1 // SPDX-License-Identifier: ISC
3 * Copyright (c) 2010 Broadcom Corporation
6 /* Toplevel file. Relies on dhd_linux.c to send commands to the dongle. */
8 #include <linux/kernel.h>
9 #include <linux/etherdevice.h>
10 #include <linux/module.h>
11 #include <linux/vmalloc.h>
12 #include <net/cfg80211.h>
13 #include <net/netlink.h>
14 #include <uapi/linux/if_arp.h>
16 #include <brcmu_utils.h>
18 #include <brcmu_wifi.h>
21 #include "tracepoint.h"
22 #include "fwil_types.h"
35 #define BRCMF_SCAN_IE_LEN_MAX 2048
37 #define WPA_OUI "\x00\x50\xF2" /* WPA OUI */
38 #define WPA_OUI_TYPE 1
39 #define RSN_OUI "\x00\x0F\xAC" /* RSN OUI */
40 #define WME_OUI_TYPE 2
41 #define WPS_OUI_TYPE 4
43 #define VS_IE_FIXED_HDR_LEN 6
44 #define WPA_IE_VERSION_LEN 2
45 #define WPA_IE_MIN_OUI_LEN 4
46 #define WPA_IE_SUITE_COUNT_LEN 2
48 #define WPA_CIPHER_NONE 0 /* None */
49 #define WPA_CIPHER_WEP_40 1 /* WEP (40-bit) */
50 #define WPA_CIPHER_TKIP 2 /* TKIP: default for WPA */
51 #define WPA_CIPHER_AES_CCM 4 /* AES (CCM) */
52 #define WPA_CIPHER_WEP_104 5 /* WEP (104-bit) */
54 #define RSN_AKM_NONE 0 /* None (IBSS) */
55 #define RSN_AKM_UNSPECIFIED 1 /* Over 802.1x */
56 #define RSN_AKM_PSK 2 /* Pre-shared Key */
57 #define RSN_AKM_SHA256_1X 5 /* SHA256, 802.1X */
58 #define RSN_AKM_SHA256_PSK 6 /* SHA256, Pre-shared Key */
59 #define RSN_AKM_SAE 8 /* SAE */
60 #define RSN_CAP_LEN 2 /* Length of RSN capabilities */
61 #define RSN_CAP_PTK_REPLAY_CNTR_MASK (BIT(2) | BIT(3))
62 #define RSN_CAP_MFPR_MASK BIT(6)
63 #define RSN_CAP_MFPC_MASK BIT(7)
64 #define RSN_PMKID_COUNT_LEN 2
66 #define VNDR_IE_CMD_LEN 4 /* length of the set command
67 * string :"add", "del" (+ NUL)
69 #define VNDR_IE_COUNT_OFFSET 4
70 #define VNDR_IE_PKTFLAG_OFFSET 8
71 #define VNDR_IE_VSIE_OFFSET 12
72 #define VNDR_IE_HDR_SIZE 12
73 #define VNDR_IE_PARSE_LIMIT 5
75 #define DOT11_MGMT_HDR_LEN 24 /* d11 management header len */
76 #define DOT11_BCN_PRB_FIXED_LEN 12 /* beacon/probe fixed length */
78 #define BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS 320
79 #define BRCMF_SCAN_JOIN_PASSIVE_DWELL_TIME_MS 400
80 #define BRCMF_SCAN_JOIN_PROBE_INTERVAL_MS 20
82 #define BRCMF_SCAN_CHANNEL_TIME 40
83 #define BRCMF_SCAN_UNASSOC_TIME 40
84 #define BRCMF_SCAN_PASSIVE_TIME 120
86 #define BRCMF_ND_INFO_TIMEOUT msecs_to_jiffies(2000)
88 #define BRCMF_PS_MAX_TIMEOUT_MS 2000
90 #define BRCMF_ASSOC_PARAMS_FIXED_SIZE \
91 (sizeof(struct brcmf_assoc_params_le) - sizeof(u16))
93 static bool check_vif_up(struct brcmf_cfg80211_vif *vif)
95 if (!test_bit(BRCMF_VIF_STATUS_READY, &vif->sme_state)) {
96 brcmf_dbg(INFO, "device is not ready : status (%lu)\n",
103 #define RATE_TO_BASE100KBPS(rate) (((rate) * 10) / 2)
104 #define RATETAB_ENT(_rateid, _flags) \
106 .bitrate = RATE_TO_BASE100KBPS(_rateid), \
107 .hw_value = (_rateid), \
111 static struct ieee80211_rate __wl_rates[] = {
112 RATETAB_ENT(BRCM_RATE_1M, 0),
113 RATETAB_ENT(BRCM_RATE_2M, IEEE80211_RATE_SHORT_PREAMBLE),
114 RATETAB_ENT(BRCM_RATE_5M5, IEEE80211_RATE_SHORT_PREAMBLE),
115 RATETAB_ENT(BRCM_RATE_11M, IEEE80211_RATE_SHORT_PREAMBLE),
116 RATETAB_ENT(BRCM_RATE_6M, 0),
117 RATETAB_ENT(BRCM_RATE_9M, 0),
118 RATETAB_ENT(BRCM_RATE_12M, 0),
119 RATETAB_ENT(BRCM_RATE_18M, 0),
120 RATETAB_ENT(BRCM_RATE_24M, 0),
121 RATETAB_ENT(BRCM_RATE_36M, 0),
122 RATETAB_ENT(BRCM_RATE_48M, 0),
123 RATETAB_ENT(BRCM_RATE_54M, 0),
126 #define wl_g_rates (__wl_rates + 0)
127 #define wl_g_rates_size ARRAY_SIZE(__wl_rates)
128 #define wl_a_rates (__wl_rates + 4)
129 #define wl_a_rates_size (wl_g_rates_size - 4)
131 #define CHAN2G(_channel, _freq) { \
132 .band = NL80211_BAND_2GHZ, \
133 .center_freq = (_freq), \
134 .hw_value = (_channel), \
135 .max_antenna_gain = 0, \
139 #define CHAN5G(_channel) { \
140 .band = NL80211_BAND_5GHZ, \
141 .center_freq = 5000 + (5 * (_channel)), \
142 .hw_value = (_channel), \
143 .max_antenna_gain = 0, \
147 static struct ieee80211_channel __wl_2ghz_channels[] = {
148 CHAN2G(1, 2412), CHAN2G(2, 2417), CHAN2G(3, 2422), CHAN2G(4, 2427),
149 CHAN2G(5, 2432), CHAN2G(6, 2437), CHAN2G(7, 2442), CHAN2G(8, 2447),
150 CHAN2G(9, 2452), CHAN2G(10, 2457), CHAN2G(11, 2462), CHAN2G(12, 2467),
151 CHAN2G(13, 2472), CHAN2G(14, 2484)
154 static struct ieee80211_channel __wl_5ghz_channels[] = {
155 CHAN5G(34), CHAN5G(36), CHAN5G(38), CHAN5G(40), CHAN5G(42),
156 CHAN5G(44), CHAN5G(46), CHAN5G(48), CHAN5G(52), CHAN5G(56),
157 CHAN5G(60), CHAN5G(64), CHAN5G(100), CHAN5G(104), CHAN5G(108),
158 CHAN5G(112), CHAN5G(116), CHAN5G(120), CHAN5G(124), CHAN5G(128),
159 CHAN5G(132), CHAN5G(136), CHAN5G(140), CHAN5G(144), CHAN5G(149),
160 CHAN5G(153), CHAN5G(157), CHAN5G(161), CHAN5G(165)
163 /* Band templates duplicated per wiphy. The channel info
164 * above is added to the band during setup.
166 static const struct ieee80211_supported_band __wl_band_2ghz = {
167 .band = NL80211_BAND_2GHZ,
168 .bitrates = wl_g_rates,
169 .n_bitrates = wl_g_rates_size,
172 static const struct ieee80211_supported_band __wl_band_5ghz = {
173 .band = NL80211_BAND_5GHZ,
174 .bitrates = wl_a_rates,
175 .n_bitrates = wl_a_rates_size,
178 /* This is to override regulatory domains defined in cfg80211 module (reg.c)
179 * By default world regulatory domain defined in reg.c puts the flags
180 * NL80211_RRF_NO_IR for 5GHz channels (for * 36..48 and 149..165).
181 * With respect to these flags, wpa_supplicant doesn't * start p2p
182 * operations on 5GHz channels. All the changes in world regulatory
183 * domain are to be done here.
185 static const struct ieee80211_regdomain brcmf_regdom = {
189 /* IEEE 802.11b/g, channels 1..11 */
190 REG_RULE(2412-10, 2472+10, 40, 6, 20, 0),
192 /* IEEE 802.11 channel 14 - Only JP enables
193 * this and for 802.11b only
195 REG_RULE(2484-10, 2484+10, 20, 6, 20, 0),
196 /* IEEE 802.11a, channel 36..64 */
197 REG_RULE(5150-10, 5350+10, 160, 6, 20, 0),
198 /* IEEE 802.11a, channel 100..165 */
199 REG_RULE(5470-10, 5850+10, 160, 6, 20, 0), }
202 /* Note: brcmf_cipher_suites is an array of int defining which cipher suites
203 * are supported. A pointer to this array and the number of entries is passed
204 * on to upper layers. AES_CMAC defines whether or not the driver supports MFP.
205 * So the cipher suite AES_CMAC has to be the last one in the array, and when
206 * device does not support MFP then the number of suites will be decreased by 1
208 static const u32 brcmf_cipher_suites[] = {
209 WLAN_CIPHER_SUITE_WEP40,
210 WLAN_CIPHER_SUITE_WEP104,
211 WLAN_CIPHER_SUITE_TKIP,
212 WLAN_CIPHER_SUITE_CCMP,
213 /* Keep as last entry: */
214 WLAN_CIPHER_SUITE_AES_CMAC
217 /* Vendor specific ie. id = 221, oui and type defines exact ie */
218 struct brcmf_vs_tlv {
225 struct parsed_vndr_ie_info {
227 u32 ie_len; /* total length including id & length field */
228 struct brcmf_vs_tlv vndrie;
231 struct parsed_vndr_ies {
233 struct parsed_vndr_ie_info ie_info[VNDR_IE_PARSE_LIMIT];
236 static u8 nl80211_band_to_fwil(enum nl80211_band band)
239 case NL80211_BAND_2GHZ:
241 case NL80211_BAND_5GHZ:
250 static u16 chandef_to_chanspec(struct brcmu_d11inf *d11inf,
251 struct cfg80211_chan_def *ch)
253 struct brcmu_chan ch_inf;
256 brcmf_dbg(TRACE, "chandef: control %d center %d width %d\n",
257 ch->chan->center_freq, ch->center_freq1, ch->width);
258 ch_inf.chnum = ieee80211_frequency_to_channel(ch->center_freq1);
259 primary_offset = ch->chan->center_freq - ch->center_freq1;
261 case NL80211_CHAN_WIDTH_20:
262 case NL80211_CHAN_WIDTH_20_NOHT:
263 ch_inf.bw = BRCMU_CHAN_BW_20;
264 WARN_ON(primary_offset != 0);
266 case NL80211_CHAN_WIDTH_40:
267 ch_inf.bw = BRCMU_CHAN_BW_40;
268 if (primary_offset > 0)
269 ch_inf.sb = BRCMU_CHAN_SB_U;
271 ch_inf.sb = BRCMU_CHAN_SB_L;
273 case NL80211_CHAN_WIDTH_80:
274 ch_inf.bw = BRCMU_CHAN_BW_80;
275 if (primary_offset == -30)
276 ch_inf.sb = BRCMU_CHAN_SB_LL;
277 else if (primary_offset == -10)
278 ch_inf.sb = BRCMU_CHAN_SB_LU;
279 else if (primary_offset == 10)
280 ch_inf.sb = BRCMU_CHAN_SB_UL;
282 ch_inf.sb = BRCMU_CHAN_SB_UU;
284 case NL80211_CHAN_WIDTH_160:
285 ch_inf.bw = BRCMU_CHAN_BW_160;
286 if (primary_offset == -70)
287 ch_inf.sb = BRCMU_CHAN_SB_LLL;
288 else if (primary_offset == -50)
289 ch_inf.sb = BRCMU_CHAN_SB_LLU;
290 else if (primary_offset == -30)
291 ch_inf.sb = BRCMU_CHAN_SB_LUL;
292 else if (primary_offset == -10)
293 ch_inf.sb = BRCMU_CHAN_SB_LUU;
294 else if (primary_offset == 10)
295 ch_inf.sb = BRCMU_CHAN_SB_ULL;
296 else if (primary_offset == 30)
297 ch_inf.sb = BRCMU_CHAN_SB_ULU;
298 else if (primary_offset == 50)
299 ch_inf.sb = BRCMU_CHAN_SB_UUL;
301 ch_inf.sb = BRCMU_CHAN_SB_UUU;
303 case NL80211_CHAN_WIDTH_80P80:
304 case NL80211_CHAN_WIDTH_5:
305 case NL80211_CHAN_WIDTH_10:
309 switch (ch->chan->band) {
310 case NL80211_BAND_2GHZ:
311 ch_inf.band = BRCMU_CHAN_BAND_2G;
313 case NL80211_BAND_5GHZ:
314 ch_inf.band = BRCMU_CHAN_BAND_5G;
316 case NL80211_BAND_60GHZ:
320 d11inf->encchspec(&ch_inf);
322 brcmf_dbg(TRACE, "chanspec: 0x%x\n", ch_inf.chspec);
323 return ch_inf.chspec;
326 u16 channel_to_chanspec(struct brcmu_d11inf *d11inf,
327 struct ieee80211_channel *ch)
329 struct brcmu_chan ch_inf;
331 ch_inf.chnum = ieee80211_frequency_to_channel(ch->center_freq);
332 ch_inf.bw = BRCMU_CHAN_BW_20;
333 d11inf->encchspec(&ch_inf);
335 return ch_inf.chspec;
338 /* Traverse a string of 1-byte tag/1-byte length/variable-length value
339 * triples, returning a pointer to the substring whose first element
342 static const struct brcmf_tlv *
343 brcmf_parse_tlvs(const void *buf, int buflen, uint key)
345 const struct brcmf_tlv *elt = buf;
348 /* find tagged parameter */
349 while (totlen >= TLV_HDR_LEN) {
352 /* validate remaining totlen */
353 if ((elt->id == key) && (totlen >= (len + TLV_HDR_LEN)))
356 elt = (struct brcmf_tlv *)((u8 *)elt + (len + TLV_HDR_LEN));
357 totlen -= (len + TLV_HDR_LEN);
363 /* Is any of the tlvs the expected entry? If
364 * not update the tlvs buffer pointer/length.
367 brcmf_tlv_has_ie(const u8 *ie, const u8 **tlvs, u32 *tlvs_len,
368 const u8 *oui, u32 oui_len, u8 type)
370 /* If the contents match the OUI and the type */
371 if (ie[TLV_LEN_OFF] >= oui_len + 1 &&
372 !memcmp(&ie[TLV_BODY_OFF], oui, oui_len) &&
373 type == ie[TLV_BODY_OFF + oui_len]) {
379 /* point to the next ie */
380 ie += ie[TLV_LEN_OFF] + TLV_HDR_LEN;
381 /* calculate the length of the rest of the buffer */
382 *tlvs_len -= (int)(ie - *tlvs);
383 /* update the pointer to the start of the buffer */
389 static struct brcmf_vs_tlv *
390 brcmf_find_wpaie(const u8 *parse, u32 len)
392 const struct brcmf_tlv *ie;
394 while ((ie = brcmf_parse_tlvs(parse, len, WLAN_EID_VENDOR_SPECIFIC))) {
395 if (brcmf_tlv_has_ie((const u8 *)ie, &parse, &len,
396 WPA_OUI, TLV_OUI_LEN, WPA_OUI_TYPE))
397 return (struct brcmf_vs_tlv *)ie;
402 static struct brcmf_vs_tlv *
403 brcmf_find_wpsie(const u8 *parse, u32 len)
405 const struct brcmf_tlv *ie;
407 while ((ie = brcmf_parse_tlvs(parse, len, WLAN_EID_VENDOR_SPECIFIC))) {
408 if (brcmf_tlv_has_ie((u8 *)ie, &parse, &len,
409 WPA_OUI, TLV_OUI_LEN, WPS_OUI_TYPE))
410 return (struct brcmf_vs_tlv *)ie;
415 static int brcmf_vif_change_validate(struct brcmf_cfg80211_info *cfg,
416 struct brcmf_cfg80211_vif *vif,
417 enum nl80211_iftype new_type)
419 struct brcmf_cfg80211_vif *pos;
420 bool check_combos = false;
422 struct iface_combination_params params = {
423 .num_different_channels = 1,
426 list_for_each_entry(pos, &cfg->vif_list, list)
428 params.iftype_num[new_type]++;
430 /* concurrent interfaces so need check combinations */
432 params.iftype_num[pos->wdev.iftype]++;
436 ret = cfg80211_check_combinations(cfg->wiphy, ¶ms);
441 static int brcmf_vif_add_validate(struct brcmf_cfg80211_info *cfg,
442 enum nl80211_iftype new_type)
444 struct brcmf_cfg80211_vif *pos;
445 struct iface_combination_params params = {
446 .num_different_channels = 1,
449 list_for_each_entry(pos, &cfg->vif_list, list)
450 params.iftype_num[pos->wdev.iftype]++;
452 params.iftype_num[new_type]++;
453 return cfg80211_check_combinations(cfg->wiphy, ¶ms);
456 static void convert_key_from_CPU(struct brcmf_wsec_key *key,
457 struct brcmf_wsec_key_le *key_le)
459 key_le->index = cpu_to_le32(key->index);
460 key_le->len = cpu_to_le32(key->len);
461 key_le->algo = cpu_to_le32(key->algo);
462 key_le->flags = cpu_to_le32(key->flags);
463 key_le->rxiv.hi = cpu_to_le32(key->rxiv.hi);
464 key_le->rxiv.lo = cpu_to_le16(key->rxiv.lo);
465 key_le->iv_initialized = cpu_to_le32(key->iv_initialized);
466 memcpy(key_le->data, key->data, sizeof(key->data));
467 memcpy(key_le->ea, key->ea, sizeof(key->ea));
471 send_key_to_dongle(struct brcmf_if *ifp, struct brcmf_wsec_key *key)
473 struct brcmf_pub *drvr = ifp->drvr;
475 struct brcmf_wsec_key_le key_le;
477 convert_key_from_CPU(key, &key_le);
479 brcmf_netdev_wait_pend8021x(ifp);
481 err = brcmf_fil_bsscfg_data_set(ifp, "wsec_key", &key_le,
485 bphy_err(drvr, "wsec_key error (%d)\n", err);
490 brcmf_cfg80211_update_proto_addr_mode(struct wireless_dev *wdev)
492 struct brcmf_cfg80211_vif *vif;
493 struct brcmf_if *ifp;
495 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
498 if ((wdev->iftype == NL80211_IFTYPE_ADHOC) ||
499 (wdev->iftype == NL80211_IFTYPE_AP) ||
500 (wdev->iftype == NL80211_IFTYPE_P2P_GO))
501 brcmf_proto_configure_addr_mode(ifp->drvr, ifp->ifidx,
504 brcmf_proto_configure_addr_mode(ifp->drvr, ifp->ifidx,
508 static int brcmf_get_first_free_bsscfgidx(struct brcmf_pub *drvr)
512 for (bsscfgidx = 0; bsscfgidx < BRCMF_MAX_IFS; bsscfgidx++) {
513 /* bsscfgidx 1 is reserved for legacy P2P */
516 if (!drvr->iflist[bsscfgidx])
523 static int brcmf_cfg80211_request_ap_if(struct brcmf_if *ifp)
525 struct brcmf_pub *drvr = ifp->drvr;
526 struct brcmf_mbss_ssid_le mbss_ssid_le;
530 memset(&mbss_ssid_le, 0, sizeof(mbss_ssid_le));
531 bsscfgidx = brcmf_get_first_free_bsscfgidx(ifp->drvr);
535 mbss_ssid_le.bsscfgidx = cpu_to_le32(bsscfgidx);
536 mbss_ssid_le.SSID_len = cpu_to_le32(5);
537 sprintf(mbss_ssid_le.SSID, "ssid%d" , bsscfgidx);
539 err = brcmf_fil_bsscfg_data_set(ifp, "bsscfg:ssid", &mbss_ssid_le,
540 sizeof(mbss_ssid_le));
542 bphy_err(drvr, "setting ssid failed %d\n", err);
548 * brcmf_ap_add_vif() - create a new AP virtual interface for multiple BSS
550 * @wiphy: wiphy device of new interface.
551 * @name: name of the new interface.
552 * @params: contains mac address for AP device.
555 struct wireless_dev *brcmf_ap_add_vif(struct wiphy *wiphy, const char *name,
556 struct vif_params *params)
558 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
559 struct brcmf_if *ifp = netdev_priv(cfg_to_ndev(cfg));
560 struct brcmf_pub *drvr = cfg->pub;
561 struct brcmf_cfg80211_vif *vif;
564 if (brcmf_cfg80211_vif_event_armed(cfg))
565 return ERR_PTR(-EBUSY);
567 brcmf_dbg(INFO, "Adding vif \"%s\"\n", name);
569 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_AP);
571 return (struct wireless_dev *)vif;
573 brcmf_cfg80211_arm_vif_event(cfg, vif);
575 err = brcmf_cfg80211_request_ap_if(ifp);
577 brcmf_cfg80211_arm_vif_event(cfg, NULL);
581 /* wait for firmware event */
582 err = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_ADD,
583 BRCMF_VIF_EVENT_TIMEOUT);
584 brcmf_cfg80211_arm_vif_event(cfg, NULL);
586 bphy_err(drvr, "timeout occurred\n");
591 /* interface created in firmware */
594 bphy_err(drvr, "no if pointer provided\n");
599 strncpy(ifp->ndev->name, name, sizeof(ifp->ndev->name) - 1);
600 err = brcmf_net_attach(ifp, true);
602 bphy_err(drvr, "Registering netdevice failed\n");
603 free_netdev(ifp->ndev);
607 return &ifp->vif->wdev;
614 static bool brcmf_is_apmode(struct brcmf_cfg80211_vif *vif)
616 enum nl80211_iftype iftype;
618 iftype = vif->wdev.iftype;
619 return iftype == NL80211_IFTYPE_AP || iftype == NL80211_IFTYPE_P2P_GO;
622 static bool brcmf_is_ibssmode(struct brcmf_cfg80211_vif *vif)
624 return vif->wdev.iftype == NL80211_IFTYPE_ADHOC;
628 * brcmf_mon_add_vif() - create monitor mode virtual interface
630 * @wiphy: wiphy device of new interface.
631 * @name: name of the new interface.
633 static struct wireless_dev *brcmf_mon_add_vif(struct wiphy *wiphy,
636 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
637 struct brcmf_cfg80211_vif *vif;
638 struct net_device *ndev;
639 struct brcmf_if *ifp;
642 if (cfg->pub->mon_if) {
647 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_MONITOR);
653 ndev = alloc_netdev(sizeof(*ifp), name, NET_NAME_UNKNOWN, ether_setup);
658 ndev->type = ARPHRD_IEEE80211_RADIOTAP;
659 ndev->ieee80211_ptr = &vif->wdev;
660 ndev->needs_free_netdev = true;
661 ndev->priv_destructor = brcmf_cfg80211_free_netdev;
662 SET_NETDEV_DEV(ndev, wiphy_dev(cfg->wiphy));
664 ifp = netdev_priv(ndev);
667 ifp->drvr = cfg->pub;
670 vif->wdev.netdev = ndev;
672 err = brcmf_net_mon_attach(ifp);
674 brcmf_err("Failed to attach %s device\n", ndev->name);
679 cfg->pub->mon_if = ifp;
689 static int brcmf_mon_del_vif(struct wiphy *wiphy, struct wireless_dev *wdev)
691 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
692 struct net_device *ndev = wdev->netdev;
694 ndev->netdev_ops->ndo_stop(ndev);
696 brcmf_net_detach(ndev, true);
698 cfg->pub->mon_if = NULL;
703 static struct wireless_dev *brcmf_cfg80211_add_iface(struct wiphy *wiphy,
705 unsigned char name_assign_type,
706 enum nl80211_iftype type,
707 struct vif_params *params)
709 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
710 struct brcmf_pub *drvr = cfg->pub;
711 struct wireless_dev *wdev;
714 brcmf_dbg(TRACE, "enter: %s type %d\n", name, type);
715 err = brcmf_vif_add_validate(wiphy_to_cfg(wiphy), type);
717 bphy_err(drvr, "iface validation failed: err=%d\n", err);
721 case NL80211_IFTYPE_ADHOC:
722 case NL80211_IFTYPE_STATION:
723 case NL80211_IFTYPE_AP_VLAN:
724 case NL80211_IFTYPE_WDS:
725 case NL80211_IFTYPE_MESH_POINT:
726 return ERR_PTR(-EOPNOTSUPP);
727 case NL80211_IFTYPE_MONITOR:
728 return brcmf_mon_add_vif(wiphy, name);
729 case NL80211_IFTYPE_AP:
730 wdev = brcmf_ap_add_vif(wiphy, name, params);
732 case NL80211_IFTYPE_P2P_CLIENT:
733 case NL80211_IFTYPE_P2P_GO:
734 case NL80211_IFTYPE_P2P_DEVICE:
735 wdev = brcmf_p2p_add_vif(wiphy, name, name_assign_type, type, params);
737 case NL80211_IFTYPE_UNSPECIFIED:
739 return ERR_PTR(-EINVAL);
743 bphy_err(drvr, "add iface %s type %d failed: err=%d\n", name,
744 type, (int)PTR_ERR(wdev));
746 brcmf_cfg80211_update_proto_addr_mode(wdev);
751 static void brcmf_scan_config_mpc(struct brcmf_if *ifp, int mpc)
753 if (brcmf_feat_is_quirk_enabled(ifp, BRCMF_FEAT_QUIRK_NEED_MPC))
754 brcmf_set_mpc(ifp, mpc);
757 void brcmf_set_mpc(struct brcmf_if *ifp, int mpc)
759 struct brcmf_pub *drvr = ifp->drvr;
762 if (check_vif_up(ifp->vif)) {
763 err = brcmf_fil_iovar_int_set(ifp, "mpc", mpc);
765 bphy_err(drvr, "fail to set mpc\n");
768 brcmf_dbg(INFO, "MPC : %d\n", mpc);
772 s32 brcmf_notify_escan_complete(struct brcmf_cfg80211_info *cfg,
773 struct brcmf_if *ifp, bool aborted,
776 struct brcmf_pub *drvr = cfg->pub;
777 struct brcmf_scan_params_le params_le;
778 struct cfg80211_scan_request *scan_request;
783 brcmf_dbg(SCAN, "Enter\n");
785 /* clear scan request, because the FW abort can cause a second call */
786 /* to this functon and might cause a double cfg80211_scan_done */
787 scan_request = cfg->scan_request;
788 cfg->scan_request = NULL;
790 if (timer_pending(&cfg->escan_timeout))
791 del_timer_sync(&cfg->escan_timeout);
794 /* Do a scan abort to stop the driver's scan engine */
795 brcmf_dbg(SCAN, "ABORT scan in firmware\n");
796 memset(¶ms_le, 0, sizeof(params_le));
797 eth_broadcast_addr(params_le.bssid);
798 params_le.bss_type = DOT11_BSSTYPE_ANY;
799 params_le.scan_type = 0;
800 params_le.channel_num = cpu_to_le32(1);
801 params_le.nprobes = cpu_to_le32(1);
802 params_le.active_time = cpu_to_le32(-1);
803 params_le.passive_time = cpu_to_le32(-1);
804 params_le.home_time = cpu_to_le32(-1);
805 /* Scan is aborted by setting channel_list[0] to -1 */
806 params_le.channel_list[0] = cpu_to_le16(-1);
807 /* E-Scan (or anyother type) can be aborted by SCAN */
808 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SCAN,
809 ¶ms_le, sizeof(params_le));
811 bphy_err(drvr, "Scan abort failed\n");
814 brcmf_scan_config_mpc(ifp, 1);
817 * e-scan can be initiated internally
818 * which takes precedence.
820 if (cfg->int_escan_map) {
821 brcmf_dbg(SCAN, "scheduled scan completed (%x)\n",
823 while (cfg->int_escan_map) {
824 bucket = __ffs(cfg->int_escan_map);
825 cfg->int_escan_map &= ~BIT(bucket);
826 reqid = brcmf_pno_find_reqid_by_bucket(cfg->pno,
829 brcmf_dbg(SCAN, "report results: reqid=%llu\n",
831 cfg80211_sched_scan_results(cfg_to_wiphy(cfg),
835 } else if (scan_request) {
836 struct cfg80211_scan_info info = {
840 brcmf_dbg(SCAN, "ESCAN Completed scan: %s\n",
841 aborted ? "Aborted" : "Done");
842 cfg80211_scan_done(scan_request, &info);
844 if (!test_and_clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status))
845 brcmf_dbg(SCAN, "Scan complete, probably P2P scan\n");
850 static int brcmf_cfg80211_del_ap_iface(struct wiphy *wiphy,
851 struct wireless_dev *wdev)
853 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
854 struct net_device *ndev = wdev->netdev;
855 struct brcmf_if *ifp = netdev_priv(ndev);
856 struct brcmf_pub *drvr = cfg->pub;
860 brcmf_cfg80211_arm_vif_event(cfg, ifp->vif);
862 err = brcmf_fil_bsscfg_data_set(ifp, "interface_remove", NULL, 0);
864 bphy_err(drvr, "interface_remove failed %d\n", err);
868 /* wait for firmware event */
869 ret = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_DEL,
870 BRCMF_VIF_EVENT_TIMEOUT);
872 bphy_err(drvr, "timeout occurred\n");
877 brcmf_remove_interface(ifp, true);
880 brcmf_cfg80211_arm_vif_event(cfg, NULL);
885 int brcmf_cfg80211_del_iface(struct wiphy *wiphy, struct wireless_dev *wdev)
887 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
888 struct net_device *ndev = wdev->netdev;
890 if (ndev && ndev == cfg_to_ndev(cfg))
893 /* vif event pending in firmware */
894 if (brcmf_cfg80211_vif_event_armed(cfg))
898 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status) &&
899 cfg->escan_info.ifp == netdev_priv(ndev))
900 brcmf_notify_escan_complete(cfg, netdev_priv(ndev),
903 brcmf_fil_iovar_int_set(netdev_priv(ndev), "mpc", 1);
906 switch (wdev->iftype) {
907 case NL80211_IFTYPE_ADHOC:
908 case NL80211_IFTYPE_STATION:
909 case NL80211_IFTYPE_AP_VLAN:
910 case NL80211_IFTYPE_WDS:
911 case NL80211_IFTYPE_MESH_POINT:
913 case NL80211_IFTYPE_MONITOR:
914 return brcmf_mon_del_vif(wiphy, wdev);
915 case NL80211_IFTYPE_AP:
916 return brcmf_cfg80211_del_ap_iface(wiphy, wdev);
917 case NL80211_IFTYPE_P2P_CLIENT:
918 case NL80211_IFTYPE_P2P_GO:
919 case NL80211_IFTYPE_P2P_DEVICE:
920 return brcmf_p2p_del_vif(wiphy, wdev);
921 case NL80211_IFTYPE_UNSPECIFIED:
929 brcmf_cfg80211_change_iface(struct wiphy *wiphy, struct net_device *ndev,
930 enum nl80211_iftype type,
931 struct vif_params *params)
933 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
934 struct brcmf_if *ifp = netdev_priv(ndev);
935 struct brcmf_cfg80211_vif *vif = ifp->vif;
936 struct brcmf_pub *drvr = cfg->pub;
941 brcmf_dbg(TRACE, "Enter, bsscfgidx=%d, type=%d\n", ifp->bsscfgidx,
944 /* WAR: There are a number of p2p interface related problems which
945 * need to be handled initially (before doing the validate).
946 * wpa_supplicant tends to do iface changes on p2p device/client/go
947 * which are not always possible/allowed. However we need to return
948 * OK otherwise the wpa_supplicant wont start. The situation differs
949 * on configuration and setup (p2pon=1 module param). The first check
950 * is to see if the request is a change to station for p2p iface.
952 if ((type == NL80211_IFTYPE_STATION) &&
953 ((vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT) ||
954 (vif->wdev.iftype == NL80211_IFTYPE_P2P_GO) ||
955 (vif->wdev.iftype == NL80211_IFTYPE_P2P_DEVICE))) {
956 brcmf_dbg(TRACE, "Ignoring cmd for p2p if\n");
957 /* Now depending on whether module param p2pon=1 was used the
958 * response needs to be either 0 or EOPNOTSUPP. The reason is
959 * that if p2pon=1 is used, but a newer supplicant is used then
960 * we should return an error, as this combination wont work.
