1 // SPDX-License-Identifier: ISC 2 /* 3 * Copyright (c) 2010 Broadcom Corporation 4 */ 5 6 /* Toplevel file. Relies on dhd_linux.c to send commands to the dongle. */ 7 8 #include <linux/kernel.h> 9 #include <linux/etherdevice.h> 10 #include <linux/module.h> 11 #include <linux/vmalloc.h> 12 #include <net/cfg80211.h> 13 #include <net/netlink.h> 14 #include <uapi/linux/if_arp.h> 15 16 #include <brcmu_utils.h> 17 #include <defs.h> 18 #include <brcmu_wifi.h> 19 #include <brcm_hw_ids.h> 20 #include "core.h" 21 #include "debug.h" 22 #include "tracepoint.h" 23 #include "fwil_types.h" 24 #include "p2p.h" 25 #include "btcoex.h" 26 #include "pno.h" 27 #include "fwsignal.h" 28 #include "cfg80211.h" 29 #include "feature.h" 30 #include "fwil.h" 31 #include "proto.h" 32 #include "vendor.h" 33 #include "bus.h" 34 #include "common.h" 35 36 #define BRCMF_SCAN_IE_LEN_MAX 2048 37 38 #define WPA_OUI "\x00\x50\xF2" /* WPA OUI */ 39 #define WPA_OUI_TYPE 1 40 #define RSN_OUI "\x00\x0F\xAC" /* RSN OUI */ 41 #define WME_OUI_TYPE 2 42 #define WPS_OUI_TYPE 4 43 44 #define VS_IE_FIXED_HDR_LEN 6 45 #define WPA_IE_VERSION_LEN 2 46 #define WPA_IE_MIN_OUI_LEN 4 47 #define WPA_IE_SUITE_COUNT_LEN 2 48 49 #define WPA_CIPHER_NONE 0 /* None */ 50 #define WPA_CIPHER_WEP_40 1 /* WEP (40-bit) */ 51 #define WPA_CIPHER_TKIP 2 /* TKIP: default for WPA */ 52 #define WPA_CIPHER_AES_CCM 4 /* AES (CCM) */ 53 #define WPA_CIPHER_WEP_104 5 /* WEP (104-bit) */ 54 55 #define RSN_AKM_NONE 0 /* None (IBSS) */ 56 #define RSN_AKM_UNSPECIFIED 1 /* Over 802.1x */ 57 #define RSN_AKM_PSK 2 /* Pre-shared Key */ 58 #define RSN_AKM_SHA256_1X 5 /* SHA256, 802.1X */ 59 #define RSN_AKM_SHA256_PSK 6 /* SHA256, Pre-shared Key */ 60 #define RSN_AKM_SAE 8 /* SAE */ 61 #define RSN_CAP_LEN 2 /* Length of RSN capabilities */ 62 #define RSN_CAP_PTK_REPLAY_CNTR_MASK (BIT(2) | BIT(3)) 63 #define RSN_CAP_MFPR_MASK BIT(6) 64 #define RSN_CAP_MFPC_MASK BIT(7) 65 #define RSN_PMKID_COUNT_LEN 2 66 67 #define VNDR_IE_CMD_LEN 4 /* length of the set command 68 * string :"add", "del" (+ NUL) 69 */ 70 #define VNDR_IE_COUNT_OFFSET 4 71 #define VNDR_IE_PKTFLAG_OFFSET 8 72 #define VNDR_IE_VSIE_OFFSET 12 73 #define VNDR_IE_HDR_SIZE 12 74 #define VNDR_IE_PARSE_LIMIT 5 75 76 #define DOT11_MGMT_HDR_LEN 24 /* d11 management header len */ 77 #define DOT11_BCN_PRB_FIXED_LEN 12 /* beacon/probe fixed length */ 78 79 #define BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS 320 80 #define BRCMF_SCAN_JOIN_PASSIVE_DWELL_TIME_MS 400 81 #define BRCMF_SCAN_JOIN_PROBE_INTERVAL_MS 20 82 83 #define BRCMF_SCAN_CHANNEL_TIME 40 84 #define BRCMF_SCAN_UNASSOC_TIME 40 85 #define BRCMF_SCAN_PASSIVE_TIME 120 86 87 #define BRCMF_ND_INFO_TIMEOUT msecs_to_jiffies(2000) 88 89 #define BRCMF_PS_MAX_TIMEOUT_MS 2000 90 91 /* Dump obss definitions */ 92 #define ACS_MSRMNT_DELAY 80 93 #define CHAN_NOISE_DUMMY (-80) 94 #define OBSS_TOKEN_IDX 15 95 #define IBSS_TOKEN_IDX 15 96 #define TX_TOKEN_IDX 14 97 #define CTG_TOKEN_IDX 13 98 #define PKT_TOKEN_IDX 15 99 #define IDLE_TOKEN_IDX 12 100 101 #define BRCMF_ASSOC_PARAMS_FIXED_SIZE \ 102 (sizeof(struct brcmf_assoc_params_le) - sizeof(u16)) 103 104 struct brcmf_dump_survey { 105 u32 obss; 106 u32 ibss; 107 u32 no_ctg; 108 u32 no_pckt; 109 u32 tx; 110 u32 idle; 111 }; 112 113 struct cca_stats_n_flags { 114 u32 msrmnt_time; /* Time for Measurement (msec) */ 115 u32 msrmnt_done; /* flag set when measurement complete */ 116 char buf[1]; 117 }; 118 119 struct cca_msrmnt_query { 120 u32 msrmnt_query; 121 u32 time_req; 122 }; 123 124 static bool check_vif_up(struct brcmf_cfg80211_vif *vif) 125 { 126 if (!test_bit(BRCMF_VIF_STATUS_READY, &vif->sme_state)) { 127 brcmf_dbg(INFO, "device is not ready : status (%lu)\n", 128 vif->sme_state); 129 return false; 130 } 131 return true; 132 } 133 134 #define RATE_TO_BASE100KBPS(rate) (((rate) * 10) / 2) 135 #define RATETAB_ENT(_rateid, _flags) \ 136 { \ 137 .bitrate = RATE_TO_BASE100KBPS(_rateid), \ 138 .hw_value = (_rateid), \ 139 .flags = (_flags), \ 140 } 141 142 static struct ieee80211_rate __wl_rates[] = { 143 RATETAB_ENT(BRCM_RATE_1M, 0), 144 RATETAB_ENT(BRCM_RATE_2M, IEEE80211_RATE_SHORT_PREAMBLE), 145 RATETAB_ENT(BRCM_RATE_5M5, IEEE80211_RATE_SHORT_PREAMBLE), 146 RATETAB_ENT(BRCM_RATE_11M, IEEE80211_RATE_SHORT_PREAMBLE), 147 RATETAB_ENT(BRCM_RATE_6M, 0), 148 RATETAB_ENT(BRCM_RATE_9M, 0), 149 RATETAB_ENT(BRCM_RATE_12M, 0), 150 RATETAB_ENT(BRCM_RATE_18M, 0), 151 RATETAB_ENT(BRCM_RATE_24M, 0), 152 RATETAB_ENT(BRCM_RATE_36M, 0), 153 RATETAB_ENT(BRCM_RATE_48M, 0), 154 RATETAB_ENT(BRCM_RATE_54M, 0), 155 }; 156 157 #define wl_g_rates (__wl_rates + 0) 158 #define wl_g_rates_size ARRAY_SIZE(__wl_rates) 159 #define wl_a_rates (__wl_rates + 4) 160 #define wl_a_rates_size (wl_g_rates_size - 4) 161 162 #define CHAN2G(_channel, _freq) { \ 163 .band = NL80211_BAND_2GHZ, \ 164 .center_freq = (_freq), \ 165 .hw_value = (_channel), \ 166 .max_antenna_gain = 0, \ 167 .max_power = 30, \ 168 } 169 170 #define CHAN5G(_channel) { \ 171 .band = NL80211_BAND_5GHZ, \ 172 .center_freq = 5000 + (5 * (_channel)), \ 173 .hw_value = (_channel), \ 174 .max_antenna_gain = 0, \ 175 .max_power = 30, \ 176 } 177 178 static struct ieee80211_channel __wl_2ghz_channels[] = { 179 CHAN2G(1, 2412), CHAN2G(2, 2417), CHAN2G(3, 2422), CHAN2G(4, 2427), 180 CHAN2G(5, 2432), CHAN2G(6, 2437), CHAN2G(7, 2442), CHAN2G(8, 2447), 181 CHAN2G(9, 2452), CHAN2G(10, 2457), CHAN2G(11, 2462), CHAN2G(12, 2467), 182 CHAN2G(13, 2472), CHAN2G(14, 2484) 183 }; 184 185 static struct ieee80211_channel __wl_5ghz_channels[] = { 186 CHAN5G(34), CHAN5G(36), CHAN5G(38), CHAN5G(40), CHAN5G(42), 187 CHAN5G(44), CHAN5G(46), CHAN5G(48), CHAN5G(52), CHAN5G(56), 188 CHAN5G(60), CHAN5G(64), CHAN5G(100), CHAN5G(104), CHAN5G(108), 189 CHAN5G(112), CHAN5G(116), CHAN5G(120), CHAN5G(124), CHAN5G(128), 190 CHAN5G(132), CHAN5G(136), CHAN5G(140), CHAN5G(144), CHAN5G(149), 191 CHAN5G(153), CHAN5G(157), CHAN5G(161), CHAN5G(165) 192 }; 193 194 /* Band templates duplicated per wiphy. The channel info 195 * above is added to the band during setup. 196 */ 197 static const struct ieee80211_supported_band __wl_band_2ghz = { 198 .band = NL80211_BAND_2GHZ, 199 .bitrates = wl_g_rates, 200 .n_bitrates = wl_g_rates_size, 201 }; 202 203 static const struct ieee80211_supported_band __wl_band_5ghz = { 204 .band = NL80211_BAND_5GHZ, 205 .bitrates = wl_a_rates, 206 .n_bitrates = wl_a_rates_size, 207 }; 208 209 /* This is to override regulatory domains defined in cfg80211 module (reg.c) 210 * By default world regulatory domain defined in reg.c puts the flags 211 * NL80211_RRF_NO_IR for 5GHz channels (for * 36..48 and 149..165). 212 * With respect to these flags, wpa_supplicant doesn't * start p2p 213 * operations on 5GHz channels. All the changes in world regulatory 214 * domain are to be done here. 215 */ 216 static const struct ieee80211_regdomain brcmf_regdom = { 217 .n_reg_rules = 4, 218 .alpha2 = "99", 219 .reg_rules = { 220 /* IEEE 802.11b/g, channels 1..11 */ 221 REG_RULE(2412-10, 2472+10, 40, 6, 20, 0), 222 /* If any */ 223 /* IEEE 802.11 channel 14 - Only JP enables 224 * this and for 802.11b only 225 */ 226 REG_RULE(2484-10, 2484+10, 20, 6, 20, 0), 227 /* IEEE 802.11a, channel 36..64 */ 228 REG_RULE(5150-10, 5350+10, 160, 6, 20, 0), 229 /* IEEE 802.11a, channel 100..165 */ 230 REG_RULE(5470-10, 5850+10, 160, 6, 20, 0), } 231 }; 232 233 /* Note: brcmf_cipher_suites is an array of int defining which cipher suites 234 * are supported. A pointer to this array and the number of entries is passed 235 * on to upper layers. AES_CMAC defines whether or not the driver supports MFP. 236 * So the cipher suite AES_CMAC has to be the last one in the array, and when 237 * device does not support MFP then the number of suites will be decreased by 1 238 */ 239 static const u32 brcmf_cipher_suites[] = { 240 WLAN_CIPHER_SUITE_WEP40, 241 WLAN_CIPHER_SUITE_WEP104, 242 WLAN_CIPHER_SUITE_TKIP, 243 WLAN_CIPHER_SUITE_CCMP, 244 /* Keep as last entry: */ 245 WLAN_CIPHER_SUITE_AES_CMAC 246 }; 247 248 /* Vendor specific ie. id = 221, oui and type defines exact ie */ 249 struct brcmf_vs_tlv { 250 u8 id; 251 u8 len; 252 u8 oui[3]; 253 u8 oui_type; 254 }; 255 256 struct parsed_vndr_ie_info { 257 u8 *ie_ptr; 258 u32 ie_len; /* total length including id & length field */ 259 struct brcmf_vs_tlv vndrie; 260 }; 261 262 struct parsed_vndr_ies { 263 u32 count; 264 struct parsed_vndr_ie_info ie_info[VNDR_IE_PARSE_LIMIT]; 265 }; 266 267 #define WL_INTERFACE_CREATE_VER_1 1 268 #define WL_INTERFACE_CREATE_VER_2 2 269 #define WL_INTERFACE_CREATE_VER_3 3 270 #define WL_INTERFACE_CREATE_VER_MAX WL_INTERFACE_CREATE_VER_3 271 272 #define WL_INTERFACE_MAC_DONT_USE 0x0 273 #define WL_INTERFACE_MAC_USE 0x2 274 275 #define WL_INTERFACE_CREATE_STA 0x0 276 #define WL_INTERFACE_CREATE_AP 0x1 277 278 struct wl_interface_create_v1 { 279 u16 ver; /* structure version */ 280 u32 flags; /* flags for operation */ 281 u8 mac_addr[ETH_ALEN]; /* MAC address */ 282 u32 wlc_index; /* optional for wlc index */ 283 }; 284 285 struct wl_interface_create_v2 { 286 u16 ver; /* structure version */ 287 u8 pad1[2]; 288 u32 flags; /* flags for operation */ 289 u8 mac_addr[ETH_ALEN]; /* MAC address */ 290 u8 iftype; /* type of interface created */ 291 u8 pad2; 292 u32 wlc_index; /* optional for wlc index */ 293 }; 294 295 struct wl_interface_create_v3 { 296 u16 ver; /* structure version */ 297 u16 len; /* length of structure + data */ 298 u16 fixed_len; /* length of structure */ 299 u8 iftype; /* type of interface created */ 300 u8 wlc_index; /* optional for wlc index */ 301 u32 flags; /* flags for operation */ 302 u8 mac_addr[ETH_ALEN]; /* MAC address */ 303 u8 bssid[ETH_ALEN]; /* optional for BSSID */ 304 u8 if_index; /* interface index request */ 305 u8 pad[3]; 306 u8 data[]; /* Optional for specific data */ 307 }; 308 309 static u8 nl80211_band_to_fwil(enum nl80211_band band) 310 { 311 switch (band) { 312 case NL80211_BAND_2GHZ: 313 return WLC_BAND_2G; 314 case NL80211_BAND_5GHZ: 315 return WLC_BAND_5G; 316 default: 317 WARN_ON(1); 318 break; 319 } 320 return 0; 321 } 322 323 static u16 chandef_to_chanspec(struct brcmu_d11inf *d11inf, 324 struct cfg80211_chan_def *ch) 325 { 326 struct brcmu_chan ch_inf; 327 s32 primary_offset; 328 329 brcmf_dbg(TRACE, "chandef: control %d center %d width %d\n", 330 ch->chan->center_freq, ch->center_freq1, ch->width); 331 ch_inf.chnum = ieee80211_frequency_to_channel(ch->center_freq1); 332 primary_offset = ch->chan->center_freq - ch->center_freq1; 333 switch (ch->width) { 334 case NL80211_CHAN_WIDTH_20: 335 case NL80211_CHAN_WIDTH_20_NOHT: 336 ch_inf.bw = BRCMU_CHAN_BW_20; 337 WARN_ON(primary_offset != 0); 338 break; 339 case NL80211_CHAN_WIDTH_40: 340 ch_inf.bw = BRCMU_CHAN_BW_40; 341 if (primary_offset > 0) 342 ch_inf.sb = BRCMU_CHAN_SB_U; 343 else 344 ch_inf.sb = BRCMU_CHAN_SB_L; 345 break; 346 case NL80211_CHAN_WIDTH_80: 347 ch_inf.bw = BRCMU_CHAN_BW_80; 348 if (primary_offset == -30) 349 ch_inf.sb = BRCMU_CHAN_SB_LL; 350 else if (primary_offset == -10) 351 ch_inf.sb = BRCMU_CHAN_SB_LU; 352 else if (primary_offset == 10) 353 ch_inf.sb = BRCMU_CHAN_SB_UL; 354 else 355 ch_inf.sb = BRCMU_CHAN_SB_UU; 356 break; 357 case NL80211_CHAN_WIDTH_160: 358 ch_inf.bw = BRCMU_CHAN_BW_160; 359 if (primary_offset == -70) 360 ch_inf.sb = BRCMU_CHAN_SB_LLL; 361 else if (primary_offset == -50) 362 ch_inf.sb = BRCMU_CHAN_SB_LLU; 363 else if (primary_offset == -30) 364 ch_inf.sb = BRCMU_CHAN_SB_LUL; 365 else if (primary_offset == -10) 366 ch_inf.sb = BRCMU_CHAN_SB_LUU; 367 else if (primary_offset == 10) 368 ch_inf.sb = BRCMU_CHAN_SB_ULL; 369 else if (primary_offset == 30) 370 ch_inf.sb = BRCMU_CHAN_SB_ULU; 371 else if (primary_offset == 50) 372 ch_inf.sb = BRCMU_CHAN_SB_UUL; 373 else 374 ch_inf.sb = BRCMU_CHAN_SB_UUU; 375 break; 376 case NL80211_CHAN_WIDTH_80P80: 377 case NL80211_CHAN_WIDTH_5: 378 case NL80211_CHAN_WIDTH_10: 379 default: 380 WARN_ON_ONCE(1); 381 } 382 switch (ch->chan->band) { 383 case NL80211_BAND_2GHZ: 384 ch_inf.band = BRCMU_CHAN_BAND_2G; 385 break; 386 case NL80211_BAND_5GHZ: 387 ch_inf.band = BRCMU_CHAN_BAND_5G; 388 break; 389 case NL80211_BAND_60GHZ: 390 default: 391 WARN_ON_ONCE(1); 392 } 393 d11inf->encchspec(&ch_inf); 394 395 brcmf_dbg(TRACE, "chanspec: 0x%x\n", ch_inf.chspec); 396 return ch_inf.chspec; 397 } 398 399 u16 channel_to_chanspec(struct brcmu_d11inf *d11inf, 400 struct ieee80211_channel *ch) 401 { 402 struct brcmu_chan ch_inf; 403 404 ch_inf.chnum = ieee80211_frequency_to_channel(ch->center_freq); 405 ch_inf.bw = BRCMU_CHAN_BW_20; 406 d11inf->encchspec(&ch_inf); 407 408 return ch_inf.chspec; 409 } 410 411 /* Traverse a string of 1-byte tag/1-byte length/variable-length value 412 * triples, returning a pointer to the substring whose first element 413 * matches tag 414 */ 415 static const struct brcmf_tlv * 416 brcmf_parse_tlvs(const void *buf, int buflen, uint key) 417 { 418 const struct brcmf_tlv *elt = buf; 419 int totlen = buflen; 420 421 /* find tagged parameter */ 422 while (totlen >= TLV_HDR_LEN) { 423 int len = elt->len; 424 425 /* validate remaining totlen */ 426 if ((elt->id == key) && (totlen >= (len + TLV_HDR_LEN))) 427 return elt; 428 429 elt = (struct brcmf_tlv *)((u8 *)elt + (len + TLV_HDR_LEN)); 430 totlen -= (len + TLV_HDR_LEN); 431 } 432 433 return NULL; 434 } 435 436 /* Is any of the tlvs the expected entry? If 437 * not update the tlvs buffer pointer/length. 438 */ 439 static bool 440 brcmf_tlv_has_ie(const u8 *ie, const u8 **tlvs, u32 *tlvs_len, 441 const u8 *oui, u32 oui_len, u8 type) 442 { 443 /* If the contents match the OUI and the type */ 444 if (ie[TLV_LEN_OFF] >= oui_len + 1 && 445 !memcmp(&ie[TLV_BODY_OFF], oui, oui_len) && 446 type == ie[TLV_BODY_OFF + oui_len]) { 447 return true; 448 } 449 450 if (tlvs == NULL) 451 return false; 452 /* point to the next ie */ 453 ie += ie[TLV_LEN_OFF] + TLV_HDR_LEN; 454 /* calculate the length of the rest of the buffer */ 455 *tlvs_len -= (int)(ie - *tlvs); 456 /* update the pointer to the start of the buffer */ 457 *tlvs = ie; 458 459 return false; 460 } 461 462 static struct brcmf_vs_tlv * 463 brcmf_find_wpaie(const u8 *parse, u32 len) 464 { 465 const struct brcmf_tlv *ie; 466 467 while ((ie = brcmf_parse_tlvs(parse, len, WLAN_EID_VENDOR_SPECIFIC))) { 468 if (brcmf_tlv_has_ie((const u8 *)ie, &parse, &len, 469 WPA_OUI, TLV_OUI_LEN, WPA_OUI_TYPE)) 470 return (struct brcmf_vs_tlv *)ie; 471 } 472 return NULL; 473 } 474 475 static struct brcmf_vs_tlv * 476 brcmf_find_wpsie(const u8 *parse, u32 len) 477 { 478 const struct brcmf_tlv *ie; 479 480 while ((ie = brcmf_parse_tlvs(parse, len, WLAN_EID_VENDOR_SPECIFIC))) { 481 if (brcmf_tlv_has_ie((u8 *)ie, &parse, &len, 482 WPA_OUI, TLV_OUI_LEN, WPS_OUI_TYPE)) 483 return (struct brcmf_vs_tlv *)ie; 484 } 485 return NULL; 486 } 487 488 static int brcmf_vif_change_validate(struct brcmf_cfg80211_info *cfg, 489 struct brcmf_cfg80211_vif *vif, 490 enum nl80211_iftype new_type) 491 { 492 struct brcmf_cfg80211_vif *pos; 493 bool check_combos = false; 494 int ret = 0; 495 struct iface_combination_params params = { 496 .num_different_channels = 1, 497 }; 498 499 list_for_each_entry(pos, &cfg->vif_list, list) 500 if (pos == vif) { 501 params.iftype_num[new_type]++; 502 } else { 503 /* concurrent interfaces so need check combinations */ 504 check_combos = true; 505 params.iftype_num[pos->wdev.iftype]++; 506 } 507 508 if (check_combos) 509 ret = cfg80211_check_combinations(cfg->wiphy, ¶ms); 510 511 return ret; 512 } 513 514 static int brcmf_vif_add_validate(struct brcmf_cfg80211_info *cfg, 515 enum nl80211_iftype new_type) 516 { 517 struct brcmf_cfg80211_vif *pos; 518 struct iface_combination_params params = { 519 .num_different_channels = 1, 520 }; 521 522 list_for_each_entry(pos, &cfg->vif_list, list) 523 params.iftype_num[pos->wdev.iftype]++; 524 525 params.iftype_num[new_type]++; 526 return cfg80211_check_combinations(cfg->wiphy, ¶ms); 527 } 528 529 static void convert_key_from_CPU(struct brcmf_wsec_key *key, 530 struct brcmf_wsec_key_le *key_le) 531 { 532 key_le->index = cpu_to_le32(key->index); 533 key_le->len = cpu_to_le32(key->len); 534 key_le->algo = cpu_to_le32(key->algo); 535 key_le->flags = cpu_to_le32(key->flags); 536 key_le->rxiv.hi = cpu_to_le32(key->rxiv.hi); 537 key_le->rxiv.lo = cpu_to_le16(key->rxiv.lo); 538 key_le->iv_initialized = cpu_to_le32(key->iv_initialized); 539 memcpy(key_le->data, key->data, sizeof(key->data)); 540 memcpy(key_le->ea, key->ea, sizeof(key->ea)); 541 } 542 543 static int 544 send_key_to_dongle(struct brcmf_if *ifp, struct brcmf_wsec_key *key) 545 { 546 struct brcmf_pub *drvr = ifp->drvr; 547 int err; 548 struct brcmf_wsec_key_le key_le; 549 550 convert_key_from_CPU(key, &key_le); 551 552 brcmf_netdev_wait_pend8021x(ifp); 553 554 err = brcmf_fil_bsscfg_data_set(ifp, "wsec_key", &key_le, 555 sizeof(key_le)); 556 557 if (err) 558 bphy_err(drvr, "wsec_key error (%d)\n", err); 559 return err; 560 } 561 562 static void 563 brcmf_cfg80211_update_proto_addr_mode(struct wireless_dev *wdev) 564 { 565 struct brcmf_cfg80211_vif *vif; 566 struct brcmf_if *ifp; 567 568 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev); 569 ifp = vif->ifp; 570 571 if ((wdev->iftype == NL80211_IFTYPE_ADHOC) || 572 (wdev->iftype == NL80211_IFTYPE_AP) || 573 (wdev->iftype == NL80211_IFTYPE_P2P_GO)) 574 brcmf_proto_configure_addr_mode(ifp->drvr, ifp->ifidx, 575 ADDR_DIRECT); 576 else 577 brcmf_proto_configure_addr_mode(ifp->drvr, ifp->ifidx, 578 ADDR_INDIRECT); 579 } 580 581 static int brcmf_get_first_free_bsscfgidx(struct brcmf_pub *drvr) 582 { 583 int bsscfgidx; 584 585 for (bsscfgidx = 0; bsscfgidx < BRCMF_MAX_IFS; bsscfgidx++) { 586 /* bsscfgidx 1 is reserved for legacy P2P */ 587 if (bsscfgidx == 1) 588 continue; 589 if (!drvr->iflist[bsscfgidx]) 590 return bsscfgidx; 591 } 592 593 return -ENOMEM; 594 } 595 596 static void brcmf_set_vif_sta_macaddr(struct brcmf_if *ifp, u8 *mac_addr) 597 { 598 u8 mac_idx = ifp->drvr->sta_mac_idx; 599 600 /* set difference MAC address with locally administered bit */ 601 memcpy(mac_addr, ifp->mac_addr, ETH_ALEN); 602 mac_addr[0] |= 0x02; 603 mac_addr[3] ^= mac_idx ? 0xC0 : 0xA0; 604 mac_idx++; 605 mac_idx = mac_idx % 2; 606 ifp->drvr->sta_mac_idx = mac_idx; 607 } 608 609 static int brcmf_cfg80211_request_sta_if(struct brcmf_if *ifp, u8 *macaddr) 610 { 611 struct wl_interface_create_v1 iface_v1; 612 struct wl_interface_create_v2 iface_v2; 613 struct wl_interface_create_v3 iface_v3; 614 u32 iface_create_ver; 615 int err; 616 617 /* interface_create version 1 */ 618 memset(&iface_v1, 0, sizeof(iface_v1)); 619 iface_v1.ver = WL_INTERFACE_CREATE_VER_1; 620 iface_v1.flags = WL_INTERFACE_CREATE_STA | 621 WL_INTERFACE_MAC_USE; 622 if (!is_zero_ether_addr(macaddr)) 623 memcpy(iface_v1.mac_addr, macaddr, ETH_ALEN); 624 else 625 brcmf_set_vif_sta_macaddr(ifp, iface_v1.mac_addr); 626 627 err = brcmf_fil_iovar_data_get(ifp, "interface_create", 628 &iface_v1, 629 sizeof(iface_v1)); 630 if (err) { 631 brcmf_info("failed to create interface(v1), err=%d\n", 632 err); 633 } else { 634 brcmf_dbg(INFO, "interface created(v1)\n"); 635 return 0; 636 } 637 638 /* interface_create version 2 */ 639 memset(&iface_v2, 0, sizeof(iface_v2)); 640 iface_v2.ver = WL_INTERFACE_CREATE_VER_2; 641 iface_v2.flags = WL_INTERFACE_MAC_USE; 642 iface_v2.iftype = WL_INTERFACE_CREATE_STA; 643 if (!is_zero_ether_addr(macaddr)) 644 memcpy(iface_v2.mac_addr, macaddr, ETH_ALEN); 645 else 646 brcmf_set_vif_sta_macaddr(ifp, iface_v2.mac_addr); 647 648 err = brcmf_fil_iovar_data_get(ifp, "interface_create", 649 &iface_v2, 650 sizeof(iface_v2)); 651 if (err) { 652 brcmf_info("failed to create interface(v2), err=%d\n", 653 err); 654 } else { 655 brcmf_dbg(INFO, "interface created(v2)\n"); 656 return 0; 657 } 658 659 /* interface_create version 3+ */ 660 /* get supported version from firmware side */ 661 iface_create_ver = 0; 662 err = brcmf_fil_bsscfg_int_get(ifp, "interface_create", 663 &iface_create_ver); 664 if (err) { 665 brcmf_err("fail to get supported version, err=%d\n", err); 666 return -EOPNOTSUPP; 667 } 668 669 switch (iface_create_ver) { 670 case WL_INTERFACE_CREATE_VER_3: 671 memset(&iface_v3, 0, sizeof(iface_v3)); 672 iface_v3.ver = WL_INTERFACE_CREATE_VER_3; 673 iface_v3.flags = WL_INTERFACE_MAC_USE; 674 iface_v3.iftype = WL_INTERFACE_CREATE_STA; 675 if (!is_zero_ether_addr(macaddr)) 676 memcpy(iface_v3.mac_addr, macaddr, ETH_ALEN); 677 else 678 brcmf_set_vif_sta_macaddr(ifp, iface_v3.mac_addr); 679 680 err = brcmf_fil_iovar_data_get(ifp, "interface_create", 681 &iface_v3, 682 sizeof(iface_v3)); 683 684 if (!err) 685 brcmf_dbg(INFO, "interface created(v3)\n"); 686 break; 687 default: 688 brcmf_err("not support interface create(v%d)\n", 689 iface_create_ver); 690 err = -EOPNOTSUPP; 691 break; 692 } 693 694 if (err) { 695 brcmf_info("station interface creation failed (%d)\n", 696 err); 697 return -EIO; 698 } 699 700 return 0; 701 } 702 703 static int brcmf_cfg80211_request_ap_if(struct brcmf_if *ifp) 704 { 705 struct wl_interface_create_v1 iface_v1; 706 struct wl_interface_create_v2 iface_v2; 707 struct wl_interface_create_v3 iface_v3; 708 u32 iface_create_ver; 709 struct brcmf_pub *drvr = ifp->drvr; 710 struct brcmf_mbss_ssid_le mbss_ssid_le; 711 int bsscfgidx; 712 int err; 713 714 /* interface_create version 1 */ 715 memset(&iface_v1, 0, sizeof(iface_v1)); 716 iface_v1.ver = WL_INTERFACE_CREATE_VER_1; 717 iface_v1.flags = WL_INTERFACE_CREATE_AP | 718 WL_INTERFACE_MAC_USE; 719 720 brcmf_set_vif_sta_macaddr(ifp, iface_v1.mac_addr); 721 722 err = brcmf_fil_iovar_data_get(ifp, "interface_create", 723 &iface_v1, 724 sizeof(iface_v1)); 725 if (err) { 726 brcmf_info("failed to create interface(v1), err=%d\n", 727 err); 728 } else { 729 brcmf_dbg(INFO, "interface created(v1)\n"); 730 return 0; 731 } 732 733 /* interface_create version 2 */ 734 memset(&iface_v2, 0, sizeof(iface_v2)); 735 iface_v2.ver = WL_INTERFACE_CREATE_VER_2; 736 iface_v2.flags = WL_INTERFACE_MAC_USE; 737 iface_v2.iftype = WL_INTERFACE_CREATE_AP; 738 739 brcmf_set_vif_sta_macaddr(ifp, iface_v2.mac_addr); 740 741 err = brcmf_fil_iovar_data_get(ifp, "interface_create", 742 &iface_v2, 743 sizeof(iface_v2)); 744 if (err) { 745 brcmf_info("failed to create interface(v2), err=%d\n", 746 err); 747 } else { 748 brcmf_dbg(INFO, "interface created(v2)\n"); 749 return 0; 750 } 751 752 /* interface_create version 3+ */ 753 /* get supported version from firmware side */ 754 iface_create_ver = 0; 755 err = brcmf_fil_bsscfg_int_get(ifp, "interface_create", 756 &iface_create_ver); 757 if (err) { 758 brcmf_err("fail to get supported version, err=%d\n", err); 759 return -EOPNOTSUPP; 760 } 761 762 switch (iface_create_ver) { 763 case WL_INTERFACE_CREATE_VER_3: 764 memset(&iface_v3, 0, sizeof(iface_v3)); 765 iface_v3.ver = WL_INTERFACE_CREATE_VER_3; 766 iface_v3.flags = WL_INTERFACE_MAC_USE; 767 iface_v3.iftype = WL_INTERFACE_CREATE_AP; 768 brcmf_set_vif_sta_macaddr(ifp, iface_v3.mac_addr); 769 770 err = brcmf_fil_iovar_data_get(ifp, "interface_create", 771 &iface_v3, 772 sizeof(iface_v3)); 773 774 if (!err) 775 brcmf_dbg(INFO, "interface created(v3)\n"); 776 break; 777 default: 778 brcmf_err("not support interface create(v%d)\n", 779 iface_create_ver); 780 err = -EOPNOTSUPP; 781 break; 782 } 783 784 if (err) { 785 brcmf_info("Does not support interface_create (%d)\n", 786 err); 787 memset(&mbss_ssid_le, 0, sizeof(mbss_ssid_le)); 788 bsscfgidx = brcmf_get_first_free_bsscfgidx(ifp->drvr); 789 if (bsscfgidx < 0) 790 return bsscfgidx; 791 792 mbss_ssid_le.bsscfgidx = cpu_to_le32(bsscfgidx); 793 mbss_ssid_le.SSID_len = cpu_to_le32(5); 794 sprintf(mbss_ssid_le.SSID, "ssid%d", bsscfgidx); 795 796 err = brcmf_fil_bsscfg_data_set(ifp, "bsscfg:ssid", &mbss_ssid_le, 797 sizeof(mbss_ssid_le)); 798 799 if (err < 0) 800 bphy_err(drvr, "setting ssid failed %d\n", err); 801 } 802 803 return err; 804 } 805 806 /** 807 * brcmf_apsta_add_vif() - create a new AP or STA virtual interface 808 * 809 * @wiphy: wiphy device of new interface. 810 * @name: name of the new interface. 811 * @params: contains mac address for AP or STA device. 812 * @type: interface type. 813 */ 814 static 815 struct wireless_dev *brcmf_apsta_add_vif(struct wiphy *wiphy, const char *name, 816 struct vif_params *params, 817 enum nl80211_iftype type) 818 { 819 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 820 struct brcmf_if *ifp = netdev_priv(cfg_to_ndev(cfg)); 821 struct brcmf_pub *drvr = cfg->pub; 822 struct brcmf_cfg80211_vif *vif; 823 int err; 824 825 if (type != NL80211_IFTYPE_STATION && type != NL80211_IFTYPE_AP) 826 return ERR_PTR(-EINVAL); 827 828 if (brcmf_cfg80211_vif_event_armed(cfg)) 829 return ERR_PTR(-EBUSY); 830 831 brcmf_dbg(INFO, "Adding vif \"%s\"\n", name); 832 833 vif = brcmf_alloc_vif(cfg, type); 834 if (IS_ERR(vif)) 835 return (struct wireless_dev *)vif; 836 837 brcmf_cfg80211_arm_vif_event(cfg, vif); 838 839 if (type == NL80211_IFTYPE_STATION) 840 err = brcmf_cfg80211_request_sta_if(ifp, params->macaddr); 841 else 842 err = brcmf_cfg80211_request_ap_if(ifp); 843 if (err) { 844 brcmf_cfg80211_arm_vif_event(cfg, NULL); 845 goto fail; 846 } 847 848 /* wait for firmware event */ 849 err = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_ADD, 850 BRCMF_VIF_EVENT_TIMEOUT); 851 brcmf_cfg80211_arm_vif_event(cfg, NULL); 852 if (!err) { 853 bphy_err(drvr, "timeout occurred\n"); 854 err = -EIO; 855 goto fail; 856 } 857 858 /* interface created in firmware */ 859 ifp = vif->ifp; 860 if (!ifp) { 861 bphy_err(drvr, "no if pointer provided\n"); 862 err = -ENOENT; 863 goto fail; 864 } 865 866 strncpy(ifp->ndev->name, name, sizeof(ifp->ndev->name) - 1); 867 err = brcmf_net_attach(ifp, true); 868 if (err) { 869 bphy_err(drvr, "Registering netdevice failed\n"); 870 free_netdev(ifp->ndev); 871 goto fail; 872 } 873 874 return &ifp->vif->wdev; 875 876 fail: 877 brcmf_free_vif(vif); 878 return ERR_PTR(err); 879 } 880 881 static bool brcmf_is_apmode(struct brcmf_cfg80211_vif *vif) 882 { 883 enum nl80211_iftype iftype; 884 885 iftype = vif->wdev.iftype; 886 return iftype == NL80211_IFTYPE_AP || iftype == NL80211_IFTYPE_P2P_GO; 887 } 888 889 static bool brcmf_is_ibssmode(struct brcmf_cfg80211_vif *vif) 890 { 891 return vif->wdev.iftype == NL80211_IFTYPE_ADHOC; 892 } 893 894 /** 895 * brcmf_mon_add_vif() - create monitor mode virtual interface 896 * 897 * @wiphy: wiphy device of new interface. 898 * @name: name of the new interface. 899 */ 900 static struct wireless_dev *brcmf_mon_add_vif(struct wiphy *wiphy, 901 const char *name) 902 { 903 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 904 struct brcmf_cfg80211_vif *vif; 905 struct net_device *ndev; 906 struct brcmf_if *ifp; 907 int err; 908 909 if (cfg->pub->mon_if) { 910 err = -EEXIST; 911 goto err_out; 912 } 913 914 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_MONITOR); 915 if (IS_ERR(vif)) { 916 err = PTR_ERR(vif); 917 goto err_out; 918 } 919 920 ndev = alloc_netdev(sizeof(*ifp), name, NET_NAME_UNKNOWN, ether_setup); 921 if (!ndev) { 922 err = -ENOMEM; 923 goto err_free_vif; 924 } 925 ndev->type = ARPHRD_IEEE80211_RADIOTAP; 926 ndev->ieee80211_ptr = &vif->wdev; 927 ndev->needs_free_netdev = true; 928 ndev->priv_destructor = brcmf_cfg80211_free_netdev; 929 SET_NETDEV_DEV(ndev, wiphy_dev(cfg->wiphy)); 930 931 ifp = netdev_priv(ndev); 932 ifp->vif = vif; 933 ifp->ndev = ndev; 934 ifp->drvr = cfg->pub; 935 936 vif->ifp = ifp; 937 vif->wdev.netdev = ndev; 938 939 err = brcmf_net_mon_attach(ifp); 940 if (err) { 941 brcmf_err("Failed to attach %s device\n", ndev->name); 942 free_netdev(ndev); 943 goto err_free_vif; 944 } 945 946 cfg->pub->mon_if = ifp; 947 948 return &vif->wdev; 949 950 err_free_vif: 951 brcmf_free_vif(vif); 952 err_out: 953 return ERR_PTR(err); 954 } 955 956 static int brcmf_mon_del_vif(struct wiphy *wiphy, struct wireless_dev *wdev) 957 { 958 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 959 struct net_device *ndev = wdev->netdev; 960 961 ndev->netdev_ops->ndo_stop(ndev); 962 963 brcmf_net_detach(ndev, true); 964 965 cfg->pub->mon_if = NULL; 966 967 return 0; 968 } 969 970 static struct wireless_dev *brcmf_cfg80211_add_iface(struct wiphy *wiphy, 971 const char *name, 972 unsigned char name_assign_type, 973 enum nl80211_iftype type, 974 struct vif_params *params) 975 { 976 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 977 struct brcmf_pub *drvr = cfg->pub; 978 struct wireless_dev *wdev; 979 int err; 980 981 brcmf_dbg(TRACE, "enter: %s type %d\n", name, type); 982 err = brcmf_vif_add_validate(wiphy_to_cfg(wiphy), type); 983 if (err) { 984 bphy_err(drvr, "iface validation failed: err=%d\n", err); 985 return ERR_PTR(err); 986 } 987 switch (type) { 988 case NL80211_IFTYPE_ADHOC: 989 case NL80211_IFTYPE_AP_VLAN: 990 case NL80211_IFTYPE_WDS: 991 case NL80211_IFTYPE_MESH_POINT: 992 return ERR_PTR(-EOPNOTSUPP); 993 case NL80211_IFTYPE_MONITOR: 994 return brcmf_mon_add_vif(wiphy, name); 995 case NL80211_IFTYPE_STATION: 996 case NL80211_IFTYPE_AP: 997 wdev = brcmf_apsta_add_vif(wiphy, name, params, type); 998 break; 999 case NL80211_IFTYPE_P2P_CLIENT: 1000 case NL80211_IFTYPE_P2P_GO: 1001 case NL80211_IFTYPE_P2P_DEVICE: 1002 wdev = brcmf_p2p_add_vif(wiphy, name, name_assign_type, type, params); 1003 break; 1004 case NL80211_IFTYPE_UNSPECIFIED: 1005 default: 1006 return ERR_PTR(-EINVAL); 1007 } 1008 1009 if (IS_ERR(wdev)) 1010 bphy_err(drvr, "add iface %s type %d failed: err=%d\n", name, 1011 type, (int)PTR_ERR(wdev)); 1012 else 1013 brcmf_cfg80211_update_proto_addr_mode(wdev); 1014 1015 return wdev; 1016 } 1017 1018 static void brcmf_scan_config_mpc(struct brcmf_if *ifp, int mpc) 1019 { 1020 if (brcmf_feat_is_quirk_enabled(ifp, BRCMF_FEAT_QUIRK_NEED_MPC)) 1021 brcmf_set_mpc(ifp, mpc); 1022 } 1023 1024 void brcmf_set_mpc(struct brcmf_if *ifp, int mpc) 1025 { 1026 struct brcmf_pub *drvr = ifp->drvr; 1027 s32 err = 0; 1028 1029 if (check_vif_up(ifp->vif)) { 1030 err = brcmf_fil_iovar_int_set(ifp, "mpc", mpc); 1031 if (err) { 1032 bphy_err(drvr, "fail to set mpc\n"); 1033 return; 1034 } 1035 brcmf_dbg(INFO, "MPC : %d\n", mpc); 1036 } 1037 } 1038 1039 s32 brcmf_notify_escan_complete(struct brcmf_cfg80211_info *cfg, 1040 struct brcmf_if *ifp, bool aborted, 1041 bool fw_abort) 1042 { 1043 struct brcmf_pub *drvr = cfg->pub; 1044 struct brcmf_scan_params_le params_le; 1045 struct cfg80211_scan_request *scan_request; 1046 u64 reqid; 1047 u32 bucket; 1048 s32 err = 0; 1049 1050 brcmf_dbg(SCAN, "Enter\n"); 1051 1052 /* clear scan request, because the FW abort can cause a second call */ 1053 /* to this functon and might cause a double cfg80211_scan_done */ 1054 scan_request = cfg->scan_request; 1055 cfg->scan_request = NULL; 1056 1057 if (timer_pending(&cfg->escan_timeout)) 1058 del_timer_sync(&cfg->escan_timeout); 1059 1060 if (fw_abort) { 1061 /* Do a scan abort to stop the driver's scan engine */ 1062 brcmf_dbg(SCAN, "ABORT scan in firmware\n"); 1063 memset(¶ms_le, 0, sizeof(params_le)); 1064 eth_broadcast_addr(params_le.bssid); 1065 params_le.bss_type = DOT11_BSSTYPE_ANY; 1066 params_le.scan_type = 0; 1067 params_le.channel_num = cpu_to_le32(1); 1068 params_le.nprobes = cpu_to_le32(1); 1069 params_le.active_time = cpu_to_le32(-1); 1070 params_le.passive_time = cpu_to_le32(-1); 1071 params_le.home_time = cpu_to_le32(-1); 1072 /* Scan is aborted by setting channel_list[0] to -1 */ 1073 params_le.channel_list[0] = cpu_to_le16(-1); 1074 /* E-Scan (or anyother type) can be aborted by SCAN */ 1075 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SCAN, 1076 ¶ms_le, sizeof(params_le)); 1077 if (err) 1078 bphy_err(drvr, "Scan abort failed\n"); 1079 } 1080 1081 brcmf_scan_config_mpc(ifp, 1); 1082 1083 /* 1084 * e-scan can be initiated internally 1085 * which takes precedence. 