1 /*
2  * Marvell Wireless LAN device driver: AP specific command handling
3  *
4  * Copyright (C) 2012-2014, Marvell International Ltd.
5  *
6  * This software file (the "File") is distributed by Marvell International
7  * Ltd. under the terms of the GNU General Public License Version 2, June 1991
8  * (the "License").  You may use, redistribute and/or modify this File in
9  * accordance with the terms and conditions of the License, a copy of which
10  * is available by writing to the Free Software Foundation, Inc.,
11  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA or on the
12  * worldwide web at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
13  *
14  * THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE
15  * IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE
16  * ARE EXPRESSLY DISCLAIMED.  The License provides additional details about
17  * this warranty disclaimer.
18  */
19 
20 #include "main.h"
21 #include "11ac.h"
22 #include "11n.h"
23 
24 /* This function parses security related parameters from cfg80211_ap_settings
25  * and sets into FW understandable bss_config structure.
26  */
27 int mwifiex_set_secure_params(struct mwifiex_private *priv,
28 			      struct mwifiex_uap_bss_param *bss_config,
29 			      struct cfg80211_ap_settings *params) {
30 	int i;
31 	struct mwifiex_wep_key wep_key;
32 
33 	if (!params->privacy) {
34 		bss_config->protocol = PROTOCOL_NO_SECURITY;
35 		bss_config->key_mgmt = KEY_MGMT_NONE;
36 		bss_config->wpa_cfg.length = 0;
37 		priv->sec_info.wep_enabled = 0;
38 		priv->sec_info.wpa_enabled = 0;
39 		priv->sec_info.wpa2_enabled = 0;
40 
41 		return 0;
42 	}
43 
44 	switch (params->auth_type) {
45 	case NL80211_AUTHTYPE_OPEN_SYSTEM:
46 		bss_config->auth_mode = WLAN_AUTH_OPEN;
47 		break;
48 	case NL80211_AUTHTYPE_SHARED_KEY:
49 		bss_config->auth_mode = WLAN_AUTH_SHARED_KEY;
50 		break;
51 	case NL80211_AUTHTYPE_NETWORK_EAP:
52 		bss_config->auth_mode = WLAN_AUTH_LEAP;
53 		break;
54 	default:
55 		bss_config->auth_mode = MWIFIEX_AUTH_MODE_AUTO;
56 		break;
57 	}
58 
59 	bss_config->key_mgmt_operation |= KEY_MGMT_ON_HOST;
60 
61 	for (i = 0; i < params->crypto.n_akm_suites; i++) {
62 		switch (params->crypto.akm_suites[i]) {
63 		case WLAN_AKM_SUITE_8021X:
64 			if (params->crypto.wpa_versions &
65 			    NL80211_WPA_VERSION_1) {
66 				bss_config->protocol = PROTOCOL_WPA;
67 				bss_config->key_mgmt = KEY_MGMT_EAP;
68 			}
69 			if (params->crypto.wpa_versions &
70 			    NL80211_WPA_VERSION_2) {
71 				bss_config->protocol |= PROTOCOL_WPA2;
72 				bss_config->key_mgmt = KEY_MGMT_EAP;
73 			}
74 			break;
75 		case WLAN_AKM_SUITE_PSK:
76 			if (params->crypto.wpa_versions &
77 			    NL80211_WPA_VERSION_1) {
78 				bss_config->protocol = PROTOCOL_WPA;
79 				bss_config->key_mgmt = KEY_MGMT_PSK;
80 			}
81 			if (params->crypto.wpa_versions &
82 			    NL80211_WPA_VERSION_2) {
83 				bss_config->protocol |= PROTOCOL_WPA2;
84 				bss_config->key_mgmt = KEY_MGMT_PSK;
85 			}
86 			break;
87 		default:
88 			break;
89 		}
90 	}
91 	for (i = 0; i < params->crypto.n_ciphers_pairwise; i++) {
92 		switch (params->crypto.ciphers_pairwise[i]) {
93 		case WLAN_CIPHER_SUITE_WEP40:
94 		case WLAN_CIPHER_SUITE_WEP104:
95 			break;
96 		case WLAN_CIPHER_SUITE_TKIP:
97 			if (params->crypto.wpa_versions & NL80211_WPA_VERSION_1)
98 				bss_config->wpa_cfg.pairwise_cipher_wpa |=
99 								CIPHER_TKIP;
100 			if (params->crypto.wpa_versions & NL80211_WPA_VERSION_2)
101 				bss_config->wpa_cfg.pairwise_cipher_wpa2 |=
102 								CIPHER_TKIP;
103 			break;
104 		case WLAN_CIPHER_SUITE_CCMP:
105 			if (params->crypto.wpa_versions & NL80211_WPA_VERSION_1)
106 				bss_config->wpa_cfg.pairwise_cipher_wpa |=
107 								CIPHER_AES_CCMP;
108 			if (params->crypto.wpa_versions & NL80211_WPA_VERSION_2)
109 				bss_config->wpa_cfg.pairwise_cipher_wpa2 |=
110 								CIPHER_AES_CCMP;
111 		default:
112 			break;
113 		}
114 	}
115 
116 	switch (params->crypto.cipher_group) {
117 	case WLAN_CIPHER_SUITE_WEP40:
118 	case WLAN_CIPHER_SUITE_WEP104:
119 		if (priv->sec_info.wep_enabled) {
120 			bss_config->protocol = PROTOCOL_STATIC_WEP;
121 			bss_config->key_mgmt = KEY_MGMT_NONE;
122 			bss_config->wpa_cfg.length = 0;
123 
124 			for (i = 0; i < NUM_WEP_KEYS; i++) {
125 				wep_key = priv->wep_key[i];
126 				bss_config->wep_cfg[i].key_index = i;
127 
128 				if (priv->wep_key_curr_index == i)
129 					bss_config->wep_cfg[i].is_default = 1;
130 				else
131 					bss_config->wep_cfg[i].is_default = 0;
132 
133 				bss_config->wep_cfg[i].length =
134 							     wep_key.key_length;
135 				memcpy(&bss_config->wep_cfg[i].key,
136 				       &wep_key.key_material,
137 				       wep_key.key_length);
138 			}
139 		}
140 		break;
141 	case WLAN_CIPHER_SUITE_TKIP:
142 		bss_config->wpa_cfg.group_cipher = CIPHER_TKIP;
143 		break;
144 	case WLAN_CIPHER_SUITE_CCMP:
145 		bss_config->wpa_cfg.group_cipher = CIPHER_AES_CCMP;
146 		break;
147 	default:
148 		break;
149 	}
150 
151 	return 0;
152 }
153 
154 /* This function updates 11n related parameters from IE and sets them into
155  * bss_config structure.