961 * In other situations 0 is returned and supplicant will start
962 * normally. It will give a trace in cfg80211, but it is the
963 * only way to get it working. Unfortunately this will result
964 * in situation where we wont support new supplicant in
965 * combination with module param p2pon=1, but that is the way
966 * it is. If the user tries this then unloading of driver might
969 if (cfg->p2p.p2pdev_dynamically)
974 err = brcmf_vif_change_validate(wiphy_to_cfg(wiphy), vif, type);
976 bphy_err(drvr, "iface validation failed: err=%d\n", err);
980 case NL80211_IFTYPE_MONITOR:
981 case NL80211_IFTYPE_WDS:
982 bphy_err(drvr, "type (%d) : currently we do not support this type\n",
985 case NL80211_IFTYPE_ADHOC:
988 case NL80211_IFTYPE_STATION:
991 case NL80211_IFTYPE_AP:
992 case NL80211_IFTYPE_P2P_GO:
1001 if (type == NL80211_IFTYPE_P2P_GO) {
1002 brcmf_dbg(INFO, "IF Type = P2P GO\n");
1003 err = brcmf_p2p_ifchange(cfg, BRCMF_FIL_P2P_IF_GO);
1006 brcmf_dbg(INFO, "IF Type = AP\n");
1009 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_INFRA, infra);
1011 bphy_err(drvr, "WLC_SET_INFRA error (%d)\n", err);
1015 brcmf_dbg(INFO, "IF Type = %s\n", brcmf_is_ibssmode(vif) ?
1018 ndev->ieee80211_ptr->iftype = type;
1020 brcmf_cfg80211_update_proto_addr_mode(&vif->wdev);
1023 brcmf_dbg(TRACE, "Exit\n");
1028 static void brcmf_escan_prep(struct brcmf_cfg80211_info *cfg,
1029 struct brcmf_scan_params_le *params_le,
1030 struct cfg80211_scan_request *request)
1038 struct brcmf_ssid_le ssid_le;
1040 eth_broadcast_addr(params_le->bssid);
1041 params_le->bss_type = DOT11_BSSTYPE_ANY;
1042 params_le->scan_type = BRCMF_SCANTYPE_ACTIVE;
1043 params_le->channel_num = 0;
1044 params_le->nprobes = cpu_to_le32(-1);
1045 params_le->active_time = cpu_to_le32(-1);
1046 params_le->passive_time = cpu_to_le32(-1);
1047 params_le->home_time = cpu_to_le32(-1);
1048 memset(¶ms_le->ssid_le, 0, sizeof(params_le->ssid_le));
1050 n_ssids = request->n_ssids;
1051 n_channels = request->n_channels;
1053 /* Copy channel array if applicable */
1054 brcmf_dbg(SCAN, "### List of channelspecs to scan ### %d\n",
1056 if (n_channels > 0) {
1057 for (i = 0; i < n_channels; i++) {
1058 chanspec = channel_to_chanspec(&cfg->d11inf,
1059 request->channels[i]);
1060 brcmf_dbg(SCAN, "Chan : %d, Channel spec: %x\n",
1061 request->channels[i]->hw_value, chanspec);
1062 params_le->channel_list[i] = cpu_to_le16(chanspec);
1065 brcmf_dbg(SCAN, "Scanning all channels\n");
1067 /* Copy ssid array if applicable */
1068 brcmf_dbg(SCAN, "### List of SSIDs to scan ### %d\n", n_ssids);
1070 offset = offsetof(struct brcmf_scan_params_le, channel_list) +
1071 n_channels * sizeof(u16);
1072 offset = roundup(offset, sizeof(u32));
1073 ptr = (char *)params_le + offset;
1074 for (i = 0; i < n_ssids; i++) {
1075 memset(&ssid_le, 0, sizeof(ssid_le));
1077 cpu_to_le32(request->ssids[i].ssid_len);
1078 memcpy(ssid_le.SSID, request->ssids[i].ssid,
1079 request->ssids[i].ssid_len);
1080 if (!ssid_le.SSID_len)
1081 brcmf_dbg(SCAN, "%d: Broadcast scan\n", i);
1083 brcmf_dbg(SCAN, "%d: scan for %.32s size=%d\n",
1084 i, ssid_le.SSID, ssid_le.SSID_len);
1085 memcpy(ptr, &ssid_le, sizeof(ssid_le));
1086 ptr += sizeof(ssid_le);
1089 brcmf_dbg(SCAN, "Performing passive scan\n");
1090 params_le->scan_type = BRCMF_SCANTYPE_PASSIVE;
1092 /* Adding mask to channel numbers */
1093 params_le->channel_num =
1094 cpu_to_le32((n_ssids << BRCMF_SCAN_PARAMS_NSSID_SHIFT) |
1095 (n_channels & BRCMF_SCAN_PARAMS_COUNT_MASK));
1099 brcmf_run_escan(struct brcmf_cfg80211_info *cfg, struct brcmf_if *ifp,
1100 struct cfg80211_scan_request *request)
1102 struct brcmf_pub *drvr = cfg->pub;
1103 s32 params_size = BRCMF_SCAN_PARAMS_FIXED_SIZE +
1104 offsetof(struct brcmf_escan_params_le, params_le);
1105 struct brcmf_escan_params_le *params;
1108 brcmf_dbg(SCAN, "E-SCAN START\n");
1110 if (request != NULL) {
1111 /* Allocate space for populating ssids in struct */
1112 params_size += sizeof(u32) * ((request->n_channels + 1) / 2);
1114 /* Allocate space for populating ssids in struct */
1115 params_size += sizeof(struct brcmf_ssid_le) * request->n_ssids;
1118 params = kzalloc(params_size, GFP_KERNEL);
1123 BUG_ON(params_size + sizeof("escan") >= BRCMF_DCMD_MEDLEN);
1124 brcmf_escan_prep(cfg, ¶ms->params_le, request);
1125 params->version = cpu_to_le32(BRCMF_ESCAN_REQ_VERSION);
1126 params->action = cpu_to_le16(WL_ESCAN_ACTION_START);
1127 params->sync_id = cpu_to_le16(0x1234);
1129 err = brcmf_fil_iovar_data_set(ifp, "escan", params, params_size);
1132 brcmf_dbg(INFO, "system busy : escan canceled\n");
1134 bphy_err(drvr, "error (%d)\n", err);
1143 brcmf_do_escan(struct brcmf_if *ifp, struct cfg80211_scan_request *request)
1145 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
1147 struct brcmf_scan_results *results;
1148 struct escan_info *escan = &cfg->escan_info;
1150 brcmf_dbg(SCAN, "Enter\n");
1152 escan->wiphy = cfg->wiphy;
1153 escan->escan_state = WL_ESCAN_STATE_SCANNING;
1155 brcmf_scan_config_mpc(ifp, 0);
1156 results = (struct brcmf_scan_results *)cfg->escan_info.escan_buf;
1157 results->version = 0;
1159 results->buflen = WL_ESCAN_RESULTS_FIXED_SIZE;
1161 err = escan->run(cfg, ifp, request);
1163 brcmf_scan_config_mpc(ifp, 1);
1168 brcmf_cfg80211_scan(struct wiphy *wiphy, struct cfg80211_scan_request *request)
1170 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1171 struct brcmf_pub *drvr = cfg->pub;
1172 struct brcmf_cfg80211_vif *vif;
1175 brcmf_dbg(TRACE, "Enter\n");
1176 vif = container_of(request->wdev, struct brcmf_cfg80211_vif, wdev);
1177 if (!check_vif_up(vif))
1180 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
1181 bphy_err(drvr, "Scanning already: status (%lu)\n",
1185 if (test_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status)) {
1186 bphy_err(drvr, "Scanning being aborted: status (%lu)\n",
1190 if (test_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status)) {
1191 bphy_err(drvr, "Scanning suppressed: status (%lu)\n",
1195 if (test_bit(BRCMF_VIF_STATUS_CONNECTING, &vif->sme_state)) {
1196 bphy_err(drvr, "Connecting: status (%lu)\n", vif->sme_state);
1200 /* If scan req comes for p2p0, send it over primary I/F */
1201 if (vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif)
1202 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif;
1204 brcmf_dbg(SCAN, "START ESCAN\n");
1206 cfg->scan_request = request;
1207 set_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
1209 cfg->escan_info.run = brcmf_run_escan;
1210 err = brcmf_p2p_scan_prep(wiphy, request, vif);
1214 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_PRBREQ_FLAG,
1215 request->ie, request->ie_len);
1219 err = brcmf_do_escan(vif->ifp, request);
1223 /* Arm scan timeout timer */
1224 mod_timer(&cfg->escan_timeout,
1225 jiffies + msecs_to_jiffies(BRCMF_ESCAN_TIMER_INTERVAL_MS));
1230 bphy_err(drvr, "scan error (%d)\n", err);
1231 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
1232 cfg->scan_request = NULL;
1236 static s32 brcmf_set_rts(struct net_device *ndev, u32 rts_threshold)
1238 struct brcmf_if *ifp = netdev_priv(ndev);
1239 struct brcmf_pub *drvr = ifp->drvr;
1242 err = brcmf_fil_iovar_int_set(ifp, "rtsthresh", rts_threshold);
1244 bphy_err(drvr, "Error (%d)\n", err);
1249 static s32 brcmf_set_frag(struct net_device *ndev, u32 frag_threshold)
1251 struct brcmf_if *ifp = netdev_priv(ndev);
1252 struct brcmf_pub *drvr = ifp->drvr;
1255 err = brcmf_fil_iovar_int_set(ifp, "fragthresh",
1258 bphy_err(drvr, "Error (%d)\n", err);
1263 static s32 brcmf_set_retry(struct net_device *ndev, u32 retry, bool l)
1265 struct brcmf_if *ifp = netdev_priv(ndev);
1266 struct brcmf_pub *drvr = ifp->drvr;
1268 u32 cmd = (l ? BRCMF_C_SET_LRL : BRCMF_C_SET_SRL);
1270 err = brcmf_fil_cmd_int_set(ifp, cmd, retry);
1272 bphy_err(drvr, "cmd (%d) , error (%d)\n", cmd, err);
1278 static s32 brcmf_cfg80211_set_wiphy_params(struct wiphy *wiphy, u32 changed)
1280 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1281 struct net_device *ndev = cfg_to_ndev(cfg);
1282 struct brcmf_if *ifp = netdev_priv(ndev);
1285 brcmf_dbg(TRACE, "Enter\n");
1286 if (!check_vif_up(ifp->vif))
1289 if (changed & WIPHY_PARAM_RTS_THRESHOLD &&
1290 (cfg->conf->rts_threshold != wiphy->rts_threshold)) {
1291 cfg->conf->rts_threshold = wiphy->rts_threshold;
1292 err = brcmf_set_rts(ndev, cfg->conf->rts_threshold);
1296 if (changed & WIPHY_PARAM_FRAG_THRESHOLD &&
1297 (cfg->conf->frag_threshold != wiphy->frag_threshold)) {
1298 cfg->conf->frag_threshold = wiphy->frag_threshold;
1299 err = brcmf_set_frag(ndev, cfg->conf->frag_threshold);
1303 if (changed & WIPHY_PARAM_RETRY_LONG
1304 && (cfg->conf->retry_long != wiphy->retry_long)) {
1305 cfg->conf->retry_long = wiphy->retry_long;
1306 err = brcmf_set_retry(ndev, cfg->conf->retry_long, true);
1310 if (changed & WIPHY_PARAM_RETRY_SHORT
1311 && (cfg->conf->retry_short != wiphy->retry_short)) {
1312 cfg->conf->retry_short = wiphy->retry_short;
1313 err = brcmf_set_retry(ndev, cfg->conf->retry_short, false);
1319 brcmf_dbg(TRACE, "Exit\n");
1323 static void brcmf_init_prof(struct brcmf_cfg80211_profile *prof)
1325 memset(prof, 0, sizeof(*prof));
1328 static u16 brcmf_map_fw_linkdown_reason(const struct brcmf_event_msg *e)
1332 switch (e->event_code) {
1333 case BRCMF_E_DEAUTH:
1334 case BRCMF_E_DEAUTH_IND:
1335 case BRCMF_E_DISASSOC_IND:
1346 static int brcmf_set_pmk(struct brcmf_if *ifp, const u8 *pmk_data, u16 pmk_len)
1348 struct brcmf_pub *drvr = ifp->drvr;
1349 struct brcmf_wsec_pmk_le pmk;
1352 /* convert to firmware key format */
1353 pmk.key_len = cpu_to_le16(pmk_len << 1);
1354 pmk.flags = cpu_to_le16(BRCMF_WSEC_PASSPHRASE);
1355 for (i = 0; i < pmk_len; i++)
1356 snprintf(&pmk.key[2 * i], 3, "%02x", pmk_data[i]);
1358 /* store psk in firmware */
1359 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_WSEC_PMK,
1362 bphy_err(drvr, "failed to change PSK in firmware (len=%u)\n",
1368 static int brcmf_set_sae_password(struct brcmf_if *ifp, const u8 *pwd_data,
1371 struct brcmf_pub *drvr = ifp->drvr;
1372 struct brcmf_wsec_sae_pwd_le sae_pwd;
1375 if (pwd_len > BRCMF_WSEC_MAX_SAE_PASSWORD_LEN) {
1376 bphy_err(drvr, "sae_password must be less than %d\n",
1377 BRCMF_WSEC_MAX_SAE_PASSWORD_LEN);
1381 sae_pwd.key_len = cpu_to_le16(pwd_len);
1382 memcpy(sae_pwd.key, pwd_data, pwd_len);
1384 err = brcmf_fil_iovar_data_set(ifp, "sae_password", &sae_pwd,
1387 bphy_err(drvr, "failed to set SAE password in firmware (len=%u)\n",
1393 static void brcmf_link_down(struct brcmf_cfg80211_vif *vif, u16 reason,
1394 bool locally_generated)
1396 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(vif->wdev.wiphy);
1397 struct brcmf_pub *drvr = cfg->pub;
1398 bool bus_up = drvr->bus_if->state == BRCMF_BUS_UP;
1401 brcmf_dbg(TRACE, "Enter\n");
1403 if (test_and_clear_bit(BRCMF_VIF_STATUS_CONNECTED, &vif->sme_state)) {
1405 brcmf_dbg(INFO, "Call WLC_DISASSOC to stop excess roaming\n");
1406 err = brcmf_fil_cmd_data_set(vif->ifp,
1407 BRCMF_C_DISASSOC, NULL, 0);
1409 bphy_err(drvr, "WLC_DISASSOC failed (%d)\n",
1413 if ((vif->wdev.iftype == NL80211_IFTYPE_STATION) ||
1414 (vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT))
1415 cfg80211_disconnected(vif->wdev.netdev, reason, NULL, 0,
1416 locally_generated, GFP_KERNEL);
1418 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &vif->sme_state);
1419 clear_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
1420 brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_ENABLED, 0);
1421 if (vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
1423 brcmf_set_pmk(vif->ifp, NULL, 0);
1424 vif->profile.use_fwsup = BRCMF_PROFILE_FWSUP_NONE;
1426 brcmf_dbg(TRACE, "Exit\n");
1430 brcmf_cfg80211_join_ibss(struct wiphy *wiphy, struct net_device *ndev,
1431 struct cfg80211_ibss_params *params)
1433 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1434 struct brcmf_if *ifp = netdev_priv(ndev);
1435 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
1436 struct brcmf_pub *drvr = cfg->pub;
1437 struct brcmf_join_params join_params;
1438 size_t join_params_size = 0;
1445 brcmf_dbg(TRACE, "Enter\n");
1446 if (!check_vif_up(ifp->vif))
1450 brcmf_dbg(CONN, "SSID: %s\n", params->ssid);
1452 brcmf_dbg(CONN, "SSID: NULL, Not supported\n");
1456 set_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
1459 brcmf_dbg(CONN, "BSSID: %pM\n", params->bssid);
1461 brcmf_dbg(CONN, "No BSSID specified\n");
1463 if (params->chandef.chan)
1464 brcmf_dbg(CONN, "channel: %d\n",
1465 params->chandef.chan->center_freq);
1467 brcmf_dbg(CONN, "no channel specified\n");
1469 if (params->channel_fixed)
1470 brcmf_dbg(CONN, "fixed channel required\n");
1472 brcmf_dbg(CONN, "no fixed channel required\n");
1474 if (params->ie && params->ie_len)
1475 brcmf_dbg(CONN, "ie len: %d\n", params->ie_len);
1477 brcmf_dbg(CONN, "no ie specified\n");
1479 if (params->beacon_interval)
1480 brcmf_dbg(CONN, "beacon interval: %d\n",
1481 params->beacon_interval);
1483 brcmf_dbg(CONN, "no beacon interval specified\n");
1485 if (params->basic_rates)
1486 brcmf_dbg(CONN, "basic rates: %08X\n", params->basic_rates);
1488 brcmf_dbg(CONN, "no basic rates specified\n");
1490 if (params->privacy)
1491 brcmf_dbg(CONN, "privacy required\n");
1493 brcmf_dbg(CONN, "no privacy required\n");
1495 /* Configure Privacy for starter */
1496 if (params->privacy)
1497 wsec |= WEP_ENABLED;
1499 err = brcmf_fil_iovar_int_set(ifp, "wsec", wsec);
1501 bphy_err(drvr, "wsec failed (%d)\n", err);
1505 /* Configure Beacon Interval for starter */
1506 if (params->beacon_interval)
1507 bcnprd = params->beacon_interval;
1511 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_BCNPRD, bcnprd);
1513 bphy_err(drvr, "WLC_SET_BCNPRD failed (%d)\n", err);
1517 /* Configure required join parameter */
1518 memset(&join_params, 0, sizeof(struct brcmf_join_params));
1521 ssid_len = min_t(u32, params->ssid_len, IEEE80211_MAX_SSID_LEN);
1522 memcpy(join_params.ssid_le.SSID, params->ssid, ssid_len);
1523 join_params.ssid_le.SSID_len = cpu_to_le32(ssid_len);
1524 join_params_size = sizeof(join_params.ssid_le);
1527 if (params->bssid) {
1528 memcpy(join_params.params_le.bssid, params->bssid, ETH_ALEN);
1529 join_params_size += BRCMF_ASSOC_PARAMS_FIXED_SIZE;
1530 memcpy(profile->bssid, params->bssid, ETH_ALEN);
1532 eth_broadcast_addr(join_params.params_le.bssid);
1533 eth_zero_addr(profile->bssid);
1537 if (params->chandef.chan) {
1541 ieee80211_frequency_to_channel(
1542 params->chandef.chan->center_freq);
1543 if (params->channel_fixed) {
1544 /* adding chanspec */
1545 chanspec = chandef_to_chanspec(&cfg->d11inf,
1547 join_params.params_le.chanspec_list[0] =
1548 cpu_to_le16(chanspec);
1549 join_params.params_le.chanspec_num = cpu_to_le32(1);
1550 join_params_size += sizeof(join_params.params_le);
1553 /* set channel for starter */
1554 target_channel = cfg->channel;
1555 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_CHANNEL,
1558 bphy_err(drvr, "WLC_SET_CHANNEL failed (%d)\n", err);
1564 cfg->ibss_starter = false;
1567 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
1568 &join_params, join_params_size);
1570 bphy_err(drvr, "WLC_SET_SSID failed (%d)\n", err);
1576 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
1577 brcmf_dbg(TRACE, "Exit\n");
1582 brcmf_cfg80211_leave_ibss(struct wiphy *wiphy, struct net_device *ndev)
1584 struct brcmf_if *ifp = netdev_priv(ndev);
1586 brcmf_dbg(TRACE, "Enter\n");
1587 if (!check_vif_up(ifp->vif)) {
1588 /* When driver is being unloaded, it can end up here. If an
1589 * error is returned then later on a debug trace in the wireless
1590 * core module will be printed. To avoid this 0 is returned.
1595 brcmf_link_down(ifp->vif, WLAN_REASON_DEAUTH_LEAVING, true);
1596 brcmf_net_setcarrier(ifp, false);
1598 brcmf_dbg(TRACE, "Exit\n");
1603 static s32 brcmf_set_wpa_version(struct net_device *ndev,
1604 struct cfg80211_connect_params *sme)
1606 struct brcmf_if *ifp = netdev_priv(ndev);
1607 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1608 struct brcmf_pub *drvr = ifp->drvr;
1609 struct brcmf_cfg80211_security *sec;
1613 if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_1)
1614 val = WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED;
1615 else if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_2)
1616 val = WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED;
1617 else if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_3)
1618 val = WPA3_AUTH_SAE_PSK;
1620 val = WPA_AUTH_DISABLED;
1621 brcmf_dbg(CONN, "setting wpa_auth to 0x%0x\n", val);
1622 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", val);
1624 bphy_err(drvr, "set wpa_auth failed (%d)\n", err);
1627 sec = &profile->sec;
1628 sec->wpa_versions = sme->crypto.wpa_versions;
1632 static s32 brcmf_set_auth_type(struct net_device *ndev,
1633 struct cfg80211_connect_params *sme)
1635 struct brcmf_if *ifp = netdev_priv(ndev);
1636 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1637 struct brcmf_pub *drvr = ifp->drvr;
1638 struct brcmf_cfg80211_security *sec;
1642 switch (sme->auth_type) {
1643 case NL80211_AUTHTYPE_OPEN_SYSTEM:
1645 brcmf_dbg(CONN, "open system\n");
1647 case NL80211_AUTHTYPE_SHARED_KEY:
1649 brcmf_dbg(CONN, "shared key\n");
1651 case NL80211_AUTHTYPE_SAE:
1653 brcmf_dbg(CONN, "SAE authentication\n");
1657 brcmf_dbg(CONN, "automatic, auth type (%d)\n", sme->auth_type);
1661 err = brcmf_fil_bsscfg_int_set(ifp, "auth", val);
1663 bphy_err(drvr, "set auth failed (%d)\n", err);
1666 sec = &profile->sec;
1667 sec->auth_type = sme->auth_type;
1672 brcmf_set_wsec_mode(struct net_device *ndev,
1673 struct cfg80211_connect_params *sme)
1675 struct brcmf_if *ifp = netdev_priv(ndev);
1676 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1677 struct brcmf_pub *drvr = ifp->drvr;
1678 struct brcmf_cfg80211_security *sec;
1684 if (sme->crypto.n_ciphers_pairwise) {
1685 switch (sme->crypto.ciphers_pairwise[0]) {
1686 case WLAN_CIPHER_SUITE_WEP40:
1687 case WLAN_CIPHER_SUITE_WEP104:
1690 case WLAN_CIPHER_SUITE_TKIP:
1691 pval = TKIP_ENABLED;
1693 case WLAN_CIPHER_SUITE_CCMP:
1696 case WLAN_CIPHER_SUITE_AES_CMAC:
1700 bphy_err(drvr, "invalid cipher pairwise (%d)\n",
1701 sme->crypto.ciphers_pairwise[0]);
1705 if (sme->crypto.cipher_group) {
1706 switch (sme->crypto.cipher_group) {
1707 case WLAN_CIPHER_SUITE_WEP40:
1708 case WLAN_CIPHER_SUITE_WEP104:
1711 case WLAN_CIPHER_SUITE_TKIP:
1712 gval = TKIP_ENABLED;
1714 case WLAN_CIPHER_SUITE_CCMP:
1717 case WLAN_CIPHER_SUITE_AES_CMAC:
1721 bphy_err(drvr, "invalid cipher group (%d)\n",
1722 sme->crypto.cipher_group);
1727 brcmf_dbg(CONN, "pval (%d) gval (%d)\n", pval, gval);
1728 /* In case of privacy, but no security and WPS then simulate */
1729 /* setting AES. WPS-2.0 allows no security */
1730 if (brcmf_find_wpsie(sme->ie, sme->ie_len) && !pval && !gval &&
1735 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
1737 bphy_err(drvr, "error (%d)\n", err);
1741 sec = &profile->sec;
1742 sec->cipher_pairwise = sme->crypto.ciphers_pairwise[0];
1743 sec->cipher_group = sme->crypto.cipher_group;
1749 brcmf_set_key_mgmt(struct net_device *ndev, struct cfg80211_connect_params *sme)
1751 struct brcmf_if *ifp = netdev_priv(ndev);
1752 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
1753 struct brcmf_pub *drvr = ifp->drvr;
1756 const struct brcmf_tlv *rsn_ie;
1764 profile->use_fwsup = BRCMF_PROFILE_FWSUP_NONE;
1765 profile->is_ft = false;
1767 if (!sme->crypto.n_akm_suites)
1770 err = brcmf_fil_bsscfg_int_get(netdev_priv(ndev), "wpa_auth", &val);
1772 bphy_err(drvr, "could not get wpa_auth (%d)\n", err);
1775 if (val & (WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED)) {
1776 switch (sme->crypto.akm_suites[0]) {
1777 case WLAN_AKM_SUITE_8021X:
1778 val = WPA_AUTH_UNSPECIFIED;
1780 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1782 case WLAN_AKM_SUITE_PSK:
1786 bphy_err(drvr, "invalid cipher group (%d)\n",
1787 sme->crypto.cipher_group);
1790 } else if (val & (WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED)) {
1791 switch (sme->crypto.akm_suites[0]) {
1792 case WLAN_AKM_SUITE_8021X:
1793 val = WPA2_AUTH_UNSPECIFIED;
1795 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1797 case WLAN_AKM_SUITE_8021X_SHA256:
1798 val = WPA2_AUTH_1X_SHA256;
1800 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1802 case WLAN_AKM_SUITE_PSK_SHA256:
1803 val = WPA2_AUTH_PSK_SHA256;
1805 case WLAN_AKM_SUITE_PSK:
1806 val = WPA2_AUTH_PSK;
1808 case WLAN_AKM_SUITE_FT_8021X:
1809 val = WPA2_AUTH_UNSPECIFIED | WPA2_AUTH_FT;
1810 profile->is_ft = true;
1812 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1814 case WLAN_AKM_SUITE_FT_PSK:
1815 val = WPA2_AUTH_PSK | WPA2_AUTH_FT;
1816 profile->is_ft = true;
1819 bphy_err(drvr, "invalid cipher group (%d)\n",
1820 sme->crypto.cipher_group);
1823 } else if (val & WPA3_AUTH_SAE_PSK) {
1824 switch (sme->crypto.akm_suites[0]) {
1825 case WLAN_AKM_SUITE_SAE:
1826 val = WPA3_AUTH_SAE_PSK;
1827 if (sme->crypto.sae_pwd) {
1828 brcmf_dbg(INFO, "using SAE offload\n");
1829 profile->use_fwsup = BRCMF_PROFILE_FWSUP_SAE;
1833 bphy_err(drvr, "invalid cipher group (%d)\n",
1834 sme->crypto.cipher_group);
1839 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_1X)
1840 brcmf_dbg(INFO, "using 1X offload\n");
1842 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
1843 goto skip_mfp_config;
1844 /* The MFP mode (1 or 2) needs to be determined, parse IEs. The
1845 * IE will not be verified, just a quick search for MFP config
1847 rsn_ie = brcmf_parse_tlvs((const u8 *)sme->ie, sme->ie_len,
1850 goto skip_mfp_config;
1851 ie = (const u8 *)rsn_ie;
1852 ie_len = rsn_ie->len + TLV_HDR_LEN;
1853 /* Skip unicast suite */
1854 offset = TLV_HDR_LEN + WPA_IE_VERSION_LEN + WPA_IE_MIN_OUI_LEN;
1855 if (offset + WPA_IE_SUITE_COUNT_LEN >= ie_len)
1856 goto skip_mfp_config;
1857 /* Skip multicast suite */
1858 count = ie[offset] + (ie[offset + 1] << 8);
1859 offset += WPA_IE_SUITE_COUNT_LEN + (count * WPA_IE_MIN_OUI_LEN);
1860 if (offset + WPA_IE_SUITE_COUNT_LEN >= ie_len)
1861 goto skip_mfp_config;
1862 /* Skip auth key management suite(s) */
1863 count = ie[offset] + (ie[offset + 1] << 8);
1864 offset += WPA_IE_SUITE_COUNT_LEN + (count * WPA_IE_MIN_OUI_LEN);
1865 if (offset + WPA_IE_SUITE_COUNT_LEN > ie_len)
1866 goto skip_mfp_config;
1867 /* Ready to read capabilities */
1868 mfp = BRCMF_MFP_NONE;
1869 rsn_cap = ie[offset] + (ie[offset + 1] << 8);
1870 if (rsn_cap & RSN_CAP_MFPR_MASK)
1871 mfp = BRCMF_MFP_REQUIRED;
1872 else if (rsn_cap & RSN_CAP_MFPC_MASK)
1873 mfp = BRCMF_MFP_CAPABLE;
1874 brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "mfp", mfp);
1877 brcmf_dbg(CONN, "setting wpa_auth to %d\n", val);
1878 err = brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "wpa_auth", val);
1880 bphy_err(drvr, "could not set wpa_auth (%d)\n", err);
1888 brcmf_set_sharedkey(struct net_device *ndev,
1889 struct cfg80211_connect_params *sme)
1891 struct brcmf_if *ifp = netdev_priv(ndev);
1892 struct brcmf_pub *drvr = ifp->drvr;
1893 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1894 struct brcmf_cfg80211_security *sec;
1895 struct brcmf_wsec_key key;
1899 brcmf_dbg(CONN, "key len (%d)\n", sme->key_len);
1901 if (sme->key_len == 0)
1904 sec = &profile->sec;
1905 brcmf_dbg(CONN, "wpa_versions 0x%x cipher_pairwise 0x%x\n",
1906 sec->wpa_versions, sec->cipher_pairwise);
1908 if (sec->wpa_versions & (NL80211_WPA_VERSION_1 | NL80211_WPA_VERSION_2 |
1909 NL80211_WPA_VERSION_3))
1912 if (!(sec->cipher_pairwise &
1913 (WLAN_CIPHER_SUITE_WEP40 | WLAN_CIPHER_SUITE_WEP104)))
1916 memset(&key, 0, sizeof(key));
1917 key.len = (u32) sme->key_len;
1918 key.index = (u32) sme->key_idx;
1919 if (key.len > sizeof(key.data)) {
1920 bphy_err(drvr, "Too long key length (%u)\n", key.len);
1923 memcpy(key.data, sme->key, key.len);
1924 key.flags = BRCMF_PRIMARY_KEY;
1925 switch (sec->cipher_pairwise) {
1926 case WLAN_CIPHER_SUITE_WEP40:
1927 key.algo = CRYPTO_ALGO_WEP1;
1929 case WLAN_CIPHER_SUITE_WEP104:
1930 key.algo = CRYPTO_ALGO_WEP128;
1933 bphy_err(drvr, "Invalid algorithm (%d)\n",
1934 sme->crypto.ciphers_pairwise[0]);
1937 /* Set the new key/index */
1938 brcmf_dbg(CONN, "key length (%d) key index (%d) algo (%d)\n",
1939 key.len, key.index, key.algo);
1940 brcmf_dbg(CONN, "key \"%s\"\n", key.data);
1941 err = send_key_to_dongle(ifp, &key);
1945 if (sec->auth_type == NL80211_AUTHTYPE_SHARED_KEY) {
1946 brcmf_dbg(CONN, "set auth_type to shared key\n");
1947 val = WL_AUTH_SHARED_KEY; /* shared key */
1948 err = brcmf_fil_bsscfg_int_set(ifp, "auth", val);
1950 bphy_err(drvr, "set auth failed (%d)\n", err);
1956 enum nl80211_auth_type brcmf_war_auth_type(struct brcmf_if *ifp,
1957 enum nl80211_auth_type type)
1959 if (type == NL80211_AUTHTYPE_AUTOMATIC &&
1960 brcmf_feat_is_quirk_enabled(ifp, BRCMF_FEAT_QUIRK_AUTO_AUTH)) {
1961 brcmf_dbg(CONN, "WAR: use OPEN instead of AUTO\n");
1962 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
1967 static void brcmf_set_join_pref(struct brcmf_if *ifp,
1968 struct cfg80211_bss_selection *bss_select)
1970 struct brcmf_pub *drvr = ifp->drvr;
1971 struct brcmf_join_pref_params join_pref_params[2];
1972 enum nl80211_band band;
1975 join_pref_params[i].len = 2;
1976 join_pref_params[i].rssi_gain = 0;
1978 if (bss_select->behaviour != NL80211_BSS_SELECT_ATTR_BAND_PREF)
1979 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_ASSOC_PREFER, WLC_BAND_AUTO);
1981 switch (bss_select->behaviour) {
1982 case __NL80211_BSS_SELECT_ATTR_INVALID:
1983 brcmf_c_set_joinpref_default(ifp);
1985 case NL80211_BSS_SELECT_ATTR_BAND_PREF:
1986 join_pref_params[i].type = BRCMF_JOIN_PREF_BAND;
1987 band = bss_select->param.band_pref;
1988 join_pref_params[i].band = nl80211_band_to_fwil(band);
1991 case NL80211_BSS_SELECT_ATTR_RSSI_ADJUST:
1992 join_pref_params[i].type = BRCMF_JOIN_PREF_RSSI_DELTA;
1993 band = bss_select->param.adjust.band;
1994 join_pref_params[i].band = nl80211_band_to_fwil(band);
1995 join_pref_params[i].rssi_gain = bss_select->param.adjust.delta;
1998 case NL80211_BSS_SELECT_ATTR_RSSI:
2002 join_pref_params[i].type = BRCMF_JOIN_PREF_RSSI;
2003 join_pref_params[i].len = 2;
2004 join_pref_params[i].rssi_gain = 0;
2005 join_pref_params[i].band = 0;
2006 err = brcmf_fil_iovar_data_set(ifp, "join_pref", join_pref_params,
2007 sizeof(join_pref_params));
2009 bphy_err(drvr, "Set join_pref error (%d)\n", err);
2013 brcmf_cfg80211_connect(struct wiphy *wiphy, struct net_device *ndev,
2014 struct cfg80211_connect_params *sme)
2016 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2017 struct brcmf_if *ifp = netdev_priv(ndev);
2018 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2019 struct ieee80211_channel *chan = sme->channel;
2020 struct brcmf_pub *drvr = ifp->drvr;
2021 struct brcmf_join_params join_params;
2022 size_t join_params_size;
2023 const struct brcmf_tlv *rsn_ie;
2024 const struct brcmf_vs_tlv *wpa_ie;
2027 struct brcmf_ext_join_params_le *ext_join_params;
2032 brcmf_dbg(TRACE, "Enter\n");
2033 if (!check_vif_up(ifp->vif))
2037 bphy_err(drvr, "Invalid ssid\n");
2041 if (ifp->vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif) {
2042 /* A normal (non P2P) connection request setup. */
2045 /* find the WPA_IE */
2046 wpa_ie = brcmf_find_wpaie((u8 *)sme->ie, sme->ie_len);
2049 ie_len = wpa_ie->len + TLV_HDR_LEN;
2051 /* find the RSN_IE */
2052 rsn_ie = brcmf_parse_tlvs((const u8 *)sme->ie,
2057 ie_len = rsn_ie->len + TLV_HDR_LEN;
2060 brcmf_fil_iovar_data_set(ifp, "wpaie", ie, ie_len);
2063 err = brcmf_vif_set_mgmt_ie(ifp->vif, BRCMF_VNDR_IE_ASSOCREQ_FLAG,
2064 sme->ie, sme->ie_len);
2066 bphy_err(drvr, "Set Assoc REQ IE Failed\n");
2068 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc request\n");
2070 set_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2074 ieee80211_frequency_to_channel(chan->center_freq);
2075 chanspec = channel_to_chanspec(&cfg->d11inf, chan);
2076 brcmf_dbg(CONN, "channel=%d, center_req=%d, chanspec=0x%04x\n",
2077 cfg->channel, chan->center_freq, chanspec);
2083 brcmf_dbg(INFO, "ie (%p), ie_len (%zd)\n", sme->ie, sme->ie_len);
2085 err = brcmf_set_wpa_version(ndev, sme);
2087 bphy_err(drvr, "wl_set_wpa_version failed (%d)\n", err);
2091 sme->auth_type = brcmf_war_auth_type(ifp, sme->auth_type);
2092 err = brcmf_set_auth_type(ndev, sme);
2094 bphy_err(drvr, "wl_set_auth_type failed (%d)\n", err);
2098 err = brcmf_set_wsec_mode(ndev, sme);
2100 bphy_err(drvr, "wl_set_set_cipher failed (%d)\n", err);
2104 err = brcmf_set_key_mgmt(ndev, sme);
2106 bphy_err(drvr, "wl_set_key_mgmt failed (%d)\n", err);
2110 err = brcmf_set_sharedkey(ndev, sme);
2112 bphy_err(drvr, "brcmf_set_sharedkey failed (%d)\n", err);
2116 if (sme->crypto.psk &&
2117 profile->use_fwsup != BRCMF_PROFILE_FWSUP_SAE) {
2118 if (WARN_ON(profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE)) {
2122 brcmf_dbg(INFO, "using PSK offload\n");
2123 profile->use_fwsup = BRCMF_PROFILE_FWSUP_PSK;
2126 if (profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
2127 /* enable firmware supplicant for this interface */
2128 err = brcmf_fil_iovar_int_set(ifp, "sup_wpa", 1);
2130 bphy_err(drvr, "failed to enable fw supplicant\n");
2135 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_PSK)
2136 err = brcmf_set_pmk(ifp, sme->crypto.psk,
2137 BRCMF_WSEC_MAX_PSK_LEN);
2138 else if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_SAE) {
2139 /* clean up user-space RSNE */
2140 err = brcmf_fil_iovar_data_set(ifp, "wpaie", NULL, 0);
2142 bphy_err(drvr, "failed to clean up user-space RSNE\n");
2145 err = brcmf_set_sae_password(ifp, sme->crypto.sae_pwd,
2146 sme->crypto.sae_pwd_len);
2147 if (!err && sme->crypto.psk)
2148 err = brcmf_set_pmk(ifp, sme->crypto.psk,
2149 BRCMF_WSEC_MAX_PSK_LEN);
2154 /* Join with specific BSSID and cached SSID
2155 * If SSID is zero join based on BSSID only
2157 join_params_size = offsetof(struct brcmf_ext_join_params_le, assoc_le) +
2158 offsetof(struct brcmf_assoc_params_le, chanspec_list);
2160 join_params_size += sizeof(u16);
2161 ext_join_params = kzalloc(join_params_size, GFP_KERNEL);
2162 if (ext_join_params == NULL) {
2166 ssid_len = min_t(u32, sme->ssid_len, IEEE80211_MAX_SSID_LEN);
2167 ext_join_params->ssid_le.SSID_len = cpu_to_le32(ssid_len);
2168 memcpy(&ext_join_params->ssid_le.SSID, sme->ssid, ssid_len);
2169 if (ssid_len < IEEE80211_MAX_SSID_LEN)
2170 brcmf_dbg(CONN, "SSID \"%s\", len (%d)\n",
2171 ext_join_params->ssid_le.SSID, ssid_len);
2173 /* Set up join scan parameters */
2174 ext_join_params->scan_le.scan_type = -1;
2175 ext_join_params->scan_le.home_time = cpu_to_le32(-1);
2178 memcpy(&ext_join_params->assoc_le.bssid, sme->bssid, ETH_ALEN);
2180 eth_broadcast_addr(ext_join_params->assoc_le.bssid);
2183 ext_join_params->assoc_le.chanspec_num = cpu_to_le32(1);
2185 ext_join_params->assoc_le.chanspec_list[0] =
2186 cpu_to_le16(chanspec);
2187 /* Increase dwell time to receive probe response or detect
2188 * beacon from target AP at a noisy air only during connect
2191 ext_join_params->scan_le.active_time =
2192 cpu_to_le32(BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS);
2193 ext_join_params->scan_le.passive_time =
2194 cpu_to_le32(BRCMF_SCAN_JOIN_PASSIVE_DWELL_TIME_MS);
2195 /* To sync with presence period of VSDB GO send probe request
2196 * more frequently. Probe request will be stopped when it gets
2197 * probe response from target AP/GO.