1086 */ 1087 if (cfg->int_escan_map) { 1088 brcmf_dbg(SCAN, "scheduled scan completed (%x)\n", 1089 cfg->int_escan_map); 1090 while (cfg->int_escan_map) { 1091 bucket = __ffs(cfg->int_escan_map); 1092 cfg->int_escan_map &= ~BIT(bucket); 1093 reqid = brcmf_pno_find_reqid_by_bucket(cfg->pno, 1094 bucket); 1095 if (!aborted) { 1096 brcmf_dbg(SCAN, "report results: reqid=%llu\n", 1097 reqid); 1098 cfg80211_sched_scan_results(cfg_to_wiphy(cfg), 1099 reqid); 1100 } 1101 } 1102 } else if (scan_request) { 1103 struct cfg80211_scan_info info = { 1104 .aborted = aborted, 1105 }; 1106 1107 brcmf_dbg(SCAN, "ESCAN Completed scan: %s\n", 1108 aborted ? "Aborted" : "Done"); 1109 cfg80211_scan_done(scan_request, &info); 1110 } 1111 if (!test_and_clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) 1112 brcmf_dbg(SCAN, "Scan complete, probably P2P scan\n"); 1113 1114 return err; 1115 } 1116 1117 static int brcmf_cfg80211_del_apsta_iface(struct wiphy *wiphy, 1118 struct wireless_dev *wdev) 1119 { 1120 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 1121 struct net_device *ndev = wdev->netdev; 1122 struct brcmf_if *ifp = netdev_priv(ndev); 1123 struct brcmf_pub *drvr = cfg->pub; 1124 int ret; 1125 int err; 1126 1127 brcmf_cfg80211_arm_vif_event(cfg, ifp->vif); 1128 1129 err = brcmf_fil_bsscfg_data_set(ifp, "interface_remove", NULL, 0); 1130 if (err) { 1131 bphy_err(drvr, "interface_remove failed %d\n", err); 1132 goto err_unarm; 1133 } 1134 1135 /* wait for firmware event */ 1136 ret = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_DEL, 1137 BRCMF_VIF_EVENT_TIMEOUT); 1138 if (!ret) { 1139 bphy_err(drvr, "timeout occurred\n"); 1140 err = -EIO; 1141 goto err_unarm; 1142 } 1143 1144 brcmf_remove_interface(ifp, true); 1145 1146 err_unarm: 1147 brcmf_cfg80211_arm_vif_event(cfg, NULL); 1148 return err; 1149 } 1150 1151 static 1152 int brcmf_cfg80211_del_iface(struct wiphy *wiphy, struct wireless_dev *wdev) 1153 { 1154 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 1155 struct net_device *ndev = wdev->netdev; 1156 1157 if (ndev && ndev == cfg_to_ndev(cfg)) 1158 return -ENOTSUPP; 1159 1160 /* vif event pending in firmware */ 1161 if (brcmf_cfg80211_vif_event_armed(cfg)) 1162 return -EBUSY; 1163 1164 if (ndev) { 1165 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status) && 1166 cfg->escan_info.ifp == netdev_priv(ndev)) 1167 brcmf_notify_escan_complete(cfg, netdev_priv(ndev), 1168 true, true); 1169 1170 brcmf_fil_iovar_int_set(netdev_priv(ndev), "mpc", 1); 1171 } 1172 1173 switch (wdev->iftype) { 1174 case NL80211_IFTYPE_ADHOC: 1175 case NL80211_IFTYPE_AP_VLAN: 1176 case NL80211_IFTYPE_WDS: 1177 case NL80211_IFTYPE_MESH_POINT: 1178 return -EOPNOTSUPP; 1179 case NL80211_IFTYPE_MONITOR: 1180 return brcmf_mon_del_vif(wiphy, wdev); 1181 case NL80211_IFTYPE_STATION: 1182 case NL80211_IFTYPE_AP: 1183 return brcmf_cfg80211_del_apsta_iface(wiphy, wdev); 1184 case NL80211_IFTYPE_P2P_CLIENT: 1185 case NL80211_IFTYPE_P2P_GO: 1186 case NL80211_IFTYPE_P2P_DEVICE: 1187 return brcmf_p2p_del_vif(wiphy, wdev); 1188 case NL80211_IFTYPE_UNSPECIFIED: 1189 default: 1190 return -EINVAL; 1191 } 1192 return -EOPNOTSUPP; 1193 } 1194 1195 static s32 1196 brcmf_cfg80211_change_iface(struct wiphy *wiphy, struct net_device *ndev, 1197 enum nl80211_iftype type, 1198 struct vif_params *params) 1199 { 1200 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 1201 struct brcmf_if *ifp = netdev_priv(ndev); 1202 struct brcmf_cfg80211_vif *vif = ifp->vif; 1203 struct brcmf_pub *drvr = cfg->pub; 1204 s32 infra = 0; 1205 s32 ap = 0; 1206 s32 err = 0; 1207 1208 brcmf_dbg(TRACE, "Enter, bsscfgidx=%d, type=%d\n", ifp->bsscfgidx, 1209 type); 1210 1211 /* WAR: There are a number of p2p interface related problems which 1212 * need to be handled initially (before doing the validate). 1213 * wpa_supplicant tends to do iface changes on p2p device/client/go 1214 * which are not always possible/allowed. However we need to return 1215 * OK otherwise the wpa_supplicant wont start. The situation differs 1216 * on configuration and setup (p2pon=1 module param). The first check 1217 * is to see if the request is a change to station for p2p iface. 1218 */ 1219 if ((type == NL80211_IFTYPE_STATION) && 1220 ((vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT) || 1221 (vif->wdev.iftype == NL80211_IFTYPE_P2P_GO) || 1222 (vif->wdev.iftype == NL80211_IFTYPE_P2P_DEVICE))) { 1223 brcmf_dbg(TRACE, "Ignoring cmd for p2p if\n"); 1224 /* Now depending on whether module param p2pon=1 was used the 1225 * response needs to be either 0 or EOPNOTSUPP. The reason is 1226 * that if p2pon=1 is used, but a newer supplicant is used then 1227 * we should return an error, as this combination wont work. 1228 * In other situations 0 is returned and supplicant will start 1229 * normally. It will give a trace in cfg80211, but it is the 1230 * only way to get it working. Unfortunately this will result 1231 * in situation where we wont support new supplicant in 1232 * combination with module param p2pon=1, but that is the way 1233 * it is. If the user tries this then unloading of driver might 1234 * fail/lock. 1235 */ 1236 if (cfg->p2p.p2pdev_dynamically) 1237 return -EOPNOTSUPP; 1238 else 1239 return 0; 1240 } 1241 err = brcmf_vif_change_validate(wiphy_to_cfg(wiphy), vif, type); 1242 if (err) { 1243 bphy_err(drvr, "iface validation failed: err=%d\n", err); 1244 return err; 1245 } 1246 switch (type) { 1247 case NL80211_IFTYPE_MONITOR: 1248 case NL80211_IFTYPE_WDS: 1249 bphy_err(drvr, "type (%d) : currently we do not support this type\n", 1250 type); 1251 return -EOPNOTSUPP; 1252 case NL80211_IFTYPE_ADHOC: 1253 infra = 0; 1254 break; 1255 case NL80211_IFTYPE_STATION: 1256 infra = 1; 1257 break; 1258 case NL80211_IFTYPE_AP: 1259 case NL80211_IFTYPE_P2P_GO: 1260 ap = 1; 1261 break; 1262 default: 1263 err = -EINVAL; 1264 goto done; 1265 } 1266 1267 if (ap) { 1268 if (type == NL80211_IFTYPE_P2P_GO) { 1269 brcmf_dbg(INFO, "IF Type = P2P GO\n"); 1270 err = brcmf_p2p_ifchange(cfg, BRCMF_FIL_P2P_IF_GO); 1271 } 1272 if (!err) { 1273 brcmf_dbg(INFO, "IF Type = AP\n"); 1274 } 1275 } else { 1276 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_INFRA, infra); 1277 if (err) { 1278 bphy_err(drvr, "WLC_SET_INFRA error (%d)\n", err); 1279 err = -EAGAIN; 1280 goto done; 1281 } 1282 brcmf_dbg(INFO, "IF Type = %s\n", brcmf_is_ibssmode(vif) ? 1283 "Adhoc" : "Infra"); 1284 } 1285 ndev->ieee80211_ptr->iftype = type; 1286 1287 brcmf_cfg80211_update_proto_addr_mode(&vif->wdev); 1288 1289 done: 1290 brcmf_dbg(TRACE, "Exit\n"); 1291 1292 return err; 1293 } 1294 1295 static void brcmf_escan_prep(struct brcmf_cfg80211_info *cfg, 1296 struct brcmf_scan_params_le *params_le, 1297 struct cfg80211_scan_request *request) 1298 { 1299 u32 n_ssids; 1300 u32 n_channels; 1301 s32 i; 1302 s32 offset; 1303 u16 chanspec; 1304 char *ptr; 1305 struct brcmf_ssid_le ssid_le; 1306 1307 eth_broadcast_addr(params_le->bssid); 1308 params_le->bss_type = DOT11_BSSTYPE_ANY; 1309 params_le->scan_type = BRCMF_SCANTYPE_ACTIVE; 1310 params_le->channel_num = 0; 1311 params_le->nprobes = cpu_to_le32(-1); 1312 params_le->active_time = cpu_to_le32(-1); 1313 params_le->passive_time = cpu_to_le32(-1); 1314 params_le->home_time = cpu_to_le32(-1); 1315 memset(¶ms_le->ssid_le, 0, sizeof(params_le->ssid_le)); 1316 1317 n_ssids = request->n_ssids; 1318 n_channels = request->n_channels; 1319 1320 /* Copy channel array if applicable */ 1321 brcmf_dbg(SCAN, "### List of channelspecs to scan ### %d\n", 1322 n_channels); 1323 if (n_channels > 0) { 1324 for (i = 0; i < n_channels; i++) { 1325 chanspec = channel_to_chanspec(&cfg->d11inf, 1326 request->channels[i]); 1327 brcmf_dbg(SCAN, "Chan : %d, Channel spec: %x\n", 1328 request->channels[i]->hw_value, chanspec); 1329 params_le->channel_list[i] = cpu_to_le16(chanspec); 1330 } 1331 } else { 1332 brcmf_dbg(SCAN, "Scanning all channels\n"); 1333 } 1334 /* Copy ssid array if applicable */ 1335 brcmf_dbg(SCAN, "### List of SSIDs to scan ### %d\n", n_ssids); 1336 if (n_ssids > 0) { 1337 offset = offsetof(struct brcmf_scan_params_le, channel_list) + 1338 n_channels * sizeof(u16); 1339 offset = roundup(offset, sizeof(u32)); 1340 ptr = (char *)params_le + offset; 1341 for (i = 0; i < n_ssids; i++) { 1342 memset(&ssid_le, 0, sizeof(ssid_le)); 1343 ssid_le.SSID_len = 1344 cpu_to_le32(request->ssids[i].ssid_len); 1345 memcpy(ssid_le.SSID, request->ssids[i].ssid, 1346 request->ssids[i].ssid_len); 1347 if (!ssid_le.SSID_len) 1348 brcmf_dbg(SCAN, "%d: Broadcast scan\n", i); 1349 else 1350 brcmf_dbg(SCAN, "%d: scan for %.32s size=%d\n", 1351 i, ssid_le.SSID, ssid_le.SSID_len); 1352 memcpy(ptr, &ssid_le, sizeof(ssid_le)); 1353 ptr += sizeof(ssid_le); 1354 } 1355 } else { 1356 brcmf_dbg(SCAN, "Performing passive scan\n"); 1357 params_le->scan_type = BRCMF_SCANTYPE_PASSIVE; 1358 } 1359 /* Adding mask to channel numbers */ 1360 params_le->channel_num = 1361 cpu_to_le32((n_ssids << BRCMF_SCAN_PARAMS_NSSID_SHIFT) | 1362 (n_channels & BRCMF_SCAN_PARAMS_COUNT_MASK)); 1363 } 1364 1365 static s32 1366 brcmf_run_escan(struct brcmf_cfg80211_info *cfg, struct brcmf_if *ifp, 1367 struct cfg80211_scan_request *request) 1368 { 1369 struct brcmf_pub *drvr = cfg->pub; 1370 s32 params_size = BRCMF_SCAN_PARAMS_FIXED_SIZE + 1371 offsetof(struct brcmf_escan_params_le, params_le); 1372 struct brcmf_escan_params_le *params; 1373 s32 err = 0; 1374 1375 brcmf_dbg(SCAN, "E-SCAN START\n"); 1376 1377 if (request != NULL) { 1378 /* Allocate space for populating ssids in struct */ 1379 params_size += sizeof(u32) * ((request->n_channels + 1) / 2); 1380 1381 /* Allocate space for populating ssids in struct */ 1382 params_size += sizeof(struct brcmf_ssid_le) * request->n_ssids; 1383 } 1384 1385 params = kzalloc(params_size, GFP_KERNEL); 1386 if (!params) { 1387 err = -ENOMEM; 1388 goto exit; 1389 } 1390 BUG_ON(params_size + sizeof("escan") >= BRCMF_DCMD_MEDLEN); 1391 brcmf_escan_prep(cfg, ¶ms->params_le, request); 1392 params->version = cpu_to_le32(BRCMF_ESCAN_REQ_VERSION); 1393 params->action = cpu_to_le16(WL_ESCAN_ACTION_START); 1394 params->sync_id = cpu_to_le16(0x1234); 1395 1396 err = brcmf_fil_iovar_data_set(ifp, "escan", params, params_size); 1397 if (err) { 1398 if (err == -EBUSY) 1399 brcmf_dbg(INFO, "system busy : escan canceled\n"); 1400 else 1401 bphy_err(drvr, "error (%d)\n", err); 1402 } 1403 1404 kfree(params); 1405 exit: 1406 return err; 1407 } 1408 1409 static s32 1410 brcmf_do_escan(struct brcmf_if *ifp, struct cfg80211_scan_request *request) 1411 { 1412 struct brcmf_cfg80211_info *cfg = ifp->drvr->config; 1413 s32 err; 1414 struct brcmf_scan_results *results; 1415 struct escan_info *escan = &cfg->escan_info; 1416 1417 brcmf_dbg(SCAN, "Enter\n"); 1418 escan->ifp = ifp; 1419 escan->wiphy = cfg->wiphy; 1420 escan->escan_state = WL_ESCAN_STATE_SCANNING; 1421 1422 brcmf_scan_config_mpc(ifp, 0); 1423 results = (struct brcmf_scan_results *)cfg->escan_info.escan_buf; 1424 results->version = 0; 1425 results->count = 0; 1426 results->buflen = WL_ESCAN_RESULTS_FIXED_SIZE; 1427 1428 err = escan->run(cfg, ifp, request); 1429 if (err) 1430 brcmf_scan_config_mpc(ifp, 1); 1431 return err; 1432 } 1433 1434 static s32 1435 brcmf_cfg80211_scan(struct wiphy *wiphy, struct cfg80211_scan_request *request) 1436 { 1437 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 1438 struct brcmf_pub *drvr = cfg->pub; 1439 struct brcmf_cfg80211_vif *vif; 1440 s32 err = 0; 1441 1442 brcmf_dbg(TRACE, "Enter\n"); 1443 vif = container_of(request->wdev, struct brcmf_cfg80211_vif, wdev); 1444 if (!check_vif_up(vif)) 1445 return -EIO; 1446 1447 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) { 1448 bphy_err(drvr, "Scanning already: status (%lu)\n", 1449 cfg->scan_status); 1450 return -EAGAIN; 1451 } 1452 if (test_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status)) { 1453 bphy_err(drvr, "Scanning being aborted: status (%lu)\n", 1454 cfg->scan_status); 1455 return -EAGAIN; 1456 } 1457 if (test_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status)) { 1458 bphy_err(drvr, "Scanning suppressed: status (%lu)\n", 1459 cfg->scan_status); 1460 return -EAGAIN; 1461 } 1462 if (test_bit(BRCMF_VIF_STATUS_CONNECTING, &vif->sme_state)) { 1463 bphy_err(drvr, "Connecting: status (%lu)\n", vif->sme_state); 1464 return -EAGAIN; 1465 } 1466 1467 /* If scan req comes for p2p0, send it over primary I/F */ 1468 if (vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif) 1469 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif; 1470 1471 brcmf_dbg(SCAN, "START ESCAN\n"); 1472 1473 cfg->scan_request = request; 1474 set_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status); 1475 1476 cfg->escan_info.run = brcmf_run_escan; 1477 err = brcmf_p2p_scan_prep(wiphy, request, vif); 1478 if (err) 1479 goto scan_out; 1480 1481 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_PRBREQ_FLAG, 1482 request->ie, request->ie_len); 1483 if (err) 1484 goto scan_out; 1485 1486 err = brcmf_do_escan(vif->ifp, request); 1487 if (err) 1488 goto scan_out; 1489 1490 /* Arm scan timeout timer */ 1491 mod_timer(&cfg->escan_timeout, 1492 jiffies + msecs_to_jiffies(BRCMF_ESCAN_TIMER_INTERVAL_MS)); 1493 1494 return 0; 1495 1496 scan_out: 1497 bphy_err(drvr, "scan error (%d)\n", err); 1498 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status); 1499 cfg->scan_request = NULL; 1500 return err; 1501 } 1502 1503 static s32 brcmf_set_rts(struct net_device *ndev, u32 rts_threshold) 1504 { 1505 struct brcmf_if *ifp = netdev_priv(ndev); 1506 struct brcmf_pub *drvr = ifp->drvr; 1507 s32 err = 0; 1508 1509 err = brcmf_fil_iovar_int_set(ifp, "rtsthresh", rts_threshold); 1510 if (err) 1511 bphy_err(drvr, "Error (%d)\n", err); 1512 1513 return err; 1514 } 1515 1516 static s32 brcmf_set_frag(struct net_device *ndev, u32 frag_threshold) 1517 { 1518 struct brcmf_if *ifp = netdev_priv(ndev); 1519 struct brcmf_pub *drvr = ifp->drvr; 1520 s32 err = 0; 1521 1522 err = brcmf_fil_iovar_int_set(ifp, "fragthresh", 1523 frag_threshold); 1524 if (err) 1525 bphy_err(drvr, "Error (%d)\n", err); 1526 1527 return err; 1528 } 1529 1530 static s32 brcmf_set_retry(struct net_device *ndev, u32 retry, bool l) 1531 { 1532 struct brcmf_if *ifp = netdev_priv(ndev); 1533 struct brcmf_pub *drvr = ifp->drvr; 1534 s32 err = 0; 1535 u32 cmd = (l ? BRCMF_C_SET_LRL : BRCMF_C_SET_SRL); 1536 1537 err = brcmf_fil_cmd_int_set(ifp, cmd, retry); 1538 if (err) { 1539 bphy_err(drvr, "cmd (%d) , error (%d)\n", cmd, err); 1540 return err; 1541 } 1542 return err; 1543 } 1544 1545 static s32 brcmf_cfg80211_set_wiphy_params(struct wiphy *wiphy, u32 changed) 1546 { 1547 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 1548 struct net_device *ndev = cfg_to_ndev(cfg); 1549 struct brcmf_if *ifp = netdev_priv(ndev); 1550 s32 err = 0; 1551 1552 brcmf_dbg(TRACE, "Enter\n"); 1553 if (!check_vif_up(ifp->vif)) 1554 return -EIO; 1555 1556 if (changed & WIPHY_PARAM_RTS_THRESHOLD && 1557 (cfg->conf->rts_threshold != wiphy->rts_threshold)) { 1558 cfg->conf->rts_threshold = wiphy->rts_threshold; 1559 err = brcmf_set_rts(ndev, cfg->conf->rts_threshold); 1560 if (!err) 1561 goto done; 1562 } 1563 if (changed & WIPHY_PARAM_FRAG_THRESHOLD && 1564 (cfg->conf->frag_threshold != wiphy->frag_threshold)) { 1565 cfg->conf->frag_threshold = wiphy->frag_threshold; 1566 err = brcmf_set_frag(ndev, cfg->conf->frag_threshold); 1567 if (!err) 1568 goto done; 1569 } 1570 if (changed & WIPHY_PARAM_RETRY_LONG 1571 && (cfg->conf->retry_long != wiphy->retry_long)) { 1572 cfg->conf->retry_long = wiphy->retry_long; 1573 err = brcmf_set_retry(ndev, cfg->conf->retry_long, true); 1574 if (!err) 1575 goto done; 1576 } 1577 if (changed & WIPHY_PARAM_RETRY_SHORT 1578 && (cfg->conf->retry_short != wiphy->retry_short)) { 1579 cfg->conf->retry_short = wiphy->retry_short; 1580 err = brcmf_set_retry(ndev, cfg->conf->retry_short, false); 1581 if (!err) 1582 goto done; 1583 } 1584 1585 done: 1586 brcmf_dbg(TRACE, "Exit\n"); 1587 return err; 1588 } 1589 1590 static void brcmf_init_prof(struct brcmf_cfg80211_profile *prof) 1591 { 1592 memset(prof, 0, sizeof(*prof)); 1593 } 1594 1595 static u16 brcmf_map_fw_linkdown_reason(const struct brcmf_event_msg *e) 1596 { 1597 u16 reason; 1598 1599 switch (e->event_code) { 1600 case BRCMF_E_DEAUTH: 1601 case BRCMF_E_DEAUTH_IND: 1602 case BRCMF_E_DISASSOC_IND: 1603 reason = e->reason; 1604 break; 1605 case BRCMF_E_LINK: 1606 default: 1607 reason = 0; 1608 break; 1609 } 1610 return reason; 1611 } 1612 1613 static int brcmf_set_pmk(struct brcmf_if *ifp, const u8 *pmk_data, u16 pmk_len) 1614 { 1615 struct brcmf_pub *drvr = ifp->drvr; 1616 struct brcmf_wsec_pmk_le pmk; 1617 int i, err; 1618 1619 /* convert to firmware key format */ 1620 pmk.key_len = cpu_to_le16(pmk_len << 1); 1621 pmk.flags = cpu_to_le16(BRCMF_WSEC_PASSPHRASE); 1622 for (i = 0; i < pmk_len; i++) 1623 snprintf(&pmk.key[2 * i], 3, "%02x", pmk_data[i]); 1624 1625 /* store psk in firmware */ 1626 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_WSEC_PMK, 1627 &pmk, sizeof(pmk)); 1628 if (err < 0) 1629 bphy_err(drvr, "failed to change PSK in firmware (len=%u)\n", 1630 pmk_len); 1631 1632 return err; 1633 } 1634 1635 static int brcmf_set_sae_password(struct brcmf_if *ifp, const u8 *pwd_data, 1636 u16 pwd_len) 1637 { 1638 struct brcmf_pub *drvr = ifp->drvr; 1639 struct brcmf_wsec_sae_pwd_le sae_pwd; 1640 int err; 1641 1642 if (pwd_len > BRCMF_WSEC_MAX_SAE_PASSWORD_LEN) { 1643 bphy_err(drvr, "sae_password must be less than %d\n", 1644 BRCMF_WSEC_MAX_SAE_PASSWORD_LEN); 1645 return -EINVAL; 1646 } 1647 1648 sae_pwd.key_len = cpu_to_le16(pwd_len); 1649 memcpy(sae_pwd.key, pwd_data, pwd_len); 1650 1651 err = brcmf_fil_iovar_data_set(ifp, "sae_password", &sae_pwd, 1652 sizeof(sae_pwd)); 1653 if (err < 0) 1654 bphy_err(drvr, "failed to set SAE password in firmware (len=%u)\n", 1655 pwd_len); 1656 1657 return err; 1658 } 1659 1660 static void brcmf_link_down(struct brcmf_cfg80211_vif *vif, u16 reason, 1661 bool locally_generated) 1662 { 1663 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(vif->wdev.wiphy); 1664 struct brcmf_pub *drvr = cfg->pub; 1665 bool bus_up = drvr->bus_if->state == BRCMF_BUS_UP; 1666 s32 err = 0; 1667 1668 brcmf_dbg(TRACE, "Enter\n"); 1669 1670 if (test_and_clear_bit(BRCMF_VIF_STATUS_CONNECTED, &vif->sme_state)) { 1671 if (bus_up) { 1672 brcmf_dbg(INFO, "Call WLC_DISASSOC to stop excess roaming\n"); 1673 err = brcmf_fil_cmd_data_set(vif->ifp, 1674 BRCMF_C_DISASSOC, NULL, 0); 1675 if (err) 1676 bphy_err(drvr, "WLC_DISASSOC failed (%d)\n", 1677 err); 1678 } 1679 1680 if ((vif->wdev.iftype == NL80211_IFTYPE_STATION) || 1681 (vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT)) 1682 cfg80211_disconnected(vif->wdev.netdev, reason, NULL, 0, 1683 locally_generated, GFP_KERNEL); 1684 } 1685 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &vif->sme_state); 1686 clear_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state); 1687 clear_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state); 1688 clear_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status); 1689 brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_ENABLED, 0); 1690 if (vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_NONE) { 1691 if (bus_up) 1692 brcmf_set_pmk(vif->ifp, NULL, 0); 1693 vif->profile.use_fwsup = BRCMF_PROFILE_FWSUP_NONE; 1694 } 1695 brcmf_dbg(TRACE, "Exit\n"); 1696 } 1697 1698 static s32 1699 brcmf_cfg80211_join_ibss(struct wiphy *wiphy, struct net_device *ndev, 1700 struct cfg80211_ibss_params *params) 1701 { 1702 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 1703 struct brcmf_if *ifp = netdev_priv(ndev); 1704 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile; 1705 struct brcmf_pub *drvr = cfg->pub; 1706 struct brcmf_join_params join_params; 1707 size_t join_params_size = 0; 1708 s32 err = 0; 1709 s32 wsec = 0; 1710 s32 bcnprd; 1711 u16 chanspec; 1712 u32 ssid_len; 1713 1714 brcmf_dbg(TRACE, "Enter\n"); 1715 if (!check_vif_up(ifp->vif)) 1716 return -EIO; 1717 1718 if (params->ssid) 1719 brcmf_dbg(CONN, "SSID: %s\n", params->ssid); 1720 else { 1721 brcmf_dbg(CONN, "SSID: NULL, Not supported\n"); 1722 return -EOPNOTSUPP; 1723 } 1724 1725 set_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state); 1726 1727 if (params->bssid) 1728 brcmf_dbg(CONN, "BSSID: %pM\n", params->bssid); 1729 else 1730 brcmf_dbg(CONN, "No BSSID specified\n"); 1731 1732 if (params->chandef.chan) 1733 brcmf_dbg(CONN, "channel: %d\n", 1734 params->chandef.chan->center_freq); 1735 else 1736 brcmf_dbg(CONN, "no channel specified\n"); 1737 1738 if (params->channel_fixed) 1739 brcmf_dbg(CONN, "fixed channel required\n"); 1740 else 1741 brcmf_dbg(CONN, "no fixed channel required\n"); 1742 1743 if (params->ie && params->ie_len) 1744 brcmf_dbg(CONN, "ie len: %d\n", params->ie_len); 1745 else 1746 brcmf_dbg(CONN, "no ie specified\n"); 1747 1748 if (params->beacon_interval) 1749 brcmf_dbg(CONN, "beacon interval: %d\n", 1750 params->beacon_interval); 1751 else 1752 brcmf_dbg(CONN, "no beacon interval specified\n"); 1753 1754 if (params->basic_rates) 1755 brcmf_dbg(CONN, "basic rates: %08X\n", params->basic_rates); 1756 else 1757 brcmf_dbg(CONN, "no basic rates specified\n"); 1758 1759 if (params->privacy) 1760 brcmf_dbg(CONN, "privacy required\n"); 1761 else 1762 brcmf_dbg(CONN, "no privacy required\n"); 1763 1764 /* Configure Privacy for starter */ 1765 if (params->privacy) 1766 wsec |= WEP_ENABLED; 1767 1768 err = brcmf_fil_iovar_int_set(ifp, "wsec", wsec); 1769 if (err) { 1770 bphy_err(drvr, "wsec failed (%d)\n", err); 1771 goto done; 1772 } 1773 1774 /* Configure Beacon Interval for starter */ 1775 if (params->beacon_interval) 1776 bcnprd = params->beacon_interval; 1777 else 1778 bcnprd = 100; 1779 1780 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_BCNPRD, bcnprd); 1781 if (err) { 1782 bphy_err(drvr, "WLC_SET_BCNPRD failed (%d)\n", err); 1783 goto done; 1784 } 1785 1786 /* Configure required join parameter */ 1787 memset(&join_params, 0, sizeof(struct brcmf_join_params)); 1788 1789 /* SSID */ 1790 ssid_len = min_t(u32, params->ssid_len, IEEE80211_MAX_SSID_LEN); 1791 memcpy(join_params.ssid_le.SSID, params->ssid, ssid_len); 1792 join_params.ssid_le.SSID_len = cpu_to_le32(ssid_len); 1793 join_params_size = sizeof(join_params.ssid_le); 1794 1795 /* BSSID */ 1796 if (params->bssid) { 1797 memcpy(join_params.params_le.bssid, params->bssid, ETH_ALEN); 1798 join_params_size += BRCMF_ASSOC_PARAMS_FIXED_SIZE; 1799 memcpy(profile->bssid, params->bssid, ETH_ALEN); 1800 } else { 1801 eth_broadcast_addr(join_params.params_le.bssid); 1802 eth_zero_addr(profile->bssid); 1803 } 1804 1805 /* Channel */ 1806 if (params->chandef.chan) { 1807 u32 target_channel; 1808 1809 cfg->channel = 1810 ieee80211_frequency_to_channel( 1811 params->chandef.chan->center_freq); 1812 if (params->channel_fixed) { 1813 /* adding chanspec */ 1814 chanspec = chandef_to_chanspec(&cfg->d11inf, 1815 ¶ms->chandef); 1816 join_params.params_le.chanspec_list[0] = 1817 cpu_to_le16(chanspec); 1818 join_params.params_le.chanspec_num = cpu_to_le32(1); 1819 join_params_size += sizeof(join_params.params_le); 1820 } 1821 1822 /* set channel for starter */ 1823 target_channel = cfg->channel; 1824 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_CHANNEL, 1825 target_channel); 1826 if (err) { 1827 bphy_err(drvr, "WLC_SET_CHANNEL failed (%d)\n", err); 1828 goto done; 1829 } 1830 } else 1831 cfg->channel = 0; 1832 1833 cfg->ibss_starter = false; 1834 1835 1836 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID, 1837 &join_params, join_params_size); 1838 if (err) { 1839 bphy_err(drvr, "WLC_SET_SSID failed (%d)\n", err); 1840 goto done; 1841 } 1842 1843 done: 1844 if (err) 1845 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state); 1846 brcmf_dbg(TRACE, "Exit\n"); 1847 return err; 1848 } 1849 1850 static s32 1851 brcmf_cfg80211_leave_ibss(struct wiphy *wiphy, struct net_device *ndev) 1852 { 1853 struct brcmf_if *ifp = netdev_priv(ndev); 1854 1855 brcmf_dbg(TRACE, "Enter\n"); 1856 if (!check_vif_up(ifp->vif)) { 1857 /* When driver is being unloaded, it can end up here. If an 1858 * error is returned then later on a debug trace in the wireless 1859 * core module will be printed. To avoid this 0 is returned. 1860 */ 1861 return 0; 1862 } 1863 1864 brcmf_link_down(ifp->vif, WLAN_REASON_DEAUTH_LEAVING, true); 1865 brcmf_net_setcarrier(ifp, false); 1866 1867 brcmf_dbg(TRACE, "Exit\n"); 1868 1869 return 0; 1870 } 1871 1872 static s32 brcmf_set_wpa_version(struct net_device *ndev, 1873 struct cfg80211_connect_params *sme) 1874 { 1875 struct brcmf_if *ifp = netdev_priv(ndev); 1876 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev); 1877 struct brcmf_pub *drvr = ifp->drvr; 1878 struct brcmf_cfg80211_security *sec; 1879 s32 val = 0; 1880 s32 err = 0; 1881 1882 if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_1) 1883 val = WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED; 1884 else if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_2) 1885 val = WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED; 1886 else if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_3) 1887 val = WPA3_AUTH_SAE_PSK; 1888 else 1889 val = WPA_AUTH_DISABLED; 1890 brcmf_dbg(CONN, "setting wpa_auth to 0x%0x\n", val); 1891 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", val); 1892 if (err) { 1893 bphy_err(drvr, "set wpa_auth failed (%d)\n", err); 1894 return err; 1895 } 1896 sec = &profile->sec; 1897 sec->wpa_versions = sme->crypto.wpa_versions; 1898 return err; 1899 } 1900 1901 static s32 brcmf_set_auth_type(struct net_device *ndev, 1902 struct cfg80211_connect_params *sme) 1903 { 1904 struct brcmf_if *ifp = netdev_priv(ndev); 1905 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev); 1906 struct brcmf_pub *drvr = ifp->drvr; 1907 struct brcmf_cfg80211_security *sec; 1908 s32 val = 0; 1909 s32 err = 0; 1910 1911 switch (sme->auth_type) { 1912 case NL80211_AUTHTYPE_OPEN_SYSTEM: 1913 val = 0; 1914 brcmf_dbg(CONN, "open system\n"); 1915 break; 1916 case NL80211_AUTHTYPE_SHARED_KEY: 1917 val = 1; 1918 brcmf_dbg(CONN, "shared key\n"); 1919 break; 1920 case NL80211_AUTHTYPE_SAE: 1921 val = 3; 1922 brcmf_dbg(CONN, "SAE authentication\n"); 1923 break; 1924 default: 1925 val = 2; 1926 brcmf_dbg(CONN, "automatic, auth type (%d)\n", sme->auth_type); 1927 break; 1928 } 1929 1930 err = brcmf_fil_bsscfg_int_set(ifp, "auth", val); 1931 if (err) { 1932 bphy_err(drvr, "set auth failed (%d)\n", err); 1933 return err; 1934 } 1935 sec = &profile->sec; 1936 sec->auth_type = sme->auth_type; 1937 return err; 1938 } 1939 1940 static s32 1941 brcmf_set_wsec_mode(struct net_device *ndev, 1942 struct cfg80211_connect_params *sme) 1943 { 1944 struct brcmf_if *ifp = netdev_priv(ndev); 1945 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev); 1946 struct brcmf_pub *drvr = ifp->drvr; 1947 struct brcmf_cfg80211_security *sec; 1948 s32 pval = 0; 1949 s32 gval = 0; 1950 s32 wsec; 1951 s32 err = 0; 1952 1953 if (sme->crypto.n_ciphers_pairwise) { 1954 switch (sme->crypto.ciphers_pairwise[0]) { 1955 case WLAN_CIPHER_SUITE_WEP40: 1956 case WLAN_CIPHER_SUITE_WEP104: 1957 pval = WEP_ENABLED; 1958 break; 1959 case WLAN_CIPHER_SUITE_TKIP: 1960 pval = TKIP_ENABLED; 1961 break; 1962 case WLAN_CIPHER_SUITE_CCMP: 1963 pval = AES_ENABLED; 1964 break; 1965 case WLAN_CIPHER_SUITE_AES_CMAC: 1966 pval = AES_ENABLED; 1967 break; 1968 default: 1969 bphy_err(drvr, "invalid cipher pairwise (%d)\n", 1970 sme->crypto.ciphers_pairwise[0]); 1971 return -EINVAL; 1972 } 1973 } 1974 if (sme->crypto.cipher_group) { 1975 switch (sme->crypto.cipher_group) { 1976 case WLAN_CIPHER_SUITE_WEP40: 1977 case WLAN_CIPHER_SUITE_WEP104: 1978 gval = WEP_ENABLED; 1979 break; 1980 case WLAN_CIPHER_SUITE_TKIP: 1981 gval = TKIP_ENABLED; 1982 break; 1983 case WLAN_CIPHER_SUITE_CCMP: 1984 gval = AES_ENABLED; 1985 break; 1986 case WLAN_CIPHER_SUITE_AES_CMAC: 1987 gval = AES_ENABLED; 1988 break; 1989 default: 1990 bphy_err(drvr, "invalid cipher group (%d)\n", 1991 sme->crypto.cipher_group); 1992 return -EINVAL; 1993 } 1994 } 1995 1996 brcmf_dbg(CONN, "pval (%d) gval (%d)\n", pval, gval); 1997 /* In case of privacy, but no security and WPS then simulate */ 1998 /* setting AES. WPS-2.0 allows no security */ 1999 if (brcmf_find_wpsie(sme->ie, sme->ie_len) && !pval && !gval && 2000 sme->privacy) 2001 pval = AES_ENABLED; 2002 2003 wsec = pval | gval; 2004 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec); 2005 if (err) { 2006 bphy_err(drvr, "error (%d)\n", err); 2007 return err; 2008 } 2009 2010 sec = &profile->sec; 2011 sec->cipher_pairwise = sme->crypto.ciphers_pairwise[0]; 2012 sec->cipher_group = sme->crypto.cipher_group; 2013 2014 return err; 2015 } 2016 2017 static s32 2018 brcmf_set_key_mgmt(struct net_device *ndev, struct cfg80211_connect_params *sme) 2019 { 2020 struct brcmf_if *ifp = netdev_priv(ndev); 2021 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile; 2022 struct brcmf_pub *drvr = ifp->drvr; 2023 s32 val; 2024 s32 err; 2025 const struct brcmf_tlv *rsn_ie; 2026 const u8 *ie; 2027 u32 ie_len; 2028 u32 offset; 2029 u16 rsn_cap; 2030 u32 mfp; 2031 u16 count; 2032 2033 profile->use_fwsup = BRCMF_PROFILE_FWSUP_NONE; 2034 profile->is_ft = false; 2035 2036 if (!sme->crypto.n_akm_suites) 2037 return 0; 2038 2039 err = brcmf_fil_bsscfg_int_get(netdev_priv(ndev), "wpa_auth", &val); 2040 if (err) { 2041 bphy_err(drvr, "could not get wpa_auth (%d)\n", err); 2042 return err; 2043 } 2044 if (val & (WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED)) { 2045 switch (sme->crypto.akm_suites[0]) { 2046 case WLAN_AKM_SUITE_8021X: 2047 val = WPA_AUTH_UNSPECIFIED; 2048 if (sme->want_1x) 2049 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X; 2050 break; 2051 case WLAN_AKM_SUITE_PSK: 2052 val = WPA_AUTH_PSK; 2053 break; 2054 default: 2055 bphy_err(drvr, "invalid akm suite (%d)\n", 2056 sme->crypto.akm_suites[0]); 2057 return -EINVAL; 2058 } 2059 } else if (val & (WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED)) { 2060 switch (sme->crypto.akm_suites[0]) { 2061 case WLAN_AKM_SUITE_8021X: 2062 val = WPA2_AUTH_UNSPECIFIED; 2063 if (sme->want_1x) 2064 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X; 2065 break; 2066 case WLAN_AKM_SUITE_8021X_SHA256: 2067 val = WPA2_AUTH_1X_SHA256; 2068 if (sme->want_1x) 2069 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X; 2070 break; 2071 case WLAN_AKM_SUITE_PSK_SHA256: 2072 val = WPA2_AUTH_PSK_SHA256; 2073 break; 2074 case WLAN_AKM_SUITE_PSK: 2075 val = WPA2_AUTH_PSK; 2076 break; 2077 case WLAN_AKM_SUITE_FT_8021X: 2078 val = WPA2_AUTH_UNSPECIFIED | WPA2_AUTH_FT; 2079 profile->is_ft = true; 2080 if (sme->want_1x) 2081 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X; 2082 break; 2083 case WLAN_AKM_SUITE_FT_PSK: 2084 val = WPA2_AUTH_PSK | WPA2_AUTH_FT; 2085 profile->is_ft = true; 2086 break; 2087 default: 2088 bphy_err(drvr, "invalid akm suite (%d)\n", 2089 sme->crypto.akm_suites[0]); 2090 return -EINVAL; 2091 } 2092 } else if (val & WPA3_AUTH_SAE_PSK) { 2093 switch (sme->crypto.akm_suites[0]) { 2094 case WLAN_AKM_SUITE_SAE: 2095 val = WPA3_AUTH_SAE_PSK; 2096 if (sme->crypto.sae_pwd) { 2097 brcmf_dbg(INFO, "using SAE offload\n"); 2098 profile->use_fwsup = BRCMF_PROFILE_FWSUP_SAE; 2099 } 2100 break; 2101 case WLAN_AKM_SUITE_FT_OVER_SAE: 2102 val = WPA3_AUTH_SAE_PSK | WPA2_AUTH_FT; 2103 profile->is_ft = true; 2104 if (sme->crypto.sae_pwd) { 2105 brcmf_dbg(INFO, "using SAE offload\n"); 2106 profile->use_fwsup = BRCMF_PROFILE_FWSUP_SAE; 2107 } 2108 break; 2109 default: 2110 bphy_err(drvr, "invalid akm suite (%d)\n", 2111 sme->crypto.akm_suites[0]); 2112 return -EINVAL; 2113 } 2114 } 2115 2116 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_1X) 2117 brcmf_dbg(INFO, "using 1X offload\n"); 2118 2119 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP)) 2120 goto skip_mfp_config; 2121 /* The MFP mode (1 or 2) needs to be determined, parse IEs. The 2122 * IE will not be verified, just a quick search for MFP config 2123 */ 2124 rsn_ie = brcmf_parse_tlvs((const u8 *)sme->ie, sme->ie_len, 2125 WLAN_EID_RSN); 2126 if (!rsn_ie) 2127 goto skip_mfp_config; 2128 ie = (const u8 *)rsn_ie; 2129 ie_len = rsn_ie->len + TLV_HDR_LEN; 2130 /* Skip unicast suite */ 2131 offset = TLV_HDR_LEN + WPA_IE_VERSION_LEN + WPA_IE_MIN_OUI_LEN; 2132 if (offset + WPA_IE_SUITE_COUNT_LEN >= ie_len) 2133 goto skip_mfp_config; 2134 /* Skip multicast suite */ 2135 count = ie[offset] + (ie[offset + 1] << 8); 2136 offset += WPA_IE_SUITE_COUNT_LEN + (count * WPA_IE_MIN_OUI_LEN); 2137 if (offset + WPA_IE_SUITE_COUNT_LEN >= ie_len) 2138 goto skip_mfp_config; 2139 /* Skip auth key management suite(s) */ 2140 count = ie[offset] + (ie[offset + 1] << 8); 2141 offset += WPA_IE_SUITE_COUNT_LEN + (count * WPA_IE_MIN_OUI_LEN); 2142 if (offset + WPA_IE_SUITE_COUNT_LEN > ie_len) 2143 goto skip_mfp_config; 2144 /* Ready to read capabilities */ 2145 mfp = BRCMF_MFP_NONE; 2146 rsn_cap = ie[offset] + (ie[offset + 1] << 8); 2147 if (rsn_cap & RSN_CAP_MFPR_MASK) 2148 mfp = BRCMF_MFP_REQUIRED; 2149 else if (rsn_cap & RSN_CAP_MFPC_MASK) 2150 mfp = BRCMF_MFP_CAPABLE; 2151 brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "mfp", mfp); 2152 2153 skip_mfp_config: 2154 brcmf_dbg(CONN, "setting wpa_auth to %d\n", val); 2155 err = brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "wpa_auth", val); 2156 if (err) { 2157 bphy_err(drvr, "could not set wpa_auth (%d)\n", err); 2158 return err; 2159 } 2160 2161 return err; 2162 } 2163 2164 static s32 2165 brcmf_set_sharedkey(struct net_device *ndev, 2166 struct cfg80211_connect_params *sme) 2167 { 2168 struct brcmf_if *ifp = netdev_priv(ndev); 2169 struct brcmf_pub *drvr = ifp->drvr; 2170 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev); 2171 struct brcmf_cfg80211_security *sec; 2172 struct brcmf_wsec_key key; 2173 s32 val; 2174 s32 err = 0; 2175 2176 brcmf_dbg(CONN, "key len (%d)\n", sme->key_len); 2177 2178 if (sme->key_len == 0) 2179 return 0; 2180 2181 sec = &profile->sec; 2182 brcmf_dbg(CONN, "wpa_versions 0x%x cipher_pairwise 0x%x\n", 2183 sec->wpa_versions, sec->cipher_pairwise); 2184 2185 if (sec->wpa_versions & (NL80211_WPA_VERSION_1 | NL80211_WPA_VERSION_2 | 2186 NL80211_WPA_VERSION_3)) 2187 return 0; 2188 2189 if (!