xref: /openbmc/linux/drivers/net/wireless/rsi/rsi_91x_mgmt.c (revision 47aab53331effedd3f5a6136854bd1da011f94b6)
1 /*
2  * Copyright (c) 2014 Redpine Signals Inc.
3  *
4  * Permission to use, copy, modify, and/or distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16 
17 #include <linux/etherdevice.h>
18 #include <linux/timer.h>
19 #include "rsi_mgmt.h"
20 #include "rsi_common.h"
21 #include "rsi_ps.h"
22 #include "rsi_hal.h"
23 
24 static struct bootup_params boot_params_20 = {
25 	.magic_number = cpu_to_le16(0x5aa5),
26 	.crystal_good_time = 0x0,
27 	.valid = cpu_to_le32(VALID_20),
28 	.reserved_for_valids = 0x0,
29 	.bootup_mode_info = 0x0,
30 	.digital_loop_back_params = 0x0,
31 	.rtls_timestamp_en = 0x0,
32 	.host_spi_intr_cfg = 0x0,
33 	.device_clk_info = {{
34 		.pll_config_g = {
35 			.tapll_info_g = {
36 				.pll_reg_1 = cpu_to_le16((TA_PLL_N_VAL_20 << 8)|
37 					      (TA_PLL_M_VAL_20)),
38 				.pll_reg_2 = cpu_to_le16(TA_PLL_P_VAL_20),
39 			},
40 			.pll960_info_g = {
41 				.pll_reg_1 = cpu_to_le16((PLL960_P_VAL_20 << 8)|
42 							 (PLL960_N_VAL_20)),
43 				.pll_reg_2 = cpu_to_le16(PLL960_M_VAL_20),
44 				.pll_reg_3 = 0x0,
45 			},
46 			.afepll_info_g = {
47 				.pll_reg = cpu_to_le16(0x9f0),
48 			}
49 		},
50 		.switch_clk_g = {
51 			.switch_clk_info = cpu_to_le16(0xb),
52 			.bbp_lmac_clk_reg_val = cpu_to_le16(0x111),
53 			.umac_clock_reg_config = cpu_to_le16(0x48),
54 			.qspi_uart_clock_reg_config = cpu_to_le16(0x1211)
55 		}
56 	},
57 	{
58 		.pll_config_g = {
59 			.tapll_info_g = {
60 				.pll_reg_1 = cpu_to_le16((TA_PLL_N_VAL_20 << 8)|
61 							 (TA_PLL_M_VAL_20)),
62 				.pll_reg_2 = cpu_to_le16(TA_PLL_P_VAL_20),
63 			},
64 			.pll960_info_g = {
65 				.pll_reg_1 = cpu_to_le16((PLL960_P_VAL_20 << 8)|
66 							 (PLL960_N_VAL_20)),
67 				.pll_reg_2 = cpu_to_le16(PLL960_M_VAL_20),
68 				.pll_reg_3 = 0x0,
69 			},
70 			.afepll_info_g = {
71 				.pll_reg = cpu_to_le16(0x9f0),
72 			}
73 		},
74 		.switch_clk_g = {
75 			.switch_clk_info = 0x0,
76 			.bbp_lmac_clk_reg_val = 0x0,
77 			.umac_clock_reg_config = 0x0,
78 			.qspi_uart_clock_reg_config = 0x0
79 		}
80 	},
81 	{
82 		.pll_config_g = {
83 			.tapll_info_g = {
84 				.pll_reg_1 = cpu_to_le16((TA_PLL_N_VAL_20 << 8)|
85 							 (TA_PLL_M_VAL_20)),
86 				.pll_reg_2 = cpu_to_le16(TA_PLL_P_VAL_20),
87 			},
88 			.pll960_info_g = {
89 				.pll_reg_1 = cpu_to_le16((PLL960_P_VAL_20 << 8)|
90 							 (PLL960_N_VAL_20)),
91 				.pll_reg_2 = cpu_to_le16(PLL960_M_VAL_20),
92 				.pll_reg_3 = 0x0,
93 			},
94 			.afepll_info_g = {
95 				.pll_reg = cpu_to_le16(0x9f0),
96 			}
97 		},
98 		.switch_clk_g = {
99 			.switch_clk_info = 0x0,
100 			.bbp_lmac_clk_reg_val = 0x0,
101 			.umac_clock_reg_config = 0x0,
102 			.qspi_uart_clock_reg_config = 0x0
103 		}
104 	} },
105 	.buckboost_wakeup_cnt = 0x0,
106 	.pmu_wakeup_wait = 0x0,
107 	.shutdown_wait_time = 0x0,
108 	.pmu_slp_clkout_sel = 0x0,
109 	.wdt_prog_value = 0x0,
110 	.wdt_soc_rst_delay = 0x0,
111 	.dcdc_operation_mode = 0x0,
112 	.soc_reset_wait_cnt = 0x0,
113 	.waiting_time_at_fresh_sleep = 0x0,
114 	.max_threshold_to_avoid_sleep = 0x0,
115 	.beacon_resedue_alg_en = 0,
116 };
117 
118 static struct bootup_params boot_params_40 = {
119 	.magic_number = cpu_to_le16(0x5aa5),
120 	.crystal_good_time = 0x0,
121 	.valid = cpu_to_le32(VALID_40),
122 	.reserved_for_valids = 0x0,
123 	.bootup_mode_info = 0x0,
124 	.digital_loop_back_params = 0x0,
125 	.rtls_timestamp_en = 0x0,
126 	.host_spi_intr_cfg = 0x0,
127 	.device_clk_info = {{
128 		.pll_config_g = {
129 			.tapll_info_g = {
130 				.pll_reg_1 = cpu_to_le16((TA_PLL_N_VAL_40 << 8)|
131 							 (TA_PLL_M_VAL_40)),
132 				.pll_reg_2 = cpu_to_le16(TA_PLL_P_VAL_40),
133 			},
134 			.pll960_info_g = {
135 				.pll_reg_1 = cpu_to_le16((PLL960_P_VAL_40 << 8)|
136 							 (PLL960_N_VAL_40)),
137 				.pll_reg_2 = cpu_to_le16(PLL960_M_VAL_40),
138 				.pll_reg_3 = 0x0,
139 			},
140 			.afepll_info_g = {
141 				.pll_reg = cpu_to_le16(0x9f0),
142 			}
143 		},
144 		.switch_clk_g = {
145 			.switch_clk_info = cpu_to_le16(0x09),
146 			.bbp_lmac_clk_reg_val = cpu_to_le16(0x1121),
147 			.umac_clock_reg_config = cpu_to_le16(0x48),
148 			.qspi_uart_clock_reg_config = cpu_to_le16(0x1211)
149 		}
150 	},
151 	{
152 		.pll_config_g = {
153 			.tapll_info_g = {
154 				.pll_reg_1 = cpu_to_le16((TA_PLL_N_VAL_40 << 8)|
155 							 (TA_PLL_M_VAL_40)),
156 				.pll_reg_2 = cpu_to_le16(TA_PLL_P_VAL_40),
157 			},
158 			.pll960_info_g = {
159 				.pll_reg_1 = cpu_to_le16((PLL960_P_VAL_40 << 8)|
160 							 (PLL960_N_VAL_40)),
161 				.pll_reg_2 = cpu_to_le16(PLL960_M_VAL_40),
162 				.pll_reg_3 = 0x0,
163 			},
164 			.afepll_info_g = {
165 				.pll_reg = cpu_to_le16(0x9f0),
166 			}
167 		},
168 		.switch_clk_g = {
169 			.switch_clk_info = 0x0,
170 			.bbp_lmac_clk_reg_val = 0x0,
171 			.umac_clock_reg_config = 0x0,
172 			.qspi_uart_clock_reg_config = 0x0
173 		}
174 	},
175 	{
176 		.pll_config_g = {
177 			.tapll_info_g = {
178 				.pll_reg_1 = cpu_to_le16((TA_PLL_N_VAL_40 << 8)|
179 							 (TA_PLL_M_VAL_40)),
180 				.pll_reg_2 = cpu_to_le16(TA_PLL_P_VAL_40),
181 			},
182 			.pll960_info_g = {
183 				.pll_reg_1 = cpu_to_le16((PLL960_P_VAL_40 << 8)|
184 							 (PLL960_N_VAL_40)),
185 				.pll_reg_2 = cpu_to_le16(PLL960_M_VAL_40),
186 				.pll_reg_3 = 0x0,
187 			},
188 			.afepll_info_g = {
189 				.pll_reg = cpu_to_le16(0x9f0),
190 			}
191 		},
192 		.switch_clk_g = {
193 			.switch_clk_info = 0x0,
194 			.bbp_lmac_clk_reg_val = 0x0,
195 			.umac_clock_reg_config = 0x0,
196 			.qspi_uart_clock_reg_config = 0x0
197 		}
198 	} },
199 	.buckboost_wakeup_cnt = 0x0,
200 	.pmu_wakeup_wait = 0x0,
201 	.shutdown_wait_time = 0x0,
202 	.pmu_slp_clkout_sel = 0x0,
203 	.wdt_prog_value = 0x0,
204 	.wdt_soc_rst_delay = 0x0,
205 	.dcdc_operation_mode = 0x0,
206 	.soc_reset_wait_cnt = 0x0,
207 	.waiting_time_at_fresh_sleep = 0x0,
208 	.max_threshold_to_avoid_sleep = 0x0,
209 	.beacon_resedue_alg_en = 0,
210 };
211 
212 static struct bootup_params_9116 boot_params_9116_20 = {
213 	.magic_number = cpu_to_le16(LOADED_TOKEN),
214 	.valid = cpu_to_le32(VALID_20),
215 	.device_clk_info_9116 = {{
216 		.pll_config_9116_g = {
217 			.pll_ctrl_set_reg = cpu_to_le16(0xd518),
218 			.pll_ctrl_clr_reg = cpu_to_le16(0x2ae7),
219 			.pll_modem_conig_reg = cpu_to_le16(0x2000),
220 			.soc_clk_config_reg = cpu_to_le16(0x0c18),
221 			.adc_dac_strm1_config_reg = cpu_to_le16(0x1100),
222 			.adc_dac_strm2_config_reg = cpu_to_le16(0x6600),
223 		},
224 		.switch_clk_9116_g = {
225 			.switch_clk_info =
226 				cpu_to_le32((RSI_SWITCH_TASS_CLK |
227 					    RSI_SWITCH_WLAN_BBP_LMAC_CLK_REG |
228 					    RSI_SWITCH_BBP_LMAC_CLK_REG)),
229 			.tass_clock_reg = cpu_to_le32(0x083C0503),
230 			.wlan_bbp_lmac_clk_reg_val = cpu_to_le32(0x01042001),
231 			.zbbt_bbp_lmac_clk_reg_val = cpu_to_le32(0x02010001),
232 			.bbp_lmac_clk_en_val = cpu_to_le32(0x0000003b),
233 		}
234 	},
235 	},
236 };
237 
238 static struct bootup_params_9116 boot_params_9116_40 = {
239 	.magic_number = cpu_to_le16(LOADED_TOKEN),
240 	.valid = cpu_to_le32(VALID_40),
241 	.device_clk_info_9116 = {{
242 		.pll_config_9116_g = {
243 			.pll_ctrl_set_reg = cpu_to_le16(0xd518),
244 			.pll_ctrl_clr_reg = cpu_to_le16(0x2ae7),
245 			.pll_modem_conig_reg = cpu_to_le16(0x3000),
246 			.soc_clk_config_reg = cpu_to_le16(0x0c18),
247 			.adc_dac_strm1_config_reg = cpu_to_le16(0x0000),
248 			.adc_dac_strm2_config_reg = cpu_to_le16(0x6600),
249 		},
250 		.switch_clk_9116_g = {
251 			.switch_clk_info =
252 				cpu_to_le32((RSI_SWITCH_TASS_CLK |
253 					    RSI_SWITCH_WLAN_BBP_LMAC_CLK_REG |
254 					    RSI_SWITCH_BBP_LMAC_CLK_REG |
255 					    RSI_MODEM_CLK_160MHZ)),
256 			.tass_clock_reg = cpu_to_le32(0x083C0503),
257 			.wlan_bbp_lmac_clk_reg_val = cpu_to_le32(0x01042002),
258 			.zbbt_bbp_lmac_clk_reg_val = cpu_to_le32(0x04010002),
259 			.bbp_lmac_clk_en_val = cpu_to_le32(0x0000003b),
260 		}
261 	},
262 	},
263 };
264 
265 static u16 mcs[] = {13, 26, 39, 52, 78, 104, 117, 130};
266 
267 /**
268  * rsi_set_default_parameters() - This function sets default parameters.
269  * @common: Pointer to the driver private structure.