156  */
157 void
158 mwifiex_set_ht_params(struct mwifiex_private *priv,
159 		      struct mwifiex_uap_bss_param *bss_cfg,
160 		      struct cfg80211_ap_settings *params)
161 {
162 	const u8 *ht_ie;
163 	u16 cap_info;
164 
165 	if (!ISSUPP_11NENABLED(priv->adapter->fw_cap_info))
166 		return;
167 
168 	ht_ie = cfg80211_find_ie(WLAN_EID_HT_CAPABILITY, params->beacon.tail,
169 				 params->beacon.tail_len);
170 	if (ht_ie) {
171 		memcpy(&bss_cfg->ht_cap, ht_ie + 2,
172 		       sizeof(struct ieee80211_ht_cap));
173 		cap_info = le16_to_cpu(bss_cfg->ht_cap.cap_info);
174 		memset(&bss_cfg->ht_cap.mcs, 0,
175 		       priv->adapter->number_of_antenna);
176 		switch (GET_RXSTBC(cap_info)) {
177 		case MWIFIEX_RX_STBC1:
178 			/* HT_CAP 1X1 mode */
179 			bss_cfg->ht_cap.mcs.rx_mask[0] = 0xff;
180 			break;
181 		case MWIFIEX_RX_STBC12:	/* fall through */
182 		case MWIFIEX_RX_STBC123:
183 			/* HT_CAP 2X2 mode */
184 			bss_cfg->ht_cap.mcs.rx_mask[0] = 0xff;
185 			bss_cfg->ht_cap.mcs.rx_mask[1] = 0xff;
186 			break;
187 		default:
188 			mwifiex_dbg(priv->adapter, WARN,
189 				    "Unsupported RX-STBC, default to 2x2\n");
190 			bss_cfg->ht_cap.mcs.rx_mask[0] = 0xff;
191 			bss_cfg->ht_cap.mcs.rx_mask[1] = 0xff;
192 			break;
193 		}
194 		priv->ap_11n_enabled = 1;
195 	} else {
196 		memset(&bss_cfg->ht_cap, 0, sizeof(struct ieee80211_ht_cap));
197 		bss_cfg->ht_cap.cap_info = cpu_to_le16(MWIFIEX_DEF_HT_CAP);
198 		bss_cfg->ht_cap.ampdu_params_info = MWIFIEX_DEF_AMPDU;
199 	}
200 
201 	return;
202 }
203 
204 /* This function updates 11ac related parameters from IE
205  * and sets them into bss_config structure.
206  */
207 void mwifiex_set_vht_params(struct mwifiex_private *priv,
208 			    struct mwifiex_uap_bss_param *bss_cfg,
209 			    struct cfg80211_ap_settings *params)
210 {
211 	const u8 *vht_ie;
212 
213 	vht_ie = cfg80211_find_ie(WLAN_EID_VHT_CAPABILITY, params->beacon.tail,
214 				  params->beacon.tail_len);
215 	if (vht_ie) {
216 		memcpy(&bss_cfg->vht_cap, vht_ie + 2,
217 		       sizeof(struct ieee80211_vht_cap));
218 		priv->ap_11ac_enabled = 1;
219 	} else {
220 		priv->ap_11ac_enabled = 0;
221 	}
222 
223 	return;
224 }
225 
226 /* This function updates 11ac related parameters from IE
227  * and sets them into bss_config structure.
228  */
229 void mwifiex_set_tpc_params(struct mwifiex_private *priv,
230 			    struct mwifiex_uap_bss_param *bss_cfg,
231 			    struct cfg80211_ap_settings *params)
232 {
233 	const u8 *tpc_ie;
234 
235 	tpc_ie = cfg80211_find_ie(WLAN_EID_TPC_REQUEST, params->beacon.tail,
236 				  params->beacon.tail_len);
237 	if (tpc_ie)
238 		bss_cfg->power_constraint = *(tpc_ie + 2);
239 	else
240 		bss_cfg->power_constraint = 0;
241 }
242 
243 /* Enable VHT only when cfg80211_ap_settings has VHT IE.
244  * Otherwise disable VHT.
245  */
246 void mwifiex_set_vht_width(struct mwifiex_private *priv,
247 			   enum nl80211_chan_width width,
248 			   bool ap_11ac_enable)
249 {
250 	struct mwifiex_adapter *adapter = priv->adapter;
251 	struct mwifiex_11ac_vht_cfg vht_cfg;
252 
253 	vht_cfg.band_config = VHT_CFG_5GHZ;
254 	vht_cfg.cap_info = adapter->hw_dot_11ac_dev_cap;
255 
256 	if (!ap_11ac_enable) {
257 		vht_cfg.mcs_tx_set = DISABLE_VHT_MCS_SET;
258 		vht_cfg.mcs_rx_set = DISABLE_VHT_MCS_SET;
259 	} else {
260 		vht_cfg.mcs_tx_set = DEFAULT_VHT_MCS_SET;
261 		vht_cfg.mcs_rx_set = DEFAULT_VHT_MCS_SET;
262 	}
263 
264 	vht_cfg.misc_config  = VHT_CAP_UAP_ONLY;
265 
266 	if (ap_11ac_enable && width >= NL80211_CHAN_WIDTH_80)
267 		vht_cfg.misc_config |= VHT_BW_80_160_80P80;
268 
269 	mwifiex_send_cmd(priv, HostCmd_CMD_11AC_CFG,
270 			 HostCmd_ACT_GEN_SET, 0, &vht_cfg, true);
271 
272 	return;
273 }
274 
275 /* This function finds supported rates IE from beacon parameter and sets
276  * these rates into bss_config structure.