(sec->cipher_pairwise & 2190 (WLAN_CIPHER_SUITE_WEP40 | WLAN_CIPHER_SUITE_WEP104))) 2191 return 0; 2192 2193 memset(&key, 0, sizeof(key)); 2194 key.len = (u32) sme->key_len; 2195 key.index = (u32) sme->key_idx; 2196 if (key.len > sizeof(key.data)) { 2197 bphy_err(drvr, "Too long key length (%u)\n", key.len); 2198 return -EINVAL; 2199 } 2200 memcpy(key.data, sme->key, key.len); 2201 key.flags = BRCMF_PRIMARY_KEY; 2202 switch (sec->cipher_pairwise) { 2203 case WLAN_CIPHER_SUITE_WEP40: 2204 key.algo = CRYPTO_ALGO_WEP1; 2205 break; 2206 case WLAN_CIPHER_SUITE_WEP104: 2207 key.algo = CRYPTO_ALGO_WEP128; 2208 break; 2209 default: 2210 bphy_err(drvr, "Invalid algorithm (%d)\n", 2211 sme->crypto.ciphers_pairwise[0]); 2212 return -EINVAL; 2213 } 2214 /* Set the new key/index */ 2215 brcmf_dbg(CONN, "key length (%d) key index (%d) algo (%d)\n", 2216 key.len, key.index, key.algo); 2217 brcmf_dbg(CONN, "key \"%s\"\n", key.data); 2218 err = send_key_to_dongle(ifp, &key); 2219 if (err) 2220 return err; 2221 2222 if (sec->auth_type == NL80211_AUTHTYPE_SHARED_KEY) { 2223 brcmf_dbg(CONN, "set auth_type to shared key\n"); 2224 val = WL_AUTH_SHARED_KEY; /* shared key */ 2225 err = brcmf_fil_bsscfg_int_set(ifp, "auth", val); 2226 if (err) 2227 bphy_err(drvr, "set auth failed (%d)\n", err); 2228 } 2229 return err; 2230 } 2231 2232 static 2233 enum nl80211_auth_type brcmf_war_auth_type(struct brcmf_if *ifp, 2234 enum nl80211_auth_type type) 2235 { 2236 if (type == NL80211_AUTHTYPE_AUTOMATIC && 2237 brcmf_feat_is_quirk_enabled(ifp, BRCMF_FEAT_QUIRK_AUTO_AUTH)) { 2238 brcmf_dbg(CONN, "WAR: use OPEN instead of AUTO\n"); 2239 type = NL80211_AUTHTYPE_OPEN_SYSTEM; 2240 } 2241 return type; 2242 } 2243 2244 static void brcmf_set_join_pref(struct brcmf_if *ifp, 2245 struct cfg80211_bss_selection *bss_select) 2246 { 2247 struct brcmf_pub *drvr = ifp->drvr; 2248 struct brcmf_join_pref_params join_pref_params[2]; 2249 enum nl80211_band band; 2250 int err, i = 0; 2251 2252 join_pref_params[i].len = 2; 2253 join_pref_params[i].rssi_gain = 0; 2254 2255 if (bss_select->behaviour != NL80211_BSS_SELECT_ATTR_BAND_PREF) 2256 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_ASSOC_PREFER, WLC_BAND_AUTO); 2257 2258 switch (bss_select->behaviour) { 2259 case __NL80211_BSS_SELECT_ATTR_INVALID: 2260 brcmf_c_set_joinpref_default(ifp); 2261 return; 2262 case NL80211_BSS_SELECT_ATTR_BAND_PREF: 2263 join_pref_params[i].type = BRCMF_JOIN_PREF_BAND; 2264 band = bss_select->param.band_pref; 2265 join_pref_params[i].band = nl80211_band_to_fwil(band); 2266 i++; 2267 break; 2268 case NL80211_BSS_SELECT_ATTR_RSSI_ADJUST: 2269 join_pref_params[i].type = BRCMF_JOIN_PREF_RSSI_DELTA; 2270 band = bss_select->param.adjust.band; 2271 join_pref_params[i].band = nl80211_band_to_fwil(band); 2272 join_pref_params[i].rssi_gain = bss_select->param.adjust.delta; 2273 i++; 2274 break; 2275 case NL80211_BSS_SELECT_ATTR_RSSI: 2276 default: 2277 break; 2278 } 2279 join_pref_params[i].type = BRCMF_JOIN_PREF_RSSI; 2280 join_pref_params[i].len = 2; 2281 join_pref_params[i].rssi_gain = 0; 2282 join_pref_params[i].band = 0; 2283 err = brcmf_fil_iovar_data_set(ifp, "join_pref", join_pref_params, 2284 sizeof(join_pref_params)); 2285 if (err) 2286 bphy_err(drvr, "Set join_pref error (%d)\n", err); 2287 } 2288 2289 static s32 2290 brcmf_cfg80211_connect(struct wiphy *wiphy, struct net_device *ndev, 2291 struct cfg80211_connect_params *sme) 2292 { 2293 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 2294 struct brcmf_if *ifp = netdev_priv(ndev); 2295 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile; 2296 struct ieee80211_channel *chan = sme->channel; 2297 struct brcmf_pub *drvr = ifp->drvr; 2298 struct brcmf_join_params join_params; 2299 size_t join_params_size; 2300 const struct brcmf_tlv *rsn_ie; 2301 const struct brcmf_vs_tlv *wpa_ie; 2302 const void *ie; 2303 u32 ie_len; 2304 struct brcmf_ext_join_params_le *ext_join_params; 2305 u16 chanspec; 2306 s32 err = 0; 2307 u32 ssid_len; 2308 2309 brcmf_dbg(TRACE, "Enter\n"); 2310 if (!check_vif_up(ifp->vif)) 2311 return -EIO; 2312 2313 if (!sme->ssid) { 2314 bphy_err(drvr, "Invalid ssid\n"); 2315 return -EOPNOTSUPP; 2316 } 2317 2318 if (sme->channel_hint) 2319 chan = sme->channel_hint; 2320 2321 if (sme->bssid_hint) 2322 sme->bssid = sme->bssid_hint; 2323 2324 if (ifp->vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif) { 2325 /* A normal (non P2P) connection request setup. */ 2326 ie = NULL; 2327 ie_len = 0; 2328 /* find the WPA_IE */ 2329 wpa_ie = brcmf_find_wpaie((u8 *)sme->ie, sme->ie_len); 2330 if (wpa_ie) { 2331 ie = wpa_ie; 2332 ie_len = wpa_ie->len + TLV_HDR_LEN; 2333 } else { 2334 /* find the RSN_IE */ 2335 rsn_ie = brcmf_parse_tlvs((const u8 *)sme->ie, 2336 sme->ie_len, 2337 WLAN_EID_RSN); 2338 if (rsn_ie) { 2339 ie = rsn_ie; 2340 ie_len = rsn_ie->len + TLV_HDR_LEN; 2341 } 2342 } 2343 brcmf_fil_iovar_data_set(ifp, "wpaie", ie, ie_len); 2344 } 2345 2346 err = brcmf_vif_set_mgmt_ie(ifp->vif, BRCMF_VNDR_IE_ASSOCREQ_FLAG, 2347 sme->ie, sme->ie_len); 2348 if (err) 2349 bphy_err(drvr, "Set Assoc REQ IE Failed\n"); 2350 else 2351 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc request\n"); 2352 2353 set_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state); 2354 2355 if (chan) { 2356 cfg->channel = 2357 ieee80211_frequency_to_channel(chan->center_freq); 2358 chanspec = channel_to_chanspec(&cfg->d11inf, chan); 2359 brcmf_dbg(CONN, "channel=%d, center_req=%d, chanspec=0x%04x\n", 2360 cfg->channel, chan->center_freq, chanspec); 2361 } else { 2362 cfg->channel = 0; 2363 chanspec = 0; 2364 } 2365 2366 brcmf_dbg(INFO, "ie (%p), ie_len (%zd)\n", sme->ie, sme->ie_len); 2367 2368 err = brcmf_set_wpa_version(ndev, sme); 2369 if (err) { 2370 bphy_err(drvr, "wl_set_wpa_version failed (%d)\n", err); 2371 goto done; 2372 } 2373 2374 sme->auth_type = brcmf_war_auth_type(ifp, sme->auth_type); 2375 err = brcmf_set_auth_type(ndev, sme); 2376 if (err) { 2377 bphy_err(drvr, "wl_set_auth_type failed (%d)\n", err); 2378 goto done; 2379 } 2380 2381 err = brcmf_set_wsec_mode(ndev, sme); 2382 if (err) { 2383 bphy_err(drvr, "wl_set_set_cipher failed (%d)\n", err); 2384 goto done; 2385 } 2386 2387 err = brcmf_set_key_mgmt(ndev, sme); 2388 if (err) { 2389 bphy_err(drvr, "wl_set_key_mgmt failed (%d)\n", err); 2390 goto done; 2391 } 2392 2393 err = brcmf_set_sharedkey(ndev, sme); 2394 if (err) { 2395 bphy_err(drvr, "brcmf_set_sharedkey failed (%d)\n", err); 2396 goto done; 2397 } 2398 2399 if (sme->crypto.psk && 2400 profile->use_fwsup != BRCMF_PROFILE_FWSUP_SAE) { 2401 if (WARN_ON(profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE)) { 2402 err = -EINVAL; 2403 goto done; 2404 } 2405 brcmf_dbg(INFO, "using PSK offload\n"); 2406 profile->use_fwsup = BRCMF_PROFILE_FWSUP_PSK; 2407 } 2408 2409 if (profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE) { 2410 /* enable firmware supplicant for this interface */ 2411 err = brcmf_fil_iovar_int_set(ifp, "sup_wpa", 1); 2412 if (err < 0) { 2413 bphy_err(drvr, "failed to enable fw supplicant\n"); 2414 goto done; 2415 } 2416 } 2417 2418 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_PSK) 2419 err = brcmf_set_pmk(ifp, sme->crypto.psk, 2420 BRCMF_WSEC_MAX_PSK_LEN); 2421 else if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_SAE) { 2422 /* clean up user-space RSNE */ 2423 err = brcmf_fil_iovar_data_set(ifp, "wpaie", NULL, 0); 2424 if (err) { 2425 bphy_err(drvr, "failed to clean up user-space RSNE\n"); 2426 goto done; 2427 } 2428 err = brcmf_set_sae_password(ifp, sme->crypto.sae_pwd, 2429 sme->crypto.sae_pwd_len); 2430 if (!err && sme->crypto.psk) 2431 err = brcmf_set_pmk(ifp, sme->crypto.psk, 2432 BRCMF_WSEC_MAX_PSK_LEN); 2433 } 2434 if (err) 2435 goto done; 2436 2437 /* Join with specific BSSID and cached SSID 2438 * If SSID is zero join based on BSSID only 2439 */ 2440 join_params_size = offsetof(struct brcmf_ext_join_params_le, assoc_le) + 2441 offsetof(struct brcmf_assoc_params_le, chanspec_list); 2442 if (cfg->channel) 2443 join_params_size += sizeof(u16); 2444 ext_join_params = kzalloc(sizeof(*ext_join_params), GFP_KERNEL); 2445 if (ext_join_params == NULL) { 2446 err = -ENOMEM; 2447 goto done; 2448 } 2449 ssid_len = min_t(u32, sme->ssid_len, IEEE80211_MAX_SSID_LEN); 2450 ext_join_params->ssid_le.SSID_len = cpu_to_le32(ssid_len); 2451 memcpy(&ext_join_params->ssid_le.SSID, sme->ssid, ssid_len); 2452 if (ssid_len < IEEE80211_MAX_SSID_LEN) 2453 brcmf_dbg(CONN, "SSID \"%s\", len (%d)\n", 2454 ext_join_params->ssid_le.SSID, ssid_len); 2455 2456 /* Set up join scan parameters */ 2457 ext_join_params->scan_le.scan_type = -1; 2458 ext_join_params->scan_le.home_time = cpu_to_le32(-1); 2459 2460 if (sme->bssid) 2461 memcpy(&ext_join_params->assoc_le.bssid, sme->bssid, ETH_ALEN); 2462 else 2463 eth_broadcast_addr(ext_join_params->assoc_le.bssid); 2464 2465 if (cfg->channel) { 2466 ext_join_params->assoc_le.chanspec_num = cpu_to_le32(1); 2467 2468 ext_join_params->assoc_le.chanspec_list[0] = 2469 cpu_to_le16(chanspec); 2470 /* Increase dwell time to receive probe response or detect 2471 * beacon from target AP at a noisy air only during connect 2472 * command. 2473 */ 2474 ext_join_params->scan_le.active_time = 2475 cpu_to_le32(BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS); 2476 ext_join_params->scan_le.passive_time = 2477 cpu_to_le32(BRCMF_SCAN_JOIN_PASSIVE_DWELL_TIME_MS); 2478 /* To sync with presence period of VSDB GO send probe request 2479 * more frequently. Probe request will be stopped when it gets 2480 * probe response from target AP/GO. 2481 */ 2482 ext_join_params->scan_le.nprobes = 2483 cpu_to_le32(BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS / 2484 BRCMF_SCAN_JOIN_PROBE_INTERVAL_MS); 2485 } else { 2486 ext_join_params->scan_le.active_time = cpu_to_le32(-1); 2487 ext_join_params->scan_le.passive_time = cpu_to_le32(-1); 2488 ext_join_params->scan_le.nprobes = cpu_to_le32(-1); 2489 } 2490 2491 brcmf_set_join_pref(ifp, &sme->bss_select); 2492 2493 err = brcmf_fil_bsscfg_data_set(ifp, "join", ext_join_params, 2494 join_params_size); 2495 kfree(ext_join_params); 2496 if (!err) 2497 /* This is it. join command worked, we are done */ 2498 goto done; 2499 2500 /* join command failed, fallback to set ssid */ 2501 memset(&join_params, 0, sizeof(join_params)); 2502 join_params_size = sizeof(join_params.ssid_le); 2503 2504 memcpy(&join_params.ssid_le.SSID, sme->ssid, ssid_len); 2505 join_params.ssid_le.SSID_len = cpu_to_le32(ssid_len); 2506 2507 if (sme->bssid) 2508 memcpy(join_params.params_le.bssid, sme->bssid, ETH_ALEN); 2509 else 2510 eth_broadcast_addr(join_params.params_le.bssid); 2511 2512 if (cfg->channel) { 2513 join_params.params_le.chanspec_list[0] = cpu_to_le16(chanspec); 2514 join_params.params_le.chanspec_num = cpu_to_le32(1); 2515 join_params_size += sizeof(join_params.params_le); 2516 } 2517 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID, 2518 &join_params, join_params_size); 2519 if (err) 2520 bphy_err(drvr, "BRCMF_C_SET_SSID failed (%d)\n", err); 2521 2522 done: 2523 if (err) 2524 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state); 2525 brcmf_dbg(TRACE, "Exit\n"); 2526 return err; 2527 } 2528 2529 static s32 2530 brcmf_cfg80211_disconnect(struct wiphy *wiphy, struct net_device *ndev, 2531 u16 reason_code) 2532 { 2533 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 2534 struct brcmf_if *ifp = netdev_priv(ndev); 2535 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile; 2536 struct brcmf_pub *drvr = cfg->pub; 2537 struct brcmf_scb_val_le scbval; 2538 s32 err = 0; 2539 2540 brcmf_dbg(TRACE, "Enter. Reason code = %d\n", reason_code); 2541 if (!check_vif_up(ifp->vif)) 2542 return -EIO; 2543 2544 clear_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state); 2545 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state); 2546 clear_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &ifp->vif->sme_state); 2547 clear_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &ifp->vif->sme_state); 2548 cfg80211_disconnected(ndev, reason_code, NULL, 0, true, GFP_KERNEL); 2549 2550 memcpy(&scbval.ea, &profile->bssid, ETH_ALEN); 2551 scbval.val = cpu_to_le32(reason_code); 2552 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_DISASSOC, 2553 &scbval, sizeof(scbval)); 2554 if (err) 2555 bphy_err(drvr, "error (%d)\n", err); 2556 2557 brcmf_dbg(TRACE, "Exit\n"); 2558 return err; 2559 } 2560 2561 static s32 2562 brcmf_cfg80211_set_tx_power(struct wiphy *wiphy, struct wireless_dev *wdev, 2563 enum nl80211_tx_power_setting type, s32 mbm) 2564 { 2565 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 2566 struct net_device *ndev = cfg_to_ndev(cfg); 2567 struct brcmf_if *ifp = netdev_priv(ndev); 2568 struct brcmf_pub *drvr = cfg->pub; 2569 s32 err; 2570 s32 disable; 2571 u32 qdbm = 127; 2572 2573 brcmf_dbg(TRACE, "Enter %d %d\n", type, mbm); 2574 if (!check_vif_up(ifp->vif)) 2575 return -EIO; 2576 2577 switch (type) { 2578 case NL80211_TX_POWER_AUTOMATIC: 2579 break; 2580 case NL80211_TX_POWER_LIMITED: 2581 case NL80211_TX_POWER_FIXED: 2582 if (mbm < 0) { 2583 bphy_err(drvr, "TX_POWER_FIXED - dbm is negative\n"); 2584 err = -EINVAL; 2585 goto done; 2586 } 2587 qdbm = MBM_TO_DBM(4 * mbm); 2588 if (qdbm > 127) 2589 qdbm = 127; 2590 qdbm |= WL_TXPWR_OVERRIDE; 2591 break; 2592 default: 2593 bphy_err(drvr, "Unsupported type %d\n", type); 2594 err = -EINVAL; 2595 goto done; 2596 } 2597 /* Make sure radio is off or on as far as software is concerned */ 2598 disable = WL_RADIO_SW_DISABLE << 16; 2599 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_RADIO, disable); 2600 if (err) 2601 bphy_err(drvr, "WLC_SET_RADIO error (%d)\n", err); 2602 2603 err = brcmf_fil_iovar_int_set(ifp, "qtxpower", qdbm); 2604 if (err) 2605 bphy_err(drvr, "qtxpower error (%d)\n", err); 2606 2607 done: 2608 brcmf_dbg(TRACE, "Exit %d (qdbm)\n", qdbm & ~WL_TXPWR_OVERRIDE); 2609 return err; 2610 } 2611 2612 static s32 2613 brcmf_cfg80211_get_tx_power(struct wiphy *wiphy, struct wireless_dev *wdev, 2614 s32 *dbm) 2615 { 2616 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 2617 struct brcmf_cfg80211_vif *vif = wdev_to_vif(wdev); 2618 struct brcmf_pub *drvr = cfg->pub; 2619 s32 qdbm = 0; 2620 s32 err; 2621 2622 brcmf_dbg(TRACE, "Enter\n"); 2623 if (!check_vif_up(vif)) 2624 return -EIO; 2625 2626 err = brcmf_fil_iovar_int_get(vif->ifp, "qtxpower", &qdbm); 2627 if (err) { 2628 bphy_err(drvr, "error (%d)\n", err); 2629 goto done; 2630 } 2631 *dbm = (qdbm & ~WL_TXPWR_OVERRIDE) / 4; 2632 2633 done: 2634 brcmf_dbg(TRACE, "Exit (0x%x %d)\n", qdbm, *dbm); 2635 return err; 2636 } 2637 2638 static s32 2639 brcmf_cfg80211_config_default_key(struct wiphy *wiphy, struct net_device *ndev, 2640 int link_id, u8 key_idx, bool unicast, 2641 bool multicast) 2642 { 2643 struct brcmf_if *ifp = netdev_priv(ndev); 2644 struct brcmf_pub *drvr = ifp->drvr; 2645 u32 index; 2646 u32 wsec; 2647 s32 err = 0; 2648 2649 brcmf_dbg(TRACE, "Enter\n"); 2650 brcmf_dbg(CONN, "key index (%d)\n", key_idx); 2651 if (!check_vif_up(ifp->vif)) 2652 return -EIO; 2653 2654 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec); 2655 if (err) { 2656 bphy_err(drvr, "WLC_GET_WSEC error (%d)\n", err); 2657 goto done; 2658 } 2659 2660 if (wsec & WEP_ENABLED) { 2661 /* Just select a new current key */ 2662 index = key_idx; 2663 err = brcmf_fil_cmd_int_set(ifp, 2664 BRCMF_C_SET_KEY_PRIMARY, index); 2665 if (err) 2666 bphy_err(drvr, "error (%d)\n", err); 2667 } 2668 done: 2669 brcmf_dbg(TRACE, "Exit\n"); 2670 return err; 2671 } 2672 2673 static s32 2674 brcmf_cfg80211_del_key(struct wiphy *wiphy, struct net_device *ndev, 2675 int link_id, u8 key_idx, bool pairwise, 2676 const u8 *mac_addr) 2677 { 2678 struct brcmf_if *ifp = netdev_priv(ndev); 2679 struct brcmf_wsec_key *key; 2680 s32 err; 2681 2682 brcmf_dbg(TRACE, "Enter\n"); 2683 brcmf_dbg(CONN, "key index (%d)\n", key_idx); 2684 2685 if (!check_vif_up(ifp->vif)) 2686 return -EIO; 2687 2688 if (key_idx >= BRCMF_MAX_DEFAULT_KEYS) { 2689 /* we ignore this key index in this case */ 2690 return -EINVAL; 2691 } 2692 2693 key = &ifp->vif->profile.key[key_idx]; 2694 2695 if (key->algo == CRYPTO_ALGO_OFF) { 2696 brcmf_dbg(CONN, "Ignore clearing of (never configured) key\n"); 2697 return -EINVAL; 2698 } 2699 2700 memset(key, 0, sizeof(*key)); 2701 key->index = (u32)key_idx; 2702 key->flags = BRCMF_PRIMARY_KEY; 2703 2704 /* Clear the key/index */ 2705 err = send_key_to_dongle(ifp, key); 2706 2707 brcmf_dbg(TRACE, "Exit\n"); 2708 return err; 2709 } 2710 2711 static s32 2712 brcmf_cfg80211_add_key(struct wiphy *wiphy, struct net_device *ndev, 2713 int link_id, u8 key_idx, bool pairwise, 2714 const u8 *mac_addr, struct key_params *params) 2715 { 2716 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 2717 struct brcmf_if *ifp = netdev_priv(ndev); 2718 struct brcmf_pub *drvr = cfg->pub; 2719 struct brcmf_wsec_key *key; 2720 s32 val; 2721 s32 wsec; 2722 s32 err; 2723 u8 keybuf[8]; 2724 bool ext_key; 2725 2726 brcmf_dbg(TRACE, "Enter\n"); 2727 brcmf_dbg(CONN, "key index (%d)\n", key_idx); 2728 if (!check_vif_up(ifp->vif)) 2729 return -EIO; 2730 2731 if (key_idx >= BRCMF_MAX_DEFAULT_KEYS) { 2732 /* we ignore this key index in this case */ 2733 bphy_err(drvr, "invalid key index (%d)\n", key_idx); 2734 return -EINVAL; 2735 } 2736 2737 if (params->key_len == 0) 2738 return brcmf_cfg80211_del_key(wiphy, ndev, -1, key_idx, 2739 pairwise, mac_addr); 2740 2741 if (params->key_len > sizeof(key->data)) { 2742 bphy_err(drvr, "Too long key length (%u)\n", params->key_len); 2743 return -EINVAL; 2744 } 2745 2746 ext_key = false; 2747 if (mac_addr && (params->cipher != WLAN_CIPHER_SUITE_WEP40) && 2748 (params->cipher != WLAN_CIPHER_SUITE_WEP104)) { 2749 brcmf_dbg(TRACE, "Ext key, mac %pM", mac_addr); 2750 ext_key = true; 2751 } 2752 2753 key = &ifp->vif->profile.key[key_idx]; 2754 memset(key, 0, sizeof(*key)); 2755 if ((ext_key) && (!is_multicast_ether_addr(mac_addr))) 2756 memcpy((char *)&key->ea, (void *)mac_addr, ETH_ALEN); 2757 key->len = params->key_len; 2758 key->index = key_idx; 2759 memcpy(key->data, params->key, key->len); 2760 if (!ext_key) 2761 key->flags = BRCMF_PRIMARY_KEY; 2762 2763 if (params->seq && params->seq_len == 6) { 2764 /* rx iv */ 2765 u8 *ivptr; 2766 2767 ivptr = (u8 *)params->seq; 2768 key->rxiv.hi = (ivptr[5] << 24) | (ivptr[4] << 16) | 2769 (ivptr[3] << 8) | ivptr[2]; 2770 key->rxiv.lo = (ivptr[1] << 8) | ivptr[0]; 2771 key->iv_initialized = true; 2772 } 2773 2774 switch (params->cipher) { 2775 case WLAN_CIPHER_SUITE_WEP40: 2776 key->algo = CRYPTO_ALGO_WEP1; 2777 val = WEP_ENABLED; 2778 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP40\n"); 2779 break; 2780 case WLAN_CIPHER_SUITE_WEP104: 2781 key->algo = CRYPTO_ALGO_WEP128; 2782 val = WEP_ENABLED; 2783 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP104\n"); 2784 break; 2785 case WLAN_CIPHER_SUITE_TKIP: 2786 if (!brcmf_is_apmode(ifp->vif)) { 2787 brcmf_dbg(CONN, "Swapping RX/TX MIC key\n"); 2788 memcpy(keybuf, &key->data[24], sizeof(keybuf)); 2789 memcpy(&key->data[24], &key->data[16], sizeof(keybuf)); 2790 memcpy(&key->data[16], keybuf, sizeof(keybuf)); 2791 } 2792 key->algo = CRYPTO_ALGO_TKIP; 2793 val = TKIP_ENABLED; 2794 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_TKIP\n"); 2795 break; 2796 case WLAN_CIPHER_SUITE_AES_CMAC: 2797 key->algo = CRYPTO_ALGO_AES_CCM; 2798 val = AES_ENABLED; 2799 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_AES_CMAC\n"); 2800 break; 2801 case WLAN_CIPHER_SUITE_CCMP: 2802 key->algo = CRYPTO_ALGO_AES_CCM; 2803 val = AES_ENABLED; 2804 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_CCMP\n"); 2805 break; 2806 default: 2807 bphy_err(drvr, "Invalid cipher (0x%x)\n", params->cipher); 2808 err = -EINVAL; 2809 goto done; 2810 } 2811 2812 err = send_key_to_dongle(ifp, key); 2813 if (ext_key || err) 2814 goto done; 2815 2816 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec); 2817 if (err) { 2818 bphy_err(drvr, "get wsec error (%d)\n", err); 2819 goto done; 2820 } 2821 wsec |= val; 2822 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec); 2823 if (err) { 2824 bphy_err(drvr, "set wsec error (%d)\n", err); 2825 goto done; 2826 } 2827 2828 done: 2829 brcmf_dbg(TRACE, "Exit\n"); 2830 return err; 2831 } 2832 2833 static s32 2834 brcmf_cfg80211_get_key(struct wiphy *wiphy, struct net_device *ndev, 2835 int link_id, u8 key_idx, bool pairwise, 2836 const u8 *mac_addr, void *cookie, 2837 void (*callback)(void *cookie, 2838 struct key_params *params)) 2839 { 2840 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 2841 struct key_params params; 2842 struct brcmf_if *ifp = netdev_priv(ndev); 2843 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile; 2844 struct brcmf_pub *drvr = cfg->pub; 2845 struct brcmf_cfg80211_security *sec; 2846 s32 wsec; 2847 s32 err = 0; 2848 2849 brcmf_dbg(TRACE, "Enter\n"); 2850 brcmf_dbg(CONN, "key index (%d)\n", key_idx); 2851 if (!check_vif_up(ifp->vif)) 2852 return -EIO; 2853 2854 memset(¶ms, 0, sizeof(params)); 2855 2856 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec); 2857 if (err) { 2858 bphy_err(drvr, "WLC_GET_WSEC error (%d)\n", err); 2859 /* Ignore this error, may happen during DISASSOC */ 2860 err = -EAGAIN; 2861 goto done; 2862 } 2863 if (wsec & WEP_ENABLED) { 2864 sec = &profile->sec; 2865 if (sec->cipher_pairwise & WLAN_CIPHER_SUITE_WEP40) { 2866 params.cipher = WLAN_CIPHER_SUITE_WEP40; 2867 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP40\n"); 2868 } else if (sec->cipher_pairwise & WLAN_CIPHER_SUITE_WEP104) { 2869 params.cipher = WLAN_CIPHER_SUITE_WEP104; 2870 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP104\n"); 2871 } 2872 } else if (wsec & TKIP_ENABLED) { 2873 params.cipher = WLAN_CIPHER_SUITE_TKIP; 2874 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_TKIP\n"); 2875 } else if (wsec & AES_ENABLED) { 2876 params.cipher = WLAN_CIPHER_SUITE_AES_CMAC; 2877 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_AES_CMAC\n"); 2878 } else { 2879 bphy_err(drvr, "Invalid algo (0x%x)\n", wsec); 2880 err = -EINVAL; 2881 goto done; 2882 } 2883 callback(cookie, ¶ms); 2884 2885 done: 2886 brcmf_dbg(TRACE, "Exit\n"); 2887 return err; 2888 } 2889 2890 static s32 2891 brcmf_cfg80211_config_default_mgmt_key(struct wiphy *wiphy, 2892 struct net_device *ndev, int link_id, 2893 u8 key_idx) 2894 { 2895 struct brcmf_if *ifp = netdev_priv(ndev); 2896 2897 brcmf_dbg(TRACE, "Enter key_idx %d\n", key_idx); 2898 2899 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP)) 2900 return 0; 2901 2902 brcmf_dbg(INFO, "Not supported\n"); 2903 2904 return -EOPNOTSUPP; 2905 } 2906 2907 static void 2908 brcmf_cfg80211_reconfigure_wep(struct brcmf_if *ifp) 2909 { 2910 struct brcmf_pub *drvr = ifp->drvr; 2911 s32 err; 2912 u8 key_idx; 2913 struct brcmf_wsec_key *key; 2914 s32 wsec; 2915 2916 for (key_idx = 0; key_idx < BRCMF_MAX_DEFAULT_KEYS; key_idx++) { 2917 key = &ifp->vif->profile.key[key_idx]; 2918 if ((key->algo == CRYPTO_ALGO_WEP1) || 2919 (key->algo == CRYPTO_ALGO_WEP128)) 2920 break; 2921 } 2922 if (key_idx == BRCMF_MAX_DEFAULT_KEYS) 2923 return; 2924 2925 err = send_key_to_dongle(ifp, key); 2926 if (err) { 2927 bphy_err(drvr, "Setting WEP key failed (%d)\n", err); 2928 return; 2929 } 2930 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec); 2931 if (err) { 2932 bphy_err(drvr, "get wsec error (%d)\n", err); 2933 return; 2934 } 2935 wsec |= WEP_ENABLED; 2936 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec); 2937 if (err) 2938 bphy_err(drvr, "set wsec error (%d)\n", err); 2939 } 2940 2941 static void brcmf_convert_sta_flags(u32 fw_sta_flags, struct station_info *si) 2942 { 2943 struct nl80211_sta_flag_update *sfu; 2944 2945 brcmf_dbg(TRACE, "flags %08x\n", fw_sta_flags); 2946 si->filled |= BIT_ULL(NL80211_STA_INFO_STA_FLAGS); 2947 sfu = &si->sta_flags; 2948 sfu->mask = BIT(NL80211_STA_FLAG_WME) | 2949 BIT(NL80211_STA_FLAG_AUTHENTICATED) | 2950 BIT(NL80211_STA_FLAG_ASSOCIATED) | 2951 BIT(NL80211_STA_FLAG_AUTHORIZED); 2952 if (fw_sta_flags & BRCMF_STA_WME) 2953 sfu->set |= BIT(NL80211_STA_FLAG_WME); 2954 if (fw_sta_flags & BRCMF_STA_AUTHE) 2955 sfu->set |= BIT(NL80211_STA_FLAG_AUTHENTICATED); 2956 if (fw_sta_flags & BRCMF_STA_ASSOC) 2957 sfu->set |= BIT(NL80211_STA_FLAG_ASSOCIATED); 2958 if (fw_sta_flags & BRCMF_STA_AUTHO) 2959 sfu->set |= BIT(NL80211_STA_FLAG_AUTHORIZED); 2960 } 2961 2962 static void brcmf_fill_bss_param(struct brcmf_if *ifp, struct station_info *si) 2963 { 2964 struct brcmf_pub *drvr = ifp->drvr; 2965 struct { 2966 __le32 len; 2967 struct brcmf_bss_info_le bss_le; 2968 } *buf; 2969 u16 capability; 2970 int err; 2971 2972 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL); 2973 if (!buf) 2974 return; 2975 2976 buf->len = cpu_to_le32(WL_BSS_INFO_MAX); 2977 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO, buf, 2978 WL_BSS_INFO_MAX); 2979 if (err) { 2980 bphy_err(drvr, "Failed to get bss info (%d)\n", err); 2981 goto out_kfree; 2982 } 2983 si->filled |= BIT_ULL(NL80211_STA_INFO_BSS_PARAM); 2984 si->bss_param.beacon_interval = le16_to_cpu(buf->bss_le.beacon_period); 2985 si->bss_param.dtim_period = buf->bss_le.dtim_period; 2986 capability = le16_to_cpu(buf->bss_le.capability); 2987 if (capability & IEEE80211_HT_STBC_PARAM_DUAL_CTS_PROT) 2988 si->bss_param.flags |= BSS_PARAM_FLAGS_CTS_PROT; 2989 if (capability & WLAN_CAPABILITY_SHORT_PREAMBLE) 2990 si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_PREAMBLE; 2991 if (capability & WLAN_CAPABILITY_SHORT_SLOT_TIME) 2992 si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_SLOT_TIME; 2993 2994 out_kfree: 2995 kfree(buf); 2996 } 2997 2998 static s32 2999 brcmf_cfg80211_get_station_ibss(struct brcmf_if *ifp, 3000 struct station_info *sinfo) 3001 { 3002 struct brcmf_pub *drvr = ifp->drvr; 3003 struct brcmf_scb_val_le scbval; 3004 struct brcmf_pktcnt_le pktcnt; 3005 s32 err; 3006 u32 rate; 3007 u32 rssi; 3008 3009 /* Get the current tx rate */ 3010 err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_RATE, &rate); 3011 if (err < 0) { 3012 bphy_err(drvr, "BRCMF_C_GET_RATE error (%d)\n", err); 3013 return err; 3014 } 3015 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE); 3016 sinfo->txrate.legacy = rate * 5; 3017 3018 memset(&scbval, 0, sizeof(scbval)); 3019 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_RSSI, &scbval, 3020 sizeof(scbval)); 3021 if (err) { 3022 bphy_err(drvr, "BRCMF_C_GET_RSSI error (%d)\n", err); 3023 return err; 3024 } 3025 rssi = le32_to_cpu(scbval.val); 3026 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL); 3027 sinfo->signal = rssi; 3028 3029 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_GET_PKTCNTS, &pktcnt, 3030 sizeof(pktcnt)); 3031 if (err) { 3032 bphy_err(drvr, "BRCMF_C_GET_GET_PKTCNTS error (%d)\n", err); 3033 return err; 3034 } 3035 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_PACKETS) | 3036 BIT_ULL(NL80211_STA_INFO_RX_DROP_MISC) | 3037 BIT_ULL(NL80211_STA_INFO_TX_PACKETS) | 3038 BIT_ULL(NL80211_STA_INFO_TX_FAILED); 3039 sinfo->rx_packets = le32_to_cpu(pktcnt.rx_good_pkt); 3040 sinfo->rx_dropped_misc = le32_to_cpu(pktcnt.rx_bad_pkt); 3041 sinfo->tx_packets = le32_to_cpu(pktcnt.tx_good_pkt); 3042 sinfo->tx_failed = le32_to_cpu(pktcnt.tx_bad_pkt); 3043 3044 return 0; 3045 } 3046 3047 static s32 3048 brcmf_cfg80211_get_station(struct wiphy *wiphy, struct net_device *ndev, 3049 const u8 *mac, struct station_info *sinfo) 3050 { 3051 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 3052 struct brcmf_if *ifp = netdev_priv(ndev); 3053 struct brcmf_pub *drvr = cfg->pub; 3054 struct brcmf_scb_val_le scb_val; 3055 s32 err = 0; 3056 struct brcmf_sta_info_le sta_info_le; 3057 u32 sta_flags; 3058 u32 is_tdls_peer; 3059 s32 total_rssi_avg = 0; 3060 s32 total_rssi = 0; 3061 s32 count_rssi = 0; 3062 int rssi; 3063 u32 i; 3064 3065 brcmf_dbg(TRACE, "Enter, MAC %pM\n", mac); 3066 if (!check_vif_up(ifp->vif)) 3067 return -EIO; 3068 3069 if (brcmf_is_ibssmode(ifp->vif)) 3070 return brcmf_cfg80211_get_station_ibss(ifp, sinfo); 3071 3072 memset(&sta_info_le, 0, sizeof(sta_info_le)); 3073 memcpy(&sta_info_le, mac, ETH_ALEN); 3074 err = brcmf_fil_iovar_data_get(ifp, "tdls_sta_info", 3075 &sta_info_le, 3076 sizeof(sta_info_le)); 3077 is_tdls_peer = !err; 3078 if (err) { 3079 err = brcmf_fil_iovar_data_get(ifp, "sta_info", 3080 &sta_info_le, 3081 sizeof(sta_info_le)); 3082 if (err < 0) { 3083 bphy_err(drvr, "GET STA INFO failed, %d\n", err); 3084 goto done; 3085 } 3086 } 3087 brcmf_dbg(TRACE, "version %d\n", le16_to_cpu(sta_info_le.ver)); 3088 sinfo->filled = BIT_ULL(NL80211_STA_INFO_INACTIVE_TIME); 3089 sinfo->inactive_time = le32_to_cpu(sta_info_le.idle) * 1000; 3090 sta_flags = le32_to_cpu(sta_info_le.flags); 3091 brcmf_convert_sta_flags(sta_flags, sinfo); 3092 sinfo->sta_flags.mask |= BIT(NL80211_STA_FLAG_TDLS_PEER); 3093 if (is_tdls_peer) 3094 sinfo->sta_flags.set |= BIT(NL80211_STA_FLAG_TDLS_PEER); 3095 else 3096 sinfo->sta_flags.set &= ~BIT(NL80211_STA_FLAG_TDLS_PEER); 3097 if (sta_flags & BRCMF_STA_ASSOC) { 3098 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_CONNECTED_TIME); 3099 sinfo->connected_time = le32_to_cpu(sta_info_le.in); 3100 brcmf_fill_bss_param(ifp, sinfo); 3101 } 3102 if (sta_flags & BRCMF_STA_SCBSTATS) { 3103 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_FAILED); 3104 sinfo->tx_failed = le32_to_cpu(sta_info_le.tx_failures); 3105 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_PACKETS); 3106 sinfo->tx_packets = le32_to_cpu(sta_info_le.tx_pkts); 3107 sinfo->tx_packets += le32_to_cpu(sta_info_le.tx_mcast_pkts); 3108 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_PACKETS); 3109 sinfo->rx_packets = le32_to_cpu(sta_info_le.rx_ucast_pkts); 3110 sinfo->rx_packets += le32_to_cpu(sta_info_le.rx_mcast_pkts); 3111 if (sinfo->tx_packets) { 3112 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE); 3113 sinfo->txrate.legacy = 3114 le32_to_cpu(sta_info_le.tx_rate) / 100; 3115 } 3116 if (sinfo->rx_packets) { 3117 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BITRATE); 3118 sinfo->rxrate.legacy = 3119 le32_to_cpu(sta_info_le.rx_rate) / 100; 3120 } 3121 if (le16_to_cpu(sta_info_le.ver) >= 4) { 3122 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BYTES); 3123 sinfo->tx_bytes = le64_to_cpu(sta_info_le.tx_tot_bytes); 3124 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BYTES); 3125 sinfo->rx_bytes = le64_to_cpu(sta_info_le.rx_tot_bytes); 3126 } 3127 for (i = 0; i < BRCMF_ANT_MAX; i++) { 3128 if (sta_info_le.rssi[i] == 0 || 3129 sta_info_le.rx_lastpkt_rssi[i] == 0) 3130 continue; 3131 sinfo->chains |= BIT(count_rssi); 3132 sinfo->chain_signal[count_rssi] = 3133 sta_info_le.rx_lastpkt_rssi[i]; 