1 // SPDX-License-Identifier: ISC
3 * Copyright (c) 2010 Broadcom Corporation
6 /* Toplevel file. Relies on dhd_linux.c to send commands to the dongle. */
8 #include <linux/kernel.h>
9 #include <linux/etherdevice.h>
10 #include <linux/module.h>
11 #include <linux/vmalloc.h>
12 #include <linux/ctype.h>
13 #include <net/cfg80211.h>
14 #include <net/netlink.h>
15 #include <uapi/linux/if_arp.h>
17 #include <brcmu_utils.h>
19 #include <brcmu_wifi.h>
22 #include "tracepoint.h"
23 #include "fwil_types.h"
36 #define BRCMF_SCAN_IE_LEN_MAX 2048
38 #define WPA_OUI "\x00\x50\xF2" /* WPA OUI */
39 #define WPA_OUI_TYPE 1
40 #define RSN_OUI "\x00\x0F\xAC" /* RSN OUI */
41 #define WME_OUI_TYPE 2
42 #define WPS_OUI_TYPE 4
44 #define VS_IE_FIXED_HDR_LEN 6
45 #define WPA_IE_VERSION_LEN 2
46 #define WPA_IE_MIN_OUI_LEN 4
47 #define WPA_IE_SUITE_COUNT_LEN 2
49 #define WPA_CIPHER_NONE 0 /* None */
50 #define WPA_CIPHER_WEP_40 1 /* WEP (40-bit) */
51 #define WPA_CIPHER_TKIP 2 /* TKIP: default for WPA */
52 #define WPA_CIPHER_AES_CCM 4 /* AES (CCM) */
53 #define WPA_CIPHER_WEP_104 5 /* WEP (104-bit) */
55 #define RSN_AKM_NONE 0 /* None (IBSS) */
56 #define RSN_AKM_UNSPECIFIED 1 /* Over 802.1x */
57 #define RSN_AKM_PSK 2 /* Pre-shared Key */
58 #define RSN_AKM_SHA256_1X 5 /* SHA256, 802.1X */
59 #define RSN_AKM_SHA256_PSK 6 /* SHA256, Pre-shared Key */
60 #define RSN_AKM_SAE 8 /* SAE */
61 #define RSN_CAP_LEN 2 /* Length of RSN capabilities */
62 #define RSN_CAP_PTK_REPLAY_CNTR_MASK (BIT(2) | BIT(3))
63 #define RSN_CAP_MFPR_MASK BIT(6)
64 #define RSN_CAP_MFPC_MASK BIT(7)
65 #define RSN_PMKID_COUNT_LEN 2
67 #define VNDR_IE_CMD_LEN 4 /* length of the set command
68 * string :"add", "del" (+ NUL)
70 #define VNDR_IE_COUNT_OFFSET 4
71 #define VNDR_IE_PKTFLAG_OFFSET 8
72 #define VNDR_IE_VSIE_OFFSET 12
73 #define VNDR_IE_HDR_SIZE 12
74 #define VNDR_IE_PARSE_LIMIT 5
76 #define DOT11_MGMT_HDR_LEN 24 /* d11 management header len */
77 #define DOT11_BCN_PRB_FIXED_LEN 12 /* beacon/probe fixed length */
79 #define BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS 320
80 #define BRCMF_SCAN_JOIN_PASSIVE_DWELL_TIME_MS 400
81 #define BRCMF_SCAN_JOIN_PROBE_INTERVAL_MS 20
83 #define BRCMF_SCAN_CHANNEL_TIME 40
84 #define BRCMF_SCAN_UNASSOC_TIME 40
85 #define BRCMF_SCAN_PASSIVE_TIME 120
87 #define BRCMF_ND_INFO_TIMEOUT msecs_to_jiffies(2000)
89 #define BRCMF_PS_MAX_TIMEOUT_MS 2000
91 #define BRCMF_ASSOC_PARAMS_FIXED_SIZE \
92 (sizeof(struct brcmf_assoc_params_le) - sizeof(u16))
94 static bool check_vif_up(struct brcmf_cfg80211_vif *vif)
96 if (!test_bit(BRCMF_VIF_STATUS_READY, &vif->sme_state)) {
97 brcmf_dbg(INFO, "device is not ready : status (%lu)\n",
104 #define RATE_TO_BASE100KBPS(rate) (((rate) * 10) / 2)
105 #define RATETAB_ENT(_rateid, _flags) \
107 .bitrate = RATE_TO_BASE100KBPS(_rateid), \
108 .hw_value = (_rateid), \
112 static struct ieee80211_rate __wl_rates[] = {
113 RATETAB_ENT(BRCM_RATE_1M, 0),
114 RATETAB_ENT(BRCM_RATE_2M, IEEE80211_RATE_SHORT_PREAMBLE),
115 RATETAB_ENT(BRCM_RATE_5M5, IEEE80211_RATE_SHORT_PREAMBLE),
116 RATETAB_ENT(BRCM_RATE_11M, IEEE80211_RATE_SHORT_PREAMBLE),
117 RATETAB_ENT(BRCM_RATE_6M, 0),
118 RATETAB_ENT(BRCM_RATE_9M, 0),
119 RATETAB_ENT(BRCM_RATE_12M, 0),
120 RATETAB_ENT(BRCM_RATE_18M, 0),
121 RATETAB_ENT(BRCM_RATE_24M, 0),
122 RATETAB_ENT(BRCM_RATE_36M, 0),
123 RATETAB_ENT(BRCM_RATE_48M, 0),
124 RATETAB_ENT(BRCM_RATE_54M, 0),
127 #define wl_g_rates (__wl_rates + 0)
128 #define wl_g_rates_size ARRAY_SIZE(__wl_rates)
129 #define wl_a_rates (__wl_rates + 4)
130 #define wl_a_rates_size (wl_g_rates_size - 4)
132 #define CHAN2G(_channel, _freq) { \
133 .band = NL80211_BAND_2GHZ, \
134 .center_freq = (_freq), \
135 .hw_value = (_channel), \
136 .max_antenna_gain = 0, \
140 #define CHAN5G(_channel) { \
141 .band = NL80211_BAND_5GHZ, \
142 .center_freq = 5000 + (5 * (_channel)), \
143 .hw_value = (_channel), \
144 .max_antenna_gain = 0, \
148 static struct ieee80211_channel __wl_2ghz_channels[] = {
149 CHAN2G(1, 2412), CHAN2G(2, 2417), CHAN2G(3, 2422), CHAN2G(4, 2427),
150 CHAN2G(5, 2432), CHAN2G(6, 2437), CHAN2G(7, 2442), CHAN2G(8, 2447),
151 CHAN2G(9, 2452), CHAN2G(10, 2457), CHAN2G(11, 2462), CHAN2G(12, 2467),
152 CHAN2G(13, 2472), CHAN2G(14, 2484)
155 static struct ieee80211_channel __wl_5ghz_channels[] = {
156 CHAN5G(34), CHAN5G(36), CHAN5G(38), CHAN5G(40), CHAN5G(42),
157 CHAN5G(44), CHAN5G(46), CHAN5G(48), CHAN5G(52), CHAN5G(56),
158 CHAN5G(60), CHAN5G(64), CHAN5G(100), CHAN5G(104), CHAN5G(108),
159 CHAN5G(112), CHAN5G(116), CHAN5G(120), CHAN5G(124), CHAN5G(128),
160 CHAN5G(132), CHAN5G(136), CHAN5G(140), CHAN5G(144), CHAN5G(149),
161 CHAN5G(153), CHAN5G(157), CHAN5G(161), CHAN5G(165)
164 /* Band templates duplicated per wiphy. The channel info
165 * above is added to the band during setup.
167 static const struct ieee80211_supported_band __wl_band_2ghz = {
168 .band = NL80211_BAND_2GHZ,
169 .bitrates = wl_g_rates,
170 .n_bitrates = wl_g_rates_size,
173 static const struct ieee80211_supported_band __wl_band_5ghz = {
174 .band = NL80211_BAND_5GHZ,
175 .bitrates = wl_a_rates,
176 .n_bitrates = wl_a_rates_size,
179 /* This is to override regulatory domains defined in cfg80211 module (reg.c)
180 * By default world regulatory domain defined in reg.c puts the flags
181 * NL80211_RRF_NO_IR for 5GHz channels (for * 36..48 and 149..165).
182 * With respect to these flags, wpa_supplicant doesn't * start p2p
183 * operations on 5GHz channels. All the changes in world regulatory
184 * domain are to be done here.
186 static const struct ieee80211_regdomain brcmf_regdom = {
190 /* IEEE 802.11b/g, channels 1..11 */
191 REG_RULE(2412-10, 2472+10, 40, 6, 20, 0),
193 /* IEEE 802.11 channel 14 - Only JP enables
194 * this and for 802.11b only
196 REG_RULE(2484-10, 2484+10, 20, 6, 20, 0),
197 /* IEEE 802.11a, channel 36..64 */
198 REG_RULE(5150-10, 5350+10, 160, 6, 20, 0),
199 /* IEEE 802.11a, channel 100..165 */
200 REG_RULE(5470-10, 5850+10, 160, 6, 20, 0), }
203 /* Note: brcmf_cipher_suites is an array of int defining which cipher suites
204 * are supported. A pointer to this array and the number of entries is passed
205 * on to upper layers. AES_CMAC defines whether or not the driver supports MFP.
206 * So the cipher suite AES_CMAC has to be the last one in the array, and when
207 * device does not support MFP then the number of suites will be decreased by 1
209 static const u32 brcmf_cipher_suites[] = {
210 WLAN_CIPHER_SUITE_WEP40,
211 WLAN_CIPHER_SUITE_WEP104,
212 WLAN_CIPHER_SUITE_TKIP,
213 WLAN_CIPHER_SUITE_CCMP,
214 /* Keep as last entry: */
215 WLAN_CIPHER_SUITE_AES_CMAC
218 /* Vendor specific ie. id = 221, oui and type defines exact ie */
219 struct brcmf_vs_tlv {
226 struct parsed_vndr_ie_info {
228 u32 ie_len; /* total length including id & length field */
229 struct brcmf_vs_tlv vndrie;
232 struct parsed_vndr_ies {
234 struct parsed_vndr_ie_info ie_info[VNDR_IE_PARSE_LIMIT];
237 static u8 nl80211_band_to_fwil(enum nl80211_band band)
240 case NL80211_BAND_2GHZ:
242 case NL80211_BAND_5GHZ:
251 static u16 chandef_to_chanspec(struct brcmu_d11inf *d11inf,
252 struct cfg80211_chan_def *ch)
254 struct brcmu_chan ch_inf;
257 brcmf_dbg(TRACE, "chandef: control %d center %d width %d\n",
258 ch->chan->center_freq, ch->center_freq1, ch->width);
259 ch_inf.chnum = ieee80211_frequency_to_channel(ch->center_freq1);
260 primary_offset = ch->chan->center_freq - ch->center_freq1;
262 case NL80211_CHAN_WIDTH_20:
263 case NL80211_CHAN_WIDTH_20_NOHT:
264 ch_inf.bw = BRCMU_CHAN_BW_20;
265 WARN_ON(primary_offset != 0);
267 case NL80211_CHAN_WIDTH_40:
268 ch_inf.bw = BRCMU_CHAN_BW_40;
269 if (primary_offset > 0)
270 ch_inf.sb = BRCMU_CHAN_SB_U;
272 ch_inf.sb = BRCMU_CHAN_SB_L;
274 case NL80211_CHAN_WIDTH_80:
275 ch_inf.bw = BRCMU_CHAN_BW_80;
276 if (primary_offset == -30)
277 ch_inf.sb = BRCMU_CHAN_SB_LL;
278 else if (primary_offset == -10)
279 ch_inf.sb = BRCMU_CHAN_SB_LU;
280 else if (primary_offset == 10)
281 ch_inf.sb = BRCMU_CHAN_SB_UL;
283 ch_inf.sb = BRCMU_CHAN_SB_UU;
285 case NL80211_CHAN_WIDTH_160:
286 ch_inf.bw = BRCMU_CHAN_BW_160;
287 if (primary_offset == -70)
288 ch_inf.sb = BRCMU_CHAN_SB_LLL;
289 else if (primary_offset == -50)
290 ch_inf.sb = BRCMU_CHAN_SB_LLU;
291 else if (primary_offset == -30)
292 ch_inf.sb = BRCMU_CHAN_SB_LUL;
293 else if (primary_offset == -10)
294 ch_inf.sb = BRCMU_CHAN_SB_LUU;
295 else if (primary_offset == 10)
296 ch_inf.sb = BRCMU_CHAN_SB_ULL;
297 else if (primary_offset == 30)
298 ch_inf.sb = BRCMU_CHAN_SB_ULU;
299 else if (primary_offset == 50)
300 ch_inf.sb = BRCMU_CHAN_SB_UUL;
302 ch_inf.sb = BRCMU_CHAN_SB_UUU;
304 case NL80211_CHAN_WIDTH_80P80:
305 case NL80211_CHAN_WIDTH_5:
306 case NL80211_CHAN_WIDTH_10:
310 switch (ch->chan->band) {
311 case NL80211_BAND_2GHZ:
312 ch_inf.band = BRCMU_CHAN_BAND_2G;
314 case NL80211_BAND_5GHZ:
315 ch_inf.band = BRCMU_CHAN_BAND_5G;
317 case NL80211_BAND_60GHZ:
321 d11inf->encchspec(&ch_inf);
323 brcmf_dbg(TRACE, "chanspec: 0x%x\n", ch_inf.chspec);
324 return ch_inf.chspec;
327 u16 channel_to_chanspec(struct brcmu_d11inf *d11inf,
328 struct ieee80211_channel *ch)
330 struct brcmu_chan ch_inf;
332 ch_inf.chnum = ieee80211_frequency_to_channel(ch->center_freq);
333 ch_inf.bw = BRCMU_CHAN_BW_20;
334 d11inf->encchspec(&ch_inf);
336 return ch_inf.chspec;
339 /* Traverse a string of 1-byte tag/1-byte length/variable-length value
340 * triples, returning a pointer to the substring whose first element
343 static const struct brcmf_tlv *
344 brcmf_parse_tlvs(const void *buf, int buflen, uint key)
346 const struct brcmf_tlv *elt = buf;
349 /* find tagged parameter */
350 while (totlen >= TLV_HDR_LEN) {
353 /* validate remaining totlen */
354 if ((elt->id == key) && (totlen >= (len + TLV_HDR_LEN)))
357 elt = (struct brcmf_tlv *)((u8 *)elt + (len + TLV_HDR_LEN));
358 totlen -= (len + TLV_HDR_LEN);
364 /* Is any of the tlvs the expected entry? If
365 * not update the tlvs buffer pointer/length.
368 brcmf_tlv_has_ie(const u8 *ie, const u8 **tlvs, u32 *tlvs_len,
369 const u8 *oui, u32 oui_len, u8 type)
371 /* If the contents match the OUI and the type */
372 if (ie[TLV_LEN_OFF] >= oui_len + 1 &&
373 !memcmp(&ie[TLV_BODY_OFF], oui, oui_len) &&
374 type == ie[TLV_BODY_OFF + oui_len]) {
380 /* point to the next ie */
381 ie += ie[TLV_LEN_OFF] + TLV_HDR_LEN;
382 /* calculate the length of the rest of the buffer */
383 *tlvs_len -= (int)(ie - *tlvs);
384 /* update the pointer to the start of the buffer */
390 static struct brcmf_vs_tlv *
391 brcmf_find_wpaie(const u8 *parse, u32 len)
393 const struct brcmf_tlv *ie;
395 while ((ie = brcmf_parse_tlvs(parse, len, WLAN_EID_VENDOR_SPECIFIC))) {
396 if (brcmf_tlv_has_ie((const u8 *)ie, &parse, &len,
397 WPA_OUI, TLV_OUI_LEN, WPA_OUI_TYPE))
398 return (struct brcmf_vs_tlv *)ie;
403 static struct brcmf_vs_tlv *
404 brcmf_find_wpsie(const u8 *parse, u32 len)
406 const struct brcmf_tlv *ie;
408 while ((ie = brcmf_parse_tlvs(parse, len, WLAN_EID_VENDOR_SPECIFIC))) {
409 if (brcmf_tlv_has_ie((u8 *)ie, &parse, &len,
410 WPA_OUI, TLV_OUI_LEN, WPS_OUI_TYPE))
411 return (struct brcmf_vs_tlv *)ie;
416 static int brcmf_vif_change_validate(struct brcmf_cfg80211_info *cfg,
417 struct brcmf_cfg80211_vif *vif,
418 enum nl80211_iftype new_type)
420 struct brcmf_cfg80211_vif *pos;
421 bool check_combos = false;
423 struct iface_combination_params params = {
424 .num_different_channels = 1,
427 list_for_each_entry(pos, &cfg->vif_list, list)
429 params.iftype_num[new_type]++;
431 /* concurrent interfaces so need check combinations */
433 params.iftype_num[pos->wdev.iftype]++;
437 ret = cfg80211_check_combinations(cfg->wiphy, ¶ms);
442 static int brcmf_vif_add_validate(struct brcmf_cfg80211_info *cfg,
443 enum nl80211_iftype new_type)
445 struct brcmf_cfg80211_vif *pos;
446 struct iface_combination_params params = {
447 .num_different_channels = 1,
450 list_for_each_entry(pos, &cfg->vif_list, list)
451 params.iftype_num[pos->wdev.iftype]++;
453 params.iftype_num[new_type]++;
454 return cfg80211_check_combinations(cfg->wiphy, ¶ms);
457 static void convert_key_from_CPU(struct brcmf_wsec_key *key,
458 struct brcmf_wsec_key_le *key_le)
460 key_le->index = cpu_to_le32(key->index);
461 key_le->len = cpu_to_le32(key->len);
462 key_le->algo = cpu_to_le32(key->algo);
463 key_le->flags = cpu_to_le32(key->flags);
464 key_le->rxiv.hi = cpu_to_le32(key->rxiv.hi);
465 key_le->rxiv.lo = cpu_to_le16(key->rxiv.lo);
466 key_le->iv_initialized = cpu_to_le32(key->iv_initialized);
467 memcpy(key_le->data, key->data, sizeof(key->data));
468 memcpy(key_le->ea, key->ea, sizeof(key->ea));
472 send_key_to_dongle(struct brcmf_if *ifp, struct brcmf_wsec_key *key)
474 struct brcmf_pub *drvr = ifp->drvr;
476 struct brcmf_wsec_key_le key_le;
478 convert_key_from_CPU(key, &key_le);
480 brcmf_netdev_wait_pend8021x(ifp);
482 err = brcmf_fil_bsscfg_data_set(ifp, "wsec_key", &key_le,
486 bphy_err(drvr, "wsec_key error (%d)\n", err);
491 brcmf_cfg80211_update_proto_addr_mode(struct wireless_dev *wdev)
493 struct brcmf_cfg80211_vif *vif;
494 struct brcmf_if *ifp;
496 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
499 if ((wdev->iftype == NL80211_IFTYPE_ADHOC) ||
500 (wdev->iftype == NL80211_IFTYPE_AP) ||
501 (wdev->iftype == NL80211_IFTYPE_P2P_GO))
502 brcmf_proto_configure_addr_mode(ifp->drvr, ifp->ifidx,
505 brcmf_proto_configure_addr_mode(ifp->drvr, ifp->ifidx,
509 static int brcmf_get_first_free_bsscfgidx(struct brcmf_pub *drvr)
513 for (bsscfgidx = 0; bsscfgidx < BRCMF_MAX_IFS; bsscfgidx++) {
514 /* bsscfgidx 1 is reserved for legacy P2P */
517 if (!drvr->iflist[bsscfgidx])
524 static int brcmf_cfg80211_request_ap_if(struct brcmf_if *ifp)
526 struct brcmf_pub *drvr = ifp->drvr;
527 struct brcmf_mbss_ssid_le mbss_ssid_le;
531 memset(&mbss_ssid_le, 0, sizeof(mbss_ssid_le));
532 bsscfgidx = brcmf_get_first_free_bsscfgidx(ifp->drvr);
536 mbss_ssid_le.bsscfgidx = cpu_to_le32(bsscfgidx);
537 mbss_ssid_le.SSID_len = cpu_to_le32(5);
538 sprintf(mbss_ssid_le.SSID, "ssid%d" , bsscfgidx);
540 err = brcmf_fil_bsscfg_data_set(ifp, "bsscfg:ssid", &mbss_ssid_le,
541 sizeof(mbss_ssid_le));
543 bphy_err(drvr, "setting ssid failed %d\n", err);
549 * brcmf_ap_add_vif() - create a new AP virtual interface for multiple BSS
551 * @wiphy: wiphy device of new interface.
552 * @name: name of the new interface.
553 * @params: contains mac address for AP device.
