1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * This file contains the major functions in WLAN
4  * driver. It includes init, exit, open, close and main
5  * thread etc..
6  */
7 
8 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
9 
10 #include <linux/module.h>
11 #include <linux/delay.h>
12 #include <linux/etherdevice.h>
13 #include <linux/hardirq.h>
14 #include <linux/netdevice.h>
15 #include <linux/if_arp.h>
16 #include <linux/kthread.h>
17 #include <linux/kfifo.h>
18 #include <linux/slab.h>
19 #include <net/cfg80211.h>
20 
21 #include "host.h"
22 #include "decl.h"
23 #include "dev.h"
24 #include "cfg.h"
25 #include "debugfs.h"
26 #include "cmd.h"
27 #include "mesh.h"
28 
29 #define DRIVER_RELEASE_VERSION "323.p0"
30 const char lbs_driver_version[] = "COMM-USB8388-" DRIVER_RELEASE_VERSION
31 #ifdef  DEBUG
32     "-dbg"
33 #endif
34     "";
35 
36 
37 /* Module parameters */
38 unsigned int lbs_debug;
39 EXPORT_SYMBOL_GPL(lbs_debug);
40 module_param_named(libertas_debug, lbs_debug, int, 0644);
41 
42 unsigned int lbs_disablemesh;
43 EXPORT_SYMBOL_GPL(lbs_disablemesh);
44 module_param_named(libertas_disablemesh, lbs_disablemesh, int, 0644);
45 
46 
47 /*
48  * This global structure is used to send the confirm_sleep command as
49  * fast as possible down to the firmware.
50  */
51 struct cmd_confirm_sleep confirm_sleep;
52 
53 
54 /*
55  * the table to keep region code
56  */
57 u16 lbs_region_code_to_index[MRVDRV_MAX_REGION_CODE] =
58     { 0x10, 0x20, 0x30, 0x31, 0x32, 0x40 };
59 
60 /*
61  * FW rate table.  FW refers to rates by their index in this table, not by the
62  * rate value itself.  Values of 0x00 are
63  * reserved positions.
64  */
65 static u8 fw_data_rates[MAX_RATES] =
66     { 0x02, 0x04, 0x0B, 0x16, 0x00, 0x0C, 0x12,
67       0x18, 0x24, 0x30, 0x48, 0x60, 0x6C, 0x00
68 };
69 
70 /**
71  *  lbs_fw_index_to_data_rate - use index to get the data rate
72  *
73  *  @idx:	The index of data rate
74  *  returns:	data rate or 0
75  */
76 u32 lbs_fw_index_to_data_rate(u8 idx)
77 {
78 	if (idx >= sizeof(fw_data_rates))
79 		idx = 0;
80 	return fw_data_rates[idx];
81 }
82 
83 /**
84  *  lbs_data_rate_to_fw_index - use rate to get the index
85  *
86  *  @rate:	data rate
87  *  returns:	index or 0
88  */
89 u8 lbs_data_rate_to_fw_index(u32 rate)
90 {
91 	u8 i;
92 
93 	if (!rate)
94 		return 0;
95 
96 	for (i = 0; i < sizeof(fw_data_rates); i++) {
97 		if (rate == fw_data_rates[i])
98 			return i;
99 	}
100 	return 0;
101 }
102 
103 int lbs_set_iface_type(struct lbs_private *priv, enum nl80211_iftype type)
104 {
105 	int ret = 0;
106 
107 	switch (type) {
108 	case NL80211_IFTYPE_MONITOR:
109 		ret = lbs_set_monitor_mode(priv, 1);
110 		break;
111 	case NL80211_IFTYPE_STATION:
112 		if (priv->wdev->iftype == NL80211_IFTYPE_MONITOR)
113 			ret = lbs_set_monitor_mode(priv, 0);
114 		if (!ret)
115 			ret = lbs_set_snmp_mib(priv, SNMP_MIB_OID_BSS_TYPE, 1);
116 		break;
117 	case NL80211_IFTYPE_ADHOC:
118 		if (priv->wdev->iftype == NL80211_IFTYPE_MONITOR)
119 			ret = lbs_set_monitor_mode(priv, 0);
120 		if (!ret)
121 			ret = lbs_set_snmp_mib(priv, SNMP_MIB_OID_BSS_TYPE, 2);
122 		break;
123 	default:
124 		ret = -ENOTSUPP;
125 	}
126 	return ret;
127 }
128 
129 int lbs_start_iface(struct lbs_private *priv)
130 {
131 	struct cmd_ds_802_11_mac_address cmd;
132 	int ret;
133 
134 	if (priv->power_restore) {
135 		ret = priv->power_restore(priv);
136 		if (ret)
137 			return ret;
138 	}
139 
140 	cmd.hdr.size = cpu_to_le16(sizeof(cmd));
141 	cmd.action = cpu_to_le16(CMD_ACT_SET);
142 	memcpy(cmd.macadd, priv->current_addr, ETH_ALEN);
143 
144 	ret = lbs_cmd_with_response(priv, CMD_802_11_MAC_ADDRESS, &cmd);
145 	if (ret) {
146 		lbs_deb_net("set MAC address failed\n");
147 		goto err;
148 	}
149 