270  *
271  * Return: none
272  */
273 static void rsi_set_default_parameters(struct rsi_common *common)
274 {
275 	common->band = NL80211_BAND_2GHZ;
276 	common->channel_width = BW_20MHZ;
277 	common->rts_threshold = IEEE80211_MAX_RTS_THRESHOLD;
278 	common->channel = 1;
279 	memset(&common->rate_config, 0, sizeof(common->rate_config));
280 	common->fsm_state = FSM_CARD_NOT_READY;
281 	common->iface_down = true;
282 	common->endpoint = EP_2GHZ_20MHZ;
283 	common->driver_mode = 1; /* End to end mode */
284 	common->lp_ps_handshake_mode = 0; /* Default no handShake mode*/
285 	common->ulp_ps_handshake_mode = 2; /* Default PKT handShake mode*/
286 	common->rf_power_val = 0; /* Default 1.9V */
287 	common->wlan_rf_power_mode = 0;
288 	common->obm_ant_sel_val = 2;
289 	common->beacon_interval = RSI_BEACON_INTERVAL;
290 	common->dtim_cnt = RSI_DTIM_COUNT;
291 	common->w9116_features.pll_mode = 0x0;
292 	common->w9116_features.rf_type = 1;
293 	common->w9116_features.wireless_mode = 0;
294 	common->w9116_features.enable_ppe = 0;
295 	common->w9116_features.afe_type = 1;
296 	common->w9116_features.dpd = 0;
297 	common->w9116_features.sifs_tx_enable = 0;
298 	common->w9116_features.ps_options = 0;
299 }
300 
301 void init_bgscan_params(struct rsi_common *common)
302 {
303 	memset((u8 *)&common->bgscan, 0, sizeof(struct rsi_bgscan_params));
304 	common->bgscan.bgscan_threshold = RSI_DEF_BGSCAN_THRLD;
305 	common->bgscan.roam_threshold = RSI_DEF_ROAM_THRLD;
306 	common->bgscan.bgscan_periodicity = RSI_BGSCAN_PERIODICITY;
307 	common->bgscan.num_bgscan_channels = 0;
308 	common->bgscan.two_probe = 1;
309 	common->bgscan.active_scan_duration = RSI_ACTIVE_SCAN_TIME;
310 	common->bgscan.passive_scan_duration = RSI_PASSIVE_SCAN_TIME;
311 }
312 
313 /**
314  * rsi_set_contention_vals() - This function sets the contention values for the
315  *			       backoff procedure.
316  * @common: Pointer to the driver private structure.
317  *
318  * Return: None.
319  */
320 static void rsi_set_contention_vals(struct rsi_common *common)
321 {
322 	u8 ii = 0;
323 
324 	for (; ii < NUM_EDCA_QUEUES; ii++) {
325 		common->tx_qinfo[ii].wme_params =
326 			(((common->edca_params[ii].cw_min / 2) +
327 			  (common->edca_params[ii].aifs)) *
328 			  WMM_SHORT_SLOT_TIME + SIFS_DURATION);
329 		common->tx_qinfo[ii].weight = common->tx_qinfo[ii].wme_params;
330 		common->tx_qinfo[ii].pkt_contended = 0;
331 	}
332 }
333 
334 /**
335  * rsi_send_internal_mgmt_frame() - This function sends management frames to
336  *				    firmware.Also schedules packet to queue
337  *				    for transmission.
338  * @common: Pointer to the driver private structure.
339  * @skb: Pointer to the socket buffer structure.
340  *
341  * Return: 0 on success, -1 on failure.
342  */
343 static int rsi_send_internal_mgmt_frame(struct rsi_common *common,
344 					struct sk_buff *skb)
345 {
346 	struct skb_info *tx_params;
347 	struct rsi_cmd_desc *desc;
348 
349 	if (skb == NULL) {
350 		rsi_dbg(ERR_ZONE, "%s: Unable to allocate skb\n", __func__);
351 		return -ENOMEM;
352 	}
353 	desc = (struct rsi_cmd_desc *)skb->data;
354 	desc->desc_dword0.len_qno |= cpu_to_le16(DESC_IMMEDIATE_WAKEUP);
355 	skb->priority = MGMT_SOFT_Q;
356 	tx_params = (struct skb_info *)&IEEE80211_SKB_CB(skb)->driver_data;
357 	tx_params->flags |= INTERNAL_MGMT_PKT;
358 	skb_queue_tail(&common->tx_queue[MGMT_SOFT_Q], skb);
359 	rsi_set_event(&common->tx_thread.event);
360 	return 0;
361 }
362 
363 /**
364  * rsi_load_radio_caps() - This function is used to send radio capabilities
365  *			   values to firmware.
366  * @common: Pointer to the driver private structure.
367  *
368  * Return: 0 on success, corresponding negative error code on failure.
369  */
370 static int rsi_load_radio_caps(struct rsi_common *common)
371 {
372 	struct rsi_radio_caps *radio_caps;
373 	struct rsi_hw *adapter = common->priv;
374 	u16 inx = 0;
375 	u8 ii;
376 	u8 radio_id = 0;
377 	u16 gc[20] = {0xf0, 0xf0, 0xf0, 0xf0,
378 		      0xf0, 0xf0, 0xf0, 0xf0,
379 		      0xf0, 0xf0, 0xf0, 0xf0,
380 		      0xf0, 0xf0, 0xf0, 0xf0,
381 		      0xf0, 0xf0, 0xf0, 0xf0};
382 	struct sk_buff *skb;
383 	u16 frame_len = sizeof(struct rsi_radio_caps);
384 
385 	rsi_dbg(INFO_ZONE, "%s: Sending rate symbol req frame\n", __func__);
386 
387 	skb = dev_alloc_skb(frame_len);
388 
389 	if (!skb) {
390 		rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
391 			__func__);
392 		return -ENOMEM;
393 	}
394 
395 	memset(skb->data, 0, frame_len);
396 	radio_caps = (struct rsi_radio_caps *)skb->data;
397 
398 	radio_caps->desc_dword0.frame_type = RADIO_CAPABILITIES;
399 	radio_caps->channel_num = common->channel;
400 	radio_caps->rf_model = RSI_RF_TYPE;
401 
402 	radio_caps->radio_cfg_info = RSI_LMAC_CLOCK_80MHZ;
403 	if (common->channel_width == BW_40MHZ) {
404 		radio_caps->radio_cfg_info |= RSI_ENABLE_40MHZ;
405 
406 		if (common->fsm_state == FSM_MAC_INIT_DONE) {
407 			struct ieee80211_hw *hw = adapter->hw;
408 			struct ieee80211_conf *conf = &hw->conf;
409 
410 			if (conf_is_ht40_plus(conf)) {
411 				radio_caps->ppe_ack_rate =
412 					cpu_to_le16(LOWER_20_ENABLE |
413 						    (LOWER_20_ENABLE >> 12));
414 			} else if (conf_is_ht40_minus(conf)) {
415 				radio_caps->ppe_ack_rate =
416 					cpu_to_le16(UPPER_20_ENABLE |
417 						    (UPPER_20_ENABLE >> 12));
418 			} else {
419 				radio_caps->ppe_ack_rate =
420 					cpu_to_le16((BW_40MHZ << 12) |
421 						    FULL40M_ENABLE);
422 			}
423 		}
424 	}
425 	radio_caps->radio_info |= radio_id;
426 
427 	if (adapter->device_model == RSI_DEV_9116 &&
428 	    common->channel_width == BW_20MHZ)
429 		radio_caps->radio_cfg_info &= ~0x3;
430 
431 	radio_caps->sifs_tx_11n = cpu_to_le16(SIFS_TX_11N_VALUE);
432 	radio_caps->sifs_tx_11b = cpu_to_le16(SIFS_TX_11B_VALUE);
433 	radio_caps->slot_rx_11n = cpu_to_le16(SHORT_SLOT_VALUE);
434 	radio_caps->ofdm_ack_tout = cpu_to_le16(OFDM_ACK_TOUT_VALUE);
435 	radio_caps->cck_ack_tout = cpu_to_le16(CCK_ACK_TOUT_VALUE);
436 	radio_caps->preamble_type = cpu_to_le16(LONG_PREAMBLE);
437 
438 	for (ii = 0; ii < MAX_HW_QUEUES; ii++) {
439 		radio_caps->qos_params[ii].cont_win_min_q = cpu_to_le16(3);
440 		radio_caps->qos_params[ii].cont_win_max_q = cpu_to_le16(0x3f);
441 		radio_caps->qos_params[ii].aifsn_val_q = cpu_to_le16(2);
442 		radio_caps->qos_params[ii].txop_q = 0;
443 	}
444 
445 	for (ii = 0; ii < NUM_EDCA_QUEUES; ii++) {
446 		if (common->edca_params[ii].cw_max > 0) {
447 			radio_caps->qos_params[ii].cont_win_min_q =
448 				cpu_to_le16(common->edca_params[ii].cw_min);
449 			radio_caps->qos_params[ii].cont_win_max_q =
450 				cpu_to_le16(common->edca_params[ii].cw_max);
451 			radio_caps->qos_params[ii].aifsn_val_q =
452 				cpu_to_le16(common->edca_params[ii].aifs << 8);
453 			radio_caps->qos_params[ii].txop_q =
454 				cpu_to_le16(common->edca_params[ii].txop);
455 		}
456 	}
457 
458 	radio_caps->qos_params[BROADCAST_HW_Q].txop_q = cpu_to_le16(0xffff);
459 	radio_caps->qos_params[MGMT_HW_Q].txop_q = 0;
460 	radio_caps->qos_params[BEACON_HW_Q].txop_q = cpu_to_le16(0xffff);
461 
462 	memcpy(&common->rate_pwr[0], &gc[0], 40);
463 	for (ii = 0; ii < 20; ii++)
464 		radio_caps->gcpd_per_rate[inx++] =
465 			cpu_to_le16(common->rate_pwr[ii]  & 0x00FF);
466 
467 	rsi_set_len_qno(&radio_caps->desc_dword0.len_qno,
468 			(frame_len - FRAME_DESC_SZ), RSI_WIFI_MGMT_Q);
469 
470 	skb_put(skb, frame_len);
471 
472 	return rsi_send_internal_mgmt_frame(common, skb);
473 }
474 
475 /**
476  * rsi_mgmt_pkt_to_core() - This function is the entry point for Mgmt module.
477  * @common: Pointer to the driver private structure.
478  * @msg: Pointer to received packet.
479  * @msg_len: Length of the received packet.
480  *
481  * Return: 0 on success, -1 on failure.
482  */
483 static int rsi_mgmt_pkt_to_core(struct rsi_common *common,
484 				u8 *msg,
485 				s32 msg_len)
486 {
487 	struct rsi_hw *adapter = common->priv;
488 	struct ieee80211_tx_info *info;
489 	struct skb_info *rx_params;
490 	u8 pad_bytes = msg[4];
491 	struct sk_buff *skb;
492 
493 	if (!adapter->sc_nvifs)
494 		return -ENOLINK;
495 
496 	msg_len -= pad_bytes;
497 	if (msg_len <= 0) {
498 		rsi_dbg(MGMT_RX_ZONE,
499 			"%s: Invalid rx msg of len = %d\n",
500 			__func__, msg_len);
501 		return -EINVAL;
502 	}
503 
504 	skb = dev_alloc_skb(msg_len);
505 	if (!skb)
506 		return -ENOMEM;
507 
508 	skb_put_data(skb,
509 		     (u8 *)(msg + FRAME_DESC_SZ + pad_bytes),
510 		     msg_len);
511 
512 	info = IEEE80211_SKB_CB(skb);
513 	rx_params = (struct skb_info *)info->driver_data;
514 	rx_params->rssi = rsi_get_rssi(msg);
515 	rx_params->channel = rsi_get_channel(msg);
516 	rsi_indicate_pkt_to_os(common, skb);
517 
518 	return 0;
519 }
520 
521 /**
522  * rsi_hal_send_sta_notify_frame() - This function sends the station notify
523  *				     frame to firmware.
524  * @common: Pointer to the driver private structure.
525  * @opmode: Operating mode of device.
526  * @notify_event: Notification about station connection.
527  * @bssid: bssid.
528  * @qos_enable: Qos is enabled.
529  * @aid: Aid (unique for all STA).
530  * @sta_id: station id.
531  * @vif: Pointer to the ieee80211_vif structure.
532  *
533  * Return: status: 0 on success, corresponding negative error code on failure.