556 struct wireless_dev *brcmf_ap_add_vif(struct wiphy *wiphy, const char *name,
557 struct vif_params *params)
559 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
560 struct brcmf_if *ifp = netdev_priv(cfg_to_ndev(cfg));
561 struct brcmf_pub *drvr = cfg->pub;
562 struct brcmf_cfg80211_vif *vif;
565 if (brcmf_cfg80211_vif_event_armed(cfg))
566 return ERR_PTR(-EBUSY);
568 brcmf_dbg(INFO, "Adding vif \"%s\"\n", name);
570 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_AP);
572 return (struct wireless_dev *)vif;
574 brcmf_cfg80211_arm_vif_event(cfg, vif);
576 err = brcmf_cfg80211_request_ap_if(ifp);
578 brcmf_cfg80211_arm_vif_event(cfg, NULL);
582 /* wait for firmware event */
583 err = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_ADD,
584 BRCMF_VIF_EVENT_TIMEOUT);
585 brcmf_cfg80211_arm_vif_event(cfg, NULL);
587 bphy_err(drvr, "timeout occurred\n");
592 /* interface created in firmware */
595 bphy_err(drvr, "no if pointer provided\n");
600 strncpy(ifp->ndev->name, name, sizeof(ifp->ndev->name) - 1);
601 err = brcmf_net_attach(ifp, true);
603 bphy_err(drvr, "Registering netdevice failed\n");
604 free_netdev(ifp->ndev);
608 return &ifp->vif->wdev;
615 static bool brcmf_is_apmode(struct brcmf_cfg80211_vif *vif)
617 enum nl80211_iftype iftype;
619 iftype = vif->wdev.iftype;
620 return iftype == NL80211_IFTYPE_AP || iftype == NL80211_IFTYPE_P2P_GO;
623 static bool brcmf_is_ibssmode(struct brcmf_cfg80211_vif *vif)
625 return vif->wdev.iftype == NL80211_IFTYPE_ADHOC;
629 * brcmf_mon_add_vif() - create monitor mode virtual interface
631 * @wiphy: wiphy device of new interface.
632 * @name: name of the new interface.
634 static struct wireless_dev *brcmf_mon_add_vif(struct wiphy *wiphy,
637 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
638 struct brcmf_cfg80211_vif *vif;
639 struct net_device *ndev;
640 struct brcmf_if *ifp;
643 if (cfg->pub->mon_if) {
648 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_MONITOR);
654 ndev = alloc_netdev(sizeof(*ifp), name, NET_NAME_UNKNOWN, ether_setup);
659 ndev->type = ARPHRD_IEEE80211_RADIOTAP;
660 ndev->ieee80211_ptr = &vif->wdev;
661 ndev->needs_free_netdev = true;
662 ndev->priv_destructor = brcmf_cfg80211_free_netdev;
663 SET_NETDEV_DEV(ndev, wiphy_dev(cfg->wiphy));
665 ifp = netdev_priv(ndev);
668 ifp->drvr = cfg->pub;
671 vif->wdev.netdev = ndev;
673 err = brcmf_net_mon_attach(ifp);
675 brcmf_err("Failed to attach %s device\n", ndev->name);
680 cfg->pub->mon_if = ifp;
690 static int brcmf_mon_del_vif(struct wiphy *wiphy, struct wireless_dev *wdev)
692 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
693 struct net_device *ndev = wdev->netdev;
695 ndev->netdev_ops->ndo_stop(ndev);
697 brcmf_net_detach(ndev, true);
699 cfg->pub->mon_if = NULL;
704 static struct wireless_dev *brcmf_cfg80211_add_iface(struct wiphy *wiphy,
706 unsigned char name_assign_type,
707 enum nl80211_iftype type,
708 struct vif_params *params)
710 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
711 struct brcmf_pub *drvr = cfg->pub;
712 struct wireless_dev *wdev;
715 brcmf_dbg(TRACE, "enter: %s type %d\n", name, type);
716 err = brcmf_vif_add_validate(wiphy_to_cfg(wiphy), type);
718 bphy_err(drvr, "iface validation failed: err=%d\n", err);
722 case NL80211_IFTYPE_ADHOC:
723 case NL80211_IFTYPE_STATION:
724 case NL80211_IFTYPE_AP_VLAN:
725 case NL80211_IFTYPE_WDS:
726 case NL80211_IFTYPE_MESH_POINT:
727 return ERR_PTR(-EOPNOTSUPP);
728 case NL80211_IFTYPE_MONITOR:
729 return brcmf_mon_add_vif(wiphy, name);
730 case NL80211_IFTYPE_AP:
731 wdev = brcmf_ap_add_vif(wiphy, name, params);
733 case NL80211_IFTYPE_P2P_CLIENT:
734 case NL80211_IFTYPE_P2P_GO:
735 case NL80211_IFTYPE_P2P_DEVICE:
736 wdev = brcmf_p2p_add_vif(wiphy, name, name_assign_type, type, params);
738 case NL80211_IFTYPE_UNSPECIFIED:
740 return ERR_PTR(-EINVAL);
744 bphy_err(drvr, "add iface %s type %d failed: err=%d\n", name,
745 type, (int)PTR_ERR(wdev));
747 brcmf_cfg80211_update_proto_addr_mode(wdev);
752 static void brcmf_scan_config_mpc(struct brcmf_if *ifp, int mpc)
754 if (brcmf_feat_is_quirk_enabled(ifp, BRCMF_FEAT_QUIRK_NEED_MPC))
755 brcmf_set_mpc(ifp, mpc);
758 void brcmf_set_mpc(struct brcmf_if *ifp, int mpc)
760 struct brcmf_pub *drvr = ifp->drvr;
763 if (check_vif_up(ifp->vif)) {
764 err = brcmf_fil_iovar_int_set(ifp, "mpc", mpc);
766 bphy_err(drvr, "fail to set mpc\n");
769 brcmf_dbg(INFO, "MPC : %d\n", mpc);
773 s32 brcmf_notify_escan_complete(struct brcmf_cfg80211_info *cfg,
774 struct brcmf_if *ifp, bool aborted,
777 struct brcmf_pub *drvr = cfg->pub;
778 struct brcmf_scan_params_le params_le;
779 struct cfg80211_scan_request *scan_request;
784 brcmf_dbg(SCAN, "Enter\n");
786 /* clear scan request, because the FW abort can cause a second call */
787 /* to this functon and might cause a double cfg80211_scan_done */
788 scan_request = cfg->scan_request;
789 cfg->scan_request = NULL;
791 if (timer_pending(&cfg->escan_timeout))
792 del_timer_sync(&cfg->escan_timeout);
795 /* Do a scan abort to stop the driver's scan engine */
796 brcmf_dbg(SCAN, "ABORT scan in firmware\n");
797 memset(¶ms_le, 0, sizeof(params_le));
798 eth_broadcast_addr(params_le.bssid);
799 params_le.bss_type = DOT11_BSSTYPE_ANY;
800 params_le.scan_type = 0;
801 params_le.channel_num = cpu_to_le32(1);
802 params_le.nprobes = cpu_to_le32(1);
803 params_le.active_time = cpu_to_le32(-1);
804 params_le.passive_time = cpu_to_le32(-1);
805 params_le.home_time = cpu_to_le32(-1);
806 /* Scan is aborted by setting channel_list[0] to -1 */
807 params_le.channel_list[0] = cpu_to_le16(-1);
808 /* E-Scan (or anyother type) can be aborted by SCAN */
809 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SCAN,
810 ¶ms_le, sizeof(params_le));
812 bphy_err(drvr, "Scan abort failed\n");
815 brcmf_scan_config_mpc(ifp, 1);
818 * e-scan can be initiated internally
819 * which takes precedence.
821 if (cfg->int_escan_map) {
822 brcmf_dbg(SCAN, "scheduled scan completed (%x)\n",
824 while (cfg->int_escan_map) {
825 bucket = __ffs(cfg->int_escan_map);
826 cfg->int_escan_map &= ~BIT(bucket);
827 reqid = brcmf_pno_find_reqid_by_bucket(cfg->pno,
830 brcmf_dbg(SCAN, "report results: reqid=%llu\n",
832 cfg80211_sched_scan_results(cfg_to_wiphy(cfg),
836 } else if (scan_request) {
837 struct cfg80211_scan_info info = {
841 brcmf_dbg(SCAN, "ESCAN Completed scan: %s\n",
842 aborted ? "Aborted" : "Done");
843 cfg80211_scan_done(scan_request, &info);
845 if (!test_and_clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status))
846 brcmf_dbg(SCAN, "Scan complete, probably P2P scan\n");
851 static int brcmf_cfg80211_del_ap_iface(struct wiphy *wiphy,
852 struct wireless_dev *wdev)
854 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
855 struct net_device *ndev = wdev->netdev;
856 struct brcmf_if *ifp = netdev_priv(ndev);
857 struct brcmf_pub *drvr = cfg->pub;
861 brcmf_cfg80211_arm_vif_event(cfg, ifp->vif);
863 err = brcmf_fil_bsscfg_data_set(ifp, "interface_remove", NULL, 0);
865 bphy_err(drvr, "interface_remove failed %d\n", err);
869 /* wait for firmware event */
870 ret = brcmf_cfg80211_wait_vif_event(cfg, BRCMF_E_IF_DEL,
871 BRCMF_VIF_EVENT_TIMEOUT);
873 bphy_err(drvr, "timeout occurred\n");
878 brcmf_remove_interface(ifp, true);
881 brcmf_cfg80211_arm_vif_event(cfg, NULL);
886 int brcmf_cfg80211_del_iface(struct wiphy *wiphy, struct wireless_dev *wdev)
888 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
889 struct net_device *ndev = wdev->netdev;
891 if (ndev && ndev == cfg_to_ndev(cfg))
894 /* vif event pending in firmware */
895 if (brcmf_cfg80211_vif_event_armed(cfg))
899 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status) &&
900 cfg->escan_info.ifp == netdev_priv(ndev))
901 brcmf_notify_escan_complete(cfg, netdev_priv(ndev),
904 brcmf_fil_iovar_int_set(netdev_priv(ndev), "mpc", 1);
907 switch (wdev->iftype) {
908 case NL80211_IFTYPE_ADHOC:
909 case NL80211_IFTYPE_STATION:
910 case NL80211_IFTYPE_AP_VLAN:
911 case NL80211_IFTYPE_WDS:
912 case NL80211_IFTYPE_MESH_POINT:
914 case NL80211_IFTYPE_MONITOR:
915 return brcmf_mon_del_vif(wiphy, wdev);
916 case NL80211_IFTYPE_AP:
917 return brcmf_cfg80211_del_ap_iface(wiphy, wdev);
918 case NL80211_IFTYPE_P2P_CLIENT:
919 case NL80211_IFTYPE_P2P_GO:
920 case NL80211_IFTYPE_P2P_DEVICE:
921 return brcmf_p2p_del_vif(wiphy, wdev);
922 case NL80211_IFTYPE_UNSPECIFIED:
930 brcmf_cfg80211_change_iface(struct wiphy *wiphy, struct net_device *ndev,
931 enum nl80211_iftype type,
932 struct vif_params *params)
934 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
935 struct brcmf_if *ifp = netdev_priv(ndev);
936 struct brcmf_cfg80211_vif *vif = ifp->vif;
937 struct brcmf_pub *drvr = cfg->pub;
942 brcmf_dbg(TRACE, "Enter, bsscfgidx=%d, type=%d\n", ifp->bsscfgidx,
945 /* WAR: There are a number of p2p interface related problems which
946 * need to be handled initially (before doing the validate).
947 * wpa_supplicant tends to do iface changes on p2p device/client/go
948 * which are not always possible/allowed. However we need to return
949 * OK otherwise the wpa_supplicant wont start. The situation differs
950 * on configuration and setup (p2pon=1 module param). The first check
951 * is to see if the request is a change to station for p2p iface.
953 if ((type == NL80211_IFTYPE_STATION) &&
954 ((vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT) ||
955 (vif->wdev.iftype == NL80211_IFTYPE_P2P_GO) ||
956 (vif->wdev.iftype == NL80211_IFTYPE_P2P_DEVICE))) {
957 brcmf_dbg(TRACE, "Ignoring cmd for p2p if\n");
958 /* Now depending on whether module param p2pon=1 was used the
959 * response needs to be either 0 or EOPNOTSUPP. The reason is
960 * that if p2pon=1 is used, but a newer supplicant is used then
961 * we should return an error, as this combination wont work.
962 * In other situations 0 is returned and supplicant will start
963 * normally. It will give a trace in cfg80211, but it is the
964 * only way to get it working. Unfortunately this will result
965 * in situation where we wont support new supplicant in
966 * combination with module param p2pon=1, but that is the way
967 * it is. If the user tries this then unloading of driver might
970 if (cfg->p2p.p2pdev_dynamically)
975 err = brcmf_vif_change_validate(wiphy_to_cfg(wiphy), vif, type);
977 bphy_err(drvr, "iface validation failed: err=%d\n", err);
981 case NL80211_IFTYPE_MONITOR:
982 case NL80211_IFTYPE_WDS:
983 bphy_err(drvr, "type (%d) : currently we do not support this type\n",
986 case NL80211_IFTYPE_ADHOC:
989 case NL80211_IFTYPE_STATION:
992 case NL80211_IFTYPE_AP:
993 case NL80211_IFTYPE_P2P_GO:
1002 if (type == NL80211_IFTYPE_P2P_GO) {
1003 brcmf_dbg(INFO, "IF Type = P2P GO\n");
1004 err = brcmf_p2p_ifchange(cfg, BRCMF_FIL_P2P_IF_GO);
1007 brcmf_dbg(INFO, "IF Type = AP\n");
1010 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_INFRA, infra);
1012 bphy_err(drvr, "WLC_SET_INFRA error (%d)\n", err);
1016 brcmf_dbg(INFO, "IF Type = %s\n", brcmf_is_ibssmode(vif) ?
1019 ndev->ieee80211_ptr->iftype = type;
1021 brcmf_cfg80211_update_proto_addr_mode(&vif->wdev);
1024 brcmf_dbg(TRACE, "Exit\n");
1029 static void brcmf_escan_prep(struct brcmf_cfg80211_info *cfg,
1030 struct brcmf_scan_params_le *params_le,
1031 struct cfg80211_scan_request *request)
1039 struct brcmf_ssid_le ssid_le;
1041 eth_broadcast_addr(params_le->bssid);
1042 params_le->bss_type = DOT11_BSSTYPE_ANY;
1043 params_le->scan_type = BRCMF_SCANTYPE_ACTIVE;
1044 params_le->channel_num = 0;
1045 params_le->nprobes = cpu_to_le32(-1);
1046 params_le->active_time = cpu_to_le32(-1);
1047 params_le->passive_time = cpu_to_le32(-1);
1048 params_le->home_time = cpu_to_le32(-1);
1049 memset(¶ms_le->ssid_le, 0, sizeof(params_le->ssid_le));
1051 n_ssids = request->n_ssids;
1052 n_channels = request->n_channels;
1054 /* Copy channel array if applicable */
1055 brcmf_dbg(SCAN, "### List of channelspecs to scan ### %d\n",
1057 if (n_channels > 0) {
1058 for (i = 0; i < n_channels; i++) {
1059 chanspec = channel_to_chanspec(&cfg->d11inf,
1060 request->channels[i]);
1061 brcmf_dbg(SCAN, "Chan : %d, Channel spec: %x\n",
1062 request->channels[i]->hw_value, chanspec);
1063 params_le->channel_list[i] = cpu_to_le16(chanspec);
1066 brcmf_dbg(SCAN, "Scanning all channels\n");
1068 /* Copy ssid array if applicable */
1069 brcmf_dbg(SCAN, "### List of SSIDs to scan ### %d\n", n_ssids);
1071 offset = offsetof(struct brcmf_scan_params_le, channel_list) +
1072 n_channels * sizeof(u16);
1073 offset = roundup(offset, sizeof(u32));
1074 ptr = (char *)params_le + offset;
1075 for (i = 0; i < n_ssids; i++) {
1076 memset(&ssid_le, 0, sizeof(ssid_le));
1078 cpu_to_le32(request->ssids[i].ssid_len);
1079 memcpy(ssid_le.SSID, request->ssids[i].ssid,
1080 request->ssids[i].ssid_len);
1081 if (!ssid_le.SSID_len)
1082 brcmf_dbg(SCAN, "%d: Broadcast scan\n", i);
1084 brcmf_dbg(SCAN, "%d: scan for %.32s size=%d\n",
1085 i, ssid_le.SSID, ssid_le.SSID_len);
1086 memcpy(ptr, &ssid_le, sizeof(ssid_le));
1087 ptr += sizeof(ssid_le);
1090 brcmf_dbg(SCAN, "Performing passive scan\n");
1091 params_le->scan_type = BRCMF_SCANTYPE_PASSIVE;
1093 /* Adding mask to channel numbers */
1094 params_le->channel_num =
1095 cpu_to_le32((n_ssids << BRCMF_SCAN_PARAMS_NSSID_SHIFT) |
1096 (n_channels & BRCMF_SCAN_PARAMS_COUNT_MASK));
1100 brcmf_run_escan(struct brcmf_cfg80211_info *cfg, struct brcmf_if *ifp,
1101 struct cfg80211_scan_request *request)
1103 struct brcmf_pub *drvr = cfg->pub;
1104 s32 params_size = BRCMF_SCAN_PARAMS_FIXED_SIZE +
1105 offsetof(struct brcmf_escan_params_le, params_le);
1106 struct brcmf_escan_params_le *params;
1109 brcmf_dbg(SCAN, "E-SCAN START\n");
1111 if (request != NULL) {
1112 /* Allocate space for populating ssids in struct */
1113 params_size += sizeof(u32) * ((request->n_channels + 1) / 2);
1115 /* Allocate space for populating ssids in struct */
1116 params_size += sizeof(struct brcmf_ssid_le) * request->n_ssids;
1119 params = kzalloc(params_size, GFP_KERNEL);
1124 BUG_ON(params_size + sizeof("escan") >= BRCMF_DCMD_MEDLEN);
1125 brcmf_escan_prep(cfg, ¶ms->params_le, request);
1126 params->version = cpu_to_le32(BRCMF_ESCAN_REQ_VERSION);
1127 params->action = cpu_to_le16(WL_ESCAN_ACTION_START);
1128 params->sync_id = cpu_to_le16(0x1234);
1130 err = brcmf_fil_iovar_data_set(ifp, "escan", params, params_size);
1133 brcmf_dbg(INFO, "system busy : escan canceled\n");
1135 bphy_err(drvr, "error (%d)\n", err);
1144 brcmf_do_escan(struct brcmf_if *ifp, struct cfg80211_scan_request *request)
1146 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
1148 struct brcmf_scan_results *results;
1149 struct escan_info *escan = &cfg->escan_info;
1151 brcmf_dbg(SCAN, "Enter\n");
1153 escan->wiphy = cfg->wiphy;
1154 escan->escan_state = WL_ESCAN_STATE_SCANNING;
1156 brcmf_scan_config_mpc(ifp, 0);
1157 results = (struct brcmf_scan_results *)cfg->escan_info.escan_buf;
1158 results->version = 0;
1160 results->buflen = WL_ESCAN_RESULTS_FIXED_SIZE;
1162 err = escan->run(cfg, ifp, request);
1164 brcmf_scan_config_mpc(ifp, 1);
1169 brcmf_cfg80211_scan(struct wiphy *wiphy, struct cfg80211_scan_request *request)
1171 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1172 struct brcmf_pub *drvr = cfg->pub;
1173 struct brcmf_cfg80211_vif *vif;
1176 brcmf_dbg(TRACE, "Enter\n");
1177 vif = container_of(request->wdev, struct brcmf_cfg80211_vif, wdev);
1178 if (!check_vif_up(vif))
1181 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
1182 bphy_err(drvr, "Scanning already: status (%lu)\n",
1186 if (test_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status)) {
1187 bphy_err(drvr, "Scanning being aborted: status (%lu)\n",
1191 if (test_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status)) {
1192 bphy_err(drvr, "Scanning suppressed: status (%lu)\n",
1196 if (test_bit(BRCMF_VIF_STATUS_CONNECTING, &vif->sme_state)) {
1197 bphy_err(drvr, "Connecting: status (%lu)\n", vif->sme_state);
1201 /* If scan req comes for p2p0, send it over primary I/F */
1202 if (vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif)
1203 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif;
1205 brcmf_dbg(SCAN, "START ESCAN\n");
1207 cfg->scan_request = request;
1208 set_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
1210 cfg->escan_info.run = brcmf_run_escan;
1211 err = brcmf_p2p_scan_prep(wiphy, request, vif);
1215 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_PRBREQ_FLAG,
1216 request->ie, request->ie_len);
1220 err = brcmf_do_escan(vif->ifp, request);
1224 /* Arm scan timeout timer */
1225 mod_timer(&cfg->escan_timeout,
1226 jiffies + msecs_to_jiffies(BRCMF_ESCAN_TIMER_INTERVAL_MS));
1231 bphy_err(drvr, "scan error (%d)\n", err);
1232 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
1233 cfg->scan_request = NULL;
1237 static s32 brcmf_set_rts(struct net_device *ndev, u32 rts_threshold)
