1 // SPDX-License-Identifier: ISC
3 * Copyright (c) 2010 Broadcom Corporation
6 /* Toplevel file. Relies on dhd_linux.c to send commands to the dongle. */
8 #include <linux/kernel.h>
9 #include <linux/etherdevice.h>
10 #include <linux/module.h>
11 #include <linux/vmalloc.h>
12 #include <net/cfg80211.h>
13 #include <net/netlink.h>
14 #include <uapi/linux/if_arp.h>
16 #include <brcmu_utils.h>
18 #include <brcmu_wifi.h>
21 #include "tracepoint.h"
22 #include "fwil_types.h"
35 #define BRCMF_SCAN_IE_LEN_MAX 2048
37 #define WPA_OUI "\x00\x50\xF2" /* WPA OUI */
38 #define WPA_OUI_TYPE 1
39 #define RSN_OUI "\x00\x0F\xAC" /* RSN OUI */
40 #define WME_OUI_TYPE 2
41 #define WPS_OUI_TYPE 4
43 #define VS_IE_FIXED_HDR_LEN 6
44 #define WPA_IE_VERSION_LEN 2
45 #define WPA_IE_MIN_OUI_LEN 4
46 #define WPA_IE_SUITE_COUNT_LEN 2
48 #define WPA_CIPHER_NONE 0 /* None */
49 #define WPA_CIPHER_WEP_40 1 /* WEP (40-bit) */
50 #define WPA_CIPHER_TKIP 2 /* TKIP: default for WPA */
51 #define WPA_CIPHER_AES_CCM 4 /* AES (CCM) */
52 #define WPA_CIPHER_WEP_104 5 /* WEP (104-bit) */
54 #define RSN_AKM_NONE 0 /* None (IBSS) */
55 #define RSN_AKM_UNSPECIFIED 1 /* Over 802.1x */
56 #define RSN_AKM_PSK 2 /* Pre-shared Key */
57 #define RSN_AKM_SHA256_1X 5 /* SHA256, 802.1X */
58 #define RSN_AKM_SHA256_PSK 6 /* SHA256, Pre-shared Key */
59 #define RSN_CAP_LEN 2 /* Length of RSN capabilities */
60 #define RSN_CAP_PTK_REPLAY_CNTR_MASK (BIT(2) | BIT(3))
61 #define RSN_CAP_MFPR_MASK BIT(6)
62 #define RSN_CAP_MFPC_MASK BIT(7)
63 #define RSN_PMKID_COUNT_LEN 2
65 #define VNDR_IE_CMD_LEN 4 /* length of the set command
66 * string :"add", "del" (+ NUL)
68 #define VNDR_IE_COUNT_OFFSET 4
69 #define VNDR_IE_PKTFLAG_OFFSET 8
70 #define VNDR_IE_VSIE_OFFSET 12
71 #define VNDR_IE_HDR_SIZE 12
72 #define VNDR_IE_PARSE_LIMIT 5
74 #define DOT11_MGMT_HDR_LEN 24 /* d11 management header len */
75 #define DOT11_BCN_PRB_FIXED_LEN 12 /* beacon/probe fixed length */
77 #define BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS 320
78 #define BRCMF_SCAN_JOIN_PASSIVE_DWELL_TIME_MS 400
79 #define BRCMF_SCAN_JOIN_PROBE_INTERVAL_MS 20
81 #define BRCMF_SCAN_CHANNEL_TIME 40
82 #define BRCMF_SCAN_UNASSOC_TIME 40
83 #define BRCMF_SCAN_PASSIVE_TIME 120
85 #define BRCMF_ND_INFO_TIMEOUT msecs_to_jiffies(2000)
87 #define BRCMF_ASSOC_PARAMS_FIXED_SIZE \
88 (sizeof(struct brcmf_assoc_params_le) - sizeof(u16))
90 static bool check_vif_up(struct brcmf_cfg80211_vif *vif)
92 if (!test_bit(BRCMF_VIF_STATUS_READY, &vif->sme_state)) {
93 brcmf_dbg(INFO, "device is not ready : status (%lu)\n",
100 #define RATE_TO_BASE100KBPS(rate) (((rate) * 10) / 2)
101 #define RATETAB_ENT(_rateid, _flags) \
103 .bitrate = RATE_TO_BASE100KBPS(_rateid), \
104 .hw_value = (_rateid), \
108 static struct ieee80211_rate __wl_rates[] = {
109 RATETAB_ENT(BRCM_RATE_1M, 0),
110 RATETAB_ENT(BRCM_RATE_2M, IEEE80211_RATE_SHORT_PREAMBLE),
111 RATETAB_ENT(BRCM_RATE_5M5, IEEE80211_RATE_SHORT_PREAMBLE),
112 RATETAB_ENT(BRCM_RATE_11M, IEEE80211_RATE_SHORT_PREAMBLE),
113 RATETAB_ENT(BRCM_RATE_6M, 0),
114 RATETAB_ENT(BRCM_RATE_9M, 0),
115 RATETAB_ENT(BRCM_RATE_12M, 0),
116 RATETAB_ENT(BRCM_RATE_18M, 0),
117 RATETAB_ENT(BRCM_RATE_24M, 0),
118 RATETAB_ENT(BRCM_RATE_36M, 0),
119 RATETAB_ENT(BRCM_RATE_48M, 0),
120 RATETAB_ENT(BRCM_RATE_54M, 0),
123 #define wl_g_rates (__wl_rates + 0)
124 #define wl_g_rates_size ARRAY_SIZE(__wl_rates)
125 #define wl_a_rates (__wl_rates + 4)
126 #define wl_a_rates_size (wl_g_rates_size - 4)
128 #define CHAN2G(_channel, _freq) { \
129 .band = NL80211_BAND_2GHZ, \
130 .center_freq = (_freq), \
131 .hw_value = (_channel), \
132 .max_antenna_gain = 0, \
136 #define CHAN5G(_channel) { \
137 .band = NL80211_BAND_5GHZ, \
138 .center_freq = 5000 + (5 * (_channel)), \
139 .hw_value = (_channel), \
140 .max_antenna_gain = 0, \
144 static struct ieee80211_channel __wl_2ghz_channels[] = {
145 CHAN2G(1, 2412), CHAN2G(2, 2417), CHAN2G(3, 2422), CHAN2G(4, 2427),
146 CHAN2G(5, 2432), CHAN2G(6, 2437), CHAN2G(7, 2442), CHAN2G(8, 2447),
147 CHAN2G(9, 2452), CHAN2G(10, 2457), CHAN2G(11, 2462), CHAN2G(12, 2467),
148 CHAN2G(13, 2472), CHAN2G(14, 2484)
151 static struct ieee80211_channel __wl_5ghz_channels[] = {
152 CHAN5G(34), CHAN5G(36), CHAN5G(38), CHAN5G(40), CHAN5G(42),
153 CHAN5G(44), CHAN5G(46), CHAN5G(48), CHAN5G(52), CHAN5G(56),
154 CHAN5G(60), CHAN5G(64), CHAN5G(100), CHAN5G(104), CHAN5G(108),
155 CHAN5G(112), CHAN5G(116), CHAN5G(120), CHAN5G(124), CHAN5G(128),
156 CHAN5G(132), CHAN5G(136), CHAN5G(140), CHAN5G(144), CHAN5G(149),
157 CHAN5G(153), CHAN5G(157), CHAN5G(161), CHAN5G(165)
160 /* Band templates duplicated per wiphy. The channel info
161 * above is added to the band during setup.
163 static const struct ieee80211_supported_band __wl_band_2ghz = {
164 .band = NL80211_BAND_2GHZ,
165 .bitrates = wl_g_rates,
166 .n_bitrates = wl_g_rates_size,
169 static const struct ieee80211_supported_band __wl_band_5ghz = {
170 .band = NL80211_BAND_5GHZ,
171 .bitrates = wl_a_rates,
172 .n_bitrates = wl_a_rates_size,
175 /* This is to override regulatory domains defined in cfg80211 module (reg.c)
176 * By default world regulatory domain defined in reg.c puts the flags
177 * NL80211_RRF_NO_IR for 5GHz channels (for * 36..48 and 149..165).
178 * With respect to these flags, wpa_supplicant doesn't * start p2p
179 * operations on 5GHz channels. All the changes in world regulatory
180 * domain are to be done here.
182 static const struct ieee80211_regdomain brcmf_regdom = {
186 /* IEEE 802.11b/g, channels 1..11 */
187 REG_RULE(2412-10, 2472+10, 40, 6, 20, 0),
189 /* IEEE 802.11 channel 14 - Only JP enables
190 * this and for 802.11b only
192 REG_RULE(2484-10, 2484+10, 20, 6, 20, 0),
193 /* IEEE 802.11a, channel 36..64 */
194 REG_RULE(5150-10, 5350+10, 160, 6, 20, 0),
195 /* IEEE 802.11a, channel 100..165 */
196 REG_RULE(5470-10, 5850+10, 160, 6, 20, 0), }
199 /* Note: brcmf_cipher_suites is an array of int defining which cipher suites
200 * are supported. A pointer to this array and the number of entries is passed
201 * on to upper layers. AES_CMAC defines whether or not the driver supports MFP.
202 * So the cipher suite AES_CMAC has to be the last one in the array, and when
203 * device does not support MFP then the number of suites will be decreased by 1
205 static const u32 brcmf_cipher_suites[] = {
206 WLAN_CIPHER_SUITE_WEP40,
207 WLAN_CIPHER_SUITE_WEP104,
208 WLAN_CIPHER_SUITE_TKIP,
209 WLAN_CIPHER_SUITE_CCMP,
210 /* Keep as last entry: */
211 WLAN_CIPHER_SUITE_AES_CMAC
214 /* Vendor specific ie. id = 221, oui and type defines exact ie */
215 struct brcmf_vs_tlv {
222 struct parsed_vndr_ie_info {
224 u32 ie_len; /* total length including id & length field */
225 struct brcmf_vs_tlv vndrie;
228 struct parsed_vndr_ies {
230 struct parsed_vndr_ie_info ie_info[VNDR_IE_PARSE_LIMIT];
233 static u8 nl80211_band_to_fwil(enum nl80211_band band)
236 case NL80211_BAND_2GHZ:
238 case NL80211_BAND_5GHZ:
247 static u16 chandef_to_chanspec(struct brcmu_d11inf *d11inf,
248 struct cfg80211_chan_def *ch)
250 struct brcmu_chan ch_inf;
253 brcmf_dbg(TRACE, "chandef: control %d center %d width %d\n",
254 ch->chan->center_freq, ch->center_freq1, ch->width);
255 ch_inf.chnum = ieee80211_frequency_to_channel(ch->center_freq1);
256 primary_offset = ch->chan->center_freq - ch->center_freq1;
258 case NL80211_CHAN_WIDTH_20:
259 case NL80211_CHAN_WIDTH_20_NOHT:
260 ch_inf.bw = BRCMU_CHAN_BW_20;
261 WARN_ON(primary_offset != 0);
263 case NL80211_CHAN_WIDTH_40:
264 ch_inf.bw = BRCMU_CHAN_BW_40;
265 if (primary_offset > 0)
266 ch_inf.sb = BRCMU_CHAN_SB_U;
268 ch_inf.sb = BRCMU_CHAN_SB_L;
270 case NL80211_CHAN_WIDTH_80:
271 ch_inf.bw = BRCMU_CHAN_BW_80;
272 if (primary_offset == -30)
273 ch_inf.sb = BRCMU_CHAN_SB_LL;
274 else if (primary_offset == -10)
275 ch_inf.sb = BRCMU_CHAN_SB_LU;
276 else if (primary_offset == 10)
277 ch_inf.sb = BRCMU_CHAN_SB_UL;
279 ch_inf.sb = BRCMU_CHAN_SB_UU;
281 case NL80211_CHAN_WIDTH_160:
282 ch_inf.bw = BRCMU_CHAN_BW_160;
283 if (primary_offset == -70)
284 ch_inf.sb = BRCMU_CHAN_SB_LLL;
285 else if (primary_offset == -50)
286 ch_inf.sb = BRCMU_CHAN_SB_LLU;
287 else if (primary_offset == -30)
288 ch_inf.sb = BRCMU_CHAN_SB_LUL;
289 else if (primary_offset == -10)
290 ch_inf.sb = BRCMU_CHAN_SB_LUU;
291 else if (primary_offset == 10)
292 ch_inf.sb = BRCMU_CHAN_SB_ULL;
293 else if (primary_offset == 30)
294 ch_inf.sb = BRCMU_CHAN_SB_ULU;
295 else if (primary_offset == 50)
296 ch_inf.sb = BRCMU_CHAN_SB_UUL;
298 ch_inf.sb = BRCMU_CHAN_SB_UUU;
300 case NL80211_CHAN_WIDTH_80P80:
301 case NL80211_CHAN_WIDTH_5:
302 case NL80211_CHAN_WIDTH_10:
306 switch (ch->chan->band) {
307 case NL80211_BAND_2GHZ:
308 ch_inf.band = BRCMU_CHAN_BAND_2G;
310 case NL80211_BAND_5GHZ:
311 ch_inf.band = BRCMU_CHAN_BAND_5G;
313 case NL80211_BAND_60GHZ:
317 d11inf->encchspec(&ch_inf);
319 brcmf_dbg(TRACE, "chanspec: 0x%x\n", ch_inf.chspec);
320 return ch_inf.chspec;
323 u16 channel_to_chanspec(struct brcmu_d11inf *d11inf,
324 struct ieee80211_channel *ch)
326 struct brcmu_chan ch_inf;
328 ch_inf.chnum = ieee80211_frequency_to_channel(ch->center_freq);
329 ch_inf.bw = BRCMU_CHAN_BW_20;
330 d11inf->encchspec(&ch_inf);
332 return ch_inf.chspec;
335 /* Traverse a string of 1-byte tag/1-byte length/variable-length value
336 * triples, returning a pointer to the substring whose first element
339 static const struct brcmf_tlv *
340 brcmf_parse_tlvs(const void *buf, int buflen, uint key)
342 const struct brcmf_tlv *elt = buf;
345 /* find tagged parameter */
346 while (totlen >= TLV_HDR_LEN) {
349 /* validate remaining totlen */
350 if ((elt->id == key) && (totlen >= (len + TLV_HDR_LEN)))
353 elt = (struct brcmf_tlv *)((u8 *)elt + (len + TLV_HDR_LEN));
354 totlen -= (len + TLV_HDR_LEN);
360 /* Is any of the tlvs the expected entry? If
361 * not update the tlvs buffer pointer/length.
364 brcmf_tlv_has_ie(const u8 *ie, const u8 **tlvs, u32 *tlvs_len,
365 const u8 *oui, u32 oui_len, u8 type)
367 /* If the contents match the OUI and the type */
368 if (ie[TLV_LEN_OFF] >= oui_len + 1 &&
369 !memcmp(&ie[TLV_BODY_OFF], oui, oui_len) &&
370 type == ie[TLV_BODY_OFF + oui_len]) {
376 /* point to the next ie */
377 ie += ie[TLV_LEN_OFF] + TLV_HDR_LEN;
378 /* calculate the length of the rest of the buffer */
379 *tlvs_len -= (int)(ie - *tlvs);
380 /* update the pointer to the start of the buffer */
386 static struct brcmf_vs_tlv *
387 brcmf_find_wpaie(const u8 *parse, u32 len)
389 const struct brcmf_tlv *ie;
391 while ((ie = brcmf_parse_tlvs(parse, len, WLAN_EID_VENDOR_SPECIFIC))) {
392 if (brcmf_tlv_has_ie((const u8 *)ie, &parse, &len,
393 WPA_OUI, TLV_OUI_LEN, WPA_OUI_TYPE))
394 return (struct brcmf_vs_tlv *)ie;
399 static struct brcmf_vs_tlv *
400 brcmf_find_wpsie(const u8 *parse, u32 len)
402 const struct brcmf_tlv *ie;
404 while ((ie = brcmf_parse_tlvs(parse, len, WLAN_EID_VENDOR_SPECIFIC))) {
405 if (brcmf_tlv_has_ie((u8 *)ie, &parse, &len,
406 WPA_OUI, TLV_OUI_LEN, WPS_OUI_TYPE))
407 return (struct brcmf_vs_tlv *)ie;
412 static int brcmf_vif_change_validate(struct brcmf_cfg80211_info *cfg,
413 struct brcmf_cfg80211_vif *vif,
414 enum nl80211_iftype new_type)
416 struct brcmf_cfg80211_vif *pos;
417 bool check_combos = false;
419 struct iface_combination_params params = {
420 .num_different_channels = 1,
423 list_for_each_entry(pos, &cfg->vif_list, list)
425 params.iftype_num[new_type]++;
427 /* concurrent interfaces so need check combinations */
429 params.iftype_num[pos->wdev.iftype]++;
433 ret = cfg80211_check_combinations(cfg->wiphy, ¶ms);
438 static int brcmf_vif_add_validate(struct brcmf_cfg80211_info *cfg,
439 enum nl80211_iftype new_type)
441 struct brcmf_cfg80211_vif *pos;
442 struct iface_combination_params params = {
443 .num_different_channels = 1,
446 list_for_each_entry(pos, &cfg->vif_list, list)
447 params.iftype_num[pos->wdev.iftype]++;
449 params.iftype_num[new_type]++;
450 return cfg80211_check_combinations(cfg->wiphy, ¶ms);
453 static void convert_key_from_CPU(struct brcmf_wsec_key *key,
454 struct brcmf_wsec_key_le *key_le)
456 key_le->index = cpu_to_le32(key->index);
457 key_le->len = cpu_to_le32(key->len);
458 key_le->algo = cpu_to_le32(key->algo);
459 key_le->flags = cpu_to_le32(key->flags);
460 key_le->rxiv.hi = cpu_to_le32(key->rxiv.hi);
461 key_le->rxiv.lo = cpu_to_le16(key->rxiv.lo);
462 key_le->iv_initialized = cpu_to_le32(key->iv_initialized);
463 memcpy(key_le->data, key->data, sizeof(key->data));
464 memcpy(key_le->ea, key->ea, sizeof(key->ea));
468 send_key_to_dongle(struct brcmf_if *ifp, struct brcmf_wsec_key *key)
470 struct brcmf_pub *drvr = ifp->drvr;
472 struct brcmf_wsec_key_le key_le;
474 convert_key_from_CPU(key, &key_le);
476 brcmf_netdev_wait_pend8021x(ifp);
478 err = brcmf_fil_bsscfg_data_set(ifp, "wsec_key", &key_le,
482 bphy_err(drvr, "wsec_key error (%d)\n", err);
487 brcmf_cfg80211_update_proto_addr_mode(struct wireless_dev *wdev)
489 struct brcmf_cfg80211_vif *vif;
490 struct brcmf_if *ifp;
492 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
495 if ((wdev->iftype == NL80211_IFTYPE_ADHOC) ||
496 (wdev->iftype == NL80211_IFTYPE_AP) ||
497 (wdev->iftype == NL80211_IFTYPE_P2P_GO))
498 brcmf_proto_configure_addr_mode(ifp->drvr, ifp->ifidx,
501 brcmf_proto_configure_addr_mode(ifp->drvr, ifp->ifidx,
505 static int brcmf_get_first_free_bsscfgidx(struct brcmf_pub *drvr)
509 for (bsscfgidx = 0; bsscfgidx < BRCMF_MAX_IFS; bsscfgidx++) {
510 /* bsscfgidx 1 is reserved for legacy P2P */
513 if (!drvr->iflist[bsscfgidx])
520 static int brcmf_cfg80211_request_ap_if(struct brcmf_if *ifp)
522 struct brcmf_pub *drvr = ifp->drvr;
523 struct brcmf_mbss_ssid_le mbss_ssid_le;
527 memset(&mbss_ssid_le, 0, sizeof(mbss_ssid_le));
528 bsscfgidx = brcmf_get_first_free_bsscfgidx(ifp->drvr);
532 mbss_ssid_le.bsscfgidx = cpu_to_le32(bsscfgidx);
533 mbss_ssid_le.SSID_len = cpu_to_le32(5);
534 sprintf(mbss_ssid_le.SSID, "ssid%d" , bsscfgidx);
536 err = brcmf_fil_bsscfg_data_set(ifp, "bsscfg:ssid", &mbss_ssid_le,
537 sizeof(mbss_ssid_le));
539 bphy_err(drvr, "setting ssid failed %d\n", err);
545 * brcmf_ap_add_vif() - create a new AP virtual interface for multiple BSS
547 * @wiphy: wiphy device of new interface.
548 * @name: name of the new interface.
549 * @params: contains mac address for AP device.
552 struct wireless_dev *brcmf_ap_add_vif(struct wiphy *wiphy, const char *name,
553 struct vif_params *params)
555 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
556 struct brcmf_if *ifp = netdev_priv(cfg_to_ndev(cfg));
557 struct brcmf_pub *drvr = cfg->pub;
558 struct brcmf_cfg80211_vif *vif;
561 if (brcmf_cfg80211_vif_event_armed(cfg))
562 return ERR_PTR(-EBUSY);
564 brcmf_dbg(INFO, "Adding vif \"%s\"\n", name);
566 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_AP);
568 return (struct wireless_dev *)vif;
570 brcmf_cfg80211_arm_vif_event(cfg, vif);
572 err = brcmf_cfg80211_request_ap_if(ifp);
574 brcmf_cfg80211_arm_vif_event(cfg, NULL);
578 /* wait for firmware event */
579 err = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_ADD,
580 BRCMF_VIF_EVENT_TIMEOUT);
581 brcmf_cfg80211_arm_vif_event(cfg, NULL);
583 bphy_err(drvr, "timeout occurred\n");
588 /* interface created in firmware */
591 bphy_err(drvr, "no if pointer provided\n");
596 strncpy(ifp->ndev->name, name, sizeof(ifp->ndev->name) - 1);
597 err = brcmf_net_attach(ifp, true);
599 bphy_err(drvr, "Registering netdevice failed\n");
600 free_netdev(ifp->ndev);
604 return &ifp->vif->wdev;
611 static bool brcmf_is_apmode(struct brcmf_cfg80211_vif *vif)
613 enum nl80211_iftype iftype;
615 iftype = vif->wdev.iftype;
616 return iftype == NL80211_IFTYPE_AP || iftype == NL80211_IFTYPE_P2P_GO;
619 static bool brcmf_is_ibssmode(struct brcmf_cfg80211_vif *vif)
621 return vif->wdev.iftype == NL80211_IFTYPE_ADHOC;
625 * brcmf_mon_add_vif() - create monitor mode virtual interface
627 * @wiphy: wiphy device of new interface.
628 * @name: name of the new interface.
630 static struct wireless_dev *brcmf_mon_add_vif(struct wiphy *wiphy,
633 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
634 struct brcmf_cfg80211_vif *vif;
635 struct net_device *ndev;
636 struct brcmf_if *ifp;
639 if (cfg->pub->mon_if) {
644 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_MONITOR);
650 ndev = alloc_netdev(sizeof(*ifp), name, NET_NAME_UNKNOWN, ether_setup);
655 ndev->type = ARPHRD_IEEE80211_RADIOTAP;
656 ndev->ieee80211_ptr = &vif->wdev;
657 ndev->needs_free_netdev = true;
658 ndev->priv_destructor = brcmf_cfg80211_free_netdev;
659 SET_NETDEV_DEV(ndev, wiphy_dev(cfg->wiphy));
661 ifp = netdev_priv(ndev);
664 ifp->drvr = cfg->pub;
667 vif->wdev.netdev = ndev;
669 err = brcmf_net_mon_attach(ifp);
671 brcmf_err("Failed to attach %s device\n", ndev->name);
676 cfg->pub->mon_if = ifp;
686 static int brcmf_mon_del_vif(struct wiphy *wiphy, struct wireless_dev *wdev)
688 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
689 struct net_device *ndev = wdev->netdev;
691 ndev->netdev_ops->ndo_stop(ndev);
693 brcmf_net_detach(ndev, true);
695 cfg->pub->mon_if = NULL;
700 static struct wireless_dev *brcmf_cfg80211_add_iface(struct wiphy *wiphy,
702 unsigned char name_assign_type,
703 enum nl80211_iftype type,
704 struct vif_params *params)
706 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
707 struct brcmf_pub *drvr = cfg->pub;
708 struct wireless_dev *wdev;
711 brcmf_dbg(TRACE, "enter: %s type %d\n", name, type);
712 err = brcmf_vif_add_validate(wiphy_to_cfg(wiphy), type);
714 bphy_err(drvr, "iface validation failed: err=%d\n", err);
718 case NL80211_IFTYPE_ADHOC:
719 case NL80211_IFTYPE_STATION:
720 case NL80211_IFTYPE_AP_VLAN:
721 case NL80211_IFTYPE_WDS:
722 case NL80211_IFTYPE_MESH_POINT:
723 return ERR_PTR(-EOPNOTSUPP);
724 case NL80211_IFTYPE_MONITOR:
725 return brcmf_mon_add_vif(wiphy, name);
726 case NL80211_IFTYPE_AP:
727 wdev = brcmf_ap_add_vif(wiphy, name, params);
729 case NL80211_IFTYPE_P2P_CLIENT:
730 case NL80211_IFTYPE_P2P_GO:
731 case NL80211_IFTYPE_P2P_DEVICE:
732 wdev = brcmf_p2p_add_vif(wiphy, name, name_assign_type, type, params);
734 case NL80211_IFTYPE_UNSPECIFIED:
736 return ERR_PTR(-EINVAL);
740 bphy_err(drvr, "add iface %s type %d failed: err=%d\n", name,
741 type, (int)PTR_ERR(wdev));
743 brcmf_cfg80211_update_proto_addr_mode(wdev);
748 static void brcmf_scan_config_mpc(struct brcmf_if *ifp, int mpc)
750 if (brcmf_feat_is_quirk_enabled(ifp, BRCMF_FEAT_QUIRK_NEED_MPC))
751 brcmf_set_mpc(ifp, mpc);
754 void brcmf_set_mpc(struct brcmf_if *ifp, int mpc)
756 struct brcmf_pub *drvr = ifp->drvr;
759 if (check_vif_up(ifp->vif)) {
760 err = brcmf_fil_iovar_int_set(ifp, "mpc", mpc);
762 bphy_err(drvr, "fail to set mpc\n");
765 brcmf_dbg(INFO, "MPC : %d\n", mpc);
769 s32 brcmf_notify_escan_complete(struct brcmf_cfg80211_info *cfg,
770 struct brcmf_if *ifp, bool aborted,
773 struct brcmf_pub *drvr = cfg->pub;
774 struct brcmf_scan_params_le params_le;
775 struct cfg80211_scan_request *scan_request;
780 brcmf_dbg(SCAN, "Enter\n");
782 /* clear scan request, because the FW abort can cause a second call */
783 /* to this functon and might cause a double cfg80211_scan_done */
784 scan_request = cfg->scan_request;
785 cfg->scan_request = NULL;
787 if (timer_pending(&cfg->escan_timeout))
788 del_timer_sync(&cfg->escan_timeout);
791 /* Do a scan abort to stop the driver's scan engine */
792 brcmf_dbg(SCAN, "ABORT scan in firmware\n");
793 memset(¶ms_le, 0, sizeof(params_le));
794 eth_broadcast_addr(params_le.bssid);
795 params_le.bss_type = DOT11_BSSTYPE_ANY;
796 params_le.scan_type = 0;
797 params_le.channel_num = cpu_to_le32(1);
798 params_le.nprobes = cpu_to_le32(1);
799 params_le.active_time = cpu_to_le32(-1);
800 params_le.passive_time = cpu_to_le32(-1);
801 params_le.home_time = cpu_to_le32(-1);
802 /* Scan is aborted by setting channel_list[0] to -1 */
803 params_le.channel_list[0] = cpu_to_le16(-1);
804 /* E-Scan (or anyother type) can be aborted by SCAN */
805 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SCAN,
806 ¶ms_le, sizeof(params_le));
808 bphy_err(drvr, "Scan abort failed\n");
811 brcmf_scan_config_mpc(ifp, 1);
814 * e-scan can be initiated internally
815 * which takes precedence.
817 if (cfg->int_escan_map) {
818 brcmf_dbg(SCAN, "scheduled scan completed (%x)\n",
820 while (cfg->int_escan_map) {
821 bucket = __ffs(cfg->int_escan_map);
822 cfg->int_escan_map &= ~BIT(bucket);
823 reqid = brcmf_pno_find_reqid_by_bucket(cfg->pno,
826 brcmf_dbg(SCAN, "report results: reqid=%llu\n",
828 cfg80211_sched_scan_results(cfg_to_wiphy(cfg),
832 } else if (scan_request) {
833 struct cfg80211_scan_info info = {
837 brcmf_dbg(SCAN, "ESCAN Completed scan: %s\n",
838 aborted ? "Aborted" : "Done");
839 cfg80211_scan_done(scan_request, &info);
841 if (!test_and_clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status))
842 brcmf_dbg(SCAN, "Scan complete, probably P2P scan\n");
847 static int brcmf_cfg80211_del_ap_iface(struct wiphy *wiphy,
848 struct wireless_dev *wdev)
850 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
851 struct net_device *ndev = wdev->netdev;
852 struct brcmf_if *ifp = netdev_priv(ndev);
853 struct brcmf_pub *drvr = cfg->pub;
857 brcmf_cfg80211_arm_vif_event(cfg, ifp->vif);
859 err = brcmf_fil_bsscfg_data_set(ifp, "interface_remove", NULL, 0);
861 bphy_err(drvr, "interface_remove failed %d\n", err);
865 /* wait for firmware event */
866 ret = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_DEL,
867 BRCMF_VIF_EVENT_TIMEOUT);
869 bphy_err(drvr, "timeout occurred\n");
874 brcmf_remove_interface(ifp, true);
877 brcmf_cfg80211_arm_vif_event(cfg, NULL);
882 int brcmf_cfg80211_del_iface(struct wiphy *wiphy, struct wireless_dev *wdev)
884 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
885 struct net_device *ndev = wdev->netdev;
887 if (ndev && ndev == cfg_to_ndev(cfg))
890 /* vif event pending in firmware */
891 if (brcmf_cfg80211_vif_event_armed(cfg))
895 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status) &&
896 cfg->escan_info.ifp == netdev_priv(ndev))
897 brcmf_notify_escan_complete(cfg, netdev_priv(ndev),
900 brcmf_fil_iovar_int_set(netdev_priv(ndev), "mpc", 1);
903 switch (wdev->iftype) {
904 case NL80211_IFTYPE_ADHOC:
905 case NL80211_IFTYPE_STATION:
906 case NL80211_IFTYPE_AP_VLAN:
907 case NL80211_IFTYPE_WDS:
908 case NL80211_IFTYPE_MESH_POINT:
910 case NL80211_IFTYPE_MONITOR:
911 return brcmf_mon_del_vif(wiphy, wdev);
912 case NL80211_IFTYPE_AP:
913 return brcmf_cfg80211_del_ap_iface(wiphy, wdev);
914 case NL80211_IFTYPE_P2P_CLIENT:
915 case NL80211_IFTYPE_P2P_GO:
916 case NL80211_IFTYPE_P2P_DEVICE:
917 return brcmf_p2p_del_vif(wiphy, wdev);
918 case NL80211_IFTYPE_UNSPECIFIED:
926 brcmf_cfg80211_change_iface(struct wiphy *wiphy, struct net_device *ndev,
927 enum nl80211_iftype type,
928 struct vif_params *params)
930 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
931 struct brcmf_if *ifp = netdev_priv(ndev);
932 struct brcmf_cfg80211_vif *vif = ifp->vif;
933 struct brcmf_pub *drvr = cfg->pub;
938 brcmf_dbg(TRACE, "Enter, bsscfgidx=%d, type=%d\n", ifp->bsscfgidx,
941 /* WAR: There are a number of p2p interface related problems which
942 * need to be handled initially (before doing the validate).
943 * wpa_supplicant tends to do iface changes on p2p device/client/go
944 * which are not always possible/allowed. However we need to return
945 * OK otherwise the wpa_supplicant wont start. The situation differs
946 * on configuration and setup (p2pon=1 module param). The first check
947 * is to see if the request is a change to station for p2p iface.