277  */
278 void
279 mwifiex_set_uap_rates(struct mwifiex_uap_bss_param *bss_cfg,
280 		      struct cfg80211_ap_settings *params)
281 {
282 	struct ieee_types_header *rate_ie;
283 	int var_offset = offsetof(struct ieee80211_mgmt, u.beacon.variable);
284 	const u8 *var_pos = params->beacon.head + var_offset;
285 	int len = params->beacon.head_len - var_offset;
286 	u8 rate_len = 0;
287 
288 	rate_ie = (void *)cfg80211_find_ie(WLAN_EID_SUPP_RATES, var_pos, len);
289 	if (rate_ie) {
290 		memcpy(bss_cfg->rates, rate_ie + 1, rate_ie->len);
291 		rate_len = rate_ie->len;
292 	}
293 
294 	rate_ie = (void *)cfg80211_find_ie(WLAN_EID_EXT_SUPP_RATES,
295 					   params->beacon.tail,
296 					   params->beacon.tail_len);
297 	if (rate_ie)
298 		memcpy(bss_cfg->rates + rate_len, rate_ie + 1, rate_ie->len);
299 
300 	return;
301 }
302 
303 /* This function initializes some of mwifiex_uap_bss_param variables.
304  * This helps FW in ignoring invalid values. These values may or may not
305  * be get updated to valid ones at later stage.
306  */
307 void mwifiex_set_sys_config_invalid_data(struct mwifiex_uap_bss_param *config)
308 {
309 	config->bcast_ssid_ctl = 0x7F;
310 	config->radio_ctl = 0x7F;
311 	config->dtim_period = 0x7F;
312 	config->beacon_period = 0x7FFF;
313 	config->auth_mode = 0x7F;
314 	config->rts_threshold = 0x7FFF;
315 	config->frag_threshold = 0x7FFF;
316 	config->retry_limit = 0x7F;
317 	config->qos_info = 0xFF;
318 }
319 
320 /* This function parses BSS related parameters from structure
321  * and prepares TLVs specific to WPA/WPA2 security.
322  * These TLVs are appended to command buffer.
323  */
324 static void
325 mwifiex_uap_bss_wpa(u8 **tlv_buf, void *cmd_buf, u16 *param_size)
326 {
327 	struct host_cmd_tlv_pwk_cipher *pwk_cipher;
328 	struct host_cmd_tlv_gwk_cipher *gwk_cipher;
329 	struct host_cmd_tlv_passphrase *passphrase;
330 	struct host_cmd_tlv_akmp *tlv_akmp;
331 	struct mwifiex_uap_bss_param *bss_cfg = cmd_buf;
332 	u16 cmd_size = *param_size;
333 	u8 *tlv = *tlv_buf;
334 
335 	tlv_akmp = (struct host_cmd_tlv_akmp *)tlv;
336 	tlv_akmp->header.type = cpu_to_le16(TLV_TYPE_UAP_AKMP);
337 	tlv_akmp->header.len = cpu_to_le16(sizeof(struct host_cmd_tlv_akmp) -
338 					sizeof(struct mwifiex_ie_types_header));
339 	tlv_akmp->key_mgmt_operation = cpu_to_le16(bss_cfg->key_mgmt_operation);
340 	tlv_akmp->key_mgmt = cpu_to_le16(bss_cfg->key_mgmt);
341 	cmd_size += sizeof(struct host_cmd_tlv_akmp);
342 	tlv += sizeof(struct host_cmd_tlv_akmp);
343 
344 	if (bss_cfg->wpa_cfg.pairwise_cipher_wpa & VALID_CIPHER_BITMAP) {
345 		pwk_cipher = (struct host_cmd_tlv_pwk_cipher *)tlv;
346 		pwk_cipher->header.type = cpu_to_le16(TLV_TYPE_PWK_CIPHER);
347 		pwk_cipher->header.len =
348 			cpu_to_le16(sizeof(struct host_cmd_tlv_pwk_cipher) -
349 				    sizeof(struct mwifiex_ie_types_header));
350 		pwk_cipher->proto = cpu_to_le16(PROTOCOL_WPA);
351 		pwk_cipher->cipher = bss_cfg->wpa_cfg.pairwise_cipher_wpa;
352 		cmd_size += sizeof(struct host_cmd_tlv_pwk_cipher);
353 		tlv += sizeof(struct host_cmd_tlv_pwk_cipher);
354 	}
355 
356 	if (bss_cfg->wpa_cfg.pairwise_cipher_wpa2 & VALID_CIPHER_BITMAP) {
357 		pwk_cipher = (struct host_cmd_tlv_pwk_cipher *)tlv;
358 		pwk_cipher->header.type = cpu_to_le16(TLV_TYPE_PWK_CIPHER);
359 		pwk_cipher->header.len =
360 			cpu_to_le16(sizeof(struct host_cmd_tlv_pwk_cipher) -
361 				    sizeof(struct mwifiex_ie_types_header));
362 		pwk_cipher->proto = cpu_to_le16(PROTOCOL_WPA2);
363 		pwk_cipher->cipher = bss_cfg->wpa_cfg.pairwise_cipher_wpa2;
364 		cmd_size += sizeof(struct host_cmd_tlv_pwk_cipher);
365 		tlv += sizeof(struct host_cmd_tlv_pwk_cipher);
366 	}
367 
368 	if (bss_cfg->wpa_cfg.group_cipher & VALID_CIPHER_BITMAP) {
369 		gwk_cipher = (struct host_cmd_tlv_gwk_cipher *)tlv;
370 		gwk_cipher->header.type = cpu_to_le16(TLV_TYPE_GWK_CIPHER);
371 		gwk_cipher->header.len =
372 			cpu_to_le16(sizeof(struct host_cmd_tlv_gwk_cipher) -
373 				    sizeof(struct mwifiex_ie_types_header));
374 		gwk_cipher->cipher = bss_cfg->wpa_cfg.group_cipher;
375 		cmd_size += sizeof(struct host_cmd_tlv_gwk_cipher);
376 		tlv += sizeof(struct host_cmd_tlv_gwk_cipher);
377 	}
378 
379 	if (bss_cfg->wpa_cfg.length) {
380 		passphrase = (struct host_cmd_tlv_passphrase *)tlv;
381 		passphrase->header.type =
382 				cpu_to_le16(TLV_TYPE_UAP_WPA_PASSPHRASE);
383 		passphrase->header.len = cpu_to_le16(bss_cfg->wpa_cfg.length);
384 		memcpy(passphrase->passphrase, bss_cfg->wpa_cfg.passphrase,
385 		       bss_cfg->wpa_cfg.length);
386 		cmd_size += sizeof(struct mwifiex_ie_types_header) +
387 			    bss_cfg->wpa_cfg.length;
388 		tlv += sizeof(struct mwifiex_ie_types_header) +
389 				bss_cfg->wpa_cfg.length;
390 	}
391 
392 	*param_size = cmd_size;
393 	*tlv_buf = tlv;
394 
395 	return;
396 }
397 
398 /* This function parses WMM related parameters from cfg80211_ap_settings
399  * structure and updates bss_config structure.