1239 struct brcmf_if *ifp = netdev_priv(ndev);
1240 struct brcmf_pub *drvr = ifp->drvr;
1243 err = brcmf_fil_iovar_int_set(ifp, "rtsthresh", rts_threshold);
1245 bphy_err(drvr, "Error (%d)\n", err);
1250 static s32 brcmf_set_frag(struct net_device *ndev, u32 frag_threshold)
1252 struct brcmf_if *ifp = netdev_priv(ndev);
1253 struct brcmf_pub *drvr = ifp->drvr;
1256 err = brcmf_fil_iovar_int_set(ifp, "fragthresh",
1259 bphy_err(drvr, "Error (%d)\n", err);
1264 static s32 brcmf_set_retry(struct net_device *ndev, u32 retry, bool l)
1266 struct brcmf_if *ifp = netdev_priv(ndev);
1267 struct brcmf_pub *drvr = ifp->drvr;
1269 u32 cmd = (l ? BRCMF_C_SET_LRL : BRCMF_C_SET_SRL);
1271 err = brcmf_fil_cmd_int_set(ifp, cmd, retry);
1273 bphy_err(drvr, "cmd (%d) , error (%d)\n", cmd, err);
1279 static s32 brcmf_cfg80211_set_wiphy_params(struct wiphy *wiphy, u32 changed)
1281 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1282 struct net_device *ndev = cfg_to_ndev(cfg);
1283 struct brcmf_if *ifp = netdev_priv(ndev);
1286 brcmf_dbg(TRACE, "Enter\n");
1287 if (!check_vif_up(ifp->vif))
1290 if (changed & WIPHY_PARAM_RTS_THRESHOLD &&
1291 (cfg->conf->rts_threshold != wiphy->rts_threshold)) {
1292 cfg->conf->rts_threshold = wiphy->rts_threshold;
1293 err = brcmf_set_rts(ndev, cfg->conf->rts_threshold);
1297 if (changed & WIPHY_PARAM_FRAG_THRESHOLD &&
1298 (cfg->conf->frag_threshold != wiphy->frag_threshold)) {
1299 cfg->conf->frag_threshold = wiphy->frag_threshold;
1300 err = brcmf_set_frag(ndev, cfg->conf->frag_threshold);
1304 if (changed & WIPHY_PARAM_RETRY_LONG
1305 && (cfg->conf->retry_long != wiphy->retry_long)) {
1306 cfg->conf->retry_long = wiphy->retry_long;
1307 err = brcmf_set_retry(ndev, cfg->conf->retry_long, true);
1311 if (changed & WIPHY_PARAM_RETRY_SHORT
1312 && (cfg->conf->retry_short != wiphy->retry_short)) {
1313 cfg->conf->retry_short = wiphy->retry_short;
1314 err = brcmf_set_retry(ndev, cfg->conf->retry_short, false);
1320 brcmf_dbg(TRACE, "Exit\n");
1324 static void brcmf_init_prof(struct brcmf_cfg80211_profile *prof)
1326 memset(prof, 0, sizeof(*prof));
1329 static u16 brcmf_map_fw_linkdown_reason(const struct brcmf_event_msg *e)
1333 switch (e->event_code) {
1334 case BRCMF_E_DEAUTH:
1335 case BRCMF_E_DEAUTH_IND:
1336 case BRCMF_E_DISASSOC_IND:
1347 static int brcmf_set_pmk(struct brcmf_if *ifp, const u8 *pmk_data, u16 pmk_len)
1349 struct brcmf_pub *drvr = ifp->drvr;
1350 struct brcmf_wsec_pmk_le pmk;
1353 /* convert to firmware key format */
1354 pmk.key_len = cpu_to_le16(pmk_len << 1);
1355 pmk.flags = cpu_to_le16(BRCMF_WSEC_PASSPHRASE);
1356 for (i = 0; i < pmk_len; i++)
1357 snprintf(&pmk.key[2 * i], 3, "%02x", pmk_data[i]);
1359 /* store psk in firmware */
1360 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_WSEC_PMK,
1363 bphy_err(drvr, "failed to change PSK in firmware (len=%u)\n",
1369 static int brcmf_set_sae_password(struct brcmf_if *ifp, const u8 *pwd_data,
1372 struct brcmf_pub *drvr = ifp->drvr;
1373 struct brcmf_wsec_sae_pwd_le sae_pwd;
1376 if (pwd_len > BRCMF_WSEC_MAX_SAE_PASSWORD_LEN) {
1377 bphy_err(drvr, "sae_password must be less than %d\n",
1378 BRCMF_WSEC_MAX_SAE_PASSWORD_LEN);
1382 sae_pwd.key_len = cpu_to_le16(pwd_len);
1383 memcpy(sae_pwd.key, pwd_data, pwd_len);
1385 err = brcmf_fil_iovar_data_set(ifp, "sae_password", &sae_pwd,
1388 bphy_err(drvr, "failed to set SAE password in firmware (len=%u)\n",
1394 static void brcmf_link_down(struct brcmf_cfg80211_vif *vif, u16 reason,
1395 bool locally_generated)
1397 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(vif->wdev.wiphy);
1398 struct brcmf_pub *drvr = cfg->pub;
1399 bool bus_up = drvr->bus_if->state == BRCMF_BUS_UP;
1402 brcmf_dbg(TRACE, "Enter\n");
1404 if (test_and_clear_bit(BRCMF_VIF_STATUS_CONNECTED, &vif->sme_state)) {
1406 brcmf_dbg(INFO, "Call WLC_DISASSOC to stop excess roaming\n");
1407 err = brcmf_fil_cmd_data_set(vif->ifp,
1408 BRCMF_C_DISASSOC, NULL, 0);
1410 bphy_err(drvr, "WLC_DISASSOC failed (%d)\n",
1414 if ((vif->wdev.iftype == NL80211_IFTYPE_STATION) ||
1415 (vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT))
1416 cfg80211_disconnected(vif->wdev.netdev, reason, NULL, 0,
1417 locally_generated, GFP_KERNEL);
1419 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &vif->sme_state);
1420 clear_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
1421 brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_ENABLED, 0);
1422 if (vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
1424 brcmf_set_pmk(vif->ifp, NULL, 0);
1425 vif->profile.use_fwsup = BRCMF_PROFILE_FWSUP_NONE;
1427 brcmf_dbg(TRACE, "Exit\n");
1431 brcmf_cfg80211_join_ibss(struct wiphy *wiphy, struct net_device *ndev,
1432 struct cfg80211_ibss_params *params)
1434 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
1435 struct brcmf_if *ifp = netdev_priv(ndev);
1436 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
1437 struct brcmf_pub *drvr = cfg->pub;
1438 struct brcmf_join_params join_params;
1439 size_t join_params_size = 0;
1446 brcmf_dbg(TRACE, "Enter\n");
1447 if (!check_vif_up(ifp->vif))
1451 brcmf_dbg(CONN, "SSID: %s\n", params->ssid);
1453 brcmf_dbg(CONN, "SSID: NULL, Not supported\n");
1457 set_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
1460 brcmf_dbg(CONN, "BSSID: %pM\n", params->bssid);
1462 brcmf_dbg(CONN, "No BSSID specified\n");
1464 if (params->chandef.chan)
1465 brcmf_dbg(CONN, "channel: %d\n",
1466 params->chandef.chan->center_freq);
1468 brcmf_dbg(CONN, "no channel specified\n");
1470 if (params->channel_fixed)
1471 brcmf_dbg(CONN, "fixed channel required\n");
1473 brcmf_dbg(CONN, "no fixed channel required\n");
1475 if (params->ie && params->ie_len)
1476 brcmf_dbg(CONN, "ie len: %d\n", params->ie_len);
1478 brcmf_dbg(CONN, "no ie specified\n");
1480 if (params->beacon_interval)
1481 brcmf_dbg(CONN, "beacon interval: %d\n",
1482 params->beacon_interval);
1484 brcmf_dbg(CONN, "no beacon interval specified\n");
1486 if (params->basic_rates)
1487 brcmf_dbg(CONN, "basic rates: %08X\n", params->basic_rates);
1489 brcmf_dbg(CONN, "no basic rates specified\n");
1491 if (params->privacy)
1492 brcmf_dbg(CONN, "privacy required\n");
1494 brcmf_dbg(CONN, "no privacy required\n");
1496 /* Configure Privacy for starter */
1497 if (params->privacy)
1498 wsec |= WEP_ENABLED;
1500 err = brcmf_fil_iovar_int_set(ifp, "wsec", wsec);
1502 bphy_err(drvr, "wsec failed (%d)\n", err);
1506 /* Configure Beacon Interval for starter */
1507 if (params->beacon_interval)
1508 bcnprd = params->beacon_interval;
1512 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_BCNPRD, bcnprd);
1514 bphy_err(drvr, "WLC_SET_BCNPRD failed (%d)\n", err);
1518 /* Configure required join parameter */
1519 memset(&join_params, 0, sizeof(struct brcmf_join_params));
1522 ssid_len = min_t(u32, params->ssid_len, IEEE80211_MAX_SSID_LEN);
1523 memcpy(join_params.ssid_le.SSID, params->ssid, ssid_len);
1524 join_params.ssid_le.SSID_len = cpu_to_le32(ssid_len);
1525 join_params_size = sizeof(join_params.ssid_le);
1528 if (params->bssid) {
1529 memcpy(join_params.params_le.bssid, params->bssid, ETH_ALEN);
1530 join_params_size += BRCMF_ASSOC_PARAMS_FIXED_SIZE;
1531 memcpy(profile->bssid, params->bssid, ETH_ALEN);
1533 eth_broadcast_addr(join_params.params_le.bssid);
1534 eth_zero_addr(profile->bssid);
1538 if (params->chandef.chan) {
1542 ieee80211_frequency_to_channel(
1543 params->chandef.chan->center_freq);
1544 if (params->channel_fixed) {
1545 /* adding chanspec */
1546 chanspec = chandef_to_chanspec(&cfg->d11inf,
1548 join_params.params_le.chanspec_list[0] =
1549 cpu_to_le16(chanspec);
1550 join_params.params_le.chanspec_num = cpu_to_le32(1);
1551 join_params_size += sizeof(join_params.params_le);
1554 /* set channel for starter */
1555 target_channel = cfg->channel;
1556 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_CHANNEL,
1559 bphy_err(drvr, "WLC_SET_CHANNEL failed (%d)\n", err);
1565 cfg->ibss_starter = false;
1568 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
1569 &join_params, join_params_size);
1571 bphy_err(drvr, "WLC_SET_SSID failed (%d)\n", err);
1577 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
1578 brcmf_dbg(TRACE, "Exit\n");
1583 brcmf_cfg80211_leave_ibss(struct wiphy *wiphy, struct net_device *ndev)
1585 struct brcmf_if *ifp = netdev_priv(ndev);
1587 brcmf_dbg(TRACE, "Enter\n");
1588 if (!check_vif_up(ifp->vif)) {
1589 /* When driver is being unloaded, it can end up here. If an
1590 * error is returned then later on a debug trace in the wireless
1591 * core module will be printed. To avoid this 0 is returned.
1596 brcmf_link_down(ifp->vif, WLAN_REASON_DEAUTH_LEAVING, true);
1597 brcmf_net_setcarrier(ifp, false);
1599 brcmf_dbg(TRACE, "Exit\n");
1604 static s32 brcmf_set_wpa_version(struct net_device *ndev,
1605 struct cfg80211_connect_params *sme)
1607 struct brcmf_if *ifp = netdev_priv(ndev);
1608 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1609 struct brcmf_pub *drvr = ifp->drvr;
1610 struct brcmf_cfg80211_security *sec;
1614 if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_1)
1615 val = WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED;
1616 else if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_2)
1617 val = WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED;
1618 else if (sme->crypto.wpa_versions & NL80211_WPA_VERSION_3)
1619 val = WPA3_AUTH_SAE_PSK;
1621 val = WPA_AUTH_DISABLED;
1622 brcmf_dbg(CONN, "setting wpa_auth to 0x%0x\n", val);
1623 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", val);
1625 bphy_err(drvr, "set wpa_auth failed (%d)\n", err);
1628 sec = &profile->sec;
1629 sec->wpa_versions = sme->crypto.wpa_versions;
1633 static s32 brcmf_set_auth_type(struct net_device *ndev,
1634 struct cfg80211_connect_params *sme)
1636 struct brcmf_if *ifp = netdev_priv(ndev);
1637 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1638 struct brcmf_pub *drvr = ifp->drvr;
1639 struct brcmf_cfg80211_security *sec;
1643 switch (sme->auth_type) {
1644 case NL80211_AUTHTYPE_OPEN_SYSTEM:
1646 brcmf_dbg(CONN, "open system\n");
1648 case NL80211_AUTHTYPE_SHARED_KEY:
1650 brcmf_dbg(CONN, "shared key\n");
1652 case NL80211_AUTHTYPE_SAE:
1654 brcmf_dbg(CONN, "SAE authentication\n");
1658 brcmf_dbg(CONN, "automatic, auth type (%d)\n", sme->auth_type);
1662 err = brcmf_fil_bsscfg_int_set(ifp, "auth", val);
1664 bphy_err(drvr, "set auth failed (%d)\n", err);
1667 sec = &profile->sec;
1668 sec->auth_type = sme->auth_type;
1673 brcmf_set_wsec_mode(struct net_device *ndev,
1674 struct cfg80211_connect_params *sme)
1676 struct brcmf_if *ifp = netdev_priv(ndev);
1677 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1678 struct brcmf_pub *drvr = ifp->drvr;
1679 struct brcmf_cfg80211_security *sec;
1685 if (sme->crypto.n_ciphers_pairwise) {
1686 switch (sme->crypto.ciphers_pairwise[0]) {
1687 case WLAN_CIPHER_SUITE_WEP40:
1688 case WLAN_CIPHER_SUITE_WEP104:
1691 case WLAN_CIPHER_SUITE_TKIP:
1692 pval = TKIP_ENABLED;
1694 case WLAN_CIPHER_SUITE_CCMP:
1697 case WLAN_CIPHER_SUITE_AES_CMAC:
1701 bphy_err(drvr, "invalid cipher pairwise (%d)\n",
1702 sme->crypto.ciphers_pairwise[0]);
1706 if (sme->crypto.cipher_group) {
1707 switch (sme->crypto.cipher_group) {
1708 case WLAN_CIPHER_SUITE_WEP40:
1709 case WLAN_CIPHER_SUITE_WEP104:
1712 case WLAN_CIPHER_SUITE_TKIP:
1713 gval = TKIP_ENABLED;
1715 case WLAN_CIPHER_SUITE_CCMP:
1718 case WLAN_CIPHER_SUITE_AES_CMAC:
1722 bphy_err(drvr, "invalid cipher group (%d)\n",
1723 sme->crypto.cipher_group);
1728 brcmf_dbg(CONN, "pval (%d) gval (%d)\n", pval, gval);
1729 /* In case of privacy, but no security and WPS then simulate */
1730 /* setting AES. WPS-2.0 allows no security */
1731 if (brcmf_find_wpsie(sme->ie, sme->ie_len) && !pval && !gval &&
1736 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
1738 bphy_err(drvr, "error (%d)\n", err);
1742 sec = &profile->sec;
1743 sec->cipher_pairwise = sme->crypto.ciphers_pairwise[0];
1744 sec->cipher_group = sme->crypto.cipher_group;
1750 brcmf_set_key_mgmt(struct net_device *ndev, struct cfg80211_connect_params *sme)
1752 struct brcmf_if *ifp = netdev_priv(ndev);
1753 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
1754 struct brcmf_pub *drvr = ifp->drvr;
1757 const struct brcmf_tlv *rsn_ie;
1765 profile->use_fwsup = BRCMF_PROFILE_FWSUP_NONE;
1766 profile->is_ft = false;
1768 if (!sme->crypto.n_akm_suites)
1771 err = brcmf_fil_bsscfg_int_get(netdev_priv(ndev), "wpa_auth", &val);
1773 bphy_err(drvr, "could not get wpa_auth (%d)\n", err);
1776 if (val & (WPA_AUTH_PSK | WPA_AUTH_UNSPECIFIED)) {
1777 switch (sme->crypto.akm_suites[0]) {
1778 case WLAN_AKM_SUITE_8021X:
1779 val = WPA_AUTH_UNSPECIFIED;
1781 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1783 case WLAN_AKM_SUITE_PSK:
1787 bphy_err(drvr, "invalid cipher group (%d)\n",
1788 sme->crypto.cipher_group);
1791 } else if (val & (WPA2_AUTH_PSK | WPA2_AUTH_UNSPECIFIED)) {
1792 switch (sme->crypto.akm_suites[0]) {
1793 case WLAN_AKM_SUITE_8021X:
1794 val = WPA2_AUTH_UNSPECIFIED;
1796 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1798 case WLAN_AKM_SUITE_8021X_SHA256:
1799 val = WPA2_AUTH_1X_SHA256;
1801 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1803 case WLAN_AKM_SUITE_PSK_SHA256:
1804 val = WPA2_AUTH_PSK_SHA256;
1806 case WLAN_AKM_SUITE_PSK:
1807 val = WPA2_AUTH_PSK;
1809 case WLAN_AKM_SUITE_FT_8021X:
1810 val = WPA2_AUTH_UNSPECIFIED | WPA2_AUTH_FT;
1811 profile->is_ft = true;
1813 profile->use_fwsup = BRCMF_PROFILE_FWSUP_1X;
1815 case WLAN_AKM_SUITE_FT_PSK:
1816 val = WPA2_AUTH_PSK | WPA2_AUTH_FT;
1817 profile->is_ft = true;
1820 bphy_err(drvr, "invalid cipher group (%d)\n",
1821 sme->crypto.cipher_group);
1824 } else if (val & WPA3_AUTH_SAE_PSK) {
1825 switch (sme->crypto.akm_suites[0]) {
1826 case WLAN_AKM_SUITE_SAE:
1827 val = WPA3_AUTH_SAE_PSK;
1828 if (sme->crypto.sae_pwd) {
1829 brcmf_dbg(INFO, "using SAE offload\n");
1830 profile->use_fwsup = BRCMF_PROFILE_FWSUP_SAE;
1833 case WLAN_AKM_SUITE_FT_OVER_SAE:
1834 val = WPA3_AUTH_SAE_PSK | WPA2_AUTH_FT;
1835 profile->is_ft = true;
1836 if (sme->crypto.sae_pwd) {
1837 brcmf_dbg(INFO, "using SAE offload\n");
1838 profile->use_fwsup = BRCMF_PROFILE_FWSUP_SAE;
1842 bphy_err(drvr, "invalid cipher group (%d)\n",
1843 sme->crypto.cipher_group);
1848 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_1X)
1849 brcmf_dbg(INFO, "using 1X offload\n");
1851 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
1852 goto skip_mfp_config;
1853 /* The MFP mode (1 or 2) needs to be determined, parse IEs. The
1854 * IE will not be verified, just a quick search for MFP config
1856 rsn_ie = brcmf_parse_tlvs((const u8 *)sme->ie, sme->ie_len,
1859 goto skip_mfp_config;
1860 ie = (const u8 *)rsn_ie;
1861 ie_len = rsn_ie->len + TLV_HDR_LEN;
1862 /* Skip unicast suite */
1863 offset = TLV_HDR_LEN + WPA_IE_VERSION_LEN + WPA_IE_MIN_OUI_LEN;
1864 if (offset + WPA_IE_SUITE_COUNT_LEN >= ie_len)
1865 goto skip_mfp_config;
1866 /* Skip multicast suite */
1867 count = ie[offset] + (ie[offset + 1] << 8);
1868 offset += WPA_IE_SUITE_COUNT_LEN + (count * WPA_IE_MIN_OUI_LEN);
1869 if (offset + WPA_IE_SUITE_COUNT_LEN >= ie_len)
1870 goto skip_mfp_config;
1871 /* Skip auth key management suite(s) */
1872 count = ie[offset] + (ie[offset + 1] << 8);
1873 offset += WPA_IE_SUITE_COUNT_LEN + (count * WPA_IE_MIN_OUI_LEN);
1874 if (offset + WPA_IE_SUITE_COUNT_LEN > ie_len)
1875 goto skip_mfp_config;
1876 /* Ready to read capabilities */
1877 mfp = BRCMF_MFP_NONE;
1878 rsn_cap = ie[offset] + (ie[offset + 1] << 8);
1879 if (rsn_cap & RSN_CAP_MFPR_MASK)
1880 mfp = BRCMF_MFP_REQUIRED;
1881 else if (rsn_cap & RSN_CAP_MFPC_MASK)
1882 mfp = BRCMF_MFP_CAPABLE;
1883 brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "mfp", mfp);
1886 brcmf_dbg(CONN, "setting wpa_auth to %d\n", val);
1887 err = brcmf_fil_bsscfg_int_set(netdev_priv(ndev), "wpa_auth", val);
1889 bphy_err(drvr, "could not set wpa_auth (%d)\n", err);
1897 brcmf_set_sharedkey(struct net_device *ndev,
1898 struct cfg80211_connect_params *sme)
1900 struct brcmf_if *ifp = netdev_priv(ndev);
1901 struct brcmf_pub *drvr = ifp->drvr;
1902 struct brcmf_cfg80211_profile *profile = ndev_to_prof(ndev);
1903 struct brcmf_cfg80211_security *sec;
1904 struct brcmf_wsec_key key;
1908 brcmf_dbg(CONN, "key len (%d)\n", sme->key_len);
1910 if (sme->key_len == 0)
1913 sec = &profile->sec;
1914 brcmf_dbg(CONN, "wpa_versions 0x%x cipher_pairwise 0x%x\n",
1915 sec->wpa_versions, sec->cipher_pairwise);
1917 if (sec->wpa_versions & (NL80211_WPA_VERSION_1 | NL80211_WPA_VERSION_2 |
1918 NL80211_WPA_VERSION_3))
1921 if (!(sec->cipher_pairwise &
1922 (WLAN_CIPHER_SUITE_WEP40 | WLAN_CIPHER_SUITE_WEP104)))
1925 memset(&key, 0, sizeof(key));
1926 key.len = (u32) sme->key_len;
1927 key.index = (u32) sme->key_idx;
1928 if (key.len > sizeof(key.data)) {