150 	ret = lbs_set_iface_type(priv, priv->wdev->iftype);
151 	if (ret) {
152 		lbs_deb_net("set iface type failed\n");
153 		goto err;
154 	}
155 
156 	ret = lbs_set_11d_domain_info(priv);
157 	if (ret) {
158 		lbs_deb_net("set 11d domain info failed\n");
159 		goto err;
160 	}
161 
162 	lbs_update_channel(priv);
163 
164 	priv->iface_running = true;
165 	return 0;
166 
167 err:
168 	if (priv->power_save)
169 		priv->power_save(priv);
170 	return ret;
171 }
172 
173 /**
174  *  lbs_dev_open - open the ethX interface
175  *
176  *  @dev:	A pointer to &net_device structure
177  *  returns:	0 or -EBUSY if monitor mode active
178  */
179 static int lbs_dev_open(struct net_device *dev)
180 {
181 	struct lbs_private *priv = dev->ml_priv;
182 	int ret = 0;
183 
184 	if (!priv->iface_running) {
185 		ret = lbs_start_iface(priv);
186 		if (ret)
187 			goto out;
188 	}
189 
190 	spin_lock_irq(&priv->driver_lock);
191 
192 	netif_carrier_off(dev);
193 
194 	if (!priv->tx_pending_len)
195 		netif_wake_queue(dev);
196 
197 	spin_unlock_irq(&priv->driver_lock);
198 
199 out:
200 	return ret;
201 }
202 
203 static bool lbs_command_queue_empty(struct lbs_private *priv)
204 {
205 	unsigned long flags;
206 	bool ret;
207 	spin_lock_irqsave(&priv->driver_lock, flags);
208 	ret = priv->cur_cmd == NULL && list_empty(&priv->cmdpendingq);
209 	spin_unlock_irqrestore(&priv->driver_lock, flags);
210 	return ret;
211 }
212 
213 int lbs_stop_iface(struct lbs_private *priv)
214 {
215 	unsigned long flags;
216 	int ret = 0;
217 
218 	spin_lock_irqsave(&priv->driver_lock, flags);
219 	priv->iface_running = false;
220 	kfree_skb(priv->currenttxskb);
221 	priv->currenttxskb = NULL;
222 	priv->tx_pending_len = 0;
223 	spin_unlock_irqrestore(&priv->driver_lock, flags);
224 
225 	cancel_work_sync(&priv->mcast_work);
226 	del_timer_sync(&priv->tx_lockup_timer);
227 
228 	/* Disable command processing, and wait for all commands to complete */
229 	lbs_deb_main("waiting for commands to complete\n");
230 	wait_event(priv->waitq, lbs_command_queue_empty(priv));
231 	lbs_deb_main("all commands completed\n");
232 
233 	if (priv->power_save)
234 		ret = priv->power_save(priv);
235 
236 	return ret;
237 }
238 
239 /**
240  *  lbs_eth_stop - close the ethX interface
241  *
242  *  @dev:	A pointer to &net_device structure
243  *  returns:	0
244  */
245 static int lbs_eth_stop(struct net_device *dev)
246 {
247 	struct lbs_private *priv = dev->ml_priv;
248 
249 	if (priv->connect_status == LBS_CONNECTED)
250 		lbs_disconnect(priv, WLAN_REASON_DEAUTH_LEAVING);
251 
252 	spin_lock_irq(&priv->driver_lock);
253 	netif_stop_queue(dev);
254 	spin_unlock_irq(&priv->driver_lock);
255 
256 	lbs_update_mcast(priv);
257 	cancel_delayed_work_sync(&priv->scan_work);
258 	if (priv->scan_req)
259 		lbs_scan_done(priv);
260 
261 	netif_carrier_off(priv->dev);
262 
263 	if (!lbs_iface_active(priv))
264 		lbs_stop_iface(priv);
265 
266 	return 0;
267 }
268 
269 void lbs_host_to_card_done(struct lbs_private *priv)
270 {
271 	unsigned long flags;
272 
273 	spin_lock_irqsave(&priv->driver_lock, flags);
274 	del_timer(&priv->tx_lockup_timer);
275 
276 	priv->dnld_sent = DNLD_RES_RECEIVED;
277 
278 	/* Wake main thread if commands are pending */
279 	if (!priv->cur_cmd || priv->tx_pending_len > 0) {
280 		if (!priv->wakeup_dev_required)
281 			wake_up(&priv->waitq);
282 	}
283 
284 	spin_unlock_irqrestore(&priv->driver_lock, flags);
285 }
286 EXPORT_SYMBOL_GPL(lbs_host_to_card_done);
287 
288 int lbs_set_mac_address(struct net_device *dev, void *addr)
289 {
290 	int ret = 0;
291 	struct lbs_private *priv = dev->ml_priv;
292 	struct sockaddr *phwaddr = addr;
293 
294 	/*
295 	 * Can only set MAC address when all interfaces are down, to be written
296 	 * to the hardware when one of them is brought up.