3134 sinfo->chain_signal_avg[count_rssi] = 3135 sta_info_le.rssi[i]; 3136 total_rssi += sta_info_le.rx_lastpkt_rssi[i]; 3137 total_rssi_avg += sta_info_le.rssi[i]; 3138 count_rssi++; 3139 } 3140 if (count_rssi) { 3141 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL); 3142 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL_AVG); 3143 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL); 3144 sinfo->filled |= 3145 BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL_AVG); 3146 sinfo->signal = total_rssi / count_rssi; 3147 sinfo->signal_avg = total_rssi_avg / count_rssi; 3148 } else if (test_bit(BRCMF_VIF_STATUS_CONNECTED, 3149 &ifp->vif->sme_state)) { 3150 memset(&scb_val, 0, sizeof(scb_val)); 3151 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_RSSI, 3152 &scb_val, sizeof(scb_val)); 3153 if (err) { 3154 bphy_err(drvr, "Could not get rssi (%d)\n", 3155 err); 3156 goto done; 3157 } else { 3158 rssi = le32_to_cpu(scb_val.val); 3159 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL); 3160 sinfo->signal = rssi; 3161 brcmf_dbg(CONN, "RSSI %d dBm\n", rssi); 3162 } 3163 } 3164 } 3165 done: 3166 brcmf_dbg(TRACE, "Exit\n"); 3167 return err; 3168 } 3169 3170 static int 3171 brcmf_cfg80211_dump_station(struct wiphy *wiphy, struct net_device *ndev, 3172 int idx, u8 *mac, struct station_info *sinfo) 3173 { 3174 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 3175 struct brcmf_if *ifp = netdev_priv(ndev); 3176 struct brcmf_pub *drvr = cfg->pub; 3177 s32 err; 3178 3179 brcmf_dbg(TRACE, "Enter, idx %d\n", idx); 3180 3181 if (idx == 0) { 3182 cfg->assoclist.count = cpu_to_le32(BRCMF_MAX_ASSOCLIST); 3183 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_ASSOCLIST, 3184 &cfg->assoclist, 3185 sizeof(cfg->assoclist)); 3186 if (err) { 3187 /* GET_ASSOCLIST unsupported by firmware of older chips */ 3188 if (err == -EBADE) 3189 bphy_info_once(drvr, "BRCMF_C_GET_ASSOCLIST unsupported\n"); 3190 else 3191 bphy_err(drvr, "BRCMF_C_GET_ASSOCLIST failed, err=%d\n", 3192 err); 3193 3194 cfg->assoclist.count = 0; 3195 return -EOPNOTSUPP; 3196 } 3197 } 3198 if (idx < le32_to_cpu(cfg->assoclist.count)) { 3199 memcpy(mac, cfg->assoclist.mac[idx], ETH_ALEN); 3200 return brcmf_cfg80211_get_station(wiphy, ndev, mac, sinfo); 3201 } 3202 return -ENOENT; 3203 } 3204 3205 static s32 3206 brcmf_cfg80211_set_power_mgmt(struct wiphy *wiphy, struct net_device *ndev, 3207 bool enabled, s32 timeout) 3208 { 3209 s32 pm; 3210 s32 err = 0; 3211 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 3212 struct brcmf_if *ifp = netdev_priv(ndev); 3213 struct brcmf_pub *drvr = cfg->pub; 3214 3215 brcmf_dbg(TRACE, "Enter\n"); 3216 3217 /* 3218 * Powersave enable/disable request is coming from the 3219 * cfg80211 even before the interface is up. In that 3220 * scenario, driver will be storing the power save 3221 * preference in cfg struct to apply this to 3222 * FW later while initializing the dongle 3223 */ 3224 cfg->pwr_save = enabled; 3225 if (!check_vif_up(ifp->vif)) { 3226 3227 brcmf_dbg(INFO, "Device is not ready, storing the value in cfg_info struct\n"); 3228 goto done; 3229 } 3230 3231 pm = enabled ? PM_FAST : PM_OFF; 3232 /* Do not enable the power save after assoc if it is a p2p interface */ 3233 if (ifp->vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT) { 3234 brcmf_dbg(INFO, "Do not enable power save for P2P clients\n"); 3235 pm = PM_OFF; 3236 } 3237 brcmf_dbg(INFO, "power save %s\n", (pm ? "enabled" : "disabled")); 3238 3239 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, pm); 3240 if (err) { 3241 if (err == -ENODEV) 3242 bphy_err(drvr, "net_device is not ready yet\n"); 3243 else 3244 bphy_err(drvr, "error (%d)\n", err); 3245 } 3246 3247 err = brcmf_fil_iovar_int_set(ifp, "pm2_sleep_ret", 3248 min_t(u32, timeout, BRCMF_PS_MAX_TIMEOUT_MS)); 3249 if (err) 3250 bphy_err(drvr, "Unable to set pm timeout, (%d)\n", err); 3251 3252 done: 3253 brcmf_dbg(TRACE, "Exit\n"); 3254 return err; 3255 } 3256 3257 static s32 brcmf_inform_single_bss(struct brcmf_cfg80211_info *cfg, 3258 struct brcmf_bss_info_le *bi) 3259 { 3260 struct wiphy *wiphy = cfg_to_wiphy(cfg); 3261 struct brcmf_pub *drvr = cfg->pub; 3262 struct cfg80211_bss *bss; 3263 enum nl80211_band band; 3264 struct brcmu_chan ch; 3265 u16 channel; 3266 u32 freq; 3267 u16 notify_capability; 3268 u16 notify_interval; 3269 u8 *notify_ie; 3270 size_t notify_ielen; 3271 struct cfg80211_inform_bss bss_data = {}; 3272 3273 if (le32_to_cpu(bi->length) > WL_BSS_INFO_MAX) { 3274 bphy_err(drvr, "Bss info is larger than buffer. Discarding\n"); 3275 return -EINVAL; 3276 } 3277 3278 if (!bi->ctl_ch) { 3279 ch.chspec = le16_to_cpu(bi->chanspec); 3280 cfg->d11inf.decchspec(&ch); 3281 bi->ctl_ch = ch.control_ch_num; 3282 } 3283 channel = bi->ctl_ch; 3284 3285 if (channel <= CH_MAX_2G_CHANNEL) 3286 band = NL80211_BAND_2GHZ; 3287 else 3288 band = NL80211_BAND_5GHZ; 3289 3290 freq = ieee80211_channel_to_frequency(channel, band); 3291 bss_data.chan = ieee80211_get_channel(wiphy, freq); 3292 bss_data.scan_width = NL80211_BSS_CHAN_WIDTH_20; 3293 bss_data.boottime_ns = ktime_to_ns(ktime_get_boottime()); 3294 3295 notify_capability = le16_to_cpu(bi->capability); 3296 notify_interval = le16_to_cpu(bi->beacon_period); 3297 notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset); 3298 notify_ielen = le32_to_cpu(bi->ie_length); 3299 bss_data.signal = (s16)le16_to_cpu(bi->RSSI) * 100; 3300 3301 brcmf_dbg(CONN, "bssid: %pM\n", bi->BSSID); 3302 brcmf_dbg(CONN, "Channel: %d(%d)\n", channel, freq); 3303 brcmf_dbg(CONN, "Capability: %X\n", notify_capability); 3304 brcmf_dbg(CONN, "Beacon interval: %d\n", notify_interval); 3305 brcmf_dbg(CONN, "Signal: %d\n", bss_data.signal); 3306 3307 bss = cfg80211_inform_bss_data(wiphy, &bss_data, 3308 CFG80211_BSS_FTYPE_UNKNOWN, 3309 (const u8 *)bi->BSSID, 3310 0, notify_capability, 3311 notify_interval, notify_ie, 3312 notify_ielen, GFP_KERNEL); 3313 3314 if (!bss) 3315 return -ENOMEM; 3316 3317 cfg80211_put_bss(wiphy, bss); 3318 3319 return 0; 3320 } 3321 3322 static struct brcmf_bss_info_le * 3323 next_bss_le(struct brcmf_scan_results *list, struct brcmf_bss_info_le *bss) 3324 { 3325 if (bss == NULL) 3326 return list->bss_info_le; 3327 return (struct brcmf_bss_info_le *)((unsigned long)bss + 3328 le32_to_cpu(bss->length)); 3329 } 3330 3331 static s32 brcmf_inform_bss(struct brcmf_cfg80211_info *cfg) 3332 { 3333 struct brcmf_pub *drvr = cfg->pub; 3334 struct brcmf_scan_results *bss_list; 3335 struct brcmf_bss_info_le *bi = NULL; /* must be initialized */ 3336 s32 err = 0; 3337 int i; 3338 3339 bss_list = (struct brcmf_scan_results *)cfg->escan_info.escan_buf; 3340 if (bss_list->count != 0 && 3341 bss_list->version != BRCMF_BSS_INFO_VERSION) { 3342 bphy_err(drvr, "Version %d != WL_BSS_INFO_VERSION\n", 3343 bss_list->version); 3344 return -EOPNOTSUPP; 3345 } 3346 brcmf_dbg(SCAN, "scanned AP count (%d)\n", bss_list->count); 3347 for (i = 0; i < bss_list->count; i++) { 3348 bi = next_bss_le(bss_list, bi); 3349 err = brcmf_inform_single_bss(cfg, bi); 3350 if (err) 3351 break; 3352 } 3353 return err; 3354 } 3355 3356 static s32 brcmf_inform_ibss(struct brcmf_cfg80211_info *cfg, 3357 struct net_device *ndev, const u8 *bssid) 3358 { 3359 struct wiphy *wiphy = cfg_to_wiphy(cfg); 3360 struct brcmf_pub *drvr = cfg->pub; 3361 struct ieee80211_channel *notify_channel; 3362 struct brcmf_bss_info_le *bi = NULL; 3363 struct ieee80211_supported_band *band; 3364 struct cfg80211_bss *bss; 3365 struct brcmu_chan ch; 3366 u8 *buf = NULL; 3367 s32 err = 0; 3368 u32 freq; 3369 u16 notify_capability; 3370 u16 notify_interval; 3371 u8 *notify_ie; 3372 size_t notify_ielen; 3373 s32 notify_signal; 3374 3375 brcmf_dbg(TRACE, "Enter\n"); 3376 3377 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL); 3378 if (buf == NULL) { 3379 err = -ENOMEM; 3380 goto CleanUp; 3381 } 3382 3383 *(__le32 *)buf = cpu_to_le32(WL_BSS_INFO_MAX); 3384 3385 err = brcmf_fil_cmd_data_get(netdev_priv(ndev), BRCMF_C_GET_BSS_INFO, 3386 buf, WL_BSS_INFO_MAX); 3387 if (err) { 3388 bphy_err(drvr, "WLC_GET_BSS_INFO failed: %d\n", err); 3389 goto CleanUp; 3390 } 3391 3392 bi = (struct brcmf_bss_info_le *)(buf + 4); 3393 3394 ch.chspec = le16_to_cpu(bi->chanspec); 3395 cfg->d11inf.decchspec(&ch); 3396 3397 if (ch.band == BRCMU_CHAN_BAND_2G) 3398 band = wiphy->bands[NL80211_BAND_2GHZ]; 3399 else 3400 band = wiphy->bands[NL80211_BAND_5GHZ]; 3401 3402 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band->band); 3403 cfg->channel = freq; 3404 notify_channel = ieee80211_get_channel(wiphy, freq); 3405 3406 notify_capability = le16_to_cpu(bi->capability); 3407 notify_interval = le16_to_cpu(bi->beacon_period); 3408 notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset); 3409 notify_ielen = le32_to_cpu(bi->ie_length); 3410 notify_signal = (s16)le16_to_cpu(bi->RSSI) * 100; 3411 3412 brcmf_dbg(CONN, "channel: %d(%d)\n", ch.control_ch_num, freq); 3413 brcmf_dbg(CONN, "capability: %X\n", notify_capability); 3414 brcmf_dbg(CONN, "beacon interval: %d\n", notify_interval); 3415 brcmf_dbg(CONN, "signal: %d\n", notify_signal); 3416 3417 bss = cfg80211_inform_bss(wiphy, notify_channel, 3418 CFG80211_BSS_FTYPE_UNKNOWN, bssid, 0, 3419 notify_capability, notify_interval, 3420 notify_ie, notify_ielen, notify_signal, 3421 GFP_KERNEL); 3422 3423 if (!bss) { 3424 err = -ENOMEM; 3425 goto CleanUp; 3426 } 3427 3428 cfg80211_put_bss(wiphy, bss); 3429 3430 CleanUp: 3431 3432 kfree(buf); 3433 3434 brcmf_dbg(TRACE, "Exit\n"); 3435 3436 return err; 3437 } 3438 3439 static s32 brcmf_update_bss_info(struct brcmf_cfg80211_info *cfg, 3440 struct brcmf_if *ifp) 3441 { 3442 struct brcmf_pub *drvr = cfg->pub; 3443 struct brcmf_bss_info_le *bi = NULL; 3444 s32 err = 0; 3445 3446 brcmf_dbg(TRACE, "Enter\n"); 3447 if (brcmf_is_ibssmode(ifp->vif)) 3448 return err; 3449 3450 *(__le32 *)cfg->extra_buf = cpu_to_le32(WL_EXTRA_BUF_MAX); 3451 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO, 3452 cfg->extra_buf, WL_EXTRA_BUF_MAX); 3453 if (err) { 3454 bphy_err(drvr, "Could not get bss info %d\n", err); 3455 goto update_bss_info_out; 3456 } 3457 bi = (struct brcmf_bss_info_le *)(cfg->extra_buf + 4); 3458 err = brcmf_inform_single_bss(cfg, bi); 3459 3460 update_bss_info_out: 3461 brcmf_dbg(TRACE, "Exit"); 3462 return err; 3463 } 3464 3465 void brcmf_abort_scanning(struct brcmf_cfg80211_info *cfg) 3466 { 3467 struct escan_info *escan = &cfg->escan_info; 3468 3469 set_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status); 3470 if (cfg->int_escan_map || cfg->scan_request) { 3471 escan->escan_state = WL_ESCAN_STATE_IDLE; 3472 brcmf_notify_escan_complete(cfg, escan->ifp, true, true); 3473 } 3474 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status); 3475 clear_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status); 3476 } 3477 3478 static void brcmf_cfg80211_escan_timeout_worker(struct work_struct *work) 3479 { 3480 struct brcmf_cfg80211_info *cfg = 3481 container_of(work, struct brcmf_cfg80211_info, 3482 escan_timeout_work); 3483 3484 brcmf_inform_bss(cfg); 3485 brcmf_notify_escan_complete(cfg, cfg->escan_info.ifp, true, true); 3486 } 3487 3488 static void brcmf_escan_timeout(struct timer_list *t) 3489 { 3490 struct brcmf_cfg80211_info *cfg = 3491 from_timer(cfg, t, escan_timeout); 3492 struct brcmf_pub *drvr = cfg->pub; 3493 3494 if (cfg->int_escan_map || cfg->scan_request) { 3495 bphy_err(drvr, "timer expired\n"); 3496 schedule_work(&cfg->escan_timeout_work); 3497 } 3498 } 3499 3500 static s32 3501 brcmf_compare_update_same_bss(struct brcmf_cfg80211_info *cfg, 3502 struct brcmf_bss_info_le *bss, 3503 struct brcmf_bss_info_le *bss_info_le) 3504 { 3505 struct brcmu_chan ch_bss, ch_bss_info_le; 3506 3507 ch_bss.chspec = le16_to_cpu(bss->chanspec); 3508 cfg->d11inf.decchspec(&ch_bss); 3509 ch_bss_info_le.chspec = le16_to_cpu(bss_info_le->chanspec); 3510 cfg->d11inf.decchspec(&ch_bss_info_le); 3511 3512 if (!memcmp(&bss_info_le->BSSID, &bss->BSSID, ETH_ALEN) && 3513 ch_bss.band == ch_bss_info_le.band && 3514 bss_info_le->SSID_len == bss->SSID_len && 3515 !memcmp(bss_info_le->SSID, bss->SSID, bss_info_le->SSID_len)) { 3516 if ((bss->flags & BRCMF_BSS_RSSI_ON_CHANNEL) == 3517 (bss_info_le->flags & BRCMF_BSS_RSSI_ON_CHANNEL)) { 3518 s16 bss_rssi = le16_to_cpu(bss->RSSI); 3519 s16 bss_info_rssi = le16_to_cpu(bss_info_le->RSSI); 3520 3521 /* preserve max RSSI if the measurements are 3522 * both on-channel or both off-channel 3523 */ 3524 if (bss_info_rssi > bss_rssi) 3525 bss->RSSI = bss_info_le->RSSI; 3526 } else if ((bss->flags & BRCMF_BSS_RSSI_ON_CHANNEL) && 3527 (bss_info_le->flags & BRCMF_BSS_RSSI_ON_CHANNEL) == 0) { 3528 /* preserve the on-channel rssi measurement 3529 * if the new measurement is off channel 3530 */ 3531 bss->RSSI = bss_info_le->RSSI; 3532 bss->flags |= BRCMF_BSS_RSSI_ON_CHANNEL; 3533 } 3534 return 1; 3535 } 3536 return 0; 3537 } 3538 3539 static s32 3540 brcmf_cfg80211_escan_handler(struct brcmf_if *ifp, 3541 const struct brcmf_event_msg *e, void *data) 3542 { 3543 struct brcmf_pub *drvr = ifp->drvr; 3544 struct brcmf_cfg80211_info *cfg = drvr->config; 3545 s32 status; 3546 struct brcmf_escan_result_le *escan_result_le; 3547 u32 escan_buflen; 3548 struct brcmf_bss_info_le *bss_info_le; 3549 struct brcmf_bss_info_le *bss = NULL; 3550 u32 bi_length; 3551 struct brcmf_scan_results *list; 3552 u32 i; 3553 bool aborted; 3554 3555 status = e->status; 3556 3557 if (status == BRCMF_E_STATUS_ABORT) 3558 goto exit; 3559 3560 if (!test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) { 3561 bphy_err(drvr, "scan not ready, bsscfgidx=%d\n", 3562 ifp->bsscfgidx); 3563 return -EPERM; 3564 } 3565 3566 if (status == BRCMF_E_STATUS_PARTIAL) { 3567 brcmf_dbg(SCAN, "ESCAN Partial result\n"); 3568 if (e->datalen < sizeof(*escan_result_le)) { 3569 bphy_err(drvr, "invalid event data length\n"); 3570 goto exit; 3571 } 3572 escan_result_le = (struct brcmf_escan_result_le *) data; 3573 if (!escan_result_le) { 3574 bphy_err(drvr, "Invalid escan result (NULL pointer)\n"); 3575 goto exit; 3576 } 3577 escan_buflen = le32_to_cpu(escan_result_le->buflen); 3578 if (escan_buflen > BRCMF_ESCAN_BUF_SIZE || 3579 escan_buflen > e->datalen || 3580 escan_buflen < sizeof(*escan_result_le)) { 3581 bphy_err(drvr, "Invalid escan buffer length: %d\n", 3582 escan_buflen); 3583 goto exit; 3584 } 3585 if (le16_to_cpu(escan_result_le->bss_count) != 1) { 3586 bphy_err(drvr, "Invalid bss_count %d: ignoring\n", 3587 escan_result_le->bss_count); 3588 goto exit; 3589 } 3590 bss_info_le = &escan_result_le->bss_info_le; 3591 3592 if (brcmf_p2p_scan_finding_common_channel(cfg, bss_info_le)) 3593 goto exit; 3594 3595 if (!cfg->int_escan_map && !cfg->scan_request) { 3596 brcmf_dbg(SCAN, "result without cfg80211 request\n"); 3597 goto exit; 3598 } 3599 3600 bi_length = le32_to_cpu(bss_info_le->length); 3601 if (bi_length != escan_buflen - WL_ESCAN_RESULTS_FIXED_SIZE) { 3602 bphy_err(drvr, "Ignoring invalid bss_info length: %d\n", 3603 bi_length); 3604 goto exit; 3605 } 3606 3607 if (!(cfg_to_wiphy(cfg)->interface_modes & 3608 BIT(NL80211_IFTYPE_ADHOC))) { 3609 if (le16_to_cpu(bss_info_le->capability) & 3610 WLAN_CAPABILITY_IBSS) { 3611 bphy_err(drvr, "Ignoring IBSS result\n"); 3612 goto exit; 3613 } 3614 } 3615 3616 list = (struct brcmf_scan_results *) 3617 cfg->escan_info.escan_buf; 3618 if (bi_length > BRCMF_ESCAN_BUF_SIZE - list->buflen) { 3619 bphy_err(drvr, "Buffer is too small: ignoring\n"); 3620 goto exit; 3621 } 3622 3623 for (i = 0; i < list->count; i++) { 3624 bss = bss ? (struct brcmf_bss_info_le *) 3625 ((unsigned char *)bss + 3626 le32_to_cpu(bss->length)) : list->bss_info_le; 3627 if (brcmf_compare_update_same_bss(cfg, bss, 3628 bss_info_le)) 3629 goto exit; 3630 } 3631 memcpy(&cfg->escan_info.escan_buf[list->buflen], bss_info_le, 3632 bi_length); 3633 list->version = le32_to_cpu(bss_info_le->version); 3634 list->buflen += bi_length; 3635 list->count++; 3636 } else { 3637 cfg->escan_info.escan_state = WL_ESCAN_STATE_IDLE; 3638 if (brcmf_p2p_scan_finding_common_channel(cfg, NULL)) 3639 goto exit; 3640 if (cfg->int_escan_map || cfg->scan_request) { 3641 brcmf_inform_bss(cfg); 3642 aborted = status != BRCMF_E_STATUS_SUCCESS; 3643 brcmf_notify_escan_complete(cfg, ifp, aborted, false); 3644 } else 3645 brcmf_dbg(SCAN, "Ignored scan complete result 0x%x\n", 3646 status); 3647 } 3648 exit: 3649 return 0; 3650 } 3651 3652 static void brcmf_init_escan(struct brcmf_cfg80211_info *cfg) 3653 { 3654 brcmf_fweh_register(cfg->pub, BRCMF_E_ESCAN_RESULT, 3655 brcmf_cfg80211_escan_handler); 3656 cfg->escan_info.escan_state = WL_ESCAN_STATE_IDLE; 3657 /* Init scan_timeout timer */ 3658 timer_setup(&cfg->escan_timeout, brcmf_escan_timeout, 0); 3659 INIT_WORK(&cfg->escan_timeout_work, 3660 brcmf_cfg80211_escan_timeout_worker); 3661 } 3662 3663 static struct cfg80211_scan_request * 3664 brcmf_alloc_internal_escan_request(struct wiphy *wiphy, u32 n_netinfo) { 3665 struct cfg80211_scan_request *req; 3666 size_t req_size; 3667 3668 req_size = sizeof(*req) + 3669 n_netinfo * sizeof(req->channels[0]) + 3670 n_netinfo * sizeof(*req->ssids); 3671 3672 req = kzalloc(req_size, GFP_KERNEL); 3673 if (req) { 3674 req->wiphy = wiphy; 3675 req->ssids = (void *)(&req->channels[0]) + 3676 n_netinfo * sizeof(req->channels[0]); 3677 } 3678 return req; 3679 } 3680 3681 static int brcmf_internal_escan_add_info(struct cfg80211_scan_request *req, 3682 u8 *ssid, u8 ssid_len, u8 channel) 3683 { 3684 struct ieee80211_channel *chan; 3685 enum nl80211_band band; 3686 int freq, i; 3687 3688 if (channel <= CH_MAX_2G_CHANNEL) 3689 band = NL80211_BAND_2GHZ; 3690 else 3691 band = NL80211_BAND_5GHZ; 3692 3693 freq = ieee80211_channel_to_frequency(channel, band); 3694 if (!freq) 3695 return -EINVAL; 3696 3697 chan = ieee80211_get_channel(req->wiphy, freq); 3698 if (!chan) 3699 return -EINVAL; 3700 3701 for (i = 0; i < req->n_channels; i++) { 3702 if (req->channels[i] == chan) 3703 break; 3704 } 3705 if (i == req->n_channels) 3706 req->channels[req->n_channels++] = chan; 3707 3708 for (i = 0; i < req->n_ssids; i++) { 3709 if (req->ssids[i].ssid_len == ssid_len && 3710 !memcmp(req->ssids[i].ssid, ssid, ssid_len)) 3711 break; 3712 } 3713 if (i == req->n_ssids) { 3714 memcpy(req->ssids[req->n_ssids].ssid, ssid, ssid_len); 3715 req->ssids[req->n_ssids++].ssid_len = ssid_len; 3716 } 3717 return 0; 3718 } 3719 3720 static int brcmf_start_internal_escan(struct brcmf_if *ifp, u32 fwmap, 3721 struct cfg80211_scan_request *request) 3722 { 3723 struct brcmf_cfg80211_info *cfg = ifp->drvr->config; 3724 int err; 3725 3726 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) { 3727 if (cfg->int_escan_map) 3728 brcmf_dbg(SCAN, "aborting internal scan: map=%u\n", 3729 cfg->int_escan_map); 3730 /* Abort any on-going scan */ 3731 brcmf_abort_scanning(cfg); 3732 } 3733 3734 brcmf_dbg(SCAN, "start internal scan: map=%u\n", fwmap); 3735 set_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status); 3736 cfg->escan_info.run = brcmf_run_escan; 3737 err = brcmf_do_escan(ifp, request); 3738 if (err) { 3739 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status); 3740 return err; 3741 } 3742 cfg->int_escan_map = fwmap; 3743 return 0; 3744 } 3745 3746 static struct brcmf_pno_net_info_le * 3747 brcmf_get_netinfo_array(struct brcmf_pno_scanresults_le *pfn_v1) 3748 { 3749 struct brcmf_pno_scanresults_v2_le *pfn_v2; 3750 struct brcmf_pno_net_info_le *netinfo; 3751 3752 switch (pfn_v1->version) { 3753 default: 3754 WARN_ON(1); 3755 fallthrough; 3756 case cpu_to_le32(1): 3757 netinfo = (struct brcmf_pno_net_info_le *)(pfn_v1 + 1); 3758 break; 3759 case cpu_to_le32(2): 3760 pfn_v2 = (struct brcmf_pno_scanresults_v2_le *)pfn_v1; 3761 netinfo = (struct brcmf_pno_net_info_le *)(pfn_v2 + 1); 3762 break; 3763 } 3764 3765 return netinfo; 3766 } 3767 3768 /* PFN result doesn't have all the info which are required by the supplicant 3769 * (For e.g IEs) Do a target Escan so that sched scan results are reported 3770 * via wl_inform_single_bss in the required format. Escan does require the 3771 * scan request in the form of cfg80211_scan_request. For timebeing, create 3772 * cfg80211_scan_request one out of the received PNO event. 3773 */ 3774 static s32 3775 brcmf_notify_sched_scan_results(struct brcmf_if *ifp, 3776 const struct brcmf_event_msg *e, void *data) 3777 { 3778 struct brcmf_pub *drvr = ifp->drvr; 3779 struct brcmf_cfg80211_info *cfg = drvr->config; 3780 struct brcmf_pno_net_info_le *netinfo, *netinfo_start; 3781 struct cfg80211_scan_request *request = NULL; 3782 struct wiphy *wiphy = cfg_to_wiphy(cfg); 3783 int i, err = 0; 3784 struct brcmf_pno_scanresults_le *pfn_result; 3785 u32 bucket_map; 3786 u32 result_count; 3787 u32 status; 3788 u32 datalen; 3789 3790 brcmf_dbg(SCAN, "Enter\n"); 3791 3792 if (e->datalen < (sizeof(*pfn_result) + sizeof(*netinfo))) { 3793 brcmf_dbg(SCAN, "Event data to small. Ignore\n"); 3794 return 0; 3795 } 3796 3797 if (e->event_code == BRCMF_E_PFN_NET_LOST) { 3798 brcmf_dbg(SCAN, "PFN NET LOST event. Do Nothing\n"); 3799 return 0; 3800 } 3801 3802 pfn_result = (struct brcmf_pno_scanresults_le *)data; 3803 result_count = le32_to_cpu(pfn_result->count); 3804 status = le32_to_cpu(pfn_result->status); 3805 3806 /* PFN event is limited to fit 512 bytes so we may get 3807 * multiple NET_FOUND events. For now place a warning here. 3808 */ 3809 WARN_ON(status != BRCMF_PNO_SCAN_COMPLETE); 3810 brcmf_dbg(SCAN, "PFN NET FOUND event. count: %d\n", result_count); 3811 if (!result_count) { 3812 bphy_err(drvr, "FALSE PNO Event. (pfn_count == 0)\n"); 3813 goto out_err; 3814 } 3815 3816 netinfo_start = brcmf_get_netinfo_array(pfn_result); 3817 datalen = e->datalen - ((void *)netinfo_start - (void *)pfn_result); 3818 if (datalen < result_count * sizeof(*netinfo)) { 3819 bphy_err(drvr, "insufficient event data\n"); 3820 goto out_err; 3821 } 3822 3823 request = brcmf_alloc_internal_escan_request(wiphy, 3824 result_count); 3825 if (!request) { 3826 err = -ENOMEM; 3827 goto out_err; 3828 } 3829 3830 bucket_map = 0; 3831 for (i = 0; i < result_count; i++) { 3832 netinfo = &netinfo_start[i]; 3833 3834 if (netinfo->SSID_len > IEEE80211_MAX_SSID_LEN) 3835 netinfo->SSID_len = IEEE80211_MAX_SSID_LEN; 3836 brcmf_dbg(SCAN, "SSID:%.32s Channel:%d\n", 3837 netinfo->SSID, netinfo->channel); 3838 bucket_map |= brcmf_pno_get_bucket_map(cfg->pno, netinfo); 3839 err = brcmf_internal_escan_add_info(request, 3840 netinfo->SSID, 3841 netinfo->SSID_len, 3842 netinfo->channel); 3843 if (err) 3844 goto out_err; 3845 } 3846 3847 if (!bucket_map) 3848 goto free_req; 3849 3850 err = brcmf_start_internal_escan(ifp, bucket_map, request); 3851 if (!err) 3852 goto free_req; 3853 3854 out_err: 3855 cfg80211_sched_scan_stopped(wiphy, 0); 3856 free_req: 3857 kfree(request); 3858 return err; 3859 } 3860 3861 static int 3862 brcmf_cfg80211_sched_scan_start(struct wiphy *wiphy, 3863 struct net_device *ndev, 3864 struct cfg80211_sched_scan_request *req) 3865 { 3866 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 3867 struct brcmf_if *ifp = netdev_priv(ndev); 3868 struct brcmf_pub *drvr = cfg->pub; 3869 3870 brcmf_dbg(SCAN, "Enter: n_match_sets=%d n_ssids=%d\n", 3871 req->n_match_sets, req->n_ssids); 3872 3873 if (test_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status)) { 3874 bphy_err(drvr, "Scanning suppressed: status=%lu\n", 3875 cfg->scan_status); 3876 return -EAGAIN; 3877 } 3878 3879 if (req->n_match_sets <= 0) { 3880 brcmf_dbg(SCAN, "invalid number of matchsets specified: %d\n", 3881 req->n_match_sets); 3882 return -EINVAL; 3883 } 3884 3885 return brcmf_pno_start_sched_scan(ifp, req); 3886 } 3887 3888 static int brcmf_cfg80211_sched_scan_stop(struct wiphy *wiphy, 3889 struct net_device *ndev, u64 reqid) 3890 { 3891 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 3892 struct brcmf_if *ifp = netdev_priv(ndev); 3893 3894 brcmf_dbg(SCAN, "enter\n"); 3895 brcmf_pno_stop_sched_scan(ifp, reqid); 3896 if (cfg->int_escan_map) 3897 brcmf_notify_escan_complete(cfg, ifp, true, true); 3898 return 0; 3899 } 3900 3901 static __always_inline void brcmf_delay(u32 ms) 3902 { 3903 if (ms < 1000 / HZ) { 3904 cond_resched(); 3905 mdelay(ms); 3906 } else { 3907 msleep(ms); 3908 } 3909 } 3910 3911 static s32 brcmf_config_wowl_pattern(struct brcmf_if *ifp, u8 cmd[4], 3912 u8 *pattern, u32 patternsize, u8 *mask, 3913 u32 packet_offset) 3914 { 3915 struct brcmf_fil_wowl_pattern_le *filter; 3916 u32 masksize; 3917 u32 patternoffset; 3918 u8 *buf; 3919 u32 bufsize; 3920 s32 ret; 3921 3922 masksize = (patternsize + 7) / 8; 3923 patternoffset = sizeof(*filter) - sizeof(filter->cmd) + masksize; 3924 3925 bufsize = sizeof(*filter) + patternsize + masksize; 3926 buf = kzalloc(bufsize, GFP_KERNEL); 3927 if (!buf) 3928 return -ENOMEM; 3929 filter = (struct brcmf_fil_wowl_pattern_le *)buf; 3930 3931 memcpy(filter->cmd, cmd, 4); 3932 filter->masksize = cpu_to_le32(masksize); 3933 filter->offset = cpu_to_le32(packet_offset); 3934 filter->patternoffset = cpu_to_le32(patternoffset); 3935 filter->patternsize = cpu_to_le32(patternsize); 3936 filter->type = cpu_to_le32(BRCMF_WOWL_PATTERN_TYPE_BITMAP); 3937 3938 if ((mask) && (masksize)) 3939 memcpy(buf + sizeof(*filter), mask, masksize); 3940 if ((pattern) && (patternsize)) 3941 memcpy(buf + sizeof(*filter) + masksize, pattern, patternsize); 3942 3943 ret = brcmf_fil_iovar_data_set(ifp, "wowl_pattern", buf, bufsize); 3944 3945 kfree(buf); 3946 return ret; 3947 } 3948 3949 static s32 3950 brcmf_wowl_nd_results(struct brcmf_if *ifp, const struct brcmf_event_msg *e, 3951 void *data) 3952 { 3953 struct brcmf_pub *drvr = ifp->drvr; 3954 struct brcmf_cfg80211_info *cfg = drvr->config; 3955 struct brcmf_pno_scanresults_le *pfn_result; 3956 struct brcmf_pno_net_info_le *netinfo; 3957 3958 brcmf_dbg(SCAN, "Enter\n"); 3959 3960 if (e->datalen < (sizeof(*pfn_result) + sizeof(*netinfo))) { 3961 brcmf_dbg(SCAN, "Event data to small. Ignore\n"); 3962 return 0; 3963 } 3964 3965 pfn_result = (struct brcmf_pno_scanresults_le *)data; 3966 3967 if (e->event_code == BRCMF_E_PFN_NET_LOST) { 3968 brcmf_dbg(SCAN, "PFN NET LOST event. Ignore\n"); 3969 return 0; 3970 } 3971 3972 if (le32_to_cpu(pfn_result->count) < 1) { 3973 bphy_err(drvr, "Invalid result count, expected 1 (%d)\n", 3974 le32_to_cpu(pfn_result->count)); 3975 return -EINVAL; 3976 } 3977 3978 netinfo = brcmf_get_netinfo_array(pfn_result); 3979 if (netinfo->SSID_len > IEEE80211_MAX_SSID_LEN) 3980 netinfo->SSID_len = IEEE80211_MAX_SSID_LEN; 3981 memcpy(cfg->wowl.nd->ssid.ssid, netinfo->SSID, netinfo->SSID_len); 3982 cfg->wowl.nd->ssid.ssid_len = netinfo->SSID_len; 3983 cfg->wowl.nd->n_channels = 1; 3984 cfg->wowl.nd->channels[0] = 3985 ieee80211_channel_to_frequency(netinfo->channel, 3986 netinfo->channel <= CH_MAX_2G_CHANNEL ? 3987 NL80211_BAND_2GHZ : NL80211_BAND_5GHZ); 3988 cfg->wowl.nd_info->n_matches = 1; 3989 cfg->wowl.nd_info->matches[0] = cfg->wowl.nd; 3990 3991 /* Inform (the resume task) that the net detect information was recvd */ 3992 cfg->wowl.nd_data_completed = true; 3993 wake_up(&cfg->wowl.nd_data_wait); 3994 3995 return 0; 3996 } 3997 3998 #ifdef CONFIG_PM 3999 4000 static void brcmf_report_wowl_wakeind(struct wiphy *wiphy, struct brcmf_if *ifp) 4001 { 4002 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 4003 struct brcmf_pub *drvr = cfg->pub; 4004 struct brcmf_wowl_wakeind_le wake_ind_le; 4005 struct cfg80211_wowlan_wakeup wakeup_data; 4006 struct cfg80211_wowlan_wakeup *wakeup; 4007 u32 wakeind; 4008 s32 err; 4009 int timeout; 4010 4011 err = brcmf_fil_iovar_data_get(ifp, "wowl_wakeind", &wake_ind_le, 4012 sizeof(wake_ind_le)); 4013 if (err) { 4014 bphy_err(drvr, "Get wowl_wakeind failed, err = %d\n", err); 4015 return; 4016 } 4017 4018 wakeind = le32_to_cpu(wake_ind_le.ucode_wakeind); 4019 if (wakeind & (BRCMF_WOWL_MAGIC | BRCMF_WOWL_DIS | BRCMF_WOWL_BCN | 4020 BRCMF_WOWL_RETR | BRCMF_WOWL_NET | 4021 BRCMF_WOWL_PFN_FOUND)) { 4022 wakeup = &wakeup_data; 4023 memset(&wakeup_data, 0, sizeof(wakeup_data)); 4024 wakeup_data.pattern_idx = -1; 4025 4026 if (wakeind & BRCMF_WOWL_MAGIC) { 4027 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_MAGIC\n"); 4028 wakeup_data.magic_pkt = true; 4029 } 4030 if (wakeind & BRCMF_WOWL_DIS) { 4031 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_DIS\n"); 4032 wakeup_data.disconnect = true; 4033 } 4034 if (wakeind & BRCMF_WOWL_BCN) { 4035 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_BCN\n"); 4036 wakeup_data.disconnect = true; 4037 } 4038 if (wakeind & BRCMF_WOWL_RETR) { 4039 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_RETR\n"); 4040 wakeup_data.disconnect = true; 4041 } 4042 if (wakeind & BRCMF_WOWL_NET) { 4043 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_NET\n"); 4044 /* For now always map to pattern 0, no API to get 4045 * correct information available at the moment. 4046 */ 4047 wakeup_data.pattern_idx = 0; 4048 } 4049 if (wakeind & BRCMF_WOWL_PFN_FOUND) { 4050 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_PFN_FOUND\n"); 4051 timeout = wait_event_timeout(cfg->wowl.nd_data_wait, 4052 cfg->wowl.nd_data_completed, 4053 BRCMF_ND_INFO_TIMEOUT); 4054 if (!timeout) 4055 bphy_err(drvr, "No result for wowl net detect\n"); 4056 else 4057 wakeup_data.net_detect = cfg->wowl.nd_info; 4058 } 4059 if (wakeind & BRCMF_WOWL_GTK_FAILURE) { 4060 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_GTK_FAILURE\n"); 4061 wakeup_data.gtk_rekey_failure = true; 4062 } 4063 } else { 4064 wakeup = NULL; 4065 } 4066 cfg80211_report_wowlan_wakeup(&ifp->vif->wdev, wakeup, GFP_KERNEL); 4067 } 4068 4069 #else 4070 4071 static void brcmf_report_wowl_wakeind(struct wiphy *wiphy, struct brcmf_if *ifp) 4072 { 4073 } 4074 4075 #endif /* CONFIG_PM */ 4076 4077 static s32 brcmf_cfg80211_resume(struct wiphy *wiphy) 4078 { 4079 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 4080 struct net_device *ndev = cfg_to_ndev(cfg); 4081 struct brcmf_if *ifp = netdev_priv(ndev); 4082 4083 brcmf_dbg(TRACE, "Enter\n"); 4084 4085 if (cfg->wowl.active) { 4086 brcmf_report_wowl_wakeind(wiphy, ifp); 4087 brcmf_fil_iovar_int_set(ifp, "wowl_clear", 0); 4088 brcmf_config_wowl_pattern(ifp, "clr", NULL, 0, NULL, 0); 4089 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ARP_ND)) 4090 brcmf_configure_arp_nd_offload(ifp, true); 4091 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, 4092 cfg->wowl.pre_pmmode); 4093 cfg->wowl.active = false; 4094 if (cfg->wowl.nd_enabled) { 4095 brcmf_cfg80211_sched_scan_stop(cfg->wiphy, ifp->ndev, 0); 4096 brcmf_fweh_unregister(cfg->pub, BRCMF_E_PFN_NET_FOUND); 4097 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND, 4098 brcmf_notify_sched_scan_results); 4099 cfg->wowl.nd_enabled = false; 4100 } 4101 } 4102 return 0; 4103 } 4104 4105 static void brcmf_configure_wowl(struct brcmf_cfg80211_info *cfg, 4106 struct brcmf_if *ifp, 4107 struct cfg80211_wowlan *wowl) 4108 { 4109 u32 wowl_config; 4110 struct brcmf_wowl_wakeind_le wowl_wakeind; 4111 u32 i; 4112 4113 brcmf_dbg(TRACE, "Suspend, wowl config.