2199 ext_join_params->scan_le.nprobes =
2200 cpu_to_le32(BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS /
2201 BRCMF_SCAN_JOIN_PROBE_INTERVAL_MS);
2203 ext_join_params->scan_le.active_time = cpu_to_le32(-1);
2204 ext_join_params->scan_le.passive_time = cpu_to_le32(-1);
2205 ext_join_params->scan_le.nprobes = cpu_to_le32(-1);
2208 brcmf_set_join_pref(ifp, &sme->bss_select);
2210 err = brcmf_fil_bsscfg_data_set(ifp, "join", ext_join_params,
2212 kfree(ext_join_params);
2214 /* This is it. join command worked, we are done */
2217 /* join command failed, fallback to set ssid */
2218 memset(&join_params, 0, sizeof(join_params));
2219 join_params_size = sizeof(join_params.ssid_le);
2221 memcpy(&join_params.ssid_le.SSID, sme->ssid, ssid_len);
2222 join_params.ssid_le.SSID_len = cpu_to_le32(ssid_len);
2225 memcpy(join_params.params_le.bssid, sme->bssid, ETH_ALEN);
2227 eth_broadcast_addr(join_params.params_le.bssid);
2230 join_params.params_le.chanspec_list[0] = cpu_to_le16(chanspec);
2231 join_params.params_le.chanspec_num = cpu_to_le32(1);
2232 join_params_size += sizeof(join_params.params_le);
2234 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
2235 &join_params, join_params_size);
2237 bphy_err(drvr, "BRCMF_C_SET_SSID failed (%d)\n", err);
2241 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2242 brcmf_dbg(TRACE, "Exit\n");
2247 brcmf_cfg80211_disconnect(struct wiphy *wiphy, struct net_device *ndev,
2250 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2251 struct brcmf_if *ifp = netdev_priv(ndev);
2252 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2253 struct brcmf_pub *drvr = cfg->pub;
2254 struct brcmf_scb_val_le scbval;
2257 brcmf_dbg(TRACE, "Enter. Reason code = %d\n", reason_code);
2258 if (!check_vif_up(ifp->vif))
2261 clear_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state);
2262 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2263 cfg80211_disconnected(ndev, reason_code, NULL, 0, true, GFP_KERNEL);
2265 memcpy(&scbval.ea, &profile->bssid, ETH_ALEN);
2266 scbval.val = cpu_to_le32(reason_code);
2267 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_DISASSOC,
2268 &scbval, sizeof(scbval));
2270 bphy_err(drvr, "error (%d)\n", err);
2272 brcmf_dbg(TRACE, "Exit\n");
2277 brcmf_cfg80211_set_tx_power(struct wiphy *wiphy, struct wireless_dev *wdev,
2278 enum nl80211_tx_power_setting type, s32 mbm)
2280 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2281 struct net_device *ndev = cfg_to_ndev(cfg);
2282 struct brcmf_if *ifp = netdev_priv(ndev);
2283 struct brcmf_pub *drvr = cfg->pub;
2288 brcmf_dbg(TRACE, "Enter %d %d\n", type, mbm);
2289 if (!check_vif_up(ifp->vif))
2293 case NL80211_TX_POWER_AUTOMATIC:
2295 case NL80211_TX_POWER_LIMITED:
2296 case NL80211_TX_POWER_FIXED:
2298 bphy_err(drvr, "TX_POWER_FIXED - dbm is negative\n");
2302 qdbm = MBM_TO_DBM(4 * mbm);
2305 qdbm |= WL_TXPWR_OVERRIDE;
2308 bphy_err(drvr, "Unsupported type %d\n", type);
2312 /* Make sure radio is off or on as far as software is concerned */
2313 disable = WL_RADIO_SW_DISABLE << 16;
2314 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_RADIO, disable);
2316 bphy_err(drvr, "WLC_SET_RADIO error (%d)\n", err);
2318 err = brcmf_fil_iovar_int_set(ifp, "qtxpower", qdbm);
2320 bphy_err(drvr, "qtxpower error (%d)\n", err);
2323 brcmf_dbg(TRACE, "Exit %d (qdbm)\n", qdbm & ~WL_TXPWR_OVERRIDE);
2328 brcmf_cfg80211_get_tx_power(struct wiphy *wiphy, struct wireless_dev *wdev,
2331 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2332 struct brcmf_cfg80211_vif *vif = wdev_to_vif(wdev);
2333 struct brcmf_pub *drvr = cfg->pub;
2337 brcmf_dbg(TRACE, "Enter\n");
2338 if (!check_vif_up(vif))
2341 err = brcmf_fil_iovar_int_get(vif->ifp, "qtxpower", &qdbm);
2343 bphy_err(drvr, "error (%d)\n", err);
2346 *dbm = (qdbm & ~WL_TXPWR_OVERRIDE) / 4;
2349 brcmf_dbg(TRACE, "Exit (0x%x %d)\n", qdbm, *dbm);
2354 brcmf_cfg80211_config_default_key(struct wiphy *wiphy, struct net_device *ndev,
2355 u8 key_idx, bool unicast, bool multicast)
2357 struct brcmf_if *ifp = netdev_priv(ndev);
2358 struct brcmf_pub *drvr = ifp->drvr;
2363 brcmf_dbg(TRACE, "Enter\n");
2364 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2365 if (!check_vif_up(ifp->vif))
2368 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2370 bphy_err(drvr, "WLC_GET_WSEC error (%d)\n", err);
2374 if (wsec & WEP_ENABLED) {
2375 /* Just select a new current key */
2377 err = brcmf_fil_cmd_int_set(ifp,
2378 BRCMF_C_SET_KEY_PRIMARY, index);
2380 bphy_err(drvr, "error (%d)\n", err);
2383 brcmf_dbg(TRACE, "Exit\n");
2388 brcmf_cfg80211_del_key(struct wiphy *wiphy, struct net_device *ndev,
2389 u8 key_idx, bool pairwise, const u8 *mac_addr)
2391 struct brcmf_if *ifp = netdev_priv(ndev);
2392 struct brcmf_wsec_key *key;
2395 brcmf_dbg(TRACE, "Enter\n");
2396 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2398 if (!check_vif_up(ifp->vif))
2401 if (key_idx >= BRCMF_MAX_DEFAULT_KEYS) {
2402 /* we ignore this key index in this case */
2406 key = &ifp->vif->profile.key[key_idx];
2408 if (key->algo == CRYPTO_ALGO_OFF) {
2409 brcmf_dbg(CONN, "Ignore clearing of (never configured) key\n");
2413 memset(key, 0, sizeof(*key));
2414 key->index = (u32)key_idx;
2415 key->flags = BRCMF_PRIMARY_KEY;
2417 /* Clear the key/index */
2418 err = send_key_to_dongle(ifp, key);
2420 brcmf_dbg(TRACE, "Exit\n");
2425 brcmf_cfg80211_add_key(struct wiphy *wiphy, struct net_device *ndev,
2426 u8 key_idx, bool pairwise, const u8 *mac_addr,
2427 struct key_params *params)
2429 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2430 struct brcmf_if *ifp = netdev_priv(ndev);
2431 struct brcmf_pub *drvr = cfg->pub;
2432 struct brcmf_wsec_key *key;
2439 brcmf_dbg(TRACE, "Enter\n");
2440 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2441 if (!check_vif_up(ifp->vif))
2444 if (key_idx >= BRCMF_MAX_DEFAULT_KEYS) {
2445 /* we ignore this key index in this case */
2446 bphy_err(drvr, "invalid key index (%d)\n", key_idx);
2450 if (params->key_len == 0)
2451 return brcmf_cfg80211_del_key(wiphy, ndev, key_idx, pairwise,
2454 if (params->key_len > sizeof(key->data)) {
2455 bphy_err(drvr, "Too long key length (%u)\n", params->key_len);
2460 if (mac_addr && (params->cipher != WLAN_CIPHER_SUITE_WEP40) &&
2461 (params->cipher != WLAN_CIPHER_SUITE_WEP104)) {
2462 brcmf_dbg(TRACE, "Ext key, mac %pM", mac_addr);
2466 key = &ifp->vif->profile.key[key_idx];
2467 memset(key, 0, sizeof(*key));
2468 if ((ext_key) && (!is_multicast_ether_addr(mac_addr)))
2469 memcpy((char *)&key->ea, (void *)mac_addr, ETH_ALEN);
2470 key->len = params->key_len;
2471 key->index = key_idx;
2472 memcpy(key->data, params->key, key->len);
2474 key->flags = BRCMF_PRIMARY_KEY;
2476 if (params->seq && params->seq_len == 6) {
2480 ivptr = (u8 *)params->seq;
2481 key->rxiv.hi = (ivptr[5] << 24) | (ivptr[4] << 16) |
2482 (ivptr[3] << 8) | ivptr[2];
2483 key->rxiv.lo = (ivptr[1] << 8) | ivptr[0];
2484 key->iv_initialized = true;
2487 switch (params->cipher) {
2488 case WLAN_CIPHER_SUITE_WEP40:
2489 key->algo = CRYPTO_ALGO_WEP1;
2491 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP40\n");
2493 case WLAN_CIPHER_SUITE_WEP104:
2494 key->algo = CRYPTO_ALGO_WEP128;
2496 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP104\n");
2498 case WLAN_CIPHER_SUITE_TKIP:
2499 if (!brcmf_is_apmode(ifp->vif)) {
2500 brcmf_dbg(CONN, "Swapping RX/TX MIC key\n");
2501 memcpy(keybuf, &key->data[24], sizeof(keybuf));
2502 memcpy(&key->data[24], &key->data[16], sizeof(keybuf));
2503 memcpy(&key->data[16], keybuf, sizeof(keybuf));
2505 key->algo = CRYPTO_ALGO_TKIP;
2507 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_TKIP\n");
2509 case WLAN_CIPHER_SUITE_AES_CMAC:
2510 key->algo = CRYPTO_ALGO_AES_CCM;
2512 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_AES_CMAC\n");
2514 case WLAN_CIPHER_SUITE_CCMP:
2515 key->algo = CRYPTO_ALGO_AES_CCM;
2517 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_CCMP\n");
2520 bphy_err(drvr, "Invalid cipher (0x%x)\n", params->cipher);
2525 err = send_key_to_dongle(ifp, key);
2529 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2531 bphy_err(drvr, "get wsec error (%d)\n", err);
2535 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
2537 bphy_err(drvr, "set wsec error (%d)\n", err);
2542 brcmf_dbg(TRACE, "Exit\n");
2547 brcmf_cfg80211_get_key(struct wiphy *wiphy, struct net_device *ndev, u8 key_idx,
2548 bool pairwise, const u8 *mac_addr, void *cookie,
2549 void (*callback)(void *cookie,
2550 struct key_params *params))
2552 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2553 struct key_params params;
2554 struct brcmf_if *ifp = netdev_priv(ndev);
2555 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2556 struct brcmf_pub *drvr = cfg->pub;
2557 struct brcmf_cfg80211_security *sec;
2561 brcmf_dbg(TRACE, "Enter\n");
2562 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2563 if (!check_vif_up(ifp->vif))
2566 memset(¶ms, 0, sizeof(params));
2568 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2570 bphy_err(drvr, "WLC_GET_WSEC error (%d)\n", err);
2571 /* Ignore this error, may happen during DISASSOC */
2575 if (wsec & WEP_ENABLED) {
2576 sec = &profile->sec;
2577 if (sec->cipher_pairwise & WLAN_CIPHER_SUITE_WEP40) {
2578 params.cipher = WLAN_CIPHER_SUITE_WEP40;
2579 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP40\n");
2580 } else if (sec->cipher_pairwise & WLAN_CIPHER_SUITE_WEP104) {
2581 params.cipher = WLAN_CIPHER_SUITE_WEP104;
2582 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP104\n");
2584 } else if (wsec & TKIP_ENABLED) {
2585 params.cipher = WLAN_CIPHER_SUITE_TKIP;
2586 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_TKIP\n");
2587 } else if (wsec & AES_ENABLED) {
2588 params.cipher = WLAN_CIPHER_SUITE_AES_CMAC;
2589 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_AES_CMAC\n");
2591 bphy_err(drvr, "Invalid algo (0x%x)\n", wsec);
2595 callback(cookie, ¶ms);
2598 brcmf_dbg(TRACE, "Exit\n");
2603 brcmf_cfg80211_config_default_mgmt_key(struct wiphy *wiphy,
2604 struct net_device *ndev, u8 key_idx)
2606 struct brcmf_if *ifp = netdev_priv(ndev);
2608 brcmf_dbg(TRACE, "Enter key_idx %d\n", key_idx);
2610 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
2613 brcmf_dbg(INFO, "Not supported\n");
2619 brcmf_cfg80211_reconfigure_wep(struct brcmf_if *ifp)
2621 struct brcmf_pub *drvr = ifp->drvr;
2624 struct brcmf_wsec_key *key;
2627 for (key_idx = 0; key_idx < BRCMF_MAX_DEFAULT_KEYS; key_idx++) {
2628 key = &ifp->vif->profile.key[key_idx];
2629 if ((key->algo == CRYPTO_ALGO_WEP1) ||
2630 (key->algo == CRYPTO_ALGO_WEP128))
2633 if (key_idx == BRCMF_MAX_DEFAULT_KEYS)
2636 err = send_key_to_dongle(ifp, key);
2638 bphy_err(drvr, "Setting WEP key failed (%d)\n", err);
2641 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2643 bphy_err(drvr, "get wsec error (%d)\n", err);
2646 wsec |= WEP_ENABLED;
2647 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
2649 bphy_err(drvr, "set wsec error (%d)\n", err);
2652 static void brcmf_convert_sta_flags(u32 fw_sta_flags, struct station_info *si)
2654 struct nl80211_sta_flag_update *sfu;
2656 brcmf_dbg(TRACE, "flags %08x\n", fw_sta_flags);
2657 si->filled |= BIT_ULL(NL80211_STA_INFO_STA_FLAGS);
2658 sfu = &si->sta_flags;
2659 sfu->mask = BIT(NL80211_STA_FLAG_WME) |
2660 BIT(NL80211_STA_FLAG_AUTHENTICATED) |
2661 BIT(NL80211_STA_FLAG_ASSOCIATED) |
2662 BIT(NL80211_STA_FLAG_AUTHORIZED);
2663 if (fw_sta_flags & BRCMF_STA_WME)
2664 sfu->set |= BIT(NL80211_STA_FLAG_WME);
2665 if (fw_sta_flags & BRCMF_STA_AUTHE)
2666 sfu->set |= BIT(NL80211_STA_FLAG_AUTHENTICATED);
2667 if (fw_sta_flags & BRCMF_STA_ASSOC)
2668 sfu->set |= BIT(NL80211_STA_FLAG_ASSOCIATED);
2669 if (fw_sta_flags & BRCMF_STA_AUTHO)
2670 sfu->set |= BIT(NL80211_STA_FLAG_AUTHORIZED);
2673 static void brcmf_fill_bss_param(struct brcmf_if *ifp, struct station_info *si)
2675 struct brcmf_pub *drvr = ifp->drvr;
2678 struct brcmf_bss_info_le bss_le;
2683 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
2687 buf->len = cpu_to_le32(WL_BSS_INFO_MAX);
2688 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO, buf,
2691 bphy_err(drvr, "Failed to get bss info (%d)\n", err);
2694 si->filled |= BIT_ULL(NL80211_STA_INFO_BSS_PARAM);
2695 si->bss_param.beacon_interval = le16_to_cpu(buf->bss_le.beacon_period);
2696 si->bss_param.dtim_period = buf->bss_le.dtim_period;
2697 capability = le16_to_cpu(buf->bss_le.capability);
2698 if (capability & IEEE80211_HT_STBC_PARAM_DUAL_CTS_PROT)
2699 si->bss_param.flags |= BSS_PARAM_FLAGS_CTS_PROT;
2700 if (capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
2701 si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_PREAMBLE;
2702 if (capability & WLAN_CAPABILITY_SHORT_SLOT_TIME)
2703 si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_SLOT_TIME;
2710 brcmf_cfg80211_get_station_ibss(struct brcmf_if *ifp,
2711 struct station_info *sinfo)
2713 struct brcmf_pub *drvr = ifp->drvr;
2714 struct brcmf_scb_val_le scbval;
2715 struct brcmf_pktcnt_le pktcnt;
2720 /* Get the current tx rate */
2721 err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_RATE, &rate);
2723 bphy_err(drvr, "BRCMF_C_GET_RATE error (%d)\n", err);
2726 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
2727 sinfo->txrate.legacy = rate * 5;
2729 memset(&scbval, 0, sizeof(scbval));
2730 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_RSSI, &scbval,
2733 bphy_err(drvr, "BRCMF_C_GET_RSSI error (%d)\n", err);
2736 rssi = le32_to_cpu(scbval.val);
2737 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
2738 sinfo->signal = rssi;
2740 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_GET_PKTCNTS, &pktcnt,
2743 bphy_err(drvr, "BRCMF_C_GET_GET_PKTCNTS error (%d)\n", err);
2746 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_PACKETS) |
2747 BIT_ULL(NL80211_STA_INFO_RX_DROP_MISC) |
2748 BIT_ULL(NL80211_STA_INFO_TX_PACKETS) |
2749 BIT_ULL(NL80211_STA_INFO_TX_FAILED);
2750 sinfo->rx_packets = le32_to_cpu(pktcnt.rx_good_pkt);
2751 sinfo->rx_dropped_misc = le32_to_cpu(pktcnt.rx_bad_pkt);
2752 sinfo->tx_packets = le32_to_cpu(pktcnt.tx_good_pkt);
2753 sinfo->tx_failed = le32_to_cpu(pktcnt.tx_bad_pkt);
2759 brcmf_cfg80211_get_station(struct wiphy *wiphy, struct net_device *ndev,
2760 const u8 *mac, struct station_info *sinfo)
2762 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2763 struct brcmf_if *ifp = netdev_priv(ndev);
2764 struct brcmf_pub *drvr = cfg->pub;
2765 struct brcmf_scb_val_le scb_val;
2767 struct brcmf_sta_info_le sta_info_le;
2770 s32 total_rssi_avg = 0;
2776 brcmf_dbg(TRACE, "Enter, MAC %pM\n", mac);
2777 if (!check_vif_up(ifp->vif))
2780 if (brcmf_is_ibssmode(ifp->vif))
2781 return brcmf_cfg80211_get_station_ibss(ifp, sinfo);
2783 memset(&sta_info_le, 0, sizeof(sta_info_le));
2784 memcpy(&sta_info_le, mac, ETH_ALEN);
2785 err = brcmf_fil_iovar_data_get(ifp, "tdls_sta_info",
2787 sizeof(sta_info_le));
2788 is_tdls_peer = !err;
2790 err = brcmf_fil_iovar_data_get(ifp, "sta_info",
2792 sizeof(sta_info_le));
2794 bphy_err(drvr, "GET STA INFO failed, %d\n", err);
2798 brcmf_dbg(TRACE, "version %d\n", le16_to_cpu(sta_info_le.ver));
2799 sinfo->filled = BIT_ULL(NL80211_STA_INFO_INACTIVE_TIME);
2800 sinfo->inactive_time = le32_to_cpu(sta_info_le.idle) * 1000;
2801 sta_flags = le32_to_cpu(sta_info_le.flags);
2802 brcmf_convert_sta_flags(sta_flags, sinfo);
2803 sinfo->sta_flags.mask |= BIT(NL80211_STA_FLAG_TDLS_PEER);
2805 sinfo->sta_flags.set |= BIT(NL80211_STA_FLAG_TDLS_PEER);
2807 sinfo->sta_flags.set &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
2808 if (sta_flags & BRCMF_STA_ASSOC) {
2809 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_CONNECTED_TIME);
2810 sinfo->connected_time = le32_to_cpu(sta_info_le.in);
2811 brcmf_fill_bss_param(ifp, sinfo);
2813 if (sta_flags & BRCMF_STA_SCBSTATS) {
2814 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_FAILED);
2815 sinfo->tx_failed = le32_to_cpu(sta_info_le.tx_failures);
2816 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_PACKETS);
2817 sinfo->tx_packets = le32_to_cpu(sta_info_le.tx_pkts);
2818 sinfo->tx_packets += le32_to_cpu(sta_info_le.tx_mcast_pkts);
2819 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_PACKETS);
2820 sinfo->rx_packets = le32_to_cpu(sta_info_le.rx_ucast_pkts);
2821 sinfo->rx_packets += le32_to_cpu(sta_info_le.rx_mcast_pkts);
2822 if (sinfo->tx_packets) {
2823 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
2824 sinfo->txrate.legacy =
2825 le32_to_cpu(sta_info_le.tx_rate) / 100;
2827 if (sinfo->rx_packets) {
2828 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BITRATE);
2829 sinfo->rxrate.legacy =
2830 le32_to_cpu(sta_info_le.rx_rate) / 100;
2832 if (le16_to_cpu(sta_info_le.ver) >= 4) {
2833 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BYTES);
2834 sinfo->tx_bytes = le64_to_cpu(sta_info_le.tx_tot_bytes);
2835 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BYTES);
2836 sinfo->rx_bytes = le64_to_cpu(sta_info_le.rx_tot_bytes);
2838 for (i = 0; i < BRCMF_ANT_MAX; i++) {
2839 if (sta_info_le.rssi[i] == 0 ||
2840 sta_info_le.rx_lastpkt_rssi[i] == 0)
2842 sinfo->chains |= BIT(count_rssi);
2843 sinfo->chain_signal[count_rssi] =
2844 sta_info_le.rx_lastpkt_rssi[i];
2845 sinfo->chain_signal_avg[count_rssi] =
2846 sta_info_le.rssi[i];
2847 total_rssi += sta_info_le.rx_lastpkt_rssi[i];
2848 total_rssi_avg += sta_info_le.rssi[i];
2852 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
2853 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL_AVG);
2854 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL);
2856 BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL_AVG);
2857 sinfo->signal = total_rssi / count_rssi;
2858 sinfo->signal_avg = total_rssi_avg / count_rssi;
2859 } else if (test_bit(BRCMF_VIF_STATUS_CONNECTED,
2860 &ifp->vif->sme_state)) {
2861 memset(&scb_val, 0, sizeof(scb_val));
2862 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_RSSI,
2863 &scb_val, sizeof(scb_val));
2865 bphy_err(drvr, "Could not get rssi (%d)\n",
2869 rssi = le32_to_cpu(scb_val.val);
2870 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
2871 sinfo->signal = rssi;
2872 brcmf_dbg(CONN, "RSSI %d dBm\n", rssi);
2877 brcmf_dbg(TRACE, "Exit\n");
2882 brcmf_cfg80211_dump_station(struct wiphy *wiphy, struct net_device *ndev,
2883 int idx, u8 *mac, struct station_info *sinfo)
2885 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2886 struct brcmf_if *ifp = netdev_priv(ndev);
2887 struct brcmf_pub *drvr = cfg->pub;
2890 brcmf_dbg(TRACE, "Enter, idx %d\n", idx);
2893 cfg->assoclist.count = cpu_to_le32(BRCMF_MAX_ASSOCLIST);
2894 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_ASSOCLIST,
2896 sizeof(cfg->assoclist));
2898 bphy_err(drvr, "BRCMF_C_GET_ASSOCLIST unsupported, err=%d\n",
2900 cfg->assoclist.count = 0;
2904 if (idx < le32_to_cpu(cfg->assoclist.count)) {
2905 memcpy(mac, cfg->assoclist.mac[idx], ETH_ALEN);
2906 return brcmf_cfg80211_get_station(wiphy, ndev, mac, sinfo);
2912 brcmf_cfg80211_set_power_mgmt(struct wiphy *wiphy, struct net_device *ndev,
2913 bool enabled, s32 timeout)
2917 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2918 struct brcmf_if *ifp = netdev_priv(ndev);
2919 struct brcmf_pub *drvr = cfg->pub;
2921 brcmf_dbg(TRACE, "Enter\n");
2924 * Powersave enable/disable request is coming from the
2925 * cfg80211 even before the interface is up. In that
2926 * scenario, driver will be storing the power save
2927 * preference in cfg struct to apply this to
2928 * FW later while initializing the dongle
2930 cfg->pwr_save = enabled;
2931 if (!check_vif_up(ifp->vif)) {
2933 brcmf_dbg(INFO, "Device is not ready, storing the value in cfg_info struct\n");
2937 pm = enabled ? PM_FAST : PM_OFF;
2938 /* Do not enable the power save after assoc if it is a p2p interface */
2939 if (ifp->vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT) {
2940 brcmf_dbg(INFO, "Do not enable power save for P2P clients\n");
2943 brcmf_dbg(INFO, "power save %s\n", (pm ? "enabled" : "disabled"));
2945 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, pm);
2948 bphy_err(drvr, "net_device is not ready yet\n");
2950 bphy_err(drvr, "error (%d)\n", err);
2953 err = brcmf_fil_iovar_int_set(ifp, "pm2_sleep_ret",
2954 min_t(u32, timeout, BRCMF_PS_MAX_TIMEOUT_MS));
2956 bphy_err(drvr, "Unable to set pm timeout, (%d)\n", err);
2959 brcmf_dbg(TRACE, "Exit\n");
2963 static s32 brcmf_inform_single_bss(struct brcmf_cfg80211_info *cfg,
2964 struct brcmf_bss_info_le *bi)
2966 struct wiphy *wiphy = cfg_to_wiphy(cfg);
2967 struct brcmf_pub *drvr = cfg->pub;
2968 struct cfg80211_bss *bss;
2969 enum nl80211_band band;
2970 struct brcmu_chan ch;
2973 u16 notify_capability;
2974 u16 notify_interval;
2976 size_t notify_ielen;
2977 struct cfg80211_inform_bss bss_data = {};
2979 if (le32_to_cpu(bi->length) > WL_BSS_INFO_MAX) {
2980 bphy_err(drvr, "Bss info is larger than buffer. Discarding\n");
2985 ch.chspec = le16_to_cpu(bi->chanspec);
2986 cfg->d11inf.decchspec(&ch);
2987 bi->ctl_ch = ch.control_ch_num;
2989 channel = bi->ctl_ch;
2991 if (channel <= CH_MAX_2G_CHANNEL)
2992 band = NL80211_BAND_2GHZ;
2994 band = NL80211_BAND_5GHZ;
2996 freq = ieee80211_channel_to_frequency(channel, band);
2997 bss_data.chan = ieee80211_get_channel(wiphy, freq);
2998 bss_data.scan_width = NL80211_BSS_CHAN_WIDTH_20;
2999 bss_data.boottime_ns = ktime_to_ns(ktime_get_boottime());
3001 notify_capability = le16_to_cpu(bi->capability);
3002 notify_interval = le16_to_cpu(bi->beacon_period);
3003 notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset);
3004 notify_ielen = le32_to_cpu(bi->ie_length);
3005 bss_data.signal = (s16)le16_to_cpu(bi->RSSI) * 100;
3007 brcmf_dbg(CONN, "bssid: %pM\n", bi->BSSID);
3008 brcmf_dbg(CONN, "Channel: %d(%d)\n", channel, freq);
3009 brcmf_dbg(CONN, "Capability: %X\n", notify_capability);
3010 brcmf_dbg(CONN, "Beacon interval: %d\n", notify_interval);
3011 brcmf_dbg(CONN, "Signal: %d\n", bss_data.signal);
3013 bss = cfg80211_inform_bss_data(wiphy, &bss_data,
3014 CFG80211_BSS_FTYPE_UNKNOWN,
3015 (const u8 *)bi->BSSID,
3016 0, notify_capability,
3017 notify_interval, notify_ie,
3018 notify_ielen, GFP_KERNEL);
3023 cfg80211_put_bss(wiphy, bss);
3028 static struct brcmf_bss_info_le *
3029 next_bss_le(struct brcmf_scan_results *list, struct brcmf_bss_info_le *bss)
3032 return list->bss_info_le;
3033 return (struct brcmf_bss_info_le *)((unsigned long)bss +
3034 le32_to_cpu(bss->length));
3037 static s32 brcmf_inform_bss(struct brcmf_cfg80211_info *cfg)
3039 struct brcmf_pub *drvr = cfg->pub;
3040 struct brcmf_scan_results *bss_list;
3041 struct brcmf_bss_info_le *bi = NULL; /* must be initialized */
3045 bss_list = (struct brcmf_scan_results *)cfg->escan_info.escan_buf;
3046 if (bss_list->count != 0 &&
3047 bss_list->version != BRCMF_BSS_INFO_VERSION) {
3048 bphy_err(drvr, "Version %d != WL_BSS_INFO_VERSION\n",
3052 brcmf_dbg(SCAN, "scanned AP count (%d)\n", bss_list->count);
3053 for (i = 0; i < bss_list->count; i++) {
3054 bi = next_bss_le(bss_list, bi);
3055 err = brcmf_inform_single_bss(cfg, bi);
3062 static s32 brcmf_inform_ibss(struct brcmf_cfg80211_info *cfg,
3063 struct net_device *ndev, const u8 *bssid)
3065 struct wiphy *wiphy = cfg_to_wiphy(cfg);
3066 struct brcmf_pub *drvr = cfg->pub;
3067 struct ieee80211_channel *notify_channel;
3068 struct brcmf_bss_info_le *bi = NULL;
3069 struct ieee80211_supported_band *band;
3070 struct cfg80211_bss *bss;
3071 struct brcmu_chan ch;
3075 u16 notify_capability;
3076 u16 notify_interval;
3078 size_t notify_ielen;
3081 brcmf_dbg(TRACE, "Enter\n");
3083 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
3089 *(__le32 *)buf = cpu_to_le32(WL_BSS_INFO_MAX);
3091 err = brcmf_fil_cmd_data_get(netdev_priv(ndev), BRCMF_C_GET_BSS_INFO,
3092 buf, WL_BSS_INFO_MAX);
3094 bphy_err(drvr, "WLC_GET_BSS_INFO failed: %d\n", err);
3098 bi = (struct brcmf_bss_info_le *)(buf + 4);
3100 ch.chspec = le16_to_cpu(bi->chanspec);
3101 cfg->d11inf.decchspec(&ch);
3103 if (ch.band == BRCMU_CHAN_BAND_2G)
3104 band = wiphy->bands[NL80211_BAND_2GHZ];
3106 band = wiphy->bands[NL80211_BAND_5GHZ];
3108 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band->band);
3109 cfg->channel = freq;
3110 notify_channel = ieee80211_get_channel(wiphy, freq);
3112 notify_capability = le16_to_cpu(bi->capability);
3113 notify_interval = le16_to_cpu(bi->beacon_period);
3114 notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset);
3115 notify_ielen = le32_to_cpu(bi->ie_length);
3116 notify_signal = (s16)le16_to_cpu(bi->RSSI) * 100;
3118 brcmf_dbg(CONN, "channel: %d(%d)\n", ch.control_ch_num, freq);
3119 brcmf_dbg(CONN, "capability: %X\n", notify_capability);
3120 brcmf_dbg(CONN, "beacon interval: %d\n", notify_interval);
3121 brcmf_dbg(CONN, "signal: %d\n", notify_signal);
3123 bss = cfg80211_inform_bss(wiphy, notify_channel,
3124 CFG80211_BSS_FTYPE_UNKNOWN, bssid, 0,
3125 notify_capability, notify_interval,
3126 notify_ie, notify_ielen, notify_signal,
3134 cfg80211_put_bss(wiphy, bss);
3140 brcmf_dbg(TRACE, "Exit\n");
3145 static s32 brcmf_update_bss_info(struct brcmf_cfg80211_info *cfg,
3146 struct brcmf_if *ifp)
3148 struct brcmf_pub *drvr = cfg->pub;
3149 struct brcmf_bss_info_le *bi;
3150 const struct brcmf_tlv *tim;
3155 brcmf_dbg(TRACE, "Enter\n");
3156 if (brcmf_is_ibssmode(ifp->vif))
3159 *(__le32 *)cfg->extra_buf = cpu_to_le32(WL_EXTRA_BUF_MAX);
3160 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO,
3161 cfg->extra_buf, WL_EXTRA_BUF_MAX);
3163 bphy_err(drvr, "Could not get bss info %d\n", err);
3164 goto update_bss_info_out;
3167 bi = (struct brcmf_bss_info_le *)(cfg->extra_buf + 4);
3168 err = brcmf_inform_single_bss(cfg, bi);
3170 goto update_bss_info_out;
3172 ie = ((u8 *)bi) + le16_to_cpu(bi->ie_offset);
3173 ie_len = le32_to_cpu(bi->ie_length);
3175 tim = brcmf_parse_tlvs(ie, ie_len, WLAN_EID_TIM);
3178 * active scan was done so we could not get dtim
3179 * information out of probe response.