534  */
535 int rsi_hal_send_sta_notify_frame(struct rsi_common *common, enum opmode opmode,
536 				  u8 notify_event, const unsigned char *bssid,
537 				  u8 qos_enable, u16 aid, u16 sta_id,
538 				  struct ieee80211_vif *vif)
539 {
540 	struct sk_buff *skb = NULL;
541 	struct rsi_peer_notify *peer_notify;
542 	u16 vap_id = ((struct vif_priv *)vif->drv_priv)->vap_id;
543 	int status;
544 	u16 frame_len = sizeof(struct rsi_peer_notify);
545 
546 	rsi_dbg(MGMT_TX_ZONE, "%s: Sending sta notify frame\n", __func__);
547 
548 	skb = dev_alloc_skb(frame_len);
549 
550 	if (!skb) {
551 		rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
552 			__func__);
553 		return -ENOMEM;
554 	}
555 
556 	memset(skb->data, 0, frame_len);
557 	peer_notify = (struct rsi_peer_notify *)skb->data;
558 
559 	if (opmode == RSI_OPMODE_STA)
560 		peer_notify->command = cpu_to_le16(PEER_TYPE_AP << 1);
561 	else if (opmode == RSI_OPMODE_AP)
562 		peer_notify->command = cpu_to_le16(PEER_TYPE_STA << 1);
563 
564 	switch (notify_event) {
565 	case STA_CONNECTED:
566 		peer_notify->command |= cpu_to_le16(RSI_ADD_PEER);
567 		break;
568 	case STA_DISCONNECTED:
569 		peer_notify->command |= cpu_to_le16(RSI_DELETE_PEER);
570 		break;
571 	default:
572 		break;
573 	}
574 
575 	peer_notify->command |= cpu_to_le16((aid & 0xfff) << 4);
576 	ether_addr_copy(peer_notify->mac_addr, bssid);
577 	peer_notify->mpdu_density = cpu_to_le16(RSI_MPDU_DENSITY);
578 	peer_notify->sta_flags = cpu_to_le32((qos_enable) ? 1 : 0);
579 
580 	rsi_set_len_qno(&peer_notify->desc.desc_dword0.len_qno,
581 			(frame_len - FRAME_DESC_SZ),
582 			RSI_WIFI_MGMT_Q);
583 	peer_notify->desc.desc_dword0.frame_type = PEER_NOTIFY;
584 	peer_notify->desc.desc_dword3.qid_tid = sta_id;
585 	peer_notify->desc.desc_dword3.sta_id = vap_id;
586 
587 	skb_put(skb, frame_len);
588 
589 	status = rsi_send_internal_mgmt_frame(common, skb);
590 
591 	if ((vif->type == NL80211_IFTYPE_STATION) &&
592 	    (!status && qos_enable)) {
593 		rsi_set_contention_vals(common);
594 		status = rsi_load_radio_caps(common);
595 	}
596 	return status;
597 }
598 
599 /**
600  * rsi_send_aggregation_params_frame() - This function sends the ampdu
601  *					 indication frame to firmware.
602  * @common: Pointer to the driver private structure.
603  * @tid: traffic identifier.
604  * @ssn: ssn.
605  * @buf_size: buffer size.
606  * @event: notification about station connection.
607  * @sta_id: station id.
608  *
609  * Return: 0 on success, corresponding negative error code on failure.
610  */
611 int rsi_send_aggregation_params_frame(struct rsi_common *common,
612 				      u16 tid,
613 				      u16 ssn,
614 				      u8 buf_size,
615 				      u8 event,
616 				      u8 sta_id)
617 {
618 	struct sk_buff *skb = NULL;
619 	struct rsi_aggr_params *aggr_params;
620 	u16 frame_len = sizeof(struct rsi_aggr_params);
621 
622 	skb = dev_alloc_skb(frame_len);
623 
624 	if (!skb) {
625 		rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
626 			__func__);
627 		return -ENOMEM;
628 	}
629 
630 	memset(skb->data, 0, frame_len);
631 	aggr_params = (struct rsi_aggr_params *)skb->data;
632 
633 	rsi_dbg(MGMT_TX_ZONE, "%s: Sending AMPDU indication frame\n", __func__);
634 
635 	rsi_set_len_qno(&aggr_params->desc_dword0.len_qno, 0, RSI_WIFI_MGMT_Q);
636 	aggr_params->desc_dword0.frame_type = AMPDU_IND;
637 
638 	aggr_params->aggr_params = tid & RSI_AGGR_PARAMS_TID_MASK;
639 	aggr_params->peer_id = sta_id;
640 	if (event == STA_TX_ADDBA_DONE) {
641 		aggr_params->seq_start = cpu_to_le16(ssn);
642 		aggr_params->baw_size = cpu_to_le16(buf_size);
643 		aggr_params->aggr_params |= RSI_AGGR_PARAMS_START;
644 	} else if (event == STA_RX_ADDBA_DONE) {
645 		aggr_params->seq_start = cpu_to_le16(ssn);
646 		aggr_params->aggr_params |= (RSI_AGGR_PARAMS_START |
647 					     RSI_AGGR_PARAMS_RX_AGGR);
648 	} else if (event == STA_RX_DELBA) {
649 		aggr_params->aggr_params |= RSI_AGGR_PARAMS_RX_AGGR;
650 	}
651 
652 	skb_put(skb, frame_len);
653 
654 	return rsi_send_internal_mgmt_frame(common, skb);
655 }
656 
657 /**
658  * rsi_program_bb_rf() - This function starts base band and RF programming.
659  *			 This is called after initial configurations are done.
660  * @common: Pointer to the driver private structure.
661  *
662  * Return: 0 on success, corresponding negative error code on failure.
663  */
664 static int rsi_program_bb_rf(struct rsi_common *common)
665 {
666 	struct sk_buff *skb;
667 	struct rsi_bb_rf_prog *bb_rf_prog;
668 	u16 frame_len = sizeof(struct rsi_bb_rf_prog);
669 
670 	rsi_dbg(MGMT_TX_ZONE, "%s: Sending program BB/RF frame\n", __func__);
671 
672 	skb = dev_alloc_skb(frame_len);
673 	if (!skb) {
674 		rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
675 			__func__);
676 		return -ENOMEM;
677 	}
678 
679 	memset(skb->data, 0, frame_len);
680 	bb_rf_prog = (struct rsi_bb_rf_prog *)skb->data;
681 
682 	rsi_set_len_qno(&bb_rf_prog->desc_dword0.len_qno, 0, RSI_WIFI_MGMT_Q);
683 	bb_rf_prog->desc_dword0.frame_type = BBP_PROG_IN_TA;
684 	bb_rf_prog->endpoint = common->endpoint;
685 	bb_rf_prog->rf_power_mode = common->wlan_rf_power_mode;
686 
687 	if (common->rf_reset) {
688 		bb_rf_prog->flags =  cpu_to_le16(RF_RESET_ENABLE);
689 		rsi_dbg(MGMT_TX_ZONE, "%s: ===> RF RESET REQUEST SENT <===\n",
690 			__func__);
691 		common->rf_reset = 0;
692 	}
693 	common->bb_rf_prog_count = 1;
694 	bb_rf_prog->flags |= cpu_to_le16(PUT_BBP_RESET | BBP_REG_WRITE |
695 					 (RSI_RF_TYPE << 4));
696 	skb_put(skb, frame_len);
697 
698 	return rsi_send_internal_mgmt_frame(common, skb);
699 }
700 
701 /**
702  * rsi_set_vap_capabilities() - This function send vap capability to firmware.
703  * @common: Pointer to the driver private structure.
704  * @mode: Operating mode of device.
705  * @mac_addr: MAC address
706  * @vap_id: Rate information - offset and mask
707  * @vap_status: VAP status - ADD, DELETE or UPDATE
708  *
709  * Return: 0 on success, corresponding negative error code on failure.
710  */
711 int rsi_set_vap_capabilities(struct rsi_common *common,
712 			     enum opmode mode,
713 			     u8 *mac_addr,
714 			     u8 vap_id,
715 			     u8 vap_status)
716 {
717 	struct sk_buff *skb = NULL;
718 	struct rsi_vap_caps *vap_caps;
719 	struct rsi_hw *adapter = common->priv;
720 	struct ieee80211_hw *hw = adapter->hw;
721 	struct ieee80211_conf *conf = &hw->conf;
722 	u16 frame_len = sizeof(struct rsi_vap_caps);
723 
724 	rsi_dbg(MGMT_TX_ZONE, "%s: Sending VAP capabilities frame\n", __func__);
725 
726 	skb = dev_alloc_skb(frame_len);
727 	if (!skb) {
728 		rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
729 			__func__);
730 		return -ENOMEM;
731 	}
732 
733 	memset(skb->data, 0, frame_len);
734 	vap_caps = (struct rsi_vap_caps *)skb->data;
735 
736 	rsi_set_len_qno(&vap_caps->desc_dword0.len_qno,
737 			(frame_len - FRAME_DESC_SZ), RSI_WIFI_MGMT_Q);
738 	vap_caps->desc_dword0.frame_type = VAP_CAPABILITIES;
739 	vap_caps->status = vap_status;
740 	vap_caps->vif_type = mode;
741 	vap_caps->channel_bw = common->channel_width;
742 	vap_caps->vap_id = vap_id;
743 	vap_caps->radioid_macid = ((common->mac_id & 0xf) << 4) |
744 				   (common->radio_id & 0xf);
745 
746 	memcpy(vap_caps->mac_addr, mac_addr, IEEE80211_ADDR_LEN);
747 	vap_caps->keep_alive_period = cpu_to_le16(90);
748 	vap_caps->frag_threshold = cpu_to_le16(IEEE80211_MAX_FRAG_THRESHOLD);
749 
750 	vap_caps->rts_threshold = cpu_to_le16(common->rts_threshold);
751 
752 	if (common->band == NL80211_BAND_5GHZ) {
753 		vap_caps->default_ctrl_rate = cpu_to_le16(RSI_RATE_6);
754 		vap_caps->default_mgmt_rate = cpu_to_le32(RSI_RATE_6);
755 	} else {
756 		vap_caps->default_ctrl_rate = cpu_to_le16(RSI_RATE_1);
757 		vap_caps->default_mgmt_rate = cpu_to_le32(RSI_RATE_1);
758 	}
759 	if (conf_is_ht40(conf)) {
760 		if (conf_is_ht40_minus(conf))
761 			vap_caps->ctrl_rate_flags =
762 				cpu_to_le16(UPPER_20_ENABLE);
763 		else if (conf_is_ht40_plus(conf))
764 			vap_caps->ctrl_rate_flags =
765 				cpu_to_le16(LOWER_20_ENABLE);
766 		else
767 			vap_caps->ctrl_rate_flags =
768 				cpu_to_le16(FULL40M_ENABLE);
769 	}
770 
771 	vap_caps->default_data_rate = 0;
772 	vap_caps->beacon_interval = cpu_to_le16(common->beacon_interval);
773 	vap_caps->dtim_period = cpu_to_le16(common->dtim_cnt);
774 
775 	skb_put(skb, frame_len);
776 
777 	return rsi_send_internal_mgmt_frame(common, skb);
778 }
779 
780 /**
781  * rsi_hal_load_key() - This function is used to load keys within the firmware.
782  * @common: Pointer to the driver private structure.
783  * @data: Pointer to the key data.
784  * @key_len: Key length to be loaded.
785  * @key_type: Type of key: GROUP/PAIRWISE.
786  * @key_id: Key index.
787  * @cipher: Type of cipher used.
788  * @sta_id: Station id.
789  * @vif: Pointer to the ieee80211_vif structure.
790  *
791  * Return: 0 on success, -1 on failure.
792  */
793 int rsi_hal_load_key(struct rsi_common *common,
794 		     u8 *data,
795 		     u16 key_len,
796 		     u8 key_type,
797 		     u8 key_id,
798 		     u32 cipher,
799 		     s16 sta_id,
800 		     struct ieee80211_vif *vif)
801 {
802 	struct sk_buff *skb = NULL;
803 	struct rsi_set_key *set_key;
804 	u16 key_descriptor = 0;
805 	u16 frame_len = sizeof(struct rsi_set_key);
806 
807 	rsi_dbg(MGMT_TX_ZONE, "%s: Sending load key frame\n", __func__);
808 
809 	skb = dev_alloc_skb(frame_len);
810 	if (!skb) {
811 		rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
812 			__func__);
813 		return -ENOMEM;
814 	}
815 
816 	memset(skb->data, 0, frame_len);
817 	set_key = (struct rsi_set_key *)skb->data;
818 
819 	if (key_type == RSI_GROUP_KEY) {
820 		key_descriptor = RSI_KEY_TYPE_BROADCAST;
821 		if (vif->type == NL80211_IFTYPE_AP)
822 			key_descriptor |= RSI_KEY_MODE_AP;
823 	}
824 	if ((cipher == WLAN_CIPHER_SUITE_WEP40) ||
825 	    (cipher == WLAN_CIPHER_SUITE_WEP104)) {
826 		key_id = 0;
827 		key_descriptor |= RSI_WEP_KEY;
828 		if (key_len >= 13)
829 			key_descriptor |= RSI_WEP_KEY_104;
830 	} else if (cipher != KEY_TYPE_CLEAR) {
831 		key_descriptor |= RSI_CIPHER_WPA;
832 		if (cipher == WLAN_CIPHER_SUITE_TKIP)
833 			key_descriptor |= RSI_CIPHER_TKIP;
834 	}
835 	key_descriptor |= RSI_PROTECT_DATA_FRAMES;
836 	key_descriptor |= (key_id << RSI_KEY_ID_OFFSET);
837 
838 	rsi_set_len_qno(&set_key->desc_dword0.len_qno,
839 			(frame_len - FRAME_DESC_SZ), RSI_WIFI_MGMT_Q);
840 	set_key->desc_dword0.frame_type = SET_KEY_REQ;
841 	set_key->key_desc = cpu_to_le16(key_descriptor);
842 	set_key->sta_id = sta_id;
843 
844 	if (data) {
845 		if ((cipher == WLAN_CIPHER_SUITE_WEP40) ||
846 		    (cipher == WLAN_CIPHER_SUITE_WEP104)) {
847 			memcpy(&set_key->key[key_id][1], data, key_len * 2);
848 		} else {
849 			memcpy(&set_key->key[0][0], data, key_len);
850 		}
851 		memcpy(set_key->tx_mic_key, &data[16], 8);
852 		memcpy(set_key->rx_mic_key, &data[24], 8);
853 	} else {
854 		memset(&set_key[FRAME_DESC_SZ], 0, frame_len - FRAME_DESC_SZ);
855 	}
856 
857 	skb_put(skb, frame_len);
858 
859 	return rsi_send_internal_mgmt_frame(common, skb);
860 }
861 
862 /*
863  * This function sends the common device configuration parameters to device.
