); 1171 ether_addr_copy(eth->h_dest, ndev->dev_addr); 1172 ether_addr_copy(eth->h_source, evt->src_mac); 1173 eth->h_proto = cpu_to_be16(ETH_P_PAE); 1174 skb_put_data(skb, evt->eapol, eapol_len); 1175 skb->protocol = eth_type_trans(skb, ndev); 1176 if (likely(netif_rx_ni(skb) == NET_RX_SUCCESS)) { 1177 ndev->stats.rx_packets++; 1178 ndev->stats.rx_bytes += sz; 1179 if (stats) { 1180 stats->rx_packets++; 1181 stats->rx_bytes += sz; 1182 } 1183 } else { 1184 ndev->stats.rx_dropped++; 1185 if (stats) 1186 stats->rx_dropped++; 1187 } 1188 } 1189 1190 static void wmi_evt_ring_en(struct wil6210_vif *vif, int id, void *d, int len) 1191 { 1192 struct wil6210_priv *wil = vif_to_wil(vif); 1193 struct wmi_ring_en_event *evt = d; 1194 u8 vri = evt->ring_index; 1195 struct wireless_dev *wdev = vif_to_wdev(vif); 1196 struct wil_sta_info *sta; 1197 u8 cid; 1198 struct key_params params; 1199 1200 wil_dbg_wmi(wil, "Enable vring %d MID %d\n", vri, vif->mid); 1201 1202 if (vri >= ARRAY_SIZE(wil->ring_tx)) { 1203 wil_err(wil, "Enable for invalid vring %d\n", vri); 1204 return; 1205 } 1206 1207 if (wdev->iftype != NL80211_IFTYPE_AP || !disable_ap_sme || 1208 test_bit(wil_vif_ft_roam, vif->status)) 1209 /* in AP mode with disable_ap_sme that is not FT, 1210 * this is done by wil_cfg80211_change_station() 1211 */ 1212 wil->ring_tx_data[vri].dot1x_open = true; 1213 if (vri == vif->bcast_ring) /* no BA for bcast */ 1214 return; 1215 1216 cid = wil->ring2cid_tid[vri][0]; 1217 if (!wil_cid_valid(cid)) { 1218 wil_err(wil, "invalid cid %d for vring %d\n", cid, vri); 1219 return; 1220 } 1221 1222 /* In FT mode we get key but not store it as it is received 1223 * before WMI_CONNECT_EVENT received from FW. 1224 * wil_set_crypto_rx is called here to reset the security PN 1225 */ 1226 sta = &wil->sta[cid]; 1227 if (test_bit(wil_vif_ft_roam, vif->status)) { 1228 memset(¶ms, 0, sizeof(params)); 1229 wil_set_crypto_rx(0, WMI_KEY_USE_PAIRWISE, sta, ¶ms); 1230 if (wdev->iftype != NL80211_IFTYPE_AP) 1231 clear_bit(wil_vif_ft_roam, vif->status); 1232 } 1233 1234 if (agg_wsize >= 0) 1235 wil_addba_tx_request(wil, vri, agg_wsize); 1236 } 1237 1238 static void wmi_evt_ba_status(struct wil6210_vif *vif, int id, 1239 void *d, int len) 1240 { 1241 struct wil6210_priv *wil = vif_to_wil(vif); 1242 struct wmi_ba_status_event *evt = d; 1243 struct wil_ring_tx_data *txdata; 1244 1245 wil_dbg_wmi(wil, "BACK[%d] %s {%d} timeout %d AMSDU%s\n", 1246 evt->ringid, 1247 evt->status == WMI_BA_AGREED ? "OK" : "N/A", 1248 evt->agg_wsize, __le16_to_cpu(evt->ba_timeout), 1249 evt->amsdu ? "+" : "-"); 1250 1251 if (evt->ringid >= WIL6210_MAX_TX_RINGS) { 1252 wil_err(wil, "invalid ring id %d\n", evt->ringid); 1253 return; 1254 } 1255 1256 if (evt->status != WMI_BA_AGREED) { 1257 evt->ba_timeout = 0; 1258 evt->agg_wsize = 0; 1259 evt->amsdu = 0; 1260 } 1261 1262 txdata = &wil->ring_tx_data[evt->ringid]; 1263 1264 txdata->agg_timeout = le16_to_cpu(evt->ba_timeout); 1265 txdata->agg_wsize = evt->agg_wsize; 1266 txdata->agg_amsdu = evt->amsdu; 1267 txdata->addba_in_progress = false; 1268 } 1269 1270 static void wmi_evt_addba_rx_req(struct wil6210_vif *vif, int id, 1271 void *d, int len) 1272 { 1273 struct wil6210_priv *wil = vif_to_wil(vif); 1274 struct wmi_rcp_addba_req_event *evt = d; 1275 1276 wil_addba_rx_request(wil, vif->mid, evt->cidxtid, evt->dialog_token, 1277 evt->ba_param_set, evt->ba_timeout, 1278 evt->ba_seq_ctrl); 1279 } 1280 1281 static void wmi_evt_delba(struct wil6210_vif *vif, int id, void *d, int len) 1282 __acquires(&sta->tid_rx_lock) __releases(&sta->tid_rx_lock) 1283 { 1284 struct wil6210_priv *wil = vif_to_wil(vif); 1285 struct wmi_delba_event *evt = d; 1286 u8 cid, tid; 1287 u16 reason = __le16_to_cpu(evt->reason); 1288 struct wil_sta_info *sta; 1289 struct wil_tid_ampdu_rx *r; 1290 1291 might_sleep(); 1292 parse_cidxtid(evt->cidxtid, &cid, &tid); 1293 wil_dbg_wmi(wil, "DELBA MID %d CID %d TID %d from %s reason %d\n", 1294 vif->mid, cid, tid, 1295 evt->from_initiator ? "originator" : "recipient", 1296 reason); 1297 if (!evt->from_initiator) { 1298 int i; 1299 /* find Tx vring it belongs to */ 1300 for (i = 0; i < ARRAY_SIZE(wil->ring2cid_tid); i++) { 1301 if (wil->ring2cid_tid[i][0] == cid && 1302 wil->ring2cid_tid[i][1] == tid) { 1303 struct wil_ring_tx_data *txdata = 1304 &wil->ring_tx_data[i]; 1305 1306 wil_dbg_wmi(wil, "DELBA Tx vring %d\n", i); 1307 txdata->agg_timeout = 0; 1308 txdata->agg_wsize = 0; 1309 txdata->addba_in_progress = false; 1310 1311 break; /* max. 1 matching ring */ 1312 } 1313 } 1314 if (i >= ARRAY_SIZE(wil->ring2cid_tid)) 1315 wil_err(wil, "DELBA: unable to find Tx vring\n"); 1316 return; 1317 } 1318 1319 sta = &wil->sta[cid]; 1320 1321 spin_lock_bh(&sta->tid_rx_lock); 1322 1323 r = sta->tid_rx[tid]; 1324 sta->tid_rx[tid] = NULL; 1325 wil_tid_ampdu_rx_free(wil, r); 1326 1327 spin_unlock_bh(&sta->tid_rx_lock); 1328 } 1329 1330 static void 1331 wmi_evt_sched_scan_result(struct wil6210_vif *vif, int id, void *d, int len) 1332 { 1333 struct wil6210_priv *wil = vif_to_wil(vif); 1334 struct wmi_sched_scan_result_event *data = d; 1335 struct wiphy *wiphy = wil_to_wiphy(wil); 1336 struct ieee80211_mgmt *rx_mgmt_frame = 1337 (struct ieee80211_mgmt *)data->payload; 1338 int flen = len - offsetof(struct wmi_sched_scan_result_event, payload); 1339 int ch_no; 1340 u32 freq; 1341 struct ieee80211_channel *channel; 1342 s32 signal; 1343 __le16 fc; 1344 u32 d_len; 1345 struct cfg80211_bss *bss; 1346 1347 if (flen < 0) { 1348 wil_err(wil, "sched scan result event too short, len %d\n", 1349 len); 1350 return; 1351 } 1352 1353 d_len = le32_to_cpu(data->info.len); 1354 if (d_len != flen) { 1355 wil_err(wil, 1356 "sched scan result length mismatch, d_len %d should be %d\n", 1357 d_len, flen); 1358 return; 1359 } 1360 1361 fc = rx_mgmt_frame->frame_control; 1362 if (!ieee80211_is_probe_resp(fc)) { 1363 wil_err(wil, "sched scan result invalid frame, fc 0x%04x\n", 1364 fc); 1365 return; 1366 } 1367 1368 ch_no = data->info.channel + 1; 1369 freq = ieee80211_channel_to_frequency(ch_no, NL80211_BAND_60GHZ); 1370 channel = ieee80211_get_channel(wiphy, freq); 1371 if (test_bit(WMI_FW_CAPABILITY_RSSI_REPORTING, wil->fw_capabilities)) 1372 signal = 100 * data->info.rssi; 1373 else 1374 signal = data->info.sqi; 1375 1376 wil_dbg_wmi(wil, "sched scan result: channel %d MCS %d RSSI %d\n", 1377 data->info.channel, data->info.mcs, data->info.rssi); 1378 wil_dbg_wmi(wil, "len %d qid %d mid %d cid %d\n", 1379 d_len, data->info.qid, data->info.mid, data->info.cid); 1380 wil_hex_dump_wmi("PROBE ", DUMP_PREFIX_OFFSET, 16, 1, rx_mgmt_frame, 1381 d_len, true); 1382 1383 if (!channel) { 1384 wil_err(wil, "Frame on unsupported channel\n"); 1385 return; 1386 } 1387 1388 bss = cfg80211_inform_bss_frame(wiphy, channel, rx_mgmt_frame, 1389 d_len, signal, GFP_KERNEL); 1390 if (bss) { 1391 wil_dbg_wmi(wil, "Added BSS %pM\n", rx_mgmt_frame->bssid); 1392 cfg80211_put_bss(wiphy, bss); 1393 } else { 1394 wil_err(wil, "cfg80211_inform_bss_frame() failed\n"); 1395 } 1396 1397 cfg80211_sched_scan_results(wiphy, 0); 1398 } 1399 1400 static void wil_link_stats_store_basic(struct wil6210_vif *vif, 1401 struct wmi_link_stats_basic *basic) 1402 { 1403 struct wil6210_priv *wil = vif_to_wil(vif); 1404 u8 cid = basic->cid; 1405 struct wil_sta_info *sta; 1406 1407 if (cid < 0 || cid >= WIL6210_MAX_CID) { 1408 wil_err(wil, "invalid cid %d\n", cid); 1409 return; 1410 } 1411 1412 sta = &wil->sta[cid]; 1413 sta->fw_stats_basic = *basic; 1414 } 1415 1416 static void wil_link_stats_store_global(struct wil6210_vif *vif, 1417 struct wmi_link_stats_global *global) 1418 { 1419 struct wil6210_priv *wil = vif_to_wil(vif); 1420 1421 wil->fw_stats_global.stats = *global; 1422 } 1423 1424 static void wmi_link_stats_parse(struct wil6210_vif *vif, u64 tsf, 1425 bool has_next, void *payload, 1426 size_t payload_size) 1427 { 1428 struct wil6210_priv *wil = vif_to_wil(vif); 1429 size_t hdr_size = sizeof(struct wmi_link_stats_record); 1430 size_t stats_size, record_size, expected_size; 1431 struct wmi_link_stats_record *hdr; 1432 1433 if (payload_size < hdr_size) { 1434 wil_err(wil, "link stats wrong event size %zu\n", payload_size); 1435 return; 1436 } 1437 1438 while (payload_size >= hdr_size) { 1439 hdr = payload; 1440 stats_size = le16_to_cpu(hdr->record_size); 1441 record_size = hdr_size + stats_size; 1442 1443 if (payload_size < record_size) { 1444 wil_err(wil, "link stats payload ended unexpectedly, size %zu < %zu\n", 1445 payload_size, record_size); 1446 return; 1447 } 1448 1449 switch (hdr->record_type_id) { 1450 case WMI_LINK_STATS_TYPE_BASIC: 1451 expected_size = sizeof(struct wmi_link_stats_basic); 1452 if (stats_size < expected_size) { 1453 wil_err(wil, "link stats invalid basic record size %zu < %zu\n", 1454 stats_size, expected_size); 1455 return; 1456 } 1457 if (vif->fw_stats_ready) { 1458 /* clean old statistics */ 1459 vif->fw_stats_tsf = 0; 1460 vif->fw_stats_ready = 0; 1461 } 1462 1463 wil_link_stats_store_basic(vif, payload + hdr_size); 1464 1465 if (!has_next) { 1466 vif->fw_stats_tsf = tsf; 1467 vif->fw_stats_ready = 1; 1468 } 1469 1470 break; 1471 case WMI_LINK_STATS_TYPE_GLOBAL: 1472 expected_size = sizeof(struct wmi_link_stats_global); 1473 if (stats_size < sizeof(struct wmi_link_stats_global)) { 1474 wil_err(wil, "link stats invalid global record size %zu < %zu\n", 1475 stats_size, expected_size); 1476 return; 1477 } 1478 1479 if (wil->fw_stats_global.ready) { 1480 /* clean old statistics */ 1481 wil->fw_stats_global.tsf = 0; 1482 wil->fw_stats_global.ready = 0; 1483 } 1484 1485 wil_link_stats_store_global(vif, payload + hdr_size); 1486 1487 if (!has_next) { 1488 wil->fw_stats_global.tsf = tsf; 1489 wil->fw_stats_global.ready = 1; 1490 } 1491 1492 break; 1493 default: 1494 break; 1495 } 1496 1497 /* skip to next record */ 1498 payload += record_size; 1499 payload_size -= record_size; 1500 } 1501 } 1502 1503 static void 1504 wmi_evt_link_stats(struct wil6210_vif *vif, int id, void *d, int len) 1505 { 1506 struct wil6210_priv *wil = vif_to_wil(vif); 1507 struct wmi_link_stats_event *evt = d; 1508 size_t payload_size; 1509 1510 if (len < offsetof(struct wmi_link_stats_event, payload)) { 1511 wil_err(wil, "stats event way too short %d\n", len); 1512 return; 1513 } 1514 payload_size = le16_to_cpu(evt->payload_size); 1515 if (len < sizeof(struct wmi_link_stats_event) + payload_size) { 1516 wil_err(wil, "stats event too short %d\n", len); 1517 return; 1518 } 1519 1520 wmi_link_stats_parse(vif, le64_to_cpu(evt->tsf), evt->has_next, 1521 evt->payload, payload_size); 1522 } 1523 1524 /** 1525 * find cid and ringid for the station vif 1526 * 1527 * return error, if other interfaces are used or ring was not found 1528 */ 1529 static int wil_find_cid_ringid_sta(struct wil6210_priv *wil, 1530 struct wil6210_vif *vif, 1531 int *cid, 1532 int *ringid) 1533 { 1534 struct wil_ring *ring; 1535 struct wil_ring_tx_data *txdata; 1536 int min_ring_id = wil_get_min_tx_ring_id(wil); 1537 int i; 1538 u8 lcid; 1539 1540 if (!