\n"); 4114 4115 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ARP_ND)) 4116 brcmf_configure_arp_nd_offload(ifp, false); 4117 brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_PM, &cfg->wowl.pre_pmmode); 4118 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, PM_MAX); 4119 4120 wowl_config = 0; 4121 if (wowl->disconnect) 4122 wowl_config = BRCMF_WOWL_DIS | BRCMF_WOWL_BCN | BRCMF_WOWL_RETR; 4123 if (wowl->magic_pkt) 4124 wowl_config |= BRCMF_WOWL_MAGIC; 4125 if ((wowl->patterns) && (wowl->n_patterns)) { 4126 wowl_config |= BRCMF_WOWL_NET; 4127 for (i = 0; i < wowl->n_patterns; i++) { 4128 brcmf_config_wowl_pattern(ifp, "add", 4129 (u8 *)wowl->patterns[i].pattern, 4130 wowl->patterns[i].pattern_len, 4131 (u8 *)wowl->patterns[i].mask, 4132 wowl->patterns[i].pkt_offset); 4133 } 4134 } 4135 if (wowl->nd_config) { 4136 brcmf_cfg80211_sched_scan_start(cfg->wiphy, ifp->ndev, 4137 wowl->nd_config); 4138 wowl_config |= BRCMF_WOWL_PFN_FOUND; 4139 4140 cfg->wowl.nd_data_completed = false; 4141 cfg->wowl.nd_enabled = true; 4142 /* Now reroute the event for PFN to the wowl function. */ 4143 brcmf_fweh_unregister(cfg->pub, BRCMF_E_PFN_NET_FOUND); 4144 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND, 4145 brcmf_wowl_nd_results); 4146 } 4147 if (wowl->gtk_rekey_failure) 4148 wowl_config |= BRCMF_WOWL_GTK_FAILURE; 4149 if (!test_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state)) 4150 wowl_config |= BRCMF_WOWL_UNASSOC; 4151 4152 memcpy(&wowl_wakeind, "clear", 6); 4153 brcmf_fil_iovar_data_set(ifp, "wowl_wakeind", &wowl_wakeind, 4154 sizeof(wowl_wakeind)); 4155 brcmf_fil_iovar_int_set(ifp, "wowl", wowl_config); 4156 brcmf_fil_iovar_int_set(ifp, "wowl_activate", 1); 4157 brcmf_bus_wowl_config(cfg->pub->bus_if, true); 4158 cfg->wowl.active = true; 4159 } 4160 4161 static int brcmf_keepalive_start(struct brcmf_if *ifp, unsigned int interval) 4162 { 4163 struct brcmf_mkeep_alive_pkt_le kalive = {0}; 4164 int ret = 0; 4165 4166 /* Configure Null function/data keepalive */ 4167 kalive.version = cpu_to_le16(1); 4168 kalive.period_msec = cpu_to_le32(interval * MSEC_PER_SEC); 4169 kalive.len_bytes = cpu_to_le16(0); 4170 kalive.keep_alive_id = 0; 4171 4172 ret = brcmf_fil_iovar_data_set(ifp, "mkeep_alive", &kalive, sizeof(kalive)); 4173 if (ret) 4174 brcmf_err("keep-alive packet config failed, ret=%d\n", ret); 4175 4176 return ret; 4177 } 4178 4179 static s32 brcmf_cfg80211_suspend(struct wiphy *wiphy, 4180 struct cfg80211_wowlan *wowl) 4181 { 4182 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 4183 struct net_device *ndev = cfg_to_ndev(cfg); 4184 struct brcmf_if *ifp = netdev_priv(ndev); 4185 struct brcmf_cfg80211_vif *vif; 4186 4187 brcmf_dbg(TRACE, "Enter\n"); 4188 4189 /* if the primary net_device is not READY there is nothing 4190 * we can do but pray resume goes smoothly. 4191 */ 4192 if (!check_vif_up(ifp->vif)) 4193 goto exit; 4194 4195 /* Stop scheduled scan */ 4196 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO)) 4197 brcmf_cfg80211_sched_scan_stop(wiphy, ndev, 0); 4198 4199 /* end any scanning */ 4200 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) 4201 brcmf_abort_scanning(cfg); 4202 4203 if (wowl == NULL) { 4204 brcmf_bus_wowl_config(cfg->pub->bus_if, false); 4205 list_for_each_entry(vif, &cfg->vif_list, list) { 4206 if (!test_bit(BRCMF_VIF_STATUS_READY, &vif->sme_state)) 4207 continue; 4208 /* While going to suspend if associated with AP 4209 * disassociate from AP to save power while system is 4210 * in suspended state 4211 */ 4212 brcmf_link_down(vif, WLAN_REASON_UNSPECIFIED, true); 4213 /* Make sure WPA_Supplicant receives all the event 4214 * generated due to DISASSOC call to the fw to keep 4215 * the state fw and WPA_Supplicant state consistent 4216 */ 4217 brcmf_delay(500); 4218 } 4219 /* Configure MPC */ 4220 brcmf_set_mpc(ifp, 1); 4221 4222 } else { 4223 /* Configure WOWL paramaters */ 4224 brcmf_configure_wowl(cfg, ifp, wowl); 4225 4226 /* Prevent disassociation due to inactivity with keep-alive */ 4227 brcmf_keepalive_start(ifp, 30); 4228 } 4229 4230 exit: 4231 brcmf_dbg(TRACE, "Exit\n"); 4232 /* clear any scanning activity */ 4233 cfg->scan_status = 0; 4234 return 0; 4235 } 4236 4237 static __used s32 4238 brcmf_update_pmklist(struct brcmf_cfg80211_info *cfg, struct brcmf_if *ifp) 4239 { 4240 struct brcmf_pmk_list_le *pmk_list; 4241 int i; 4242 u32 npmk; 4243 4244 pmk_list = &cfg->pmk_list; 4245 npmk = le32_to_cpu(pmk_list->npmk); 4246 4247 brcmf_dbg(CONN, "No of elements %d\n", npmk); 4248 for (i = 0; i < npmk; i++) 4249 brcmf_dbg(CONN, "PMK[%d]: %pM\n", i, &pmk_list->pmk[i].bssid); 4250 4251 return brcmf_fil_iovar_data_set(ifp, "pmkid_info", pmk_list, 4252 sizeof(*pmk_list)); 4253 } 4254 4255 static s32 4256 brcmf_cfg80211_set_pmksa(struct wiphy *wiphy, struct net_device *ndev, 4257 struct cfg80211_pmksa *pmksa) 4258 { 4259 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 4260 struct brcmf_if *ifp = netdev_priv(ndev); 4261 struct brcmf_pmksa *pmk = &cfg->pmk_list.pmk[0]; 4262 struct brcmf_pub *drvr = cfg->pub; 4263 s32 err; 4264 u32 npmk, i; 4265 4266 brcmf_dbg(TRACE, "Enter\n"); 4267 if (!check_vif_up(ifp->vif)) 4268 return -EIO; 4269 4270 npmk = le32_to_cpu(cfg->pmk_list.npmk); 4271 for (i = 0; i < npmk; i++) 4272 if (!memcmp(pmksa->bssid, pmk[i].bssid, ETH_ALEN)) 4273 break; 4274 if (i < BRCMF_MAXPMKID) { 4275 memcpy(pmk[i].bssid, pmksa->bssid, ETH_ALEN); 4276 memcpy(pmk[i].pmkid, pmksa->pmkid, WLAN_PMKID_LEN); 4277 if (i == npmk) { 4278 npmk++; 4279 cfg->pmk_list.npmk = cpu_to_le32(npmk); 4280 } 4281 } else { 4282 bphy_err(drvr, "Too many PMKSA entries cached %d\n", npmk); 4283 return -EINVAL; 4284 } 4285 4286 brcmf_dbg(CONN, "set_pmksa - PMK bssid: %pM =\n", pmk[npmk].bssid); 4287 brcmf_dbg(CONN, "%*ph\n", WLAN_PMKID_LEN, pmk[npmk].pmkid); 4288 4289 err = brcmf_update_pmklist(cfg, ifp); 4290 4291 brcmf_dbg(TRACE, "Exit\n"); 4292 return err; 4293 } 4294 4295 static s32 4296 brcmf_cfg80211_del_pmksa(struct wiphy *wiphy, struct net_device *ndev, 4297 struct cfg80211_pmksa *pmksa) 4298 { 4299 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 4300 struct brcmf_if *ifp = netdev_priv(ndev); 4301 struct brcmf_pmksa *pmk = &cfg->pmk_list.pmk[0]; 4302 struct brcmf_pub *drvr = cfg->pub; 4303 s32 err; 4304 u32 npmk, i; 4305 4306 brcmf_dbg(TRACE, "Enter\n"); 4307 if (!check_vif_up(ifp->vif)) 4308 return -EIO; 4309 4310 brcmf_dbg(CONN, "del_pmksa - PMK bssid = %pM\n", pmksa->bssid); 4311 4312 npmk = le32_to_cpu(cfg->pmk_list.npmk); 4313 for (i = 0; i < npmk; i++) 4314 if (!memcmp(pmksa->bssid, pmk[i].bssid, ETH_ALEN)) 4315 break; 4316 4317 if ((npmk > 0) && (i < npmk)) { 4318 for (; i < (npmk - 1); i++) { 4319 memcpy(&pmk[i].bssid, &pmk[i + 1].bssid, ETH_ALEN); 4320 memcpy(&pmk[i].pmkid, &pmk[i + 1].pmkid, 4321 WLAN_PMKID_LEN); 4322 } 4323 memset(&pmk[i], 0, sizeof(*pmk)); 4324 cfg->pmk_list.npmk = cpu_to_le32(npmk - 1); 4325 } else { 4326 bphy_err(drvr, "Cache entry not found\n"); 4327 return -EINVAL; 4328 } 4329 4330 err = brcmf_update_pmklist(cfg, ifp); 4331 4332 brcmf_dbg(TRACE, "Exit\n"); 4333 return err; 4334 4335 } 4336 4337 static s32 4338 brcmf_cfg80211_flush_pmksa(struct wiphy *wiphy, struct net_device *ndev) 4339 { 4340 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 4341 struct brcmf_if *ifp = netdev_priv(ndev); 4342 s32 err; 4343 4344 brcmf_dbg(TRACE, "Enter\n"); 4345 if (!check_vif_up(ifp->vif)) 4346 return -EIO; 4347 4348 memset(&cfg->pmk_list, 0, sizeof(cfg->pmk_list)); 4349 err = brcmf_update_pmklist(cfg, ifp); 4350 4351 brcmf_dbg(TRACE, "Exit\n"); 4352 return err; 4353 4354 } 4355 4356 static s32 brcmf_configure_opensecurity(struct brcmf_if *ifp) 4357 { 4358 struct brcmf_pub *drvr = ifp->drvr; 4359 s32 err; 4360 s32 wpa_val; 4361 4362 /* set auth */ 4363 err = brcmf_fil_bsscfg_int_set(ifp, "auth", 0); 4364 if (err < 0) { 4365 bphy_err(drvr, "auth error %d\n", err); 4366 return err; 4367 } 4368 /* set wsec */ 4369 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", 0); 4370 if (err < 0) { 4371 bphy_err(drvr, "wsec error %d\n", err); 4372 return err; 4373 } 4374 /* set upper-layer auth */ 4375 if (brcmf_is_ibssmode(ifp->vif)) 4376 wpa_val = WPA_AUTH_NONE; 4377 else 4378 wpa_val = WPA_AUTH_DISABLED; 4379 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", wpa_val); 4380 if (err < 0) { 4381 bphy_err(drvr, "wpa_auth error %d\n", err); 4382 return err; 4383 } 4384 4385 return 0; 4386 } 4387 4388 static bool brcmf_valid_wpa_oui(u8 *oui, bool is_rsn_ie) 4389 { 4390 if (is_rsn_ie) 4391 return (memcmp(oui, RSN_OUI, TLV_OUI_LEN) == 0); 4392 4393 return (memcmp(oui, WPA_OUI, TLV_OUI_LEN) == 0); 4394 } 4395 4396 static s32 4397 brcmf_configure_wpaie(struct brcmf_if *ifp, 4398 const struct brcmf_vs_tlv *wpa_ie, 4399 bool is_rsn_ie) 4400 { 4401 struct brcmf_pub *drvr = ifp->drvr; 4402 u32 auth = 0; /* d11 open authentication */ 4403 u16 count; 4404 s32 err = 0; 4405 s32 len; 4406 u32 i; 4407 u32 wsec; 4408 u32 pval = 0; 4409 u32 gval = 0; 4410 u32 wpa_auth = 0; 4411 u32 offset; 4412 u8 *data; 4413 u16 rsn_cap; 4414 u32 wme_bss_disable; 4415 u32 mfp; 4416 4417 brcmf_dbg(TRACE, "Enter\n"); 4418 if (wpa_ie == NULL) 4419 goto exit; 4420 4421 len = wpa_ie->len + TLV_HDR_LEN; 4422 data = (u8 *)wpa_ie; 4423 offset = TLV_HDR_LEN; 4424 if (!is_rsn_ie) 4425 offset += VS_IE_FIXED_HDR_LEN; 4426 else 4427 offset += WPA_IE_VERSION_LEN; 4428 4429 /* check for multicast cipher suite */ 4430 if (offset + WPA_IE_MIN_OUI_LEN > len) { 4431 err = -EINVAL; 4432 bphy_err(drvr, "no multicast cipher suite\n"); 4433 goto exit; 4434 } 4435 4436 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) { 4437 err = -EINVAL; 4438 bphy_err(drvr, "ivalid OUI\n"); 4439 goto exit; 4440 } 4441 offset += TLV_OUI_LEN; 4442 4443 /* pick up multicast cipher */ 4444 switch (data[offset]) { 4445 case WPA_CIPHER_NONE: 4446 gval = 0; 4447 break; 4448 case WPA_CIPHER_WEP_40: 4449 case WPA_CIPHER_WEP_104: 4450 gval = WEP_ENABLED; 4451 break; 4452 case WPA_CIPHER_TKIP: 4453 gval = TKIP_ENABLED; 4454 break; 4455 case WPA_CIPHER_AES_CCM: 4456 gval = AES_ENABLED; 4457 break; 4458 default: 4459 err = -EINVAL; 4460 bphy_err(drvr, "Invalid multi cast cipher info\n"); 4461 goto exit; 4462 } 4463 4464 offset++; 4465 /* walk thru unicast cipher list and pick up what we recognize */ 4466 count = data[offset] + (data[offset + 1] << 8); 4467 offset += WPA_IE_SUITE_COUNT_LEN; 4468 /* Check for unicast suite(s) */ 4469 if (offset + (WPA_IE_MIN_OUI_LEN * count) > len) { 4470 err = -EINVAL; 4471 bphy_err(drvr, "no unicast cipher suite\n"); 4472 goto exit; 4473 } 4474 for (i = 0; i < count; i++) { 4475 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) { 4476 err = -EINVAL; 4477 bphy_err(drvr, "ivalid OUI\n"); 4478 goto exit; 4479 } 4480 offset += TLV_OUI_LEN; 4481 switch (data[offset]) { 4482 case WPA_CIPHER_NONE: 4483 break; 4484 case WPA_CIPHER_WEP_40: 4485 case WPA_CIPHER_WEP_104: 4486 pval |= WEP_ENABLED; 4487 break; 4488 case WPA_CIPHER_TKIP: 4489 pval |= TKIP_ENABLED; 4490 break; 4491 case WPA_CIPHER_AES_CCM: 4492 pval |= AES_ENABLED; 4493 break; 4494 default: 4495 bphy_err(drvr, "Invalid unicast security info\n"); 4496 } 4497 offset++; 4498 } 4499 /* walk thru auth management suite list and pick up what we recognize */ 4500 count = data[offset] + (data[offset + 1] << 8); 4501 offset += WPA_IE_SUITE_COUNT_LEN; 4502 /* Check for auth key management suite(s) */ 4503 if (offset + (WPA_IE_MIN_OUI_LEN * count) > len) { 4504 err = -EINVAL; 4505 bphy_err(drvr, "no auth key mgmt suite\n"); 4506 goto exit; 4507 } 4508 for (i = 0; i < count; i++) { 4509 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) { 4510 err = -EINVAL; 4511 bphy_err(drvr, "ivalid OUI\n"); 4512 goto exit; 4513 } 4514 offset += TLV_OUI_LEN; 4515 switch (data[offset]) { 4516 case RSN_AKM_NONE: 4517 brcmf_dbg(TRACE, "RSN_AKM_NONE\n"); 4518 wpa_auth |= WPA_AUTH_NONE; 4519 break; 4520 case RSN_AKM_UNSPECIFIED: 4521 brcmf_dbg(TRACE, "RSN_AKM_UNSPECIFIED\n"); 4522 is_rsn_ie ? (wpa_auth |= WPA2_AUTH_UNSPECIFIED) : 4523 (wpa_auth |= WPA_AUTH_UNSPECIFIED); 4524 break; 4525 case RSN_AKM_PSK: 4526 brcmf_dbg(TRACE, "RSN_AKM_PSK\n"); 4527 is_rsn_ie ? (wpa_auth |= WPA2_AUTH_PSK) : 4528 (wpa_auth |= WPA_AUTH_PSK); 4529 break; 4530 case RSN_AKM_SHA256_PSK: 4531 brcmf_dbg(TRACE, "RSN_AKM_MFP_PSK\n"); 4532 wpa_auth |= WPA2_AUTH_PSK_SHA256; 4533 break; 4534 case RSN_AKM_SHA256_1X: 4535 brcmf_dbg(TRACE, "RSN_AKM_MFP_1X\n"); 4536 wpa_auth |= WPA2_AUTH_1X_SHA256; 4537 break; 4538 case RSN_AKM_SAE: 4539 brcmf_dbg(TRACE, "RSN_AKM_SAE\n"); 4540 wpa_auth |= WPA3_AUTH_SAE_PSK; 4541 break; 4542 default: 4543 bphy_err(drvr, "Invalid key mgmt info\n"); 4544 } 4545 offset++; 4546 } 4547 4548 mfp = BRCMF_MFP_NONE; 4549 if (is_rsn_ie) { 4550 wme_bss_disable = 1; 4551 if ((offset + RSN_CAP_LEN) <= len) { 4552 rsn_cap = data[offset] + (data[offset + 1] << 8); 4553 if (rsn_cap & RSN_CAP_PTK_REPLAY_CNTR_MASK) 4554 wme_bss_disable = 0; 4555 if (rsn_cap & RSN_CAP_MFPR_MASK) { 4556 brcmf_dbg(TRACE, "MFP Required\n"); 4557 mfp = BRCMF_MFP_REQUIRED; 4558 /* Firmware only supports mfp required in 4559 * combination with WPA2_AUTH_PSK_SHA256, 4560 * WPA2_AUTH_1X_SHA256, or WPA3_AUTH_SAE_PSK. 4561 */ 4562 if (!(wpa_auth & (WPA2_AUTH_PSK_SHA256 | 4563 WPA2_AUTH_1X_SHA256 | 4564 WPA3_AUTH_SAE_PSK))) { 4565 err = -EINVAL; 4566 goto exit; 4567 } 4568 /* Firmware has requirement that WPA2_AUTH_PSK/ 4569 * WPA2_AUTH_UNSPECIFIED be set, if SHA256 OUI 4570 * is to be included in the rsn ie. 4571 */ 4572 if (wpa_auth & WPA2_AUTH_PSK_SHA256) 4573 wpa_auth |= WPA2_AUTH_PSK; 4574 else if (wpa_auth & WPA2_AUTH_1X_SHA256) 4575 wpa_auth |= WPA2_AUTH_UNSPECIFIED; 4576 } else if (rsn_cap & RSN_CAP_MFPC_MASK) { 4577 brcmf_dbg(TRACE, "MFP Capable\n"); 4578 mfp = BRCMF_MFP_CAPABLE; 4579 } 4580 } 4581 offset += RSN_CAP_LEN; 4582 /* set wme_bss_disable to sync RSN Capabilities */ 4583 err = brcmf_fil_bsscfg_int_set(ifp, "wme_bss_disable", 4584 wme_bss_disable); 4585 if (err < 0) { 4586 bphy_err(drvr, "wme_bss_disable error %d\n", err); 4587 goto exit; 4588 } 4589 4590 /* Skip PMKID cnt as it is know to be 0 for AP. */ 4591 offset += RSN_PMKID_COUNT_LEN; 4592 4593 /* See if there is BIP wpa suite left for MFP */ 4594 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP) && 4595 ((offset + WPA_IE_MIN_OUI_LEN) <= len)) { 4596 err = brcmf_fil_bsscfg_data_set(ifp, "bip", 4597 &data[offset], 4598 WPA_IE_MIN_OUI_LEN); 4599 if (err < 0) { 4600 bphy_err(drvr, "bip error %d\n", err); 4601 goto exit; 4602 } 4603 } 4604 } 4605 /* FOR WPS , set SES_OW_ENABLED */ 4606 wsec = (pval | gval | SES_OW_ENABLED); 4607 4608 /* set auth */ 4609 err = brcmf_fil_bsscfg_int_set(ifp, "auth", auth); 4610 if (err < 0) { 4611 bphy_err(drvr, "auth error %d\n", err); 4612 goto exit; 4613 } 4614 /* set wsec */ 4615 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec); 4616 if (err < 0) { 4617 bphy_err(drvr, "wsec error %d\n", err); 4618 goto exit; 4619 } 4620 /* Configure MFP, this needs to go after wsec otherwise the wsec command 4621 * will overwrite the values set by MFP 4622 */ 4623 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP)) { 4624 err = brcmf_fil_bsscfg_int_set(ifp, "mfp", mfp); 4625 if (err < 0) { 4626 bphy_err(drvr, "mfp error %d\n", err); 4627 goto exit; 4628 } 4629 } 4630 /* set upper-layer auth */ 4631 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", wpa_auth); 4632 if (err < 0) { 4633 bphy_err(drvr, "wpa_auth error %d\n", err); 4634 goto exit; 4635 } 4636 4637 exit: 4638 return err; 4639 } 4640 4641 static s32 4642 brcmf_parse_vndr_ies(const u8 *vndr_ie_buf, u32 vndr_ie_len, 4643 struct parsed_vndr_ies *vndr_ies) 4644 { 4645 struct brcmf_vs_tlv *vndrie; 4646 struct brcmf_tlv *ie; 4647 struct parsed_vndr_ie_info *parsed_info; 4648 s32 remaining_len; 4649 4650 remaining_len = (s32)vndr_ie_len; 4651 memset(vndr_ies, 0, sizeof(*vndr_ies)); 4652 4653 ie = (struct brcmf_tlv *)vndr_ie_buf; 4654 while (ie) { 4655 if (ie->id != WLAN_EID_VENDOR_SPECIFIC) 4656 goto next; 4657 vndrie = (struct brcmf_vs_tlv *)ie; 4658 /* len should be bigger than OUI length + one */ 4659 if (vndrie->len < (VS_IE_FIXED_HDR_LEN - TLV_HDR_LEN + 1)) { 4660 brcmf_err("invalid vndr ie. length is too small %d\n", 4661 vndrie->len); 4662 goto next; 4663 } 4664 /* if wpa or wme ie, do not add ie */ 4665 if (!memcmp(vndrie->oui, (u8 *)WPA_OUI, TLV_OUI_LEN) && 4666 ((vndrie->oui_type == WPA_OUI_TYPE) || 4667 (vndrie->oui_type == WME_OUI_TYPE))) { 4668 brcmf_dbg(TRACE, "Found WPA/WME oui. Do not add it\n"); 4669 goto next; 4670 } 4671 4672 parsed_info = &vndr_ies->ie_info[vndr_ies->count]; 4673 4674 /* save vndr ie information */ 4675 parsed_info->ie_ptr = (char *)vndrie; 4676 parsed_info->ie_len = vndrie->len + TLV_HDR_LEN; 4677 memcpy(&parsed_info->vndrie, vndrie, sizeof(*vndrie)); 4678 4679 vndr_ies->count++; 4680 4681 brcmf_dbg(TRACE, "** OUI %3ph, type 0x%02x\n", 4682 parsed_info->vndrie.oui, 4683 parsed_info->vndrie.oui_type); 4684 4685 if (vndr_ies->count >= VNDR_IE_PARSE_LIMIT) 4686 break; 4687 next: 4688 remaining_len -= (ie->len + TLV_HDR_LEN); 4689 if (remaining_len <= TLV_HDR_LEN) 4690 ie = NULL; 4691 else 4692 ie = (struct brcmf_tlv *)(((u8 *)ie) + ie->len + 4693 TLV_HDR_LEN); 4694 } 4695 return 0; 4696 } 4697 4698 static u32 4699 brcmf_vndr_ie(u8 *iebuf, s32 pktflag, u8 *ie_ptr, u32 ie_len, s8 *add_del_cmd) 4700 { 4701 strscpy(iebuf, add_del_cmd, VNDR_IE_CMD_LEN); 4702 4703 put_unaligned_le32(1, &iebuf[VNDR_IE_COUNT_OFFSET]); 4704 4705 put_unaligned_le32(pktflag, &iebuf[VNDR_IE_PKTFLAG_OFFSET]); 4706 4707 memcpy(&iebuf[VNDR_IE_VSIE_OFFSET], ie_ptr, ie_len); 4708 4709 return ie_len + VNDR_IE_HDR_SIZE; 4710 } 4711 4712 s32 brcmf_vif_set_mgmt_ie(struct brcmf_cfg80211_vif *vif, s32 pktflag, 4713 const u8 *vndr_ie_buf, u32 vndr_ie_len) 4714 { 4715 struct brcmf_pub *drvr; 4716 struct brcmf_if *ifp; 4717 struct vif_saved_ie *saved_ie; 4718 s32 err = 0; 4719 u8 *iovar_ie_buf; 4720 u8 *curr_ie_buf; 4721 u8 *mgmt_ie_buf = NULL; 4722 int mgmt_ie_buf_len; 4723 u32 *mgmt_ie_len; 4724 u32 del_add_ie_buf_len = 0; 4725 u32 total_ie_buf_len = 0; 4726 u32 parsed_ie_buf_len = 0; 4727 struct parsed_vndr_ies old_vndr_ies; 4728 struct parsed_vndr_ies new_vndr_ies; 4729 struct parsed_vndr_ie_info *vndrie_info; 4730 s32 i; 4731 u8 *ptr; 4732 int remained_buf_len; 4733 4734 if (!vif) 4735 return -ENODEV; 4736 ifp = vif->ifp; 4737 drvr = ifp->drvr; 4738 saved_ie = &vif->saved_ie; 4739 4740 brcmf_dbg(TRACE, "bsscfgidx %d, pktflag : 0x%02X\n", ifp->bsscfgidx, 4741 pktflag); 4742 iovar_ie_buf = kzalloc(WL_EXTRA_BUF_MAX, GFP_KERNEL); 4743 if (!iovar_ie_buf) 4744 return -ENOMEM; 4745 curr_ie_buf = iovar_ie_buf; 4746 switch (pktflag) { 4747 case BRCMF_VNDR_IE_PRBREQ_FLAG: 4748 mgmt_ie_buf = saved_ie->probe_req_ie; 4749 mgmt_ie_len = &saved_ie->probe_req_ie_len; 4750 mgmt_ie_buf_len = sizeof(saved_ie->probe_req_ie); 4751 break; 4752 case BRCMF_VNDR_IE_PRBRSP_FLAG: 4753 mgmt_ie_buf = saved_ie->probe_res_ie; 4754 mgmt_ie_len = &saved_ie->probe_res_ie_len; 4755 mgmt_ie_buf_len = sizeof(saved_ie->probe_res_ie); 4756 break; 4757 case BRCMF_VNDR_IE_BEACON_FLAG: 4758 mgmt_ie_buf = saved_ie->beacon_ie; 4759 mgmt_ie_len = &saved_ie->beacon_ie_len; 4760 mgmt_ie_buf_len = sizeof(saved_ie->beacon_ie); 4761 break; 4762 case BRCMF_VNDR_IE_ASSOCREQ_FLAG: 4763 mgmt_ie_buf = saved_ie->assoc_req_ie; 4764 mgmt_ie_len = &saved_ie->assoc_req_ie_len; 4765 mgmt_ie_buf_len = sizeof(saved_ie->assoc_req_ie); 4766 break; 4767 case BRCMF_VNDR_IE_ASSOCRSP_FLAG: 4768 mgmt_ie_buf = saved_ie->assoc_res_ie; 4769 mgmt_ie_len = &saved_ie->assoc_res_ie_len; 4770 mgmt_ie_buf_len = sizeof(saved_ie->assoc_res_ie); 4771 break; 4772 default: 4773 err = -EPERM; 4774 bphy_err(drvr, "not suitable type\n"); 4775 goto exit; 4776 } 4777 4778 if (vndr_ie_len > mgmt_ie_buf_len) { 4779 err = -ENOMEM; 4780 bphy_err(drvr, "extra IE size too big\n"); 4781 goto exit; 4782 } 4783 4784 /* parse and save new vndr_ie in curr_ie_buff before comparing it */ 4785 if (vndr_ie_buf && vndr_ie_len && curr_ie_buf) { 4786 ptr = curr_ie_buf; 4787 brcmf_parse_vndr_ies(vndr_ie_buf, vndr_ie_len, &new_vndr_ies); 4788 for (i = 0; i < new_vndr_ies.count; i++) { 4789 vndrie_info = &new_vndr_ies.ie_info[i]; 4790 memcpy(ptr + parsed_ie_buf_len, vndrie_info->ie_ptr, 4791 vndrie_info->ie_len); 4792 parsed_ie_buf_len += vndrie_info->ie_len; 4793 } 4794 } 4795 4796 if (mgmt_ie_buf && *mgmt_ie_len) { 4797 if (parsed_ie_buf_len && (parsed_ie_buf_len == *mgmt_ie_len) && 4798 (memcmp(mgmt_ie_buf, curr_ie_buf, 4799 parsed_ie_buf_len) == 0)) { 4800 brcmf_dbg(TRACE, "Previous mgmt IE equals to current IE\n"); 4801 goto exit; 4802 } 4803 4804 /* parse old vndr_ie */ 4805 brcmf_parse_vndr_ies(mgmt_ie_buf, *mgmt_ie_len, &old_vndr_ies); 4806 4807 /* make a command to delete old ie */ 4808 for (i = 0; i < old_vndr_ies.count; i++) { 4809 vndrie_info = &old_vndr_ies.ie_info[i]; 4810 4811 brcmf_dbg(TRACE, "DEL ID : %d, Len: %d , OUI:%3ph\n", 4812 vndrie_info->vndrie.id, 4813 vndrie_info->vndrie.len, 4814 vndrie_info->vndrie.oui); 4815 4816 del_add_ie_buf_len = brcmf_vndr_ie(curr_ie_buf, pktflag, 4817 vndrie_info->ie_ptr, 4818 vndrie_info->ie_len, 4819 "del"); 4820 curr_ie_buf += del_add_ie_buf_len; 4821 total_ie_buf_len += del_add_ie_buf_len; 4822 } 4823 } 4824 4825 *mgmt_ie_len = 0; 4826 /* Add if there is any extra IE */ 4827 if (mgmt_ie_buf && parsed_ie_buf_len) { 4828 ptr = mgmt_ie_buf; 4829 4830 remained_buf_len = mgmt_ie_buf_len; 4831 4832 /* make a command to add new ie */ 4833 for (i = 0; i < new_vndr_ies.count; i++) { 4834 vndrie_info = &new_vndr_ies.ie_info[i]; 4835 4836 /* verify remained buf size before copy data */ 4837 if (remained_buf_len < (vndrie_info->vndrie.len + 4838 VNDR_IE_VSIE_OFFSET)) { 4839 bphy_err(drvr, "no space in mgmt_ie_buf: len left %d", 4840 remained_buf_len); 4841 break; 4842 } 4843 remained_buf_len -= (vndrie_info->ie_len + 4844 VNDR_IE_VSIE_OFFSET); 4845 4846 brcmf_dbg(TRACE, "ADDED ID : %d, Len: %d, OUI:%3ph\n", 4847 vndrie_info->vndrie.id, 4848 vndrie_info->vndrie.len, 4849 vndrie_info->vndrie.oui); 4850 4851 del_add_ie_buf_len = brcmf_vndr_ie(curr_ie_buf, pktflag, 4852 vndrie_info->ie_ptr, 4853 vndrie_info->ie_len, 4854 "add"); 4855 4856 /* save the parsed IE in wl struct */ 4857 memcpy(ptr + (*mgmt_ie_len), vndrie_info->ie_ptr, 4858 vndrie_info->ie_len); 4859 *mgmt_ie_len += vndrie_info->ie_len; 4860 4861 curr_ie_buf += del_add_ie_buf_len; 4862 total_ie_buf_len += del_add_ie_buf_len; 4863 } 4864 } 4865 if (total_ie_buf_len) { 4866 err = brcmf_fil_bsscfg_data_set(ifp, "vndr_ie", iovar_ie_buf, 4867 total_ie_buf_len); 4868 if (err) 4869 bphy_err(drvr, "vndr ie set error : %d\n", err); 4870 } 4871 4872 exit: 4873 kfree(iovar_ie_buf); 4874 return err; 4875 } 4876 4877 s32 brcmf_vif_clear_mgmt_ies(struct brcmf_cfg80211_vif *vif) 4878 { 4879 static const s32 pktflags[] = { 4880 BRCMF_VNDR_IE_PRBREQ_FLAG, 4881 BRCMF_VNDR_IE_PRBRSP_FLAG, 4882 BRCMF_VNDR_IE_BEACON_FLAG 4883 }; 4884 int i; 4885 4886 for (i = 0; i < ARRAY_SIZE(pktflags); i++) 4887 brcmf_vif_set_mgmt_ie(vif, pktflags[i], NULL, 0); 4888 4889 memset(&vif->saved_ie, 0, sizeof(vif->saved_ie)); 4890 return 0; 4891 } 4892 4893 static s32 4894 brcmf_config_ap_mgmt_ie(struct brcmf_cfg80211_vif *vif, 4895 struct cfg80211_beacon_data *beacon) 4896 { 4897 struct brcmf_pub *drvr = vif->ifp->drvr; 4898 s32 err; 4899 4900 /* Set Beacon IEs to FW */ 4901 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_BEACON_FLAG, 4902 beacon->tail, beacon->tail_len); 4903 if (err) { 4904 bphy_err(drvr, "Set Beacon IE Failed\n"); 4905 return err; 4906 } 4907 brcmf_dbg(TRACE, "Applied Vndr IEs for Beacon\n"); 4908 4909 /* Set Probe Response IEs to FW */ 4910 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_PRBRSP_FLAG, 4911 beacon->proberesp_ies, 4912 beacon->proberesp_ies_len); 4913 if (err) 4914 bphy_err(drvr, "Set Probe Resp IE Failed\n"); 4915 else 4916 brcmf_dbg(TRACE, "Applied Vndr IEs for Probe Resp\n"); 4917 4918 /* Set Assoc Response IEs to FW */ 4919 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_ASSOCRSP_FLAG, 4920 beacon->assocresp_ies, 4921 beacon->assocresp_ies_len); 4922 if (err) 4923 brcmf_err("Set Assoc Resp IE Failed\n"); 4924 else 4925 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc Resp\n"); 4926 4927 return err; 4928 } 4929 4930 static s32 4931 brcmf_parse_configure_security(struct brcmf_if *ifp, 4932 struct cfg80211_ap_settings *settings, 4933 enum nl80211_iftype dev_role) 4934 { 4935 const struct brcmf_tlv *rsn_ie; 4936 const struct brcmf_vs_tlv *wpa_ie; 4937 s32 err = 0; 4938 4939 /* find the RSN_IE */ 4940 rsn_ie = brcmf_parse_tlvs((u8 *)settings->beacon.tail, 4941 settings->beacon.tail_len, WLAN_EID_RSN); 4942 4943 /* find the WPA_IE */ 4944 wpa_ie = brcmf_find_wpaie((u8 *)settings->beacon.tail, 4945 settings->beacon.tail_len); 4946 4947 if (wpa_ie || rsn_ie) { 4948 brcmf_dbg(TRACE, "WPA(2) IE is found\n"); 4949 if (wpa_ie) { 4950 /* WPA IE */ 4951 err = brcmf_configure_wpaie(ifp, wpa_ie, false); 4952 if (err < 0) 4953 return err; 4954 } else { 4955 struct brcmf_vs_tlv *tmp_ie; 4956 4957 tmp_ie = (struct brcmf_vs_tlv *)rsn_ie; 4958 4959 /* RSN IE */ 4960 err = brcmf_configure_wpaie(ifp, tmp_ie, true); 4961 if (err < 0) 4962 return err; 4963 } 4964 } else { 4965 brcmf_dbg(TRACE, "No WPA(2) IEs found\n"); 4966 brcmf_configure_opensecurity(ifp); 4967 } 4968 4969 return err; 4970 } 4971 4972 static s32 4973 brcmf_cfg80211_start_ap(struct wiphy *wiphy, struct net_device *ndev, 4974 struct cfg80211_ap_settings *settings) 4975 { 4976 s32 ie_offset; 4977 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 4978 struct brcmf_if *ifp = netdev_priv(ndev); 4979 struct brcmf_pub *drvr = cfg->pub; 4980 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile; 4981 struct cfg80211_crypto_settings *crypto = &settings->crypto; 4982 const struct brcmf_tlv *ssid_ie; 4983 const struct brcmf_tlv *country_ie; 4984 struct brcmf_ssid_le ssid_le; 4985 s32 err = -EPERM; 4986 struct brcmf_join_params join_params; 4987 enum nl80211_iftype dev_role; 4988 struct brcmf_fil_bss_enable_le bss_enable; 4989 u16 chanspec = chandef_to_chanspec(&cfg->d11inf, &settings->chandef); 4990 bool mbss; 4991 int is_11d; 4992 bool supports_11d; 4993 4994 brcmf_dbg(TRACE, "ctrlchn=%d, center=%d, bw=%d, beacon_interval=%d, dtim_period=%d,\n", 4995 settings->chandef.chan->hw_value, 4996 settings->chandef.center_freq1, settings->chandef.width, 4997 settings->beacon_interval, settings->dtim_period); 4998 brcmf_dbg(TRACE, "ssid=%s(%zu), auth_type=%d, inactivity_timeout=%d\n", 4999 settings->ssid, settings->ssid_len, settings->auth_type, 5000 settings->inactivity_timeout); 5001 dev_role = ifp->vif->wdev.iftype; 5002 mbss = ifp->vif->mbss; 5003 5004 /* store current 11d setting */ 5005 if (brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_REGULATORY, 5006 &ifp->vif->is_11d)) { 5007 is_11d = supports_11d = false; 5008 } else { 5009 country_ie = brcmf_parse_tlvs((u8 *)settings->beacon.tail, 5010 settings->beacon.tail_len, 5011 WLAN_EID_COUNTRY); 5012 is_11d = country_ie ? 1 : 0; 5013 supports_11d = true; 5014 } 5015 5016 memset(&ssid_le, 0, sizeof(ssid_le)); 5017 if (settings->ssid == NULL || settings->ssid_len == 0) { 5018 ie_offset = DOT11_MGMT_HDR_LEN + DOT11_BCN_PRB_FIXED_LEN; 5019 ssid_ie = brcmf_parse_tlvs( 5020 (u8 *)&settings->beacon.head[ie_offset], 5021 settings->beacon.head_len - ie_offset, 5022 WLAN_EID_SSID); 5023 if (!ssid_ie || ssid_ie->len > IEEE80211_MAX_SSID_LEN) 5024 return -EINVAL; 5025 5026 memcpy(ssid_le.SSID, ssid_ie->data, ssid_ie->len); 5027 ssid_le.SSID_len = cpu_to_le32(ssid_ie->len); 5028 brcmf_dbg(TRACE, "SSID is (%s) in Head\n", ssid_le.SSID); 5029 } else { 5030 memcpy(ssid_le.SSID, settings->ssid, settings->ssid_len); 5031 ssid_le.SSID_len = cpu_to_le32((u32)settings->ssid_len); 5032 } 5033 5034 if (!mbss) { 5035 brcmf_set_mpc(ifp, 0); 5036 brcmf_configure_arp_nd_offload(ifp, false); 5037 } 5038 5039 /* Parameters shared by all radio interfaces */ 5040 if (!mbss) { 5041 if ((supports_11d) && (is_11d != ifp->vif->is_11d)) { 5042 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_REGULATORY, 5043 is_11d); 5044 if (err < 0) { 5045 bphy_err(drvr, "Regulatory Set Error, %d\n", 5046 err); 5047 goto exit; 5048 } 5049 } 5050 if (settings->beacon_interval) { 5051 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_BCNPRD, 5052 settings->beacon_interval); 5053 if (err < 0) { 5054 bphy_err(drvr, "Beacon Interval Set Error, %d\n", 5055 err); 5056 goto exit; 5057 } 5058 } 5059 if (settings->dtim_period) { 5060 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_DTIMPRD, 5061 settings->dtim_period); 5062 if (err < 0) { 5063 bphy_err(drvr, "DTIM Interval Set Error, %d\n", 5064 err); 5065 goto exit; 5066 } 5067 } 5068 5069 if ((dev_role == NL80211_IFTYPE_AP) && 5070 ((ifp->ifidx == 0) || 5071 (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_RSDB) && 5072 !brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MCHAN)))) { 5073 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1); 5074 if (err < 0) { 5075 bphy_err(drvr, "BRCMF_C_DOWN error %d\n", 5076 err); 5077 goto exit; 5078 } 5079 brcmf_fil_iovar_int_set(ifp, "apsta", 0); 5080 } 5081 5082 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_INFRA, 1); 5083 if (err < 0) { 5084 bphy_err(drvr, "SET INFRA error %d\n", err); 5085 goto exit; 5086 } 5087 } else if (WARN_ON(supports_11d && (is_11d != ifp->vif->is_11d))) { 5088 /* Multiple-BSS should use same 11d configuration */ 5089 err = -EINVAL; 5090 goto exit; 5091 } 5092 5093 /* Interface specific setup */ 5094 if (dev_role == NL80211_IFTYPE_AP) { 5095 if ((brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS)) && (!mbss)) 5096 brcmf_fil_iovar_int_set(ifp, "mbss", 1); 5097 5098 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_AP, 1); 5099 if (err < 0) { 5100 bphy_err(drvr, "setting AP mode failed %d\n", 5101 err); 5102 goto exit; 5103 } 5104 if (!mbss) { 5105 /* Firmware 10.x requires setting channel after enabling 5106 * AP and before bringing interface up. 5107 */ 5108 err = brcmf_fil_iovar_int_set(ifp, "chanspec", chanspec); 5109 if (err < 0) { 5110 bphy_err(drvr, "Set Channel failed: chspec=%d, %d\n", 5111 chanspec, err); 5112 goto exit; 5113 } 5114 } 5115 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1); 5116 if (err < 0) { 5117 bphy_err(drvr, "BRCMF_C_UP error (%d)\n", err); 5118 goto exit; 5119 } 5120 5121 if (crypto->psk) { 5122 brcmf_dbg(INFO, "using PSK offload\n"); 5123 profile->use_fwauth |= BIT(BRCMF_PROFILE_FWAUTH_PSK); 5124 err = brcmf_set_pmk(ifp, crypto->psk, 5125 BRCMF_WSEC_MAX_PSK_LEN); 5126 if (err < 0) 5127 goto exit; 5128 } 5129 if (crypto->sae_pwd) { 5130 brcmf_dbg(INFO, "using SAE offload\n"); 5131 profile->use_fwauth |= BIT(BRCMF_PROFILE_FWAUTH_SAE); 5132 err = brcmf_set_sae_password(ifp, crypto->sae_pwd, 5133 crypto->sae_pwd_len); 5134 if (err < 0) 5135 goto exit; 5136 } 5137 if (profile->use_fwauth == 0) 5138 profile->use_fwauth = BIT(BRCMF_PROFILE_FWAUTH_NONE); 5139 5140 err = brcmf_parse_configure_security(ifp, settings, 5141 NL80211_IFTYPE_AP); 5142 if (err < 0) { 5143 bphy_err(drvr, "brcmf_parse_configure_security error\n"); 5144 goto exit; 5145 } 5146 5147 /* On DOWN the firmware removes the WEP keys, reconfigure 5148 * them if they were set. 5149 */ 5150 brcmf_cfg80211_reconfigure_wep(ifp); 5151 5152 memset(&join_params, 0, sizeof(join_params)); 5153 /* join parameters starts with ssid */ 5154 memcpy(&join_params.ssid_le, &ssid_le, sizeof(ssid_le)); 5155 /* create softap */ 5156 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID, 5157 &join_params, sizeof(join_params)); 5158 if (err < 0) { 5159 bphy_err(drvr, "SET SSID error (%d)\n", err); 5160 goto exit; 5161 } 5162 5163 err = brcmf_fil_iovar_int_set(ifp, "closednet", 5164 settings->hidden_ssid); 5165 if (err) { 5166 bphy_err(drvr, "%s closednet error (%d)\n", 5167 settings->hidden_ssid ? 