1 /*
2  * This file is part of wl1271
3  *
4  * Copyright (C) 2010 Nokia Corporation
5  *
6  * Contact: Luciano Coelho <luciano.coelho@nokia.com>
7  *
8  * This program is free software; you can redistribute it and/or
9  * modify it under the terms of the GNU General Public License
10  * version 2 as published by the Free Software Foundation.
11  *
12  * This program is distributed in the hope that it will be useful, but
13  * WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
15  * General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20  * 02110-1301 USA
21  *
22  */
23 #include "testmode.h"
24 
25 #include <linux/slab.h>
26 #include <net/genetlink.h>
27 
28 #include "wlcore.h"
29 #include "debug.h"
30 #include "acx.h"
31 #include "ps.h"
32 #include "io.h"
33 
34 #define WL1271_TM_MAX_DATA_LENGTH 1024
35 
36 enum wl1271_tm_commands {
37 	WL1271_TM_CMD_UNSPEC,
38 	WL1271_TM_CMD_TEST,
39 	WL1271_TM_CMD_INTERROGATE,
40 	WL1271_TM_CMD_CONFIGURE,
41 	WL1271_TM_CMD_NVS_PUSH,		/* Not in use. Keep to not break ABI */
42 	WL1271_TM_CMD_SET_PLT_MODE,
43 	WL1271_TM_CMD_RECOVER,		/* Not in use. Keep to not break ABI */
44 	WL1271_TM_CMD_GET_MAC,
45 
46 	__WL1271_TM_CMD_AFTER_LAST
47 };
48 #define WL1271_TM_CMD_MAX (__WL1271_TM_CMD_AFTER_LAST - 1)
49 
50 enum wl1271_tm_attrs {
51 	WL1271_TM_ATTR_UNSPEC,
52 	WL1271_TM_ATTR_CMD_ID,
53 	WL1271_TM_ATTR_ANSWER,
54 	WL1271_TM_ATTR_DATA,
55 	WL1271_TM_ATTR_IE_ID,
56 	WL1271_TM_ATTR_PLT_MODE,
57 
58 	__WL1271_TM_ATTR_AFTER_LAST
59 };
60 #define WL1271_TM_ATTR_MAX (__WL1271_TM_ATTR_AFTER_LAST - 1)
61 
62 static struct nla_policy wl1271_tm_policy[WL1271_TM_ATTR_MAX + 1] = {
63 	[WL1271_TM_ATTR_CMD_ID] =	{ .type = NLA_U32 },
64 	[WL1271_TM_ATTR_ANSWER] =	{ .type = NLA_U8 },
65 	[WL1271_TM_ATTR_DATA] =		{ .type = NLA_BINARY,
66 					  .len = WL1271_TM_MAX_DATA_LENGTH },
67 	[WL1271_TM_ATTR_IE_ID] =	{ .type = NLA_U32 },
68 	[WL1271_TM_ATTR_PLT_MODE] =	{ .type = NLA_U32 },
69 };
70 
71 
72 static int wl1271_tm_cmd_test(struct wl1271 *wl, struct nlattr *tb[])
73 {
74 	int buf_len, ret, len;
75 	struct sk_buff *skb;
76 	void *buf;
77 	u8 answer = 0;
78 
79 	wl1271_debug(DEBUG_TESTMODE, "testmode cmd test");
80 
81 	if (!tb[WL1271_TM_ATTR_DATA])
82 		return -EINVAL;
83 
84 	buf = nla_data(tb[WL1271_TM_ATTR_DATA]);
85 	buf_len = nla_len(tb[WL1271_TM_ATTR_DATA]);
86 
87 	if (tb[WL1271_TM_ATTR_ANSWER])
88 		answer = nla_get_u8(tb[WL1271_TM_ATTR_ANSWER]);
89 
90 	if (buf_len > sizeof(struct wl1271_command))
91 		return -EMSGSIZE;
92 
93 	mutex_lock(&wl->mutex);
94 
95 	if (unlikely(wl->state != WLCORE_STATE_ON)) {
96 		ret = -EINVAL;
97 		goto out;
98 	}
99 
100 	ret = wl1271_ps_elp_wakeup(wl);
101 	if (ret < 0)
102 		goto out;
103 
104 	ret = wl1271_cmd_test(wl, buf, buf_len, answer);
105 	if (ret < 0) {
106 		wl1271_warning("testmode cmd test failed: %d", ret);
107 		goto out_sleep;
108 	}
109 
110 	if (answer) {
111 		/* If we got bip calibration answer print radio status */
112 		struct wl1271_cmd_cal_p2g *params =
113 			(struct wl1271_cmd_cal_p2g *) buf;
114 
115 		s16 radio_status = (s16) le16_to_cpu(params->radio_status);
116 
117 		if (params->test.id == TEST_CMD_P2G_CAL &&
118 		    radio_status < 0)
119 			wl1271_warning("testmode cmd: radio status=%d",
120 					radio_status);
121 		else
122 			wl1271_info("testmode cmd: radio status=%d",
