1 // SPDX-License-Identifier: ISC
3 * Copyright (c) 2010 Broadcom Corporation
6 /* Toplevel file. Relies on dhd_linux.c to send commands to the dongle. */
8 #include <linux/kernel.h>
9 #include <linux/etherdevice.h>
10 #include <linux/module.h>
11 #include <linux/vmalloc.h>
12 #include <net/cfg80211.h>
13 #include <net/netlink.h>
14 #include <uapi/linux/if_arp.h>
16 #include <brcmu_utils.h>
18 #include <brcmu_wifi.h>
21 #include "tracepoint.h"
22 #include "fwil_types.h"
35 #define BRCMF_SCAN_IE_LEN_MAX 2048
37 #define WPA_OUI "\x00\x50\xF2" /* WPA OUI */
38 #define WPA_OUI_TYPE 1
39 #define RSN_OUI "\x00\x0F\xAC" /* RSN OUI */
40 #define WME_OUI_TYPE 2
41 #define WPS_OUI_TYPE 4
43 #define VS_IE_FIXED_HDR_LEN 6
44 #define WPA_IE_VERSION_LEN 2
45 #define WPA_IE_MIN_OUI_LEN 4
46 #define WPA_IE_SUITE_COUNT_LEN 2
48 #define WPA_CIPHER_NONE 0 /* None */
49 #define WPA_CIPHER_WEP_40 1 /* WEP (40-bit) */
50 #define WPA_CIPHER_TKIP 2 /* TKIP: default for WPA */
51 #define WPA_CIPHER_AES_CCM 4 /* AES (CCM) */
52 #define WPA_CIPHER_WEP_104 5 /* WEP (104-bit) */
54 #define RSN_AKM_NONE 0 /* None (IBSS) */
55 #define RSN_AKM_UNSPECIFIED 1 /* Over 802.1x */
56 #define RSN_AKM_PSK 2 /* Pre-shared Key */
57 #define RSN_AKM_SHA256_1X 5 /* SHA256, 802.1X */
58 #define RSN_AKM_SHA256_PSK 6 /* SHA256, Pre-shared Key */
59 #define RSN_CAP_LEN 2 /* Length of RSN capabilities */
60 #define RSN_CAP_PTK_REPLAY_CNTR_MASK (BIT(2) | BIT(3))
61 #define RSN_CAP_MFPR_MASK BIT(6)
62 #define RSN_CAP_MFPC_MASK BIT(7)
63 #define RSN_PMKID_COUNT_LEN 2
65 #define VNDR_IE_CMD_LEN 4 /* length of the set command
66 * string :"add", "del" (+ NUL)
68 #define VNDR_IE_COUNT_OFFSET 4
69 #define VNDR_IE_PKTFLAG_OFFSET 8
70 #define VNDR_IE_VSIE_OFFSET 12
71 #define VNDR_IE_HDR_SIZE 12
72 #define VNDR_IE_PARSE_LIMIT 5
74 #define DOT11_MGMT_HDR_LEN 24 /* d11 management header len */
75 #define DOT11_BCN_PRB_FIXED_LEN 12 /* beacon/probe fixed length */
77 #define BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS 320
78 #define BRCMF_SCAN_JOIN_PASSIVE_DWELL_TIME_MS 400
79 #define BRCMF_SCAN_JOIN_PROBE_INTERVAL_MS 20
81 #define BRCMF_SCAN_CHANNEL_TIME 40
82 #define BRCMF_SCAN_UNASSOC_TIME 40
83 #define BRCMF_SCAN_PASSIVE_TIME 120
85 #define BRCMF_ND_INFO_TIMEOUT msecs_to_jiffies(2000)
87 #define BRCMF_PS_MAX_TIMEOUT_MS 2000
89 #define BRCMF_ASSOC_PARAMS_FIXED_SIZE \
90 (sizeof(struct brcmf_assoc_params_le) - sizeof(u16))
92 static bool check_vif_up(struct brcmf_cfg80211_vif *vif)
94 if (!test_bit(BRCMF_VIF_STATUS_READY, &vif->sme_state)) {
95 brcmf_dbg(INFO, "device is not ready : status (%lu)\n",
102 #define RATE_TO_BASE100KBPS(rate) (((rate) * 10) / 2)
103 #define RATETAB_ENT(_rateid, _flags) \
105 .bitrate = RATE_TO_BASE100KBPS(_rateid), \
106 .hw_value = (_rateid), \
110 static struct ieee80211_rate __wl_rates[] = {
111 RATETAB_ENT(BRCM_RATE_1M, 0),
112 RATETAB_ENT(BRCM_RATE_2M, IEEE80211_RATE_SHORT_PREAMBLE),
113 RATETAB_ENT(BRCM_RATE_5M5, IEEE80211_RATE_SHORT_PREAMBLE),
114 RATETAB_ENT(BRCM_RATE_11M, IEEE80211_RATE_SHORT_PREAMBLE),
115 RATETAB_ENT(BRCM_RATE_6M, 0),
116 RATETAB_ENT(BRCM_RATE_9M, 0),
117 RATETAB_ENT(BRCM_RATE_12M, 0),
118 RATETAB_ENT(BRCM_RATE_18M, 0),
119 RATETAB_ENT(BRCM_RATE_24M, 0),
120 RATETAB_ENT(BRCM_RATE_36M, 0),
121 RATETAB_ENT(BRCM_RATE_48M, 0),
122 RATETAB_ENT(BRCM_RATE_54M, 0),
125 #define wl_g_rates (__wl_rates + 0)
126 #define wl_g_rates_size ARRAY_SIZE(__wl_rates)
127 #define wl_a_rates (__wl_rates + 4)
128 #define wl_a_rates_size (wl_g_rates_size - 4)
130 #define CHAN2G(_channel, _freq) { \
131 .band = NL80211_BAND_2GHZ, \
132 .center_freq = (_freq), \
133 .hw_value = (_channel), \
134 .max_antenna_gain = 0, \
138 #define CHAN5G(_channel) { \
139 .band = NL80211_BAND_5GHZ, \
140 .center_freq = 5000 + (5 * (_channel)), \
141 .hw_value = (_channel), \
142 .max_antenna_gain = 0, \
146 static struct ieee80211_channel __wl_2ghz_channels[] = {
147 CHAN2G(1, 2412), CHAN2G(2, 2417), CHAN2G(3, 2422), CHAN2G(4, 2427),
148 CHAN2G(5, 2432), CHAN2G(6, 2437), CHAN2G(7, 2442), CHAN2G(8, 2447),
149 CHAN2G(9, 2452), CHAN2G(10, 2457), CHAN2G(11, 2462), CHAN2G(12, 2467),
150 CHAN2G(13, 2472), CHAN2G(14, 2484)
153 static struct ieee80211_channel __wl_5ghz_channels[] = {
154 CHAN5G(34), CHAN5G(36), CHAN5G(38), CHAN5G(40), CHAN5G(42),
155 CHAN5G(44), CHAN5G(46), CHAN5G(48), CHAN5G(52), CHAN5G(56),
156 CHAN5G(60), CHAN5G(64), CHAN5G(100), CHAN5G(104), CHAN5G(108),
157 CHAN5G(112), CHAN5G(116), CHAN5G(120), CHAN5G(124), CHAN5G(128),
158 CHAN5G(132), CHAN5G(136), CHAN5G(140), CHAN5G(144), CHAN5G(149),
159 CHAN5G(153), CHAN5G(157), CHAN5G(161), CHAN5G(165)
162 /* Band templates duplicated per wiphy. The channel info
163 * above is added to the band during setup.
165 static const struct ieee80211_supported_band __wl_band_2ghz = {
166 .band = NL80211_BAND_2GHZ,
167 .bitrates = wl_g_rates,
168 .n_bitrates = wl_g_rates_size,
171 static const struct ieee80211_supported_band __wl_band_5ghz = {
172 .band = NL80211_BAND_5GHZ,
173 .bitrates = wl_a_rates,
174 .n_bitrates = wl_a_rates_size,
177 /* This is to override regulatory domains defined in cfg80211 module (reg.c)
178 * By default world regulatory domain defined in reg.c puts the flags
179 * NL80211_RRF_NO_IR for 5GHz channels (for * 36..48 and 149..165).
180 * With respect to these flags, wpa_supplicant doesn't * start p2p
181 * operations on 5GHz channels. All the changes in world regulatory
182 * domain are to be done here.
184 static const struct ieee80211_regdomain brcmf_regdom = {
188 /* IEEE 802.11b/g, channels 1..11 */
189 REG_RULE(2412-10, 2472+10, 40, 6, 20, 0),
191 /* IEEE 802.11 channel 14 - Only JP enables
192 * this and for 802.11b only
194 REG_RULE(2484-10, 2484+10, 20, 6, 20, 0),
195 /* IEEE 802.11a, channel 36..64 */
196 REG_RULE(5150-10, 5350+10, 160, 6, 20, 0),
197 /* IEEE 802.11a, channel 100..165 */
198 REG_RULE(5470-10, 5850+10, 160, 6, 20, 0), }
201 /* Note: brcmf_cipher_suites is an array of int defining which cipher suites
202 * are supported. A pointer to this array and the number of entries is passed
203 * on to upper layers. AES_CMAC defines whether or not the driver supports MFP.
204 * So the cipher suite AES_CMAC has to be the last one in the array, and when
205 * device does not support MFP then the number of suites will be decreased by 1
207 static const u32 brcmf_cipher_suites[] = {
208 WLAN_CIPHER_SUITE_WEP40,
209 WLAN_CIPHER_SUITE_WEP104,
210 WLAN_CIPHER_SUITE_TKIP,
211 WLAN_CIPHER_SUITE_CCMP,
212 /* Keep as last entry: */
213 WLAN_CIPHER_SUITE_AES_CMAC
216 /* Vendor specific ie. id = 221, oui and type defines exact ie */
217 struct brcmf_vs_tlv {
224 struct parsed_vndr_ie_info {
226 u32 ie_len; /* total length including id & length field */
227 struct brcmf_vs_tlv vndrie;
230 struct parsed_vndr_ies {
232 struct parsed_vndr_ie_info ie_info[VNDR_IE_PARSE_LIMIT];
235 static u8 nl80211_band_to_fwil(enum nl80211_band band)
238 case NL80211_BAND_2GHZ:
240 case NL80211_BAND_5GHZ:
249 static u16 chandef_to_chanspec(struct brcmu_d11inf *d11inf,
250 struct cfg80211_chan_def *ch)
252 struct brcmu_chan ch_inf;
255 brcmf_dbg(TRACE, "chandef: control %d center %d width %d\n",
256 ch->chan->center_freq, ch->center_freq1, ch->width);
257 ch_inf.chnum = ieee80211_frequency_to_channel(ch->center_freq1);
258 primary_offset = ch->chan->center_freq - ch->center_freq1;
260 case NL80211_CHAN_WIDTH_20:
261 case NL80211_CHAN_WIDTH_20_NOHT:
262 ch_inf.bw = BRCMU_CHAN_BW_20;
263 WARN_ON(primary_offset != 0);
265 case NL80211_CHAN_WIDTH_40:
266 ch_inf.bw = BRCMU_CHAN_BW_40;
267 if (primary_offset > 0)
268 ch_inf.sb = BRCMU_CHAN_SB_U;
270 ch_inf.sb = BRCMU_CHAN_SB_L;
272 case NL80211_CHAN_WIDTH_80:
273 ch_inf.bw = BRCMU_CHAN_BW_80;
274 if (primary_offset == -30)
275 ch_inf.sb = BRCMU_CHAN_SB_LL;
276 else if (primary_offset == -10)
277 ch_inf.sb = BRCMU_CHAN_SB_LU;
278 else if (primary_offset == 10)
279 ch_inf.sb = BRCMU_CHAN_SB_UL;
281 ch_inf.sb = BRCMU_CHAN_SB_UU;
283 case NL80211_CHAN_WIDTH_160:
284 ch_inf.bw = BRCMU_CHAN_BW_160;
285 if (primary_offset == -70)
286 ch_inf.sb = BRCMU_CHAN_SB_LLL;
287 else if (primary_offset == -50)
288 ch_inf.sb = BRCMU_CHAN_SB_LLU;
289 else if (primary_offset == -30)
290 ch_inf.sb = BRCMU_CHAN_SB_LUL;
291 else if (primary_offset == -10)
292 ch_inf.sb = BRCMU_CHAN_SB_LUU;
293 else if (primary_offset == 10)
294 ch_inf.sb = BRCMU_CHAN_SB_ULL;
295 else if (primary_offset == 30)
296 ch_inf.sb = BRCMU_CHAN_SB_ULU;
297 else if (primary_offset == 50)
298 ch_inf.sb = BRCMU_CHAN_SB_UUL;
300 ch_inf.sb = BRCMU_CHAN_SB_UUU;
302 case NL80211_CHAN_WIDTH_80P80:
303 case NL80211_CHAN_WIDTH_5:
304 case NL80211_CHAN_WIDTH_10:
308 switch (ch->chan->band) {
309 case NL80211_BAND_2GHZ:
310 ch_inf.band = BRCMU_CHAN_BAND_2G;
312 case NL80211_BAND_5GHZ:
313 ch_inf.band = BRCMU_CHAN_BAND_5G;
315 case NL80211_BAND_60GHZ:
319 d11inf->encchspec(&ch_inf);
321 brcmf_dbg(TRACE, "chanspec: 0x%x\n", ch_inf.chspec);
322 return ch_inf.chspec;
325 u16 channel_to_chanspec(struct brcmu_d11inf *d11inf,
326 struct ieee80211_channel *ch)
328 struct brcmu_chan ch_inf;
330 ch_inf.chnum = ieee80211_frequency_to_channel(ch->center_freq);
331 ch_inf.bw = BRCMU_CHAN_BW_20;
332 d11inf->encchspec(&ch_inf);
334 return ch_inf.chspec;
337 /* Traverse a string of 1-byte tag/1-byte length/variable-length value
338 * triples, returning a pointer to the substring whose first element
341 static const struct brcmf_tlv *
342 brcmf_parse_tlvs(const void *buf, int buflen, uint key)
344 const struct brcmf_tlv *elt = buf;
347 /* find tagged parameter */
348 while (totlen >= TLV_HDR_LEN) {
351 /* validate remaining totlen */
352 if ((elt->id == key) && (totlen >= (len + TLV_HDR_LEN)))
355 elt = (struct brcmf_tlv *)((u8 *)elt + (len + TLV_HDR_LEN));
356 totlen -= (len + TLV_HDR_LEN);
362 /* Is any of the tlvs the expected entry? If
363 * not update the tlvs buffer pointer/length.
366 brcmf_tlv_has_ie(const u8 *ie, const u8 **tlvs, u32 *tlvs_len,
367 const u8 *oui, u32 oui_len, u8 type)
369 /* If the contents match the OUI and the type */
370 if (ie[TLV_LEN_OFF] >= oui_len + 1 &&
371 !memcmp(&ie[TLV_BODY_OFF], oui, oui_len) &&
372 type == ie[TLV_BODY_OFF + oui_len]) {
378 /* point to the next ie */
379 ie += ie[TLV_LEN_OFF] + TLV_HDR_LEN;
380 /* calculate the length of the rest of the buffer */
381 *tlvs_len -= (int)(ie - *tlvs);
382 /* update the pointer to the start of the buffer */
388 static struct brcmf_vs_tlv *
389 brcmf_find_wpaie(const u8 *parse, u32 len)
391 const struct brcmf_tlv *ie;
393 while ((ie = brcmf_parse_tlvs(parse, len, WLAN_EID_VENDOR_SPECIFIC))) {
394 if (brcmf_tlv_has_ie((const u8 *)ie, &parse, &len,
395 WPA_OUI, TLV_OUI_LEN, WPA_OUI_TYPE))
396 return (struct brcmf_vs_tlv *)ie;
401 static struct brcmf_vs_tlv *
402 brcmf_find_wpsie(const u8 *parse, u32 len)
404 const struct brcmf_tlv *ie;
406 while ((ie = brcmf_parse_tlvs(parse, len, WLAN_EID_VENDOR_SPECIFIC))) {
407 if (brcmf_tlv_has_ie((u8 *)ie, &parse, &len,
408 WPA_OUI, TLV_OUI_LEN, WPS_OUI_TYPE))
409 return (struct brcmf_vs_tlv *)ie;
414 static int brcmf_vif_change_validate(struct brcmf_cfg80211_info *cfg,
415 struct brcmf_cfg80211_vif *vif,
416 enum nl80211_iftype new_type)
418 struct brcmf_cfg80211_vif *pos;
419 bool check_combos = false;
421 struct iface_combination_params params = {
422 .num_different_channels = 1,
425 list_for_each_entry(pos, &cfg->vif_list, list)
427 params.iftype_num[new_type]++;
429 /* concurrent interfaces so need check combinations */
431 params.iftype_num[pos->wdev.iftype]++;
435 ret = cfg80211_check_combinations(cfg->wiphy, ¶ms);
440 static int brcmf_vif_add_validate(struct brcmf_cfg80211_info *cfg,
441 enum nl80211_iftype new_type)
443 struct brcmf_cfg80211_vif *pos;
444 struct iface_combination_params params = {
445 .num_different_channels = 1,
448 list_for_each_entry(pos, &cfg->vif_list, list)
449 params.iftype_num[pos->wdev.iftype]++;
451 params.iftype_num[new_type]++;
452 return cfg80211_check_combinations(cfg->wiphy, ¶ms);
455 static void convert_key_from_CPU(struct brcmf_wsec_key *key,
456 struct brcmf_wsec_key_le *key_le)
458 key_le->index = cpu_to_le32(key->index);
459 key_le->len = cpu_to_le32(key->len);
460 key_le->algo = cpu_to_le32(key->algo);
461 key_le->flags = cpu_to_le32(key->flags);
462 key_le->rxiv.hi = cpu_to_le32(key->rxiv.hi);
463 key_le->rxiv.lo = cpu_to_le16(key->rxiv.lo);
464 key_le->iv_initialized = cpu_to_le32(key->iv_initialized);
465 memcpy(key_le->data, key->data, sizeof(key->data));
466 memcpy(key_le->ea, key->ea, sizeof(key->ea));
470 send_key_to_dongle(struct brcmf_if *ifp, struct brcmf_wsec_key *key)
472 struct brcmf_pub *drvr = ifp->drvr;
474 struct brcmf_wsec_key_le key_le;
476 convert_key_from_CPU(key, &key_le);
478 brcmf_netdev_wait_pend8021x(ifp);
480 err = brcmf_fil_bsscfg_data_set(ifp, "wsec_key", &key_le,
484 bphy_err(drvr, "wsec_key error (%d)\n", err);
489 brcmf_cfg80211_update_proto_addr_mode(struct wireless_dev *wdev)
491 struct brcmf_cfg80211_vif *vif;
492 struct brcmf_if *ifp;
494 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
497 if ((wdev->iftype == NL80211_IFTYPE_ADHOC) ||
498 (wdev->iftype == NL80211_IFTYPE_AP) ||
499 (wdev->iftype == NL80211_IFTYPE_P2P_GO))
500 brcmf_proto_configure_addr_mode(ifp->drvr, ifp->ifidx,
503 brcmf_proto_configure_addr_mode(ifp->drvr, ifp->ifidx,
507 static int brcmf_get_first_free_bsscfgidx(struct brcmf_pub *drvr)
511 for (bsscfgidx = 0; bsscfgidx < BRCMF_MAX_IFS; bsscfgidx++) {
512 /* bsscfgidx 1 is reserved for legacy P2P */
515 if (!drvr->iflist[bsscfgidx])
522 static int brcmf_cfg80211_request_ap_if(struct brcmf_if *ifp)
524 struct brcmf_pub *drvr = ifp->drvr;
525 struct brcmf_mbss_ssid_le mbss_ssid_le;
529 memset(&mbss_ssid_le, 0, sizeof(mbss_ssid_le));
530 bsscfgidx = brcmf_get_first_free_bsscfgidx(ifp->drvr);
534 mbss_ssid_le.bsscfgidx = cpu_to_le32(bsscfgidx);
535 mbss_ssid_le.SSID_len = cpu_to_le32(5);
536 sprintf(mbss_ssid_le.SSID, "ssid%d" , bsscfgidx);
538 err = brcmf_fil_bsscfg_data_set(ifp, "bsscfg:ssid", &mbss_ssid_le,
539 sizeof(mbss_ssid_le));
541 bphy_err(drvr, "setting ssid failed %d\n", err);
547 * brcmf_ap_add_vif() - create a new AP virtual interface for multiple BSS
549 * @wiphy: wiphy device of new interface.
550 * @name: name of the new interface.
551 * @params: contains mac address for AP device.
554 struct wireless_dev *brcmf_ap_add_vif(struct wiphy *wiphy, const char *name,
555 struct vif_params *params)
557 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
558 struct brcmf_if *ifp = netdev_priv(cfg_to_ndev(cfg));
559 struct brcmf_pub *drvr = cfg->pub;
560 struct brcmf_cfg80211_vif *vif;
563 if (brcmf_cfg80211_vif_event_armed(cfg))
564 return ERR_PTR(-EBUSY);
566 brcmf_dbg(INFO, "Adding vif \"%s\"\n", name);
568 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_AP);
570 return (struct wireless_dev *)vif;
572 brcmf_cfg80211_arm_vif_event(cfg, vif);
574 err = brcmf_cfg80211_request_ap_if(ifp);
576 brcmf_cfg80211_arm_vif_event(cfg, NULL);
580 /* wait for firmware event */
581 err = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_ADD,
582 BRCMF_VIF_EVENT_TIMEOUT);
583 brcmf_cfg80211_arm_vif_event(cfg, NULL);
585 bphy_err(drvr, "timeout occurred\n");
590 /* interface created in firmware */
593 bphy_err(drvr, "no if pointer provided\n");
598 strncpy(ifp->ndev->name, name, sizeof(ifp->ndev->name) - 1);
599 err = brcmf_net_attach(ifp, true);
601 bphy_err(drvr, "Registering netdevice failed\n");
602 free_netdev(ifp->ndev);
606 return &ifp->vif->wdev;
613 static bool brcmf_is_apmode(struct brcmf_cfg80211_vif *vif)
615 enum nl80211_iftype iftype;
617 iftype = vif->wdev.iftype;
618 return iftype == NL80211_IFTYPE_AP || iftype == NL80211_IFTYPE_P2P_GO;
621 static bool brcmf_is_ibssmode(struct brcmf_cfg80211_vif *vif)
623 return vif->wdev.iftype == NL80211_IFTYPE_ADHOC;
627 * brcmf_mon_add_vif() - create monitor mode virtual interface
629 * @wiphy: wiphy device of new interface.
630 * @name: name of the new interface.
632 static struct wireless_dev *brcmf_mon_add_vif(struct wiphy *wiphy,
635 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
636 struct brcmf_cfg80211_vif *vif;
637 struct net_device *ndev;
638 struct brcmf_if *ifp;
641 if (cfg->pub->mon_if) {
646 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_MONITOR);
652 ndev = alloc_netdev(sizeof(*ifp), name, NET_NAME_UNKNOWN, ether_setup);
657 ndev->type = ARPHRD_IEEE80211_RADIOTAP;
658 ndev->ieee80211_ptr = &vif->wdev;
659 ndev->needs_free_netdev = true;
660 ndev->priv_destructor = brcmf_cfg80211_free_netdev;
661 SET_NETDEV_DEV(ndev, wiphy_dev(cfg->wiphy));
663 ifp = netdev_priv(ndev);
666 ifp->drvr = cfg->pub;
669 vif->wdev.netdev = ndev;
671 err = brcmf_net_mon_attach(ifp);
673 brcmf_err("Failed to attach %s device\n", ndev->name);
678 cfg->pub->mon_if = ifp;
688 static int brcmf_mon_del_vif(struct wiphy *wiphy, struct wireless_dev *wdev)
690 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
691 struct net_device *ndev = wdev->netdev;
693 ndev->netdev_ops->ndo_stop(ndev);
695 brcmf_net_detach(ndev, true);
697 cfg->pub->mon_if = NULL;
702 static struct wireless_dev *brcmf_cfg80211_add_iface(struct wiphy *wiphy,
704 unsigned char name_assign_type,
705 enum nl80211_iftype type,
706 struct vif_params *params)
708 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
709 struct brcmf_pub *drvr = cfg->pub;
710 struct wireless_dev *wdev;
713 brcmf_dbg(TRACE, "enter: %s type %d\n", name, type);
714 err = brcmf_vif_add_validate(wiphy_to_cfg(wiphy), type);
716 bphy_err(drvr, "iface validation failed: err=%d\n", err);
720 case NL80211_IFTYPE_ADHOC:
721 case NL80211_IFTYPE_STATION:
722 case NL80211_IFTYPE_AP_VLAN:
723 case NL80211_IFTYPE_WDS:
724 case NL80211_IFTYPE_MESH_POINT:
725 return ERR_PTR(-EOPNOTSUPP);
726 case NL80211_IFTYPE_MONITOR:
727 return brcmf_mon_add_vif(wiphy, name);
728 case NL80211_IFTYPE_AP:
729 wdev = brcmf_ap_add_vif(wiphy, name, params);
731 case NL80211_IFTYPE_P2P_CLIENT:
732 case NL80211_IFTYPE_P2P_GO:
733 case NL80211_IFTYPE_P2P_DEVICE:
734 wdev = brcmf_p2p_add_vif(wiphy, name, name_assign_type, type, params);
736 case NL80211_IFTYPE_UNSPECIFIED:
738 return ERR_PTR(-EINVAL);
742 bphy_err(drvr, "add iface %s type %d failed: err=%d\n", name,
743 type, (int)PTR_ERR(wdev));
745 brcmf_cfg80211_update_proto_addr_mode(wdev);
750 static void brcmf_scan_config_mpc(struct brcmf_if *ifp, int mpc)
752 if (brcmf_feat_is_quirk_enabled(ifp, BRCMF_FEAT_QUIRK_NEED_MPC))
753 brcmf_set_mpc(ifp, mpc);
756 void brcmf_set_mpc(struct brcmf_if *ifp, int mpc)
758 struct brcmf_pub *drvr = ifp->drvr;
761 if (check_vif_up(ifp->vif)) {
762 err = brcmf_fil_iovar_int_set(ifp, "mpc", mpc);
764 bphy_err(drvr, "fail to set mpc\n");
767 brcmf_dbg(INFO, "MPC : %d\n", mpc);
771 s32 brcmf_notify_escan_complete(struct brcmf_cfg80211_info *cfg,
772 struct brcmf_if *ifp, bool aborted,
775 struct brcmf_pub *drvr = cfg->pub;
776 struct brcmf_scan_params_le params_le;
777 struct cfg80211_scan_request *scan_request;
782 brcmf_dbg(SCAN, "Enter\n");
784 /* clear scan request, because the FW abort can cause a second call */
785 /* to this functon and might cause a double cfg80211_scan_done */
786 scan_request = cfg->scan_request;
787 cfg->scan_request = NULL;
789 if (timer_pending(&cfg->escan_timeout))
790 del_timer_sync(&cfg->escan_timeout);
793 /* Do a scan abort to stop the driver's scan engine */
794 brcmf_dbg(SCAN, "ABORT scan in firmware\n");
795 memset(¶ms_le, 0, sizeof(params_le));
796 eth_broadcast_addr(params_le.bssid);
797 params_le.bss_type = DOT11_BSSTYPE_ANY;
798 params_le.scan_type = 0;
799 params_le.channel_num = cpu_to_le32(1);
800 params_le.nprobes = cpu_to_le32(1);
801 params_le.active_time = cpu_to_le32(-1);
802 params_le.passive_time = cpu_to_le32(-1);
803 params_le.home_time = cpu_to_le32(-1);
804 /* Scan is aborted by setting channel_list[0] to -1 */
805 params_le.channel_list[0] = cpu_to_le16(-1);
806 /* E-Scan (or anyother type) can be aborted by SCAN */
807 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SCAN,
808 ¶ms_le, sizeof(params_le));
810 bphy_err(drvr, "Scan abort failed\n");
813 brcmf_scan_config_mpc(ifp, 1);
816 * e-scan can be initiated internally
817 * which takes precedence.
819 if (cfg->int_escan_map) {
820 brcmf_dbg(SCAN, "scheduled scan completed (%x)\n",
822 while (cfg->int_escan_map) {
823 bucket = __ffs(cfg->int_escan_map);
824 cfg->int_escan_map &= ~BIT(bucket);
825 reqid = brcmf_pno_find_reqid_by_bucket(cfg->pno,
828 brcmf_dbg(SCAN, "report results: reqid=%llu\n",
830 cfg80211_sched_scan_results(cfg_to_wiphy(cfg),
834 } else if (scan_request) {
835 struct cfg80211_scan_info info = {
839 brcmf_dbg(SCAN, "ESCAN Completed scan: %s\n",
840 aborted ? "Aborted" : "Done");
841 cfg80211_scan_done(scan_request, &info);
843 if (!test_and_clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status))
844 brcmf_dbg(SCAN, "Scan complete, probably P2P scan\n");
849 static int brcmf_cfg80211_del_ap_iface(struct wiphy *wiphy,
850 struct wireless_dev *wdev)
852 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
853 struct net_device *ndev = wdev->netdev;
854 struct brcmf_if *ifp = netdev_priv(ndev);
855 struct brcmf_pub *drvr = cfg->pub;
859 brcmf_cfg80211_arm_vif_event(cfg, ifp->vif);
861 err = brcmf_fil_bsscfg_data_set(ifp, "interface_remove", NULL, 0);
863 bphy_err(drvr, "interface_remove failed %d\n", err);
867 /* wait for firmware event */
868 ret = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_DEL,
869 BRCMF_VIF_EVENT_TIMEOUT);
871 bphy_err(drvr, "timeout occurred\n");
876 brcmf_remove_interface(ifp, true);
879 brcmf_cfg80211_arm_vif_event(cfg, NULL);
884 int brcmf_cfg80211_del_iface(struct wiphy *wiphy, struct wireless_dev *wdev)
886 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
887 struct net_device *ndev = wdev->netdev;
889 if (ndev && ndev == cfg_to_ndev(cfg))
892 /* vif event pending in firmware */
893 if (brcmf_cfg80211_vif_event_armed(cfg))
897 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status) &&
898 cfg->escan_info.ifp == netdev_priv(ndev))
899 brcmf_notify_escan_complete(cfg, netdev_priv(ndev),
902 brcmf_fil_iovar_int_set(netdev_priv(ndev), "mpc", 1);
905 switch (wdev->iftype) {
906 case NL80211_IFTYPE_ADHOC:
907 case NL80211_IFTYPE_STATION:
908 case NL80211_IFTYPE_AP_VLAN:
909 case NL80211_IFTYPE_WDS:
910 case NL80211_IFTYPE_MESH_POINT:
912 case NL80211_IFTYPE_MONITOR:
913 return brcmf_mon_del_vif(wiphy, wdev);
914 case NL80211_IFTYPE_AP:
915 return brcmf_cfg80211_del_ap_iface(wiphy, wdev);
916 case NL80211_IFTYPE_P2P_CLIENT:
917 case NL80211_IFTYPE_P2P_GO:
918 case NL80211_IFTYPE_P2P_DEVICE:
919 return brcmf_p2p_del_vif(wiphy, wdev);
920 case NL80211_IFTYPE_UNSPECIFIED:
928 brcmf_cfg80211_change_iface(struct wiphy *wiphy, struct net_device *ndev,
929 enum nl80211_iftype type,
930 struct vif_params *params)
932 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
933 struct brcmf_if *ifp = netdev_priv(ndev);
934 struct brcmf_cfg80211_vif *vif = ifp->vif;
935 struct brcmf_pub *drvr = cfg->pub;
940 brcmf_dbg(TRACE, "Enter, bsscfgidx=%d, type=%d\n", ifp->bsscfgidx,
943 /* WAR: There are a number of p2p interface related problems which
944 * need to be handled initially (before doing the validate).
945 * wpa_supplicant tends to do iface changes on p2p device/client/go
946 * which are not always possible/allowed. However we need to return
947 * OK otherwise the wpa_supplicant wont start. The situation differs
948 * on configuration and setup (p2pon=1 module param). The first check
949 * is to see if the request is a change to station for p2p iface.