297 	 */
298 	if (lbs_iface_active(priv))
299 		return -EBUSY;
300 
301 	/* In case it was called from the mesh device */
302 	dev = priv->dev;
303 
304 	memcpy(priv->current_addr, phwaddr->sa_data, ETH_ALEN);
305 	memcpy(dev->dev_addr, phwaddr->sa_data, ETH_ALEN);
306 	if (priv->mesh_dev)
307 		memcpy(priv->mesh_dev->dev_addr, phwaddr->sa_data, ETH_ALEN);
308 
309 	return ret;
310 }
311 
312 
313 static inline int mac_in_list(unsigned char *list, int list_len,
314 			      unsigned char *mac)
315 {
316 	while (list_len) {
317 		if (!memcmp(list, mac, ETH_ALEN))
318 			return 1;
319 		list += ETH_ALEN;
320 		list_len--;
321 	}
322 	return 0;
323 }
324 
325 
326 static int lbs_add_mcast_addrs(struct cmd_ds_mac_multicast_adr *cmd,
327 			       struct net_device *dev, int nr_addrs)
328 {
329 	int i = nr_addrs;
330 	struct netdev_hw_addr *ha;
331 	int cnt;
332 
333 	if ((dev->flags & (IFF_UP|IFF_MULTICAST)) != (IFF_UP|IFF_MULTICAST))
334 		return nr_addrs;
335 
336 	netif_addr_lock_bh(dev);
337 	cnt = netdev_mc_count(dev);
338 	netdev_for_each_mc_addr(ha, dev) {
339 		if (mac_in_list(cmd->maclist, nr_addrs, ha->addr)) {
340 			lbs_deb_net("mcast address %s:%pM skipped\n", dev->name,
341 				    ha->addr);
342 			cnt--;
343 			continue;
344 		}
345 
346 		if (i == MRVDRV_MAX_MULTICAST_LIST_SIZE)
347 			break;
348 		memcpy(&cmd->maclist[6*i], ha->addr, ETH_ALEN);
349 		lbs_deb_net("mcast address %s:%pM added to filter\n", dev->name,
350 			    ha->addr);
351 		i++;
352 		cnt--;
353 	}
354 	netif_addr_unlock_bh(dev);
355 	if (cnt)
356 		return -EOVERFLOW;
357 
358 	return i;
359 }
360 
361 void lbs_update_mcast(struct lbs_private *priv)
362 {
363 	struct cmd_ds_mac_multicast_adr mcast_cmd;
364 	int dev_flags = 0;
365 	int nr_addrs;
366 	int old_mac_control = priv->mac_control;
367 
368 	if (netif_running(priv->dev))
369 		dev_flags |= priv->dev->flags;
370 	if (priv->mesh_dev && netif_running(priv->mesh_dev))
371 		dev_flags |= priv->mesh_dev->flags;
372 
373 	if (dev_flags & IFF_PROMISC) {
374 		priv->mac_control |= CMD_ACT_MAC_PROMISCUOUS_ENABLE;
375 		priv->mac_control &= ~(CMD_ACT_MAC_ALL_MULTICAST_ENABLE |
376 				       CMD_ACT_MAC_MULTICAST_ENABLE);
377 		goto out_set_mac_control;
378 	} else if (dev_flags & IFF_ALLMULTI) {
379 	do_allmulti:
380 		priv->mac_control |= CMD_ACT_MAC_ALL_MULTICAST_ENABLE;
381 		priv->mac_control &= ~(CMD_ACT_MAC_PROMISCUOUS_ENABLE |
382 				       CMD_ACT_MAC_MULTICAST_ENABLE);
383 		goto out_set_mac_control;
384 	}
385 
386 	/* Once for priv->dev, again for priv->mesh_dev if it exists */
387 	nr_addrs = lbs_add_mcast_addrs(&mcast_cmd, priv->dev, 0);
388 	if (nr_addrs >= 0 && priv->mesh_dev)
389 		nr_addrs = lbs_add_mcast_addrs(&mcast_cmd, priv->mesh_dev, nr_addrs);
390 	if (nr_addrs < 0)
391 		goto do_allmulti;
392 
393 	if (nr_addrs) {
394 		int size = offsetof(struct cmd_ds_mac_multicast_adr,
395 				    maclist[6*nr_addrs]);
396 
397 		mcast_cmd.action = cpu_to_le16(CMD_ACT_SET);
398 		mcast_cmd.hdr.size = cpu_to_le16(size);
399 		mcast_cmd.nr_of_adrs = cpu_to_le16(nr_addrs);
400 
401 		lbs_cmd_async(priv, CMD_MAC_MULTICAST_ADR, &mcast_cmd.hdr, size);
402 
403 		priv->mac_control |= CMD_ACT_MAC_MULTICAST_ENABLE;
404 	} else
405 		priv->mac_control &= ~CMD_ACT_MAC_MULTICAST_ENABLE;
406 
407 	priv->mac_control &= ~(CMD_ACT_MAC_PROMISCUOUS_ENABLE |
408 			       CMD_ACT_MAC_ALL_MULTICAST_ENABLE);
409  out_set_mac_control:
410 	if (priv->mac_control != old_mac_control)
411 		lbs_set_mac_control(priv);
412 }
413 
414 static void lbs_set_mcast_worker(struct work_struct *work)
415 {
416 	struct lbs_private *priv = container_of(work, struct lbs_private, mcast_work);
417 	lbs_update_mcast(priv);
418 }
419 
420 void lbs_set_multicast_list(struct net_device *dev)
421 {
422 	struct lbs_private *priv = dev->ml_priv;
423 
424 	schedule_work(&priv->mcast_work);
425 }
426 
427 /**
428  *  lbs_thread - handles the major jobs in the LBS driver.
429  *  It handles all events generated by firmware, RX data received
430  *  from firmware and TX data sent from kernel.