(vif->wdev.iftype == NL80211_IFTYPE_STATION || 1541 vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT)) { 1542 wil_err(wil, "invalid interface type %d\n", vif->wdev.iftype); 1543 return -EINVAL; 1544 } 1545 1546 /* In the STA mode, it is expected to have only one ring 1547 * for the AP we are connected to. 1548 * find it and return the cid associated with it. 1549 */ 1550 for (i = min_ring_id; i < WIL6210_MAX_TX_RINGS; i++) { 1551 ring = &wil->ring_tx[i]; 1552 txdata = &wil->ring_tx_data[i]; 1553 if (!ring->va || !txdata->enabled || txdata->mid != vif->mid) 1554 continue; 1555 1556 lcid = wil->ring2cid_tid[i][0]; 1557 if (lcid >= WIL6210_MAX_CID) /* skip BCAST */ 1558 continue; 1559 1560 wil_dbg_wmi(wil, "find sta -> ringid %d cid %d\n", i, lcid); 1561 *cid = lcid; 1562 *ringid = i; 1563 return 0; 1564 } 1565 1566 wil_dbg_wmi(wil, "find sta cid while no rings active?\n"); 1567 1568 return -ENOENT; 1569 } 1570 1571 static void 1572 wmi_evt_auth_status(struct wil6210_vif *vif, int id, void *d, int len) 1573 { 1574 struct wil6210_priv *wil = vif_to_wil(vif); 1575 struct net_device *ndev = vif_to_ndev(vif); 1576 struct wmi_ft_auth_status_event *data = d; 1577 int ie_len = len - offsetof(struct wmi_ft_auth_status_event, ie_info); 1578 int rc, cid = 0, ringid = 0; 1579 struct cfg80211_ft_event_params ft; 1580 u16 d_len; 1581 /* auth_alg(u16) + auth_transaction(u16) + status_code(u16) */ 1582 const size_t auth_ie_offset = sizeof(u16) * 3; 1583 struct auth_no_hdr *auth = (struct auth_no_hdr *)data->ie_info; 1584 1585 /* check the status */ 1586 if (ie_len >= 0 && data->status != WMI_FW_STATUS_SUCCESS) { 1587 wil_err(wil, "FT: auth failed. status %d\n", data->status); 1588 goto fail; 1589 } 1590 1591 if (ie_len < auth_ie_offset) { 1592 wil_err(wil, "FT: auth event too short, len %d\n", len); 1593 goto fail; 1594 } 1595 1596 d_len = le16_to_cpu(data->ie_len); 1597 if (d_len != ie_len) { 1598 wil_err(wil, 1599 "FT: auth ie length mismatch, d_len %d should be %d\n", 1600 d_len, ie_len); 1601 goto fail; 1602 } 1603 1604 if (!test_bit(wil_vif_ft_roam, wil->status)) { 1605 wil_err(wil, "FT: Not in roaming state\n"); 1606 goto fail; 1607 } 1608 1609 if (le16_to_cpu(auth->auth_transaction) != 2) { 1610 wil_err(wil, "FT: auth error. auth_transaction %d\n", 1611 le16_to_cpu(auth->auth_transaction)); 1612 goto fail; 1613 } 1614 1615 if (le16_to_cpu(auth->auth_alg) != WLAN_AUTH_FT) { 1616 wil_err(wil, "FT: auth error. auth_alg %d\n", 1617 le16_to_cpu(auth->auth_alg)); 1618 goto fail; 1619 } 1620 1621 wil_dbg_wmi(wil, "FT: Auth to %pM successfully\n", data->mac_addr); 1622 wil_hex_dump_wmi("FT Auth ies : ", DUMP_PREFIX_OFFSET, 16, 1, 1623 data->ie_info, d_len, true); 1624 1625 /* find cid and ringid */ 1626 rc = wil_find_cid_ringid_sta(wil, vif, &cid, &ringid); 1627 if (rc) { 1628 wil_err(wil, "No valid cid found\n"); 1629 goto fail; 1630 } 1631 1632 if (vif->privacy) { 1633 /* For secure assoc, remove old keys */ 1634 rc = wmi_del_cipher_key(vif, 0, wil->sta[cid].addr, 1635 WMI_KEY_USE_PAIRWISE); 1636 if (rc) { 1637 wil_err(wil, "WMI_DELETE_CIPHER_KEY_CMD(PTK) failed\n"); 1638 goto fail; 1639 } 1640 rc = wmi_del_cipher_key(vif, 0, wil->sta[cid].addr, 1641 WMI_KEY_USE_RX_GROUP); 1642 if (rc) { 1643 wil_err(wil, "WMI_DELETE_CIPHER_KEY_CMD(GTK) failed\n"); 1644 goto fail; 1645 } 1646 } 1647 1648 memset(&ft, 0, sizeof(ft)); 1649 ft.ies = data->ie_info + auth_ie_offset; 1650 ft.ies_len = d_len - auth_ie_offset; 1651 ft.target_ap = data->mac_addr; 1652 cfg80211_ft_event(ndev, &ft); 1653 1654 return; 1655 1656 fail: 1657 wil6210_disconnect(vif, NULL, WLAN_REASON_PREV_AUTH_NOT_VALID); 1658 } 1659 1660 static void 1661 wmi_evt_reassoc_status(struct wil6210_vif *vif, int id, void *d, int len) 1662 { 1663 struct wil6210_priv *wil = vif_to_wil(vif); 1664 struct net_device *ndev = vif_to_ndev(vif); 1665 struct wiphy *wiphy = wil_to_wiphy(wil); 1666 struct wmi_ft_reassoc_status_event *data = d; 1667 int ies_len = len - offsetof(struct wmi_ft_reassoc_status_event, 1668 ie_info); 1669 int rc = -ENOENT, cid = 0, ringid = 0; 1670 int ch; /* channel number (primary) */ 1671 size_t assoc_req_ie_len = 0, assoc_resp_ie_len = 0; 1672 u8 *assoc_req_ie = NULL, *assoc_resp_ie = NULL; 1673 /* capinfo(u16) + listen_interval(u16) + current_ap mac addr + IEs */ 1674 const size_t assoc_req_ie_offset = sizeof(u16) * 2 + ETH_ALEN; 1675 /* capinfo(u16) + status_code(u16) + associd(u16) + IEs */ 1676 const size_t assoc_resp_ie_offset = sizeof(u16) * 3; 1677 u16 d_len; 1678 int freq; 1679 struct cfg80211_roam_info info; 1680 1681 if (ies_len < 0) { 1682 wil_err(wil, "ft reassoc event too short, len %d\n", len); 1683 goto fail; 1684 } 1685 1686 wil_dbg_wmi(wil, "Reasoc Status event: status=%d, aid=%d", 1687 data->status, data->aid); 1688 wil_dbg_wmi(wil, " mac_addr=%pM, beacon_ie_len=%d", 1689 data->mac_addr, data->beacon_ie_len); 1690 wil_dbg_wmi(wil, " reassoc_req_ie_len=%d, reassoc_resp_ie_len=%d", 1691 le16_to_cpu(data->reassoc_req_ie_len), 1692 le16_to_cpu(data->reassoc_resp_ie_len)); 1693 1694 d_len = le16_to_cpu(data->beacon_ie_len) + 1695 le16_to_cpu(data->reassoc_req_ie_len) + 1696 le16_to_cpu(data->reassoc_resp_ie_len); 1697 if (d_len != ies_len) { 1698 wil_err(wil, 1699 "ft reassoc ie length mismatch, d_len %d should be %d\n", 1700 d_len, ies_len); 1701 goto fail; 1702 } 1703 1704 /* check the status */ 1705 if (data->status != WMI_FW_STATUS_SUCCESS) { 1706 wil_err(wil, "ft reassoc failed. status %d\n", data->status); 1707 goto fail; 1708 } 1709 1710 /* find cid and ringid */ 1711 rc = wil_find_cid_ringid_sta(wil, vif, &cid, &ringid); 1712 if (rc) { 1713 wil_err(wil, "No valid cid found\n"); 1714 goto fail; 1715 } 1716 1717 ch = data->channel + 1; 1718 wil_info(wil, "FT: Roam %pM channel [%d] cid %d aid %d\n", 1719 data->mac_addr, ch, cid, data->aid); 1720 1721 wil_hex_dump_wmi("reassoc AI : ", DUMP_PREFIX_OFFSET, 16, 1, 1722 data->ie_info, len - sizeof(*data), true); 1723 1724 /* figure out IE's */ 1725 if (le16_to_cpu(data->reassoc_req_ie_len) > assoc_req_ie_offset) { 1726 assoc_req_ie = &data->ie_info[assoc_req_ie_offset]; 1727 assoc_req_ie_len = le16_to_cpu(data->reassoc_req_ie_len) - 1728 assoc_req_ie_offset; 1729 } 1730 if (le16_to_cpu(data->reassoc_resp_ie_len) <= assoc_resp_ie_offset) { 1731 wil_err(wil, "FT: reassoc resp ie len is too short, len %d\n", 1732 le16_to_cpu(data->reassoc_resp_ie_len)); 1733 goto fail; 1734 } 1735 1736 assoc_resp_ie = &data->ie_info[le16_to_cpu(data->reassoc_req_ie_len) + 1737 assoc_resp_ie_offset]; 1738 assoc_resp_ie_len = le16_to_cpu(data->reassoc_resp_ie_len) - 1739 assoc_resp_ie_offset; 1740 1741 if (test_bit(wil_status_resetting, wil->status) || 1742 !test_bit(wil_status_fwready, wil->status)) { 1743 wil_err(wil, "FT: status_resetting, cancel reassoc event\n"); 1744 /* no need for cleanup, wil_reset will do that */ 1745 return; 1746 } 1747 1748 mutex_lock(&wil->mutex); 1749 1750 /* ring modify to set the ring for the roamed AP settings */ 1751 wil_dbg_wmi(wil, 1752 "ft modify tx config for connection CID %d ring %d\n", 1753 cid, ringid); 1754 1755 rc = wil->txrx_ops.tx_ring_modify(vif, ringid, cid, 0); 1756 if (rc) { 1757 wil_err(wil, "modify TX for CID %d MID %d ring %d failed (%d)\n", 1758 cid, vif->mid, ringid, rc); 1759 mutex_unlock(&wil->mutex); 1760 goto fail; 1761 } 1762 1763 /* Update the driver STA members with the new bss */ 1764 wil->sta[cid].aid = data->aid; 1765 wil->sta[cid].stats.ft_roams++; 1766 ether_addr_copy(wil->sta[cid].addr, vif->bss->bssid); 1767 mutex_unlock(&wil->mutex); 1768 del_timer_sync(&vif->connect_timer); 1769 1770 cfg80211_ref_bss(wiphy, vif->bss); 1771 freq = ieee80211_channel_to_frequency(ch, NL80211_BAND_60GHZ); 1772 1773 memset(&info, 0, sizeof(info)); 1774 info.channel = ieee80211_get_channel(wiphy, freq); 1775 info.bss = vif->bss; 1776 info.req_ie = assoc_req_ie; 1777 info.req_ie_len = assoc_req_ie_len; 1778 info.resp_ie = assoc_resp_ie; 1779 info.resp_ie_len = assoc_resp_ie_len; 1780 cfg80211_roamed(ndev, &info, GFP_KERNEL); 1781 vif->bss = NULL; 1782 1783 return; 1784 1785 fail: 1786 wil6210_disconnect(vif, NULL, WLAN_REASON_PREV_AUTH_NOT_VALID); 1787 } 1788 1789 /** 1790 * Some events are ignored for purpose; and need not be interpreted as 1791 * "unhandled events" 1792 */ 1793 static void wmi_evt_ignore(struct wil6210_vif *vif, int id, void *d, int len) 1794 { 1795 struct wil6210_priv *wil = vif_to_wil(vif); 1796 1797 wil_dbg_wmi(wil, "Ignore event 0x%04x len %d\n", id, len); 1798 } 1799 1800 static const struct { 1801 int eventid; 1802 void (*handler)(struct wil6210_vif *vif, 1803 int eventid, void *data, int data_len); 1804 } wmi_evt_handlers[] = { 1805 {WMI_READY_EVENTID, wmi_evt_ready}, 