951 if ((type == NL80211_IFTYPE_STATION) &&
952 ((vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT) ||
953 (vif->wdev.iftype == NL80211_IFTYPE_P2P_GO) ||
954 (vif->wdev.iftype == NL80211_IFTYPE_P2P_DEVICE))) {
955 brcmf_dbg(TRACE, "Ignoring cmd for p2p if\n");
956 /* Now depending on whether module param p2pon=1 was used the
957 * response needs to be either 0 or EOPNOTSUPP. The reason is
958 * that if p2pon=1 is used, but a newer supplicant is used then
959 * we should return an error, as this combination wont work.
960 * In other situations 0 is returned and supplicant will start
961 * normally. It will give a trace in cfg80211, but it is the
962 * only way to get it working. Unfortunately this will result
963 * in situation where we wont support new supplicant in
964 * combination with module param p2pon=1, but that is the way
965 * it is. If the user tries this then unloading of driver might
968 if (cfg->p2p.p2pdev_dynamically)
973 err = brcmf_vif_change_validate(wiphy_to_cfg(wiphy), vif, type);
975 bphy_err(drvr, "iface validation failed: err=%d\n", err);
979 case NL80211_IFTYPE_MONITOR:
980 case NL80211_IFTYPE_WDS:
981 bphy_err(drvr, "type (%d) : currently we do not support this type\n",
984 case NL80211_IFTYPE_ADHOC:
987 case NL80211_IFTYPE_STATION:
990 case NL80211_IFTYPE_AP:
991 case NL80211_IFTYPE_P2P_GO:
1000 if (type == NL80211_IFTYPE_P2P_GO) {
1001 brcmf_dbg(INFO, "IF Type = P2P GO\n");
1002 err = brcmf_p2p_ifchange(cfg, BRCMF_FIL_P2P_IF_GO);
1005 brcmf_dbg(INFO, "IF Type = AP\n");
1008 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_INFRA, infra);
1010 bphy_err(drvr, "WLC_SET_INFRA error (%d)\n", err);
1014 brcmf_dbg(INFO, "IF Type = %s\n", brcmf_is_ibssmode(vif) ?
1017 ndev->ieee80211_ptr->iftype = type;
1019 brcmf_cfg80211_update_proto_addr_mode(&vif->wdev);
1022 brcmf_dbg(TRACE, "Exit\n");
1027 static void brcmf_escan_prep(struct brcmf_cfg80211_info *cfg,
1028 struct brcmf_scan_params_le *params_le,
1029 struct cfg80211_scan_request *request)
1037 struct brcmf_ssid_le ssid_le;
1039 eth_broadcast_addr(params_le->bssid);
1040 params_le->bss_type = DOT11_BSSTYPE_ANY;
1041 params_le->scan_type = BRCMF_SCANTYPE_ACTIVE;
1042 params_le->channel_num = 0;
1043 params_le->nprobes = cpu_to_le32(-1);
1044 params_le->active_time = cpu_to_le32(-1);
1045 params_le->passive_time = cpu_to_le32(-1);
1046 params_le->home_time = cpu_to_le32(-1);
1047 memset(¶ms_le->ssid_le, 0, sizeof(params_le->ssid_le));
1049 n_ssids = request->n_ssids;
1050 n_channels = request->n_channels;
1052 /* Copy channel array if applicable */
1053 brcmf_dbg(SCAN, "### List of channelspecs to scan ### %d\n",
1055 if (n_channels > 0) {
1056 for (i = 0; i < n_channels; i++) {
1057 chanspec = channel_to_chanspec(&cfg->d11inf,
1058 request->channels[i]);
1059 brcmf_dbg(SCAN, "Chan : %d, Channel spec: %x\n",
1060 request->channels[i]->hw_value, chanspec);
1061 params_le->channel_list[i] = cpu_to_le16(chanspec);
1064 brcmf_dbg(SCAN, "Scanning all channels\n");
1066 /* Copy ssid array if applicable */
1067 brcmf_dbg(SCAN, "### List of SSIDs to scan ### %d\n", n_ssids);
1069 offset = offsetof(struct brcmf_scan_params_le, channel_list) +
1070 n_channels * sizeof(u16);
1071 offset = roundup(offset, sizeof(u32));
1072 ptr = (char *)params_le + offset;
1073 for (i = 0; i < n_ssids; i++) {
1074 memset(&ssid_le, 0, sizeof(ssid_le));
1076 cpu_to_le32(request->ssids[i].ssid_len);
1077 memcpy(ssid_le.SSID, request->ssids[i].ssid,
1078 request->ssids[i].ssid_len);
1079 if (!ssid_le.SSID_len)
1080 brcmf_dbg(SCAN, "%d: Broadcast scan\n", i);
1082 brcmf_dbg(SCAN, "%d: scan for %.32s size=%d\n",
1083 i, ssid_le.SSID, ssid_le.SSID_len);
1084 memcpy(ptr, &ssid_le, sizeof(ssid_le));
1085 ptr += sizeof(ssid_le);
1088 brcmf_dbg(SCAN, "Performing passive scan\n");
1089 params_le->scan_type = BRCMF_SCANTYPE_PASSIVE;
1091 /* Adding mask to channel numbers */
1092 params_le->channel_num =
1093 cpu_to_le32((n_ssids << BRCMF_SCAN_PARAMS_NSSID_SHIFT) |
1094 (n_channels & BRCMF_SCAN_PARAMS_COUNT_MASK));
1098 brcmf_run_escan(struct brcmf_cfg80211_info *cfg, struct brcmf_if *ifp,
1099 struct cfg80211_scan_request *request)
1101 struct brcmf_pub *drvr = cfg->pub;
1102 s32 params_size = BRCMF_SCAN_PARAMS_FIXED_SIZE +
1103 offsetof(struct brcmf_escan_params_le, params_le);
1104 struct brcmf_escan_params_le *params;
1107 brcmf_dbg(SCAN, "E-SCAN START\n");
1109 if (request != NULL) {
1110 /* Allocate space for populating ssids in struct */
1111 params_size += sizeof(u32) * ((request->n_channels + 1) / 2);
1113 /* Allocate space for populating ssids in struct */
1114 params_size += sizeof(struct brcmf_ssid_le) * request->n_ssids;
1117 params = kzalloc(params_size, GFP_KERNEL);
1122 BUG_ON(params_size + sizeof("escan") >= BRCMF_DCMD_MEDLEN);
1123 brcmf_escan_prep(cfg, ¶ms->params_le, request);
1124 params->version = cpu_to_le32(BRCMF_ESCAN_REQ_VERSION);
1125 params->action = cpu_to_le16(WL_ESCAN_ACTION_START);
1126 params->sync_id = cpu_to_le16(0x1234);
1128 err = brcmf_fil_iovar_data_set(ifp, "escan", params, params_size);
1131 brcmf_dbg(INFO, "system busy : escan canceled\n");
1133 bphy_err(drvr, "error (%d)\n", err);
1142 brcmf_do_escan(struct brcmf_if *ifp, struct cfg80211_scan_request *request)
1144 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
1146 struct brcmf_scan_results *results;
1147 struct escan_info *escan = &cfg->escan_info;
1149 brcmf_dbg(SCAN, "Enter\n");
1151 escan->wiphy = cfg->wiphy;
1152 escan->escan_state = WL_ESCAN_STATE_SCANNING;
1154 brcmf_scan_config_mpc(ifp, 0);
1155 results = (struct brcmf_scan_results *)cfg->escan_info.escan_buf;
1156 results->version = 0;
1158 results->buflen = WL_ESCAN_RESULTS_FIXED_SIZE;
1160 err = escan->run(cfg, ifp, request);
1162 brcmf_scan_config_mpc(ifp, 1);
1167 brcmf_cfg80211_scan(struct wiphy *wiphy, struct cfg80211_scan_request *request)
1169 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1170 struct brcmf_pub *drvr = cfg->pub;
1171 struct brcmf_cfg80211_vif *vif;
1174 brcmf_dbg(TRACE, "Enter\n");
1175 vif = container_of(request->wdev, struct brcmf_cfg80211_vif, wdev);
1176 if (!check_vif_up(vif))
1179 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
1180 bphy_err(drvr, "Scanning already: status (%lu)\n",
1184 if (test_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status)) {
1185 bphy_err(drvr, "Scanning being aborted: status (%lu)\n",
1189 if (test_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status)) {
1190 bphy_err(drvr, "Scanning suppressed: status (%lu)\n",
1194 if (test_bit(BRCMF_VIF_STATUS_CONNECTING, &vif->sme_state)) {
1195 bphy_err(drvr, "Connecting: status (%lu)\n", vif->sme_state);
1199 /* If scan req comes for p2p0, send it over primary I/F */
1200 if (vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif)
1201 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif;
1203 brcmf_dbg(SCAN, "START ESCAN\n");
1205 cfg->scan_request = request;
1206 set_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
1208 cfg->escan_info.run = brcmf_run_escan;
1209 err = brcmf_p2p_scan_prep(wiphy, request, vif);
1213 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_PRBREQ_FLAG,
1214 request->ie, request->ie_len);
1218 err = brcmf_do_escan(vif->ifp, request);
1222 /* Arm scan timeout timer */
1223 mod_timer(&cfg->escan_timeout,
1224 jiffies + msecs_to_jiffies(BRCMF_ESCAN_TIMER_INTERVAL_MS));
1229 bphy_err(drvr, "scan error (%d)\n", err);
1230 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
1231 cfg->scan_request = NULL;
1235 static s32 brcmf_set_rts(struct net_device *ndev, u32 rts_threshold)
1237 struct brcmf_if *ifp = netdev_priv(ndev);
1238 struct brcmf_pub *drvr = ifp->drvr;
1241 err = brcmf_fil_iovar_int_set(ifp, "rtsthresh", rts_threshold);
1243 bphy_err(drvr, "Error (%d)\n", err);
1248 static s32 brcmf_set_frag(struct net_device *ndev, u32 frag_threshold)
1250 struct brcmf_if *ifp = netdev_priv(ndev);
1251 struct brcmf_pub *drvr = ifp->drvr;
1254 err = brcmf_fil_iovar_int_set(ifp, "fragthresh",
1257 bphy_err(drvr, "Error (%d)\n", err);
1262 static s32 brcmf_set_retry(struct net_device *ndev, u32 retry, bool l)
1264 struct brcmf_if *ifp = netdev_priv(ndev);
1265 struct brcmf_pub *drvr = ifp->drvr;
1267 u32 cmd = (l ? BRCMF_C_SET_LRL : BRCMF_C_SET_SRL);
1269 err = brcmf_fil_cmd_int_set(ifp, cmd, retry);
1271 bphy_err(drvr, "cmd (%d) , error (%d)\n", cmd, err);
1277 static s32 brcmf_cfg80211_set_wiphy_params(struct wiphy *wiphy, u32 changed)
1279 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1280 struct net_device *ndev = cfg_to_ndev(cfg);
1281 struct brcmf_if *ifp = netdev_priv(ndev);
1284 brcmf_dbg(TRACE, "Enter\n");
1285 if (!check_vif_up(ifp->vif))
1288 if (changed & WIPHY_PARAM_RTS_THRESHOLD &&
1289 (cfg->conf->rts_threshold != wiphy->rts_threshold)) {
1290 cfg->conf->rts_threshold = wiphy->rts_threshold;
1291 err = brcmf_set_rts(ndev, cfg->conf->rts_threshold);
1295 if (changed & WIPHY_PARAM_FRAG_THRESHOLD &&
1296 (cfg->conf->frag_threshold != wiphy->frag_threshold)) {
1297 cfg->conf->frag_threshold = wiphy->frag_threshold;
1298 err = brcmf_set_frag(ndev, cfg->conf->frag_threshold);
1302 if (changed & WIPHY_PARAM_RETRY_LONG
1303 && (cfg->conf->retry_long != wiphy->retry_long)) {
1304 cfg->conf->retry_long = wiphy->retry_long;
1305 err = brcmf_set_retry(ndev, cfg->conf->retry_long, true);
1309 if (changed & WIPHY_PARAM_RETRY_SHORT
1310 && (cfg->conf->retry_short != wiphy->retry_short)) {
1311 cfg->conf->retry_short = wiphy->retry_short;
1312 err = brcmf_set_retry(ndev, cfg->conf->retry_short, false);
1318 brcmf_dbg(TRACE, "Exit\n");
1322 static void brcmf_init_prof(struct brcmf_cfg80211_profile *prof)
1324 memset(prof, 0, sizeof(*prof));
1327 static u16 brcmf_map_fw_linkdown_reason(const struct brcmf_event_msg *e)
1331 switch (e->event_code) {
1332 case BRCMF_E_DEAUTH:
1333 case BRCMF_E_DEAUTH_IND:
1334 case BRCMF_E_DISASSOC_IND:
1345 static int brcmf_set_pmk(struct brcmf_if *ifp, const u8 *pmk_data, u16 pmk_len)
1347 struct brcmf_pub *drvr = ifp->drvr;
1348 struct brcmf_wsec_pmk_le pmk;
1351 /* convert to firmware key format */
1352 pmk.key_len = cpu_to_le16(pmk_len << 1);
1353 pmk.flags = cpu_to_le16(BRCMF_WSEC_PASSPHRASE);
1354 for (i = 0; i < pmk_len; i++)
1355 snprintf(&pmk.key[2 * i], 3, "%02x", pmk_data[i]);
1357 /* store psk in firmware */
1358 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_WSEC_PMK,
1361 bphy_err(drvr, "failed to change PSK in firmware (len=%u)\n",
1367 static int brcmf_set_sae_password(struct brcmf_if *ifp, const u8 *pwd_data,
1370 struct brcmf_pub *drvr = ifp->drvr;
1371 struct brcmf_wsec_sae_pwd_le sae_pwd;
1374 if (pwd_len > BRCMF_WSEC_MAX_SAE_PASSWORD_LEN) {
1375 bphy_err(drvr, "sae_password must be less than %d\n",
1376 BRCMF_WSEC_MAX_SAE_PASSWORD_LEN);
1380 sae_pwd.key_len = cpu_to_le16(pwd_len);
1381 memcpy(sae_pwd.key, pwd_data, pwd_len);
1383 err = brcmf_fil_iovar_data_set(ifp, "sae_password", &sae_pwd,
1386 bphy_err(drvr, "failed to set SAE password in firmware (len=%u)\n",
1392 static void brcmf_link_down(struct brcmf_cfg80211_vif *vif, u16 reason,
1393 bool locally_generated)
1395 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(vif->wdev.wiphy);
1396 struct brcmf_pub *drvr = cfg->pub;
1397 bool bus_up = drvr->bus_if->state == BRCMF_BUS_UP;
1400 brcmf_dbg(TRACE, "Enter\n");
1402 if (test_and_clear_bit(BRCMF_VIF_STATUS_CONNECTED, &vif->sme_state)) {
1404 brcmf_dbg(INFO, "Call WLC_DISASSOC to stop excess roaming\n");
1405 err = brcmf_fil_cmd_data_set(vif->ifp,
1406 BRCMF_C_DISASSOC, NULL, 0);
1408 bphy_err(drvr, "WLC_DISASSOC failed (%d)\n",
1412 if ((vif->wdev.iftype == NL80211_IFTYPE_STATION) ||
1413 (vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT))
1414 cfg80211_disconnected(vif->wdev.netdev, reason, NULL, 0,
1415 locally_generated, GFP_KERNEL);
1417 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &vif->sme_state);
1418 clear_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
1419 brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_ENABLED, 0);
1420 if (vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
1422 brcmf_set_pmk(vif->ifp, NULL, 0);
1423 vif->profile.use_fwsup = BRCMF_PROFILE_FWSUP_NONE;
1425 brcmf_dbg(TRACE, "Exit\n");
1429 brcmf_cfg80211_join_ibss(struct wiphy *wiphy, struct net_device *ndev,
1430 struct cfg80211_ibss_params *params)
1432 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1433 struct brcmf_if *ifp = netdev_priv(ndev);
1434 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
1435 struct brcmf_pub *drvr = cfg->pub;
1436 struct brcmf_join_params join_params;
1437 size_t join_params_size = 0;
1444 brcmf_dbg(TRACE, "Enter\n");
1445 if (!check_vif_up(ifp->vif))
1449 brcmf_dbg(CONN, "SSID: %s\n", params->ssid);
1451 brcmf_dbg(CONN, "SSID: NULL, Not supported\n");
1455 set_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
1458 brcmf_dbg(CONN, "BSSID: %pM\n", params->bssid);
1460 brcmf_dbg(CONN, "No BSSID specified\n");
1462 if (params->chandef.chan)
1463 brcmf_dbg(CONN, "channel: %d\n",
1464 params->chandef.chan->center_freq);
1466 brcmf_dbg(CONN, "no channel specified\n");
1468 if (params->channel_fixed)
1469 brcmf_dbg(CONN, "fixed channel required\n");
1471 brcmf_dbg(CONN, "no fixed channel required\n");
1473 if (params->ie && params->ie_len)
1474 brcmf_dbg(CONN, "ie len: %d\n", params->ie_len);
1476 brcmf_dbg(CONN, "no ie specified\n");
1478 if (params->beacon_interval)
1479 brcmf_dbg(CONN, "beacon interval: %d\n",
1480 params->beacon_interval);
1482 brcmf_dbg(CONN, "no beacon interval specified\n");
1484 if (params->basic_rates)
1485 brcmf_dbg(CONN, "basic rates: %08X\n", params->basic_rates);
1487 brcmf_dbg(CONN, "no basic rates specified\n");
1489 if (params->privacy)
1490 brcmf_dbg(CONN, "privacy required\n");
1492 brcmf_dbg(CONN, "no privacy required\n");
1494 /* Configure Privacy for starter */
1495 if (params->privacy)
1496 wsec |= WEP_ENABLED;
1498 err = brcmf_fil_iovar_int_set(ifp, "wsec", wsec);
1500 bphy_err(drvr, "wsec failed (%d)\n", err);
1504 /* Configure Beacon Interval for starter */
1505 if (params->beacon_interval)
1506 bcnprd = params->beacon_interval;
1510 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_BCNPRD, bcnprd);
1512 bphy_err(drvr, "WLC_SET_BCNPRD failed (%d)\n", err);
1516 /* Configure required join parameter */
1517 memset(&join_params, 0, sizeof(struct brcmf_join_params));
1520 ssid_len = min_t(u32, params->ssid_len, IEEE80211_MAX_SSID_LEN);
1521 memcpy(join_params.ssid_le.SSID, params->ssid, ssid_len);
1522 join_params.ssid_le.SSID_len = cpu_to_le32(ssid_len);
1523 join_params_size = sizeof(join_params.ssid_le);
1526 if (params->bssid) {
1527 memcpy(join_params.params_le.bssid, params->bssid, ETH_ALEN);
1528 join_params_size += BRCMF_ASSOC_PARAMS_FIXED_SIZE;
1529 memcpy(profile->bssid, params->bssid, ETH_ALEN);
1531 eth_broadcast_addr(join_params.params_le.bssid);
1532 eth_zero_addr(profile->bssid);
1536 if (params->chandef.chan) {
1540 ieee80211_frequency_to_channel(
1541 params->chandef.chan->center_freq);
1542 if (params->channel_fixed) {
1543 /* adding chanspec */
1544 chanspec = chandef_to_chanspec(&cfg->d11inf,
1546 join_params.params_le.chanspec_list[0] =
1547 cpu_to_le16(chanspec);
1548 join_params.params_le.chanspec_num = cpu_to_le32(1);
1549 join_params_size += sizeof(join_params.params_le);
1552 /* set channel for starter */
1553 target_channel = cfg->channel;
1554 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_CHANNEL,
1557 bphy_err(drvr, "WLC_SET_CHANNEL failed (%d)\n", err);
1563 cfg->ibss_starter = false;
1566 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
1567 &join_params, join_params_size);
1569 bphy_err(drvr, "WLC_SET_SSID failed (%d)\n", err);
1575 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
1576 brcmf_dbg(TRACE, "Exit\n");
1581 brcmf_cfg80211_leave_ibss(struct wiphy *wiphy, struct net_device *ndev)
1583 struct brcmf_if *ifp = netdev_priv(ndev);
1585 brcmf_dbg(TRACE, "Enter\n");
1586 if (!check_vif_up(ifp->vif)) {
1587 /* When driver is being unloaded, it can end up here. If an
1588 * error is returned then later on a debug trace in the wireless
1589 * core module will be printed. To avoid this 0 is returned.
1594 brcmf_link_down(ifp->vif, WLAN_REASON_DEAUTH_LEAVING, true);
1595 brcmf_net_setcarrier(ifp, false);
1597 brcmf_dbg(TRACE, "Exit\n");
1602 static s32 brcmf_set_wpa_version(struct net_device *ndev,
1603 struct cfg80211_connect_params *sme)
1605 struct brcmf_if *ifp = netdev_priv(ndev);
1606 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1607 struct brcmf_pub *drvr = ifp->drvr;
1608 struct brcmf_cfg80211_security *sec;
1612 if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_1)
1613 val = WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED;
1614 else if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_2)
1615 val = WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED;
1616 else if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_3)
1617 val = WPA3_AUTH_SAE_PSK;
1619 val = WPA_AUTH_DISABLED;
1620 brcmf_dbg(CONN, "setting wpa_auth to 0x%0x\n", val);
1621 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", val);
1623 bphy_err(drvr, "set wpa_auth failed (%d)\n", err);
1626 sec = &profile->sec;
1627 sec->wpa_versions = sme->crypto.wpa_versions;
1631 static s32 brcmf_set_auth_type(struct net_device *ndev,
1632 struct cfg80211_connect_params *sme)
1634 struct brcmf_if *ifp = netdev_priv(ndev);
1635 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1636 struct brcmf_pub *drvr = ifp->drvr;
1637 struct brcmf_cfg80211_security *sec;
1641 switch (sme->auth_type) {
1642 case NL80211_AUTHTYPE_OPEN_SYSTEM:
1644 brcmf_dbg(CONN, "open system\n");
1646 case NL80211_AUTHTYPE_SHARED_KEY:
1648 brcmf_dbg(CONN, "shared key\n");
1650 case NL80211_AUTHTYPE_SAE:
1652 brcmf_dbg(CONN, "SAE authentication\n");
1656 brcmf_dbg(CONN, "automatic, auth type (%d)\n", sme->auth_type);
1660 err = brcmf_fil_bsscfg_int_set(ifp, "auth", val);
1662 bphy_err(drvr, "set auth failed (%d)\n", err);
1665 sec = &profile->sec;
1666 sec->auth_type = sme->auth_type;
1671 brcmf_set_wsec_mode(struct net_device *ndev,
1672 struct cfg80211_connect_params *sme)
1674 struct brcmf_if *ifp = netdev_priv(ndev);
1675 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1676 struct brcmf_pub *drvr = ifp->drvr;
1677 struct brcmf_cfg80211_security *sec;
1683 if (sme->crypto.n_ciphers_pairwise) {
1684 switch (sme->crypto.ciphers_pairwise[0]) {
1685 case WLAN_CIPHER_SUITE_WEP40:
1686 case WLAN_CIPHER_SUITE_WEP104:
1689 case WLAN_CIPHER_SUITE_TKIP:
1690 pval = TKIP_ENABLED;
1692 case WLAN_CIPHER_SUITE_CCMP:
1695 case WLAN_CIPHER_SUITE_AES_CMAC:
1699 bphy_err(drvr, "invalid cipher pairwise (%d)\n",
1700 sme->crypto.ciphers_pairwise[0]);
1704 if (sme->crypto.cipher_group) {
1705 switch (sme->crypto.cipher_group) {
1706 case WLAN_CIPHER_SUITE_WEP40:
1707 case WLAN_CIPHER_SUITE_WEP104:
1710 case WLAN_CIPHER_SUITE_TKIP:
1711 gval = TKIP_ENABLED;
1713 case WLAN_CIPHER_SUITE_CCMP:
1716 case WLAN_CIPHER_SUITE_AES_CMAC:
1720 bphy_err(drvr, "invalid cipher group (%d)\n",
1721 sme->crypto.cipher_group);
1726 brcmf_dbg(CONN, "pval (%d) gval (%d)\n", pval, gval);
1727 /* In case of privacy, but no security and WPS then simulate */
1728 /* setting AES. WPS-2.0 allows no security */
1729 if (brcmf_find_wpsie(sme->ie, sme->ie_len) && !pval && !gval &&
1734 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
1736 bphy_err(drvr, "error (%d)\n", err);
1740 sec = &profile->sec;
1741 sec->cipher_pairwise = sme->crypto.ciphers_pairwise[0];
1742 sec->cipher_group = sme->crypto.cipher_group;
1748 brcmf_set_key_mgmt(struct net_device *ndev, struct cfg80211_connect_params *sme)
1750 struct brcmf_if *ifp = netdev_priv(ndev);
1751 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
1752 struct brcmf_pub *drvr = ifp->drvr;
1755 const struct brcmf_tlv *rsn_ie;
1763 profile->use_fwsup = BRCMF_PROFILE_FWSUP_NONE;
1764 profile->is_ft = false;
1766 if (!sme->crypto.n_akm_suites)
1769 err = brcmf_fil_bsscfg_int_get(netdev_priv(ndev), "wpa_auth", &val);
1771 bphy_err(drvr, "could not get wpa_auth (%d)\n", err);
1774 if (val & (WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED)) {
1775 switch (sme->crypto.akm_suites[0]) {
1776 case WLAN_AKM_SUITE_8021X:
1777 val = WPA_AUTH_UNSPECIFIED;
1779 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1781 case WLAN_AKM_SUITE_PSK:
1785 bphy_err(drvr, "invalid cipher group (%d)\n",
1786 sme->crypto.cipher_group);
1789 } else if (val & (WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED)) {
1790 switch (sme->crypto.akm_suites[0]) {
1791 case WLAN_AKM_SUITE_8021X:
1792 val = WPA2_AUTH_UNSPECIFIED;
1794 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1796 case WLAN_AKM_SUITE_8021X_SHA256:
1797 val = WPA2_AUTH_1X_SHA256;
1799 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1801 case WLAN_AKM_SUITE_PSK_SHA256:
1802 val = WPA2_AUTH_PSK_SHA256;
1804 case WLAN_AKM_SUITE_PSK:
1805 val = WPA2_AUTH_PSK;
1807 case WLAN_AKM_SUITE_FT_8021X:
1808 val = WPA2_AUTH_UNSPECIFIED | WPA2_AUTH_FT;
1809 profile->is_ft = true;
1811 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1813 case WLAN_AKM_SUITE_FT_PSK:
1814 val = WPA2_AUTH_PSK | WPA2_AUTH_FT;
1815 profile->is_ft = true;
1818 bphy_err(drvr, "invalid cipher group (%d)\n",
1819 sme->crypto.cipher_group);
1822 } else if (val & WPA3_AUTH_SAE_PSK) {
1823 switch (sme->crypto.akm_suites[0]) {
1824 case WLAN_AKM_SUITE_SAE:
1825 val = WPA3_AUTH_SAE_PSK;
1826 if (sme->crypto.sae_pwd) {
1827 brcmf_dbg(INFO, "using SAE offload\n");
1828 profile->use_fwsup = BRCMF_PROFILE_FWSUP_SAE;
1832 bphy_err(drvr, "invalid cipher group (%d)\n",
1833 sme->crypto.cipher_group);
1838 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_1X)
1839 brcmf_dbg(INFO, "using 1X offload\n");
1841 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
1842 goto skip_mfp_config;
1843 /* The MFP mode (1 or 2) needs to be determined, parse IEs. The
1844 * IE will not be verified, just a quick search for MFP config
1846 rsn_ie = brcmf_parse_tlvs((const u8 *)sme->ie, sme->ie_len,
1849 goto skip_mfp_config;
1850 ie = (const u8 *)rsn_ie;
1851 ie_len = rsn_ie->len + TLV_HDR_LEN;
1852 /* Skip unicast suite */
1853 offset = TLV_HDR_LEN + WPA_IE_VERSION_LEN + WPA_IE_MIN_OUI_LEN;
1854 if (offset + WPA_IE_SUITE_COUNT_LEN >= ie_len)
1855 goto skip_mfp_config;
1856 /* Skip multicast suite */
1857 count = ie[offset] + (ie[offset + 1] << 8);
1858 offset += WPA_IE_SUITE_COUNT_LEN + (count * WPA_IE_MIN_OUI_LEN);
1859 if (offset + WPA_IE_SUITE_COUNT_LEN >= ie_len)
1860 goto skip_mfp_config;
1861 /* Skip auth key management suite(s) */
1862 count = ie[offset] + (ie[offset + 1] << 8);
1863 offset += WPA_IE_SUITE_COUNT_LEN + (count * WPA_IE_MIN_OUI_LEN);
1864 if (offset + WPA_IE_SUITE_COUNT_LEN > ie_len)
1865 goto skip_mfp_config;
1866 /* Ready to read capabilities */
1867 mfp = BRCMF_MFP_NONE;
1868 rsn_cap = ie[offset] + (ie[offset + 1] << 8);
1869 if (rsn_cap & RSN_CAP_MFPR_MASK)
1870 mfp = BRCMF_MFP_REQUIRED;
1871 else if (rsn_cap & RSN_CAP_MFPC_MASK)
1872 mfp = BRCMF_MFP_CAPABLE;
1873 brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "mfp", mfp);
1876 brcmf_dbg(CONN, "setting wpa_auth to %d\n", val);
1877 err = brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "wpa_auth", val);
1879 bphy_err(drvr, "could not set wpa_auth (%d)\n", err);
1887 brcmf_set_sharedkey(struct net_device *ndev,
1888 struct cfg80211_connect_params *sme)
1890 struct brcmf_if *ifp = netdev_priv(ndev);
1891 struct brcmf_pub *drvr = ifp->drvr;
1892 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1893 struct brcmf_cfg80211_security *sec;
1894 struct brcmf_wsec_key key;
1898 brcmf_dbg(CONN, "key len (%d)\n", sme->key_len);
1900 if (sme->key_len == 0)
1903 sec = &profile->sec;
1904 brcmf_dbg(CONN, "wpa_versions 0x%x cipher_pairwise 0x%x\n",
1905 sec->wpa_versions, sec->cipher_pairwise);
1907 if (sec->wpa_versions & (NL80211_WPA_VERSION_1 | NL80211_WPA_VERSION_2 |
1908 NL80211_WPA_VERSION_3))
1911 if (!(sec->cipher_pairwise &
1912 (WLAN_CIPHER_SUITE_WEP40 | WLAN_CIPHER_SUITE_WEP104)))
1915 memset(&key, 0, sizeof(key));
1916 key.len = (u32) sme->key_len;
1917 key.index = (u32) sme->key_idx;
1918 if (key.len > sizeof(key.data)) {
1919 bphy_err(drvr, "Too long key length (%u)\n", key.len);
1922 memcpy(key.data, sme->key, key.len);
1923 key.flags = BRCMF_PRIMARY_KEY;
1924 switch (sec->cipher_pairwise) {
1925 case WLAN_CIPHER_SUITE_WEP40:
1926 key.algo = CRYPTO_ALGO_WEP1;
1928 case WLAN_CIPHER_SUITE_WEP104:
1929 key.algo = CRYPTO_ALGO_WEP128;
1932 bphy_err(drvr, "Invalid algorithm (%d)\n",
1933 sme->crypto.ciphers_pairwise[0]);
1936 /* Set the new key/index */
1937 brcmf_dbg(CONN, "key length (%d) key index (%d) algo (%d)\n",
1938 key.len, key.index, key.algo);
1939 brcmf_dbg(CONN, "key \"%s\"\n", key.data);
1940 err = send_key_to_dongle(ifp, &key);
1944 if (sec->auth_type == NL80211_AUTHTYPE_SHARED_KEY) {
1945 brcmf_dbg(CONN, "set auth_type to shared key\n");
1946 val = WL_AUTH_SHARED_KEY; /* shared key */
1947 err = brcmf_fil_bsscfg_int_set(ifp, "auth", val);
1949 bphy_err(drvr, "set auth failed (%d)\n", err);
1955 enum nl80211_auth_type brcmf_war_auth_type(struct brcmf_if *ifp,
1956 enum nl80211_auth_type type)
1958 if (type == NL80211_AUTHTYPE_AUTOMATIC &&
1959 brcmf_feat_is_quirk_enabled(ifp, BRCMF_FEAT_QUIRK_AUTO_AUTH)) {
1960 brcmf_dbg(CONN, "WAR: use OPEN instead of AUTO\n");
1961 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
1966 static void brcmf_set_join_pref(struct brcmf_if *ifp,
1967 struct cfg80211_bss_selection *bss_select)
1969 struct brcmf_pub *drvr = ifp->drvr;
1970 struct brcmf_join_pref_params join_pref_params[2];
1971 enum nl80211_band band;
1974 join_pref_params[i].len = 2;
1975 join_pref_params[i].rssi_gain = 0;
1977 if (bss_select->behaviour != NL80211_BSS_SELECT_ATTR_BAND_PREF)
1978 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_ASSOC_PREFER, WLC_BAND_AUTO);
1980 switch (bss_select->behaviour) {
1981 case __NL80211_BSS_SELECT_ATTR_INVALID:
1982 brcmf_c_set_joinpref_default(ifp);
1984 case NL80211_BSS_SELECT_ATTR_BAND_PREF:
1985 join_pref_params[i].type = BRCMF_JOIN_PREF_BAND;
1986 band = bss_select->param.band_pref;
1987 join_pref_params[i].band = nl80211_band_to_fwil(band);
1990 case NL80211_BSS_SELECT_ATTR_RSSI_ADJUST:
1991 join_pref_params[i].type = BRCMF_JOIN_PREF_RSSI_DELTA;
1992 band = bss_select->param.adjust.band;
1993 join_pref_params[i].band = nl80211_band_to_fwil(band);
1994 join_pref_params[i].rssi_gain = bss_select->param.adjust.delta;
1997 case NL80211_BSS_SELECT_ATTR_RSSI:
2001 join_pref_params[i].type = BRCMF_JOIN_PREF_RSSI;
2002 join_pref_params[i].len = 2;
2003 join_pref_params[i].rssi_gain = 0;
2004 join_pref_params[i].band = 0;
2005 err = brcmf_fil_iovar_data_set(ifp, "join_pref", join_pref_params,
2006 sizeof(join_pref_params));
2008 bphy_err(drvr, "Set join_pref error (%d)\n", err);
2012 brcmf_cfg80211_connect(struct wiphy *wiphy, struct net_device *ndev,
2013 struct cfg80211_connect_params *sme)
2015 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2016 struct brcmf_if *ifp = netdev_priv(ndev);
2017 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2018 struct ieee80211_channel *chan = sme->channel;
2019 struct brcmf_pub *drvr = ifp->drvr;
2020 struct brcmf_join_params join_params;
2021 size_t join_params_size;
2022 const struct brcmf_tlv *rsn_ie;
2023 const struct brcmf_vs_tlv *wpa_ie;
2026 struct brcmf_ext_join_params_le *ext_join_params;
2031 brcmf_dbg(TRACE, "Enter\n");
2032 if (!check_vif_up(ifp->vif))
2036 bphy_err(drvr, "Invalid ssid\n");
2040 if (ifp->vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif) {
2041 /* A normal (non P2P) connection request setup. */
2044 /* find the WPA_IE */
2045 wpa_ie = brcmf_find_wpaie((u8 *)sme->ie, sme->ie_len);
2048 ie_len = wpa_ie->len + TLV_HDR_LEN;
2050 /* find the RSN_IE */
2051 rsn_ie = brcmf_parse_tlvs((const u8 *)sme->ie,
2056 ie_len = rsn_ie->len + TLV_HDR_LEN;
2059 brcmf_fil_iovar_data_set(ifp, "wpaie", ie, ie_len);
2062 err = brcmf_vif_set_mgmt_ie(ifp->vif, BRCMF_VNDR_IE_ASSOCREQ_FLAG,
2063 sme->ie, sme->ie_len);
2065 bphy_err(drvr, "Set Assoc REQ IE Failed\n");
2067 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc request\n");
2069 set_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2073 ieee80211_frequency_to_channel(chan->center_freq);
2074 chanspec = channel_to_chanspec(&cfg->d11inf, chan);
2075 brcmf_dbg(CONN, "channel=%d, center_req=%d, chanspec=0x%04x\n",
2076 cfg->channel, chan->center_freq, chanspec);
2082 brcmf_dbg(INFO, "ie (%p), ie_len (%zd)\n", sme->ie, sme->ie_len);
2084 err = brcmf_set_wpa_version(ndev, sme);
2086 bphy_err(drvr, "wl_set_wpa_version failed (%d)\n", err);
2090 sme->auth_type = brcmf_war_auth_type(ifp, sme->auth_type);
2091 err = brcmf_set_auth_type(ndev, sme);
2093 bphy_err(drvr, "wl_set_auth_type failed (%d)\n", err);
2097 err = brcmf_set_wsec_mode(ndev, sme);
2099 bphy_err(drvr, "wl_set_set_cipher failed (%d)\n", err);
2103 err = brcmf_set_key_mgmt(ndev, sme);
2105 bphy_err(drvr, "wl_set_key_mgmt failed (%d)\n", err);
2109 err = brcmf_set_sharedkey(ndev, sme);
2111 bphy_err(drvr, "brcmf_set_sharedkey failed (%d)\n", err);
2115 if (sme->crypto.psk &&
2116 profile->use_fwsup != BRCMF_PROFILE_FWSUP_SAE) {
2117 if (WARN_ON(profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE)) {
2121 brcmf_dbg(INFO, "using PSK offload\n");
2122 profile->use_fwsup = BRCMF_PROFILE_FWSUP_PSK;
2125 if (profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
2126 /* enable firmware supplicant for this interface */
2127 err = brcmf_fil_iovar_int_set(ifp, "sup_wpa", 1);
2129 bphy_err(drvr, "failed to enable fw supplicant\n");
2134 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_PSK)
2135 err = brcmf_set_pmk(ifp, sme->crypto.psk,
2136 BRCMF_WSEC_MAX_PSK_LEN);
2137 else if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_SAE) {
2138 /* clean up user-space RSNE */
2139 if (brcmf_fil_iovar_data_set(ifp, "wpaie", NULL, 0)) {
2140 bphy_err(drvr, "failed to clean up user-space RSNE\n");
2143 err = brcmf_set_sae_password(ifp, sme->crypto.sae_pwd,
2144 sme->crypto.sae_pwd_len);
2145 if (!err && sme->crypto.psk)
2146 err = brcmf_set_pmk(ifp, sme->crypto.psk,
2147 BRCMF_WSEC_MAX_PSK_LEN);
2152 /* Join with specific BSSID and cached SSID
2153 * If SSID is zero join based on BSSID only
2155 join_params_size = offsetof(struct brcmf_ext_join_params_le, assoc_le) +
2156 offsetof(struct brcmf_assoc_params_le, chanspec_list);
2158 join_params_size += sizeof(u16);
2159 ext_join_params = kzalloc(join_params_size, GFP_KERNEL);
2160 if (ext_join_params == NULL) {
2164 ssid_len = min_t(u32, sme->ssid_len, IEEE80211_MAX_SSID_LEN);
2165 ext_join_params->ssid_le.SSID_len = cpu_to_le32(ssid_len);
2166 memcpy(&ext_join_params->ssid_le.SSID, sme->ssid, ssid_len);
2167 if (ssid_len < IEEE80211_MAX_SSID_LEN)
2168 brcmf_dbg(CONN, "SSID \"%s\", len (%d)\n",
2169 ext_join_params->ssid_le.SSID, ssid_len);
2171 /* Set up join scan parameters */
2172 ext_join_params->scan_le.scan_type = -1;
2173 ext_join_params->scan_le.home_time = cpu_to_le32(-1);
2176 memcpy(&ext_join_params->assoc_le.bssid, sme->bssid, ETH_ALEN);
2178 eth_broadcast_addr(ext_join_params->assoc_le.bssid);
2181 ext_join_params->assoc_le.chanspec_num = cpu_to_le32(1);
2183 ext_join_params->assoc_le.chanspec_list[0] =
2184 cpu_to_le16(chanspec);
2185 /* Increase dwell time to receive probe response or detect
2186 * beacon from target AP at a noisy air only during connect
2189 ext_join_params->scan_le.active_time =
2190 cpu_to_le32(BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS);
2191 ext_join_params->scan_le.passive_time =
2192 cpu_to_le32(BRCMF_SCAN_JOIN_PASSIVE_DWELL_TIME_MS);
2193 /* To sync with presence period of VSDB GO send probe request
2194 * more frequently. Probe request will be stopped when it gets
2195 * probe response from target AP/GO.