1929 bphy_err(drvr, "Too long key length (%u)\n", key.len);
1932 memcpy(key.data, sme->key, key.len);
1933 key.flags = BRCMF_PRIMARY_KEY;
1934 switch (sec->cipher_pairwise) {
1935 case WLAN_CIPHER_SUITE_WEP40:
1936 key.algo = CRYPTO_ALGO_WEP1;
1938 case WLAN_CIPHER_SUITE_WEP104:
1939 key.algo = CRYPTO_ALGO_WEP128;
1942 bphy_err(drvr, "Invalid algorithm (%d)\n",
1943 sme->crypto.ciphers_pairwise[0]);
1946 /* Set the new key/index */
1947 brcmf_dbg(CONN, "key length (%d) key index (%d) algo (%d)\n",
1948 key.len, key.index, key.algo);
1949 brcmf_dbg(CONN, "key \"%s\"\n", key.data);
1950 err = send_key_to_dongle(ifp, &key);
1954 if (sec->auth_type == NL80211_AUTHTYPE_SHARED_KEY) {
1955 brcmf_dbg(CONN, "set auth_type to shared key\n");
1956 val = WL_AUTH_SHARED_KEY; /* shared key */
1957 err = brcmf_fil_bsscfg_int_set(ifp, "auth", val);
1959 bphy_err(drvr, "set auth failed (%d)\n", err);
1965 enum nl80211_auth_type brcmf_war_auth_type(struct brcmf_if *ifp,
1966 enum nl80211_auth_type type)
1968 if (type == NL80211_AUTHTYPE_AUTOMATIC &&
1969 brcmf_feat_is_quirk_enabled(ifp, BRCMF_FEAT_QUIRK_AUTO_AUTH)) {
1970 brcmf_dbg(CONN, "WAR: use OPEN instead of AUTO\n");
1971 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
1976 static void brcmf_set_join_pref(struct brcmf_if *ifp,
1977 struct cfg80211_bss_selection *bss_select)
1979 struct brcmf_pub *drvr = ifp->drvr;
1980 struct brcmf_join_pref_params join_pref_params[2];
1981 enum nl80211_band band;
1984 join_pref_params[i].len = 2;
1985 join_pref_params[i].rssi_gain = 0;
1987 if (bss_select->behaviour != NL80211_BSS_SELECT_ATTR_BAND_PREF)
1988 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_ASSOC_PREFER, WLC_BAND_AUTO);
1990 switch (bss_select->behaviour) {
1991 case __NL80211_BSS_SELECT_ATTR_INVALID:
1992 brcmf_c_set_joinpref_default(ifp);
1994 case NL80211_BSS_SELECT_ATTR_BAND_PREF:
1995 join_pref_params[i].type = BRCMF_JOIN_PREF_BAND;
1996 band = bss_select->param.band_pref;
1997 join_pref_params[i].band = nl80211_band_to_fwil(band);
2000 case NL80211_BSS_SELECT_ATTR_RSSI_ADJUST:
2001 join_pref_params[i].type = BRCMF_JOIN_PREF_RSSI_DELTA;
2002 band = bss_select->param.adjust.band;
2003 join_pref_params[i].band = nl80211_band_to_fwil(band);
2004 join_pref_params[i].rssi_gain = bss_select->param.adjust.delta;
2007 case NL80211_BSS_SELECT_ATTR_RSSI:
2011 join_pref_params[i].type = BRCMF_JOIN_PREF_RSSI;
2012 join_pref_params[i].len = 2;
2013 join_pref_params[i].rssi_gain = 0;
2014 join_pref_params[i].band = 0;
2015 err = brcmf_fil_iovar_data_set(ifp, "join_pref", join_pref_params,
2016 sizeof(join_pref_params));
2018 bphy_err(drvr, "Set join_pref error (%d)\n", err);
2022 brcmf_cfg80211_connect(struct wiphy *wiphy, struct net_device *ndev,
2023 struct cfg80211_connect_params *sme)
2025 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2026 struct brcmf_if *ifp = netdev_priv(ndev);
2027 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2028 struct ieee80211_channel *chan = sme->channel;
2029 struct brcmf_pub *drvr = ifp->drvr;
2030 struct brcmf_join_params join_params;
2031 size_t join_params_size;
2032 const struct brcmf_tlv *rsn_ie;
2033 const struct brcmf_vs_tlv *wpa_ie;
2036 struct brcmf_ext_join_params_le *ext_join_params;
2041 brcmf_dbg(TRACE, "Enter\n");
2042 if (!check_vif_up(ifp->vif))
2046 bphy_err(drvr, "Invalid ssid\n");
2050 if (ifp->vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif) {
2051 /* A normal (non P2P) connection request setup. */
2054 /* find the WPA_IE */
2055 wpa_ie = brcmf_find_wpaie((u8 *)sme->ie, sme->ie_len);
2058 ie_len = wpa_ie->len + TLV_HDR_LEN;
2060 /* find the RSN_IE */
2061 rsn_ie = brcmf_parse_tlvs((const u8 *)sme->ie,
2066 ie_len = rsn_ie->len + TLV_HDR_LEN;
2069 brcmf_fil_iovar_data_set(ifp, "wpaie", ie, ie_len);
2072 err = brcmf_vif_set_mgmt_ie(ifp->vif, BRCMF_VNDR_IE_ASSOCREQ_FLAG,
2073 sme->ie, sme->ie_len);
2075 bphy_err(drvr, "Set Assoc REQ IE Failed\n");
2077 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc request\n");
2079 set_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2083 ieee80211_frequency_to_channel(chan->center_freq);
2084 chanspec = channel_to_chanspec(&cfg->d11inf, chan);
2085 brcmf_dbg(CONN, "channel=%d, center_req=%d, chanspec=0x%04x\n",
2086 cfg->channel, chan->center_freq, chanspec);
2092 brcmf_dbg(INFO, "ie (%p), ie_len (%zd)\n", sme->ie, sme->ie_len);
2094 err = brcmf_set_wpa_version(ndev, sme);
2096 bphy_err(drvr, "wl_set_wpa_version failed (%d)\n", err);
2100 sme->auth_type = brcmf_war_auth_type(ifp, sme->auth_type);
2101 err = brcmf_set_auth_type(ndev, sme);
2103 bphy_err(drvr, "wl_set_auth_type failed (%d)\n", err);
2107 err = brcmf_set_wsec_mode(ndev, sme);
2109 bphy_err(drvr, "wl_set_set_cipher failed (%d)\n", err);
2113 err = brcmf_set_key_mgmt(ndev, sme);
2115 bphy_err(drvr, "wl_set_key_mgmt failed (%d)\n", err);
2119 err = brcmf_set_sharedkey(ndev, sme);
2121 bphy_err(drvr, "brcmf_set_sharedkey failed (%d)\n", err);
2125 if (sme->crypto.psk &&
2126 profile->use_fwsup != BRCMF_PROFILE_FWSUP_SAE) {
2127 if (WARN_ON(profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE)) {
2131 brcmf_dbg(INFO, "using PSK offload\n");
2132 profile->use_fwsup = BRCMF_PROFILE_FWSUP_PSK;
2135 if (profile->use_fwsup != BRCMF_PROFILE_FWSUP_NONE) {
2136 /* enable firmware supplicant for this interface */
2137 err = brcmf_fil_iovar_int_set(ifp, "sup_wpa", 1);
2139 bphy_err(drvr, "failed to enable fw supplicant\n");
2144 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_PSK)
2145 err = brcmf_set_pmk(ifp, sme->crypto.psk,
2146 BRCMF_WSEC_MAX_PSK_LEN);
2147 else if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_SAE) {
2148 /* clean up user-space RSNE */
2149 err = brcmf_fil_iovar_data_set(ifp, "wpaie", NULL, 0);
2151 bphy_err(drvr, "failed to clean up user-space RSNE\n");
2154 err = brcmf_set_sae_password(ifp, sme->crypto.sae_pwd,
2155 sme->crypto.sae_pwd_len);
2156 if (!err && sme->crypto.psk)
2157 err = brcmf_set_pmk(ifp, sme->crypto.psk,
2158 BRCMF_WSEC_MAX_PSK_LEN);
2163 /* Join with specific BSSID and cached SSID
2164 * If SSID is zero join based on BSSID only
2166 join_params_size = offsetof(struct brcmf_ext_join_params_le, assoc_le) +
2167 offsetof(struct brcmf_assoc_params_le, chanspec_list);
2169 join_params_size += sizeof(u16);
2170 ext_join_params = kzalloc(join_params_size, GFP_KERNEL);
2171 if (ext_join_params == NULL) {
2175 ssid_len = min_t(u32, sme->ssid_len, IEEE80211_MAX_SSID_LEN);
2176 ext_join_params->ssid_le.SSID_len = cpu_to_le32(ssid_len);
2177 memcpy(&ext_join_params->ssid_le.SSID, sme->ssid, ssid_len);
2178 if (ssid_len < IEEE80211_MAX_SSID_LEN)
2179 brcmf_dbg(CONN, "SSID \"%s\", len (%d)\n",
2180 ext_join_params->ssid_le.SSID, ssid_len);
2182 /* Set up join scan parameters */
2183 ext_join_params->scan_le.scan_type = -1;
2184 ext_join_params->scan_le.home_time = cpu_to_le32(-1);
2187 memcpy(&ext_join_params->assoc_le.bssid, sme->bssid, ETH_ALEN);
2189 eth_broadcast_addr(ext_join_params->assoc_le.bssid);
2192 ext_join_params->assoc_le.chanspec_num = cpu_to_le32(1);
2194 ext_join_params->assoc_le.chanspec_list[0] =
2195 cpu_to_le16(chanspec);
2196 /* Increase dwell time to receive probe response or detect
2197 * beacon from target AP at a noisy air only during connect
2200 ext_join_params->scan_le.active_time =
2201 cpu_to_le32(BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS);
2202 ext_join_params->scan_le.passive_time =
2203 cpu_to_le32(BRCMF_SCAN_JOIN_PASSIVE_DWELL_TIME_MS);
2204 /* To sync with presence period of VSDB GO send probe request
2205 * more frequently. Probe request will be stopped when it gets
2206 * probe response from target AP/GO.
2208 ext_join_params->scan_le.nprobes =
2209 cpu_to_le32(BRCMF_SCAN_JOIN_ACTIVE_DWELL_TIME_MS /
2210 BRCMF_SCAN_JOIN_PROBE_INTERVAL_MS);
2212 ext_join_params->scan_le.active_time = cpu_to_le32(-1);
2213 ext_join_params->scan_le.passive_time = cpu_to_le32(-1);
2214 ext_join_params->scan_le.nprobes = cpu_to_le32(-1);
2217 brcmf_set_join_pref(ifp, &sme->bss_select);
2219 err = brcmf_fil_bsscfg_data_set(ifp, "join", ext_join_params,
2221 kfree(ext_join_params);
2223 /* This is it. join command worked, we are done */
2226 /* join command failed, fallback to set ssid */
2227 memset(&join_params, 0, sizeof(join_params));
2228 join_params_size = sizeof(join_params.ssid_le);
2230 memcpy(&join_params.ssid_le.SSID, sme->ssid, ssid_len);
2231 join_params.ssid_le.SSID_len = cpu_to_le32(ssid_len);
2234 memcpy(join_params.params_le.bssid, sme->bssid, ETH_ALEN);
2236 eth_broadcast_addr(join_params.params_le.bssid);
2239 join_params.params_le.chanspec_list[0] = cpu_to_le16(chanspec);
2240 join_params.params_le.chanspec_num = cpu_to_le32(1);
2241 join_params_size += sizeof(join_params.params_le);
2243 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
2244 &join_params, join_params_size);
2246 bphy_err(drvr, "BRCMF_C_SET_SSID failed (%d)\n", err);
2250 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2251 brcmf_dbg(TRACE, "Exit\n");
2256 brcmf_cfg80211_disconnect(struct wiphy *wiphy, struct net_device *ndev,
2259 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2260 struct brcmf_if *ifp = netdev_priv(ndev);
2261 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2262 struct brcmf_pub *drvr = cfg->pub;
2263 struct brcmf_scb_val_le scbval;
2266 brcmf_dbg(TRACE, "Enter. Reason code = %d\n", reason_code);
2267 if (!check_vif_up(ifp->vif))
2270 clear_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state);
2271 clear_bit(BRCMF_VIF_STATUS_CONNECTING, &ifp->vif->sme_state);
2272 cfg80211_disconnected(ndev, reason_code, NULL, 0, true, GFP_KERNEL);
2274 memcpy(&scbval.ea, &profile->bssid, ETH_ALEN);
2275 scbval.val = cpu_to_le32(reason_code);
2276 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_DISASSOC,
2277 &scbval, sizeof(scbval));
2279 bphy_err(drvr, "error (%d)\n", err);
2281 brcmf_dbg(TRACE, "Exit\n");
2286 brcmf_cfg80211_set_tx_power(struct wiphy *wiphy, struct wireless_dev *wdev,
2287 enum nl80211_tx_power_setting type, s32 mbm)
2289 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2290 struct net_device *ndev = cfg_to_ndev(cfg);
2291 struct brcmf_if *ifp = netdev_priv(ndev);
2292 struct brcmf_pub *drvr = cfg->pub;
2297 brcmf_dbg(TRACE, "Enter %d %d\n", type, mbm);
2298 if (!check_vif_up(ifp->vif))
2302 case NL80211_TX_POWER_AUTOMATIC:
2304 case NL80211_TX_POWER_LIMITED:
2305 case NL80211_TX_POWER_FIXED:
2307 bphy_err(drvr, "TX_POWER_FIXED - dbm is negative\n");
2311 qdbm = MBM_TO_DBM(4 * mbm);
2314 qdbm |= WL_TXPWR_OVERRIDE;
2317 bphy_err(drvr, "Unsupported type %d\n", type);
2321 /* Make sure radio is off or on as far as software is concerned */
2322 disable = WL_RADIO_SW_DISABLE << 16;
2323 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_RADIO, disable);
2325 bphy_err(drvr, "WLC_SET_RADIO error (%d)\n", err);
2327 err = brcmf_fil_iovar_int_set(ifp, "qtxpower", qdbm);
2329 bphy_err(drvr, "qtxpower error (%d)\n", err);
2332 brcmf_dbg(TRACE, "Exit %d (qdbm)\n", qdbm & ~WL_TXPWR_OVERRIDE);
2337 brcmf_cfg80211_get_tx_power(struct wiphy *wiphy, struct wireless_dev *wdev,
2340 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2341 struct brcmf_cfg80211_vif *vif = wdev_to_vif(wdev);
2342 struct brcmf_pub *drvr = cfg->pub;
2346 brcmf_dbg(TRACE, "Enter\n");
2347 if (!check_vif_up(vif))
2350 err = brcmf_fil_iovar_int_get(vif->ifp, "qtxpower", &qdbm);
2352 bphy_err(drvr, "error (%d)\n", err);
2355 *dbm = (qdbm & ~WL_TXPWR_OVERRIDE) / 4;
2358 brcmf_dbg(TRACE, "Exit (0x%x %d)\n", qdbm, *dbm);
2363 brcmf_cfg80211_config_default_key(struct wiphy *wiphy, struct net_device *ndev,
2364 u8 key_idx, bool unicast, bool multicast)
2366 struct brcmf_if *ifp = netdev_priv(ndev);
2367 struct brcmf_pub *drvr = ifp->drvr;
2372 brcmf_dbg(TRACE, "Enter\n");
2373 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2374 if (!check_vif_up(ifp->vif))
2377 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2379 bphy_err(drvr, "WLC_GET_WSEC error (%d)\n", err);
2383 if (wsec & WEP_ENABLED) {
2384 /* Just select a new current key */
2386 err = brcmf_fil_cmd_int_set(ifp,
2387 BRCMF_C_SET_KEY_PRIMARY, index);
2389 bphy_err(drvr, "error (%d)\n", err);
2392 brcmf_dbg(TRACE, "Exit\n");
2397 brcmf_cfg80211_del_key(struct wiphy *wiphy, struct net_device *ndev,
2398 u8 key_idx, bool pairwise, const u8 *mac_addr)
2400 struct brcmf_if *ifp = netdev_priv(ndev);
2401 struct brcmf_wsec_key *key;
2404 brcmf_dbg(TRACE, "Enter\n");
2405 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2407 if (!check_vif_up(ifp->vif))
2410 if (key_idx >= BRCMF_MAX_DEFAULT_KEYS) {
2411 /* we ignore this key index in this case */
2415 key = &ifp->vif->profile.key[key_idx];
2417 if (key->algo == CRYPTO_ALGO_OFF) {
2418 brcmf_dbg(CONN, "Ignore clearing of (never configured) key\n");
2422 memset(key, 0, sizeof(*key));
2423 key->index = (u32)key_idx;
2424 key->flags = BRCMF_PRIMARY_KEY;
2426 /* Clear the key/index */
2427 err = send_key_to_dongle(ifp, key);
2429 brcmf_dbg(TRACE, "Exit\n");
2434 brcmf_cfg80211_add_key(struct wiphy *wiphy, struct net_device *ndev,
2435 u8 key_idx, bool pairwise, const u8 *mac_addr,
2436 struct key_params *params)
2438 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2439 struct brcmf_if *ifp = netdev_priv(ndev);
2440 struct brcmf_pub *drvr = cfg->pub;
2441 struct brcmf_wsec_key *key;
2448 brcmf_dbg(TRACE, "Enter\n");
2449 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2450 if (!check_vif_up(ifp->vif))
2453 if (key_idx >= BRCMF_MAX_DEFAULT_KEYS) {
2454 /* we ignore this key index in this case */
2455 bphy_err(drvr, "invalid key index (%d)\n", key_idx);
2459 if (params->key_len == 0)
2460 return brcmf_cfg80211_del_key(wiphy, ndev, key_idx, pairwise,
2463 if (params->key_len > sizeof(key->data)) {
2464 bphy_err(drvr, "Too long key length (%u)\n", params->key_len);
2469 if (mac_addr && (params->cipher != WLAN_CIPHER_SUITE_WEP40) &&
2470 (params->cipher != WLAN_CIPHER_SUITE_WEP104)) {
2471 brcmf_dbg(TRACE, "Ext key, mac %pM", mac_addr);
2475 key = &ifp->vif->profile.key[key_idx];
2476 memset(key, 0, sizeof(*key));
2477 if ((ext_key) && (!is_multicast_ether_addr(mac_addr)))
2478 memcpy((char *)&key->ea, (void *)mac_addr, ETH_ALEN);
2479 key->len = params->key_len;
2480 key->index = key_idx;
2481 memcpy(key->data, params->key, key->len);
2483 key->flags = BRCMF_PRIMARY_KEY;
2485 if (params->seq && params->seq_len == 6) {
2489 ivptr = (u8 *)params->seq;
2490 key->rxiv.hi = (ivptr[5] << 24) | (ivptr[4] << 16) |
2491 (ivptr[3] << 8) | ivptr[2];
2492 key->rxiv.lo = (ivptr[1] << 8) | ivptr[0];
2493 key->iv_initialized = true;
2496 switch (params->cipher) {
2497 case WLAN_CIPHER_SUITE_WEP40:
2498 key->algo = CRYPTO_ALGO_WEP1;
2500 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP40\n");
2502 case WLAN_CIPHER_SUITE_WEP104:
2503 key->algo = CRYPTO_ALGO_WEP128;
2505 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP104\n");
2507 case WLAN_CIPHER_SUITE_TKIP:
2508 if (!brcmf_is_apmode(ifp->vif)) {
2509 brcmf_dbg(CONN, "Swapping RX/TX MIC key\n");
2510 memcpy(keybuf, &key->data[24], sizeof(keybuf));
2511 memcpy(&key->data[24], &key->data[16], sizeof(keybuf));
2512 memcpy(&key->data[16], keybuf, sizeof(keybuf));
2514 key->algo = CRYPTO_ALGO_TKIP;
2516 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_TKIP\n");
2518 case WLAN_CIPHER_SUITE_AES_CMAC:
2519 key->algo = CRYPTO_ALGO_AES_CCM;
2521 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_AES_CMAC\n");
2523 case WLAN_CIPHER_SUITE_CCMP:
2524 key->algo = CRYPTO_ALGO_AES_CCM;
2526 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_CCMP\n");
2529 bphy_err(drvr, "Invalid cipher (0x%x)\n", params->cipher);
2534 err = send_key_to_dongle(ifp, key);
2538 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2540 bphy_err(drvr, "get wsec error (%d)\n", err);
2544 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
2546 bphy_err(drvr, "set wsec error (%d)\n", err);
2551 brcmf_dbg(TRACE, "Exit\n");
2556 brcmf_cfg80211_get_key(struct wiphy *wiphy, struct net_device *ndev, u8 key_idx,
2557 bool pairwise, const u8 *mac_addr, void *cookie,
2558 void (*callback)(void *cookie,
2559 struct key_params *params))
2561 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2562 struct key_params params;
2563 struct brcmf_if *ifp = netdev_priv(ndev);
2564 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
2565 struct brcmf_pub *drvr = cfg->pub;
2566 struct brcmf_cfg80211_security *sec;
2570 brcmf_dbg(TRACE, "Enter\n");
2571 brcmf_dbg(CONN, "key index (%d)\n", key_idx);
2572 if (!check_vif_up(ifp->vif))
2575 memset(¶ms, 0, sizeof(params));
2577 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2579 bphy_err(drvr, "WLC_GET_WSEC error (%d)\n", err);
2580 /* Ignore this error, may happen during DISASSOC */
2584 if (wsec & WEP_ENABLED) {
2585 sec = &profile->sec;
2586 if (sec->cipher_pairwise & WLAN_CIPHER_SUITE_WEP40) {