431  *
432  *  @data:	A pointer to &lbs_thread structure
433  *  returns:	0
434  */
435 static int lbs_thread(void *data)
436 {
437 	struct net_device *dev = data;
438 	struct lbs_private *priv = dev->ml_priv;
439 	wait_queue_entry_t wait;
440 
441 	init_waitqueue_entry(&wait, current);
442 
443 	for (;;) {
444 		int shouldsleep;
445 		u8 resp_idx;
446 
447 		lbs_deb_thread("1: currenttxskb %p, dnld_sent %d\n",
448 				priv->currenttxskb, priv->dnld_sent);
449 
450 		add_wait_queue(&priv->waitq, &wait);
451 		set_current_state(TASK_INTERRUPTIBLE);
452 		spin_lock_irq(&priv->driver_lock);
453 
454 		if (kthread_should_stop())
455 			shouldsleep = 0;	/* Bye */
456 		else if (priv->surpriseremoved)
457 			shouldsleep = 1;	/* We need to wait until we're _told_ to die */
458 		else if (priv->psstate == PS_STATE_SLEEP)
459 			shouldsleep = 1;	/* Sleep mode. Nothing we can do till it wakes */
460 		else if (priv->cmd_timed_out)
461 			shouldsleep = 0;	/* Command timed out. Recover */
462 		else if (!priv->fw_ready)
463 			shouldsleep = 1;	/* Firmware not ready. We're waiting for it */
464 		else if (priv->dnld_sent)
465 			shouldsleep = 1;	/* Something is en route to the device already */
466 		else if (priv->tx_pending_len > 0)
467 			shouldsleep = 0;	/* We've a packet to send */
468 		else if (priv->resp_len[priv->resp_idx])
469 			shouldsleep = 0;	/* We have a command response */
470 		else if (priv->cur_cmd)
471 			shouldsleep = 1;	/* Can't send a command; one already running */
472 		else if (!list_empty(&priv->cmdpendingq) &&
473 					!(priv->wakeup_dev_required))
474 			shouldsleep = 0;	/* We have a command to send */
475 		else if (kfifo_len(&priv->event_fifo))
476 			shouldsleep = 0;	/* We have an event to process */
477 		else
478 			shouldsleep = 1;	/* No command */
479 
480 		if (shouldsleep) {
481 			lbs_deb_thread("sleeping, connect_status %d, "
482 				"psmode %d, psstate %d\n",
483 				priv->connect_status,
484 				priv->psmode, priv->psstate);
485 			spin_unlock_irq(&priv->driver_lock);
486 			schedule();
487 		} else
488 			spin_unlock_irq(&priv->driver_lock);
489 
490 		lbs_deb_thread("2: currenttxskb %p, dnld_send %d\n",
491 			       priv->currenttxskb, priv->dnld_sent);
492 
493 		set_current_state(TASK_RUNNING);
494 		remove_wait_queue(&priv->waitq, &wait);
495 
496 		lbs_deb_thread("3: currenttxskb %p, dnld_sent %d\n",
497 			       priv->currenttxskb, priv->dnld_sent);
498 
499 		if (kthread_should_stop()) {
500 			lbs_deb_thread("break from main thread\n");
501 			break;
502 		}
503 
504 		if (priv->surpriseremoved) {
505 			lbs_deb_thread("adapter removed; waiting to die...\n");
506 			continue;
507 		}
508 
509 		lbs_deb_thread("4: currenttxskb %p, dnld_sent %d\n",
510 		       priv->currenttxskb, priv->dnld_sent);
511 
512 		/* Process any pending command response */
513 		spin_lock_irq(&priv->driver_lock);
514 		resp_idx = priv->resp_idx;
515 		if (priv->resp_len[resp_idx]) {
516 			spin_unlock_irq(&priv->driver_lock);
517 			lbs_process_command_response(priv,
518 				priv->resp_buf[resp_idx],
519 				priv->resp_len[resp_idx]);
520 			spin_lock_irq(&priv->driver_lock);
521 			priv->resp_len[resp_idx] = 0;
522 		}
523 		spin_unlock_irq(&priv->driver_lock);
524 
525 		/* Process hardware events, e.g. card removed, link lost */
526 		spin_lock_irq(&priv->driver_lock);
527 		while (kfifo_len(&priv->event_fifo)) {
528 			u32 event;
529 
530 			if (kfifo_out(&priv->event_fifo,
531 				(unsigned char *) &event, sizeof(event)) !=
532 				sizeof(event))
533 					break;
534 			spin_unlock_irq(&priv->driver_lock);
535 			lbs_process_event(priv, event);
536 			spin_lock_irq(&priv->driver_lock);
537 		}
538 		spin_unlock_irq(&priv->driver_lock);
539 
540 		if (priv->wakeup_dev_required) {
541 			lbs_deb_thread("Waking up device...\n");
542 			/* Wake up device */
543 			if (priv->exit_deep_sleep(priv))
544 				lbs_deb_thread("Wakeup device failed\n");
545 			continue;
546 		}
547 
548 		/* command timeout stuff */
549 		if (priv->cmd_timed_out && priv->cur_cmd) {
550 			struct cmd_ctrl_node *cmdnode = priv->cur_cmd;
551 
552 			netdev_info(dev, "Timeout submitting command 0x%04x\n",
553 				    le16_to_cpu(cmdnode->cmdbuf->command));
554 			lbs_complete_command(priv, cmdnode, -ETIMEDOUT);
555 
556 			/* Reset card, but only when it isn't in the process
557 			 * of being shutdown anyway. */
558 			if (!dev->dismantle && priv->reset_card)
559 				priv->reset_card(priv);
560 		}
561 		priv->cmd_timed_out = 0;
562 
563 		if (!priv->fw_ready)
564 			continue;
565 
566 		/* Check if we need to confirm Sleep Request received previously */
567 		if (priv->psstate == PS_STATE_PRE_SLEEP &&
568 		    !priv->dnld_sent && !priv->cur_cmd) {
569 			if (priv->connect_status == LBS_CONNECTED) {
570 				lbs_deb_thread("pre-sleep, currenttxskb %p, "