949 if ((type == NL80211_IFTYPE_STATION) &&
950 ((vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT) ||
951 (vif->wdev.iftype == NL80211_IFTYPE_P2P_GO) ||
952 (vif->wdev.iftype == NL80211_IFTYPE_P2P_DEVICE))) {
953 brcmf_dbg(TRACE, "Ignoring cmd for p2p if\n");
954 /* Now depending on whether module param p2pon=1 was used the
955 * response needs to be either 0 or EOPNOTSUPP. The reason is
956 * that if p2pon=1 is used, but a newer supplicant is used then
957 * we should return an error, as this combination wont work.
958 * In other situations 0 is returned and supplicant will start
959 * normally. It will give a trace in cfg80211, but it is the
960 * only way to get it working. Unfortunately this will result
961 * in situation where we wont support new supplicant in
962 * combination with module param p2pon=1, but that is the way
963 * it is. If the user tries this then unloading of driver might
966 if (cfg->p2p.p2pdev_dynamically)
971 err = brcmf_vif_change_validate(wiphy_to_cfg(wiphy), vif, type);
973 bphy_err(drvr, "iface validation failed: err=%d\n", err);
977 case NL80211_IFTYPE_MONITOR:
978 case NL80211_IFTYPE_WDS:
979 bphy_err(drvr, "type (%d) : currently we do not support this type\n",
982 case NL80211_IFTYPE_ADHOC:
985 case NL80211_IFTYPE_STATION:
988 case NL80211_IFTYPE_AP:
989 case NL80211_IFTYPE_P2P_GO:
998 if (type == NL80211_IFTYPE_P2P_GO) {
999 brcmf_dbg(INFO, "IF Type = P2P GO\n");
1000 err = brcmf_p2p_ifchange(cfg, BRCMF_FIL_P2P_IF_GO);
1003 brcmf_dbg(INFO, "IF Type = AP\n");
1006 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_INFRA, infra);
1008 bphy_err(drvr, "WLC_SET_INFRA error (%d)\n", err);
1012 brcmf_dbg(INFO, "IF Type = %s\n", brcmf_is_ibssmode(vif) ?
1015 ndev->ieee80211_ptr->iftype = type;
1017 brcmf_cfg80211_update_proto_addr_mode(&vif->wdev);
1020 brcmf_dbg(TRACE, "Exit\n");
1025 static void brcmf_escan_prep(struct brcmf_cfg80211_info *cfg,
1026 struct brcmf_scan_params_le *params_le,
1027 struct cfg80211_scan_request *request)
1035 struct brcmf_ssid_le ssid_le;
1037 eth_broadcast_addr(params_le->bssid);
1038 params_le->bss_type = DOT11_BSSTYPE_ANY;
1039 params_le->scan_type = BRCMF_SCANTYPE_ACTIVE;
1040 params_le->channel_num = 0;
1041 params_le->nprobes = cpu_to_le32(-1);
1042 params_le->active_time = cpu_to_le32(-1);
1043 params_le->passive_time = cpu_to_le32(-1);
1044 params_le->home_time = cpu_to_le32(-1);
1045 memset(¶ms_le->ssid_le, 0, sizeof(params_le->ssid_le));
1047 n_ssids = request->n_ssids;
1048 n_channels = request->n_channels;
1050 /* Copy channel array if applicable */
1051 brcmf_dbg(SCAN, "### List of channelspecs to scan ### %d\n",
1053 if (n_channels > 0) {
1054 for (i = 0; i < n_channels; i++) {
1055 chanspec = channel_to_chanspec(&cfg->d11inf,
1056 request->channels[i]);
1057 brcmf_dbg(SCAN, "Chan : %d, Channel spec: %x\n",
1058 request->channels[i]->hw_value, chanspec);
1059 params_le->channel_list[i] = cpu_to_le16(chanspec);
1062 brcmf_dbg(SCAN, "Scanning all channels\n");
1064 /* Copy ssid array if applicable */
1065 brcmf_dbg(SCAN, "### List of SSIDs to scan ### %d\n", n_ssids);
1067 offset = offsetof(struct brcmf_scan_params_le, channel_list) +
1068 n_channels * sizeof(u16);
1069 offset = roundup(offset, sizeof(u32));
1070 ptr = (char *)params_le + offset;
1071 for (i = 0; i < n_ssids; i++) {
1072 memset(&ssid_le, 0, sizeof(ssid_le));
1074 cpu_to_le32(request->ssids[i].ssid_len);
1075 memcpy(ssid_le.SSID, request->ssids[i].ssid,
1076 request->ssids[i].ssid_len);
1077 if (!ssid_le.SSID_len)
1078 brcmf_dbg(SCAN, "%d: Broadcast scan\n", i);
1080 brcmf_dbg(SCAN, "%d: scan for %.32s size=%d\n",
1081 i, ssid_le.SSID, ssid_le.SSID_len);
1082 memcpy(ptr, &ssid_le, sizeof(ssid_le));
1083 ptr += sizeof(ssid_le);
1086 brcmf_dbg(SCAN, "Performing passive scan\n");
1087 params_le->scan_type = BRCMF_SCANTYPE_PASSIVE;
1089 /* Adding mask to channel numbers */
1090 params_le->channel_num =
1091 cpu_to_le32((n_ssids << BRCMF_SCAN_PARAMS_NSSID_SHIFT) |
1092 (n_channels & BRCMF_SCAN_PARAMS_COUNT_MASK));
1096 brcmf_run_escan(struct brcmf_cfg80211_info *cfg, struct brcmf_if *ifp,
1097 struct cfg80211_scan_request *request)
1099 struct brcmf_pub *drvr = cfg->pub;
1100 s32 params_size = BRCMF_SCAN_PARAMS_FIXED_SIZE +
1101 offsetof(struct brcmf_escan_params_le, params_le);
1102 struct brcmf_escan_params_le *params;
1105 brcmf_dbg(SCAN, "E-SCAN START\n");
1107 if (request != NULL) {
1108 /* Allocate space for populating ssids in struct */
1109 params_size += sizeof(u32) * ((request->n_channels + 1) / 2);
1111 /* Allocate space for populating ssids in struct */
1112 params_size += sizeof(struct brcmf_ssid_le) * request->n_ssids;
1115 params = kzalloc(params_size, GFP_KERNEL);
1120 BUG_ON(params_size + sizeof("escan") >= BRCMF_DCMD_MEDLEN);
1121 brcmf_escan_prep(cfg, ¶ms->params_le, request);
1122 params->version = cpu_to_le32(BRCMF_ESCAN_REQ_VERSION);
1123 params->action = cpu_to_le16(WL_ESCAN_ACTION_START);
1124 params->sync_id = cpu_to_le16(0x1234);
1126 err = brcmf_fil_iovar_data_set(ifp, "escan", params, params_size);
1129 brcmf_dbg(INFO, "system busy : escan canceled\n");
1131 bphy_err(drvr, "error (%d)\n", err);
1140 brcmf_do_escan(struct brcmf_if *ifp, struct cfg80211_scan_request *request)
1142 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
1144 struct brcmf_scan_results *results;
1145 struct escan_info *escan = &cfg->escan_info;
1147 brcmf_dbg(SCAN, "Enter\n");
1149 escan->wiphy = cfg->wiphy;
1150 escan->escan_state = WL_ESCAN_STATE_SCANNING;
1152 brcmf_scan_config_mpc(ifp, 0);
1153 results = (struct brcmf_scan_results *)cfg->escan_info.escan_buf;
1154 results->version = 0;
1156 results->buflen = WL_ESCAN_RESULTS_FIXED_SIZE;
1158 err = escan->run(cfg, ifp, request);
1160 brcmf_scan_config_mpc(ifp, 1);
1165 brcmf_cfg80211_scan(struct wiphy *wiphy, struct cfg80211_scan_request *request)
1167 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1168 struct brcmf_pub *drvr = cfg->pub;
1169 struct brcmf_cfg80211_vif *vif;
1172 brcmf_dbg(TRACE, "Enter\n");
1173 vif = container_of(request->wdev, struct brcmf_cfg80211_vif, wdev);
1174 if (!check_vif_up(vif))
1177 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
1178 bphy_err(drvr, "Scanning already: status (%lu)\n",
1182 if (test_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status)) {
1183 bphy_err(drvr, "Scanning being aborted: status (%lu)\n",
1187 if (test_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status)) {
1188 bphy_err(drvr, "Scanning suppressed: status (%lu)\n",
1192 if (test_bit(BRCMF_VIF_STATUS_CONNECTING, &vif->sme_state)) {
1193 bphy_err(drvr, "Connecting: status (%lu)\n", vif->sme_state);
1197 /* If scan req comes for p2p0, send it over primary I/F */
1198 if (vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif)
1199 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif;
1201 brcmf_dbg(SCAN, "START ESCAN\n");
1203 cfg->scan_request = request;
1204 set_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
1206 cfg->escan_info.run = brcmf_run_escan;
1207 err = brcmf_p2p_scan_prep(wiphy, request, vif);
1211 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_PRBREQ_FLAG,
1212 request->ie, request->ie_len);
1216 err = brcmf_do_escan(vif->ifp, request);
1220 /* Arm scan timeout timer */
1221 mod_timer(&cfg->escan_timeout,
1222 jiffies + msecs_to_jiffies(BRCMF_ESCAN_TIMER_INTERVAL_MS));
1227 bphy_err(drvr, "scan error (%d)\n", err);
1228 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
1229 cfg->scan_request = NULL;
1233 static s32 brcmf_set_rts(struct net_device *ndev, u32 rts_threshold)
1235 struct brcmf_if *ifp = netdev_priv(ndev);
1236 struct brcmf_pub *drvr = ifp->drvr;
1239 err = brcmf_fil_iovar_int_set(ifp, "rtsthresh", rts_threshold);
1241 bphy_err(drvr, "Error (%d)\n", err);
1246 static s32 brcmf_set_frag(struct net_device *ndev, u32 frag_threshold)
1248 struct brcmf_if *ifp = netdev_priv(ndev);
1249 struct brcmf_pub *drvr = ifp->drvr;
1252 err = brcmf_fil_iovar_int_set(ifp, "fragthresh",
1255 bphy_err(drvr, "Error (%d)\n", err);
1260 static s32 brcmf_set_retry(struct net_device *ndev, u32 retry, bool l)
1262 struct brcmf_if *ifp = netdev_priv(ndev);
1263 struct brcmf_pub *drvr = ifp->drvr;
1265 u32 cmd = (l ? BRCMF_C_SET_LRL : BRCMF_C_SET_SRL);
1267 err = brcmf_fil_cmd_int_set(ifp, cmd, retry);
1269 bphy_err(drvr, "cmd (%d) , error (%d)\n", cmd, err);
1275 static s32 brcmf_cfg80211_set_wiphy_params(struct wiphy *wiphy, u32 changed)
1277 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1278 struct net_device *ndev = cfg_to_ndev(cfg);
1279 struct brcmf_if *ifp = netdev_priv(ndev);
1282 brcmf_dbg(TRACE, "Enter\n");
1283 if (!check_vif_up(ifp->vif))
1286 if (changed & WIPHY_PARAM_RTS_THRESHOLD &&
1287 (cfg->conf->rts_threshold != wiphy->rts_threshold)) {
1288 cfg->conf->rts_threshold = wiphy->rts_threshold;
1289 err = brcmf_set_rts(ndev, cfg->conf->rts_threshold);
1293 if (changed & WIPHY_PARAM_FRAG_THRESHOLD &&
1294 (cfg->conf->frag_threshold != wiphy->frag_threshold)) {
1295 cfg->conf->frag_threshold = wiphy->frag_threshold;
1296 err = brcmf_set_frag(ndev, cfg->conf->frag_threshold);
1300 if (changed & WIPHY_PARAM_RETRY_LONG
1301 && (cfg->conf->retry_long != wiphy->retry_long)) {
1302 cfg->conf->retry_long = wiphy->retry_long;
1303 err = brcmf_set_retry(ndev, cfg->conf->retry_long, true);
1307 if (changed & WIPHY_PARAM_RETRY_SHORT
1308 && (cfg->conf->retry_short != wiphy->retry_short)) {
1309 cfg->conf->retry_short = wiphy->retry_short;
1310 err = brcmf_set_retry(ndev, cfg->conf->retry_short, false);
1316 brcmf_dbg(TRACE, "Exit\n");
1320 static void brcmf_init_prof(struct brcmf_cfg80211_profile *prof)
1322 memset(prof, 0, sizeof(*prof));
1325 static u16 brcmf_map_fw_linkdown_reason(const struct brcmf_event_msg *e)
1329 switch (e->event_code) {
1330 case BRCMF_E_DEAUTH:
1331 case BRCMF_E_DEAUTH_IND:
1332 case BRCMF_E_DISASSOC_IND:
1343 static int brcmf_set_pmk(struct brcmf_if *ifp, const u8 *pmk_data, u16 pmk_len)
1345 struct brcmf_pub *drvr = ifp->drvr;
1346 struct brcmf_wsec_pmk_le pmk;
1349 /* convert to firmware key format */
1350 pmk.key_len = cpu_to_le16(pmk_len << 1);
1351 pmk.flags = cpu_to_le16(BRCMF_WSEC_PASSPHRASE);
1352 for (i = 0; i < pmk_len; i++)
1353 snprintf(&pmk.key[2 * i], 3, "%02x", pmk_data[i]);
1355 /* store psk in firmware */
1356 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_WSEC_PMK,
1359 bphy_err(drvr, "failed to change PSK in firmware (len=%u)\n",
1365 static int brcmf_set_sae_password(struct brcmf_if *ifp, const u8 *pwd_data,
1368 struct brcmf_pub *drvr = ifp->drvr;
1369 struct brcmf_wsec_sae_pwd_le sae_pwd;
1372 if (pwd_len > BRCMF_WSEC_MAX_SAE_PASSWORD_LEN) {
1373 bphy_err(drvr, "sae_password must be less than %d\n",
1374 BRCMF_WSEC_MAX_SAE_PASSWORD_LEN);
1378 sae_pwd.key_len = cpu_to_le16(pwd_len);
1379 memcpy(sae_pwd.key, pwd_data, pwd_len);
1381 err = brcmf_fil_iovar_data_set(ifp, "sae_password", &sae_pwd,
1384 bphy_err(drvr, "failed to set SAE password in firmware (len=%u)\n",
1390 static void brcmf_link_down(struct brcmf_cfg80211_vif *vif, u16 reason)
1392 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(vif->wdev.wiphy);
1393 struct brcmf_pub *drvr = cfg->pub;
1394 bool bus_up = drvr->bus_if->state == BRCMF_BUS_UP;
1397 brcmf_dbg(TRACE, "Enter\n");
1399 if (test_and_clear_bit(BRCMF_VIF_STATUS_CONNECTED, &vif->sme_state)) {
1401 brcmf_dbg(INFO, "Call WLC_DISASSOC to stop excess roaming\n");
1402 err = brcmf_fil_cmd_data_set(vif->ifp,
1403 BRCMF_C_DISASSOC, NULL, 0);
1405 bphy_err(drvr, "WLC_DISASSOC failed (%d)\n",
1409 if ((vif->wdev.iftype == NL80211_IFTYPE_STATION) ||
1410 (vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT))
1411 cfg80211_disconnected(vif->wdev.netdev, reason, NULL, 0,
1414 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &vif->sme_state);
1415 clear_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
1416 brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_ENABLED, 0);
1417 if (vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
1419 brcmf_set_pmk(vif->ifp, NULL, 0);
1420 vif->profile.use_fwsup = BRCMF_PROFILE_FWSUP_NONE;
1422 brcmf_dbg(TRACE, "Exit\n");
1426 brcmf_cfg80211_join_ibss(struct wiphy *wiphy, struct net_device *ndev,
1427 struct cfg80211_ibss_params *params)
1429 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1430 struct brcmf_if *ifp = netdev_priv(ndev);
1431 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
1432 struct brcmf_pub *drvr = cfg->pub;
1433 struct brcmf_join_params join_params;
1434 size_t join_params_size = 0;
1441 brcmf_dbg(TRACE, "Enter\n");
1442 if (!check_vif_up(ifp->vif))
1446 brcmf_dbg(CONN, "SSID: %s\n", params->ssid);
1448 brcmf_dbg(CONN, "SSID: NULL, Not supported\n");
1452 set_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
1455 brcmf_dbg(CONN, "BSSID: %pM\n", params->bssid);
1457 brcmf_dbg(CONN, "No BSSID specified\n");
1459 if (params->chandef.chan)
1460 brcmf_dbg(CONN, "channel: %d\n",
1461 params->chandef.chan->center_freq);
1463 brcmf_dbg(CONN, "no channel specified\n");
1465 if (params->channel_fixed)
1466 brcmf_dbg(CONN, "fixed channel required\n");
1468 brcmf_dbg(CONN, "no fixed channel required\n");
1470 if (params->ie && params->ie_len)
1471 brcmf_dbg(CONN, "ie len: %d\n", params->ie_len);
1473 brcmf_dbg(CONN, "no ie specified\n");
1475 if (params->beacon_interval)
1476 brcmf_dbg(CONN, "beacon interval: %d\n",
1477 params->beacon_interval);
1479 brcmf_dbg(CONN, "no beacon interval specified\n");
1481 if (params->basic_rates)
1482 brcmf_dbg(CONN, "basic rates: %08X\n", params->basic_rates);
1484 brcmf_dbg(CONN, "no basic rates specified\n");
1486 if (params->privacy)
1487 brcmf_dbg(CONN, "privacy required\n");
1489 brcmf_dbg(CONN, "no privacy required\n");
1491 /* Configure Privacy for starter */
1492 if (params->privacy)
1493 wsec |= WEP_ENABLED;
1495 err = brcmf_fil_iovar_int_set(ifp, "wsec", wsec);
1497 bphy_err(drvr, "wsec failed (%d)\n", err);
1501 /* Configure Beacon Interval for starter */
1502 if (params->beacon_interval)
1503 bcnprd = params->beacon_interval;
1507 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_BCNPRD, bcnprd);
1509 bphy_err(drvr, "WLC_SET_BCNPRD failed (%d)\n", err);
1513 /* Configure required join parameter */
1514 memset(&join_params, 0, sizeof(struct brcmf_join_params));
1517 ssid_len = min_t(u32, params->ssid_len, IEEE80211_MAX_SSID_LEN);
1518 memcpy(join_params.ssid_le.SSID, params->ssid, ssid_len);
1519 join_params.ssid_le.SSID_len = cpu_to_le32(ssid_len);
1520 join_params_size = sizeof(join_params.ssid_le);
1523 if (params->bssid) {
1524 memcpy(join_params.params_le.bssid, params->bssid, ETH_ALEN);
1525 join_params_size += BRCMF_ASSOC_PARAMS_FIXED_SIZE;
1526 memcpy(profile->bssid, params->bssid, ETH_ALEN);
1528 eth_broadcast_addr(join_params.params_le.bssid);
1529 eth_zero_addr(profile->bssid);
1533 if (params->chandef.chan) {
1537 ieee80211_frequency_to_channel(
1538 params->chandef.chan->center_freq);
1539 if (params->channel_fixed) {
1540 /* adding chanspec */
1541 chanspec = chandef_to_chanspec(&cfg->d11inf,
1543 join_params.params_le.chanspec_list[0] =
1544 cpu_to_le16(chanspec);
1545 join_params.params_le.chanspec_num = cpu_to_le32(1);
1546 join_params_size += sizeof(join_params.params_le);
1549 /* set channel for starter */
1550 target_channel = cfg->channel;
1551 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_CHANNEL,
1554 bphy_err(drvr, "WLC_SET_CHANNEL failed (%d)\n", err);
1560 cfg->ibss_starter = false;
1563 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
1564 &join_params, join_params_size);
1566 bphy_err(drvr, "WLC_SET_SSID failed (%d)\n", err);
1572 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
1573 brcmf_dbg(TRACE, "Exit\n");
1578 brcmf_cfg80211_leave_ibss(struct wiphy *wiphy, struct net_device *ndev)
1580 struct brcmf_if *ifp = netdev_priv(ndev);
1582 brcmf_dbg(TRACE, "Enter\n");
1583 if (!check_vif_up(ifp->vif)) {
1584 /* When driver is being unloaded, it can end up here. If an
1585 * error is returned then later on a debug trace in the wireless
1586 * core module will be printed. To avoid this 0 is returned.
1591 brcmf_link_down(ifp->vif, WLAN_REASON_DEAUTH_LEAVING);
1592 brcmf_net_setcarrier(ifp, false);
1594 brcmf_dbg(TRACE, "Exit\n");
1599 static s32 brcmf_set_wpa_version(struct net_device *ndev,
1600 struct cfg80211_connect_params *sme)
1602 struct brcmf_if *ifp = netdev_priv(ndev);
1603 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1604 struct brcmf_pub *drvr = ifp->drvr;
1605 struct brcmf_cfg80211_security *sec;
1609 if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_1)
1610 val = WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED;
1611 else if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_2)
1612 val = WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED;
1613 else if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_3)
1614 val = WPA3_AUTH_SAE_PSK;
1616 val = WPA_AUTH_DISABLED;
1617 brcmf_dbg(CONN, "setting wpa_auth to 0x%0x\n", val);
1618 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", val);
1620 bphy_err(drvr, "set wpa_auth failed (%d)\n", err);
1623 sec = &profile->sec;
1624 sec->wpa_versions = sme->crypto.wpa_versions;
1628 static s32 brcmf_set_auth_type(struct net_device *ndev,
1629 struct cfg80211_connect_params *sme)
1631 struct brcmf_if *ifp = netdev_priv(ndev);
1632 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1633 struct brcmf_pub *drvr = ifp->drvr;
1634 struct brcmf_cfg80211_security *sec;
1638 switch (sme->auth_type) {
1639 case NL80211_AUTHTYPE_OPEN_SYSTEM:
1641 brcmf_dbg(CONN, "open system\n");
1643 case NL80211_AUTHTYPE_SHARED_KEY:
1645 brcmf_dbg(CONN, "shared key\n");
1647 case NL80211_AUTHTYPE_SAE:
1649 brcmf_dbg(CONN, "SAE authentication\n");
1653 brcmf_dbg(CONN, "automatic, auth type (%d)\n", sme->auth_type);
1657 err = brcmf_fil_bsscfg_int_set(ifp, "auth", val);
1659 bphy_err(drvr, "set auth failed (%d)\n", err);
1662 sec = &profile->sec;
1663 sec->auth_type = sme->auth_type;
1668 brcmf_set_wsec_mode(struct net_device *ndev,
1669 struct cfg80211_connect_params *sme)
1671 struct brcmf_if *ifp = netdev_priv(ndev);
1672 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1673 struct brcmf_pub *drvr = ifp->drvr;
1674 struct brcmf_cfg80211_security *sec;
1680 if (sme->crypto.n_ciphers_pairwise) {
1681 switch (sme->crypto.ciphers_pairwise[0]) {
1682 case WLAN_CIPHER_SUITE_WEP40:
1683 case WLAN_CIPHER_SUITE_WEP104:
1686 case WLAN_CIPHER_SUITE_TKIP:
1687 pval = TKIP_ENABLED;
1689 case WLAN_CIPHER_SUITE_CCMP:
1692 case WLAN_CIPHER_SUITE_AES_CMAC:
1696 bphy_err(drvr, "invalid cipher pairwise (%d)\n",
1697 sme->crypto.ciphers_pairwise[0]);
1701 if (sme->crypto.cipher_group) {
1702 switch (sme->crypto.cipher_group) {
1703 case WLAN_CIPHER_SUITE_WEP40:
1704 case WLAN_CIPHER_SUITE_WEP104:
1707 case WLAN_CIPHER_SUITE_TKIP:
1708 gval = TKIP_ENABLED;
1710 case WLAN_CIPHER_SUITE_CCMP:
1713 case WLAN_CIPHER_SUITE_AES_CMAC:
1717 bphy_err(drvr, "invalid cipher group (%d)\n",
1718 sme->crypto.cipher_group);
1723 brcmf_dbg(CONN, "pval (%d) gval (%d)\n", pval, gval);
1724 /* In case of privacy, but no security and WPS then simulate */
1725 /* setting AES. WPS-2.0 allows no security */
1726 if (brcmf_find_wpsie(sme->ie, sme->ie_len) && !pval && !gval &&
1731 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
1733 bphy_err(drvr, "error (%d)\n", err);
1737 sec = &profile->sec;
1738 sec->cipher_pairwise = sme->crypto.ciphers_pairwise[0];
1739 sec->cipher_group = sme->crypto.cipher_group;
1745 brcmf_set_key_mgmt(struct net_device *ndev, struct cfg80211_connect_params *sme)
1747 struct brcmf_if *ifp = netdev_priv(ndev);
1748 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
1749 struct brcmf_pub *drvr = ifp->drvr;
1752 const struct brcmf_tlv *rsn_ie;
1760 profile->use_fwsup = BRCMF_PROFILE_FWSUP_NONE;
1761 profile->is_ft = false;
1763 if (!sme->crypto.n_akm_suites)
1766 err = brcmf_fil_bsscfg_int_get(netdev_priv(ndev), "wpa_auth", &val);
1768 bphy_err(drvr, "could not get wpa_auth (%d)\n", err);
1771 if (val & (WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED)) {
1772 switch (sme->crypto.akm_suites[0]) {
1773 case WLAN_AKM_SUITE_8021X:
1774 val = WPA_AUTH_UNSPECIFIED;
1776 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1778 case WLAN_AKM_SUITE_PSK:
1782 bphy_err(drvr, "invalid cipher group (%d)\n",
1783 sme->crypto.cipher_group);
1786 } else if (val & (WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED)) {
1787 switch (sme->crypto.akm_suites[0]) {
1788 case WLAN_AKM_SUITE_8021X:
1789 val = WPA2_AUTH_UNSPECIFIED;
1791 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1793 case WLAN_AKM_SUITE_8021X_SHA256:
1794 val = WPA2_AUTH_1X_SHA256;
1796 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1798 case WLAN_AKM_SUITE_PSK_SHA256:
1799 val = WPA2_AUTH_PSK_SHA256;
1801 case WLAN_AKM_SUITE_PSK:
1802 val = WPA2_AUTH_PSK;
1804 case WLAN_AKM_SUITE_FT_8021X:
1805 val = WPA2_AUTH_UNSPECIFIED | WPA2_AUTH_FT;
1806 profile->is_ft = true;
1808 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1810 case WLAN_AKM_SUITE_FT_PSK:
1811 val = WPA2_AUTH_PSK | WPA2_AUTH_FT;
1812 profile->is_ft = true;
1815 bphy_err(drvr, "invalid cipher group (%d)\n",
1816 sme->crypto.cipher_group);
1819 } else if (val & WPA3_AUTH_SAE_PSK) {
1820 switch (sme->crypto.akm_suites[0]) {
1821 case WLAN_AKM_SUITE_SAE:
1822 val = WPA3_AUTH_SAE_PSK;
1823 if (sme->crypto.sae_pwd) {
1824 brcmf_dbg(INFO, "using SAE offload\n");
1825 profile->use_fwsup = BRCMF_PROFILE_FWSUP_SAE;
1829 bphy_err(drvr, "invalid cipher group (%d)\n",
1830 sme->crypto.cipher_group);
1835 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_1X)
1836 brcmf_dbg(INFO, "using 1X offload\n");
1838 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
1839 goto skip_mfp_config;
1840 /* The MFP mode (1 or 2) needs to be determined, parse IEs. The
1841 * IE will not be verified, just a quick search for MFP config
1843 rsn_ie = brcmf_parse_tlvs((const u8 *)sme->ie, sme->ie_len,
1846 goto skip_mfp_config;
1847 ie = (const u8 *)rsn_ie;
1848 ie_len = rsn_ie->len + TLV_HDR_LEN;
1849 /* Skip unicast suite */
1850 offset = TLV_HDR_LEN + WPA_IE_VERSION_LEN + WPA_IE_MIN_OUI_LEN;
1851 if (offset + WPA_IE_SUITE_COUNT_LEN >= ie_len)
1852 goto skip_mfp_config;
1853 /* Skip multicast suite */
1854 count = ie[offset] + (ie[offset + 1] << 8);
1855 offset += WPA_IE_SUITE_COUNT_LEN + (count * WPA_IE_MIN_OUI_LEN);
1856 if (offset + WPA_IE_SUITE_COUNT_LEN >= ie_len)
1857 goto skip_mfp_config;
1858 /* Skip auth key management suite(s) */
1859 count = ie[offset] + (ie[offset + 1] << 8);
1860 offset += WPA_IE_SUITE_COUNT_LEN + (count * WPA_IE_MIN_OUI_LEN);
1861 if (offset + WPA_IE_SUITE_COUNT_LEN > ie_len)
1862 goto skip_mfp_config;
1863 /* Ready to read capabilities */
1864 mfp = BRCMF_MFP_NONE;
1865 rsn_cap = ie[offset] + (ie[offset + 1] << 8);
1866 if (rsn_cap & RSN_CAP_MFPR_MASK)
1867 mfp = BRCMF_MFP_REQUIRED;
1868 else if (rsn_cap & RSN_CAP_MFPC_MASK)
1869 mfp = BRCMF_MFP_CAPABLE;
1870 brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "mfp", mfp);
1873 brcmf_dbg(CONN, "setting wpa_auth to %d\n", val);
1874 err = brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "wpa_auth", val);
1876 bphy_err(drvr, "could not set wpa_auth (%d)\n", err);
1884 brcmf_set_sharedkey(struct net_device *ndev,
1885 struct cfg80211_connect_params *sme)
1887 struct brcmf_if *ifp = netdev_priv(ndev);
1888 struct brcmf_pub *drvr = ifp->drvr;
1889 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1890 struct brcmf_cfg80211_security *sec;
1891 struct brcmf_wsec_key key;
1895 brcmf_dbg(CONN, "key len (%d)\n", sme->key_len);
1897 if (sme->key_len == 0)
1900 sec = &profile->sec;
1901 brcmf_dbg(CONN, "wpa_versions 0x%x cipher_pairwise 0x%x\n",
1902 sec->wpa_versions, sec->cipher_pairwise);
1904 if (sec->wpa_versions & (NL80211_WPA_VERSION_1 | NL80211_WPA_VERSION_2 |
1905 NL80211_WPA_VERSION_3))
1908 if (!(sec->cipher_pairwise &
1909 (WLAN_CIPHER_SUITE_WEP40 | WLAN_CIPHER_SUITE_WEP104)))
1912 memset(&key, 0, sizeof(key));
1913 key.len = (u32) sme->key_len;
1914 key.index = (u32) sme->key_idx;
1915 if (key.len > sizeof(key.data)) {
1916 bphy_err(drvr, "Too long key length (%u)\n", key.len);
1919 memcpy(key.data, sme->key, key.len);
1920 key.flags = BRCMF_PRIMARY_KEY;
1921 switch (sec->cipher_pairwise) {
1922 case WLAN_CIPHER_SUITE_WEP40:
1923 key.algo = CRYPTO_ALGO_WEP1;
1925 case WLAN_CIPHER_SUITE_WEP104:
1926 key.algo = CRYPTO_ALGO_WEP128;
1929 bphy_err(drvr, "Invalid algorithm (%d)\n",
1930 sme->crypto.ciphers_pairwise[0]);
1933 /* Set the new key/index */
1934 brcmf_dbg(CONN, "key length (%d) key index (%d) algo (%d)\n",
1935 key.len, key.index, key.algo);
1936 brcmf_dbg(CONN, "key \"%s\"\n", key.data);
1937 err = send_key_to_dongle(ifp, &key);
1941 if (sec->auth_type == NL80211_AUTHTYPE_SHARED_KEY) {
1942 brcmf_dbg(CONN, "set auth_type to shared key\n");
1943 val = WL_AUTH_SHARED_KEY; /* shared key */
1944 err = brcmf_fil_bsscfg_int_set(ifp, "auth", val);
1946 bphy_err(drvr, "set auth failed (%d)\n", err);
1952 enum nl80211_auth_type brcmf_war_auth_type(struct brcmf_if *ifp,
1953 enum nl80211_auth_type type)
1955 if (type == NL80211_AUTHTYPE_AUTOMATIC &&
1956 brcmf_feat_is_quirk_enabled(ifp, BRCMF_FEAT_QUIRK_AUTO_AUTH)) {
1957 brcmf_dbg(CONN, "WAR: use OPEN instead of AUTO\n");
1958 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
1963 static void brcmf_set_join_pref(struct brcmf_if *ifp,
1964 struct cfg80211_bss_selection *bss_select)
1966 struct brcmf_pub *drvr = ifp->drvr;
1967 struct brcmf_join_pref_params join_pref_params[2];
1968 enum nl80211_band band;
1971 join_pref_params[i].len = 2;
1972 join_pref_params[i].rssi_gain = 0;
1974 if (bss_select->behaviour != NL80211_BSS_SELECT_ATTR_BAND_PREF)
1975 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_ASSOC_PREFER, WLC_BAND_AUTO);
1977 switch (bss_select->behaviour) {
1978 case __NL80211_BSS_SELECT_ATTR_INVALID:
1979 brcmf_c_set_joinpref_default(ifp);
1981 case NL80211_BSS_SELECT_ATTR_BAND_PREF:
1982 join_pref_params[i].type = BRCMF_JOIN_PREF_BAND;
1983 band = bss_select->param.band_pref;
1984 join_pref_params[i].band = nl80211_band_to_fwil(band);
1987 case NL80211_BSS_SELECT_ATTR_RSSI_ADJUST:
1988 join_pref_params[i].type = BRCMF_JOIN_PREF_RSSI_DELTA;
1989 band = bss_select->param.adjust.band;
1990 join_pref_params[i].band = nl80211_band_to_fwil(band);
1991 join_pref_params[i].rssi_gain = bss_select->param.adjust.delta;
1994 case NL80211_BSS_SELECT_ATTR_RSSI:
1998 join_pref_params[i].type = BRCMF_JOIN_PREF_RSSI;
1999 join_pref_params[i].len = 2;
2000 join_pref_params[i].rssi_gain = 0;
2001 join_pref_params[i].band = 0;
2002 err = brcmf_fil_iovar_data_set(ifp, "join_pref", join_pref_params,
2003 sizeof(join_pref_params));
2005 bphy_err(drvr, "Set join_pref error (%d)\n", err);
2009 brcmf_cfg80211_connect(struct wiphy *wiphy, struct net_device *ndev,
2010 struct cfg80211_connect_params *sme)
2012 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2013 struct brcmf_if *ifp = netdev_priv(ndev);
2014 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2015 struct ieee80211_channel *chan = sme->channel;
2016 struct brcmf_pub *drvr = ifp->drvr;
2017 struct brcmf_join_params join_params;
2018 size_t join_params_size;
2019 const struct brcmf_tlv *rsn_ie;
2020 const struct brcmf_vs_tlv *wpa_ie;
2023 struct brcmf_ext_join_params_le *ext_join_params;
2028 brcmf_dbg(TRACE, "Enter\n");
2029 if (!check_vif_up(ifp->vif))
2033 bphy_err(drvr, "Invalid ssid\n");
2037 if (ifp->vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif) {
2038 /* A normal (non P2P) connection request setup. */
2041 /* find the WPA_IE */
2042 wpa_ie = brcmf_find_wpaie((u8 *)sme->ie, sme->ie_len);
2045 ie_len = wpa_ie->len + TLV_HDR_LEN;
2047 /* find the RSN_IE */
2048 rsn_ie = brcmf_parse_tlvs((const u8 *)sme->ie,
2053 ie_len = rsn_ie->len + TLV_HDR_LEN;
2056 brcmf_fil_iovar_data_set(ifp, "wpaie", ie, ie_len);
2059 err = brcmf_vif_set_mgmt_ie(ifp->vif, BRCMF_VNDR_IE_ASSOCREQ_FLAG,
2060 sme->ie, sme->ie_len);
2062 bphy_err(drvr, "Set Assoc REQ IE Failed\n");
2064 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc request\n");
2066 set_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2070 ieee80211_frequency_to_channel(chan->center_freq);
2071 chanspec = channel_to_chanspec(&cfg->d11inf, chan);
2072 brcmf_dbg(CONN, "channel=%d, center_req=%d, chanspec=0x%04x\n",
2073 cfg->channel, chan->center_freq, chanspec);
2079 brcmf_dbg(INFO, "ie (%p), ie_len (%zd)\n", sme->ie, sme->ie_len);
2081 err = brcmf_set_wpa_version(ndev, sme);
2083 bphy_err(drvr, "wl_set_wpa_version failed (%d)\n", err);
2087 sme->auth_type = brcmf_war_auth_type(ifp, sme->auth_type);
2088 err = brcmf_set_auth_type(ndev, sme);
2090 bphy_err(drvr, "wl_set_auth_type failed (%d)\n", err);
2094 err = brcmf_set_wsec_mode(ndev, sme);
2096 bphy_err(drvr, "wl_set_set_cipher failed (%d)\n", err);
2100 err = brcmf_set_key_mgmt(ndev, sme);
2102 bphy_err(drvr, "wl_set_key_mgmt failed (%d)\n", err);
2106 err = brcmf_set_sharedkey(ndev, sme);
2108 bphy_err(drvr, "brcmf_set_sharedkey failed (%d)\n", err);
2112 if (sme->crypto.psk &&
2113 profile->use_fwsup != BRCMF_PROFILE_FWSUP_SAE) {
2114 if (WARN_ON(profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE)) {
2118 brcmf_dbg(INFO, "using PSK offload\n");
2119 profile->use_fwsup = BRCMF_PROFILE_FWSUP_PSK;
2122 if (profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
2123 /* enable firmware supplicant for this interface */
2124 err = brcmf_fil_iovar_int_set(ifp, "sup_wpa", 1);
2126 bphy_err(drvr, "failed to enable fw supplicant\n");
2131 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_PSK)
2132 err = brcmf_set_pmk(ifp, sme->crypto.psk,
2133 BRCMF_WSEC_MAX_PSK_LEN);
2134 else if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_SAE) {
2135 /* clean up user-space RSNE */
2136 if (brcmf_fil_iovar_data_set(ifp, "wpaie", NULL, 0)) {
2137 bphy_err(drvr, "failed to clean up user-space RSNE\n");
2140 err = brcmf_set_sae_password(ifp, sme->crypto.sae_pwd,
2141 sme->crypto.sae_pwd_len);
2142 if (!err && sme->crypto.psk)
2143 err = brcmf_set_pmk(ifp, sme->crypto.psk,
2144 BRCMF_WSEC_MAX_PSK_LEN);
2149 /* Join with specific BSSID and cached SSID
2150 * If SSID is zero join based on BSSID only
2152 join_params_size = offsetof(struct brcmf_ext_join_params_le, assoc_le) +
2153 offsetof(struct brcmf_assoc_params_le, chanspec_list);
2155 join_params_size += sizeof(u16);
2156 ext_join_params = kzalloc(join_params_size, GFP_KERNEL);
2157 if (ext_join_params == NULL) {
2161 ssid_len = min_t(u32, sme->ssid_len, IEEE80211_MAX_SSID_LEN);
2162 ext_join_params->ssid_le.SSID_len = cpu_to_le32(ssid_len);
2163 memcpy(&ext_join_params->ssid_le.SSID, sme->ssid, ssid_len);
2164 if (ssid_len < IEEE80211_MAX_SSID_LEN)
2165 brcmf_dbg(CONN, "SSID \"%s\", len (%d)\n",
2166 ext_join_params->ssid_le.SSID, ssid_len);
2168 /* Set up join scan parameters */
2169 ext_join_params->scan_le.scan_type = -1;
2170 ext_join_params->scan_le.home_time = cpu_to_le32(-1);
2173 memcpy(&ext_join_params->assoc_le.bssid, sme->bssid, ETH_ALEN);
2175 eth_broadcast_addr(ext_join_params->assoc_le.bssid);
2178 ext_join_params->assoc_le.chanspec_num = cpu_to_le32(1);
2180 ext_join_params->assoc_le.chanspec_list[0] =
2181 cpu_to_le16(chanspec);
2182 /* Increase dwell time to receive probe response or detect
2183 * beacon from target AP at a noisy air only during connect
2186 ext_join_params->scan_le.active_time =
2187 cpu_to_le32(BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS);
2188 ext_join_params->scan_le.passive_time =
2189 cpu_to_le32(BRCMF_SCAN_JOIN_PASSIVE_DWELL_TIME_MS);
2190 /* To sync with presence period of VSDB GO send probe request
2191 * more frequently. Probe request will be stopped when it gets
2192 * probe response from target AP/GO.