2587 params.cipher = WLAN_CIPHER_SUITE_WEP40;
2588 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP40\n");
2589 } else if (sec->cipher_pairwise & WLAN_CIPHER_SUITE_WEP104) {
2590 params.cipher = WLAN_CIPHER_SUITE_WEP104;
2591 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_WEP104\n");
2593 } else if (wsec & TKIP_ENABLED) {
2594 params.cipher = WLAN_CIPHER_SUITE_TKIP;
2595 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_TKIP\n");
2596 } else if (wsec & AES_ENABLED) {
2597 params.cipher = WLAN_CIPHER_SUITE_AES_CMAC;
2598 brcmf_dbg(CONN, "WLAN_CIPHER_SUITE_AES_CMAC\n");
2600 bphy_err(drvr, "Invalid algo (0x%x)\n", wsec);
2604 callback(cookie, ¶ms);
2607 brcmf_dbg(TRACE, "Exit\n");
2612 brcmf_cfg80211_config_default_mgmt_key(struct wiphy *wiphy,
2613 struct net_device *ndev, u8 key_idx)
2615 struct brcmf_if *ifp = netdev_priv(ndev);
2617 brcmf_dbg(TRACE, "Enter key_idx %d\n", key_idx);
2619 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
2622 brcmf_dbg(INFO, "Not supported\n");
2628 brcmf_cfg80211_reconfigure_wep(struct brcmf_if *ifp)
2630 struct brcmf_pub *drvr = ifp->drvr;
2633 struct brcmf_wsec_key *key;
2636 for (key_idx = 0; key_idx < BRCMF_MAX_DEFAULT_KEYS; key_idx++) {
2637 key = &ifp->vif->profile.key[key_idx];
2638 if ((key->algo == CRYPTO_ALGO_WEP1) ||
2639 (key->algo == CRYPTO_ALGO_WEP128))
2642 if (key_idx == BRCMF_MAX_DEFAULT_KEYS)
2645 err = send_key_to_dongle(ifp, key);
2647 bphy_err(drvr, "Setting WEP key failed (%d)\n", err);
2650 err = brcmf_fil_bsscfg_int_get(ifp, "wsec", &wsec);
2652 bphy_err(drvr, "get wsec error (%d)\n", err);
2655 wsec |= WEP_ENABLED;
2656 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
2658 bphy_err(drvr, "set wsec error (%d)\n", err);
2661 static void brcmf_convert_sta_flags(u32 fw_sta_flags, struct station_info *si)
2663 struct nl80211_sta_flag_update *sfu;
2665 brcmf_dbg(TRACE, "flags %08x\n", fw_sta_flags);
2666 si->filled |= BIT_ULL(NL80211_STA_INFO_STA_FLAGS);
2667 sfu = &si->sta_flags;
2668 sfu->mask = BIT(NL80211_STA_FLAG_WME) |
2669 BIT(NL80211_STA_FLAG_AUTHENTICATED) |
2670 BIT(NL80211_STA_FLAG_ASSOCIATED) |
2671 BIT(NL80211_STA_FLAG_AUTHORIZED);
2672 if (fw_sta_flags & BRCMF_STA_WME)
2673 sfu->set |= BIT(NL80211_STA_FLAG_WME);
2674 if (fw_sta_flags & BRCMF_STA_AUTHE)
2675 sfu->set |= BIT(NL80211_STA_FLAG_AUTHENTICATED);
2676 if (fw_sta_flags & BRCMF_STA_ASSOC)
2677 sfu->set |= BIT(NL80211_STA_FLAG_ASSOCIATED);
2678 if (fw_sta_flags & BRCMF_STA_AUTHO)
2679 sfu->set |= BIT(NL80211_STA_FLAG_AUTHORIZED);
2682 static void brcmf_fill_bss_param(struct brcmf_if *ifp, struct station_info *si)
2684 struct brcmf_pub *drvr = ifp->drvr;
2687 struct brcmf_bss_info_le bss_le;
2692 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
2696 buf->len = cpu_to_le32(WL_BSS_INFO_MAX);
2697 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO, buf,
2700 bphy_err(drvr, "Failed to get bss info (%d)\n", err);
2703 si->filled |= BIT_ULL(NL80211_STA_INFO_BSS_PARAM);
2704 si->bss_param.beacon_interval = le16_to_cpu(buf->bss_le.beacon_period);
2705 si->bss_param.dtim_period = buf->bss_le.dtim_period;
2706 capability = le16_to_cpu(buf->bss_le.capability);
2707 if (capability & IEEE80211_HT_STBC_PARAM_DUAL_CTS_PROT)
2708 si->bss_param.flags |= BSS_PARAM_FLAGS_CTS_PROT;
2709 if (capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
2710 si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_PREAMBLE;
2711 if (capability & WLAN_CAPABILITY_SHORT_SLOT_TIME)
2712 si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_SLOT_TIME;
2719 brcmf_cfg80211_get_station_ibss(struct brcmf_if *ifp,
2720 struct station_info *sinfo)
2722 struct brcmf_pub *drvr = ifp->drvr;
2723 struct brcmf_scb_val_le scbval;
2724 struct brcmf_pktcnt_le pktcnt;
2729 /* Get the current tx rate */
2730 err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_RATE, &rate);
2732 bphy_err(drvr, "BRCMF_C_GET_RATE error (%d)\n", err);
2735 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
2736 sinfo->txrate.legacy = rate * 5;
2738 memset(&scbval, 0, sizeof(scbval));
2739 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_RSSI, &scbval,
2742 bphy_err(drvr, "BRCMF_C_GET_RSSI error (%d)\n", err);
2745 rssi = le32_to_cpu(scbval.val);
2746 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
2747 sinfo->signal = rssi;
2749 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_GET_PKTCNTS, &pktcnt,
2752 bphy_err(drvr, "BRCMF_C_GET_GET_PKTCNTS error (%d)\n", err);
2755 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_PACKETS) |
2756 BIT_ULL(NL80211_STA_INFO_RX_DROP_MISC) |
2757 BIT_ULL(NL80211_STA_INFO_TX_PACKETS) |
2758 BIT_ULL(NL80211_STA_INFO_TX_FAILED);
2759 sinfo->rx_packets = le32_to_cpu(pktcnt.rx_good_pkt);
2760 sinfo->rx_dropped_misc = le32_to_cpu(pktcnt.rx_bad_pkt);
2761 sinfo->tx_packets = le32_to_cpu(pktcnt.tx_good_pkt);
2762 sinfo->tx_failed = le32_to_cpu(pktcnt.tx_bad_pkt);
2768 brcmf_cfg80211_get_station(struct wiphy *wiphy, struct net_device *ndev,
2769 const u8 *mac, struct station_info *sinfo)
2771 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2772 struct brcmf_if *ifp = netdev_priv(ndev);
2773 struct brcmf_pub *drvr = cfg->pub;
2774 struct brcmf_scb_val_le scb_val;
2776 struct brcmf_sta_info_le sta_info_le;
2779 s32 total_rssi_avg = 0;
2785 brcmf_dbg(TRACE, "Enter, MAC %pM\n", mac);
2786 if (!check_vif_up(ifp->vif))
2789 if (brcmf_is_ibssmode(ifp->vif))
2790 return brcmf_cfg80211_get_station_ibss(ifp, sinfo);
2792 memset(&sta_info_le, 0, sizeof(sta_info_le));
2793 memcpy(&sta_info_le, mac, ETH_ALEN);
2794 err = brcmf_fil_iovar_data_get(ifp, "tdls_sta_info",
2796 sizeof(sta_info_le));
2797 is_tdls_peer = !err;
2799 err = brcmf_fil_iovar_data_get(ifp, "sta_info",
2801 sizeof(sta_info_le));
2803 bphy_err(drvr, "GET STA INFO failed, %d\n", err);
2807 brcmf_dbg(TRACE, "version %d\n", le16_to_cpu(sta_info_le.ver));
2808 sinfo->filled = BIT_ULL(NL80211_STA_INFO_INACTIVE_TIME);
2809 sinfo->inactive_time = le32_to_cpu(sta_info_le.idle) * 1000;
2810 sta_flags = le32_to_cpu(sta_info_le.flags);
2811 brcmf_convert_sta_flags(sta_flags, sinfo);
2812 sinfo->sta_flags.mask |= BIT(NL80211_STA_FLAG_TDLS_PEER);
2814 sinfo->sta_flags.set |= BIT(NL80211_STA_FLAG_TDLS_PEER);
2816 sinfo->sta_flags.set &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
2817 if (sta_flags & BRCMF_STA_ASSOC) {
2818 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_CONNECTED_TIME);
2819 sinfo->connected_time = le32_to_cpu(sta_info_le.in);
2820 brcmf_fill_bss_param(ifp, sinfo);
2822 if (sta_flags & BRCMF_STA_SCBSTATS) {
2823 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_FAILED);
2824 sinfo->tx_failed = le32_to_cpu(sta_info_le.tx_failures);
2825 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_PACKETS);
2826 sinfo->tx_packets = le32_to_cpu(sta_info_le.tx_pkts);
2827 sinfo->tx_packets += le32_to_cpu(sta_info_le.tx_mcast_pkts);
2828 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_PACKETS);
2829 sinfo->rx_packets = le32_to_cpu(sta_info_le.rx_ucast_pkts);
2830 sinfo->rx_packets += le32_to_cpu(sta_info_le.rx_mcast_pkts);
2831 if (sinfo->tx_packets) {
2832 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
2833 sinfo->txrate.legacy =
2834 le32_to_cpu(sta_info_le.tx_rate) / 100;
2836 if (sinfo->rx_packets) {
2837 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BITRATE);
2838 sinfo->rxrate.legacy =
2839 le32_to_cpu(sta_info_le.rx_rate) / 100;
2841 if (le16_to_cpu(sta_info_le.ver) >= 4) {
2842 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BYTES);
2843 sinfo->tx_bytes = le64_to_cpu(sta_info_le.tx_tot_bytes);
2844 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BYTES);
2845 sinfo->rx_bytes = le64_to_cpu(sta_info_le.rx_tot_bytes);
2847 for (i = 0; i < BRCMF_ANT_MAX; i++) {
2848 if (sta_info_le.rssi[i] == 0 ||
2849 sta_info_le.rx_lastpkt_rssi[i] == 0)
2851 sinfo->chains |= BIT(count_rssi);
2852 sinfo->chain_signal[count_rssi] =
2853 sta_info_le.rx_lastpkt_rssi[i];
2854 sinfo->chain_signal_avg[count_rssi] =
2855 sta_info_le.rssi[i];
2856 total_rssi += sta_info_le.rx_lastpkt_rssi[i];
2857 total_rssi_avg += sta_info_le.rssi[i];
2861 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
2862 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL_AVG);
2863 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL);
2865 BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL_AVG);
2866 sinfo->signal = total_rssi / count_rssi;
2867 sinfo->signal_avg = total_rssi_avg / count_rssi;
2868 } else if (test_bit(BRCMF_VIF_STATUS_CONNECTED,
2869 &ifp->vif->sme_state)) {
2870 memset(&scb_val, 0, sizeof(scb_val));
2871 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_RSSI,
2872 &scb_val, sizeof(scb_val));
2874 bphy_err(drvr, "Could not get rssi (%d)\n",
2878 rssi = le32_to_cpu(scb_val.val);
2879 sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
2880 sinfo->signal = rssi;
2881 brcmf_dbg(CONN, "RSSI %d dBm\n", rssi);
2886 brcmf_dbg(TRACE, "Exit\n");
2891 brcmf_cfg80211_dump_station(struct wiphy *wiphy, struct net_device *ndev,
2892 int idx, u8 *mac, struct station_info *sinfo)
2894 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2895 struct brcmf_if *ifp = netdev_priv(ndev);
2896 struct brcmf_pub *drvr = cfg->pub;
2899 brcmf_dbg(TRACE, "Enter, idx %d\n", idx);
2902 cfg->assoclist.count = cpu_to_le32(BRCMF_MAX_ASSOCLIST);
2903 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_ASSOCLIST,
2905 sizeof(cfg->assoclist));
2907 /* GET_ASSOCLIST unsupported by firmware of older chips */
2909 bphy_info_once(drvr, "BRCMF_C_GET_ASSOCLIST unsupported\n");
2911 bphy_err(drvr, "BRCMF_C_GET_ASSOCLIST failed, err=%d\n",
2914 cfg->assoclist.count = 0;
2918 if (idx < le32_to_cpu(cfg->assoclist.count)) {
2919 memcpy(mac, cfg->assoclist.mac[idx], ETH_ALEN);
2920 return brcmf_cfg80211_get_station(wiphy, ndev, mac, sinfo);
2926 brcmf_cfg80211_set_power_mgmt(struct wiphy *wiphy, struct net_device *ndev,
2927 bool enabled, s32 timeout)
2931 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
2932 struct brcmf_if *ifp = netdev_priv(ndev);
2933 struct brcmf_pub *drvr = cfg->pub;
2935 brcmf_dbg(TRACE, "Enter\n");
2938 * Powersave enable/disable request is coming from the
2939 * cfg80211 even before the interface is up. In that
2940 * scenario, driver will be storing the power save
2941 * preference in cfg struct to apply this to
2942 * FW later while initializing the dongle
2944 cfg->pwr_save = enabled;
2945 if (!check_vif_up(ifp->vif)) {
2947 brcmf_dbg(INFO, "Device is not ready, storing the value in cfg_info struct\n");
2951 pm = enabled ? PM_FAST : PM_OFF;
2952 /* Do not enable the power save after assoc if it is a p2p interface */
2953 if (ifp->vif->wdev.iftype == NL80211_IFTYPE_P2P_CLIENT) {
2954 brcmf_dbg(INFO, "Do not enable power save for P2P clients\n");
2957 brcmf_info("power save %s\n", (pm ? "enabled" : "disabled"));
2959 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, pm);
2962 bphy_err(drvr, "net_device is not ready yet\n");
2964 bphy_err(drvr, "error (%d)\n", err);
2967 timeout = 2000; /* 2000ms - the maximum */
2968 err = brcmf_fil_iovar_int_set(ifp, "pm2_sleep_ret",
2969 min_t(u32, timeout, BRCMF_PS_MAX_TIMEOUT_MS));
2971 bphy_err(drvr, "Unable to set pm timeout, (%d)\n", err);
2974 brcmf_dbg(TRACE, "Exit\n");
2978 static s32 brcmf_inform_single_bss(struct brcmf_cfg80211_info *cfg,
2979 struct brcmf_bss_info_le *bi)
2981 struct wiphy *wiphy = cfg_to_wiphy(cfg);
2982 struct brcmf_pub *drvr = cfg->pub;
2983 struct cfg80211_bss *bss;
2984 enum nl80211_band band;
2985 struct brcmu_chan ch;
2988 u16 notify_capability;
2989 u16 notify_interval;
2991 size_t notify_ielen;
2992 struct cfg80211_inform_bss bss_data = {};
2994 if (le32_to_cpu(bi->length) > WL_BSS_INFO_MAX) {
2995 bphy_err(drvr, "Bss info is larger than buffer. Discarding\n");
3000 ch.chspec = le16_to_cpu(bi->chanspec);
3001 cfg->d11inf.decchspec(&ch);
3002 bi->ctl_ch = ch.control_ch_num;
3004 channel = bi->ctl_ch;
3006 if (channel <= CH_MAX_2G_CHANNEL)
3007 band = NL80211_BAND_2GHZ;
3009 band = NL80211_BAND_5GHZ;
3011 freq = ieee80211_channel_to_frequency(channel, band);
3012 bss_data.chan = ieee80211_get_channel(wiphy, freq);
3013 bss_data.scan_width = NL80211_BSS_CHAN_WIDTH_20;
3014 bss_data.boottime_ns = ktime_to_ns(ktime_get_boottime());
3016 notify_capability = le16_to_cpu(bi->capability);
3017 notify_interval = le16_to_cpu(bi->beacon_period);
3018 notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset);
3019 notify_ielen = le32_to_cpu(bi->ie_length);
3020 bss_data.signal = (s16)le16_to_cpu(bi->RSSI) * 100;
3022 brcmf_dbg(CONN, "bssid: %pM\n", bi->BSSID);
3023 brcmf_dbg(CONN, "Channel: %d(%d)\n", channel, freq);
3024 brcmf_dbg(CONN, "Capability: %X\n", notify_capability);
3025 brcmf_dbg(CONN, "Beacon interval: %d\n", notify_interval);
3026 brcmf_dbg(CONN, "Signal: %d\n", bss_data.signal);
3028 bss = cfg80211_inform_bss_data(wiphy, &bss_data,
3029 CFG80211_BSS_FTYPE_UNKNOWN,
3030 (const u8 *)bi->BSSID,
3031 0, notify_capability,
3032 notify_interval, notify_ie,
3033 notify_ielen, GFP_KERNEL);
3038 cfg80211_put_bss(wiphy, bss);
3043 static struct brcmf_bss_info_le *
3044 next_bss_le(struct brcmf_scan_results *list, struct brcmf_bss_info_le *bss)
3047 return list->bss_info_le;
3048 return (struct brcmf_bss_info_le *)((unsigned long)bss +
3049 le32_to_cpu(bss->length));
3052 static s32 brcmf_inform_bss(struct brcmf_cfg80211_info *cfg)
3054 struct brcmf_pub *drvr = cfg->pub;
3055 struct brcmf_scan_results *bss_list;
3056 struct brcmf_bss_info_le *bi = NULL; /* must be initialized */
3060 bss_list = (struct brcmf_scan_results *)cfg->escan_info.escan_buf;
3061 if (bss_list->count != 0 &&
3062 bss_list->version != BRCMF_BSS_INFO_VERSION) {
3063 bphy_err(drvr, "Version %d != WL_BSS_INFO_VERSION\n",
3067 brcmf_dbg(SCAN, "scanned AP count (%d)\n", bss_list->count);
3068 for (i = 0; i < bss_list->count; i++) {
3069 bi = next_bss_le(bss_list, bi);
3070 err = brcmf_inform_single_bss(cfg, bi);
3077 static s32 brcmf_inform_ibss(struct brcmf_cfg80211_info *cfg,
3078 struct net_device *ndev, const u8 *bssid)
3080 struct wiphy *wiphy = cfg_to_wiphy(cfg);
3081 struct brcmf_pub *drvr = cfg->pub;
3082 struct ieee80211_channel *notify_channel;
3083 struct brcmf_bss_info_le *bi = NULL;
3084 struct ieee80211_supported_band *band;
3085 struct cfg80211_bss *bss;
3086 struct brcmu_chan ch;
3090 u16 notify_capability;
3091 u16 notify_interval;
3093 size_t notify_ielen;
3096 brcmf_dbg(TRACE, "Enter\n");
3098 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
3104 *(__le32 *)buf = cpu_to_le32(WL_BSS_INFO_MAX);
3106 err = brcmf_fil_cmd_data_get(netdev_priv(ndev), BRCMF_C_GET_BSS_INFO,
3107 buf, WL_BSS_INFO_MAX);
3109 bphy_err(drvr, "WLC_GET_BSS_INFO failed: %d\n", err);
3113 bi = (struct brcmf_bss_info_le *)(buf + 4);
3115 ch.chspec = le16_to_cpu(bi->chanspec);
3116 cfg->d11inf.decchspec(&ch);
3118 if (ch.band == BRCMU_CHAN_BAND_2G)
3119 band = wiphy->bands[NL80211_BAND_2GHZ];
3121 band = wiphy->bands[NL80211_BAND_5GHZ];
3123 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band->band);
3124 cfg->channel = freq;
3125 notify_channel = ieee80211_get_channel(wiphy, freq);
3127 notify_capability = le16_to_cpu(bi->capability);
3128 notify_interval = le16_to_cpu(bi->beacon_period);
3129 notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset);
3130 notify_ielen = le32_to_cpu(bi->ie_length);
3131 notify_signal = (s16)le16_to_cpu(bi->RSSI) * 100;
3133 brcmf_dbg(CONN, "channel: %d(%d)\n", ch.control_ch_num, freq);
3134 brcmf_dbg(CONN, "capability: %X\n", notify_capability);
3135 brcmf_dbg(CONN, "beacon interval: %d\n", notify_interval);
3136 brcmf_dbg(CONN, "signal: %d\n", notify_signal);
3138 bss = cfg80211_inform_bss(wiphy, notify_channel,
3139 CFG80211_BSS_FTYPE_UNKNOWN, bssid, 0,
3140 notify_capability, notify_interval,
3141 notify_ie, notify_ielen, notify_signal,
3149 cfg80211_put_bss(wiphy, bss);
3155 brcmf_dbg(TRACE, "Exit\n");
3160 static s32 brcmf_update_bss_info(struct brcmf_cfg80211_info *cfg,
3161 struct brcmf_if *ifp)
3163 struct brcmf_pub *drvr = cfg->pub;
3164 struct brcmf_bss_info_le *bi;
3165 const struct brcmf_tlv *tim;
3170 brcmf_dbg(TRACE, "Enter\n");
3171 if (brcmf_is_ibssmode(ifp->vif))
3174 *(__le32 *)cfg->extra_buf = cpu_to_le32(WL_EXTRA_BUF_MAX);
3175 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO,
3176 cfg->extra_buf, WL_EXTRA_BUF_MAX);
3178 bphy_err(drvr, "Could not get bss info %d\n", err);
3179 goto update_bss_info_out;
3182 bi = (struct brcmf_bss_info_le *)(cfg->extra_buf + 4);
3183 err = brcmf_inform_single_bss(cfg, bi);
3185 goto update_bss_info_out;
3187 ie = ((u8 *)bi) + le16_to_cpu(bi->ie_offset);
3188 ie_len = le32_to_cpu(bi->ie_length);
3190 tim = brcmf_parse_tlvs(ie, ie_len, WLAN_EID_TIM);
3193 * active scan was done so we could not get dtim
3194 * information out of probe response.