123 					radio_status);
124 
125 		len = nla_total_size(buf_len);
126 		skb = cfg80211_testmode_alloc_reply_skb(wl->hw->wiphy, len);
127 		if (!skb) {
128 			ret = -ENOMEM;
129 			goto out_sleep;
130 		}
131 
132 		if (nla_put(skb, WL1271_TM_ATTR_DATA, buf_len, buf)) {
133 			kfree_skb(skb);
134 			ret = -EMSGSIZE;
135 			goto out_sleep;
136 		}
137 
138 		ret = cfg80211_testmode_reply(skb);
139 		if (ret < 0)
140 			goto out_sleep;
141 	}
142 
143 out_sleep:
144 	wl1271_ps_elp_sleep(wl);
145 out:
146 	mutex_unlock(&wl->mutex);
147 
148 	return ret;
149 }
150 
151 static int wl1271_tm_cmd_interrogate(struct wl1271 *wl, struct nlattr *tb[])
152 {
153 	int ret;
154 	struct wl1271_command *cmd;
155 	struct sk_buff *skb;
156 	u8 ie_id;
157 
158 	wl1271_debug(DEBUG_TESTMODE, "testmode cmd interrogate");
159 
160 	if (!tb[WL1271_TM_ATTR_IE_ID])
161 		return -EINVAL;
162 
163 	ie_id = nla_get_u8(tb[WL1271_TM_ATTR_IE_ID]);
164 
165 	mutex_lock(&wl->mutex);
166 
167 	if (unlikely(wl->state != WLCORE_STATE_ON)) {
168 		ret = -EINVAL;
169 		goto out;
170 	}
171 
172 	ret = wl1271_ps_elp_wakeup(wl);
173 	if (ret < 0)
174 		goto out;
175 
176 	cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
177 	if (!cmd) {
178 		ret = -ENOMEM;
179 		goto out_sleep;
180 	}
181 
182 	ret = wl1271_cmd_interrogate(wl, ie_id, cmd,
183 				     sizeof(struct acx_header), sizeof(*cmd));
184 	if (ret < 0) {
185 		wl1271_warning("testmode cmd interrogate failed: %d", ret);
186 		goto out_free;
187 	}
188 
189 	skb = cfg80211_testmode_alloc_reply_skb(wl->hw->wiphy, sizeof(*cmd));
190 	if (!skb) {
191 		ret = -ENOMEM;
192 		goto out_free;
193 	}
194 
195 	if (nla_put(skb, WL1271_TM_ATTR_DATA, sizeof(*cmd), cmd)) {
196 		kfree_skb(skb);
197 		ret = -EMSGSIZE;
198 		goto out_free;
199 	}
200 
201 	ret = cfg80211_testmode_reply(skb);
202 	if (ret < 0)
203 		goto out_free;
204 
205 out_free:
206 	kfree(cmd);
207 out_sleep:
208 	wl1271_ps_elp_sleep(wl);
209 out:
210 	mutex_unlock(&wl->mutex);
211 
212 	return ret;
213 }
214 
215 static int wl1271_tm_cmd_configure(struct wl1271 *wl, struct nlattr *tb[])
216 {
217 	int buf_len, ret;
218 	void *buf;
219 	u8 ie_id;
220 
221 	wl1271_debug(DEBUG_TESTMODE, "testmode cmd configure");
222 
223 	if (!tb[WL1271_TM_ATTR_DATA])
224 		return -EINVAL;
225 	if (!tb[WL1271_TM_ATTR_IE_ID])
226 		return -EINVAL;
227 
228 	ie_id = nla_get_u8(tb[WL1271_TM_ATTR_IE_ID]);
229 	buf = nla_data(tb[WL1271_TM_ATTR_DATA]);
230 	buf_len = nla_len(tb[WL1271_TM_ATTR_DATA]);
231 
232 	if (buf_len > sizeof(struct wl1271_command))
233 		return -EMSGSIZE;
234 
235 	mutex_lock(&wl->mutex);
236 	ret = wl1271_cmd_configure(wl, ie_id, buf, buf_len);
237 	mutex_unlock(&wl->mutex);
238 
239 	if (ret < 0) {
240 		wl1271_warning("testmode cmd configure failed: %d", ret);
241 		return ret;
242 	}
243 
244 	return 0;
245 }
246 
247 static int wl1271_tm_detect_fem(struct wl1271 *wl, struct nlattr *tb[])
248 {
249 	/* return FEM type */
250 	int ret, len;
251 	struct sk_buff *skb;
252 
253 	ret = wl1271_plt_start(wl, PLT_FEM_DETECT);
254 	if (ret < 0)
255 		goto out;
256 
257 	mutex_lock(&wl->mutex);
258 
259 	len = nla_total_size(sizeof(wl->fem_manuf));
260 	skb = cfg80211_testmode_alloc_reply_skb(wl->hw->wiphy, len);
261 	if (!skb) {
262 		ret = -ENOMEM;
263 		goto out_mutex;