864  * This frame includes the useful information to make device works on
865  * specific operating mode.
866  */
867 static int rsi_send_common_dev_params(struct rsi_common *common)
868 {
869 	struct sk_buff *skb;
870 	u16 frame_len;
871 	struct rsi_config_vals *dev_cfgs;
872 
873 	frame_len = sizeof(struct rsi_config_vals);
874 
875 	rsi_dbg(MGMT_TX_ZONE, "Sending common device config params\n");
876 	skb = dev_alloc_skb(frame_len);
877 	if (!skb) {
878 		rsi_dbg(ERR_ZONE, "%s: Unable to allocate skb\n", __func__);
879 		return -ENOMEM;
880 	}
881 
882 	memset(skb->data, 0, frame_len);
883 
884 	dev_cfgs = (struct rsi_config_vals *)skb->data;
885 	memset(dev_cfgs, 0, (sizeof(struct rsi_config_vals)));
886 
887 	rsi_set_len_qno(&dev_cfgs->len_qno, (frame_len - FRAME_DESC_SZ),
888 			RSI_COEX_Q);
889 	dev_cfgs->pkt_type = COMMON_DEV_CONFIG;
890 
891 	dev_cfgs->lp_ps_handshake = common->lp_ps_handshake_mode;
892 	dev_cfgs->ulp_ps_handshake = common->ulp_ps_handshake_mode;
893 
894 	dev_cfgs->unused_ulp_gpio = RSI_UNUSED_ULP_GPIO_BITMAP;
895 	dev_cfgs->unused_soc_gpio_bitmap =
896 				cpu_to_le32(RSI_UNUSED_SOC_GPIO_BITMAP);
897 
898 	dev_cfgs->opermode = common->oper_mode;
899 	dev_cfgs->wlan_rf_pwr_mode = common->wlan_rf_power_mode;
900 	dev_cfgs->driver_mode = common->driver_mode;
901 	dev_cfgs->region_code = NL80211_DFS_FCC;
902 	dev_cfgs->antenna_sel_val = common->obm_ant_sel_val;
903 
904 	skb_put(skb, frame_len);
905 
906 	return rsi_send_internal_mgmt_frame(common, skb);
907 }
908 
909 /*
910  * rsi_load_bootup_params() - This function send bootup params to the firmware.
911  * @common: Pointer to the driver private structure.
912  *
913  * Return: 0 on success, corresponding error code on failure.
914  */
915 static int rsi_load_bootup_params(struct rsi_common *common)
916 {
917 	struct sk_buff *skb;
918 	struct rsi_boot_params *boot_params;
919 
920 	rsi_dbg(MGMT_TX_ZONE, "%s: Sending boot params frame\n", __func__);
921 	skb = dev_alloc_skb(sizeof(struct rsi_boot_params));
922 	if (!skb) {
923 		rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
924 			__func__);
925 		return -ENOMEM;
926 	}
927 
928 	memset(skb->data, 0, sizeof(struct rsi_boot_params));
929 	boot_params = (struct rsi_boot_params *)skb->data;
930 
931 	rsi_dbg(MGMT_TX_ZONE, "%s:\n", __func__);
932 
933 	if (common->channel_width == BW_40MHZ) {
934 		memcpy(&boot_params->bootup_params,
935 		       &boot_params_40,
936 		       sizeof(struct bootup_params));
937 		rsi_dbg(MGMT_TX_ZONE, "%s: Packet 40MHZ <=== %d\n", __func__,
938 			UMAC_CLK_40BW);
939 		boot_params->desc_word[7] = cpu_to_le16(UMAC_CLK_40BW);
940 	} else {
941 		memcpy(&boot_params->bootup_params,
942 		       &boot_params_20,
943 		       sizeof(struct bootup_params));
944 		if (boot_params_20.valid != cpu_to_le32(VALID_20)) {
945 			boot_params->desc_word[7] = cpu_to_le16(UMAC_CLK_20BW);
946 			rsi_dbg(MGMT_TX_ZONE,
947 				"%s: Packet 20MHZ <=== %d\n", __func__,
948 				UMAC_CLK_20BW);
949 		} else {
950 			boot_params->desc_word[7] = cpu_to_le16(UMAC_CLK_40MHZ);
951 			rsi_dbg(MGMT_TX_ZONE,
952 				"%s: Packet 20MHZ <=== %d\n", __func__,
953 				UMAC_CLK_40MHZ);
954 		}
955 	}
956 
957 	/**
958 	 * Bit{0:11} indicates length of the Packet
959 	 * Bit{12:15} indicates host queue number
960 	 */
961 	boot_params->desc_word[0] = cpu_to_le16(sizeof(struct bootup_params) |
962 				    (RSI_WIFI_MGMT_Q << 12));
963 	boot_params->desc_word[1] = cpu_to_le16(BOOTUP_PARAMS_REQUEST);
964 
965 	skb_put(skb, sizeof(struct rsi_boot_params));
966 
967 	return rsi_send_internal_mgmt_frame(common, skb);
968 }
969 
970 static int rsi_load_9116_bootup_params(struct rsi_common *common)
971 {
972 	struct sk_buff *skb;
973 	struct rsi_boot_params_9116 *boot_params;
974 
975 	rsi_dbg(MGMT_TX_ZONE, "%s: Sending boot params frame\n", __func__);
976 
977 	skb = dev_alloc_skb(sizeof(struct rsi_boot_params_9116));
978 	if (!skb)
979 		return -ENOMEM;
980 	memset(skb->data, 0, sizeof(struct rsi_boot_params));
981 	boot_params = (struct rsi_boot_params_9116 *)skb->data;
982 
983 	if (common->channel_width == BW_40MHZ) {
984 		memcpy(&boot_params->bootup_params,
985 		       &boot_params_9116_40,
986 		       sizeof(struct bootup_params_9116));
987 		rsi_dbg(MGMT_TX_ZONE, "%s: Packet 40MHZ <=== %d\n", __func__,
988 			UMAC_CLK_40BW);
989 		boot_params->umac_clk = cpu_to_le16(UMAC_CLK_40BW);
990 	} else {
991 		memcpy(&boot_params->bootup_params,
992 		       &boot_params_9116_20,
993 		       sizeof(struct bootup_params_9116));
994 		if (boot_params_20.valid != cpu_to_le32(VALID_20)) {
995 			boot_params->umac_clk = cpu_to_le16(UMAC_CLK_20BW);
996 			rsi_dbg(MGMT_TX_ZONE,
997 				"%s: Packet 20MHZ <=== %d\n", __func__,
998 				UMAC_CLK_20BW);
999 		} else {
1000 			boot_params->umac_clk = cpu_to_le16(UMAC_CLK_40MHZ);
1001 			rsi_dbg(MGMT_TX_ZONE,
1002 				"%s: Packet 20MHZ <=== %d\n", __func__,
1003 				UMAC_CLK_40MHZ);
1004 		}
1005 	}
1006 	rsi_set_len_qno(&boot_params->desc_dword0.len_qno,
1007 			sizeof(struct bootup_params_9116), RSI_WIFI_MGMT_Q);
1008 	boot_params->desc_dword0.frame_type = BOOTUP_PARAMS_REQUEST;
1009 	skb_put(skb, sizeof(struct rsi_boot_params_9116));
1010 
1011 	return rsi_send_internal_mgmt_frame(common, skb);
1012 }
1013 
1014 /**
1015  * rsi_send_reset_mac() - This function prepares reset MAC request and sends an
1016  *			  internal management frame to indicate it to firmware.
1017  * @common: Pointer to the driver private structure.
1018  *
1019  * Return: 0 on success, corresponding error code on failure.
1020  */
1021 static int rsi_send_reset_mac(struct rsi_common *common)
1022 {
1023 	struct sk_buff *skb;
1024 	struct rsi_mac_frame *mgmt_frame;
1025 
1026 	rsi_dbg(MGMT_TX_ZONE, "%s: Sending reset MAC frame\n", __func__);
1027 
1028 	skb = dev_alloc_skb(FRAME_DESC_SZ);
1029 	if (!skb) {
1030 		rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
1031 			__func__);
1032 		return -ENOMEM;
1033 	}
1034 
1035 	memset(skb->data, 0, FRAME_DESC_SZ);
1036 	mgmt_frame = (struct rsi_mac_frame *)skb->data;
1037 
1038 	mgmt_frame->desc_word[0] = cpu_to_le16(RSI_WIFI_MGMT_Q << 12);
1039 	mgmt_frame->desc_word[1] = cpu_to_le16(RESET_MAC_REQ);
1040 	mgmt_frame->desc_word[4] = cpu_to_le16(RETRY_COUNT << 8);
1041 
1042 #define RSI_9116_DEF_TA_AGGR	3
1043 	if (common->priv->device_model == RSI_DEV_9116)
1044 		mgmt_frame->desc_word[3] |=
1045 			cpu_to_le16(RSI_9116_DEF_TA_AGGR << 8);
1046 
1047 	skb_put(skb, FRAME_DESC_SZ);
1048 
1049 	return rsi_send_internal_mgmt_frame(common, skb);
1050 }
1051 
1052 /**
1053  * rsi_band_check() - This function programs the band
1054  * @common: Pointer to the driver private structure.
1055  * @curchan: Pointer to the current channel structure.
1056  *
1057  * Return: 0 on success, corresponding error code on failure.
1058  */
1059 int rsi_band_check(struct rsi_common *common,
1060 		   struct ieee80211_channel *curchan)
1061 {
1062 	struct rsi_hw *adapter = common->priv;
1063 	struct ieee80211_hw *hw = adapter->hw;
1064 	u8 prev_bw = common->channel_width;
1065 	u8 prev_ep = common->endpoint;
1066 	int status = 0;
1067 
1068 	if (common->band != curchan->band) {
1069 		common->rf_reset = 1;
1070 		common->band = curchan->band;
1071 	}
1072 
1073 	if ((hw->conf.chandef.width == NL80211_CHAN_WIDTH_20_NOHT) ||
1074 	    (hw->conf.chandef.width == NL80211_CHAN_WIDTH_20))
1075 		common->channel_width = BW_20MHZ;
1076 	else
1077 		common->channel_width = BW_40MHZ;
1078 
1079 	if (common->band == NL80211_BAND_2GHZ) {
1080 		if (common->channel_width)
1081 			common->endpoint = EP_2GHZ_40MHZ;
1082 		else
1083 			common->endpoint = EP_2GHZ_20MHZ;
1084 	} else {
1085 		if (common->channel_width)
1086 			common->endpoint = EP_5GHZ_40MHZ;
1087 		else
1088 			common->endpoint = EP_5GHZ_20MHZ;
1089 	}
1090 
1091 	if (common->endpoint != prev_ep) {
1092 		status = rsi_program_bb_rf(common);
1093 		if (status)
1094 			return status;
1095 	}
1096 
1097 	if (common->channel_width != prev_bw) {
1098 		if (adapter->device_model == RSI_DEV_9116)
1099 			status = rsi_load_9116_bootup_params(common);
1100 		else
1101 			status = rsi_load_bootup_params(common);
1102 		if (status)
1103 			return status;
1104 
1105 		status = rsi_load_radio_caps(common);
1106 		if (status)
1107 			return status;
1108 	}
1109 
1110 	return status;
1111 }
1112 
1113 /**
1114  * rsi_set_channel() - This function programs the channel.
1115  * @common: Pointer to the driver private structure.
1116  * @channel: Channel value to be set.
1117  *
1118  * Return: 0 on success, corresponding error code on failure.