3195 * so we speficially query dtim information to dongle.
3198 err = brcmf_fil_iovar_int_get(ifp, "dtim_assoc", &var);
3200 bphy_err(drvr, "wl dtim_assoc failed (%d)\n", err);
3201 goto update_bss_info_out;
3205 update_bss_info_out:
3206 brcmf_dbg(TRACE, "Exit");
3210 void brcmf_abort_scanning(struct brcmf_cfg80211_info *cfg)
3212 struct escan_info *escan = &cfg->escan_info;
3214 set_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status);
3215 if (cfg->int_escan_map || cfg->scan_request) {
3216 escan->escan_state = WL_ESCAN_STATE_IDLE;
3217 brcmf_notify_escan_complete(cfg, escan->ifp, true, true);
3219 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3220 clear_bit(BRCMF_SCAN_STATUS_ABORT, &cfg->scan_status);
3223 static void brcmf_cfg80211_escan_timeout_worker(struct work_struct *work)
3225 struct brcmf_cfg80211_info *cfg =
3226 container_of(work, struct brcmf_cfg80211_info,
3227 escan_timeout_work);
3229 brcmf_inform_bss(cfg);
3230 brcmf_notify_escan_complete(cfg, cfg->escan_info.ifp, true, true);
3233 static void brcmf_escan_timeout(struct timer_list *t)
3235 struct brcmf_cfg80211_info *cfg =
3236 from_timer(cfg, t, escan_timeout);
3237 struct brcmf_pub *drvr = cfg->pub;
3239 if (cfg->int_escan_map || cfg->scan_request) {
3240 bphy_err(drvr, "timer expired\n");
3241 schedule_work(&cfg->escan_timeout_work);
3246 brcmf_compare_update_same_bss(struct brcmf_cfg80211_info *cfg,
3247 struct brcmf_bss_info_le *bss,
3248 struct brcmf_bss_info_le *bss_info_le)
3250 struct brcmu_chan ch_bss, ch_bss_info_le;
3252 ch_bss.chspec = le16_to_cpu(bss->chanspec);
3253 cfg->d11inf.decchspec(&ch_bss);
3254 ch_bss_info_le.chspec = le16_to_cpu(bss_info_le->chanspec);
3255 cfg->d11inf.decchspec(&ch_bss_info_le);
3257 if (!memcmp(&bss_info_le->BSSID, &bss->BSSID, ETH_ALEN) &&
3258 ch_bss.band == ch_bss_info_le.band &&
3259 bss_info_le->SSID_len == bss->SSID_len &&
3260 !memcmp(bss_info_le->SSID, bss->SSID, bss_info_le->SSID_len)) {
3261 if ((bss->flags & BRCMF_BSS_RSSI_ON_CHANNEL) ==
3262 (bss_info_le->flags & BRCMF_BSS_RSSI_ON_CHANNEL)) {
3263 s16 bss_rssi = le16_to_cpu(bss->RSSI);
3264 s16 bss_info_rssi = le16_to_cpu(bss_info_le->RSSI);
3266 /* preserve max RSSI if the measurements are
3267 * both on-channel or both off-channel
3269 if (bss_info_rssi > bss_rssi)
3270 bss->RSSI = bss_info_le->RSSI;
3271 } else if ((bss->flags & BRCMF_BSS_RSSI_ON_CHANNEL) &&
3272 (bss_info_le->flags & BRCMF_BSS_RSSI_ON_CHANNEL) == 0) {
3273 /* preserve the on-channel rssi measurement
3274 * if the new measurement is off channel
3276 bss->RSSI = bss_info_le->RSSI;
3277 bss->flags |= BRCMF_BSS_RSSI_ON_CHANNEL;
3285 brcmf_cfg80211_escan_handler(struct brcmf_if *ifp,
3286 const struct brcmf_event_msg *e, void *data)
3288 struct brcmf_pub *drvr = ifp->drvr;
3289 struct brcmf_cfg80211_info *cfg = drvr->config;
3291 struct brcmf_escan_result_le *escan_result_le;
3293 struct brcmf_bss_info_le *bss_info_le;
3294 struct brcmf_bss_info_le *bss = NULL;
3296 struct brcmf_scan_results *list;
3302 if (status == BRCMF_E_STATUS_ABORT)
3305 if (!test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
3306 bphy_err(drvr, "scan not ready, bsscfgidx=%d\n",
3311 if (status == BRCMF_E_STATUS_PARTIAL) {
3312 brcmf_dbg(SCAN, "ESCAN Partial result\n");
3313 if (e->datalen < sizeof(*escan_result_le)) {
3314 bphy_err(drvr, "invalid event data length\n");
3317 escan_result_le = (struct brcmf_escan_result_le *) data;
3318 if (!escan_result_le) {
3319 bphy_err(drvr, "Invalid escan result (NULL pointer)\n");
3322 escan_buflen = le32_to_cpu(escan_result_le->buflen);
3323 if (escan_buflen > BRCMF_ESCAN_BUF_SIZE ||
3324 escan_buflen > e->datalen ||
3325 escan_buflen < sizeof(*escan_result_le)) {
3326 bphy_err(drvr, "Invalid escan buffer length: %d\n",
3330 if (le16_to_cpu(escan_result_le->bss_count) != 1) {
3331 bphy_err(drvr, "Invalid bss_count %d: ignoring\n",
3332 escan_result_le->bss_count);
3335 bss_info_le = &escan_result_le->bss_info_le;
3337 if (brcmf_p2p_scan_finding_common_channel(cfg, bss_info_le))
3340 if (!cfg->int_escan_map && !cfg->scan_request) {
3341 brcmf_dbg(SCAN, "result without cfg80211 request\n");
3345 bi_length = le32_to_cpu(bss_info_le->length);
3346 if (bi_length != escan_buflen - WL_ESCAN_RESULTS_FIXED_SIZE) {
3347 bphy_err(drvr, "Ignoring invalid bss_info length: %d\n",
3352 if (!(cfg_to_wiphy(cfg)->interface_modes &
3353 BIT(NL80211_IFTYPE_ADHOC))) {
3354 if (le16_to_cpu(bss_info_le->capability) &
3355 WLAN_CAPABILITY_IBSS) {
3356 bphy_err(drvr, "Ignoring IBSS result\n");
3361 list = (struct brcmf_scan_results *)
3362 cfg->escan_info.escan_buf;
3363 if (bi_length > BRCMF_ESCAN_BUF_SIZE - list->buflen) {
3364 bphy_err(drvr, "Buffer is too small: ignoring\n");
3368 for (i = 0; i < list->count; i++) {
3369 bss = bss ? (struct brcmf_bss_info_le *)
3370 ((unsigned char *)bss +
3371 le32_to_cpu(bss->length)) : list->bss_info_le;
3372 if (brcmf_compare_update_same_bss(cfg, bss,
3376 memcpy(&cfg->escan_info.escan_buf[list->buflen], bss_info_le,
3378 list->version = le32_to_cpu(bss_info_le->version);
3379 list->buflen += bi_length;
3382 cfg->escan_info.escan_state = WL_ESCAN_STATE_IDLE;
3383 if (brcmf_p2p_scan_finding_common_channel(cfg, NULL))
3385 if (cfg->int_escan_map || cfg->scan_request) {
3386 brcmf_inform_bss(cfg);
3387 aborted = status != BRCMF_E_STATUS_SUCCESS;
3388 brcmf_notify_escan_complete(cfg, ifp, aborted, false);
3390 brcmf_dbg(SCAN, "Ignored scan complete result 0x%x\n",
3397 static void brcmf_init_escan(struct brcmf_cfg80211_info *cfg)
3399 brcmf_fweh_register(cfg->pub, BRCMF_E_ESCAN_RESULT,
3400 brcmf_cfg80211_escan_handler);
3401 cfg->escan_info.escan_state = WL_ESCAN_STATE_IDLE;
3402 /* Init scan_timeout timer */
3403 timer_setup(&cfg->escan_timeout, brcmf_escan_timeout, 0);
3404 INIT_WORK(&cfg->escan_timeout_work,
3405 brcmf_cfg80211_escan_timeout_worker);
3408 static struct cfg80211_scan_request *
3409 brcmf_alloc_internal_escan_request(struct wiphy *wiphy, u32 n_netinfo) {
3410 struct cfg80211_scan_request *req;
3413 req_size = sizeof(*req) +
3414 n_netinfo * sizeof(req->channels[0]) +
3415 n_netinfo * sizeof(*req->ssids);
3417 req = kzalloc(req_size, GFP_KERNEL);
3420 req->ssids = (void *)(&req->channels[0]) +
3421 n_netinfo * sizeof(req->channels[0]);
3426 static int brcmf_internal_escan_add_info(struct cfg80211_scan_request *req,
3427 u8 *ssid, u8 ssid_len, u8 channel)
3429 struct ieee80211_channel *chan;
3430 enum nl80211_band band;
3433 if (channel <= CH_MAX_2G_CHANNEL)
3434 band = NL80211_BAND_2GHZ;
3436 band = NL80211_BAND_5GHZ;
3438 freq = ieee80211_channel_to_frequency(channel, band);
3442 chan = ieee80211_get_channel(req->wiphy, freq);
3446 for (i = 0; i < req->n_channels; i++) {
3447 if (req->channels[i] == chan)
3450 if (i == req->n_channels)
3451 req->channels[req->n_channels++] = chan;
3453 for (i = 0; i < req->n_ssids; i++) {
3454 if (req->ssids[i].ssid_len == ssid_len &&
3455 !memcmp(req->ssids[i].ssid, ssid, ssid_len))
3458 if (i == req->n_ssids) {
3459 memcpy(req->ssids[req->n_ssids].ssid, ssid, ssid_len);
3460 req->ssids[req->n_ssids++].ssid_len = ssid_len;
3465 static int brcmf_start_internal_escan(struct brcmf_if *ifp, u32 fwmap,
3466 struct cfg80211_scan_request *request)
3468 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
3471 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status)) {
3472 if (cfg->int_escan_map)
3473 brcmf_dbg(SCAN, "aborting internal scan: map=%u\n",
3474 cfg->int_escan_map);
3475 /* Abort any on-going scan */
3476 brcmf_abort_scanning(cfg);
3479 brcmf_dbg(SCAN, "start internal scan: map=%u\n", fwmap);
3480 set_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3481 cfg->escan_info.run = brcmf_run_escan;
3482 err = brcmf_do_escan(ifp, request);
3484 clear_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status);
3487 cfg->int_escan_map = fwmap;
3491 static struct brcmf_pno_net_info_le *
3492 brcmf_get_netinfo_array(struct brcmf_pno_scanresults_le *pfn_v1)
3494 struct brcmf_pno_scanresults_v2_le *pfn_v2;
3495 struct brcmf_pno_net_info_le *netinfo;
3497 switch (pfn_v1->version) {
3501 case cpu_to_le32(1):
3502 netinfo = (struct brcmf_pno_net_info_le *)(pfn_v1 + 1);
3504 case cpu_to_le32(2):
3505 pfn_v2 = (struct brcmf_pno_scanresults_v2_le *)pfn_v1;
3506 netinfo = (struct brcmf_pno_net_info_le *)(pfn_v2 + 1);
3513 /* PFN result doesn't have all the info which are required by the supplicant
3514 * (For e.g IEs) Do a target Escan so that sched scan results are reported
3515 * via wl_inform_single_bss in the required format. Escan does require the
3516 * scan request in the form of cfg80211_scan_request. For timebeing, create
3517 * cfg80211_scan_request one out of the received PNO event.
3520 brcmf_notify_sched_scan_results(struct brcmf_if *ifp,
3521 const struct brcmf_event_msg *e, void *data)
3523 struct brcmf_pub *drvr = ifp->drvr;
3524 struct brcmf_cfg80211_info *cfg = drvr->config;
3525 struct brcmf_pno_net_info_le *netinfo, *netinfo_start;
3526 struct cfg80211_scan_request *request = NULL;
3527 struct wiphy *wiphy = cfg_to_wiphy(cfg);
3529 struct brcmf_pno_scanresults_le *pfn_result;
3535 brcmf_dbg(SCAN, "Enter\n");
3537 if (e->datalen < (sizeof(*pfn_result) + sizeof(*netinfo))) {
3538 brcmf_dbg(SCAN, "Event data to small. Ignore\n");
3542 if (e->event_code == BRCMF_E_PFN_NET_LOST) {
3543 brcmf_dbg(SCAN, "PFN NET LOST event. Do Nothing\n");
3547 pfn_result = (struct brcmf_pno_scanresults_le *)data;
3548 result_count = le32_to_cpu(pfn_result->count);
3549 status = le32_to_cpu(pfn_result->status);
3551 /* PFN event is limited to fit 512 bytes so we may get
3552 * multiple NET_FOUND events. For now place a warning here.
3554 WARN_ON(status != BRCMF_PNO_SCAN_COMPLETE);
3555 brcmf_dbg(SCAN, "PFN NET FOUND event. count: %d\n", result_count);
3556 if (!result_count) {
3557 bphy_err(drvr, "FALSE PNO Event. (pfn_count == 0)\n");
3561 netinfo_start = brcmf_get_netinfo_array(pfn_result);
3562 datalen = e->datalen - ((void *)netinfo_start - (void *)pfn_result);
3563 if (datalen < result_count * sizeof(*netinfo)) {
3564 bphy_err(drvr, "insufficient event data\n");
3568 request = brcmf_alloc_internal_escan_request(wiphy,
3576 for (i = 0; i < result_count; i++) {
3577 netinfo = &netinfo_start[i];
3579 if (netinfo->SSID_len > IEEE80211_MAX_SSID_LEN)
3580 netinfo->SSID_len = IEEE80211_MAX_SSID_LEN;
3581 brcmf_dbg(SCAN, "SSID:%.32s Channel:%d\n",
3582 netinfo->SSID, netinfo->channel);
3583 bucket_map |= brcmf_pno_get_bucket_map(cfg->pno, netinfo);
3584 err = brcmf_internal_escan_add_info(request,
3595 err = brcmf_start_internal_escan(ifp, bucket_map, request);
3600 cfg80211_sched_scan_stopped(wiphy, 0);
3607 brcmf_cfg80211_sched_scan_start(struct wiphy *wiphy,
3608 struct net_device *ndev,
3609 struct cfg80211_sched_scan_request *req)
3611 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3612 struct brcmf_if *ifp = netdev_priv(ndev);
3613 struct brcmf_pub *drvr = cfg->pub;
3615 brcmf_dbg(SCAN, "Enter: n_match_sets=%d n_ssids=%d\n",
3616 req->n_match_sets, req->n_ssids);
3618 if (test_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status)) {
3619 bphy_err(drvr, "Scanning suppressed: status=%lu\n",
3624 if (req->n_match_sets <= 0) {
3625 brcmf_dbg(SCAN, "invalid number of matchsets specified: %d\n",
3630 return brcmf_pno_start_sched_scan(ifp, req);
3633 static int brcmf_cfg80211_sched_scan_stop(struct wiphy *wiphy,
3634 struct net_device *ndev, u64 reqid)
3636 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3637 struct brcmf_if *ifp = netdev_priv(ndev);
3639 brcmf_dbg(SCAN, "enter\n");
3640 brcmf_pno_stop_sched_scan(ifp, reqid);
3641 if (cfg->int_escan_map)
3642 brcmf_notify_escan_complete(cfg, ifp, true, true);
3646 static __always_inline void brcmf_delay(u32 ms)
3648 if (ms < 1000 / HZ) {
3656 static s32 brcmf_config_wowl_pattern(struct brcmf_if *ifp, u8 cmd[4],
3657 u8 *pattern, u32 patternsize, u8 *mask,
3660 struct brcmf_fil_wowl_pattern_le *filter;
3667 masksize = (patternsize + 7) / 8;
3668 patternoffset = sizeof(*filter) - sizeof(filter->cmd) + masksize;
3670 bufsize = sizeof(*filter) + patternsize + masksize;
3671 buf = kzalloc(bufsize, GFP_KERNEL);
3674 filter = (struct brcmf_fil_wowl_pattern_le *)buf;
3676 memcpy(filter->cmd, cmd, 4);
3677 filter->masksize = cpu_to_le32(masksize);
3678 filter->offset = cpu_to_le32(packet_offset);
3679 filter->patternoffset = cpu_to_le32(patternoffset);
3680 filter->patternsize = cpu_to_le32(patternsize);
3681 filter->type = cpu_to_le32(BRCMF_WOWL_PATTERN_TYPE_BITMAP);
3683 if ((mask) && (masksize))
3684 memcpy(buf + sizeof(*filter), mask, masksize);
3685 if ((pattern) && (patternsize))
3686 memcpy(buf + sizeof(*filter) + masksize, pattern, patternsize);
3688 ret = brcmf_fil_iovar_data_set(ifp, "wowl_pattern", buf, bufsize);
3695 brcmf_wowl_nd_results(struct brcmf_if *ifp, const struct brcmf_event_msg *e,
3698 struct brcmf_pub *drvr = ifp->drvr;
3699 struct brcmf_cfg80211_info *cfg = drvr->config;
3700 struct brcmf_pno_scanresults_le *pfn_result;
3701 struct brcmf_pno_net_info_le *netinfo;
3703 brcmf_dbg(SCAN, "Enter\n");
3705 if (e->datalen < (sizeof(*pfn_result) + sizeof(*netinfo))) {
3706 brcmf_dbg(SCAN, "Event data to small. Ignore\n");
3710 pfn_result = (struct brcmf_pno_scanresults_le *)data;
3712 if (e->event_code == BRCMF_E_PFN_NET_LOST) {
3713 brcmf_dbg(SCAN, "PFN NET LOST event. Ignore\n");
3717 if (le32_to_cpu(pfn_result->count) < 1) {
3718 bphy_err(drvr, "Invalid result count, expected 1 (%d)\n",
3719 le32_to_cpu(pfn_result->count));
3723 netinfo = brcmf_get_netinfo_array(pfn_result);
3724 if (netinfo->SSID_len > IEEE80211_MAX_SSID_LEN)
3725 netinfo->SSID_len = IEEE80211_MAX_SSID_LEN;
3726 memcpy(cfg->wowl.nd->ssid.ssid, netinfo->SSID, netinfo->SSID_len);
3727 cfg->wowl.nd->ssid.ssid_len = netinfo->SSID_len;
3728 cfg->wowl.nd->n_channels = 1;
3729 cfg->wowl.nd->channels[0] =
3730 ieee80211_channel_to_frequency(netinfo->channel,
3731 netinfo->channel <= CH_MAX_2G_CHANNEL ?
3732 NL80211_BAND_2GHZ : NL80211_BAND_5GHZ);
3733 cfg->wowl.nd_info->n_matches = 1;
3734 cfg->wowl.nd_info->matches[0] = cfg->wowl.nd;
3736 /* Inform (the resume task) that the net detect information was recvd */
3737 cfg->wowl.nd_data_completed = true;
3738 wake_up(&cfg->wowl.nd_data_wait);
3745 static void brcmf_report_wowl_wakeind(struct wiphy *wiphy, struct brcmf_if *ifp)
3747 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3748 struct brcmf_pub *drvr = cfg->pub;
3749 struct brcmf_wowl_wakeind_le wake_ind_le;
3750 struct cfg80211_wowlan_wakeup wakeup_data;
3751 struct cfg80211_wowlan_wakeup *wakeup;
3756 err = brcmf_fil_iovar_data_get(ifp, "wowl_wakeind", &wake_ind_le,
3757 sizeof(wake_ind_le));
3759 bphy_err(drvr, "Get wowl_wakeind failed, err = %d\n", err);
3763 wakeind = le32_to_cpu(wake_ind_le.ucode_wakeind);
3764 if (wakeind & (BRCMF_WOWL_MAGIC | BRCMF_WOWL_DIS | BRCMF_WOWL_BCN |
3765 BRCMF_WOWL_RETR | BRCMF_WOWL_NET |
3766 BRCMF_WOWL_PFN_FOUND)) {
3767 wakeup = &wakeup_data;
3768 memset(&wakeup_data, 0, sizeof(wakeup_data));
3769 wakeup_data.pattern_idx = -1;
3771 if (wakeind & BRCMF_WOWL_MAGIC) {
3772 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_MAGIC\n");
3773 wakeup_data.magic_pkt = true;
3775 if (wakeind & BRCMF_WOWL_DIS) {
3776 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_DIS\n");
3777 wakeup_data.disconnect = true;
3779 if (wakeind & BRCMF_WOWL_BCN) {
3780 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_BCN\n");
3781 wakeup_data.disconnect = true;
3783 if (wakeind & BRCMF_WOWL_RETR) {
3784 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_RETR\n");
3785 wakeup_data.disconnect = true;
3787 if (wakeind & BRCMF_WOWL_NET) {
3788 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_NET\n");
3789 /* For now always map to pattern 0, no API to get
3790 * correct information available at the moment.