2197 ext_join_params->scan_le.nprobes =
2198 cpu_to_le32(BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS /
2199 BRCMF_SCAN_JOIN_PROBE_INTERVAL_MS);
2201 ext_join_params->scan_le.active_time = cpu_to_le32(-1);
2202 ext_join_params->scan_le.passive_time = cpu_to_le32(-1);
2203 ext_join_params->scan_le.nprobes = cpu_to_le32(-1);
2206 brcmf_set_join_pref(ifp, &sme->bss_select);
2208 err = brcmf_fil_bsscfg_data_set(ifp, "join", ext_join_params,
2210 kfree(ext_join_params);
2212 /* This is it. join command worked, we are done */
2215 /* join command failed, fallback to set ssid */
2216 memset(&join_params, 0, sizeof(join_params));
2217 join_params_size = sizeof(join_params.ssid_le);
2219 memcpy(&join_params.ssid_le.SSID, sme->ssid, ssid_len);
2220 join_params.ssid_le.SSID_len = cpu_to_le32(ssid_len);
2223 memcpy(join_params.params_le.bssid, sme->bssid, ETH_ALEN);
2225 eth_broadcast_addr(join_params.params_le.bssid);
2228 join_params.params_le.chanspec_list[0] = cpu_to_le16(chanspec);
2229 join_params.params_le.chanspec_num = cpu_to_le32(1);
2230 join_params_size += sizeof(join_params.params_le);
2232 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
2233 &join_params, join_params_size);
2235 bphy_err(drvr, "BRCMF_C_SET_SSID failed (%d)\n", err);
2239 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2240 brcmf_dbg(TRACE, "Exit\n");
2245 brcmf_cfg80211_disconnect(struct wiphy *wiphy, struct net_device *ndev,
2248 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2249 struct brcmf_if *ifp = netdev_priv(ndev);
2250 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2251 struct brcmf_pub *drvr = cfg->pub;
2252 struct brcmf_scb_val_le scbval;
2255 brcmf_dbg(TRACE, "Enter. Reason code = %d\n", reason_code);
2256 if (!check_vif_up(ifp->vif))
2259 clear_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state);
2260 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2261 cfg80211_disconnected(ndev, reason_code, NULL, 0, true, GFP_KERNEL);
2263 memcpy(&scbval.ea, &profile->bssid, ETH_ALEN);
2264 scbval.val = cpu_to_le32(reason_code);
2265 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_DISASSOC,
2266 &scbval, sizeof(scbval));
2268 bphy_err(drvr, "error (%d)\n", err);
2270 brcmf_dbg(TRACE, "Exit\n");
2275 brcmf_cfg80211_set_tx_power(struct wiphy *wiphy, struct wireless_dev *wdev,
2276 enum nl80211_tx_power_setting type, s32 mbm)
2278 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2279 struct net_device *ndev = cfg_to_ndev(cfg);
2280 struct brcmf_if *ifp = netdev_priv(ndev);
2281 struct brcmf_pub *drvr = cfg->pub;
2286 brcmf_dbg(TRACE, "Enter %d %d\n", type, mbm);
2287 if (!check_vif_up(ifp->vif))
2291 case NL80211_TX_POWER_AUTOMATIC:
2293 case NL80211_TX_POWER_LIMITED:
2294 case NL80211_TX_POWER_FIXED:
2296 bphy_err(drvr, "TX_POWER_FIXED - dbm is negative\n");
2300 qdbm = MBM_TO_DBM(4 * mbm);
2303 qdbm |= WL_TXPWR_OVERRIDE;
2306 bphy_err(drvr, "Unsupported type %d\n", type);
2310 /* Make sure radio is off or on as far as software is concerned */
2311 disable = WL_RADIO_SW_DISABLE << 16;
2312 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_RADIO, disable);
2314 bphy_err(drvr, "WLC_SET_RADIO error (%d)\n", err);
2316 err = brcmf_fil_iovar_int_set(ifp, "qtxpower", qdbm);
2318 bphy_err(drvr, "qtxpower error (%d)\n", err);
2321 brcmf_dbg(TRACE, "Exit %d (qdbm)\n", qdbm & ~WL_TXPWR_OVERRIDE);
2326 brcmf_cfg80211_get_tx_power(struct wiphy *wiphy, struct wireless_dev *wdev,
2329 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2330 struct brcmf_cfg80211_vif *vif = wdev_to_vif(wdev);
2331 struct brcmf_pub *drvr = cfg->pub;
2335 brcmf_dbg(TRACE, "Enter\n");
2336 if (!check_vif_up(vif))
2339 err = brcmf_fil_iovar_int_get(vif->ifp, "qtxpower", &qdbm);
2341 bphy_err(drvr, "error (%d)\n", err);
2344 *dbm = (qdbm & ~WL_TXPWR_OVERRIDE) / 4;
2347 brcmf_dbg(TRACE, "Exit (0x%x %d)\n", qdbm, *dbm);
2352 brcmf_cfg80211_config_default_key(struct wiphy *wiphy, struct net_device *ndev,
2353 u8 key_idx, bool unicast, bool multicast)
2355 struct brcmf_if *ifp = netdev_priv(ndev);
2356 struct brcmf_pub *drvr = ifp->drvr;
2361 brcmf_dbg(TRACE, "Enter\n");
2362 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2363 if (!check_vif_up(ifp->vif))
2366 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2368 bphy_err(drvr, "WLC_GET_WSEC error (%d)\n", err);
2372 if (wsec & WEP_ENABLED) {
2373 /* Just select a new current key */
2375 err = brcmf_fil_cmd_int_set(ifp,
2376 BRCMF_C_SET_KEY_PRIMARY, index);
2378 bphy_err(drvr, "error (%d)\n", err);
2381 brcmf_dbg(TRACE, "Exit\n");
2386 brcmf_cfg80211_del_key(struct wiphy *wiphy, struct net_device *ndev,
2387 u8 key_idx, bool pairwise, const u8 *mac_addr)
2389 struct brcmf_if *ifp = netdev_priv(ndev);
2390 struct brcmf_wsec_key *key;
2393 brcmf_dbg(TRACE, "Enter\n");
2394 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2396 if (!check_vif_up(ifp->vif))
2399 if (key_idx >= BRCMF_MAX_DEFAULT_KEYS) {
2400 /* we ignore this key index in this case */
2404 key = &ifp->vif->profile.key[key_idx];
2406 if (key->algo == CRYPTO_ALGO_OFF) {
2407 brcmf_dbg(CONN, "Ignore clearing of (never configured) key\n");
2411 memset(key, 0, sizeof(*key));
2412 key->index = (u32)key_idx;
2413 key->flags = BRCMF_PRIMARY_KEY;
2415 /* Clear the key/index */
2416 err = send_key_to_dongle(ifp, key);
2418 brcmf_dbg(TRACE, "Exit\n");
2423 brcmf_cfg80211_add_key(struct wiphy *wiphy, struct net_device *ndev,
2424 u8 key_idx, bool pairwise, const u8 *mac_addr,
2425 struct key_params *params)
2427 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2428 struct brcmf_if *ifp = netdev_priv(ndev);
2429 struct brcmf_pub *drvr = cfg->pub;
2430 struct brcmf_wsec_key *key;
2437 brcmf_dbg(TRACE, "Enter\n");
2438 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2439 if (!check_vif_up(ifp->vif))
2442 if (key_idx >= BRCMF_MAX_DEFAULT_KEYS) {
2443 /* we ignore this key index in this case */
2444 bphy_err(drvr, "invalid key index (%d)\n", key_idx);
2448 if (params->key_len == 0)
2449 return brcmf_cfg80211_del_key(wiphy, ndev, key_idx, pairwise,
2452 if (params->key_len > sizeof(key->data)) {
2453 bphy_err(drvr, "Too long key length (%u)\n", params->key_len);
2458 if (mac_addr && (params->cipher != WLAN_CIPHER_SUITE_WEP40) &&
2459 (params->cipher != WLAN_CIPHER_SUITE_WEP104)) {
2460 brcmf_dbg(TRACE, "Ext key, mac %pM", mac_addr);
2464 key = &ifp->vif->profile.key[key_idx];
2465 memset(key, 0, sizeof(*key));
2466 if ((ext_key) && (!is_multicast_ether_addr(mac_addr)))
2467 memcpy((char *)&key->ea, (void *)mac_addr, ETH_ALEN);
2468 key->len = params->key_len;
2469 key->index = key_idx;
2470 memcpy(key->data, params->key, key->len);
2472 key->flags = BRCMF_PRIMARY_KEY;
2474 if (params->seq && params->seq_len == 6) {
2478 ivptr = (u8 *)params->seq;
2479 key->rxiv.hi = (ivptr[5] << 24) | (ivptr[4] << 16) |
2480 (ivptr[3] << 8) | ivptr[2];
2481 key->rxiv.lo = (ivptr[1] << 8) | ivptr[0];
2482 key->iv_initialized = true;
2485 switch (params->cipher) {
2486 case WLAN_CIPHER_SUITE_WEP40:
2487 key->algo = CRYPTO_ALGO_WEP1;
2489 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP40\n");
2491 case WLAN_CIPHER_SUITE_WEP104:
2492 key->algo = CRYPTO_ALGO_WEP128;
2494 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP104\n");
2496 case WLAN_CIPHER_SUITE_TKIP:
2497 if (!brcmf_is_apmode(ifp->vif)) {
2498 brcmf_dbg(CONN, "Swapping RX/TX MIC key\n");
2499 memcpy(keybuf, &key->data[24], sizeof(keybuf));
2500 memcpy(&key->data[24], &key->data[16], sizeof(keybuf));
2501 memcpy(&key->data[16], keybuf, sizeof(keybuf));
2503 key->algo = CRYPTO_ALGO_TKIP;
2505 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_TKIP\n");
2507 case WLAN_CIPHER_SUITE_AES_CMAC:
2508 key->algo = CRYPTO_ALGO_AES_CCM;
2510 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_AES_CMAC\n");
2512 case WLAN_CIPHER_SUITE_CCMP:
2513 key->algo = CRYPTO_ALGO_AES_CCM;
2515 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_CCMP\n");
2518 bphy_err(drvr, "Invalid cipher (0x%x)\n", params->cipher);
2523 err = send_key_to_dongle(ifp, key);
2527 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2529 bphy_err(drvr, "get wsec error (%d)\n", err);
2533 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
2535 bphy_err(drvr, "set wsec error (%d)\n", err);
2540 brcmf_dbg(TRACE, "Exit\n");
2545 brcmf_cfg80211_get_key(struct wiphy *wiphy, struct net_device *ndev, u8 key_idx,
2546 bool pairwise, const u8 *mac_addr, void *cookie,
2547 void (*callback)(void *cookie,
2548 struct key_params *params))
2550 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2551 struct key_params params;
2552 struct brcmf_if *ifp = netdev_priv(ndev);
2553 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2554 struct brcmf_pub *drvr = cfg->pub;
2555 struct brcmf_cfg80211_security *sec;
2559 brcmf_dbg(TRACE, "Enter\n");
2560 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2561 if (!check_vif_up(ifp->vif))
2564 memset(¶ms, 0, sizeof(params));
2566 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2568 bphy_err(drvr, "WLC_GET_WSEC error (%d)\n", err);
2569 /* Ignore this error, may happen during DISASSOC */
2573 if (wsec & WEP_ENABLED) {
2574 sec = &profile->sec;
2575 if (sec->cipher_pairwise & WLAN_CIPHER_SUITE_WEP40) {
2576 params.cipher = WLAN_CIPHER_SUITE_WEP40;
2577 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP40\n");
2578 } else if (sec->cipher_pairwise & WLAN_CIPHER_SUITE_WEP104) {
2579 params.cipher = WLAN_CIPHER_SUITE_WEP104;
2580 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP104\n");
2582 } else if (wsec & TKIP_ENABLED) {
2583 params.cipher = WLAN_CIPHER_SUITE_TKIP;
2584 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_TKIP\n");
2585 } else if (wsec & AES_ENABLED) {
2586 params.cipher = WLAN_CIPHER_SUITE_AES_CMAC;
2587 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_AES_CMAC\n");
2589 bphy_err(drvr, "Invalid algo (0x%x)\n", wsec);
2593 callback(cookie, ¶ms);
2596 brcmf_dbg(TRACE, "Exit\n");
2601 brcmf_cfg80211_config_default_mgmt_key(struct wiphy *wiphy,
2602 struct net_device *ndev, u8 key_idx)
2604 struct brcmf_if *ifp = netdev_priv(ndev);
2606 brcmf_dbg(TRACE, "Enter key_idx %d\n", key_idx);
2608 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
2611 brcmf_dbg(INFO, "Not supported\n");
2617 brcmf_cfg80211_reconfigure_wep(struct brcmf_if *ifp)
2619 struct brcmf_pub *drvr = ifp->drvr;
2622 struct brcmf_wsec_key *key;
2625 for (key_idx = 0; key_idx < BRCMF_MAX_DEFAULT_KEYS; key_idx++) {
2626 key = &ifp->vif->profile.key[key_idx];
2627 if ((key->algo == CRYPTO_ALGO_WEP1) ||
2628 (key->algo == CRYPTO_ALGO_WEP128))
2631 if (key_idx == BRCMF_MAX_DEFAULT_KEYS)
2634 err = send_key_to_dongle(ifp, key);
2636 bphy_err(drvr, "Setting WEP key failed (%d)\n", err);
2639 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2641 bphy_err(drvr, "get wsec error (%d)\n", err);
2644 wsec |= WEP_ENABLED;
2645 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
2647 bphy_err(drvr, "set wsec error (%d)\n", err);
2650 static void brcmf_convert_sta_flags(u32 fw_sta_flags, struct station_info *si)
2652 struct nl80211_sta_flag_update *sfu;
2654 brcmf_dbg(TRACE, "flags %08x\n", fw_sta_flags);
2655 si->filled |= BIT_ULL(NL80211_STA_INFO_STA_FLAGS);
2656 sfu = &si->sta_flags;
2657 sfu->mask = BIT(NL80211_STA_FLAG_WME) |
2658 BIT(NL80211_STA_FLAG_AUTHENTICATED) |
2659 BIT(NL80211_STA_FLAG_ASSOCIATED) |
2660 BIT(NL80211_STA_FLAG_AUTHORIZED);
2661 if (fw_sta_flags & BRCMF_STA_WME)
2662 sfu->set |= BIT(NL80211_STA_FLAG_WME);
2663 if (fw_sta_flags & BRCMF_STA_AUTHE)
2664 sfu->set |= BIT(NL80211_STA_FLAG_AUTHENTICATED);
2665 if (fw_sta_flags & BRCMF_STA_ASSOC)
2666 sfu->set |= BIT(NL80211_STA_FLAG_ASSOCIATED);
2667 if (fw_sta_flags & BRCMF_STA_AUTHO)
2668 sfu->set |= BIT(NL80211_STA_FLAG_AUTHORIZED);
2671 static void brcmf_fill_bss_param(struct brcmf_if *ifp, struct station_info *si)
2673 struct brcmf_pub *drvr = ifp->drvr;
2676 struct brcmf_bss_info_le bss_le;
2681 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
2685 buf->len = cpu_to_le32(WL_BSS_INFO_MAX);
2686 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO, buf,
2689 bphy_err(drvr, "Failed to get bss info (%d)\n", err);
2692 si->filled |= BIT_ULL(NL80211_STA_INFO_BSS_PARAM);
2693 si->bss_param.beacon_interval = le16_to_cpu(buf->bss_le.beacon_period);
2694 si->bss_param.dtim_period = buf->bss_le.dtim_period;
2695 capability = le16_to_cpu(buf->bss_le.capability);
2696 if (capability & IEEE80211_HT_STBC_PARAM_DUAL_CTS_PROT)
2697 si->bss_param.flags |= BSS_PARAM_FLAGS_CTS_PROT;
2698 if (capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
2699 si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_PREAMBLE;
2700 if (capability & WLAN_CAPABILITY_SHORT_SLOT_TIME)
2701 si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_SLOT_TIME;
2708 brcmf_cfg80211_get_station_ibss(struct brcmf_if *ifp,
2709 struct station_info *sinfo)
2711 struct brcmf_pub *drvr = ifp->drvr;
2712 struct brcmf_scb_val_le scbval;
2713 struct brcmf_pktcnt_le pktcnt;
2718 /* Get the current tx rate */
2719 err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_RATE, &rate);
2721 bphy_err(drvr, "BRCMF_C_GET_RATE error (%d)\n", err);
2724 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
2725 sinfo->txrate.legacy = rate * 5;
2727 memset(&scbval, 0, sizeof(scbval));
2728 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_RSSI, &scbval,
2731 bphy_err(drvr, "BRCMF_C_GET_RSSI error (%d)\n", err);
2734 rssi = le32_to_cpu(scbval.val);
2735 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
2736 sinfo->signal = rssi;
2738 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_GET_PKTCNTS, &pktcnt,
2741 bphy_err(drvr, "BRCMF_C_GET_GET_PKTCNTS error (%d)\n", err);
2744 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_PACKETS) |
2745 BIT_ULL(NL80211_STA_INFO_RX_DROP_MISC) |
2746 BIT_ULL(NL80211_STA_INFO_TX_PACKETS) |
2747 BIT_ULL(NL80211_STA_INFO_TX_FAILED);
2748 sinfo->rx_packets = le32_to_cpu(pktcnt.rx_good_pkt);
2749 sinfo->rx_dropped_misc = le32_to_cpu(pktcnt.rx_bad_pkt);
2750 sinfo->tx_packets = le32_to_cpu(pktcnt.tx_good_pkt);
2751 sinfo->tx_failed = le32_to_cpu(pktcnt.tx_bad_pkt);
2757 brcmf_cfg80211_get_station(struct wiphy *wiphy, struct net_device *ndev,
2758 const u8 *mac, struct station_info *sinfo)
2760 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2761 struct brcmf_if *ifp = netdev_priv(ndev);
2762 struct brcmf_pub *drvr = cfg->pub;
2763 struct brcmf_scb_val_le scb_val;
2765 struct brcmf_sta_info_le sta_info_le;
2773 brcmf_dbg(TRACE, "Enter, MAC %pM\n", mac);
2774 if (!check_vif_up(ifp->vif))
2777 if (brcmf_is_ibssmode(ifp->vif))
2778 return brcmf_cfg80211_get_station_ibss(ifp, sinfo);
2780 memset(&sta_info_le, 0, sizeof(sta_info_le));
2781 memcpy(&sta_info_le, mac, ETH_ALEN);
2782 err = brcmf_fil_iovar_data_get(ifp, "tdls_sta_info",
2784 sizeof(sta_info_le));
2785 is_tdls_peer = !err;
2787 err = brcmf_fil_iovar_data_get(ifp, "sta_info",
2789 sizeof(sta_info_le));
2791 bphy_err(drvr, "GET STA INFO failed, %d\n", err);
2795 brcmf_dbg(TRACE, "version %d\n", le16_to_cpu(sta_info_le.ver));
2796 sinfo->filled = BIT_ULL(NL80211_STA_INFO_INACTIVE_TIME);
2797 sinfo->inactive_time = le32_to_cpu(sta_info_le.idle) * 1000;
2798 sta_flags = le32_to_cpu(sta_info_le.flags);
2799 brcmf_convert_sta_flags(sta_flags, sinfo);
2800 sinfo->sta_flags.mask |= BIT(NL80211_STA_FLAG_TDLS_PEER);
2802 sinfo->sta_flags.set |= BIT(NL80211_STA_FLAG_TDLS_PEER);
2804 sinfo->sta_flags.set &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
2805 if (sta_flags & BRCMF_STA_ASSOC) {
2806 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_CONNECTED_TIME);
2807 sinfo->connected_time = le32_to_cpu(sta_info_le.in);
2808 brcmf_fill_bss_param(ifp, sinfo);
2810 if (sta_flags & BRCMF_STA_SCBSTATS) {
2811 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_FAILED);
2812 sinfo->tx_failed = le32_to_cpu(sta_info_le.tx_failures);
2813 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_PACKETS);
2814 sinfo->tx_packets = le32_to_cpu(sta_info_le.tx_pkts);
2815 sinfo->tx_packets += le32_to_cpu(sta_info_le.tx_mcast_pkts);
2816 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_PACKETS);
2817 sinfo->rx_packets = le32_to_cpu(sta_info_le.rx_ucast_pkts);
2818 sinfo->rx_packets += le32_to_cpu(sta_info_le.rx_mcast_pkts);
2819 if (sinfo->tx_packets) {
2820 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
2821 sinfo->txrate.legacy =
2822 le32_to_cpu(sta_info_le.tx_rate) / 100;
2824 if (sinfo->rx_packets) {
2825 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BITRATE);
2826 sinfo->rxrate.legacy =
2827 le32_to_cpu(sta_info_le.rx_rate) / 100;
2829 if (le16_to_cpu(sta_info_le.ver) >= 4) {
2830 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BYTES);
2831 sinfo->tx_bytes = le64_to_cpu(sta_info_le.tx_tot_bytes);
2832 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BYTES);
2833 sinfo->rx_bytes = le64_to_cpu(sta_info_le.rx_tot_bytes);
2837 for (i = 0; i < BRCMF_ANT_MAX; i++) {
2838 if (sta_info_le.rssi[i]) {
2839 sinfo->chain_signal_avg[count_rssi] =
2840 sta_info_le.rssi[i];
2841 sinfo->chain_signal[count_rssi] =
2842 sta_info_le.rssi[i];
2843 total_rssi += sta_info_le.rssi[i];
2848 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL);
2849 sinfo->chains = count_rssi;
2851 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
2852 total_rssi /= count_rssi;
2853 sinfo->signal = total_rssi;
2854 } else if (test_bit(BRCMF_VIF_STATUS_CONNECTED,
2855 &ifp->vif->sme_state)) {
2856 memset(&scb_val, 0, sizeof(scb_val));
2857 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_RSSI,
2858 &scb_val, sizeof(scb_val));
2860 bphy_err(drvr, "Could not get rssi (%d)\n",
2864 rssi = le32_to_cpu(scb_val.val);
2865 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
2866 sinfo->signal = rssi;
2867 brcmf_dbg(CONN, "RSSI %d dBm\n", rssi);
2872 brcmf_dbg(TRACE, "Exit\n");
2877 brcmf_cfg80211_dump_station(struct wiphy *wiphy, struct net_device *ndev,
2878 int idx, u8 *mac, struct station_info *sinfo)
2880 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2881 struct brcmf_if *ifp = netdev_priv(ndev);
2882 struct brcmf_pub *drvr = cfg->pub;
2885 brcmf_dbg(TRACE, "Enter, idx %d\n", idx);
2888 cfg->assoclist.count = cpu_to_le32(BRCMF_MAX_ASSOCLIST);
2889 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_ASSOCLIST,
2891 sizeof(cfg->assoclist));
2893 bphy_err(drvr, "BRCMF_C_GET_ASSOCLIST unsupported, err=%d\n",
2895 cfg->assoclist.count = 0;
2899 if (idx < le32_to_cpu(cfg->assoclist.count)) {
2900 memcpy(mac, cfg->assoclist.mac[idx], ETH_ALEN);
2901 return brcmf_cfg80211_get_station(wiphy, ndev, mac, sinfo);
2907 brcmf_cfg80211_set_power_mgmt(struct wiphy *wiphy, struct net_device *ndev,
2908 bool enabled, s32 timeout)
2912 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2913 struct brcmf_if *ifp = netdev_priv(ndev);
2914 struct brcmf_pub *drvr = cfg->pub;
2916 brcmf_dbg(TRACE, "Enter\n");
2919 * Powersave enable/disable request is coming from the
2920 * cfg80211 even before the interface is up. In that
2921 * scenario, driver will be storing the power save
2922 * preference in cfg struct to apply this to
2923 * FW later while initializing the dongle
2925 cfg->pwr_save = enabled;
2926 if (!check_vif_up(ifp->vif)) {
2928 brcmf_dbg(INFO, "Device is not ready, storing the value in cfg_info struct\n");
2932 pm = enabled ? PM_FAST : PM_OFF;
2933 /* Do not enable the power save after assoc if it is a p2p interface */
2934 if (ifp->vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT) {
2935 brcmf_dbg(INFO, "Do not enable power save for P2P clients\n");
2938 brcmf_dbg(INFO, "power save %s\n", (pm ? "enabled" : "disabled"));
2940 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, pm);
2943 bphy_err(drvr, "net_device is not ready yet\n");
2945 bphy_err(drvr, "error (%d)\n", err);
2948 err = brcmf_fil_iovar_int_set(ifp, "pm2_sleep_ret",
2949 min_t(u32, timeout, BRCMF_PS_MAX_TIMEOUT_MS));
2951 bphy_err(drvr, "Unable to set pm timeout, (%d)\n", err);
2954 brcmf_dbg(TRACE, "Exit\n");
2958 static s32 brcmf_inform_single_bss(struct brcmf_cfg80211_info *cfg,
2959 struct brcmf_bss_info_le *bi)
2961 struct wiphy *wiphy = cfg_to_wiphy(cfg);
2962 struct brcmf_pub *drvr = cfg->pub;
2963 struct cfg80211_bss *bss;
2964 enum nl80211_band band;
2965 struct brcmu_chan ch;
2968 u16 notify_capability;
2969 u16 notify_interval;
2971 size_t notify_ielen;
2972 struct cfg80211_inform_bss bss_data = {};
2974 if (le32_to_cpu(bi->length) > WL_BSS_INFO_MAX) {
2975 bphy_err(drvr, "Bss info is larger than buffer. Discarding\n");
2980 ch.chspec = le16_to_cpu(bi->chanspec);
2981 cfg->d11inf.decchspec(&ch);
2982 bi->ctl_ch = ch.control_ch_num;
2984 channel = bi->ctl_ch;
2986 if (channel <= CH_MAX_2G_CHANNEL)
2987 band = NL80211_BAND_2GHZ;
2989 band = NL80211_BAND_5GHZ;
2991 freq = ieee80211_channel_to_frequency(channel, band);
2992 bss_data.chan = ieee80211_get_channel(wiphy, freq);
2993 bss_data.scan_width = NL80211_BSS_CHAN_WIDTH_20;
2994 bss_data.boottime_ns = ktime_to_ns(ktime_get_boottime());
2996 notify_capability = le16_to_cpu(bi->capability);
2997 notify_interval = le16_to_cpu(bi->beacon_period);
2998 notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset);
2999 notify_ielen = le32_to_cpu(bi->ie_length);
3000 bss_data.signal = (s16)le16_to_cpu(bi->RSSI) * 100;
3002 brcmf_dbg(CONN, "bssid: %pM\n", bi->BSSID);
3003 brcmf_dbg(CONN, "Channel: %d(%d)\n", channel, freq);
3004 brcmf_dbg(CONN, "Capability: %X\n", notify_capability);
3005 brcmf_dbg(CONN, "Beacon interval: %d\n", notify_interval);
3006 brcmf_dbg(CONN, "Signal: %d\n", bss_data.signal);
3008 bss = cfg80211_inform_bss_data(wiphy, &bss_data,
3009 CFG80211_BSS_FTYPE_UNKNOWN,
3010 (const u8 *)bi->BSSID,
3011 0, notify_capability,
3012 notify_interval, notify_ie,
3013 notify_ielen, GFP_KERNEL);
3018 cfg80211_put_bss(wiphy, bss);
3023 static struct brcmf_bss_info_le *
3024 next_bss_le(struct brcmf_scan_results *list, struct brcmf_bss_info_le *bss)
3027 return list->bss_info_le;
3028 return (struct brcmf_bss_info_le *)((unsigned long)bss +
3029 le32_to_cpu(bss->length));
3032 static s32 brcmf_inform_bss(struct brcmf_cfg80211_info *cfg)
3034 struct brcmf_pub *drvr = cfg->pub;
3035 struct brcmf_scan_results *bss_list;
3036 struct brcmf_bss_info_le *bi = NULL; /* must be initialized */
3040 bss_list = (struct brcmf_scan_results *)cfg->escan_info.escan_buf;
3041 if (bss_list->count != 0 &&
3042 bss_list->version != BRCMF_BSS_INFO_VERSION) {
3043 bphy_err(drvr, "Version %d != WL_BSS_INFO_VERSION\n",
3047 brcmf_dbg(SCAN, "scanned AP count (%d)\n", bss_list->count);
3048 for (i = 0; i < bss_list->count; i++) {
3049 bi = next_bss_le(bss_list, bi);
3050 err = brcmf_inform_single_bss(cfg, bi);
3057 static s32 brcmf_inform_ibss(struct brcmf_cfg80211_info *cfg,
3058 struct net_device *ndev, const u8 *bssid)
3060 struct wiphy *wiphy = cfg_to_wiphy(cfg);
3061 struct brcmf_pub *drvr = cfg->pub;
3062 struct ieee80211_channel *notify_channel;
3063 struct brcmf_bss_info_le *bi = NULL;
3064 struct ieee80211_supported_band *band;
3065 struct cfg80211_bss *bss;
3066 struct brcmu_chan ch;
3070 u16 notify_capability;
3071 u16 notify_interval;
3073 size_t notify_ielen;
3076 brcmf_dbg(TRACE, "Enter\n");
3078 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
3084 *(__le32 *)buf = cpu_to_le32(WL_BSS_INFO_MAX);
3086 err = brcmf_fil_cmd_data_get(netdev_priv(ndev), BRCMF_C_GET_BSS_INFO,
3087 buf, WL_BSS_INFO_MAX);
3089 bphy_err(drvr, "WLC_GET_BSS_INFO failed: %d\n", err);
3093 bi = (struct brcmf_bss_info_le *)(buf + 4);
3095 ch.chspec = le16_to_cpu(bi->chanspec);
3096 cfg->d11inf.decchspec(&ch);
3098 if (ch.band == BRCMU_CHAN_BAND_2G)
3099 band = wiphy->bands[NL80211_BAND_2GHZ];
3101 band = wiphy->bands[NL80211_BAND_5GHZ];
3103 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band->band);
3104 cfg->channel = freq;
3105 notify_channel = ieee80211_get_channel(wiphy, freq);
3107 notify_capability = le16_to_cpu(bi->capability);
3108 notify_interval = le16_to_cpu(bi->beacon_period);
3109 notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset);
3110 notify_ielen = le32_to_cpu(bi->ie_length);
3111 notify_signal = (s16)le16_to_cpu(bi->RSSI) * 100;
3113 brcmf_dbg(CONN, "channel: %d(%d)\n", ch.control_ch_num, freq);
3114 brcmf_dbg(CONN, "capability: %X\n", notify_capability);
3115 brcmf_dbg(CONN, "beacon interval: %d\n", notify_interval);
3116 brcmf_dbg(CONN, "signal: %d\n", notify_signal);
3118 bss = cfg80211_inform_bss(wiphy, notify_channel,
3119 CFG80211_BSS_FTYPE_UNKNOWN, bssid, 0,
3120 notify_capability, notify_interval,
3121 notify_ie, notify_ielen, notify_signal,
3129 cfg80211_put_bss(wiphy, bss);
3135 brcmf_dbg(TRACE, "Exit\n");
3140 static s32 brcmf_update_bss_info(struct brcmf_cfg80211_info *cfg,
3141 struct brcmf_if *ifp)
3143 struct brcmf_pub *drvr = cfg->pub;
3144 struct brcmf_bss_info_le *bi;
3145 const struct brcmf_tlv *tim;
3150 brcmf_dbg(TRACE, "Enter\n");
3151 if (brcmf_is_ibssmode(ifp->vif))
3154 *(__le32 *)cfg->extra_buf = cpu_to_le32(WL_EXTRA_BUF_MAX);
3155 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO,
3156 cfg->extra_buf, WL_EXTRA_BUF_MAX);
3158 bphy_err(drvr, "Could not get bss info %d\n", err);
3159 goto update_bss_info_out;
3162 bi = (struct brcmf_bss_info_le *)(cfg->extra_buf + 4);
3163 err = brcmf_inform_single_bss(cfg, bi);
3165 goto update_bss_info_out;
3167 ie = ((u8 *)bi) + le16_to_cpu(bi->ie_offset);
3168 ie_len = le32_to_cpu(bi->ie_length);
3170 tim = brcmf_parse_tlvs(ie, ie_len, WLAN_EID_TIM);
3173 * active scan was done so we could not get dtim
3174 * information out of probe response.