571 					"dnld_sent %d, cur_cmd %p\n",
572 					priv->currenttxskb, priv->dnld_sent,
573 					priv->cur_cmd);
574 
575 				lbs_ps_confirm_sleep(priv);
576 			} else {
577 				/* workaround for firmware sending
578 				 * deauth/linkloss event immediately
579 				 * after sleep request; remove this
580 				 * after firmware fixes it
581 				 */
582 				priv->psstate = PS_STATE_AWAKE;
583 				netdev_alert(dev,
584 					     "ignore PS_SleepConfirm in non-connected state\n");
585 			}
586 		}
587 
588 		/* The PS state is changed during processing of Sleep Request
589 		 * event above
590 		 */
591 		if ((priv->psstate == PS_STATE_SLEEP) ||
592 		    (priv->psstate == PS_STATE_PRE_SLEEP))
593 			continue;
594 
595 		if (priv->is_deep_sleep)
596 			continue;
597 
598 		/* Execute the next command */
599 		if (!priv->dnld_sent && !priv->cur_cmd)
600 			lbs_execute_next_command(priv);
601 
602 		spin_lock_irq(&priv->driver_lock);
603 		if (!priv->dnld_sent && priv->tx_pending_len > 0) {
604 			int ret = priv->hw_host_to_card(priv, MVMS_DAT,
605 							priv->tx_pending_buf,
606 							priv->tx_pending_len);
607 			if (ret) {
608 				lbs_deb_tx("host_to_card failed %d\n", ret);
609 				priv->dnld_sent = DNLD_RES_RECEIVED;
610 			} else {
611 				mod_timer(&priv->tx_lockup_timer,
612 					  jiffies + (HZ * 5));
613 			}
614 			priv->tx_pending_len = 0;
615 			if (!priv->currenttxskb) {
616 				/* We can wake the queues immediately if we aren't
617 				   waiting for TX feedback */
618 				if (priv->connect_status == LBS_CONNECTED)
619 					netif_wake_queue(priv->dev);
620 				if (priv->mesh_dev &&
621 				    netif_running(priv->mesh_dev))
622 					netif_wake_queue(priv->mesh_dev);
623 			}
624 		}
625 		spin_unlock_irq(&priv->driver_lock);
626 	}
627 
628 	del_timer(&priv->command_timer);
629 	del_timer(&priv->tx_lockup_timer);
630 	del_timer(&priv->auto_deepsleep_timer);
631 
632 	return 0;
633 }
634 
635 /**
636  * lbs_setup_firmware - gets the HW spec from the firmware and sets
637  *        some basic parameters
638  *
639  *  @priv:	A pointer to &struct lbs_private structure
640  *  returns:	0 or -1
641  */
642 static int lbs_setup_firmware(struct lbs_private *priv)
643 {
644 	int ret = -1;
645 	s16 curlevel = 0, minlevel = 0, maxlevel = 0;
646 
647 	/* Read MAC address from firmware */
648 	eth_broadcast_addr(priv->current_addr);
649 	ret = lbs_update_hw_spec(priv);
650 	if (ret)
651 		goto done;
652 
653 	/* Read power levels if available */
654 	ret = lbs_get_tx_power(priv, &curlevel, &minlevel, &maxlevel);
655 	if (ret == 0) {
656 		priv->txpower_cur = curlevel;
657 		priv->txpower_min = minlevel;
658 		priv->txpower_max = maxlevel;
659 	}
660 
661 	/* Send cmd to FW to enable 11D function */
662 	ret = lbs_set_snmp_mib(priv, SNMP_MIB_OID_11D_ENABLE, 1);
663 	if (ret)
664 		goto done;
665 
666 	ret = lbs_set_mac_control_sync(priv);
667 done:
668 	return ret;
669 }
670 
671 int lbs_suspend(struct lbs_private *priv)
672 {
673 	int ret;
674 
675 	if (priv->is_deep_sleep) {
676 		ret = lbs_set_deep_sleep(priv, 0);
677 		if (ret) {
678 			netdev_err(priv->dev,
679 				   "deep sleep cancellation failed: %d\n", ret);
680 			return ret;
681 		}
682 		priv->deep_sleep_required = 1;
683 	}
684 
685 	ret = lbs_set_host_sleep(priv, 1);
686 
687 	netif_device_detach(priv->dev);
688 	if (priv->mesh_dev)
689 		netif_device_detach(priv->mesh_dev);
690 
691 	return ret;
692 }
693 EXPORT_SYMBOL_GPL(lbs_suspend);
694 
695 int lbs_resume(struct lbs_private *priv)
696 {
697 	int ret;
698 
699 	ret = lbs_set_host_sleep(priv, 0);
700 
701 	netif_device_attach(priv->dev);
702 	if (priv->mesh_dev)
703 		netif_device_attach(priv->mesh_dev);
704 
705 	if (priv->deep_sleep_required) {
706 		priv->deep_sleep_required = 0;
707 		ret = lbs_set_deep_sleep(priv, 1);
708 		if (ret)
709 			netdev_err(priv->dev,
710 				   "deep sleep activation failed: %d\n", ret);
711 	}
712 
713 	if (priv->setup_fw_on_resume)
714 		ret = lbs_setup_firmware(priv);
715 
716 	return ret;
717 }
718 EXPORT_SYMBOL_GPL(lbs_resume);
719 
720 /**
721  * lbs_cmd_timeout_handler - handles the timeout of command sending.
722  * It will re-send the same command again.
723  *
724  * @t: Context from which to retrieve a &struct lbs_private pointer
725  */
726 static void lbs_cmd_timeout_handler(struct timer_list *t)
727 {
728 	struct lbs_private *priv = from_timer(priv, t, command_timer);
729 	unsigned long flags;
730 
731 	spin_lock_irqsave(&priv->driver_lock, flags);
732 
733 	if (!priv->cur_cmd)
734 		goto out;
735 
736 	netdev_info(priv->dev, "command 0x%04x timed out\n",
737 		    le16_to_cpu(priv->cur_cmd->cmdbuf->command));
738 
739 	priv->cmd_timed_out = 1;
740 
741 	/*
742 	 * If the device didn't even acknowledge the command, reset the state
743 	 * so that we don't block all future commands due to this one timeout.