3792 wakeup_data.pattern_idx = 0;
3794 if (wakeind & BRCMF_WOWL_PFN_FOUND) {
3795 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_PFN_FOUND\n");
3796 timeout = wait_event_timeout(cfg->wowl.nd_data_wait,
3797 cfg->wowl.nd_data_completed,
3798 BRCMF_ND_INFO_TIMEOUT);
3800 bphy_err(drvr, "No result for wowl net detect\n");
3802 wakeup_data.net_detect = cfg->wowl.nd_info;
3804 if (wakeind & BRCMF_WOWL_GTK_FAILURE) {
3805 brcmf_dbg(INFO, "WOWL Wake indicator: BRCMF_WOWL_GTK_FAILURE\n");
3806 wakeup_data.gtk_rekey_failure = true;
3811 cfg80211_report_wowlan_wakeup(&ifp->vif->wdev, wakeup, GFP_KERNEL);
3816 static void brcmf_report_wowl_wakeind(struct wiphy *wiphy, struct brcmf_if *ifp)
3820 #endif /* CONFIG_PM */
3822 static s32 brcmf_cfg80211_resume(struct wiphy *wiphy)
3824 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3825 struct net_device *ndev = cfg_to_ndev(cfg);
3826 struct brcmf_if *ifp = netdev_priv(ndev);
3828 brcmf_dbg(TRACE, "Enter\n");
3830 if (cfg->wowl.active) {
3831 brcmf_report_wowl_wakeind(wiphy, ifp);
3832 brcmf_fil_iovar_int_set(ifp, "wowl_clear", 0);
3833 brcmf_config_wowl_pattern(ifp, "clr", NULL, 0, NULL, 0);
3834 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ARP_ND))
3835 brcmf_configure_arp_nd_offload(ifp, true);
3836 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM,
3837 cfg->wowl.pre_pmmode);
3838 cfg->wowl.active = false;
3839 if (cfg->wowl.nd_enabled) {
3840 brcmf_cfg80211_sched_scan_stop(cfg->wiphy, ifp->ndev, 0);
3841 brcmf_fweh_unregister(cfg->pub, BRCMF_E_PFN_NET_FOUND);
3842 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
3843 brcmf_notify_sched_scan_results);
3844 cfg->wowl.nd_enabled = false;
3850 static void brcmf_configure_wowl(struct brcmf_cfg80211_info *cfg,
3851 struct brcmf_if *ifp,
3852 struct cfg80211_wowlan *wowl)
3855 struct brcmf_wowl_wakeind_le wowl_wakeind;
3858 brcmf_dbg(TRACE, "Suspend, wowl config.\n");
3860 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ARP_ND))
3861 brcmf_configure_arp_nd_offload(ifp, false);
3862 brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_PM, &cfg->wowl.pre_pmmode);
3863 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, PM_MAX);
3866 if (wowl->disconnect)
3867 wowl_config = BRCMF_WOWL_DIS | BRCMF_WOWL_BCN | BRCMF_WOWL_RETR;
3868 if (wowl->magic_pkt)
3869 wowl_config |= BRCMF_WOWL_MAGIC;
3870 if ((wowl->patterns) && (wowl->n_patterns)) {
3871 wowl_config |= BRCMF_WOWL_NET;
3872 for (i = 0; i < wowl->n_patterns; i++) {
3873 brcmf_config_wowl_pattern(ifp, "add",
3874 (u8 *)wowl->patterns[i].pattern,
3875 wowl->patterns[i].pattern_len,
3876 (u8 *)wowl->patterns[i].mask,
3877 wowl->patterns[i].pkt_offset);
3880 if (wowl->nd_config) {
3881 brcmf_cfg80211_sched_scan_start(cfg->wiphy, ifp->ndev,
3883 wowl_config |= BRCMF_WOWL_PFN_FOUND;
3885 cfg->wowl.nd_data_completed = false;
3886 cfg->wowl.nd_enabled = true;
3887 /* Now reroute the event for PFN to the wowl function. */
3888 brcmf_fweh_unregister(cfg->pub, BRCMF_E_PFN_NET_FOUND);
3889 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
3890 brcmf_wowl_nd_results);
3892 if (wowl->gtk_rekey_failure)
3893 wowl_config |= BRCMF_WOWL_GTK_FAILURE;
3894 if (!test_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state))
3895 wowl_config |= BRCMF_WOWL_UNASSOC;
3897 memcpy(&wowl_wakeind, "clear", 6);
3898 brcmf_fil_iovar_data_set(ifp, "wowl_wakeind", &wowl_wakeind,
3899 sizeof(wowl_wakeind));
3900 brcmf_fil_iovar_int_set(ifp, "wowl", wowl_config);
3901 brcmf_fil_iovar_int_set(ifp, "wowl_activate", 1);
3902 brcmf_bus_wowl_config(cfg->pub->bus_if, true);
3903 cfg->wowl.active = true;
3906 static s32 brcmf_cfg80211_suspend(struct wiphy *wiphy,
3907 struct cfg80211_wowlan *wowl)
3909 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3910 struct net_device *ndev = cfg_to_ndev(cfg);
3911 struct brcmf_if *ifp = netdev_priv(ndev);
3912 struct brcmf_cfg80211_vif *vif;
3914 brcmf_dbg(TRACE, "Enter\n");
3916 /* if the primary net_device is not READY there is nothing
3917 * we can do but pray resume goes smoothly.
3919 if (!check_vif_up(ifp->vif))
3922 /* Stop scheduled scan */
3923 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO))
3924 brcmf_cfg80211_sched_scan_stop(wiphy, ndev, 0);
3926 /* end any scanning */
3927 if (test_bit(BRCMF_SCAN_STATUS_BUSY, &cfg->scan_status))
3928 brcmf_abort_scanning(cfg);
3931 brcmf_bus_wowl_config(cfg->pub->bus_if, false);
3932 list_for_each_entry(vif, &cfg->vif_list, list) {
3933 if (!test_bit(BRCMF_VIF_STATUS_READY, &vif->sme_state))
3935 /* While going to suspend if associated with AP
3936 * disassociate from AP to save power while system is
3937 * in suspended state
3939 brcmf_link_down(vif, WLAN_REASON_UNSPECIFIED, true);
3940 /* Make sure WPA_Supplicant receives all the event
3941 * generated due to DISASSOC call to the fw to keep
3942 * the state fw and WPA_Supplicant state consistent
3947 brcmf_set_mpc(ifp, 1);
3950 /* Configure WOWL paramaters */
3951 brcmf_configure_wowl(cfg, ifp, wowl);
3955 brcmf_dbg(TRACE, "Exit\n");
3956 /* clear any scanning activity */
3957 cfg->scan_status = 0;
3962 brcmf_update_pmklist(struct brcmf_cfg80211_info *cfg, struct brcmf_if *ifp)
3964 struct brcmf_pmk_list_le *pmk_list;
3969 pmk_list = &cfg->pmk_list;
3970 npmk = le32_to_cpu(pmk_list->npmk);
3972 brcmf_dbg(CONN, "No of elements %d\n", npmk);
3973 for (i = 0; i < npmk; i++)
3974 brcmf_dbg(CONN, "PMK[%d]: %pM\n", i, &pmk_list->pmk[i].bssid);
3976 err = brcmf_fil_iovar_data_set(ifp, "pmkid_info", pmk_list,
3983 brcmf_cfg80211_set_pmksa(struct wiphy *wiphy, struct net_device *ndev,
3984 struct cfg80211_pmksa *pmksa)
3986 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
3987 struct brcmf_if *ifp = netdev_priv(ndev);
3988 struct brcmf_pmksa *pmk = &cfg->pmk_list.pmk[0];
3989 struct brcmf_pub *drvr = cfg->pub;
3993 brcmf_dbg(TRACE, "Enter\n");
3994 if (!check_vif_up(ifp->vif))
3997 npmk = le32_to_cpu(cfg->pmk_list.npmk);
3998 for (i = 0; i < npmk; i++)
3999 if (!memcmp(pmksa->bssid, pmk[i].bssid, ETH_ALEN))
4001 if (i < BRCMF_MAXPMKID) {
4002 memcpy(pmk[i].bssid, pmksa->bssid, ETH_ALEN);
4003 memcpy(pmk[i].pmkid, pmksa->pmkid, WLAN_PMKID_LEN);
4006 cfg->pmk_list.npmk = cpu_to_le32(npmk);
4009 bphy_err(drvr, "Too many PMKSA entries cached %d\n", npmk);
4013 brcmf_dbg(CONN, "set_pmksa - PMK bssid: %pM =\n", pmk[npmk].bssid);
4014 brcmf_dbg(CONN, "%*ph\n", WLAN_PMKID_LEN, pmk[npmk].pmkid);
4016 err = brcmf_update_pmklist(cfg, ifp);
4018 brcmf_dbg(TRACE, "Exit\n");
4023 brcmf_cfg80211_del_pmksa(struct wiphy *wiphy, struct net_device *ndev,
4024 struct cfg80211_pmksa *pmksa)
4026 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4027 struct brcmf_if *ifp = netdev_priv(ndev);
4028 struct brcmf_pmksa *pmk = &cfg->pmk_list.pmk[0];
4029 struct brcmf_pub *drvr = cfg->pub;
4033 brcmf_dbg(TRACE, "Enter\n");
4034 if (!check_vif_up(ifp->vif))
4037 brcmf_dbg(CONN, "del_pmksa - PMK bssid = %pM\n", pmksa->bssid);
4039 npmk = le32_to_cpu(cfg->pmk_list.npmk);
4040 for (i = 0; i < npmk; i++)
4041 if (!memcmp(pmksa->bssid, pmk[i].bssid, ETH_ALEN))
4044 if ((npmk > 0) && (i < npmk)) {
4045 for (; i < (npmk - 1); i++) {
4046 memcpy(&pmk[i].bssid, &pmk[i + 1].bssid, ETH_ALEN);
4047 memcpy(&pmk[i].pmkid, &pmk[i + 1].pmkid,
4050 memset(&pmk[i], 0, sizeof(*pmk));
4051 cfg->pmk_list.npmk = cpu_to_le32(npmk - 1);
4053 bphy_err(drvr, "Cache entry not found\n");
4057 err = brcmf_update_pmklist(cfg, ifp);
4059 brcmf_dbg(TRACE, "Exit\n");
4065 brcmf_cfg80211_flush_pmksa(struct wiphy *wiphy, struct net_device *ndev)
4067 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4068 struct brcmf_if *ifp = netdev_priv(ndev);
4071 brcmf_dbg(TRACE, "Enter\n");
4072 if (!check_vif_up(ifp->vif))
4075 memset(&cfg->pmk_list, 0, sizeof(cfg->pmk_list));
4076 err = brcmf_update_pmklist(cfg, ifp);
4078 brcmf_dbg(TRACE, "Exit\n");
4083 static s32 brcmf_configure_opensecurity(struct brcmf_if *ifp)
4085 struct brcmf_pub *drvr = ifp->drvr;
4090 err = brcmf_fil_bsscfg_int_set(ifp, "auth", 0);
4092 bphy_err(drvr, "auth error %d\n", err);
4096 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", 0);
4098 bphy_err(drvr, "wsec error %d\n", err);
4101 /* set upper-layer auth */
4102 if (brcmf_is_ibssmode(ifp->vif))
4103 wpa_val = WPA_AUTH_NONE;
4105 wpa_val = WPA_AUTH_DISABLED;
4106 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", wpa_val);
4108 bphy_err(drvr, "wpa_auth error %d\n", err);
4115 static bool brcmf_valid_wpa_oui(u8 *oui, bool is_rsn_ie)
4118 return (memcmp(oui, RSN_OUI, TLV_OUI_LEN) == 0);
4120 return (memcmp(oui, WPA_OUI, TLV_OUI_LEN) == 0);
4124 brcmf_configure_wpaie(struct brcmf_if *ifp,
4125 const struct brcmf_vs_tlv *wpa_ie,
4128 struct brcmf_pub *drvr = ifp->drvr;
4129 u32 auth = 0; /* d11 open authentication */
4141 u32 wme_bss_disable;
4144 brcmf_dbg(TRACE, "Enter\n");
4148 len = wpa_ie->len + TLV_HDR_LEN;
4149 data = (u8 *)wpa_ie;
4150 offset = TLV_HDR_LEN;
4152 offset += VS_IE_FIXED_HDR_LEN;
4154 offset += WPA_IE_VERSION_LEN;
4156 /* check for multicast cipher suite */
4157 if (offset + WPA_IE_MIN_OUI_LEN > len) {
4159 bphy_err(drvr, "no multicast cipher suite\n");
4163 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4165 bphy_err(drvr, "ivalid OUI\n");
4168 offset += TLV_OUI_LEN;
4170 /* pick up multicast cipher */
4171 switch (data[offset]) {
4172 case WPA_CIPHER_NONE:
4175 case WPA_CIPHER_WEP_40:
4176 case WPA_CIPHER_WEP_104:
4179 case WPA_CIPHER_TKIP:
4180 gval = TKIP_ENABLED;
4182 case WPA_CIPHER_AES_CCM:
4187 bphy_err(drvr, "Invalid multi cast cipher info\n");
4192 /* walk thru unicast cipher list and pick up what we recognize */
4193 count = data[offset] + (data[offset + 1] << 8);
4194 offset += WPA_IE_SUITE_COUNT_LEN;
4195 /* Check for unicast suite(s) */
4196 if (offset + (WPA_IE_MIN_OUI_LEN * count) > len) {
4198 bphy_err(drvr, "no unicast cipher suite\n");
4201 for (i = 0; i < count; i++) {
4202 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4204 bphy_err(drvr, "ivalid OUI\n");
4207 offset += TLV_OUI_LEN;
4208 switch (data[offset]) {
4209 case WPA_CIPHER_NONE:
4211 case WPA_CIPHER_WEP_40:
4212 case WPA_CIPHER_WEP_104:
4213 pval |= WEP_ENABLED;
4215 case WPA_CIPHER_TKIP:
4216 pval |= TKIP_ENABLED;
4218 case WPA_CIPHER_AES_CCM:
4219 pval |= AES_ENABLED;
4222 bphy_err(drvr, "Invalid unicast security info\n");
4226 /* walk thru auth management suite list and pick up what we recognize */
4227 count = data[offset] + (data[offset + 1] << 8);
4228 offset += WPA_IE_SUITE_COUNT_LEN;
4229 /* Check for auth key management suite(s) */
4230 if (offset + (WPA_IE_MIN_OUI_LEN * count) > len) {
4232 bphy_err(drvr, "no auth key mgmt suite\n");
4235 for (i = 0; i < count; i++) {
4236 if (!brcmf_valid_wpa_oui(&data[offset], is_rsn_ie)) {
4238 bphy_err(drvr, "ivalid OUI\n");
4241 offset += TLV_OUI_LEN;
4242 switch (data[offset]) {
4244 brcmf_dbg(TRACE, "RSN_AKM_NONE\n");
4245 wpa_auth |= WPA_AUTH_NONE;
4247 case RSN_AKM_UNSPECIFIED:
4248 brcmf_dbg(TRACE, "RSN_AKM_UNSPECIFIED\n");
4249 is_rsn_ie ? (wpa_auth |= WPA2_AUTH_UNSPECIFIED) :
4250 (wpa_auth |= WPA_AUTH_UNSPECIFIED);
4253 brcmf_dbg(TRACE, "RSN_AKM_PSK\n");
4254 is_rsn_ie ? (wpa_auth |= WPA2_AUTH_PSK) :
4255 (wpa_auth |= WPA_AUTH_PSK);
4257 case RSN_AKM_SHA256_PSK:
4258 brcmf_dbg(TRACE, "RSN_AKM_MFP_PSK\n");
4259 wpa_auth |= WPA2_AUTH_PSK_SHA256;
4261 case RSN_AKM_SHA256_1X:
4262 brcmf_dbg(TRACE, "RSN_AKM_MFP_1X\n");
4263 wpa_auth |= WPA2_AUTH_1X_SHA256;
4266 brcmf_dbg(TRACE, "RSN_AKM_SAE\n");
4267 wpa_auth |= WPA3_AUTH_SAE_PSK;
4270 bphy_err(drvr, "Invalid key mgmt info\n");
4275 mfp = BRCMF_MFP_NONE;
4277 wme_bss_disable = 1;
4278 if ((offset + RSN_CAP_LEN) <= len) {
4279 rsn_cap = data[offset] + (data[offset + 1] << 8);
4280 if (rsn_cap & RSN_CAP_PTK_REPLAY_CNTR_MASK)
4281 wme_bss_disable = 0;
4282 if (rsn_cap & RSN_CAP_MFPR_MASK) {
4283 brcmf_dbg(TRACE, "MFP Required\n");
4284 mfp = BRCMF_MFP_REQUIRED;
4285 /* Firmware only supports mfp required in
4286 * combination with WPA2_AUTH_PSK_SHA256,
4287 * WPA2_AUTH_1X_SHA256, or WPA3_AUTH_SAE_PSK.
4289 if (!(wpa_auth & (WPA2_AUTH_PSK_SHA256 |
4290 WPA2_AUTH_1X_SHA256 |
4291 WPA3_AUTH_SAE_PSK))) {
4295 /* Firmware has requirement that WPA2_AUTH_PSK/
4296 * WPA2_AUTH_UNSPECIFIED be set, if SHA256 OUI
4297 * is to be included in the rsn ie.