3175 * so we speficially query dtim information to dongle.
3178 err = brcmf_fil_iovar_int_get(ifp, "dtim_assoc", &var);
3180 bphy_err(drvr, "wl dtim_assoc failed (%d)\n", err);
3181 goto update_bss_info_out;
3185 update_bss_info_out:
3186 brcmf_dbg(TRACE, "Exit");
3190 void brcmf_abort_scanning(struct brcmf_cfg80211_info *cfg)
3192 struct escan_info *escan = &cfg->escan_info;
3194 set_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status);
3195 if (cfg->int_escan_map || cfg->scan_request) {
3196 escan->escan_state = WL_ESCAN_STATE_IDLE;
3197 brcmf_notify_escan_complete(cfg, escan->ifp, true, true);
3199 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3200 clear_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status);
3203 static void brcmf_cfg80211_escan_timeout_worker(struct work_struct *work)
3205 struct brcmf_cfg80211_info *cfg =
3206 container_of(work, struct brcmf_cfg80211_info,
3207 escan_timeout_work);
3209 brcmf_inform_bss(cfg);
3210 brcmf_notify_escan_complete(cfg, cfg->escan_info.ifp, true, true);
3213 static void brcmf_escan_timeout(struct timer_list *t)
3215 struct brcmf_cfg80211_info *cfg =
3216 from_timer(cfg, t, escan_timeout);
3217 struct brcmf_pub *drvr = cfg->pub;
3219 if (cfg->int_escan_map || cfg->scan_request) {
3220 bphy_err(drvr, "timer expired\n");
3221 schedule_work(&cfg->escan_timeout_work);
3226 brcmf_compare_update_same_bss(struct brcmf_cfg80211_info *cfg,
3227 struct brcmf_bss_info_le *bss,
3228 struct brcmf_bss_info_le *bss_info_le)
3230 struct brcmu_chan ch_bss, ch_bss_info_le;
3232 ch_bss.chspec = le16_to_cpu(bss->chanspec);
3233 cfg->d11inf.decchspec(&ch_bss);
3234 ch_bss_info_le.chspec = le16_to_cpu(bss_info_le->chanspec);
3235 cfg->d11inf.decchspec(&ch_bss_info_le);
3237 if (!memcmp(&bss_info_le->BSSID, &bss->BSSID, ETH_ALEN) &&
3238 ch_bss.band == ch_bss_info_le.band &&
3239 bss_info_le->SSID_len == bss->SSID_len &&
3240 !memcmp(bss_info_le->SSID, bss->SSID, bss_info_le->SSID_len)) {
3241 if ((bss->flags & BRCMF_BSS_RSSI_ON_CHANNEL) ==
3242 (bss_info_le->flags & BRCMF_BSS_RSSI_ON_CHANNEL)) {
3243 s16 bss_rssi = le16_to_cpu(bss->RSSI);
3244 s16 bss_info_rssi = le16_to_cpu(bss_info_le->RSSI);
3246 /* preserve max RSSI if the measurements are
3247 * both on-channel or both off-channel
3249 if (bss_info_rssi > bss_rssi)
3250 bss->RSSI = bss_info_le->RSSI;
3251 } else if ((bss->flags & BRCMF_BSS_RSSI_ON_CHANNEL) &&
3252 (bss_info_le->flags & BRCMF_BSS_RSSI_ON_CHANNEL) == 0) {
3253 /* preserve the on-channel rssi measurement
3254 * if the new measurement is off channel
3256 bss->RSSI = bss_info_le->RSSI;
3257 bss->flags |= BRCMF_BSS_RSSI_ON_CHANNEL;
3265 brcmf_cfg80211_escan_handler(struct brcmf_if *ifp,
3266 const struct brcmf_event_msg *e, void *data)
3268 struct brcmf_pub *drvr = ifp->drvr;
3269 struct brcmf_cfg80211_info *cfg = drvr->config;
3271 struct brcmf_escan_result_le *escan_result_le;
3273 struct brcmf_bss_info_le *bss_info_le;
3274 struct brcmf_bss_info_le *bss = NULL;
3276 struct brcmf_scan_results *list;
3282 if (status == BRCMF_E_STATUS_ABORT)
3285 if (!test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
3286 bphy_err(drvr, "scan not ready, bsscfgidx=%d\n",
3291 if (status == BRCMF_E_STATUS_PARTIAL) {
3292 brcmf_dbg(SCAN, "ESCAN Partial result\n");
3293 if (e->datalen < sizeof(*escan_result_le)) {
3294 bphy_err(drvr, "invalid event data length\n");
3297 escan_result_le = (struct brcmf_escan_result_le *) data;
3298 if (!escan_result_le) {
3299 bphy_err(drvr, "Invalid escan result (NULL pointer)\n");
3302 escan_buflen = le32_to_cpu(escan_result_le->buflen);
3303 if (escan_buflen > BRCMF_ESCAN_BUF_SIZE ||
3304 escan_buflen > e->datalen ||
3305 escan_buflen < sizeof(*escan_result_le)) {
3306 bphy_err(drvr, "Invalid escan buffer length: %d\n",
3310 if (le16_to_cpu(escan_result_le->bss_count) != 1) {
3311 bphy_err(drvr, "Invalid bss_count %d: ignoring\n",
3312 escan_result_le->bss_count);
3315 bss_info_le = &escan_result_le->bss_info_le;
3317 if (brcmf_p2p_scan_finding_common_channel(cfg, bss_info_le))
3320 if (!cfg->int_escan_map && !cfg->scan_request) {
3321 brcmf_dbg(SCAN, "result without cfg80211 request\n");
3325 bi_length = le32_to_cpu(bss_info_le->length);
3326 if (bi_length != escan_buflen - WL_ESCAN_RESULTS_FIXED_SIZE) {
3327 bphy_err(drvr, "Ignoring invalid bss_info length: %d\n",
3332 if (!(cfg_to_wiphy(cfg)->interface_modes &
3333 BIT(NL80211_IFTYPE_ADHOC))) {
3334 if (le16_to_cpu(bss_info_le->capability) &
3335 WLAN_CAPABILITY_IBSS) {
3336 bphy_err(drvr, "Ignoring IBSS result\n");
3341 list = (struct brcmf_scan_results *)
3342 cfg->escan_info.escan_buf;
3343 if (bi_length > BRCMF_ESCAN_BUF_SIZE - list->buflen) {
3344 bphy_err(drvr, "Buffer is too small: ignoring\n");
3348 for (i = 0; i < list->count; i++) {
3349 bss = bss ? (struct brcmf_bss_info_le *)
3350 ((unsigned char *)bss +
3351 le32_to_cpu(bss->length)) : list->bss_info_le;
3352 if (brcmf_compare_update_same_bss(cfg, bss,
3356 memcpy(&cfg->escan_info.escan_buf[list->buflen], bss_info_le,
3358 list->version = le32_to_cpu(bss_info_le->version);
3359 list->buflen += bi_length;
3362 cfg->escan_info.escan_state = WL_ESCAN_STATE_IDLE;
3363 if (brcmf_p2p_scan_finding_common_channel(cfg, NULL))
3365 if (cfg->int_escan_map || cfg->scan_request) {
3366 brcmf_inform_bss(cfg);
3367 aborted = status != BRCMF_E_STATUS_SUCCESS;
3368 brcmf_notify_escan_complete(cfg, ifp, aborted, false);
3370 brcmf_dbg(SCAN, "Ignored scan complete result 0x%x\n",
3377 static void brcmf_init_escan(struct brcmf_cfg80211_info *cfg)
3379 brcmf_fweh_register(cfg->pub, BRCMF_E_ESCAN_RESULT,
3380 brcmf_cfg80211_escan_handler);
3381 cfg->escan_info.escan_state = WL_ESCAN_STATE_IDLE;
3382 /* Init scan_timeout timer */
3383 timer_setup(&cfg->escan_timeout, brcmf_escan_timeout, 0);
3384 INIT_WORK(&cfg->escan_timeout_work,
3385 brcmf_cfg80211_escan_timeout_worker);
3388 static struct cfg80211_scan_request *
3389 brcmf_alloc_internal_escan_request(struct wiphy *wiphy, u32 n_netinfo) {
3390 struct cfg80211_scan_request *req;
3393 req_size = sizeof(*req) +
3394 n_netinfo * sizeof(req->channels[0]) +
3395 n_netinfo * sizeof(*req->ssids);
3397 req = kzalloc(req_size, GFP_KERNEL);
3400 req->ssids = (void *)(&req->channels[0]) +
3401 n_netinfo * sizeof(req->channels[0]);
3406 static int brcmf_internal_escan_add_info(struct cfg80211_scan_request *req,
3407 u8 *ssid, u8 ssid_len, u8 channel)
3409 struct ieee80211_channel *chan;
3410 enum nl80211_band band;
3413 if (channel <= CH_MAX_2G_CHANNEL)
3414 band = NL80211_BAND_2GHZ;
3416 band = NL80211_BAND_5GHZ;
3418 freq = ieee80211_channel_to_frequency(channel, band);
3422 chan = ieee80211_get_channel(req->wiphy, freq);
3426 for (i = 0; i < req->n_channels; i++) {
3427 if (req->channels[i] == chan)
3430 if (i == req->n_channels)
3431 req->channels[req->n_channels++] = chan;
3433 for (i = 0; i < req->n_ssids; i++) {
3434 if (req->ssids[i].ssid_len == ssid_len &&
3435 !memcmp(req->ssids[i].ssid, ssid, ssid_len))
3438 if (i == req->n_ssids) {
3439 memcpy(req->ssids[req->n_ssids].ssid, ssid, ssid_len);
3440 req->ssids[req->n_ssids++].ssid_len = ssid_len;
3445 static int brcmf_start_internal_escan(struct brcmf_if *ifp, u32 fwmap,
3446 struct cfg80211_scan_request *request)
3448 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
3451 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
3452 if (cfg->int_escan_map)
3453 brcmf_dbg(SCAN, "aborting internal scan: map=%u\n",
3454 cfg->int_escan_map);
3455 /* Abort any on-going scan */
3456 brcmf_abort_scanning(cfg);
3459 brcmf_dbg(SCAN, "start internal scan: map=%u\n", fwmap);
3460 set_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3461 cfg->escan_info.run = brcmf_run_escan;
3462 err = brcmf_do_escan(ifp, request);
3464 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3467 cfg->int_escan_map = fwmap;
3471 static struct brcmf_pno_net_info_le *
3472 brcmf_get_netinfo_array(struct brcmf_pno_scanresults_le *pfn_v1)
3474 struct brcmf_pno_scanresults_v2_le *pfn_v2;
3475 struct brcmf_pno_net_info_le *netinfo;
3477 switch (pfn_v1->version) {
3481 case cpu_to_le32(1):
3482 netinfo = (struct brcmf_pno_net_info_le *)(pfn_v1 + 1);
3484 case cpu_to_le32(2):
3485 pfn_v2 = (struct brcmf_pno_scanresults_v2_le *)pfn_v1;
3486 netinfo = (struct brcmf_pno_net_info_le *)(pfn_v2 + 1);
3493 /* PFN result doesn't have all the info which are required by the supplicant
3494 * (For e.g IEs) Do a target Escan so that sched scan results are reported
3495 * via wl_inform_single_bss in the required format. Escan does require the
3496 * scan request in the form of cfg80211_scan_request. For timebeing, create
3497 * cfg80211_scan_request one out of the received PNO event.
3500 brcmf_notify_sched_scan_results(struct brcmf_if *ifp,
3501 const struct brcmf_event_msg *e, void *data)
3503 struct brcmf_pub *drvr = ifp->drvr;
3504 struct brcmf_cfg80211_info *cfg = drvr->config;
3505 struct brcmf_pno_net_info_le *netinfo, *netinfo_start;
3506 struct cfg80211_scan_request *request = NULL;
3507 struct wiphy *wiphy = cfg_to_wiphy(cfg);
3509 struct brcmf_pno_scanresults_le *pfn_result;
3515 brcmf_dbg(SCAN, "Enter\n");
3517 if (e->datalen < (sizeof(*pfn_result) + sizeof(*netinfo))) {
3518 brcmf_dbg(SCAN, "Event data to small. Ignore\n");
3522 if (e->event_code == BRCMF_E_PFN_NET_LOST) {
3523 brcmf_dbg(SCAN, "PFN NET LOST event. Do Nothing\n");
3527 pfn_result = (struct brcmf_pno_scanresults_le *)data;
3528 result_count = le32_to_cpu(pfn_result->count);
3529 status = le32_to_cpu(pfn_result->status);
3531 /* PFN event is limited to fit 512 bytes so we may get
3532 * multiple NET_FOUND events. For now place a warning here.
3534 WARN_ON(status != BRCMF_PNO_SCAN_COMPLETE);
3535 brcmf_dbg(SCAN, "PFN NET FOUND event. count: %d\n", result_count);
3536 if (!result_count) {
3537 bphy_err(drvr, "FALSE PNO Event. (pfn_count == 0)\n");
3541 netinfo_start = brcmf_get_netinfo_array(pfn_result);
3542 datalen = e->datalen - ((void *)netinfo_start - (void *)pfn_result);
3543 if (datalen < result_count * sizeof(*netinfo)) {
3544 bphy_err(drvr, "insufficient event data\n");
3548 request = brcmf_alloc_internal_escan_request(wiphy,
3556 for (i = 0; i < result_count; i++) {
3557 netinfo = &netinfo_start[i];
3559 if (netinfo->SSID_len > IEEE80211_MAX_SSID_LEN)
3560 netinfo->SSID_len = IEEE80211_MAX_SSID_LEN;
3561 brcmf_dbg(SCAN, "SSID:%.32s Channel:%d\n",
3562 netinfo->SSID, netinfo->channel);
3563 bucket_map |= brcmf_pno_get_bucket_map(cfg->pno, netinfo);
3564 err = brcmf_internal_escan_add_info(request,
3575 err = brcmf_start_internal_escan(ifp, bucket_map, request);
3580 cfg80211_sched_scan_stopped(wiphy, 0);
3587 brcmf_cfg80211_sched_scan_start(struct wiphy *wiphy,
3588 struct net_device *ndev,
3589 struct cfg80211_sched_scan_request *req)
3591 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3592 struct brcmf_if *ifp = netdev_priv(ndev);
3593 struct brcmf_pub *drvr = cfg->pub;
3595 brcmf_dbg(SCAN, "Enter: n_match_sets=%d n_ssids=%d\n",
3596 req->n_match_sets, req->n_ssids);
3598 if (test_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status)) {
3599 bphy_err(drvr, "Scanning suppressed: status=%lu\n",
3604 if (req->n_match_sets <= 0) {
3605 brcmf_dbg(SCAN, "invalid number of matchsets specified: %d\n",
3610 return brcmf_pno_start_sched_scan(ifp, req);
3613 static int brcmf_cfg80211_sched_scan_stop(struct wiphy *wiphy,
3614 struct net_device *ndev, u64 reqid)
3616 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3617 struct brcmf_if *ifp = netdev_priv(ndev);
3619 brcmf_dbg(SCAN, "enter\n");
3620 brcmf_pno_stop_sched_scan(ifp, reqid);
3621 if (cfg->int_escan_map)
3622 brcmf_notify_escan_complete(cfg, ifp, true, true);
3626 static __always_inline void brcmf_delay(u32 ms)
3628 if (ms < 1000 / HZ) {
3636 static s32 brcmf_config_wowl_pattern(struct brcmf_if *ifp, u8 cmd[4],
3637 u8 *pattern, u32 patternsize, u8 *mask,
3640 struct brcmf_fil_wowl_pattern_le *filter;
3647 masksize = (patternsize + 7) / 8;
3648 patternoffset = sizeof(*filter) - sizeof(filter->cmd) + masksize;
3650 bufsize = sizeof(*filter) + patternsize + masksize;
3651 buf = kzalloc(bufsize, GFP_KERNEL);
3654 filter = (struct brcmf_fil_wowl_pattern_le *)buf;
3656 memcpy(filter->cmd, cmd, 4);
3657 filter->masksize = cpu_to_le32(masksize);
3658 filter->offset = cpu_to_le32(packet_offset);
3659 filter->patternoffset = cpu_to_le32(patternoffset);
3660 filter->patternsize = cpu_to_le32(patternsize);
3661 filter->type = cpu_to_le32(BRCMF_WOWL_PATTERN_TYPE_BITMAP);
3663 if ((mask) && (masksize))
3664 memcpy(buf + sizeof(*filter), mask, masksize);
3665 if ((pattern) && (patternsize))
3666 memcpy(buf + sizeof(*filter) + masksize, pattern, patternsize);
3668 ret = brcmf_fil_iovar_data_set(ifp, "wowl_pattern", buf, bufsize);
3675 brcmf_wowl_nd_results(struct brcmf_if *ifp, const struct brcmf_event_msg *e,
3678 struct brcmf_pub *drvr = ifp->drvr;
3679 struct brcmf_cfg80211_info *cfg = drvr->config;
3680 struct brcmf_pno_scanresults_le *pfn_result;
3681 struct brcmf_pno_net_info_le *netinfo;
3683 brcmf_dbg(SCAN, "Enter\n");
3685 if (e->datalen < (sizeof(*pfn_result) + sizeof(*netinfo))) {
3686 brcmf_dbg(SCAN, "Event data to small. Ignore\n");
3690 pfn_result = (struct brcmf_pno_scanresults_le *)data;
3692 if (e->event_code == BRCMF_E_PFN_NET_LOST) {
3693 brcmf_dbg(SCAN, "PFN NET LOST event. Ignore\n");
3697 if (le32_to_cpu(pfn_result->count) < 1) {
3698 bphy_err(drvr, "Invalid result count, expected 1 (%d)\n",
3699 le32_to_cpu(pfn_result->count));
3703 netinfo = brcmf_get_netinfo_array(pfn_result);
3704 if (netinfo->SSID_len > IEEE80211_MAX_SSID_LEN)
3705 netinfo->SSID_len = IEEE80211_MAX_SSID_LEN;
3706 memcpy(cfg->wowl.nd->ssid.ssid, netinfo->SSID, netinfo->SSID_len);
3707 cfg->wowl.nd->ssid.ssid_len = netinfo->SSID_len;
3708 cfg->wowl.nd->n_channels = 1;
3709 cfg->wowl.nd->channels[0] =
3710 ieee80211_channel_to_frequency(netinfo->channel,
3711 netinfo->channel <= CH_MAX_2G_CHANNEL ?
3712 NL80211_BAND_2GHZ : NL80211_BAND_5GHZ);
3713 cfg->wowl.nd_info->n_matches = 1;
3714 cfg->wowl.nd_info->matches[0] = cfg->wowl.nd;
3716 /* Inform (the resume task) that the net detect information was recvd */
3717 cfg->wowl.nd_data_completed = true;
3718 wake_up(&cfg->wowl.nd_data_wait);
3725 static void brcmf_report_wowl_wakeind(struct wiphy *wiphy, struct brcmf_if *ifp)
3727 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3728 struct brcmf_pub *drvr = cfg->pub;
3729 struct brcmf_wowl_wakeind_le wake_ind_le;
3730 struct cfg80211_wowlan_wakeup wakeup_data;
3731 struct cfg80211_wowlan_wakeup *wakeup;
3736 err = brcmf_fil_iovar_data_get(ifp, "wowl_wakeind", &wake_ind_le,
3737 sizeof(wake_ind_le));
3739 bphy_err(drvr, "Get wowl_wakeind failed, err = %d\n", err);
3743 wakeind = le32_to_cpu(wake_ind_le.ucode_wakeind);
3744 if (wakeind & (BRCMF_WOWL_MAGIC | BRCMF_WOWL_DIS | BRCMF_WOWL_BCN |
3745 BRCMF_WOWL_RETR | BRCMF_WOWL_NET |
3746 BRCMF_WOWL_PFN_FOUND)) {
3747 wakeup = &wakeup_data;
3748 memset(&wakeup_data, 0, sizeof(wakeup_data));
3749 wakeup_data.pattern_idx = -1;
3751 if (wakeind & BRCMF_WOWL_MAGIC) {
3752 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_MAGIC\n");
3753 wakeup_data.magic_pkt = true;
3755 if (wakeind & BRCMF_WOWL_DIS) {
3756 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_DIS\n");
3757 wakeup_data.disconnect = true;
3759 if (wakeind & BRCMF_WOWL_BCN) {
3760 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_BCN\n");
3761 wakeup_data.disconnect = true;
3763 if (wakeind & BRCMF_WOWL_RETR) {
3764 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_RETR\n");
3765 wakeup_data.disconnect = true;
3767 if (wakeind & BRCMF_WOWL_NET) {
3768 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_NET\n");
3769 /* For now always map to pattern 0, no API to get
3770 * correct information available at the moment.
3772 wakeup_data.pattern_idx = 0;
3774 if (wakeind & BRCMF_WOWL_PFN_FOUND) {
3775 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_PFN_FOUND\n");
3776 timeout = wait_event_timeout(cfg->wowl.nd_data_wait,
3777 cfg->wowl.nd_data_completed,
3778 BRCMF_ND_INFO_TIMEOUT);
3780 bphy_err(drvr, "No result for wowl net detect\n");
3782 wakeup_data.net_detect = cfg->wowl.nd_info;
3784 if (wakeind & BRCMF_WOWL_GTK_FAILURE) {
3785 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_GTK_FAILURE\n");
3786 wakeup_data.gtk_rekey_failure = true;
3791 cfg80211_report_wowlan_wakeup(&ifp->vif->wdev, wakeup, GFP_KERNEL);
3796 static void brcmf_report_wowl_wakeind(struct wiphy *wiphy, struct brcmf_if *ifp)
3800 #endif /* CONFIG_PM */
3802 static s32 brcmf_cfg80211_resume(struct wiphy *wiphy)
3804 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3805 struct net_device *ndev = cfg_to_ndev(cfg);
3806 struct brcmf_if *ifp = netdev_priv(ndev);
3808 brcmf_dbg(TRACE, "Enter\n");
3810 if (cfg->wowl.active) {
3811 brcmf_report_wowl_wakeind(wiphy, ifp);
3812 brcmf_fil_iovar_int_set(ifp, "wowl_clear", 0);
3813 brcmf_config_wowl_pattern(ifp, "clr", NULL, 0, NULL, 0);
3814 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ARP_ND))
3815 brcmf_configure_arp_nd_offload(ifp, true);
3816 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM,
3817 cfg->wowl.pre_pmmode);
3818 cfg->wowl.active = false;
3819 if (cfg->wowl.nd_enabled) {
3820 brcmf_cfg80211_sched_scan_stop(cfg->wiphy, ifp->ndev, 0);
3821 brcmf_fweh_unregister(cfg->pub, BRCMF_E_PFN_NET_FOUND);
3822 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
3823 brcmf_notify_sched_scan_results);
3824 cfg->wowl.nd_enabled = false;
3830 static void brcmf_configure_wowl(struct brcmf_cfg80211_info *cfg,
3831 struct brcmf_if *ifp,
3832 struct cfg80211_wowlan *wowl)
3835 struct brcmf_wowl_wakeind_le wowl_wakeind;
3838 brcmf_dbg(TRACE, "Suspend, wowl config.\n");
3840 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ARP_ND))
3841 brcmf_configure_arp_nd_offload(ifp, false);
3842 brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_PM, &cfg->wowl.pre_pmmode);
3843 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, PM_MAX);
3846 if (wowl->disconnect)
3847 wowl_config = BRCMF_WOWL_DIS | BRCMF_WOWL_BCN | BRCMF_WOWL_RETR;
3848 if (wowl->magic_pkt)
3849 wowl_config |= BRCMF_WOWL_MAGIC;
3850 if ((wowl->patterns) && (wowl->n_patterns)) {
3851 wowl_config |= BRCMF_WOWL_NET;
3852 for (i = 0; i < wowl->n_patterns; i++) {
3853 brcmf_config_wowl_pattern(ifp, "add",
3854 (u8 *)wowl->patterns[i].pattern,
3855 wowl->patterns[i].pattern_len,
3856 (u8 *)wowl->patterns[i].mask,
3857 wowl->patterns[i].pkt_offset);
3860 if (wowl->nd_config) {
3861 brcmf_cfg80211_sched_scan_start(cfg->wiphy, ifp->ndev,
3863 wowl_config |= BRCMF_WOWL_PFN_FOUND;
3865 cfg->wowl.nd_data_completed = false;
3866 cfg->wowl.nd_enabled = true;
3867 /* Now reroute the event for PFN to the wowl function. */
3868 brcmf_fweh_unregister(cfg->pub, BRCMF_E_PFN_NET_FOUND);
3869 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
3870 brcmf_wowl_nd_results);
3872 if (wowl->gtk_rekey_failure)
3873 wowl_config |= BRCMF_WOWL_GTK_FAILURE;
3874 if (!test_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state))
3875 wowl_config |= BRCMF_WOWL_UNASSOC;
3877 memcpy(&wowl_wakeind, "clear", 6);
3878 brcmf_fil_iovar_data_set(ifp, "wowl_wakeind", &wowl_wakeind,
3879 sizeof(wowl_wakeind));
3880 brcmf_fil_iovar_int_set(ifp, "wowl", wowl_config);
3881 brcmf_fil_iovar_int_set(ifp, "wowl_activate", 1);
3882 brcmf_bus_wowl_config(cfg->pub->bus_if, true);
3883 cfg->wowl.active = true;
3886 static s32 brcmf_cfg80211_suspend(struct wiphy *wiphy,
3887 struct cfg80211_wowlan *wowl)
3889 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3890 struct net_device *ndev = cfg_to_ndev(cfg);
3891 struct brcmf_if *ifp = netdev_priv(ndev);
3892 struct brcmf_cfg80211_vif *vif;
3894 brcmf_dbg(TRACE, "Enter\n");
3896 /* if the primary net_device is not READY there is nothing
3897 * we can do but pray resume goes smoothly.