3180 * so we speficially query dtim information to dongle.
3183 err = brcmf_fil_iovar_int_get(ifp, "dtim_assoc", &var);
3185 bphy_err(drvr, "wl dtim_assoc failed (%d)\n", err);
3186 goto update_bss_info_out;
3190 update_bss_info_out:
3191 brcmf_dbg(TRACE, "Exit");
3195 void brcmf_abort_scanning(struct brcmf_cfg80211_info *cfg)
3197 struct escan_info *escan = &cfg->escan_info;
3199 set_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status);
3200 if (cfg->int_escan_map || cfg->scan_request) {
3201 escan->escan_state = WL_ESCAN_STATE_IDLE;
3202 brcmf_notify_escan_complete(cfg, escan->ifp, true, true);
3204 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3205 clear_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status);
3208 static void brcmf_cfg80211_escan_timeout_worker(struct work_struct *work)
3210 struct brcmf_cfg80211_info *cfg =
3211 container_of(work, struct brcmf_cfg80211_info,
3212 escan_timeout_work);
3214 brcmf_inform_bss(cfg);
3215 brcmf_notify_escan_complete(cfg, cfg->escan_info.ifp, true, true);
3218 static void brcmf_escan_timeout(struct timer_list *t)
3220 struct brcmf_cfg80211_info *cfg =
3221 from_timer(cfg, t, escan_timeout);
3222 struct brcmf_pub *drvr = cfg->pub;
3224 if (cfg->int_escan_map || cfg->scan_request) {
3225 bphy_err(drvr, "timer expired\n");
3226 schedule_work(&cfg->escan_timeout_work);
3231 brcmf_compare_update_same_bss(struct brcmf_cfg80211_info *cfg,
3232 struct brcmf_bss_info_le *bss,
3233 struct brcmf_bss_info_le *bss_info_le)
3235 struct brcmu_chan ch_bss, ch_bss_info_le;
3237 ch_bss.chspec = le16_to_cpu(bss->chanspec);
3238 cfg->d11inf.decchspec(&ch_bss);
3239 ch_bss_info_le.chspec = le16_to_cpu(bss_info_le->chanspec);
3240 cfg->d11inf.decchspec(&ch_bss_info_le);
3242 if (!memcmp(&bss_info_le->BSSID, &bss->BSSID, ETH_ALEN) &&
3243 ch_bss.band == ch_bss_info_le.band &&
3244 bss_info_le->SSID_len == bss->SSID_len &&
3245 !memcmp(bss_info_le->SSID, bss->SSID, bss_info_le->SSID_len)) {
3246 if ((bss->flags & BRCMF_BSS_RSSI_ON_CHANNEL) ==
3247 (bss_info_le->flags & BRCMF_BSS_RSSI_ON_CHANNEL)) {
3248 s16 bss_rssi = le16_to_cpu(bss->RSSI);
3249 s16 bss_info_rssi = le16_to_cpu(bss_info_le->RSSI);
3251 /* preserve max RSSI if the measurements are
3252 * both on-channel or both off-channel
3254 if (bss_info_rssi > bss_rssi)
3255 bss->RSSI = bss_info_le->RSSI;
3256 } else if ((bss->flags & BRCMF_BSS_RSSI_ON_CHANNEL) &&
3257 (bss_info_le->flags & BRCMF_BSS_RSSI_ON_CHANNEL) == 0) {
3258 /* preserve the on-channel rssi measurement
3259 * if the new measurement is off channel
3261 bss->RSSI = bss_info_le->RSSI;
3262 bss->flags |= BRCMF_BSS_RSSI_ON_CHANNEL;
3270 brcmf_cfg80211_escan_handler(struct brcmf_if *ifp,
3271 const struct brcmf_event_msg *e, void *data)
3273 struct brcmf_pub *drvr = ifp->drvr;
3274 struct brcmf_cfg80211_info *cfg = drvr->config;
3276 struct brcmf_escan_result_le *escan_result_le;
3278 struct brcmf_bss_info_le *bss_info_le;
3279 struct brcmf_bss_info_le *bss = NULL;
3281 struct brcmf_scan_results *list;
3287 if (status == BRCMF_E_STATUS_ABORT)
3290 if (!test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
3291 bphy_err(drvr, "scan not ready, bsscfgidx=%d\n",
3296 if (status == BRCMF_E_STATUS_PARTIAL) {
3297 brcmf_dbg(SCAN, "ESCAN Partial result\n");
3298 if (e->datalen < sizeof(*escan_result_le)) {
3299 bphy_err(drvr, "invalid event data length\n");
3302 escan_result_le = (struct brcmf_escan_result_le *) data;
3303 if (!escan_result_le) {
3304 bphy_err(drvr, "Invalid escan result (NULL pointer)\n");
3307 escan_buflen = le32_to_cpu(escan_result_le->buflen);
3308 if (escan_buflen > BRCMF_ESCAN_BUF_SIZE ||
3309 escan_buflen > e->datalen ||
3310 escan_buflen < sizeof(*escan_result_le)) {
3311 bphy_err(drvr, "Invalid escan buffer length: %d\n",
3315 if (le16_to_cpu(escan_result_le->bss_count) != 1) {
3316 bphy_err(drvr, "Invalid bss_count %d: ignoring\n",
3317 escan_result_le->bss_count);
3320 bss_info_le = &escan_result_le->bss_info_le;
3322 if (brcmf_p2p_scan_finding_common_channel(cfg, bss_info_le))
3325 if (!cfg->int_escan_map && !cfg->scan_request) {
3326 brcmf_dbg(SCAN, "result without cfg80211 request\n");
3330 bi_length = le32_to_cpu(bss_info_le->length);
3331 if (bi_length != escan_buflen - WL_ESCAN_RESULTS_FIXED_SIZE) {
3332 bphy_err(drvr, "Ignoring invalid bss_info length: %d\n",
3337 if (!(cfg_to_wiphy(cfg)->interface_modes &
3338 BIT(NL80211_IFTYPE_ADHOC))) {
3339 if (le16_to_cpu(bss_info_le->capability) &
3340 WLAN_CAPABILITY_IBSS) {
3341 bphy_err(drvr, "Ignoring IBSS result\n");
3346 list = (struct brcmf_scan_results *)
3347 cfg->escan_info.escan_buf;
3348 if (bi_length > BRCMF_ESCAN_BUF_SIZE - list->buflen) {
3349 bphy_err(drvr, "Buffer is too small: ignoring\n");
3353 for (i = 0; i < list->count; i++) {
3354 bss = bss ? (struct brcmf_bss_info_le *)
3355 ((unsigned char *)bss +
3356 le32_to_cpu(bss->length)) : list->bss_info_le;
3357 if (brcmf_compare_update_same_bss(cfg, bss,
3361 memcpy(&cfg->escan_info.escan_buf[list->buflen], bss_info_le,
3363 list->version = le32_to_cpu(bss_info_le->version);
3364 list->buflen += bi_length;
3367 cfg->escan_info.escan_state = WL_ESCAN_STATE_IDLE;
3368 if (brcmf_p2p_scan_finding_common_channel(cfg, NULL))
3370 if (cfg->int_escan_map || cfg->scan_request) {
3371 brcmf_inform_bss(cfg);
3372 aborted = status != BRCMF_E_STATUS_SUCCESS;
3373 brcmf_notify_escan_complete(cfg, ifp, aborted, false);
3375 brcmf_dbg(SCAN, "Ignored scan complete result 0x%x\n",
3382 static void brcmf_init_escan(struct brcmf_cfg80211_info *cfg)
3384 brcmf_fweh_register(cfg->pub, BRCMF_E_ESCAN_RESULT,
3385 brcmf_cfg80211_escan_handler);
3386 cfg->escan_info.escan_state = WL_ESCAN_STATE_IDLE;
3387 /* Init scan_timeout timer */
3388 timer_setup(&cfg->escan_timeout, brcmf_escan_timeout, 0);
3389 INIT_WORK(&cfg->escan_timeout_work,
3390 brcmf_cfg80211_escan_timeout_worker);
3393 static struct cfg80211_scan_request *
3394 brcmf_alloc_internal_escan_request(struct wiphy *wiphy, u32 n_netinfo) {
3395 struct cfg80211_scan_request *req;
3398 req_size = sizeof(*req) +
3399 n_netinfo * sizeof(req->channels[0]) +
3400 n_netinfo * sizeof(*req->ssids);
3402 req = kzalloc(req_size, GFP_KERNEL);
3405 req->ssids = (void *)(&req->channels[0]) +
3406 n_netinfo * sizeof(req->channels[0]);
3411 static int brcmf_internal_escan_add_info(struct cfg80211_scan_request *req,
3412 u8 *ssid, u8 ssid_len, u8 channel)
3414 struct ieee80211_channel *chan;
3415 enum nl80211_band band;
3418 if (channel <= CH_MAX_2G_CHANNEL)
3419 band = NL80211_BAND_2GHZ;
3421 band = NL80211_BAND_5GHZ;
3423 freq = ieee80211_channel_to_frequency(channel, band);
3427 chan = ieee80211_get_channel(req->wiphy, freq);
3431 for (i = 0; i < req->n_channels; i++) {
3432 if (req->channels[i] == chan)
3435 if (i == req->n_channels)
3436 req->channels[req->n_channels++] = chan;
3438 for (i = 0; i < req->n_ssids; i++) {
3439 if (req->ssids[i].ssid_len == ssid_len &&
3440 !memcmp(req->ssids[i].ssid, ssid, ssid_len))
3443 if (i == req->n_ssids) {
3444 memcpy(req->ssids[req->n_ssids].ssid, ssid, ssid_len);
3445 req->ssids[req->n_ssids++].ssid_len = ssid_len;
3450 static int brcmf_start_internal_escan(struct brcmf_if *ifp, u32 fwmap,
3451 struct cfg80211_scan_request *request)
3453 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
3456 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
3457 if (cfg->int_escan_map)
3458 brcmf_dbg(SCAN, "aborting internal scan: map=%u\n",
3459 cfg->int_escan_map);
3460 /* Abort any on-going scan */
3461 brcmf_abort_scanning(cfg);
3464 brcmf_dbg(SCAN, "start internal scan: map=%u\n", fwmap);
3465 set_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3466 cfg->escan_info.run = brcmf_run_escan;
3467 err = brcmf_do_escan(ifp, request);
3469 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3472 cfg->int_escan_map = fwmap;
3476 static struct brcmf_pno_net_info_le *
3477 brcmf_get_netinfo_array(struct brcmf_pno_scanresults_le *pfn_v1)
3479 struct brcmf_pno_scanresults_v2_le *pfn_v2;
3480 struct brcmf_pno_net_info_le *netinfo;
3482 switch (pfn_v1->version) {
3486 case cpu_to_le32(1):
3487 netinfo = (struct brcmf_pno_net_info_le *)(pfn_v1 + 1);
3489 case cpu_to_le32(2):
3490 pfn_v2 = (struct brcmf_pno_scanresults_v2_le *)pfn_v1;
3491 netinfo = (struct brcmf_pno_net_info_le *)(pfn_v2 + 1);
3498 /* PFN result doesn't have all the info which are required by the supplicant
3499 * (For e.g IEs) Do a target Escan so that sched scan results are reported
3500 * via wl_inform_single_bss in the required format. Escan does require the
3501 * scan request in the form of cfg80211_scan_request. For timebeing, create
3502 * cfg80211_scan_request one out of the received PNO event.
3505 brcmf_notify_sched_scan_results(struct brcmf_if *ifp,
3506 const struct brcmf_event_msg *e, void *data)
3508 struct brcmf_pub *drvr = ifp->drvr;
3509 struct brcmf_cfg80211_info *cfg = drvr->config;
3510 struct brcmf_pno_net_info_le *netinfo, *netinfo_start;
3511 struct cfg80211_scan_request *request = NULL;
3512 struct wiphy *wiphy = cfg_to_wiphy(cfg);
3514 struct brcmf_pno_scanresults_le *pfn_result;
3520 brcmf_dbg(SCAN, "Enter\n");
3522 if (e->datalen < (sizeof(*pfn_result) + sizeof(*netinfo))) {
3523 brcmf_dbg(SCAN, "Event data to small. Ignore\n");
3527 if (e->event_code == BRCMF_E_PFN_NET_LOST) {
3528 brcmf_dbg(SCAN, "PFN NET LOST event. Do Nothing\n");
3532 pfn_result = (struct brcmf_pno_scanresults_le *)data;
3533 result_count = le32_to_cpu(pfn_result->count);
3534 status = le32_to_cpu(pfn_result->status);
3536 /* PFN event is limited to fit 512 bytes so we may get
3537 * multiple NET_FOUND events. For now place a warning here.
3539 WARN_ON(status != BRCMF_PNO_SCAN_COMPLETE);
3540 brcmf_dbg(SCAN, "PFN NET FOUND event. count: %d\n", result_count);
3541 if (!result_count) {
3542 bphy_err(drvr, "FALSE PNO Event. (pfn_count == 0)\n");
3546 netinfo_start = brcmf_get_netinfo_array(pfn_result);
3547 datalen = e->datalen - ((void *)netinfo_start - (void *)pfn_result);
3548 if (datalen < result_count * sizeof(*netinfo)) {
3549 bphy_err(drvr, "insufficient event data\n");
3553 request = brcmf_alloc_internal_escan_request(wiphy,
3561 for (i = 0; i < result_count; i++) {
3562 netinfo = &netinfo_start[i];
3564 if (netinfo->SSID_len > IEEE80211_MAX_SSID_LEN)
3565 netinfo->SSID_len = IEEE80211_MAX_SSID_LEN;
3566 brcmf_dbg(SCAN, "SSID:%.32s Channel:%d\n",
3567 netinfo->SSID, netinfo->channel);
3568 bucket_map |= brcmf_pno_get_bucket_map(cfg->pno, netinfo);
3569 err = brcmf_internal_escan_add_info(request,
3580 err = brcmf_start_internal_escan(ifp, bucket_map, request);
3585 cfg80211_sched_scan_stopped(wiphy, 0);
3592 brcmf_cfg80211_sched_scan_start(struct wiphy *wiphy,
3593 struct net_device *ndev,
3594 struct cfg80211_sched_scan_request *req)
3596 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3597 struct brcmf_if *ifp = netdev_priv(ndev);
3598 struct brcmf_pub *drvr = cfg->pub;
3600 brcmf_dbg(SCAN, "Enter: n_match_sets=%d n_ssids=%d\n",
3601 req->n_match_sets, req->n_ssids);
3603 if (test_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status)) {
3604 bphy_err(drvr, "Scanning suppressed: status=%lu\n",
3609 if (req->n_match_sets <= 0) {
3610 brcmf_dbg(SCAN, "invalid number of matchsets specified: %d\n",
3615 return brcmf_pno_start_sched_scan(ifp, req);
3618 static int brcmf_cfg80211_sched_scan_stop(struct wiphy *wiphy,
3619 struct net_device *ndev, u64 reqid)
3621 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3622 struct brcmf_if *ifp = netdev_priv(ndev);
3624 brcmf_dbg(SCAN, "enter\n");
3625 brcmf_pno_stop_sched_scan(ifp, reqid);
3626 if (cfg->int_escan_map)
3627 brcmf_notify_escan_complete(cfg, ifp, true, true);
3631 static __always_inline void brcmf_delay(u32 ms)
3633 if (ms < 1000 / HZ) {
3641 static s32 brcmf_config_wowl_pattern(struct brcmf_if *ifp, u8 cmd[4],
3642 u8 *pattern, u32 patternsize, u8 *mask,
3645 struct brcmf_fil_wowl_pattern_le *filter;
3652 masksize = (patternsize + 7) / 8;
3653 patternoffset = sizeof(*filter) - sizeof(filter->cmd) + masksize;
3655 bufsize = sizeof(*filter) + patternsize + masksize;
3656 buf = kzalloc(bufsize, GFP_KERNEL);
3659 filter = (struct brcmf_fil_wowl_pattern_le *)buf;
3661 memcpy(filter->cmd, cmd, 4);
3662 filter->masksize = cpu_to_le32(masksize);
3663 filter->offset = cpu_to_le32(packet_offset);
3664 filter->patternoffset = cpu_to_le32(patternoffset);
3665 filter->patternsize = cpu_to_le32(patternsize);
3666 filter->type = cpu_to_le32(BRCMF_WOWL_PATTERN_TYPE_BITMAP);
3668 if ((mask) && (masksize))
3669 memcpy(buf + sizeof(*filter), mask, masksize);
3670 if ((pattern) && (patternsize))
3671 memcpy(buf + sizeof(*filter) + masksize, pattern, patternsize);
3673 ret = brcmf_fil_iovar_data_set(ifp, "wowl_pattern", buf, bufsize);
3680 brcmf_wowl_nd_results(struct brcmf_if *ifp, const struct brcmf_event_msg *e,
3683 struct brcmf_pub *drvr = ifp->drvr;
3684 struct brcmf_cfg80211_info *cfg = drvr->config;
3685 struct brcmf_pno_scanresults_le *pfn_result;
3686 struct brcmf_pno_net_info_le *netinfo;
3688 brcmf_dbg(SCAN, "Enter\n");
3690 if (e->datalen < (sizeof(*pfn_result) + sizeof(*netinfo))) {
3691 brcmf_dbg(SCAN, "Event data to small. Ignore\n");
3695 pfn_result = (struct brcmf_pno_scanresults_le *)data;
3697 if (e->event_code == BRCMF_E_PFN_NET_LOST) {
3698 brcmf_dbg(SCAN, "PFN NET LOST event. Ignore\n");
3702 if (le32_to_cpu(pfn_result->count) < 1) {
3703 bphy_err(drvr, "Invalid result count, expected 1 (%d)\n",
3704 le32_to_cpu(pfn_result->count));
3708 netinfo = brcmf_get_netinfo_array(pfn_result);
3709 if (netinfo->SSID_len > IEEE80211_MAX_SSID_LEN)
3710 netinfo->SSID_len = IEEE80211_MAX_SSID_LEN;
3711 memcpy(cfg->wowl.nd->ssid.ssid, netinfo->SSID, netinfo->SSID_len);
3712 cfg->wowl.nd->ssid.ssid_len = netinfo->SSID_len;
3713 cfg->wowl.nd->n_channels = 1;
3714 cfg->wowl.nd->channels[0] =
3715 ieee80211_channel_to_frequency(netinfo->channel,
3716 netinfo->channel <= CH_MAX_2G_CHANNEL ?
3717 NL80211_BAND_2GHZ : NL80211_BAND_5GHZ);
3718 cfg->wowl.nd_info->n_matches = 1;
3719 cfg->wowl.nd_info->matches[0] = cfg->wowl.nd;
3721 /* Inform (the resume task) that the net detect information was recvd */
3722 cfg->wowl.nd_data_completed = true;
3723 wake_up(&cfg->wowl.nd_data_wait);
3730 static void brcmf_report_wowl_wakeind(struct wiphy *wiphy, struct brcmf_if *ifp)
3732 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3733 struct brcmf_pub *drvr = cfg->pub;
3734 struct brcmf_wowl_wakeind_le wake_ind_le;
3735 struct cfg80211_wowlan_wakeup wakeup_data;
3736 struct cfg80211_wowlan_wakeup *wakeup;
3741 err = brcmf_fil_iovar_data_get(ifp, "wowl_wakeind", &wake_ind_le,
3742 sizeof(wake_ind_le));
3744 bphy_err(drvr, "Get wowl_wakeind failed, err = %d\n", err);
3748 wakeind = le32_to_cpu(wake_ind_le.ucode_wakeind);
3749 if (wakeind & (BRCMF_WOWL_MAGIC | BRCMF_WOWL_DIS | BRCMF_WOWL_BCN |
3750 BRCMF_WOWL_RETR | BRCMF_WOWL_NET |
3751 BRCMF_WOWL_PFN_FOUND)) {
3752 wakeup = &wakeup_data;
3753 memset(&wakeup_data, 0, sizeof(wakeup_data));
3754 wakeup_data.pattern_idx = -1;
3756 if (wakeind & BRCMF_WOWL_MAGIC) {
3757 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_MAGIC\n");
3758 wakeup_data.magic_pkt = true;
3760 if (wakeind & BRCMF_WOWL_DIS) {
3761 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_DIS\n");
3762 wakeup_data.disconnect = true;
3764 if (wakeind & BRCMF_WOWL_BCN) {
3765 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_BCN\n");
3766 wakeup_data.disconnect = true;
3768 if (wakeind & BRCMF_WOWL_RETR) {
3769 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_RETR\n");
3770 wakeup_data.disconnect = true;
3772 if (wakeind & BRCMF_WOWL_NET) {
3773 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_NET\n");
3774 /* For now always map to pattern 0, no API to get
3775 * correct information available at the moment.
3777 wakeup_data.pattern_idx = 0;
3779 if (wakeind & BRCMF_WOWL_PFN_FOUND) {
3780 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_PFN_FOUND\n");
3781 timeout = wait_event_timeout(cfg->wowl.nd_data_wait,
3782 cfg->wowl.nd_data_completed,
3783 BRCMF_ND_INFO_TIMEOUT);
3785 bphy_err(drvr, "No result for wowl net detect\n");
3787 wakeup_data.net_detect = cfg->wowl.nd_info;
3789 if (wakeind & BRCMF_WOWL_GTK_FAILURE) {
3790 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_GTK_FAILURE\n");
3791 wakeup_data.gtk_rekey_failure = true;
3796 cfg80211_report_wowlan_wakeup(&ifp->vif->wdev, wakeup, GFP_KERNEL);
3801 static void brcmf_report_wowl_wakeind(struct wiphy *wiphy, struct brcmf_if *ifp)
3805 #endif /* CONFIG_PM */
3807 static s32 brcmf_cfg80211_resume(struct wiphy *wiphy)
3809 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3810 struct net_device *ndev = cfg_to_ndev(cfg);
3811 struct brcmf_if *ifp = netdev_priv(ndev);
3813 brcmf_dbg(TRACE, "Enter\n");
3815 if (cfg->wowl.active) {
3816 brcmf_report_wowl_wakeind(wiphy, ifp);
3817 brcmf_fil_iovar_int_set(ifp, "wowl_clear", 0);
3818 brcmf_config_wowl_pattern(ifp, "clr", NULL, 0, NULL, 0);
3819 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ARP_ND))
3820 brcmf_configure_arp_nd_offload(ifp, true);
3821 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM,
3822 cfg->wowl.pre_pmmode);
3823 cfg->wowl.active = false;
3824 if (cfg->wowl.nd_enabled) {
3825 brcmf_cfg80211_sched_scan_stop(cfg->wiphy, ifp->ndev, 0);
3826 brcmf_fweh_unregister(cfg->pub, BRCMF_E_PFN_NET_FOUND);
3827 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
3828 brcmf_notify_sched_scan_results);
3829 cfg->wowl.nd_enabled = false;
3835 static void brcmf_configure_wowl(struct brcmf_cfg80211_info *cfg,
3836 struct brcmf_if *ifp,
3837 struct cfg80211_wowlan *wowl)
3840 struct brcmf_wowl_wakeind_le wowl_wakeind;
3843 brcmf_dbg(TRACE, "Suspend, wowl config.\n");
3845 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ARP_ND))
3846 brcmf_configure_arp_nd_offload(ifp, false);
3847 brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_PM, &cfg->wowl.pre_pmmode);
3848 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, PM_MAX);
3851 if (wowl->disconnect)
3852 wowl_config = BRCMF_WOWL_DIS | BRCMF_WOWL_BCN | BRCMF_WOWL_RETR;
3853 if (wowl->magic_pkt)
3854 wowl_config |= BRCMF_WOWL_MAGIC;
3855 if ((wowl->patterns) && (wowl->n_patterns)) {
3856 wowl_config |= BRCMF_WOWL_NET;
3857 for (i = 0; i < wowl->n_patterns; i++) {
3858 brcmf_config_wowl_pattern(ifp, "add",
3859 (u8 *)wowl->patterns[i].pattern,
3860 wowl->patterns[i].pattern_len,
3861 (u8 *)wowl->patterns[i].mask,
3862 wowl->patterns[i].pkt_offset);
3865 if (wowl->nd_config) {
3866 brcmf_cfg80211_sched_scan_start(cfg->wiphy, ifp->ndev,
3868 wowl_config |= BRCMF_WOWL_PFN_FOUND;
3870 cfg->wowl.nd_data_completed = false;
3871 cfg->wowl.nd_enabled = true;
3872 /* Now reroute the event for PFN to the wowl function. */
3873 brcmf_fweh_unregister(cfg->pub, BRCMF_E_PFN_NET_FOUND);
3874 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
3875 brcmf_wowl_nd_results);
3877 if (wowl->gtk_rekey_failure)
3878 wowl_config |= BRCMF_WOWL_GTK_FAILURE;
3879 if (!test_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state))
3880 wowl_config |= BRCMF_WOWL_UNASSOC;
3882 memcpy(&wowl_wakeind, "clear", 6);
3883 brcmf_fil_iovar_data_set(ifp, "wowl_wakeind", &wowl_wakeind,
3884 sizeof(wowl_wakeind));
3885 brcmf_fil_iovar_int_set(ifp, "wowl", wowl_config);
3886 brcmf_fil_iovar_int_set(ifp, "wowl_activate", 1);
3887 brcmf_bus_wowl_config(cfg->pub->bus_if, true);
3888 cfg->wowl.active = true;
3891 static s32 brcmf_cfg80211_suspend(struct wiphy *wiphy,
3892 struct cfg80211_wowlan *wowl)
3894 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3895 struct net_device *ndev = cfg_to_ndev(cfg);
3896 struct brcmf_if *ifp = netdev_priv(ndev);
3897 struct brcmf_cfg80211_vif *vif;
3899 brcmf_dbg(TRACE, "Enter\n");
3901 /* if the primary net_device is not READY there is nothing
3902 * we can do but pray resume goes smoothly.