2194 ext_join_params->scan_le.nprobes =
2195 cpu_to_le32(BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS /
2196 BRCMF_SCAN_JOIN_PROBE_INTERVAL_MS);
2198 ext_join_params->scan_le.active_time = cpu_to_le32(-1);
2199 ext_join_params->scan_le.passive_time = cpu_to_le32(-1);
2200 ext_join_params->scan_le.nprobes = cpu_to_le32(-1);
2203 brcmf_set_join_pref(ifp, &sme->bss_select);
2205 err = brcmf_fil_bsscfg_data_set(ifp, "join", ext_join_params,
2207 kfree(ext_join_params);
2209 /* This is it. join command worked, we are done */
2212 /* join command failed, fallback to set ssid */
2213 memset(&join_params, 0, sizeof(join_params));
2214 join_params_size = sizeof(join_params.ssid_le);
2216 memcpy(&join_params.ssid_le.SSID, sme->ssid, ssid_len);
2217 join_params.ssid_le.SSID_len = cpu_to_le32(ssid_len);
2220 memcpy(join_params.params_le.bssid, sme->bssid, ETH_ALEN);
2222 eth_broadcast_addr(join_params.params_le.bssid);
2225 join_params.params_le.chanspec_list[0] = cpu_to_le16(chanspec);
2226 join_params.params_le.chanspec_num = cpu_to_le32(1);
2227 join_params_size += sizeof(join_params.params_le);
2229 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
2230 &join_params, join_params_size);
2232 bphy_err(drvr, "BRCMF_C_SET_SSID failed (%d)\n", err);
2236 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2237 brcmf_dbg(TRACE, "Exit\n");
2242 brcmf_cfg80211_disconnect(struct wiphy *wiphy, struct net_device *ndev,
2245 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2246 struct brcmf_if *ifp = netdev_priv(ndev);
2247 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2248 struct brcmf_pub *drvr = cfg->pub;
2249 struct brcmf_scb_val_le scbval;
2252 brcmf_dbg(TRACE, "Enter. Reason code = %d\n", reason_code);
2253 if (!check_vif_up(ifp->vif))
2256 clear_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state);
2257 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2258 cfg80211_disconnected(ndev, reason_code, NULL, 0, true, GFP_KERNEL);
2260 memcpy(&scbval.ea, &profile->bssid, ETH_ALEN);
2261 scbval.val = cpu_to_le32(reason_code);
2262 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_DISASSOC,
2263 &scbval, sizeof(scbval));
2265 bphy_err(drvr, "error (%d)\n", err);
2267 brcmf_dbg(TRACE, "Exit\n");
2272 brcmf_cfg80211_set_tx_power(struct wiphy *wiphy, struct wireless_dev *wdev,
2273 enum nl80211_tx_power_setting type, s32 mbm)
2275 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2276 struct net_device *ndev = cfg_to_ndev(cfg);
2277 struct brcmf_if *ifp = netdev_priv(ndev);
2278 struct brcmf_pub *drvr = cfg->pub;
2283 brcmf_dbg(TRACE, "Enter %d %d\n", type, mbm);
2284 if (!check_vif_up(ifp->vif))
2288 case NL80211_TX_POWER_AUTOMATIC:
2290 case NL80211_TX_POWER_LIMITED:
2291 case NL80211_TX_POWER_FIXED:
2293 bphy_err(drvr, "TX_POWER_FIXED - dbm is negative\n");
2297 qdbm = MBM_TO_DBM(4 * mbm);
2300 qdbm |= WL_TXPWR_OVERRIDE;
2303 bphy_err(drvr, "Unsupported type %d\n", type);
2307 /* Make sure radio is off or on as far as software is concerned */
2308 disable = WL_RADIO_SW_DISABLE << 16;
2309 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_RADIO, disable);
2311 bphy_err(drvr, "WLC_SET_RADIO error (%d)\n", err);
2313 err = brcmf_fil_iovar_int_set(ifp, "qtxpower", qdbm);
2315 bphy_err(drvr, "qtxpower error (%d)\n", err);
2318 brcmf_dbg(TRACE, "Exit %d (qdbm)\n", qdbm & ~WL_TXPWR_OVERRIDE);
2323 brcmf_cfg80211_get_tx_power(struct wiphy *wiphy, struct wireless_dev *wdev,
2326 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2327 struct brcmf_cfg80211_vif *vif = wdev_to_vif(wdev);
2328 struct brcmf_pub *drvr = cfg->pub;
2332 brcmf_dbg(TRACE, "Enter\n");
2333 if (!check_vif_up(vif))
2336 err = brcmf_fil_iovar_int_get(vif->ifp, "qtxpower", &qdbm);
2338 bphy_err(drvr, "error (%d)\n", err);
2341 *dbm = (qdbm & ~WL_TXPWR_OVERRIDE) / 4;
2344 brcmf_dbg(TRACE, "Exit (0x%x %d)\n", qdbm, *dbm);
2349 brcmf_cfg80211_config_default_key(struct wiphy *wiphy, struct net_device *ndev,
2350 u8 key_idx, bool unicast, bool multicast)
2352 struct brcmf_if *ifp = netdev_priv(ndev);
2353 struct brcmf_pub *drvr = ifp->drvr;
2358 brcmf_dbg(TRACE, "Enter\n");
2359 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2360 if (!check_vif_up(ifp->vif))
2363 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2365 bphy_err(drvr, "WLC_GET_WSEC error (%d)\n", err);
2369 if (wsec & WEP_ENABLED) {
2370 /* Just select a new current key */
2372 err = brcmf_fil_cmd_int_set(ifp,
2373 BRCMF_C_SET_KEY_PRIMARY, index);
2375 bphy_err(drvr, "error (%d)\n", err);
2378 brcmf_dbg(TRACE, "Exit\n");
2383 brcmf_cfg80211_del_key(struct wiphy *wiphy, struct net_device *ndev,
2384 u8 key_idx, bool pairwise, const u8 *mac_addr)
2386 struct brcmf_if *ifp = netdev_priv(ndev);
2387 struct brcmf_wsec_key *key;
2390 brcmf_dbg(TRACE, "Enter\n");
2391 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2393 if (!check_vif_up(ifp->vif))
2396 if (key_idx >= BRCMF_MAX_DEFAULT_KEYS) {
2397 /* we ignore this key index in this case */
2401 key = &ifp->vif->profile.key[key_idx];
2403 if (key->algo == CRYPTO_ALGO_OFF) {
2404 brcmf_dbg(CONN, "Ignore clearing of (never configured) key\n");
2408 memset(key, 0, sizeof(*key));
2409 key->index = (u32)key_idx;
2410 key->flags = BRCMF_PRIMARY_KEY;
2412 /* Clear the key/index */
2413 err = send_key_to_dongle(ifp, key);
2415 brcmf_dbg(TRACE, "Exit\n");
2420 brcmf_cfg80211_add_key(struct wiphy *wiphy, struct net_device *ndev,
2421 u8 key_idx, bool pairwise, const u8 *mac_addr,
2422 struct key_params *params)
2424 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2425 struct brcmf_if *ifp = netdev_priv(ndev);
2426 struct brcmf_pub *drvr = cfg->pub;
2427 struct brcmf_wsec_key *key;
2434 brcmf_dbg(TRACE, "Enter\n");
2435 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2436 if (!check_vif_up(ifp->vif))
2439 if (key_idx >= BRCMF_MAX_DEFAULT_KEYS) {
2440 /* we ignore this key index in this case */
2441 bphy_err(drvr, "invalid key index (%d)\n", key_idx);
2445 if (params->key_len == 0)
2446 return brcmf_cfg80211_del_key(wiphy, ndev, key_idx, pairwise,
2449 if (params->key_len > sizeof(key->data)) {
2450 bphy_err(drvr, "Too long key length (%u)\n", params->key_len);
2455 if (mac_addr && (params->cipher != WLAN_CIPHER_SUITE_WEP40) &&
2456 (params->cipher != WLAN_CIPHER_SUITE_WEP104)) {
2457 brcmf_dbg(TRACE, "Ext key, mac %pM", mac_addr);
2461 key = &ifp->vif->profile.key[key_idx];
2462 memset(key, 0, sizeof(*key));
2463 if ((ext_key) && (!is_multicast_ether_addr(mac_addr)))
2464 memcpy((char *)&key->ea, (void *)mac_addr, ETH_ALEN);
2465 key->len = params->key_len;
2466 key->index = key_idx;
2467 memcpy(key->data, params->key, key->len);
2469 key->flags = BRCMF_PRIMARY_KEY;
2471 if (params->seq && params->seq_len == 6) {
2475 ivptr = (u8 *)params->seq;
2476 key->rxiv.hi = (ivptr[5] << 24) | (ivptr[4] << 16) |
2477 (ivptr[3] << 8) | ivptr[2];
2478 key->rxiv.lo = (ivptr[1] << 8) | ivptr[0];
2479 key->iv_initialized = true;
2482 switch (params->cipher) {
2483 case WLAN_CIPHER_SUITE_WEP40:
2484 key->algo = CRYPTO_ALGO_WEP1;
2486 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP40\n");
2488 case WLAN_CIPHER_SUITE_WEP104:
2489 key->algo = CRYPTO_ALGO_WEP128;
2491 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP104\n");
2493 case WLAN_CIPHER_SUITE_TKIP:
2494 if (!brcmf_is_apmode(ifp->vif)) {
2495 brcmf_dbg(CONN, "Swapping RX/TX MIC key\n");
2496 memcpy(keybuf, &key->data[24], sizeof(keybuf));
2497 memcpy(&key->data[24], &key->data[16], sizeof(keybuf));
2498 memcpy(&key->data[16], keybuf, sizeof(keybuf));
2500 key->algo = CRYPTO_ALGO_TKIP;
2502 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_TKIP\n");
2504 case WLAN_CIPHER_SUITE_AES_CMAC:
2505 key->algo = CRYPTO_ALGO_AES_CCM;
2507 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_AES_CMAC\n");
2509 case WLAN_CIPHER_SUITE_CCMP:
2510 key->algo = CRYPTO_ALGO_AES_CCM;
2512 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_CCMP\n");
2515 bphy_err(drvr, "Invalid cipher (0x%x)\n", params->cipher);
2520 err = send_key_to_dongle(ifp, key);
2524 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2526 bphy_err(drvr, "get wsec error (%d)\n", err);
2530 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
2532 bphy_err(drvr, "set wsec error (%d)\n", err);
2537 brcmf_dbg(TRACE, "Exit\n");
2542 brcmf_cfg80211_get_key(struct wiphy *wiphy, struct net_device *ndev, u8 key_idx,
2543 bool pairwise, const u8 *mac_addr, void *cookie,
2544 void (*callback)(void *cookie,
2545 struct key_params *params))
2547 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2548 struct key_params params;
2549 struct brcmf_if *ifp = netdev_priv(ndev);
2550 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2551 struct brcmf_pub *drvr = cfg->pub;
2552 struct brcmf_cfg80211_security *sec;
2556 brcmf_dbg(TRACE, "Enter\n");
2557 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2558 if (!check_vif_up(ifp->vif))
2561 memset(¶ms, 0, sizeof(params));
2563 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2565 bphy_err(drvr, "WLC_GET_WSEC error (%d)\n", err);
2566 /* Ignore this error, may happen during DISASSOC */
2570 if (wsec & WEP_ENABLED) {
2571 sec = &profile->sec;
2572 if (sec->cipher_pairwise & WLAN_CIPHER_SUITE_WEP40) {
2573 params.cipher = WLAN_CIPHER_SUITE_WEP40;
2574 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP40\n");
2575 } else if (sec->cipher_pairwise & WLAN_CIPHER_SUITE_WEP104) {
2576 params.cipher = WLAN_CIPHER_SUITE_WEP104;
2577 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP104\n");
2579 } else if (wsec & TKIP_ENABLED) {
2580 params.cipher = WLAN_CIPHER_SUITE_TKIP;
2581 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_TKIP\n");
2582 } else if (wsec & AES_ENABLED) {
2583 params.cipher = WLAN_CIPHER_SUITE_AES_CMAC;
2584 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_AES_CMAC\n");
2586 bphy_err(drvr, "Invalid algo (0x%x)\n", wsec);
2590 callback(cookie, ¶ms);
2593 brcmf_dbg(TRACE, "Exit\n");
2598 brcmf_cfg80211_config_default_mgmt_key(struct wiphy *wiphy,
2599 struct net_device *ndev, u8 key_idx)
2601 struct brcmf_if *ifp = netdev_priv(ndev);
2603 brcmf_dbg(TRACE, "Enter key_idx %d\n", key_idx);
2605 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
2608 brcmf_dbg(INFO, "Not supported\n");
2614 brcmf_cfg80211_reconfigure_wep(struct brcmf_if *ifp)
2616 struct brcmf_pub *drvr = ifp->drvr;
2619 struct brcmf_wsec_key *key;
2622 for (key_idx = 0; key_idx < BRCMF_MAX_DEFAULT_KEYS; key_idx++) {
2623 key = &ifp->vif->profile.key[key_idx];
2624 if ((key->algo == CRYPTO_ALGO_WEP1) ||
2625 (key->algo == CRYPTO_ALGO_WEP128))
2628 if (key_idx == BRCMF_MAX_DEFAULT_KEYS)
2631 err = send_key_to_dongle(ifp, key);
2633 bphy_err(drvr, "Setting WEP key failed (%d)\n", err);
2636 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2638 bphy_err(drvr, "get wsec error (%d)\n", err);
2641 wsec |= WEP_ENABLED;
2642 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
2644 bphy_err(drvr, "set wsec error (%d)\n", err);
2647 static void brcmf_convert_sta_flags(u32 fw_sta_flags, struct station_info *si)
2649 struct nl80211_sta_flag_update *sfu;
2651 brcmf_dbg(TRACE, "flags %08x\n", fw_sta_flags);
2652 si->filled |= BIT_ULL(NL80211_STA_INFO_STA_FLAGS);
2653 sfu = &si->sta_flags;
2654 sfu->mask = BIT(NL80211_STA_FLAG_WME) |
2655 BIT(NL80211_STA_FLAG_AUTHENTICATED) |
2656 BIT(NL80211_STA_FLAG_ASSOCIATED) |
2657 BIT(NL80211_STA_FLAG_AUTHORIZED);
2658 if (fw_sta_flags & BRCMF_STA_WME)
2659 sfu->set |= BIT(NL80211_STA_FLAG_WME);
2660 if (fw_sta_flags & BRCMF_STA_AUTHE)
2661 sfu->set |= BIT(NL80211_STA_FLAG_AUTHENTICATED);
2662 if (fw_sta_flags & BRCMF_STA_ASSOC)
2663 sfu->set |= BIT(NL80211_STA_FLAG_ASSOCIATED);
2664 if (fw_sta_flags & BRCMF_STA_AUTHO)
2665 sfu->set |= BIT(NL80211_STA_FLAG_AUTHORIZED);
2668 static void brcmf_fill_bss_param(struct brcmf_if *ifp, struct station_info *si)
2670 struct brcmf_pub *drvr = ifp->drvr;
2673 struct brcmf_bss_info_le bss_le;
2678 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
2682 buf->len = cpu_to_le32(WL_BSS_INFO_MAX);
2683 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO, buf,
2686 bphy_err(drvr, "Failed to get bss info (%d)\n", err);
2689 si->filled |= BIT_ULL(NL80211_STA_INFO_BSS_PARAM);
2690 si->bss_param.beacon_interval = le16_to_cpu(buf->bss_le.beacon_period);
2691 si->bss_param.dtim_period = buf->bss_le.dtim_period;
2692 capability = le16_to_cpu(buf->bss_le.capability);
2693 if (capability & IEEE80211_HT_STBC_PARAM_DUAL_CTS_PROT)
2694 si->bss_param.flags |= BSS_PARAM_FLAGS_CTS_PROT;
2695 if (capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
2696 si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_PREAMBLE;
2697 if (capability & WLAN_CAPABILITY_SHORT_SLOT_TIME)
2698 si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_SLOT_TIME;
2705 brcmf_cfg80211_get_station_ibss(struct brcmf_if *ifp,
2706 struct station_info *sinfo)
2708 struct brcmf_pub *drvr = ifp->drvr;
2709 struct brcmf_scb_val_le scbval;
2710 struct brcmf_pktcnt_le pktcnt;
2715 /* Get the current tx rate */
2716 err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_RATE, &rate);
2718 bphy_err(drvr, "BRCMF_C_GET_RATE error (%d)\n", err);
2721 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
2722 sinfo->txrate.legacy = rate * 5;
2724 memset(&scbval, 0, sizeof(scbval));
2725 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_RSSI, &scbval,
2728 bphy_err(drvr, "BRCMF_C_GET_RSSI error (%d)\n", err);
2731 rssi = le32_to_cpu(scbval.val);
2732 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
2733 sinfo->signal = rssi;
2735 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_GET_PKTCNTS, &pktcnt,
2738 bphy_err(drvr, "BRCMF_C_GET_GET_PKTCNTS error (%d)\n", err);
2741 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_PACKETS) |
2742 BIT_ULL(NL80211_STA_INFO_RX_DROP_MISC) |
2743 BIT_ULL(NL80211_STA_INFO_TX_PACKETS) |
2744 BIT_ULL(NL80211_STA_INFO_TX_FAILED);
2745 sinfo->rx_packets = le32_to_cpu(pktcnt.rx_good_pkt);
2746 sinfo->rx_dropped_misc = le32_to_cpu(pktcnt.rx_bad_pkt);
2747 sinfo->tx_packets = le32_to_cpu(pktcnt.tx_good_pkt);
2748 sinfo->tx_failed = le32_to_cpu(pktcnt.tx_bad_pkt);
2754 brcmf_cfg80211_get_station(struct wiphy *wiphy, struct net_device *ndev,
2755 const u8 *mac, struct station_info *sinfo)
2757 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2758 struct brcmf_if *ifp = netdev_priv(ndev);
2759 struct brcmf_pub *drvr = cfg->pub;
2760 struct brcmf_scb_val_le scb_val;
2762 struct brcmf_sta_info_le sta_info_le;
2770 brcmf_dbg(TRACE, "Enter, MAC %pM\n", mac);
2771 if (!check_vif_up(ifp->vif))
2774 if (brcmf_is_ibssmode(ifp->vif))
2775 return brcmf_cfg80211_get_station_ibss(ifp, sinfo);
2777 memset(&sta_info_le, 0, sizeof(sta_info_le));
2778 memcpy(&sta_info_le, mac, ETH_ALEN);
2779 err = brcmf_fil_iovar_data_get(ifp, "tdls_sta_info",
2781 sizeof(sta_info_le));
2782 is_tdls_peer = !err;
2784 err = brcmf_fil_iovar_data_get(ifp, "sta_info",
2786 sizeof(sta_info_le));
2788 bphy_err(drvr, "GET STA INFO failed, %d\n", err);
2792 brcmf_dbg(TRACE, "version %d\n", le16_to_cpu(sta_info_le.ver));
2793 sinfo->filled = BIT_ULL(NL80211_STA_INFO_INACTIVE_TIME);
2794 sinfo->inactive_time = le32_to_cpu(sta_info_le.idle) * 1000;
2795 sta_flags = le32_to_cpu(sta_info_le.flags);
2796 brcmf_convert_sta_flags(sta_flags, sinfo);
2797 sinfo->sta_flags.mask |= BIT(NL80211_STA_FLAG_TDLS_PEER);
2799 sinfo->sta_flags.set |= BIT(NL80211_STA_FLAG_TDLS_PEER);
2801 sinfo->sta_flags.set &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
2802 if (sta_flags & BRCMF_STA_ASSOC) {
2803 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_CONNECTED_TIME);
2804 sinfo->connected_time = le32_to_cpu(sta_info_le.in);
2805 brcmf_fill_bss_param(ifp, sinfo);
2807 if (sta_flags & BRCMF_STA_SCBSTATS) {
2808 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_FAILED);
2809 sinfo->tx_failed = le32_to_cpu(sta_info_le.tx_failures);
2810 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_PACKETS);
2811 sinfo->tx_packets = le32_to_cpu(sta_info_le.tx_pkts);
2812 sinfo->tx_packets += le32_to_cpu(sta_info_le.tx_mcast_pkts);
2813 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_PACKETS);
2814 sinfo->rx_packets = le32_to_cpu(sta_info_le.rx_ucast_pkts);
2815 sinfo->rx_packets += le32_to_cpu(sta_info_le.rx_mcast_pkts);
2816 if (sinfo->tx_packets) {
2817 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
2818 sinfo->txrate.legacy =
2819 le32_to_cpu(sta_info_le.tx_rate) / 100;
2821 if (sinfo->rx_packets) {
2822 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BITRATE);
2823 sinfo->rxrate.legacy =
2824 le32_to_cpu(sta_info_le.rx_rate) / 100;
2826 if (le16_to_cpu(sta_info_le.ver) >= 4) {
2827 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BYTES);
2828 sinfo->tx_bytes = le64_to_cpu(sta_info_le.tx_tot_bytes);
2829 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BYTES);
2830 sinfo->rx_bytes = le64_to_cpu(sta_info_le.rx_tot_bytes);
2834 for (i = 0; i < BRCMF_ANT_MAX; i++) {
2835 if (sta_info_le.rssi[i]) {
2836 sinfo->chain_signal_avg[count_rssi] =
2837 sta_info_le.rssi[i];
2838 sinfo->chain_signal[count_rssi] =
2839 sta_info_le.rssi[i];
2840 total_rssi += sta_info_le.rssi[i];
2845 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL);
2846 sinfo->chains = count_rssi;
2848 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
2849 total_rssi /= count_rssi;
2850 sinfo->signal = total_rssi;
2851 } else if (test_bit(BRCMF_VIF_STATUS_CONNECTED,
2852 &ifp->vif->sme_state)) {
2853 memset(&scb_val, 0, sizeof(scb_val));
2854 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_RSSI,
2855 &scb_val, sizeof(scb_val));
2857 bphy_err(drvr, "Could not get rssi (%d)\n",
2861 rssi = le32_to_cpu(scb_val.val);
2862 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
2863 sinfo->signal = rssi;
2864 brcmf_dbg(CONN, "RSSI %d dBm\n", rssi);
2869 brcmf_dbg(TRACE, "Exit\n");
2874 brcmf_cfg80211_dump_station(struct wiphy *wiphy, struct net_device *ndev,
2875 int idx, u8 *mac, struct station_info *sinfo)
2877 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2878 struct brcmf_if *ifp = netdev_priv(ndev);
2879 struct brcmf_pub *drvr = cfg->pub;
2882 brcmf_dbg(TRACE, "Enter, idx %d\n", idx);
2885 cfg->assoclist.count = cpu_to_le32(BRCMF_MAX_ASSOCLIST);
2886 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_ASSOCLIST,
2888 sizeof(cfg->assoclist));
2890 bphy_err(drvr, "BRCMF_C_GET_ASSOCLIST unsupported, err=%d\n",
2892 cfg->assoclist.count = 0;
2896 if (idx < le32_to_cpu(cfg->assoclist.count)) {
2897 memcpy(mac, cfg->assoclist.mac[idx], ETH_ALEN);
2898 return brcmf_cfg80211_get_station(wiphy, ndev, mac, sinfo);
2904 brcmf_cfg80211_set_power_mgmt(struct wiphy *wiphy, struct net_device *ndev,
2905 bool enabled, s32 timeout)
2909 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2910 struct brcmf_if *ifp = netdev_priv(ndev);
2911 struct brcmf_pub *drvr = cfg->pub;
2913 brcmf_dbg(TRACE, "Enter\n");
2916 * Powersave enable/disable request is coming from the
2917 * cfg80211 even before the interface is up. In that
2918 * scenario, driver will be storing the power save
2919 * preference in cfg struct to apply this to
2920 * FW later while initializing the dongle
2922 cfg->pwr_save = enabled;
2923 if (!check_vif_up(ifp->vif)) {
2925 brcmf_dbg(INFO, "Device is not ready, storing the value in cfg_info struct\n");
2929 pm = enabled ? PM_FAST : PM_OFF;
2930 /* Do not enable the power save after assoc if it is a p2p interface */
2931 if (ifp->vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT) {
2932 brcmf_dbg(INFO, "Do not enable power save for P2P clients\n");
2935 brcmf_dbg(INFO, "power save %s\n", (pm ? "enabled" : "disabled"));
2937 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, pm);
2940 bphy_err(drvr, "net_device is not ready yet\n");
2942 bphy_err(drvr, "error (%d)\n", err);
2945 brcmf_dbg(TRACE, "Exit\n");
2949 static s32 brcmf_inform_single_bss(struct brcmf_cfg80211_info *cfg,
2950 struct brcmf_bss_info_le *bi)
2952 struct wiphy *wiphy = cfg_to_wiphy(cfg);
2953 struct brcmf_pub *drvr = cfg->pub;
2954 struct cfg80211_bss *bss;
2955 enum nl80211_band band;
2956 struct brcmu_chan ch;
2959 u16 notify_capability;
2960 u16 notify_interval;
2962 size_t notify_ielen;
2963 struct cfg80211_inform_bss bss_data = {};
2965 if (le32_to_cpu(bi->length) > WL_BSS_INFO_MAX) {
2966 bphy_err(drvr, "Bss info is larger than buffer. Discarding\n");
2971 ch.chspec = le16_to_cpu(bi->chanspec);
2972 cfg->d11inf.decchspec(&ch);
2973 bi->ctl_ch = ch.control_ch_num;
2975 channel = bi->ctl_ch;
2977 if (channel <= CH_MAX_2G_CHANNEL)
2978 band = NL80211_BAND_2GHZ;
2980 band = NL80211_BAND_5GHZ;
2982 freq = ieee80211_channel_to_frequency(channel, band);
2983 bss_data.chan = ieee80211_get_channel(wiphy, freq);
2984 bss_data.scan_width = NL80211_BSS_CHAN_WIDTH_20;
2985 bss_data.boottime_ns = ktime_to_ns(ktime_get_boottime());
2987 notify_capability = le16_to_cpu(bi->capability);
2988 notify_interval = le16_to_cpu(bi->beacon_period);
2989 notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset);
2990 notify_ielen = le32_to_cpu(bi->ie_length);
2991 bss_data.signal = (s16)le16_to_cpu(bi->RSSI) * 100;
2993 brcmf_dbg(CONN, "bssid: %pM\n", bi->BSSID);
2994 brcmf_dbg(CONN, "Channel: %d(%d)\n", channel, freq);
2995 brcmf_dbg(CONN, "Capability: %X\n", notify_capability);
2996 brcmf_dbg(CONN, "Beacon interval: %d\n", notify_interval);
2997 brcmf_dbg(CONN, "Signal: %d\n", bss_data.signal);
2999 bss = cfg80211_inform_bss_data(wiphy, &bss_data,
3000 CFG80211_BSS_FTYPE_UNKNOWN,
3001 (const u8 *)bi->BSSID,
3002 0, notify_capability,
3003 notify_interval, notify_ie,
3004 notify_ielen, GFP_KERNEL);
3009 cfg80211_put_bss(wiphy, bss);
3014 static struct brcmf_bss_info_le *
3015 next_bss_le(struct brcmf_scan_results *list, struct brcmf_bss_info_le *bss)
3018 return list->bss_info_le;
3019 return (struct brcmf_bss_info_le *)((unsigned long)bss +
3020 le32_to_cpu(bss->length));
3023 static s32 brcmf_inform_bss(struct brcmf_cfg80211_info *cfg)
3025 struct brcmf_pub *drvr = cfg->pub;
3026 struct brcmf_scan_results *bss_list;
3027 struct brcmf_bss_info_le *bi = NULL; /* must be initialized */
3031 bss_list = (struct brcmf_scan_results *)cfg->escan_info.escan_buf;
3032 if (bss_list->count != 0 &&
3033 bss_list->version != BRCMF_BSS_INFO_VERSION) {
3034 bphy_err(drvr, "Version %d != WL_BSS_INFO_VERSION\n",
3038 brcmf_dbg(SCAN, "scanned AP count (%d)\n", bss_list->count);
3039 for (i = 0; i < bss_list->count; i++) {
3040 bi = next_bss_le(bss_list, bi);
3041 err = brcmf_inform_single_bss(cfg, bi);
3048 static s32 brcmf_inform_ibss(struct brcmf_cfg80211_info *cfg,
3049 struct net_device *ndev, const u8 *bssid)
3051 struct wiphy *wiphy = cfg_to_wiphy(cfg);
3052 struct brcmf_pub *drvr = cfg->pub;
3053 struct ieee80211_channel *notify_channel;
3054 struct brcmf_bss_info_le *bi = NULL;
3055 struct ieee80211_supported_band *band;
3056 struct cfg80211_bss *bss;
3057 struct brcmu_chan ch;
3061 u16 notify_capability;
3062 u16 notify_interval;
3064 size_t notify_ielen;
3067 brcmf_dbg(TRACE, "Enter\n");
3069 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
3075 *(__le32 *)buf = cpu_to_le32(WL_BSS_INFO_MAX);
3077 err = brcmf_fil_cmd_data_get(netdev_priv(ndev), BRCMF_C_GET_BSS_INFO,
3078 buf, WL_BSS_INFO_MAX);
3080 bphy_err(drvr, "WLC_GET_BSS_INFO failed: %d\n", err);
3084 bi = (struct brcmf_bss_info_le *)(buf + 4);
3086 ch.chspec = le16_to_cpu(bi->chanspec);
3087 cfg->d11inf.decchspec(&ch);
3089 if (ch.band == BRCMU_CHAN_BAND_2G)
3090 band = wiphy->bands[NL80211_BAND_2GHZ];
3092 band = wiphy->bands[NL80211_BAND_5GHZ];
3094 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band->band);
3095 cfg->channel = freq;
3096 notify_channel = ieee80211_get_channel(wiphy, freq);
3098 notify_capability = le16_to_cpu(bi->capability);
3099 notify_interval = le16_to_cpu(bi->beacon_period);
3100 notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset);
3101 notify_ielen = le32_to_cpu(bi->ie_length);
3102 notify_signal = (s16)le16_to_cpu(bi->RSSI) * 100;
3104 brcmf_dbg(CONN, "channel: %d(%d)\n", ch.control_ch_num, freq);
3105 brcmf_dbg(CONN, "capability: %X\n", notify_capability);
3106 brcmf_dbg(CONN, "beacon interval: %d\n", notify_interval);
3107 brcmf_dbg(CONN, "signal: %d\n", notify_signal);
3109 bss = cfg80211_inform_bss(wiphy, notify_channel,
3110 CFG80211_BSS_FTYPE_UNKNOWN, bssid, 0,
3111 notify_capability, notify_interval,
3112 notify_ie, notify_ielen, notify_signal,
3120 cfg80211_put_bss(wiphy, bss);
3126 brcmf_dbg(TRACE, "Exit\n");
3131 static s32 brcmf_update_bss_info(struct brcmf_cfg80211_info *cfg,
3132 struct brcmf_if *ifp)
3134 struct brcmf_pub *drvr = cfg->pub;
3135 struct brcmf_bss_info_le *bi;
3136 const struct brcmf_tlv *tim;
3141 brcmf_dbg(TRACE, "Enter\n");
3142 if (brcmf_is_ibssmode(ifp->vif))
3145 *(__le32 *)cfg->extra_buf = cpu_to_le32(WL_EXTRA_BUF_MAX);
3146 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO,
3147 cfg->extra_buf, WL_EXTRA_BUF_MAX);
3149 bphy_err(drvr, "Could not get bss info %d\n", err);
3150 goto update_bss_info_out;
3153 bi = (struct brcmf_bss_info_le *)(cfg->extra_buf + 4);
3154 err = brcmf_inform_single_bss(cfg, bi);
3156 goto update_bss_info_out;
3158 ie = ((u8 *)bi) + le16_to_cpu(bi->ie_offset);
3159 ie_len = le32_to_cpu(bi->ie_length);
3161 tim = brcmf_parse_tlvs(ie, ie_len, WLAN_EID_TIM);
3164 * active scan was done so we could not get dtim
3165 * information out of probe response.