1119  */
1120 int rsi_set_channel(struct rsi_common *common,
1121 		    struct ieee80211_channel *channel)
1122 {
1123 	struct sk_buff *skb = NULL;
1124 	struct rsi_chan_config *chan_cfg;
1125 	u16 frame_len = sizeof(struct rsi_chan_config);
1126 
1127 	rsi_dbg(MGMT_TX_ZONE,
1128 		"%s: Sending scan req frame\n", __func__);
1129 
1130 	if (!channel)
1131 		return 0;
1132 
1133 	skb = dev_alloc_skb(frame_len);
1134 	if (!skb) {
1135 		rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
1136 			__func__);
1137 		return -ENOMEM;
1138 	}
1139 
1140 	memset(skb->data, 0, frame_len);
1141 	chan_cfg = (struct rsi_chan_config *)skb->data;
1142 
1143 	rsi_set_len_qno(&chan_cfg->desc_dword0.len_qno, 0, RSI_WIFI_MGMT_Q);
1144 	chan_cfg->desc_dword0.frame_type = SCAN_REQUEST;
1145 	chan_cfg->channel_number = channel->hw_value;
1146 	chan_cfg->antenna_gain_offset_2g = channel->max_antenna_gain;
1147 	chan_cfg->antenna_gain_offset_5g = channel->max_antenna_gain;
1148 	chan_cfg->region_rftype = (RSI_RF_TYPE & 0xf) << 4;
1149 
1150 	if ((channel->flags & IEEE80211_CHAN_NO_IR) ||
1151 	    (channel->flags & IEEE80211_CHAN_RADAR)) {
1152 		chan_cfg->antenna_gain_offset_2g |= RSI_CHAN_RADAR;
1153 	} else {
1154 		if (common->tx_power < channel->max_power)
1155 			chan_cfg->tx_power = cpu_to_le16(common->tx_power);
1156 		else
1157 			chan_cfg->tx_power = cpu_to_le16(channel->max_power);
1158 	}
1159 	chan_cfg->region_rftype |= (common->priv->dfs_region & 0xf);
1160 
1161 	if (common->channel_width == BW_40MHZ)
1162 		chan_cfg->channel_width = 0x1;
1163 
1164 	common->channel = channel->hw_value;
1165 
1166 	skb_put(skb, frame_len);
1167 
1168 	return rsi_send_internal_mgmt_frame(common, skb);
1169 }
1170 
1171 /**
1172  * rsi_send_radio_params_update() - This function sends the radio
1173  *				parameters update to device
1174  * @common: Pointer to the driver private structure.
1175  *
1176  * Return: 0 on success, corresponding error code on failure.
1177  */
1178 int rsi_send_radio_params_update(struct rsi_common *common)
1179 {
1180 	struct rsi_mac_frame *cmd_frame;
1181 	struct sk_buff *skb = NULL;
1182 
1183 	rsi_dbg(MGMT_TX_ZONE,
1184 		"%s: Sending Radio Params update frame\n", __func__);
1185 
1186 	skb = dev_alloc_skb(FRAME_DESC_SZ);
1187 	if (!skb) {
1188 		rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
1189 			__func__);
1190 		return -ENOMEM;
1191 	}
1192 
1193 	memset(skb->data, 0, FRAME_DESC_SZ);
1194 	cmd_frame = (struct rsi_mac_frame *)skb->data;
1195 
1196 	cmd_frame->desc_word[0] = cpu_to_le16(RSI_WIFI_MGMT_Q << 12);
1197 	cmd_frame->desc_word[1] = cpu_to_le16(RADIO_PARAMS_UPDATE);
1198 	cmd_frame->desc_word[3] = cpu_to_le16(BIT(0));
1199 
1200 	cmd_frame->desc_word[3] |= cpu_to_le16(common->tx_power << 8);
1201 
1202 	skb_put(skb, FRAME_DESC_SZ);
1203 
1204 	return rsi_send_internal_mgmt_frame(common, skb);
1205 }
1206 
1207 /* This function programs the threshold. */
1208 int rsi_send_vap_dynamic_update(struct rsi_common *common)
1209 {
1210 	struct sk_buff *skb;
1211 	struct rsi_dynamic_s *dynamic_frame;
1212 
1213 	rsi_dbg(MGMT_TX_ZONE,
1214 		"%s: Sending vap update indication frame\n", __func__);
1215 
1216 	skb = dev_alloc_skb(sizeof(struct rsi_dynamic_s));
1217 	if (!skb)
1218 		return -ENOMEM;
1219 
1220 	memset(skb->data, 0, sizeof(struct rsi_dynamic_s));
1221 	dynamic_frame = (struct rsi_dynamic_s *)skb->data;
1222 	rsi_set_len_qno(&dynamic_frame->desc_dword0.len_qno,
1223 			sizeof(dynamic_frame->frame_body), RSI_WIFI_MGMT_Q);
1224 
1225 	dynamic_frame->desc_dword0.frame_type = VAP_DYNAMIC_UPDATE;
1226 	dynamic_frame->desc_dword2.pkt_info =
1227 					cpu_to_le32(common->rts_threshold);
1228 
1229 	if (common->wow_flags & RSI_WOW_ENABLED) {
1230 		/* Beacon miss threshold */
1231 		dynamic_frame->desc_dword3.token =
1232 					cpu_to_le16(RSI_BCN_MISS_THRESHOLD);
1233 		dynamic_frame->frame_body.keep_alive_period =
1234 					cpu_to_le16(RSI_WOW_KEEPALIVE);
1235 	} else {
1236 		dynamic_frame->frame_body.keep_alive_period =
1237 					cpu_to_le16(RSI_DEF_KEEPALIVE);
1238 	}
1239 
1240 	dynamic_frame->desc_dword3.sta_id = 0; /* vap id */
1241 
1242 	skb_put(skb, sizeof(struct rsi_dynamic_s));
1243 
1244 	return rsi_send_internal_mgmt_frame(common, skb);
1245 }
1246 
1247 /**
1248  * rsi_compare() - This function is used to compare two integers
1249  * @a: pointer to the first integer
1250  * @b: pointer to the second integer
1251  *
1252  * Return: 0 if both are equal, -1 if the first is smaller, else 1
1253  */
1254 static int rsi_compare(const void *a, const void *b)
1255 {
1256 	u16 _a = *(const u16 *)(a);
1257 	u16 _b = *(const u16 *)(b);
1258 
1259 	if (_a > _b)
1260 		return -1;
1261 
1262 	if (_a < _b)
1263 		return 1;
1264 
1265 	return 0;
1266 }
1267 
1268 /**
1269  * rsi_map_rates() - This function is used to map selected rates to hw rates.
1270  * @rate: The standard rate to be mapped.
1271  * @offset: Offset that will be returned.
1272  *
1273  * Return: 0 if it is a mcs rate, else 1
1274  */
1275 static bool rsi_map_rates(u16 rate, int *offset)
1276 {
1277 	int kk;
1278 	for (kk = 0; kk < ARRAY_SIZE(rsi_mcsrates); kk++) {
1279 		if (rate == mcs[kk]) {
1280 			*offset = kk;
1281 			return false;
1282 		}
1283 	}
1284 
1285 	for (kk = 0; kk < ARRAY_SIZE(rsi_rates); kk++) {
1286 		if (rate == rsi_rates[kk].bitrate / 5) {
1287 			*offset = kk;
1288 			break;
1289 		}
1290 	}
1291 	return true;
1292 }
1293 
1294 /**
1295  * rsi_send_auto_rate_request() - This function is to set rates for connection
1296  *				  and send autorate request to firmware.
1297  * @common: Pointer to the driver private structure.
1298  * @sta: mac80211 station.
1299  * @sta_id: station id.
1300  * @vif: Pointer to the ieee80211_vif structure.
1301  *
1302  * Return: 0 on success, corresponding error code on failure.
1303  */
1304 static int rsi_send_auto_rate_request(struct rsi_common *common,
1305 				      struct ieee80211_sta *sta,
1306 				      u16 sta_id,
1307 				      struct ieee80211_vif *vif)
1308 {
1309 	struct sk_buff *skb;
1310 	struct rsi_auto_rate *auto_rate;
1311 	int ii = 0, jj = 0, kk = 0;
1312 	struct ieee80211_hw *hw = common->priv->hw;
1313 	u8 band = hw->conf.chandef.chan->band;
1314 	u8 num_supported_rates = 0;
1315 	u8 rate_table_offset, rate_offset = 0;
1316 	u32 rate_bitmap, configured_rates;
1317 	u16 *selected_rates, min_rate;
1318 	bool is_ht = false, is_sgi = false;
1319 	u16 frame_len = sizeof(struct rsi_auto_rate);
1320 
1321 	rsi_dbg(MGMT_TX_ZONE,
1322 		"%s: Sending auto rate request frame\n", __func__);
1323 
1324 	skb = dev_alloc_skb(frame_len);
1325 	if (!skb) {
1326 		rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
1327 			__func__);
1328 		return -ENOMEM;
1329 	}
1330 
1331 	memset(skb->data, 0, frame_len);
1332 	selected_rates = kzalloc(2 * RSI_TBL_SZ, GFP_KERNEL);
1333 	if (!selected_rates) {
1334 		rsi_dbg(ERR_ZONE, "%s: Failed in allocation of mem\n",
1335 			__func__);
1336 		dev_kfree_skb(skb);
1337 		return -ENOMEM;
1338 	}
1339 
1340 	auto_rate = (struct rsi_auto_rate *)skb->data;
1341 
1342 	auto_rate->aarf_rssi = cpu_to_le16(((u16)3 << 6) | (u16)(18 & 0x3f));
1343 	auto_rate->collision_tolerance = cpu_to_le16(3);
1344 	auto_rate->failure_limit = cpu_to_le16(3);
1345 	auto_rate->initial_boundary = cpu_to_le16(3);
1346 	auto_rate->max_threshold_limt = cpu_to_le16(27);
1347 
1348 	auto_rate->desc.desc_dword0.frame_type = AUTO_RATE_IND;
1349 
1350 	if (common->channel_width == BW_40MHZ)
1351 		auto_rate->desc.desc_dword3.qid_tid = BW_40MHZ;
1352 	auto_rate->desc.desc_dword3.sta_id = sta_id;
1353 
1354 	if (vif->type == NL80211_IFTYPE_STATION) {
1355 		rate_bitmap = common->bitrate_mask[band];
1356 		is_ht = common->vif_info[0].is_ht;
1357 		is_sgi = common->vif_info[0].sgi;
1358 	} else {
1359 		rate_bitmap = sta->deflink.supp_rates[band];
1360 		is_ht = sta->deflink.ht_cap.ht_supported;
1361 		if ((sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_20) ||
1362 		    (sta->deflink.ht_cap.cap & IEEE80211_HT_CAP_SGI_40))
1363 			is_sgi = true;
1364 	}
1365 
1366 	/* Limit to any rates administratively configured by cfg80211 */
1367 	configured_rates = common->rate_config[band].configured_mask ?: 0xffffffff;
1368 	rate_bitmap &= configured_rates;
1369 
1370 	if (band == NL80211_BAND_2GHZ) {
1371 		if ((rate_bitmap == 0) && (is_ht))
1372 			min_rate = RSI_RATE_MCS0;
1373 		else
1374 			min_rate = RSI_RATE_1;
1375 		rate_table_offset = 0;
1376 	} else {
1377 		if ((rate_bitmap == 0) && (is_ht))
1378 			min_rate = RSI_RATE_MCS0;
1379 		else
1380 			min_rate = RSI_RATE_6;
1381 		rate_table_offset = 4;
1382 	}
1383 
1384 	for (ii = 0, jj = 0;
1385 	     ii < (ARRAY_SIZE(rsi_rates) - rate_table_offset); ii++) {
1386 		if (rate_bitmap & BIT(ii)) {
1387 			selected_rates[jj++] =
1388 			(rsi_rates[ii + rate_table_offset].bitrate / 5);
1389 			rate_offset++;
1390 		}
1391 	}
1392 	num_supported_rates = jj;
1393 
1394 	if (is_ht) {
1395 		for (ii = 0; ii < ARRAY_SIZE(mcs); ii++) {
1396 			if (configured_rates & BIT(ii + ARRAY_SIZE(rsi_rates))) {
1397 				selected_rates[jj++] = mcs[ii];
1398 				num_supported_rates++;
1399 				rate_offset++;
1400 			}
1401 		}
1402 	}
1403 
1404 	sort(selected_rates, jj, sizeof(u16), &rsi_compare, NULL);
1405 
1406 	/* mapping the rates to RSI rates */
1407 	for (ii = 0; ii < jj; ii++) {
1408 		if (rsi_map_rates(selected_rates[ii], &kk)) {
1409 			auto_rate->supported_rates[ii] =
1410 				cpu_to_le16(rsi_rates[kk].hw_value);
1411 		} else {
1412 			auto_rate->supported_rates[ii] =
1413 				cpu_to_le16(rsi_mcsrates[kk]);
1414 		}
1415 	}
1416 
1417 	/* loading HT rates in the bottom half of the auto rate table */
1418 	if (is_ht) {
1419 		for (ii = rate_offset, kk = ARRAY_SIZE(rsi_mcsrates) - 1;
1420 		     ii < rate_offset + 2 * ARRAY_SIZE(rsi_mcsrates); ii++) {
1421 			if (is_sgi || conf_is_ht40(&common->priv->hw->conf))
1422 				auto_rate->supported_rates[ii++] =
1423 					cpu_to_le16(rsi_mcsrates[kk] | BIT(9));
1424 			else
1425 				auto_rate->supported_rates[ii++] =
1426 					cpu_to_le16(rsi_mcsrates[kk]);
1427 			auto_rate->supported_rates[ii] =
1428 				cpu_to_le16(rsi_mcsrates[kk--]);
1429 		}
1430 
1431 		for (; ii < (RSI_TBL_SZ - 1); ii++) {
1432 			auto_rate->supported_rates[ii] =
1433 				cpu_to_le16(rsi_mcsrates[0]);
1434 		}
1435 	}
1436 
1437 	for (; ii < RSI_TBL_SZ; ii++)
1438 		auto_rate->supported_rates[ii] = cpu_to_le16(min_rate);
1439 
1440 	auto_rate->num_supported_rates = cpu_to_le16(num_supported_rates * 2);
1441 	auto_rate->moderate_rate_inx = cpu_to_le16(num_supported_rates / 2);
1442 	num_supported_rates *= 2;
1443 
1444 	rsi_set_len_qno(&auto_rate->desc.desc_dword0.len_qno,
1445 			(frame_len - FRAME_DESC_SZ), RSI_WIFI_MGMT_Q);
1446 
1447 	skb_put(skb, frame_len);
1448 	kfree(selected_rates);
1449 
1450 	return rsi_send_internal_mgmt_frame(common, skb);
1451 }
1452 
1453 /**
1454  * rsi_inform_bss_status() - This function informs about bss status with the
1455  *			     help of sta notify params by sending an internal
1456  *			     management frame to firmware.