5168 "enabled" : "disabled", 5169 err); 5170 goto exit; 5171 } 5172 5173 brcmf_dbg(TRACE, "AP mode configuration complete\n"); 5174 } else if (dev_role == NL80211_IFTYPE_P2P_GO) { 5175 err = brcmf_fil_iovar_int_set(ifp, "chanspec", chanspec); 5176 if (err < 0) { 5177 bphy_err(drvr, "Set Channel failed: chspec=%d, %d\n", 5178 chanspec, err); 5179 goto exit; 5180 } 5181 5182 err = brcmf_parse_configure_security(ifp, settings, 5183 NL80211_IFTYPE_P2P_GO); 5184 if (err < 0) { 5185 brcmf_err("brcmf_parse_configure_security error\n"); 5186 goto exit; 5187 } 5188 5189 err = brcmf_fil_bsscfg_data_set(ifp, "ssid", &ssid_le, 5190 sizeof(ssid_le)); 5191 if (err < 0) { 5192 bphy_err(drvr, "setting ssid failed %d\n", err); 5193 goto exit; 5194 } 5195 bss_enable.bsscfgidx = cpu_to_le32(ifp->bsscfgidx); 5196 bss_enable.enable = cpu_to_le32(1); 5197 err = brcmf_fil_iovar_data_set(ifp, "bss", &bss_enable, 5198 sizeof(bss_enable)); 5199 if (err < 0) { 5200 bphy_err(drvr, "bss_enable config failed %d\n", err); 5201 goto exit; 5202 } 5203 5204 brcmf_dbg(TRACE, "GO mode configuration complete\n"); 5205 } else { 5206 WARN_ON(1); 5207 } 5208 5209 brcmf_config_ap_mgmt_ie(ifp->vif, &settings->beacon); 5210 set_bit(BRCMF_VIF_STATUS_AP_CREATED, &ifp->vif->sme_state); 5211 brcmf_net_setcarrier(ifp, true); 5212 5213 exit: 5214 if ((err) && (!mbss)) { 5215 brcmf_set_mpc(ifp, 1); 5216 brcmf_configure_arp_nd_offload(ifp, true); 5217 } 5218 return err; 5219 } 5220 5221 static int brcmf_cfg80211_stop_ap(struct wiphy *wiphy, struct net_device *ndev, 5222 unsigned int link_id) 5223 { 5224 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 5225 struct brcmf_if *ifp = netdev_priv(ndev); 5226 struct brcmf_pub *drvr = cfg->pub; 5227 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile; 5228 s32 err; 5229 struct brcmf_fil_bss_enable_le bss_enable; 5230 struct brcmf_join_params join_params; 5231 5232 brcmf_dbg(TRACE, "Enter\n"); 5233 5234 if (ifp->vif->wdev.iftype == NL80211_IFTYPE_AP) { 5235 /* Due to most likely deauths outstanding we sleep */ 5236 /* first to make sure they get processed by fw. */ 5237 msleep(400); 5238 5239 if (profile->use_fwauth != BIT(BRCMF_PROFILE_FWAUTH_NONE)) { 5240 if (profile->use_fwauth & BIT(BRCMF_PROFILE_FWAUTH_PSK)) 5241 brcmf_set_pmk(ifp, NULL, 0); 5242 if (profile->use_fwauth & BIT(BRCMF_PROFILE_FWAUTH_SAE)) 5243 brcmf_set_sae_password(ifp, NULL, 0); 5244 profile->use_fwauth = BIT(BRCMF_PROFILE_FWAUTH_NONE); 5245 } 5246 5247 if (ifp->vif->mbss) { 5248 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1); 5249 return err; 5250 } 5251 5252 /* First BSS doesn't get a full reset */ 5253 if (ifp->bsscfgidx == 0) 5254 brcmf_fil_iovar_int_set(ifp, "closednet", 0); 5255 5256 memset(&join_params, 0, sizeof(join_params)); 5257 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID, 5258 &join_params, sizeof(join_params)); 5259 if (err < 0) 5260 bphy_err(drvr, "SET SSID error (%d)\n", err); 5261 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1); 5262 if (err < 0) 5263 bphy_err(drvr, "BRCMF_C_DOWN error %d\n", err); 5264 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_AP, 0); 5265 if (err < 0) 5266 bphy_err(drvr, "setting AP mode failed %d\n", err); 5267 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS)) 5268 brcmf_fil_iovar_int_set(ifp, "mbss", 0); 5269 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_REGULATORY, 5270 ifp->vif->is_11d); 5271 /* Bring device back up so it can be used again */ 5272 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1); 5273 if (err < 0) 5274 bphy_err(drvr, "BRCMF_C_UP error %d\n", err); 5275 5276 brcmf_vif_clear_mgmt_ies(ifp->vif); 5277 } else { 5278 bss_enable.bsscfgidx = cpu_to_le32(ifp->bsscfgidx); 5279 bss_enable.enable = cpu_to_le32(0); 5280 err = brcmf_fil_iovar_data_set(ifp, "bss", &bss_enable, 5281 sizeof(bss_enable)); 5282 if (err < 0) 5283 bphy_err(drvr, "bss_enable config failed %d\n", err); 5284 } 5285 brcmf_set_mpc(ifp, 1); 5286 brcmf_configure_arp_nd_offload(ifp, true); 5287 clear_bit(BRCMF_VIF_STATUS_AP_CREATED, &ifp->vif->sme_state); 5288 brcmf_net_setcarrier(ifp, false); 5289 5290 return err; 5291 } 5292 5293 static s32 5294 brcmf_cfg80211_change_beacon(struct wiphy *wiphy, struct net_device *ndev, 5295 struct cfg80211_beacon_data *info) 5296 { 5297 struct brcmf_if *ifp = netdev_priv(ndev); 5298 5299 brcmf_dbg(TRACE, "Enter\n"); 5300 5301 return brcmf_config_ap_mgmt_ie(ifp->vif, info); 5302 } 5303 5304 static int 5305 brcmf_cfg80211_del_station(struct wiphy *wiphy, struct net_device *ndev, 5306 struct station_del_parameters *params) 5307 { 5308 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 5309 struct brcmf_pub *drvr = cfg->pub; 5310 struct brcmf_scb_val_le scbval; 5311 struct brcmf_if *ifp = netdev_priv(ndev); 5312 s32 err; 5313 5314 if (!params->mac) 5315 return -EFAULT; 5316 5317 brcmf_dbg(TRACE, "Enter %pM\n", params->mac); 5318 5319 if (ifp->vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif) 5320 ifp = cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif->ifp; 5321 if (!check_vif_up(ifp->vif)) 5322 return -EIO; 5323 5324 memcpy(&scbval.ea, params->mac, ETH_ALEN); 5325 scbval.val = cpu_to_le32(params->reason_code); 5326 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SCB_DEAUTHENTICATE_FOR_REASON, 5327 &scbval, sizeof(scbval)); 5328 if (err) 5329 bphy_err(drvr, "SCB_DEAUTHENTICATE_FOR_REASON failed %d\n", 5330 err); 5331 5332 brcmf_dbg(TRACE, "Exit\n"); 5333 return err; 5334 } 5335 5336 static int 5337 brcmf_cfg80211_change_station(struct wiphy *wiphy, struct net_device *ndev, 5338 const u8 *mac, struct station_parameters *params) 5339 { 5340 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 5341 struct brcmf_pub *drvr = cfg->pub; 5342 struct brcmf_if *ifp = netdev_priv(ndev); 5343 s32 err; 5344 5345 brcmf_dbg(TRACE, "Enter, MAC %pM, mask 0x%04x set 0x%04x\n", mac, 5346 params->sta_flags_mask, params->sta_flags_set); 5347 5348 /* Ignore all 00 MAC */ 5349 if (is_zero_ether_addr(mac)) 5350 return 0; 5351 5352 if (!(params->sta_flags_mask & BIT(NL80211_STA_FLAG_AUTHORIZED))) 5353 return 0; 5354 5355 if (params->sta_flags_set & BIT(NL80211_STA_FLAG_AUTHORIZED)) 5356 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SCB_AUTHORIZE, 5357 (void *)mac, ETH_ALEN); 5358 else 5359 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SCB_DEAUTHORIZE, 5360 (void *)mac, ETH_ALEN); 5361 if (err < 0) 5362 bphy_err(drvr, "Setting SCB (de-)authorize failed, %d\n", err); 5363 5364 return err; 5365 } 5366 5367 static void 5368 brcmf_cfg80211_update_mgmt_frame_registrations(struct wiphy *wiphy, 5369 struct wireless_dev *wdev, 5370 struct mgmt_frame_regs *upd) 5371 { 5372 struct brcmf_cfg80211_vif *vif; 5373 5374 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev); 5375 5376 vif->mgmt_rx_reg = upd->interface_stypes; 5377 } 5378 5379 5380 static int 5381 brcmf_cfg80211_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev, 5382 struct cfg80211_mgmt_tx_params *params, u64 *cookie) 5383 { 5384 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 5385 struct ieee80211_channel *chan = params->chan; 5386 struct brcmf_pub *drvr = cfg->pub; 5387 const u8 *buf = params->buf; 5388 size_t len = params->len; 5389 const struct ieee80211_mgmt *mgmt; 5390 struct brcmf_cfg80211_vif *vif; 5391 s32 err = 0; 5392 s32 ie_offset; 5393 s32 ie_len; 5394 struct brcmf_fil_action_frame_le *action_frame; 5395 struct brcmf_fil_af_params_le *af_params; 5396 bool ack; 5397 s32 chan_nr; 5398 u32 freq; 5399 5400 brcmf_dbg(TRACE, "Enter\n"); 5401 5402 *cookie = 0; 5403 5404 mgmt = (const struct ieee80211_mgmt *)buf; 5405 5406 if (!ieee80211_is_mgmt(mgmt->frame_control)) { 5407 bphy_err(drvr, "Driver only allows MGMT packet type\n"); 5408 return -EPERM; 5409 } 5410 5411 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev); 5412 5413 if (ieee80211_is_probe_resp(mgmt->frame_control)) { 5414 /* Right now the only reason to get a probe response */ 5415 /* is for p2p listen response or for p2p GO from */ 5416 /* wpa_supplicant. Unfortunately the probe is send */ 5417 /* on primary ndev, while dongle wants it on the p2p */ 5418 /* vif. Since this is only reason for a probe */ 5419 /* response to be sent, the vif is taken from cfg. */ 5420 /* If ever desired to send proberesp for non p2p */ 5421 /* response then data should be checked for */ 5422 /* "DIRECT-". Note in future supplicant will take */ 5423 /* dedicated p2p wdev to do this and then this 'hack'*/ 5424 /* is not needed anymore. */ 5425 ie_offset = DOT11_MGMT_HDR_LEN + 5426 DOT11_BCN_PRB_FIXED_LEN; 5427 ie_len = len - ie_offset; 5428 if (vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif) 5429 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif; 5430 err = brcmf_vif_set_mgmt_ie(vif, 5431 BRCMF_VNDR_IE_PRBRSP_FLAG, 5432 &buf[ie_offset], 5433 ie_len); 5434 cfg80211_mgmt_tx_status(wdev, *cookie, buf, len, true, 5435 GFP_KERNEL); 5436 } else if (ieee80211_is_action(mgmt->frame_control)) { 5437 if (len > BRCMF_FIL_ACTION_FRAME_SIZE + DOT11_MGMT_HDR_LEN) { 5438 bphy_err(drvr, "invalid action frame length\n"); 5439 err = -EINVAL; 5440 goto exit; 5441 } 5442 af_params = kzalloc(sizeof(*af_params), GFP_KERNEL); 5443 if (af_params == NULL) { 5444 bphy_err(drvr, "unable to allocate frame\n"); 5445 err = -ENOMEM; 5446 goto exit; 5447 } 5448 action_frame = &af_params->action_frame; 5449 /* Add the packet Id */ 5450 action_frame->packet_id = cpu_to_le32(*cookie); 5451 /* Add BSSID */ 5452 memcpy(&action_frame->da[0], &mgmt->da[0], ETH_ALEN); 5453 memcpy(&af_params->bssid[0], &mgmt->bssid[0], ETH_ALEN); 5454 /* Add the length exepted for 802.11 header */ 5455 action_frame->len = cpu_to_le16(len - DOT11_MGMT_HDR_LEN); 5456 /* Add the channel. Use the one specified as parameter if any or 5457 * the current one (got from the firmware) otherwise 5458 */ 5459 if (chan) 5460 freq = chan->center_freq; 5461 else 5462 brcmf_fil_cmd_int_get(vif->ifp, BRCMF_C_GET_CHANNEL, 5463 &freq); 5464 chan_nr = ieee80211_frequency_to_channel(freq); 5465 af_params->channel = cpu_to_le32(chan_nr); 5466 af_params->dwell_time = cpu_to_le32(params->wait); 5467 memcpy(action_frame->data, &buf[DOT11_MGMT_HDR_LEN], 5468 le16_to_cpu(action_frame->len)); 5469 5470 brcmf_dbg(TRACE, "Action frame, cookie=%lld, len=%d, freq=%d\n", 5471 *cookie, le16_to_cpu(action_frame->len), freq); 5472 5473 ack = brcmf_p2p_send_action_frame(cfg, cfg_to_ndev(cfg), 5474 af_params); 5475 5476 cfg80211_mgmt_tx_status(wdev, *cookie, buf, len, ack, 5477 GFP_KERNEL); 5478 kfree(af_params); 5479 } else { 5480 brcmf_dbg(TRACE, "Unhandled, fc=%04x!!\n", mgmt->frame_control); 5481 brcmf_dbg_hex_dump(true, buf, len, "payload, len=%zu\n", len); 5482 } 5483 5484 exit: 5485 return err; 5486 } 5487 5488 static int brcmf_cfg80211_set_cqm_rssi_range_config(struct wiphy *wiphy, 5489 struct net_device *ndev, 5490 s32 rssi_low, s32 rssi_high) 5491 { 5492 struct brcmf_cfg80211_vif *vif; 5493 struct brcmf_if *ifp; 5494 int err = 0; 5495 5496 brcmf_dbg(TRACE, "low=%d high=%d", rssi_low, rssi_high); 5497 5498 ifp = netdev_priv(ndev); 5499 vif = ifp->vif; 5500 5501 if (rssi_low != vif->cqm_rssi_low || rssi_high != vif->cqm_rssi_high) { 5502 /* The firmware will send an event when the RSSI is less than or 5503 * equal to a configured level and the previous RSSI event was 5504 * less than or equal to a different level. Set a third level 5505 * so that we also detect the transition from rssi <= rssi_high 5506 * to rssi > rssi_high. 5507 */ 5508 struct brcmf_rssi_event_le config = { 5509 .rate_limit_msec = cpu_to_le32(0), 5510 .rssi_level_num = 3, 5511 .rssi_levels = { 5512 clamp_val(rssi_low, S8_MIN, S8_MAX - 2), 5513 clamp_val(rssi_high, S8_MIN + 1, S8_MAX - 1), 5514 S8_MAX, 5515 }, 5516 }; 5517 5518 err = brcmf_fil_iovar_data_set(ifp, "rssi_event", &config, 5519 sizeof(config)); 5520 if (err) { 5521 err = -EINVAL; 5522 } else { 5523 vif->cqm_rssi_low = rssi_low; 5524 vif->cqm_rssi_high = rssi_high; 5525 } 5526 } 5527 5528 return err; 5529 } 5530 5531 static int 5532 brcmf_cfg80211_cancel_remain_on_channel(struct wiphy *wiphy, 5533 struct wireless_dev *wdev, 5534 u64 cookie) 5535 { 5536 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 5537 struct brcmf_pub *drvr = cfg->pub; 5538 struct brcmf_cfg80211_vif *vif; 5539 int err = 0; 5540 5541 brcmf_dbg(TRACE, "Enter p2p listen cancel\n"); 5542 5543 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif; 5544 if (vif == NULL) { 5545 bphy_err(drvr, "No p2p device available for probe response\n"); 5546 err = -ENODEV; 5547 goto exit; 5548 } 5549 brcmf_p2p_cancel_remain_on_channel(vif->ifp); 5550 exit: 5551 return err; 5552 } 5553 5554 static int brcmf_cfg80211_get_channel(struct wiphy *wiphy, 5555 struct wireless_dev *wdev, 5556 unsigned int link_id, 5557 struct cfg80211_chan_def *chandef) 5558 { 5559 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 5560 struct net_device *ndev = wdev->netdev; 5561 struct brcmf_pub *drvr = cfg->pub; 5562 struct brcmu_chan ch; 5563 enum nl80211_band band = 0; 5564 enum nl80211_chan_width width = 0; 5565 u32 chanspec; 5566 int freq, err; 5567 5568 if (!ndev || drvr->bus_if->state != BRCMF_BUS_UP) 5569 return -ENODEV; 5570 5571 err = brcmf_fil_iovar_int_get(netdev_priv(ndev), "chanspec", &chanspec); 5572 if (err) { 5573 bphy_err(drvr, "chanspec failed (%d)\n", err); 5574 return err; 5575 } 5576 5577 ch.chspec = chanspec; 5578 cfg->d11inf.decchspec(&ch); 5579 5580 switch (ch.band) { 5581 case BRCMU_CHAN_BAND_2G: 5582 band = NL80211_BAND_2GHZ; 5583 break; 5584 case BRCMU_CHAN_BAND_5G: 5585 band = NL80211_BAND_5GHZ; 5586 break; 5587 } 5588 5589 switch (ch.bw) { 5590 case BRCMU_CHAN_BW_80: 5591 width = NL80211_CHAN_WIDTH_80; 5592 break; 5593 case BRCMU_CHAN_BW_40: 5594 width = NL80211_CHAN_WIDTH_40; 5595 break; 5596 case BRCMU_CHAN_BW_20: 5597 width = NL80211_CHAN_WIDTH_20; 5598 break; 5599 case BRCMU_CHAN_BW_80P80: 5600 width = NL80211_CHAN_WIDTH_80P80; 5601 break; 5602 case BRCMU_CHAN_BW_160: 5603 width = NL80211_CHAN_WIDTH_160; 5604 break; 5605 } 5606 5607 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band); 5608 chandef->chan = ieee80211_get_channel(wiphy, freq); 5609 chandef->width = width; 5610 chandef->center_freq1 = ieee80211_channel_to_frequency(ch.chnum, band); 5611 chandef->center_freq2 = 0; 5612 5613 return 0; 5614 } 5615 5616 static int brcmf_cfg80211_crit_proto_start(struct wiphy *wiphy, 5617 struct wireless_dev *wdev, 5618 enum nl80211_crit_proto_id proto, 5619 u16 duration) 5620 { 5621 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 5622 struct brcmf_cfg80211_vif *vif; 5623 5624 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev); 5625 5626 /* only DHCP support for now */ 5627 if (proto != NL80211_CRIT_PROTO_DHCP) 5628 return -EINVAL; 5629 5630 /* suppress and abort scanning */ 5631 set_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status); 5632 brcmf_abort_scanning(cfg); 5633 5634 return brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_DISABLED, duration); 5635 } 5636 5637 static void brcmf_cfg80211_crit_proto_stop(struct wiphy *wiphy, 5638 struct wireless_dev *wdev) 5639 { 5640 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 5641 struct brcmf_cfg80211_vif *vif; 5642 5643 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev); 5644 5645 brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_ENABLED, 0); 5646 clear_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status); 5647 } 5648 5649 static s32 5650 brcmf_notify_tdls_peer_event(struct brcmf_if *ifp, 5651 const struct brcmf_event_msg *e, void *data) 5652 { 5653 switch (e->reason) { 5654 case BRCMF_E_REASON_TDLS_PEER_DISCOVERED: 5655 brcmf_dbg(TRACE, "TDLS Peer Discovered\n"); 5656 break; 5657 case BRCMF_E_REASON_TDLS_PEER_CONNECTED: 5658 brcmf_dbg(TRACE, "TDLS Peer Connected\n"); 5659 brcmf_proto_add_tdls_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr); 5660 break; 5661 case BRCMF_E_REASON_TDLS_PEER_DISCONNECTED: 5662 brcmf_dbg(TRACE, "TDLS Peer Disconnected\n"); 5663 brcmf_proto_delete_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr); 5664 break; 5665 } 5666 5667 return 0; 5668 } 5669 5670 static int brcmf_convert_nl80211_tdls_oper(enum nl80211_tdls_operation oper) 5671 { 5672 int ret; 5673 5674 switch (oper) { 5675 case NL80211_TDLS_DISCOVERY_REQ: 5676 ret = BRCMF_TDLS_MANUAL_EP_DISCOVERY; 5677 break; 5678 case NL80211_TDLS_SETUP: 5679 ret = BRCMF_TDLS_MANUAL_EP_CREATE; 5680 break; 5681 case NL80211_TDLS_TEARDOWN: 5682 ret = BRCMF_TDLS_MANUAL_EP_DELETE; 5683 break; 5684 default: 5685 brcmf_err("unsupported operation: %d\n", oper); 5686 ret = -EOPNOTSUPP; 5687 } 5688 return ret; 5689 } 5690 5691 static int brcmf_cfg80211_tdls_oper(struct wiphy *wiphy, 5692 struct net_device *ndev, const u8 *peer, 5693 enum nl80211_tdls_operation oper) 5694 { 5695 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 5696 struct brcmf_pub *drvr = cfg->pub; 5697 struct brcmf_if *ifp; 5698 struct brcmf_tdls_iovar_le info; 5699 int ret = 0; 5700 5701 ret = brcmf_convert_nl80211_tdls_oper(oper); 5702 if (ret < 0) 5703 return ret; 5704 5705 ifp = netdev_priv(ndev); 5706 memset(&info, 0, sizeof(info)); 5707 info.mode = (u8)ret; 5708 if (peer) 5709 memcpy(info.ea, peer, ETH_ALEN); 5710 5711 ret = brcmf_fil_iovar_data_set(ifp, "tdls_endpoint", 5712 &info, sizeof(info)); 5713 if (ret < 0) 5714 bphy_err(drvr, "tdls_endpoint iovar failed: ret=%d\n", ret); 5715 5716 return ret; 5717 } 5718 5719 static int 5720 brcmf_cfg80211_update_conn_params(struct wiphy *wiphy, 5721 struct net_device *ndev, 5722 struct cfg80211_connect_params *sme, 5723 u32 changed) 5724 { 5725 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 5726 struct brcmf_pub *drvr = cfg->pub; 5727 struct brcmf_if *ifp; 5728 int err; 5729 5730 if (!(changed & UPDATE_ASSOC_IES)) 5731 return 0; 5732 5733 ifp = netdev_priv(ndev); 5734 err = brcmf_vif_set_mgmt_ie(ifp->vif, BRCMF_VNDR_IE_ASSOCREQ_FLAG, 5735 sme->ie, sme->ie_len); 5736 if (err) 5737 bphy_err(drvr, "Set Assoc REQ IE Failed\n"); 5738 else 5739 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc request\n"); 5740 5741 return err; 5742 } 5743 5744 #ifdef CONFIG_PM 5745 static int 5746 brcmf_cfg80211_set_rekey_data(struct wiphy *wiphy, struct net_device *ndev, 5747 struct cfg80211_gtk_rekey_data *gtk) 5748 { 5749 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 5750 struct brcmf_pub *drvr = cfg->pub; 5751 struct brcmf_if *ifp = netdev_priv(ndev); 5752 struct brcmf_gtk_keyinfo_le gtk_le; 5753 int ret; 5754 5755 brcmf_dbg(TRACE, "Enter, bssidx=%d\n", ifp->bsscfgidx); 5756 5757 memcpy(gtk_le.kck, gtk->kck, sizeof(gtk_le.kck)); 5758 memcpy(gtk_le.kek, gtk->kek, sizeof(gtk_le.kek)); 5759 memcpy(gtk_le.replay_counter, gtk->replay_ctr, 5760 sizeof(gtk_le.replay_counter)); 5761 5762 ret = brcmf_fil_iovar_data_set(ifp, "gtk_key_info", >k_le, 5763 sizeof(gtk_le)); 5764 if (ret < 0) 5765 bphy_err(drvr, "gtk_key_info iovar failed: ret=%d\n", ret); 5766 5767 return ret; 5768 } 5769 #endif 5770 5771 static int brcmf_cfg80211_set_pmk(struct wiphy *wiphy, struct net_device *dev, 5772 const struct cfg80211_pmk_conf *conf) 5773 { 5774 struct brcmf_if *ifp; 5775 5776 brcmf_dbg(TRACE, "enter\n"); 5777 5778 /* expect using firmware supplicant for 1X */ 5779 ifp = netdev_priv(dev); 5780 if (WARN_ON(ifp->vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_1X)) 5781 return -EINVAL; 5782 5783 if (conf->pmk_len > BRCMF_WSEC_MAX_PSK_LEN) 5784 return -ERANGE; 5785 5786 return brcmf_set_pmk(ifp, conf->pmk, conf->pmk_len); 5787 } 5788 5789 static int brcmf_cfg80211_del_pmk(struct wiphy *wiphy, struct net_device *dev, 5790 const u8 *aa) 5791 { 5792 struct brcmf_if *ifp; 5793 5794 brcmf_dbg(TRACE, "enter\n"); 5795 ifp = netdev_priv(dev); 5796 if (WARN_ON(ifp->vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_1X)) 5797 return -EINVAL; 5798 5799 return brcmf_set_pmk(ifp, NULL, 0); 5800 } 5801 5802 static struct cfg80211_ops brcmf_cfg80211_ops = { 5803 .add_virtual_intf = brcmf_cfg80211_add_iface, 5804 .del_virtual_intf = brcmf_cfg80211_del_iface, 5805 .change_virtual_intf = brcmf_cfg80211_change_iface, 5806 .scan = brcmf_cfg80211_scan, 5807 .set_wiphy_params = brcmf_cfg80211_set_wiphy_params, 5808 .join_ibss = brcmf_cfg80211_join_ibss, 5809 .leave_ibss = brcmf_cfg80211_leave_ibss, 5810 .get_station = brcmf_cfg80211_get_station, 5811 .dump_station = brcmf_cfg80211_dump_station, 5812 .set_tx_power = brcmf_cfg80211_set_tx_power, 5813 .get_tx_power = brcmf_cfg80211_get_tx_power, 5814 .add_key = brcmf_cfg80211_add_key, 5815 .del_key = brcmf_cfg80211_del_key, 5816 .get_key = brcmf_cfg80211_get_key, 5817 .set_default_key = brcmf_cfg80211_config_default_key, 5818 .set_default_mgmt_key = brcmf_cfg80211_config_default_mgmt_key, 5819 .set_power_mgmt = brcmf_cfg80211_set_power_mgmt, 5820 .connect = brcmf_cfg80211_connect, 5821 .disconnect = brcmf_cfg80211_disconnect, 5822 .suspend = brcmf_cfg80211_suspend, 5823 .resume = brcmf_cfg80211_resume, 5824 .set_pmksa = brcmf_cfg80211_set_pmksa, 5825 .del_pmksa = brcmf_cfg80211_del_pmksa, 5826 .flush_pmksa = brcmf_cfg80211_flush_pmksa, 5827 .start_ap = brcmf_cfg80211_start_ap, 5828 .stop_ap = brcmf_cfg80211_stop_ap, 5829 .change_beacon = brcmf_cfg80211_change_beacon, 5830 .del_station = brcmf_cfg80211_del_station, 5831 .change_station = brcmf_cfg80211_change_station, 5832 .sched_scan_start = brcmf_cfg80211_sched_scan_start, 5833 .sched_scan_stop = brcmf_cfg80211_sched_scan_stop, 5834 .update_mgmt_frame_registrations = 5835 brcmf_cfg80211_update_mgmt_frame_registrations, 5836 .mgmt_tx = brcmf_cfg80211_mgmt_tx, 5837 .set_cqm_rssi_range_config = brcmf_cfg80211_set_cqm_rssi_range_config, 5838 .remain_on_channel = brcmf_p2p_remain_on_channel, 5839 .cancel_remain_on_channel = brcmf_cfg80211_cancel_remain_on_channel, 5840 .get_channel = brcmf_cfg80211_get_channel, 5841 .start_p2p_device = brcmf_p2p_start_device, 5842 .stop_p2p_device = brcmf_p2p_stop_device, 5843 .crit_proto_start = brcmf_cfg80211_crit_proto_start, 5844 .crit_proto_stop = brcmf_cfg80211_crit_proto_stop, 5845 .tdls_oper = brcmf_cfg80211_tdls_oper, 5846 .update_connect_params = brcmf_cfg80211_update_conn_params, 5847 .set_pmk = brcmf_cfg80211_set_pmk, 5848 .del_pmk = brcmf_cfg80211_del_pmk, 5849 }; 5850 5851 struct cfg80211_ops *brcmf_cfg80211_get_ops(struct brcmf_mp_device *settings) 5852 { 5853 struct cfg80211_ops *ops; 5854 5855 ops = kmemdup(&brcmf_cfg80211_ops, sizeof(brcmf_cfg80211_ops), 5856 GFP_KERNEL); 5857 5858 if (ops && settings->roamoff) 5859 ops->update_connect_params = NULL; 5860 5861 return ops; 5862 } 5863 5864 struct brcmf_cfg80211_vif *brcmf_alloc_vif(struct brcmf_cfg80211_info *cfg, 5865 enum nl80211_iftype type) 5866 { 5867 struct brcmf_cfg80211_vif *vif_walk; 5868 struct brcmf_cfg80211_vif *vif; 5869 bool mbss; 5870 struct brcmf_if *ifp = brcmf_get_ifp(cfg->pub, 0); 5871 5872 brcmf_dbg(TRACE, "allocating virtual interface (size=%zu)\n", 5873 sizeof(*vif)); 5874 vif = kzalloc(sizeof(*vif), GFP_KERNEL); 5875 if (!vif) 5876 return ERR_PTR(-ENOMEM); 5877 5878 vif->wdev.wiphy = cfg->wiphy; 5879 vif->wdev.iftype = type; 5880 5881 brcmf_init_prof(&vif->profile); 5882 5883 if (type == NL80211_IFTYPE_AP && 5884 brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS)) { 5885 mbss = false; 5886 list_for_each_entry(vif_walk, &cfg->vif_list, list) { 5887 if (vif_walk->wdev.iftype == NL80211_IFTYPE_AP) { 5888 mbss = true; 5889 break; 5890 } 5891 } 5892 vif->mbss = mbss; 5893 } 5894 5895 list_add_tail(&vif->list, &cfg->vif_list); 5896 return vif; 5897 } 5898 5899 void brcmf_free_vif(struct brcmf_cfg80211_vif *vif) 5900 { 5901 list_del(&vif->list); 5902 kfree(vif); 5903 } 5904 5905 void brcmf_cfg80211_free_netdev(struct net_device *ndev) 5906 { 5907 struct brcmf_cfg80211_vif *vif; 5908 struct brcmf_if *ifp; 5909 5910 ifp = netdev_priv(ndev); 5911 vif = ifp->vif; 5912 5913 if (vif) 5914 brcmf_free_vif(vif); 5915 } 5916 5917 static bool brcmf_is_linkup(struct brcmf_cfg80211_vif *vif, 5918 const struct brcmf_event_msg *e) 5919 { 5920 u32 event = e->event_code; 5921 u32 status = e->status; 5922 5923 if ((vif->profile.use_fwsup == BRCMF_PROFILE_FWSUP_PSK || 5924 vif->profile.use_fwsup == BRCMF_PROFILE_FWSUP_SAE) && 5925 event == BRCMF_E_PSK_SUP && 5926 status == BRCMF_E_STATUS_FWSUP_COMPLETED) 5927 set_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state); 5928 if (event == BRCMF_E_SET_SSID && status == BRCMF_E_STATUS_SUCCESS) { 5929 brcmf_dbg(CONN, "Processing set ssid\n"); 5930 memcpy(vif->profile.bssid, e->addr, ETH_ALEN); 5931 if (vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_PSK && 5932 vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_SAE) 5933 return true; 5934 5935 set_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state); 5936 } 5937 5938 if (test_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state) && 5939 test_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state)) { 5940 clear_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state); 5941 clear_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state); 5942 return true; 5943 } 5944 return false; 5945 } 5946 5947 static bool brcmf_is_linkdown(struct brcmf_cfg80211_vif *vif, 5948 const struct brcmf_event_msg *e) 5949 { 5950 u32 event = e->event_code; 5951 u16 flags = e->flags; 5952 5953 if ((event == BRCMF_E_DEAUTH) || (event == BRCMF_E_DEAUTH_IND) || 5954 (event == BRCMF_E_DISASSOC_IND) || 5955 ((event == BRCMF_E_LINK) && (!(flags & BRCMF_EVENT_MSG_LINK)))) { 5956 brcmf_dbg(CONN, "Processing link down\n"); 5957 clear_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state); 5958 clear_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state); 5959 return true; 5960 } 5961 return false; 5962 } 5963 5964 static bool brcmf_is_nonetwork(struct brcmf_cfg80211_info *cfg, 5965 const struct brcmf_event_msg *e) 5966 { 5967 u32 event = e->event_code; 5968 u32 status = e->status; 5969 5970 if (event == BRCMF_E_LINK && status == BRCMF_E_STATUS_NO_NETWORKS) { 5971 brcmf_dbg(CONN, "Processing Link %s & no network found\n", 5972 e->flags & BRCMF_EVENT_MSG_LINK ? "up" : "down"); 5973 return true; 5974 } 5975 5976 if (event == BRCMF_E_SET_SSID && status != BRCMF_E_STATUS_SUCCESS) { 5977 brcmf_dbg(CONN, "Processing connecting & no network found\n"); 5978 return true; 5979 } 5980 5981 if (event == BRCMF_E_PSK_SUP && 5982 status != BRCMF_E_STATUS_FWSUP_COMPLETED) { 5983 brcmf_dbg(CONN, "Processing failed supplicant state: %u\n", 5984 status); 5985 return true; 5986 } 5987 5988 return false; 5989 } 5990 5991 static void brcmf_clear_assoc_ies(struct brcmf_cfg80211_info *cfg) 5992 { 5993 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg); 5994 5995 kfree(conn_info->req_ie); 5996 conn_info->req_ie = NULL; 5997 conn_info->req_ie_len = 0; 5998 kfree(conn_info->resp_ie); 5999 conn_info->resp_ie = NULL; 6000 conn_info->resp_ie_len = 0; 6001 } 6002 6003 u8 brcmf_map_prio_to_prec(void *config, u8 prio) 6004 { 6005 struct brcmf_cfg80211_info *cfg = (struct brcmf_cfg80211_info *)config; 6006 6007 if (!cfg) 6008 return (prio == PRIO_8021D_NONE || prio == PRIO_8021D_BE) ? 6009 (prio ^ 2) : prio; 6010 6011 /* For those AC(s) with ACM flag set to 1, convert its 4-level priority 6012 * to an 8-level precedence which is the same as BE's 6013 */ 6014 if (prio > PRIO_8021D_EE && 6015 cfg->ac_priority[prio] == cfg->ac_priority[PRIO_8021D_BE]) 6016 return cfg->ac_priority[prio] * 2; 6017 6018 /* Conversion of 4-level priority to 8-level precedence */ 6019 if (prio == PRIO_8021D_BE || prio == PRIO_8021D_BK || 6020 prio == PRIO_8021D_CL || prio == PRIO_8021D_VO) 6021 return cfg->ac_priority[prio] * 2; 6022 else 6023 return cfg->ac_priority[prio] * 2 + 1; 6024 } 6025 6026 u8 brcmf_map_prio_to_aci(void *config, u8 prio) 6027 { 6028 /* Prio here refers to the 802.1d priority in range of 0 to 7. 6029 * ACI here refers to the WLAN AC Index in range of 0 to 3. 6030 * This function will return ACI corresponding to input prio. 6031 */ 6032 struct brcmf_cfg80211_info *cfg = (struct brcmf_cfg80211_info *)config; 6033 6034 if (cfg) 6035 return cfg->ac_priority[prio]; 6036 6037 return prio; 6038 } 6039 6040 static void brcmf_init_wmm_prio(u8 *priority) 6041 { 6042 /* Initialize AC priority array to default 6043 * 802.1d priority as per following table: 6044 * 802.1d prio 0,3 maps to BE 6045 * 802.1d prio 1,2 maps to BK 6046 * 802.1d prio 4,5 maps to VI 6047 * 802.1d prio 6,7 maps to VO 6048 */ 6049 priority[0] = BRCMF_FWS_FIFO_AC_BE; 6050 priority[3] = BRCMF_FWS_FIFO_AC_BE; 6051 priority[1] = BRCMF_FWS_FIFO_AC_BK; 6052 priority[2] = BRCMF_FWS_FIFO_AC_BK; 6053 priority[4] = BRCMF_FWS_FIFO_AC_VI; 6054 priority[5] = BRCMF_FWS_FIFO_AC_VI; 6055 priority[6] = BRCMF_FWS_FIFO_AC_VO; 6056 priority[7] = BRCMF_FWS_FIFO_AC_VO; 6057 } 6058 6059 static void brcmf_wifi_prioritize_acparams(const 6060 struct brcmf_cfg80211_edcf_acparam *acp, u8 *priority) 6061 { 6062 u8 aci; 6063 u8 aifsn; 6064 u8 ecwmin; 6065 u8 ecwmax; 6066 u8 acm; 6067 u8 ranking_basis[EDCF_AC_COUNT]; 6068 u8 aci_prio[EDCF_AC_COUNT]; /* AC_BE, AC_BK, AC_VI, AC_VO */ 6069 u8 index; 6070 6071 for (aci = 0; aci < EDCF_AC_COUNT; aci++, acp++) { 6072 aifsn = acp->ACI & EDCF_AIFSN_MASK; 6073 acm = (acp->ACI & EDCF_ACM_MASK) ? 1 : 0; 6074 ecwmin = acp->ECW & EDCF_ECWMIN_MASK; 6075 ecwmax = (acp->ECW & EDCF_ECWMAX_MASK) >> EDCF_ECWMAX_SHIFT; 6076 brcmf_dbg(CONN, "ACI %d aifsn %d acm %d ecwmin %d ecwmax %d\n", 6077 aci, aifsn, acm, ecwmin, ecwmax); 6078 /* Default AC_VO will be the lowest ranking value */ 6079 ranking_basis[aci] = aifsn + ecwmin + ecwmax; 6080 /* Initialise priority starting at 0 (AC_BE) */ 6081 aci_prio[aci] = 0; 6082 6083 /* If ACM is set, STA can't use this AC as per 802.11. 6084 * Change the ranking to BE 6085 */ 6086 if (aci != AC_BE && aci != AC_BK && acm == 1) 6087 ranking_basis[aci] = ranking_basis[AC_BE]; 6088 } 6089 6090 /* Ranking method which works for AC priority 6091 * swapping when values for cwmin, cwmax and aifsn are varied 6092 * Compare each aci_prio against each other aci_prio 6093 */ 6094 for (aci = 0; aci < EDCF_AC_COUNT; aci++) { 6095 for (index = 0; index < EDCF_AC_COUNT; index++) { 6096 if (index != aci) { 6097 /* Smaller ranking value has higher priority, 6098 * so increment priority for each ACI which has 6099 * a higher ranking value 6100 */ 6101 if (ranking_basis[aci] < ranking_basis[index]) 6102 aci_prio[aci]++; 6103 } 6104 } 6105 } 6106 6107 /* By now, aci_prio[] will be in range of 0 to 3. 6108 * Use ACI prio to get the new priority value for 6109 * each 802.1d traffic type, in this range. 6110 */ 6111 if (!