1806 {WMI_FW_READY_EVENTID, wmi_evt_ignore}, 1807 {WMI_RX_MGMT_PACKET_EVENTID, wmi_evt_rx_mgmt}, 1808 {WMI_TX_MGMT_PACKET_EVENTID, wmi_evt_tx_mgmt}, 1809 {WMI_SCAN_COMPLETE_EVENTID, wmi_evt_scan_complete}, 1810 {WMI_CONNECT_EVENTID, wmi_evt_connect}, 1811 {WMI_DISCONNECT_EVENTID, wmi_evt_disconnect}, 1812 {WMI_EAPOL_RX_EVENTID, wmi_evt_eapol_rx}, 1813 {WMI_BA_STATUS_EVENTID, wmi_evt_ba_status}, 1814 {WMI_RCP_ADDBA_REQ_EVENTID, wmi_evt_addba_rx_req}, 1815 {WMI_DELBA_EVENTID, wmi_evt_delba}, 1816 {WMI_RING_EN_EVENTID, wmi_evt_ring_en}, 1817 {WMI_DATA_PORT_OPEN_EVENTID, wmi_evt_ignore}, 1818 {WMI_SCHED_SCAN_RESULT_EVENTID, wmi_evt_sched_scan_result}, 1819 {WMI_LINK_STATS_EVENTID, wmi_evt_link_stats}, 1820 {WMI_FT_AUTH_STATUS_EVENTID, wmi_evt_auth_status}, 1821 {WMI_FT_REASSOC_STATUS_EVENTID, wmi_evt_reassoc_status}, 1822 }; 1823 1824 /* 1825 * Run in IRQ context 1826 * Extract WMI command from mailbox. Queue it to the @wil->pending_wmi_ev 1827 * that will be eventually handled by the @wmi_event_worker in the thread 1828 * context of thread "wil6210_wmi" 1829 */ 1830 void wmi_recv_cmd(struct wil6210_priv *wil) 1831 { 1832 struct wil6210_mbox_ring_desc d_tail; 1833 struct wil6210_mbox_hdr hdr; 1834 struct wil6210_mbox_ring *r = &wil->mbox_ctl.rx; 1835 struct pending_wmi_event *evt; 1836 u8 *cmd; 1837 void __iomem *src; 1838 ulong flags; 1839 unsigned n; 1840 unsigned int num_immed_reply = 0; 1841 1842 if (!test_bit(wil_status_mbox_ready, wil->status)) { 1843 wil_err(wil, "Reset in progress. Cannot handle WMI event\n"); 1844 return; 1845 } 1846 1847 if (test_bit(wil_status_suspended, wil->status)) { 1848 wil_err(wil, "suspended. cannot handle WMI event\n"); 1849 return; 1850 } 1851 1852 for (n = 0;; n++) { 1853 u16 len; 1854 bool q; 1855 bool immed_reply = false; 1856 1857 r->head = wil_r(wil, RGF_MBOX + 1858 offsetof(struct wil6210_mbox_ctl, rx.head)); 1859 if (r->tail == r->head) 1860 break; 1861 1862 wil_dbg_wmi(wil, "Mbox head %08x tail %08x\n", 1863 r->head, r->tail); 1864 /* read cmd descriptor from tail */ 1865 wil_memcpy_fromio_32(&d_tail, wil->csr + HOSTADDR(r->tail), 1866 sizeof(struct wil6210_mbox_ring_desc)); 1867 if (d_tail.sync == 0) { 1868 wil_err(wil, "Mbox evt not owned by FW?\n"); 1869 break; 1870 } 1871 1872 /* read cmd header from descriptor */ 1873 if (0 != wmi_read_hdr(wil, d_tail.addr, &hdr)) { 1874 wil_err(wil, "Mbox evt at 0x%08x?\n", 1875 le32_to_cpu(d_tail.addr)); 1876 break; 1877 } 1878 len = le16_to_cpu(hdr.len); 1879 wil_dbg_wmi(wil, "Mbox evt %04x %04x %04x %02x\n", 1880 le16_to_cpu(hdr.seq), len, le16_to_cpu(hdr.type), 1881 hdr.flags); 1882 1883 /* read cmd buffer from descriptor */ 1884 src = wmi_buffer(wil, d_tail.addr) + 1885 sizeof(struct wil6210_mbox_hdr); 1886 evt = kmalloc(ALIGN(offsetof(struct pending_wmi_event, 1887 event.wmi) + len, 4), 1888 GFP_KERNEL); 1889 if (!evt) 1890 break; 1891 1892 evt->event.hdr = hdr; 1893 cmd = (void *)&evt->event.wmi; 1894 wil_memcpy_fromio_32(cmd, src, len); 1895 /* mark entry as empty */ 1896 wil_w(wil, r->tail + 1897 offsetof(struct wil6210_mbox_ring_desc, sync), 0); 1898 /* indicate */ 1899 if ((hdr.type == WIL_MBOX_HDR_TYPE_WMI) && 1900 (len >= sizeof(struct wmi_cmd_hdr))) { 1901 struct wmi_cmd_hdr *wmi = &evt->event.wmi; 1902 u16 id = le16_to_cpu(wmi->command_id); 1903 u8 mid = wmi->mid; 1904 u32 tstamp = le32_to_cpu(wmi->fw_timestamp); 1905 if (test_bit(wil_status_resuming, wil->status)) { 1906 if (id == WMI_TRAFFIC_RESUME_EVENTID) 1907 clear_bit(wil_status_resuming, 1908 wil->status); 1909 else 1910 wil_err(wil, 1911 "WMI evt %d while resuming\n", 1912 id); 1913 } 1914 spin_lock_irqsave(&wil->wmi_ev_lock, flags); 1915 if (wil->reply_id && wil->reply_id == id && 1916 wil->reply_mid == mid) { 1917 if (wil->reply_buf) { 1918 memcpy(wil->reply_buf, wmi, 1919 min(len, wil->reply_size)); 1920 immed_reply = true; 1921 } 1922 if (id == WMI_TRAFFIC_SUSPEND_EVENTID) { 1923 wil_dbg_wmi(wil, 1924 "set suspend_resp_rcvd\n"); 1925 wil->suspend_resp_rcvd = true; 1926 } 1927 } 1928 spin_unlock_irqrestore(&wil->wmi_ev_lock, flags); 1929 1930 wil_dbg_wmi(wil, "recv %s (0x%04x) MID %d @%d msec\n", 1931 eventid2name(id), id, wmi->mid, tstamp); 1932 trace_wil6210_wmi_event(wmi, &wmi[1], 1933 len - sizeof(*wmi)); 1934 } 1935 wil_hex_dump_wmi("evt ", DUMP_PREFIX_OFFSET, 16, 1, 1936 &evt->event.hdr, sizeof(hdr) + len, true); 1937 1938 /* advance tail */ 1939 r->tail = r->base + ((r->tail - r->base + 1940 sizeof(struct wil6210_mbox_ring_desc)) % r->size); 1941 wil_w(wil, RGF_MBOX + 1942 offsetof(struct wil6210_mbox_ctl, rx.tail), r->tail); 1943 1944 if (immed_reply) { 1945 wil_dbg_wmi(wil, "recv_cmd: Complete WMI 0x%04x\n", 1946 wil->reply_id); 1947 kfree(evt); 1948 num_immed_reply++; 1949 complete(&wil->wmi_call); 1950 } else { 1951 /* add to the pending list */ 1952 spin_lock_irqsave(&wil->wmi_ev_lock, flags); 1953 list_add_tail(&evt->list, &wil->pending_wmi_ev); 1954 spin_unlock_irqrestore(&wil->wmi_ev_lock, flags); 1955 q = queue_work(wil->wmi_wq, &wil->wmi_event_worker); 1956 wil_dbg_wmi(wil, "queue_work -> %d\n", q); 1957 } 1958 } 1959 /* normally, 1 event per IRQ should be processed */ 1960 wil_dbg_wmi(wil, "recv_cmd: -> %d events queued, %d completed\n", 1961 n - num_immed_reply, num_immed_reply); 1962 } 1963 1964 int wmi_call(struct wil6210_priv *wil, u16 cmdid, u8 mid, void *buf, u16 len, 1965 u16 reply_id, void *reply, u16 reply_size, int to_msec) 1966 { 1967 int rc; 1968 unsigned long remain; 1969 ulong flags; 1970 1971 mutex_lock(&wil->wmi_mutex); 1972 1973 spin_lock_irqsave(&wil->wmi_ev_lock, flags); 1974 wil->reply_id = reply_id; 1975 wil->reply_mid = mid; 1976 wil->reply_buf = reply; 1977 wil->reply_size = reply_size; 1978 reinit_completion(&wil->wmi_call); 1979 spin_unlock_irqrestore(&wil->wmi_ev_lock, flags); 1980 1981 rc = __wmi_send(wil, cmdid, mid, buf, len); 1982 if (rc) 1983 goto out; 1984 1985 remain = wait_for_completion_timeout(&wil->wmi_call, 1986 msecs_to_jiffies(to_msec)); 1987 if (0 == remain) { 1988 wil_err(wil, "wmi_call(0x%04x->0x%04x) timeout %d msec\n", 1989 cmdid, reply_id, to_msec); 1990 rc = -ETIME; 1991 } else { 1992 wil_dbg_wmi(wil, 1993 "wmi_call(0x%04x->0x%04x) completed in %d msec\n", 1994 cmdid, reply_id, 1995 to_msec - jiffies_to_msecs(remain)); 1996 } 1997 1998 out: 1999 spin_lock_irqsave(&wil->wmi_ev_lock, flags); 2000 wil->reply_id = 0; 2001 wil->reply_mid = U8_MAX; 2002 wil->reply_buf = NULL; 2003 wil->reply_size = 0; 2004 spin_unlock_irqrestore(&wil->wmi_ev_lock, flags); 2005 2006 mutex_unlock(&wil->wmi_mutex); 2007 2008 return rc; 2009 } 2010 2011 int wmi_echo(struct wil6210_priv *wil) 2012 { 2013 struct wil6210_vif *vif = ndev_to_vif(wil->main_ndev); 2014 struct wmi_echo_cmd cmd = { 2015 .value = cpu_to_le32(0x12345678), 2016 }; 2017 2018 return wmi_call(wil, WMI_ECHO_CMDID, vif->mid, &cmd, sizeof(cmd), 2019 WMI_ECHO_RSP_EVENTID, NULL, 0, 50); 2020 } 2021 2022 int wmi_set_mac_address(struct wil6210_priv *wil, void *addr) 2023 { 2024 struct wil6210_vif *vif = ndev_to_vif(wil->main_ndev); 2025 struct wmi_set_mac_address_cmd cmd; 2026 2027 ether_addr_copy(cmd.mac, addr); 2028 2029 wil_dbg_wmi(wil, "Set MAC %pM\n", addr); 2030 2031 return wmi_send(wil, WMI_SET_MAC_ADDRESS_CMDID, vif->mid, 2032 &cmd, sizeof(cmd)); 2033 } 2034 2035 int wmi_led_cfg(struct wil6210_priv *wil, bool enable) 2036 { 2037 struct wil6210_vif *vif = ndev_to_vif(wil->main_ndev); 2038 int rc = 0; 2039 struct wmi_led_cfg_cmd cmd = { 2040 .led_mode = enable, 2041 .id = led_id, 2042 .slow_blink_cfg.blink_on = 2043 cpu_to_le32(led_blink_time[WIL_LED_TIME_SLOW].on_ms), 2044 .slow_blink_cfg.blink_off = 2045 cpu_to_le32(led_blink_time[WIL_LED_TIME_SLOW].off_ms), 2046 .medium_blink_cfg.blink_on = 2047 cpu_to_le32(led_blink_time[WIL_LED_TIME_MED].on_ms), 2048 .medium_blink_cfg.blink_off = 2049 cpu_to_le32(led_blink_time[WIL_LED_TIME_MED].off_ms), 2050 .fast_blink_cfg.blink_on = 2051 cpu_to_le32(led_blink_time[WIL_LED_TIME_FAST].on_ms), 2052 .fast_blink_cfg.blink_off = 2053 cpu_to_le32(led_blink_time[WIL_LED_TIME_FAST].off_ms), 2054 .led_polarity = led_polarity, 2055 }; 2056 struct { 2057 struct wmi_cmd_hdr wmi; 2058 struct wmi_led_cfg_done_event evt; 2059 } __packed reply = { 2060 .evt = {.status = cpu_to_le32(WMI_FW_STATUS_FAILURE)}, 2061 }; 2062 2063 if (led_id == WIL_LED_INVALID_ID) 2064 goto out; 2065 2066 if (led_id > WIL_LED_MAX_ID) { 2067 wil_err(wil, "Invalid led id %d\n", led_id); 2068 rc = -EINVAL; 2069 goto out; 2070 } 2071 2072 wil_dbg_wmi(wil, 2073 "%s led %d\n", 2074 enable ? "enabling" : "disabling", led_id); 2075 2076 rc = wmi_call(wil, WMI_LED_CFG_CMDID, vif->mid, &cmd, sizeof(cmd), 2077 WMI_LED_CFG_DONE_EVENTID, &reply, sizeof(reply), 2078 100); 2079 if (rc) 2080 goto out; 2081 2082 if (reply.evt.status) { 2083 wil_err(wil, "led %d cfg failed with status %d\n", 2084 led_id, le32_to_cpu(reply.evt.status)); 2085 rc = -EINVAL; 2086 } 2087 2088 out: 2089 return rc; 2090 } 2091 2092 int wmi_pcp_start(struct wil6210_vif *vif, 2093 int bi, u8 wmi_nettype, u8 chan, u8 hidden_ssid, u8 is_go) 2094 { 2095 struct wil6210_priv *wil = vif_to_wil(vif); 2096 int rc; 2097 2098 struct wmi_pcp_start_cmd cmd = { 2099 .bcon_interval = cpu_to_le16(bi), 2100 .network_type = wmi_nettype, 2101 .disable_sec_offload = 1, 2102 .channel = chan - 1, 2103 .pcp_max_assoc_sta = max_assoc_sta, 2104 .hidden_ssid = hidden_ssid, 2105 .is_go = is_go, 2106 .ap_sme_offload_mode = disable_ap_sme ? 