3166 * so we speficially query dtim information to dongle.
3169 err = brcmf_fil_iovar_int_get(ifp, "dtim_assoc", &var);
3171 bphy_err(drvr, "wl dtim_assoc failed (%d)\n", err);
3172 goto update_bss_info_out;
3176 update_bss_info_out:
3177 brcmf_dbg(TRACE, "Exit");
3181 void brcmf_abort_scanning(struct brcmf_cfg80211_info *cfg)
3183 struct escan_info *escan = &cfg->escan_info;
3185 set_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status);
3186 if (cfg->int_escan_map || cfg->scan_request) {
3187 escan->escan_state = WL_ESCAN_STATE_IDLE;
3188 brcmf_notify_escan_complete(cfg, escan->ifp, true, true);
3190 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3191 clear_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status);
3194 static void brcmf_cfg80211_escan_timeout_worker(struct work_struct *work)
3196 struct brcmf_cfg80211_info *cfg =
3197 container_of(work, struct brcmf_cfg80211_info,
3198 escan_timeout_work);
3200 brcmf_inform_bss(cfg);
3201 brcmf_notify_escan_complete(cfg, cfg->escan_info.ifp, true, true);
3204 static void brcmf_escan_timeout(struct timer_list *t)
3206 struct brcmf_cfg80211_info *cfg =
3207 from_timer(cfg, t, escan_timeout);
3208 struct brcmf_pub *drvr = cfg->pub;
3210 if (cfg->int_escan_map || cfg->scan_request) {
3211 bphy_err(drvr, "timer expired\n");
3212 schedule_work(&cfg->escan_timeout_work);
3217 brcmf_compare_update_same_bss(struct brcmf_cfg80211_info *cfg,
3218 struct brcmf_bss_info_le *bss,
3219 struct brcmf_bss_info_le *bss_info_le)
3221 struct brcmu_chan ch_bss, ch_bss_info_le;
3223 ch_bss.chspec = le16_to_cpu(bss->chanspec);
3224 cfg->d11inf.decchspec(&ch_bss);
3225 ch_bss_info_le.chspec = le16_to_cpu(bss_info_le->chanspec);
3226 cfg->d11inf.decchspec(&ch_bss_info_le);
3228 if (!memcmp(&bss_info_le->BSSID, &bss->BSSID, ETH_ALEN) &&
3229 ch_bss.band == ch_bss_info_le.band &&
3230 bss_info_le->SSID_len == bss->SSID_len &&
3231 !memcmp(bss_info_le->SSID, bss->SSID, bss_info_le->SSID_len)) {
3232 if ((bss->flags & BRCMF_BSS_RSSI_ON_CHANNEL) ==
3233 (bss_info_le->flags & BRCMF_BSS_RSSI_ON_CHANNEL)) {
3234 s16 bss_rssi = le16_to_cpu(bss->RSSI);
3235 s16 bss_info_rssi = le16_to_cpu(bss_info_le->RSSI);
3237 /* preserve max RSSI if the measurements are
3238 * both on-channel or both off-channel
3240 if (bss_info_rssi > bss_rssi)
3241 bss->RSSI = bss_info_le->RSSI;
3242 } else if ((bss->flags & BRCMF_BSS_RSSI_ON_CHANNEL) &&
3243 (bss_info_le->flags & BRCMF_BSS_RSSI_ON_CHANNEL) == 0) {
3244 /* preserve the on-channel rssi measurement
3245 * if the new measurement is off channel
3247 bss->RSSI = bss_info_le->RSSI;
3248 bss->flags |= BRCMF_BSS_RSSI_ON_CHANNEL;
3256 brcmf_cfg80211_escan_handler(struct brcmf_if *ifp,
3257 const struct brcmf_event_msg *e, void *data)
3259 struct brcmf_pub *drvr = ifp->drvr;
3260 struct brcmf_cfg80211_info *cfg = drvr->config;
3262 struct brcmf_escan_result_le *escan_result_le;
3264 struct brcmf_bss_info_le *bss_info_le;
3265 struct brcmf_bss_info_le *bss = NULL;
3267 struct brcmf_scan_results *list;
3273 if (status == BRCMF_E_STATUS_ABORT)
3276 if (!test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
3277 bphy_err(drvr, "scan not ready, bsscfgidx=%d\n",
3282 if (status == BRCMF_E_STATUS_PARTIAL) {
3283 brcmf_dbg(SCAN, "ESCAN Partial result\n");
3284 if (e->datalen < sizeof(*escan_result_le)) {
3285 bphy_err(drvr, "invalid event data length\n");
3288 escan_result_le = (struct brcmf_escan_result_le *) data;
3289 if (!escan_result_le) {
3290 bphy_err(drvr, "Invalid escan result (NULL pointer)\n");
3293 escan_buflen = le32_to_cpu(escan_result_le->buflen);
3294 if (escan_buflen > BRCMF_ESCAN_BUF_SIZE ||
3295 escan_buflen > e->datalen ||
3296 escan_buflen < sizeof(*escan_result_le)) {
3297 bphy_err(drvr, "Invalid escan buffer length: %d\n",
3301 if (le16_to_cpu(escan_result_le->bss_count) != 1) {
3302 bphy_err(drvr, "Invalid bss_count %d: ignoring\n",
3303 escan_result_le->bss_count);
3306 bss_info_le = &escan_result_le->bss_info_le;
3308 if (brcmf_p2p_scan_finding_common_channel(cfg, bss_info_le))
3311 if (!cfg->int_escan_map && !cfg->scan_request) {
3312 brcmf_dbg(SCAN, "result without cfg80211 request\n");
3316 bi_length = le32_to_cpu(bss_info_le->length);
3317 if (bi_length != escan_buflen - WL_ESCAN_RESULTS_FIXED_SIZE) {
3318 bphy_err(drvr, "Ignoring invalid bss_info length: %d\n",
3323 if (!(cfg_to_wiphy(cfg)->interface_modes &
3324 BIT(NL80211_IFTYPE_ADHOC))) {
3325 if (le16_to_cpu(bss_info_le->capability) &
3326 WLAN_CAPABILITY_IBSS) {
3327 bphy_err(drvr, "Ignoring IBSS result\n");
3332 list = (struct brcmf_scan_results *)
3333 cfg->escan_info.escan_buf;
3334 if (bi_length > BRCMF_ESCAN_BUF_SIZE - list->buflen) {
3335 bphy_err(drvr, "Buffer is too small: ignoring\n");
3339 for (i = 0; i < list->count; i++) {
3340 bss = bss ? (struct brcmf_bss_info_le *)
3341 ((unsigned char *)bss +
3342 le32_to_cpu(bss->length)) : list->bss_info_le;
3343 if (brcmf_compare_update_same_bss(cfg, bss,
3347 memcpy(&cfg->escan_info.escan_buf[list->buflen], bss_info_le,
3349 list->version = le32_to_cpu(bss_info_le->version);
3350 list->buflen += bi_length;
3353 cfg->escan_info.escan_state = WL_ESCAN_STATE_IDLE;
3354 if (brcmf_p2p_scan_finding_common_channel(cfg, NULL))
3356 if (cfg->int_escan_map || cfg->scan_request) {
3357 brcmf_inform_bss(cfg);
3358 aborted = status != BRCMF_E_STATUS_SUCCESS;
3359 brcmf_notify_escan_complete(cfg, ifp, aborted, false);
3361 brcmf_dbg(SCAN, "Ignored scan complete result 0x%x\n",
3368 static void brcmf_init_escan(struct brcmf_cfg80211_info *cfg)
3370 brcmf_fweh_register(cfg->pub, BRCMF_E_ESCAN_RESULT,
3371 brcmf_cfg80211_escan_handler);
3372 cfg->escan_info.escan_state = WL_ESCAN_STATE_IDLE;
3373 /* Init scan_timeout timer */
3374 timer_setup(&cfg->escan_timeout, brcmf_escan_timeout, 0);
3375 INIT_WORK(&cfg->escan_timeout_work,
3376 brcmf_cfg80211_escan_timeout_worker);
3379 static struct cfg80211_scan_request *
3380 brcmf_alloc_internal_escan_request(struct wiphy *wiphy, u32 n_netinfo) {
3381 struct cfg80211_scan_request *req;
3384 req_size = sizeof(*req) +
3385 n_netinfo * sizeof(req->channels[0]) +
3386 n_netinfo * sizeof(*req->ssids);
3388 req = kzalloc(req_size, GFP_KERNEL);
3391 req->ssids = (void *)(&req->channels[0]) +
3392 n_netinfo * sizeof(req->channels[0]);
3397 static int brcmf_internal_escan_add_info(struct cfg80211_scan_request *req,
3398 u8 *ssid, u8 ssid_len, u8 channel)
3400 struct ieee80211_channel *chan;
3401 enum nl80211_band band;
3404 if (channel <= CH_MAX_2G_CHANNEL)
3405 band = NL80211_BAND_2GHZ;
3407 band = NL80211_BAND_5GHZ;
3409 freq = ieee80211_channel_to_frequency(channel, band);
3413 chan = ieee80211_get_channel(req->wiphy, freq);
3417 for (i = 0; i < req->n_channels; i++) {
3418 if (req->channels[i] == chan)
3421 if (i == req->n_channels)
3422 req->channels[req->n_channels++] = chan;
3424 for (i = 0; i < req->n_ssids; i++) {
3425 if (req->ssids[i].ssid_len == ssid_len &&
3426 !memcmp(req->ssids[i].ssid, ssid, ssid_len))
3429 if (i == req->n_ssids) {
3430 memcpy(req->ssids[req->n_ssids].ssid, ssid, ssid_len);
3431 req->ssids[req->n_ssids++].ssid_len = ssid_len;
3436 static int brcmf_start_internal_escan(struct brcmf_if *ifp, u32 fwmap,
3437 struct cfg80211_scan_request *request)
3439 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
3442 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
3443 if (cfg->int_escan_map)
3444 brcmf_dbg(SCAN, "aborting internal scan: map=%u\n",
3445 cfg->int_escan_map);
3446 /* Abort any on-going scan */
3447 brcmf_abort_scanning(cfg);
3450 brcmf_dbg(SCAN, "start internal scan: map=%u\n", fwmap);
3451 set_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3452 cfg->escan_info.run = brcmf_run_escan;
3453 err = brcmf_do_escan(ifp, request);
3455 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3458 cfg->int_escan_map = fwmap;
3462 static struct brcmf_pno_net_info_le *
3463 brcmf_get_netinfo_array(struct brcmf_pno_scanresults_le *pfn_v1)
3465 struct brcmf_pno_scanresults_v2_le *pfn_v2;
3466 struct brcmf_pno_net_info_le *netinfo;
3468 switch (pfn_v1->version) {
3472 case cpu_to_le32(1):
3473 netinfo = (struct brcmf_pno_net_info_le *)(pfn_v1 + 1);
3475 case cpu_to_le32(2):
3476 pfn_v2 = (struct brcmf_pno_scanresults_v2_le *)pfn_v1;
3477 netinfo = (struct brcmf_pno_net_info_le *)(pfn_v2 + 1);
3484 /* PFN result doesn't have all the info which are required by the supplicant
3485 * (For e.g IEs) Do a target Escan so that sched scan results are reported
3486 * via wl_inform_single_bss in the required format. Escan does require the
3487 * scan request in the form of cfg80211_scan_request. For timebeing, create
3488 * cfg80211_scan_request one out of the received PNO event.
3491 brcmf_notify_sched_scan_results(struct brcmf_if *ifp,
3492 const struct brcmf_event_msg *e, void *data)
3494 struct brcmf_pub *drvr = ifp->drvr;
3495 struct brcmf_cfg80211_info *cfg = drvr->config;
3496 struct brcmf_pno_net_info_le *netinfo, *netinfo_start;
3497 struct cfg80211_scan_request *request = NULL;
3498 struct wiphy *wiphy = cfg_to_wiphy(cfg);
3500 struct brcmf_pno_scanresults_le *pfn_result;
3506 brcmf_dbg(SCAN, "Enter\n");
3508 if (e->datalen < (sizeof(*pfn_result) + sizeof(*netinfo))) {
3509 brcmf_dbg(SCAN, "Event data to small. Ignore\n");
3513 if (e->event_code == BRCMF_E_PFN_NET_LOST) {
3514 brcmf_dbg(SCAN, "PFN NET LOST event. Do Nothing\n");
3518 pfn_result = (struct brcmf_pno_scanresults_le *)data;
3519 result_count = le32_to_cpu(pfn_result->count);
3520 status = le32_to_cpu(pfn_result->status);
3522 /* PFN event is limited to fit 512 bytes so we may get
3523 * multiple NET_FOUND events. For now place a warning here.
3525 WARN_ON(status != BRCMF_PNO_SCAN_COMPLETE);
3526 brcmf_dbg(SCAN, "PFN NET FOUND event. count: %d\n", result_count);
3527 if (!result_count) {
3528 bphy_err(drvr, "FALSE PNO Event. (pfn_count == 0)\n");
3532 netinfo_start = brcmf_get_netinfo_array(pfn_result);
3533 datalen = e->datalen - ((void *)netinfo_start - (void *)pfn_result);
3534 if (datalen < result_count * sizeof(*netinfo)) {
3535 bphy_err(drvr, "insufficient event data\n");
3539 request = brcmf_alloc_internal_escan_request(wiphy,
3547 for (i = 0; i < result_count; i++) {
3548 netinfo = &netinfo_start[i];
3550 if (netinfo->SSID_len > IEEE80211_MAX_SSID_LEN)
3551 netinfo->SSID_len = IEEE80211_MAX_SSID_LEN;
3552 brcmf_dbg(SCAN, "SSID:%.32s Channel:%d\n",
3553 netinfo->SSID, netinfo->channel);
3554 bucket_map |= brcmf_pno_get_bucket_map(cfg->pno, netinfo);
3555 err = brcmf_internal_escan_add_info(request,
3566 err = brcmf_start_internal_escan(ifp, bucket_map, request);
3571 cfg80211_sched_scan_stopped(wiphy, 0);
3578 brcmf_cfg80211_sched_scan_start(struct wiphy *wiphy,
3579 struct net_device *ndev,
3580 struct cfg80211_sched_scan_request *req)
3582 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3583 struct brcmf_if *ifp = netdev_priv(ndev);
3584 struct brcmf_pub *drvr = cfg->pub;
3586 brcmf_dbg(SCAN, "Enter: n_match_sets=%d n_ssids=%d\n",
3587 req->n_match_sets, req->n_ssids);
3589 if (test_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status)) {
3590 bphy_err(drvr, "Scanning suppressed: status=%lu\n",
3595 if (req->n_match_sets <= 0) {
3596 brcmf_dbg(SCAN, "invalid number of matchsets specified: %d\n",
3601 return brcmf_pno_start_sched_scan(ifp, req);
3604 static int brcmf_cfg80211_sched_scan_stop(struct wiphy *wiphy,
3605 struct net_device *ndev, u64 reqid)
3607 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3608 struct brcmf_if *ifp = netdev_priv(ndev);
3610 brcmf_dbg(SCAN, "enter\n");
3611 brcmf_pno_stop_sched_scan(ifp, reqid);
3612 if (cfg->int_escan_map)
3613 brcmf_notify_escan_complete(cfg, ifp, true, true);
3617 static __always_inline void brcmf_delay(u32 ms)
3619 if (ms < 1000 / HZ) {
3627 static s32 brcmf_config_wowl_pattern(struct brcmf_if *ifp, u8 cmd[4],
3628 u8 *pattern, u32 patternsize, u8 *mask,
3631 struct brcmf_fil_wowl_pattern_le *filter;
3638 masksize = (patternsize + 7) / 8;
3639 patternoffset = sizeof(*filter) - sizeof(filter->cmd) + masksize;
3641 bufsize = sizeof(*filter) + patternsize + masksize;
3642 buf = kzalloc(bufsize, GFP_KERNEL);
3645 filter = (struct brcmf_fil_wowl_pattern_le *)buf;
3647 memcpy(filter->cmd, cmd, 4);
3648 filter->masksize = cpu_to_le32(masksize);
3649 filter->offset = cpu_to_le32(packet_offset);
3650 filter->patternoffset = cpu_to_le32(patternoffset);
3651 filter->patternsize = cpu_to_le32(patternsize);
3652 filter->type = cpu_to_le32(BRCMF_WOWL_PATTERN_TYPE_BITMAP);
3654 if ((mask) && (masksize))
3655 memcpy(buf + sizeof(*filter), mask, masksize);
3656 if ((pattern) && (patternsize))
3657 memcpy(buf + sizeof(*filter) + masksize, pattern, patternsize);
3659 ret = brcmf_fil_iovar_data_set(ifp, "wowl_pattern", buf, bufsize);
3666 brcmf_wowl_nd_results(struct brcmf_if *ifp, const struct brcmf_event_msg *e,
3669 struct brcmf_pub *drvr = ifp->drvr;
3670 struct brcmf_cfg80211_info *cfg = drvr->config;
3671 struct brcmf_pno_scanresults_le *pfn_result;
3672 struct brcmf_pno_net_info_le *netinfo;
3674 brcmf_dbg(SCAN, "Enter\n");
3676 if (e->datalen < (sizeof(*pfn_result) + sizeof(*netinfo))) {
3677 brcmf_dbg(SCAN, "Event data to small. Ignore\n");
3681 pfn_result = (struct brcmf_pno_scanresults_le *)data;
3683 if (e->event_code == BRCMF_E_PFN_NET_LOST) {
3684 brcmf_dbg(SCAN, "PFN NET LOST event. Ignore\n");
3688 if (le32_to_cpu(pfn_result->count) < 1) {
3689 bphy_err(drvr, "Invalid result count, expected 1 (%d)\n",
3690 le32_to_cpu(pfn_result->count));
3694 netinfo = brcmf_get_netinfo_array(pfn_result);
3695 if (netinfo->SSID_len > IEEE80211_MAX_SSID_LEN)
3696 netinfo->SSID_len = IEEE80211_MAX_SSID_LEN;
3697 memcpy(cfg->wowl.nd->ssid.ssid, netinfo->SSID, netinfo->SSID_len);
3698 cfg->wowl.nd->ssid.ssid_len = netinfo->SSID_len;
3699 cfg->wowl.nd->n_channels = 1;
3700 cfg->wowl.nd->channels[0] =
3701 ieee80211_channel_to_frequency(netinfo->channel,
3702 netinfo->channel <= CH_MAX_2G_CHANNEL ?
3703 NL80211_BAND_2GHZ : NL80211_BAND_5GHZ);
3704 cfg->wowl.nd_info->n_matches = 1;
3705 cfg->wowl.nd_info->matches[0] = cfg->wowl.nd;
3707 /* Inform (the resume task) that the net detect information was recvd */
3708 cfg->wowl.nd_data_completed = true;
3709 wake_up(&cfg->wowl.nd_data_wait);
3716 static void brcmf_report_wowl_wakeind(struct wiphy *wiphy, struct brcmf_if *ifp)
3718 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3719 struct brcmf_pub *drvr = cfg->pub;
3720 struct brcmf_wowl_wakeind_le wake_ind_le;
3721 struct cfg80211_wowlan_wakeup wakeup_data;
3722 struct cfg80211_wowlan_wakeup *wakeup;
3727 err = brcmf_fil_iovar_data_get(ifp, "wowl_wakeind", &wake_ind_le,
3728 sizeof(wake_ind_le));
3730 bphy_err(drvr, "Get wowl_wakeind failed, err = %d\n", err);
3734 wakeind = le32_to_cpu(wake_ind_le.ucode_wakeind);
3735 if (wakeind & (BRCMF_WOWL_MAGIC | BRCMF_WOWL_DIS | BRCMF_WOWL_BCN |
3736 BRCMF_WOWL_RETR | BRCMF_WOWL_NET |
3737 BRCMF_WOWL_PFN_FOUND)) {
3738 wakeup = &wakeup_data;
3739 memset(&wakeup_data, 0, sizeof(wakeup_data));
3740 wakeup_data.pattern_idx = -1;
3742 if (wakeind & BRCMF_WOWL_MAGIC) {
3743 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_MAGIC\n");
3744 wakeup_data.magic_pkt = true;
3746 if (wakeind & BRCMF_WOWL_DIS) {
3747 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_DIS\n");
3748 wakeup_data.disconnect = true;
3750 if (wakeind & BRCMF_WOWL_BCN) {
3751 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_BCN\n");
3752 wakeup_data.disconnect = true;
3754 if (wakeind & BRCMF_WOWL_RETR) {
3755 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_RETR\n");
3756 wakeup_data.disconnect = true;
3758 if (wakeind & BRCMF_WOWL_NET) {
3759 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_NET\n");
3760 /* For now always map to pattern 0, no API to get
3761 * correct information available at the moment.
3763 wakeup_data.pattern_idx = 0;
3765 if (wakeind & BRCMF_WOWL_PFN_FOUND) {
3766 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_PFN_FOUND\n");
3767 timeout = wait_event_timeout(cfg->wowl.nd_data_wait,
3768 cfg->wowl.nd_data_completed,
3769 BRCMF_ND_INFO_TIMEOUT);
3771 bphy_err(drvr, "No result for wowl net detect\n");
3773 wakeup_data.net_detect = cfg->wowl.nd_info;
3775 if (wakeind & BRCMF_WOWL_GTK_FAILURE) {
3776 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_GTK_FAILURE\n");
3777 wakeup_data.gtk_rekey_failure = true;
3782 cfg80211_report_wowlan_wakeup(&ifp->vif->wdev, wakeup, GFP_KERNEL);
3787 static void brcmf_report_wowl_wakeind(struct wiphy *wiphy, struct brcmf_if *ifp)
3791 #endif /* CONFIG_PM */
3793 static s32 brcmf_cfg80211_resume(struct wiphy *wiphy)
3795 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3796 struct net_device *ndev = cfg_to_ndev(cfg);
3797 struct brcmf_if *ifp = netdev_priv(ndev);
3799 brcmf_dbg(TRACE, "Enter\n");
3801 if (cfg->wowl.active) {
3802 brcmf_report_wowl_wakeind(wiphy, ifp);
3803 brcmf_fil_iovar_int_set(ifp, "wowl_clear", 0);
3804 brcmf_config_wowl_pattern(ifp, "clr", NULL, 0, NULL, 0);
3805 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ARP_ND))
3806 brcmf_configure_arp_nd_offload(ifp, true);
3807 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM,
3808 cfg->wowl.pre_pmmode);
3809 cfg->wowl.active = false;
3810 if (cfg->wowl.nd_enabled) {
3811 brcmf_cfg80211_sched_scan_stop(cfg->wiphy, ifp->ndev, 0);
3812 brcmf_fweh_unregister(cfg->pub, BRCMF_E_PFN_NET_FOUND);
3813 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
3814 brcmf_notify_sched_scan_results);
3815 cfg->wowl.nd_enabled = false;
3821 static void brcmf_configure_wowl(struct brcmf_cfg80211_info *cfg,
3822 struct brcmf_if *ifp,
3823 struct cfg80211_wowlan *wowl)
3826 struct brcmf_wowl_wakeind_le wowl_wakeind;
3829 brcmf_dbg(TRACE, "Suspend, wowl config.\n");
3831 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ARP_ND))
3832 brcmf_configure_arp_nd_offload(ifp, false);
3833 brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_PM, &cfg->wowl.pre_pmmode);
3834 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, PM_MAX);
3837 if (wowl->disconnect)
3838 wowl_config = BRCMF_WOWL_DIS | BRCMF_WOWL_BCN | BRCMF_WOWL_RETR;
3839 if (wowl->magic_pkt)
3840 wowl_config |= BRCMF_WOWL_MAGIC;
3841 if ((wowl->patterns) && (wowl->n_patterns)) {
3842 wowl_config |= BRCMF_WOWL_NET;
3843 for (i = 0; i < wowl->n_patterns; i++) {
3844 brcmf_config_wowl_pattern(ifp, "add",
3845 (u8 *)wowl->patterns[i].pattern,
3846 wowl->patterns[i].pattern_len,
3847 (u8 *)wowl->patterns[i].mask,
3848 wowl->patterns[i].pkt_offset);
3851 if (wowl->nd_config) {
3852 brcmf_cfg80211_sched_scan_start(cfg->wiphy, ifp->ndev,
3854 wowl_config |= BRCMF_WOWL_PFN_FOUND;
3856 cfg->wowl.nd_data_completed = false;
3857 cfg->wowl.nd_enabled = true;
3858 /* Now reroute the event for PFN to the wowl function. */
3859 brcmf_fweh_unregister(cfg->pub, BRCMF_E_PFN_NET_FOUND);
3860 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
3861 brcmf_wowl_nd_results);
3863 if (wowl->gtk_rekey_failure)
3864 wowl_config |= BRCMF_WOWL_GTK_FAILURE;
3865 if (!test_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state))
3866 wowl_config |= BRCMF_WOWL_UNASSOC;
3868 memcpy(&wowl_wakeind, "clear", 6);
3869 brcmf_fil_iovar_data_set(ifp, "wowl_wakeind", &wowl_wakeind,
3870 sizeof(wowl_wakeind));
3871 brcmf_fil_iovar_int_set(ifp, "wowl", wowl_config);
3872 brcmf_fil_iovar_int_set(ifp, "wowl_activate", 1);
3873 brcmf_bus_wowl_config(cfg->pub->bus_if, true);
3874 cfg->wowl.active = true;
3877 static s32 brcmf_cfg80211_suspend(struct wiphy *wiphy,
3878 struct cfg80211_wowlan *wowl)
3880 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3881 struct net_device *ndev = cfg_to_ndev(cfg);
3882 struct brcmf_if *ifp = netdev_priv(ndev);
3883 struct brcmf_cfg80211_vif *vif;
3885 brcmf_dbg(TRACE, "Enter\n");
3887 /* if the primary net_device is not READY there is nothing
3888 * we can do but pray resume goes smoothly.