(aci_prio[AC_BE] == aci_prio[AC_BK] && 6112 aci_prio[AC_BK] == aci_prio[AC_VI] && 6113 aci_prio[AC_VI] == aci_prio[AC_VO])) { 6114 /* 802.1d 0,3 maps to BE */ 6115 priority[0] = aci_prio[AC_BE]; 6116 priority[3] = aci_prio[AC_BE]; 6117 6118 /* 802.1d 1,2 maps to BK */ 6119 priority[1] = aci_prio[AC_BK]; 6120 priority[2] = aci_prio[AC_BK]; 6121 6122 /* 802.1d 4,5 maps to VO */ 6123 priority[4] = aci_prio[AC_VI]; 6124 priority[5] = aci_prio[AC_VI]; 6125 6126 /* 802.1d 6,7 maps to VO */ 6127 priority[6] = aci_prio[AC_VO]; 6128 priority[7] = aci_prio[AC_VO]; 6129 } else { 6130 /* Initialize to default priority */ 6131 brcmf_init_wmm_prio(priority); 6132 } 6133 6134 brcmf_dbg(CONN, "Adj prio BE 0->%d, BK 1->%d, BK 2->%d, BE 3->%d\n", 6135 priority[0], priority[1], priority[2], priority[3]); 6136 6137 brcmf_dbg(CONN, "Adj prio VI 4->%d, VI 5->%d, VO 6->%d, VO 7->%d\n", 6138 priority[4], priority[5], priority[6], priority[7]); 6139 } 6140 6141 static s32 brcmf_get_assoc_ies(struct brcmf_cfg80211_info *cfg, 6142 struct brcmf_if *ifp) 6143 { 6144 struct brcmf_pub *drvr = cfg->pub; 6145 struct brcmf_cfg80211_assoc_ielen_le *assoc_info; 6146 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg); 6147 struct brcmf_cfg80211_edcf_acparam edcf_acparam_info[EDCF_AC_COUNT]; 6148 u32 req_len; 6149 u32 resp_len; 6150 s32 err = 0; 6151 6152 brcmf_clear_assoc_ies(cfg); 6153 6154 err = brcmf_fil_iovar_data_get(ifp, "assoc_info", 6155 cfg->extra_buf, WL_ASSOC_INFO_MAX); 6156 if (err) { 6157 bphy_err(drvr, "could not get assoc info (%d)\n", err); 6158 return err; 6159 } 6160 assoc_info = 6161 (struct brcmf_cfg80211_assoc_ielen_le *)cfg->extra_buf; 6162 req_len = le32_to_cpu(assoc_info->req_len); 6163 resp_len = le32_to_cpu(assoc_info->resp_len); 6164 if (req_len) { 6165 err = brcmf_fil_iovar_data_get(ifp, "assoc_req_ies", 6166 cfg->extra_buf, 6167 WL_ASSOC_INFO_MAX); 6168 if (err) { 6169 bphy_err(drvr, "could not get assoc req (%d)\n", err); 6170 return err; 6171 } 6172 conn_info->req_ie_len = req_len; 6173 conn_info->req_ie = 6174 kmemdup(cfg->extra_buf, conn_info->req_ie_len, 6175 GFP_KERNEL); 6176 if (!conn_info->req_ie) 6177 conn_info->req_ie_len = 0; 6178 } else { 6179 conn_info->req_ie_len = 0; 6180 conn_info->req_ie = NULL; 6181 } 6182 if (resp_len) { 6183 err = brcmf_fil_iovar_data_get(ifp, "assoc_resp_ies", 6184 cfg->extra_buf, 6185 WL_ASSOC_INFO_MAX); 6186 if (err) { 6187 bphy_err(drvr, "could not get assoc resp (%d)\n", err); 6188 return err; 6189 } 6190 conn_info->resp_ie_len = resp_len; 6191 conn_info->resp_ie = 6192 kmemdup(cfg->extra_buf, conn_info->resp_ie_len, 6193 GFP_KERNEL); 6194 if (!conn_info->resp_ie) 6195 conn_info->resp_ie_len = 0; 6196 6197 err = brcmf_fil_iovar_data_get(ifp, "wme_ac_sta", 6198 edcf_acparam_info, 6199 sizeof(edcf_acparam_info)); 6200 if (err) { 6201 brcmf_err("could not get wme_ac_sta (%d)\n", err); 6202 return err; 6203 } 6204 6205 brcmf_wifi_prioritize_acparams(edcf_acparam_info, 6206 cfg->ac_priority); 6207 } else { 6208 conn_info->resp_ie_len = 0; 6209 conn_info->resp_ie = NULL; 6210 } 6211 brcmf_dbg(CONN, "req len (%d) resp len (%d)\n", 6212 conn_info->req_ie_len, conn_info->resp_ie_len); 6213 6214 return err; 6215 } 6216 6217 static s32 6218 brcmf_bss_roaming_done(struct brcmf_cfg80211_info *cfg, 6219 struct net_device *ndev, 6220 const struct brcmf_event_msg *e) 6221 { 6222 struct brcmf_if *ifp = netdev_priv(ndev); 6223 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile; 6224 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg); 6225 struct wiphy *wiphy = cfg_to_wiphy(cfg); 6226 struct ieee80211_channel *notify_channel = NULL; 6227 struct ieee80211_supported_band *band; 6228 struct brcmf_bss_info_le *bi; 6229 struct brcmu_chan ch; 6230 struct cfg80211_roam_info roam_info = {}; 6231 u32 freq; 6232 s32 err = 0; 6233 u8 *buf; 6234 6235 brcmf_dbg(TRACE, "Enter\n"); 6236 6237 brcmf_get_assoc_ies(cfg, ifp); 6238 memcpy(profile->bssid, e->addr, ETH_ALEN); 6239 brcmf_update_bss_info(cfg, ifp); 6240 6241 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL); 6242 if (buf == NULL) { 6243 err = -ENOMEM; 6244 goto done; 6245 } 6246 6247 /* data sent to dongle has to be little endian */ 6248 *(__le32 *)buf = cpu_to_le32(WL_BSS_INFO_MAX); 6249 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO, 6250 buf, WL_BSS_INFO_MAX); 6251 6252 if (err) 6253 goto done; 6254 6255 bi = (struct brcmf_bss_info_le *)(buf + 4); 6256 ch.chspec = le16_to_cpu(bi->chanspec); 6257 cfg->d11inf.decchspec(&ch); 6258 6259 if (ch.band == BRCMU_CHAN_BAND_2G) 6260 band = wiphy->bands[NL80211_BAND_2GHZ]; 6261 else 6262 band = wiphy->bands[NL80211_BAND_5GHZ]; 6263 6264 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band->band); 6265 notify_channel = ieee80211_get_channel(wiphy, freq); 6266 6267 done: 6268 kfree(buf); 6269 6270 roam_info.links[0].channel = notify_channel; 6271 roam_info.links[0].bssid = profile->bssid; 6272 roam_info.req_ie = conn_info->req_ie; 6273 roam_info.req_ie_len = conn_info->req_ie_len; 6274 roam_info.resp_ie = conn_info->resp_ie; 6275 roam_info.resp_ie_len = conn_info->resp_ie_len; 6276 6277 cfg80211_roamed(ndev, &roam_info, GFP_KERNEL); 6278 brcmf_dbg(CONN, "Report roaming result\n"); 6279 6280 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_1X && profile->is_ft) { 6281 cfg80211_port_authorized(ndev, profile->bssid, NULL, 0, GFP_KERNEL); 6282 brcmf_dbg(CONN, "Report port authorized\n"); 6283 } 6284 6285 set_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state); 6286 brcmf_dbg(TRACE, "Exit\n"); 6287 return err; 6288 } 6289 6290 static s32 6291 brcmf_bss_connect_done(struct brcmf_cfg80211_info *cfg, 6292 struct net_device *ndev, const struct brcmf_event_msg *e, 6293 bool completed) 6294 { 6295 struct brcmf_if *ifp = netdev_priv(ndev); 6296 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile; 6297 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg); 6298 struct cfg80211_connect_resp_params conn_params; 6299 6300 brcmf_dbg(TRACE, "Enter\n"); 6301 6302 if (test_and_clear_bit(BRCMF_VIF_STATUS_CONNECTING, 6303 &ifp->vif->sme_state)) { 6304 memset(&conn_params, 0, sizeof(conn_params)); 6305 if (completed) { 6306 brcmf_get_assoc_ies(cfg, ifp); 6307 brcmf_update_bss_info(cfg, ifp); 6308 set_bit(BRCMF_VIF_STATUS_CONNECTED, 6309 &ifp->vif->sme_state); 6310 conn_params.status = WLAN_STATUS_SUCCESS; 6311 } else { 6312 clear_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, 6313 &ifp->vif->sme_state); 6314 clear_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, 6315 &ifp->vif->sme_state); 6316 conn_params.status = WLAN_STATUS_AUTH_TIMEOUT; 6317 } 6318 conn_params.links[0].bssid = profile->bssid; 6319 conn_params.req_ie = conn_info->req_ie; 6320 conn_params.req_ie_len = conn_info->req_ie_len; 6321 conn_params.resp_ie = conn_info->resp_ie; 6322 conn_params.resp_ie_len = conn_info->resp_ie_len; 6323 cfg80211_connect_done(ndev, &conn_params, GFP_KERNEL); 6324 brcmf_dbg(CONN, "Report connect result - connection %s\n", 6325 completed ? "succeeded" : "failed"); 6326 } 6327 brcmf_dbg(TRACE, "Exit\n"); 6328 return 0; 6329 } 6330 6331 static s32 6332 brcmf_notify_connect_status_ap(struct brcmf_cfg80211_info *cfg, 6333 struct net_device *ndev, 6334 const struct brcmf_event_msg *e, void *data) 6335 { 6336 struct brcmf_pub *drvr = cfg->pub; 6337 static int generation; 6338 u32 event = e->event_code; 6339 u32 reason = e->reason; 6340 struct station_info *sinfo; 6341 6342 brcmf_dbg(CONN, "event %s (%u), reason %d\n", 6343 brcmf_fweh_event_name(event), event, reason); 6344 if (event == BRCMF_E_LINK && reason == BRCMF_E_REASON_LINK_BSSCFG_DIS && 6345 ndev != cfg_to_ndev(cfg)) { 6346 brcmf_dbg(CONN, "AP mode link down\n"); 6347 complete(&cfg->vif_disabled); 6348 return 0; 6349 } 6350 6351 if (((event == BRCMF_E_ASSOC_IND) || (event == BRCMF_E_REASSOC_IND)) && 6352 (reason == BRCMF_E_STATUS_SUCCESS)) { 6353 if (!data) { 6354 bphy_err(drvr, "No IEs present in ASSOC/REASSOC_IND\n"); 6355 return -EINVAL; 6356 } 6357 6358 sinfo = kzalloc(sizeof(*sinfo), GFP_KERNEL); 6359 if (!sinfo) 6360 return -ENOMEM; 6361 6362 sinfo->assoc_req_ies = data; 6363 sinfo->assoc_req_ies_len = e->datalen; 6364 generation++; 6365 sinfo->generation = generation; 6366 cfg80211_new_sta(ndev, e->addr, sinfo, GFP_KERNEL); 6367 6368 kfree(sinfo); 6369 } else if ((event == BRCMF_E_DISASSOC_IND) || 6370 (event == BRCMF_E_DEAUTH_IND) || 6371 (event == BRCMF_E_DEAUTH)) { 6372 cfg80211_del_sta(ndev, e->addr, GFP_KERNEL); 6373 } 6374 return 0; 6375 } 6376 6377 static s32 6378 brcmf_notify_connect_status(struct brcmf_if *ifp, 6379 const struct brcmf_event_msg *e, void *data) 6380 { 6381 struct brcmf_cfg80211_info *cfg = ifp->drvr->config; 6382 struct net_device *ndev = ifp->ndev; 6383 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile; 6384 struct ieee80211_channel *chan; 6385 s32 err = 0; 6386 6387 if ((e->event_code == BRCMF_E_DEAUTH) || 6388 (e->event_code == BRCMF_E_DEAUTH_IND) || 6389 (e->event_code == BRCMF_E_DISASSOC_IND) || 6390 ((e->event_code == BRCMF_E_LINK) && (!e->flags))) { 6391 brcmf_proto_delete_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr); 6392 } 6393 6394 if (brcmf_is_apmode(ifp->vif)) { 6395 err = brcmf_notify_connect_status_ap(cfg, ndev, e, data); 6396 } else if (brcmf_is_linkup(ifp->vif, e)) { 6397 brcmf_dbg(CONN, "Linkup\n"); 6398 if (brcmf_is_ibssmode(ifp->vif)) { 6399 brcmf_inform_ibss(cfg, ndev, e->addr); 6400 chan = ieee80211_get_channel(cfg->wiphy, cfg->channel); 6401 memcpy(profile->bssid, e->addr, ETH_ALEN); 6402 cfg80211_ibss_joined(ndev, e->addr, chan, GFP_KERNEL); 6403 clear_bit(BRCMF_VIF_STATUS_CONNECTING, 6404 &ifp->vif->sme_state); 6405 set_bit(BRCMF_VIF_STATUS_CONNECTED, 6406 &ifp->vif->sme_state); 6407 } else 6408 brcmf_bss_connect_done(cfg, ndev, e, true); 6409 brcmf_net_setcarrier(ifp, true); 6410 } else if (brcmf_is_linkdown(ifp->vif, e)) { 6411 brcmf_dbg(CONN, "Linkdown\n"); 6412 if (!brcmf_is_ibssmode(ifp->vif) && 6413 (test_bit(BRCMF_VIF_STATUS_CONNECTED, 6414 &ifp->vif->sme_state) || 6415 test_bit(BRCMF_VIF_STATUS_CONNECTING, 6416 &ifp->vif->sme_state))) { 6417 if (test_bit(BRCMF_VIF_STATUS_CONNECTED, 6418 &ifp->vif->sme_state) && 6419 memcmp(profile->bssid, e->addr, ETH_ALEN)) 6420 return err; 6421 6422 brcmf_bss_connect_done(cfg, ndev, e, false); 6423 brcmf_link_down(ifp->vif, 6424 brcmf_map_fw_linkdown_reason(e), 6425 e->event_code & 6426 (BRCMF_E_DEAUTH_IND | 6427 BRCMF_E_DISASSOC_IND) 6428 ? false : true); 6429 brcmf_init_prof(ndev_to_prof(ndev)); 6430 if (ndev != cfg_to_ndev(cfg)) 6431 complete(&cfg->vif_disabled); 6432 brcmf_net_setcarrier(ifp, false); 6433 } 6434 } else if (brcmf_is_nonetwork(cfg, e)) { 6435 if (brcmf_is_ibssmode(ifp->vif)) 6436 clear_bit(BRCMF_VIF_STATUS_CONNECTING, 6437 &ifp->vif->sme_state); 6438 else 6439 brcmf_bss_connect_done(cfg, ndev, e, false); 6440 } 6441 6442 return err; 6443 } 6444 6445 static s32 6446 brcmf_notify_roaming_status(struct brcmf_if *ifp, 6447 const struct brcmf_event_msg *e, void *data) 6448 { 6449 struct brcmf_cfg80211_info *cfg = ifp->drvr->config; 6450 u32 event = e->event_code; 6451 u32 status = e->status; 6452 6453 if (event == BRCMF_E_ROAM && status == BRCMF_E_STATUS_SUCCESS) { 6454 if (test_bit(BRCMF_VIF_STATUS_CONNECTED, 6455 &ifp->vif->sme_state)) { 6456 brcmf_bss_roaming_done(cfg, ifp->ndev, e); 6457 } else { 6458 brcmf_bss_connect_done(cfg, ifp->ndev, e, true); 6459 brcmf_net_setcarrier(ifp, true); 6460 } 6461 } 6462 6463 return 0; 6464 } 6465 6466 static s32 6467 brcmf_notify_mic_status(struct brcmf_if *ifp, 6468 const struct brcmf_event_msg *e, void *data) 6469 { 6470 u16 flags = e->flags; 6471 enum nl80211_key_type key_type; 6472 6473 if (flags & BRCMF_EVENT_MSG_GROUP) 6474 key_type = NL80211_KEYTYPE_GROUP; 6475 else 6476 key_type = NL80211_KEYTYPE_PAIRWISE; 6477 6478 cfg80211_michael_mic_failure(ifp->ndev, (u8 *)&e->addr, key_type, -1, 6479 NULL, GFP_KERNEL); 6480 6481 return 0; 6482 } 6483 6484 static s32 brcmf_notify_rssi(struct brcmf_if *ifp, 6485 const struct brcmf_event_msg *e, void *data) 6486 { 6487 struct brcmf_cfg80211_vif *vif = ifp->vif; 6488 struct brcmf_rssi_be *info = data; 6489 s32 rssi, snr, noise; 6490 s32 low, high, last; 6491 6492 if (e->datalen < sizeof(*info)) { 6493 brcmf_err("insufficient RSSI event data\n"); 6494 return 0; 6495 } 6496 6497 rssi = be32_to_cpu(info->rssi); 6498 snr = be32_to_cpu(info->snr); 6499 noise = be32_to_cpu(info->noise); 6500 6501 low = vif->cqm_rssi_low; 6502 high = vif->cqm_rssi_high; 6503 last = vif->cqm_rssi_last; 6504 6505 brcmf_dbg(TRACE, "rssi=%d snr=%d noise=%d low=%d high=%d last=%d\n", 6506 rssi, snr, noise, low, high, last); 6507 6508 vif->cqm_rssi_last = rssi; 6509 6510 if (rssi <= low || rssi == 0) { 6511 brcmf_dbg(INFO, "LOW rssi=%d\n", rssi); 6512 cfg80211_cqm_rssi_notify(ifp->ndev, 6513 NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW, 6514 rssi, GFP_KERNEL); 6515 } else if (rssi > high) { 6516 brcmf_dbg(INFO, "HIGH rssi=%d\n", rssi); 6517 cfg80211_cqm_rssi_notify(ifp->ndev, 6518 NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH, 6519 rssi, GFP_KERNEL); 6520 } 6521 6522 return 0; 6523 } 6524 6525 static s32 brcmf_notify_vif_event(struct brcmf_if *ifp, 6526 const struct brcmf_event_msg *e, void *data) 6527 { 6528 struct brcmf_cfg80211_info *cfg = ifp->drvr->config; 6529 struct brcmf_if_event *ifevent = (struct brcmf_if_event *)data; 6530 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event; 6531 struct brcmf_cfg80211_vif *vif; 6532 6533 brcmf_dbg(TRACE, "Enter: action %u flags %u ifidx %u bsscfgidx %u\n", 6534 ifevent->action, ifevent->flags, ifevent->ifidx, 6535 ifevent->bsscfgidx); 6536 6537 spin_lock(&event->vif_event_lock); 6538 event->action = ifevent->action; 6539 vif = event->vif; 6540 6541 switch (ifevent->action) { 6542 case BRCMF_E_IF_ADD: 6543 /* waiting process may have timed out */ 6544 if (!cfg->vif_event.vif) { 6545 spin_unlock(&event->vif_event_lock); 6546 return -EBADF; 6547 } 6548 6549 ifp->vif = vif; 6550 vif->ifp = ifp; 6551 if (ifp->ndev) { 6552 vif->wdev.netdev = ifp->ndev; 6553 ifp->ndev->ieee80211_ptr = &vif->wdev; 6554 SET_NETDEV_DEV(ifp->ndev, wiphy_dev(cfg->wiphy)); 6555 } 6556 spin_unlock(&event->vif_event_lock); 6557 wake_up(&event->vif_wq); 6558 return 0; 6559 6560 case BRCMF_E_IF_DEL: 6561 spin_unlock(&event->vif_event_lock); 6562 /* event may not be upon user request */ 6563 if (brcmf_cfg80211_vif_event_armed(cfg)) 6564 wake_up(&event->vif_wq); 6565 return 0; 6566 6567 case BRCMF_E_IF_CHANGE: 6568 spin_unlock(&event->vif_event_lock); 6569 wake_up(&event->vif_wq); 6570 return 0; 6571 6572 default: 6573 spin_unlock(&event->vif_event_lock); 6574 break; 6575 } 6576 return -EINVAL; 6577 } 6578 6579 static void brcmf_init_conf(struct brcmf_cfg80211_conf *conf) 6580 { 6581 conf->frag_threshold = (u32)-1; 6582 conf->rts_threshold = (u32)-1; 6583 conf->retry_short = (u32)-1; 6584 conf->retry_long = (u32)-1; 6585 } 6586 6587 static void brcmf_register_event_handlers(struct brcmf_cfg80211_info *cfg) 6588 { 6589 brcmf_fweh_register(cfg->pub, BRCMF_E_LINK, 6590 brcmf_notify_connect_status); 6591 brcmf_fweh_register(cfg->pub, BRCMF_E_DEAUTH_IND, 6592 brcmf_notify_connect_status); 6593 brcmf_fweh_register(cfg->pub, BRCMF_E_DEAUTH, 6594 brcmf_notify_connect_status); 6595 brcmf_fweh_register(cfg->pub, BRCMF_E_DISASSOC_IND, 6596 brcmf_notify_connect_status); 6597 brcmf_fweh_register(cfg->pub, BRCMF_E_ASSOC_IND, 6598 brcmf_notify_connect_status); 6599 brcmf_fweh_register(cfg->pub, BRCMF_E_REASSOC_IND, 6600 brcmf_notify_connect_status); 6601 brcmf_fweh_register(cfg->pub, BRCMF_E_ROAM, 6602 brcmf_notify_roaming_status); 6603 brcmf_fweh_register(cfg->pub, BRCMF_E_MIC_ERROR, 6604 brcmf_notify_mic_status); 6605 brcmf_fweh_register(cfg->pub, BRCMF_E_SET_SSID, 6606 brcmf_notify_connect_status); 6607 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND, 6608 brcmf_notify_sched_scan_results); 6609 brcmf_fweh_register(cfg->pub, BRCMF_E_IF, 6610 brcmf_notify_vif_event); 6611 brcmf_fweh_register(cfg->pub, BRCMF_E_P2P_PROBEREQ_MSG, 6612 brcmf_p2p_notify_rx_mgmt_p2p_probereq); 6613 brcmf_fweh_register(cfg->pub, BRCMF_E_P2P_DISC_LISTEN_COMPLETE, 6614 brcmf_p2p_notify_listen_complete); 6615 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_RX, 6616 brcmf_p2p_notify_action_frame_rx); 6617 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_COMPLETE, 6618 brcmf_p2p_notify_action_tx_complete); 6619 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_OFF_CHAN_COMPLETE, 6620 brcmf_p2p_notify_action_tx_complete); 6621 brcmf_fweh_register(cfg->pub, BRCMF_E_PSK_SUP, 6622 brcmf_notify_connect_status); 6623 brcmf_fweh_register(cfg->pub, BRCMF_E_RSSI, brcmf_notify_rssi); 6624 } 6625 6626 static void brcmf_deinit_priv_mem(struct brcmf_cfg80211_info *cfg) 6627 { 6628 kfree(cfg->conf); 6629 cfg->conf = NULL; 6630 kfree(cfg->extra_buf); 6631 cfg->extra_buf = NULL; 6632 kfree(cfg->wowl.nd); 6633 cfg->wowl.nd = NULL; 6634 kfree(cfg->wowl.nd_info); 6635 cfg->wowl.nd_info = NULL; 6636 kfree(cfg->escan_info.escan_buf); 6637 cfg->escan_info.escan_buf = NULL; 6638 } 6639 6640 static s32 brcmf_init_priv_mem(struct brcmf_cfg80211_info *cfg) 6641 { 6642 cfg->conf = kzalloc(sizeof(*cfg->conf), GFP_KERNEL); 6643 if (!cfg->conf) 6644 goto init_priv_mem_out; 6645 cfg->extra_buf = kzalloc(WL_EXTRA_BUF_MAX, GFP_KERNEL); 6646 if (!cfg->extra_buf) 6647 goto init_priv_mem_out; 6648 cfg->wowl.nd = kzalloc(sizeof(*cfg->wowl.nd) + sizeof(u32), GFP_KERNEL); 6649 if (!cfg->wowl.nd) 6650 goto init_priv_mem_out; 6651 cfg->wowl.nd_info = kzalloc(sizeof(*cfg->wowl.nd_info) + 6652 sizeof(struct cfg80211_wowlan_nd_match *), 6653 GFP_KERNEL); 6654 if (!cfg->wowl.nd_info) 6655 goto init_priv_mem_out; 6656 cfg->escan_info.escan_buf = kzalloc(BRCMF_ESCAN_BUF_SIZE, GFP_KERNEL); 6657 if (!cfg->escan_info.escan_buf) 6658 goto init_priv_mem_out; 6659 6660 return 0; 6661 6662 init_priv_mem_out: 6663 brcmf_deinit_priv_mem(cfg); 6664 6665 return -ENOMEM; 6666 } 6667 6668 static s32 wl_init_priv(struct brcmf_cfg80211_info *cfg) 6669 { 6670 s32 err = 0; 6671 6672 cfg->scan_request = NULL; 6673 cfg->pwr_save = true; 6674 cfg->dongle_up = false; /* dongle is not up yet */ 6675 err = brcmf_init_priv_mem(cfg); 6676 if (err) 6677 return err; 6678 brcmf_register_event_handlers(cfg); 6679 mutex_init(&cfg->usr_sync); 6680 brcmf_init_escan(cfg); 6681 brcmf_init_conf(cfg->conf); 6682 brcmf_init_wmm_prio(cfg->ac_priority); 6683 init_completion(&cfg->vif_disabled); 6684 return err; 6685 } 6686 6687 static void wl_deinit_priv(struct brcmf_cfg80211_info *cfg) 6688 { 6689 cfg->dongle_up = false; /* dongle down */ 6690 brcmf_abort_scanning(cfg); 6691 brcmf_deinit_priv_mem(cfg); 6692 brcmf_clear_assoc_ies(cfg); 6693 } 6694 6695 static void init_vif_event(struct brcmf_cfg80211_vif_event *event) 6696 { 6697 init_waitqueue_head(&event->vif_wq); 6698 spin_lock_init(&event->vif_event_lock); 6699 } 6700 6701 static s32 brcmf_dongle_roam(struct brcmf_if *ifp) 6702 { 6703 struct brcmf_pub *drvr = ifp->drvr; 6704 s32 err; 6705 u32 bcn_timeout; 6706 __le32 roamtrigger[2]; 6707 __le32 roam_delta[2]; 6708 6709 /* Configure beacon timeout value based upon roaming setting */ 6710 if (ifp->drvr->settings->roamoff) 6711 bcn_timeout = BRCMF_DEFAULT_BCN_TIMEOUT_ROAM_OFF; 6712 else 6713 bcn_timeout = BRCMF_DEFAULT_BCN_TIMEOUT_ROAM_ON; 6714 err = brcmf_fil_iovar_int_set(ifp, "bcn_timeout", bcn_timeout); 6715 if (err) { 6716 bphy_err(drvr, "bcn_timeout error (%d)\n", err); 6717 goto roam_setup_done; 6718 } 6719 6720 /* Enable/Disable built-in roaming to allow supplicant to take care of 6721 * roaming. 6722 */ 6723 brcmf_dbg(INFO, "Internal Roaming = %s\n", 6724 ifp->drvr->settings->roamoff ? "Off" : "On"); 6725 err = brcmf_fil_iovar_int_set(ifp, "roam_off", 6726 ifp->drvr->settings->roamoff); 6727 if (err) { 6728 bphy_err(drvr, "roam_off error (%d)\n", err); 6729 goto roam_setup_done; 6730 } 6731 6732 roamtrigger[0] = cpu_to_le32(WL_ROAM_TRIGGER_LEVEL); 6733 roamtrigger[1] = cpu_to_le32(BRCM_BAND_ALL); 6734 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_TRIGGER, 6735 (void *)roamtrigger, sizeof(roamtrigger)); 6736 if (err) 6737 bphy_err(drvr, "WLC_SET_ROAM_TRIGGER error (%d)\n", err); 6738 6739 roam_delta[0] = cpu_to_le32(WL_ROAM_DELTA); 6740 roam_delta[1] = cpu_to_le32(BRCM_BAND_ALL); 6741 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_DELTA, 6742 (void *)roam_delta, sizeof(roam_delta)); 6743 if (err) 6744 bphy_err(drvr, "WLC_SET_ROAM_DELTA error (%d)\n", err); 6745 6746 return 0; 6747 6748 roam_setup_done: 6749 return err; 6750 } 6751 6752 static s32 6753 brcmf_dongle_scantime(struct brcmf_if *ifp) 6754 { 6755 struct brcmf_pub *drvr = ifp->drvr; 6756 s32 err = 0; 6757 6758 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_CHANNEL_TIME, 6759 BRCMF_SCAN_CHANNEL_TIME); 6760 if (err) { 6761 bphy_err(drvr, "Scan assoc time error (%d)\n", err); 6762 goto dongle_scantime_out; 6763 } 6764 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_UNASSOC_TIME, 6765 BRCMF_SCAN_UNASSOC_TIME); 6766 if (err) { 6767 bphy_err(drvr, "Scan unassoc time error (%d)\n", err); 6768 goto dongle_scantime_out; 6769 } 6770 6771 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_PASSIVE_TIME, 6772 BRCMF_SCAN_PASSIVE_TIME); 6773 if (err) { 6774 bphy_err(drvr, "Scan passive time error (%d)\n", err); 6775 goto dongle_scantime_out; 6776 } 6777 6778 dongle_scantime_out: 6779 return err; 6780 } 6781 6782 static void brcmf_update_bw40_channel_flag(struct ieee80211_channel *channel, 6783 struct brcmu_chan *ch) 6784 { 6785 u32 ht40_flag; 6786 6787 ht40_flag = channel->flags & IEEE80211_CHAN_NO_HT40; 6788 if (ch->sb == BRCMU_CHAN_SB_U) { 6789 if (ht40_flag == IEEE80211_CHAN_NO_HT40) 6790 channel->flags &= ~IEEE80211_CHAN_NO_HT40; 6791 channel->flags |= IEEE80211_CHAN_NO_HT40PLUS; 6792 } else { 6793 /* It should be one of 6794 * IEEE80211_CHAN_NO_HT40 or 6795 * IEEE80211_CHAN_NO_HT40PLUS 6796 */ 6797 channel->flags &= ~IEEE80211_CHAN_NO_HT40; 6798 if (ht40_flag == IEEE80211_CHAN_NO_HT40) 6799 channel->flags |= IEEE80211_CHAN_NO_HT40MINUS; 6800 } 6801 } 6802 6803 static int brcmf_construct_chaninfo(struct brcmf_cfg80211_info *cfg, 6804 u32 bw_cap[]) 6805 { 6806 struct wiphy *wiphy = cfg_to_wiphy(cfg); 6807 struct brcmf_pub *drvr = cfg->pub; 6808 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0); 6809 struct ieee80211_supported_band *band; 6810 struct ieee80211_channel *channel; 6811 struct brcmf_chanspec_list *list; 6812 struct brcmu_chan ch; 6813 int err; 6814 u8 *pbuf; 6815 u32 i, j; 6816 u32 total; 6817 u32 chaninfo; 6818 6819 pbuf = kzalloc(BRCMF_DCMD_MEDLEN, GFP_KERNEL); 6820 6821 if (pbuf == NULL) 6822 return -ENOMEM; 6823 6824 list = (struct brcmf_chanspec_list *)pbuf; 6825 6826 err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf, 6827 BRCMF_DCMD_MEDLEN); 6828 if (err) { 6829 bphy_err(drvr, "get chanspecs error (%d)\n", err); 6830 goto fail_pbuf; 6831 } 6832 6833 band = wiphy->bands[NL80211_BAND_2GHZ]; 6834 if (band) 6835 for (i = 0; i < band->n_channels; i++) 6836 band->channels[i].flags = IEEE80211_CHAN_DISABLED; 6837 band = wiphy->bands[NL80211_BAND_5GHZ]; 6838 if (band) 6839 for (i = 0; i < band->n_channels; i++) 6840 band->channels[i].flags = IEEE80211_CHAN_DISABLED; 6841 6842 total = le32_to_cpu(list->count); 6843 for (i = 0; i < total; i++) { 6844 ch.chspec = (u16)le32_to_cpu(list->element[i]); 6845 cfg->d11inf.decchspec(&ch); 6846 6847 if (ch.band == BRCMU_CHAN_BAND_2G) { 6848 band = wiphy->bands[NL80211_BAND_2GHZ]; 6849 } else if (ch.band == BRCMU_CHAN_BAND_5G) { 6850 band = wiphy->bands[NL80211_BAND_5GHZ]; 6851 } else { 6852 bphy_err(drvr, "Invalid channel Spec. 0x%x.\n", 6853 ch.chspec); 6854 continue; 6855 } 6856 if (!band) 6857 continue; 6858 if (!(bw_cap[band->band] & WLC_BW_40MHZ_BIT) && 6859 ch.bw == BRCMU_CHAN_BW_40) 6860 continue; 6861 if (!(bw_cap[band->band] & WLC_BW_80MHZ_BIT) && 6862 ch.bw == BRCMU_CHAN_BW_80) 6863 continue; 6864 6865 channel = NULL; 6866 for (j = 0; j < band->n_channels; j++) { 6867 if (band->channels[j].hw_value == ch.control_ch_num) { 6868 channel = &band->channels[j]; 6869 break; 6870 } 6871 } 6872 if (!channel) { 6873 /* It seems firmware supports some channel we never 6874 * considered. Something new in IEEE standard? 6875 */ 6876 bphy_err(drvr, "Ignoring unexpected firmware channel %d\n", 6877 ch.control_ch_num); 6878 continue; 6879 } 6880 6881 if (channel->orig_flags & IEEE80211_CHAN_DISABLED) 6882 continue; 6883 6884 /* assuming the chanspecs order is HT20, 6885 * HT40 upper, HT40 lower, and VHT80. 6886 */ 6887 switch (ch.bw) { 6888 case BRCMU_CHAN_BW_160: 6889 channel->flags &= ~IEEE80211_CHAN_NO_160MHZ; 6890 break; 6891 case BRCMU_CHAN_BW_80: 6892 channel->flags &= ~IEEE80211_CHAN_NO_80MHZ; 6893 break; 6894 case BRCMU_CHAN_BW_40: 6895 brcmf_update_bw40_channel_flag(channel, &ch); 6896 break; 6897 default: 6898 wiphy_warn(wiphy, "Firmware reported unsupported bandwidth %d\n", 6899 ch.bw); 6900 fallthrough; 6901 case BRCMU_CHAN_BW_20: 6902 /* enable the channel and disable other bandwidths 6903 * for now as mentioned order assure they are enabled 6904 * for subsequent chanspecs. 6905 */ 6906 channel->flags = IEEE80211_CHAN_NO_HT40 | 6907 IEEE80211_CHAN_NO_80MHZ | 6908 IEEE80211_CHAN_NO_160MHZ; 6909 ch.bw = BRCMU_CHAN_BW_20; 6910 cfg->d11inf.encchspec(&ch); 6911 chaninfo = ch.chspec; 6912 err = brcmf_fil_bsscfg_int_get(ifp, "per_chan_info", 6913 &chaninfo); 6914 if (!err) { 6915 if (chaninfo & WL_CHAN_RADAR) 6916 channel->flags |= 6917 (IEEE80211_CHAN_RADAR | 6918 IEEE80211_CHAN_NO_IR); 6919 if (chaninfo & WL_CHAN_PASSIVE) 6920 channel->flags |= 6921 IEEE80211_CHAN_NO_IR; 6922 } 6923 } 6924 } 6925 6926 fail_pbuf: 6927 kfree(pbuf); 6928 return err; 6929 } 6930 6931 static int brcmf_enable_bw40_2g(struct brcmf_cfg80211_info *cfg) 6932 { 6933 struct brcmf_pub *drvr = cfg->pub; 6934 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0); 6935 struct ieee80211_supported_band *band; 6936 struct brcmf_fil_bwcap_le band_bwcap; 6937 struct brcmf_chanspec_list *list; 6938 u8 *pbuf; 6939 u32 val; 6940 int err; 6941 struct brcmu_chan ch; 6942 u32 num_chan; 6943 int i, j; 6944 6945 /* verify support for bw_cap command */ 6946 val = WLC_BAND_5G; 6947 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &val); 6948 6949 if (!err) { 6950 /* only set 2G bandwidth using bw_cap command */ 6951 band_bwcap.band = cpu_to_le32(WLC_BAND_2G); 6952 band_bwcap.bw_cap = cpu_to_le32(WLC_BW_CAP_40MHZ); 6953 err = brcmf_fil_iovar_data_set(ifp, "bw_cap", &band_bwcap, 6954 sizeof(band_bwcap)); 6955 } else { 6956 brcmf_dbg(INFO, "fallback to mimo_bw_cap\n"); 6957 val = WLC_N_BW_40ALL; 6958 err = brcmf_fil_iovar_int_set(ifp, "mimo_bw_cap", val); 6959 } 6960 6961 if (!err) { 6962 /* update channel info in 2G band */ 6963 pbuf = kzalloc(BRCMF_DCMD_MEDLEN, GFP_KERNEL); 6964 6965 if (pbuf == NULL) 6966 return -ENOMEM; 6967 6968 ch.band = BRCMU_CHAN_BAND_2G; 6969 ch.bw = BRCMU_CHAN_BW_40; 6970 ch.sb = BRCMU_CHAN_SB_NONE; 6971 ch.chnum = 0; 6972 cfg->d11inf.encchspec(&ch); 6973 6974 /* pass encoded chanspec in query */ 6975 *(__le16 *)pbuf = cpu_to_le16(ch.chspec); 6976 6977 err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf, 6978 BRCMF_DCMD_MEDLEN); 6979 if (err) { 6980 bphy_err(drvr, "get chanspecs error (%d)\n", err); 6981 kfree(pbuf); 6982 return err; 6983 } 6984 6985 band = cfg_to_wiphy(cfg)->bands[NL80211_BAND_2GHZ]; 6986 list = (struct brcmf_chanspec_list *)pbuf; 6987 num_chan = le32_to_cpu(list->count); 6988 for (i = 0; i < num_chan; i++) { 6989 ch.chspec = (u16)le32_to_cpu(list->element[i]); 6990 cfg->d11inf.decchspec(&ch); 6991 if (WARN_ON(ch.band != BRCMU_CHAN_BAND_2G)) 6992 continue; 6993 if (WARN_ON(ch.bw != BRCMU_CHAN_BW_40)) 6994 continue; 6995 for (j = 0; j < band->n_channels; j++) { 6996 if (band->channels[j].hw_value == ch.control_ch_num) 6997 break; 6998 } 6999 if (WARN_ON(j == band->n_channels)) 7000 continue; 7001 7002 brcmf_update_bw40_channel_flag(&band->channels[j], &ch); 7003 } 7004 kfree(pbuf); 7005 } 7006 return err; 7007 } 7008 7009 static void brcmf_get_bwcap(struct brcmf_if *ifp, u32 bw_cap[]) 7010 { 7011 struct brcmf_pub *drvr = ifp->drvr; 7012 u32 band, mimo_bwcap; 7013 int err; 7014 7015 band = WLC_BAND_2G; 7016 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &band); 7017 if (!err) { 7018 bw_cap[NL80211_BAND_2GHZ] = band; 7019 band = WLC_BAND_5G; 7020 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &band); 7021 if (!err) { 7022 bw_cap[NL80211_BAND_5GHZ] = band; 7023 return; 7024 } 7025 WARN_ON(1); 7026 return; 7027 } 7028 brcmf_dbg(INFO, "fallback to mimo_bw_cap info\n"); 7029 mimo_bwcap = 0; 7030 err = brcmf_fil_iovar_int_get(ifp, "mimo_bw_cap", &mimo_bwcap); 7031 if (err) 7032 /* assume 20MHz if firmware does not give a clue */ 7033 mimo_bwcap = WLC_N_BW_20ALL; 7034 7035 switch (mimo_bwcap) { 7036 case WLC_N_BW_40ALL: 7037 bw_cap[NL80211_BAND_2GHZ] |= WLC_BW_40MHZ_BIT; 7038 fallthrough; 7039 case WLC_N_BW_20IN2G_40IN5G: 7040 bw_cap[NL80211_BAND_5GHZ] |= WLC_BW_40MHZ_BIT; 7041 fallthrough; 7042 case WLC_N_BW_20ALL: 7043 bw_cap[NL80211_BAND_2GHZ] |= WLC_BW_20MHZ_BIT; 7044 bw_cap[NL80211_BAND_5GHZ] |= WLC_BW_20MHZ_BIT; 7045 break; 7046 default: 7047 bphy_err(drvr, "invalid mimo_bw_cap value\n"); 7048 } 7049 } 7050 7051 static void brcmf_update_ht_cap(struct ieee80211_supported_band *band, 7052 u32 bw_cap[2], u32 nchain) 7053 { 7054 band->ht_cap.ht_supported = true; 7055 if (bw_cap[band->band] & WLC_BW_40MHZ_BIT) { 7056 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_40; 7057 band->ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40; 7058 } 7059 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_20; 7060 band->ht_cap.cap |= IEEE80211_HT_CAP_DSSSCCK40; 7061 band->ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K; 7062 band->ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_16; 7063 memset(band->ht_cap.mcs.rx_mask, 0xff, nchain); 7064 band->ht_cap.mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED; 7065 } 7066 7067 static __le16 brcmf_get_mcs_map(u32 nchain, enum ieee80211_vht_mcs_support supp) 7068 { 7069 u16 mcs_map; 7070 int i; 7071 7072 for (i = 0, mcs_map = 0xFFFF; i < nchain; i++) 7073 mcs_map = (mcs_map << 2) | supp; 7074 7075 return cpu_to_le16(mcs_map); 7076 } 7077 7078 static void brcmf_update_vht_cap(struct ieee80211_supported_band *band, 7079 u32 bw_cap[2], u32 nchain, u32 txstreams, 7080 u32 txbf_bfe_cap, u32 txbf_bfr_cap) 7081 { 7082 __le16 mcs_map; 7083 7084 /* not allowed in 2.4G band */ 7085 if (band->band == NL80211_BAND_2GHZ) 7086 return; 7087 7088 band->vht_cap.vht_supported = true; 7089 /* 80MHz is mandatory */ 7090 band->vht_cap.cap |= IEEE80211_VHT_CAP_SHORT_GI_80; 7091 if (bw_cap[band->band] & WLC_BW_160MHZ_BIT) { 7092 band->vht_cap.cap |= IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ; 7093 band->vht_cap.cap |= IEEE80211_VHT_CAP_SHORT_GI_160; 7094 } 7095 /* all support 256-QAM */ 7096 mcs_map = brcmf_get_mcs_map(nchain, IEEE80211_VHT_MCS_SUPPORT_0_9); 7097 band->vht_cap.vht_mcs.rx_mcs_map = mcs_map; 7098 band->vht_cap.vht_mcs.tx_mcs_map = mcs_map; 7099 7100 /* Beamforming support information */ 7101 if (txbf_bfe_cap & BRCMF_TXBF_SU_BFE_CAP) 7102 band->vht_cap.cap |= IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE; 7103 if (txbf_bfe_cap & BRCMF_TXBF_MU_BFE_CAP) 7104 band->vht_cap.cap |= IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE; 7105 if (txbf_bfr_cap & BRCMF_TXBF_SU_BFR_CAP) 7106 band->vht_cap.cap |= IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE; 7107 if (txbf_bfr_cap & BRCMF_TXBF_MU_BFR_CAP) 7108 band->vht_cap.cap |= IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE; 7109 7110 if ((txbf_bfe_cap || txbf_bfr_cap) && (txstreams > 1)) { 7111 band->vht_cap.cap |= 7112 (2 << IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT); 7113 band->vht_cap.cap |= ((txstreams - 1) << 7114 IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT); 7115 band->vht_cap.cap |= 7116 IEEE80211_VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB; 7117 } 7118 } 7119 7120 static int brcmf_setup_wiphybands(struct brcmf_cfg80211_info *cfg) 7121 { 7122 struct brcmf_pub *drvr = cfg->pub; 7123 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0); 7124 struct wiphy *wiphy = cfg_to_wiphy(cfg); 7125 u32 nmode = 0; 7126 u32 vhtmode = 0; 7127 u32 bw_cap[2] = { WLC_BW_20MHZ_BIT, WLC_BW_20MHZ_BIT }; 7128 u32 rxchain; 7129 u32 nchain; 7130 int err; 7131 s32 i; 7132 struct ieee80211_supported_band *band; 7133 u32 txstreams = 0; 7134 u32 txbf_bfe_cap = 0; 7135 u32 txbf_bfr_cap = 0; 7136 7137 (void)brcmf_fil_iovar_int_get(ifp, "vhtmode", &vhtmode); 7138 err = brcmf_fil_iovar_int_get(ifp, "nmode", &nmode); 7139 if (err) { 7140 bphy_err(drvr, "nmode error (%d)\n", err); 7141 } else { 7142 brcmf_get_bwcap(ifp, bw_cap); 7143 } 7144 brcmf_dbg(INFO, "nmode=%d, vhtmode=%d, bw_cap=(%d, %d)\n", 7145 nmode, vhtmode, bw_cap[NL80211_BAND_2GHZ], 7146 bw_cap[NL80211_BAND_5GHZ]); 7147 7148 err = brcmf_fil_iovar_int_get(ifp, "rxchain", &rxchain); 7149 if (err) { 7150 /* rxchain unsupported by firmware of older chips */ 7151 if (err == -EBADE) 7152 bphy_info_once(drvr, "rxchain unsupported\n"); 7153 else 7154 bphy_err(drvr, "rxchain error (%d)\n", err); 7155 7156 nchain = 1; 7157 } else { 7158 for (nchain = 0; rxchain; nchain++) 7159 rxchain = rxchain & (rxchain - 1); 7160 } 7161 brcmf_dbg(INFO, "nchain=%d\n", nchain); 7162 7163 err = brcmf_construct_chaninfo(cfg, bw_cap); 7164 if (err) { 7165 bphy_err(drvr, "brcmf_construct_chaninfo failed (%d)\n", err); 7166 return err; 7167 } 7168 7169 if (vhtmode) { 7170 (void)brcmf_fil_iovar_int_get(ifp, "txstreams", &txstreams); 7171 (void)brcmf_fil_iovar_int_get(ifp, "txbf_bfe_cap", 7172 &txbf_bfe_cap); 7173 (void)brcmf_fil_iovar_int_get(ifp, "txbf_bfr_cap", 7174 &txbf_bfr_cap); 7175 } 7176 7177 for (i = 0; i < ARRAY_SIZE(wiphy->bands); i++) { 7178 band = wiphy->bands[i]; 7179 if (band == NULL) 7180 continue; 7181 7182 if (nmode) 7183 brcmf_update_ht_cap(band, bw_cap, nchain); 7184 if (vhtmode) 7185 brcmf_update_vht_cap(band, bw_cap, nchain, txstreams, 7186 txbf_bfe_cap, txbf_bfr_cap); 7187 } 7188 7189 return 0; 7190 } 7191 7192 static const struct ieee80211_txrx_stypes 7193 brcmf_txrx_stypes[NUM_NL80211_IFTYPES] = { 7194 [NL80211_IFTYPE_STATION] = { 7195 .tx = 0xffff, 7196 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) | 7197 BIT(IEEE80211_STYPE_PROBE_REQ >> 4) 7198 }, 7199 [NL80211_IFTYPE_P2P_CLIENT] = { 7200 .tx = 0xffff, 7201 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) | 7202 BIT(IEEE80211_STYPE_PROBE_REQ >> 4) 7203 }, 7204 [NL80211_IFTYPE_P2P_GO] = { 7205 .tx = 0xffff, 7206 .rx = BIT(IEEE80211_STYPE_ASSOC_REQ >> 4) | 7207 BIT(IEEE80211_STYPE_REASSOC_REQ >> 4) | 7208 BIT(IEEE80211_STYPE_PROBE_REQ >> 4) | 7209 BIT(IEEE80211_STYPE_DISASSOC >> 4) | 7210 BIT(IEEE80211_STYPE_AUTH >> 4) | 7211 BIT(IEEE80211_STYPE_DEAUTH >> 4) | 7212 BIT(IEEE80211_STYPE_ACTION >> 4) 7213 }, 7214 [NL80211_IFTYPE_P2P_DEVICE] = { 7215 .tx = 0xffff, 7216 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) | 7217 BIT(IEEE80211_STYPE_PROBE_REQ >> 4) 7218 }, 7219 [NL80211_IFTYPE_AP] = { 7220 .tx = 0xffff, 7221 .rx = BIT(IEEE80211_STYPE_ASSOC_REQ >> 4) | 7222 BIT(IEEE80211_STYPE_REASSOC_REQ >> 4) | 7223 BIT(IEEE80211_STYPE_PROBE_REQ >> 4) | 7224 BIT(IEEE80211_STYPE_DISASSOC >> 4) | 7225 BIT(IEEE80211_STYPE_AUTH >> 4) | 7226 BIT(IEEE80211_STYPE_DEAUTH >> 4) | 7227 BIT(IEEE80211_STYPE_ACTION >> 4) 7228 } 7229 }; 7230 7231 /** 7232 * brcmf_setup_ifmodes() - determine interface modes and combinations. 