2107 WMI_AP_SME_OFFLOAD_PARTIAL : 2108 WMI_AP_SME_OFFLOAD_FULL, 2109 .abft_len = wil->abft_len, 2110 }; 2111 struct { 2112 struct wmi_cmd_hdr wmi; 2113 struct wmi_pcp_started_event evt; 2114 } __packed reply = { 2115 .evt = {.status = WMI_FW_STATUS_FAILURE}, 2116 }; 2117 2118 if (!vif->privacy) 2119 cmd.disable_sec = 1; 2120 2121 if ((cmd.pcp_max_assoc_sta > WIL6210_MAX_CID) || 2122 (cmd.pcp_max_assoc_sta <= 0)) { 2123 wil_info(wil, 2124 "Requested connection limit %u, valid values are 1 - %d. Setting to %d\n", 2125 max_assoc_sta, WIL6210_MAX_CID, WIL6210_MAX_CID); 2126 cmd.pcp_max_assoc_sta = WIL6210_MAX_CID; 2127 } 2128 2129 if (disable_ap_sme && 2130 !test_bit(WMI_FW_CAPABILITY_AP_SME_OFFLOAD_PARTIAL, 2131 wil->fw_capabilities)) { 2132 wil_err(wil, "disable_ap_sme not supported by FW\n"); 2133 return -EOPNOTSUPP; 2134 } 2135 2136 /* 2137 * Processing time may be huge, in case of secure AP it takes about 2138 * 3500ms for FW to start AP 2139 */ 2140 rc = wmi_call(wil, WMI_PCP_START_CMDID, vif->mid, &cmd, sizeof(cmd), 2141 WMI_PCP_STARTED_EVENTID, &reply, sizeof(reply), 5000); 2142 if (rc) 2143 return rc; 2144 2145 if (reply.evt.status != WMI_FW_STATUS_SUCCESS) 2146 rc = -EINVAL; 2147 2148 if (wmi_nettype != WMI_NETTYPE_P2P) 2149 /* Don't fail due to error in the led configuration */ 2150 wmi_led_cfg(wil, true); 2151 2152 return rc; 2153 } 2154 2155 int wmi_pcp_stop(struct wil6210_vif *vif) 2156 { 2157 struct wil6210_priv *wil = vif_to_wil(vif); 2158 int rc; 2159 2160 rc = wmi_led_cfg(wil, false); 2161 if (rc) 2162 return rc; 2163 2164 return wmi_call(wil, WMI_PCP_STOP_CMDID, vif->mid, NULL, 0, 2165 WMI_PCP_STOPPED_EVENTID, NULL, 0, 20); 2166 } 2167 2168 int wmi_set_ssid(struct wil6210_vif *vif, u8 ssid_len, const void *ssid) 2169 { 2170 struct wil6210_priv *wil = vif_to_wil(vif); 2171 struct wmi_set_ssid_cmd cmd = { 2172 .ssid_len = cpu_to_le32(ssid_len), 2173 }; 2174 2175 if (ssid_len > sizeof(cmd.ssid)) 2176 return -EINVAL; 2177 2178 memcpy(cmd.ssid, ssid, ssid_len); 2179 2180 return wmi_send(wil, WMI_SET_SSID_CMDID, vif->mid, &cmd, sizeof(cmd)); 2181 } 2182 2183 int wmi_get_ssid(struct wil6210_vif *vif, u8 *ssid_len, void *ssid) 2184 { 2185 struct wil6210_priv *wil = vif_to_wil(vif); 2186 int rc; 2187 struct { 2188 struct wmi_cmd_hdr wmi; 2189 struct wmi_set_ssid_cmd cmd; 2190 } __packed reply; 2191 int len; /* reply.cmd.ssid_len in CPU order */ 2192 2193 memset(&reply, 0, sizeof(reply)); 2194 2195 rc = wmi_call(wil, WMI_GET_SSID_CMDID, vif->mid, NULL, 0, 2196 WMI_GET_SSID_EVENTID, &reply, sizeof(reply), 20); 2197 if (rc) 2198 return rc; 2199 2200 len = le32_to_cpu(reply.cmd.ssid_len); 2201 if (len > sizeof(reply.cmd.ssid)) 2202 return -EINVAL; 2203 2204 *ssid_len = len; 2205 memcpy(ssid, reply.cmd.ssid, len); 2206 2207 return 0; 2208 } 2209 2210 int wmi_set_channel(struct wil6210_priv *wil, int channel) 2211 { 2212 struct wil6210_vif *vif = ndev_to_vif(wil->main_ndev); 2213 struct wmi_set_pcp_channel_cmd cmd = { 2214 .channel = channel - 1, 2215 }; 2216 2217 return wmi_send(wil, WMI_SET_PCP_CHANNEL_CMDID, vif->mid, 2218 &cmd, sizeof(cmd)); 2219 } 2220 2221 int wmi_get_channel(struct wil6210_priv *wil, int *channel) 2222 { 2223 struct wil6210_vif *vif = ndev_to_vif(wil->main_ndev); 2224 int rc; 2225 struct { 2226 struct wmi_cmd_hdr wmi; 2227 struct wmi_set_pcp_channel_cmd cmd; 2228 } __packed reply; 2229 2230 memset(&reply, 0, sizeof(reply)); 2231 2232 rc = wmi_call(wil, WMI_GET_PCP_CHANNEL_CMDID, vif->mid, NULL, 0, 2233 WMI_GET_PCP_CHANNEL_EVENTID, &reply, sizeof(reply), 20); 2234 if (rc) 2235 return rc; 2236 2237 if (reply.cmd.channel > 3) 2238 return -EINVAL; 2239 2240 *channel = reply.cmd.channel + 1; 2241 2242 return 0; 2243 } 2244 2245 int wmi_p2p_cfg(struct wil6210_vif *vif, int channel, int bi) 2246 { 2247 struct wil6210_priv *wil = vif_to_wil(vif); 2248 int rc; 2249 struct wmi_p2p_cfg_cmd cmd = { 2250 .discovery_mode = WMI_DISCOVERY_MODE_PEER2PEER, 2251 .bcon_interval = cpu_to_le16(bi), 2252 .channel = channel - 1, 2253 }; 2254 struct { 2255 struct wmi_cmd_hdr wmi; 2256 struct wmi_p2p_cfg_done_event evt; 2257 } __packed reply = { 2258 .evt = {.status = WMI_FW_STATUS_FAILURE}, 2259 }; 2260 2261 wil_dbg_wmi(wil, "sending WMI_P2P_CFG_CMDID\n"); 2262 2263 rc = wmi_call(wil, WMI_P2P_CFG_CMDID, vif->mid, &cmd, sizeof(cmd), 2264 WMI_P2P_CFG_DONE_EVENTID, &reply, sizeof(reply), 300); 2265 if (!rc && reply.evt.status != WMI_FW_STATUS_SUCCESS) { 2266 wil_err(wil, "P2P_CFG failed. status %d\n", reply.evt.status); 2267 rc = -EINVAL; 2268 } 2269 2270 return rc; 2271 } 2272 2273 int wmi_start_listen(struct wil6210_vif *vif) 2274 { 2275 struct wil6210_priv *wil = vif_to_wil(vif); 2276 int rc; 2277 struct { 2278 struct wmi_cmd_hdr wmi; 2279 struct wmi_listen_started_event evt; 2280 } __packed reply = { 2281 .evt = {.status = WMI_FW_STATUS_FAILURE}, 2282 }; 2283 2284 wil_dbg_wmi(wil, "sending WMI_START_LISTEN_CMDID\n"); 2285 2286 rc = wmi_call(wil, WMI_START_LISTEN_CMDID, vif->mid, NULL, 0, 2287 WMI_LISTEN_STARTED_EVENTID, &reply, sizeof(reply), 300); 2288 if (!rc && reply.evt.status != WMI_FW_STATUS_SUCCESS) { 2289 wil_err(wil, "device failed to start listen. status %d\n", 2290 reply.evt.status); 2291 rc = -EINVAL; 2292 } 2293 2294 return rc; 2295 } 2296 2297 int wmi_start_search(struct wil6210_vif *vif) 2298 { 2299 struct wil6210_priv *wil = vif_to_wil(vif); 2300 int rc; 2301 struct { 2302 struct wmi_cmd_hdr wmi; 2303 struct wmi_search_started_event evt; 2304 } __packed reply = { 2305 .evt = {.status = WMI_FW_STATUS_FAILURE}, 2306 }; 2307 2308 wil_dbg_wmi(wil, "sending WMI_START_SEARCH_CMDID\n"); 2309 2310 rc = wmi_call(wil, WMI_START_SEARCH_CMDID, vif->mid, NULL, 0, 2311 WMI_SEARCH_STARTED_EVENTID, &reply, sizeof(reply), 300); 2312 if (!rc && reply.evt.status != WMI_FW_STATUS_SUCCESS) { 2313 wil_err(wil, "device failed to start search. status %d\n", 2314 reply.evt.status); 2315 rc = -EINVAL; 2316 } 2317 2318 return rc; 2319 } 2320 2321 int wmi_stop_discovery(struct wil6210_vif *vif) 2322 { 2323 struct wil6210_priv *wil = vif_to_wil(vif); 2324 int rc; 2325 2326 wil_dbg_wmi(wil, "sending WMI_DISCOVERY_STOP_CMDID\n"); 2327 2328 rc = wmi_call(wil, WMI_DISCOVERY_STOP_CMDID, vif->mid, NULL, 0, 2329 WMI_DISCOVERY_STOPPED_EVENTID, NULL, 0, 100); 2330 2331 if (rc) 2332 wil_err(wil, "Failed to stop discovery\n"); 2333 2334 return rc; 2335 } 2336 2337 int wmi_del_cipher_key(struct wil6210_vif *vif, u8 key_index, 2338 const void *mac_addr, int key_usage) 2339 { 2340 struct wil6210_priv *wil = vif_to_wil(vif); 2341 struct wmi_delete_cipher_key_cmd cmd = { 2342 .key_index = key_index, 2343 }; 2344 2345 if (mac_addr) 2346 memcpy(cmd.mac, mac_addr, WMI_MAC_LEN); 2347 2348 return wmi_send(wil, WMI_DELETE_CIPHER_KEY_CMDID, vif->mid, 2349 &cmd, sizeof(cmd)); 2350 } 2351 2352 int wmi_add_cipher_key(struct wil6210_vif *vif, u8 key_index, 2353 const void *mac_addr, int key_len, const void *key, 2354 int key_usage) 2355 { 2356 struct wil6210_priv *wil = vif_to_wil(vif); 2357 struct wmi_add_cipher_key_cmd cmd = { 2358 .key_index = key_index, 2359 .key_usage = key_usage, 2360 .key_len = key_len, 2361 }; 2362 2363 if (!key || (key_len > sizeof(cmd.key))) 2364 return -EINVAL; 2365 2366 memcpy(cmd.key, key, key_len); 2367 if (mac_addr) 2368 memcpy(cmd.mac, mac_addr, WMI_MAC_LEN); 2369 2370 return wmi_send(wil, WMI_ADD_CIPHER_KEY_CMDID, vif->mid, 2371 &cmd, sizeof(cmd)); 2372 } 2373 2374 int wmi_set_ie(struct wil6210_vif *vif, u8 type, u16 ie_len, const void *ie) 2375 { 2376 struct wil6210_priv *wil = vif_to_wil(vif); 2377 static const char *const names[] = { 2378 [WMI_FRAME_BEACON] = "BEACON", 2379 [WMI_FRAME_PROBE_REQ] = "PROBE_REQ", 2380 [WMI_FRAME_PROBE_RESP] = "WMI_FRAME_PROBE_RESP", 2381 [WMI_FRAME_ASSOC_REQ] = "WMI_FRAME_ASSOC_REQ", 2382 [WMI_FRAME_ASSOC_RESP] = "WMI_FRAME_ASSOC_RESP", 2383 }; 2384 int rc; 2385 u16 len = sizeof(struct wmi_set_appie_cmd) + ie_len; 2386 struct wmi_set_appie_cmd *cmd; 2387 2388 if (len < ie_len) { 2389 rc = -EINVAL; 2390 goto out; 2391 } 2392 2393 cmd = kzalloc(len, GFP_KERNEL); 2394 if (!cmd) { 2395 rc = -ENOMEM; 2396 goto out; 2397 } 2398 if (!ie) 2399 ie_len = 0; 2400 2401 cmd->mgmt_frm_type = type; 2402 /* BUG: FW API define ieLen as u8. Will fix FW */ 2403 cmd->ie_len = cpu_to_le16(ie_len); 2404 memcpy(cmd->ie_info, ie, ie_len); 2405 rc = wmi_send(wil, WMI_SET_APPIE_CMDID, vif->mid, cmd, len); 2406 kfree(cmd); 2407 out: 2408 if (rc) { 2409 const char *name = type < ARRAY_SIZE(names) ? 2410 names[type] : "??"; 2411 wil_err(wil, "set_ie(%d %s) failed : %d\n", type, name, rc); 2412 } 2413 2414 return rc; 2415 } 2416 2417 int wmi_update_ft_ies(struct wil6210_vif *vif, u16 ie_len, const void *ie) 2418 { 2419 struct wil6210_priv *wil = vif_to_wil(vif); 2420 u16 len; 2421 struct wmi_update_ft_ies_cmd *cmd; 2422 int rc; 2423 2424 if (!ie) 2425 ie_len = 0; 2426 2427 len = sizeof(struct wmi_update_ft_ies_cmd) + ie_len; 2428 if (len < ie_len) { 2429 wil_err(wil, "wraparound. ie len %d\n", ie_len); 2430 return -EINVAL; 2431 } 2432 2433 cmd = kzalloc(len, GFP_KERNEL); 2434 if (!cmd) { 2435 rc = -ENOMEM; 2436 goto out; 2437 } 2438 2439 cmd->ie_len = cpu_to_le16(ie_len); 2440 memcpy(cmd->ie_info, ie, ie_len); 2441 rc = wmi_send(wil, WMI_UPDATE_FT_IES_CMDID, vif->mid, cmd, len); 2442 kfree(cmd); 2443 2444 out: 2445 if (rc) 2446 wil_err(wil, "update ft ies failed : %d\n", rc); 2447 2448 return rc; 2449 } 2450 2451 /** 2452 * wmi_rxon - turn radio on/off 2453 * @on: turn on if true, off otherwise 2454 * 2455 * Only switch radio. Channel should be set separately. 