3890 if (!check_vif_up(ifp->vif))
3893 /* Stop scheduled scan */
3894 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO))
3895 brcmf_cfg80211_sched_scan_stop(wiphy, ndev, 0);
3897 /* end any scanning */
3898 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status))
3899 brcmf_abort_scanning(cfg);
3902 brcmf_bus_wowl_config(cfg->pub->bus_if, false);
3903 list_for_each_entry(vif, &cfg->vif_list, list) {
3904 if (!test_bit(BRCMF_VIF_STATUS_READY, &vif->sme_state))
3906 /* While going to suspend if associated with AP
3907 * disassociate from AP to save power while system is
3908 * in suspended state
3910 brcmf_link_down(vif, WLAN_REASON_UNSPECIFIED);
3911 /* Make sure WPA_Supplicant receives all the event
3912 * generated due to DISASSOC call to the fw to keep
3913 * the state fw and WPA_Supplicant state consistent
3918 brcmf_set_mpc(ifp, 1);
3921 /* Configure WOWL paramaters */
3922 brcmf_configure_wowl(cfg, ifp, wowl);
3926 brcmf_dbg(TRACE, "Exit\n");
3927 /* clear any scanning activity */
3928 cfg->scan_status = 0;
3933 brcmf_update_pmklist(struct brcmf_cfg80211_info *cfg, struct brcmf_if *ifp)
3935 struct brcmf_pmk_list_le *pmk_list;
3940 pmk_list = &cfg->pmk_list;
3941 npmk = le32_to_cpu(pmk_list->npmk);
3943 brcmf_dbg(CONN, "No of elements %d\n", npmk);
3944 for (i = 0; i < npmk; i++)
3945 brcmf_dbg(CONN, "PMK[%d]: %pM\n", i, &pmk_list->pmk[i].bssid);
3947 err = brcmf_fil_iovar_data_set(ifp, "pmkid_info", pmk_list,
3954 brcmf_cfg80211_set_pmksa(struct wiphy *wiphy, struct net_device *ndev,
3955 struct cfg80211_pmksa *pmksa)
3957 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3958 struct brcmf_if *ifp = netdev_priv(ndev);
3959 struct brcmf_pmksa *pmk = &cfg->pmk_list.pmk[0];
3960 struct brcmf_pub *drvr = cfg->pub;
3964 brcmf_dbg(TRACE, "Enter\n");
3965 if (!check_vif_up(ifp->vif))
3968 npmk = le32_to_cpu(cfg->pmk_list.npmk);
3969 for (i = 0; i < npmk; i++)
3970 if (!memcmp(pmksa->bssid, pmk[i].bssid, ETH_ALEN))
3972 if (i < BRCMF_MAXPMKID) {
3973 memcpy(pmk[i].bssid, pmksa->bssid, ETH_ALEN);
3974 memcpy(pmk[i].pmkid, pmksa->pmkid, WLAN_PMKID_LEN);
3977 cfg->pmk_list.npmk = cpu_to_le32(npmk);
3980 bphy_err(drvr, "Too many PMKSA entries cached %d\n", npmk);
3984 brcmf_dbg(CONN, "set_pmksa - PMK bssid: %pM =\n", pmk[npmk].bssid);
3985 for (i = 0; i < WLAN_PMKID_LEN; i += 4)
3986 brcmf_dbg(CONN, "%02x %02x %02x %02x\n", pmk[npmk].pmkid[i],
3987 pmk[npmk].pmkid[i + 1], pmk[npmk].pmkid[i + 2],
3988 pmk[npmk].pmkid[i + 3]);
3990 err = brcmf_update_pmklist(cfg, ifp);
3992 brcmf_dbg(TRACE, "Exit\n");
3997 brcmf_cfg80211_del_pmksa(struct wiphy *wiphy, struct net_device *ndev,
3998 struct cfg80211_pmksa *pmksa)
4000 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4001 struct brcmf_if *ifp = netdev_priv(ndev);
4002 struct brcmf_pmksa *pmk = &cfg->pmk_list.pmk[0];
4003 struct brcmf_pub *drvr = cfg->pub;
4007 brcmf_dbg(TRACE, "Enter\n");
4008 if (!check_vif_up(ifp->vif))
4011 brcmf_dbg(CONN, "del_pmksa - PMK bssid = %pM\n", pmksa->bssid);
4013 npmk = le32_to_cpu(cfg->pmk_list.npmk);
4014 for (i = 0; i < npmk; i++)
4015 if (!memcmp(pmksa->bssid, pmk[i].bssid, ETH_ALEN))
4018 if ((npmk > 0) && (i < npmk)) {
4019 for (; i < (npmk - 1); i++) {
4020 memcpy(&pmk[i].bssid, &pmk[i + 1].bssid, ETH_ALEN);
4021 memcpy(&pmk[i].pmkid, &pmk[i + 1].pmkid,
4024 memset(&pmk[i], 0, sizeof(*pmk));
4025 cfg->pmk_list.npmk = cpu_to_le32(npmk - 1);
4027 bphy_err(drvr, "Cache entry not found\n");
4031 err = brcmf_update_pmklist(cfg, ifp);
4033 brcmf_dbg(TRACE, "Exit\n");
4039 brcmf_cfg80211_flush_pmksa(struct wiphy *wiphy, struct net_device *ndev)
4041 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4042 struct brcmf_if *ifp = netdev_priv(ndev);
4045 brcmf_dbg(TRACE, "Enter\n");
4046 if (!check_vif_up(ifp->vif))
4049 memset(&cfg->pmk_list, 0, sizeof(cfg->pmk_list));
4050 err = brcmf_update_pmklist(cfg, ifp);
4052 brcmf_dbg(TRACE, "Exit\n");
4057 static s32 brcmf_configure_opensecurity(struct brcmf_if *ifp)
4059 struct brcmf_pub *drvr = ifp->drvr;
4064 err = brcmf_fil_bsscfg_int_set(ifp, "auth", 0);
4066 bphy_err(drvr, "auth error %d\n", err);
4070 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", 0);
4072 bphy_err(drvr, "wsec error %d\n", err);
4075 /* set upper-layer auth */
4076 if (brcmf_is_ibssmode(ifp->vif))
4077 wpa_val = WPA_AUTH_NONE;
4079 wpa_val = WPA_AUTH_DISABLED;
4080 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", wpa_val);
4082 bphy_err(drvr, "wpa_auth error %d\n", err);
4089 static bool brcmf_valid_wpa_oui(u8 *oui, bool is_rsn_ie)
4092 return (memcmp(oui, RSN_OUI, TLV_OUI_LEN) == 0);
4094 return (memcmp(oui, WPA_OUI, TLV_OUI_LEN) == 0);
4098 brcmf_configure_wpaie(struct brcmf_if *ifp,
4099 const struct brcmf_vs_tlv *wpa_ie,
4102 struct brcmf_pub *drvr = ifp->drvr;
4103 u32 auth = 0; /* d11 open authentication */
4115 u32 wme_bss_disable;
4118 brcmf_dbg(TRACE, "Enter\n");
4122 len = wpa_ie->len + TLV_HDR_LEN;
4123 data = (u8 *)wpa_ie;
4124 offset = TLV_HDR_LEN;
4126 offset += VS_IE_FIXED_HDR_LEN;
4128 offset += WPA_IE_VERSION_LEN;
4130 /* check for multicast cipher suite */
4131 if (offset + WPA_IE_MIN_OUI_LEN > len) {
4133 bphy_err(drvr, "no multicast cipher suite\n");
4137 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4139 bphy_err(drvr, "ivalid OUI\n");
4142 offset += TLV_OUI_LEN;
4144 /* pick up multicast cipher */
4145 switch (data[offset]) {
4146 case WPA_CIPHER_NONE:
4149 case WPA_CIPHER_WEP_40:
4150 case WPA_CIPHER_WEP_104:
4153 case WPA_CIPHER_TKIP:
4154 gval = TKIP_ENABLED;
4156 case WPA_CIPHER_AES_CCM:
4161 bphy_err(drvr, "Invalid multi cast cipher info\n");
4166 /* walk thru unicast cipher list and pick up what we recognize */
4167 count = data[offset] + (data[offset + 1] << 8);
4168 offset += WPA_IE_SUITE_COUNT_LEN;
4169 /* Check for unicast suite(s) */
4170 if (offset + (WPA_IE_MIN_OUI_LEN * count) > len) {
4172 bphy_err(drvr, "no unicast cipher suite\n");
4175 for (i = 0; i < count; i++) {
4176 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4178 bphy_err(drvr, "ivalid OUI\n");
4181 offset += TLV_OUI_LEN;
4182 switch (data[offset]) {
4183 case WPA_CIPHER_NONE:
4185 case WPA_CIPHER_WEP_40:
4186 case WPA_CIPHER_WEP_104:
4187 pval |= WEP_ENABLED;
4189 case WPA_CIPHER_TKIP:
4190 pval |= TKIP_ENABLED;
4192 case WPA_CIPHER_AES_CCM:
4193 pval |= AES_ENABLED;
4196 bphy_err(drvr, "Invalid unicast security info\n");
4200 /* walk thru auth management suite list and pick up what we recognize */
4201 count = data[offset] + (data[offset + 1] << 8);
4202 offset += WPA_IE_SUITE_COUNT_LEN;
4203 /* Check for auth key management suite(s) */
4204 if (offset + (WPA_IE_MIN_OUI_LEN * count) > len) {
4206 bphy_err(drvr, "no auth key mgmt suite\n");
4209 for (i = 0; i < count; i++) {
4210 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4212 bphy_err(drvr, "ivalid OUI\n");
4215 offset += TLV_OUI_LEN;
4216 switch (data[offset]) {
4218 brcmf_dbg(TRACE, "RSN_AKM_NONE\n");
4219 wpa_auth |= WPA_AUTH_NONE;
4221 case RSN_AKM_UNSPECIFIED:
4222 brcmf_dbg(TRACE, "RSN_AKM_UNSPECIFIED\n");
4223 is_rsn_ie ? (wpa_auth |= WPA2_AUTH_UNSPECIFIED) :
4224 (wpa_auth |= WPA_AUTH_UNSPECIFIED);
4227 brcmf_dbg(TRACE, "RSN_AKM_PSK\n");
4228 is_rsn_ie ? (wpa_auth |= WPA2_AUTH_PSK) :
4229 (wpa_auth |= WPA_AUTH_PSK);
4231 case RSN_AKM_SHA256_PSK:
4232 brcmf_dbg(TRACE, "RSN_AKM_MFP_PSK\n");
4233 wpa_auth |= WPA2_AUTH_PSK_SHA256;
4235 case RSN_AKM_SHA256_1X:
4236 brcmf_dbg(TRACE, "RSN_AKM_MFP_1X\n");
4237 wpa_auth |= WPA2_AUTH_1X_SHA256;
4240 bphy_err(drvr, "Invalid key mgmt info\n");
4245 mfp = BRCMF_MFP_NONE;
4247 wme_bss_disable = 1;
4248 if ((offset + RSN_CAP_LEN) <= len) {
4249 rsn_cap = data[offset] + (data[offset + 1] << 8);
4250 if (rsn_cap & RSN_CAP_PTK_REPLAY_CNTR_MASK)
4251 wme_bss_disable = 0;
4252 if (rsn_cap & RSN_CAP_MFPR_MASK) {
4253 brcmf_dbg(TRACE, "MFP Required\n");
4254 mfp = BRCMF_MFP_REQUIRED;
4255 /* Firmware only supports mfp required in
4256 * combination with WPA2_AUTH_PSK_SHA256 or
4257 * WPA2_AUTH_1X_SHA256.
4259 if (!(wpa_auth & (WPA2_AUTH_PSK_SHA256 |
4260 WPA2_AUTH_1X_SHA256))) {
4264 /* Firmware has requirement that WPA2_AUTH_PSK/
4265 * WPA2_AUTH_UNSPECIFIED be set, if SHA256 OUI
4266 * is to be included in the rsn ie.
4268 if (wpa_auth & WPA2_AUTH_PSK_SHA256)
4269 wpa_auth |= WPA2_AUTH_PSK;
4270 else if (wpa_auth & WPA2_AUTH_1X_SHA256)
4271 wpa_auth |= WPA2_AUTH_UNSPECIFIED;
4272 } else if (rsn_cap & RSN_CAP_MFPC_MASK) {
4273 brcmf_dbg(TRACE, "MFP Capable\n");
4274 mfp = BRCMF_MFP_CAPABLE;
4277 offset += RSN_CAP_LEN;
4278 /* set wme_bss_disable to sync RSN Capabilities */
4279 err = brcmf_fil_bsscfg_int_set(ifp, "wme_bss_disable",
4282 bphy_err(drvr, "wme_bss_disable error %d\n", err);
4286 /* Skip PMKID cnt as it is know to be 0 for AP. */
4287 offset += RSN_PMKID_COUNT_LEN;
4289 /* See if there is BIP wpa suite left for MFP */
4290 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP) &&
4291 ((offset + WPA_IE_MIN_OUI_LEN) <= len)) {
4292 err = brcmf_fil_bsscfg_data_set(ifp, "bip",
4294 WPA_IE_MIN_OUI_LEN);
4296 bphy_err(drvr, "bip error %d\n", err);
4301 /* FOR WPS , set SES_OW_ENABLED */
4302 wsec = (pval | gval | SES_OW_ENABLED);
4305 err = brcmf_fil_bsscfg_int_set(ifp, "auth", auth);
4307 bphy_err(drvr, "auth error %d\n", err);
4311 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
4313 bphy_err(drvr, "wsec error %d\n", err);
4316 /* Configure MFP, this needs to go after wsec otherwise the wsec command
4317 * will overwrite the values set by MFP
4319 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP)) {
4320 err = brcmf_fil_bsscfg_int_set(ifp, "mfp", mfp);
4322 bphy_err(drvr, "mfp error %d\n", err);
4326 /* set upper-layer auth */
4327 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", wpa_auth);
4329 bphy_err(drvr, "wpa_auth error %d\n", err);
4338 brcmf_parse_vndr_ies(const u8 *vndr_ie_buf, u32 vndr_ie_len,
4339 struct parsed_vndr_ies *vndr_ies)
4341 struct brcmf_vs_tlv *vndrie;
4342 struct brcmf_tlv *ie;
4343 struct parsed_vndr_ie_info *parsed_info;
4346 remaining_len = (s32)vndr_ie_len;
4347 memset(vndr_ies, 0, sizeof(*vndr_ies));
4349 ie = (struct brcmf_tlv *)vndr_ie_buf;
4351 if (ie->id != WLAN_EID_VENDOR_SPECIFIC)
4353 vndrie = (struct brcmf_vs_tlv *)ie;
4354 /* len should be bigger than OUI length + one */
4355 if (vndrie->len < (VS_IE_FIXED_HDR_LEN - TLV_HDR_LEN + 1)) {
4356 brcmf_err("invalid vndr ie. length is too small %d\n",
4360 /* if wpa or wme ie, do not add ie */
4361 if (!memcmp(vndrie->oui, (u8 *)WPA_OUI, TLV_OUI_LEN) &&
4362 ((vndrie->oui_type == WPA_OUI_TYPE) ||
4363 (vndrie->oui_type == WME_OUI_TYPE))) {
4364 brcmf_dbg(TRACE, "Found WPA/WME oui. Do not add it\n");
4368 parsed_info = &vndr_ies->ie_info[vndr_ies->count];
4370 /* save vndr ie information */
4371 parsed_info->ie_ptr = (char *)vndrie;
4372 parsed_info->ie_len = vndrie->len + TLV_HDR_LEN;
4373 memcpy(&parsed_info->vndrie, vndrie, sizeof(*vndrie));
4377 brcmf_dbg(TRACE, "** OUI %3ph, type 0x%02x\n",
4378 parsed_info->vndrie.oui,
4379 parsed_info->vndrie.oui_type);
4381 if (vndr_ies->count >= VNDR_IE_PARSE_LIMIT)
4384 remaining_len -= (ie->len + TLV_HDR_LEN);
4385 if (remaining_len <= TLV_HDR_LEN)
4388 ie = (struct brcmf_tlv *)(((u8 *)ie) + ie->len +
4395 brcmf_vndr_ie(u8 *iebuf, s32 pktflag, u8 *ie_ptr, u32 ie_len, s8 *add_del_cmd)
4397 strscpy(iebuf, add_del_cmd, VNDR_IE_CMD_LEN);
4399 put_unaligned_le32(1, &iebuf[VNDR_IE_COUNT_OFFSET]);
4401 put_unaligned_le32(pktflag, &iebuf[VNDR_IE_PKTFLAG_OFFSET]);
4403 memcpy(&iebuf[VNDR_IE_VSIE_OFFSET], ie_ptr, ie_len);
4405 return ie_len + VNDR_IE_HDR_SIZE;
4408 s32 brcmf_vif_set_mgmt_ie(struct brcmf_cfg80211_vif *vif, s32 pktflag,
4409 const u8 *vndr_ie_buf, u32 vndr_ie_len)
4411 struct brcmf_pub *drvr;
4412 struct brcmf_if *ifp;
4413 struct vif_saved_ie *saved_ie;
4417 u8 *mgmt_ie_buf = NULL;
4418 int mgmt_ie_buf_len;
4420 u32 del_add_ie_buf_len = 0;
4421 u32 total_ie_buf_len = 0;
4422 u32 parsed_ie_buf_len = 0;
4423 struct parsed_vndr_ies old_vndr_ies;
4424 struct parsed_vndr_ies new_vndr_ies;
4425 struct parsed_vndr_ie_info *vndrie_info;
4428 int remained_buf_len;
4434 saved_ie = &vif->saved_ie;
4436 brcmf_dbg(TRACE, "bsscfgidx %d, pktflag : 0x%02X\n", ifp->bsscfgidx,
4438 iovar_ie_buf = kzalloc(WL_EXTRA_BUF_MAX, GFP_KERNEL);
4441 curr_ie_buf = iovar_ie_buf;
4443 case BRCMF_VNDR_IE_PRBREQ_FLAG:
4444 mgmt_ie_buf = saved_ie->probe_req_ie;
4445 mgmt_ie_len = &saved_ie->probe_req_ie_len;
4446 mgmt_ie_buf_len = sizeof(saved_ie->probe_req_ie);
4448 case BRCMF_VNDR_IE_PRBRSP_FLAG:
4449 mgmt_ie_buf = saved_ie->probe_res_ie;
4450 mgmt_ie_len = &saved_ie->probe_res_ie_len;
4451 mgmt_ie_buf_len = sizeof(saved_ie->probe_res_ie);
4453 case BRCMF_VNDR_IE_BEACON_FLAG:
4454 mgmt_ie_buf = saved_ie->beacon_ie;
4455 mgmt_ie_len = &saved_ie->beacon_ie_len;
4456 mgmt_ie_buf_len = sizeof(saved_ie->beacon_ie);
4458 case BRCMF_VNDR_IE_ASSOCREQ_FLAG:
4459 mgmt_ie_buf = saved_ie->assoc_req_ie;
4460 mgmt_ie_len = &saved_ie->assoc_req_ie_len;
4461 mgmt_ie_buf_len = sizeof(saved_ie->assoc_req_ie);
4463 case BRCMF_VNDR_IE_ASSOCRSP_FLAG:
4464 mgmt_ie_buf = saved_ie->assoc_res_ie;
4465 mgmt_ie_len = &saved_ie->assoc_res_ie_len;
4466 mgmt_ie_buf_len = sizeof(saved_ie->assoc_res_ie);
4470 bphy_err(drvr, "not suitable type\n");
4474 if (vndr_ie_len > mgmt_ie_buf_len) {
4476 bphy_err(drvr, "extra IE size too big\n");
4480 /* parse and save new vndr_ie in curr_ie_buff before comparing it */
4481 if (vndr_ie_buf && vndr_ie_len && curr_ie_buf) {
4483 brcmf_parse_vndr_ies(vndr_ie_buf, vndr_ie_len, &new_vndr_ies);
4484 for (i = 0; i < new_vndr_ies.count; i++) {
4485 vndrie_info = &new_vndr_ies.ie_info[i];
4486 memcpy(ptr + parsed_ie_buf_len, vndrie_info->ie_ptr,
4487 vndrie_info->ie_len);
4488 parsed_ie_buf_len += vndrie_info->ie_len;
4492 if (mgmt_ie_buf && *mgmt_ie_len) {
4493 if (parsed_ie_buf_len && (parsed_ie_buf_len == *mgmt_ie_len) &&
4494 (memcmp(mgmt_ie_buf, curr_ie_buf,
4495 parsed_ie_buf_len) == 0)) {
4496 brcmf_dbg(TRACE, "Previous mgmt IE equals to current IE\n");
4500 /* parse old vndr_ie */
4501 brcmf_parse_vndr_ies(mgmt_ie_buf, *mgmt_ie_len, &old_vndr_ies);
4503 /* make a command to delete old ie */
4504 for (i = 0; i < old_vndr_ies.count; i++) {
4505 vndrie_info = &old_vndr_ies.ie_info[i];
4507 brcmf_dbg(TRACE, "DEL ID : %d, Len: %d , OUI:%3ph\n",
4508 vndrie_info->vndrie.id,
4509 vndrie_info->vndrie.len,
4510 vndrie_info->vndrie.oui);
4512 del_add_ie_buf_len = brcmf_vndr_ie(curr_ie_buf, pktflag,
4513 vndrie_info->ie_ptr,
4514 vndrie_info->ie_len,
4516 curr_ie_buf += del_add_ie_buf_len;
4517 total_ie_buf_len += del_add_ie_buf_len;
4522 /* Add if there is any extra IE */
4523 if (mgmt_ie_buf && parsed_ie_buf_len) {
4526 remained_buf_len = mgmt_ie_buf_len;
4528 /* make a command to add new ie */
4529 for (i = 0; i < new_vndr_ies.count; i++) {
4530 vndrie_info = &new_vndr_ies.ie_info[i];
4532 /* verify remained buf size before copy data */
4533 if (remained_buf_len < (vndrie_info->vndrie.len +
4534 VNDR_IE_VSIE_OFFSET)) {
4535 bphy_err(drvr, "no space in mgmt_ie_buf: len left %d",
4539 remained_buf_len -= (vndrie_info->ie_len +
4540 VNDR_IE_VSIE_OFFSET);
4542 brcmf_dbg(TRACE, "ADDED ID : %d, Len: %d, OUI:%3ph\n",
4543 vndrie_info->vndrie.id,
4544 vndrie_info->vndrie.len,
4545 vndrie_info->vndrie.oui);
4547 del_add_ie_buf_len = brcmf_vndr_ie(curr_ie_buf, pktflag,
4548 vndrie_info->ie_ptr,
4549 vndrie_info->ie_len,
4552 /* save the parsed IE in wl struct */
4553 memcpy(ptr + (*mgmt_ie_len), vndrie_info->ie_ptr,
4554 vndrie_info->ie_len);
4555 *mgmt_ie_len += vndrie_info->ie_len;
4557 curr_ie_buf += del_add_ie_buf_len;
4558 total_ie_buf_len += del_add_ie_buf_len;
4561 if (total_ie_buf_len) {
4562 err = brcmf_fil_bsscfg_data_set(ifp, "vndr_ie", iovar_ie_buf,
4565 bphy_err(drvr, "vndr ie set error : %d\n", err);
4569 kfree(iovar_ie_buf);
4573 s32 brcmf_vif_clear_mgmt_ies(struct brcmf_cfg80211_vif *vif)
4576 BRCMF_VNDR_IE_PRBREQ_FLAG,
4577 BRCMF_VNDR_IE_PRBRSP_FLAG,
4578 BRCMF_VNDR_IE_BEACON_FLAG
4582 for (i = 0; i < ARRAY_SIZE(pktflags); i++)
4583 brcmf_vif_set_mgmt_ie(vif, pktflags[i], NULL, 0);
4585 memset(&vif->saved_ie, 0, sizeof(vif->saved_ie));
4590 brcmf_config_ap_mgmt_ie(struct brcmf_cfg80211_vif *vif,
4591 struct cfg80211_beacon_data *beacon)
4593 struct brcmf_pub *drvr = vif->ifp->drvr;
4596 /* Set Beacon IEs to FW */
4597 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_BEACON_FLAG,
4598 beacon->tail, beacon->tail_len);
4600 bphy_err(drvr, "Set Beacon IE Failed\n");
4603 brcmf_dbg(TRACE, "Applied Vndr IEs for Beacon\n");
4605 /* Set Probe Response IEs to FW */
4606 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_PRBRSP_FLAG,
4607 beacon->proberesp_ies,
4608 beacon->proberesp_ies_len);
4610 bphy_err(drvr, "Set Probe Resp IE Failed\n");
4612 brcmf_dbg(TRACE, "Applied Vndr IEs for Probe Resp\n");
4614 /* Set Assoc Response IEs to FW */
4615 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_ASSOCRSP_FLAG,
4616 beacon->assocresp_ies,
4617 beacon->assocresp_ies_len);
4619 brcmf_err("Set Assoc Resp IE Failed\n");
4621 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc Resp\n");
4627 brcmf_parse_configure_security(struct brcmf_if *ifp,
4628 struct cfg80211_ap_settings *settings,
4629 enum nl80211_iftype dev_role)
4631 const struct brcmf_tlv *rsn_ie;
4632 const struct brcmf_vs_tlv *wpa_ie;
4635 /* find the RSN_IE */
4636 rsn_ie = brcmf_parse_tlvs((u8 *)settings->beacon.tail,
4637 settings->beacon.tail_len, WLAN_EID_RSN);
4639 /* find the WPA_IE */
4640 wpa_ie = brcmf_find_wpaie((u8 *)settings->beacon.tail,
4641 settings->beacon.tail_len);
4643 if (wpa_ie || rsn_ie) {
4644 brcmf_dbg(TRACE, "WPA(2) IE is found\n");
4647 err = brcmf_configure_wpaie(ifp, wpa_ie, false);
4651 struct brcmf_vs_tlv *tmp_ie;
4653 tmp_ie = (struct brcmf_vs_tlv *)rsn_ie;
4656 err = brcmf_configure_wpaie(ifp, tmp_ie, true);
4661 brcmf_dbg(TRACE, "No WPA(2) IEs found\n");
4662 brcmf_configure_opensecurity(ifp);
4669 brcmf_cfg80211_start_ap(struct wiphy *wiphy, struct net_device *ndev,
4670 struct cfg80211_ap_settings *settings)
4673 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4674 struct brcmf_if *ifp = netdev_priv(ndev);
4675 struct brcmf_pub *drvr = cfg->pub;
4676 const struct brcmf_tlv *ssid_ie;
4677 const struct brcmf_tlv *country_ie;
4678 struct brcmf_ssid_le ssid_le;
4680 struct brcmf_join_params join_params;
4681 enum nl80211_iftype dev_role;
4682 struct brcmf_fil_bss_enable_le bss_enable;
4683 u16 chanspec = chandef_to_chanspec(&cfg->d11inf, &settings->chandef);
4688 brcmf_dbg(TRACE, "ctrlchn=%d, center=%d, bw=%d, beacon_interval=%d, dtim_period=%d,\n",
4689 settings->chandef.chan->hw_value,
4690 settings->chandef.center_freq1, settings->chandef.width,
4691 settings->beacon_interval, settings->dtim_period);
4692 brcmf_dbg(TRACE, "ssid=%s(%zu), auth_type=%d, inactivity_timeout=%d\n",
4693 settings->ssid, settings->ssid_len, settings->auth_type,
4694 settings->inactivity_timeout);
4695 dev_role = ifp->vif->wdev.iftype;
4696 mbss = ifp->vif->mbss;
4698 /* store current 11d setting */
4699 if (brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_REGULATORY,
4700 &ifp->vif->is_11d)) {
4701 is_11d = supports_11d = false;
4703 country_ie = brcmf_parse_tlvs((u8 *)settings->beacon.tail,
4704 settings->beacon.tail_len,
4706 is_11d = country_ie ? 1 : 0;
4707 supports_11d = true;
4710 memset(&ssid_le, 0, sizeof(ssid_le));
4711 if (settings->ssid == NULL || settings->ssid_len == 0) {
4712 ie_offset = DOT11_MGMT_HDR_LEN + DOT11_BCN_PRB_FIXED_LEN;
4713 ssid_ie = brcmf_parse_tlvs(
4714 (u8 *)&settings->beacon.head[ie_offset],
4715 settings->beacon.head_len - ie_offset,
4717 if (!ssid_ie || ssid_ie->len > IEEE80211_MAX_SSID_LEN)
4720 memcpy(ssid_le.SSID, ssid_ie->data, ssid_ie->len);
4721 ssid_le.SSID_len = cpu_to_le32(ssid_ie->len);
4722 brcmf_dbg(TRACE, "SSID is (%s) in Head\n", ssid_le.SSID);
4724 memcpy(ssid_le.SSID, settings->ssid, settings->ssid_len);
4725 ssid_le.SSID_len = cpu_to_le32((u32)settings->ssid_len);
4729 brcmf_set_mpc(ifp, 0);
4730 brcmf_configure_arp_nd_offload(ifp, false);
4733 /* Parameters shared by all radio interfaces */
4735 if ((supports_11d) && (is_11d != ifp->vif->is_11d)) {
4736 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_REGULATORY,
4739 bphy_err(drvr, "Regulatory Set Error, %d\n",
4744 if (settings->beacon_interval) {
4745 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_BCNPRD,
4746 settings->beacon_interval);
4748 bphy_err(drvr, "Beacon Interval Set Error, %d\n",
4753 if (settings->dtim_period) {
4754 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_DTIMPRD,
4755 settings->dtim_period);
4757 bphy_err(drvr, "DTIM Interval Set Error, %d\n",
4763 if ((dev_role == NL80211_IFTYPE_AP) &&
4764 ((ifp->ifidx == 0) ||
4765 (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_RSDB) &&
4766 !brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MCHAN)))) {
4767 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4769 bphy_err(drvr, "BRCMF_C_DOWN error %d\n",
4773 brcmf_fil_iovar_int_set(ifp, "apsta", 0);
4776 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_INFRA, 1);
4778 bphy_err(drvr, "SET INFRA error %d\n", err);
4781 } else if (WARN_ON(supports_11d && (is_11d != ifp->vif->is_11d))) {
4782 /* Multiple-BSS should use same 11d configuration */
4787 /* Interface specific setup */
4788 if (dev_role == NL80211_IFTYPE_AP) {
4789 if ((brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS)) && (!mbss))
4790 brcmf_fil_iovar_int_set(ifp, "mbss", 1);
4792 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_AP, 1);
4794 bphy_err(drvr, "setting AP mode failed %d\n",
4799 /* Firmware 10.x requires setting channel after enabling
4800 * AP and before bringing interface up.