7233 * 7234 * @wiphy: wiphy object. 7235 * @ifp: interface object needed for feat module api. 7236 * 7237 * The interface modes and combinations are determined dynamically here 7238 * based on firmware functionality. 7239 * 7240 * no p2p and no mbss: 7241 * 7242 * #STA <= 1, #AP <= 1, channels = 1, 2 total 7243 * 7244 * no p2p and mbss: 7245 * 7246 * #STA <= 1, #AP <= 1, channels = 1, 2 total 7247 * #AP <= 4, matching BI, channels = 1, 4 total 7248 * 7249 * no p2p and rsdb: 7250 * #STA <= 1, #AP <= 2, channels = 2, 4 total 7251 * 7252 * p2p, no mchan, and mbss: 7253 * 7254 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 1, channels = 1, 3 total 7255 * #STA <= 1, #P2P-DEV <= 1, #AP <= 1, #P2P-CL <= 1, channels = 1, 4 total 7256 * #AP <= 4, matching BI, channels = 1, 4 total 7257 * 7258 * p2p, mchan, and mbss: 7259 * 7260 * #STA <= 2, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 1, channels = 2, 3 total 7261 * #STA <= 1, #P2P-DEV <= 1, #AP <= 1, #P2P-CL <= 1, channels = 1, 4 total 7262 * #AP <= 4, matching BI, channels = 1, 4 total 7263 * 7264 * p2p, rsdb, and no mbss: 7265 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 2, AP <= 2, 7266 * channels = 2, 4 total 7267 */ 7268 static int brcmf_setup_ifmodes(struct wiphy *wiphy, struct brcmf_if *ifp) 7269 { 7270 struct ieee80211_iface_combination *combo = NULL; 7271 struct ieee80211_iface_limit *c0_limits = NULL; 7272 struct ieee80211_iface_limit *p2p_limits = NULL; 7273 struct ieee80211_iface_limit *mbss_limits = NULL; 7274 bool mon_flag, mbss, p2p, rsdb, mchan; 7275 int i, c, n_combos, n_limits; 7276 7277 mon_flag = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MONITOR_FLAG); 7278 mbss = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS); 7279 p2p = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_P2P); 7280 rsdb = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_RSDB); 7281 mchan = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MCHAN); 7282 7283 n_combos = 1 + !!(p2p && !rsdb) + !!mbss; 7284 combo = kcalloc(n_combos, sizeof(*combo), GFP_KERNEL); 7285 if (!combo) 7286 goto err; 7287 7288 wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) | 7289 BIT(NL80211_IFTYPE_ADHOC) | 7290 BIT(NL80211_IFTYPE_AP); 7291 if (mon_flag) 7292 wiphy->interface_modes |= BIT(NL80211_IFTYPE_MONITOR); 7293 if (p2p) 7294 wiphy->interface_modes |= BIT(NL80211_IFTYPE_P2P_CLIENT) | 7295 BIT(NL80211_IFTYPE_P2P_GO) | 7296 BIT(NL80211_IFTYPE_P2P_DEVICE); 7297 7298 c = 0; 7299 i = 0; 7300 n_limits = 1 + mon_flag + (p2p ? 2 : 0) + (rsdb || !p2p); 7301 c0_limits = kcalloc(n_limits, sizeof(*c0_limits), GFP_KERNEL); 7302 if (!c0_limits) 7303 goto err; 7304 7305 combo[c].num_different_channels = 1 + (rsdb || (p2p && mchan)); 7306 c0_limits[i].max = 1 + (p2p && mchan); 7307 c0_limits[i++].types = BIT(NL80211_IFTYPE_STATION); 7308 if (mon_flag) { 7309 c0_limits[i].max = 1; 7310 c0_limits[i++].types = BIT(NL80211_IFTYPE_MONITOR); 7311 } 7312 if (p2p) { 7313 c0_limits[i].max = 1; 7314 c0_limits[i++].types = BIT(NL80211_IFTYPE_P2P_DEVICE); 7315 c0_limits[i].max = 1 + rsdb; 7316 c0_limits[i++].types = BIT(NL80211_IFTYPE_P2P_CLIENT) | 7317 BIT(NL80211_IFTYPE_P2P_GO); 7318 } 7319 if (p2p && rsdb) { 7320 c0_limits[i].max = 2; 7321 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP); 7322 combo[c].max_interfaces = 4; 7323 } else if (p2p) { 7324 combo[c].max_interfaces = i; 7325 } else if (rsdb) { 7326 c0_limits[i].max = 2; 7327 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP); 7328 combo[c].max_interfaces = 3; 7329 } else { 7330 c0_limits[i].max = 1; 7331 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP); 7332 combo[c].max_interfaces = i; 7333 } 7334 combo[c].n_limits = i; 7335 combo[c].limits = c0_limits; 7336 7337 if (p2p && !rsdb) { 7338 c++; 7339 i = 0; 7340 p2p_limits = kcalloc(4, sizeof(*p2p_limits), GFP_KERNEL); 7341 if (!p2p_limits) 7342 goto err; 7343 p2p_limits[i].max = 1; 7344 p2p_limits[i++].types = BIT(NL80211_IFTYPE_STATION); 7345 p2p_limits[i].max = 1; 7346 p2p_limits[i++].types = BIT(NL80211_IFTYPE_AP); 7347 p2p_limits[i].max = 1; 7348 p2p_limits[i++].types = BIT(NL80211_IFTYPE_P2P_CLIENT); 7349 p2p_limits[i].max = 1; 7350 p2p_limits[i++].types = BIT(NL80211_IFTYPE_P2P_DEVICE); 7351 combo[c].num_different_channels = 1; 7352 combo[c].max_interfaces = i; 7353 combo[c].n_limits = i; 7354 combo[c].limits = p2p_limits; 7355 } 7356 7357 if (mbss) { 7358 c++; 7359 i = 0; 7360 n_limits = 1 + mon_flag; 7361 mbss_limits = kcalloc(n_limits, sizeof(*mbss_limits), 7362 GFP_KERNEL); 7363 if (!mbss_limits) 7364 goto err; 7365 mbss_limits[i].max = 4; 7366 mbss_limits[i++].types = BIT(NL80211_IFTYPE_AP); 7367 if (mon_flag) { 7368 mbss_limits[i].max = 1; 7369 mbss_limits[i++].types = BIT(NL80211_IFTYPE_MONITOR); 7370 } 7371 combo[c].beacon_int_infra_match = true; 7372 combo[c].num_different_channels = 1; 7373 combo[c].max_interfaces = 4 + mon_flag; 7374 combo[c].n_limits = i; 7375 combo[c].limits = mbss_limits; 7376 } 7377 7378 wiphy->n_iface_combinations = n_combos; 7379 wiphy->iface_combinations = combo; 7380 return 0; 7381 7382 err: 7383 kfree(c0_limits); 7384 kfree(p2p_limits); 7385 kfree(mbss_limits); 7386 kfree(combo); 7387 return -ENOMEM; 7388 } 7389 7390 #ifdef CONFIG_PM 7391 static const struct wiphy_wowlan_support brcmf_wowlan_support = { 7392 .flags = WIPHY_WOWLAN_MAGIC_PKT | WIPHY_WOWLAN_DISCONNECT, 7393 .n_patterns = BRCMF_WOWL_MAXPATTERNS, 7394 .pattern_max_len = BRCMF_WOWL_MAXPATTERNSIZE, 7395 .pattern_min_len = 1, 7396 .max_pkt_offset = 1500, 7397 }; 7398 #endif 7399 7400 static void brcmf_wiphy_wowl_params(struct wiphy *wiphy, struct brcmf_if *ifp) 7401 { 7402 #ifdef CONFIG_PM 7403 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 7404 struct brcmf_pub *drvr = cfg->pub; 7405 struct wiphy_wowlan_support *wowl; 7406 7407 wowl = kmemdup(&brcmf_wowlan_support, sizeof(brcmf_wowlan_support), 7408 GFP_KERNEL); 7409 if (!wowl) { 7410 bphy_err(drvr, "only support basic wowlan features\n"); 7411 wiphy->wowlan = &brcmf_wowlan_support; 7412 return; 7413 } 7414 7415 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO)) { 7416 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ND)) { 7417 wowl->flags |= WIPHY_WOWLAN_NET_DETECT; 7418 wowl->max_nd_match_sets = BRCMF_PNO_MAX_PFN_COUNT; 7419 init_waitqueue_head(&cfg->wowl.nd_data_wait); 7420 } 7421 } 7422 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_GTK)) { 7423 wowl->flags |= WIPHY_WOWLAN_SUPPORTS_GTK_REKEY; 7424 wowl->flags |= WIPHY_WOWLAN_GTK_REKEY_FAILURE; 7425 } 7426 7427 wiphy->wowlan = wowl; 7428 #endif 7429 } 7430 7431 static int brcmf_setup_wiphy(struct wiphy *wiphy, struct brcmf_if *ifp) 7432 { 7433 struct brcmf_pub *drvr = ifp->drvr; 7434 const struct ieee80211_iface_combination *combo; 7435 struct ieee80211_supported_band *band; 7436 u16 max_interfaces = 0; 7437 bool gscan; 7438 __le32 bandlist[3]; 7439 u32 n_bands; 7440 int err, i; 7441 7442 wiphy->max_scan_ssids = WL_NUM_SCAN_MAX; 7443 wiphy->max_scan_ie_len = BRCMF_SCAN_IE_LEN_MAX; 7444 wiphy->max_num_pmkids = BRCMF_MAXPMKID; 7445 7446 err = brcmf_setup_ifmodes(wiphy, ifp); 7447 if (err) 7448 return err; 7449 7450 for (i = 0, combo = wiphy->iface_combinations; 7451 i < wiphy->n_iface_combinations; i++, combo++) { 7452 max_interfaces = max(max_interfaces, combo->max_interfaces); 7453 } 7454 7455 for (i = 0; i < max_interfaces && i < ARRAY_SIZE(drvr->addresses); 7456 i++) { 7457 u8 *addr = drvr->addresses[i].addr; 7458 7459 memcpy(addr, drvr->mac, ETH_ALEN); 7460 if (i) { 7461 addr[0] |= BIT(1); 7462 addr[ETH_ALEN - 1] ^= i; 7463 } 7464 } 7465 wiphy->addresses = drvr->addresses; 7466 wiphy->n_addresses = i; 7467 7468 wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM; 7469 wiphy->cipher_suites = brcmf_cipher_suites; 7470 wiphy->n_cipher_suites = ARRAY_SIZE(brcmf_cipher_suites); 7471 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP)) 7472 wiphy->n_cipher_suites--; 7473 wiphy->bss_select_support = BIT(NL80211_BSS_SELECT_ATTR_RSSI) | 7474 BIT(NL80211_BSS_SELECT_ATTR_BAND_PREF) | 7475 BIT(NL80211_BSS_SELECT_ATTR_RSSI_ADJUST); 7476 7477 wiphy->flags |= WIPHY_FLAG_NETNS_OK | 7478 WIPHY_FLAG_PS_ON_BY_DEFAULT | 7479 WIPHY_FLAG_HAVE_AP_SME | 7480 WIPHY_FLAG_OFFCHAN_TX | 7481 WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL; 7482 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_TDLS)) 7483 wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS; 7484 if (!ifp->drvr->settings->roamoff) 7485 wiphy->flags |= WIPHY_FLAG_SUPPORTS_FW_ROAM; 7486 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_FWSUP)) { 7487 wiphy_ext_feature_set(wiphy, 7488 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK); 7489 wiphy_ext_feature_set(wiphy, 7490 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X); 7491 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SAE)) 7492 wiphy_ext_feature_set(wiphy, 7493 NL80211_EXT_FEATURE_SAE_OFFLOAD); 7494 } 7495 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_FWAUTH)) { 7496 wiphy_ext_feature_set(wiphy, 7497 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_AP_PSK); 7498 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SAE)) 7499 wiphy_ext_feature_set(wiphy, 7500 NL80211_EXT_FEATURE_SAE_OFFLOAD_AP); 7501 } 7502 wiphy->mgmt_stypes = brcmf_txrx_stypes; 7503 wiphy->max_remain_on_channel_duration = 5000; 7504 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO)) { 7505 gscan = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_GSCAN); 7506 brcmf_pno_wiphy_params(wiphy, gscan); 7507 } 7508 /* vendor commands/events support */ 7509 wiphy->vendor_commands = brcmf_vendor_cmds; 7510 wiphy->n_vendor_commands = BRCMF_VNDR_CMDS_LAST - 1; 7511 7512 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL)) 7513 brcmf_wiphy_wowl_params(wiphy, ifp); 7514 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BANDLIST, &bandlist, 7515 sizeof(bandlist)); 7516 if (err) { 7517 bphy_err(drvr, "could not obtain band info: err=%d\n", err); 7518 return err; 7519 } 7520 /* first entry in bandlist is number of bands */ 7521 n_bands = le32_to_cpu(bandlist[0]); 7522 for (i = 1; i <= n_bands && i < ARRAY_SIZE(bandlist); i++) { 7523 if (bandlist[i] == cpu_to_le32(WLC_BAND_2G)) { 7524 band = kmemdup(&__wl_band_2ghz, sizeof(__wl_band_2ghz), 7525 GFP_KERNEL); 7526 if (!band) 7527 return -ENOMEM; 7528 7529 band->channels = kmemdup(&__wl_2ghz_channels, 7530 sizeof(__wl_2ghz_channels), 7531 GFP_KERNEL); 7532 if (!band->channels) { 7533 kfree(band); 7534 return -ENOMEM; 7535 } 7536 7537 band->n_channels = ARRAY_SIZE(__wl_2ghz_channels); 7538 wiphy->bands[NL80211_BAND_2GHZ] = band; 7539 } 7540 if (bandlist[i] == cpu_to_le32(WLC_BAND_5G)) { 7541 band = kmemdup(&__wl_band_5ghz, sizeof(__wl_band_5ghz), 7542 GFP_KERNEL); 7543 if (!band) 7544 return -ENOMEM; 7545 7546 band->channels = kmemdup(&__wl_5ghz_channels, 7547 sizeof(__wl_5ghz_channels), 7548 GFP_KERNEL); 7549 if (!band->channels) { 7550 kfree(band); 7551 return -ENOMEM; 7552 } 7553 7554 band->n_channels = ARRAY_SIZE(__wl_5ghz_channels); 7555 wiphy->bands[NL80211_BAND_5GHZ] = band; 7556 } 7557 } 7558 7559 if (wiphy->bands[NL80211_BAND_5GHZ] && 7560 brcmf_feat_is_enabled(ifp, BRCMF_FEAT_DOT11H)) 7561 wiphy_ext_feature_set(wiphy, 7562 NL80211_EXT_FEATURE_DFS_OFFLOAD); 7563 7564 wiphy_ext_feature_set(wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST); 7565 7566 wiphy_read_of_freq_limits(wiphy); 7567 7568 return 0; 7569 } 7570 7571 static s32 brcmf_config_dongle(struct brcmf_cfg80211_info *cfg) 7572 { 7573 struct brcmf_pub *drvr = cfg->pub; 7574 struct net_device *ndev; 7575 struct wireless_dev *wdev; 7576 struct brcmf_if *ifp; 7577 s32 power_mode; 7578 s32 err = 0; 7579 7580 if (cfg->dongle_up) 7581 return err; 7582 7583 ndev = cfg_to_ndev(cfg); 7584 wdev = ndev->ieee80211_ptr; 7585 ifp = netdev_priv(ndev); 7586 7587 /* make sure RF is ready for work */ 7588 brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 0); 7589 7590 brcmf_dongle_scantime(ifp); 7591 7592 power_mode = cfg->pwr_save ? PM_FAST : PM_OFF; 7593 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, power_mode); 7594 if (err) 7595 goto default_conf_out; 7596 brcmf_dbg(INFO, "power save set to %s\n", 7597 (power_mode ? "enabled" : "disabled")); 7598 7599 err = brcmf_dongle_roam(ifp); 7600 if (err) 7601 goto default_conf_out; 7602 err = brcmf_cfg80211_change_iface(wdev->wiphy, ndev, wdev->iftype, 7603 NULL); 7604 if (err) 7605 goto default_conf_out; 7606 7607 brcmf_configure_arp_nd_offload(ifp, true); 7608 7609 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_FAKEFRAG, 1); 7610 if (err) { 7611 bphy_err(drvr, "failed to set frameburst mode\n"); 7612 goto default_conf_out; 7613 } 7614 7615 cfg->dongle_up = true; 7616 default_conf_out: 7617 7618 return err; 7619 7620 } 7621 7622 static s32 __brcmf_cfg80211_up(struct brcmf_if *ifp) 7623 { 7624 set_bit(BRCMF_VIF_STATUS_READY, &ifp->vif->sme_state); 7625 7626 return brcmf_config_dongle(ifp->drvr->config); 7627 } 7628 7629 static s32 __brcmf_cfg80211_down(struct brcmf_if *ifp) 7630 { 7631 struct brcmf_cfg80211_info *cfg = ifp->drvr->config; 7632 7633 /* 7634 * While going down, if associated with AP disassociate 7635 * from AP to save power 7636 */ 7637 if (check_vif_up(ifp->vif)) { 7638 brcmf_link_down(ifp->vif, WLAN_REASON_UNSPECIFIED, true); 7639 7640 /* Make sure WPA_Supplicant receives all the event 7641 generated due to DISASSOC call to the fw to keep 7642 the state fw and WPA_Supplicant state consistent 7643 */ 7644 brcmf_delay(500); 7645 } 7646 7647 brcmf_abort_scanning(cfg); 7648 clear_bit(BRCMF_VIF_STATUS_READY, &ifp->vif->sme_state); 7649 7650 return 0; 7651 } 7652 7653 s32 brcmf_cfg80211_up(struct net_device *ndev) 7654 { 7655 struct brcmf_if *ifp = netdev_priv(ndev); 7656 struct brcmf_cfg80211_info *cfg = ifp->drvr->config; 7657 s32 err = 0; 7658 7659 mutex_lock(&cfg->usr_sync); 7660 err = __brcmf_cfg80211_up(ifp); 7661 mutex_unlock(&cfg->usr_sync); 7662 7663 return err; 7664 } 7665 7666 s32 brcmf_cfg80211_down(struct net_device *ndev) 7667 { 7668 struct brcmf_if *ifp = netdev_priv(ndev); 7669 struct brcmf_cfg80211_info *cfg = ifp->drvr->config; 7670 s32 err = 0; 7671 7672 mutex_lock(&cfg->usr_sync); 7673 err = __brcmf_cfg80211_down(ifp); 7674 mutex_unlock(&cfg->usr_sync); 7675 7676 return err; 7677 } 7678 7679 enum nl80211_iftype brcmf_cfg80211_get_iftype(struct brcmf_if *ifp) 7680 { 7681 struct wireless_dev *wdev = &ifp->vif->wdev; 7682 7683 return wdev->iftype; 7684 } 7685 7686 bool brcmf_get_vif_state_any(struct brcmf_cfg80211_info *cfg, 7687 unsigned long state) 7688 { 7689 struct brcmf_cfg80211_vif *vif; 7690 7691 list_for_each_entry(vif, &cfg->vif_list, list) { 7692 if (test_bit(state, &vif->sme_state)) 7693 return true; 7694 } 7695 return false; 7696 } 7697 7698 static inline bool vif_event_equals(struct brcmf_cfg80211_vif_event *event, 7699 u8 action) 7700 { 7701 u8 evt_action; 7702 7703 spin_lock(&event->vif_event_lock); 7704 evt_action = event->action; 7705 spin_unlock(&event->vif_event_lock); 7706 return evt_action == action; 7707 } 7708 7709 void brcmf_cfg80211_arm_vif_event(struct brcmf_cfg80211_info *cfg, 7710 struct brcmf_cfg80211_vif *vif) 7711 { 7712 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event; 7713 7714 spin_lock(&event->vif_event_lock); 7715 event->vif = vif; 7716 event->action = 0; 7717 spin_unlock(&event->vif_event_lock); 7718 } 7719 7720 bool brcmf_cfg80211_vif_event_armed(struct brcmf_cfg80211_info *cfg) 7721 { 7722 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event; 7723 bool armed; 7724 7725 spin_lock(&event->vif_event_lock); 7726 armed = event->vif != NULL; 7727 spin_unlock(&event->vif_event_lock); 7728 7729 return armed; 7730 } 7731 7732 int brcmf_cfg80211_wait_vif_event(struct brcmf_cfg80211_info *cfg, 7733 u8 action, ulong timeout) 7734 { 7735 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event; 7736 7737 return wait_event_timeout(event->vif_wq, 7738 vif_event_equals(event, action), timeout); 7739 } 7740 7741 static bool brmcf_use_iso3166_ccode_fallback(struct brcmf_pub *drvr) 7742 { 7743 if (drvr->settings->trivial_ccode_map) 7744 return true; 7745 7746 switch (drvr->bus_if->chip) { 7747 case BRCM_CC_43430_CHIP_ID: 7748 case BRCM_CC_4345_CHIP_ID: 7749 case BRCM_CC_43602_CHIP_ID: 7750 return true; 7751 default: 7752 return false; 7753 } 7754 } 7755 7756 static s32 brcmf_translate_country_code(struct brcmf_pub *drvr, char alpha2[2], 7757 struct brcmf_fil_country_le *ccreq) 7758 { 7759 struct brcmfmac_pd_cc *country_codes; 7760 struct brcmfmac_pd_cc_entry *cc; 7761 s32 found_index; 7762 int i; 7763 7764 if ((alpha2[0] == ccreq->country_abbrev[0]) && 7765 (alpha2[1] == ccreq->country_abbrev[1])) { 7766 brcmf_dbg(TRACE, "Country code already set\n"); 7767 return -EAGAIN; 7768 } 7769 7770 country_codes = drvr->settings->country_codes; 7771 if (!country_codes) { 7772 if (brmcf_use_iso3166_ccode_fallback(drvr)) { 7773 brcmf_dbg(TRACE, "No country codes configured for device, using ISO3166 code and 0 rev\n"); 7774 memset(ccreq, 0, sizeof(*ccreq)); 7775 ccreq->country_abbrev[0] = alpha2[0]; 7776 ccreq->country_abbrev[1] = alpha2[1]; 7777 ccreq->ccode[0] = alpha2[0]; 7778 ccreq->ccode[1] = alpha2[1]; 7779 return 0; 7780 } 7781 7782 brcmf_dbg(TRACE, "No country codes configured for device\n"); 7783 return -EINVAL; 7784 } 7785 7786 found_index = -1; 7787 for (i = 0; i < country_codes->table_size; i++) { 7788 cc = &country_codes->table[i]; 7789 if ((cc->iso3166[0] == '\0') && (found_index == -1)) 7790 found_index = i; 7791 if ((cc->iso3166[0] == alpha2[0]) && 7792 (cc->iso3166[1] == alpha2[1])) { 7793 found_index = i; 7794 break; 7795 } 7796 } 7797 if (found_index == -1) { 7798 brcmf_dbg(TRACE, "No country code match found\n"); 7799 return -EINVAL; 7800 } 7801 memset(ccreq, 0, sizeof(*ccreq)); 7802 ccreq->rev = cpu_to_le32(country_codes->table[found_index].rev); 7803 memcpy(ccreq->ccode, country_codes->table[found_index].cc, 7804 BRCMF_COUNTRY_BUF_SZ); 7805 ccreq->country_abbrev[0] = alpha2[0]; 7806 ccreq->country_abbrev[1] = alpha2[1]; 7807 ccreq->country_abbrev[2] = 0; 7808 7809 return 0; 7810 } 7811 7812 static int 7813 brcmf_parse_dump_obss(char *buf, struct brcmf_dump_survey *survey) 7814 { 7815 int i; 7816 char *token; 7817 char delim[] = "\n "; 7818 unsigned long val; 7819 int err = 0; 7820 7821 token = strsep(&buf, delim); 7822 while (token) { 7823 if (!strcmp(token, "OBSS")) { 7824 for (i = 0; i < OBSS_TOKEN_IDX; i++) 7825 token = strsep(&buf, delim); 7826 err = kstrtoul(token, 10, &val); 7827 if (err) 7828 break; 7829 survey->obss = val; 7830 } 7831 7832 if (!strcmp(token, "IBSS")) { 7833 for (i = 0; i < IBSS_TOKEN_IDX; i++) 7834 token = strsep(&buf, delim); 7835 err = kstrtoul(token, 10, &val); 7836 if (err) 7837 break; 7838 survey->ibss = val; 7839 } 7840 7841 if (!strcmp(token, "TXDur")) { 7842 for (i = 0; i < TX_TOKEN_IDX; i++) 7843 token = strsep(&buf, delim); 7844 err = kstrtoul(token, 10, &val); 7845 if (err) 7846 break; 7847 survey->tx = val; 7848 } 7849 7850 if (!strcmp(token, "Category")) { 7851 for (i = 0; i < CTG_TOKEN_IDX; i++) 7852 token = strsep(&buf, delim); 7853 err = kstrtoul(token, 10, &val); 7854 if (err) 7855 break; 7856 survey->no_ctg = val; 7857 } 7858 7859 if (!strcmp(token, "Packet")) { 7860 for (i = 0; i < PKT_TOKEN_IDX; i++) 7861 token = strsep(&buf, delim); 7862 err = kstrtoul(token, 10, &val); 7863 if (err) 7864 break; 7865 survey->no_pckt = val; 7866 } 7867 7868 if (!strcmp(token, "Opp(time):")) { 7869 for (i = 0; i < IDLE_TOKEN_IDX; i++) 7870 token = strsep(&buf, delim); 7871 err = kstrtoul(token, 10, &val); 7872 if (err) 7873 break; 7874 survey->idle = val; 7875 } 7876 7877 token = strsep(&buf, delim); 7878 } 7879 7880 return err; 7881 } 7882 7883 static int 7884 brcmf_dump_obss(struct brcmf_if *ifp, struct cca_msrmnt_query req, 7885 struct brcmf_dump_survey *survey) 7886 { 7887 struct cca_stats_n_flags *results; 7888 char *buf; 7889 int err; 7890 7891 buf = kzalloc(sizeof(char) * BRCMF_DCMD_MEDLEN, GFP_KERNEL); 7892 if (!buf) 7893 return -ENOMEM; 7894 7895 memcpy(buf, &req, sizeof(struct cca_msrmnt_query)); 7896 err = brcmf_fil_iovar_data_get(ifp, "dump_obss", 7897 buf, BRCMF_DCMD_MEDLEN); 7898 if (err) { 7899 brcmf_err("dump_obss error (%d)\n", err); 7900 err = -EINVAL; 7901 goto exit; 7902 } 7903 results = (struct cca_stats_n_flags *)(buf); 7904 7905 if (req.msrmnt_query) 7906 brcmf_parse_dump_obss(results->buf, survey); 7907 7908 exit: 7909 kfree(buf); 7910 return err; 7911 } 7912 7913 static s32 7914 cfg80211_set_channel(struct wiphy *wiphy, struct net_device *dev, 7915 struct ieee80211_channel *chan, 7916 enum nl80211_channel_type channel_type) 7917 { 7918 u16 chspec = 0; 7919 int err = 0; 7920 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 7921 struct brcmf_if *ifp = netdev_priv(cfg_to_ndev(cfg)); 7922 7923 /* set_channel */ 7924 chspec = channel_to_chanspec(&cfg->d11inf, chan); 7925 if (chspec != INVCHANSPEC) { 7926 err = brcmf_fil_iovar_int_set(ifp, "chanspec", chspec); 7927 if (err) { 7928 brcmf_err("set chanspec 0x%04x fail, reason %d\n", chspec, err); 7929 err = -EINVAL; 7930 } 7931 } else { 7932 brcmf_err("failed to convert host chanspec to fw chanspec\n"); 7933 err = -EINVAL; 7934 } 7935 7936 return err; 7937 } 7938 7939 static int 7940 brcmf_cfg80211_dump_survey(struct wiphy *wiphy, struct net_device *ndev, 7941 int idx, struct survey_info *info) 7942 { 7943 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 7944 struct brcmf_if *ifp = netdev_priv(cfg_to_ndev(cfg)); 7945 struct brcmf_dump_survey survey = {}; 7946 struct ieee80211_supported_band *band; 7947 struct ieee80211_channel *chan; 7948 struct cca_msrmnt_query req; 7949 u32 noise; 7950 int err; 7951 7952 brcmf_dbg(TRACE, "Enter: channel idx=%d\n", idx); 7953 7954 /* Do not run survey when VIF in CONNECTING / CONNECTED states */ 7955 if ((test_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state)) || 7956 (test_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state))) { 7957 return -EBUSY; 7958 } 7959 7960 band = wiphy->bands[NL80211_BAND_2GHZ]; 7961 if (band && idx >= band->n_channels) { 7962 idx -= band->n_channels; 7963 band = NULL; 7964 } 7965 7966 if (!band || idx >= band->n_channels) { 7967 band = wiphy->bands[NL80211_BAND_5GHZ]; 7968 if (idx >= band->n_channels) 7969 return -ENOENT; 7970 } 7971 7972 /* Setting current channel to the requested channel */ 7973 chan = &band->channels[idx]; 7974 err = cfg80211_set_channel(wiphy, ndev, chan, NL80211_CHAN_HT20); 7975 if (err) { 7976 info->channel = chan; 7977 info->filled = 0; 7978 return 0; 7979 } 7980 7981 /* Disable mpc */ 7982 brcmf_set_mpc(ifp, 0); 7983 7984 /* Set interface up, explicitly. */ 7985 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1); 7986 if (err) { 7987 brcmf_err("set interface up failed, err = %d\n", err); 7988 goto exit; 7989 } 7990 7991 /* Get noise value */ 7992 err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_PHY_NOISE, &noise); 7993 if (err) { 7994 brcmf_err("Get Phy Noise failed, use dummy value\n"); 7995 noise = CHAN_NOISE_DUMMY; 7996 } 7997 7998 /* Start Measurement for obss stats on current channel */ 7999 req.msrmnt_query = 0; 8000 req.time_req = ACS_MSRMNT_DELAY; 8001 err = brcmf_dump_obss(ifp, req, &survey); 8002 if (err) 8003 goto exit; 8004 8005 /* Add 10 ms for IOVAR completion */ 8006 msleep(ACS_MSRMNT_DELAY + 10); 8007 8008 /* Issue IOVAR to collect measurement results */ 8009 req.msrmnt_query = 1; 8010 err = brcmf_dump_obss(ifp, req, &survey); 8011 if (err) 8012 goto exit; 8013 8014 info->channel = chan; 8015 info->noise = noise; 8016 info->time = ACS_MSRMNT_DELAY; 8017 info->time_busy = ACS_MSRMNT_DELAY - survey.idle; 8018 info->time_rx = survey.obss + survey.ibss + survey.no_ctg + 8019 survey.no_pckt; 8020 info->time_tx = survey.tx; 8021 info->filled = SURVEY_INFO_NOISE_DBM | SURVEY_INFO_TIME | 8022 SURVEY_INFO_TIME_BUSY | SURVEY_INFO_TIME_RX | 8023 SURVEY_INFO_TIME_TX; 8024 8025 brcmf_dbg(INFO, "OBSS dump: channel %d: survey duration %d\n", 8026 ieee80211_frequency_to_channel(chan->center_freq), 8027 ACS_MSRMNT_DELAY); 8028 brcmf_dbg(INFO, "noise(%d) busy(%llu) rx(%llu) tx(%llu)\n", 8029 info->noise, info->time_busy, info->time_rx, info->time_tx); 8030 8031 exit: 8032 if (!brcmf_is_apmode(ifp->vif)) 8033 brcmf_set_mpc(ifp, 1); 8034 return err; 8035 } 8036 8037 static void brcmf_cfg80211_reg_notifier(struct wiphy *wiphy, 8038 struct regulatory_request *req) 8039 { 8040 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy); 8041 struct brcmf_if *ifp = brcmf_get_ifp(cfg->pub, 0); 8042 struct brcmf_pub *drvr = cfg->pub; 8043 struct brcmf_fil_country_le ccreq; 8044 s32 err; 8045 int i; 8046 8047 /* The country code gets set to "00" by default at boot, ignore */ 8048 if (req->alpha2[0] == '0' && req->alpha2[1] == '0') 8049 return; 8050 8051 /* ignore non-ISO3166 country codes */ 8052 for (i = 0; i < 2; i++) 8053 if (req->alpha2[i] < 'A' || req->alpha2[i] > 'Z') { 8054 bphy_err(drvr, "not an ISO3166 code (0x%02x 0x%02x)\n", 8055 req->alpha2[0], req->alpha2[1]); 8056 return; 8057 } 8058 8059 brcmf_dbg(TRACE, "Enter: initiator=%d, alpha=%c%c\n", req->initiator, 8060 req->alpha2[0], req->alpha2[1]); 8061 8062 err = brcmf_fil_iovar_data_get(ifp, "country", &ccreq, sizeof(ccreq)); 8063 if (err) { 8064 bphy_err(drvr, "Country code iovar returned err = %d\n", err); 8065 return; 8066 } 8067 8068 err = brcmf_translate_country_code(ifp->drvr, req->alpha2, &ccreq); 8069 if (err) 8070 return; 8071 8072 err = brcmf_fil_iovar_data_set(ifp, "country", &ccreq, sizeof(ccreq)); 8073 if (err) { 8074 bphy_err(drvr, "Firmware rejected country setting\n"); 8075 return; 8076 } 8077 brcmf_setup_wiphybands(cfg); 8078 } 8079 8080 static void brcmf_free_wiphy(struct wiphy *wiphy) 8081 { 8082 int i; 8083 8084 if (!wiphy) 8085 return; 8086 8087 if (wiphy->iface_combinations) { 8088 for (i = 0; i < wiphy->n_iface_combinations; i++) 8089 kfree(wiphy->iface_combinations[i].limits); 8090 } 8091 kfree(wiphy->iface_combinations); 8092 if (wiphy->bands[NL80211_BAND_2GHZ]) { 8093 kfree(wiphy->bands[NL80211_BAND_2GHZ]->channels); 8094 kfree(wiphy->bands[NL80211_BAND_2GHZ]); 8095 } 8096 if (wiphy->bands[NL80211_BAND_5GHZ]) { 8097 kfree(wiphy->bands[NL80211_BAND_5GHZ]->channels); 8098 kfree(wiphy->bands[NL80211_BAND_5GHZ]); 8099 } 8100 #if IS_ENABLED(CONFIG_PM) 8101 if (wiphy->wowlan != &brcmf_wowlan_support) 8102 kfree(wiphy->wowlan); 8103 #endif 8104 } 8105 8106 struct brcmf_cfg80211_info *brcmf_cfg80211_attach(struct brcmf_pub *drvr, 8107 struct cfg80211_ops *ops, 8108 bool p2pdev_forced) 8109 { 8110 struct wiphy *wiphy = drvr->wiphy; 8111 struct net_device *ndev = brcmf_get_ifp(drvr, 0)->ndev; 8112 struct brcmf_cfg80211_info *cfg; 8113 struct brcmf_cfg80211_vif *vif; 8114 struct brcmf_if *ifp; 8115 s32 err = 0; 8116 s32 io_type; 8117 u16 *cap = NULL; 8118 8119 if (!ndev) { 8120 bphy_err(drvr, "ndev is invalid\n"); 8121 return NULL; 8122 } 8123 8124 cfg = kzalloc(sizeof(*cfg), GFP_KERNEL); 8125 if (!cfg) { 8126 bphy_err(drvr, "Could not allocate wiphy device\n"); 8127 return NULL; 8128 } 8129 8130 cfg->wiphy = wiphy; 8131 cfg->pub = drvr; 8132 init_vif_event(&cfg->vif_event); 8133 INIT_LIST_HEAD(&cfg->vif_list); 8134 8135 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_STATION); 8136 if (IS_ERR(vif)) 8137 goto wiphy_out; 8138 8139 ifp = netdev_priv(ndev); 8140 vif->ifp = ifp; 8141 vif->wdev.netdev = ndev; 8142 ndev->ieee80211_ptr = &vif->wdev; 8143 SET_NETDEV_DEV(ndev, wiphy_dev(cfg->wiphy)); 8144 8145 err = wl_init_priv(cfg); 8146 if (err) { 8147 bphy_err(drvr, "Failed to init iwm_priv (%d)\n", err); 8148 brcmf_free_vif(vif); 8149 goto wiphy_out; 8150 } 8151 ifp->vif = vif; 8152 8153 /* determine d11 io type before wiphy setup */ 8154 err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_VERSION, &io_type); 8155 if (err) { 8156 bphy_err(drvr, "Failed to get D11 version (%d)\n", err); 8157 goto priv_out; 8158 } 8159 cfg->d11inf.io_type = (u8)io_type; 8160 brcmu_d11_attach(&cfg->d11inf); 8161 8162 /* regulatory notifer below needs access to cfg so 8163 * assign it now. 8164 */ 8165 drvr->config = cfg; 8166 8167 err = brcmf_setup_wiphy(wiphy, ifp); 8168 if (err < 0) 8169 goto priv_out; 8170 8171 brcmf_dbg(INFO, "Registering custom regulatory\n"); 8172 wiphy->reg_notifier = brcmf_cfg80211_reg_notifier; 8173 wiphy->regulatory_flags |= REGULATORY_CUSTOM_REG; 8174 wiphy_apply_custom_regulatory(wiphy, &brcmf_regdom); 8175 8176 /* firmware defaults to 40MHz disabled in 2G band. We signal 8177 * cfg80211 here that we do and have it decide we can enable 8178 * it. But first check if device does support 2G operation. 8179 */ 8180 if (wiphy->bands[NL80211_BAND_2GHZ]) { 8181 cap = &wiphy->bands[NL80211_BAND_2GHZ]->ht_cap.cap; 8182 *cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40; 8183 } 8184 #ifdef CONFIG_PM 8185 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_GTK)) 8186 ops->set_rekey_data = brcmf_cfg80211_set_rekey_data; 8187 #endif 8188 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_DUMP_OBSS)) 8189 ops->dump_survey = brcmf_cfg80211_dump_survey; 8190 8191 err = wiphy_register(wiphy); 8192 if (err < 0) { 8193 bphy_err(drvr, "Could not register wiphy device (%d)\n", err); 8194 goto priv_out; 8195 } 8196 8197 err = brcmf_setup_wiphybands(cfg); 8198 if (err) { 8199 bphy_err(drvr, "Setting wiphy bands failed (%d)\n", err); 8200 goto wiphy_unreg_out; 8201 } 8202 8203 /* If cfg80211 didn't disable 40MHz HT CAP in wiphy_register(), 8204 * setup 40MHz in 2GHz band and enable OBSS scanning. 8205 */ 8206 if (cap && (*cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40)) { 8207 err = brcmf_enable_bw40_2g(cfg); 8208 if (!err) 8209 err = brcmf_fil_iovar_int_set(ifp, "obss_coex", 8210 BRCMF_OBSS_COEX_AUTO); 8211 else 8212 *cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 8213 } 8214 8215 err = brcmf_fweh_activate_events(ifp); 8216 if (err) { 8217 bphy_err(drvr, "FWEH activation failed (%d)\n", err); 8218 goto wiphy_unreg_out; 8219 } 8220 8221 err = brcmf_p2p_attach(cfg, p2pdev_forced); 8222 if (err) { 8223 bphy_err(drvr, "P2P initialisation failed (%d)\n", err); 8224 goto wiphy_unreg_out; 8225 } 8226 err = brcmf_btcoex_attach(cfg); 8227 if (err) { 8228 bphy_err(drvr, "BT-coex initialisation failed (%d)\n", err); 8229 brcmf_p2p_detach(&cfg->p2p); 8230 goto wiphy_unreg_out; 8231 } 8232 err = brcmf_pno_attach(cfg); 8233 if (err) { 8234 bphy_err(drvr, "PNO initialisation failed (%d)\n", err); 8235 brcmf_btcoex_detach(cfg); 8236 brcmf_p2p_detach(&cfg->p2p); 8237 goto wiphy_unreg_out; 8238 } 8239 8240 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_TDLS)) { 8241 err = brcmf_fil_iovar_int_set(ifp, "tdls_enable", 1); 8242 if (err) { 8243 brcmf_dbg(INFO, "TDLS not enabled (%d)\n", err); 8244 wiphy->flags &= ~WIPHY_FLAG_SUPPORTS_TDLS; 8245 } else { 8246 brcmf_fweh_register(cfg->pub, BRCMF_E_TDLS_PEER_EVENT, 8247 brcmf_notify_tdls_peer_event); 8248 } 8249 } 8250 8251 /* (re-) activate FWEH event handling */ 8252 err = brcmf_fweh_activate_events(ifp); 8253 if (err) { 8254 bphy_err(drvr, "FWEH activation failed (%d)\n", err); 8255 goto detach; 8256 } 8257 8258 /* Fill in some of the advertised nl80211 supported features */ 8259 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SCAN_RANDOM_MAC)) { 8260 wiphy->features |= NL80211_FEATURE_SCHED_SCAN_RANDOM_MAC_ADDR; 8261 #ifdef CONFIG_PM 8262 if (wiphy->wowlan && 8263 wiphy->wowlan->flags & WIPHY_WOWLAN_NET_DETECT) 8264 wiphy->features |= NL80211_FEATURE_ND_RANDOM_MAC_ADDR; 8265 #endif 8266 } 8267 8268 return cfg; 8269 8270 detach: 8271 brcmf_pno_detach(cfg); 8272 brcmf_btcoex_detach(cfg); 8273 brcmf_p2p_detach(&cfg->p2p); 8274 wiphy_unreg_out: 8275 wiphy_unregister(cfg->wiphy); 8276 priv_out: 8277 wl_deinit_priv(cfg); 8278 brcmf_free_vif(vif); 8279 ifp->vif = NULL; 8280 wiphy_out: 8281 brcmf_free_wiphy(wiphy); 8282 kfree(cfg); 8283 return NULL; 8284 } 8285 8286 void brcmf_cfg80211_detach(struct brcmf_cfg80211_info *cfg) 8287 { 8288 if (!cfg) 8289 return; 8290 8291 brcmf_pno_detach(cfg); 8292 brcmf_btcoex_detach(cfg); 8293 wiphy_unregister(cfg->wiphy); 8294 wl_deinit_priv(cfg); 8295 brcmf_free_wiphy(cfg->wiphy); 8296 kfree(cfg); 8297 } 8298