2456 * No timeout for rxon - radio turned on forever unless some other call 2457 * turns it off 2458 */ 2459 int wmi_rxon(struct wil6210_priv *wil, bool on) 2460 { 2461 struct wil6210_vif *vif = ndev_to_vif(wil->main_ndev); 2462 int rc; 2463 struct { 2464 struct wmi_cmd_hdr wmi; 2465 struct wmi_listen_started_event evt; 2466 } __packed reply = { 2467 .evt = {.status = WMI_FW_STATUS_FAILURE}, 2468 }; 2469 2470 wil_info(wil, "(%s)\n", on ? "on" : "off"); 2471 2472 if (on) { 2473 rc = wmi_call(wil, WMI_START_LISTEN_CMDID, vif->mid, NULL, 0, 2474 WMI_LISTEN_STARTED_EVENTID, 2475 &reply, sizeof(reply), 100); 2476 if ((rc == 0) && (reply.evt.status != WMI_FW_STATUS_SUCCESS)) 2477 rc = -EINVAL; 2478 } else { 2479 rc = wmi_call(wil, WMI_DISCOVERY_STOP_CMDID, vif->mid, NULL, 0, 2480 WMI_DISCOVERY_STOPPED_EVENTID, NULL, 0, 20); 2481 } 2482 2483 return rc; 2484 } 2485 2486 int wmi_rx_chain_add(struct wil6210_priv *wil, struct wil_ring *vring) 2487 { 2488 struct net_device *ndev = wil->main_ndev; 2489 struct wireless_dev *wdev = ndev->ieee80211_ptr; 2490 struct wil6210_vif *vif = ndev_to_vif(ndev); 2491 struct wmi_cfg_rx_chain_cmd cmd = { 2492 .action = WMI_RX_CHAIN_ADD, 2493 .rx_sw_ring = { 2494 .max_mpdu_size = cpu_to_le16( 2495 wil_mtu2macbuf(wil->rx_buf_len)), 2496 .ring_mem_base = cpu_to_le64(vring->pa), 2497 .ring_size = cpu_to_le16(vring->size), 2498 }, 2499 .mid = 0, /* TODO - what is it? */ 2500 .decap_trans_type = WMI_DECAP_TYPE_802_3, 2501 .reorder_type = WMI_RX_SW_REORDER, 2502 .host_thrsh = cpu_to_le16(rx_ring_overflow_thrsh), 2503 }; 2504 struct { 2505 struct wmi_cmd_hdr wmi; 2506 struct wmi_cfg_rx_chain_done_event evt; 2507 } __packed evt; 2508 int rc; 2509 2510 memset(&evt, 0, sizeof(evt)); 2511 2512 if (wdev->iftype == NL80211_IFTYPE_MONITOR) { 2513 struct ieee80211_channel *ch = wil->monitor_chandef.chan; 2514 2515 cmd.sniffer_cfg.mode = cpu_to_le32(WMI_SNIFFER_ON); 2516 if (ch) 2517 cmd.sniffer_cfg.channel = ch->hw_value - 1; 2518 cmd.sniffer_cfg.phy_info_mode = 2519 cpu_to_le32(ndev->type == ARPHRD_IEEE80211_RADIOTAP); 2520 cmd.sniffer_cfg.phy_support = 2521 cpu_to_le32((wil->monitor_flags & MONITOR_FLAG_CONTROL) 2522 ? WMI_SNIFFER_CP : WMI_SNIFFER_BOTH_PHYS); 2523 } else { 2524 /* Initialize offload (in non-sniffer mode). 2525 * Linux IP stack always calculates IP checksum 2526 * HW always calculate TCP/UDP checksum 2527 */ 2528 cmd.l3_l4_ctrl |= (1 << L3_L4_CTRL_TCPIP_CHECKSUM_EN_POS); 2529 } 2530 2531 if (rx_align_2) 2532 cmd.l2_802_3_offload_ctrl |= 2533 L2_802_3_OFFLOAD_CTRL_SNAP_KEEP_MSK; 2534 2535 /* typical time for secure PCP is 840ms */ 2536 rc = wmi_call(wil, WMI_CFG_RX_CHAIN_CMDID, vif->mid, &cmd, sizeof(cmd), 2537 WMI_CFG_RX_CHAIN_DONE_EVENTID, &evt, sizeof(evt), 2000); 2538 if (rc) 2539 return rc; 2540 2541 if (le32_to_cpu(evt.evt.status) != WMI_CFG_RX_CHAIN_SUCCESS) 2542 rc = -EINVAL; 2543 2544 vring->hwtail = le32_to_cpu(evt.evt.rx_ring_tail_ptr); 2545 2546 wil_dbg_misc(wil, "Rx init: status %d tail 0x%08x\n", 2547 le32_to_cpu(evt.evt.status), vring->hwtail); 2548 2549 return rc; 2550 } 2551 2552 int wmi_get_temperature(struct wil6210_priv *wil, u32 *t_bb, u32 *t_rf) 2553 { 2554 struct wil6210_vif *vif = ndev_to_vif(wil->main_ndev); 2555 int rc; 2556 struct wmi_temp_sense_cmd cmd = { 2557 .measure_baseband_en = cpu_to_le32(!!t_bb), 2558 .measure_rf_en = cpu_to_le32(!!t_rf), 2559 .measure_mode = cpu_to_le32(TEMPERATURE_MEASURE_NOW), 2560 }; 2561 struct { 2562 struct wmi_cmd_hdr wmi; 2563 struct wmi_temp_sense_done_event evt; 2564 } __packed reply; 2565 2566 memset(&reply, 0, sizeof(reply)); 2567 2568 rc = wmi_call(wil, WMI_TEMP_SENSE_CMDID, vif->mid, &cmd, sizeof(cmd), 2569 WMI_TEMP_SENSE_DONE_EVENTID, &reply, sizeof(reply), 100); 2570 if (rc) 2571 return rc; 2572 2573 if (t_bb) 2574 *t_bb = le32_to_cpu(reply.evt.baseband_t1000); 2575 if (t_rf) 2576 *t_rf = le32_to_cpu(reply.evt.rf_t1000); 2577 2578 return 0; 2579 } 2580 2581 int wmi_disconnect_sta(struct wil6210_vif *vif, const u8 *mac, u16 reason, 2582 bool del_sta) 2583 { 2584 struct wil6210_priv *wil = vif_to_wil(vif); 2585 int rc; 2586 struct wmi_disconnect_sta_cmd disc_sta_cmd = { 2587 .disconnect_reason = cpu_to_le16(reason), 2588 }; 2589 struct wmi_del_sta_cmd del_sta_cmd = { 2590 .disconnect_reason = cpu_to_le16(reason), 2591 }; 2592 struct { 2593 struct wmi_cmd_hdr wmi; 2594 struct wmi_disconnect_event evt; 2595 } __packed reply; 2596 2597 wil_dbg_wmi(wil, "disconnect_sta: (%pM, reason %d)\n", mac, reason); 2598 2599 memset(&reply, 0, sizeof(reply)); 2600 vif->locally_generated_disc = true; 2601 if (del_sta) { 2602 ether_addr_copy(del_sta_cmd.dst_mac, mac); 2603 rc = wmi_call(wil, WMI_DEL_STA_CMDID, vif->mid, &del_sta_cmd, 2604 sizeof(del_sta_cmd), WMI_DISCONNECT_EVENTID, 2605 &reply, sizeof(reply), 1000); 2606 } else { 2607 ether_addr_copy(disc_sta_cmd.dst_mac, mac); 2608 rc = wmi_call(wil, WMI_DISCONNECT_STA_CMDID, vif->mid, 2609 &disc_sta_cmd, sizeof(disc_sta_cmd), 2610 WMI_DISCONNECT_EVENTID, 2611 &reply, sizeof(reply), 1000); 2612 } 2613 /* failure to disconnect in reasonable time treated as FW error */ 2614 if (rc) { 2615 wil_fw_error_recovery(wil); 2616 return rc; 2617 } 2618 wil->sinfo_gen++; 2619 2620 return 0; 2621 } 2622 2623 int wmi_addba(struct wil6210_priv *wil, u8 mid, 2624 u8 ringid, u8 size, u16 timeout) 2625 { 2626 u8 amsdu = wil->use_enhanced_dma_hw && wil->use_rx_hw_reordering && 2627 test_bit(WMI_FW_CAPABILITY_AMSDU, wil->fw_capabilities) && 2628 wil->amsdu_en; 2629 struct wmi_ring_ba_en_cmd cmd = { 2630 .ring_id = ringid, 2631 .agg_max_wsize = size, 2632 .ba_timeout = cpu_to_le16(timeout), 2633 .amsdu = amsdu, 2634 }; 2635 2636 wil_dbg_wmi(wil, "addba: (ring %d size %d timeout %d amsdu %d)\n", 2637 ringid, size, timeout, amsdu); 2638 2639 return wmi_send(wil, WMI_RING_BA_EN_CMDID, mid, &cmd, sizeof(cmd)); 2640 } 2641 2642 int wmi_delba_tx(struct wil6210_priv *wil, u8 mid, u8 ringid, u16 reason) 2643 { 2644 struct wmi_ring_ba_dis_cmd cmd = { 2645 .ring_id = ringid, 2646 .reason = cpu_to_le16(reason), 2647 }; 2648 2649 wil_dbg_wmi(wil, "delba_tx: (ring %d reason %d)\n", ringid, reason); 2650 2651 return wmi_send(wil, WMI_RING_BA_DIS_CMDID, mid, &cmd, sizeof(cmd)); 2652 } 2653 2654 int wmi_delba_rx(struct wil6210_priv *wil, u8 mid, u8 cidxtid, u16 reason) 2655 { 2656 struct wmi_rcp_delba_cmd cmd = { 2657 .cidxtid = cidxtid, 2658 .reason = cpu_to_le16(reason), 2659 }; 2660 2661 wil_dbg_wmi(wil, "delba_rx: (CID %d TID %d reason %d)\n", cidxtid & 0xf, 2662 (cidxtid >> 4) & 0xf, reason); 2663 2664 return wmi_send(wil, WMI_RCP_DELBA_CMDID, mid, &cmd, sizeof(cmd)); 2665 } 2666 2667 int wmi_addba_rx_resp(struct wil6210_priv *wil, 2668 u8 mid, u8 cid, u8 tid, u8 token, 2669 u16 status, bool amsdu, u16 agg_wsize, u16 timeout) 2670 { 2671 int rc; 2672 struct wmi_rcp_addba_resp_cmd cmd = { 2673 .cidxtid = mk_cidxtid(cid, tid), 2674 .dialog_token = token, 2675 .status_code = cpu_to_le16(status), 2676 /* bit 0: A-MSDU supported 2677 * bit 1: policy (should be 0 for us) 2678 * bits 2..5: TID 2679 * bits 6..15: buffer size 2680 */ 2681 .ba_param_set = cpu_to_le16((amsdu ? 1 : 0) | (tid << 2) | 2682 (agg_wsize << 6)), 2683 .ba_timeout = cpu_to_le16(timeout), 2684 }; 2685 struct { 2686 struct wmi_cmd_hdr wmi; 2687 struct wmi_rcp_addba_resp_sent_event evt; 2688 } __packed reply = { 2689 .evt = {.status = cpu_to_le16(WMI_FW_STATUS_FAILURE)}, 2690 }; 2691 2692 wil_dbg_wmi(wil, 2693 "ADDBA response for MID %d CID %d TID %d size %d timeout %d status %d AMSDU%s\n", 2694 mid, cid, tid, agg_wsize, 2695 timeout, status, amsdu ? "+" : "-"); 2696 2697 rc = wmi_call(wil, WMI_RCP_ADDBA_RESP_CMDID, mid, &cmd, sizeof(cmd), 2698 WMI_RCP_ADDBA_RESP_SENT_EVENTID, &reply, sizeof(reply), 2699 100); 2700 if (rc) 2701 return rc; 2702 2703 if (reply.evt.status) { 2704 wil_err(wil, "ADDBA response failed with status %d\n", 2705 le16_to_cpu(reply.evt.status)); 2706 rc = -EINVAL; 2707 } 2708 2709 return rc; 2710 } 2711 2712 int wmi_addba_rx_resp_edma(struct wil6210_priv *wil, u8 mid, u8 cid, u8 tid, 2713 u8 token, u16 status, bool amsdu, u16 agg_wsize, 2714 u16 timeout) 2715 { 2716 int rc; 2717 struct wmi_rcp_addba_resp_edma_cmd cmd = { 2718 .cid = cid, 2719 .tid = tid, 2720 .dialog_token = token, 2721 .status_code = cpu_to_le16(status), 2722 /* bit 0: A-MSDU supported 2723 * bit 1: policy (should be 0 for us) 2724 * bits 2..5: TID 2725 * bits 6..15: buffer size 2726 */ 2727 .ba_param_set = cpu_to_le16((amsdu ? 1 : 0) | (tid << 2) | 2728 (agg_wsize << 6)), 2729 .ba_timeout = cpu_to_le16(timeout), 2730 /* route all the connections to status ring 0 */ 2731 .status_ring_id = WIL_DEFAULT_RX_STATUS_RING_ID, 2732 }; 2733 struct { 2734 struct wmi_cmd_hdr wmi; 2735 struct wmi_rcp_addba_resp_sent_event evt; 2736 } __packed reply = { 2737 .evt = {.status = cpu_to_le16(WMI_FW_STATUS_FAILURE)}, 2738 }; 2739 2740 wil_dbg_wmi(wil, 2741 "ADDBA response for CID %d TID %d size %d timeout %d status %d AMSDU%s, sring_id %d\n", 2742 cid, tid, agg_wsize, timeout, status, amsdu ? "+" : "-", 2743 WIL_DEFAULT_RX_STATUS_RING_ID); 2744 2745 rc = wmi_call(wil, WMI_RCP_ADDBA_RESP_EDMA_CMDID, mid, &cmd, 2746 sizeof(cmd), WMI_RCP_ADDBA_RESP_SENT_EVENTID, &reply, 2747 sizeof(reply), WIL_WMI_CALL_GENERAL_TO_MS); 2748 if (rc) 2749 return rc; 2750 2751 if (reply.evt.status) { 2752 wil_err(wil, "ADDBA response failed with status %d\n", 2753 le16_to_cpu(reply.evt.status)); 2754 rc = -EINVAL; 2755 } 2756 2757 return rc; 2758 } 2759 2760 int wmi_ps_dev_profile_cfg(struct wil6210_priv *wil, 2761 enum wmi_ps_profile_type ps_profile) 2762 { 2763 struct wil6210_vif *vif = ndev_to_vif(wil->main_ndev); 2764 int rc; 2765 struct wmi_ps_dev_profile_cfg_cmd cmd = { 2766 .ps_profile = ps_profile, 2767 }; 2768 struct { 2769 struct wmi_cmd_hdr wmi; 2770 struct wmi_ps_dev_profile_cfg_event evt; 2771 } __packed reply = { 2772 .evt = {.status = cpu_to_le32(WMI_PS_CFG_CMD_STATUS_ERROR)}, 2773 }; 2774 u32 status; 2775 2776 wil_dbg_wmi(wil, "Setting ps dev profile %d\n", ps_profile); 2777 2778 rc = wmi_call(wil, WMI_PS_DEV_PROFILE_CFG_CMDID, vif->mid, 2779 &cmd, sizeof(cmd), 2780 WMI_PS_DEV_PROFILE_CFG_EVENTID, &reply, sizeof(reply), 2781 100); 2782 if (rc) 2783 return rc; 2784 2785 status = le32_to_cpu(reply.evt.status); 2786 2787 if (status != WMI_PS_CFG_CMD_STATUS_SUCCESS) { 2788 wil_err(wil, "ps dev profile cfg failed with status %d\n", 2789 status); 2790 rc = -EINVAL; 2791 } 2792 2793 return rc; 2794 } 2795 2796 int wmi_set_mgmt_retry(struct wil6210_priv *wil, u8 retry_short) 2797 { 2798 struct wil6210_vif *vif = ndev_to_vif(wil->main_ndev); 2799 int rc; 2800 struct wmi_set_mgmt_retry_limit_cmd cmd = { 