3904 if (!check_vif_up(ifp->vif))
3907 /* Stop scheduled scan */
3908 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO))
3909 brcmf_cfg80211_sched_scan_stop(wiphy, ndev, 0);
3911 /* end any scanning */
3912 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status))
3913 brcmf_abort_scanning(cfg);
3916 brcmf_bus_wowl_config(cfg->pub->bus_if, false);
3917 list_for_each_entry(vif, &cfg->vif_list, list) {
3918 if (!test_bit(BRCMF_VIF_STATUS_READY, &vif->sme_state))
3920 /* While going to suspend if associated with AP
3921 * disassociate from AP to save power while system is
3922 * in suspended state
3924 brcmf_link_down(vif, WLAN_REASON_UNSPECIFIED, true);
3925 /* Make sure WPA_Supplicant receives all the event
3926 * generated due to DISASSOC call to the fw to keep
3927 * the state fw and WPA_Supplicant state consistent
3932 brcmf_set_mpc(ifp, 1);
3935 /* Configure WOWL paramaters */
3936 brcmf_configure_wowl(cfg, ifp, wowl);
3940 brcmf_dbg(TRACE, "Exit\n");
3941 /* clear any scanning activity */
3942 cfg->scan_status = 0;
3947 brcmf_update_pmklist(struct brcmf_cfg80211_info *cfg, struct brcmf_if *ifp)
3949 struct brcmf_pmk_list_le *pmk_list;
3954 pmk_list = &cfg->pmk_list;
3955 npmk = le32_to_cpu(pmk_list->npmk);
3957 brcmf_dbg(CONN, "No of elements %d\n", npmk);
3958 for (i = 0; i < npmk; i++)
3959 brcmf_dbg(CONN, "PMK[%d]: %pM\n", i, &pmk_list->pmk[i].bssid);
3961 err = brcmf_fil_iovar_data_set(ifp, "pmkid_info", pmk_list,
3968 brcmf_cfg80211_set_pmksa(struct wiphy *wiphy, struct net_device *ndev,
3969 struct cfg80211_pmksa *pmksa)
3971 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3972 struct brcmf_if *ifp = netdev_priv(ndev);
3973 struct brcmf_pmksa *pmk = &cfg->pmk_list.pmk[0];
3974 struct brcmf_pub *drvr = cfg->pub;
3978 brcmf_dbg(TRACE, "Enter\n");
3979 if (!check_vif_up(ifp->vif))
3982 npmk = le32_to_cpu(cfg->pmk_list.npmk);
3983 for (i = 0; i < npmk; i++)
3984 if (!memcmp(pmksa->bssid, pmk[i].bssid, ETH_ALEN))
3986 if (i < BRCMF_MAXPMKID) {
3987 memcpy(pmk[i].bssid, pmksa->bssid, ETH_ALEN);
3988 memcpy(pmk[i].pmkid, pmksa->pmkid, WLAN_PMKID_LEN);
3991 cfg->pmk_list.npmk = cpu_to_le32(npmk);
3994 bphy_err(drvr, "Too many PMKSA entries cached %d\n", npmk);
3998 brcmf_dbg(CONN, "set_pmksa - PMK bssid: %pM =\n", pmk[npmk].bssid);
3999 brcmf_dbg(CONN, "%*ph\n", WLAN_PMKID_LEN, pmk[npmk].pmkid);
4001 err = brcmf_update_pmklist(cfg, ifp);
4003 brcmf_dbg(TRACE, "Exit\n");
4008 brcmf_cfg80211_del_pmksa(struct wiphy *wiphy, struct net_device *ndev,
4009 struct cfg80211_pmksa *pmksa)
4011 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4012 struct brcmf_if *ifp = netdev_priv(ndev);
4013 struct brcmf_pmksa *pmk = &cfg->pmk_list.pmk[0];
4014 struct brcmf_pub *drvr = cfg->pub;
4018 brcmf_dbg(TRACE, "Enter\n");
4019 if (!check_vif_up(ifp->vif))
4022 brcmf_dbg(CONN, "del_pmksa - PMK bssid = %pM\n", pmksa->bssid);
4024 npmk = le32_to_cpu(cfg->pmk_list.npmk);
4025 for (i = 0; i < npmk; i++)
4026 if (!memcmp(pmksa->bssid, pmk[i].bssid, ETH_ALEN))
4029 if ((npmk > 0) && (i < npmk)) {
4030 for (; i < (npmk - 1); i++) {
4031 memcpy(&pmk[i].bssid, &pmk[i + 1].bssid, ETH_ALEN);
4032 memcpy(&pmk[i].pmkid, &pmk[i + 1].pmkid,
4035 memset(&pmk[i], 0, sizeof(*pmk));
4036 cfg->pmk_list.npmk = cpu_to_le32(npmk - 1);
4038 bphy_err(drvr, "Cache entry not found\n");
4042 err = brcmf_update_pmklist(cfg, ifp);
4044 brcmf_dbg(TRACE, "Exit\n");
4050 brcmf_cfg80211_flush_pmksa(struct wiphy *wiphy, struct net_device *ndev)
4052 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4053 struct brcmf_if *ifp = netdev_priv(ndev);
4056 brcmf_dbg(TRACE, "Enter\n");
4057 if (!check_vif_up(ifp->vif))
4060 memset(&cfg->pmk_list, 0, sizeof(cfg->pmk_list));
4061 err = brcmf_update_pmklist(cfg, ifp);
4063 brcmf_dbg(TRACE, "Exit\n");
4068 static s32 brcmf_configure_opensecurity(struct brcmf_if *ifp)
4070 struct brcmf_pub *drvr = ifp->drvr;
4075 err = brcmf_fil_bsscfg_int_set(ifp, "auth", 0);
4077 bphy_err(drvr, "auth error %d\n", err);
4081 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", 0);
4083 bphy_err(drvr, "wsec error %d\n", err);
4086 /* set upper-layer auth */
4087 if (brcmf_is_ibssmode(ifp->vif))
4088 wpa_val = WPA_AUTH_NONE;
4090 wpa_val = WPA_AUTH_DISABLED;
4091 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", wpa_val);
4093 bphy_err(drvr, "wpa_auth error %d\n", err);
4100 static bool brcmf_valid_wpa_oui(u8 *oui, bool is_rsn_ie)
4103 return (memcmp(oui, RSN_OUI, TLV_OUI_LEN) == 0);
4105 return (memcmp(oui, WPA_OUI, TLV_OUI_LEN) == 0);
4109 brcmf_configure_wpaie(struct brcmf_if *ifp,
4110 const struct brcmf_vs_tlv *wpa_ie,
4113 struct brcmf_pub *drvr = ifp->drvr;
4114 u32 auth = 0; /* d11 open authentication */
4126 u32 wme_bss_disable;
4129 brcmf_dbg(TRACE, "Enter\n");
4133 len = wpa_ie->len + TLV_HDR_LEN;
4134 data = (u8 *)wpa_ie;
4135 offset = TLV_HDR_LEN;
4137 offset += VS_IE_FIXED_HDR_LEN;
4139 offset += WPA_IE_VERSION_LEN;
4141 /* check for multicast cipher suite */
4142 if (offset + WPA_IE_MIN_OUI_LEN > len) {
4144 bphy_err(drvr, "no multicast cipher suite\n");
4148 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4150 bphy_err(drvr, "ivalid OUI\n");
4153 offset += TLV_OUI_LEN;
4155 /* pick up multicast cipher */
4156 switch (data[offset]) {
4157 case WPA_CIPHER_NONE:
4160 case WPA_CIPHER_WEP_40:
4161 case WPA_CIPHER_WEP_104:
4164 case WPA_CIPHER_TKIP:
4165 gval = TKIP_ENABLED;
4167 case WPA_CIPHER_AES_CCM:
4172 bphy_err(drvr, "Invalid multi cast cipher info\n");
4177 /* walk thru unicast cipher list and pick up what we recognize */
4178 count = data[offset] + (data[offset + 1] << 8);
4179 offset += WPA_IE_SUITE_COUNT_LEN;
4180 /* Check for unicast suite(s) */
4181 if (offset + (WPA_IE_MIN_OUI_LEN * count) > len) {
4183 bphy_err(drvr, "no unicast cipher suite\n");
4186 for (i = 0; i < count; i++) {
4187 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4189 bphy_err(drvr, "ivalid OUI\n");
4192 offset += TLV_OUI_LEN;
4193 switch (data[offset]) {
4194 case WPA_CIPHER_NONE:
4196 case WPA_CIPHER_WEP_40:
4197 case WPA_CIPHER_WEP_104:
4198 pval |= WEP_ENABLED;
4200 case WPA_CIPHER_TKIP:
4201 pval |= TKIP_ENABLED;
4203 case WPA_CIPHER_AES_CCM:
4204 pval |= AES_ENABLED;
4207 bphy_err(drvr, "Invalid unicast security info\n");
4211 /* walk thru auth management suite list and pick up what we recognize */
4212 count = data[offset] + (data[offset + 1] << 8);
4213 offset += WPA_IE_SUITE_COUNT_LEN;
4214 /* Check for auth key management suite(s) */
4215 if (offset + (WPA_IE_MIN_OUI_LEN * count) > len) {
4217 bphy_err(drvr, "no auth key mgmt suite\n");
4220 for (i = 0; i < count; i++) {
4221 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4223 bphy_err(drvr, "ivalid OUI\n");
4226 offset += TLV_OUI_LEN;
4227 switch (data[offset]) {
4229 brcmf_dbg(TRACE, "RSN_AKM_NONE\n");
4230 wpa_auth |= WPA_AUTH_NONE;
4232 case RSN_AKM_UNSPECIFIED:
4233 brcmf_dbg(TRACE, "RSN_AKM_UNSPECIFIED\n");
4234 is_rsn_ie ? (wpa_auth |= WPA2_AUTH_UNSPECIFIED) :
4235 (wpa_auth |= WPA_AUTH_UNSPECIFIED);
4238 brcmf_dbg(TRACE, "RSN_AKM_PSK\n");
4239 is_rsn_ie ? (wpa_auth |= WPA2_AUTH_PSK) :
4240 (wpa_auth |= WPA_AUTH_PSK);
4242 case RSN_AKM_SHA256_PSK:
4243 brcmf_dbg(TRACE, "RSN_AKM_MFP_PSK\n");
4244 wpa_auth |= WPA2_AUTH_PSK_SHA256;
4246 case RSN_AKM_SHA256_1X:
4247 brcmf_dbg(TRACE, "RSN_AKM_MFP_1X\n");
4248 wpa_auth |= WPA2_AUTH_1X_SHA256;
4251 brcmf_dbg(TRACE, "RSN_AKM_SAE\n");
4252 wpa_auth |= WPA3_AUTH_SAE_PSK;
4255 bphy_err(drvr, "Invalid key mgmt info\n");
4260 mfp = BRCMF_MFP_NONE;
4262 wme_bss_disable = 1;
4263 if ((offset + RSN_CAP_LEN) <= len) {
4264 rsn_cap = data[offset] + (data[offset + 1] << 8);
4265 if (rsn_cap & RSN_CAP_PTK_REPLAY_CNTR_MASK)
4266 wme_bss_disable = 0;
4267 if (rsn_cap & RSN_CAP_MFPR_MASK) {
4268 brcmf_dbg(TRACE, "MFP Required\n");
4269 mfp = BRCMF_MFP_REQUIRED;
4270 /* Firmware only supports mfp required in
4271 * combination with WPA2_AUTH_PSK_SHA256,
4272 * WPA2_AUTH_1X_SHA256, or WPA3_AUTH_SAE_PSK.
4274 if (!(wpa_auth & (WPA2_AUTH_PSK_SHA256 |
4275 WPA2_AUTH_1X_SHA256 |
4276 WPA3_AUTH_SAE_PSK))) {
4280 /* Firmware has requirement that WPA2_AUTH_PSK/
4281 * WPA2_AUTH_UNSPECIFIED be set, if SHA256 OUI
4282 * is to be included in the rsn ie.
4284 if (wpa_auth & WPA2_AUTH_PSK_SHA256)
4285 wpa_auth |= WPA2_AUTH_PSK;
4286 else if (wpa_auth & WPA2_AUTH_1X_SHA256)
4287 wpa_auth |= WPA2_AUTH_UNSPECIFIED;
4288 } else if (rsn_cap & RSN_CAP_MFPC_MASK) {
4289 brcmf_dbg(TRACE, "MFP Capable\n");
4290 mfp = BRCMF_MFP_CAPABLE;
4293 offset += RSN_CAP_LEN;
4294 /* set wme_bss_disable to sync RSN Capabilities */
4295 err = brcmf_fil_bsscfg_int_set(ifp, "wme_bss_disable",
4298 bphy_err(drvr, "wme_bss_disable error %d\n", err);
4302 /* Skip PMKID cnt as it is know to be 0 for AP. */
4303 offset += RSN_PMKID_COUNT_LEN;
4305 /* See if there is BIP wpa suite left for MFP */
4306 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP) &&
4307 ((offset + WPA_IE_MIN_OUI_LEN) <= len)) {
4308 err = brcmf_fil_bsscfg_data_set(ifp, "bip",
4310 WPA_IE_MIN_OUI_LEN);
4312 bphy_err(drvr, "bip error %d\n", err);
4317 /* FOR WPS , set SES_OW_ENABLED */
4318 wsec = (pval | gval | SES_OW_ENABLED);
4321 err = brcmf_fil_bsscfg_int_set(ifp, "auth", auth);
4323 bphy_err(drvr, "auth error %d\n", err);
4327 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
4329 bphy_err(drvr, "wsec error %d\n", err);
4332 /* Configure MFP, this needs to go after wsec otherwise the wsec command
4333 * will overwrite the values set by MFP
4335 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP)) {
4336 err = brcmf_fil_bsscfg_int_set(ifp, "mfp", mfp);
4338 bphy_err(drvr, "mfp error %d\n", err);
4342 /* set upper-layer auth */
4343 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", wpa_auth);
4345 bphy_err(drvr, "wpa_auth error %d\n", err);
4354 brcmf_parse_vndr_ies(const u8 *vndr_ie_buf, u32 vndr_ie_len,
4355 struct parsed_vndr_ies *vndr_ies)
4357 struct brcmf_vs_tlv *vndrie;
4358 struct brcmf_tlv *ie;
4359 struct parsed_vndr_ie_info *parsed_info;
4362 remaining_len = (s32)vndr_ie_len;
4363 memset(vndr_ies, 0, sizeof(*vndr_ies));
4365 ie = (struct brcmf_tlv *)vndr_ie_buf;
4367 if (ie->id != WLAN_EID_VENDOR_SPECIFIC)
4369 vndrie = (struct brcmf_vs_tlv *)ie;
4370 /* len should be bigger than OUI length + one */
4371 if (vndrie->len < (VS_IE_FIXED_HDR_LEN - TLV_HDR_LEN + 1)) {
4372 brcmf_err("invalid vndr ie. length is too small %d\n",
4376 /* if wpa or wme ie, do not add ie */
4377 if (!memcmp(vndrie->oui, (u8 *)WPA_OUI, TLV_OUI_LEN) &&
4378 ((vndrie->oui_type == WPA_OUI_TYPE) ||
4379 (vndrie->oui_type == WME_OUI_TYPE))) {
4380 brcmf_dbg(TRACE, "Found WPA/WME oui. Do not add it\n");
4384 parsed_info = &vndr_ies->ie_info[vndr_ies->count];
4386 /* save vndr ie information */
4387 parsed_info->ie_ptr = (char *)vndrie;
4388 parsed_info->ie_len = vndrie->len + TLV_HDR_LEN;
4389 memcpy(&parsed_info->vndrie, vndrie, sizeof(*vndrie));
4393 brcmf_dbg(TRACE, "** OUI %3ph, type 0x%02x\n",
4394 parsed_info->vndrie.oui,
4395 parsed_info->vndrie.oui_type);
4397 if (vndr_ies->count >= VNDR_IE_PARSE_LIMIT)
4400 remaining_len -= (ie->len + TLV_HDR_LEN);
4401 if (remaining_len <= TLV_HDR_LEN)
4404 ie = (struct brcmf_tlv *)(((u8 *)ie) + ie->len +
4411 brcmf_vndr_ie(u8 *iebuf, s32 pktflag, u8 *ie_ptr, u32 ie_len, s8 *add_del_cmd)
4413 strscpy(iebuf, add_del_cmd, VNDR_IE_CMD_LEN);
4415 put_unaligned_le32(1, &iebuf[VNDR_IE_COUNT_OFFSET]);
4417 put_unaligned_le32(pktflag, &iebuf[VNDR_IE_PKTFLAG_OFFSET]);
4419 memcpy(&iebuf[VNDR_IE_VSIE_OFFSET], ie_ptr, ie_len);
4421 return ie_len + VNDR_IE_HDR_SIZE;
4424 s32 brcmf_vif_set_mgmt_ie(struct brcmf_cfg80211_vif *vif, s32 pktflag,
4425 const u8 *vndr_ie_buf, u32 vndr_ie_len)
4427 struct brcmf_pub *drvr;
4428 struct brcmf_if *ifp;
4429 struct vif_saved_ie *saved_ie;
4433 u8 *mgmt_ie_buf = NULL;
4434 int mgmt_ie_buf_len;
4436 u32 del_add_ie_buf_len = 0;
4437 u32 total_ie_buf_len = 0;
4438 u32 parsed_ie_buf_len = 0;
4439 struct parsed_vndr_ies old_vndr_ies;
4440 struct parsed_vndr_ies new_vndr_ies;
4441 struct parsed_vndr_ie_info *vndrie_info;
4444 int remained_buf_len;
4450 saved_ie = &vif->saved_ie;
4452 brcmf_dbg(TRACE, "bsscfgidx %d, pktflag : 0x%02X\n", ifp->bsscfgidx,
4454 iovar_ie_buf = kzalloc(WL_EXTRA_BUF_MAX, GFP_KERNEL);
4457 curr_ie_buf = iovar_ie_buf;
4459 case BRCMF_VNDR_IE_PRBREQ_FLAG:
4460 mgmt_ie_buf = saved_ie->probe_req_ie;
4461 mgmt_ie_len = &saved_ie->probe_req_ie_len;
4462 mgmt_ie_buf_len = sizeof(saved_ie->probe_req_ie);
4464 case BRCMF_VNDR_IE_PRBRSP_FLAG:
4465 mgmt_ie_buf = saved_ie->probe_res_ie;
4466 mgmt_ie_len = &saved_ie->probe_res_ie_len;
4467 mgmt_ie_buf_len = sizeof(saved_ie->probe_res_ie);
4469 case BRCMF_VNDR_IE_BEACON_FLAG:
4470 mgmt_ie_buf = saved_ie->beacon_ie;
4471 mgmt_ie_len = &saved_ie->beacon_ie_len;
4472 mgmt_ie_buf_len = sizeof(saved_ie->beacon_ie);
4474 case BRCMF_VNDR_IE_ASSOCREQ_FLAG:
4475 mgmt_ie_buf = saved_ie->assoc_req_ie;
4476 mgmt_ie_len = &saved_ie->assoc_req_ie_len;
4477 mgmt_ie_buf_len = sizeof(saved_ie->assoc_req_ie);
4479 case BRCMF_VNDR_IE_ASSOCRSP_FLAG:
4480 mgmt_ie_buf = saved_ie->assoc_res_ie;
4481 mgmt_ie_len = &saved_ie->assoc_res_ie_len;
4482 mgmt_ie_buf_len = sizeof(saved_ie->assoc_res_ie);
4486 bphy_err(drvr, "not suitable type\n");
4490 if (vndr_ie_len > mgmt_ie_buf_len) {
4492 bphy_err(drvr, "extra IE size too big\n");
4496 /* parse and save new vndr_ie in curr_ie_buff before comparing it */
4497 if (vndr_ie_buf && vndr_ie_len && curr_ie_buf) {
4499 brcmf_parse_vndr_ies(vndr_ie_buf, vndr_ie_len, &new_vndr_ies);
4500 for (i = 0; i < new_vndr_ies.count; i++) {
4501 vndrie_info = &new_vndr_ies.ie_info[i];
4502 memcpy(ptr + parsed_ie_buf_len, vndrie_info->ie_ptr,
4503 vndrie_info->ie_len);
4504 parsed_ie_buf_len += vndrie_info->ie_len;
4508 if (mgmt_ie_buf && *mgmt_ie_len) {
4509 if (parsed_ie_buf_len && (parsed_ie_buf_len == *mgmt_ie_len) &&
4510 (memcmp(mgmt_ie_buf, curr_ie_buf,
4511 parsed_ie_buf_len) == 0)) {
4512 brcmf_dbg(TRACE, "Previous mgmt IE equals to current IE\n");
4516 /* parse old vndr_ie */
4517 brcmf_parse_vndr_ies(mgmt_ie_buf, *mgmt_ie_len, &old_vndr_ies);
4519 /* make a command to delete old ie */
4520 for (i = 0; i < old_vndr_ies.count; i++) {
4521 vndrie_info = &old_vndr_ies.ie_info[i];
4523 brcmf_dbg(TRACE, "DEL ID : %d, Len: %d , OUI:%3ph\n",
4524 vndrie_info->vndrie.id,
4525 vndrie_info->vndrie.len,
4526 vndrie_info->vndrie.oui);
4528 del_add_ie_buf_len = brcmf_vndr_ie(curr_ie_buf, pktflag,
4529 vndrie_info->ie_ptr,
4530 vndrie_info->ie_len,
4532 curr_ie_buf += del_add_ie_buf_len;
4533 total_ie_buf_len += del_add_ie_buf_len;
4538 /* Add if there is any extra IE */
4539 if (mgmt_ie_buf && parsed_ie_buf_len) {
4542 remained_buf_len = mgmt_ie_buf_len;
4544 /* make a command to add new ie */
4545 for (i = 0; i < new_vndr_ies.count; i++) {
4546 vndrie_info = &new_vndr_ies.ie_info[i];
4548 /* verify remained buf size before copy data */
4549 if (remained_buf_len < (vndrie_info->vndrie.len +
4550 VNDR_IE_VSIE_OFFSET)) {
4551 bphy_err(drvr, "no space in mgmt_ie_buf: len left %d",
4555 remained_buf_len -= (vndrie_info->ie_len +
4556 VNDR_IE_VSIE_OFFSET);
4558 brcmf_dbg(TRACE, "ADDED ID : %d, Len: %d, OUI:%3ph\n",
4559 vndrie_info->vndrie.id,
4560 vndrie_info->vndrie.len,
4561 vndrie_info->vndrie.oui);
4563 del_add_ie_buf_len = brcmf_vndr_ie(curr_ie_buf, pktflag,
4564 vndrie_info->ie_ptr,
4565 vndrie_info->ie_len,
4568 /* save the parsed IE in wl struct */
4569 memcpy(ptr + (*mgmt_ie_len), vndrie_info->ie_ptr,
4570 vndrie_info->ie_len);
4571 *mgmt_ie_len += vndrie_info->ie_len;
4573 curr_ie_buf += del_add_ie_buf_len;
4574 total_ie_buf_len += del_add_ie_buf_len;
4577 if (total_ie_buf_len) {
4578 err = brcmf_fil_bsscfg_data_set(ifp, "vndr_ie", iovar_ie_buf,
4581 bphy_err(drvr, "vndr ie set error : %d\n", err);
4585 kfree(iovar_ie_buf);
4589 s32 brcmf_vif_clear_mgmt_ies(struct brcmf_cfg80211_vif *vif)
4592 BRCMF_VNDR_IE_PRBREQ_FLAG,
4593 BRCMF_VNDR_IE_PRBRSP_FLAG,
4594 BRCMF_VNDR_IE_BEACON_FLAG
4598 for (i = 0; i < ARRAY_SIZE(pktflags); i++)
4599 brcmf_vif_set_mgmt_ie(vif, pktflags[i], NULL, 0);
4601 memset(&vif->saved_ie, 0, sizeof(vif->saved_ie));
4606 brcmf_config_ap_mgmt_ie(struct brcmf_cfg80211_vif *vif,
4607 struct cfg80211_beacon_data *beacon)
4609 struct brcmf_pub *drvr = vif->ifp->drvr;
4612 /* Set Beacon IEs to FW */
4613 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_BEACON_FLAG,
4614 beacon->tail, beacon->tail_len);
4616 bphy_err(drvr, "Set Beacon IE Failed\n");
4619 brcmf_dbg(TRACE, "Applied Vndr IEs for Beacon\n");
4621 /* Set Probe Response IEs to FW */
4622 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_PRBRSP_FLAG,
4623 beacon->proberesp_ies,
4624 beacon->proberesp_ies_len);
4626 bphy_err(drvr, "Set Probe Resp IE Failed\n");
4628 brcmf_dbg(TRACE, "Applied Vndr IEs for Probe Resp\n");
4630 /* Set Assoc Response IEs to FW */
4631 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_ASSOCRSP_FLAG,
4632 beacon->assocresp_ies,
4633 beacon->assocresp_ies_len);
4635 brcmf_err("Set Assoc Resp IE Failed\n");
4637 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc Resp\n");
4643 brcmf_parse_configure_security(struct brcmf_if *ifp,
4644 struct cfg80211_ap_settings *settings,
4645 enum nl80211_iftype dev_role)
4647 const struct brcmf_tlv *rsn_ie;
4648 const struct brcmf_vs_tlv *wpa_ie;
4651 /* find the RSN_IE */
4652 rsn_ie = brcmf_parse_tlvs((u8 *)settings->beacon.tail,
4653 settings->beacon.tail_len, WLAN_EID_RSN);
4655 /* find the WPA_IE */
4656 wpa_ie = brcmf_find_wpaie((u8 *)settings->beacon.tail,
4657 settings->beacon.tail_len);
4659 if (wpa_ie || rsn_ie) {
4660 brcmf_dbg(TRACE, "WPA(2) IE is found\n");
4663 err = brcmf_configure_wpaie(ifp, wpa_ie, false);
4667 struct brcmf_vs_tlv *tmp_ie;
4669 tmp_ie = (struct brcmf_vs_tlv *)rsn_ie;
4672 err = brcmf_configure_wpaie(ifp, tmp_ie, true);
4677 brcmf_dbg(TRACE, "No WPA(2) IEs found\n");
4678 brcmf_configure_opensecurity(ifp);
4685 brcmf_cfg80211_start_ap(struct wiphy *wiphy, struct net_device *ndev,
4686 struct cfg80211_ap_settings *settings)
4689 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4690 struct brcmf_if *ifp = netdev_priv(ndev);
4691 struct brcmf_pub *drvr = cfg->pub;
4692 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
4693 struct cfg80211_crypto_settings *crypto = &settings->crypto;
4694 const struct brcmf_tlv *ssid_ie;
4695 const struct brcmf_tlv *country_ie;
4696 struct brcmf_ssid_le ssid_le;
4698 struct brcmf_join_params join_params;
4699 enum nl80211_iftype dev_role;
4700 struct brcmf_fil_bss_enable_le bss_enable;
4701 u16 chanspec = chandef_to_chanspec(&cfg->d11inf, &settings->chandef);
4706 brcmf_dbg(TRACE, "ctrlchn=%d, center=%d, bw=%d, beacon_interval=%d, dtim_period=%d,\n",
4707 settings->chandef.chan->hw_value,
4708 settings->chandef.center_freq1, settings->chandef.width,
4709 settings->beacon_interval, settings->dtim_period);
4710 brcmf_dbg(TRACE, "ssid=%s(%zu), auth_type=%d, inactivity_timeout=%d\n",
4711 settings->ssid, settings->ssid_len, settings->auth_type,
4712 settings->inactivity_timeout);
4713 dev_role = ifp->vif->wdev.iftype;
4714 mbss = ifp->vif->mbss;
4716 /* store current 11d setting */
4717 if (brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_REGULATORY,
4718 &ifp->vif->is_11d)) {
4719 is_11d = supports_11d = false;
4721 country_ie = brcmf_parse_tlvs((u8 *)settings->beacon.tail,
4722 settings->beacon.tail_len,
4724 is_11d = country_ie ? 1 : 0;
4725 supports_11d = true;
4728 memset(&ssid_le, 0, sizeof(ssid_le));
4729 if (settings->ssid == NULL || settings->ssid_len == 0) {
4730 ie_offset = DOT11_MGMT_HDR_LEN + DOT11_BCN_PRB_FIXED_LEN;
4731 ssid_ie = brcmf_parse_tlvs(
4732 (u8 *)&settings->beacon.head[ie_offset],
4733 settings->beacon.head_len - ie_offset,
4735 if (!ssid_ie || ssid_ie->len > IEEE80211_MAX_SSID_LEN)
4738 memcpy(ssid_le.SSID, ssid_ie->data, ssid_ie->len);
4739 ssid_le.SSID_len = cpu_to_le32(ssid_ie->len);
4740 brcmf_dbg(TRACE, "SSID is (%s) in Head\n", ssid_le.SSID);
4742 memcpy(ssid_le.SSID, settings->ssid, settings->ssid_len);
4743 ssid_le.SSID_len = cpu_to_le32((u32)settings->ssid_len);
4747 brcmf_set_mpc(ifp, 0);
4748 brcmf_configure_arp_nd_offload(ifp, false);
4751 /* Parameters shared by all radio interfaces */
4753 if ((supports_11d) && (is_11d != ifp->vif->is_11d)) {
4754 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_REGULATORY,
4757 bphy_err(drvr, "Regulatory Set Error, %d\n",
4762 if (settings->beacon_interval) {
4763 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_BCNPRD,
4764 settings->beacon_interval);
4766 bphy_err(drvr, "Beacon Interval Set Error, %d\n",
4771 if (settings->dtim_period) {
4772 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_DTIMPRD,
4773 settings->dtim_period);
4775 bphy_err(drvr, "DTIM Interval Set Error, %d\n",
4781 if ((dev_role == NL80211_IFTYPE_AP) &&
4782 ((ifp->ifidx == 0) ||
4783 (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_RSDB) &&
4784 !brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MCHAN)))) {
4785 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4787 bphy_err(drvr, "BRCMF_C_DOWN error %d\n",
4791 brcmf_fil_iovar_int_set(ifp, "apsta", 0);
4794 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_INFRA, 1);
4796 bphy_err(drvr, "SET INFRA error %d\n", err);
4799 } else if (WARN_ON(supports_11d && (is_11d != ifp->vif->is_11d))) {
4800 /* Multiple-BSS should use same 11d configuration */
4805 /* Interface specific setup */
4806 if (dev_role == NL80211_IFTYPE_AP) {
4807 if ((brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS)) && (!mbss))
4808 brcmf_fil_iovar_int_set(ifp, "mbss", 1);
4810 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_AP, 1);
4812 bphy_err(drvr, "setting AP mode failed %d\n",
4817 /* Firmware 10.x requires setting channel after enabling
4818 * AP and before bringing interface up.
4820 err = brcmf_fil_iovar_int_set(ifp, "chanspec", chanspec);
4822 bphy_err(drvr, "Set Channel failed: chspec=%d, %d\n",
4827 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1);
4829 bphy_err(drvr, "BRCMF_C_UP error (%d)\n", err);
4834 brcmf_dbg(INFO, "using PSK offload\n");
4835 profile->use_fwauth |= BIT(BRCMF_PROFILE_FWAUTH_PSK);
4836 err = brcmf_set_pmk(ifp, crypto->psk,
4837 BRCMF_WSEC_MAX_PSK_LEN);
4841 if (crypto->sae_pwd) {
4842 brcmf_dbg(INFO, "using SAE offload\n");
4843 profile->use_fwauth |= BIT(BRCMF_PROFILE_FWAUTH_SAE);
4844 err = brcmf_set_sae_password(ifp, crypto->sae_pwd,
4845 crypto->sae_pwd_len);
4849 if (profile->use_fwauth == 0)
4850 profile->use_fwauth = BIT(BRCMF_PROFILE_FWAUTH_NONE);
4852 err = brcmf_parse_configure_security(ifp, settings,
4855 bphy_err(drvr, "brcmf_parse_configure_security error\n");
4859 /* On DOWN the firmware removes the WEP keys, reconfigure
4860 * them if they were set.
4862 brcmf_cfg80211_reconfigure_wep(ifp);
4864 memset(&join_params, 0, sizeof(join_params));
4865 /* join parameters starts with ssid */
4866 memcpy(&join_params.ssid_le, &ssid_le, sizeof(ssid_le));
4868 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
4869 &join_params, sizeof(join_params));
4871 bphy_err(drvr, "SET SSID error (%d)\n", err);
4875 err = brcmf_fil_iovar_int_set(ifp, "closednet",
4876 settings->hidden_ssid);
4878 bphy_err(drvr, "%s closednet error (%d)\n",
4879 settings->hidden_ssid ?