1457  * @common: Pointer to the driver private structure.
1458  * @opmode: Operating mode of device.
1459  * @status: Bss status type.
1460  * @addr: Address of the register.
1461  * @qos_enable: Qos is enabled.
1462  * @aid: Aid (unique for all STAs).
1463  * @sta: mac80211 station.
1464  * @sta_id: station id.
1465  * @assoc_cap: capabilities.
1466  * @vif: Pointer to the ieee80211_vif structure.
1467  *
1468  * Return: None.
1469  */
1470 void rsi_inform_bss_status(struct rsi_common *common,
1471 			   enum opmode opmode,
1472 			   u8 status,
1473 			   const u8 *addr,
1474 			   u8 qos_enable,
1475 			   u16 aid,
1476 			   struct ieee80211_sta *sta,
1477 			   u16 sta_id,
1478 			   u16 assoc_cap,
1479 			   struct ieee80211_vif *vif)
1480 {
1481 	if (status) {
1482 		if (opmode == RSI_OPMODE_STA)
1483 			common->hw_data_qs_blocked = true;
1484 		rsi_hal_send_sta_notify_frame(common,
1485 					      opmode,
1486 					      STA_CONNECTED,
1487 					      addr,
1488 					      qos_enable,
1489 					      aid, sta_id,
1490 					      vif);
1491 		if (!common->rate_config[common->band].fixed_enabled)
1492 			rsi_send_auto_rate_request(common, sta, sta_id, vif);
1493 		if (opmode == RSI_OPMODE_STA &&
1494 		    !(assoc_cap & WLAN_CAPABILITY_PRIVACY) &&
1495 		    !rsi_send_block_unblock_frame(common, false))
1496 			common->hw_data_qs_blocked = false;
1497 	} else {
1498 		if (opmode == RSI_OPMODE_STA)
1499 			common->hw_data_qs_blocked = true;
1500 
1501 		if (!(common->wow_flags & RSI_WOW_ENABLED))
1502 			rsi_hal_send_sta_notify_frame(common, opmode,
1503 						      STA_DISCONNECTED, addr,
1504 						      qos_enable, aid, sta_id,
1505 						      vif);
1506 		if (opmode == RSI_OPMODE_STA)
1507 			rsi_send_block_unblock_frame(common, true);
1508 	}
1509 }
1510 
1511 /**
1512  * rsi_eeprom_read() - This function sends a frame to read the mac address
1513  *		       from the eeprom.
1514  * @common: Pointer to the driver private structure.
1515  *
1516  * Return: 0 on success, -1 on failure.
1517  */
1518 static int rsi_eeprom_read(struct rsi_common *common)
1519 {
1520 	struct rsi_eeprom_read_frame *mgmt_frame;
1521 	struct rsi_hw *adapter = common->priv;
1522 	struct sk_buff *skb;
1523 
1524 	rsi_dbg(MGMT_TX_ZONE, "%s: Sending EEPROM read req frame\n", __func__);
1525 
1526 	skb = dev_alloc_skb(FRAME_DESC_SZ);
1527 	if (!skb) {
1528 		rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
1529 			__func__);
1530 		return -ENOMEM;
1531 	}
1532 
1533 	memset(skb->data, 0, FRAME_DESC_SZ);
1534 	mgmt_frame = (struct rsi_eeprom_read_frame *)skb->data;
1535 
1536 	/* FrameType */
1537 	rsi_set_len_qno(&mgmt_frame->len_qno, 0, RSI_WIFI_MGMT_Q);
1538 	mgmt_frame->pkt_type = EEPROM_READ;
1539 
1540 	/* Number of bytes to read */
1541 	mgmt_frame->pkt_info =
1542 		cpu_to_le32((adapter->eeprom.length << RSI_EEPROM_LEN_OFFSET) &
1543 			    RSI_EEPROM_LEN_MASK);
1544 	mgmt_frame->pkt_info |= cpu_to_le32((3 << RSI_EEPROM_HDR_SIZE_OFFSET) &
1545 					    RSI_EEPROM_HDR_SIZE_MASK);
1546 
1547 	/* Address to read */
1548 	mgmt_frame->eeprom_offset = cpu_to_le32(adapter->eeprom.offset);
1549 
1550 	skb_put(skb, FRAME_DESC_SZ);
1551 
1552 	return rsi_send_internal_mgmt_frame(common, skb);
1553 }
1554 
1555 /**
1556  * rsi_send_block_unblock_frame() - This function sends a frame to block/unblock
1557  *                                  data queues in the firmware
1558  *
1559  * @common: Pointer to the driver private structure.
1560  * @block_event: Event block if true, unblock if false
1561  * returns 0 on success, -1 on failure.
1562  */
1563 int rsi_send_block_unblock_frame(struct rsi_common *common, bool block_event)
1564 {
1565 	struct rsi_block_unblock_data *mgmt_frame;
1566 	struct sk_buff *skb;
1567 
1568 	rsi_dbg(MGMT_TX_ZONE, "%s: Sending block/unblock frame\n", __func__);
1569 
1570 	skb = dev_alloc_skb(FRAME_DESC_SZ);
1571 	if (!skb) {
1572 		rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
1573 			__func__);
1574 		return -ENOMEM;
1575 	}
1576 
1577 	memset(skb->data, 0, FRAME_DESC_SZ);
1578 	mgmt_frame = (struct rsi_block_unblock_data *)skb->data;
1579 
1580 	rsi_set_len_qno(&mgmt_frame->desc_dword0.len_qno, 0, RSI_WIFI_MGMT_Q);
1581 	mgmt_frame->desc_dword0.frame_type = BLOCK_HW_QUEUE;
1582 	mgmt_frame->host_quiet_info = QUIET_INFO_VALID;
1583 
1584 	if (block_event) {
1585 		rsi_dbg(INFO_ZONE, "blocking the data qs\n");
1586 		mgmt_frame->block_q_bitmap = cpu_to_le16(0xf);
1587 		mgmt_frame->block_q_bitmap |= cpu_to_le16(0xf << 4);
1588 	} else {
1589 		rsi_dbg(INFO_ZONE, "unblocking the data qs\n");
1590 		mgmt_frame->unblock_q_bitmap = cpu_to_le16(0xf);
1591 		mgmt_frame->unblock_q_bitmap |= cpu_to_le16(0xf << 4);
1592 	}
1593 
1594 	skb_put(skb, FRAME_DESC_SZ);
1595 
1596 	return rsi_send_internal_mgmt_frame(common, skb);
1597 }
1598 
1599 /**
1600  * rsi_send_rx_filter_frame() - Sends a frame to filter the RX packets
1601  *
1602  * @common: Pointer to the driver private structure.
1603  * @rx_filter_word: Flags of filter packets
1604  *
1605  * Returns 0 on success, -1 on failure.
1606  */
1607 int rsi_send_rx_filter_frame(struct rsi_common *common, u16 rx_filter_word)
1608 {
1609 	struct rsi_mac_frame *cmd_frame;
1610 	struct sk_buff *skb;
1611 
1612 	rsi_dbg(MGMT_TX_ZONE, "Sending RX filter frame\n");
1613 
1614 	skb = dev_alloc_skb(FRAME_DESC_SZ);
1615 	if (!skb) {
1616 		rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
1617 			__func__);
1618 		return -ENOMEM;
1619 	}
1620 
1621 	memset(skb->data, 0, FRAME_DESC_SZ);
1622 	cmd_frame = (struct rsi_mac_frame *)skb->data;
1623 
1624 	cmd_frame->desc_word[0] = cpu_to_le16(RSI_WIFI_MGMT_Q << 12);
1625 	cmd_frame->desc_word[1] = cpu_to_le16(SET_RX_FILTER);
1626 	cmd_frame->desc_word[4] = cpu_to_le16(rx_filter_word);
1627 
1628 	skb_put(skb, FRAME_DESC_SZ);
1629 
1630 	return rsi_send_internal_mgmt_frame(common, skb);
1631 }
1632 
1633 int rsi_send_ps_request(struct rsi_hw *adapter, bool enable,
1634 			struct ieee80211_vif *vif)
1635 {
1636 	struct rsi_common *common = adapter->priv;
1637 	struct rsi_request_ps *ps;
1638 	struct rsi_ps_info *ps_info;
1639 	struct sk_buff *skb;
1640 	int frame_len = sizeof(*ps);
1641 
1642 	skb = dev_alloc_skb(frame_len);
1643 	if (!skb)
1644 		return -ENOMEM;
1645 	memset(skb->data, 0, frame_len);
1646 
1647 	ps = (struct rsi_request_ps *)skb->data;
1648 	ps_info = &adapter->ps_info;
1649 
1650 	rsi_set_len_qno(&ps->desc.desc_dword0.len_qno,
1651 			(frame_len - FRAME_DESC_SZ), RSI_WIFI_MGMT_Q);
1652 	ps->desc.desc_dword0.frame_type = WAKEUP_SLEEP_REQUEST;
1653 	if (enable) {
1654 		ps->ps_sleep.enable = RSI_PS_ENABLE;
1655 		ps->desc.desc_dword3.token = cpu_to_le16(RSI_SLEEP_REQUEST);
1656 	} else {
1657 		ps->ps_sleep.enable = RSI_PS_DISABLE;
1658 		ps->desc.desc_dword0.len_qno |= cpu_to_le16(RSI_PS_DISABLE_IND);
1659 		ps->desc.desc_dword3.token = cpu_to_le16(RSI_WAKEUP_REQUEST);
1660 	}
1661 
1662 	ps->ps_uapsd_acs = common->uapsd_bitmap;
1663 
1664 	ps->ps_sleep.sleep_type = ps_info->sleep_type;
1665 	ps->ps_sleep.num_bcns_per_lis_int =
1666 		cpu_to_le16(ps_info->num_bcns_per_lis_int);
1667 	ps->ps_sleep.sleep_duration =
1668 		cpu_to_le32(ps_info->deep_sleep_wakeup_period);
1669 
1670 	if (vif->cfg.assoc)
1671 		ps->ps_sleep.connected_sleep = RSI_CONNECTED_SLEEP;
1672 	else
1673 		ps->ps_sleep.connected_sleep = RSI_DEEP_SLEEP;
1674 
1675 	ps->ps_listen_interval = cpu_to_le32(ps_info->listen_interval);
1676 	ps->ps_dtim_interval_duration =
1677 		cpu_to_le32(ps_info->dtim_interval_duration);
1678 
1679 	if (ps_info->listen_interval > ps_info->dtim_interval_duration)
1680 		ps->ps_listen_interval = cpu_to_le32(RSI_PS_DISABLE);
1681 
1682 	ps->ps_num_dtim_intervals = cpu_to_le16(ps_info->num_dtims_per_sleep);
1683 	skb_put(skb, frame_len);
1684 
1685 	return rsi_send_internal_mgmt_frame(common, skb);
1686 }
1687 
1688 static int rsi_send_w9116_features(struct rsi_common *common)
1689 {
1690 	struct rsi_wlan_9116_features *w9116_features;
1691 	u16 frame_len = sizeof(struct rsi_wlan_9116_features);
1692 	struct sk_buff *skb;
1693 
1694 	rsi_dbg(MGMT_TX_ZONE,
1695 		"%s: Sending wlan 9116 features\n", __func__);
1696 
1697 	skb = dev_alloc_skb(frame_len);
1698 	if (!skb)
1699 		return -ENOMEM;
1700 	memset(skb->data, 0, frame_len);
1701 
1702 	w9116_features = (struct rsi_wlan_9116_features *)skb->data;
1703 
1704 	w9116_features->pll_mode = common->w9116_features.pll_mode;
1705 	w9116_features->rf_type = common->w9116_features.rf_type;
1706 	w9116_features->wireless_mode = common->w9116_features.wireless_mode;
1707 	w9116_features->enable_ppe = common->w9116_features.enable_ppe;
1708 	w9116_features->afe_type = common->w9116_features.afe_type;
1709 	if (common->w9116_features.dpd)
1710 		w9116_features->feature_enable |= cpu_to_le32(RSI_DPD);
1711 	if (common->w9116_features.sifs_tx_enable)
1712 		w9116_features->feature_enable |=
1713 			cpu_to_le32(RSI_SIFS_TX_ENABLE);
1714 	if (common->w9116_features.ps_options & RSI_DUTY_CYCLING)
1715 		w9116_features->feature_enable |= cpu_to_le32(RSI_DUTY_CYCLING);
1716 	if (common->w9116_features.ps_options & RSI_END_OF_FRAME)
1717 		w9116_features->feature_enable |= cpu_to_le32(RSI_END_OF_FRAME);
1718 	w9116_features->feature_enable |=
1719 		cpu_to_le32((common->w9116_features.ps_options & ~0x3) << 2);
1720 
1721 	rsi_set_len_qno(&w9116_features->desc.desc_dword0.len_qno,
1722 			frame_len - FRAME_DESC_SZ, RSI_WIFI_MGMT_Q);
1723 	w9116_features->desc.desc_dword0.frame_type = FEATURES_ENABLE;
1724 	skb_put(skb, frame_len);
1725 
1726 	return rsi_send_internal_mgmt_frame(common, skb);
1727 }
1728 
1729 /**
1730  * rsi_set_antenna() - This function send antenna configuration request
1731  *		       to device
1732  *
1733  * @common: Pointer to the driver private structure.