4802 err = brcmf_fil_iovar_int_set(ifp, "chanspec", chanspec);
4804 bphy_err(drvr, "Set Channel failed: chspec=%d, %d\n",
4809 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1);
4811 bphy_err(drvr, "BRCMF_C_UP error (%d)\n", err);
4815 err = brcmf_parse_configure_security(ifp, settings,
4818 bphy_err(drvr, "brcmf_parse_configure_security error\n");
4822 /* On DOWN the firmware removes the WEP keys, reconfigure
4823 * them if they were set.
4825 brcmf_cfg80211_reconfigure_wep(ifp);
4827 memset(&join_params, 0, sizeof(join_params));
4828 /* join parameters starts with ssid */
4829 memcpy(&join_params.ssid_le, &ssid_le, sizeof(ssid_le));
4831 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
4832 &join_params, sizeof(join_params));
4834 bphy_err(drvr, "SET SSID error (%d)\n", err);
4838 if (settings->hidden_ssid) {
4839 err = brcmf_fil_iovar_int_set(ifp, "closednet", 1);
4841 bphy_err(drvr, "closednet error (%d)\n", err);
4846 brcmf_dbg(TRACE, "AP mode configuration complete\n");
4847 } else if (dev_role == NL80211_IFTYPE_P2P_GO) {
4848 err = brcmf_fil_iovar_int_set(ifp, "chanspec", chanspec);
4850 bphy_err(drvr, "Set Channel failed: chspec=%d, %d\n",
4855 err = brcmf_parse_configure_security(ifp, settings,
4856 NL80211_IFTYPE_P2P_GO);
4858 brcmf_err("brcmf_parse_configure_security error\n");
4862 err = brcmf_fil_bsscfg_data_set(ifp, "ssid", &ssid_le,
4865 bphy_err(drvr, "setting ssid failed %d\n", err);
4868 bss_enable.bsscfgidx = cpu_to_le32(ifp->bsscfgidx);
4869 bss_enable.enable = cpu_to_le32(1);
4870 err = brcmf_fil_iovar_data_set(ifp, "bss", &bss_enable,
4871 sizeof(bss_enable));
4873 bphy_err(drvr, "bss_enable config failed %d\n", err);
4877 brcmf_dbg(TRACE, "GO mode configuration complete\n");
4882 brcmf_config_ap_mgmt_ie(ifp->vif, &settings->beacon);
4883 set_bit(BRCMF_VIF_STATUS_AP_CREATED, &ifp->vif->sme_state);
4884 brcmf_net_setcarrier(ifp, true);
4887 if ((err) && (!mbss)) {
4888 brcmf_set_mpc(ifp, 1);
4889 brcmf_configure_arp_nd_offload(ifp, true);
4894 static int brcmf_cfg80211_stop_ap(struct wiphy *wiphy, struct net_device *ndev)
4896 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4897 struct brcmf_if *ifp = netdev_priv(ndev);
4898 struct brcmf_pub *drvr = cfg->pub;
4900 struct brcmf_fil_bss_enable_le bss_enable;
4901 struct brcmf_join_params join_params;
4903 brcmf_dbg(TRACE, "Enter\n");
4905 if (ifp->vif->wdev.iftype == NL80211_IFTYPE_AP) {
4906 /* Due to most likely deauths outstanding we sleep */
4907 /* first to make sure they get processed by fw. */
4910 if (ifp->vif->mbss) {
4911 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4915 /* First BSS doesn't get a full reset */
4916 if (ifp->bsscfgidx == 0)
4917 brcmf_fil_iovar_int_set(ifp, "closednet", 0);
4919 memset(&join_params, 0, sizeof(join_params));
4920 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
4921 &join_params, sizeof(join_params));
4923 bphy_err(drvr, "SET SSID error (%d)\n", err);
4924 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4926 bphy_err(drvr, "BRCMF_C_DOWN error %d\n", err);
4927 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_AP, 0);
4929 bphy_err(drvr, "setting AP mode failed %d\n", err);
4930 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS))
4931 brcmf_fil_iovar_int_set(ifp, "mbss", 0);
4932 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_REGULATORY,
4934 /* Bring device back up so it can be used again */
4935 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1);
4937 bphy_err(drvr, "BRCMF_C_UP error %d\n", err);
4939 brcmf_vif_clear_mgmt_ies(ifp->vif);
4941 bss_enable.bsscfgidx = cpu_to_le32(ifp->bsscfgidx);
4942 bss_enable.enable = cpu_to_le32(0);
4943 err = brcmf_fil_iovar_data_set(ifp, "bss", &bss_enable,
4944 sizeof(bss_enable));
4946 bphy_err(drvr, "bss_enable config failed %d\n", err);
4948 brcmf_set_mpc(ifp, 1);
4949 brcmf_configure_arp_nd_offload(ifp, true);
4950 clear_bit(BRCMF_VIF_STATUS_AP_CREATED, &ifp->vif->sme_state);
4951 brcmf_net_setcarrier(ifp, false);
4957 brcmf_cfg80211_change_beacon(struct wiphy *wiphy, struct net_device *ndev,
4958 struct cfg80211_beacon_data *info)
4960 struct brcmf_if *ifp = netdev_priv(ndev);
4963 brcmf_dbg(TRACE, "Enter\n");
4965 err = brcmf_config_ap_mgmt_ie(ifp->vif, info);
4971 brcmf_cfg80211_del_station(struct wiphy *wiphy, struct net_device *ndev,
4972 struct station_del_parameters *params)
4974 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4975 struct brcmf_pub *drvr = cfg->pub;
4976 struct brcmf_scb_val_le scbval;
4977 struct brcmf_if *ifp = netdev_priv(ndev);
4983 brcmf_dbg(TRACE, "Enter %pM\n", params->mac);
4985 if (ifp->vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif)
4986 ifp = cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif->ifp;
4987 if (!check_vif_up(ifp->vif))
4990 memcpy(&scbval.ea, params->mac, ETH_ALEN);
4991 scbval.val = cpu_to_le32(params->reason_code);
4992 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SCB_DEAUTHENTICATE_FOR_REASON,
4993 &scbval, sizeof(scbval));
4995 bphy_err(drvr, "SCB_DEAUTHENTICATE_FOR_REASON failed %d\n",
4998 brcmf_dbg(TRACE, "Exit\n");
5003 brcmf_cfg80211_change_station(struct wiphy *wiphy, struct net_device *ndev,
5004 const u8 *mac, struct station_parameters *params)
5006 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5007 struct brcmf_pub *drvr = cfg->pub;
5008 struct brcmf_if *ifp = netdev_priv(ndev);
5011 brcmf_dbg(TRACE, "Enter, MAC %pM, mask 0x%04x set 0x%04x\n", mac,
5012 params->sta_flags_mask, params->sta_flags_set);
5014 /* Ignore all 00 MAC */
5015 if (is_zero_ether_addr(mac))
5018 if (!(params->sta_flags_mask & BIT(NL80211_STA_FLAG_AUTHORIZED)))
5021 if (params->sta_flags_set & BIT(NL80211_STA_FLAG_AUTHORIZED))
5022 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SCB_AUTHORIZE,
5023 (void *)mac, ETH_ALEN);
5025 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SCB_DEAUTHORIZE,
5026 (void *)mac, ETH_ALEN);
5028 bphy_err(drvr, "Setting SCB (de-)authorize failed, %d\n", err);
5034 brcmf_cfg80211_update_mgmt_frame_registrations(struct wiphy *wiphy,
5035 struct wireless_dev *wdev,
5036 struct mgmt_frame_regs *upd)
5038 struct brcmf_cfg80211_vif *vif;
5040 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5042 vif->mgmt_rx_reg = upd->interface_stypes;
5047 brcmf_cfg80211_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev,
5048 struct cfg80211_mgmt_tx_params *params, u64 *cookie)
5050 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5051 struct ieee80211_channel *chan = params->chan;
5052 struct brcmf_pub *drvr = cfg->pub;
5053 const u8 *buf = params->buf;
5054 size_t len = params->len;
5055 const struct ieee80211_mgmt *mgmt;
5056 struct brcmf_cfg80211_vif *vif;
5060 struct brcmf_fil_action_frame_le *action_frame;
5061 struct brcmf_fil_af_params_le *af_params;
5066 brcmf_dbg(TRACE, "Enter\n");
5070 mgmt = (const struct ieee80211_mgmt *)buf;
5072 if (!ieee80211_is_mgmt(mgmt->frame_control)) {
5073 bphy_err(drvr, "Driver only allows MGMT packet type\n");
5077 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5079 if (ieee80211_is_probe_resp(mgmt->frame_control)) {
5080 /* Right now the only reason to get a probe response */
5081 /* is for p2p listen response or for p2p GO from */
5082 /* wpa_supplicant. Unfortunately the probe is send */
5083 /* on primary ndev, while dongle wants it on the p2p */
5084 /* vif. Since this is only reason for a probe */
5085 /* response to be sent, the vif is taken from cfg. */
5086 /* If ever desired to send proberesp for non p2p */
5087 /* response then data should be checked for */
5088 /* "DIRECT-". Note in future supplicant will take */
5089 /* dedicated p2p wdev to do this and then this 'hack'*/
5090 /* is not needed anymore. */
5091 ie_offset = DOT11_MGMT_HDR_LEN +
5092 DOT11_BCN_PRB_FIXED_LEN;
5093 ie_len = len - ie_offset;
5094 if (vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif)
5095 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
5096 err = brcmf_vif_set_mgmt_ie(vif,
5097 BRCMF_VNDR_IE_PRBRSP_FLAG,
5100 cfg80211_mgmt_tx_status(wdev, *cookie, buf, len, true,
5102 } else if (ieee80211_is_action(mgmt->frame_control)) {
5103 if (len > BRCMF_FIL_ACTION_FRAME_SIZE + DOT11_MGMT_HDR_LEN) {
5104 bphy_err(drvr, "invalid action frame length\n");
5108 af_params = kzalloc(sizeof(*af_params), GFP_KERNEL);
5109 if (af_params == NULL) {
5110 bphy_err(drvr, "unable to allocate frame\n");
5114 action_frame = &af_params->action_frame;
5115 /* Add the packet Id */
5116 action_frame->packet_id = cpu_to_le32(*cookie);
5118 memcpy(&action_frame->da[0], &mgmt->da[0], ETH_ALEN);
5119 memcpy(&af_params->bssid[0], &mgmt->bssid[0], ETH_ALEN);
5120 /* Add the length exepted for 802.11 header */
5121 action_frame->len = cpu_to_le16(len - DOT11_MGMT_HDR_LEN);
5122 /* Add the channel. Use the one specified as parameter if any or
5123 * the current one (got from the firmware) otherwise
5126 freq = chan->center_freq;
5128 brcmf_fil_cmd_int_get(vif->ifp, BRCMF_C_GET_CHANNEL,
5130 chan_nr = ieee80211_frequency_to_channel(freq);
5131 af_params->channel = cpu_to_le32(chan_nr);
5132 af_params->dwell_time = cpu_to_le32(params->wait);
5133 memcpy(action_frame->data, &buf[DOT11_MGMT_HDR_LEN],
5134 le16_to_cpu(action_frame->len));
5136 brcmf_dbg(TRACE, "Action frame, cookie=%lld, len=%d, freq=%d\n",
5137 *cookie, le16_to_cpu(action_frame->len), freq);
5139 ack = brcmf_p2p_send_action_frame(cfg, cfg_to_ndev(cfg),
5142 cfg80211_mgmt_tx_status(wdev, *cookie, buf, len, ack,
5146 brcmf_dbg(TRACE, "Unhandled, fc=%04x!!\n", mgmt->frame_control);
5147 brcmf_dbg_hex_dump(true, buf, len, "payload, len=%zu\n", len);
5156 brcmf_cfg80211_cancel_remain_on_channel(struct wiphy *wiphy,
5157 struct wireless_dev *wdev,
5160 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5161 struct brcmf_pub *drvr = cfg->pub;
5162 struct brcmf_cfg80211_vif *vif;
5165 brcmf_dbg(TRACE, "Enter p2p listen cancel\n");
5167 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
5169 bphy_err(drvr, "No p2p device available for probe response\n");
5173 brcmf_p2p_cancel_remain_on_channel(vif->ifp);
5178 static int brcmf_cfg80211_get_channel(struct wiphy *wiphy,
5179 struct wireless_dev *wdev,
5180 struct cfg80211_chan_def *chandef)
5182 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5183 struct net_device *ndev = wdev->netdev;
5184 struct brcmf_pub *drvr = cfg->pub;
5185 struct brcmu_chan ch;
5186 enum nl80211_band band = 0;
5187 enum nl80211_chan_width width = 0;
5191 if (!ndev || drvr->bus_if->state != BRCMF_BUS_UP)
5194 err = brcmf_fil_iovar_int_get(netdev_priv(ndev), "chanspec", &chanspec);
5196 bphy_err(drvr, "chanspec failed (%d)\n", err);
5200 ch.chspec = chanspec;
5201 cfg->d11inf.decchspec(&ch);
5204 case BRCMU_CHAN_BAND_2G:
5205 band = NL80211_BAND_2GHZ;
5207 case BRCMU_CHAN_BAND_5G:
5208 band = NL80211_BAND_5GHZ;
5213 case BRCMU_CHAN_BW_80:
5214 width = NL80211_CHAN_WIDTH_80;
5216 case BRCMU_CHAN_BW_40:
5217 width = NL80211_CHAN_WIDTH_40;
5219 case BRCMU_CHAN_BW_20:
5220 width = NL80211_CHAN_WIDTH_20;
5222 case BRCMU_CHAN_BW_80P80:
5223 width = NL80211_CHAN_WIDTH_80P80;
5225 case BRCMU_CHAN_BW_160:
5226 width = NL80211_CHAN_WIDTH_160;
5230 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band);
5231 chandef->chan = ieee80211_get_channel(wiphy, freq);
5232 chandef->width = width;
5233 chandef->center_freq1 = ieee80211_channel_to_frequency(ch.chnum, band);
5234 chandef->center_freq2 = 0;
5239 static int brcmf_cfg80211_crit_proto_start(struct wiphy *wiphy,
5240 struct wireless_dev *wdev,
5241 enum nl80211_crit_proto_id proto,
5244 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5245 struct brcmf_cfg80211_vif *vif;
5247 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5249 /* only DHCP support for now */
5250 if (proto != NL80211_CRIT_PROTO_DHCP)
5253 /* suppress and abort scanning */
5254 set_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
5255 brcmf_abort_scanning(cfg);
5257 return brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_DISABLED, duration);
5260 static void brcmf_cfg80211_crit_proto_stop(struct wiphy *wiphy,
5261 struct wireless_dev *wdev)
5263 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5264 struct brcmf_cfg80211_vif *vif;
5266 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5268 brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_ENABLED, 0);
5269 clear_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
5273 brcmf_notify_tdls_peer_event(struct brcmf_if *ifp,
5274 const struct brcmf_event_msg *e, void *data)
5276 switch (e->reason) {
5277 case BRCMF_E_REASON_TDLS_PEER_DISCOVERED:
5278 brcmf_dbg(TRACE, "TDLS Peer Discovered\n");
5280 case BRCMF_E_REASON_TDLS_PEER_CONNECTED:
5281 brcmf_dbg(TRACE, "TDLS Peer Connected\n");
5282 brcmf_proto_add_tdls_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
5284 case BRCMF_E_REASON_TDLS_PEER_DISCONNECTED:
5285 brcmf_dbg(TRACE, "TDLS Peer Disconnected\n");
5286 brcmf_proto_delete_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
5293 static int brcmf_convert_nl80211_tdls_oper(enum nl80211_tdls_operation oper)
5298 case NL80211_TDLS_DISCOVERY_REQ:
5299 ret = BRCMF_TDLS_MANUAL_EP_DISCOVERY;
5301 case NL80211_TDLS_SETUP:
5302 ret = BRCMF_TDLS_MANUAL_EP_CREATE;
5304 case NL80211_TDLS_TEARDOWN:
5305 ret = BRCMF_TDLS_MANUAL_EP_DELETE;
5308 brcmf_err("unsupported operation: %d\n", oper);
5314 static int brcmf_cfg80211_tdls_oper(struct wiphy *wiphy,
5315 struct net_device *ndev, const u8 *peer,
5316 enum nl80211_tdls_operation oper)
5318 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5319 struct brcmf_pub *drvr = cfg->pub;
5320 struct brcmf_if *ifp;
5321 struct brcmf_tdls_iovar_le info;
5324 ret = brcmf_convert_nl80211_tdls_oper(oper);
5328 ifp = netdev_priv(ndev);
5329 memset(&info, 0, sizeof(info));
5330 info.mode = (u8)ret;
5332 memcpy(info.ea, peer, ETH_ALEN);
5334 ret = brcmf_fil_iovar_data_set(ifp, "tdls_endpoint",
5335 &info, sizeof(info));
5337 bphy_err(drvr, "tdls_endpoint iovar failed: ret=%d\n", ret);
5343 brcmf_cfg80211_update_conn_params(struct wiphy *wiphy,
5344 struct net_device *ndev,
5345 struct cfg80211_connect_params *sme,
5348 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5349 struct brcmf_pub *drvr = cfg->pub;
5350 struct brcmf_if *ifp;
5353 if (!(changed & UPDATE_ASSOC_IES))
5356 ifp = netdev_priv(ndev);
5357 err = brcmf_vif_set_mgmt_ie(ifp->vif, BRCMF_VNDR_IE_ASSOCREQ_FLAG,
5358 sme->ie, sme->ie_len);
5360 bphy_err(drvr, "Set Assoc REQ IE Failed\n");
5362 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc request\n");
5369 brcmf_cfg80211_set_rekey_data(struct wiphy *wiphy, struct net_device *ndev,
5370 struct cfg80211_gtk_rekey_data *gtk)
5372 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5373 struct brcmf_pub *drvr = cfg->pub;
5374 struct brcmf_if *ifp = netdev_priv(ndev);
5375 struct brcmf_gtk_keyinfo_le gtk_le;
5378 brcmf_dbg(TRACE, "Enter, bssidx=%d\n", ifp->bsscfgidx);
5380 memcpy(gtk_le.kck, gtk->kck, sizeof(gtk_le.kck));
5381 memcpy(gtk_le.kek, gtk->kek, sizeof(gtk_le.kek));
5382 memcpy(gtk_le.replay_counter, gtk->replay_ctr,
5383 sizeof(gtk_le.replay_counter));
5385 ret = brcmf_fil_iovar_data_set(ifp, "gtk_key_info", >k_le,
5388 bphy_err(drvr, "gtk_key_info iovar failed: ret=%d\n", ret);
5394 static int brcmf_cfg80211_set_pmk(struct wiphy *wiphy, struct net_device *dev,
5395 const struct cfg80211_pmk_conf *conf)
5397 struct brcmf_if *ifp;
5399 brcmf_dbg(TRACE, "enter\n");
5401 /* expect using firmware supplicant for 1X */
5402 ifp = netdev_priv(dev);
5403 if (WARN_ON(ifp->vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_1X))
5406 if (conf->pmk_len > BRCMF_WSEC_MAX_PSK_LEN)
5409 return brcmf_set_pmk(ifp, conf->pmk, conf->pmk_len);
5412 static int brcmf_cfg80211_del_pmk(struct wiphy *wiphy, struct net_device *dev,
5415 struct brcmf_if *ifp;
5417 brcmf_dbg(TRACE, "enter\n");
5418 ifp = netdev_priv(dev);
5419 if (WARN_ON(ifp->vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_1X))
5422 return brcmf_set_pmk(ifp, NULL, 0);
5425 static struct cfg80211_ops brcmf_cfg80211_ops = {
5426 .add_virtual_intf = brcmf_cfg80211_add_iface,
5427 .del_virtual_intf = brcmf_cfg80211_del_iface,
5428 .change_virtual_intf = brcmf_cfg80211_change_iface,
5429 .scan = brcmf_cfg80211_scan,
5430 .set_wiphy_params = brcmf_cfg80211_set_wiphy_params,
5431 .join_ibss = brcmf_cfg80211_join_ibss,
5432 .leave_ibss = brcmf_cfg80211_leave_ibss,
5433 .get_station = brcmf_cfg80211_get_station,
5434 .dump_station = brcmf_cfg80211_dump_station,
5435 .set_tx_power = brcmf_cfg80211_set_tx_power,
5436 .get_tx_power = brcmf_cfg80211_get_tx_power,
5437 .add_key = brcmf_cfg80211_add_key,
5438 .del_key = brcmf_cfg80211_del_key,
5439 .get_key = brcmf_cfg80211_get_key,
5440 .set_default_key = brcmf_cfg80211_config_default_key,
5441 .set_default_mgmt_key = brcmf_cfg80211_config_default_mgmt_key,
5442 .set_power_mgmt = brcmf_cfg80211_set_power_mgmt,
5443 .connect = brcmf_cfg80211_connect,
5444 .disconnect = brcmf_cfg80211_disconnect,
5445 .suspend = brcmf_cfg80211_suspend,
5446 .resume = brcmf_cfg80211_resume,
5447 .set_pmksa = brcmf_cfg80211_set_pmksa,
5448 .del_pmksa = brcmf_cfg80211_del_pmksa,
5449 .flush_pmksa = brcmf_cfg80211_flush_pmksa,
5450 .start_ap = brcmf_cfg80211_start_ap,
5451 .stop_ap = brcmf_cfg80211_stop_ap,
5452 .change_beacon = brcmf_cfg80211_change_beacon,
5453 .del_station = brcmf_cfg80211_del_station,
5454 .change_station = brcmf_cfg80211_change_station,
5455 .sched_scan_start = brcmf_cfg80211_sched_scan_start,
5456 .sched_scan_stop = brcmf_cfg80211_sched_scan_stop,
5457 .update_mgmt_frame_registrations =
5458 brcmf_cfg80211_update_mgmt_frame_registrations,
5459 .mgmt_tx = brcmf_cfg80211_mgmt_tx,
5460 .remain_on_channel = brcmf_p2p_remain_on_channel,
5461 .cancel_remain_on_channel = brcmf_cfg80211_cancel_remain_on_channel,
5462 .get_channel = brcmf_cfg80211_get_channel,
5463 .start_p2p_device = brcmf_p2p_start_device,
5464 .stop_p2p_device = brcmf_p2p_stop_device,
5465 .crit_proto_start = brcmf_cfg80211_crit_proto_start,
5466 .crit_proto_stop = brcmf_cfg80211_crit_proto_stop,
5467 .tdls_oper = brcmf_cfg80211_tdls_oper,
5468 .update_connect_params = brcmf_cfg80211_update_conn_params,
5469 .set_pmk = brcmf_cfg80211_set_pmk,
5470 .del_pmk = brcmf_cfg80211_del_pmk,
5473 struct cfg80211_ops *brcmf_cfg80211_get_ops(struct brcmf_mp_device *settings)
5475 struct cfg80211_ops *ops;
5477 ops = kmemdup(&brcmf_cfg80211_ops, sizeof(brcmf_cfg80211_ops),
5480 if (ops && settings->roamoff)
5481 ops->update_connect_params = NULL;
5486 struct brcmf_cfg80211_vif *brcmf_alloc_vif(struct brcmf_cfg80211_info *cfg,
5487 enum nl80211_iftype type)
5489 struct brcmf_cfg80211_vif *vif_walk;
5490 struct brcmf_cfg80211_vif *vif;
5492 struct brcmf_if *ifp = brcmf_get_ifp(cfg->pub, 0);
5494 brcmf_dbg(TRACE, "allocating virtual interface (size=%zu)\n",
5496 vif = kzalloc(sizeof(*vif), GFP_KERNEL);
5498 return ERR_PTR(-ENOMEM);
5500 vif->wdev.wiphy = cfg->wiphy;
5501 vif->wdev.iftype = type;
5503 brcmf_init_prof(&vif->profile);
5505 if (type == NL80211_IFTYPE_AP &&
5506 brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS)) {
5508 list_for_each_entry(vif_walk, &cfg->vif_list, list) {
5509 if (vif_walk->wdev.iftype == NL80211_IFTYPE_AP) {
5517 list_add_tail(&vif->list, &cfg->vif_list);
5521 void brcmf_free_vif(struct brcmf_cfg80211_vif *vif)
5523 list_del(&vif->list);
5527 void brcmf_cfg80211_free_netdev(struct net_device *ndev)
5529 struct brcmf_cfg80211_vif *vif;
5530 struct brcmf_if *ifp;
5532 ifp = netdev_priv(ndev);
5536 brcmf_free_vif(vif);
5539 static bool brcmf_is_linkup(struct brcmf_cfg80211_vif *vif,
5540 const struct brcmf_event_msg *e)
5542 u32 event = e->event_code;
5543 u32 status = e->status;
5545 if ((vif->profile.use_fwsup == BRCMF_PROFILE_FWSUP_PSK ||
5546 vif->profile.use_fwsup == BRCMF_PROFILE_FWSUP_SAE) &&
5547 event == BRCMF_E_PSK_SUP &&
5548 status == BRCMF_E_STATUS_FWSUP_COMPLETED)
5549 set_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
5550 if (event == BRCMF_E_SET_SSID && status == BRCMF_E_STATUS_SUCCESS) {
5551 brcmf_dbg(CONN, "Processing set ssid\n");
5552 memcpy(vif->profile.bssid, e->addr, ETH_ALEN);
5553 if (vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_PSK &&
5554 vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_SAE)
5557 set_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
5560 if (test_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state) &&
5561 test_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state)) {
5562 clear_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
5563 clear_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
5569 static bool brcmf_is_linkdown(const struct brcmf_event_msg *e)
5571 u32 event = e->event_code;
5572 u16 flags = e->flags;
5574 if ((event == BRCMF_E_DEAUTH) || (event == BRCMF_E_DEAUTH_IND) ||
5575 (event == BRCMF_E_DISASSOC_IND) ||
5576 ((event == BRCMF_E_LINK) && (!(flags & BRCMF_EVENT_MSG_LINK)))) {
5577 brcmf_dbg(CONN, "Processing link down\n");
5583 static bool brcmf_is_nonetwork(struct brcmf_cfg80211_info *cfg,
5584 const struct brcmf_event_msg *e)
5586 u32 event = e->event_code;
5587 u32 status = e->status;
5589 if (event == BRCMF_E_LINK && status == BRCMF_E_STATUS_NO_NETWORKS) {
5590 brcmf_dbg(CONN, "Processing Link %s & no network found\n",
5591 e->flags & BRCMF_EVENT_MSG_LINK ? "up" : "down");
5595 if (event == BRCMF_E_SET_SSID && status != BRCMF_E_STATUS_SUCCESS) {
5596 brcmf_dbg(CONN, "Processing connecting & no network found\n");
5600 if (event == BRCMF_E_PSK_SUP &&
5601 status != BRCMF_E_STATUS_FWSUP_COMPLETED) {
5602 brcmf_dbg(CONN, "Processing failed supplicant state: %u\n",
5610 static void brcmf_clear_assoc_ies(struct brcmf_cfg80211_info *cfg)
5612 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5614 kfree(conn_info->req_ie);
5615 conn_info->req_ie = NULL;
5616 conn_info->req_ie_len = 0;
5617 kfree(conn_info->resp_ie);
5618 conn_info->resp_ie = NULL;
5619 conn_info->resp_ie_len = 0;
5622 u8 brcmf_map_prio_to_prec(void *config, u8 prio)
5624 struct brcmf_cfg80211_info *cfg = (struct brcmf_cfg80211_info *)config;
5627 return (prio == PRIO_8021D_NONE || prio == PRIO_8021D_BE) ?
5630 /* For those AC(s) with ACM flag set to 1, convert its 4-level priority
5631 * to an 8-level precedence which is the same as BE's
5633 if (prio > PRIO_8021D_EE &&
5634 cfg->ac_priority[prio] == cfg->ac_priority[PRIO_8021D_BE])
5635 return cfg->ac_priority[prio] * 2;
5637 /* Conversion of 4-level priority to 8-level precedence */
5638 if (prio == PRIO_8021D_BE || prio == PRIO_8021D_BK ||
5639 prio == PRIO_8021D_CL || prio == PRIO_8021D_VO)
5640 return cfg->ac_priority[prio] * 2;
5642 return cfg->ac_priority[prio] * 2 + 1;
5645 u8 brcmf_map_prio_to_aci(void *config, u8 prio)
5647 /* Prio here refers to the 802.1d priority in range of 0 to 7.
5648 * ACI here refers to the WLAN AC Index in range of 0 to 3.
5649 * This function will return ACI corresponding to input prio.
5651 struct brcmf_cfg80211_info *cfg = (struct brcmf_cfg80211_info *)config;
5654 return cfg->ac_priority[prio];
5659 static void brcmf_init_wmm_prio(u8 *priority)
5661 /* Initialize AC priority array to default
5662 * 802.1d priority as per following table:
5663 * 802.1d prio 0,3 maps to BE
5664 * 802.1d prio 1,2 maps to BK
5665 * 802.1d prio 4,5 maps to VI
5666 * 802.1d prio 6,7 maps to VO
5668 priority[0] = BRCMF_FWS_FIFO_AC_BE;
5669 priority[3] = BRCMF_FWS_FIFO_AC_BE;
5670 priority[1] = BRCMF_FWS_FIFO_AC_BK;
5671 priority[2] = BRCMF_FWS_FIFO_AC_BK;
5672 priority[4] = BRCMF_FWS_FIFO_AC_VI;
5673 priority[5] = BRCMF_FWS_FIFO_AC_VI;
5674 priority[6] = BRCMF_FWS_FIFO_AC_VO;
5675 priority[7] = BRCMF_FWS_FIFO_AC_VO;
5678 static void brcmf_wifi_prioritize_acparams(const
5679 struct brcmf_cfg80211_edcf_acparam *acp, u8 *priority)
5686 u8 ranking_basis[EDCF_AC_COUNT];
5687 u8 aci_prio[EDCF_AC_COUNT]; /* AC_BE, AC_BK, AC_VI, AC_VO */
5690 for (aci = 0; aci < EDCF_AC_COUNT; aci++, acp++) {
5691 aifsn = acp->ACI & EDCF_AIFSN_MASK;
5692 acm = (acp->ACI & EDCF_ACM_MASK) ? 1 : 0;
5693 ecwmin = acp->ECW & EDCF_ECWMIN_MASK;
5694 ecwmax = (acp->ECW & EDCF_ECWMAX_MASK) >> EDCF_ECWMAX_SHIFT;
5695 brcmf_dbg(CONN, "ACI %d aifsn %d acm %d ecwmin %d ecwmax %d\n",
5696 aci, aifsn, acm, ecwmin, ecwmax);
5697 /* Default AC_VO will be the lowest ranking value */
5698 ranking_basis[aci] = aifsn + ecwmin + ecwmax;
5699 /* Initialise priority starting at 0 (AC_BE) */
5702 /* If ACM is set, STA can't use this AC as per 802.11.
5703 * Change the ranking to BE
5705 if (aci != AC_BE && aci != AC_BK && acm == 1)
5706 ranking_basis[aci] = ranking_basis[AC_BE];
5709 /* Ranking method which works for AC priority
5710 * swapping when values for cwmin, cwmax and aifsn are varied
5711 * Compare each aci_prio against each other aci_prio
5713 for (aci = 0; aci < EDCF_AC_COUNT; aci++) {
5714 for (index = 0; index < EDCF_AC_COUNT; index++) {
5716 /* Smaller ranking value has higher priority,
5717 * so increment priority for each ACI which has
5718 * a higher ranking value
5720 if (ranking_basis[aci] < ranking_basis[index])
5726 /* By now, aci_prio[] will be in range of 0 to 3.
5727 * Use ACI prio to get the new priority value for
5728 * each 802.1d traffic type, in this range.