2801 .mgmt_retry_limit = retry_short, 2802 }; 2803 struct { 2804 struct wmi_cmd_hdr wmi; 2805 struct wmi_set_mgmt_retry_limit_event evt; 2806 } __packed reply = { 2807 .evt = {.status = WMI_FW_STATUS_FAILURE}, 2808 }; 2809 2810 wil_dbg_wmi(wil, "Setting mgmt retry short %d\n", retry_short); 2811 2812 if (!test_bit(WMI_FW_CAPABILITY_MGMT_RETRY_LIMIT, wil->fw_capabilities)) 2813 return -ENOTSUPP; 2814 2815 rc = wmi_call(wil, WMI_SET_MGMT_RETRY_LIMIT_CMDID, vif->mid, 2816 &cmd, sizeof(cmd), 2817 WMI_SET_MGMT_RETRY_LIMIT_EVENTID, &reply, sizeof(reply), 2818 100); 2819 if (rc) 2820 return rc; 2821 2822 if (reply.evt.status != WMI_FW_STATUS_SUCCESS) { 2823 wil_err(wil, "set mgmt retry limit failed with status %d\n", 2824 reply.evt.status); 2825 rc = -EINVAL; 2826 } 2827 2828 return rc; 2829 } 2830 2831 int wmi_get_mgmt_retry(struct wil6210_priv *wil, u8 *retry_short) 2832 { 2833 struct wil6210_vif *vif = ndev_to_vif(wil->main_ndev); 2834 int rc; 2835 struct { 2836 struct wmi_cmd_hdr wmi; 2837 struct wmi_get_mgmt_retry_limit_event evt; 2838 } __packed reply; 2839 2840 wil_dbg_wmi(wil, "getting mgmt retry short\n"); 2841 2842 if (!test_bit(WMI_FW_CAPABILITY_MGMT_RETRY_LIMIT, wil->fw_capabilities)) 2843 return -ENOTSUPP; 2844 2845 memset(&reply, 0, sizeof(reply)); 2846 rc = wmi_call(wil, WMI_GET_MGMT_RETRY_LIMIT_CMDID, vif->mid, NULL, 0, 2847 WMI_GET_MGMT_RETRY_LIMIT_EVENTID, &reply, sizeof(reply), 2848 100); 2849 if (rc) 2850 return rc; 2851 2852 if (retry_short) 2853 *retry_short = reply.evt.mgmt_retry_limit; 2854 2855 return 0; 2856 } 2857 2858 int wmi_abort_scan(struct wil6210_vif *vif) 2859 { 2860 struct wil6210_priv *wil = vif_to_wil(vif); 2861 int rc; 2862 2863 wil_dbg_wmi(wil, "sending WMI_ABORT_SCAN_CMDID\n"); 2864 2865 rc = wmi_send(wil, WMI_ABORT_SCAN_CMDID, vif->mid, NULL, 0); 2866 if (rc) 2867 wil_err(wil, "Failed to abort scan (%d)\n", rc); 2868 2869 return rc; 2870 } 2871 2872 int wmi_new_sta(struct wil6210_vif *vif, const u8 *mac, u8 aid) 2873 { 2874 struct wil6210_priv *wil = vif_to_wil(vif); 2875 int rc; 2876 struct wmi_new_sta_cmd cmd = { 2877 .aid = aid, 2878 }; 2879 2880 wil_dbg_wmi(wil, "new sta %pM, aid %d\n", mac, aid); 2881 2882 ether_addr_copy(cmd.dst_mac, mac); 2883 2884 rc = wmi_send(wil, WMI_NEW_STA_CMDID, vif->mid, &cmd, sizeof(cmd)); 2885 if (rc) 2886 wil_err(wil, "Failed to send new sta (%d)\n", rc); 2887 2888 return rc; 2889 } 2890 2891 void wmi_event_flush(struct wil6210_priv *wil) 2892 { 2893 ulong flags; 2894 struct pending_wmi_event *evt, *t; 2895 2896 wil_dbg_wmi(wil, "event_flush\n"); 2897 2898 spin_lock_irqsave(&wil->wmi_ev_lock, flags); 2899 2900 list_for_each_entry_safe(evt, t, &wil->pending_wmi_ev, list) { 2901 list_del(&evt->list); 2902 kfree(evt); 2903 } 2904 2905 spin_unlock_irqrestore(&wil->wmi_ev_lock, flags); 2906 } 2907 2908 static const char *suspend_status2name(u8 status) 2909 { 2910 switch (status) { 2911 case WMI_TRAFFIC_SUSPEND_REJECTED_LINK_NOT_IDLE: 2912 return "LINK_NOT_IDLE"; 2913 default: 2914 return "Untracked status"; 2915 } 2916 } 2917 2918 int wmi_suspend(struct wil6210_priv *wil) 2919 { 2920 struct wil6210_vif *vif = ndev_to_vif(wil->main_ndev); 2921 int rc; 2922 struct wmi_traffic_suspend_cmd cmd = { 2923 .wakeup_trigger = wil->wakeup_trigger, 2924 }; 2925 struct { 2926 struct wmi_cmd_hdr wmi; 2927 struct wmi_traffic_suspend_event evt; 2928 } __packed reply = { 2929 .evt = {.status = WMI_TRAFFIC_SUSPEND_REJECTED_LINK_NOT_IDLE}, 2930 }; 2931 2932 u32 suspend_to = WIL_WAIT_FOR_SUSPEND_RESUME_COMP; 2933 2934 wil->suspend_resp_rcvd = false; 2935 wil->suspend_resp_comp = false; 2936 2937 rc = wmi_call(wil, WMI_TRAFFIC_SUSPEND_CMDID, vif->mid, 2938 &cmd, sizeof(cmd), 2939 WMI_TRAFFIC_SUSPEND_EVENTID, &reply, sizeof(reply), 2940 suspend_to); 2941 if (rc) { 2942 wil_err(wil, "wmi_call for suspend req failed, rc=%d\n", rc); 2943 if (rc == -ETIME) 2944 /* wmi_call TO */ 2945 wil->suspend_stats.rejected_by_device++; 2946 else 2947 wil->suspend_stats.rejected_by_host++; 2948 goto out; 2949 } 2950 2951 wil_dbg_wmi(wil, "waiting for suspend_response_completed\n"); 2952 2953 rc = wait_event_interruptible_timeout(wil->wq, 2954 wil->suspend_resp_comp, 2955 msecs_to_jiffies(suspend_to)); 2956 if (rc == 0) { 2957 wil_err(wil, "TO waiting for suspend_response_completed\n"); 2958 if (wil->suspend_resp_rcvd) 2959 /* Device responded but we TO due to another reason */ 2960 wil->suspend_stats.rejected_by_host++; 2961 else 2962 wil->suspend_stats.rejected_by_device++; 2963 rc = -EBUSY; 2964 goto out; 2965 } 2966 2967 wil_dbg_wmi(wil, "suspend_response_completed rcvd\n"); 2968 if (reply.evt.status != WMI_TRAFFIC_SUSPEND_APPROVED) { 2969 wil_dbg_pm(wil, "device rejected the suspend, %s\n", 2970 suspend_status2name(reply.evt.status)); 2971 wil->suspend_stats.rejected_by_device++; 2972 } 2973 rc = reply.evt.status; 2974 2975 out: 2976 wil->suspend_resp_rcvd = false; 2977 wil->suspend_resp_comp = false; 2978 2979 return rc; 2980 } 2981 2982 static void resume_triggers2string(u32 triggers, char *string, int str_size) 2983 { 2984 string[0] = '\0'; 2985 2986 if (!triggers) { 2987 strlcat(string, " UNKNOWN", str_size); 2988 return; 2989 } 2990 2991 if (triggers & WMI_RESUME_TRIGGER_HOST) 2992 strlcat(string, " HOST", str_size); 2993 2994 if (triggers & WMI_RESUME_TRIGGER_UCAST_RX) 2995 strlcat(string, " UCAST_RX", str_size); 2996 2997 if (triggers & WMI_RESUME_TRIGGER_BCAST_RX) 2998 strlcat(string, " BCAST_RX", str_size); 2999 3000 if (triggers & WMI_RESUME_TRIGGER_WMI_EVT) 3001 strlcat(string, " WMI_EVT", str_size); 3002 } 3003 3004 int wmi_resume(struct wil6210_priv *wil) 3005 { 3006 struct wil6210_vif *vif = ndev_to_vif(wil->main_ndev); 3007 int rc; 3008 char string[100]; 3009 struct { 3010 struct wmi_cmd_hdr wmi; 3011 struct wmi_traffic_resume_event evt; 3012 } __packed reply = { 3013 .evt = {.status = WMI_TRAFFIC_RESUME_FAILED, 3014 .resume_triggers = 3015 cpu_to_le32(WMI_RESUME_TRIGGER_UNKNOWN)}, 3016 }; 3017 3018 rc = wmi_call(wil, WMI_TRAFFIC_RESUME_CMDID, vif->mid, NULL, 0, 3019 WMI_TRAFFIC_RESUME_EVENTID, &reply, sizeof(reply), 3020 WIL_WAIT_FOR_SUSPEND_RESUME_COMP); 3021 if (rc) 3022 return rc; 3023 resume_triggers2string(le32_to_cpu(reply.evt.resume_triggers), string, 3024 sizeof(string)); 3025 wil_dbg_pm(wil, "device resume %s, resume triggers:%s (0x%x)\n", 3026 reply.evt.status ? "failed" : "passed", string, 3027 le32_to_cpu(reply.evt.resume_triggers)); 3028 3029 return reply.evt.status; 3030 } 3031 3032 int wmi_port_allocate(struct wil6210_priv *wil, u8 mid, 3033 const u8 *mac, enum nl80211_iftype iftype) 3034 { 3035 int rc; 3036 struct wmi_port_allocate_cmd cmd = { 3037 .mid = mid, 3038 }; 3039 struct { 3040 struct wmi_cmd_hdr wmi; 3041 struct wmi_port_allocated_event evt; 3042 } __packed reply = { 3043 .evt = {.status = WMI_FW_STATUS_FAILURE}, 3044 }; 3045 3046 wil_dbg_misc(wil, "port allocate, mid %d iftype %d, mac %pM\n", 3047 mid, iftype, mac); 3048 3049 ether_addr_copy(cmd.mac, mac); 3050 switch (iftype) { 3051 case NL80211_IFTYPE_STATION: 3052 cmd.port_role = WMI_PORT_STA; 3053 break; 3054 case NL80211_IFTYPE_AP: 3055 cmd.port_role = WMI_PORT_AP; 3056 break; 3057 case NL80211_IFTYPE_P2P_CLIENT: 3058 cmd.port_role = WMI_PORT_P2P_CLIENT; 3059 break; 3060 case NL80211_IFTYPE_P2P_GO: 3061 cmd.port_role = WMI_PORT_P2P_GO; 3062 break; 3063 /* what about monitor??? */ 3064 default: 3065 wil_err(wil, "unsupported iftype: %d\n", iftype); 3066 return -EINVAL; 3067 } 3068 3069 rc = wmi_call(wil, WMI_PORT_ALLOCATE_CMDID, mid, 3070 &cmd, sizeof(cmd), 3071 WMI_PORT_ALLOCATED_EVENTID, &reply, 3072 sizeof(reply), 300); 3073 if (rc) { 3074 wil_err(wil, "failed to allocate port, status %d\n", rc); 3075 return rc; 3076 } 3077 if (reply.evt.status != WMI_FW_STATUS_SUCCESS) { 3078 wil_err(wil, "WMI_PORT_ALLOCATE returned status %d\n", 3079 reply.evt.status); 3080 return -EINVAL; 3081 } 3082 3083 return 0; 3084 } 3085 3086 int wmi_port_delete(struct wil6210_priv *wil, u8 mid) 3087 { 3088 int rc; 3089 struct wmi_port_delete_cmd cmd = { 3090 .mid = mid, 3091 }; 3092 struct { 3093 struct wmi_cmd_hdr wmi; 3094 struct wmi_port_deleted_event evt; 3095 } __packed reply = { 3096 .evt = {.status = WMI_FW_STATUS_FAILURE}, 3097 }; 3098 3099 wil_dbg_misc(wil, "port delete, mid %d\n", mid); 3100 3101 rc = wmi_call(wil, WMI_PORT_DELETE_CMDID, mid, 3102 &cmd, sizeof(cmd), 3103 WMI_PORT_DELETED_EVENTID, &reply, 3104 sizeof(reply), 2000); 3105 if (rc) { 3106 wil_err(wil, "failed to delete port, status %d\n", rc); 3107 return rc; 3108 } 3109 if (reply.evt.status != WMI_FW_STATUS_SUCCESS) { 3110 wil_err(wil, "WMI_PORT_DELETE returned status %d\n", 3111 reply.evt.status); 3112 return -EINVAL; 3113 } 3114 3115 return 0; 3116 } 3117 3118 static bool wmi_evt_call_handler(struct wil6210_vif *vif, int id, 3119 void *d, int len) 3120 { 3121 uint i; 3122 3123 for (i = 0; i < ARRAY_SIZE(wmi_evt_handlers); i++) { 3124 if (wmi_evt_handlers[i].eventid == id) { 3125 wmi_evt_handlers[i].handler(vif, id, d, len); 3126 return true; 3127 } 3128 } 3129 3130 return false; 3131 } 3132 3133 static void wmi_event_handle(struct wil6210_priv *wil, 3134 struct wil6210_mbox_hdr *hdr) 3135 { 3136 u16 len = le16_to_cpu(hdr->len); 3137 struct wil6210_vif *vif; 3138 3139 if ((hdr->type == WIL_MBOX_HDR_TYPE_WMI) && 3140 (len >= sizeof(struct wmi_cmd_hdr))) { 3141 struct wmi_cmd_hdr *wmi = (void *)(&hdr[1]); 3142 void *evt_data = (void *)(&wmi[1]); 3143 u16 id = le16_to_cpu(wmi->command_id); 3144 u8 mid = wmi->mid; 3145 3146 wil_dbg_wmi(wil, "Handle %s (0x%04x) (reply_id 0x%04x,%d)\n", 3147 eventid2name(id), id, wil->reply_id, 3148 wil->reply_mid); 3149 3150 if (mid == MID_BROADCAST) 3151 mid = 0; 3152 if (mid >= ARRAY_SIZE(wil->vifs) || mid >= wil->max_vifs) { 3153 wil_dbg_wmi(wil, "invalid mid %d, event skipped\n", 3154 mid); 3155 return; 3156 } 3157 vif = wil->vifs[mid]; 3158 if (!vif) { 3159 