1734  * @antenna: bitmap for tx antenna selection
1735  *
1736  * Return: 0 on Success, negative error code on failure
1737  */
1738 int rsi_set_antenna(struct rsi_common *common, u8 antenna)
1739 {
1740 	struct rsi_ant_sel_frame *ant_sel_frame;
1741 	struct sk_buff *skb;
1742 
1743 	skb = dev_alloc_skb(FRAME_DESC_SZ);
1744 	if (!skb) {
1745 		rsi_dbg(ERR_ZONE, "%s: Failed in allocation of skb\n",
1746 			__func__);
1747 		return -ENOMEM;
1748 	}
1749 
1750 	memset(skb->data, 0, FRAME_DESC_SZ);
1751 
1752 	ant_sel_frame = (struct rsi_ant_sel_frame *)skb->data;
1753 	ant_sel_frame->desc_dword0.frame_type = ANT_SEL_FRAME;
1754 	ant_sel_frame->sub_frame_type = ANTENNA_SEL_TYPE;
1755 	ant_sel_frame->ant_value = cpu_to_le16(antenna & ANTENNA_MASK_VALUE);
1756 	rsi_set_len_qno(&ant_sel_frame->desc_dword0.len_qno,
1757 			0, RSI_WIFI_MGMT_Q);
1758 	skb_put(skb, FRAME_DESC_SZ);
1759 
1760 	return rsi_send_internal_mgmt_frame(common, skb);
1761 }
1762 
1763 static int rsi_send_beacon(struct rsi_common *common)
1764 {
1765 	struct sk_buff *skb = NULL;
1766 	u8 dword_align_bytes = 0;
1767 
1768 	skb = dev_alloc_skb(MAX_MGMT_PKT_SIZE);
1769 	if (!skb)
1770 		return -ENOMEM;
1771 
1772 	memset(skb->data, 0, MAX_MGMT_PKT_SIZE);
1773 
1774 	dword_align_bytes = ((unsigned long)skb->data & 0x3f);
1775 	if (dword_align_bytes)
1776 		skb_pull(skb, (64 - dword_align_bytes));
1777 	if (rsi_prepare_beacon(common, skb)) {
1778 		rsi_dbg(ERR_ZONE, "Failed to prepare beacon\n");
1779 		dev_kfree_skb(skb);
1780 		return -EINVAL;
1781 	}
1782 	skb_queue_tail(&common->tx_queue[MGMT_BEACON_Q], skb);
1783 	rsi_set_event(&common->tx_thread.event);
1784 	rsi_dbg(DATA_TX_ZONE, "%s: Added to beacon queue\n", __func__);
1785 
1786 	return 0;
1787 }
1788 
1789 #ifdef CONFIG_PM
1790 int rsi_send_wowlan_request(struct rsi_common *common, u16 flags,
1791 			    u16 sleep_status)
1792 {
1793 	struct rsi_wowlan_req *cmd_frame;
1794 	struct sk_buff *skb;
1795 	u8 length;
1796 
1797 	rsi_dbg(ERR_ZONE, "%s: Sending wowlan request frame\n", __func__);
1798 
1799 	length = sizeof(*cmd_frame);
1800 	skb = dev_alloc_skb(length);
1801 	if (!skb)
1802 		return -ENOMEM;
1803 	memset(skb->data, 0, length);
1804 	cmd_frame = (struct rsi_wowlan_req *)skb->data;
1805 
1806 	rsi_set_len_qno(&cmd_frame->desc.desc_dword0.len_qno,
1807 			(length - FRAME_DESC_SZ),
1808 			RSI_WIFI_MGMT_Q);
1809 	cmd_frame->desc.desc_dword0.frame_type = WOWLAN_CONFIG_PARAMS;
1810 	cmd_frame->host_sleep_status = sleep_status;
1811 	if (common->secinfo.gtk_cipher)
1812 		flags |= RSI_WOW_GTK_REKEY;
1813 	if (sleep_status)
1814 		cmd_frame->wow_flags = flags;
1815 	rsi_dbg(INFO_ZONE, "Host_Sleep_Status : %d Flags : %d\n",
1816 		cmd_frame->host_sleep_status, cmd_frame->wow_flags);
1817 
1818 	skb_put(skb, length);
1819 
1820 	return rsi_send_internal_mgmt_frame(common, skb);
1821 }
1822 #endif
1823 
1824 int rsi_send_bgscan_params(struct rsi_common *common, int enable)
1825 {
1826 	struct rsi_bgscan_params *params = &common->bgscan;
1827 	struct cfg80211_scan_request *scan_req = common->hwscan;
1828 	struct rsi_bgscan_config *bgscan;
1829 	struct sk_buff *skb;
1830 	u16 frame_len = sizeof(*bgscan);
1831 	u8 i;
1832 
1833 	rsi_dbg(MGMT_TX_ZONE, "%s: Sending bgscan params frame\n", __func__);
1834 
1835 	skb = dev_alloc_skb(frame_len);
1836 	if (!skb)
1837 		return -ENOMEM;
1838 	memset(skb->data, 0, frame_len);
1839 
1840 	bgscan = (struct rsi_bgscan_config *)skb->data;
1841 	rsi_set_len_qno(&bgscan->desc_dword0.len_qno,
1842 			(frame_len - FRAME_DESC_SZ), RSI_WIFI_MGMT_Q);
1843 	bgscan->desc_dword0.frame_type = BG_SCAN_PARAMS;
1844 	bgscan->bgscan_threshold = cpu_to_le16(params->bgscan_threshold);
1845 	bgscan->roam_threshold = cpu_to_le16(params->roam_threshold);
1846 	if (enable)
1847 		bgscan->bgscan_periodicity =
1848 			cpu_to_le16(params->bgscan_periodicity);
1849 	bgscan->active_scan_duration =
1850 			cpu_to_le16(params->active_scan_duration);
1851 	bgscan->passive_scan_duration =
1852 			cpu_to_le16(params->passive_scan_duration);
1853 	bgscan->two_probe = params->two_probe;
1854 
1855 	bgscan->num_bgscan_channels = scan_req->n_channels;
1856 	for (i = 0; i < bgscan->num_bgscan_channels; i++)
1857 		bgscan->channels2scan[i] =
1858 			cpu_to_le16(scan_req->channels[i]->hw_value);
1859 
1860 	skb_put(skb, frame_len);
1861 
1862 	return rsi_send_internal_mgmt_frame(common, skb);
1863 }
1864 
1865 /* This function sends the probe request to be used by firmware in
1866  * background scan
1867  */
1868 int rsi_send_bgscan_probe_req(struct rsi_common *common,
1869 			      struct ieee80211_vif *vif)
1870 {
1871 	struct cfg80211_scan_request *scan_req = common->hwscan;
1872 	struct rsi_bgscan_probe *bgscan;
1873 	struct sk_buff *skb;
1874 	struct sk_buff *probereq_skb;
1875 	u16 frame_len = sizeof(*bgscan);
1876 	size_t ssid_len = 0;
1877 	u8 *ssid = NULL;
1878 
1879 	rsi_dbg(MGMT_TX_ZONE,
1880 		"%s: Sending bgscan probe req frame\n", __func__);
1881 
1882 	if (common->priv->sc_nvifs <= 0)
1883 		return -ENODEV;
1884 
1885 	if (scan_req->n_ssids) {
1886 		ssid = scan_req->ssids[0].ssid;
1887 		ssid_len = scan_req->ssids[0].ssid_len;
1888 	}
1889 
1890 	skb = dev_alloc_skb(frame_len + MAX_BGSCAN_PROBE_REQ_LEN);
1891 	if (!skb)
1892 		return -ENOMEM;
1893 	memset(skb->data, 0, frame_len + MAX_BGSCAN_PROBE_REQ_LEN);
1894 
1895 	bgscan = (struct rsi_bgscan_probe *)skb->data;
1896 	bgscan->desc_dword0.frame_type = BG_SCAN_PROBE_REQ;
1897 	bgscan->flags = cpu_to_le16(HOST_BG_SCAN_TRIG);
1898 	if (common->band == NL80211_BAND_5GHZ) {
1899 		bgscan->mgmt_rate = cpu_to_le16(RSI_RATE_6);
1900 		bgscan->def_chan = cpu_to_le16(40);
1901 	} else {
1902 		bgscan->mgmt_rate = cpu_to_le16(RSI_RATE_1);
1903 		bgscan->def_chan = cpu_to_le16(11);
1904 	}
1905 	bgscan->channel_scan_time = cpu_to_le16(RSI_CHANNEL_SCAN_TIME);
1906 
1907 	probereq_skb = ieee80211_probereq_get(common->priv->hw, vif->addr, ssid,
1908 					      ssid_len, scan_req->ie_len);
1909 	if (!probereq_skb) {
1910 		dev_kfree_skb(skb);
1911 		return -ENOMEM;
1912 	}
1913 
1914 	memcpy(&skb->data[frame_len], probereq_skb->data, probereq_skb->len);
1915 
1916 	bgscan->probe_req_length = cpu_to_le16(probereq_skb->len);
1917 
1918 	rsi_set_len_qno(&bgscan->desc_dword0.len_qno,
1919 			(frame_len - FRAME_DESC_SZ + probereq_skb->len),
1920 			RSI_WIFI_MGMT_Q);
1921 
1922 	skb_put(skb, frame_len + probereq_skb->len);
1923 
1924 	dev_kfree_skb(probereq_skb);
1925 
1926 	return rsi_send_internal_mgmt_frame(common, skb);
1927 }
1928 
1929 /**
1930  * rsi_handle_ta_confirm_type() - This function handles the confirm frames.
1931  * @common: Pointer to the driver private structure.
1932  * @msg: Pointer to received packet.
1933  *
1934  * Return: 0 on success, -1 on failure.