400  */
401 void
402 mwifiex_set_wmm_params(struct mwifiex_private *priv,
403 		       struct mwifiex_uap_bss_param *bss_cfg,
404 		       struct cfg80211_ap_settings *params)
405 {
406 	const u8 *vendor_ie;
407 	struct ieee_types_header *wmm_ie;
408 	u8 wmm_oui[] = {0x00, 0x50, 0xf2, 0x02};
409 
410 	vendor_ie = cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,
411 					    WLAN_OUI_TYPE_MICROSOFT_WMM,
412 					    params->beacon.tail,
413 					    params->beacon.tail_len);
414 	if (vendor_ie) {
415 		wmm_ie = (struct ieee_types_header *)vendor_ie;
416 		memcpy(&bss_cfg->wmm_info, wmm_ie + 1,
417 		       sizeof(bss_cfg->wmm_info));
418 		priv->wmm_enabled = 1;
419 	} else {
420 		memset(&bss_cfg->wmm_info, 0, sizeof(bss_cfg->wmm_info));
421 		memcpy(&bss_cfg->wmm_info.oui, wmm_oui, sizeof(wmm_oui));
422 		bss_cfg->wmm_info.subtype = MWIFIEX_WMM_SUBTYPE;
423 		bss_cfg->wmm_info.version = MWIFIEX_WMM_VERSION;
424 		priv->wmm_enabled = 0;
425 	}
426 
427 	bss_cfg->qos_info = 0x00;
428 	return;
429 }
430 /* This function parses BSS related parameters from structure
431  * and prepares TLVs specific to WEP encryption.
432  * These TLVs are appended to command buffer.
433  */
434 static void
435 mwifiex_uap_bss_wep(u8 **tlv_buf, void *cmd_buf, u16 *param_size)
436 {
437 	struct host_cmd_tlv_wep_key *wep_key;
438 	u16 cmd_size = *param_size;
439 	int i;
440 	u8 *tlv = *tlv_buf;
441 	struct mwifiex_uap_bss_param *bss_cfg = cmd_buf;
442 
443 	for (i = 0; i < NUM_WEP_KEYS; i++) {
444 		if (bss_cfg->wep_cfg[i].length &&
445 		    (bss_cfg->wep_cfg[i].length == WLAN_KEY_LEN_WEP40 ||
446 		     bss_cfg->wep_cfg[i].length == WLAN_KEY_LEN_WEP104)) {
447 			wep_key = (struct host_cmd_tlv_wep_key *)tlv;
448 			wep_key->header.type =
449 				cpu_to_le16(TLV_TYPE_UAP_WEP_KEY);
450 			wep_key->header.len =
451 				cpu_to_le16(bss_cfg->wep_cfg[i].length + 2);
452 			wep_key->key_index = bss_cfg->wep_cfg[i].key_index;
453 			wep_key->is_default = bss_cfg->wep_cfg[i].is_default;
454 			memcpy(wep_key->key, bss_cfg->wep_cfg[i].key,
455 			       bss_cfg->wep_cfg[i].length);
456 			cmd_size += sizeof(struct mwifiex_ie_types_header) + 2 +
457 				    bss_cfg->wep_cfg[i].length;
458 			tlv += sizeof(struct mwifiex_ie_types_header) + 2 +
459 				    bss_cfg->wep_cfg[i].length;
460 		}
461 	}
462 
463 	*param_size = cmd_size;
464 	*tlv_buf = tlv;
465 
466 	return;
467 }
468 
469 /* This function parses BSS related parameters from structure
470  * and prepares TLVs. These TLVs are appended to command buffer.