wil_dbg_wmi(wil, "event for empty VIF(%d), skipped\n", 3160 mid); 3161 return; 3162 } 3163 3164 /* check if someone waits for this event */ 3165 if (wil->reply_id && wil->reply_id == id && 3166 wil->reply_mid == mid) { 3167 WARN_ON(wil->reply_buf); 3168 3169 wmi_evt_call_handler(vif, id, evt_data, 3170 len - sizeof(*wmi)); 3171 wil_dbg_wmi(wil, "event_handle: Complete WMI 0x%04x\n", 3172 id); 3173 complete(&wil->wmi_call); 3174 return; 3175 } 3176 /* unsolicited event */ 3177 /* search for handler */ 3178 if (!wmi_evt_call_handler(vif, id, evt_data, 3179 len - sizeof(*wmi))) { 3180 wil_info(wil, "Unhandled event 0x%04x\n", id); 3181 } 3182 } else { 3183 wil_err(wil, "Unknown event type\n"); 3184 print_hex_dump(KERN_ERR, "evt?? ", DUMP_PREFIX_OFFSET, 16, 1, 3185 hdr, sizeof(*hdr) + len, true); 3186 } 3187 } 3188 3189 /* 3190 * Retrieve next WMI event from the pending list 3191 */ 3192 static struct list_head *next_wmi_ev(struct wil6210_priv *wil) 3193 { 3194 ulong flags; 3195 struct list_head *ret = NULL; 3196 3197 spin_lock_irqsave(&wil->wmi_ev_lock, flags); 3198 3199 if (!list_empty(&wil->pending_wmi_ev)) { 3200 ret = wil->pending_wmi_ev.next; 3201 list_del(ret); 3202 } 3203 3204 spin_unlock_irqrestore(&wil->wmi_ev_lock, flags); 3205 3206 return ret; 3207 } 3208 3209 /* 3210 * Handler for the WMI events 3211 */ 3212 void wmi_event_worker(struct work_struct *work) 3213 { 3214 struct wil6210_priv *wil = container_of(work, struct wil6210_priv, 3215 wmi_event_worker); 3216 struct pending_wmi_event *evt; 3217 struct list_head *lh; 3218 3219 wil_dbg_wmi(wil, "event_worker: Start\n"); 3220 while ((lh = next_wmi_ev(wil)) != NULL) { 3221 evt = list_entry(lh, struct pending_wmi_event, list); 3222 wmi_event_handle(wil, &evt->event.hdr); 3223 kfree(evt); 3224 } 3225 wil_dbg_wmi(wil, "event_worker: Finished\n"); 3226 } 3227 3228 bool wil_is_wmi_idle(struct wil6210_priv *wil) 3229 { 3230 ulong flags; 3231 struct wil6210_mbox_ring *r = &wil->mbox_ctl.rx; 3232 bool rc = false; 3233 3234 spin_lock_irqsave(&wil->wmi_ev_lock, flags); 3235 3236 /* Check if there are pending WMI events in the events queue */ 3237 if (!list_empty(&wil->pending_wmi_ev)) { 3238 wil_dbg_pm(wil, "Pending WMI events in queue\n"); 3239 goto out; 3240 } 3241 3242 /* Check if there is a pending WMI call */ 3243 if (wil->reply_id) { 3244 wil_dbg_pm(wil, "Pending WMI call\n"); 3245 goto out; 3246 } 3247 3248 /* Check if there are pending RX events in mbox */ 3249 r->head = wil_r(wil, RGF_MBOX + 3250 offsetof(struct wil6210_mbox_ctl, rx.head)); 3251 if (r->tail != r->head) 3252 wil_dbg_pm(wil, "Pending WMI mbox events\n"); 3253 else 3254 rc = true; 3255 3256 out: 3257 spin_unlock_irqrestore(&wil->wmi_ev_lock, flags); 3258 return rc; 3259 } 3260 3261 static void 3262 wmi_sched_scan_set_ssids(struct wil6210_priv *wil, 3263 struct wmi_start_sched_scan_cmd *cmd, 3264 struct cfg80211_ssid *ssids, int n_ssids, 3265 struct cfg80211_match_set *match_sets, 3266 int n_match_sets) 3267 { 3268 int i; 3269 3270 if (n_match_sets > WMI_MAX_PNO_SSID_NUM) { 3271 wil_dbg_wmi(wil, "too many match sets (%d), use first %d\n", 3272 n_match_sets, WMI_MAX_PNO_SSID_NUM); 3273 n_match_sets = WMI_MAX_PNO_SSID_NUM; 3274 } 3275 cmd->num_of_ssids = n_match_sets; 3276 3277 for (i = 0; i < n_match_sets; i++) { 3278 struct wmi_sched_scan_ssid_match *wmi_match = 3279 &cmd->ssid_for_match[i]; 3280 struct cfg80211_match_set *cfg_match = &match_sets[i]; 3281 int j; 3282 3283 wmi_match->ssid_len = cfg_match->ssid.ssid_len; 3284 memcpy(wmi_match->ssid, cfg_match->ssid.ssid, 3285 min_t(u8, wmi_match->ssid_len, WMI_MAX_SSID_LEN)); 3286 wmi_match->rssi_threshold = S8_MIN; 3287 if (cfg_match->rssi_thold >= S8_MIN && 3288 cfg_match->rssi_thold <= S8_MAX) 3289 wmi_match->rssi_threshold = cfg_match->rssi_thold; 3290 3291 for (j = 0; j < n_ssids; j++) 3292 if (wmi_match->ssid_len == ssids[j].ssid_len && 3293 memcmp(wmi_match->ssid, ssids[j].ssid, 3294 wmi_match->ssid_len) == 0) 3295 wmi_match->add_ssid_to_probe = true; 3296 } 3297 } 3298 3299 static void 3300 wmi_sched_scan_set_channels(struct wil6210_priv *wil, 3301 struct wmi_start_sched_scan_cmd *cmd, 3302 u32 n_channels, 3303 struct ieee80211_channel **channels) 3304 { 3305 int i; 3306 3307 if (n_channels > WMI_MAX_CHANNEL_NUM) { 3308 wil_dbg_wmi(wil, "too many channels (%d), use first %d\n", 3309 n_channels, WMI_MAX_CHANNEL_NUM); 3310 n_channels = WMI_MAX_CHANNEL_NUM; 3311 } 3312 cmd->num_of_channels = n_channels; 3313 3314 for (i = 0; i < n_channels; i++) { 3315 struct ieee80211_channel *cfg_chan = channels[i]; 3316 3317 cmd->channel_list[i] = cfg_chan->hw_value - 1; 3318 } 3319 } 3320 3321 static void 3322 wmi_sched_scan_set_plans(struct wil6210_priv *wil, 3323 struct wmi_start_sched_scan_cmd *cmd, 3324 struct cfg80211_sched_scan_plan *scan_plans, 3325 int n_scan_plans) 3326 { 3327 int i; 3328 3329 if (n_scan_plans > WMI_MAX_PLANS_NUM) { 3330 wil_dbg_wmi(wil, "too many plans (%d), use first %d\n", 3331 n_scan_plans, WMI_MAX_PLANS_NUM); 3332 n_scan_plans = WMI_MAX_PLANS_NUM; 3333 } 3334 3335 for (i = 0; i < n_scan_plans; i++) { 3336 struct cfg80211_sched_scan_plan *cfg_plan = &scan_plans[i]; 3337 3338 cmd->scan_plans[i].interval_sec = 3339 cpu_to_le16(cfg_plan->interval); 3340 cmd->scan_plans[i].num_of_iterations = 3341 cpu_to_le16(cfg_plan->iterations); 3342 } 3343 } 3344 3345 int wmi_start_sched_scan(struct wil6210_priv *wil, 3346 struct cfg80211_sched_scan_request *request) 3347 { 3348 struct wil6210_vif *vif = ndev_to_vif(wil->main_ndev); 3349 int rc; 3350 struct wmi_start_sched_scan_cmd cmd = { 3351 .min_rssi_threshold = S8_MIN, 3352 .initial_delay_sec = cpu_to_le16(request->delay), 3353 }; 3354 struct { 3355 struct wmi_cmd_hdr wmi; 3356 struct wmi_start_sched_scan_event evt; 3357 } __packed reply = { 3358 .evt = {.result = WMI_PNO_REJECT}, 3359 }; 3360 3361 if (!test_bit(WMI_FW_CAPABILITY_PNO, wil->fw_capabilities)) 3362 return -ENOTSUPP; 3363 3364 if (request->min_rssi_thold >= S8_MIN && 3365 request->min_rssi_thold <= S8_MAX) 3366 cmd.min_rssi_threshold = request->min_rssi_thold; 3367 3368 wmi_sched_scan_set_ssids(wil, &cmd, request->ssids, request->n_ssids, 3369 request->match_sets, request->n_match_sets); 3370 wmi_sched_scan_set_channels(wil, &cmd, 3371 request->n_channels, request->channels); 3372 wmi_sched_scan_set_plans(wil, &cmd, 3373 request->scan_plans, request->n_scan_plans); 3374 3375 rc = wmi_call(wil, WMI_START_SCHED_SCAN_CMDID, vif->mid, 3376 &cmd, sizeof(cmd), 3377 WMI_START_SCHED_SCAN_EVENTID, &reply, sizeof(reply), 3378 WIL_WMI_CALL_GENERAL_TO_MS); 3379 if (rc) 3380 return rc; 3381 3382 if (reply.evt.result != WMI_PNO_SUCCESS) { 3383 wil_err(wil, "start sched scan failed, result %d\n", 3384 reply.evt.result); 3385 return -EINVAL; 3386 } 3387 3388 return 0; 3389 } 3390 3391 int wmi_stop_sched_scan(struct wil6210_priv *wil) 3392 { 3393 struct wil6210_vif *vif = ndev_to_vif(wil->main_ndev); 3394 int rc; 3395 struct { 3396 struct wmi_cmd_hdr wmi; 3397 struct wmi_stop_sched_scan_event evt; 3398 } __packed reply = { 3399 .evt = {.result = WMI_PNO_REJECT}, 3400 }; 3401 3402 if (!test_bit(WMI_FW_CAPABILITY_PNO, wil->fw_capabilities)) 3403 return -ENOTSUPP; 3404 3405 rc = wmi_call(wil, WMI_STOP_SCHED_SCAN_CMDID, vif->mid, NULL, 0, 3406 WMI_STOP_SCHED_SCAN_EVENTID, &reply, sizeof(reply), 3407 WIL_WMI_CALL_GENERAL_TO_MS); 3408 if (rc) 3409 return rc; 3410 3411 if (reply.evt.result != WMI_PNO_SUCCESS) { 3412 wil_err(wil, "stop sched scan failed, result %d\n", 3413 reply.evt.result); 3414 return -EINVAL; 3415 } 3416 3417 return 0; 3418 } 3419 3420 int wmi_mgmt_tx(struct wil6210_vif *vif, const u8 *buf, size_t len) 3421 { 3422 size_t total; 3423 struct wil6210_priv *wil = vif_to_wil(vif); 3424 struct ieee80211_mgmt *mgmt_frame = (void *)buf; 3425 struct wmi_sw_tx_req_cmd *cmd; 3426 struct { 3427 struct wmi_cmd_hdr wmi; 3428 struct wmi_sw_tx_complete_event evt; 3429 } __packed evt = { 3430 .evt = {.status = WMI_FW_STATUS_FAILURE}, 3431 }; 3432 int rc; 3433 3434 wil_dbg_misc(wil, "mgmt_tx mid %d\n", vif->mid); 3435 wil_hex_dump_misc("mgmt tx frame ", DUMP_PREFIX_OFFSET, 16, 1, buf, 3436 len, true); 3437 3438 if (len < sizeof(struct ieee80211_hdr_3addr)) 3439 return -EINVAL; 3440 3441 total = sizeof(*cmd) + len; 3442 if (total < len) { 3443 wil_err(wil, "mgmt_tx invalid len %zu\n", len); 3444 return -EINVAL; 3445 } 3446 3447 cmd = kmalloc(total, GFP_KERNEL); 3448 if (!cmd) 3449 return -ENOMEM; 3450 3451 memcpy(cmd->dst_mac, mgmt_frame->da, WMI_MAC_LEN); 3452 cmd->len = cpu_to_le16(len); 3453 memcpy(cmd->payload, buf, len); 3454 3455 rc = wmi_call(wil, WMI_SW_TX_REQ_CMDID, vif->mid, cmd, total, 3456 WMI_SW_TX_COMPLETE_EVENTID, &evt, sizeof(evt), 2000); 3457 if (!rc && evt.evt.status != WMI_FW_STATUS_SUCCESS) { 3458 wil_err(wil, "mgmt_tx failed with status %d\n", evt.evt.status); 3459 rc = -EINVAL; 3460 } 3461 3462 kfree(cmd); 3463 3464 return rc; 3465 } 3466 3467 int wmi_mgmt_tx_ext(struct wil6210_vif *vif, const u8 *buf, size_t len, 3468 u8 channel, u16 duration_ms) 3469 { 3470 size_t total; 3471 struct wil6210_priv *wil = vif_to_wil(vif); 3472 struct ieee80211_mgmt *mgmt_frame = (void *)buf; 3473 struct wmi_sw_tx_req_ext_cmd *cmd; 3474 struct { 3475 struct wmi_cmd_hdr wmi; 3476 struct wmi_sw_tx_complete_event evt; 3477 } __packed evt = { 3478 .evt = {.status = WMI_FW_STATUS_FAILURE}, 3479 }; 3480 int rc; 3481 3482 wil_dbg_wmi(wil, "mgmt_tx_ext mid %d channel %d duration %d\n", 3483 vif->mid, channel, duration_ms); 3484 wil_hex_dump_wmi("mgmt_tx_ext frame ", DUMP_PREFIX_OFFSET, 16, 1, buf, 3485 len, true); 3486 3487 if (len < sizeof(struct ieee80211_hdr_3addr)) { 3488 wil_err(wil, "short frame. len %zu\n", len); 3489 return -EINVAL; 3490 } 3491 3492 total = sizeof(*cmd) + len; 3493 if (total < len) { 3494 wil_err(wil, "mgmt_tx_ext invalid len %zu\n", len); 3495 return -EINVAL; 3496 } 3497 3498 cmd = kzalloc(total, GFP_KERNEL); 3499 if (!cmd) 3500 return -ENOMEM; 3501 3502 memcpy(cmd->dst_mac, mgmt_frame->da, WMI_MAC_LEN); 3503 cmd->len = cpu_to_le16(len); 3504 memcpy(cmd->payload, buf, len); 3505 cmd->channel = channel - 1; 3506 cmd->duration_ms = cpu_to_le16(duration_ms); 3507 3508 rc = wmi_call(wil, WMI_SW_TX_REQ_EXT_CMDID, vif->mid, cmd, total, 3509 WMI_SW_TX_COMPLETE_EVENTID, &evt, sizeof(evt), 2000); 3510 if (!rc && evt.evt.status != WMI_FW_STATUS_SUCCESS) { 3511 wil_err(wil, "mgmt_tx_ext failed with status %d\n", 3512 evt.evt.status); 3513 rc = -EINVAL; 3514 } 3515 3516 kfree(cmd); 3517 3518 return rc; 3519 } 3520 3521 int wil_wmi_tx_sring_cfg(struct wil6210_priv *wil, int ring_id) 3522 { 3523 int rc; 3524 struct wil6210_vif *vif = ndev_to_vif(wil->main_ndev); 3525 struct wil_status_ring *sring = &wil->srings[ring_id]; 3526 struct wmi_tx_status_ring_add_cmd cmd = { 3527 .ring_cfg = { 3528 .ring_size = cpu_to_le16(sring->size), 3529 }, 3530 .irq_index = WIL_TX_STATUS_IRQ_IDX 3531 }; 3532 struct { 3533 struct wmi_cmd_hdr hdr; 3534 struct wmi_tx_status_ring_cfg_done_event evt; 3535 } __packed reply = { 3536 .evt = {.status = WMI_FW_STATUS_FAILURE}, 3537 }; 3538 3539 cmd.ring_cfg.ring_id = ring_id; 3540 3541 cmd.ring_cfg.ring_mem_base = cpu_to_le64(sring->pa); 3542 rc = wmi_call(wil, WMI_TX_STATUS_RING_ADD_CMDID, vif->mid, &cmd, 3543 sizeof(cmd), WMI_TX_STATUS_RING_CFG_DONE_EVENTID, 3544 &reply, sizeof(reply), WIL_WMI_CALL_GENERAL_TO_MS); 3545 if (rc) { 3546 wil_err(wil, "TX_STATUS_RING_ADD_CMD failed, rc %d\n", rc); 3547 return rc; 3548 } 3549 3550 if (reply.evt.status != WMI_FW_STATUS_SUCCESS) { 3551 wil_err(wil, "TX_STATUS_RING_ADD_CMD failed, status %d\n", 3552 reply.evt.status); 3553 return -EINVAL; 3554 } 3555 3556 sring->hwtail = le32_to_cpu(reply.evt.ring_tail_ptr); 3557 3558 return 0; 3559 } 3560 3561 int wil_wmi_cfg_def_rx_offload(struct wil6210_priv *wil, u16 max_rx_pl_per_desc) 3562 { 3563 struct net_device *ndev = wil->main_ndev; 3564 struct wil6210_vif *vif = ndev_to_vif(ndev); 3565 int rc; 3566 struct wmi_cfg_def_rx_offload_cmd cmd = { 3567 .max_msdu_size = cpu_to_le16(wil_mtu2macbuf(WIL_MAX_ETH_MTU)), 3568 .max_rx_pl_per_desc = cpu_to_le16(max_rx_pl_per_desc), 3569 .decap_trans_type = WMI_DECAP_TYPE_802_3, 3570 .l2_802_3_offload_ctrl = 0, 3571 .l3_l4_ctrl = 1 << L3_L4_CTRL_TCPIP_CHECKSUM_EN_POS, 3572 }; 3573 struct { 3574 struct wmi_cmd_hdr hdr; 3575 struct wmi_cfg_def_rx_offload_done_event evt; 3576 } __packed reply = { 3577 .evt = {.status = WMI_FW_STATUS_FAILURE}, 3578 }; 3579 3580 rc = wmi_call(wil, WMI_CFG_DEF_RX_OFFLOAD_CMDID, vif->mid, &cmd, 3581 sizeof(cmd), WMI_CFG_DEF_RX_OFFLOAD_DONE_EVENTID, &reply, 3582 sizeof(reply), WIL_WMI_CALL_GENERAL_TO_MS); 3583 if (rc) { 3584 wil_err(wil, "WMI_CFG_DEF_RX_OFFLOAD_CMD failed, rc %d\n", rc); 3585 return rc; 3586 } 3587 3588 if (reply.evt.status != WMI_FW_STATUS_SUCCESS) { 3589 wil_err(wil, "WMI_CFG_DEF_RX_OFFLOAD_CMD failed, status %d\n", 3590 reply.evt.status); 3591 return -EINVAL; 3592 } 3593 3594 return 0; 3595 } 3596 3597 int wil_wmi_rx_sring_add(struct wil6210_priv *wil, u16 ring_id) 3598 { 3599 struct net_device *ndev = wil->main_ndev; 3600 struct wil6210_vif *vif = ndev_to_vif(ndev); 3601 struct wil_status_ring *sring = &wil->srings[ring_id]; 3602 int rc; 3603 struct wmi_rx_status_ring_add_cmd cmd = { 3604 .ring_cfg = { 3605 .ring_size = cpu_to_le16(sring->size), 3606 .ring_id = ring_id, 3607 }, 3608 .rx_msg_type = wil->use_compressed_rx_status ? 3609 WMI_RX_MSG_TYPE_COMPRESSED : 3610 WMI_RX_MSG_TYPE_EXTENDED, 3611 .irq_index = WIL_RX_STATUS_IRQ_IDX, 3612 }; 3613 struct { 3614 struct wmi_cmd_hdr hdr; 3615 struct wmi_rx_status_ring_cfg_done_event evt; 3616 } __packed reply = { 3617 .evt = {.status = WMI_FW_STATUS_FAILURE}, 3618 }; 3619 3620 cmd.ring_cfg.ring_mem_base = cpu_to_le64(sring->pa); 3621 rc = wmi_call(wil, WMI_RX_STATUS_RING_ADD_CMDID, vif->mid, &cmd, 3622 sizeof(cmd), WMI_RX_STATUS_RING_CFG_DONE_EVENTID, &reply, 3623 sizeof(reply), WIL_WMI_CALL_GENERAL_TO_MS); 3624 if (rc) { 3625 wil_err(wil, "RX_STATUS_RING_ADD_CMD failed, rc %d\n", rc); 3626 return rc; 3627 } 3628 3629 if (reply.evt.status != WMI_FW_STATUS_SUCCESS) { 3630 wil_err(wil, "RX_STATUS_RING_ADD_CMD failed, status %d\n", 3631 reply.evt.status); 3632 return -EINVAL; 3633 } 3634 3635 sring->hwtail = le32_to_cpu(reply.evt.ring_tail_ptr); 3636 3637 return 0; 3638 } 3639 3640 int wil_wmi_rx_desc_ring_add(struct wil6210_priv *wil, int status_ring_id) 3641 { 3642 struct net_device *ndev = wil->main_ndev; 3643 struct wil6210_vif *vif = ndev_to_vif(ndev); 3644 struct wil_ring *ring = &wil->ring_rx; 3645 int rc; 3646 struct wmi_rx_desc_ring_add_cmd cmd = { 3647 .ring_cfg = { 3648 .ring_size = cpu_to_le16(ring->size), 3649 .ring_id = WIL_RX_DESC_RING_ID, 3650 }, 3651 .status_ring_id = status_ring_id, 3652 .irq_index = WIL_RX_STATUS_IRQ_IDX, 3653 }; 3654 struct { 3655 struct wmi_cmd_hdr hdr; 3656 struct wmi_rx_desc_ring_cfg_done_event evt; 3657 } __packed reply = { 3658 .evt = {.status = WMI_FW_STATUS_FAILURE}, 3659 }; 3660 3661 cmd.ring_cfg.ring_mem_base = cpu_to_le64(ring->pa); 3662 cmd.sw_tail_host_addr = cpu_to_le64(ring->edma_rx_swtail.pa); 3663 rc = wmi_call(wil, WMI_RX_DESC_RING_ADD_CMDID, vif->mid, &cmd, 3664 sizeof(cmd), WMI_RX_DESC_RING_CFG_DONE_EVENTID, &reply, 3665 sizeof(reply), WIL_WMI_CALL_GENERAL_TO_MS); 3666 if (rc) { 3667 wil_err(wil, "WMI_RX_DESC_RING_ADD_CMD failed, rc %d\n", rc); 3668 return rc; 3669 } 3670 3671 if (reply.evt.status != WMI_FW_STATUS_SUCCESS) { 3672 wil_err(wil, "WMI_RX_DESC_RING_ADD_CMD failed, status %d\n", 3673 reply.evt.status); 3674 return -EINVAL; 3675 } 3676 3677 ring->hwtail = le32_to_cpu(reply.evt.ring_tail_ptr); 3678 3679 return 0; 3680 } 3681 3682 int wil_wmi_tx_desc_ring_add(struct wil6210_vif *vif, int ring_id, int cid, 3683 int tid) 3684 { 3685 struct wil6210_priv *wil = vif_to_wil(vif); 3686 int sring_id = wil->tx_sring_idx; /* there is only one TX sring */ 3687 int rc; 3688 struct wil_ring *ring = &wil->ring_tx[ring_id]; 3689 struct wil_ring_tx_data *txdata = &wil->ring_tx_data[ring_id]; 3690 struct wmi_tx_desc_ring_add_cmd cmd = { 3691 .ring_cfg = { 3692 .ring_size = cpu_to_le16(ring->size), 3693 .ring_id = ring_id, 3694 }, 3695 .status_ring_id = sring_id, 3696 .cid = cid, 3697 .tid = tid, 3698 .encap_trans_type = WMI_VRING_ENC_TYPE_802_3, 3699 .max_msdu_size = cpu_to_le16(wil_mtu2macbuf(mtu_max)), 3700 .schd_params = { 3701 .priority = cpu_to_le16(0), 3702 .timeslot_us = cpu_to_le16(0xfff), 3703 } 3704 }; 3705 struct { 3706 struct wmi_cmd_hdr hdr; 3707 struct wmi_tx_desc_ring_cfg_done_event evt; 3708 } __packed reply = { 3709 .evt = {.status = WMI_FW_STATUS_FAILURE}, 3710 }; 3711 3712 cmd.ring_cfg.ring_mem_base = cpu_to_le64(ring->pa); 3713 rc = wmi_call(wil, WMI_TX_DESC_RING_ADD_CMDID, vif->mid, &cmd, 3714 sizeof(cmd), WMI_TX_DESC_RING_CFG_DONE_EVENTID, &reply, 3715 sizeof(reply), WIL_WMI_CALL_GENERAL_TO_MS); 3716 if (rc) { 3717 wil_err(wil, "WMI_TX_DESC_RING_ADD_CMD failed, rc %d\n", rc); 3718 return rc; 3719 } 3720 3721 if (reply.evt.status != WMI_FW_STATUS_SUCCESS) { 3722 wil_err(wil, "WMI_TX_DESC_RING_ADD_CMD failed, status %d\n", 3723 reply.evt.status); 3724 return -EINVAL; 3725 } 3726 3727 spin_lock_bh(&txdata->lock); 3728 ring->hwtail = le32_to_cpu(reply.evt.ring_tail_ptr); 3729 txdata->mid = vif->mid; 3730 txdata->enabled = 1; 3731 spin_unlock_bh(&txdata->lock); 3732 3733 return 0; 3734 } 3735 3736 int wil_wmi_bcast_desc_ring_add(struct wil6210_vif *vif, int ring_id) 3737 { 3738 struct wil6210_priv *wil = vif_to_wil(vif); 3739 struct wil_ring *ring = &wil->ring_tx[ring_id]; 3740 int rc; 3741 struct wmi_bcast_desc_ring_add_cmd cmd = { 3742 .ring_cfg = { 3743 .ring_size = cpu_to_le16(ring->size), 3744 .ring_id = ring_id, 3745 }, 3746 .status_ring_id = wil->tx_sring_idx, 3747 .encap_trans_type = WMI_VRING_ENC_TYPE_802_3, 3748 }; 3749 struct { 3750 struct wmi_cmd_hdr hdr; 3751 struct wmi_rx_desc_ring_cfg_done_event evt; 3752 } __packed reply = { 3753 .evt = {.status = WMI_FW_STATUS_FAILURE}, 3754 }; 3755 struct wil_ring_tx_data *txdata = &wil->ring_tx_data[ring_id]; 3756 3757 cmd.ring_cfg.ring_mem_base = cpu_to_le64(ring->pa); 3758 rc = wmi_call(wil, WMI_BCAST_DESC_RING_ADD_CMDID, vif->mid, &cmd, 3759 sizeof(cmd), WMI_TX_DESC_RING_CFG_DONE_EVENTID, &reply, 3760 sizeof(reply), WIL_WMI_CALL_GENERAL_TO_MS); 3761 if (rc) { 3762 wil_err(wil, "WMI_BCAST_DESC_RING_ADD_CMD failed, rc %d\n", rc); 3763 return rc; 3764 } 3765 3766 if (reply.evt.status != WMI_FW_STATUS_SUCCESS) { 3767 wil_err(wil, "Broadcast Tx config failed, status %d\n", 3768 reply.evt.status); 3769 return -EINVAL; 3770 } 3771 3772 spin_lock_bh(&txdata->lock); 3773 ring->hwtail = le32_to_cpu(reply.evt.ring_tail_ptr); 3774 txdata->mid = vif->mid; 3775 txdata->enabled = 1; 3776 spin_unlock_bh(&txdata->lock); 3777 3778 return 0; 3779 } 3780 3781 int wmi_link_stats_cfg(struct wil6210_vif *vif, u32 type, u8 cid, u32 interval) 3782 { 3783 struct wil6210_priv *wil = vif_to_wil(vif); 3784 struct wmi_link_stats_cmd cmd = { 3785 .record_type_mask = cpu_to_le32(type), 3786 .cid = cid, 3787 .action = WMI_LINK_STATS_SNAPSHOT, 3788 .interval_msec = cpu_to_le32(interval), 3789 }; 3790 struct { 3791 struct wmi_cmd_hdr wmi; 3792 struct wmi_link_stats_config_done_event evt; 3793 } __packed reply = { 3794 .evt = {.status = WMI_FW_STATUS_FAILURE}, 3795 }; 3796 int rc; 3797 3798 rc = wmi_call(wil, WMI_LINK_STATS_CMDID, vif->mid, &cmd, sizeof(cmd), 3799 WMI_LINK_STATS_CONFIG_DONE_EVENTID, &reply, 3800 sizeof(reply), WIL_WMI_CALL_GENERAL_TO_MS); 3801 if (rc) { 3802 wil_err(wil, "WMI_LINK_STATS_CMDID failed, rc %d\n", rc); 3803 return rc; 3804 } 3805 3806 if (reply.evt.status != WMI_FW_STATUS_SUCCESS) { 3807 wil_err(wil, "Link statistics config failed, status %d\n", 3808 reply.evt.status); 3809 return -EINVAL; 3810 } 3811 3812 return 0; 3813 } 3814