1935  */
1936 static int rsi_handle_ta_confirm_type(struct rsi_common *common,
1937 				      u8 *msg)
1938 {
1939 	struct rsi_hw *adapter = common->priv;
1940 	u8 sub_type = (msg[15] & 0xff);
1941 	u16 msg_len = ((u16 *)msg)[0] & 0xfff;
1942 	u8 offset;
1943 
1944 	switch (sub_type) {
1945 	case BOOTUP_PARAMS_REQUEST:
1946 		rsi_dbg(FSM_ZONE, "%s: Boot up params confirm received\n",
1947 			__func__);
1948 		if (common->fsm_state == FSM_BOOT_PARAMS_SENT) {
1949 			if (adapter->device_model == RSI_DEV_9116) {
1950 				common->band = NL80211_BAND_5GHZ;
1951 				common->num_supp_bands = 2;
1952 
1953 				if (rsi_send_reset_mac(common))
1954 					goto out;
1955 				else
1956 					common->fsm_state = FSM_RESET_MAC_SENT;
1957 			} else {
1958 				adapter->eeprom.length =
1959 					(IEEE80211_ADDR_LEN +
1960 					 WLAN_MAC_MAGIC_WORD_LEN +
1961 					 WLAN_HOST_MODE_LEN);
1962 				adapter->eeprom.offset = WLAN_MAC_EEPROM_ADDR;
1963 				if (rsi_eeprom_read(common)) {
1964 					common->fsm_state = FSM_CARD_NOT_READY;
1965 					goto out;
1966 				}
1967 				common->fsm_state = FSM_EEPROM_READ_MAC_ADDR;
1968 			}
1969 		} else {
1970 			rsi_dbg(INFO_ZONE,
1971 				"%s: Received bootup params cfm in %d state\n",
1972 				 __func__, common->fsm_state);
1973 			return 0;
1974 		}
1975 		break;
1976 
1977 	case EEPROM_READ:
1978 		rsi_dbg(FSM_ZONE, "EEPROM READ confirm received\n");
1979 		if (msg_len <= 0) {
1980 			rsi_dbg(FSM_ZONE,
1981 				"%s: [EEPROM_READ] Invalid len %d\n",
1982 				__func__, msg_len);
1983 			goto out;
1984 		}
1985 		if (msg[16] != MAGIC_WORD) {
1986 			rsi_dbg(FSM_ZONE,
1987 				"%s: [EEPROM_READ] Invalid token\n", __func__);
1988 			common->fsm_state = FSM_CARD_NOT_READY;
1989 			goto out;
1990 		}
1991 		if (common->fsm_state == FSM_EEPROM_READ_MAC_ADDR) {
1992 			offset = (FRAME_DESC_SZ + WLAN_HOST_MODE_LEN +
1993 				  WLAN_MAC_MAGIC_WORD_LEN);
1994 			memcpy(common->mac_addr, &msg[offset], ETH_ALEN);
1995 			adapter->eeprom.length =
1996 				((WLAN_MAC_MAGIC_WORD_LEN + 3) & (~3));
1997 			adapter->eeprom.offset = WLAN_EEPROM_RFTYPE_ADDR;
1998 			if (rsi_eeprom_read(common)) {
1999 				rsi_dbg(ERR_ZONE,
2000 					"%s: Failed reading RF band\n",
2001 					__func__);
2002 				common->fsm_state = FSM_CARD_NOT_READY;
2003 				goto out;
2004 			}
2005 			common->fsm_state = FSM_EEPROM_READ_RF_TYPE;
2006 		} else if (common->fsm_state == FSM_EEPROM_READ_RF_TYPE) {
2007 			if ((msg[17] & 0x3) == 0x3) {
2008 				rsi_dbg(INIT_ZONE, "Dual band supported\n");
2009 				common->band = NL80211_BAND_5GHZ;
2010 				common->num_supp_bands = 2;
2011 			} else if ((msg[17] & 0x3) == 0x1) {
2012 				rsi_dbg(INIT_ZONE,
2013 					"Only 2.4Ghz band supported\n");
2014 				common->band = NL80211_BAND_2GHZ;
2015 				common->num_supp_bands = 1;
2016 			}
2017 			if (rsi_send_reset_mac(common))
2018 				goto out;
2019 			common->fsm_state = FSM_RESET_MAC_SENT;
2020 		} else {
2021 			rsi_dbg(ERR_ZONE, "%s: Invalid EEPROM read type\n",
2022 				__func__);
2023 			return 0;
2024 		}
2025 		break;
2026 
2027 	case RESET_MAC_REQ:
2028 		if (common->fsm_state == FSM_RESET_MAC_SENT) {
2029 			rsi_dbg(FSM_ZONE, "%s: Reset MAC cfm received\n",
2030 				__func__);
2031 
2032 			if (rsi_load_radio_caps(common))
2033 				goto out;
2034 			else
2035 				common->fsm_state = FSM_RADIO_CAPS_SENT;
2036 		} else {
2037 			rsi_dbg(ERR_ZONE,
2038 				"%s: Received reset mac cfm in %d state\n",
2039 				 __func__, common->fsm_state);
2040 			return 0;
2041 		}
2042 		break;
2043 
2044 	case RADIO_CAPABILITIES:
2045 		if (common->fsm_state == FSM_RADIO_CAPS_SENT) {
2046 			common->rf_reset = 1;
2047 			if (adapter->device_model == RSI_DEV_9116 &&
2048 			    rsi_send_w9116_features(common)) {
2049 				rsi_dbg(ERR_ZONE,
2050 					"Failed to send 9116 features\n");
2051 				goto out;
2052 			}
2053 			if (rsi_program_bb_rf(common)) {
2054 				goto out;
2055 			} else {
2056 				common->fsm_state = FSM_BB_RF_PROG_SENT;
2057 				rsi_dbg(FSM_ZONE, "%s: Radio cap cfm received\n",
2058 					__func__);
2059 			}
2060 		} else {
2061 			rsi_dbg(INFO_ZONE,
2062 				"%s: Received radio caps cfm in %d state\n",
2063 				 __func__, common->fsm_state);
2064 			return 0;
2065 		}
2066 		break;
2067 
2068 	case BB_PROG_VALUES_REQUEST:
2069 	case RF_PROG_VALUES_REQUEST:
2070 	case BBP_PROG_IN_TA:
2071 		rsi_dbg(FSM_ZONE, "%s: BB/RF cfm received\n", __func__);
2072 		if (common->fsm_state == FSM_BB_RF_PROG_SENT) {
2073 			common->bb_rf_prog_count--;
2074 			if (!common->bb_rf_prog_count) {
2075 				common->fsm_state = FSM_MAC_INIT_DONE;
2076 				if (common->reinit_hw) {
2077 					complete(&common->wlan_init_completion);
2078 				} else {
2079 					if (common->bt_defer_attach)
2080 						rsi_attach_bt(common);
2081 
2082 					return rsi_mac80211_attach(common);
2083 				}
2084 			}
2085 		} else {
2086 			rsi_dbg(INFO_ZONE,
2087 				"%s: Received bbb_rf cfm in %d state\n",
2088 				 __func__, common->fsm_state);
2089 			return 0;
2090 		}
2091 		break;
2092 
2093 	case SCAN_REQUEST:
2094 		rsi_dbg(INFO_ZONE, "Set channel confirm\n");
2095 		break;
2096 
2097 	case WAKEUP_SLEEP_REQUEST:
2098 		rsi_dbg(INFO_ZONE, "Wakeup/Sleep confirmation.\n");
2099 		return rsi_handle_ps_confirm(adapter, msg);
2100 
2101 	case BG_SCAN_PROBE_REQ:
2102 		rsi_dbg(INFO_ZONE, "BG scan complete event\n");
2103 		if (common->bgscan_en) {
2104 			struct cfg80211_scan_info info;
2105 
2106 			if (!rsi_send_bgscan_params(common, RSI_STOP_BGSCAN))
2107 				common->bgscan_en = 0;
2108 			info.aborted = false;
2109 			ieee80211_scan_completed(adapter->hw, &info);
2110 		}
2111 		rsi_dbg(INFO_ZONE, "Background scan completed\n");
2112 		break;
2113 
2114 	default:
2115 		rsi_dbg(INFO_ZONE, "%s: Invalid TA confirm pkt received\n",
2116 			__func__);
2117 		break;
2118 	}
2119 	return 0;
2120 out:
2121 	rsi_dbg(ERR_ZONE, "%s: Unable to send pkt/Invalid frame received\n",
2122 		__func__);
2123 	return -EINVAL;
2124 }
2125 
2126 int rsi_handle_card_ready(struct rsi_common *common, u8 *msg)
2127 {
2128 	int status;
2129 
2130 	switch (common->fsm_state) {
2131 	case FSM_CARD_NOT_READY:
2132 		rsi_dbg(INIT_ZONE, "Card ready indication from Common HAL\n");
2133 		rsi_set_default_parameters(common);
2134 		if (rsi_send_common_dev_params(common) < 0)
2135 			return -EINVAL;
2136 		common->fsm_state = FSM_COMMON_DEV_PARAMS_SENT;
2137 		break;
2138 	case FSM_COMMON_DEV_PARAMS_SENT:
2139 		rsi_dbg(INIT_ZONE, "Card ready indication from WLAN HAL\n");
2140 
2141 		if (common->priv->device_model == RSI_DEV_9116) {
2142 			if (msg[16] != MAGIC_WORD) {
2143 				rsi_dbg(FSM_ZONE,
2144 					"%s: [EEPROM_READ] Invalid token\n",
2145 					__func__);
2146 				common->fsm_state = FSM_CARD_NOT_READY;
2147 				return -EINVAL;
2148 			}
2149 			memcpy(common->mac_addr, &msg[20], ETH_ALEN);
2150 			rsi_dbg(INIT_ZONE, "MAC Addr %pM", common->mac_addr);
2151 		}
2152 		/* Get usb buffer status register address */
2153 		common->priv->usb_buffer_status_reg = *(u32 *)&msg[8];
2154 		rsi_dbg(INFO_ZONE, "USB buffer status register = %x\n",
2155 			common->priv->usb_buffer_status_reg);
2156 
2157 		if (common->priv->device_model == RSI_DEV_9116)
2158 			status = rsi_load_9116_bootup_params(common);
2159 		else
2160 			status = rsi_load_bootup_params(common);
2161 		if (status < 0) {
2162 			common->fsm_state = FSM_CARD_NOT_READY;
2163 			return status;
2164 		}
2165 		common->fsm_state = FSM_BOOT_PARAMS_SENT;
2166 		break;
2167 	default:
2168 		rsi_dbg(ERR_ZONE,
2169 			"%s: card ready indication in invalid state %d.\n",
2170 			__func__, common->fsm_state);
2171 		return -EINVAL;
2172 	}
2173 
2174 	return 0;
2175 }
2176 
2177 /**
2178  * rsi_mgmt_pkt_recv() - This function processes the management packets
2179  *			 received from the hardware.
2180  * @common: Pointer to the driver private structure.
2181  * @msg: Pointer to the received packet.
2182  *
2183  * Return: 0 on success, -1 on failure.
2184  */
2185 int rsi_mgmt_pkt_recv(struct rsi_common *common, u8 *msg)
2186 {
2187 	s32 msg_len = (le16_to_cpu(*(__le16 *)&msg[0]) & 0x0fff);
2188 	u16 msg_type = (msg[2]);
2189 
2190 	rsi_dbg(FSM_ZONE, "%s: Msg Len: %d, Msg Type: %4x\n",
2191 		__func__, msg_len, msg_type);
2192 
2193 	switch (msg_type) {
2194 	case TA_CONFIRM_TYPE:
2195 		return rsi_handle_ta_confirm_type(common, msg);
2196 	case CARD_READY_IND:
2197 		common->hibernate_resume = false;
2198 		rsi_dbg(FSM_ZONE, "%s: Card ready indication received\n",
2199 			__func__);
2200 		return rsi_handle_card_ready(common, msg);
2201 	case TX_STATUS_IND:
2202 		switch (msg[RSI_TX_STATUS_TYPE]) {
2203 		case PROBEREQ_CONFIRM:
2204 			common->mgmt_q_block = false;
2205 			rsi_dbg(FSM_ZONE, "%s: Probe confirm received\n",
2206 				__func__);
2207 			break;
2208 		case EAPOL4_CONFIRM:
2209 			if (msg[RSI_TX_STATUS]) {
2210 				common->eapol4_confirm = true;
2211 				if (!rsi_send_block_unblock_frame(common,
2212 								  false))
2213 					common->hw_data_qs_blocked = false;
2214 			}
2215 		}
2216 		break;
2217 	case BEACON_EVENT_IND:
2218 		rsi_dbg(INFO_ZONE, "Beacon event\n");
2219 		if (common->fsm_state != FSM_MAC_INIT_DONE)
2220 			return -1;
2221 		if (common->iface_down)
2222 			return -1;
2223 		if (!common->beacon_enabled)
2224 			return -1;
2225 		rsi_send_beacon(common);
2226 		break;
2227 	case WOWLAN_WAKEUP_REASON:
2228 		rsi_dbg(ERR_ZONE, "\n\nWakeup Type: %x\n", msg[15]);
2229 		switch (msg[15]) {
2230 		case RSI_UNICAST_MAGIC_PKT:
2231 			rsi_dbg(ERR_ZONE,
2232 				"*** Wakeup for Unicast magic packet ***\n");
2233 			break;
2234 		case RSI_BROADCAST_MAGICPKT:
2235 			rsi_dbg(ERR_ZONE,
2236 				"*** Wakeup for Broadcast magic packet ***\n");
2237 			break;
2238 		case RSI_EAPOL_PKT:
2239 			rsi_dbg(ERR_ZONE,
2240 				"*** Wakeup for GTK renewal ***\n");
2241 			break;
2242 		case RSI_DISCONNECT_PKT:
2243 			rsi_dbg(ERR_ZONE,
2244 				"*** Wakeup for Disconnect ***\n");
2245 			break;
2246 		case RSI_HW_BMISS_PKT:
2247 			rsi_dbg(ERR_ZONE,
2248 				"*** Wakeup for HW Beacon miss ***\n");
2249 			break;
2250 		default:
2251 			rsi_dbg(ERR_ZONE,
2252 				"##### Un-intentional Wakeup #####\n");
2253 			break;
2254 	}
2255 	break;
2256 	case RX_DOT11_MGMT:
2257 		return rsi_mgmt_pkt_to_core(common, msg, msg_len);
2258 	default:
2259 		rsi_dbg(INFO_ZONE, "Received packet type: 0x%x\n", msg_type);
2260 	}
2261 	return 0;
2262 }
2263