744 	 */
745 	if (priv->dnld_sent == DNLD_CMD_SENT)
746 		priv->dnld_sent = DNLD_RES_RECEIVED;
747 
748 	wake_up(&priv->waitq);
749 out:
750 	spin_unlock_irqrestore(&priv->driver_lock, flags);
751 }
752 
753 /**
754  * lbs_tx_lockup_handler - handles the timeout of the passing of TX frames
755  * to the hardware. This is known to frequently happen with SD8686 when
756  * waking up after a Wake-on-WLAN-triggered resume.
757  *
758  * @t: Context from which to retrieve a &struct lbs_private pointer
759  */
760 static void lbs_tx_lockup_handler(struct timer_list *t)
761 {
762 	struct lbs_private *priv = from_timer(priv, t, tx_lockup_timer);
763 	unsigned long flags;
764 
765 	spin_lock_irqsave(&priv->driver_lock, flags);
766 
767 	netdev_info(priv->dev, "TX lockup detected\n");
768 	if (priv->reset_card)
769 		priv->reset_card(priv);
770 
771 	priv->dnld_sent = DNLD_RES_RECEIVED;
772 	wake_up_interruptible(&priv->waitq);
773 
774 	spin_unlock_irqrestore(&priv->driver_lock, flags);
775 }
776 
777 /**
778  * auto_deepsleep_timer_fn - put the device back to deep sleep mode when
779  * timer expires and no activity (command, event, data etc.) is detected.
780  * @t: Context from which to retrieve a &struct lbs_private pointer
781  * returns:	N/A
782  */
783 static void auto_deepsleep_timer_fn(struct timer_list *t)
784 {
785 	struct lbs_private *priv = from_timer(priv, t, auto_deepsleep_timer);
786 
787 	if (priv->is_activity_detected) {
788 		priv->is_activity_detected = 0;
789 	} else {
790 		if (priv->is_auto_deep_sleep_enabled &&
791 		    (!priv->wakeup_dev_required) &&
792 		    (priv->connect_status != LBS_CONNECTED)) {
793 			struct cmd_header cmd;
794 
795 			lbs_deb_main("Entering auto deep sleep mode...\n");
796 			memset(&cmd, 0, sizeof(cmd));
797 			cmd.size = cpu_to_le16(sizeof(cmd));
798 			lbs_cmd_async(priv, CMD_802_11_DEEP_SLEEP, &cmd,
799 					sizeof(cmd));
800 		}
801 	}
802 	mod_timer(&priv->auto_deepsleep_timer , jiffies +
803 				(priv->auto_deep_sleep_timeout * HZ)/1000);
804 }
805 
806 int lbs_enter_auto_deep_sleep(struct lbs_private *priv)
807 {
808 	priv->is_auto_deep_sleep_enabled = 1;
809 	if (priv->is_deep_sleep)
810 		priv->wakeup_dev_required = 1;
811 	mod_timer(&priv->auto_deepsleep_timer ,
812 			jiffies + (priv->auto_deep_sleep_timeout * HZ)/1000);
813 
814 	return 0;
815 }
816 
817 int lbs_exit_auto_deep_sleep(struct lbs_private *priv)
818 {
819 	priv->is_auto_deep_sleep_enabled = 0;
820 	priv->auto_deep_sleep_timeout = 0;
821 	del_timer(&priv->auto_deepsleep_timer);
822 
823 	return 0;
824 }
825 
826 static int lbs_init_adapter(struct lbs_private *priv)
827 {
828 	int ret;
829 
830 	eth_broadcast_addr(priv->current_addr);
831 
832 	priv->connect_status = LBS_DISCONNECTED;
833 	priv->channel = DEFAULT_AD_HOC_CHANNEL;
834 	priv->mac_control = CMD_ACT_MAC_RX_ON | CMD_ACT_MAC_TX_ON;
835 	priv->radio_on = 1;
836 	priv->psmode = LBS802_11POWERMODECAM;
837 	priv->psstate = PS_STATE_FULL_POWER;
838 	priv->is_deep_sleep = 0;
839 	priv->is_auto_deep_sleep_enabled = 0;
840 	priv->deep_sleep_required = 0;
841 	priv->wakeup_dev_required = 0;
842 	init_waitqueue_head(&priv->ds_awake_q);
843 	init_waitqueue_head(&priv->scan_q);
844 	priv->authtype_auto = 1;
845 	priv->is_host_sleep_configured = 0;
846 	priv->is_host_sleep_activated = 0;
847 	init_waitqueue_head(&priv->host_sleep_q);
848 	init_waitqueue_head(&priv->fw_waitq);
849 	mutex_init(&priv->lock);
850 
851 	timer_setup(&priv->command_timer, lbs_cmd_timeout_handler, 0);
852 	timer_setup(&priv->tx_lockup_timer, lbs_tx_lockup_handler, 0);
853 	timer_setup(&priv->auto_deepsleep_timer, auto_deepsleep_timer_fn, 0);
854 
855 	INIT_LIST_HEAD(&priv->cmdfreeq);
856 	INIT_LIST_HEAD(&priv->cmdpendingq);
857 
858 	spin_lock_init(&priv->driver_lock);
859 
860 	/* Allocate the command buffers */
861 	if (lbs_allocate_cmd_buffer(priv)) {
862 		pr_err("Out of memory allocating command buffers\n");
863 		ret = -ENOMEM;
864 		goto out;
865 	}
866 	priv->resp_idx = 0;
867 	priv->resp_len[0] = priv->resp_len[1] = 0;
868 
869 	/* Create the event FIFO */
870 	ret = kfifo_alloc(&priv->event_fifo, sizeof(u32) * 16, GFP_KERNEL);
871 	if (ret) {
872 		pr_err("Out of memory allocating event FIFO buffer\n");
873 		goto out;
874 	}
875 
876 out:
877 	return ret;
878 }
879 
880 static void lbs_free_adapter(struct lbs_private *priv)
881 {
882 	lbs_free_cmd_buffer(priv);
883 	kfifo_free(&priv->event_fifo);
884 	del_timer(&priv->command_timer);
885 	del_timer(&priv->tx_lockup_timer);
886 	del_timer(&priv->auto_deepsleep_timer);
887 }
888 
889 static const struct net_device_ops lbs_netdev_ops = {
890 	.ndo_open 		= lbs_dev_open,
891 	.ndo_stop		= lbs_eth_stop,
892 	.ndo_start_xmit		= lbs_hard_start_xmit,
893 	.ndo_set_mac_address	= lbs_set_mac_address,
894 	.ndo_set_rx_mode	= lbs_set_multicast_list,
895 	.ndo_validate_addr	= eth_validate_addr,
896 };
897 
898 /**
899  * lbs_add_card - adds the card. It will probe the
900  * card, allocate the lbs_priv and initialize the device.