5730 if (!(aci_prio[AC_BE] == aci_prio[AC_BK] &&
5731 aci_prio[AC_BK] == aci_prio[AC_VI] &&
5732 aci_prio[AC_VI] == aci_prio[AC_VO])) {
5733 /* 802.1d 0,3 maps to BE */
5734 priority[0] = aci_prio[AC_BE];
5735 priority[3] = aci_prio[AC_BE];
5737 /* 802.1d 1,2 maps to BK */
5738 priority[1] = aci_prio[AC_BK];
5739 priority[2] = aci_prio[AC_BK];
5741 /* 802.1d 4,5 maps to VO */
5742 priority[4] = aci_prio[AC_VI];
5743 priority[5] = aci_prio[AC_VI];
5745 /* 802.1d 6,7 maps to VO */
5746 priority[6] = aci_prio[AC_VO];
5747 priority[7] = aci_prio[AC_VO];
5749 /* Initialize to default priority */
5750 brcmf_init_wmm_prio(priority);
5753 brcmf_dbg(CONN, "Adj prio BE 0->%d, BK 1->%d, BK 2->%d, BE 3->%d\n",
5754 priority[0], priority[1], priority[2], priority[3]);
5756 brcmf_dbg(CONN, "Adj prio VI 4->%d, VI 5->%d, VO 6->%d, VO 7->%d\n",
5757 priority[4], priority[5], priority[6], priority[7]);
5760 static s32 brcmf_get_assoc_ies(struct brcmf_cfg80211_info *cfg,
5761 struct brcmf_if *ifp)
5763 struct brcmf_pub *drvr = cfg->pub;
5764 struct brcmf_cfg80211_assoc_ielen_le *assoc_info;
5765 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5766 struct brcmf_cfg80211_edcf_acparam edcf_acparam_info[EDCF_AC_COUNT];
5771 brcmf_clear_assoc_ies(cfg);
5773 err = brcmf_fil_iovar_data_get(ifp, "assoc_info",
5774 cfg->extra_buf, WL_ASSOC_INFO_MAX);
5776 bphy_err(drvr, "could not get assoc info (%d)\n", err);
5780 (struct brcmf_cfg80211_assoc_ielen_le *)cfg->extra_buf;
5781 req_len = le32_to_cpu(assoc_info->req_len);
5782 resp_len = le32_to_cpu(assoc_info->resp_len);
5784 err = brcmf_fil_iovar_data_get(ifp, "assoc_req_ies",
5788 bphy_err(drvr, "could not get assoc req (%d)\n", err);
5791 conn_info->req_ie_len = req_len;
5793 kmemdup(cfg->extra_buf, conn_info->req_ie_len,
5795 if (!conn_info->req_ie)
5796 conn_info->req_ie_len = 0;
5798 conn_info->req_ie_len = 0;
5799 conn_info->req_ie = NULL;
5802 err = brcmf_fil_iovar_data_get(ifp, "assoc_resp_ies",
5806 bphy_err(drvr, "could not get assoc resp (%d)\n", err);
5809 conn_info->resp_ie_len = resp_len;
5810 conn_info->resp_ie =
5811 kmemdup(cfg->extra_buf, conn_info->resp_ie_len,
5813 if (!conn_info->resp_ie)
5814 conn_info->resp_ie_len = 0;
5816 err = brcmf_fil_iovar_data_get(ifp, "wme_ac_sta",
5818 sizeof(edcf_acparam_info));
5820 brcmf_err("could not get wme_ac_sta (%d)\n", err);
5824 brcmf_wifi_prioritize_acparams(edcf_acparam_info,
5827 conn_info->resp_ie_len = 0;
5828 conn_info->resp_ie = NULL;
5830 brcmf_dbg(CONN, "req len (%d) resp len (%d)\n",
5831 conn_info->req_ie_len, conn_info->resp_ie_len);
5837 brcmf_bss_roaming_done(struct brcmf_cfg80211_info *cfg,
5838 struct net_device *ndev,
5839 const struct brcmf_event_msg *e)
5841 struct brcmf_if *ifp = netdev_priv(ndev);
5842 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
5843 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5844 struct wiphy *wiphy = cfg_to_wiphy(cfg);
5845 struct ieee80211_channel *notify_channel = NULL;
5846 struct ieee80211_supported_band *band;
5847 struct brcmf_bss_info_le *bi;
5848 struct brcmu_chan ch;
5849 struct cfg80211_roam_info roam_info = {};
5854 brcmf_dbg(TRACE, "Enter\n");
5856 brcmf_get_assoc_ies(cfg, ifp);
5857 memcpy(profile->bssid, e->addr, ETH_ALEN);
5858 brcmf_update_bss_info(cfg, ifp);
5860 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
5866 /* data sent to dongle has to be little endian */
5867 *(__le32 *)buf = cpu_to_le32(WL_BSS_INFO_MAX);
5868 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO,
5869 buf, WL_BSS_INFO_MAX);
5874 bi = (struct brcmf_bss_info_le *)(buf + 4);
5875 ch.chspec = le16_to_cpu(bi->chanspec);
5876 cfg->d11inf.decchspec(&ch);
5878 if (ch.band == BRCMU_CHAN_BAND_2G)
5879 band = wiphy->bands[NL80211_BAND_2GHZ];
5881 band = wiphy->bands[NL80211_BAND_5GHZ];
5883 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band->band);
5884 notify_channel = ieee80211_get_channel(wiphy, freq);
5889 roam_info.channel = notify_channel;
5890 roam_info.bssid = profile->bssid;
5891 roam_info.req_ie = conn_info->req_ie;
5892 roam_info.req_ie_len = conn_info->req_ie_len;
5893 roam_info.resp_ie = conn_info->resp_ie;
5894 roam_info.resp_ie_len = conn_info->resp_ie_len;
5896 cfg80211_roamed(ndev, &roam_info, GFP_KERNEL);
5897 brcmf_dbg(CONN, "Report roaming result\n");
5899 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_1X && profile->is_ft) {
5900 cfg80211_port_authorized(ndev, profile->bssid, GFP_KERNEL);
5901 brcmf_dbg(CONN, "Report port authorized\n");
5904 set_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state);
5905 brcmf_dbg(TRACE, "Exit\n");
5910 brcmf_bss_connect_done(struct brcmf_cfg80211_info *cfg,
5911 struct net_device *ndev, const struct brcmf_event_msg *e,
5914 struct brcmf_if *ifp = netdev_priv(ndev);
5915 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
5916 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5917 struct cfg80211_connect_resp_params conn_params;
5919 brcmf_dbg(TRACE, "Enter\n");
5921 if (test_and_clear_bit(BRCMF_VIF_STATUS_CONNECTING,
5922 &ifp->vif->sme_state)) {
5923 memset(&conn_params, 0, sizeof(conn_params));
5925 brcmf_get_assoc_ies(cfg, ifp);
5926 brcmf_update_bss_info(cfg, ifp);
5927 set_bit(BRCMF_VIF_STATUS_CONNECTED,
5928 &ifp->vif->sme_state);
5929 conn_params.status = WLAN_STATUS_SUCCESS;
5931 conn_params.status = WLAN_STATUS_AUTH_TIMEOUT;
5933 conn_params.bssid = profile->bssid;
5934 conn_params.req_ie = conn_info->req_ie;
5935 conn_params.req_ie_len = conn_info->req_ie_len;
5936 conn_params.resp_ie = conn_info->resp_ie;
5937 conn_params.resp_ie_len = conn_info->resp_ie_len;
5938 cfg80211_connect_done(ndev, &conn_params, GFP_KERNEL);
5939 brcmf_dbg(CONN, "Report connect result - connection %s\n",
5940 completed ? "succeeded" : "failed");
5942 brcmf_dbg(TRACE, "Exit\n");
5947 brcmf_notify_connect_status_ap(struct brcmf_cfg80211_info *cfg,
5948 struct net_device *ndev,
5949 const struct brcmf_event_msg *e, void *data)
5951 struct brcmf_pub *drvr = cfg->pub;
5952 static int generation;
5953 u32 event = e->event_code;
5954 u32 reason = e->reason;
5955 struct station_info *sinfo;
5957 brcmf_dbg(CONN, "event %s (%u), reason %d\n",
5958 brcmf_fweh_event_name(event), event, reason);
5959 if (event == BRCMF_E_LINK && reason == BRCMF_E_REASON_LINK_BSSCFG_DIS &&
5960 ndev != cfg_to_ndev(cfg)) {
5961 brcmf_dbg(CONN, "AP mode link down\n");
5962 complete(&cfg->vif_disabled);
5966 if (((event == BRCMF_E_ASSOC_IND) || (event == BRCMF_E_REASSOC_IND)) &&
5967 (reason == BRCMF_E_STATUS_SUCCESS)) {
5969 bphy_err(drvr, "No IEs present in ASSOC/REASSOC_IND\n");
5973 sinfo = kzalloc(sizeof(*sinfo), GFP_KERNEL);
5977 sinfo->assoc_req_ies = data;
5978 sinfo->assoc_req_ies_len = e->datalen;
5980 sinfo->generation = generation;
5981 cfg80211_new_sta(ndev, e->addr, sinfo, GFP_KERNEL);
5984 } else if ((event == BRCMF_E_DISASSOC_IND) ||
5985 (event == BRCMF_E_DEAUTH_IND) ||
5986 (event == BRCMF_E_DEAUTH)) {
5987 cfg80211_del_sta(ndev, e->addr, GFP_KERNEL);
5993 brcmf_notify_connect_status(struct brcmf_if *ifp,
5994 const struct brcmf_event_msg *e, void *data)
5996 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
5997 struct net_device *ndev = ifp->ndev;
5998 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
5999 struct ieee80211_channel *chan;
6002 if ((e->event_code == BRCMF_E_DEAUTH) ||
6003 (e->event_code == BRCMF_E_DEAUTH_IND) ||
6004 (e->event_code == BRCMF_E_DISASSOC_IND) ||
6005 ((e->event_code == BRCMF_E_LINK) && (!e->flags))) {
6006 brcmf_proto_delete_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
6009 if (brcmf_is_apmode(ifp->vif)) {
6010 err = brcmf_notify_connect_status_ap(cfg, ndev, e, data);
6011 } else if (brcmf_is_linkup(ifp->vif, e)) {
6012 brcmf_dbg(CONN, "Linkup\n");
6013 if (brcmf_is_ibssmode(ifp->vif)) {
6014 brcmf_inform_ibss(cfg, ndev, e->addr);
6015 chan = ieee80211_get_channel(cfg->wiphy, cfg->channel);
6016 memcpy(profile->bssid, e->addr, ETH_ALEN);
6017 cfg80211_ibss_joined(ndev, e->addr, chan, GFP_KERNEL);
6018 clear_bit(BRCMF_VIF_STATUS_CONNECTING,
6019 &ifp->vif->sme_state);
6020 set_bit(BRCMF_VIF_STATUS_CONNECTED,
6021 &ifp->vif->sme_state);
6023 brcmf_bss_connect_done(cfg, ndev, e, true);
6024 brcmf_net_setcarrier(ifp, true);
6025 } else if (brcmf_is_linkdown(e)) {
6026 brcmf_dbg(CONN, "Linkdown\n");
6027 if (!brcmf_is_ibssmode(ifp->vif)) {
6028 brcmf_bss_connect_done(cfg, ndev, e, false);
6029 brcmf_link_down(ifp->vif,
6030 brcmf_map_fw_linkdown_reason(e));
6031 brcmf_init_prof(ndev_to_prof(ndev));
6032 if (ndev != cfg_to_ndev(cfg))
6033 complete(&cfg->vif_disabled);
6034 brcmf_net_setcarrier(ifp, false);
6036 } else if (brcmf_is_nonetwork(cfg, e)) {
6037 if (brcmf_is_ibssmode(ifp->vif))
6038 clear_bit(BRCMF_VIF_STATUS_CONNECTING,
6039 &ifp->vif->sme_state);
6041 brcmf_bss_connect_done(cfg, ndev, e, false);
6048 brcmf_notify_roaming_status(struct brcmf_if *ifp,
6049 const struct brcmf_event_msg *e, void *data)
6051 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6052 u32 event = e->event_code;
6053 u32 status = e->status;
6055 if (event == BRCMF_E_ROAM && status == BRCMF_E_STATUS_SUCCESS) {
6056 if (test_bit(BRCMF_VIF_STATUS_CONNECTED,
6057 &ifp->vif->sme_state)) {
6058 brcmf_bss_roaming_done(cfg, ifp->ndev, e);
6060 brcmf_bss_connect_done(cfg, ifp->ndev, e, true);
6061 brcmf_net_setcarrier(ifp, true);
6069 brcmf_notify_mic_status(struct brcmf_if *ifp,
6070 const struct brcmf_event_msg *e, void *data)
6072 u16 flags = e->flags;
6073 enum nl80211_key_type key_type;
6075 if (flags & BRCMF_EVENT_MSG_GROUP)
6076 key_type = NL80211_KEYTYPE_GROUP;
6078 key_type = NL80211_KEYTYPE_PAIRWISE;
6080 cfg80211_michael_mic_failure(ifp->ndev, (u8 *)&e->addr, key_type, -1,
6086 static s32 brcmf_notify_vif_event(struct brcmf_if *ifp,
6087 const struct brcmf_event_msg *e, void *data)
6089 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6090 struct brcmf_if_event *ifevent = (struct brcmf_if_event *)data;
6091 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
6092 struct brcmf_cfg80211_vif *vif;
6094 brcmf_dbg(TRACE, "Enter: action %u flags %u ifidx %u bsscfgidx %u\n",
6095 ifevent->action, ifevent->flags, ifevent->ifidx,
6096 ifevent->bsscfgidx);
6098 spin_lock(&event->vif_event_lock);
6099 event->action = ifevent->action;
6102 switch (ifevent->action) {
6103 case BRCMF_E_IF_ADD:
6104 /* waiting process may have timed out */
6105 if (!cfg->vif_event.vif) {
6106 spin_unlock(&event->vif_event_lock);
6113 vif->wdev.netdev = ifp->ndev;
6114 ifp->ndev->ieee80211_ptr = &vif->wdev;
6115 SET_NETDEV_DEV(ifp->ndev, wiphy_dev(cfg->wiphy));
6117 spin_unlock(&event->vif_event_lock);
6118 wake_up(&event->vif_wq);
6121 case BRCMF_E_IF_DEL:
6122 spin_unlock(&event->vif_event_lock);
6123 /* event may not be upon user request */
6124 if (brcmf_cfg80211_vif_event_armed(cfg))
6125 wake_up(&event->vif_wq);
6128 case BRCMF_E_IF_CHANGE:
6129 spin_unlock(&event->vif_event_lock);
6130 wake_up(&event->vif_wq);
6134 spin_unlock(&event->vif_event_lock);
6140 static void brcmf_init_conf(struct brcmf_cfg80211_conf *conf)
6142 conf->frag_threshold = (u32)-1;
6143 conf->rts_threshold = (u32)-1;
6144 conf->retry_short = (u32)-1;
6145 conf->retry_long = (u32)-1;
6148 static void brcmf_register_event_handlers(struct brcmf_cfg80211_info *cfg)
6150 brcmf_fweh_register(cfg->pub, BRCMF_E_LINK,
6151 brcmf_notify_connect_status);
6152 brcmf_fweh_register(cfg->pub, BRCMF_E_DEAUTH_IND,
6153 brcmf_notify_connect_status);
6154 brcmf_fweh_register(cfg->pub, BRCMF_E_DEAUTH,
6155 brcmf_notify_connect_status);
6156 brcmf_fweh_register(cfg->pub, BRCMF_E_DISASSOC_IND,
6157 brcmf_notify_connect_status);
6158 brcmf_fweh_register(cfg->pub, BRCMF_E_ASSOC_IND,
6159 brcmf_notify_connect_status);
6160 brcmf_fweh_register(cfg->pub, BRCMF_E_REASSOC_IND,
6161 brcmf_notify_connect_status);
6162 brcmf_fweh_register(cfg->pub, BRCMF_E_ROAM,
6163 brcmf_notify_roaming_status);
6164 brcmf_fweh_register(cfg->pub, BRCMF_E_MIC_ERROR,
6165 brcmf_notify_mic_status);
6166 brcmf_fweh_register(cfg->pub, BRCMF_E_SET_SSID,
6167 brcmf_notify_connect_status);
6168 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
6169 brcmf_notify_sched_scan_results);
6170 brcmf_fweh_register(cfg->pub, BRCMF_E_IF,
6171 brcmf_notify_vif_event);
6172 brcmf_fweh_register(cfg->pub, BRCMF_E_P2P_PROBEREQ_MSG,
6173 brcmf_p2p_notify_rx_mgmt_p2p_probereq);
6174 brcmf_fweh_register(cfg->pub, BRCMF_E_P2P_DISC_LISTEN_COMPLETE,
6175 brcmf_p2p_notify_listen_complete);
6176 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_RX,
6177 brcmf_p2p_notify_action_frame_rx);
6178 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_COMPLETE,
6179 brcmf_p2p_notify_action_tx_complete);
6180 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_OFF_CHAN_COMPLETE,
6181 brcmf_p2p_notify_action_tx_complete);
6182 brcmf_fweh_register(cfg->pub, BRCMF_E_PSK_SUP,
6183 brcmf_notify_connect_status);
6186 static void brcmf_deinit_priv_mem(struct brcmf_cfg80211_info *cfg)
6190 kfree(cfg->extra_buf);
6191 cfg->extra_buf = NULL;
6192 kfree(cfg->wowl.nd);
6193 cfg->wowl.nd = NULL;
6194 kfree(cfg->wowl.nd_info);
6195 cfg->wowl.nd_info = NULL;
6196 kfree(cfg->escan_info.escan_buf);
6197 cfg->escan_info.escan_buf = NULL;
6200 static s32 brcmf_init_priv_mem(struct brcmf_cfg80211_info *cfg)
6202 cfg->conf = kzalloc(sizeof(*cfg->conf), GFP_KERNEL);
6204 goto init_priv_mem_out;
6205 cfg->extra_buf = kzalloc(WL_EXTRA_BUF_MAX, GFP_KERNEL);
6206 if (!cfg->extra_buf)
6207 goto init_priv_mem_out;
6208 cfg->wowl.nd = kzalloc(sizeof(*cfg->wowl.nd) + sizeof(u32), GFP_KERNEL);
6210 goto init_priv_mem_out;
6211 cfg->wowl.nd_info = kzalloc(sizeof(*cfg->wowl.nd_info) +
6212 sizeof(struct cfg80211_wowlan_nd_match *),
6214 if (!cfg->wowl.nd_info)
6215 goto init_priv_mem_out;
6216 cfg->escan_info.escan_buf = kzalloc(BRCMF_ESCAN_BUF_SIZE, GFP_KERNEL);
6217 if (!cfg->escan_info.escan_buf)
6218 goto init_priv_mem_out;
6223 brcmf_deinit_priv_mem(cfg);
6228 static s32 wl_init_priv(struct brcmf_cfg80211_info *cfg)
6232 cfg->scan_request = NULL;
6233 cfg->pwr_save = true;
6234 cfg->dongle_up = false; /* dongle is not up yet */
6235 err = brcmf_init_priv_mem(cfg);
6238 brcmf_register_event_handlers(cfg);
6239 mutex_init(&cfg->usr_sync);
6240 brcmf_init_escan(cfg);
6241 brcmf_init_conf(cfg->conf);
6242 brcmf_init_wmm_prio(cfg->ac_priority);
6243 init_completion(&cfg->vif_disabled);
6247 static void wl_deinit_priv(struct brcmf_cfg80211_info *cfg)
6249 cfg->dongle_up = false; /* dongle down */
6250 brcmf_abort_scanning(cfg);
6251 brcmf_deinit_priv_mem(cfg);
6254 static void init_vif_event(struct brcmf_cfg80211_vif_event *event)
6256 init_waitqueue_head(&event->vif_wq);
6257 spin_lock_init(&event->vif_event_lock);
6260 static s32 brcmf_dongle_roam(struct brcmf_if *ifp)
6262 struct brcmf_pub *drvr = ifp->drvr;
6265 __le32 roamtrigger[2];
6266 __le32 roam_delta[2];
6268 /* Configure beacon timeout value based upon roaming setting */
6269 if (ifp->drvr->settings->roamoff)
6270 bcn_timeout = BRCMF_DEFAULT_BCN_TIMEOUT_ROAM_OFF;
6272 bcn_timeout = BRCMF_DEFAULT_BCN_TIMEOUT_ROAM_ON;
6273 err = brcmf_fil_iovar_int_set(ifp, "bcn_timeout", bcn_timeout);
6275 bphy_err(drvr, "bcn_timeout error (%d)\n", err);
6276 goto roam_setup_done;
6279 /* Enable/Disable built-in roaming to allow supplicant to take care of
6282 brcmf_dbg(INFO, "Internal Roaming = %s\n",
6283 ifp->drvr->settings->roamoff ? "Off" : "On");
6284 err = brcmf_fil_iovar_int_set(ifp, "roam_off",
6285 ifp->drvr->settings->roamoff);
6287 bphy_err(drvr, "roam_off error (%d)\n", err);
6288 goto roam_setup_done;
6291 roamtrigger[0] = cpu_to_le32(WL_ROAM_TRIGGER_LEVEL);
6292 roamtrigger[1] = cpu_to_le32(BRCM_BAND_ALL);
6293 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_TRIGGER,
6294 (void *)roamtrigger, sizeof(roamtrigger));
6296 bphy_err(drvr, "WLC_SET_ROAM_TRIGGER error (%d)\n", err);
6298 roam_delta[0] = cpu_to_le32(WL_ROAM_DELTA);
6299 roam_delta[1] = cpu_to_le32(BRCM_BAND_ALL);
6300 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_DELTA,
6301 (void *)roam_delta, sizeof(roam_delta));
6303 bphy_err(drvr, "WLC_SET_ROAM_DELTA error (%d)\n", err);
6312 brcmf_dongle_scantime(struct brcmf_if *ifp)
6314 struct brcmf_pub *drvr = ifp->drvr;
6317 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_CHANNEL_TIME,
6318 BRCMF_SCAN_CHANNEL_TIME);
6320 bphy_err(drvr, "Scan assoc time error (%d)\n", err);
6321 goto dongle_scantime_out;
6323 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_UNASSOC_TIME,
6324 BRCMF_SCAN_UNASSOC_TIME);
6326 bphy_err(drvr, "Scan unassoc time error (%d)\n", err);
6327 goto dongle_scantime_out;
6330 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_PASSIVE_TIME,
6331 BRCMF_SCAN_PASSIVE_TIME);
6333 bphy_err(drvr, "Scan passive time error (%d)\n", err);
6334 goto dongle_scantime_out;
6337 dongle_scantime_out:
6341 static void brcmf_update_bw40_channel_flag(struct ieee80211_channel *channel,
6342 struct brcmu_chan *ch)
6346 ht40_flag = channel->flags & IEEE80211_CHAN_NO_HT40;
6347 if (ch->sb == BRCMU_CHAN_SB_U) {
6348 if (ht40_flag == IEEE80211_CHAN_NO_HT40)
6349 channel->flags &= ~IEEE80211_CHAN_NO_HT40;
6350 channel->flags |= IEEE80211_CHAN_NO_HT40PLUS;
6352 /* It should be one of
6353 * IEEE80211_CHAN_NO_HT40 or
6354 * IEEE80211_CHAN_NO_HT40PLUS
6356 channel->flags &= ~IEEE80211_CHAN_NO_HT40;
6357 if (ht40_flag == IEEE80211_CHAN_NO_HT40)
6358 channel->flags |= IEEE80211_CHAN_NO_HT40MINUS;
6362 static int brcmf_construct_chaninfo(struct brcmf_cfg80211_info *cfg,
6365 struct wiphy *wiphy = cfg_to_wiphy(cfg);
6366 struct brcmf_pub *drvr = cfg->pub;
6367 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0);
6368 struct ieee80211_supported_band *band;
6369 struct ieee80211_channel *channel;
6370 struct brcmf_chanspec_list *list;
6371 struct brcmu_chan ch;
6378 pbuf = kzalloc(BRCMF_DCMD_MEDLEN, GFP_KERNEL);
6383 list = (struct brcmf_chanspec_list *)pbuf;
6385 err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf,
6388 bphy_err(drvr, "get chanspecs error (%d)\n", err);
6392 band = wiphy->bands[NL80211_BAND_2GHZ];
6394 for (i = 0; i < band->n_channels; i++)
6395 band->channels[i].flags = IEEE80211_CHAN_DISABLED;
6396 band = wiphy->bands[NL80211_BAND_5GHZ];
6398 for (i = 0; i < band->n_channels; i++)
6399 band->channels[i].flags = IEEE80211_CHAN_DISABLED;
6401 total = le32_to_cpu(list->count);
6402 for (i = 0; i < total; i++) {
6403 ch.chspec = (u16)le32_to_cpu(list->element[i]);
6404 cfg->d11inf.decchspec(&ch);
6406 if (ch.band == BRCMU_CHAN_BAND_2G) {
6407 band = wiphy->bands[NL80211_BAND_2GHZ];
6408 } else if (ch.band == BRCMU_CHAN_BAND_5G) {
6409 band = wiphy->bands[NL80211_BAND_5GHZ];
6411 bphy_err(drvr, "Invalid channel Spec. 0x%x.\n",
6417 if (!(bw_cap[band->band] & WLC_BW_40MHZ_BIT) &&
6418 ch.bw == BRCMU_CHAN_BW_40)
6420 if (!(bw_cap[band->band] & WLC_BW_80MHZ_BIT) &&
6421 ch.bw == BRCMU_CHAN_BW_80)
6425 for (j = 0; j < band->n_channels; j++) {
6426 if (band->channels[j].hw_value == ch.control_ch_num) {
6427 channel = &band->channels[j];
6432 /* It seems firmware supports some channel we never
6433 * considered. Something new in IEEE standard?
6435 bphy_err(drvr, "Ignoring unexpected firmware channel %d\n",
6440 if (channel->orig_flags & IEEE80211_CHAN_DISABLED)
6443 /* assuming the chanspecs order is HT20,
6444 * HT40 upper, HT40 lower, and VHT80.
6447 case BRCMU_CHAN_BW_160:
6448 channel->flags &= ~IEEE80211_CHAN_NO_160MHZ;
6450 case BRCMU_CHAN_BW_80:
6451 channel->flags &= ~IEEE80211_CHAN_NO_80MHZ;
6453 case BRCMU_CHAN_BW_40:
6454 brcmf_update_bw40_channel_flag(channel, &ch);
6457 wiphy_warn(wiphy, "Firmware reported unsupported bandwidth %d\n",
6460 case BRCMU_CHAN_BW_20:
6461 /* enable the channel and disable other bandwidths
6462 * for now as mentioned order assure they are enabled
6463 * for subsequent chanspecs.