264 	}
265 
266 	if (nla_put(skb, WL1271_TM_ATTR_DATA, sizeof(wl->fem_manuf),
267 					      &wl->fem_manuf)) {
268 		kfree_skb(skb);
269 		ret = -EMSGSIZE;
270 		goto out_mutex;
271 	}
272 
273 	ret = cfg80211_testmode_reply(skb);
274 
275 out_mutex:
276 	mutex_unlock(&wl->mutex);
277 
278 	/* We always stop plt after DETECT mode */
279 	wl1271_plt_stop(wl);
280 out:
281 	return ret;
282 }
283 
284 static int wl1271_tm_cmd_set_plt_mode(struct wl1271 *wl, struct nlattr *tb[])
285 {
286 	u32 val;
287 	int ret;
288 
289 	wl1271_debug(DEBUG_TESTMODE, "testmode cmd set plt mode");
290 
291 	if (!tb[WL1271_TM_ATTR_PLT_MODE])
292 		return -EINVAL;
293 
294 	val = nla_get_u32(tb[WL1271_TM_ATTR_PLT_MODE]);
295 
296 	switch (val) {
297 	case PLT_OFF:
298 		ret = wl1271_plt_stop(wl);
299 		break;
300 	case PLT_ON:
301 	case PLT_CHIP_AWAKE:
302 		ret = wl1271_plt_start(wl, val);
303 		break;
304 	case PLT_FEM_DETECT:
305 		ret = wl1271_tm_detect_fem(wl, tb);
306 		break;
307 	default:
308 		ret = -EINVAL;
309 		break;
310 	}
311 
312 	return ret;
313 }
314 
315 static int wl12xx_tm_cmd_get_mac(struct wl1271 *wl, struct nlattr *tb[])
316 {
317 	struct sk_buff *skb;
318 	u8 mac_addr[ETH_ALEN];
319 	int ret = 0;
320 
321 	mutex_lock(&wl->mutex);
322 
323 	if (!wl->plt) {
324 		ret = -EINVAL;
325 		goto out;
326 	}
327 
328 	if (wl->fuse_oui_addr == 0 && wl->fuse_nic_addr == 0) {
329 		ret = -EOPNOTSUPP;
330 		goto out;
331 	}
332 
333 	mac_addr[0] = (u8)(wl->fuse_oui_addr >> 16);
334 	mac_addr[1] = (u8)(wl->fuse_oui_addr >> 8);
335 	mac_addr[2] = (u8) wl->fuse_oui_addr;
336 	mac_addr[3] = (u8)(wl->fuse_nic_addr >> 16);
337 	mac_addr[4] = (u8)(wl->fuse_nic_addr >> 8);
338 	mac_addr[5] = (u8) wl->fuse_nic_addr;
339 
340 	skb = cfg80211_testmode_alloc_reply_skb(wl->hw->wiphy, ETH_ALEN);
341 	if (!skb) {
342 		ret = -ENOMEM;
343 		goto out;
344 	}
345 
346 	if (nla_put(skb, WL1271_TM_ATTR_DATA, ETH_ALEN, mac_addr)) {
347 		kfree_skb(skb);
348 		ret = -EMSGSIZE;
349 		goto out;
350 	}
351 
352 	ret = cfg80211_testmode_reply(skb);
353 	if (ret < 0)
354 		goto out;
355 
356 out:
357 	mutex_unlock(&wl->mutex);
358 	return ret;
359 }
360 
361 int wl1271_tm_cmd(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
362 		  void *data, int len)
363 {
364 	struct wl1271 *wl = hw->priv;
365 	struct nlattr *tb[WL1271_TM_ATTR_MAX + 1];
366 	u32 nla_cmd;
367 	int err;
368 
369 	err = nla_parse(tb, WL1271_TM_ATTR_MAX, data, len, wl1271_tm_policy,
370 			NULL);
371 	if (err)
372 		return err;
373 
374 	if (!tb[WL1271_TM_ATTR_CMD_ID])
375 		return -EINVAL;
376 
377 	nla_cmd = nla_get_u32(tb[WL1271_TM_ATTR_CMD_ID]);
378 
379 	/* Only SET_PLT_MODE is allowed in case of mode PLT_CHIP_AWAKE */
380 	if (wl->plt_mode == PLT_CHIP_AWAKE &&
381 	    nla_cmd != WL1271_TM_CMD_SET_PLT_MODE)
382 		return -EOPNOTSUPP;
383 
384 	switch (nla_cmd) {
385 	case WL1271_TM_CMD_TEST:
386 		return wl1271_tm_cmd_test(wl, tb);
387 	case WL1271_TM_CMD_INTERROGATE:
388 		return wl1271_tm_cmd_interrogate(wl, tb);
389 	case WL1271_TM_CMD_CONFIGURE:
390 		return wl1271_tm_cmd_configure(wl, tb);
391 	case WL1271_TM_CMD_SET_PLT_MODE:
392 		return wl1271_tm_cmd_set_plt_mode(wl, tb);
393 	case WL1271_TM_CMD_GET_MAC:
394 		return wl12xx_tm_cmd_get_mac(wl, tb);
395 	default:
396 		return -EOPNOTSUPP;
397 	}
398 }
399