3899 if (!check_vif_up(ifp->vif))
3902 /* Stop scheduled scan */
3903 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO))
3904 brcmf_cfg80211_sched_scan_stop(wiphy, ndev, 0);
3906 /* end any scanning */
3907 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status))
3908 brcmf_abort_scanning(cfg);
3911 brcmf_bus_wowl_config(cfg->pub->bus_if, false);
3912 list_for_each_entry(vif, &cfg->vif_list, list) {
3913 if (!test_bit(BRCMF_VIF_STATUS_READY, &vif->sme_state))
3915 /* While going to suspend if associated with AP
3916 * disassociate from AP to save power while system is
3917 * in suspended state
3919 brcmf_link_down(vif, WLAN_REASON_UNSPECIFIED, true);
3920 /* Make sure WPA_Supplicant receives all the event
3921 * generated due to DISASSOC call to the fw to keep
3922 * the state fw and WPA_Supplicant state consistent
3927 brcmf_set_mpc(ifp, 1);
3930 /* Configure WOWL paramaters */
3931 brcmf_configure_wowl(cfg, ifp, wowl);
3935 brcmf_dbg(TRACE, "Exit\n");
3936 /* clear any scanning activity */
3937 cfg->scan_status = 0;
3942 brcmf_update_pmklist(struct brcmf_cfg80211_info *cfg, struct brcmf_if *ifp)
3944 struct brcmf_pmk_list_le *pmk_list;
3949 pmk_list = &cfg->pmk_list;
3950 npmk = le32_to_cpu(pmk_list->npmk);
3952 brcmf_dbg(CONN, "No of elements %d\n", npmk);
3953 for (i = 0; i < npmk; i++)
3954 brcmf_dbg(CONN, "PMK[%d]: %pM\n", i, &pmk_list->pmk[i].bssid);
3956 err = brcmf_fil_iovar_data_set(ifp, "pmkid_info", pmk_list,
3963 brcmf_cfg80211_set_pmksa(struct wiphy *wiphy, struct net_device *ndev,
3964 struct cfg80211_pmksa *pmksa)
3966 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3967 struct brcmf_if *ifp = netdev_priv(ndev);
3968 struct brcmf_pmksa *pmk = &cfg->pmk_list.pmk[0];
3969 struct brcmf_pub *drvr = cfg->pub;
3973 brcmf_dbg(TRACE, "Enter\n");
3974 if (!check_vif_up(ifp->vif))
3977 npmk = le32_to_cpu(cfg->pmk_list.npmk);
3978 for (i = 0; i < npmk; i++)
3979 if (!memcmp(pmksa->bssid, pmk[i].bssid, ETH_ALEN))
3981 if (i < BRCMF_MAXPMKID) {
3982 memcpy(pmk[i].bssid, pmksa->bssid, ETH_ALEN);
3983 memcpy(pmk[i].pmkid, pmksa->pmkid, WLAN_PMKID_LEN);
3986 cfg->pmk_list.npmk = cpu_to_le32(npmk);
3989 bphy_err(drvr, "Too many PMKSA entries cached %d\n", npmk);
3993 brcmf_dbg(CONN, "set_pmksa - PMK bssid: %pM =\n", pmk[npmk].bssid);
3994 for (i = 0; i < WLAN_PMKID_LEN; i += 4)
3995 brcmf_dbg(CONN, "%02x %02x %02x %02x\n", pmk[npmk].pmkid[i],
3996 pmk[npmk].pmkid[i + 1], pmk[npmk].pmkid[i + 2],
3997 pmk[npmk].pmkid[i + 3]);
3999 err = brcmf_update_pmklist(cfg, ifp);
4001 brcmf_dbg(TRACE, "Exit\n");
4006 brcmf_cfg80211_del_pmksa(struct wiphy *wiphy, struct net_device *ndev,
4007 struct cfg80211_pmksa *pmksa)
4009 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4010 struct brcmf_if *ifp = netdev_priv(ndev);
4011 struct brcmf_pmksa *pmk = &cfg->pmk_list.pmk[0];
4012 struct brcmf_pub *drvr = cfg->pub;
4016 brcmf_dbg(TRACE, "Enter\n");
4017 if (!check_vif_up(ifp->vif))
4020 brcmf_dbg(CONN, "del_pmksa - PMK bssid = %pM\n", pmksa->bssid);
4022 npmk = le32_to_cpu(cfg->pmk_list.npmk);
4023 for (i = 0; i < npmk; i++)
4024 if (!memcmp(pmksa->bssid, pmk[i].bssid, ETH_ALEN))
4027 if ((npmk > 0) && (i < npmk)) {
4028 for (; i < (npmk - 1); i++) {
4029 memcpy(&pmk[i].bssid, &pmk[i + 1].bssid, ETH_ALEN);
4030 memcpy(&pmk[i].pmkid, &pmk[i + 1].pmkid,
4033 memset(&pmk[i], 0, sizeof(*pmk));
4034 cfg->pmk_list.npmk = cpu_to_le32(npmk - 1);
4036 bphy_err(drvr, "Cache entry not found\n");
4040 err = brcmf_update_pmklist(cfg, ifp);
4042 brcmf_dbg(TRACE, "Exit\n");
4048 brcmf_cfg80211_flush_pmksa(struct wiphy *wiphy, struct net_device *ndev)
4050 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4051 struct brcmf_if *ifp = netdev_priv(ndev);
4054 brcmf_dbg(TRACE, "Enter\n");
4055 if (!check_vif_up(ifp->vif))
4058 memset(&cfg->pmk_list, 0, sizeof(cfg->pmk_list));
4059 err = brcmf_update_pmklist(cfg, ifp);
4061 brcmf_dbg(TRACE, "Exit\n");
4066 static s32 brcmf_configure_opensecurity(struct brcmf_if *ifp)
4068 struct brcmf_pub *drvr = ifp->drvr;
4073 err = brcmf_fil_bsscfg_int_set(ifp, "auth", 0);
4075 bphy_err(drvr, "auth error %d\n", err);
4079 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", 0);
4081 bphy_err(drvr, "wsec error %d\n", err);
4084 /* set upper-layer auth */
4085 if (brcmf_is_ibssmode(ifp->vif))
4086 wpa_val = WPA_AUTH_NONE;
4088 wpa_val = WPA_AUTH_DISABLED;
4089 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", wpa_val);
4091 bphy_err(drvr, "wpa_auth error %d\n", err);
4098 static bool brcmf_valid_wpa_oui(u8 *oui, bool is_rsn_ie)
4101 return (memcmp(oui, RSN_OUI, TLV_OUI_LEN) == 0);
4103 return (memcmp(oui, WPA_OUI, TLV_OUI_LEN) == 0);
4107 brcmf_configure_wpaie(struct brcmf_if *ifp,
4108 const struct brcmf_vs_tlv *wpa_ie,
4111 struct brcmf_pub *drvr = ifp->drvr;
4112 u32 auth = 0; /* d11 open authentication */
4124 u32 wme_bss_disable;
4127 brcmf_dbg(TRACE, "Enter\n");
4131 len = wpa_ie->len + TLV_HDR_LEN;
4132 data = (u8 *)wpa_ie;
4133 offset = TLV_HDR_LEN;
4135 offset += VS_IE_FIXED_HDR_LEN;
4137 offset += WPA_IE_VERSION_LEN;
4139 /* check for multicast cipher suite */
4140 if (offset + WPA_IE_MIN_OUI_LEN > len) {
4142 bphy_err(drvr, "no multicast cipher suite\n");
4146 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4148 bphy_err(drvr, "ivalid OUI\n");
4151 offset += TLV_OUI_LEN;
4153 /* pick up multicast cipher */
4154 switch (data[offset]) {
4155 case WPA_CIPHER_NONE:
4158 case WPA_CIPHER_WEP_40:
4159 case WPA_CIPHER_WEP_104:
4162 case WPA_CIPHER_TKIP:
4163 gval = TKIP_ENABLED;
4165 case WPA_CIPHER_AES_CCM:
4170 bphy_err(drvr, "Invalid multi cast cipher info\n");
4175 /* walk thru unicast cipher list and pick up what we recognize */
4176 count = data[offset] + (data[offset + 1] << 8);
4177 offset += WPA_IE_SUITE_COUNT_LEN;
4178 /* Check for unicast suite(s) */
4179 if (offset + (WPA_IE_MIN_OUI_LEN * count) > len) {
4181 bphy_err(drvr, "no unicast cipher suite\n");
4184 for (i = 0; i < count; i++) {
4185 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4187 bphy_err(drvr, "ivalid OUI\n");
4190 offset += TLV_OUI_LEN;
4191 switch (data[offset]) {
4192 case WPA_CIPHER_NONE:
4194 case WPA_CIPHER_WEP_40:
4195 case WPA_CIPHER_WEP_104:
4196 pval |= WEP_ENABLED;
4198 case WPA_CIPHER_TKIP:
4199 pval |= TKIP_ENABLED;
4201 case WPA_CIPHER_AES_CCM:
4202 pval |= AES_ENABLED;
4205 bphy_err(drvr, "Invalid unicast security info\n");
4209 /* walk thru auth management suite list and pick up what we recognize */
4210 count = data[offset] + (data[offset + 1] << 8);
4211 offset += WPA_IE_SUITE_COUNT_LEN;
4212 /* Check for auth key management suite(s) */
4213 if (offset + (WPA_IE_MIN_OUI_LEN * count) > len) {
4215 bphy_err(drvr, "no auth key mgmt suite\n");
4218 for (i = 0; i < count; i++) {
4219 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4221 bphy_err(drvr, "ivalid OUI\n");
4224 offset += TLV_OUI_LEN;
4225 switch (data[offset]) {
4227 brcmf_dbg(TRACE, "RSN_AKM_NONE\n");
4228 wpa_auth |= WPA_AUTH_NONE;
4230 case RSN_AKM_UNSPECIFIED:
4231 brcmf_dbg(TRACE, "RSN_AKM_UNSPECIFIED\n");
4232 is_rsn_ie ? (wpa_auth |= WPA2_AUTH_UNSPECIFIED) :
4233 (wpa_auth |= WPA_AUTH_UNSPECIFIED);
4236 brcmf_dbg(TRACE, "RSN_AKM_PSK\n");
4237 is_rsn_ie ? (wpa_auth |= WPA2_AUTH_PSK) :
4238 (wpa_auth |= WPA_AUTH_PSK);
4240 case RSN_AKM_SHA256_PSK:
4241 brcmf_dbg(TRACE, "RSN_AKM_MFP_PSK\n");
4242 wpa_auth |= WPA2_AUTH_PSK_SHA256;
4244 case RSN_AKM_SHA256_1X:
4245 brcmf_dbg(TRACE, "RSN_AKM_MFP_1X\n");
4246 wpa_auth |= WPA2_AUTH_1X_SHA256;
4249 bphy_err(drvr, "Invalid key mgmt info\n");
4254 mfp = BRCMF_MFP_NONE;
4256 wme_bss_disable = 1;
4257 if ((offset + RSN_CAP_LEN) <= len) {
4258 rsn_cap = data[offset] + (data[offset + 1] << 8);
4259 if (rsn_cap & RSN_CAP_PTK_REPLAY_CNTR_MASK)
4260 wme_bss_disable = 0;
4261 if (rsn_cap & RSN_CAP_MFPR_MASK) {
4262 brcmf_dbg(TRACE, "MFP Required\n");
4263 mfp = BRCMF_MFP_REQUIRED;
4264 /* Firmware only supports mfp required in
4265 * combination with WPA2_AUTH_PSK_SHA256 or
4266 * WPA2_AUTH_1X_SHA256.
4268 if (!(wpa_auth & (WPA2_AUTH_PSK_SHA256 |
4269 WPA2_AUTH_1X_SHA256))) {
4273 /* Firmware has requirement that WPA2_AUTH_PSK/
4274 * WPA2_AUTH_UNSPECIFIED be set, if SHA256 OUI
4275 * is to be included in the rsn ie.
4277 if (wpa_auth & WPA2_AUTH_PSK_SHA256)
4278 wpa_auth |= WPA2_AUTH_PSK;
4279 else if (wpa_auth & WPA2_AUTH_1X_SHA256)
4280 wpa_auth |= WPA2_AUTH_UNSPECIFIED;
4281 } else if (rsn_cap & RSN_CAP_MFPC_MASK) {
4282 brcmf_dbg(TRACE, "MFP Capable\n");
4283 mfp = BRCMF_MFP_CAPABLE;
4286 offset += RSN_CAP_LEN;
4287 /* set wme_bss_disable to sync RSN Capabilities */
4288 err = brcmf_fil_bsscfg_int_set(ifp, "wme_bss_disable",
4291 bphy_err(drvr, "wme_bss_disable error %d\n", err);
4295 /* Skip PMKID cnt as it is know to be 0 for AP. */
4296 offset += RSN_PMKID_COUNT_LEN;
4298 /* See if there is BIP wpa suite left for MFP */
4299 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP) &&
4300 ((offset + WPA_IE_MIN_OUI_LEN) <= len)) {
4301 err = brcmf_fil_bsscfg_data_set(ifp, "bip",
4303 WPA_IE_MIN_OUI_LEN);
4305 bphy_err(drvr, "bip error %d\n", err);
4310 /* FOR WPS , set SES_OW_ENABLED */
4311 wsec = (pval | gval | SES_OW_ENABLED);
4314 err = brcmf_fil_bsscfg_int_set(ifp, "auth", auth);
4316 bphy_err(drvr, "auth error %d\n", err);
4320 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
4322 bphy_err(drvr, "wsec error %d\n", err);
4325 /* Configure MFP, this needs to go after wsec otherwise the wsec command
4326 * will overwrite the values set by MFP
4328 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP)) {
4329 err = brcmf_fil_bsscfg_int_set(ifp, "mfp", mfp);
4331 bphy_err(drvr, "mfp error %d\n", err);
4335 /* set upper-layer auth */
4336 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", wpa_auth);
4338 bphy_err(drvr, "wpa_auth error %d\n", err);
4347 brcmf_parse_vndr_ies(const u8 *vndr_ie_buf, u32 vndr_ie_len,
4348 struct parsed_vndr_ies *vndr_ies)
4350 struct brcmf_vs_tlv *vndrie;
4351 struct brcmf_tlv *ie;
4352 struct parsed_vndr_ie_info *parsed_info;
4355 remaining_len = (s32)vndr_ie_len;
4356 memset(vndr_ies, 0, sizeof(*vndr_ies));
4358 ie = (struct brcmf_tlv *)vndr_ie_buf;
4360 if (ie->id != WLAN_EID_VENDOR_SPECIFIC)
4362 vndrie = (struct brcmf_vs_tlv *)ie;
4363 /* len should be bigger than OUI length + one */
4364 if (vndrie->len < (VS_IE_FIXED_HDR_LEN - TLV_HDR_LEN + 1)) {
4365 brcmf_err("invalid vndr ie. length is too small %d\n",
4369 /* if wpa or wme ie, do not add ie */
4370 if (!memcmp(vndrie->oui, (u8 *)WPA_OUI, TLV_OUI_LEN) &&
4371 ((vndrie->oui_type == WPA_OUI_TYPE) ||
4372 (vndrie->oui_type == WME_OUI_TYPE))) {
4373 brcmf_dbg(TRACE, "Found WPA/WME oui. Do not add it\n");
4377 parsed_info = &vndr_ies->ie_info[vndr_ies->count];
4379 /* save vndr ie information */
4380 parsed_info->ie_ptr = (char *)vndrie;
4381 parsed_info->ie_len = vndrie->len + TLV_HDR_LEN;
4382 memcpy(&parsed_info->vndrie, vndrie, sizeof(*vndrie));
4386 brcmf_dbg(TRACE, "** OUI %3ph, type 0x%02x\n",
4387 parsed_info->vndrie.oui,
4388 parsed_info->vndrie.oui_type);
4390 if (vndr_ies->count >= VNDR_IE_PARSE_LIMIT)
4393 remaining_len -= (ie->len + TLV_HDR_LEN);
4394 if (remaining_len <= TLV_HDR_LEN)
4397 ie = (struct brcmf_tlv *)(((u8 *)ie) + ie->len +
4404 brcmf_vndr_ie(u8 *iebuf, s32 pktflag, u8 *ie_ptr, u32 ie_len, s8 *add_del_cmd)
4406 strscpy(iebuf, add_del_cmd, VNDR_IE_CMD_LEN);
4408 put_unaligned_le32(1, &iebuf[VNDR_IE_COUNT_OFFSET]);
4410 put_unaligned_le32(pktflag, &iebuf[VNDR_IE_PKTFLAG_OFFSET]);
4412 memcpy(&iebuf[VNDR_IE_VSIE_OFFSET], ie_ptr, ie_len);
4414 return ie_len + VNDR_IE_HDR_SIZE;
4417 s32 brcmf_vif_set_mgmt_ie(struct brcmf_cfg80211_vif *vif, s32 pktflag,
4418 const u8 *vndr_ie_buf, u32 vndr_ie_len)
4420 struct brcmf_pub *drvr;
4421 struct brcmf_if *ifp;
4422 struct vif_saved_ie *saved_ie;
4426 u8 *mgmt_ie_buf = NULL;
4427 int mgmt_ie_buf_len;
4429 u32 del_add_ie_buf_len = 0;
4430 u32 total_ie_buf_len = 0;
4431 u32 parsed_ie_buf_len = 0;
4432 struct parsed_vndr_ies old_vndr_ies;
4433 struct parsed_vndr_ies new_vndr_ies;
4434 struct parsed_vndr_ie_info *vndrie_info;
4437 int remained_buf_len;
4443 saved_ie = &vif->saved_ie;
4445 brcmf_dbg(TRACE, "bsscfgidx %d, pktflag : 0x%02X\n", ifp->bsscfgidx,
4447 iovar_ie_buf = kzalloc(WL_EXTRA_BUF_MAX, GFP_KERNEL);
4450 curr_ie_buf = iovar_ie_buf;
4452 case BRCMF_VNDR_IE_PRBREQ_FLAG:
4453 mgmt_ie_buf = saved_ie->probe_req_ie;
4454 mgmt_ie_len = &saved_ie->probe_req_ie_len;
4455 mgmt_ie_buf_len = sizeof(saved_ie->probe_req_ie);
4457 case BRCMF_VNDR_IE_PRBRSP_FLAG:
4458 mgmt_ie_buf = saved_ie->probe_res_ie;
4459 mgmt_ie_len = &saved_ie->probe_res_ie_len;
4460 mgmt_ie_buf_len = sizeof(saved_ie->probe_res_ie);
4462 case BRCMF_VNDR_IE_BEACON_FLAG:
4463 mgmt_ie_buf = saved_ie->beacon_ie;
4464 mgmt_ie_len = &saved_ie->beacon_ie_len;
4465 mgmt_ie_buf_len = sizeof(saved_ie->beacon_ie);
4467 case BRCMF_VNDR_IE_ASSOCREQ_FLAG:
4468 mgmt_ie_buf = saved_ie->assoc_req_ie;
4469 mgmt_ie_len = &saved_ie->assoc_req_ie_len;
4470 mgmt_ie_buf_len = sizeof(saved_ie->assoc_req_ie);
4472 case BRCMF_VNDR_IE_ASSOCRSP_FLAG:
4473 mgmt_ie_buf = saved_ie->assoc_res_ie;
4474 mgmt_ie_len = &saved_ie->assoc_res_ie_len;
4475 mgmt_ie_buf_len = sizeof(saved_ie->assoc_res_ie);
4479 bphy_err(drvr, "not suitable type\n");
4483 if (vndr_ie_len > mgmt_ie_buf_len) {
4485 bphy_err(drvr, "extra IE size too big\n");
4489 /* parse and save new vndr_ie in curr_ie_buff before comparing it */
4490 if (vndr_ie_buf && vndr_ie_len && curr_ie_buf) {
4492 brcmf_parse_vndr_ies(vndr_ie_buf, vndr_ie_len, &new_vndr_ies);
4493 for (i = 0; i < new_vndr_ies.count; i++) {
4494 vndrie_info = &new_vndr_ies.ie_info[i];
4495 memcpy(ptr + parsed_ie_buf_len, vndrie_info->ie_ptr,
4496 vndrie_info->ie_len);
4497 parsed_ie_buf_len += vndrie_info->ie_len;
4501 if (mgmt_ie_buf && *mgmt_ie_len) {
4502 if (parsed_ie_buf_len && (parsed_ie_buf_len == *mgmt_ie_len) &&
4503 (memcmp(mgmt_ie_buf, curr_ie_buf,
4504 parsed_ie_buf_len) == 0)) {
4505 brcmf_dbg(TRACE, "Previous mgmt IE equals to current IE\n");
4509 /* parse old vndr_ie */
4510 brcmf_parse_vndr_ies(mgmt_ie_buf, *mgmt_ie_len, &old_vndr_ies);
4512 /* make a command to delete old ie */
4513 for (i = 0; i < old_vndr_ies.count; i++) {
4514 vndrie_info = &old_vndr_ies.ie_info[i];
4516 brcmf_dbg(TRACE, "DEL ID : %d, Len: %d , OUI:%3ph\n",
4517 vndrie_info->vndrie.id,
4518 vndrie_info->vndrie.len,
4519 vndrie_info->vndrie.oui);
4521 del_add_ie_buf_len = brcmf_vndr_ie(curr_ie_buf, pktflag,
4522 vndrie_info->ie_ptr,
4523 vndrie_info->ie_len,
4525 curr_ie_buf += del_add_ie_buf_len;
4526 total_ie_buf_len += del_add_ie_buf_len;
4531 /* Add if there is any extra IE */
4532 if (mgmt_ie_buf && parsed_ie_buf_len) {
4535 remained_buf_len = mgmt_ie_buf_len;
4537 /* make a command to add new ie */
4538 for (i = 0; i < new_vndr_ies.count; i++) {
4539 vndrie_info = &new_vndr_ies.ie_info[i];
4541 /* verify remained buf size before copy data */
4542 if (remained_buf_len < (vndrie_info->vndrie.len +
4543 VNDR_IE_VSIE_OFFSET)) {
4544 bphy_err(drvr, "no space in mgmt_ie_buf: len left %d",
4548 remained_buf_len -= (vndrie_info->ie_len +
4549 VNDR_IE_VSIE_OFFSET);
4551 brcmf_dbg(TRACE, "ADDED ID : %d, Len: %d, OUI:%3ph\n",
4552 vndrie_info->vndrie.id,
4553 vndrie_info->vndrie.len,
4554 vndrie_info->vndrie.oui);
4556 del_add_ie_buf_len = brcmf_vndr_ie(curr_ie_buf, pktflag,
4557 vndrie_info->ie_ptr,
4558 vndrie_info->ie_len,
4561 /* save the parsed IE in wl struct */
4562 memcpy(ptr + (*mgmt_ie_len), vndrie_info->ie_ptr,
4563 vndrie_info->ie_len);
4564 *mgmt_ie_len += vndrie_info->ie_len;
4566 curr_ie_buf += del_add_ie_buf_len;
4567 total_ie_buf_len += del_add_ie_buf_len;
4570 if (total_ie_buf_len) {
4571 err = brcmf_fil_bsscfg_data_set(ifp, "vndr_ie", iovar_ie_buf,
4574 bphy_err(drvr, "vndr ie set error : %d\n", err);
4578 kfree(iovar_ie_buf);
4582 s32 brcmf_vif_clear_mgmt_ies(struct brcmf_cfg80211_vif *vif)
4585 BRCMF_VNDR_IE_PRBREQ_FLAG,
4586 BRCMF_VNDR_IE_PRBRSP_FLAG,
4587 BRCMF_VNDR_IE_BEACON_FLAG
4591 for (i = 0; i < ARRAY_SIZE(pktflags); i++)
4592 brcmf_vif_set_mgmt_ie(vif, pktflags[i], NULL, 0);
4594 memset(&vif->saved_ie, 0, sizeof(vif->saved_ie));
4599 brcmf_config_ap_mgmt_ie(struct brcmf_cfg80211_vif *vif,
4600 struct cfg80211_beacon_data *beacon)
4602 struct brcmf_pub *drvr = vif->ifp->drvr;
4605 /* Set Beacon IEs to FW */
4606 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_BEACON_FLAG,
4607 beacon->tail, beacon->tail_len);
4609 bphy_err(drvr, "Set Beacon IE Failed\n");
4612 brcmf_dbg(TRACE, "Applied Vndr IEs for Beacon\n");
4614 /* Set Probe Response IEs to FW */
4615 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_PRBRSP_FLAG,
4616 beacon->proberesp_ies,
4617 beacon->proberesp_ies_len);
4619 bphy_err(drvr, "Set Probe Resp IE Failed\n");
4621 brcmf_dbg(TRACE, "Applied Vndr IEs for Probe Resp\n");
4623 /* Set Assoc Response IEs to FW */
4624 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_ASSOCRSP_FLAG,
4625 beacon->assocresp_ies,
4626 beacon->assocresp_ies_len);
4628 brcmf_err("Set Assoc Resp IE Failed\n");
4630 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc Resp\n");
4636 brcmf_parse_configure_security(struct brcmf_if *ifp,
4637 struct cfg80211_ap_settings *settings,
4638 enum nl80211_iftype dev_role)
4640 const struct brcmf_tlv *rsn_ie;
4641 const struct brcmf_vs_tlv *wpa_ie;
4644 /* find the RSN_IE */
4645 rsn_ie = brcmf_parse_tlvs((u8 *)settings->beacon.tail,
4646 settings->beacon.tail_len, WLAN_EID_RSN);
4648 /* find the WPA_IE */
4649 wpa_ie = brcmf_find_wpaie((u8 *)settings->beacon.tail,
4650 settings->beacon.tail_len);
4652 if (wpa_ie || rsn_ie) {
4653 brcmf_dbg(TRACE, "WPA(2) IE is found\n");
4656 err = brcmf_configure_wpaie(ifp, wpa_ie, false);
4660 struct brcmf_vs_tlv *tmp_ie;
4662 tmp_ie = (struct brcmf_vs_tlv *)rsn_ie;
4665 err = brcmf_configure_wpaie(ifp, tmp_ie, true);
4670 brcmf_dbg(TRACE, "No WPA(2) IEs found\n");
4671 brcmf_configure_opensecurity(ifp);
4678 brcmf_cfg80211_start_ap(struct wiphy *wiphy, struct net_device *ndev,
4679 struct cfg80211_ap_settings *settings)
4682 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4683 struct brcmf_if *ifp = netdev_priv(ndev);
4684 struct brcmf_pub *drvr = cfg->pub;
4685 const struct brcmf_tlv *ssid_ie;
4686 const struct brcmf_tlv *country_ie;
4687 struct brcmf_ssid_le ssid_le;
4689 struct brcmf_join_params join_params;
4690 enum nl80211_iftype dev_role;
4691 struct brcmf_fil_bss_enable_le bss_enable;
4692 u16 chanspec = chandef_to_chanspec(&cfg->d11inf, &settings->chandef);
4697 brcmf_dbg(TRACE, "ctrlchn=%d, center=%d, bw=%d, beacon_interval=%d, dtim_period=%d,\n",
4698 settings->chandef.chan->hw_value,
4699 settings->chandef.center_freq1, settings->chandef.width,
4700 settings->beacon_interval, settings->dtim_period);
4701 brcmf_dbg(TRACE, "ssid=%s(%zu), auth_type=%d, inactivity_timeout=%d\n",
4702 settings->ssid, settings->ssid_len, settings->auth_type,
4703 settings->inactivity_timeout);
4704 dev_role = ifp->vif->wdev.iftype;
4705 mbss = ifp->vif->mbss;
4707 /* store current 11d setting */
4708 if (brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_REGULATORY,
4709 &ifp->vif->is_11d)) {
4710 is_11d = supports_11d = false;
4712 country_ie = brcmf_parse_tlvs((u8 *)settings->beacon.tail,
4713 settings->beacon.tail_len,
4715 is_11d = country_ie ? 1 : 0;
4716 supports_11d = true;
4719 memset(&ssid_le, 0, sizeof(ssid_le));
4720 if (settings->ssid == NULL || settings->ssid_len == 0) {
4721 ie_offset = DOT11_MGMT_HDR_LEN + DOT11_BCN_PRB_FIXED_LEN;
4722 ssid_ie = brcmf_parse_tlvs(
4723 (u8 *)&settings->beacon.head[ie_offset],
4724 settings->beacon.head_len - ie_offset,
4726 if (!ssid_ie || ssid_ie->len > IEEE80211_MAX_SSID_LEN)
4729 memcpy(ssid_le.SSID, ssid_ie->data, ssid_ie->len);
4730 ssid_le.SSID_len = cpu_to_le32(ssid_ie->len);
4731 brcmf_dbg(TRACE, "SSID is (%s) in Head\n", ssid_le.SSID);
4733 memcpy(ssid_le.SSID, settings->ssid, settings->ssid_len);
4734 ssid_le.SSID_len = cpu_to_le32((u32)settings->ssid_len);
4738 brcmf_set_mpc(ifp, 0);
4739 brcmf_configure_arp_nd_offload(ifp, false);
4742 /* Parameters shared by all radio interfaces */
4744 if ((supports_11d) && (is_11d != ifp->vif->is_11d)) {
4745 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_REGULATORY,
4748 bphy_err(drvr, "Regulatory Set Error, %d\n",
4753 if (settings->beacon_interval) {
4754 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_BCNPRD,
4755 settings->beacon_interval);
4757 bphy_err(drvr, "Beacon Interval Set Error, %d\n",
4762 if (settings->dtim_period) {
4763 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_DTIMPRD,
4764 settings->dtim_period);
4766 bphy_err(drvr, "DTIM Interval Set Error, %d\n",
4772 if ((dev_role == NL80211_IFTYPE_AP) &&
4773 ((ifp->ifidx == 0) ||
4774 (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_RSDB) &&
4775 !brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MCHAN)))) {
4776 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4778 bphy_err(drvr, "BRCMF_C_DOWN error %d\n",
4782 brcmf_fil_iovar_int_set(ifp, "apsta", 0);
4785 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_INFRA, 1);
4787 bphy_err(drvr, "SET INFRA error %d\n", err);
4790 } else if (WARN_ON(supports_11d && (is_11d != ifp->vif->is_11d))) {
4791 /* Multiple-BSS should use same 11d configuration */
4796 /* Interface specific setup */
4797 if (dev_role == NL80211_IFTYPE_AP) {
4798 if ((brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS)) && (!mbss))
4799 brcmf_fil_iovar_int_set(ifp, "mbss", 1);
4801 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_AP, 1);
4803 bphy_err(drvr, "setting AP mode failed %d\n",
4808 /* Firmware 10.x requires setting channel after enabling
4809 * AP and before bringing interface up.