4880 "enabled" : "disabled",
4885 brcmf_dbg(TRACE, "AP mode configuration complete\n");
4886 } else if (dev_role == NL80211_IFTYPE_P2P_GO) {
4887 err = brcmf_fil_iovar_int_set(ifp, "chanspec", chanspec);
4889 bphy_err(drvr, "Set Channel failed: chspec=%d, %d\n",
4894 err = brcmf_parse_configure_security(ifp, settings,
4895 NL80211_IFTYPE_P2P_GO);
4897 brcmf_err("brcmf_parse_configure_security error\n");
4901 err = brcmf_fil_bsscfg_data_set(ifp, "ssid", &ssid_le,
4904 bphy_err(drvr, "setting ssid failed %d\n", err);
4907 bss_enable.bsscfgidx = cpu_to_le32(ifp->bsscfgidx);
4908 bss_enable.enable = cpu_to_le32(1);
4909 err = brcmf_fil_iovar_data_set(ifp, "bss", &bss_enable,
4910 sizeof(bss_enable));
4912 bphy_err(drvr, "bss_enable config failed %d\n", err);
4916 brcmf_dbg(TRACE, "GO mode configuration complete\n");
4921 brcmf_config_ap_mgmt_ie(ifp->vif, &settings->beacon);
4922 set_bit(BRCMF_VIF_STATUS_AP_CREATED, &ifp->vif->sme_state);
4923 brcmf_net_setcarrier(ifp, true);
4926 if ((err) && (!mbss)) {
4927 brcmf_set_mpc(ifp, 1);
4928 brcmf_configure_arp_nd_offload(ifp, true);
4933 static int brcmf_cfg80211_stop_ap(struct wiphy *wiphy, struct net_device *ndev)
4935 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4936 struct brcmf_if *ifp = netdev_priv(ndev);
4937 struct brcmf_pub *drvr = cfg->pub;
4938 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
4940 struct brcmf_fil_bss_enable_le bss_enable;
4941 struct brcmf_join_params join_params;
4943 brcmf_dbg(TRACE, "Enter\n");
4945 if (ifp->vif->wdev.iftype == NL80211_IFTYPE_AP) {
4946 /* Due to most likely deauths outstanding we sleep */
4947 /* first to make sure they get processed by fw. */
4950 if (profile->use_fwauth != BIT(BRCMF_PROFILE_FWAUTH_NONE)) {
4951 if (profile->use_fwauth & BIT(BRCMF_PROFILE_FWAUTH_PSK))
4952 brcmf_set_pmk(ifp, NULL, 0);
4953 if (profile->use_fwauth & BIT(BRCMF_PROFILE_FWAUTH_SAE))
4954 brcmf_set_sae_password(ifp, NULL, 0);
4955 profile->use_fwauth = BIT(BRCMF_PROFILE_FWAUTH_NONE);
4958 if (ifp->vif->mbss) {
4959 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4963 /* First BSS doesn't get a full reset */
4964 if (ifp->bsscfgidx == 0)
4965 brcmf_fil_iovar_int_set(ifp, "closednet", 0);
4967 memset(&join_params, 0, sizeof(join_params));
4968 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
4969 &join_params, sizeof(join_params));
4971 bphy_err(drvr, "SET SSID error (%d)\n", err);
4972 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4974 bphy_err(drvr, "BRCMF_C_DOWN error %d\n", err);
4975 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_AP, 0);
4977 bphy_err(drvr, "setting AP mode failed %d\n", err);
4978 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS))
4979 brcmf_fil_iovar_int_set(ifp, "mbss", 0);
4980 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_REGULATORY,
4982 /* Bring device back up so it can be used again */
4983 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1);
4985 bphy_err(drvr, "BRCMF_C_UP error %d\n", err);
4987 brcmf_vif_clear_mgmt_ies(ifp->vif);
4989 bss_enable.bsscfgidx = cpu_to_le32(ifp->bsscfgidx);
4990 bss_enable.enable = cpu_to_le32(0);
4991 err = brcmf_fil_iovar_data_set(ifp, "bss", &bss_enable,
4992 sizeof(bss_enable));
4994 bphy_err(drvr, "bss_enable config failed %d\n", err);
4996 brcmf_set_mpc(ifp, 1);
4997 brcmf_configure_arp_nd_offload(ifp, true);
4998 clear_bit(BRCMF_VIF_STATUS_AP_CREATED, &ifp->vif->sme_state);
4999 brcmf_net_setcarrier(ifp, false);
5005 brcmf_cfg80211_change_beacon(struct wiphy *wiphy, struct net_device *ndev,
5006 struct cfg80211_beacon_data *info)
5008 struct brcmf_if *ifp = netdev_priv(ndev);
5011 brcmf_dbg(TRACE, "Enter\n");
5013 err = brcmf_config_ap_mgmt_ie(ifp->vif, info);
5019 brcmf_cfg80211_del_station(struct wiphy *wiphy, struct net_device *ndev,
5020 struct station_del_parameters *params)
5022 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5023 struct brcmf_pub *drvr = cfg->pub;
5024 struct brcmf_scb_val_le scbval;
5025 struct brcmf_if *ifp = netdev_priv(ndev);
5031 brcmf_dbg(TRACE, "Enter %pM\n", params->mac);
5033 if (ifp->vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif)
5034 ifp = cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif->ifp;
5035 if (!check_vif_up(ifp->vif))
5038 memcpy(&scbval.ea, params->mac, ETH_ALEN);
5039 scbval.val = cpu_to_le32(params->reason_code);
5040 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SCB_DEAUTHENTICATE_FOR_REASON,
5041 &scbval, sizeof(scbval));
5043 bphy_err(drvr, "SCB_DEAUTHENTICATE_FOR_REASON failed %d\n",
5046 brcmf_dbg(TRACE, "Exit\n");
5051 brcmf_cfg80211_change_station(struct wiphy *wiphy, struct net_device *ndev,
5052 const u8 *mac, struct station_parameters *params)
5054 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5055 struct brcmf_pub *drvr = cfg->pub;
5056 struct brcmf_if *ifp = netdev_priv(ndev);
5059 brcmf_dbg(TRACE, "Enter, MAC %pM, mask 0x%04x set 0x%04x\n", mac,
5060 params->sta_flags_mask, params->sta_flags_set);
5062 /* Ignore all 00 MAC */
5063 if (is_zero_ether_addr(mac))
5066 if (!(params->sta_flags_mask & BIT(NL80211_STA_FLAG_AUTHORIZED)))
5069 if (params->sta_flags_set & BIT(NL80211_STA_FLAG_AUTHORIZED))
5070 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SCB_AUTHORIZE,
5071 (void *)mac, ETH_ALEN);
5073 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SCB_DEAUTHORIZE,
5074 (void *)mac, ETH_ALEN);
5076 bphy_err(drvr, "Setting SCB (de-)authorize failed, %d\n", err);
5082 brcmf_cfg80211_update_mgmt_frame_registrations(struct wiphy *wiphy,
5083 struct wireless_dev *wdev,
5084 struct mgmt_frame_regs *upd)
5086 struct brcmf_cfg80211_vif *vif;
5088 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5090 vif->mgmt_rx_reg = upd->interface_stypes;
5095 brcmf_cfg80211_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev,
5096 struct cfg80211_mgmt_tx_params *params, u64 *cookie)
5098 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5099 struct ieee80211_channel *chan = params->chan;
5100 struct brcmf_pub *drvr = cfg->pub;
5101 const u8 *buf = params->buf;
5102 size_t len = params->len;
5103 const struct ieee80211_mgmt *mgmt;
5104 struct brcmf_cfg80211_vif *vif;
5108 struct brcmf_fil_action_frame_le *action_frame;
5109 struct brcmf_fil_af_params_le *af_params;
5114 brcmf_dbg(TRACE, "Enter\n");
5118 mgmt = (const struct ieee80211_mgmt *)buf;
5120 if (!ieee80211_is_mgmt(mgmt->frame_control)) {
5121 bphy_err(drvr, "Driver only allows MGMT packet type\n");
5125 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5127 if (ieee80211_is_probe_resp(mgmt->frame_control)) {
5128 /* Right now the only reason to get a probe response */
5129 /* is for p2p listen response or for p2p GO from */
5130 /* wpa_supplicant. Unfortunately the probe is send */
5131 /* on primary ndev, while dongle wants it on the p2p */
5132 /* vif. Since this is only reason for a probe */
5133 /* response to be sent, the vif is taken from cfg. */
5134 /* If ever desired to send proberesp for non p2p */
5135 /* response then data should be checked for */
5136 /* "DIRECT-". Note in future supplicant will take */
5137 /* dedicated p2p wdev to do this and then this 'hack'*/
5138 /* is not needed anymore. */
5139 ie_offset = DOT11_MGMT_HDR_LEN +
5140 DOT11_BCN_PRB_FIXED_LEN;
5141 ie_len = len - ie_offset;
5142 if (vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif)
5143 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
5144 err = brcmf_vif_set_mgmt_ie(vif,
5145 BRCMF_VNDR_IE_PRBRSP_FLAG,
5148 cfg80211_mgmt_tx_status(wdev, *cookie, buf, len, true,
5150 } else if (ieee80211_is_action(mgmt->frame_control)) {
5151 if (len > BRCMF_FIL_ACTION_FRAME_SIZE + DOT11_MGMT_HDR_LEN) {
5152 bphy_err(drvr, "invalid action frame length\n");
5156 af_params = kzalloc(sizeof(*af_params), GFP_KERNEL);
5157 if (af_params == NULL) {
5158 bphy_err(drvr, "unable to allocate frame\n");
5162 action_frame = &af_params->action_frame;
5163 /* Add the packet Id */
5164 action_frame->packet_id = cpu_to_le32(*cookie);
5166 memcpy(&action_frame->da[0], &mgmt->da[0], ETH_ALEN);
5167 memcpy(&af_params->bssid[0], &mgmt->bssid[0], ETH_ALEN);
5168 /* Add the length exepted for 802.11 header */
5169 action_frame->len = cpu_to_le16(len - DOT11_MGMT_HDR_LEN);
5170 /* Add the channel. Use the one specified as parameter if any or
5171 * the current one (got from the firmware) otherwise
5174 freq = chan->center_freq;
5176 brcmf_fil_cmd_int_get(vif->ifp, BRCMF_C_GET_CHANNEL,
5178 chan_nr = ieee80211_frequency_to_channel(freq);
5179 af_params->channel = cpu_to_le32(chan_nr);
5180 af_params->dwell_time = cpu_to_le32(params->wait);
5181 memcpy(action_frame->data, &buf[DOT11_MGMT_HDR_LEN],
5182 le16_to_cpu(action_frame->len));
5184 brcmf_dbg(TRACE, "Action frame, cookie=%lld, len=%d, freq=%d\n",
5185 *cookie, le16_to_cpu(action_frame->len), freq);
5187 ack = brcmf_p2p_send_action_frame(cfg, cfg_to_ndev(cfg),
5190 cfg80211_mgmt_tx_status(wdev, *cookie, buf, len, ack,
5194 brcmf_dbg(TRACE, "Unhandled, fc=%04x!!\n", mgmt->frame_control);
5195 brcmf_dbg_hex_dump(true, buf, len, "payload, len=%zu\n", len);
5202 static int brcmf_cfg80211_set_cqm_rssi_range_config(struct wiphy *wiphy,
5203 struct net_device *ndev,
5204 s32 rssi_low, s32 rssi_high)
5206 struct brcmf_cfg80211_vif *vif;
5207 struct brcmf_if *ifp;
5210 brcmf_dbg(TRACE, "low=%d high=%d", rssi_low, rssi_high);
5212 ifp = netdev_priv(ndev);
5215 if (rssi_low != vif->cqm_rssi_low || rssi_high != vif->cqm_rssi_high) {
5216 /* The firmware will send an event when the RSSI is less than or
5217 * equal to a configured level and the previous RSSI event was
5218 * less than or equal to a different level. Set a third level
5219 * so that we also detect the transition from rssi <= rssi_high
5220 * to rssi > rssi_high.
5222 struct brcmf_rssi_event_le config = {
5223 .rate_limit_msec = cpu_to_le32(0),
5224 .rssi_level_num = 3,
5226 clamp_val(rssi_low, S8_MIN, S8_MAX - 2),
5227 clamp_val(rssi_high, S8_MIN + 1, S8_MAX - 1),
5232 err = brcmf_fil_iovar_data_set(ifp, "rssi_event", &config,
5237 vif->cqm_rssi_low = rssi_low;
5238 vif->cqm_rssi_high = rssi_high;
5246 brcmf_cfg80211_cancel_remain_on_channel(struct wiphy *wiphy,
5247 struct wireless_dev *wdev,
5250 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5251 struct brcmf_pub *drvr = cfg->pub;
5252 struct brcmf_cfg80211_vif *vif;
5255 brcmf_dbg(TRACE, "Enter p2p listen cancel\n");
5257 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
5259 bphy_err(drvr, "No p2p device available for probe response\n");
5263 brcmf_p2p_cancel_remain_on_channel(vif->ifp);
5268 static int brcmf_cfg80211_get_channel(struct wiphy *wiphy,
5269 struct wireless_dev *wdev,
5270 struct cfg80211_chan_def *chandef)
5272 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5273 struct net_device *ndev = wdev->netdev;
5274 struct brcmf_pub *drvr = cfg->pub;
5275 struct brcmu_chan ch;
5276 enum nl80211_band band = 0;
5277 enum nl80211_chan_width width = 0;
5281 if (!ndev || drvr->bus_if->state != BRCMF_BUS_UP)
5284 err = brcmf_fil_iovar_int_get(netdev_priv(ndev), "chanspec", &chanspec);
5286 bphy_err(drvr, "chanspec failed (%d)\n", err);
5290 ch.chspec = chanspec;
5291 cfg->d11inf.decchspec(&ch);
5294 case BRCMU_CHAN_BAND_2G:
5295 band = NL80211_BAND_2GHZ;
5297 case BRCMU_CHAN_BAND_5G:
5298 band = NL80211_BAND_5GHZ;
5303 case BRCMU_CHAN_BW_80:
5304 width = NL80211_CHAN_WIDTH_80;
5306 case BRCMU_CHAN_BW_40:
5307 width = NL80211_CHAN_WIDTH_40;
5309 case BRCMU_CHAN_BW_20:
5310 width = NL80211_CHAN_WIDTH_20;
5312 case BRCMU_CHAN_BW_80P80:
5313 width = NL80211_CHAN_WIDTH_80P80;
5315 case BRCMU_CHAN_BW_160:
5316 width = NL80211_CHAN_WIDTH_160;
5320 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band);
5321 chandef->chan = ieee80211_get_channel(wiphy, freq);
5322 chandef->width = width;
5323 chandef->center_freq1 = ieee80211_channel_to_frequency(ch.chnum, band);
5324 chandef->center_freq2 = 0;
5329 static int brcmf_cfg80211_crit_proto_start(struct wiphy *wiphy,
5330 struct wireless_dev *wdev,
5331 enum nl80211_crit_proto_id proto,
5334 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5335 struct brcmf_cfg80211_vif *vif;
5337 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5339 /* only DHCP support for now */
5340 if (proto != NL80211_CRIT_PROTO_DHCP)
5343 /* suppress and abort scanning */
5344 set_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
5345 brcmf_abort_scanning(cfg);
5347 return brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_DISABLED, duration);
5350 static void brcmf_cfg80211_crit_proto_stop(struct wiphy *wiphy,
5351 struct wireless_dev *wdev)
5353 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5354 struct brcmf_cfg80211_vif *vif;
5356 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5358 brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_ENABLED, 0);
5359 clear_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
5363 brcmf_notify_tdls_peer_event(struct brcmf_if *ifp,
5364 const struct brcmf_event_msg *e, void *data)
5366 switch (e->reason) {
5367 case BRCMF_E_REASON_TDLS_PEER_DISCOVERED:
5368 brcmf_dbg(TRACE, "TDLS Peer Discovered\n");
5370 case BRCMF_E_REASON_TDLS_PEER_CONNECTED:
5371 brcmf_dbg(TRACE, "TDLS Peer Connected\n");
5372 brcmf_proto_add_tdls_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
5374 case BRCMF_E_REASON_TDLS_PEER_DISCONNECTED:
5375 brcmf_dbg(TRACE, "TDLS Peer Disconnected\n");
5376 brcmf_proto_delete_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
5383 static int brcmf_convert_nl80211_tdls_oper(enum nl80211_tdls_operation oper)
5388 case NL80211_TDLS_DISCOVERY_REQ:
5389 ret = BRCMF_TDLS_MANUAL_EP_DISCOVERY;
5391 case NL80211_TDLS_SETUP:
5392 ret = BRCMF_TDLS_MANUAL_EP_CREATE;
5394 case NL80211_TDLS_TEARDOWN:
5395 ret = BRCMF_TDLS_MANUAL_EP_DELETE;
5398 brcmf_err("unsupported operation: %d\n", oper);
5404 static int brcmf_cfg80211_tdls_oper(struct wiphy *wiphy,
5405 struct net_device *ndev, const u8 *peer,
5406 enum nl80211_tdls_operation oper)
5408 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5409 struct brcmf_pub *drvr = cfg->pub;
5410 struct brcmf_if *ifp;
5411 struct brcmf_tdls_iovar_le info;
5414 ret = brcmf_convert_nl80211_tdls_oper(oper);
5418 ifp = netdev_priv(ndev);
5419 memset(&info, 0, sizeof(info));
5420 info.mode = (u8)ret;
5422 memcpy(info.ea, peer, ETH_ALEN);
5424 ret = brcmf_fil_iovar_data_set(ifp, "tdls_endpoint",
5425 &info, sizeof(info));
5427 bphy_err(drvr, "tdls_endpoint iovar failed: ret=%d\n", ret);
5433 brcmf_cfg80211_update_conn_params(struct wiphy *wiphy,
5434 struct net_device *ndev,
5435 struct cfg80211_connect_params *sme,
5438 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5439 struct brcmf_pub *drvr = cfg->pub;
5440 struct brcmf_if *ifp;
5443 if (!(changed & UPDATE_ASSOC_IES))
5446 ifp = netdev_priv(ndev);
5447 err = brcmf_vif_set_mgmt_ie(ifp->vif, BRCMF_VNDR_IE_ASSOCREQ_FLAG,
5448 sme->ie, sme->ie_len);
5450 bphy_err(drvr, "Set Assoc REQ IE Failed\n");
5452 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc request\n");
5459 brcmf_cfg80211_set_rekey_data(struct wiphy *wiphy, struct net_device *ndev,
5460 struct cfg80211_gtk_rekey_data *gtk)
5462 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5463 struct brcmf_pub *drvr = cfg->pub;
5464 struct brcmf_if *ifp = netdev_priv(ndev);
5465 struct brcmf_gtk_keyinfo_le gtk_le;
5468 brcmf_dbg(TRACE, "Enter, bssidx=%d\n", ifp->bsscfgidx);
5470 memcpy(gtk_le.kck, gtk->kck, sizeof(gtk_le.kck));
5471 memcpy(gtk_le.kek, gtk->kek, sizeof(gtk_le.kek));
5472 memcpy(gtk_le.replay_counter, gtk->replay_ctr,
5473 sizeof(gtk_le.replay_counter));
5475 ret = brcmf_fil_iovar_data_set(ifp, "gtk_key_info", >k_le,
5478 bphy_err(drvr, "gtk_key_info iovar failed: ret=%d\n", ret);
5484 static int brcmf_cfg80211_set_pmk(struct wiphy *wiphy, struct net_device *dev,
5485 const struct cfg80211_pmk_conf *conf)
5487 struct brcmf_if *ifp;
5489 brcmf_dbg(TRACE, "enter\n");
5491 /* expect using firmware supplicant for 1X */
5492 ifp = netdev_priv(dev);
5493 if (WARN_ON(ifp->vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_1X))
5496 if (conf->pmk_len > BRCMF_WSEC_MAX_PSK_LEN)
5499 return brcmf_set_pmk(ifp, conf->pmk, conf->pmk_len);
5502 static int brcmf_cfg80211_del_pmk(struct wiphy *wiphy, struct net_device *dev,
5505 struct brcmf_if *ifp;
5507 brcmf_dbg(TRACE, "enter\n");
5508 ifp = netdev_priv(dev);
5509 if (WARN_ON(ifp->vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_1X))
5512 return brcmf_set_pmk(ifp, NULL, 0);
5515 static struct cfg80211_ops brcmf_cfg80211_ops = {
5516 .add_virtual_intf = brcmf_cfg80211_add_iface,
5517 .del_virtual_intf = brcmf_cfg80211_del_iface,
5518 .change_virtual_intf = brcmf_cfg80211_change_iface,
5519 .scan = brcmf_cfg80211_scan,
5520 .set_wiphy_params = brcmf_cfg80211_set_wiphy_params,
5521 .join_ibss = brcmf_cfg80211_join_ibss,
5522 .leave_ibss = brcmf_cfg80211_leave_ibss,
5523 .get_station = brcmf_cfg80211_get_station,
5524 .dump_station = brcmf_cfg80211_dump_station,
5525 .set_tx_power = brcmf_cfg80211_set_tx_power,
5526 .get_tx_power = brcmf_cfg80211_get_tx_power,
5527 .add_key = brcmf_cfg80211_add_key,
5528 .del_key = brcmf_cfg80211_del_key,
5529 .get_key = brcmf_cfg80211_get_key,
5530 .set_default_key = brcmf_cfg80211_config_default_key,
5531 .set_default_mgmt_key = brcmf_cfg80211_config_default_mgmt_key,
5532 .set_power_mgmt = brcmf_cfg80211_set_power_mgmt,
5533 .connect = brcmf_cfg80211_connect,
5534 .disconnect = brcmf_cfg80211_disconnect,
5535 .suspend = brcmf_cfg80211_suspend,
5536 .resume = brcmf_cfg80211_resume,
5537 .set_pmksa = brcmf_cfg80211_set_pmksa,
5538 .del_pmksa = brcmf_cfg80211_del_pmksa,
5539 .flush_pmksa = brcmf_cfg80211_flush_pmksa,
5540 .start_ap = brcmf_cfg80211_start_ap,
5541 .stop_ap = brcmf_cfg80211_stop_ap,
5542 .change_beacon = brcmf_cfg80211_change_beacon,
5543 .del_station = brcmf_cfg80211_del_station,
5544 .change_station = brcmf_cfg80211_change_station,
5545 .sched_scan_start = brcmf_cfg80211_sched_scan_start,
5546 .sched_scan_stop = brcmf_cfg80211_sched_scan_stop,
5547 .update_mgmt_frame_registrations =
5548 brcmf_cfg80211_update_mgmt_frame_registrations,
5549 .mgmt_tx = brcmf_cfg80211_mgmt_tx,
5550 .set_cqm_rssi_range_config = brcmf_cfg80211_set_cqm_rssi_range_config,
5551 .remain_on_channel = brcmf_p2p_remain_on_channel,
5552 .cancel_remain_on_channel = brcmf_cfg80211_cancel_remain_on_channel,
5553 .get_channel = brcmf_cfg80211_get_channel,
5554 .start_p2p_device = brcmf_p2p_start_device,
5555 .stop_p2p_device = brcmf_p2p_stop_device,
5556 .crit_proto_start = brcmf_cfg80211_crit_proto_start,
5557 .crit_proto_stop = brcmf_cfg80211_crit_proto_stop,
5558 .tdls_oper = brcmf_cfg80211_tdls_oper,
5559 .update_connect_params = brcmf_cfg80211_update_conn_params,
5560 .set_pmk = brcmf_cfg80211_set_pmk,
5561 .del_pmk = brcmf_cfg80211_del_pmk,
5564 struct cfg80211_ops *brcmf_cfg80211_get_ops(struct brcmf_mp_device *settings)
5566 struct cfg80211_ops *ops;
5568 ops = kmemdup(&brcmf_cfg80211_ops, sizeof(brcmf_cfg80211_ops),
5571 if (ops && settings->roamoff)
5572 ops->update_connect_params = NULL;
5577 struct brcmf_cfg80211_vif *brcmf_alloc_vif(struct brcmf_cfg80211_info *cfg,
5578 enum nl80211_iftype type)
5580 struct brcmf_cfg80211_vif *vif_walk;
5581 struct brcmf_cfg80211_vif *vif;
5583 struct brcmf_if *ifp = brcmf_get_ifp(cfg->pub, 0);
5585 brcmf_dbg(TRACE, "allocating virtual interface (size=%zu)\n",
5587 vif = kzalloc(sizeof(*vif), GFP_KERNEL);
5589 return ERR_PTR(-ENOMEM);
5591 vif->wdev.wiphy = cfg->wiphy;
5592 vif->wdev.iftype = type;
5594 brcmf_init_prof(&vif->profile);
5596 if (type == NL80211_IFTYPE_AP &&
5597 brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS)) {
5599 list_for_each_entry(vif_walk, &cfg->vif_list, list) {
5600 if (vif_walk->wdev.iftype == NL80211_IFTYPE_AP) {
5608 list_add_tail(&vif->list, &cfg->vif_list);
5612 void brcmf_free_vif(struct brcmf_cfg80211_vif *vif)
5614 list_del(&vif->list);
5618 void brcmf_cfg80211_free_netdev(struct net_device *ndev)
5620 struct brcmf_cfg80211_vif *vif;
5621 struct brcmf_if *ifp;
5623 ifp = netdev_priv(ndev);
5627 brcmf_free_vif(vif);
5630 static bool brcmf_is_linkup(struct brcmf_cfg80211_vif *vif,
5631 const struct brcmf_event_msg *e)
5633 u32 event = e->event_code;
5634 u32 status = e->status;
5636 if ((vif->profile.use_fwsup == BRCMF_PROFILE_FWSUP_PSK ||
5637 vif->profile.use_fwsup == BRCMF_PROFILE_FWSUP_SAE) &&
5638 event == BRCMF_E_PSK_SUP &&
5639 status == BRCMF_E_STATUS_FWSUP_COMPLETED)
5640 set_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
5641 if (event == BRCMF_E_SET_SSID && status == BRCMF_E_STATUS_SUCCESS) {
5642 brcmf_dbg(CONN, "Processing set ssid\n");
5643 memcpy(vif->profile.bssid, e->addr, ETH_ALEN);
5644 if (vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_PSK &&
5645 vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_SAE)
5648 set_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
5651 if (test_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state) &&
5652 test_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state)) {
5653 clear_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
5654 clear_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
5660 static bool brcmf_is_linkdown(struct brcmf_cfg80211_vif *vif,
5661 const struct brcmf_event_msg *e)
5663 u32 event = e->event_code;
5664 u16 flags = e->flags;
5666 if ((event == BRCMF_E_DEAUTH) || (event == BRCMF_E_DEAUTH_IND) ||
5667 (event == BRCMF_E_DISASSOC_IND) ||
5668 ((event == BRCMF_E_LINK) && (!(flags & BRCMF_EVENT_MSG_LINK)))) {
5669 brcmf_dbg(CONN, "Processing link down\n");
5670 clear_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
5671 clear_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
5677 static bool brcmf_is_nonetwork(struct brcmf_cfg80211_info *cfg,
5678 const struct brcmf_event_msg *e)
5680 u32 event = e->event_code;
5681 u32 status = e->status;
5683 if (event == BRCMF_E_LINK && status == BRCMF_E_STATUS_NO_NETWORKS) {
5684 brcmf_dbg(CONN, "Processing Link %s & no network found\n",
5685 e->flags & BRCMF_EVENT_MSG_LINK ? "up" : "down");
5689 if (event == BRCMF_E_SET_SSID && status != BRCMF_E_STATUS_SUCCESS) {
5690 brcmf_dbg(CONN, "Processing connecting & no network found\n");
5694 if (event == BRCMF_E_PSK_SUP &&
5695 status != BRCMF_E_STATUS_FWSUP_COMPLETED) {
5696 brcmf_dbg(CONN, "Processing failed supplicant state: %u\n",
5704 static void brcmf_clear_assoc_ies(struct brcmf_cfg80211_info *cfg)
5706 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5708 kfree(conn_info->req_ie);
5709 conn_info->req_ie = NULL;
5710 conn_info->req_ie_len = 0;
5711 kfree(conn_info->resp_ie);
5712 conn_info->resp_ie = NULL;
5713 conn_info->resp_ie_len = 0;
5716 u8 brcmf_map_prio_to_prec(void *config, u8 prio)
5718 struct brcmf_cfg80211_info *cfg = (struct brcmf_cfg80211_info *)config;
5721 return (prio == PRIO_8021D_NONE || prio == PRIO_8021D_BE) ?
5724 /* For those AC(s) with ACM flag set to 1, convert its 4-level priority
5725 * to an 8-level precedence which is the same as BE's
5727 if (prio > PRIO_8021D_EE &&
5728 cfg->ac_priority[prio] == cfg->ac_priority[PRIO_8021D_BE])
5729 return cfg->ac_priority[prio] * 2;
5731 /* Conversion of 4-level priority to 8-level precedence */
5732 if (prio == PRIO_8021D_BE || prio == PRIO_8021D_BK ||
5733 prio == PRIO_8021D_CL || prio == PRIO_8021D_VO)
5734 return cfg->ac_priority[prio] * 2;
5736 return cfg->ac_priority[prio] * 2 + 1;
5739 u8 brcmf_map_prio_to_aci(void *config, u8 prio)
5741 /* Prio here refers to the 802.1d priority in range of 0 to 7.
5742 * ACI here refers to the WLAN AC Index in range of 0 to 3.
5743 * This function will return ACI corresponding to input prio.
5745 struct brcmf_cfg80211_info *cfg = (struct brcmf_cfg80211_info *)config;
5748 return cfg->ac_priority[prio];
5753 static void brcmf_init_wmm_prio(u8 *priority)
5755 /* Initialize AC priority array to default
5756 * 802.1d priority as per following table:
5757 * 802.1d prio 0,3 maps to BE
5758 * 802.1d prio 1,2 maps to BK
5759 * 802.1d prio 4,5 maps to VI
5760 * 802.1d prio 6,7 maps to VO
5762 priority[0] = BRCMF_FWS_FIFO_AC_BE;
5763 priority[3] = BRCMF_FWS_FIFO_AC_BE;
5764 priority[1] = BRCMF_FWS_FIFO_AC_BK;
5765 priority[2] = BRCMF_FWS_FIFO_AC_BK;
5766 priority[4] = BRCMF_FWS_FIFO_AC_VI;
5767 priority[5] = BRCMF_FWS_FIFO_AC_VI;
5768 priority[6] = BRCMF_FWS_FIFO_AC_VO;
5769 priority[7] = BRCMF_FWS_FIFO_AC_VO;
5772 static void brcmf_wifi_prioritize_acparams(const
5773 struct brcmf_cfg80211_edcf_acparam *acp, u8 *priority)
5780 u8 ranking_basis[EDCF_AC_COUNT];
5781 u8 aci_prio[EDCF_AC_COUNT]; /* AC_BE, AC_BK, AC_VI, AC_VO */
5784 for (aci = 0; aci < EDCF_AC_COUNT; aci++, acp++) {
5785 aifsn = acp->ACI & EDCF_AIFSN_MASK;
5786 acm = (acp->ACI & EDCF_ACM_MASK) ? 1 : 0;
5787 ecwmin = acp->ECW & EDCF_ECWMIN_MASK;
5788 ecwmax = (acp->ECW & EDCF_ECWMAX_MASK) >> EDCF_ECWMAX_SHIFT;
5789 brcmf_dbg(CONN, "ACI %d aifsn %d acm %d ecwmin %d ecwmax %d\n",
5790 aci, aifsn, acm, ecwmin, ecwmax);
5791 /* Default AC_VO will be the lowest ranking value */
5792 ranking_basis[aci] = aifsn + ecwmin + ecwmax;
5793 /* Initialise priority starting at 0 (AC_BE) */
5796 /* If ACM is set, STA can't use this AC as per 802.11.
5797 * Change the ranking to BE
5799 if (aci != AC_BE && aci != AC_BK && acm == 1)
5800 ranking_basis[aci] = ranking_basis[AC_BE];
5803 /* Ranking method which works for AC priority
5804 * swapping when values for cwmin, cwmax and aifsn are varied
5805 * Compare each aci_prio against each other aci_prio
5807 for (aci = 0; aci < EDCF_AC_COUNT; aci++) {
5808 for (index = 0; index < EDCF_AC_COUNT; index++) {
5810 /* Smaller ranking value has higher priority,
5811 * so increment priority for each ACI which has
5812 * a higher ranking value
5814 if (ranking_basis[aci] < ranking_basis[index])
5820 /* By now, aci_prio[] will be in range of 0 to 3.
5821 * Use ACI prio to get the new priority value for
5822 * each 802.1d traffic type, in this range.