471 */
472 static int
473 mwifiex_uap_bss_param_prepare(u8 *tlv, void *cmd_buf, u16 *param_size)
474 {
475 	struct host_cmd_tlv_dtim_period *dtim_period;
476 	struct host_cmd_tlv_beacon_period *beacon_period;
477 	struct host_cmd_tlv_ssid *ssid;
478 	struct host_cmd_tlv_bcast_ssid *bcast_ssid;
479 	struct host_cmd_tlv_channel_band *chan_band;
480 	struct host_cmd_tlv_frag_threshold *frag_threshold;
481 	struct host_cmd_tlv_rts_threshold *rts_threshold;
482 	struct host_cmd_tlv_retry_limit *retry_limit;
483 	struct host_cmd_tlv_encrypt_protocol *encrypt_protocol;
484 	struct host_cmd_tlv_auth_type *auth_type;
485 	struct host_cmd_tlv_rates *tlv_rates;
486 	struct host_cmd_tlv_ageout_timer *ao_timer, *ps_ao_timer;
487 	struct host_cmd_tlv_power_constraint *pwr_ct;
488 	struct mwifiex_ie_types_htcap *htcap;
489 	struct mwifiex_ie_types_wmmcap *wmm_cap;
490 	struct mwifiex_uap_bss_param *bss_cfg = cmd_buf;
491 	int i;
492 	u16 cmd_size = *param_size;
493 
494 	if (bss_cfg->ssid.ssid_len) {
495 		ssid = (struct host_cmd_tlv_ssid *)tlv;
496 		ssid->header.type = cpu_to_le16(TLV_TYPE_UAP_SSID);
497 		ssid->header.len = cpu_to_le16((u16)bss_cfg->ssid.ssid_len);
498 		memcpy(ssid->ssid, bss_cfg->ssid.ssid, bss_cfg->ssid.ssid_len);
499 		cmd_size += sizeof(struct mwifiex_ie_types_header) +
500 			    bss_cfg->ssid.ssid_len;
501 		tlv += sizeof(struct mwifiex_ie_types_header) +
502 				bss_cfg->ssid.ssid_len;
503 
504 		bcast_ssid = (struct host_cmd_tlv_bcast_ssid *)tlv;
505 		bcast_ssid->header.type = cpu_to_le16(TLV_TYPE_UAP_BCAST_SSID);
506 		bcast_ssid->header.len =
507 				cpu_to_le16(sizeof(bcast_ssid->bcast_ctl));
508 		bcast_ssid->bcast_ctl = bss_cfg->bcast_ssid_ctl;
509 		cmd_size += sizeof(struct host_cmd_tlv_bcast_ssid);
510 		tlv += sizeof(struct host_cmd_tlv_bcast_ssid);
511 	}
512 	if (bss_cfg->rates[0]) {
513 		tlv_rates = (struct host_cmd_tlv_rates *)tlv;
514 		tlv_rates->header.type = cpu_to_le16(TLV_TYPE_UAP_RATES);
515 
516 		for (i = 0; i < MWIFIEX_SUPPORTED_RATES && bss_cfg->rates[i];
517 		     i++)
518 			tlv_rates->rates[i] = bss_cfg->rates[i];
519 
520 		tlv_rates->header.len = cpu_to_le16(i);
521 		cmd_size += sizeof(struct host_cmd_tlv_rates) + i;
522 		tlv += sizeof(struct host_cmd_tlv_rates) + i;
523 	}
524 	if (bss_cfg->channel &&
525 	    (((bss_cfg->band_cfg & BIT(0)) == BAND_CONFIG_BG &&
526 	      bss_cfg->channel <= MAX_CHANNEL_BAND_BG) ||
527 	    ((bss_cfg->band_cfg & BIT(0)) == BAND_CONFIG_A &&
528 	     bss_cfg->channel <= MAX_CHANNEL_BAND_A))) {
529 		chan_band = (struct host_cmd_tlv_channel_band *)tlv;
530 		chan_band->header.type = cpu_to_le16(TLV_TYPE_CHANNELBANDLIST);
531 		chan_band->header.len =
532 			cpu_to_le16(sizeof(struct host_cmd_tlv_channel_band) -
533 				    sizeof(struct mwifiex_ie_types_header));
534 		chan_band->band_config = bss_cfg->band_cfg;
535 		chan_band->channel = bss_cfg->channel;
536 		cmd_size += sizeof(struct host_cmd_tlv_channel_band);
537 		tlv += sizeof(struct host_cmd_tlv_channel_band);
538 	}
539 	if (bss_cfg->beacon_period >= MIN_BEACON_PERIOD &&
540 	    bss_cfg->beacon_period <= MAX_BEACON_PERIOD) {
541 		beacon_period = (struct host_cmd_tlv_beacon_period *)tlv;
542 		beacon_period->header.type =
543 					cpu_to_le16(TLV_TYPE_UAP_BEACON_PERIOD);
544 		beacon_period->header.len =
545 			cpu_to_le16(sizeof(struct host_cmd_tlv_beacon_period) -
546 				    sizeof(struct mwifiex_ie_types_header));
547 		beacon_period->period = cpu_to_le16(bss_cfg->beacon_period);
548 		cmd_size += sizeof(struct host_cmd_tlv_beacon_period);
549 		tlv += sizeof(struct host_cmd_tlv_beacon_period);
550 	}
551 	if (bss_cfg->dtim_period >= MIN_DTIM_PERIOD &&
552 	    bss_cfg->dtim_period <= MAX_DTIM_PERIOD) {
553 		dtim_period = (struct host_cmd_tlv_dtim_period *)tlv;
554 		dtim_period->header.type =
555 			cpu_to_le16(TLV_TYPE_UAP_DTIM_PERIOD);
556 		dtim_period->header.len =
557 			cpu_to_le16(sizeof(struct host_cmd_tlv_dtim_period) -
558 				    sizeof(struct mwifiex_ie_types_header));
559 		dtim_period->period = bss_cfg->dtim_period;
560 		cmd_size += sizeof(struct host_cmd_tlv_dtim_period);