901  *
902  * @card:	A pointer to card
903  * @dmdev:	A pointer to &struct device
904  * returns:	A pointer to &struct lbs_private structure
905  */
906 struct lbs_private *lbs_add_card(void *card, struct device *dmdev)
907 {
908 	struct net_device *dev;
909 	struct wireless_dev *wdev;
910 	struct lbs_private *priv = NULL;
911 	int err;
912 
913 	/* Allocate an Ethernet device and register it */
914 	wdev = lbs_cfg_alloc(dmdev);
915 	if (IS_ERR(wdev)) {
916 		err = PTR_ERR(wdev);
917 		pr_err("cfg80211 init failed\n");
918 		goto err_cfg;
919 	}
920 
921 	wdev->iftype = NL80211_IFTYPE_STATION;
922 	priv = wdev_priv(wdev);
923 	priv->wdev = wdev;
924 
925 	err = lbs_init_adapter(priv);
926 	if (err) {
927 		pr_err("failed to initialize adapter structure\n");
928 		goto err_wdev;
929 	}
930 
931 	dev = alloc_netdev(0, "wlan%d", NET_NAME_UNKNOWN, ether_setup);
932 	if (!dev) {
933 		err = -ENOMEM;
934 		dev_err(dmdev, "no memory for network device instance\n");
935 		goto err_adapter;
936 	}
937 
938 	dev->ieee80211_ptr = wdev;
939 	dev->ml_priv = priv;
940 	SET_NETDEV_DEV(dev, dmdev);
941 	wdev->netdev = dev;
942 	priv->dev = dev;
943 
944  	dev->netdev_ops = &lbs_netdev_ops;
945 	dev->watchdog_timeo = 5 * HZ;
946 	dev->ethtool_ops = &lbs_ethtool_ops;
947 	dev->flags |= IFF_BROADCAST | IFF_MULTICAST;
948 
949 	priv->card = card;
950 
951 	strcpy(dev->name, "wlan%d");
952 
953 	lbs_deb_thread("Starting main thread...\n");
954 	init_waitqueue_head(&priv->waitq);
955 	priv->main_thread = kthread_run(lbs_thread, dev, "lbs_main");
956 	if (IS_ERR(priv->main_thread)) {
957 		err = PTR_ERR(priv->main_thread);
958 		lbs_deb_thread("Error creating main thread.\n");
959 		goto err_ndev;
960 	}
961 
962 	priv->work_thread = create_singlethread_workqueue("lbs_worker");
963 	INIT_WORK(&priv->mcast_work, lbs_set_mcast_worker);
964 
965 	priv->wol_criteria = EHS_REMOVE_WAKEUP;
966 	priv->wol_gpio = 0xff;
967 	priv->wol_gap = 20;
968 	priv->ehs_remove_supported = true;
969 
970 	return priv;
971 
972  err_ndev:
973 	free_netdev(dev);
974 
975  err_adapter:
976 	lbs_free_adapter(priv);
977 
978  err_wdev:
979 	lbs_cfg_free(priv);
980 
981  err_cfg:
982 	return ERR_PTR(err);
983 }
984 EXPORT_SYMBOL_GPL(lbs_add_card);
985 
986 
987 void lbs_remove_card(struct lbs_private *priv)
988 {
989 	struct net_device *dev = priv->dev;
990 
991 	lbs_remove_mesh(priv);
992 
993 	if (priv->wiphy_registered)
994 		lbs_scan_deinit(priv);
995 
996 	lbs_wait_for_firmware_load(priv);
997 
998 	/* worker thread destruction blocks on the in-flight command which
999 	 * should have been cleared already in lbs_stop_card().