4811 err = brcmf_fil_iovar_int_set(ifp, "chanspec", chanspec);
4813 bphy_err(drvr, "Set Channel failed: chspec=%d, %d\n",
4818 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1);
4820 bphy_err(drvr, "BRCMF_C_UP error (%d)\n", err);
4824 err = brcmf_parse_configure_security(ifp, settings,
4827 bphy_err(drvr, "brcmf_parse_configure_security error\n");
4831 /* On DOWN the firmware removes the WEP keys, reconfigure
4832 * them if they were set.
4834 brcmf_cfg80211_reconfigure_wep(ifp);
4836 memset(&join_params, 0, sizeof(join_params));
4837 /* join parameters starts with ssid */
4838 memcpy(&join_params.ssid_le, &ssid_le, sizeof(ssid_le));
4840 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
4841 &join_params, sizeof(join_params));
4843 bphy_err(drvr, "SET SSID error (%d)\n", err);
4847 err = brcmf_fil_iovar_int_set(ifp, "closednet",
4848 settings->hidden_ssid);
4850 bphy_err(drvr, "%s closednet error (%d)\n",
4851 settings->hidden_ssid ?
4852 "enabled" : "disabled",
4857 brcmf_dbg(TRACE, "AP mode configuration complete\n");
4858 } else if (dev_role == NL80211_IFTYPE_P2P_GO) {
4859 err = brcmf_fil_iovar_int_set(ifp, "chanspec", chanspec);
4861 bphy_err(drvr, "Set Channel failed: chspec=%d, %d\n",
4866 err = brcmf_parse_configure_security(ifp, settings,
4867 NL80211_IFTYPE_P2P_GO);
4869 brcmf_err("brcmf_parse_configure_security error\n");
4873 err = brcmf_fil_bsscfg_data_set(ifp, "ssid", &ssid_le,
4876 bphy_err(drvr, "setting ssid failed %d\n", err);
4879 bss_enable.bsscfgidx = cpu_to_le32(ifp->bsscfgidx);
4880 bss_enable.enable = cpu_to_le32(1);
4881 err = brcmf_fil_iovar_data_set(ifp, "bss", &bss_enable,
4882 sizeof(bss_enable));
4884 bphy_err(drvr, "bss_enable config failed %d\n", err);
4888 brcmf_dbg(TRACE, "GO mode configuration complete\n");
4893 brcmf_config_ap_mgmt_ie(ifp->vif, &settings->beacon);
4894 set_bit(BRCMF_VIF_STATUS_AP_CREATED, &ifp->vif->sme_state);
4895 brcmf_net_setcarrier(ifp, true);
4898 if ((err) && (!mbss)) {
4899 brcmf_set_mpc(ifp, 1);
4900 brcmf_configure_arp_nd_offload(ifp, true);
4905 static int brcmf_cfg80211_stop_ap(struct wiphy *wiphy, struct net_device *ndev)
4907 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4908 struct brcmf_if *ifp = netdev_priv(ndev);
4909 struct brcmf_pub *drvr = cfg->pub;
4911 struct brcmf_fil_bss_enable_le bss_enable;
4912 struct brcmf_join_params join_params;
4914 brcmf_dbg(TRACE, "Enter\n");
4916 if (ifp->vif->wdev.iftype == NL80211_IFTYPE_AP) {
4917 /* Due to most likely deauths outstanding we sleep */
4918 /* first to make sure they get processed by fw. */
4921 if (ifp->vif->mbss) {
4922 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4926 /* First BSS doesn't get a full reset */
4927 if (ifp->bsscfgidx == 0)
4928 brcmf_fil_iovar_int_set(ifp, "closednet", 0);
4930 memset(&join_params, 0, sizeof(join_params));
4931 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
4932 &join_params, sizeof(join_params));
4934 bphy_err(drvr, "SET SSID error (%d)\n", err);
4935 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4937 bphy_err(drvr, "BRCMF_C_DOWN error %d\n", err);
4938 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_AP, 0);
4940 bphy_err(drvr, "setting AP mode failed %d\n", err);
4941 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS))
4942 brcmf_fil_iovar_int_set(ifp, "mbss", 0);
4943 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_REGULATORY,
4945 /* Bring device back up so it can be used again */
4946 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1);
4948 bphy_err(drvr, "BRCMF_C_UP error %d\n", err);
4950 brcmf_vif_clear_mgmt_ies(ifp->vif);
4952 bss_enable.bsscfgidx = cpu_to_le32(ifp->bsscfgidx);
4953 bss_enable.enable = cpu_to_le32(0);
4954 err = brcmf_fil_iovar_data_set(ifp, "bss", &bss_enable,
4955 sizeof(bss_enable));
4957 bphy_err(drvr, "bss_enable config failed %d\n", err);
4959 brcmf_set_mpc(ifp, 1);
4960 brcmf_configure_arp_nd_offload(ifp, true);
4961 clear_bit(BRCMF_VIF_STATUS_AP_CREATED, &ifp->vif->sme_state);
4962 brcmf_net_setcarrier(ifp, false);
4968 brcmf_cfg80211_change_beacon(struct wiphy *wiphy, struct net_device *ndev,
4969 struct cfg80211_beacon_data *info)
4971 struct brcmf_if *ifp = netdev_priv(ndev);
4974 brcmf_dbg(TRACE, "Enter\n");
4976 err = brcmf_config_ap_mgmt_ie(ifp->vif, info);
4982 brcmf_cfg80211_del_station(struct wiphy *wiphy, struct net_device *ndev,
4983 struct station_del_parameters *params)
4985 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4986 struct brcmf_pub *drvr = cfg->pub;
4987 struct brcmf_scb_val_le scbval;
4988 struct brcmf_if *ifp = netdev_priv(ndev);
4994 brcmf_dbg(TRACE, "Enter %pM\n", params->mac);
4996 if (ifp->vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif)
4997 ifp = cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif->ifp;
4998 if (!check_vif_up(ifp->vif))
5001 memcpy(&scbval.ea, params->mac, ETH_ALEN);
5002 scbval.val = cpu_to_le32(params->reason_code);
5003 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SCB_DEAUTHENTICATE_FOR_REASON,
5004 &scbval, sizeof(scbval));
5006 bphy_err(drvr, "SCB_DEAUTHENTICATE_FOR_REASON failed %d\n",
5009 brcmf_dbg(TRACE, "Exit\n");
5014 brcmf_cfg80211_change_station(struct wiphy *wiphy, struct net_device *ndev,
5015 const u8 *mac, struct station_parameters *params)
5017 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5018 struct brcmf_pub *drvr = cfg->pub;
5019 struct brcmf_if *ifp = netdev_priv(ndev);
5022 brcmf_dbg(TRACE, "Enter, MAC %pM, mask 0x%04x set 0x%04x\n", mac,
5023 params->sta_flags_mask, params->sta_flags_set);
5025 /* Ignore all 00 MAC */
5026 if (is_zero_ether_addr(mac))
5029 if (!(params->sta_flags_mask & BIT(NL80211_STA_FLAG_AUTHORIZED)))
5032 if (params->sta_flags_set & BIT(NL80211_STA_FLAG_AUTHORIZED))
5033 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SCB_AUTHORIZE,
5034 (void *)mac, ETH_ALEN);
5036 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SCB_DEAUTHORIZE,
5037 (void *)mac, ETH_ALEN);
5039 bphy_err(drvr, "Setting SCB (de-)authorize failed, %d\n", err);
5045 brcmf_cfg80211_update_mgmt_frame_registrations(struct wiphy *wiphy,
5046 struct wireless_dev *wdev,
5047 struct mgmt_frame_regs *upd)
5049 struct brcmf_cfg80211_vif *vif;
5051 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5053 vif->mgmt_rx_reg = upd->interface_stypes;
5058 brcmf_cfg80211_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev,
5059 struct cfg80211_mgmt_tx_params *params, u64 *cookie)
5061 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5062 struct ieee80211_channel *chan = params->chan;
5063 struct brcmf_pub *drvr = cfg->pub;
5064 const u8 *buf = params->buf;
5065 size_t len = params->len;
5066 const struct ieee80211_mgmt *mgmt;
5067 struct brcmf_cfg80211_vif *vif;
5071 struct brcmf_fil_action_frame_le *action_frame;
5072 struct brcmf_fil_af_params_le *af_params;
5077 brcmf_dbg(TRACE, "Enter\n");
5081 mgmt = (const struct ieee80211_mgmt *)buf;
5083 if (!ieee80211_is_mgmt(mgmt->frame_control)) {
5084 bphy_err(drvr, "Driver only allows MGMT packet type\n");
5088 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5090 if (ieee80211_is_probe_resp(mgmt->frame_control)) {
5091 /* Right now the only reason to get a probe response */
5092 /* is for p2p listen response or for p2p GO from */
5093 /* wpa_supplicant. Unfortunately the probe is send */
5094 /* on primary ndev, while dongle wants it on the p2p */
5095 /* vif. Since this is only reason for a probe */
5096 /* response to be sent, the vif is taken from cfg. */
5097 /* If ever desired to send proberesp for non p2p */
5098 /* response then data should be checked for */
5099 /* "DIRECT-". Note in future supplicant will take */
5100 /* dedicated p2p wdev to do this and then this 'hack'*/
5101 /* is not needed anymore. */
5102 ie_offset = DOT11_MGMT_HDR_LEN +
5103 DOT11_BCN_PRB_FIXED_LEN;
5104 ie_len = len - ie_offset;
5105 if (vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif)
5106 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
5107 err = brcmf_vif_set_mgmt_ie(vif,
5108 BRCMF_VNDR_IE_PRBRSP_FLAG,
5111 cfg80211_mgmt_tx_status(wdev, *cookie, buf, len, true,
5113 } else if (ieee80211_is_action(mgmt->frame_control)) {
5114 if (len > BRCMF_FIL_ACTION_FRAME_SIZE + DOT11_MGMT_HDR_LEN) {
5115 bphy_err(drvr, "invalid action frame length\n");
5119 af_params = kzalloc(sizeof(*af_params), GFP_KERNEL);
5120 if (af_params == NULL) {
5121 bphy_err(drvr, "unable to allocate frame\n");
5125 action_frame = &af_params->action_frame;
5126 /* Add the packet Id */
5127 action_frame->packet_id = cpu_to_le32(*cookie);
5129 memcpy(&action_frame->da[0], &mgmt->da[0], ETH_ALEN);
5130 memcpy(&af_params->bssid[0], &mgmt->bssid[0], ETH_ALEN);
5131 /* Add the length exepted for 802.11 header */
5132 action_frame->len = cpu_to_le16(len - DOT11_MGMT_HDR_LEN);
5133 /* Add the channel. Use the one specified as parameter if any or
5134 * the current one (got from the firmware) otherwise
5137 freq = chan->center_freq;
5139 brcmf_fil_cmd_int_get(vif->ifp, BRCMF_C_GET_CHANNEL,
5141 chan_nr = ieee80211_frequency_to_channel(freq);
5142 af_params->channel = cpu_to_le32(chan_nr);
5143 af_params->dwell_time = cpu_to_le32(params->wait);
5144 memcpy(action_frame->data, &buf[DOT11_MGMT_HDR_LEN],
5145 le16_to_cpu(action_frame->len));
5147 brcmf_dbg(TRACE, "Action frame, cookie=%lld, len=%d, freq=%d\n",
5148 *cookie, le16_to_cpu(action_frame->len), freq);
5150 ack = brcmf_p2p_send_action_frame(cfg, cfg_to_ndev(cfg),
5153 cfg80211_mgmt_tx_status(wdev, *cookie, buf, len, ack,
5157 brcmf_dbg(TRACE, "Unhandled, fc=%04x!!\n", mgmt->frame_control);
5158 brcmf_dbg_hex_dump(true, buf, len, "payload, len=%zu\n", len);
5167 brcmf_cfg80211_cancel_remain_on_channel(struct wiphy *wiphy,
5168 struct wireless_dev *wdev,
5171 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5172 struct brcmf_pub *drvr = cfg->pub;
5173 struct brcmf_cfg80211_vif *vif;
5176 brcmf_dbg(TRACE, "Enter p2p listen cancel\n");
5178 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
5180 bphy_err(drvr, "No p2p device available for probe response\n");
5184 brcmf_p2p_cancel_remain_on_channel(vif->ifp);
5189 static int brcmf_cfg80211_get_channel(struct wiphy *wiphy,
5190 struct wireless_dev *wdev,
5191 struct cfg80211_chan_def *chandef)
5193 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5194 struct net_device *ndev = wdev->netdev;
5195 struct brcmf_pub *drvr = cfg->pub;
5196 struct brcmu_chan ch;
5197 enum nl80211_band band = 0;
5198 enum nl80211_chan_width width = 0;
5202 if (!ndev || drvr->bus_if->state != BRCMF_BUS_UP)
5205 err = brcmf_fil_iovar_int_get(netdev_priv(ndev), "chanspec", &chanspec);
5207 bphy_err(drvr, "chanspec failed (%d)\n", err);
5211 ch.chspec = chanspec;
5212 cfg->d11inf.decchspec(&ch);
5215 case BRCMU_CHAN_BAND_2G:
5216 band = NL80211_BAND_2GHZ;
5218 case BRCMU_CHAN_BAND_5G:
5219 band = NL80211_BAND_5GHZ;
5224 case BRCMU_CHAN_BW_80:
5225 width = NL80211_CHAN_WIDTH_80;
5227 case BRCMU_CHAN_BW_40:
5228 width = NL80211_CHAN_WIDTH_40;
5230 case BRCMU_CHAN_BW_20:
5231 width = NL80211_CHAN_WIDTH_20;
5233 case BRCMU_CHAN_BW_80P80:
5234 width = NL80211_CHAN_WIDTH_80P80;
5236 case BRCMU_CHAN_BW_160:
5237 width = NL80211_CHAN_WIDTH_160;
5241 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band);
5242 chandef->chan = ieee80211_get_channel(wiphy, freq);
5243 chandef->width = width;
5244 chandef->center_freq1 = ieee80211_channel_to_frequency(ch.chnum, band);
5245 chandef->center_freq2 = 0;
5250 static int brcmf_cfg80211_crit_proto_start(struct wiphy *wiphy,
5251 struct wireless_dev *wdev,
5252 enum nl80211_crit_proto_id proto,
5255 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5256 struct brcmf_cfg80211_vif *vif;
5258 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5260 /* only DHCP support for now */
5261 if (proto != NL80211_CRIT_PROTO_DHCP)
5264 /* suppress and abort scanning */
5265 set_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
5266 brcmf_abort_scanning(cfg);
5268 return brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_DISABLED, duration);
5271 static void brcmf_cfg80211_crit_proto_stop(struct wiphy *wiphy,
5272 struct wireless_dev *wdev)
5274 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5275 struct brcmf_cfg80211_vif *vif;
5277 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5279 brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_ENABLED, 0);
5280 clear_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
5284 brcmf_notify_tdls_peer_event(struct brcmf_if *ifp,
5285 const struct brcmf_event_msg *e, void *data)
5287 switch (e->reason) {
5288 case BRCMF_E_REASON_TDLS_PEER_DISCOVERED:
5289 brcmf_dbg(TRACE, "TDLS Peer Discovered\n");
5291 case BRCMF_E_REASON_TDLS_PEER_CONNECTED:
5292 brcmf_dbg(TRACE, "TDLS Peer Connected\n");
5293 brcmf_proto_add_tdls_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
5295 case BRCMF_E_REASON_TDLS_PEER_DISCONNECTED:
5296 brcmf_dbg(TRACE, "TDLS Peer Disconnected\n");
5297 brcmf_proto_delete_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
5304 static int brcmf_convert_nl80211_tdls_oper(enum nl80211_tdls_operation oper)
5309 case NL80211_TDLS_DISCOVERY_REQ:
5310 ret = BRCMF_TDLS_MANUAL_EP_DISCOVERY;
5312 case NL80211_TDLS_SETUP:
5313 ret = BRCMF_TDLS_MANUAL_EP_CREATE;
5315 case NL80211_TDLS_TEARDOWN:
5316 ret = BRCMF_TDLS_MANUAL_EP_DELETE;
5319 brcmf_err("unsupported operation: %d\n", oper);
5325 static int brcmf_cfg80211_tdls_oper(struct wiphy *wiphy,
5326 struct net_device *ndev, const u8 *peer,
5327 enum nl80211_tdls_operation oper)
5329 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5330 struct brcmf_pub *drvr = cfg->pub;
5331 struct brcmf_if *ifp;
5332 struct brcmf_tdls_iovar_le info;
5335 ret = brcmf_convert_nl80211_tdls_oper(oper);
5339 ifp = netdev_priv(ndev);
5340 memset(&info, 0, sizeof(info));
5341 info.mode = (u8)ret;
5343 memcpy(info.ea, peer, ETH_ALEN);
5345 ret = brcmf_fil_iovar_data_set(ifp, "tdls_endpoint",
5346 &info, sizeof(info));
5348 bphy_err(drvr, "tdls_endpoint iovar failed: ret=%d\n", ret);
5354 brcmf_cfg80211_update_conn_params(struct wiphy *wiphy,
5355 struct net_device *ndev,
5356 struct cfg80211_connect_params *sme,
5359 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5360 struct brcmf_pub *drvr = cfg->pub;
5361 struct brcmf_if *ifp;
5364 if (!(changed & UPDATE_ASSOC_IES))
5367 ifp = netdev_priv(ndev);
5368 err = brcmf_vif_set_mgmt_ie(ifp->vif, BRCMF_VNDR_IE_ASSOCREQ_FLAG,
5369 sme->ie, sme->ie_len);
5371 bphy_err(drvr, "Set Assoc REQ IE Failed\n");
5373 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc request\n");
5380 brcmf_cfg80211_set_rekey_data(struct wiphy *wiphy, struct net_device *ndev,
5381 struct cfg80211_gtk_rekey_data *gtk)
5383 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5384 struct brcmf_pub *drvr = cfg->pub;
5385 struct brcmf_if *ifp = netdev_priv(ndev);
5386 struct brcmf_gtk_keyinfo_le gtk_le;
5389 brcmf_dbg(TRACE, "Enter, bssidx=%d\n", ifp->bsscfgidx);
5391 memcpy(gtk_le.kck, gtk->kck, sizeof(gtk_le.kck));
5392 memcpy(gtk_le.kek, gtk->kek, sizeof(gtk_le.kek));
5393 memcpy(gtk_le.replay_counter, gtk->replay_ctr,
5394 sizeof(gtk_le.replay_counter));
5396 ret = brcmf_fil_iovar_data_set(ifp, "gtk_key_info", >k_le,
5399 bphy_err(drvr, "gtk_key_info iovar failed: ret=%d\n", ret);
5405 static int brcmf_cfg80211_set_pmk(struct wiphy *wiphy, struct net_device *dev,
5406 const struct cfg80211_pmk_conf *conf)
5408 struct brcmf_if *ifp;
5410 brcmf_dbg(TRACE, "enter\n");
5412 /* expect using firmware supplicant for 1X */
5413 ifp = netdev_priv(dev);
5414 if (WARN_ON(ifp->vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_1X))
5417 if (conf->pmk_len > BRCMF_WSEC_MAX_PSK_LEN)
5420 return brcmf_set_pmk(ifp, conf->pmk, conf->pmk_len);
5423 static int brcmf_cfg80211_del_pmk(struct wiphy *wiphy, struct net_device *dev,
5426 struct brcmf_if *ifp;
5428 brcmf_dbg(TRACE, "enter\n");
5429 ifp = netdev_priv(dev);
5430 if (WARN_ON(ifp->vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_1X))
5433 return brcmf_set_pmk(ifp, NULL, 0);
5436 static struct cfg80211_ops brcmf_cfg80211_ops = {
5437 .add_virtual_intf = brcmf_cfg80211_add_iface,
5438 .del_virtual_intf = brcmf_cfg80211_del_iface,
5439 .change_virtual_intf = brcmf_cfg80211_change_iface,
5440 .scan = brcmf_cfg80211_scan,
5441 .set_wiphy_params = brcmf_cfg80211_set_wiphy_params,
5442 .join_ibss = brcmf_cfg80211_join_ibss,
5443 .leave_ibss = brcmf_cfg80211_leave_ibss,
5444 .get_station = brcmf_cfg80211_get_station,
5445 .dump_station = brcmf_cfg80211_dump_station,
5446 .set_tx_power = brcmf_cfg80211_set_tx_power,
5447 .get_tx_power = brcmf_cfg80211_get_tx_power,
5448 .add_key = brcmf_cfg80211_add_key,
5449 .del_key = brcmf_cfg80211_del_key,
5450 .get_key = brcmf_cfg80211_get_key,
5451 .set_default_key = brcmf_cfg80211_config_default_key,
5452 .set_default_mgmt_key = brcmf_cfg80211_config_default_mgmt_key,
5453 .set_power_mgmt = brcmf_cfg80211_set_power_mgmt,
5454 .connect = brcmf_cfg80211_connect,
5455 .disconnect = brcmf_cfg80211_disconnect,
5456 .suspend = brcmf_cfg80211_suspend,
5457 .resume = brcmf_cfg80211_resume,
5458 .set_pmksa = brcmf_cfg80211_set_pmksa,
5459 .del_pmksa = brcmf_cfg80211_del_pmksa,
5460 .flush_pmksa = brcmf_cfg80211_flush_pmksa,
5461 .start_ap = brcmf_cfg80211_start_ap,
5462 .stop_ap = brcmf_cfg80211_stop_ap,
5463 .change_beacon = brcmf_cfg80211_change_beacon,
5464 .del_station = brcmf_cfg80211_del_station,
5465 .change_station = brcmf_cfg80211_change_station,
5466 .sched_scan_start = brcmf_cfg80211_sched_scan_start,
5467 .sched_scan_stop = brcmf_cfg80211_sched_scan_stop,
5468 .update_mgmt_frame_registrations =
5469 brcmf_cfg80211_update_mgmt_frame_registrations,
5470 .mgmt_tx = brcmf_cfg80211_mgmt_tx,
5471 .remain_on_channel = brcmf_p2p_remain_on_channel,
5472 .cancel_remain_on_channel = brcmf_cfg80211_cancel_remain_on_channel,
5473 .get_channel = brcmf_cfg80211_get_channel,
5474 .start_p2p_device = brcmf_p2p_start_device,
5475 .stop_p2p_device = brcmf_p2p_stop_device,
5476 .crit_proto_start = brcmf_cfg80211_crit_proto_start,
5477 .crit_proto_stop = brcmf_cfg80211_crit_proto_stop,
5478 .tdls_oper = brcmf_cfg80211_tdls_oper,
5479 .update_connect_params = brcmf_cfg80211_update_conn_params,
5480 .set_pmk = brcmf_cfg80211_set_pmk,
5481 .del_pmk = brcmf_cfg80211_del_pmk,
5484 struct cfg80211_ops *brcmf_cfg80211_get_ops(struct brcmf_mp_device *settings)
5486 struct cfg80211_ops *ops;
5488 ops = kmemdup(&brcmf_cfg80211_ops, sizeof(brcmf_cfg80211_ops),
5491 if (ops && settings->roamoff)
5492 ops->update_connect_params = NULL;
5497 struct brcmf_cfg80211_vif *brcmf_alloc_vif(struct brcmf_cfg80211_info *cfg,
5498 enum nl80211_iftype type)
5500 struct brcmf_cfg80211_vif *vif_walk;
5501 struct brcmf_cfg80211_vif *vif;
5503 struct brcmf_if *ifp = brcmf_get_ifp(cfg->pub, 0);
5505 brcmf_dbg(TRACE, "allocating virtual interface (size=%zu)\n",
5507 vif = kzalloc(sizeof(*vif), GFP_KERNEL);
5509 return ERR_PTR(-ENOMEM);
5511 vif->wdev.wiphy = cfg->wiphy;
5512 vif->wdev.iftype = type;
5514 brcmf_init_prof(&vif->profile);
5516 if (type == NL80211_IFTYPE_AP &&
5517 brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS)) {
5519 list_for_each_entry(vif_walk, &cfg->vif_list, list) {
5520 if (vif_walk->wdev.iftype == NL80211_IFTYPE_AP) {
5528 list_add_tail(&vif->list, &cfg->vif_list);
5532 void brcmf_free_vif(struct brcmf_cfg80211_vif *vif)
5534 list_del(&vif->list);
5538 void brcmf_cfg80211_free_netdev(struct net_device *ndev)
5540 struct brcmf_cfg80211_vif *vif;
5541 struct brcmf_if *ifp;
5543 ifp = netdev_priv(ndev);
5547 brcmf_free_vif(vif);
5550 static bool brcmf_is_linkup(struct brcmf_cfg80211_vif *vif,
5551 const struct brcmf_event_msg *e)
5553 u32 event = e->event_code;
5554 u32 status = e->status;
5556 if ((vif->profile.use_fwsup == BRCMF_PROFILE_FWSUP_PSK ||
5557 vif->profile.use_fwsup == BRCMF_PROFILE_FWSUP_SAE) &&
5558 event == BRCMF_E_PSK_SUP &&
5559 status == BRCMF_E_STATUS_FWSUP_COMPLETED)
5560 set_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
5561 if (event == BRCMF_E_SET_SSID && status == BRCMF_E_STATUS_SUCCESS) {
5562 brcmf_dbg(CONN, "Processing set ssid\n");
5563 memcpy(vif->profile.bssid, e->addr, ETH_ALEN);
5564 if (vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_PSK &&
5565 vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_SAE)
5568 set_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
5571 if (test_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state) &&
5572 test_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state)) {
5573 clear_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
5574 clear_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
5580 static bool brcmf_is_linkdown(const struct brcmf_event_msg *e)
5582 u32 event = e->event_code;
5583 u16 flags = e->flags;
5585 if ((event == BRCMF_E_DEAUTH) || (event == BRCMF_E_DEAUTH_IND) ||
5586 (event == BRCMF_E_DISASSOC_IND) ||
5587 ((event == BRCMF_E_LINK) && (!(flags & BRCMF_EVENT_MSG_LINK)))) {
5588 brcmf_dbg(CONN, "Processing link down\n");
5594 static bool brcmf_is_nonetwork(struct brcmf_cfg80211_info *cfg,
5595 const struct brcmf_event_msg *e)
5597 u32 event = e->event_code;
5598 u32 status = e->status;
5600 if (event == BRCMF_E_LINK && status == BRCMF_E_STATUS_NO_NETWORKS) {
5601 brcmf_dbg(CONN, "Processing Link %s & no network found\n",
5602 e->flags & BRCMF_EVENT_MSG_LINK ? "up" : "down");
5606 if (event == BRCMF_E_SET_SSID && status != BRCMF_E_STATUS_SUCCESS) {
5607 brcmf_dbg(CONN, "Processing connecting & no network found\n");
5611 if (event == BRCMF_E_PSK_SUP &&
5612 status != BRCMF_E_STATUS_FWSUP_COMPLETED) {
5613 brcmf_dbg(CONN, "Processing failed supplicant state: %u\n",
5621 static void brcmf_clear_assoc_ies(struct brcmf_cfg80211_info *cfg)
5623 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5625 kfree(conn_info->req_ie);
5626 conn_info->req_ie = NULL;
5627 conn_info->req_ie_len = 0;
5628 kfree(conn_info->resp_ie);
5629 conn_info->resp_ie = NULL;
5630 conn_info->resp_ie_len = 0;
5633 u8 brcmf_map_prio_to_prec(void *config, u8 prio)
5635 struct brcmf_cfg80211_info *cfg = (struct brcmf_cfg80211_info *)config;
5638 return (prio == PRIO_8021D_NONE || prio == PRIO_8021D_BE) ?
5641 /* For those AC(s) with ACM flag set to 1, convert its 4-level priority
5642 * to an 8-level precedence which is the same as BE's
5644 if (prio > PRIO_8021D_EE &&
5645 cfg->ac_priority[prio] == cfg->ac_priority[PRIO_8021D_BE])
5646 return cfg->ac_priority[prio] * 2;
5648 /* Conversion of 4-level priority to 8-level precedence */
5649 if (prio == PRIO_8021D_BE || prio == PRIO_8021D_BK ||
5650 prio == PRIO_8021D_CL || prio == PRIO_8021D_VO)
5651 return cfg->ac_priority[prio] * 2;
5653 return cfg->ac_priority[prio] * 2 + 1;
5656 u8 brcmf_map_prio_to_aci(void *config, u8 prio)
5658 /* Prio here refers to the 802.1d priority in range of 0 to 7.
5659 * ACI here refers to the WLAN AC Index in range of 0 to 3.
5660 * This function will return ACI corresponding to input prio.
5662 struct brcmf_cfg80211_info *cfg = (struct brcmf_cfg80211_info *)config;
5665 return cfg->ac_priority[prio];
5670 static void brcmf_init_wmm_prio(u8 *priority)
5672 /* Initialize AC priority array to default
5673 * 802.1d priority as per following table:
5674 * 802.1d prio 0,3 maps to BE
5675 * 802.1d prio 1,2 maps to BK
5676 * 802.1d prio 4,5 maps to VI
5677 * 802.1d prio 6,7 maps to VO
5679 priority[0] = BRCMF_FWS_FIFO_AC_BE;
5680 priority[3] = BRCMF_FWS_FIFO_AC_BE;
5681 priority[1] = BRCMF_FWS_FIFO_AC_BK;
5682 priority[2] = BRCMF_FWS_FIFO_AC_BK;
5683 priority[4] = BRCMF_FWS_FIFO_AC_VI;
5684 priority[5] = BRCMF_FWS_FIFO_AC_VI;
5685 priority[6] = BRCMF_FWS_FIFO_AC_VO;
5686 priority[7] = BRCMF_FWS_FIFO_AC_VO;
5689 static void brcmf_wifi_prioritize_acparams(const
5690 struct brcmf_cfg80211_edcf_acparam *acp, u8 *priority)
5697 u8 ranking_basis[EDCF_AC_COUNT];
5698 u8 aci_prio[EDCF_AC_COUNT]; /* AC_BE, AC_BK, AC_VI, AC_VO */
5701 for (aci = 0; aci < EDCF_AC_COUNT; aci++, acp++) {
5702 aifsn = acp->ACI & EDCF_AIFSN_MASK;
5703 acm = (acp->ACI & EDCF_ACM_MASK) ? 1 : 0;
5704 ecwmin = acp->ECW & EDCF_ECWMIN_MASK;
5705 ecwmax = (acp->ECW & EDCF_ECWMAX_MASK) >> EDCF_ECWMAX_SHIFT;
5706 brcmf_dbg(CONN, "ACI %d aifsn %d acm %d ecwmin %d ecwmax %d\n",
5707 aci, aifsn, acm, ecwmin, ecwmax);
5708 /* Default AC_VO will be the lowest ranking value */
5709 ranking_basis[aci] = aifsn + ecwmin + ecwmax;
5710 /* Initialise priority starting at 0 (AC_BE) */
5713 /* If ACM is set, STA can't use this AC as per 802.11.
5714 * Change the ranking to BE
5716 if (aci != AC_BE && aci != AC_BK && acm == 1)
5717 ranking_basis[aci] = ranking_basis[AC_BE];
5720 /* Ranking method which works for AC priority
5721 * swapping when values for cwmin, cwmax and aifsn are varied
5722 * Compare each aci_prio against each other aci_prio
5724 for (aci = 0; aci < EDCF_AC_COUNT; aci++) {
5725 for (index = 0; index < EDCF_AC_COUNT; index++) {
5727 /* Smaller ranking value has higher priority,
5728 * so increment priority for each ACI which has
5729 * a higher ranking value
5731 if (ranking_basis[aci] < ranking_basis[index])
5737 /* By now, aci_prio[] will be in range of 0 to 3.
5738 * Use ACI prio to get the new priority value for
5739 * each 802.1d traffic type, in this range.