561 		tlv += sizeof(struct host_cmd_tlv_dtim_period);
562 	}
563 	if (bss_cfg->rts_threshold <= MWIFIEX_RTS_MAX_VALUE) {
564 		rts_threshold = (struct host_cmd_tlv_rts_threshold *)tlv;
565 		rts_threshold->header.type =
566 					cpu_to_le16(TLV_TYPE_UAP_RTS_THRESHOLD);
567 		rts_threshold->header.len =
568 			cpu_to_le16(sizeof(struct host_cmd_tlv_rts_threshold) -
569 				    sizeof(struct mwifiex_ie_types_header));
570 		rts_threshold->rts_thr = cpu_to_le16(bss_cfg->rts_threshold);
571 		cmd_size += sizeof(struct host_cmd_tlv_frag_threshold);
572 		tlv += sizeof(struct host_cmd_tlv_frag_threshold);
573 	}
574 	if ((bss_cfg->frag_threshold >= MWIFIEX_FRAG_MIN_VALUE) &&
575 	    (bss_cfg->frag_threshold <= MWIFIEX_FRAG_MAX_VALUE)) {
576 		frag_threshold = (struct host_cmd_tlv_frag_threshold *)tlv;
577 		frag_threshold->header.type =
578 				cpu_to_le16(TLV_TYPE_UAP_FRAG_THRESHOLD);
579 		frag_threshold->header.len =
580 			cpu_to_le16(sizeof(struct host_cmd_tlv_frag_threshold) -
581 				    sizeof(struct mwifiex_ie_types_header));
582 		frag_threshold->frag_thr = cpu_to_le16(bss_cfg->frag_threshold);
583 		cmd_size += sizeof(struct host_cmd_tlv_frag_threshold);
584 		tlv += sizeof(struct host_cmd_tlv_frag_threshold);
585 	}
586 	if (bss_cfg->retry_limit <= MWIFIEX_RETRY_LIMIT) {
587 		retry_limit = (struct host_cmd_tlv_retry_limit *)tlv;
588 		retry_limit->header.type =
589 			cpu_to_le16(TLV_TYPE_UAP_RETRY_LIMIT);
590 		retry_limit->header.len =
591 			cpu_to_le16(sizeof(struct host_cmd_tlv_retry_limit) -
592 				    sizeof(struct mwifiex_ie_types_header));
593 		retry_limit->limit = (u8)bss_cfg->retry_limit;
594 		cmd_size += sizeof(struct host_cmd_tlv_retry_limit);
595 		tlv += sizeof(struct host_cmd_tlv_retry_limit);
596 	}
597 	if ((bss_cfg->protocol & PROTOCOL_WPA) ||
598 	    (bss_cfg->protocol & PROTOCOL_WPA2) ||
599 	    (bss_cfg->protocol & PROTOCOL_EAP))
600 		mwifiex_uap_bss_wpa(&tlv, cmd_buf, &cmd_size);
601 	else
602 		mwifiex_uap_bss_wep(&tlv, cmd_buf, &cmd_size);
603 
604 	if ((bss_cfg->auth_mode <= WLAN_AUTH_SHARED_KEY) ||
605 	    (bss_cfg->auth_mode == MWIFIEX_AUTH_MODE_AUTO)) {
606 		auth_type = (struct host_cmd_tlv_auth_type *)tlv;
607 		auth_type->header.type = cpu_to_le16(TLV_TYPE_AUTH_TYPE);
608 		auth_type->header.len =
609 			cpu_to_le16(sizeof(struct host_cmd_tlv_auth_type) -
610 			sizeof(struct mwifiex_ie_types_header));
611 		auth_type->auth_type = (u8)bss_cfg->auth_mode;
612 		cmd_size += sizeof(struct host_cmd_tlv_auth_type);
613 		tlv += sizeof(struct host_cmd_tlv_auth_type);
614 	}
615 	if (bss_cfg->protocol) {
616 		encrypt_protocol = (struct host_cmd_tlv_encrypt_protocol *)tlv;
617 		encrypt_protocol->header.type =
618 			cpu_to_le16(TLV_TYPE_UAP_ENCRY_PROTOCOL);
619 		encrypt_protocol->header.len =
620 			cpu_to_le16(sizeof(struct host_cmd_tlv_encrypt_protocol)
621 			- sizeof(struct mwifiex_ie_types_header));
622 		encrypt_protocol->proto = cpu_to_le16(bss_cfg->protocol);
623 		cmd_size += sizeof(struct host_cmd_tlv_encrypt_protocol);
624 		tlv += sizeof(struct host_cmd_tlv_encrypt_protocol);
625 	}
626 
627 	if (bss_cfg->ht_cap.cap_info) {
628 		htcap = (struct mwifiex_ie_types_htcap *)tlv;
629 		htcap->header.type = cpu_to_le16(WLAN_EID_HT_CAPABILITY);
630 		htcap->header.len =
631 				cpu_to_le16(sizeof(struct ieee80211_ht_cap));
632 		htcap->ht_cap.cap_info = bss_cfg->ht_cap.cap_info;
633 		htcap->ht_cap.ampdu_params_info =
634 					     bss_cfg->ht_cap.ampdu_params_info;
635 		memcpy(&htcap->ht_cap.mcs, &bss_cfg->ht_cap.mcs,
636 		       sizeof(struct ieee80211_mcs_info));
637 		htcap->ht_cap.extended_ht_cap_info =
638 					bss_cfg->ht_cap.extended_ht_cap_info;
639 		htcap->ht_cap.tx_BF_cap_info = bss_cfg->ht_cap.tx_BF_cap_info;
640 		htcap->ht_cap.antenna_selection_info =
641 					bss_cfg->ht_cap.antenna_selection_info;
642 		cmd_size += sizeof(struct mwifiex_ie_types_htcap);
643 		tlv += sizeof(struct mwifiex_ie_types_htcap);
644 	}
645 
646 	if (bss_cfg->wmm_info.qos_info != 0xFF) {
647 		wmm_cap = (struct mwifiex_ie_types_wmmcap *)tlv;
648 		wmm_cap->header.type = cpu_to_le16(WLAN_EID_VENDOR_SPECIFIC);
649 		wmm_cap->header.len = cpu_to_le16(sizeof(wmm_cap->wmm_info));