5824 if (!(aci_prio[AC_BE] == aci_prio[AC_BK] &&
5825 aci_prio[AC_BK] == aci_prio[AC_VI] &&
5826 aci_prio[AC_VI] == aci_prio[AC_VO])) {
5827 /* 802.1d 0,3 maps to BE */
5828 priority[0] = aci_prio[AC_BE];
5829 priority[3] = aci_prio[AC_BE];
5831 /* 802.1d 1,2 maps to BK */
5832 priority[1] = aci_prio[AC_BK];
5833 priority[2] = aci_prio[AC_BK];
5835 /* 802.1d 4,5 maps to VO */
5836 priority[4] = aci_prio[AC_VI];
5837 priority[5] = aci_prio[AC_VI];
5839 /* 802.1d 6,7 maps to VO */
5840 priority[6] = aci_prio[AC_VO];
5841 priority[7] = aci_prio[AC_VO];
5843 /* Initialize to default priority */
5844 brcmf_init_wmm_prio(priority);
5847 brcmf_dbg(CONN, "Adj prio BE 0->%d, BK 1->%d, BK 2->%d, BE 3->%d\n",
5848 priority[0], priority[1], priority[2], priority[3]);
5850 brcmf_dbg(CONN, "Adj prio VI 4->%d, VI 5->%d, VO 6->%d, VO 7->%d\n",
5851 priority[4], priority[5], priority[6], priority[7]);
5854 static s32 brcmf_get_assoc_ies(struct brcmf_cfg80211_info *cfg,
5855 struct brcmf_if *ifp)
5857 struct brcmf_pub *drvr = cfg->pub;
5858 struct brcmf_cfg80211_assoc_ielen_le *assoc_info;
5859 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5860 struct brcmf_cfg80211_edcf_acparam edcf_acparam_info[EDCF_AC_COUNT];
5865 brcmf_clear_assoc_ies(cfg);
5867 err = brcmf_fil_iovar_data_get(ifp, "assoc_info",
5868 cfg->extra_buf, WL_ASSOC_INFO_MAX);
5870 bphy_err(drvr, "could not get assoc info (%d)\n", err);
5874 (struct brcmf_cfg80211_assoc_ielen_le *)cfg->extra_buf;
5875 req_len = le32_to_cpu(assoc_info->req_len);
5876 resp_len = le32_to_cpu(assoc_info->resp_len);
5878 err = brcmf_fil_iovar_data_get(ifp, "assoc_req_ies",
5882 bphy_err(drvr, "could not get assoc req (%d)\n", err);
5885 conn_info->req_ie_len = req_len;
5887 kmemdup(cfg->extra_buf, conn_info->req_ie_len,
5889 if (!conn_info->req_ie)
5890 conn_info->req_ie_len = 0;
5892 conn_info->req_ie_len = 0;
5893 conn_info->req_ie = NULL;
5896 err = brcmf_fil_iovar_data_get(ifp, "assoc_resp_ies",
5900 bphy_err(drvr, "could not get assoc resp (%d)\n", err);
5903 conn_info->resp_ie_len = resp_len;
5904 conn_info->resp_ie =
5905 kmemdup(cfg->extra_buf, conn_info->resp_ie_len,
5907 if (!conn_info->resp_ie)
5908 conn_info->resp_ie_len = 0;
5910 err = brcmf_fil_iovar_data_get(ifp, "wme_ac_sta",
5912 sizeof(edcf_acparam_info));
5914 brcmf_err("could not get wme_ac_sta (%d)\n", err);
5918 brcmf_wifi_prioritize_acparams(edcf_acparam_info,
5921 conn_info->resp_ie_len = 0;
5922 conn_info->resp_ie = NULL;
5924 brcmf_dbg(CONN, "req len (%d) resp len (%d)\n",
5925 conn_info->req_ie_len, conn_info->resp_ie_len);
5931 brcmf_bss_roaming_done(struct brcmf_cfg80211_info *cfg,
5932 struct net_device *ndev,
5933 const struct brcmf_event_msg *e)
5935 struct brcmf_if *ifp = netdev_priv(ndev);
5936 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
5937 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5938 struct wiphy *wiphy = cfg_to_wiphy(cfg);
5939 struct ieee80211_channel *notify_channel = NULL;
5940 struct ieee80211_supported_band *band;
5941 struct brcmf_bss_info_le *bi;
5942 struct brcmu_chan ch;
5943 struct cfg80211_roam_info roam_info = {};
5948 brcmf_dbg(TRACE, "Enter\n");
5950 brcmf_get_assoc_ies(cfg, ifp);
5951 memcpy(profile->bssid, e->addr, ETH_ALEN);
5952 brcmf_update_bss_info(cfg, ifp);
5954 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
5960 /* data sent to dongle has to be little endian */
5961 *(__le32 *)buf = cpu_to_le32(WL_BSS_INFO_MAX);
5962 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO,
5963 buf, WL_BSS_INFO_MAX);
5968 bi = (struct brcmf_bss_info_le *)(buf + 4);
5969 ch.chspec = le16_to_cpu(bi->chanspec);
5970 cfg->d11inf.decchspec(&ch);
5972 if (ch.band == BRCMU_CHAN_BAND_2G)
5973 band = wiphy->bands[NL80211_BAND_2GHZ];
5975 band = wiphy->bands[NL80211_BAND_5GHZ];
5977 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band->band);
5978 notify_channel = ieee80211_get_channel(wiphy, freq);
5983 roam_info.channel = notify_channel;
5984 roam_info.bssid = profile->bssid;
5985 roam_info.req_ie = conn_info->req_ie;
5986 roam_info.req_ie_len = conn_info->req_ie_len;
5987 roam_info.resp_ie = conn_info->resp_ie;
5988 roam_info.resp_ie_len = conn_info->resp_ie_len;
5990 cfg80211_roamed(ndev, &roam_info, GFP_KERNEL);
5991 brcmf_dbg(CONN, "Report roaming result\n");
5993 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_1X && profile->is_ft) {
5994 cfg80211_port_authorized(ndev, profile->bssid, GFP_KERNEL);
5995 brcmf_dbg(CONN, "Report port authorized\n");
5998 set_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state);
5999 brcmf_dbg(TRACE, "Exit\n");
6004 brcmf_bss_connect_done(struct brcmf_cfg80211_info *cfg,
6005 struct net_device *ndev, const struct brcmf_event_msg *e,
6008 struct brcmf_if *ifp = netdev_priv(ndev);
6009 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
6010 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
6011 struct cfg80211_connect_resp_params conn_params;
6013 brcmf_dbg(TRACE, "Enter\n");
6015 if (test_and_clear_bit(BRCMF_VIF_STATUS_CONNECTING,
6016 &ifp->vif->sme_state)) {
6017 memset(&conn_params, 0, sizeof(conn_params));
6019 brcmf_get_assoc_ies(cfg, ifp);
6020 brcmf_update_bss_info(cfg, ifp);
6021 set_bit(BRCMF_VIF_STATUS_CONNECTED,
6022 &ifp->vif->sme_state);
6023 conn_params.status = WLAN_STATUS_SUCCESS;
6025 conn_params.status = WLAN_STATUS_AUTH_TIMEOUT;
6027 conn_params.bssid = profile->bssid;
6028 conn_params.req_ie = conn_info->req_ie;
6029 conn_params.req_ie_len = conn_info->req_ie_len;
6030 conn_params.resp_ie = conn_info->resp_ie;
6031 conn_params.resp_ie_len = conn_info->resp_ie_len;
6032 cfg80211_connect_done(ndev, &conn_params, GFP_KERNEL);
6033 brcmf_dbg(CONN, "Report connect result - connection %s\n",
6034 completed ? "succeeded" : "failed");
6036 brcmf_dbg(TRACE, "Exit\n");
6041 brcmf_notify_connect_status_ap(struct brcmf_cfg80211_info *cfg,
6042 struct net_device *ndev,
6043 const struct brcmf_event_msg *e, void *data)
6045 struct brcmf_pub *drvr = cfg->pub;
6046 static int generation;
6047 u32 event = e->event_code;
6048 u32 reason = e->reason;
6049 struct station_info *sinfo;
6051 brcmf_dbg(CONN, "event %s (%u), reason %d\n",
6052 brcmf_fweh_event_name(event), event, reason);
6053 if (event == BRCMF_E_LINK && reason == BRCMF_E_REASON_LINK_BSSCFG_DIS &&
6054 ndev != cfg_to_ndev(cfg)) {
6055 brcmf_dbg(CONN, "AP mode link down\n");
6056 complete(&cfg->vif_disabled);
6060 if (((event == BRCMF_E_ASSOC_IND) || (event == BRCMF_E_REASSOC_IND)) &&
6061 (reason == BRCMF_E_STATUS_SUCCESS)) {
6063 bphy_err(drvr, "No IEs present in ASSOC/REASSOC_IND\n");
6067 sinfo = kzalloc(sizeof(*sinfo), GFP_KERNEL);
6071 sinfo->assoc_req_ies = data;
6072 sinfo->assoc_req_ies_len = e->datalen;
6074 sinfo->generation = generation;
6075 cfg80211_new_sta(ndev, e->addr, sinfo, GFP_KERNEL);
6078 } else if ((event == BRCMF_E_DISASSOC_IND) ||
6079 (event == BRCMF_E_DEAUTH_IND) ||
6080 (event == BRCMF_E_DEAUTH)) {
6081 cfg80211_del_sta(ndev, e->addr, GFP_KERNEL);
6087 brcmf_notify_connect_status(struct brcmf_if *ifp,
6088 const struct brcmf_event_msg *e, void *data)
6090 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6091 struct net_device *ndev = ifp->ndev;
6092 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
6093 struct ieee80211_channel *chan;
6096 if ((e->event_code == BRCMF_E_DEAUTH) ||
6097 (e->event_code == BRCMF_E_DEAUTH_IND) ||
6098 (e->event_code == BRCMF_E_DISASSOC_IND) ||
6099 ((e->event_code == BRCMF_E_LINK) && (!e->flags))) {
6100 brcmf_proto_delete_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
6103 if (brcmf_is_apmode(ifp->vif)) {
6104 err = brcmf_notify_connect_status_ap(cfg, ndev, e, data);
6105 } else if (brcmf_is_linkup(ifp->vif, e)) {
6106 brcmf_dbg(CONN, "Linkup\n");
6107 if (brcmf_is_ibssmode(ifp->vif)) {
6108 brcmf_inform_ibss(cfg, ndev, e->addr);
6109 chan = ieee80211_get_channel(cfg->wiphy, cfg->channel);
6110 memcpy(profile->bssid, e->addr, ETH_ALEN);
6111 cfg80211_ibss_joined(ndev, e->addr, chan, GFP_KERNEL);
6112 clear_bit(BRCMF_VIF_STATUS_CONNECTING,
6113 &ifp->vif->sme_state);
6114 set_bit(BRCMF_VIF_STATUS_CONNECTED,
6115 &ifp->vif->sme_state);
6117 brcmf_bss_connect_done(cfg, ndev, e, true);
6118 brcmf_net_setcarrier(ifp, true);
6119 } else if (brcmf_is_linkdown(ifp->vif, e)) {
6120 brcmf_dbg(CONN, "Linkdown\n");
6121 if (!brcmf_is_ibssmode(ifp->vif) &&
6122 test_bit(BRCMF_VIF_STATUS_CONNECTED,
6123 &ifp->vif->sme_state)) {
6124 if (memcmp(profile->bssid, e->addr, ETH_ALEN))
6127 brcmf_bss_connect_done(cfg, ndev, e, false);
6128 brcmf_link_down(ifp->vif,
6129 brcmf_map_fw_linkdown_reason(e),
6131 (BRCMF_E_DEAUTH_IND |
6132 BRCMF_E_DISASSOC_IND)
6134 brcmf_init_prof(ndev_to_prof(ndev));
6135 if (ndev != cfg_to_ndev(cfg))
6136 complete(&cfg->vif_disabled);
6137 brcmf_net_setcarrier(ifp, false);
6139 } else if (brcmf_is_nonetwork(cfg, e)) {
6140 if (brcmf_is_ibssmode(ifp->vif))
6141 clear_bit(BRCMF_VIF_STATUS_CONNECTING,
6142 &ifp->vif->sme_state);
6144 brcmf_bss_connect_done(cfg, ndev, e, false);
6151 brcmf_notify_roaming_status(struct brcmf_if *ifp,
6152 const struct brcmf_event_msg *e, void *data)
6154 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6155 u32 event = e->event_code;
6156 u32 status = e->status;
6158 if (event == BRCMF_E_ROAM && status == BRCMF_E_STATUS_SUCCESS) {
6159 if (test_bit(BRCMF_VIF_STATUS_CONNECTED,
6160 &ifp->vif->sme_state)) {
6161 brcmf_bss_roaming_done(cfg, ifp->ndev, e);
6163 brcmf_bss_connect_done(cfg, ifp->ndev, e, true);
6164 brcmf_net_setcarrier(ifp, true);
6172 brcmf_notify_mic_status(struct brcmf_if *ifp,
6173 const struct brcmf_event_msg *e, void *data)
6175 u16 flags = e->flags;
6176 enum nl80211_key_type key_type;
6178 if (flags & BRCMF_EVENT_MSG_GROUP)
6179 key_type = NL80211_KEYTYPE_GROUP;
6181 key_type = NL80211_KEYTYPE_PAIRWISE;
6183 cfg80211_michael_mic_failure(ifp->ndev, (u8 *)&e->addr, key_type, -1,
6189 static s32 brcmf_notify_rssi(struct brcmf_if *ifp,
6190 const struct brcmf_event_msg *e, void *data)
6192 struct brcmf_cfg80211_vif *vif = ifp->vif;
6193 struct brcmf_rssi_be *info = data;
6194 s32 rssi, snr, noise;
6195 s32 low, high, last;
6197 if (e->datalen < sizeof(*info)) {
6198 brcmf_err("insufficient RSSI event data\n");
6202 rssi = be32_to_cpu(info->rssi);
6203 snr = be32_to_cpu(info->snr);
6204 noise = be32_to_cpu(info->noise);
6206 low = vif->cqm_rssi_low;
6207 high = vif->cqm_rssi_high;
6208 last = vif->cqm_rssi_last;
6210 brcmf_dbg(TRACE, "rssi=%d snr=%d noise=%d low=%d high=%d last=%d\n",
6211 rssi, snr, noise, low, high, last);
6213 vif->cqm_rssi_last = rssi;
6215 if (rssi <= low || rssi == 0) {
6216 brcmf_dbg(INFO, "LOW rssi=%d\n", rssi);
6217 cfg80211_cqm_rssi_notify(ifp->ndev,
6218 NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW,
6220 } else if (rssi > high) {
6221 brcmf_dbg(INFO, "HIGH rssi=%d\n", rssi);
6222 cfg80211_cqm_rssi_notify(ifp->ndev,
6223 NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH,
6230 static s32 brcmf_notify_vif_event(struct brcmf_if *ifp,
6231 const struct brcmf_event_msg *e, void *data)
6233 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6234 struct brcmf_if_event *ifevent = (struct brcmf_if_event *)data;
6235 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
6236 struct brcmf_cfg80211_vif *vif;
6238 brcmf_dbg(TRACE, "Enter: action %u flags %u ifidx %u bsscfgidx %u\n",
6239 ifevent->action, ifevent->flags, ifevent->ifidx,
6240 ifevent->bsscfgidx);
6242 spin_lock(&event->vif_event_lock);
6243 event->action = ifevent->action;
6246 switch (ifevent->action) {
6247 case BRCMF_E_IF_ADD:
6248 /* waiting process may have timed out */
6249 if (!cfg->vif_event.vif) {
6250 spin_unlock(&event->vif_event_lock);
6257 vif->wdev.netdev = ifp->ndev;
6258 ifp->ndev->ieee80211_ptr = &vif->wdev;
6259 SET_NETDEV_DEV(ifp->ndev, wiphy_dev(cfg->wiphy));
6261 spin_unlock(&event->vif_event_lock);
6262 wake_up(&event->vif_wq);
6265 case BRCMF_E_IF_DEL:
6266 spin_unlock(&event->vif_event_lock);
6267 /* event may not be upon user request */
6268 if (brcmf_cfg80211_vif_event_armed(cfg))
6269 wake_up(&event->vif_wq);
6272 case BRCMF_E_IF_CHANGE:
6273 spin_unlock(&event->vif_event_lock);
6274 wake_up(&event->vif_wq);
6278 spin_unlock(&event->vif_event_lock);
6284 static void brcmf_init_conf(struct brcmf_cfg80211_conf *conf)
6286 conf->frag_threshold = (u32)-1;
6287 conf->rts_threshold = (u32)-1;
6288 conf->retry_short = (u32)-1;
6289 conf->retry_long = (u32)-1;
6292 static void brcmf_register_event_handlers(struct brcmf_cfg80211_info *cfg)
6294 brcmf_fweh_register(cfg->pub, BRCMF_E_LINK,
6295 brcmf_notify_connect_status);
6296 brcmf_fweh_register(cfg->pub, BRCMF_E_DEAUTH_IND,
6297 brcmf_notify_connect_status);
6298 brcmf_fweh_register(cfg->pub, BRCMF_E_DEAUTH,
6299 brcmf_notify_connect_status);
6300 brcmf_fweh_register(cfg->pub, BRCMF_E_DISASSOC_IND,
6301 brcmf_notify_connect_status);
6302 brcmf_fweh_register(cfg->pub, BRCMF_E_ASSOC_IND,
6303 brcmf_notify_connect_status);
6304 brcmf_fweh_register(cfg->pub, BRCMF_E_REASSOC_IND,
6305 brcmf_notify_connect_status);
6306 brcmf_fweh_register(cfg->pub, BRCMF_E_ROAM,
6307 brcmf_notify_roaming_status);
6308 brcmf_fweh_register(cfg->pub, BRCMF_E_MIC_ERROR,
6309 brcmf_notify_mic_status);
6310 brcmf_fweh_register(cfg->pub, BRCMF_E_SET_SSID,
6311 brcmf_notify_connect_status);
6312 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
6313 brcmf_notify_sched_scan_results);
6314 brcmf_fweh_register(cfg->pub, BRCMF_E_IF,
6315 brcmf_notify_vif_event);
6316 brcmf_fweh_register(cfg->pub, BRCMF_E_P2P_PROBEREQ_MSG,
6317 brcmf_p2p_notify_rx_mgmt_p2p_probereq);
6318 brcmf_fweh_register(cfg->pub, BRCMF_E_P2P_DISC_LISTEN_COMPLETE,
6319 brcmf_p2p_notify_listen_complete);
6320 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_RX,
6321 brcmf_p2p_notify_action_frame_rx);
6322 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_COMPLETE,
6323 brcmf_p2p_notify_action_tx_complete);
6324 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_OFF_CHAN_COMPLETE,
6325 brcmf_p2p_notify_action_tx_complete);
6326 brcmf_fweh_register(cfg->pub, BRCMF_E_PSK_SUP,
6327 brcmf_notify_connect_status);
6328 brcmf_fweh_register(cfg->pub, BRCMF_E_RSSI, brcmf_notify_rssi);
6331 static void brcmf_deinit_priv_mem(struct brcmf_cfg80211_info *cfg)
6335 kfree(cfg->extra_buf);
6336 cfg->extra_buf = NULL;
6337 kfree(cfg->wowl.nd);
6338 cfg->wowl.nd = NULL;
6339 kfree(cfg->wowl.nd_info);
6340 cfg->wowl.nd_info = NULL;
6341 kfree(cfg->escan_info.escan_buf);
6342 cfg->escan_info.escan_buf = NULL;
6345 static s32 brcmf_init_priv_mem(struct brcmf_cfg80211_info *cfg)
6347 cfg->conf = kzalloc(sizeof(*cfg->conf), GFP_KERNEL);
6349 goto init_priv_mem_out;
6350 cfg->extra_buf = kzalloc(WL_EXTRA_BUF_MAX, GFP_KERNEL);
6351 if (!cfg->extra_buf)
6352 goto init_priv_mem_out;
6353 cfg->wowl.nd = kzalloc(sizeof(*cfg->wowl.nd) + sizeof(u32), GFP_KERNEL);
6355 goto init_priv_mem_out;
6356 cfg->wowl.nd_info = kzalloc(sizeof(*cfg->wowl.nd_info) +
6357 sizeof(struct cfg80211_wowlan_nd_match *),
6359 if (!cfg->wowl.nd_info)
6360 goto init_priv_mem_out;
6361 cfg->escan_info.escan_buf = kzalloc(BRCMF_ESCAN_BUF_SIZE, GFP_KERNEL);
6362 if (!cfg->escan_info.escan_buf)
6363 goto init_priv_mem_out;
6368 brcmf_deinit_priv_mem(cfg);
6373 static s32 wl_init_priv(struct brcmf_cfg80211_info *cfg)
6377 cfg->scan_request = NULL;
6378 cfg->pwr_save = true;
6379 cfg->dongle_up = false; /* dongle is not up yet */
6380 err = brcmf_init_priv_mem(cfg);
6383 brcmf_register_event_handlers(cfg);
6384 mutex_init(&cfg->usr_sync);
6385 brcmf_init_escan(cfg);
6386 brcmf_init_conf(cfg->conf);
6387 brcmf_init_wmm_prio(cfg->ac_priority);
6388 init_completion(&cfg->vif_disabled);
6392 static void wl_deinit_priv(struct brcmf_cfg80211_info *cfg)
6394 cfg->dongle_up = false; /* dongle down */
6395 brcmf_abort_scanning(cfg);
6396 brcmf_deinit_priv_mem(cfg);
6399 static void init_vif_event(struct brcmf_cfg80211_vif_event *event)
6401 init_waitqueue_head(&event->vif_wq);
6402 spin_lock_init(&event->vif_event_lock);
6405 static s32 brcmf_dongle_roam(struct brcmf_if *ifp)
6407 struct brcmf_pub *drvr = ifp->drvr;
6410 __le32 roamtrigger[2];
6411 __le32 roam_delta[2];
6413 /* Configure beacon timeout value based upon roaming setting */
6414 if (ifp->drvr->settings->roamoff)
6415 bcn_timeout = BRCMF_DEFAULT_BCN_TIMEOUT_ROAM_OFF;
6417 bcn_timeout = BRCMF_DEFAULT_BCN_TIMEOUT_ROAM_ON;
6418 err = brcmf_fil_iovar_int_set(ifp, "bcn_timeout", bcn_timeout);
6420 bphy_err(drvr, "bcn_timeout error (%d)\n", err);
6421 goto roam_setup_done;
6424 /* Enable/Disable built-in roaming to allow supplicant to take care of
6427 brcmf_dbg(INFO, "Internal Roaming = %s\n",
6428 ifp->drvr->settings->roamoff ? "Off" : "On");
6429 err = brcmf_fil_iovar_int_set(ifp, "roam_off",
6430 ifp->drvr->settings->roamoff);
6432 bphy_err(drvr, "roam_off error (%d)\n", err);
6433 goto roam_setup_done;
6436 roamtrigger[0] = cpu_to_le32(WL_ROAM_TRIGGER_LEVEL);
6437 roamtrigger[1] = cpu_to_le32(BRCM_BAND_ALL);
6438 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_TRIGGER,
6439 (void *)roamtrigger, sizeof(roamtrigger));
6441 bphy_err(drvr, "WLC_SET_ROAM_TRIGGER error (%d)\n", err);
6443 roam_delta[0] = cpu_to_le32(WL_ROAM_DELTA);
6444 roam_delta[1] = cpu_to_le32(BRCM_BAND_ALL);
6445 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_DELTA,
6446 (void *)roam_delta, sizeof(roam_delta));
6448 bphy_err(drvr, "WLC_SET_ROAM_DELTA error (%d)\n", err);
6457 brcmf_dongle_scantime(struct brcmf_if *ifp)
6459 struct brcmf_pub *drvr = ifp->drvr;
6462 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_CHANNEL_TIME,
6463 BRCMF_SCAN_CHANNEL_TIME);
6465 bphy_err(drvr, "Scan assoc time error (%d)\n", err);
6466 goto dongle_scantime_out;
6468 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_UNASSOC_TIME,
6469 BRCMF_SCAN_UNASSOC_TIME);
6471 bphy_err(drvr, "Scan unassoc time error (%d)\n", err);
6472 goto dongle_scantime_out;
6475 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_PASSIVE_TIME,
6476 BRCMF_SCAN_PASSIVE_TIME);
6478 bphy_err(drvr, "Scan passive time error (%d)\n", err);
6479 goto dongle_scantime_out;
6482 dongle_scantime_out:
6486 static void brcmf_update_bw40_channel_flag(struct ieee80211_channel *channel,
6487 struct brcmu_chan *ch)
6491 ht40_flag = channel->flags & IEEE80211_CHAN_NO_HT40;
6492 if (ch->sb == BRCMU_CHAN_SB_U) {
6493 if (ht40_flag == IEEE80211_CHAN_NO_HT40)
6494 channel->flags &= ~IEEE80211_CHAN_NO_HT40;
6495 channel->flags |= IEEE80211_CHAN_NO_HT40PLUS;
6497 /* It should be one of
6498 * IEEE80211_CHAN_NO_HT40 or
6499 * IEEE80211_CHAN_NO_HT40PLUS
6501 channel->flags &= ~IEEE80211_CHAN_NO_HT40;
6502 if (ht40_flag == IEEE80211_CHAN_NO_HT40)
6503 channel->flags |= IEEE80211_CHAN_NO_HT40MINUS;
6507 static int brcmf_construct_chaninfo(struct brcmf_cfg80211_info *cfg,
6510 struct wiphy *wiphy = cfg_to_wiphy(cfg);
6511 struct brcmf_pub *drvr = cfg->pub;
6512 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0);
6513 struct ieee80211_supported_band *band;
6514 struct ieee80211_channel *channel;
6515 struct brcmf_chanspec_list *list;
6516 struct brcmu_chan ch;
6523 pbuf = kzalloc(BRCMF_DCMD_MEDLEN, GFP_KERNEL);
6528 list = (struct brcmf_chanspec_list *)pbuf;
6530 err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf,
6533 bphy_err(drvr, "get chanspecs error (%d)\n", err);
6537 band = wiphy->bands[NL80211_BAND_2GHZ];
6539 for (i = 0; i < band->n_channels; i++)
6540 band->channels[i].flags = IEEE80211_CHAN_DISABLED;
6541 band = wiphy->bands[NL80211_BAND_5GHZ];
6543 for (i = 0; i < band->n_channels; i++)
6544 band->channels[i].flags = IEEE80211_CHAN_DISABLED;
6546 total = le32_to_cpu(list->count);
6547 for (i = 0; i < total; i++) {
6548 ch.chspec = (u16)le32_to_cpu(list->element[i]);
6549 cfg->d11inf.decchspec(&ch);
6551 if (ch.band == BRCMU_CHAN_BAND_2G) {
6552 band = wiphy->bands[NL80211_BAND_2GHZ];
6553 } else if (ch.band == BRCMU_CHAN_BAND_5G) {
6554 band = wiphy->bands[NL80211_BAND_5GHZ];
6556 bphy_err(drvr, "Invalid channel Spec. 0x%x.\n",
6562 if (!(bw_cap[band->band] & WLC_BW_40MHZ_BIT) &&
6563 ch.bw == BRCMU_CHAN_BW_40)
6565 if (!(bw_cap[band->band] & WLC_BW_80MHZ_BIT) &&
6566 ch.bw == BRCMU_CHAN_BW_80)
6570 for (j = 0; j < band->n_channels; j++) {
6571 if (band->channels[j].hw_value == ch.control_ch_num) {
6572 channel = &band->channels[j];
6577 /* It seems firmware supports some channel we never
6578 * considered. Something new in IEEE standard?
6580 bphy_err(drvr, "Ignoring unexpected firmware channel %d\n",
6585 if (channel->orig_flags & IEEE80211_CHAN_DISABLED)
6588 /* assuming the chanspecs order is HT20,
6589 * HT40 upper, HT40 lower, and VHT80.
6592 case BRCMU_CHAN_BW_160:
6593 channel->flags &= ~IEEE80211_CHAN_NO_160MHZ;
6595 case BRCMU_CHAN_BW_80:
6596 channel->flags &= ~IEEE80211_CHAN_NO_80MHZ;
6598 case BRCMU_CHAN_BW_40:
6599 brcmf_update_bw40_channel_flag(channel, &ch);
6602 wiphy_warn(wiphy, "Firmware reported unsupported bandwidth %d\n",
6605 case BRCMU_CHAN_BW_20:
6606 /* enable the channel and disable other bandwidths
6607 * for now as mentioned order assure they are enabled
6608 * for subsequent chanspecs.