5741 if (!(aci_prio[AC_BE] == aci_prio[AC_BK] &&
5742 aci_prio[AC_BK] == aci_prio[AC_VI] &&
5743 aci_prio[AC_VI] == aci_prio[AC_VO])) {
5744 /* 802.1d 0,3 maps to BE */
5745 priority[0] = aci_prio[AC_BE];
5746 priority[3] = aci_prio[AC_BE];
5748 /* 802.1d 1,2 maps to BK */
5749 priority[1] = aci_prio[AC_BK];
5750 priority[2] = aci_prio[AC_BK];
5752 /* 802.1d 4,5 maps to VO */
5753 priority[4] = aci_prio[AC_VI];
5754 priority[5] = aci_prio[AC_VI];
5756 /* 802.1d 6,7 maps to VO */
5757 priority[6] = aci_prio[AC_VO];
5758 priority[7] = aci_prio[AC_VO];
5760 /* Initialize to default priority */
5761 brcmf_init_wmm_prio(priority);
5764 brcmf_dbg(CONN, "Adj prio BE 0->%d, BK 1->%d, BK 2->%d, BE 3->%d\n",
5765 priority[0], priority[1], priority[2], priority[3]);
5767 brcmf_dbg(CONN, "Adj prio VI 4->%d, VI 5->%d, VO 6->%d, VO 7->%d\n",
5768 priority[4], priority[5], priority[6], priority[7]);
5771 static s32 brcmf_get_assoc_ies(struct brcmf_cfg80211_info *cfg,
5772 struct brcmf_if *ifp)
5774 struct brcmf_pub *drvr = cfg->pub;
5775 struct brcmf_cfg80211_assoc_ielen_le *assoc_info;
5776 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5777 struct brcmf_cfg80211_edcf_acparam edcf_acparam_info[EDCF_AC_COUNT];
5782 brcmf_clear_assoc_ies(cfg);
5784 err = brcmf_fil_iovar_data_get(ifp, "assoc_info",
5785 cfg->extra_buf, WL_ASSOC_INFO_MAX);
5787 bphy_err(drvr, "could not get assoc info (%d)\n", err);
5791 (struct brcmf_cfg80211_assoc_ielen_le *)cfg->extra_buf;
5792 req_len = le32_to_cpu(assoc_info->req_len);
5793 resp_len = le32_to_cpu(assoc_info->resp_len);
5795 err = brcmf_fil_iovar_data_get(ifp, "assoc_req_ies",
5799 bphy_err(drvr, "could not get assoc req (%d)\n", err);
5802 conn_info->req_ie_len = req_len;
5804 kmemdup(cfg->extra_buf, conn_info->req_ie_len,
5806 if (!conn_info->req_ie)
5807 conn_info->req_ie_len = 0;
5809 conn_info->req_ie_len = 0;
5810 conn_info->req_ie = NULL;
5813 err = brcmf_fil_iovar_data_get(ifp, "assoc_resp_ies",
5817 bphy_err(drvr, "could not get assoc resp (%d)\n", err);
5820 conn_info->resp_ie_len = resp_len;
5821 conn_info->resp_ie =
5822 kmemdup(cfg->extra_buf, conn_info->resp_ie_len,
5824 if (!conn_info->resp_ie)
5825 conn_info->resp_ie_len = 0;
5827 err = brcmf_fil_iovar_data_get(ifp, "wme_ac_sta",
5829 sizeof(edcf_acparam_info));
5831 brcmf_err("could not get wme_ac_sta (%d)\n", err);
5835 brcmf_wifi_prioritize_acparams(edcf_acparam_info,
5838 conn_info->resp_ie_len = 0;
5839 conn_info->resp_ie = NULL;
5841 brcmf_dbg(CONN, "req len (%d) resp len (%d)\n",
5842 conn_info->req_ie_len, conn_info->resp_ie_len);
5848 brcmf_bss_roaming_done(struct brcmf_cfg80211_info *cfg,
5849 struct net_device *ndev,
5850 const struct brcmf_event_msg *e)
5852 struct brcmf_if *ifp = netdev_priv(ndev);
5853 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
5854 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5855 struct wiphy *wiphy = cfg_to_wiphy(cfg);
5856 struct ieee80211_channel *notify_channel = NULL;
5857 struct ieee80211_supported_band *band;
5858 struct brcmf_bss_info_le *bi;
5859 struct brcmu_chan ch;
5860 struct cfg80211_roam_info roam_info = {};
5865 brcmf_dbg(TRACE, "Enter\n");
5867 brcmf_get_assoc_ies(cfg, ifp);
5868 memcpy(profile->bssid, e->addr, ETH_ALEN);
5869 brcmf_update_bss_info(cfg, ifp);
5871 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
5877 /* data sent to dongle has to be little endian */
5878 *(__le32 *)buf = cpu_to_le32(WL_BSS_INFO_MAX);
5879 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO,
5880 buf, WL_BSS_INFO_MAX);
5885 bi = (struct brcmf_bss_info_le *)(buf + 4);
5886 ch.chspec = le16_to_cpu(bi->chanspec);
5887 cfg->d11inf.decchspec(&ch);
5889 if (ch.band == BRCMU_CHAN_BAND_2G)
5890 band = wiphy->bands[NL80211_BAND_2GHZ];
5892 band = wiphy->bands[NL80211_BAND_5GHZ];
5894 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band->band);
5895 notify_channel = ieee80211_get_channel(wiphy, freq);
5900 roam_info.channel = notify_channel;
5901 roam_info.bssid = profile->bssid;
5902 roam_info.req_ie = conn_info->req_ie;
5903 roam_info.req_ie_len = conn_info->req_ie_len;
5904 roam_info.resp_ie = conn_info->resp_ie;
5905 roam_info.resp_ie_len = conn_info->resp_ie_len;
5907 cfg80211_roamed(ndev, &roam_info, GFP_KERNEL);
5908 brcmf_dbg(CONN, "Report roaming result\n");
5910 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_1X && profile->is_ft) {
5911 cfg80211_port_authorized(ndev, profile->bssid, GFP_KERNEL);
5912 brcmf_dbg(CONN, "Report port authorized\n");
5915 set_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state);
5916 brcmf_dbg(TRACE, "Exit\n");
5921 brcmf_bss_connect_done(struct brcmf_cfg80211_info *cfg,
5922 struct net_device *ndev, const struct brcmf_event_msg *e,
5925 struct brcmf_if *ifp = netdev_priv(ndev);
5926 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
5927 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5928 struct cfg80211_connect_resp_params conn_params;
5930 brcmf_dbg(TRACE, "Enter\n");
5932 if (test_and_clear_bit(BRCMF_VIF_STATUS_CONNECTING,
5933 &ifp->vif->sme_state)) {
5934 memset(&conn_params, 0, sizeof(conn_params));
5936 brcmf_get_assoc_ies(cfg, ifp);
5937 brcmf_update_bss_info(cfg, ifp);
5938 set_bit(BRCMF_VIF_STATUS_CONNECTED,
5939 &ifp->vif->sme_state);
5940 conn_params.status = WLAN_STATUS_SUCCESS;
5942 conn_params.status = WLAN_STATUS_AUTH_TIMEOUT;
5944 conn_params.bssid = profile->bssid;
5945 conn_params.req_ie = conn_info->req_ie;
5946 conn_params.req_ie_len = conn_info->req_ie_len;
5947 conn_params.resp_ie = conn_info->resp_ie;
5948 conn_params.resp_ie_len = conn_info->resp_ie_len;
5949 cfg80211_connect_done(ndev, &conn_params, GFP_KERNEL);
5950 brcmf_dbg(CONN, "Report connect result - connection %s\n",
5951 completed ? "succeeded" : "failed");
5953 brcmf_dbg(TRACE, "Exit\n");
5958 brcmf_notify_connect_status_ap(struct brcmf_cfg80211_info *cfg,
5959 struct net_device *ndev,
5960 const struct brcmf_event_msg *e, void *data)
5962 struct brcmf_pub *drvr = cfg->pub;
5963 static int generation;
5964 u32 event = e->event_code;
5965 u32 reason = e->reason;
5966 struct station_info *sinfo;
5968 brcmf_dbg(CONN, "event %s (%u), reason %d\n",
5969 brcmf_fweh_event_name(event), event, reason);
5970 if (event == BRCMF_E_LINK && reason == BRCMF_E_REASON_LINK_BSSCFG_DIS &&
5971 ndev != cfg_to_ndev(cfg)) {
5972 brcmf_dbg(CONN, "AP mode link down\n");
5973 complete(&cfg->vif_disabled);
5977 if (((event == BRCMF_E_ASSOC_IND) || (event == BRCMF_E_REASSOC_IND)) &&
5978 (reason == BRCMF_E_STATUS_SUCCESS)) {
5980 bphy_err(drvr, "No IEs present in ASSOC/REASSOC_IND\n");
5984 sinfo = kzalloc(sizeof(*sinfo), GFP_KERNEL);
5988 sinfo->assoc_req_ies = data;
5989 sinfo->assoc_req_ies_len = e->datalen;
5991 sinfo->generation = generation;
5992 cfg80211_new_sta(ndev, e->addr, sinfo, GFP_KERNEL);
5995 } else if ((event == BRCMF_E_DISASSOC_IND) ||
5996 (event == BRCMF_E_DEAUTH_IND) ||
5997 (event == BRCMF_E_DEAUTH)) {
5998 cfg80211_del_sta(ndev, e->addr, GFP_KERNEL);
6004 brcmf_notify_connect_status(struct brcmf_if *ifp,
6005 const struct brcmf_event_msg *e, void *data)
6007 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6008 struct net_device *ndev = ifp->ndev;
6009 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
6010 struct ieee80211_channel *chan;
6013 if ((e->event_code == BRCMF_E_DEAUTH) ||
6014 (e->event_code == BRCMF_E_DEAUTH_IND) ||
6015 (e->event_code == BRCMF_E_DISASSOC_IND) ||
6016 ((e->event_code == BRCMF_E_LINK) && (!e->flags))) {
6017 brcmf_proto_delete_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
6020 if (brcmf_is_apmode(ifp->vif)) {
6021 err = brcmf_notify_connect_status_ap(cfg, ndev, e, data);
6022 } else if (brcmf_is_linkup(ifp->vif, e)) {
6023 brcmf_dbg(CONN, "Linkup\n");
6024 if (brcmf_is_ibssmode(ifp->vif)) {
6025 brcmf_inform_ibss(cfg, ndev, e->addr);
6026 chan = ieee80211_get_channel(cfg->wiphy, cfg->channel);
6027 memcpy(profile->bssid, e->addr, ETH_ALEN);
6028 cfg80211_ibss_joined(ndev, e->addr, chan, GFP_KERNEL);
6029 clear_bit(BRCMF_VIF_STATUS_CONNECTING,
6030 &ifp->vif->sme_state);
6031 set_bit(BRCMF_VIF_STATUS_CONNECTED,
6032 &ifp->vif->sme_state);
6034 brcmf_bss_connect_done(cfg, ndev, e, true);
6035 brcmf_net_setcarrier(ifp, true);
6036 } else if (brcmf_is_linkdown(e)) {
6037 brcmf_dbg(CONN, "Linkdown\n");
6038 if (!brcmf_is_ibssmode(ifp->vif) &&
6039 test_bit(BRCMF_VIF_STATUS_CONNECTED,
6040 &ifp->vif->sme_state)) {
6041 if (memcmp(profile->bssid, e->addr, ETH_ALEN))
6044 brcmf_bss_connect_done(cfg, ndev, e, false);
6045 brcmf_link_down(ifp->vif,
6046 brcmf_map_fw_linkdown_reason(e),
6048 (BRCMF_E_DEAUTH_IND |
6049 BRCMF_E_DISASSOC_IND)
6051 brcmf_init_prof(ndev_to_prof(ndev));
6052 if (ndev != cfg_to_ndev(cfg))
6053 complete(&cfg->vif_disabled);
6054 brcmf_net_setcarrier(ifp, false);
6056 } else if (brcmf_is_nonetwork(cfg, e)) {
6057 if (brcmf_is_ibssmode(ifp->vif))
6058 clear_bit(BRCMF_VIF_STATUS_CONNECTING,
6059 &ifp->vif->sme_state);
6061 brcmf_bss_connect_done(cfg, ndev, e, false);
6068 brcmf_notify_roaming_status(struct brcmf_if *ifp,
6069 const struct brcmf_event_msg *e, void *data)
6071 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6072 u32 event = e->event_code;
6073 u32 status = e->status;
6075 if (event == BRCMF_E_ROAM && status == BRCMF_E_STATUS_SUCCESS) {
6076 if (test_bit(BRCMF_VIF_STATUS_CONNECTED,
6077 &ifp->vif->sme_state)) {
6078 brcmf_bss_roaming_done(cfg, ifp->ndev, e);
6080 brcmf_bss_connect_done(cfg, ifp->ndev, e, true);
6081 brcmf_net_setcarrier(ifp, true);
6089 brcmf_notify_mic_status(struct brcmf_if *ifp,
6090 const struct brcmf_event_msg *e, void *data)
6092 u16 flags = e->flags;
6093 enum nl80211_key_type key_type;
6095 if (flags & BRCMF_EVENT_MSG_GROUP)
6096 key_type = NL80211_KEYTYPE_GROUP;
6098 key_type = NL80211_KEYTYPE_PAIRWISE;
6100 cfg80211_michael_mic_failure(ifp->ndev, (u8 *)&e->addr, key_type, -1,
6106 static s32 brcmf_notify_vif_event(struct brcmf_if *ifp,
6107 const struct brcmf_event_msg *e, void *data)
6109 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6110 struct brcmf_if_event *ifevent = (struct brcmf_if_event *)data;
6111 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
6112 struct brcmf_cfg80211_vif *vif;
6114 brcmf_dbg(TRACE, "Enter: action %u flags %u ifidx %u bsscfgidx %u\n",
6115 ifevent->action, ifevent->flags, ifevent->ifidx,
6116 ifevent->bsscfgidx);
6118 spin_lock(&event->vif_event_lock);
6119 event->action = ifevent->action;
6122 switch (ifevent->action) {
6123 case BRCMF_E_IF_ADD:
6124 /* waiting process may have timed out */
6125 if (!cfg->vif_event.vif) {
6126 spin_unlock(&event->vif_event_lock);
6133 vif->wdev.netdev = ifp->ndev;
6134 ifp->ndev->ieee80211_ptr = &vif->wdev;
6135 SET_NETDEV_DEV(ifp->ndev, wiphy_dev(cfg->wiphy));
6137 spin_unlock(&event->vif_event_lock);
6138 wake_up(&event->vif_wq);
6141 case BRCMF_E_IF_DEL:
6142 spin_unlock(&event->vif_event_lock);
6143 /* event may not be upon user request */
6144 if (brcmf_cfg80211_vif_event_armed(cfg))
6145 wake_up(&event->vif_wq);
6148 case BRCMF_E_IF_CHANGE:
6149 spin_unlock(&event->vif_event_lock);
6150 wake_up(&event->vif_wq);
6154 spin_unlock(&event->vif_event_lock);
6160 static void brcmf_init_conf(struct brcmf_cfg80211_conf *conf)
6162 conf->frag_threshold = (u32)-1;
6163 conf->rts_threshold = (u32)-1;
6164 conf->retry_short = (u32)-1;
6165 conf->retry_long = (u32)-1;
6168 static void brcmf_register_event_handlers(struct brcmf_cfg80211_info *cfg)
6170 brcmf_fweh_register(cfg->pub, BRCMF_E_LINK,
6171 brcmf_notify_connect_status);
6172 brcmf_fweh_register(cfg->pub, BRCMF_E_DEAUTH_IND,
6173 brcmf_notify_connect_status);
6174 brcmf_fweh_register(cfg->pub, BRCMF_E_DEAUTH,
6175 brcmf_notify_connect_status);
6176 brcmf_fweh_register(cfg->pub, BRCMF_E_DISASSOC_IND,
6177 brcmf_notify_connect_status);
6178 brcmf_fweh_register(cfg->pub, BRCMF_E_ASSOC_IND,
6179 brcmf_notify_connect_status);
6180 brcmf_fweh_register(cfg->pub, BRCMF_E_REASSOC_IND,
6181 brcmf_notify_connect_status);
6182 brcmf_fweh_register(cfg->pub, BRCMF_E_ROAM,
6183 brcmf_notify_roaming_status);
6184 brcmf_fweh_register(cfg->pub, BRCMF_E_MIC_ERROR,
6185 brcmf_notify_mic_status);
6186 brcmf_fweh_register(cfg->pub, BRCMF_E_SET_SSID,
6187 brcmf_notify_connect_status);
6188 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
6189 brcmf_notify_sched_scan_results);
6190 brcmf_fweh_register(cfg->pub, BRCMF_E_IF,
6191 brcmf_notify_vif_event);
6192 brcmf_fweh_register(cfg->pub, BRCMF_E_P2P_PROBEREQ_MSG,
6193 brcmf_p2p_notify_rx_mgmt_p2p_probereq);
6194 brcmf_fweh_register(cfg->pub, BRCMF_E_P2P_DISC_LISTEN_COMPLETE,
6195 brcmf_p2p_notify_listen_complete);
6196 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_RX,
6197 brcmf_p2p_notify_action_frame_rx);
6198 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_COMPLETE,
6199 brcmf_p2p_notify_action_tx_complete);
6200 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_OFF_CHAN_COMPLETE,
6201 brcmf_p2p_notify_action_tx_complete);
6202 brcmf_fweh_register(cfg->pub, BRCMF_E_PSK_SUP,
6203 brcmf_notify_connect_status);
6206 static void brcmf_deinit_priv_mem(struct brcmf_cfg80211_info *cfg)
6210 kfree(cfg->extra_buf);
6211 cfg->extra_buf = NULL;
6212 kfree(cfg->wowl.nd);
6213 cfg->wowl.nd = NULL;
6214 kfree(cfg->wowl.nd_info);
6215 cfg->wowl.nd_info = NULL;
6216 kfree(cfg->escan_info.escan_buf);
6217 cfg->escan_info.escan_buf = NULL;
6220 static s32 brcmf_init_priv_mem(struct brcmf_cfg80211_info *cfg)
6222 cfg->conf = kzalloc(sizeof(*cfg->conf), GFP_KERNEL);
6224 goto init_priv_mem_out;
6225 cfg->extra_buf = kzalloc(WL_EXTRA_BUF_MAX, GFP_KERNEL);
6226 if (!cfg->extra_buf)
6227 goto init_priv_mem_out;
6228 cfg->wowl.nd = kzalloc(sizeof(*cfg->wowl.nd) + sizeof(u32), GFP_KERNEL);
6230 goto init_priv_mem_out;
6231 cfg->wowl.nd_info = kzalloc(sizeof(*cfg->wowl.nd_info) +
6232 sizeof(struct cfg80211_wowlan_nd_match *),
6234 if (!cfg->wowl.nd_info)
6235 goto init_priv_mem_out;
6236 cfg->escan_info.escan_buf = kzalloc(BRCMF_ESCAN_BUF_SIZE, GFP_KERNEL);
6237 if (!cfg->escan_info.escan_buf)
6238 goto init_priv_mem_out;
6243 brcmf_deinit_priv_mem(cfg);
6248 static s32 wl_init_priv(struct brcmf_cfg80211_info *cfg)
6252 cfg->scan_request = NULL;
6253 cfg->pwr_save = true;
6254 cfg->dongle_up = false; /* dongle is not up yet */
6255 err = brcmf_init_priv_mem(cfg);
6258 brcmf_register_event_handlers(cfg);
6259 mutex_init(&cfg->usr_sync);
6260 brcmf_init_escan(cfg);
6261 brcmf_init_conf(cfg->conf);
6262 brcmf_init_wmm_prio(cfg->ac_priority);
6263 init_completion(&cfg->vif_disabled);
6267 static void wl_deinit_priv(struct brcmf_cfg80211_info *cfg)
6269 cfg->dongle_up = false; /* dongle down */
6270 brcmf_abort_scanning(cfg);
6271 brcmf_deinit_priv_mem(cfg);
6274 static void init_vif_event(struct brcmf_cfg80211_vif_event *event)
6276 init_waitqueue_head(&event->vif_wq);
6277 spin_lock_init(&event->vif_event_lock);
6280 static s32 brcmf_dongle_roam(struct brcmf_if *ifp)
6282 struct brcmf_pub *drvr = ifp->drvr;
6285 __le32 roamtrigger[2];
6286 __le32 roam_delta[2];
6288 /* Configure beacon timeout value based upon roaming setting */
6289 if (ifp->drvr->settings->roamoff)
6290 bcn_timeout = BRCMF_DEFAULT_BCN_TIMEOUT_ROAM_OFF;
6292 bcn_timeout = BRCMF_DEFAULT_BCN_TIMEOUT_ROAM_ON;
6293 err = brcmf_fil_iovar_int_set(ifp, "bcn_timeout", bcn_timeout);
6295 bphy_err(drvr, "bcn_timeout error (%d)\n", err);
6296 goto roam_setup_done;
6299 /* Enable/Disable built-in roaming to allow supplicant to take care of
6302 brcmf_dbg(INFO, "Internal Roaming = %s\n",
6303 ifp->drvr->settings->roamoff ? "Off" : "On");
6304 err = brcmf_fil_iovar_int_set(ifp, "roam_off",
6305 ifp->drvr->settings->roamoff);
6307 bphy_err(drvr, "roam_off error (%d)\n", err);
6308 goto roam_setup_done;
6311 roamtrigger[0] = cpu_to_le32(WL_ROAM_TRIGGER_LEVEL);
6312 roamtrigger[1] = cpu_to_le32(BRCM_BAND_ALL);
6313 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_TRIGGER,
6314 (void *)roamtrigger, sizeof(roamtrigger));
6316 bphy_err(drvr, "WLC_SET_ROAM_TRIGGER error (%d)\n", err);
6318 roam_delta[0] = cpu_to_le32(WL_ROAM_DELTA);
6319 roam_delta[1] = cpu_to_le32(BRCM_BAND_ALL);
6320 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_DELTA,
6321 (void *)roam_delta, sizeof(roam_delta));
6323 bphy_err(drvr, "WLC_SET_ROAM_DELTA error (%d)\n", err);
6332 brcmf_dongle_scantime(struct brcmf_if *ifp)
6334 struct brcmf_pub *drvr = ifp->drvr;
6337 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_CHANNEL_TIME,
6338 BRCMF_SCAN_CHANNEL_TIME);
6340 bphy_err(drvr, "Scan assoc time error (%d)\n", err);
6341 goto dongle_scantime_out;
6343 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_UNASSOC_TIME,
6344 BRCMF_SCAN_UNASSOC_TIME);
6346 bphy_err(drvr, "Scan unassoc time error (%d)\n", err);
6347 goto dongle_scantime_out;
6350 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_PASSIVE_TIME,
6351 BRCMF_SCAN_PASSIVE_TIME);
6353 bphy_err(drvr, "Scan passive time error (%d)\n", err);
6354 goto dongle_scantime_out;
6357 dongle_scantime_out:
6361 static void brcmf_update_bw40_channel_flag(struct ieee80211_channel *channel,
6362 struct brcmu_chan *ch)
6366 ht40_flag = channel->flags & IEEE80211_CHAN_NO_HT40;
6367 if (ch->sb == BRCMU_CHAN_SB_U) {
6368 if (ht40_flag == IEEE80211_CHAN_NO_HT40)
6369 channel->flags &= ~IEEE80211_CHAN_NO_HT40;
6370 channel->flags |= IEEE80211_CHAN_NO_HT40PLUS;
6372 /* It should be one of
6373 * IEEE80211_CHAN_NO_HT40 or
6374 * IEEE80211_CHAN_NO_HT40PLUS
6376 channel->flags &= ~IEEE80211_CHAN_NO_HT40;
6377 if (ht40_flag == IEEE80211_CHAN_NO_HT40)
6378 channel->flags |= IEEE80211_CHAN_NO_HT40MINUS;
6382 static int brcmf_construct_chaninfo(struct brcmf_cfg80211_info *cfg,
6385 struct wiphy *wiphy = cfg_to_wiphy(cfg);
6386 struct brcmf_pub *drvr = cfg->pub;
6387 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0);
6388 struct ieee80211_supported_band *band;
6389 struct ieee80211_channel *channel;
6390 struct brcmf_chanspec_list *list;
6391 struct brcmu_chan ch;
6398 pbuf = kzalloc(BRCMF_DCMD_MEDLEN, GFP_KERNEL);
6403 list = (struct brcmf_chanspec_list *)pbuf;
6405 err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf,
6408 bphy_err(drvr, "get chanspecs error (%d)\n", err);
6412 band = wiphy->bands[NL80211_BAND_2GHZ];
6414 for (i = 0; i < band->n_channels; i++)
6415 band->channels[i].flags = IEEE80211_CHAN_DISABLED;
6416 band = wiphy->bands[NL80211_BAND_5GHZ];
6418 for (i = 0; i < band->n_channels; i++)
6419 band->channels[i].flags = IEEE80211_CHAN_DISABLED;
6421 total = le32_to_cpu(list->count);
6422 for (i = 0; i < total; i++) {
6423 ch.chspec = (u16)le32_to_cpu(list->element[i]);
6424 cfg->d11inf.decchspec(&ch);
6426 if (ch.band == BRCMU_CHAN_BAND_2G) {
6427 band = wiphy->bands[NL80211_BAND_2GHZ];
6428 } else if (ch.band == BRCMU_CHAN_BAND_5G) {
6429 band = wiphy->bands[NL80211_BAND_5GHZ];
6431 bphy_err(drvr, "Invalid channel Spec. 0x%x.\n",
6437 if (!(bw_cap[band->band] & WLC_BW_40MHZ_BIT) &&
6438 ch.bw == BRCMU_CHAN_BW_40)
6440 if (!(bw_cap[band->band] & WLC_BW_80MHZ_BIT) &&
6441 ch.bw == BRCMU_CHAN_BW_80)
6445 for (j = 0; j < band->n_channels; j++) {
6446 if (band->channels[j].hw_value == ch.control_ch_num) {
6447 channel = &band->channels[j];
6452 /* It seems firmware supports some channel we never
6453 * considered. Something new in IEEE standard?
6455 bphy_err(drvr, "Ignoring unexpected firmware channel %d\n",
6460 if (channel->orig_flags & IEEE80211_CHAN_DISABLED)
6463 /* assuming the chanspecs order is HT20,
6464 * HT40 upper, HT40 lower, and VHT80.
6467 case BRCMU_CHAN_BW_160:
6468 channel->flags &= ~IEEE80211_CHAN_NO_160MHZ;
6470 case BRCMU_CHAN_BW_80:
6471 channel->flags &= ~IEEE80211_CHAN_NO_80MHZ;
6473 case BRCMU_CHAN_BW_40:
6474 brcmf_update_bw40_channel_flag(channel, &ch);
6477 wiphy_warn(wiphy, "Firmware reported unsupported bandwidth %d\n",
6480 case BRCMU_CHAN_BW_20:
6481 /* enable the channel and disable other bandwidths
6482 * for now as mentioned order assure they are enabled
6483 * for subsequent chanspecs.