650 		memcpy(&wmm_cap->wmm_info, &bss_cfg->wmm_info,
651 		       sizeof(wmm_cap->wmm_info));
652 		cmd_size += sizeof(struct mwifiex_ie_types_wmmcap);
653 		tlv += sizeof(struct mwifiex_ie_types_wmmcap);
654 	}
655 
656 	if (bss_cfg->sta_ao_timer) {
657 		ao_timer = (struct host_cmd_tlv_ageout_timer *)tlv;
658 		ao_timer->header.type = cpu_to_le16(TLV_TYPE_UAP_AO_TIMER);
659 		ao_timer->header.len = cpu_to_le16(sizeof(*ao_timer) -
660 					sizeof(struct mwifiex_ie_types_header));
661 		ao_timer->sta_ao_timer = cpu_to_le32(bss_cfg->sta_ao_timer);
662 		cmd_size += sizeof(*ao_timer);
663 		tlv += sizeof(*ao_timer);
664 	}
665 
666 	if (bss_cfg->power_constraint) {
667 		pwr_ct = (void *)tlv;
668 		pwr_ct->header.type = cpu_to_le16(TLV_TYPE_PWR_CONSTRAINT);
669 		pwr_ct->header.len = cpu_to_le16(sizeof(u8));
670 		pwr_ct->constraint = bss_cfg->power_constraint;
671 		cmd_size += sizeof(*pwr_ct);
672 		tlv += sizeof(*pwr_ct);
673 	}
674 
675 	if (bss_cfg->ps_sta_ao_timer) {
676 		ps_ao_timer = (struct host_cmd_tlv_ageout_timer *)tlv;
677 		ps_ao_timer->header.type =
678 				cpu_to_le16(TLV_TYPE_UAP_PS_AO_TIMER);
679 		ps_ao_timer->header.len = cpu_to_le16(sizeof(*ps_ao_timer) -
680 				sizeof(struct mwifiex_ie_types_header));
681 		ps_ao_timer->sta_ao_timer =
682 					cpu_to_le32(bss_cfg->ps_sta_ao_timer);
683 		cmd_size += sizeof(*ps_ao_timer);
684 		tlv += sizeof(*ps_ao_timer);
685 	}
686 
687 	*param_size = cmd_size;
688 
689 	return 0;
690 }
691 
692 /* This function parses custom IEs from IE list and prepares command buffer */
693 static int mwifiex_uap_custom_ie_prepare(u8 *tlv, void *cmd_buf, u16 *ie_size)
694 {
695 	struct mwifiex_ie_list *ap_ie = cmd_buf;
696 	struct mwifiex_ie_types_header *tlv_ie = (void *)tlv;
697 
698 	if (!ap_ie || !ap_ie->len)
699 		return -1;
700 
701 	*ie_size += le16_to_cpu(ap_ie->len) +
702 			sizeof(struct mwifiex_ie_types_header);
703 
704 	tlv_ie->type = cpu_to_le16(TLV_TYPE_MGMT_IE);
705 	tlv_ie->len = ap_ie->len;
706 	tlv += sizeof(struct mwifiex_ie_types_header);
707 
708 	memcpy(tlv, ap_ie->ie_list, le16_to_cpu(ap_ie->len));
709 
710 	return 0;
711 }
712 
713 /* Parse AP config structure and prepare TLV based command structure
714  * to be sent to FW for uAP configuration
715  */
716 static int
717 mwifiex_cmd_uap_sys_config(struct host_cmd_ds_command *cmd, u16 cmd_action,
718 			   u32 type, void *cmd_buf)
719 {
720 	u8 *tlv;
721 	u16 cmd_size, param_size, ie_size;
722 	struct host_cmd_ds_sys_config *sys_cfg;
723 
724 	cmd->command = cpu_to_le16(HostCmd_CMD_UAP_SYS_CONFIG);
725 	cmd_size = (u16)(sizeof(struct host_cmd_ds_sys_config) + S_DS_GEN);
726 	sys_cfg = (struct host_cmd_ds_sys_config *)&cmd->params.uap_sys_config;
727 	sys_cfg->action = cpu_to_le16(cmd_action);
728 	tlv = sys_cfg->tlv;
729 
730 	switch (type) {
731 	case UAP_BSS_PARAMS_I:
732 		param_size = cmd_size;
733 		if (mwifiex_uap_bss_param_prepare(tlv, cmd_buf, &param_size))
734 			return -1;
735 		cmd->size = cpu_to_le16(param_size);
736 		break;
737 	case UAP_CUSTOM_IE_I:
738 		ie_size = cmd_size;
739 		if (mwifiex_uap_custom_ie_prepare(tlv, cmd_buf, &ie_size))
740 			return -1;
741 		cmd->size = cpu_to_le16(ie_size);
742 		break;
743 	default:
744 		return -1;
745 	}
746 
747 	return 0;
748 }
749 
750 /* This function prepares AP specific deauth command with mac supplied in
751  * function parameter.
752  */
753 static int mwifiex_cmd_uap_sta_deauth(struct mwifiex_private *priv,
754 				      struct host_cmd_ds_command *cmd, u8 *mac)
755 {
756 	struct host_cmd_ds_sta_deauth *sta_deauth = &cmd->params.sta_deauth;
757 
758 	cmd->command = cpu_to_le16(HostCmd_CMD_UAP_STA_DEAUTH);
759 	memcpy(sta_deauth->mac, mac, ETH_ALEN);
760 	sta_deauth->reason = cpu_to_le16(WLAN_REASON_DEAUTH_LEAVING);
761 
762 	cmd->size = cpu_to_le16(sizeof(struct host_cmd_ds_sta_deauth) +
763 				S_DS_GEN);
764 	return 0;
765 }
766 
767 /* This function prepares the AP specific commands before sending them
768  * to the firmware.
769  * This is a generic function which calls specific command preparation
770  * routines based upon the command number.