6610 channel->flags = IEEE80211_CHAN_NO_HT40 |
6611 IEEE80211_CHAN_NO_80MHZ |
6612 IEEE80211_CHAN_NO_160MHZ;
6613 ch.bw = BRCMU_CHAN_BW_20;
6614 cfg->d11inf.encchspec(&ch);
6615 chaninfo = ch.chspec;
6616 err = brcmf_fil_bsscfg_int_get(ifp, "per_chan_info",
6619 if (chaninfo & WL_CHAN_RADAR)
6621 (IEEE80211_CHAN_RADAR |
6622 IEEE80211_CHAN_NO_IR);
6623 if (chaninfo & WL_CHAN_PASSIVE)
6625 IEEE80211_CHAN_NO_IR;
6635 static int brcmf_enable_bw40_2g(struct brcmf_cfg80211_info *cfg)
6637 struct brcmf_pub *drvr = cfg->pub;
6638 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0);
6639 struct ieee80211_supported_band *band;
6640 struct brcmf_fil_bwcap_le band_bwcap;
6641 struct brcmf_chanspec_list *list;
6645 struct brcmu_chan ch;
6649 /* verify support for bw_cap command */
6651 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &val);
6654 /* only set 2G bandwidth using bw_cap command */
6655 band_bwcap.band = cpu_to_le32(WLC_BAND_2G);
6656 band_bwcap.bw_cap = cpu_to_le32(WLC_BW_CAP_40MHZ);
6657 err = brcmf_fil_iovar_data_set(ifp, "bw_cap", &band_bwcap,
6658 sizeof(band_bwcap));
6660 brcmf_dbg(INFO, "fallback to mimo_bw_cap\n");
6661 val = WLC_N_BW_40ALL;
6662 err = brcmf_fil_iovar_int_set(ifp, "mimo_bw_cap", val);
6666 /* update channel info in 2G band */
6667 pbuf = kzalloc(BRCMF_DCMD_MEDLEN, GFP_KERNEL);
6672 ch.band = BRCMU_CHAN_BAND_2G;
6673 ch.bw = BRCMU_CHAN_BW_40;
6674 ch.sb = BRCMU_CHAN_SB_NONE;
6676 cfg->d11inf.encchspec(&ch);
6678 /* pass encoded chanspec in query */
6679 *(__le16 *)pbuf = cpu_to_le16(ch.chspec);
6681 err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf,
6684 bphy_err(drvr, "get chanspecs error (%d)\n", err);
6689 band = cfg_to_wiphy(cfg)->bands[NL80211_BAND_2GHZ];
6690 list = (struct brcmf_chanspec_list *)pbuf;
6691 num_chan = le32_to_cpu(list->count);
6692 for (i = 0; i < num_chan; i++) {
6693 ch.chspec = (u16)le32_to_cpu(list->element[i]);
6694 cfg->d11inf.decchspec(&ch);
6695 if (WARN_ON(ch.band != BRCMU_CHAN_BAND_2G))
6697 if (WARN_ON(ch.bw != BRCMU_CHAN_BW_40))
6699 for (j = 0; j < band->n_channels; j++) {
6700 if (band->channels[j].hw_value == ch.control_ch_num)
6703 if (WARN_ON(j == band->n_channels))
6706 brcmf_update_bw40_channel_flag(&band->channels[j], &ch);
6713 static void brcmf_get_bwcap(struct brcmf_if *ifp, u32 bw_cap[])
6715 struct brcmf_pub *drvr = ifp->drvr;
6716 u32 band, mimo_bwcap;
6720 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &band);
6722 bw_cap[NL80211_BAND_2GHZ] = band;
6724 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &band);
6726 bw_cap[NL80211_BAND_5GHZ] = band;
6732 brcmf_dbg(INFO, "fallback to mimo_bw_cap info\n");
6734 err = brcmf_fil_iovar_int_get(ifp, "mimo_bw_cap", &mimo_bwcap);
6736 /* assume 20MHz if firmware does not give a clue */
6737 mimo_bwcap = WLC_N_BW_20ALL;
6739 switch (mimo_bwcap) {
6740 case WLC_N_BW_40ALL:
6741 bw_cap[NL80211_BAND_2GHZ] |= WLC_BW_40MHZ_BIT;
6743 case WLC_N_BW_20IN2G_40IN5G:
6744 bw_cap[NL80211_BAND_5GHZ] |= WLC_BW_40MHZ_BIT;
6746 case WLC_N_BW_20ALL:
6747 bw_cap[NL80211_BAND_2GHZ] |= WLC_BW_20MHZ_BIT;
6748 bw_cap[NL80211_BAND_5GHZ] |= WLC_BW_20MHZ_BIT;
6751 bphy_err(drvr, "invalid mimo_bw_cap value\n");
6755 static void brcmf_update_ht_cap(struct ieee80211_supported_band *band,
6756 u32 bw_cap[2], u32 nchain)
6758 band->ht_cap.ht_supported = true;
6759 if (bw_cap[band->band] & WLC_BW_40MHZ_BIT) {
6760 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_40;
6761 band->ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
6763 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_20;
6764 band->ht_cap.cap |= IEEE80211_HT_CAP_DSSSCCK40;
6765 band->ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
6766 band->ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_16;
6767 memset(band->ht_cap.mcs.rx_mask, 0xff, nchain);
6768 band->ht_cap.mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED;
6771 static __le16 brcmf_get_mcs_map(u32 nchain, enum ieee80211_vht_mcs_support supp)
6776 for (i = 0, mcs_map = 0xFFFF; i < nchain; i++)
6777 mcs_map = (mcs_map << 2) | supp;
6779 return cpu_to_le16(mcs_map);
6782 static void brcmf_update_vht_cap(struct ieee80211_supported_band *band,
6783 u32 bw_cap[2], u32 nchain, u32 txstreams,
6784 u32 txbf_bfe_cap, u32 txbf_bfr_cap)
6788 /* not allowed in 2.4G band */
6789 if (band->band == NL80211_BAND_2GHZ)
6792 band->vht_cap.vht_supported = true;
6793 /* 80MHz is mandatory */
6794 band->vht_cap.cap |= IEEE80211_VHT_CAP_SHORT_GI_80;
6795 if (bw_cap[band->band] & WLC_BW_160MHZ_BIT) {
6796 band->vht_cap.cap |= IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
6797 band->vht_cap.cap |= IEEE80211_VHT_CAP_SHORT_GI_160;
6799 /* all support 256-QAM */
6800 mcs_map = brcmf_get_mcs_map(nchain, IEEE80211_VHT_MCS_SUPPORT_0_9);
6801 band->vht_cap.vht_mcs.rx_mcs_map = mcs_map;
6802 band->vht_cap.vht_mcs.tx_mcs_map = mcs_map;
6804 /* Beamforming support information */
6805 if (txbf_bfe_cap & BRCMF_TXBF_SU_BFE_CAP)
6806 band->vht_cap.cap |= IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE;
6807 if (txbf_bfe_cap & BRCMF_TXBF_MU_BFE_CAP)
6808 band->vht_cap.cap |= IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE;
6809 if (txbf_bfr_cap & BRCMF_TXBF_SU_BFR_CAP)
6810 band->vht_cap.cap |= IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE;
6811 if (txbf_bfr_cap & BRCMF_TXBF_MU_BFR_CAP)
6812 band->vht_cap.cap |= IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE;
6814 if ((txbf_bfe_cap || txbf_bfr_cap) && (txstreams > 1)) {
6815 band->vht_cap.cap |=
6816 (2 << IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT);
6817 band->vht_cap.cap |= ((txstreams - 1) <<
6818 IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT);
6819 band->vht_cap.cap |=
6820 IEEE80211_VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB;
6824 static int brcmf_setup_wiphybands(struct brcmf_cfg80211_info *cfg)
6826 struct brcmf_pub *drvr = cfg->pub;
6827 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0);
6828 struct wiphy *wiphy = cfg_to_wiphy(cfg);
6831 u32 bw_cap[2] = { WLC_BW_20MHZ_BIT, WLC_BW_20MHZ_BIT };
6836 struct ieee80211_supported_band *band;
6838 u32 txbf_bfe_cap = 0;
6839 u32 txbf_bfr_cap = 0;
6841 (void)brcmf_fil_iovar_int_get(ifp, "vhtmode", &vhtmode);
6842 err = brcmf_fil_iovar_int_get(ifp, "nmode", &nmode);
6844 bphy_err(drvr, "nmode error (%d)\n", err);
6846 brcmf_get_bwcap(ifp, bw_cap);
6848 brcmf_dbg(INFO, "nmode=%d, vhtmode=%d, bw_cap=(%d, %d)\n",
6849 nmode, vhtmode, bw_cap[NL80211_BAND_2GHZ],
6850 bw_cap[NL80211_BAND_5GHZ]);
6852 err = brcmf_fil_iovar_int_get(ifp, "rxchain", &rxchain);
6854 bphy_err(drvr, "rxchain error (%d)\n", err);
6857 for (nchain = 0; rxchain; nchain++)
6858 rxchain = rxchain & (rxchain - 1);
6860 brcmf_dbg(INFO, "nchain=%d\n", nchain);
6862 err = brcmf_construct_chaninfo(cfg, bw_cap);
6864 bphy_err(drvr, "brcmf_construct_chaninfo failed (%d)\n", err);
6869 (void)brcmf_fil_iovar_int_get(ifp, "txstreams", &txstreams);
6870 (void)brcmf_fil_iovar_int_get(ifp, "txbf_bfe_cap",
6872 (void)brcmf_fil_iovar_int_get(ifp, "txbf_bfr_cap",
6876 for (i = 0; i < ARRAY_SIZE(wiphy->bands); i++) {
6877 band = wiphy->bands[i];
6882 brcmf_update_ht_cap(band, bw_cap, nchain);
6884 brcmf_update_vht_cap(band, bw_cap, nchain, txstreams,
6885 txbf_bfe_cap, txbf_bfr_cap);
6891 static const struct ieee80211_txrx_stypes
6892 brcmf_txrx_stypes[NUM_NL80211_IFTYPES] = {
6893 [NL80211_IFTYPE_STATION] = {
6895 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6896 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6898 [NL80211_IFTYPE_P2P_CLIENT] = {
6900 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6901 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6903 [NL80211_IFTYPE_P2P_GO] = {
6905 .rx = BIT(IEEE80211_STYPE_ASSOC_REQ >> 4) |
6906 BIT(IEEE80211_STYPE_REASSOC_REQ >> 4) |
6907 BIT(IEEE80211_STYPE_PROBE_REQ >> 4) |
6908 BIT(IEEE80211_STYPE_DISASSOC >> 4) |
6909 BIT(IEEE80211_STYPE_AUTH >> 4) |
6910 BIT(IEEE80211_STYPE_DEAUTH >> 4) |
6911 BIT(IEEE80211_STYPE_ACTION >> 4)
6913 [NL80211_IFTYPE_P2P_DEVICE] = {
6915 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6916 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6918 [NL80211_IFTYPE_AP] = {
6920 .rx = BIT(IEEE80211_STYPE_ASSOC_REQ >> 4) |
6921 BIT(IEEE80211_STYPE_REASSOC_REQ >> 4) |
6922 BIT(IEEE80211_STYPE_PROBE_REQ >> 4) |
6923 BIT(IEEE80211_STYPE_DISASSOC >> 4) |
6924 BIT(IEEE80211_STYPE_AUTH >> 4) |
6925 BIT(IEEE80211_STYPE_DEAUTH >> 4) |
6926 BIT(IEEE80211_STYPE_ACTION >> 4)
6931 * brcmf_setup_ifmodes() - determine interface modes and combinations.
6933 * @wiphy: wiphy object.
6934 * @ifp: interface object needed for feat module api.
6936 * The interface modes and combinations are determined dynamically here
6937 * based on firmware functionality.
6939 * no p2p and no mbss:
6941 * #STA <= 1, #AP <= 1, channels = 1, 2 total
6945 * #STA <= 1, #AP <= 1, channels = 1, 2 total
6946 * #AP <= 4, matching BI, channels = 1, 4 total
6949 * #STA <= 1, #AP <= 2, channels = 2, 4 total
6951 * p2p, no mchan, and mbss:
6953 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 1, channels = 1, 3 total
6954 * #STA <= 1, #P2P-DEV <= 1, #AP <= 1, #P2P-CL <= 1, channels = 1, 4 total
6955 * #AP <= 4, matching BI, channels = 1, 4 total
6957 * p2p, mchan, and mbss:
6959 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 1, channels = 2, 3 total
6960 * #STA <= 1, #P2P-DEV <= 1, #AP <= 1, #P2P-CL <= 1, channels = 1, 4 total
6961 * #AP <= 4, matching BI, channels = 1, 4 total
6963 * p2p, rsdb, and no mbss:
6964 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 2, AP <= 2,
6965 * channels = 2, 4 total
6967 static int brcmf_setup_ifmodes(struct wiphy *wiphy, struct brcmf_if *ifp)
6969 struct ieee80211_iface_combination *combo = NULL;
6970 struct ieee80211_iface_limit *c0_limits = NULL;
6971 struct ieee80211_iface_limit *p2p_limits = NULL;
6972 struct ieee80211_iface_limit *mbss_limits = NULL;
6973 bool mon_flag, mbss, p2p, rsdb, mchan;
6974 int i, c, n_combos, n_limits;
6976 mon_flag = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MONITOR_FLAG);
6977 mbss = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS);
6978 p2p = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_P2P);
6979 rsdb = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_RSDB);
6980 mchan = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MCHAN);
6982 n_combos = 1 + !!(p2p && !rsdb) + !!mbss;
6983 combo = kcalloc(n_combos, sizeof(*combo), GFP_KERNEL);
6987 wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
6988 BIT(NL80211_IFTYPE_ADHOC) |
6989 BIT(NL80211_IFTYPE_AP);
6991 wiphy->interface_modes |= BIT(NL80211_IFTYPE_MONITOR);
6993 wiphy->interface_modes |= BIT(NL80211_IFTYPE_P2P_CLIENT) |
6994 BIT(NL80211_IFTYPE_P2P_GO) |
6995 BIT(NL80211_IFTYPE_P2P_DEVICE);
6999 n_limits = 1 + mon_flag + (p2p ? 2 : 0) + (rsdb || !p2p);
7000 c0_limits = kcalloc(n_limits, sizeof(*c0_limits), GFP_KERNEL);
7004 combo[c].num_different_channels = 1 + (rsdb || (p2p && mchan));
7005 c0_limits[i].max = 1;
7006 c0_limits[i++].types = BIT(NL80211_IFTYPE_STATION);
7008 c0_limits[i].max = 1;
7009 c0_limits[i++].types = BIT(NL80211_IFTYPE_MONITOR);
7012 c0_limits[i].max = 1;
7013 c0_limits[i++].types = BIT(NL80211_IFTYPE_P2P_DEVICE);
7014 c0_limits[i].max = 1 + rsdb;
7015 c0_limits[i++].types = BIT(NL80211_IFTYPE_P2P_CLIENT) |
7016 BIT(NL80211_IFTYPE_P2P_GO);
7019 c0_limits[i].max = 2;
7020 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP);
7021 combo[c].max_interfaces = 4;
7023 combo[c].max_interfaces = i;
7025 c0_limits[i].max = 2;
7026 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP);
7027 combo[c].max_interfaces = 3;
7029 c0_limits[i].max = 1;
7030 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP);
7031 combo[c].max_interfaces = i;
7033 combo[c].n_limits = i;
7034 combo[c].limits = c0_limits;
7039 p2p_limits = kcalloc(4, sizeof(*p2p_limits), GFP_KERNEL);
7042 p2p_limits[i].max = 1;
7043 p2p_limits[i++].types = BIT(NL80211_IFTYPE_STATION);
7044 p2p_limits[i].max = 1;
7045 p2p_limits[i++].types = BIT(NL80211_IFTYPE_AP);
7046 p2p_limits[i].max = 1;
7047 p2p_limits[i++].types = BIT(NL80211_IFTYPE_P2P_CLIENT);
7048 p2p_limits[i].max = 1;
7049 p2p_limits[i++].types = BIT(NL80211_IFTYPE_P2P_DEVICE);
7050 combo[c].num_different_channels = 1;
7051 combo[c].max_interfaces = i;
7052 combo[c].n_limits = i;
7053 combo[c].limits = p2p_limits;
7059 n_limits = 1 + mon_flag;
7060 mbss_limits = kcalloc(n_limits, sizeof(*mbss_limits),
7064 mbss_limits[i].max = 4;
7065 mbss_limits[i++].types = BIT(NL80211_IFTYPE_AP);
7067 mbss_limits[i].max = 1;
7068 mbss_limits[i++].types = BIT(NL80211_IFTYPE_MONITOR);
7070 combo[c].beacon_int_infra_match = true;
7071 combo[c].num_different_channels = 1;
7072 combo[c].max_interfaces = 4 + mon_flag;
7073 combo[c].n_limits = i;
7074 combo[c].limits = mbss_limits;
7077 wiphy->n_iface_combinations = n_combos;
7078 wiphy->iface_combinations = combo;
7090 static const struct wiphy_wowlan_support brcmf_wowlan_support = {
7091 .flags = WIPHY_WOWLAN_MAGIC_PKT | WIPHY_WOWLAN_DISCONNECT,
7092 .n_patterns = BRCMF_WOWL_MAXPATTERNS,
7093 .pattern_max_len = BRCMF_WOWL_MAXPATTERNSIZE,
7094 .pattern_min_len = 1,
7095 .max_pkt_offset = 1500,
7099 static void brcmf_wiphy_wowl_params(struct wiphy *wiphy, struct brcmf_if *ifp)
7102 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
7103 struct brcmf_pub *drvr = cfg->pub;
7104 struct wiphy_wowlan_support *wowl;
7106 wowl = kmemdup(&brcmf_wowlan_support, sizeof(brcmf_wowlan_support),
7109 bphy_err(drvr, "only support basic wowlan features\n");
7110 wiphy->wowlan = &brcmf_wowlan_support;
7114 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO)) {
7115 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ND)) {
7116 wowl->flags |= WIPHY_WOWLAN_NET_DETECT;
7117 wowl->max_nd_match_sets = BRCMF_PNO_MAX_PFN_COUNT;
7118 init_waitqueue_head(&cfg->wowl.nd_data_wait);
7121 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_GTK)) {
7122 wowl->flags |= WIPHY_WOWLAN_SUPPORTS_GTK_REKEY;
7123 wowl->flags |= WIPHY_WOWLAN_GTK_REKEY_FAILURE;
7126 wiphy->wowlan = wowl;
7130 static int brcmf_setup_wiphy(struct wiphy *wiphy, struct brcmf_if *ifp)
7132 struct brcmf_pub *drvr = ifp->drvr;
7133 const struct ieee80211_iface_combination *combo;
7134 struct ieee80211_supported_band *band;
7135 u16 max_interfaces = 0;
7141 wiphy->max_scan_ssids = WL_NUM_SCAN_MAX;
7142 wiphy->max_scan_ie_len = BRCMF_SCAN_IE_LEN_MAX;
7143 wiphy->max_num_pmkids = BRCMF_MAXPMKID;
7145 err = brcmf_setup_ifmodes(wiphy, ifp);
7149 for (i = 0, combo = wiphy->iface_combinations;
7150 i < wiphy->n_iface_combinations; i++, combo++) {
7151 max_interfaces = max(max_interfaces, combo->max_interfaces);
7154 for (i = 0; i < max_interfaces && i < ARRAY_SIZE(drvr->addresses);
7156 u8 *addr = drvr->addresses[i].addr;
7158 memcpy(addr, drvr->mac, ETH_ALEN);
7161 addr[ETH_ALEN - 1] ^= i;
7164 wiphy->addresses = drvr->addresses;
7165 wiphy->n_addresses = i;
7167 wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM;
7168 wiphy->cipher_suites = brcmf_cipher_suites;
7169 wiphy->n_cipher_suites = ARRAY_SIZE(brcmf_cipher_suites);
7170 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
7171 wiphy->n_cipher_suites--;
7172 wiphy->bss_select_support = BIT(NL80211_BSS_SELECT_ATTR_RSSI) |
7173 BIT(NL80211_BSS_SELECT_ATTR_BAND_PREF) |
7174 BIT(NL80211_BSS_SELECT_ATTR_RSSI_ADJUST);
7176 wiphy->flags |= WIPHY_FLAG_NETNS_OK |
7177 WIPHY_FLAG_PS_ON_BY_DEFAULT |
7178 WIPHY_FLAG_HAVE_AP_SME |
7179 WIPHY_FLAG_OFFCHAN_TX |
7180 WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
7181 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_TDLS))
7182 wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS;
7183 if (!ifp->drvr->settings->roamoff)
7184 wiphy->flags |= WIPHY_FLAG_SUPPORTS_FW_ROAM;
7185 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_FWSUP)) {
7186 wiphy_ext_feature_set(wiphy,
7187 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK);
7188 wiphy_ext_feature_set(wiphy,
7189 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X);
7190 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SAE))
7191 wiphy_ext_feature_set(wiphy,
7192 NL80211_EXT_FEATURE_SAE_OFFLOAD);
7194 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_FWAUTH)) {
7195 wiphy_ext_feature_set(wiphy,
7196 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_AP_PSK);
7197 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SAE))
7198 wiphy_ext_feature_set(wiphy,
7199 NL80211_EXT_FEATURE_SAE_OFFLOAD_AP);
7201 wiphy->mgmt_stypes = brcmf_txrx_stypes;
7202 wiphy->max_remain_on_channel_duration = 5000;
7203 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO)) {
7204 gscan = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_GSCAN);
7205 brcmf_pno_wiphy_params(wiphy, gscan);
7207 /* vendor commands/events support */
7208 wiphy->vendor_commands = brcmf_vendor_cmds;
7209 wiphy->n_vendor_commands = BRCMF_VNDR_CMDS_LAST - 1;
7211 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL))
7212 brcmf_wiphy_wowl_params(wiphy, ifp);
7213 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BANDLIST, &bandlist,
7216 bphy_err(drvr, "could not obtain band info: err=%d\n", err);
7219 /* first entry in bandlist is number of bands */
7220 n_bands = le32_to_cpu(bandlist[0]);
7221 for (i = 1; i <= n_bands && i < ARRAY_SIZE(bandlist); i++) {
7222 if (bandlist[i] == cpu_to_le32(WLC_BAND_2G)) {
7223 band = kmemdup(&__wl_band_2ghz, sizeof(__wl_band_2ghz),
7228 band->channels = kmemdup(&__wl_2ghz_channels,
7229 sizeof(__wl_2ghz_channels),
7231 if (!band->channels) {
7236 band->n_channels = ARRAY_SIZE(__wl_2ghz_channels);
7237 wiphy->bands[NL80211_BAND_2GHZ] = band;
7239 if (bandlist[i] == cpu_to_le32(WLC_BAND_5G)) {
7240 band = kmemdup(&__wl_band_5ghz, sizeof(__wl_band_5ghz),
7245 band->channels = kmemdup(&__wl_5ghz_channels,
7246 sizeof(__wl_5ghz_channels),
7248 if (!band->channels) {
7253 band->n_channels = ARRAY_SIZE(__wl_5ghz_channels);
7254 wiphy->bands[NL80211_BAND_5GHZ] = band;
7258 if (wiphy->bands[NL80211_BAND_5GHZ] &&
7259 brcmf_feat_is_enabled(ifp, BRCMF_FEAT_DOT11H))
7260 wiphy_ext_feature_set(wiphy,
7261 NL80211_EXT_FEATURE_DFS_OFFLOAD);
7263 wiphy_ext_feature_set(wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST);
7265 wiphy_read_of_freq_limits(wiphy);
7270 static s32 brcmf_config_dongle(struct brcmf_cfg80211_info *cfg)
7272 struct brcmf_pub *drvr = cfg->pub;
7273 struct net_device *ndev;
7274 struct wireless_dev *wdev;
7275 struct brcmf_if *ifp;
7282 ndev = cfg_to_ndev(cfg);
7283 wdev = ndev->ieee80211_ptr;
7284 ifp = netdev_priv(ndev);
7286 /* make sure RF is ready for work */
7287 brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 0);
7289 brcmf_dongle_scantime(ifp);
7291 power_mode = cfg->pwr_save ? PM_FAST : PM_OFF;
7292 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, power_mode);
7294 goto default_conf_out;
7295 brcmf_dbg(INFO, "power save set to %s\n",
7296 (power_mode ? "enabled" : "disabled"));
7298 err = brcmf_dongle_roam(ifp);
7300 goto default_conf_out;
7301 err = brcmf_cfg80211_change_iface(wdev->wiphy, ndev, wdev->iftype,
7304 goto default_conf_out;
7306 brcmf_configure_arp_nd_offload(ifp, true);
7308 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_FAKEFRAG, 1);
7310 bphy_err(drvr, "failed to set frameburst mode\n");
7311 goto default_conf_out;
7314 cfg->dongle_up = true;
7321 static s32 __brcmf_cfg80211_up(struct brcmf_if *ifp)
7323 set_bit(BRCMF_VIF_STATUS_READY, &ifp->vif->sme_state);
7325 return brcmf_config_dongle(ifp->drvr->config);
7328 static s32 __brcmf_cfg80211_down(struct brcmf_if *ifp)
7330 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
7333 * While going down, if associated with AP disassociate
7334 * from AP to save power
7336 if (check_vif_up(ifp->vif)) {
7337 brcmf_link_down(ifp->vif, WLAN_REASON_UNSPECIFIED, true);
7339 /* Make sure WPA_Supplicant receives all the event
7340 generated due to DISASSOC call to the fw to keep
7341 the state fw and WPA_Supplicant state consistent
7346 brcmf_abort_scanning(cfg);
7347 clear_bit(BRCMF_VIF_STATUS_READY, &ifp->vif->sme_state);
7352 s32 brcmf_cfg80211_up(struct net_device *ndev)
7354 struct brcmf_if *ifp = netdev_priv(ndev);
7355 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
7358 mutex_lock(&cfg->usr_sync);
7359 err = __brcmf_cfg80211_up(ifp);
7360 mutex_unlock(&cfg->usr_sync);
7365 s32 brcmf_cfg80211_down(struct net_device *ndev)
7367 struct brcmf_if *ifp = netdev_priv(ndev);
7368 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
7371 mutex_lock(&cfg->usr_sync);
7372 err = __brcmf_cfg80211_down(ifp);
7373 mutex_unlock(&cfg->usr_sync);
7378 enum nl80211_iftype brcmf_cfg80211_get_iftype(struct brcmf_if *ifp)
7380 struct wireless_dev *wdev = &ifp->vif->wdev;
7382 return wdev->iftype;
7385 bool brcmf_get_vif_state_any(struct brcmf_cfg80211_info *cfg,
7386 unsigned long state)
7388 struct brcmf_cfg80211_vif *vif;
7390 list_for_each_entry(vif, &cfg->vif_list, list) {
7391 if (test_bit(state, &vif->sme_state))
7397 static inline bool vif_event_equals(struct brcmf_cfg80211_vif_event *event,
7402 spin_lock(&event->vif_event_lock);
7403 evt_action = event->action;
7404 spin_unlock(&event->vif_event_lock);
7405 return evt_action == action;
7408 void brcmf_cfg80211_arm_vif_event(struct brcmf_cfg80211_info *cfg,
7409 struct brcmf_cfg80211_vif *vif)
7411 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
7413 spin_lock(&event->vif_event_lock);
7416 spin_unlock(&event->vif_event_lock);
7419 bool brcmf_cfg80211_vif_event_armed(struct brcmf_cfg80211_info *cfg)
7421 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
7424 spin_lock(&event->vif_event_lock);
7425 armed = event->vif != NULL;
7426 spin_unlock(&event->vif_event_lock);
7431 int brcmf_cfg80211_wait_vif_event(struct brcmf_cfg80211_info *cfg,
7432 u8 action, ulong timeout)
7434 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
7436 return wait_event_timeout(event->vif_wq,
7437 vif_event_equals(event, action), timeout);
7440 static s32 brcmf_translate_country_code(struct brcmf_pub *drvr, char alpha2[2],
7441 struct brcmf_fil_country_le *ccreq)
7443 struct brcmfmac_pd_cc *country_codes;
7444 struct brcmfmac_pd_cc_entry *cc;
7448 if ((alpha2[0] == ccreq->country_abbrev[0]) &&
7449 (alpha2[1] == ccreq->country_abbrev[1])) {
7450 brcmf_dbg(TRACE, "Country code already set\n");
7454 country_codes = drvr->settings->country_codes;
7455 if (!country_codes) {
7456 brcmf_dbg(TRACE, "No country codes configured for device, using ISO3166 code and 0 rev\n");
7457 memset(ccreq, 0, sizeof(*ccreq));
7458 ccreq->country_abbrev[0] = alpha2[0];
7459 ccreq->country_abbrev[1] = alpha2[1];
7460 ccreq->ccode[0] = alpha2[0];
7461 ccreq->ccode[1] = alpha2[1];
7466 for (i = 0; i < country_codes->table_size; i++) {
7467 cc = &country_codes->table[i];
7468 if ((cc->iso3166[0] == '\0') && (found_index == -1))
7470 if ((cc->iso3166[0] == alpha2[0]) &&
7471 (cc->iso3166[1] == alpha2[1])) {
7476 if (found_index == -1) {
7477 brcmf_dbg(TRACE, "No country code match found\n");
7480 memset(ccreq, 0, sizeof(*ccreq));
7481 ccreq->rev = cpu_to_le32(country_codes->table[found_index].rev);
7482 memcpy(ccreq->ccode, country_codes->table[found_index].cc,
7483 BRCMF_COUNTRY_BUF_SZ);
7484 ccreq->country_abbrev[0] = alpha2[0];
7485 ccreq->country_abbrev[1] = alpha2[1];
7486 ccreq->country_abbrev[2] = 0;
7491 static void brcmf_cfg80211_reg_notifier(struct wiphy *wiphy,
7492 struct regulatory_request *req)
7494 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
7495 struct brcmf_if *ifp = brcmf_get_ifp(cfg->pub, 0);
7496 struct brcmf_pub *drvr = cfg->pub;
7497 struct brcmf_fil_country_le ccreq;
7501 /* The country code gets set to "00" by default at boot, ignore */
7502 if (req->alpha2[0] == '0' && req->alpha2[1] == '0')
7505 /* ignore non-ISO3166 country codes */
7506 for (i = 0; i < 2; i++)
7507 if (req->alpha2[i] < 'A' || req->alpha2[i] > 'Z') {
7508 bphy_err(drvr, "not an ISO3166 code (0x%02x 0x%02x)\n",
7509 req->alpha2[0], req->alpha2[1]);
7513 brcmf_dbg(TRACE, "Enter: initiator=%d, alpha=%c%c\n", req->initiator,
7514 req->alpha2[0], req->alpha2[1]);
7516 err = brcmf_fil_iovar_data_get(ifp, "country", &ccreq, sizeof(ccreq));
7518 bphy_err(drvr, "Country code iovar returned err = %d\n", err);
7522 err = brcmf_translate_country_code(ifp->drvr, req->alpha2, &ccreq);
7526 err = brcmf_fil_iovar_data_set(ifp, "country", &ccreq, sizeof(ccreq));
7528 bphy_err(drvr, "Firmware rejected country setting\n");
7531 brcmf_setup_wiphybands(cfg);
7534 static void brcmf_free_wiphy(struct wiphy *wiphy)
7541 if (wiphy->iface_combinations) {
7542 for (i = 0; i < wiphy->n_iface_combinations; i++)
7543 kfree(wiphy->iface_combinations[i].limits);
7545 kfree(wiphy->iface_combinations);
7546 if (wiphy->bands[NL80211_BAND_2GHZ]) {
7547 kfree(wiphy->bands[NL80211_BAND_2GHZ]->channels);
7548 kfree(wiphy->bands[NL80211_BAND_2GHZ]);
7550 if (wiphy->bands[NL80211_BAND_5GHZ]) {
7551 kfree(wiphy->bands[NL80211_BAND_5GHZ]->channels);
7552 kfree(wiphy->bands[NL80211_BAND_5GHZ]);
7554 #if IS_ENABLED(CONFIG_PM)
7555 if (wiphy->wowlan != &brcmf_wowlan_support)
7556 kfree(wiphy->wowlan);
7560 struct brcmf_cfg80211_info *brcmf_cfg80211_attach(struct brcmf_pub *drvr,
7561 struct cfg80211_ops *ops,
7564 struct wiphy *wiphy = drvr->wiphy;
7565 struct net_device *ndev = brcmf_get_ifp(drvr, 0)->ndev;
7566 struct brcmf_cfg80211_info *cfg;
7567 struct brcmf_cfg80211_vif *vif;
7568 struct brcmf_if *ifp;
7574 bphy_err(drvr, "ndev is invalid\n");
7578 cfg = kzalloc(sizeof(*cfg), GFP_KERNEL);
7580 bphy_err(drvr, "Could not allocate wiphy device\n");
7586 init_vif_event(&cfg->vif_event);
7587 INIT_LIST_HEAD(&cfg->vif_list);
7589 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_STATION);
7593 ifp = netdev_priv(ndev);
7595 vif->wdev.netdev = ndev;
7596 ndev->ieee80211_ptr = &vif->wdev;
7597 SET_NETDEV_DEV(ndev, wiphy_dev(cfg->wiphy));
7599 err = wl_init_priv(cfg);
7601 bphy_err(drvr, "Failed to init iwm_priv (%d)\n", err);
7602 brcmf_free_vif(vif);
7607 /* determine d11 io type before wiphy setup */
7608 err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_VERSION, &io_type);
7610 bphy_err(drvr, "Failed to get D11 version (%d)\n", err);
7613 cfg->d11inf.io_type = (u8)io_type;
7614 brcmu_d11_attach(&cfg->d11inf);
7616 /* regulatory notifer below needs access to cfg so
7621 err = brcmf_setup_wiphy(wiphy, ifp);
7625 brcmf_dbg(INFO, "Registering custom regulatory\n");
7626 wiphy->reg_notifier = brcmf_cfg80211_reg_notifier;
7627 wiphy->regulatory_flags |= REGULATORY_CUSTOM_REG;
7628 wiphy_apply_custom_regulatory(wiphy, &brcmf_regdom);
7630 /* firmware defaults to 40MHz disabled in 2G band. We signal
7631 * cfg80211 here that we do and have it decide we can enable
7632 * it. But first check if device does support 2G operation.
7634 if (wiphy->bands[NL80211_BAND_2GHZ]) {
7635 cap = &wiphy->bands[NL80211_BAND_2GHZ]->ht_cap.cap;
7636 *cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
7639 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_GTK))
7640 ops->set_rekey_data = brcmf_cfg80211_set_rekey_data;
7642 err = wiphy_register(wiphy);
7644 bphy_err(drvr, "Could not register wiphy device (%d)\n", err);
7648 err = brcmf_setup_wiphybands(cfg);
7650 bphy_err(drvr, "Setting wiphy bands failed (%d)\n", err);
7651 goto wiphy_unreg_out;
7654 /* If cfg80211 didn't disable 40MHz HT CAP in wiphy_register(),
7655 * setup 40MHz in 2GHz band and enable OBSS scanning.
7657 if (cap && (*cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40)) {
7658 err = brcmf_enable_bw40_2g(cfg);
7660 err = brcmf_fil_iovar_int_set(ifp, "obss_coex",
7661 BRCMF_OBSS_COEX_AUTO);
7663 *cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
7666 err = brcmf_fweh_activate_events(ifp);
7668 bphy_err(drvr, "FWEH activation failed (%d)\n", err);
7669 goto wiphy_unreg_out;
7672 err = brcmf_p2p_attach(cfg, p2pdev_forced);
7674 bphy_err(drvr, "P2P initialisation failed (%d)\n", err);
7675 goto wiphy_unreg_out;
7677 err = brcmf_btcoex_attach(cfg);
7679 bphy_err(drvr, "BT-coex initialisation failed (%d)\n", err);
7680 brcmf_p2p_detach(&cfg->p2p);
7681 goto wiphy_unreg_out;
7683 err = brcmf_pno_attach(cfg);
7685 bphy_err(drvr, "PNO initialisation failed (%d)\n", err);
7686 brcmf_btcoex_detach(cfg);
7687 brcmf_p2p_detach(&cfg->p2p);
7688 goto wiphy_unreg_out;
7691 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_TDLS)) {
7692 err = brcmf_fil_iovar_int_set(ifp, "tdls_enable", 1);
7694 brcmf_dbg(INFO, "TDLS not enabled (%d)\n", err);
7695 wiphy->flags &= ~WIPHY_FLAG_SUPPORTS_TDLS;
7697 brcmf_fweh_register(cfg->pub, BRCMF_E_TDLS_PEER_EVENT,
7698 brcmf_notify_tdls_peer_event);
7702 /* (re-) activate FWEH event handling */
7703 err = brcmf_fweh_activate_events(ifp);
7705 bphy_err(drvr, "FWEH activation failed (%d)\n", err);
7709 /* Fill in some of the advertised nl80211 supported features */
7710 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SCAN_RANDOM_MAC)) {
7711 wiphy->features |= NL80211_FEATURE_SCHED_SCAN_RANDOM_MAC_ADDR;
7713 if (wiphy->wowlan &&
7714 wiphy->wowlan->flags & WIPHY_WOWLAN_NET_DETECT)
7715 wiphy->features |= NL80211_FEATURE_ND_RANDOM_MAC_ADDR;
7722 brcmf_pno_detach(cfg);
7723 brcmf_btcoex_detach(cfg);
7724 brcmf_p2p_detach(&cfg->p2p);
7726 wiphy_unregister(cfg->wiphy);
7728 wl_deinit_priv(cfg);
7729 brcmf_free_vif(vif);
7732 brcmf_free_wiphy(wiphy);
7737 void brcmf_cfg80211_detach(struct brcmf_cfg80211_info *cfg)
7742 brcmf_pno_detach(cfg);
7743 brcmf_btcoex_detach(cfg);
7744 wiphy_unregister(cfg->wiphy);
7745 wl_deinit_priv(cfg);
7746 brcmf_free_wiphy(cfg->wiphy);