6485 channel->flags = IEEE80211_CHAN_NO_HT40 |
6486 IEEE80211_CHAN_NO_80MHZ |
6487 IEEE80211_CHAN_NO_160MHZ;
6488 ch.bw = BRCMU_CHAN_BW_20;
6489 cfg->d11inf.encchspec(&ch);
6490 chaninfo = ch.chspec;
6491 err = brcmf_fil_bsscfg_int_get(ifp, "per_chan_info",
6494 if (chaninfo & WL_CHAN_RADAR)
6496 (IEEE80211_CHAN_RADAR |
6497 IEEE80211_CHAN_NO_IR);
6498 if (chaninfo & WL_CHAN_PASSIVE)
6500 IEEE80211_CHAN_NO_IR;
6510 static int brcmf_enable_bw40_2g(struct brcmf_cfg80211_info *cfg)
6512 struct brcmf_pub *drvr = cfg->pub;
6513 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0);
6514 struct ieee80211_supported_band *band;
6515 struct brcmf_fil_bwcap_le band_bwcap;
6516 struct brcmf_chanspec_list *list;
6520 struct brcmu_chan ch;
6524 /* verify support for bw_cap command */
6526 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &val);
6529 /* only set 2G bandwidth using bw_cap command */
6530 band_bwcap.band = cpu_to_le32(WLC_BAND_2G);
6531 band_bwcap.bw_cap = cpu_to_le32(WLC_BW_CAP_40MHZ);
6532 err = brcmf_fil_iovar_data_set(ifp, "bw_cap", &band_bwcap,
6533 sizeof(band_bwcap));
6535 brcmf_dbg(INFO, "fallback to mimo_bw_cap\n");
6536 val = WLC_N_BW_40ALL;
6537 err = brcmf_fil_iovar_int_set(ifp, "mimo_bw_cap", val);
6541 /* update channel info in 2G band */
6542 pbuf = kzalloc(BRCMF_DCMD_MEDLEN, GFP_KERNEL);
6547 ch.band = BRCMU_CHAN_BAND_2G;
6548 ch.bw = BRCMU_CHAN_BW_40;
6549 ch.sb = BRCMU_CHAN_SB_NONE;
6551 cfg->d11inf.encchspec(&ch);
6553 /* pass encoded chanspec in query */
6554 *(__le16 *)pbuf = cpu_to_le16(ch.chspec);
6556 err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf,
6559 bphy_err(drvr, "get chanspecs error (%d)\n", err);
6564 band = cfg_to_wiphy(cfg)->bands[NL80211_BAND_2GHZ];
6565 list = (struct brcmf_chanspec_list *)pbuf;
6566 num_chan = le32_to_cpu(list->count);
6567 for (i = 0; i < num_chan; i++) {
6568 ch.chspec = (u16)le32_to_cpu(list->element[i]);
6569 cfg->d11inf.decchspec(&ch);
6570 if (WARN_ON(ch.band != BRCMU_CHAN_BAND_2G))
6572 if (WARN_ON(ch.bw != BRCMU_CHAN_BW_40))
6574 for (j = 0; j < band->n_channels; j++) {
6575 if (band->channels[j].hw_value == ch.control_ch_num)
6578 if (WARN_ON(j == band->n_channels))
6581 brcmf_update_bw40_channel_flag(&band->channels[j], &ch);
6588 static void brcmf_get_bwcap(struct brcmf_if *ifp, u32 bw_cap[])
6590 struct brcmf_pub *drvr = ifp->drvr;
6591 u32 band, mimo_bwcap;
6595 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &band);
6597 bw_cap[NL80211_BAND_2GHZ] = band;
6599 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &band);
6601 bw_cap[NL80211_BAND_5GHZ] = band;
6607 brcmf_dbg(INFO, "fallback to mimo_bw_cap info\n");
6609 err = brcmf_fil_iovar_int_get(ifp, "mimo_bw_cap", &mimo_bwcap);
6611 /* assume 20MHz if firmware does not give a clue */
6612 mimo_bwcap = WLC_N_BW_20ALL;
6614 switch (mimo_bwcap) {
6615 case WLC_N_BW_40ALL:
6616 bw_cap[NL80211_BAND_2GHZ] |= WLC_BW_40MHZ_BIT;
6618 case WLC_N_BW_20IN2G_40IN5G:
6619 bw_cap[NL80211_BAND_5GHZ] |= WLC_BW_40MHZ_BIT;
6621 case WLC_N_BW_20ALL:
6622 bw_cap[NL80211_BAND_2GHZ] |= WLC_BW_20MHZ_BIT;
6623 bw_cap[NL80211_BAND_5GHZ] |= WLC_BW_20MHZ_BIT;
6626 bphy_err(drvr, "invalid mimo_bw_cap value\n");
6630 static void brcmf_update_ht_cap(struct ieee80211_supported_band *band,
6631 u32 bw_cap[2], u32 nchain)
6633 band->ht_cap.ht_supported = true;
6634 if (bw_cap[band->band] & WLC_BW_40MHZ_BIT) {
6635 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_40;
6636 band->ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
6638 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_20;
6639 band->ht_cap.cap |= IEEE80211_HT_CAP_DSSSCCK40;
6640 band->ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
6641 band->ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_16;
6642 memset(band->ht_cap.mcs.rx_mask, 0xff, nchain);
6643 band->ht_cap.mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED;
6646 static __le16 brcmf_get_mcs_map(u32 nchain, enum ieee80211_vht_mcs_support supp)
6651 for (i = 0, mcs_map = 0xFFFF; i < nchain; i++)
6652 mcs_map = (mcs_map << 2) | supp;
6654 return cpu_to_le16(mcs_map);
6657 static void brcmf_update_vht_cap(struct ieee80211_supported_band *band,
6658 u32 bw_cap[2], u32 nchain, u32 txstreams,
6659 u32 txbf_bfe_cap, u32 txbf_bfr_cap)
6663 /* not allowed in 2.4G band */
6664 if (band->band == NL80211_BAND_2GHZ)
6667 band->vht_cap.vht_supported = true;
6668 /* 80MHz is mandatory */
6669 band->vht_cap.cap |= IEEE80211_VHT_CAP_SHORT_GI_80;
6670 if (bw_cap[band->band] & WLC_BW_160MHZ_BIT) {
6671 band->vht_cap.cap |= IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
6672 band->vht_cap.cap |= IEEE80211_VHT_CAP_SHORT_GI_160;
6674 /* all support 256-QAM */
6675 mcs_map = brcmf_get_mcs_map(nchain, IEEE80211_VHT_MCS_SUPPORT_0_9);
6676 band->vht_cap.vht_mcs.rx_mcs_map = mcs_map;
6677 band->vht_cap.vht_mcs.tx_mcs_map = mcs_map;
6679 /* Beamforming support information */
6680 if (txbf_bfe_cap & BRCMF_TXBF_SU_BFE_CAP)
6681 band->vht_cap.cap |= IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE;
6682 if (txbf_bfe_cap & BRCMF_TXBF_MU_BFE_CAP)
6683 band->vht_cap.cap |= IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE;
6684 if (txbf_bfr_cap & BRCMF_TXBF_SU_BFR_CAP)
6685 band->vht_cap.cap |= IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE;
6686 if (txbf_bfr_cap & BRCMF_TXBF_MU_BFR_CAP)
6687 band->vht_cap.cap |= IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE;
6689 if ((txbf_bfe_cap || txbf_bfr_cap) && (txstreams > 1)) {
6690 band->vht_cap.cap |=
6691 (2 << IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT);
6692 band->vht_cap.cap |= ((txstreams - 1) <<
6693 IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT);
6694 band->vht_cap.cap |=
6695 IEEE80211_VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB;
6699 static int brcmf_setup_wiphybands(struct brcmf_cfg80211_info *cfg)
6701 struct brcmf_pub *drvr = cfg->pub;
6702 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0);
6703 struct wiphy *wiphy = cfg_to_wiphy(cfg);
6706 u32 bw_cap[2] = { WLC_BW_20MHZ_BIT, WLC_BW_20MHZ_BIT };
6711 struct ieee80211_supported_band *band;
6713 u32 txbf_bfe_cap = 0;
6714 u32 txbf_bfr_cap = 0;
6716 (void)brcmf_fil_iovar_int_get(ifp, "vhtmode", &vhtmode);
6717 err = brcmf_fil_iovar_int_get(ifp, "nmode", &nmode);
6719 bphy_err(drvr, "nmode error (%d)\n", err);
6721 brcmf_get_bwcap(ifp, bw_cap);
6723 brcmf_dbg(INFO, "nmode=%d, vhtmode=%d, bw_cap=(%d, %d)\n",
6724 nmode, vhtmode, bw_cap[NL80211_BAND_2GHZ],
6725 bw_cap[NL80211_BAND_5GHZ]);
6727 err = brcmf_fil_iovar_int_get(ifp, "rxchain", &rxchain);
6729 bphy_err(drvr, "rxchain error (%d)\n", err);
6732 for (nchain = 0; rxchain; nchain++)
6733 rxchain = rxchain & (rxchain - 1);
6735 brcmf_dbg(INFO, "nchain=%d\n", nchain);
6737 err = brcmf_construct_chaninfo(cfg, bw_cap);
6739 bphy_err(drvr, "brcmf_construct_chaninfo failed (%d)\n", err);
6744 (void)brcmf_fil_iovar_int_get(ifp, "txstreams", &txstreams);
6745 (void)brcmf_fil_iovar_int_get(ifp, "txbf_bfe_cap",
6747 (void)brcmf_fil_iovar_int_get(ifp, "txbf_bfr_cap",
6751 for (i = 0; i < ARRAY_SIZE(wiphy->bands); i++) {
6752 band = wiphy->bands[i];
6757 brcmf_update_ht_cap(band, bw_cap, nchain);
6759 brcmf_update_vht_cap(band, bw_cap, nchain, txstreams,
6760 txbf_bfe_cap, txbf_bfr_cap);
6766 static const struct ieee80211_txrx_stypes
6767 brcmf_txrx_stypes[NUM_NL80211_IFTYPES] = {
6768 [NL80211_IFTYPE_STATION] = {
6770 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6771 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6773 [NL80211_IFTYPE_P2P_CLIENT] = {
6775 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6776 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6778 [NL80211_IFTYPE_P2P_GO] = {
6780 .rx = BIT(IEEE80211_STYPE_ASSOC_REQ >> 4) |
6781 BIT(IEEE80211_STYPE_REASSOC_REQ >> 4) |
6782 BIT(IEEE80211_STYPE_PROBE_REQ >> 4) |
6783 BIT(IEEE80211_STYPE_DISASSOC >> 4) |
6784 BIT(IEEE80211_STYPE_AUTH >> 4) |
6785 BIT(IEEE80211_STYPE_DEAUTH >> 4) |
6786 BIT(IEEE80211_STYPE_ACTION >> 4)
6788 [NL80211_IFTYPE_P2P_DEVICE] = {
6790 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6791 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6793 [NL80211_IFTYPE_AP] = {
6795 .rx = BIT(IEEE80211_STYPE_ASSOC_REQ >> 4) |
6796 BIT(IEEE80211_STYPE_REASSOC_REQ >> 4) |
6797 BIT(IEEE80211_STYPE_PROBE_REQ >> 4) |
6798 BIT(IEEE80211_STYPE_DISASSOC >> 4) |
6799 BIT(IEEE80211_STYPE_AUTH >> 4) |
6800 BIT(IEEE80211_STYPE_DEAUTH >> 4) |
6801 BIT(IEEE80211_STYPE_ACTION >> 4)
6806 * brcmf_setup_ifmodes() - determine interface modes and combinations.
6808 * @wiphy: wiphy object.
6809 * @ifp: interface object needed for feat module api.
6811 * The interface modes and combinations are determined dynamically here
6812 * based on firmware functionality.
6814 * no p2p and no mbss:
6816 * #STA <= 1, #AP <= 1, channels = 1, 2 total
6820 * #STA <= 1, #AP <= 1, channels = 1, 2 total
6821 * #AP <= 4, matching BI, channels = 1, 4 total
6824 * #STA <= 1, #AP <= 2, channels = 2, 4 total
6826 * p2p, no mchan, and mbss:
6828 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 1, channels = 1, 3 total
6829 * #STA <= 1, #P2P-DEV <= 1, #AP <= 1, #P2P-CL <= 1, channels = 1, 4 total
6830 * #AP <= 4, matching BI, channels = 1, 4 total
6832 * p2p, mchan, and mbss:
6834 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 1, channels = 2, 3 total
6835 * #STA <= 1, #P2P-DEV <= 1, #AP <= 1, #P2P-CL <= 1, channels = 1, 4 total
6836 * #AP <= 4, matching BI, channels = 1, 4 total
6838 * p2p, rsdb, and no mbss:
6839 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 2, AP <= 2,
6840 * channels = 2, 4 total
6842 static int brcmf_setup_ifmodes(struct wiphy *wiphy, struct brcmf_if *ifp)
6844 struct ieee80211_iface_combination *combo = NULL;
6845 struct ieee80211_iface_limit *c0_limits = NULL;
6846 struct ieee80211_iface_limit *p2p_limits = NULL;
6847 struct ieee80211_iface_limit *mbss_limits = NULL;
6848 bool mon_flag, mbss, p2p, rsdb, mchan;
6849 int i, c, n_combos, n_limits;
6851 mon_flag = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MONITOR_FLAG);
6852 mbss = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS);
6853 p2p = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_P2P);
6854 rsdb = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_RSDB);
6855 mchan = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MCHAN);
6857 n_combos = 1 + !!(p2p && !rsdb) + !!mbss;
6858 combo = kcalloc(n_combos, sizeof(*combo), GFP_KERNEL);
6862 wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
6863 BIT(NL80211_IFTYPE_ADHOC) |
6864 BIT(NL80211_IFTYPE_AP);
6866 wiphy->interface_modes |= BIT(NL80211_IFTYPE_MONITOR);
6868 wiphy->interface_modes |= BIT(NL80211_IFTYPE_P2P_CLIENT) |
6869 BIT(NL80211_IFTYPE_P2P_GO) |
6870 BIT(NL80211_IFTYPE_P2P_DEVICE);
6874 n_limits = 1 + mon_flag + (p2p ? 2 : 0) + (rsdb || !p2p);
6875 c0_limits = kcalloc(n_limits, sizeof(*c0_limits), GFP_KERNEL);
6879 combo[c].num_different_channels = 1 + (rsdb || (p2p && mchan));
6880 c0_limits[i].max = 1;
6881 c0_limits[i++].types = BIT(NL80211_IFTYPE_STATION);
6883 c0_limits[i].max = 1;
6884 c0_limits[i++].types = BIT(NL80211_IFTYPE_MONITOR);
6887 c0_limits[i].max = 1;
6888 c0_limits[i++].types = BIT(NL80211_IFTYPE_P2P_DEVICE);
6889 c0_limits[i].max = 1 + rsdb;
6890 c0_limits[i++].types = BIT(NL80211_IFTYPE_P2P_CLIENT) |
6891 BIT(NL80211_IFTYPE_P2P_GO);
6894 c0_limits[i].max = 2;
6895 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP);
6896 combo[c].max_interfaces = 4;
6898 combo[c].max_interfaces = i;
6900 c0_limits[i].max = 2;
6901 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP);
6902 combo[c].max_interfaces = 3;
6904 c0_limits[i].max = 1;
6905 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP);
6906 combo[c].max_interfaces = i;
6908 combo[c].n_limits = i;
6909 combo[c].limits = c0_limits;
6914 p2p_limits = kcalloc(4, sizeof(*p2p_limits), GFP_KERNEL);
6917 p2p_limits[i].max = 1;
6918 p2p_limits[i++].types = BIT(NL80211_IFTYPE_STATION);
6919 p2p_limits[i].max = 1;
6920 p2p_limits[i++].types = BIT(NL80211_IFTYPE_AP);
6921 p2p_limits[i].max = 1;
6922 p2p_limits[i++].types = BIT(NL80211_IFTYPE_P2P_CLIENT);
6923 p2p_limits[i].max = 1;
6924 p2p_limits[i++].types = BIT(NL80211_IFTYPE_P2P_DEVICE);
6925 combo[c].num_different_channels = 1;
6926 combo[c].max_interfaces = i;
6927 combo[c].n_limits = i;
6928 combo[c].limits = p2p_limits;
6934 n_limits = 1 + mon_flag;
6935 mbss_limits = kcalloc(n_limits, sizeof(*mbss_limits),
6939 mbss_limits[i].max = 4;
6940 mbss_limits[i++].types = BIT(NL80211_IFTYPE_AP);
6942 mbss_limits[i].max = 1;
6943 mbss_limits[i++].types = BIT(NL80211_IFTYPE_MONITOR);
6945 combo[c].beacon_int_infra_match = true;
6946 combo[c].num_different_channels = 1;
6947 combo[c].max_interfaces = 4 + mon_flag;
6948 combo[c].n_limits = i;
6949 combo[c].limits = mbss_limits;
6952 wiphy->n_iface_combinations = n_combos;
6953 wiphy->iface_combinations = combo;
6965 static const struct wiphy_wowlan_support brcmf_wowlan_support = {
6966 .flags = WIPHY_WOWLAN_MAGIC_PKT | WIPHY_WOWLAN_DISCONNECT,
6967 .n_patterns = BRCMF_WOWL_MAXPATTERNS,
6968 .pattern_max_len = BRCMF_WOWL_MAXPATTERNSIZE,
6969 .pattern_min_len = 1,
6970 .max_pkt_offset = 1500,
6974 static void brcmf_wiphy_wowl_params(struct wiphy *wiphy, struct brcmf_if *ifp)
6977 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
6978 struct brcmf_pub *drvr = cfg->pub;
6979 struct wiphy_wowlan_support *wowl;
6981 wowl = kmemdup(&brcmf_wowlan_support, sizeof(brcmf_wowlan_support),
6984 bphy_err(drvr, "only support basic wowlan features\n");
6985 wiphy->wowlan = &brcmf_wowlan_support;
6989 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO)) {
6990 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ND)) {
6991 wowl->flags |= WIPHY_WOWLAN_NET_DETECT;
6992 wowl->max_nd_match_sets = BRCMF_PNO_MAX_PFN_COUNT;
6993 init_waitqueue_head(&cfg->wowl.nd_data_wait);
6996 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_GTK)) {
6997 wowl->flags |= WIPHY_WOWLAN_SUPPORTS_GTK_REKEY;
6998 wowl->flags |= WIPHY_WOWLAN_GTK_REKEY_FAILURE;
7001 wiphy->wowlan = wowl;
7005 static int brcmf_setup_wiphy(struct wiphy *wiphy, struct brcmf_if *ifp)
7007 struct brcmf_pub *drvr = ifp->drvr;
7008 const struct ieee80211_iface_combination *combo;
7009 struct ieee80211_supported_band *band;
7010 u16 max_interfaces = 0;
7016 wiphy->max_scan_ssids = WL_NUM_SCAN_MAX;
7017 wiphy->max_scan_ie_len = BRCMF_SCAN_IE_LEN_MAX;
7018 wiphy->max_num_pmkids = BRCMF_MAXPMKID;
7020 err = brcmf_setup_ifmodes(wiphy, ifp);
7024 for (i = 0, combo = wiphy->iface_combinations;
7025 i < wiphy->n_iface_combinations; i++, combo++) {
7026 max_interfaces = max(max_interfaces, combo->max_interfaces);
7029 for (i = 0; i < max_interfaces && i < ARRAY_SIZE(drvr->addresses);
7031 u8 *addr = drvr->addresses[i].addr;
7033 memcpy(addr, drvr->mac, ETH_ALEN);
7036 addr[ETH_ALEN - 1] ^= i;
7039 wiphy->addresses = drvr->addresses;
7040 wiphy->n_addresses = i;
7042 wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM;
7043 wiphy->cipher_suites = brcmf_cipher_suites;
7044 wiphy->n_cipher_suites = ARRAY_SIZE(brcmf_cipher_suites);
7045 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
7046 wiphy->n_cipher_suites--;
7047 wiphy->bss_select_support = BIT(NL80211_BSS_SELECT_ATTR_RSSI) |
7048 BIT(NL80211_BSS_SELECT_ATTR_BAND_PREF) |
7049 BIT(NL80211_BSS_SELECT_ATTR_RSSI_ADJUST);
7051 wiphy->flags |= WIPHY_FLAG_NETNS_OK |
7052 WIPHY_FLAG_PS_ON_BY_DEFAULT |
7053 WIPHY_FLAG_HAVE_AP_SME |
7054 WIPHY_FLAG_OFFCHAN_TX |
7055 WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
7056 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_TDLS))
7057 wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS;
7058 if (!ifp->drvr->settings->roamoff)
7059 wiphy->flags |= WIPHY_FLAG_SUPPORTS_FW_ROAM;
7060 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_FWSUP)) {
7061 wiphy_ext_feature_set(wiphy,
7062 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK);
7063 wiphy_ext_feature_set(wiphy,
7064 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X);
7065 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SAE))
7066 wiphy_ext_feature_set(wiphy,
7067 NL80211_EXT_FEATURE_SAE_OFFLOAD);
7069 wiphy->mgmt_stypes = brcmf_txrx_stypes;
7070 wiphy->max_remain_on_channel_duration = 5000;
7071 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO)) {
7072 gscan = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_GSCAN);
7073 brcmf_pno_wiphy_params(wiphy, gscan);
7075 /* vendor commands/events support */
7076 wiphy->vendor_commands = brcmf_vendor_cmds;
7077 wiphy->n_vendor_commands = BRCMF_VNDR_CMDS_LAST - 1;
7079 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL))
7080 brcmf_wiphy_wowl_params(wiphy, ifp);
7081 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BANDLIST, &bandlist,
7084 bphy_err(drvr, "could not obtain band info: err=%d\n", err);
7087 /* first entry in bandlist is number of bands */
7088 n_bands = le32_to_cpu(bandlist[0]);
7089 for (i = 1; i <= n_bands && i < ARRAY_SIZE(bandlist); i++) {
7090 if (bandlist[i] == cpu_to_le32(WLC_BAND_2G)) {
7091 band = kmemdup(&__wl_band_2ghz, sizeof(__wl_band_2ghz),
7096 band->channels = kmemdup(&__wl_2ghz_channels,
7097 sizeof(__wl_2ghz_channels),
7099 if (!band->channels) {
7104 band->n_channels = ARRAY_SIZE(__wl_2ghz_channels);
7105 wiphy->bands[NL80211_BAND_2GHZ] = band;
7107 if (bandlist[i] == cpu_to_le32(WLC_BAND_5G)) {
7108 band = kmemdup(&__wl_band_5ghz, sizeof(__wl_band_5ghz),
7113 band->channels = kmemdup(&__wl_5ghz_channels,
7114 sizeof(__wl_5ghz_channels),
7116 if (!band->channels) {
7121 band->n_channels = ARRAY_SIZE(__wl_5ghz_channels);
7122 wiphy->bands[NL80211_BAND_5GHZ] = band;
7126 if (wiphy->bands[NL80211_BAND_5GHZ] &&
7127 brcmf_feat_is_enabled(ifp, BRCMF_FEAT_DOT11H))
7128 wiphy_ext_feature_set(wiphy,
7129 NL80211_EXT_FEATURE_DFS_OFFLOAD);
7131 wiphy_read_of_freq_limits(wiphy);
7136 static s32 brcmf_config_dongle(struct brcmf_cfg80211_info *cfg)
7138 struct brcmf_pub *drvr = cfg->pub;
7139 struct net_device *ndev;
7140 struct wireless_dev *wdev;
7141 struct brcmf_if *ifp;
7148 ndev = cfg_to_ndev(cfg);
7149 wdev = ndev->ieee80211_ptr;
7150 ifp = netdev_priv(ndev);
7152 /* make sure RF is ready for work */
7153 brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 0);
7155 brcmf_dongle_scantime(ifp);
7157 power_mode = cfg->pwr_save ? PM_FAST : PM_OFF;
7158 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, power_mode);
7160 goto default_conf_out;
7161 brcmf_dbg(INFO, "power save set to %s\n",
7162 (power_mode ? "enabled" : "disabled"));
7164 err = brcmf_dongle_roam(ifp);
7166 goto default_conf_out;
7167 err = brcmf_cfg80211_change_iface(wdev->wiphy, ndev, wdev->iftype,
7170 goto default_conf_out;
7172 brcmf_configure_arp_nd_offload(ifp, true);
7174 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_FAKEFRAG, 1);
7176 bphy_err(drvr, "failed to set frameburst mode\n");
7177 goto default_conf_out;
7180 cfg->dongle_up = true;
7187 static s32 __brcmf_cfg80211_up(struct brcmf_if *ifp)
7189 set_bit(BRCMF_VIF_STATUS_READY, &ifp->vif->sme_state);
7191 return brcmf_config_dongle(ifp->drvr->config);
7194 static s32 __brcmf_cfg80211_down(struct brcmf_if *ifp)
7196 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
7199 * While going down, if associated with AP disassociate
7200 * from AP to save power
7202 if (check_vif_up(ifp->vif)) {
7203 brcmf_link_down(ifp->vif, WLAN_REASON_UNSPECIFIED, true);
7205 /* Make sure WPA_Supplicant receives all the event
7206 generated due to DISASSOC call to the fw to keep
7207 the state fw and WPA_Supplicant state consistent
7212 brcmf_abort_scanning(cfg);
7213 clear_bit(BRCMF_VIF_STATUS_READY, &ifp->vif->sme_state);
7218 s32 brcmf_cfg80211_up(struct net_device *ndev)
7220 struct brcmf_if *ifp = netdev_priv(ndev);
7221 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
7224 mutex_lock(&cfg->usr_sync);
7225 err = __brcmf_cfg80211_up(ifp);
7226 mutex_unlock(&cfg->usr_sync);
7231 s32 brcmf_cfg80211_down(struct net_device *ndev)
7233 struct brcmf_if *ifp = netdev_priv(ndev);
7234 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
7237 mutex_lock(&cfg->usr_sync);
7238 err = __brcmf_cfg80211_down(ifp);
7239 mutex_unlock(&cfg->usr_sync);
7244 enum nl80211_iftype brcmf_cfg80211_get_iftype(struct brcmf_if *ifp)
7246 struct wireless_dev *wdev = &ifp->vif->wdev;
7248 return wdev->iftype;
7251 bool brcmf_get_vif_state_any(struct brcmf_cfg80211_info *cfg,
7252 unsigned long state)
7254 struct brcmf_cfg80211_vif *vif;
7256 list_for_each_entry(vif, &cfg->vif_list, list) {
7257 if (test_bit(state, &vif->sme_state))
7263 static inline bool vif_event_equals(struct brcmf_cfg80211_vif_event *event,
7268 spin_lock(&event->vif_event_lock);
7269 evt_action = event->action;
7270 spin_unlock(&event->vif_event_lock);
7271 return evt_action == action;
7274 void brcmf_cfg80211_arm_vif_event(struct brcmf_cfg80211_info *cfg,
7275 struct brcmf_cfg80211_vif *vif)
7277 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
7279 spin_lock(&event->vif_event_lock);
7282 spin_unlock(&event->vif_event_lock);
7285 bool brcmf_cfg80211_vif_event_armed(struct brcmf_cfg80211_info *cfg)
7287 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
7290 spin_lock(&event->vif_event_lock);
7291 armed = event->vif != NULL;
7292 spin_unlock(&event->vif_event_lock);
7297 int brcmf_cfg80211_wait_vif_event(struct brcmf_cfg80211_info *cfg,
7298 u8 action, ulong timeout)
7300 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
7302 return wait_event_timeout(event->vif_wq,
7303 vif_event_equals(event, action), timeout);
7306 static s32 brcmf_translate_country_code(struct brcmf_pub *drvr, char alpha2[2],
7307 struct brcmf_fil_country_le *ccreq)
7309 struct brcmfmac_pd_cc *country_codes;
7310 struct brcmfmac_pd_cc_entry *cc;
7314 country_codes = drvr->settings->country_codes;
7315 if (!country_codes) {
7316 brcmf_dbg(TRACE, "No country codes configured for device\n");
7320 if ((alpha2[0] == ccreq->country_abbrev[0]) &&
7321 (alpha2[1] == ccreq->country_abbrev[1])) {
7322 brcmf_dbg(TRACE, "Country code already set\n");
7327 for (i = 0; i < country_codes->table_size; i++) {
7328 cc = &country_codes->table[i];
7329 if ((cc->iso3166[0] == '\0') && (found_index == -1))
7331 if ((cc->iso3166[0] == alpha2[0]) &&
7332 (cc->iso3166[1] == alpha2[1])) {
7337 if (found_index == -1) {
7338 brcmf_dbg(TRACE, "No country code match found\n");
7341 memset(ccreq, 0, sizeof(*ccreq));
7342 ccreq->rev = cpu_to_le32(country_codes->table[found_index].rev);
7343 memcpy(ccreq->ccode, country_codes->table[found_index].cc,
7344 BRCMF_COUNTRY_BUF_SZ);
7345 ccreq->country_abbrev[0] = alpha2[0];
7346 ccreq->country_abbrev[1] = alpha2[1];
7347 ccreq->country_abbrev[2] = 0;
7352 static void brcmf_cfg80211_reg_notifier(struct wiphy *wiphy,
7353 struct regulatory_request *req)
7355 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
7356 struct brcmf_if *ifp = brcmf_get_ifp(cfg->pub, 0);
7357 struct brcmf_pub *drvr = cfg->pub;
7358 struct brcmf_fil_country_le ccreq;
7362 /* The country code gets set to "00" by default at boot, ignore */
7363 if (req->alpha2[0] == '0' && req->alpha2[1] == '0')
7366 /* ignore non-ISO3166 country codes */
7367 for (i = 0; i < 2; i++)
7368 if (req->alpha2[i] < 'A' || req->alpha2[i] > 'Z') {
7369 bphy_err(drvr, "not an ISO3166 code (0x%02x 0x%02x)\n",
7370 req->alpha2[0], req->alpha2[1]);
7374 brcmf_dbg(TRACE, "Enter: initiator=%d, alpha=%c%c\n", req->initiator,
7375 req->alpha2[0], req->alpha2[1]);
7377 err = brcmf_fil_iovar_data_get(ifp, "country", &ccreq, sizeof(ccreq));
7379 bphy_err(drvr, "Country code iovar returned err = %d\n", err);
7383 err = brcmf_translate_country_code(ifp->drvr, req->alpha2, &ccreq);
7387 err = brcmf_fil_iovar_data_set(ifp, "country", &ccreq, sizeof(ccreq));
7389 bphy_err(drvr, "Firmware rejected country setting\n");
7392 brcmf_setup_wiphybands(cfg);
7395 static void brcmf_free_wiphy(struct wiphy *wiphy)
7402 if (wiphy->iface_combinations) {
7403 for (i = 0; i < wiphy->n_iface_combinations; i++)
7404 kfree(wiphy->iface_combinations[i].limits);
7406 kfree(wiphy->iface_combinations);
7407 if (wiphy->bands[NL80211_BAND_2GHZ]) {
7408 kfree(wiphy->bands[NL80211_BAND_2GHZ]->channels);
7409 kfree(wiphy->bands[NL80211_BAND_2GHZ]);
7411 if (wiphy->bands[NL80211_BAND_5GHZ]) {
7412 kfree(wiphy->bands[NL80211_BAND_5GHZ]->channels);
7413 kfree(wiphy->bands[NL80211_BAND_5GHZ]);
7415 #if IS_ENABLED(CONFIG_PM)
7416 if (wiphy->wowlan != &brcmf_wowlan_support)
7417 kfree(wiphy->wowlan);
7421 struct brcmf_cfg80211_info *brcmf_cfg80211_attach(struct brcmf_pub *drvr,
7422 struct cfg80211_ops *ops,
7425 struct wiphy *wiphy = drvr->wiphy;
7426 struct net_device *ndev = brcmf_get_ifp(drvr, 0)->ndev;
7427 struct brcmf_cfg80211_info *cfg;
7428 struct brcmf_cfg80211_vif *vif;
7429 struct brcmf_if *ifp;
7435 bphy_err(drvr, "ndev is invalid\n");
7439 cfg = kzalloc(sizeof(*cfg), GFP_KERNEL);
7441 bphy_err(drvr, "Could not allocate wiphy device\n");
7447 init_vif_event(&cfg->vif_event);
7448 INIT_LIST_HEAD(&cfg->vif_list);
7450 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_STATION);
7454 ifp = netdev_priv(ndev);
7456 vif->wdev.netdev = ndev;
7457 ndev->ieee80211_ptr = &vif->wdev;
7458 SET_NETDEV_DEV(ndev, wiphy_dev(cfg->wiphy));
7460 err = wl_init_priv(cfg);
7462 bphy_err(drvr, "Failed to init iwm_priv (%d)\n", err);
7463 brcmf_free_vif(vif);
7468 /* determine d11 io type before wiphy setup */
7469 err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_VERSION, &io_type);
7471 bphy_err(drvr, "Failed to get D11 version (%d)\n", err);
7474 cfg->d11inf.io_type = (u8)io_type;
7475 brcmu_d11_attach(&cfg->d11inf);
7477 /* regulatory notifer below needs access to cfg so
7482 err = brcmf_setup_wiphy(wiphy, ifp);
7486 brcmf_dbg(INFO, "Registering custom regulatory\n");
7487 wiphy->reg_notifier = brcmf_cfg80211_reg_notifier;
7488 wiphy->regulatory_flags |= REGULATORY_CUSTOM_REG;
7489 wiphy_apply_custom_regulatory(wiphy, &brcmf_regdom);
7491 /* firmware defaults to 40MHz disabled in 2G band. We signal
7492 * cfg80211 here that we do and have it decide we can enable
7493 * it. But first check if device does support 2G operation.
7495 if (wiphy->bands[NL80211_BAND_2GHZ]) {
7496 cap = &wiphy->bands[NL80211_BAND_2GHZ]->ht_cap.cap;
7497 *cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
7500 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_GTK))
7501 ops->set_rekey_data = brcmf_cfg80211_set_rekey_data;
7503 err = wiphy_register(wiphy);
7505 bphy_err(drvr, "Could not register wiphy device (%d)\n", err);
7509 err = brcmf_setup_wiphybands(cfg);
7511 bphy_err(drvr, "Setting wiphy bands failed (%d)\n", err);
7512 goto wiphy_unreg_out;
7515 /* If cfg80211 didn't disable 40MHz HT CAP in wiphy_register(),
7516 * setup 40MHz in 2GHz band and enable OBSS scanning.
7518 if (cap && (*cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40)) {
7519 err = brcmf_enable_bw40_2g(cfg);
7521 err = brcmf_fil_iovar_int_set(ifp, "obss_coex",
7522 BRCMF_OBSS_COEX_AUTO);
7524 *cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
7527 err = brcmf_fweh_activate_events(ifp);
7529 bphy_err(drvr, "FWEH activation failed (%d)\n", err);
7530 goto wiphy_unreg_out;
7533 err = brcmf_p2p_attach(cfg, p2pdev_forced);
7535 bphy_err(drvr, "P2P initialisation failed (%d)\n", err);
7536 goto wiphy_unreg_out;
7538 err = brcmf_btcoex_attach(cfg);
7540 bphy_err(drvr, "BT-coex initialisation failed (%d)\n", err);
7541 brcmf_p2p_detach(&cfg->p2p);
7542 goto wiphy_unreg_out;
7544 err = brcmf_pno_attach(cfg);
7546 bphy_err(drvr, "PNO initialisation failed (%d)\n", err);
7547 brcmf_btcoex_detach(cfg);
7548 brcmf_p2p_detach(&cfg->p2p);
7549 goto wiphy_unreg_out;
7552 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_TDLS)) {
7553 err = brcmf_fil_iovar_int_set(ifp, "tdls_enable", 1);
7555 brcmf_dbg(INFO, "TDLS not enabled (%d)\n", err);
7556 wiphy->flags &= ~WIPHY_FLAG_SUPPORTS_TDLS;
7558 brcmf_fweh_register(cfg->pub, BRCMF_E_TDLS_PEER_EVENT,
7559 brcmf_notify_tdls_peer_event);
7563 /* (re-) activate FWEH event handling */
7564 err = brcmf_fweh_activate_events(ifp);
7566 bphy_err(drvr, "FWEH activation failed (%d)\n", err);
7570 /* Fill in some of the advertised nl80211 supported features */
7571 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SCAN_RANDOM_MAC)) {
7572 wiphy->features |= NL80211_FEATURE_SCHED_SCAN_RANDOM_MAC_ADDR;
7574 if (wiphy->wowlan &&
7575 wiphy->wowlan->flags & WIPHY_WOWLAN_NET_DETECT)
7576 wiphy->features |= NL80211_FEATURE_ND_RANDOM_MAC_ADDR;
7583 brcmf_pno_detach(cfg);
7584 brcmf_btcoex_detach(cfg);
7585 brcmf_p2p_detach(&cfg->p2p);
7587 wiphy_unregister(cfg->wiphy);
7589 wl_deinit_priv(cfg);
7590 brcmf_free_vif(vif);
7593 brcmf_free_wiphy(wiphy);
7598 void brcmf_cfg80211_detach(struct brcmf_cfg80211_info *cfg)
7603 brcmf_pno_detach(cfg);
7604 brcmf_btcoex_detach(cfg);
7605 wiphy_unregister(cfg->wiphy);
7606 wl_deinit_priv(cfg);
7607 brcmf_free_wiphy(cfg->wiphy);