771  */
772 int mwifiex_uap_prepare_cmd(struct mwifiex_private *priv, u16 cmd_no,
773 			    u16 cmd_action, u32 type,
774 			    void *data_buf, void *cmd_buf)
775 {
776 	struct host_cmd_ds_command *cmd = cmd_buf;
777 
778 	switch (cmd_no) {
779 	case HostCmd_CMD_UAP_SYS_CONFIG:
780 		if (mwifiex_cmd_uap_sys_config(cmd, cmd_action, type, data_buf))
781 			return -1;
782 		break;
783 	case HostCmd_CMD_UAP_BSS_START:
784 	case HostCmd_CMD_UAP_BSS_STOP:
785 	case HOST_CMD_APCMD_SYS_RESET:
786 	case HOST_CMD_APCMD_STA_LIST:
787 		cmd->command = cpu_to_le16(cmd_no);
788 		cmd->size = cpu_to_le16(S_DS_GEN);
789 		break;
790 	case HostCmd_CMD_UAP_STA_DEAUTH:
791 		if (mwifiex_cmd_uap_sta_deauth(priv, cmd, data_buf))
792 			return -1;
793 		break;
794 	case HostCmd_CMD_CHAN_REPORT_REQUEST:
795 		if (mwifiex_cmd_issue_chan_report_request(priv, cmd_buf,
796 							  data_buf))
797 			return -1;
798 		break;
799 	default:
800 		mwifiex_dbg(priv->adapter, ERROR,
801 			    "PREP_CMD: unknown cmd %#x\n", cmd_no);
802 		return -1;
803 	}
804 
805 	return 0;
806 }
807 
808 void mwifiex_uap_set_channel(struct mwifiex_private *priv,
809 			     struct mwifiex_uap_bss_param *bss_cfg,
810 			     struct cfg80211_chan_def chandef)
811 {
812 	u8 config_bands = 0, old_bands = priv->adapter->config_bands;
813 
814 	priv->bss_chandef = chandef;
815 
816 	bss_cfg->channel = ieee80211_frequency_to_channel(
817 						     chandef.chan->center_freq);
818 
819 	/* Set appropriate bands */
820 	if (chandef.chan->band == NL80211_BAND_2GHZ) {
821 		bss_cfg->band_cfg = BAND_CONFIG_BG;
822 		config_bands = BAND_B | BAND_G;
823 
824 		if (chandef.width > NL80211_CHAN_WIDTH_20_NOHT)
825 			config_bands |= BAND_GN;
826 	} else {
827 		bss_cfg->band_cfg = BAND_CONFIG_A;
828 		config_bands = BAND_A;
829 
830 		if (chandef.width > NL80211_CHAN_WIDTH_20_NOHT)
831 			config_bands |= BAND_AN;
832 
833 		if (chandef.width > NL80211_CHAN_WIDTH_40)
834 			config_bands |= BAND_AAC;
835 	}
836 
837 	switch (chandef.width) {
838 	case NL80211_CHAN_WIDTH_5:
839 	case NL80211_CHAN_WIDTH_10:
840 	case NL80211_CHAN_WIDTH_20_NOHT:
841 	case NL80211_CHAN_WIDTH_20:
842 		break;
843 	case NL80211_CHAN_WIDTH_40:
844 		if (chandef.center_freq1 < chandef.chan->center_freq)
845 			bss_cfg->band_cfg |= MWIFIEX_SEC_CHAN_BELOW;
846 		else
847 			bss_cfg->band_cfg |= MWIFIEX_SEC_CHAN_ABOVE;
848 		break;
849 	case NL80211_CHAN_WIDTH_80:
850 	case NL80211_CHAN_WIDTH_80P80:
851 	case NL80211_CHAN_WIDTH_160:
852 		bss_cfg->band_cfg |=
853 		    mwifiex_get_sec_chan_offset(bss_cfg->channel) << 4;
854 		break;
855 	default:
856 		mwifiex_dbg(priv->adapter,
857 			    WARN, "Unknown channel width: %d\n",
858 			    chandef.width);
859 		break;
860 	}
861 
862 	priv->adapter->config_bands = config_bands;
863 
864 	if (old_bands != config_bands) {
865 		mwifiex_send_domain_info_cmd_fw(priv->adapter->wiphy);
866 		mwifiex_dnld_txpwr_table(priv);
867 	}
868 }
869 
870 int mwifiex_config_start_uap(struct mwifiex_private *priv,
871 			     struct mwifiex_uap_bss_param *bss_cfg)
872 {
873 	enum state_11d_t state_11d;
874 
875 	if (mwifiex_send_cmd(priv, HostCmd_CMD_UAP_SYS_CONFIG,
876 			     HostCmd_ACT_GEN_SET,
877 			     UAP_BSS_PARAMS_I, bss_cfg, true)) {
878 		mwifiex_dbg(priv->adapter, ERROR,
879 			    "Failed to set AP configuration\n");
880 		return -1;
881 	}
882 
883 	/* Send cmd to FW to enable 11D function */
884 	state_11d = ENABLE_11D;
885 	if (mwifiex_send_cmd(priv, HostCmd_CMD_802_11_SNMP_MIB,
886 			     HostCmd_ACT_GEN_SET, DOT11D_I,
887 			     &state_11d, true)) {
888 		mwifiex_dbg(priv->adapter, ERROR,
889 			    "11D: failed to enable 11D\n");
890 		return -1;
891 	}
892 
893 	if (mwifiex_send_cmd(priv, HostCmd_CMD_UAP_BSS_START,
894 			     HostCmd_ACT_GEN_SET, 0, NULL, true)) {
895 		mwifiex_dbg(priv->adapter, ERROR,
896 			    "Failed to start the BSS\n");
897 		return -1;
898 	}
899 
900 	if (priv->sec_info.wep_enabled)
901 		priv->curr_pkt_filter |= HostCmd_ACT_MAC_WEP_ENABLE;
902 	else
903 		priv->curr_pkt_filter &= ~HostCmd_ACT_MAC_WEP_ENABLE;
904 
905 	if (mwifiex_send_cmd(priv, HostCmd_CMD_MAC_CONTROL,
906 			     HostCmd_ACT_GEN_SET, 0,
907 			     &priv->curr_pkt_filter, true))
908 		return -1;
909 
910 	return 0;
911 }
912