6465 channel->flags = IEEE80211_CHAN_NO_HT40 |
6466 IEEE80211_CHAN_NO_80MHZ |
6467 IEEE80211_CHAN_NO_160MHZ;
6468 ch.bw = BRCMU_CHAN_BW_20;
6469 cfg->d11inf.encchspec(&ch);
6470 chaninfo = ch.chspec;
6471 err = brcmf_fil_bsscfg_int_get(ifp, "per_chan_info",
6474 if (chaninfo & WL_CHAN_RADAR)
6476 (IEEE80211_CHAN_RADAR |
6477 IEEE80211_CHAN_NO_IR);
6478 if (chaninfo & WL_CHAN_PASSIVE)
6480 IEEE80211_CHAN_NO_IR;
6490 static int brcmf_enable_bw40_2g(struct brcmf_cfg80211_info *cfg)
6492 struct brcmf_pub *drvr = cfg->pub;
6493 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0);
6494 struct ieee80211_supported_band *band;
6495 struct brcmf_fil_bwcap_le band_bwcap;
6496 struct brcmf_chanspec_list *list;
6500 struct brcmu_chan ch;
6504 /* verify support for bw_cap command */
6506 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &val);
6509 /* only set 2G bandwidth using bw_cap command */
6510 band_bwcap.band = cpu_to_le32(WLC_BAND_2G);
6511 band_bwcap.bw_cap = cpu_to_le32(WLC_BW_CAP_40MHZ);
6512 err = brcmf_fil_iovar_data_set(ifp, "bw_cap", &band_bwcap,
6513 sizeof(band_bwcap));
6515 brcmf_dbg(INFO, "fallback to mimo_bw_cap\n");
6516 val = WLC_N_BW_40ALL;
6517 err = brcmf_fil_iovar_int_set(ifp, "mimo_bw_cap", val);
6521 /* update channel info in 2G band */
6522 pbuf = kzalloc(BRCMF_DCMD_MEDLEN, GFP_KERNEL);
6527 ch.band = BRCMU_CHAN_BAND_2G;
6528 ch.bw = BRCMU_CHAN_BW_40;
6529 ch.sb = BRCMU_CHAN_SB_NONE;
6531 cfg->d11inf.encchspec(&ch);
6533 /* pass encoded chanspec in query */
6534 *(__le16 *)pbuf = cpu_to_le16(ch.chspec);
6536 err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf,
6539 bphy_err(drvr, "get chanspecs error (%d)\n", err);
6544 band = cfg_to_wiphy(cfg)->bands[NL80211_BAND_2GHZ];
6545 list = (struct brcmf_chanspec_list *)pbuf;
6546 num_chan = le32_to_cpu(list->count);
6547 for (i = 0; i < num_chan; i++) {
6548 ch.chspec = (u16)le32_to_cpu(list->element[i]);
6549 cfg->d11inf.decchspec(&ch);
6550 if (WARN_ON(ch.band != BRCMU_CHAN_BAND_2G))
6552 if (WARN_ON(ch.bw != BRCMU_CHAN_BW_40))
6554 for (j = 0; j < band->n_channels; j++) {
6555 if (band->channels[j].hw_value == ch.control_ch_num)
6558 if (WARN_ON(j == band->n_channels))
6561 brcmf_update_bw40_channel_flag(&band->channels[j], &ch);
6568 static void brcmf_get_bwcap(struct brcmf_if *ifp, u32 bw_cap[])
6570 struct brcmf_pub *drvr = ifp->drvr;
6571 u32 band, mimo_bwcap;
6575 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &band);
6577 bw_cap[NL80211_BAND_2GHZ] = band;
6579 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &band);
6581 bw_cap[NL80211_BAND_5GHZ] = band;
6587 brcmf_dbg(INFO, "fallback to mimo_bw_cap info\n");
6589 err = brcmf_fil_iovar_int_get(ifp, "mimo_bw_cap", &mimo_bwcap);
6591 /* assume 20MHz if firmware does not give a clue */
6592 mimo_bwcap = WLC_N_BW_20ALL;
6594 switch (mimo_bwcap) {
6595 case WLC_N_BW_40ALL:
6596 bw_cap[NL80211_BAND_2GHZ] |= WLC_BW_40MHZ_BIT;
6598 case WLC_N_BW_20IN2G_40IN5G:
6599 bw_cap[NL80211_BAND_5GHZ] |= WLC_BW_40MHZ_BIT;
6601 case WLC_N_BW_20ALL:
6602 bw_cap[NL80211_BAND_2GHZ] |= WLC_BW_20MHZ_BIT;
6603 bw_cap[NL80211_BAND_5GHZ] |= WLC_BW_20MHZ_BIT;
6606 bphy_err(drvr, "invalid mimo_bw_cap value\n");
6610 static void brcmf_update_ht_cap(struct ieee80211_supported_band *band,
6611 u32 bw_cap[2], u32 nchain)
6613 band->ht_cap.ht_supported = true;
6614 if (bw_cap[band->band] & WLC_BW_40MHZ_BIT) {
6615 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_40;
6616 band->ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
6618 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_20;
6619 band->ht_cap.cap |= IEEE80211_HT_CAP_DSSSCCK40;
6620 band->ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
6621 band->ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_16;
6622 memset(band->ht_cap.mcs.rx_mask, 0xff, nchain);
6623 band->ht_cap.mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED;
6626 static __le16 brcmf_get_mcs_map(u32 nchain, enum ieee80211_vht_mcs_support supp)
6631 for (i = 0, mcs_map = 0xFFFF; i < nchain; i++)
6632 mcs_map = (mcs_map << 2) | supp;
6634 return cpu_to_le16(mcs_map);
6637 static void brcmf_update_vht_cap(struct ieee80211_supported_band *band,
6638 u32 bw_cap[2], u32 nchain, u32 txstreams,
6639 u32 txbf_bfe_cap, u32 txbf_bfr_cap)
6643 /* not allowed in 2.4G band */
6644 if (band->band == NL80211_BAND_2GHZ)
6647 band->vht_cap.vht_supported = true;
6648 /* 80MHz is mandatory */
6649 band->vht_cap.cap |= IEEE80211_VHT_CAP_SHORT_GI_80;
6650 if (bw_cap[band->band] & WLC_BW_160MHZ_BIT) {
6651 band->vht_cap.cap |= IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
6652 band->vht_cap.cap |= IEEE80211_VHT_CAP_SHORT_GI_160;
6654 /* all support 256-QAM */
6655 mcs_map = brcmf_get_mcs_map(nchain, IEEE80211_VHT_MCS_SUPPORT_0_9);
6656 band->vht_cap.vht_mcs.rx_mcs_map = mcs_map;
6657 band->vht_cap.vht_mcs.tx_mcs_map = mcs_map;
6659 /* Beamforming support information */
6660 if (txbf_bfe_cap & BRCMF_TXBF_SU_BFE_CAP)
6661 band->vht_cap.cap |= IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE;
6662 if (txbf_bfe_cap & BRCMF_TXBF_MU_BFE_CAP)
6663 band->vht_cap.cap |= IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE;
6664 if (txbf_bfr_cap & BRCMF_TXBF_SU_BFR_CAP)
6665 band->vht_cap.cap |= IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE;
6666 if (txbf_bfr_cap & BRCMF_TXBF_MU_BFR_CAP)
6667 band->vht_cap.cap |= IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE;
6669 if ((txbf_bfe_cap || txbf_bfr_cap) && (txstreams > 1)) {
6670 band->vht_cap.cap |=
6671 (2 << IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT);
6672 band->vht_cap.cap |= ((txstreams - 1) <<
6673 IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT);
6674 band->vht_cap.cap |=
6675 IEEE80211_VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB;
6679 static int brcmf_setup_wiphybands(struct brcmf_cfg80211_info *cfg)
6681 struct brcmf_pub *drvr = cfg->pub;
6682 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0);
6683 struct wiphy *wiphy = cfg_to_wiphy(cfg);
6686 u32 bw_cap[2] = { WLC_BW_20MHZ_BIT, WLC_BW_20MHZ_BIT };
6691 struct ieee80211_supported_band *band;
6693 u32 txbf_bfe_cap = 0;
6694 u32 txbf_bfr_cap = 0;
6696 (void)brcmf_fil_iovar_int_get(ifp, "vhtmode", &vhtmode);
6697 err = brcmf_fil_iovar_int_get(ifp, "nmode", &nmode);
6699 bphy_err(drvr, "nmode error (%d)\n", err);
6701 brcmf_get_bwcap(ifp, bw_cap);
6703 brcmf_dbg(INFO, "nmode=%d, vhtmode=%d, bw_cap=(%d, %d)\n",
6704 nmode, vhtmode, bw_cap[NL80211_BAND_2GHZ],
6705 bw_cap[NL80211_BAND_5GHZ]);
6707 err = brcmf_fil_iovar_int_get(ifp, "rxchain", &rxchain);
6709 bphy_err(drvr, "rxchain error (%d)\n", err);
6712 for (nchain = 0; rxchain; nchain++)
6713 rxchain = rxchain & (rxchain - 1);
6715 brcmf_dbg(INFO, "nchain=%d\n", nchain);
6717 err = brcmf_construct_chaninfo(cfg, bw_cap);
6719 bphy_err(drvr, "brcmf_construct_chaninfo failed (%d)\n", err);
6724 (void)brcmf_fil_iovar_int_get(ifp, "txstreams", &txstreams);
6725 (void)brcmf_fil_iovar_int_get(ifp, "txbf_bfe_cap",
6727 (void)brcmf_fil_iovar_int_get(ifp, "txbf_bfr_cap",
6731 for (i = 0; i < ARRAY_SIZE(wiphy->bands); i++) {
6732 band = wiphy->bands[i];
6737 brcmf_update_ht_cap(band, bw_cap, nchain);
6739 brcmf_update_vht_cap(band, bw_cap, nchain, txstreams,
6740 txbf_bfe_cap, txbf_bfr_cap);
6746 static const struct ieee80211_txrx_stypes
6747 brcmf_txrx_stypes[NUM_NL80211_IFTYPES] = {
6748 [NL80211_IFTYPE_STATION] = {
6750 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6751 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6753 [NL80211_IFTYPE_P2P_CLIENT] = {
6755 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6756 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6758 [NL80211_IFTYPE_P2P_GO] = {
6760 .rx = BIT(IEEE80211_STYPE_ASSOC_REQ >> 4) |
6761 BIT(IEEE80211_STYPE_REASSOC_REQ >> 4) |
6762 BIT(IEEE80211_STYPE_PROBE_REQ >> 4) |
6763 BIT(IEEE80211_STYPE_DISASSOC >> 4) |
6764 BIT(IEEE80211_STYPE_AUTH >> 4) |
6765 BIT(IEEE80211_STYPE_DEAUTH >> 4) |
6766 BIT(IEEE80211_STYPE_ACTION >> 4)
6768 [NL80211_IFTYPE_P2P_DEVICE] = {
6770 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6771 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6773 [NL80211_IFTYPE_AP] = {
6775 .rx = BIT(IEEE80211_STYPE_ASSOC_REQ >> 4) |
6776 BIT(IEEE80211_STYPE_REASSOC_REQ >> 4) |
6777 BIT(IEEE80211_STYPE_PROBE_REQ >> 4) |
6778 BIT(IEEE80211_STYPE_DISASSOC >> 4) |
6779 BIT(IEEE80211_STYPE_AUTH >> 4) |
6780 BIT(IEEE80211_STYPE_DEAUTH >> 4) |
6781 BIT(IEEE80211_STYPE_ACTION >> 4)
6786 * brcmf_setup_ifmodes() - determine interface modes and combinations.
6788 * @wiphy: wiphy object.
6789 * @ifp: interface object needed for feat module api.
6791 * The interface modes and combinations are determined dynamically here
6792 * based on firmware functionality.
6794 * no p2p and no mbss:
6796 * #STA <= 1, #AP <= 1, channels = 1, 2 total
6800 * #STA <= 1, #AP <= 1, channels = 1, 2 total
6801 * #AP <= 4, matching BI, channels = 1, 4 total
6804 * #STA <= 1, #AP <= 2, channels = 2, 4 total
6806 * p2p, no mchan, and mbss:
6808 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 1, channels = 1, 3 total
6809 * #STA <= 1, #P2P-DEV <= 1, #AP <= 1, #P2P-CL <= 1, channels = 1, 4 total
6810 * #AP <= 4, matching BI, channels = 1, 4 total
6812 * p2p, mchan, and mbss:
6814 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 1, channels = 2, 3 total
6815 * #STA <= 1, #P2P-DEV <= 1, #AP <= 1, #P2P-CL <= 1, channels = 1, 4 total
6816 * #AP <= 4, matching BI, channels = 1, 4 total
6818 * p2p, rsdb, and no mbss:
6819 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 2, AP <= 2,
6820 * channels = 2, 4 total
6822 static int brcmf_setup_ifmodes(struct wiphy *wiphy, struct brcmf_if *ifp)
6824 struct ieee80211_iface_combination *combo = NULL;
6825 struct ieee80211_iface_limit *c0_limits = NULL;
6826 struct ieee80211_iface_limit *p2p_limits = NULL;
6827 struct ieee80211_iface_limit *mbss_limits = NULL;
6828 bool mon_flag, mbss, p2p, rsdb, mchan;
6829 int i, c, n_combos, n_limits;
6831 mon_flag = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MONITOR_FLAG);
6832 mbss = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS);
6833 p2p = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_P2P);
6834 rsdb = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_RSDB);
6835 mchan = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MCHAN);
6837 n_combos = 1 + !!(p2p && !rsdb) + !!mbss;
6838 combo = kcalloc(n_combos, sizeof(*combo), GFP_KERNEL);
6842 wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
6843 BIT(NL80211_IFTYPE_ADHOC) |
6844 BIT(NL80211_IFTYPE_AP);
6846 wiphy->interface_modes |= BIT(NL80211_IFTYPE_MONITOR);
6848 wiphy->interface_modes |= BIT(NL80211_IFTYPE_P2P_CLIENT) |
6849 BIT(NL80211_IFTYPE_P2P_GO) |
6850 BIT(NL80211_IFTYPE_P2P_DEVICE);
6854 n_limits = 1 + mon_flag + (p2p ? 2 : 0) + (rsdb || !p2p);
6855 c0_limits = kcalloc(n_limits, sizeof(*c0_limits), GFP_KERNEL);
6859 combo[c].num_different_channels = 1 + (rsdb || (p2p && mchan));
6860 c0_limits[i].max = 1;
6861 c0_limits[i++].types = BIT(NL80211_IFTYPE_STATION);
6863 c0_limits[i].max = 1;
6864 c0_limits[i++].types = BIT(NL80211_IFTYPE_MONITOR);
6867 c0_limits[i].max = 1;
6868 c0_limits[i++].types = BIT(NL80211_IFTYPE_P2P_DEVICE);
6869 c0_limits[i].max = 1 + rsdb;
6870 c0_limits[i++].types = BIT(NL80211_IFTYPE_P2P_CLIENT) |
6871 BIT(NL80211_IFTYPE_P2P_GO);
6874 c0_limits[i].max = 2;
6875 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP);
6876 combo[c].max_interfaces = 4;
6878 combo[c].max_interfaces = i;
6880 c0_limits[i].max = 2;
6881 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP);
6882 combo[c].max_interfaces = 3;
6884 c0_limits[i].max = 1;
6885 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP);
6886 combo[c].max_interfaces = i;
6888 combo[c].n_limits = i;
6889 combo[c].limits = c0_limits;
6894 p2p_limits = kcalloc(4, sizeof(*p2p_limits), GFP_KERNEL);
6897 p2p_limits[i].max = 1;
6898 p2p_limits[i++].types = BIT(NL80211_IFTYPE_STATION);
6899 p2p_limits[i].max = 1;
6900 p2p_limits[i++].types = BIT(NL80211_IFTYPE_AP);
6901 p2p_limits[i].max = 1;
6902 p2p_limits[i++].types = BIT(NL80211_IFTYPE_P2P_CLIENT);
6903 p2p_limits[i].max = 1;
6904 p2p_limits[i++].types = BIT(NL80211_IFTYPE_P2P_DEVICE);
6905 combo[c].num_different_channels = 1;
6906 combo[c].max_interfaces = i;
6907 combo[c].n_limits = i;
6908 combo[c].limits = p2p_limits;
6914 n_limits = 1 + mon_flag;
6915 mbss_limits = kcalloc(n_limits, sizeof(*mbss_limits),
6919 mbss_limits[i].max = 4;
6920 mbss_limits[i++].types = BIT(NL80211_IFTYPE_AP);
6922 mbss_limits[i].max = 1;
6923 mbss_limits[i++].types = BIT(NL80211_IFTYPE_MONITOR);
6925 combo[c].beacon_int_infra_match = true;
6926 combo[c].num_different_channels = 1;
6927 combo[c].max_interfaces = 4 + mon_flag;
6928 combo[c].n_limits = i;
6929 combo[c].limits = mbss_limits;
6932 wiphy->n_iface_combinations = n_combos;
6933 wiphy->iface_combinations = combo;
6945 static const struct wiphy_wowlan_support brcmf_wowlan_support = {
6946 .flags = WIPHY_WOWLAN_MAGIC_PKT | WIPHY_WOWLAN_DISCONNECT,
6947 .n_patterns = BRCMF_WOWL_MAXPATTERNS,
6948 .pattern_max_len = BRCMF_WOWL_MAXPATTERNSIZE,
6949 .pattern_min_len = 1,
6950 .max_pkt_offset = 1500,
6954 static void brcmf_wiphy_wowl_params(struct wiphy *wiphy, struct brcmf_if *ifp)
6957 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
6958 struct brcmf_pub *drvr = cfg->pub;
6959 struct wiphy_wowlan_support *wowl;
6961 wowl = kmemdup(&brcmf_wowlan_support, sizeof(brcmf_wowlan_support),
6964 bphy_err(drvr, "only support basic wowlan features\n");
6965 wiphy->wowlan = &brcmf_wowlan_support;
6969 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO)) {
6970 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ND)) {
6971 wowl->flags |= WIPHY_WOWLAN_NET_DETECT;
6972 wowl->max_nd_match_sets = BRCMF_PNO_MAX_PFN_COUNT;
6973 init_waitqueue_head(&cfg->wowl.nd_data_wait);
6976 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_GTK)) {
6977 wowl->flags |= WIPHY_WOWLAN_SUPPORTS_GTK_REKEY;
6978 wowl->flags |= WIPHY_WOWLAN_GTK_REKEY_FAILURE;
6981 wiphy->wowlan = wowl;
6985 static int brcmf_setup_wiphy(struct wiphy *wiphy, struct brcmf_if *ifp)
6987 struct brcmf_pub *drvr = ifp->drvr;
6988 const struct ieee80211_iface_combination *combo;
6989 struct ieee80211_supported_band *band;
6990 u16 max_interfaces = 0;
6996 wiphy->max_scan_ssids = WL_NUM_SCAN_MAX;
6997 wiphy->max_scan_ie_len = BRCMF_SCAN_IE_LEN_MAX;
6998 wiphy->max_num_pmkids = BRCMF_MAXPMKID;
7000 err = brcmf_setup_ifmodes(wiphy, ifp);
7004 for (i = 0, combo = wiphy->iface_combinations;
7005 i < wiphy->n_iface_combinations; i++, combo++) {
7006 max_interfaces = max(max_interfaces, combo->max_interfaces);
7009 for (i = 0; i < max_interfaces && i < ARRAY_SIZE(drvr->addresses);
7011 u8 *addr = drvr->addresses[i].addr;
7013 memcpy(addr, drvr->mac, ETH_ALEN);
7016 addr[ETH_ALEN - 1] ^= i;
7019 wiphy->addresses = drvr->addresses;
7020 wiphy->n_addresses = i;
7022 wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM;
7023 wiphy->cipher_suites = brcmf_cipher_suites;
7024 wiphy->n_cipher_suites = ARRAY_SIZE(brcmf_cipher_suites);
7025 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
7026 wiphy->n_cipher_suites--;
7027 wiphy->bss_select_support = BIT(NL80211_BSS_SELECT_ATTR_RSSI) |
7028 BIT(NL80211_BSS_SELECT_ATTR_BAND_PREF) |
7029 BIT(NL80211_BSS_SELECT_ATTR_RSSI_ADJUST);
7031 wiphy->flags |= WIPHY_FLAG_NETNS_OK |
7032 WIPHY_FLAG_PS_ON_BY_DEFAULT |
7033 WIPHY_FLAG_HAVE_AP_SME |
7034 WIPHY_FLAG_OFFCHAN_TX |
7035 WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
7036 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_TDLS))
7037 wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS;
7038 if (!ifp->drvr->settings->roamoff)
7039 wiphy->flags |= WIPHY_FLAG_SUPPORTS_FW_ROAM;
7040 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_FWSUP)) {
7041 wiphy_ext_feature_set(wiphy,
7042 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK);
7043 wiphy_ext_feature_set(wiphy,
7044 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X);
7045 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SAE))
7046 wiphy_ext_feature_set(wiphy,
7047 NL80211_EXT_FEATURE_SAE_OFFLOAD);
7049 wiphy->mgmt_stypes = brcmf_txrx_stypes;
7050 wiphy->max_remain_on_channel_duration = 5000;
7051 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO)) {
7052 gscan = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_GSCAN);
7053 brcmf_pno_wiphy_params(wiphy, gscan);
7055 /* vendor commands/events support */
7056 wiphy->vendor_commands = brcmf_vendor_cmds;
7057 wiphy->n_vendor_commands = BRCMF_VNDR_CMDS_LAST - 1;
7059 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL))
7060 brcmf_wiphy_wowl_params(wiphy, ifp);
7061 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BANDLIST, &bandlist,
7064 bphy_err(drvr, "could not obtain band info: err=%d\n", err);
7067 /* first entry in bandlist is number of bands */
7068 n_bands = le32_to_cpu(bandlist[0]);
7069 for (i = 1; i <= n_bands && i < ARRAY_SIZE(bandlist); i++) {
7070 if (bandlist[i] == cpu_to_le32(WLC_BAND_2G)) {
7071 band = kmemdup(&__wl_band_2ghz, sizeof(__wl_band_2ghz),
7076 band->channels = kmemdup(&__wl_2ghz_channels,
7077 sizeof(__wl_2ghz_channels),
7079 if (!band->channels) {
7084 band->n_channels = ARRAY_SIZE(__wl_2ghz_channels);
7085 wiphy->bands[NL80211_BAND_2GHZ] = band;
7087 if (bandlist[i] == cpu_to_le32(WLC_BAND_5G)) {
7088 band = kmemdup(&__wl_band_5ghz, sizeof(__wl_band_5ghz),
7093 band->channels = kmemdup(&__wl_5ghz_channels,
7094 sizeof(__wl_5ghz_channels),
7096 if (!band->channels) {
7101 band->n_channels = ARRAY_SIZE(__wl_5ghz_channels);
7102 wiphy->bands[NL80211_BAND_5GHZ] = band;
7106 if (wiphy->bands[NL80211_BAND_5GHZ] &&
7107 brcmf_feat_is_enabled(ifp, BRCMF_FEAT_DOT11H))
7108 wiphy_ext_feature_set(wiphy,
7109 NL80211_EXT_FEATURE_DFS_OFFLOAD);
7111 wiphy_read_of_freq_limits(wiphy);
7116 static s32 brcmf_config_dongle(struct brcmf_cfg80211_info *cfg)
7118 struct brcmf_pub *drvr = cfg->pub;
7119 struct net_device *ndev;
7120 struct wireless_dev *wdev;
7121 struct brcmf_if *ifp;
7128 ndev = cfg_to_ndev(cfg);
7129 wdev = ndev->ieee80211_ptr;
7130 ifp = netdev_priv(ndev);
7132 /* make sure RF is ready for work */
7133 brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 0);
7135 brcmf_dongle_scantime(ifp);
7137 power_mode = cfg->pwr_save ? PM_FAST : PM_OFF;
7138 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, power_mode);
7140 goto default_conf_out;
7141 brcmf_dbg(INFO, "power save set to %s\n",
7142 (power_mode ? "enabled" : "disabled"));
7144 err = brcmf_dongle_roam(ifp);
7146 goto default_conf_out;
7147 err = brcmf_cfg80211_change_iface(wdev->wiphy, ndev, wdev->iftype,
7150 goto default_conf_out;
7152 brcmf_configure_arp_nd_offload(ifp, true);
7154 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_FAKEFRAG, 1);
7156 bphy_err(drvr, "failed to set frameburst mode\n");
7157 goto default_conf_out;
7160 cfg->dongle_up = true;
7167 static s32 __brcmf_cfg80211_up(struct brcmf_if *ifp)
7169 set_bit(BRCMF_VIF_STATUS_READY, &ifp->vif->sme_state);
7171 return brcmf_config_dongle(ifp->drvr->config);
7174 static s32 __brcmf_cfg80211_down(struct brcmf_if *ifp)
7176 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
7179 * While going down, if associated with AP disassociate
7180 * from AP to save power
7182 if (check_vif_up(ifp->vif)) {
7183 brcmf_link_down(ifp->vif, WLAN_REASON_UNSPECIFIED);
7185 /* Make sure WPA_Supplicant receives all the event
7186 generated due to DISASSOC call to the fw to keep
7187 the state fw and WPA_Supplicant state consistent
7192 brcmf_abort_scanning(cfg);
7193 clear_bit(BRCMF_VIF_STATUS_READY, &ifp->vif->sme_state);
7198 s32 brcmf_cfg80211_up(struct net_device *ndev)
7200 struct brcmf_if *ifp = netdev_priv(ndev);
7201 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
7204 mutex_lock(&cfg->usr_sync);
7205 err = __brcmf_cfg80211_up(ifp);
7206 mutex_unlock(&cfg->usr_sync);
7211 s32 brcmf_cfg80211_down(struct net_device *ndev)
7213 struct brcmf_if *ifp = netdev_priv(ndev);
7214 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
7217 mutex_lock(&cfg->usr_sync);
7218 err = __brcmf_cfg80211_down(ifp);
7219 mutex_unlock(&cfg->usr_sync);
7224 enum nl80211_iftype brcmf_cfg80211_get_iftype(struct brcmf_if *ifp)
7226 struct wireless_dev *wdev = &ifp->vif->wdev;
7228 return wdev->iftype;
7231 bool brcmf_get_vif_state_any(struct brcmf_cfg80211_info *cfg,
7232 unsigned long state)
7234 struct brcmf_cfg80211_vif *vif;
7236 list_for_each_entry(vif, &cfg->vif_list, list) {
7237 if (test_bit(state, &vif->sme_state))
7243 static inline bool vif_event_equals(struct brcmf_cfg80211_vif_event *event,
7248 spin_lock(&event->vif_event_lock);
7249 evt_action = event->action;
7250 spin_unlock(&event->vif_event_lock);
7251 return evt_action == action;
7254 void brcmf_cfg80211_arm_vif_event(struct brcmf_cfg80211_info *cfg,
7255 struct brcmf_cfg80211_vif *vif)
7257 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
7259 spin_lock(&event->vif_event_lock);
7262 spin_unlock(&event->vif_event_lock);
7265 bool brcmf_cfg80211_vif_event_armed(struct brcmf_cfg80211_info *cfg)
7267 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
7270 spin_lock(&event->vif_event_lock);
7271 armed = event->vif != NULL;
7272 spin_unlock(&event->vif_event_lock);
7277 int brcmf_cfg80211_wait_vif_event(struct brcmf_cfg80211_info *cfg,
7278 u8 action, ulong timeout)
7280 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
7282 return wait_event_timeout(event->vif_wq,
7283 vif_event_equals(event, action), timeout);
7286 static s32 brcmf_translate_country_code(struct brcmf_pub *drvr, char alpha2[2],
7287 struct brcmf_fil_country_le *ccreq)
7289 struct brcmfmac_pd_cc *country_codes;
7290 struct brcmfmac_pd_cc_entry *cc;
7294 country_codes = drvr->settings->country_codes;
7295 if (!country_codes) {
7296 brcmf_dbg(TRACE, "No country codes configured for device\n");
7300 if ((alpha2[0] == ccreq->country_abbrev[0]) &&
7301 (alpha2[1] == ccreq->country_abbrev[1])) {
7302 brcmf_dbg(TRACE, "Country code already set\n");
7307 for (i = 0; i < country_codes->table_size; i++) {
7308 cc = &country_codes->table[i];
7309 if ((cc->iso3166[0] == '\0') && (found_index == -1))
7311 if ((cc->iso3166[0] == alpha2[0]) &&
7312 (cc->iso3166[1] == alpha2[1])) {
7317 if (found_index == -1) {
7318 brcmf_dbg(TRACE, "No country code match found\n");
7321 memset(ccreq, 0, sizeof(*ccreq));
7322 ccreq->rev = cpu_to_le32(country_codes->table[found_index].rev);
7323 memcpy(ccreq->ccode, country_codes->table[found_index].cc,
7324 BRCMF_COUNTRY_BUF_SZ);
7325 ccreq->country_abbrev[0] = alpha2[0];
7326 ccreq->country_abbrev[1] = alpha2[1];
7327 ccreq->country_abbrev[2] = 0;
7332 static void brcmf_cfg80211_reg_notifier(struct wiphy *wiphy,
7333 struct regulatory_request *req)
7335 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
7336 struct brcmf_if *ifp = brcmf_get_ifp(cfg->pub, 0);
7337 struct brcmf_pub *drvr = cfg->pub;
7338 struct brcmf_fil_country_le ccreq;
7342 /* The country code gets set to "00" by default at boot, ignore */
7343 if (req->alpha2[0] == '0' && req->alpha2[1] == '0')
7346 /* ignore non-ISO3166 country codes */
7347 for (i = 0; i < 2; i++)
7348 if (req->alpha2[i] < 'A' || req->alpha2[i] > 'Z') {
7349 bphy_err(drvr, "not an ISO3166 code (0x%02x 0x%02x)\n",
7350 req->alpha2[0], req->alpha2[1]);
7354 brcmf_dbg(TRACE, "Enter: initiator=%d, alpha=%c%c\n", req->initiator,
7355 req->alpha2[0], req->alpha2[1]);
7357 err = brcmf_fil_iovar_data_get(ifp, "country", &ccreq, sizeof(ccreq));
7359 bphy_err(drvr, "Country code iovar returned err = %d\n", err);
7363 err = brcmf_translate_country_code(ifp->drvr, req->alpha2, &ccreq);
7367 err = brcmf_fil_iovar_data_set(ifp, "country", &ccreq, sizeof(ccreq));
7369 bphy_err(drvr, "Firmware rejected country setting\n");
7372 brcmf_setup_wiphybands(cfg);
7375 static void brcmf_free_wiphy(struct wiphy *wiphy)
7382 if (wiphy->iface_combinations) {
7383 for (i = 0; i < wiphy->n_iface_combinations; i++)
7384 kfree(wiphy->iface_combinations[i].limits);
7386 kfree(wiphy->iface_combinations);
7387 if (wiphy->bands[NL80211_BAND_2GHZ]) {
7388 kfree(wiphy->bands[NL80211_BAND_2GHZ]->channels);
7389 kfree(wiphy->bands[NL80211_BAND_2GHZ]);
7391 if (wiphy->bands[NL80211_BAND_5GHZ]) {
7392 kfree(wiphy->bands[NL80211_BAND_5GHZ]->channels);
7393 kfree(wiphy->bands[NL80211_BAND_5GHZ]);
7395 #if IS_ENABLED(CONFIG_PM)
7396 if (wiphy->wowlan != &brcmf_wowlan_support)
7397 kfree(wiphy->wowlan);
7401 struct brcmf_cfg80211_info *brcmf_cfg80211_attach(struct brcmf_pub *drvr,
7402 struct cfg80211_ops *ops,
7405 struct wiphy *wiphy = drvr->wiphy;
7406 struct net_device *ndev = brcmf_get_ifp(drvr, 0)->ndev;
7407 struct brcmf_cfg80211_info *cfg;
7408 struct brcmf_cfg80211_vif *vif;
7409 struct brcmf_if *ifp;
7415 bphy_err(drvr, "ndev is invalid\n");
7419 cfg = kzalloc(sizeof(*cfg), GFP_KERNEL);
7421 bphy_err(drvr, "Could not allocate wiphy device\n");
7427 init_vif_event(&cfg->vif_event);
7428 INIT_LIST_HEAD(&cfg->vif_list);
7430 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_STATION);
7434 ifp = netdev_priv(ndev);
7436 vif->wdev.netdev = ndev;
7437 ndev->ieee80211_ptr = &vif->wdev;
7438 SET_NETDEV_DEV(ndev, wiphy_dev(cfg->wiphy));
7440 err = wl_init_priv(cfg);
7442 bphy_err(drvr, "Failed to init iwm_priv (%d)\n", err);
7443 brcmf_free_vif(vif);
7448 /* determine d11 io type before wiphy setup */
7449 err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_VERSION, &io_type);
7451 bphy_err(drvr, "Failed to get D11 version (%d)\n", err);
7454 cfg->d11inf.io_type = (u8)io_type;
7455 brcmu_d11_attach(&cfg->d11inf);
7457 /* regulatory notifer below needs access to cfg so
7462 err = brcmf_setup_wiphy(wiphy, ifp);
7466 brcmf_dbg(INFO, "Registering custom regulatory\n");
7467 wiphy->reg_notifier = brcmf_cfg80211_reg_notifier;
7468 wiphy->regulatory_flags |= REGULATORY_CUSTOM_REG;
7469 wiphy_apply_custom_regulatory(wiphy, &brcmf_regdom);
7471 /* firmware defaults to 40MHz disabled in 2G band. We signal
7472 * cfg80211 here that we do and have it decide we can enable
7473 * it. But first check if device does support 2G operation.
7475 if (wiphy->bands[NL80211_BAND_2GHZ]) {
7476 cap = &wiphy->bands[NL80211_BAND_2GHZ]->ht_cap.cap;
7477 *cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
7480 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_GTK))
7481 ops->set_rekey_data = brcmf_cfg80211_set_rekey_data;
7483 err = wiphy_register(wiphy);
7485 bphy_err(drvr, "Could not register wiphy device (%d)\n", err);
7489 err = brcmf_setup_wiphybands(cfg);
7491 bphy_err(drvr, "Setting wiphy bands failed (%d)\n", err);
7492 goto wiphy_unreg_out;
7495 /* If cfg80211 didn't disable 40MHz HT CAP in wiphy_register(),
7496 * setup 40MHz in 2GHz band and enable OBSS scanning.
7498 if (cap && (*cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40)) {
7499 err = brcmf_enable_bw40_2g(cfg);
7501 err = brcmf_fil_iovar_int_set(ifp, "obss_coex",
7502 BRCMF_OBSS_COEX_AUTO);
7504 *cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
7507 err = brcmf_fweh_activate_events(ifp);
7509 bphy_err(drvr, "FWEH activation failed (%d)\n", err);
7510 goto wiphy_unreg_out;
7513 err = brcmf_p2p_attach(cfg, p2pdev_forced);
7515 bphy_err(drvr, "P2P initialisation failed (%d)\n", err);
7516 goto wiphy_unreg_out;
7518 err = brcmf_btcoex_attach(cfg);
7520 bphy_err(drvr, "BT-coex initialisation failed (%d)\n", err);
7521 brcmf_p2p_detach(&cfg->p2p);
7522 goto wiphy_unreg_out;
7524 err = brcmf_pno_attach(cfg);
7526 bphy_err(drvr, "PNO initialisation failed (%d)\n", err);
7527 brcmf_btcoex_detach(cfg);
7528 brcmf_p2p_detach(&cfg->p2p);
7529 goto wiphy_unreg_out;
7532 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_TDLS)) {
7533 err = brcmf_fil_iovar_int_set(ifp, "tdls_enable", 1);
7535 brcmf_dbg(INFO, "TDLS not enabled (%d)\n", err);
7536 wiphy->flags &= ~WIPHY_FLAG_SUPPORTS_TDLS;
7538 brcmf_fweh_register(cfg->pub, BRCMF_E_TDLS_PEER_EVENT,
7539 brcmf_notify_tdls_peer_event);
7543 /* (re-) activate FWEH event handling */
7544 err = brcmf_fweh_activate_events(ifp);
7546 bphy_err(drvr, "FWEH activation failed (%d)\n", err);
7550 /* Fill in some of the advertised nl80211 supported features */
7551 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SCAN_RANDOM_MAC)) {
7552 wiphy->features |= NL80211_FEATURE_SCHED_SCAN_RANDOM_MAC_ADDR;
7554 if (wiphy->wowlan &&
7555 wiphy->wowlan->flags & WIPHY_WOWLAN_NET_DETECT)
7556 wiphy->features |= NL80211_FEATURE_ND_RANDOM_MAC_ADDR;
7563 brcmf_pno_detach(cfg);
7564 brcmf_btcoex_detach(cfg);
7565 brcmf_p2p_detach(&cfg->p2p);
7567 wiphy_unregister(cfg->wiphy);
7569 wl_deinit_priv(cfg);
7570 brcmf_free_vif(vif);
7573 brcmf_free_wiphy(wiphy);
7578 void brcmf_cfg80211_detach(struct brcmf_cfg80211_info *cfg)
7583 brcmf_pno_detach(cfg);
7584 brcmf_btcoex_detach(cfg);
7585 wiphy_unregister(cfg->wiphy);
7586 wl_deinit_priv(cfg);
7587 brcmf_free_wiphy(cfg->wiphy);