1000 	 */
1001 	lbs_deb_main("destroying worker thread\n");
1002 	destroy_workqueue(priv->work_thread);
1003 	lbs_deb_main("done destroying worker thread\n");
1004 
1005 	if (priv->psmode == LBS802_11POWERMODEMAX_PSP) {
1006 		priv->psmode = LBS802_11POWERMODECAM;
1007 		/* no need to wakeup if already woken up,
1008 		 * on suspend, this exit ps command is not processed
1009 		 * the driver hangs
1010 		 */
1011 		if (priv->psstate != PS_STATE_FULL_POWER)
1012 			lbs_set_ps_mode(priv, PS_MODE_ACTION_EXIT_PS, true);
1013 	}
1014 
1015 	if (priv->is_deep_sleep) {
1016 		priv->is_deep_sleep = 0;
1017 		wake_up_interruptible(&priv->ds_awake_q);
1018 	}
1019 
1020 	priv->is_host_sleep_configured = 0;
1021 	priv->is_host_sleep_activated = 0;
1022 	wake_up_interruptible(&priv->host_sleep_q);
1023 
1024 	/* Stop the thread servicing the interrupts */
1025 	priv->surpriseremoved = 1;
1026 	kthread_stop(priv->main_thread);
1027 
1028 	lbs_free_adapter(priv);
1029 	lbs_cfg_free(priv);
1030 	free_netdev(dev);
1031 }
1032 EXPORT_SYMBOL_GPL(lbs_remove_card);
1033 
1034 
1035 int lbs_rtap_supported(struct lbs_private *priv)
1036 {
1037 	if (MRVL_FW_MAJOR_REV(priv->fwrelease) == MRVL_FW_V5)
1038 		return 1;
1039 
1040 	/* newer firmware use a capability mask */
1041 	return ((MRVL_FW_MAJOR_REV(priv->fwrelease) >= MRVL_FW_V10) &&
1042 		(priv->fwcapinfo & MESH_CAPINFO_ENABLE_MASK));
1043 }
1044 
1045 
1046 int lbs_start_card(struct lbs_private *priv)
1047 {
1048 	struct net_device *dev = priv->dev;
1049 	int ret;
1050 
1051 	/* poke the firmware */
1052 	ret = lbs_setup_firmware(priv);
1053 	if (ret)
1054 		goto done;
1055 
1056 	if (!lbs_disablemesh)
1057 		lbs_init_mesh(priv);
1058 	else
1059 		pr_info("%s: mesh disabled\n", dev->name);
1060 
1061 	ret = lbs_cfg_register(priv);
1062 	if (ret) {
1063 		pr_err("cannot register device\n");
1064 		goto done;
1065 	}
1066 
1067 	if (lbs_mesh_activated(priv))
1068 		lbs_start_mesh(priv);
1069 
1070 	lbs_debugfs_init_one(priv, dev);
1071 
1072 	netdev_info(dev, "Marvell WLAN 802.11 adapter\n");
1073 
1074 	ret = 0;
1075 
1076 done:
1077 	return ret;
1078 }
1079 EXPORT_SYMBOL_GPL(lbs_start_card);
1080 
1081 
1082 void lbs_stop_card(struct lbs_private *priv)
1083 {
1084 	struct net_device *dev;
1085 
1086 	if (!priv)
1087 		return;
1088 	dev = priv->dev;
1089 
1090 	/* If the netdev isn't registered, it means that lbs_start_card() was
1091 	 * never called so we have nothing to do here. */
1092 	if (dev->reg_state != NETREG_REGISTERED)
1093 		return;
1094 
1095 	netif_stop_queue(dev);
1096 	netif_carrier_off(dev);
1097 
1098 	lbs_debugfs_remove_one(priv);
1099 	lbs_deinit_mesh(priv);
1100 	unregister_netdev(dev);
1101 }
1102 EXPORT_SYMBOL_GPL(lbs_stop_card);
1103 
1104 
1105 void lbs_queue_event(struct lbs_private *priv, u32 event)
1106 {
1107 	unsigned long flags;
1108 
1109 	spin_lock_irqsave(&priv->driver_lock, flags);
1110 
1111 	if (priv->psstate == PS_STATE_SLEEP)
1112 		priv->psstate = PS_STATE_AWAKE;
1113 
1114 	kfifo_in(&priv->event_fifo, (unsigned char *) &event, sizeof(u32));
1115 
1116 	wake_up(&priv->waitq);
1117 
1118 	spin_unlock_irqrestore(&priv->driver_lock, flags);
1119 }
1120 EXPORT_SYMBOL_GPL(lbs_queue_event);
1121 
1122 void lbs_notify_command_response(struct lbs_private *priv, u8 resp_idx)
1123 {
1124 	if (priv->psstate == PS_STATE_SLEEP)
1125 		priv->psstate = PS_STATE_AWAKE;
1126 
1127 	/* Swap buffers by flipping the response index */
1128 	BUG_ON(resp_idx > 1);
1129 	priv->resp_idx = resp_idx;
1130 
1131 	wake_up(&priv->waitq);
1132 }
1133 EXPORT_SYMBOL_GPL(lbs_notify_command_response);
1134 
1135 static int __init lbs_init_module(void)
1136 {
1137 	memset(&confirm_sleep, 0, sizeof(confirm_sleep));
1138 	confirm_sleep.hdr.command = cpu_to_le16(CMD_802_11_PS_MODE);
1139 	confirm_sleep.hdr.size = cpu_to_le16(sizeof(confirm_sleep));
1140 	confirm_sleep.action = cpu_to_le16(PS_MODE_ACTION_SLEEP_CONFIRMED);
1141 	lbs_debugfs_init();
1142 
1143 	return 0;
1144 }
1145 
1146 static void __exit lbs_exit_module(void)
1147 {
1148 	lbs_debugfs_remove();
1149 }
1150 
1151 module_init(lbs_init_module);
1152 module_exit(lbs_exit_module);
1153 
1154 MODULE_DESCRIPTION("Libertas WLAN Driver Library");
1155 MODULE_AUTHOR("Marvell International Ltd.");
1156 MODULE_LICENSE("GPL");
1157