4299 if (wpa_auth & WPA2_AUTH_PSK_SHA256)
4300 wpa_auth |= WPA2_AUTH_PSK;
4301 else if (wpa_auth & WPA2_AUTH_1X_SHA256)
4302 wpa_auth |= WPA2_AUTH_UNSPECIFIED;
4303 } else if (rsn_cap & RSN_CAP_MFPC_MASK) {
4304 brcmf_dbg(TRACE, "MFP Capable\n");
4305 mfp = BRCMF_MFP_CAPABLE;
4308 offset += RSN_CAP_LEN;
4309 /* set wme_bss_disable to sync RSN Capabilities */
4310 err = brcmf_fil_bsscfg_int_set(ifp, "wme_bss_disable",
4313 bphy_err(drvr, "wme_bss_disable error %d\n", err);
4317 /* Skip PMKID cnt as it is know to be 0 for AP. */
4318 offset += RSN_PMKID_COUNT_LEN;
4320 /* See if there is BIP wpa suite left for MFP */
4321 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP) &&
4322 ((offset + WPA_IE_MIN_OUI_LEN) <= len)) {
4323 err = brcmf_fil_bsscfg_data_set(ifp, "bip",
4325 WPA_IE_MIN_OUI_LEN);
4327 bphy_err(drvr, "bip error %d\n", err);
4332 /* FOR WPS , set SES_OW_ENABLED */
4333 wsec = (pval | gval | SES_OW_ENABLED);
4336 err = brcmf_fil_bsscfg_int_set(ifp, "auth", auth);
4338 bphy_err(drvr, "auth error %d\n", err);
4342 err = brcmf_fil_bsscfg_int_set(ifp, "wsec", wsec);
4344 bphy_err(drvr, "wsec error %d\n", err);
4347 /* Configure MFP, this needs to go after wsec otherwise the wsec command
4348 * will overwrite the values set by MFP
4350 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP)) {
4351 err = brcmf_fil_bsscfg_int_set(ifp, "mfp", mfp);
4353 bphy_err(drvr, "mfp error %d\n", err);
4357 /* set upper-layer auth */
4358 err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", wpa_auth);
4360 bphy_err(drvr, "wpa_auth error %d\n", err);
4369 brcmf_parse_vndr_ies(const u8 *vndr_ie_buf, u32 vndr_ie_len,
4370 struct parsed_vndr_ies *vndr_ies)
4372 struct brcmf_vs_tlv *vndrie;
4373 struct brcmf_tlv *ie;
4374 struct parsed_vndr_ie_info *parsed_info;
4377 remaining_len = (s32)vndr_ie_len;
4378 memset(vndr_ies, 0, sizeof(*vndr_ies));
4380 ie = (struct brcmf_tlv *)vndr_ie_buf;
4382 if (ie->id != WLAN_EID_VENDOR_SPECIFIC)
4384 vndrie = (struct brcmf_vs_tlv *)ie;
4385 /* len should be bigger than OUI length + one */
4386 if (vndrie->len < (VS_IE_FIXED_HDR_LEN - TLV_HDR_LEN + 1)) {
4387 brcmf_err("invalid vndr ie. length is too small %d\n",
4391 /* if wpa or wme ie, do not add ie */
4392 if (!memcmp(vndrie->oui, (u8 *)WPA_OUI, TLV_OUI_LEN) &&
4393 ((vndrie->oui_type == WPA_OUI_TYPE) ||
4394 (vndrie->oui_type == WME_OUI_TYPE))) {
4395 brcmf_dbg(TRACE, "Found WPA/WME oui. Do not add it\n");
4399 parsed_info = &vndr_ies->ie_info[vndr_ies->count];
4401 /* save vndr ie information */
4402 parsed_info->ie_ptr = (char *)vndrie;
4403 parsed_info->ie_len = vndrie->len + TLV_HDR_LEN;
4404 memcpy(&parsed_info->vndrie, vndrie, sizeof(*vndrie));
4408 brcmf_dbg(TRACE, "** OUI %3ph, type 0x%02x\n",
4409 parsed_info->vndrie.oui,
4410 parsed_info->vndrie.oui_type);
4412 if (vndr_ies->count >= VNDR_IE_PARSE_LIMIT)
4415 remaining_len -= (ie->len + TLV_HDR_LEN);
4416 if (remaining_len <= TLV_HDR_LEN)
4419 ie = (struct brcmf_tlv *)(((u8 *)ie) + ie->len +
4426 brcmf_vndr_ie(u8 *iebuf, s32 pktflag, u8 *ie_ptr, u32 ie_len, s8 *add_del_cmd)
4428 strscpy(iebuf, add_del_cmd, VNDR_IE_CMD_LEN);
4430 put_unaligned_le32(1, &iebuf[VNDR_IE_COUNT_OFFSET]);
4432 put_unaligned_le32(pktflag, &iebuf[VNDR_IE_PKTFLAG_OFFSET]);
4434 memcpy(&iebuf[VNDR_IE_VSIE_OFFSET], ie_ptr, ie_len);
4436 return ie_len + VNDR_IE_HDR_SIZE;
4439 s32 brcmf_vif_set_mgmt_ie(struct brcmf_cfg80211_vif *vif, s32 pktflag,
4440 const u8 *vndr_ie_buf, u32 vndr_ie_len)
4442 struct brcmf_pub *drvr;
4443 struct brcmf_if *ifp;
4444 struct vif_saved_ie *saved_ie;
4448 u8 *mgmt_ie_buf = NULL;
4449 int mgmt_ie_buf_len;
4451 u32 del_add_ie_buf_len = 0;
4452 u32 total_ie_buf_len = 0;
4453 u32 parsed_ie_buf_len = 0;
4454 struct parsed_vndr_ies old_vndr_ies;
4455 struct parsed_vndr_ies new_vndr_ies;
4456 struct parsed_vndr_ie_info *vndrie_info;
4459 int remained_buf_len;
4465 saved_ie = &vif->saved_ie;
4467 brcmf_dbg(TRACE, "bsscfgidx %d, pktflag : 0x%02X\n", ifp->bsscfgidx,
4469 iovar_ie_buf = kzalloc(WL_EXTRA_BUF_MAX, GFP_KERNEL);
4472 curr_ie_buf = iovar_ie_buf;
4474 case BRCMF_VNDR_IE_PRBREQ_FLAG:
4475 mgmt_ie_buf = saved_ie->probe_req_ie;
4476 mgmt_ie_len = &saved_ie->probe_req_ie_len;
4477 mgmt_ie_buf_len = sizeof(saved_ie->probe_req_ie);
4479 case BRCMF_VNDR_IE_PRBRSP_FLAG:
4480 mgmt_ie_buf = saved_ie->probe_res_ie;
4481 mgmt_ie_len = &saved_ie->probe_res_ie_len;
4482 mgmt_ie_buf_len = sizeof(saved_ie->probe_res_ie);
4484 case BRCMF_VNDR_IE_BEACON_FLAG:
4485 mgmt_ie_buf = saved_ie->beacon_ie;
4486 mgmt_ie_len = &saved_ie->beacon_ie_len;
4487 mgmt_ie_buf_len = sizeof(saved_ie->beacon_ie);
4489 case BRCMF_VNDR_IE_ASSOCREQ_FLAG:
4490 mgmt_ie_buf = saved_ie->assoc_req_ie;
4491 mgmt_ie_len = &saved_ie->assoc_req_ie_len;
4492 mgmt_ie_buf_len = sizeof(saved_ie->assoc_req_ie);
4494 case BRCMF_VNDR_IE_ASSOCRSP_FLAG:
4495 mgmt_ie_buf = saved_ie->assoc_res_ie;
4496 mgmt_ie_len = &saved_ie->assoc_res_ie_len;
4497 mgmt_ie_buf_len = sizeof(saved_ie->assoc_res_ie);
4501 bphy_err(drvr, "not suitable type\n");
4505 if (vndr_ie_len > mgmt_ie_buf_len) {
4507 bphy_err(drvr, "extra IE size too big\n");
4511 /* parse and save new vndr_ie in curr_ie_buff before comparing it */
4512 if (vndr_ie_buf && vndr_ie_len && curr_ie_buf) {
4514 brcmf_parse_vndr_ies(vndr_ie_buf, vndr_ie_len, &new_vndr_ies);
4515 for (i = 0; i < new_vndr_ies.count; i++) {
4516 vndrie_info = &new_vndr_ies.ie_info[i];
4517 memcpy(ptr + parsed_ie_buf_len, vndrie_info->ie_ptr,
4518 vndrie_info->ie_len);
4519 parsed_ie_buf_len += vndrie_info->ie_len;
4523 if (mgmt_ie_buf && *mgmt_ie_len) {
4524 if (parsed_ie_buf_len && (parsed_ie_buf_len == *mgmt_ie_len) &&
4525 (memcmp(mgmt_ie_buf, curr_ie_buf,
4526 parsed_ie_buf_len) == 0)) {
4527 brcmf_dbg(TRACE, "Previous mgmt IE equals to current IE\n");
4531 /* parse old vndr_ie */
4532 brcmf_parse_vndr_ies(mgmt_ie_buf, *mgmt_ie_len, &old_vndr_ies);
4534 /* make a command to delete old ie */
4535 for (i = 0; i < old_vndr_ies.count; i++) {
4536 vndrie_info = &old_vndr_ies.ie_info[i];
4538 brcmf_dbg(TRACE, "DEL ID : %d, Len: %d , OUI:%3ph\n",
4539 vndrie_info->vndrie.id,
4540 vndrie_info->vndrie.len,
4541 vndrie_info->vndrie.oui);
4543 del_add_ie_buf_len = brcmf_vndr_ie(curr_ie_buf, pktflag,
4544 vndrie_info->ie_ptr,
4545 vndrie_info->ie_len,
4547 curr_ie_buf += del_add_ie_buf_len;
4548 total_ie_buf_len += del_add_ie_buf_len;
4553 /* Add if there is any extra IE */
4554 if (mgmt_ie_buf && parsed_ie_buf_len) {
4557 remained_buf_len = mgmt_ie_buf_len;
4559 /* make a command to add new ie */
4560 for (i = 0; i < new_vndr_ies.count; i++) {
4561 vndrie_info = &new_vndr_ies.ie_info[i];
4563 /* verify remained buf size before copy data */
4564 if (remained_buf_len < (vndrie_info->vndrie.len +
4565 VNDR_IE_VSIE_OFFSET)) {
4566 bphy_err(drvr, "no space in mgmt_ie_buf: len left %d",
4570 remained_buf_len -= (vndrie_info->ie_len +
4571 VNDR_IE_VSIE_OFFSET);
4573 brcmf_dbg(TRACE, "ADDED ID : %d, Len: %d, OUI:%3ph\n",
4574 vndrie_info->vndrie.id,
4575 vndrie_info->vndrie.len,
4576 vndrie_info->vndrie.oui);
4578 del_add_ie_buf_len = brcmf_vndr_ie(curr_ie_buf, pktflag,
4579 vndrie_info->ie_ptr,
4580 vndrie_info->ie_len,
4583 /* save the parsed IE in wl struct */
4584 memcpy(ptr + (*mgmt_ie_len), vndrie_info->ie_ptr,
4585 vndrie_info->ie_len);
4586 *mgmt_ie_len += vndrie_info->ie_len;
4588 curr_ie_buf += del_add_ie_buf_len;
4589 total_ie_buf_len += del_add_ie_buf_len;
4592 if (total_ie_buf_len) {
4593 err = brcmf_fil_bsscfg_data_set(ifp, "vndr_ie", iovar_ie_buf,
4596 bphy_err(drvr, "vndr ie set error : %d\n", err);
4600 kfree(iovar_ie_buf);
4604 s32 brcmf_vif_clear_mgmt_ies(struct brcmf_cfg80211_vif *vif)
4607 BRCMF_VNDR_IE_PRBREQ_FLAG,
4608 BRCMF_VNDR_IE_PRBRSP_FLAG,
4609 BRCMF_VNDR_IE_BEACON_FLAG
4613 for (i = 0; i < ARRAY_SIZE(pktflags); i++)
4614 brcmf_vif_set_mgmt_ie(vif, pktflags[i], NULL, 0);
4616 memset(&vif->saved_ie, 0, sizeof(vif->saved_ie));
4621 brcmf_config_ap_mgmt_ie(struct brcmf_cfg80211_vif *vif,
4622 struct cfg80211_beacon_data *beacon)
4624 struct brcmf_pub *drvr = vif->ifp->drvr;
4627 /* Set Beacon IEs to FW */
4628 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_BEACON_FLAG,
4629 beacon->tail, beacon->tail_len);
4631 bphy_err(drvr, "Set Beacon IE Failed\n");
4634 brcmf_dbg(TRACE, "Applied Vndr IEs for Beacon\n");
4636 /* Set Probe Response IEs to FW */
4637 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_PRBRSP_FLAG,
4638 beacon->proberesp_ies,
4639 beacon->proberesp_ies_len);
4641 bphy_err(drvr, "Set Probe Resp IE Failed\n");
4643 brcmf_dbg(TRACE, "Applied Vndr IEs for Probe Resp\n");
4645 /* Set Assoc Response IEs to FW */
4646 err = brcmf_vif_set_mgmt_ie(vif, BRCMF_VNDR_IE_ASSOCRSP_FLAG,
4647 beacon->assocresp_ies,
4648 beacon->assocresp_ies_len);
4650 brcmf_err("Set Assoc Resp IE Failed\n");
4652 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc Resp\n");
4658 brcmf_parse_configure_security(struct brcmf_if *ifp,
4659 struct cfg80211_ap_settings *settings,
4660 enum nl80211_iftype dev_role)
4662 const struct brcmf_tlv *rsn_ie;
4663 const struct brcmf_vs_tlv *wpa_ie;
4666 /* find the RSN_IE */
4667 rsn_ie = brcmf_parse_tlvs((u8 *)settings->beacon.tail,
4668 settings->beacon.tail_len, WLAN_EID_RSN);
4670 /* find the WPA_IE */
4671 wpa_ie = brcmf_find_wpaie((u8 *)settings->beacon.tail,
4672 settings->beacon.tail_len);
4674 if (wpa_ie || rsn_ie) {
4675 brcmf_dbg(TRACE, "WPA(2) IE is found\n");
4678 err = brcmf_configure_wpaie(ifp, wpa_ie, false);
4682 struct brcmf_vs_tlv *tmp_ie;
4684 tmp_ie = (struct brcmf_vs_tlv *)rsn_ie;
4687 err = brcmf_configure_wpaie(ifp, tmp_ie, true);
4692 brcmf_dbg(TRACE, "No WPA(2) IEs found\n");
4693 brcmf_configure_opensecurity(ifp);
4700 brcmf_cfg80211_start_ap(struct wiphy *wiphy, struct net_device *ndev,
4701 struct cfg80211_ap_settings *settings)
4704 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4705 struct brcmf_if *ifp = netdev_priv(ndev);
4706 struct brcmf_pub *drvr = cfg->pub;
4707 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
4708 struct cfg80211_crypto_settings *crypto = &settings->crypto;
4709 const struct brcmf_tlv *ssid_ie;
4710 const struct brcmf_tlv *country_ie;
4711 struct brcmf_ssid_le ssid_le;
4713 struct brcmf_join_params join_params;
4714 enum nl80211_iftype dev_role;
4715 struct brcmf_fil_bss_enable_le bss_enable;
4716 u16 chanspec = chandef_to_chanspec(&cfg->d11inf, &settings->chandef);
4721 brcmf_dbg(TRACE, "ctrlchn=%d, center=%d, bw=%d, beacon_interval=%d, dtim_period=%d,\n",
4722 settings->chandef.chan->hw_value,
4723 settings->chandef.center_freq1, settings->chandef.width,
4724 settings->beacon_interval, settings->dtim_period);
4725 brcmf_dbg(TRACE, "ssid=%s(%zu), auth_type=%d, inactivity_timeout=%d\n",
4726 settings->ssid, settings->ssid_len, settings->auth_type,
4727 settings->inactivity_timeout);
4728 dev_role = ifp->vif->wdev.iftype;
4729 mbss = ifp->vif->mbss;
4731 /* store current 11d setting */
4732 if (brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_REGULATORY,
4733 &ifp->vif->is_11d)) {
4734 is_11d = supports_11d = false;
4736 country_ie = brcmf_parse_tlvs((u8 *)settings->beacon.tail,
4737 settings->beacon.tail_len,
4739 is_11d = country_ie ? 1 : 0;
4740 supports_11d = true;
4743 memset(&ssid_le, 0, sizeof(ssid_le));
4744 if (settings->ssid == NULL || settings->ssid_len == 0) {
4745 ie_offset = DOT11_MGMT_HDR_LEN + DOT11_BCN_PRB_FIXED_LEN;
4746 ssid_ie = brcmf_parse_tlvs(
4747 (u8 *)&settings->beacon.head[ie_offset],
4748 settings->beacon.head_len - ie_offset,
4750 if (!ssid_ie || ssid_ie->len > IEEE80211_MAX_SSID_LEN)
4753 memcpy(ssid_le.SSID, ssid_ie->data, ssid_ie->len);
4754 ssid_le.SSID_len = cpu_to_le32(ssid_ie->len);
4755 brcmf_dbg(TRACE, "SSID is (%s) in Head\n", ssid_le.SSID);
4757 memcpy(ssid_le.SSID, settings->ssid, settings->ssid_len);
4758 ssid_le.SSID_len = cpu_to_le32((u32)settings->ssid_len);
4762 brcmf_set_mpc(ifp, 0);
4763 brcmf_configure_arp_nd_offload(ifp, false);
4766 /* Parameters shared by all radio interfaces */
4768 if ((supports_11d) && (is_11d != ifp->vif->is_11d)) {
4769 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_REGULATORY,
4772 bphy_err(drvr, "Regulatory Set Error, %d\n",
4777 if (settings->beacon_interval) {
4778 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_BCNPRD,
4779 settings->beacon_interval);
4781 bphy_err(drvr, "Beacon Interval Set Error, %d\n",
4786 if (settings->dtim_period) {
4787 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_DTIMPRD,
4788 settings->dtim_period);
4790 bphy_err(drvr, "DTIM Interval Set Error, %d\n",
4796 if ((dev_role == NL80211_IFTYPE_AP) &&
4797 ((ifp->ifidx == 0) ||
4798 (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_RSDB) &&
4799 !brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MCHAN)))) {
4800 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4802 bphy_err(drvr, "BRCMF_C_DOWN error %d\n",
4806 brcmf_fil_iovar_int_set(ifp, "apsta", 0);
4809 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_INFRA, 1);
4811 bphy_err(drvr, "SET INFRA error %d\n", err);
4814 } else if (WARN_ON(supports_11d && (is_11d != ifp->vif->is_11d))) {
4815 /* Multiple-BSS should use same 11d configuration */
4820 /* Interface specific setup */
4821 if (dev_role == NL80211_IFTYPE_AP) {
4822 if ((brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS)) && (!mbss))
4823 brcmf_fil_iovar_int_set(ifp, "mbss", 1);
4825 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_AP, 1);
4827 bphy_err(drvr, "setting AP mode failed %d\n",
4832 /* Firmware 10.x requires setting channel after enabling
4833 * AP and before bringing interface up.
4835 err = brcmf_fil_iovar_int_set(ifp, "chanspec", chanspec);
4837 bphy_err(drvr, "Set Channel failed: chspec=%d, %d\n",
4842 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1);
4844 bphy_err(drvr, "BRCMF_C_UP error (%d)\n", err);
4849 brcmf_dbg(INFO, "using PSK offload\n");
4850 profile->use_fwauth |= BIT(BRCMF_PROFILE_FWAUTH_PSK);
4851 err = brcmf_set_pmk(ifp, crypto->psk,
4852 BRCMF_WSEC_MAX_PSK_LEN);
4856 if (crypto->sae_pwd) {
4857 brcmf_dbg(INFO, "using SAE offload\n");
4858 profile->use_fwauth |= BIT(BRCMF_PROFILE_FWAUTH_SAE);
4859 err = brcmf_set_sae_password(ifp, crypto->sae_pwd,
4860 crypto->sae_pwd_len);
4864 if (profile->use_fwauth == 0)
4865 profile->use_fwauth = BIT(BRCMF_PROFILE_FWAUTH_NONE);
4867 err = brcmf_parse_configure_security(ifp, settings,
4870 bphy_err(drvr, "brcmf_parse_configure_security error\n");
4874 /* On DOWN the firmware removes the WEP keys, reconfigure
4875 * them if they were set.
4877 brcmf_cfg80211_reconfigure_wep(ifp);
4879 memset(&join_params, 0, sizeof(join_params));
4880 /* join parameters starts with ssid */
4881 memcpy(&join_params.ssid_le, &ssid_le, sizeof(ssid_le));
4883 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
4884 &join_params, sizeof(join_params));
4886 bphy_err(drvr, "SET SSID error (%d)\n", err);
4890 err = brcmf_fil_iovar_int_set(ifp, "closednet",
4891 settings->hidden_ssid);
4893 bphy_err(drvr, "%s closednet error (%d)\n",
4894 settings->hidden_ssid ?
4895 "enabled" : "disabled",
4900 brcmf_dbg(TRACE, "AP mode configuration complete\n");
4901 } else if (dev_role == NL80211_IFTYPE_P2P_GO) {
4902 err = brcmf_fil_iovar_int_set(ifp, "chanspec", chanspec);
4904 bphy_err(drvr, "Set Channel failed: chspec=%d, %d\n",
4909 err = brcmf_parse_configure_security(ifp, settings,
4910 NL80211_IFTYPE_P2P_GO);
4912 brcmf_err("brcmf_parse_configure_security error\n");
4916 err = brcmf_fil_bsscfg_data_set(ifp, "ssid", &ssid_le,
4919 bphy_err(drvr, "setting ssid failed %d\n", err);
4922 bss_enable.bsscfgidx = cpu_to_le32(ifp->bsscfgidx);
4923 bss_enable.enable = cpu_to_le32(1);
4924 err = brcmf_fil_iovar_data_set(ifp, "bss", &bss_enable,
4925 sizeof(bss_enable));
4927 bphy_err(drvr, "bss_enable config failed %d\n", err);
4931 brcmf_dbg(TRACE, "GO mode configuration complete\n");
4936 brcmf_config_ap_mgmt_ie(ifp->vif, &settings->beacon);
4937 set_bit(BRCMF_VIF_STATUS_AP_CREATED, &ifp->vif->sme_state);
4938 brcmf_net_setcarrier(ifp, true);
4941 if ((err) && (!mbss)) {
4942 brcmf_set_mpc(ifp, 1);
4943 brcmf_configure_arp_nd_offload(ifp, true);
4948 static int brcmf_cfg80211_stop_ap(struct wiphy *wiphy, struct net_device *ndev)
4950 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
4951 struct brcmf_if *ifp = netdev_priv(ndev);
4952 struct brcmf_pub *drvr = cfg->pub;
4953 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
4955 struct brcmf_fil_bss_enable_le bss_enable;
4956 struct brcmf_join_params join_params;
4958 brcmf_dbg(TRACE, "Enter\n");
4960 if (ifp->vif->wdev.iftype == NL80211_IFTYPE_AP) {
4961 /* Due to most likely deauths outstanding we sleep */
4962 /* first to make sure they get processed by fw. */
4965 if (profile->use_fwauth != BIT(BRCMF_PROFILE_FWAUTH_NONE)) {
4966 if (profile->use_fwauth & BIT(BRCMF_PROFILE_FWAUTH_PSK))
4967 brcmf_set_pmk(ifp, NULL, 0);
4968 if (profile->use_fwauth & BIT(BRCMF_PROFILE_FWAUTH_SAE))
4969 brcmf_set_sae_password(ifp, NULL, 0);
4970 profile->use_fwauth = BIT(BRCMF_PROFILE_FWAUTH_NONE);
4973 if (ifp->vif->mbss) {
4974 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4978 /* First BSS doesn't get a full reset */
4979 if (ifp->bsscfgidx == 0)
4980 brcmf_fil_iovar_int_set(ifp, "closednet", 0);
4982 memset(&join_params, 0, sizeof(join_params));
4983 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
4984 &join_params, sizeof(join_params));
4986 bphy_err(drvr, "SET SSID error (%d)\n", err);
4987 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
4989 bphy_err(drvr, "BRCMF_C_DOWN error %d\n", err);
4990 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_AP, 0);
4992 bphy_err(drvr, "setting AP mode failed %d\n", err);
4993 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS))
4994 brcmf_fil_iovar_int_set(ifp, "mbss", 0);
4995 brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_REGULATORY,
4997 /* Bring device back up so it can be used again */
4998 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1);
5000 bphy_err(drvr, "BRCMF_C_UP error %d\n", err);
5002 brcmf_vif_clear_mgmt_ies(ifp->vif);
5004 bss_enable.bsscfgidx = cpu_to_le32(ifp->bsscfgidx);
5005 bss_enable.enable = cpu_to_le32(0);
5006 err = brcmf_fil_iovar_data_set(ifp, "bss", &bss_enable,
5007 sizeof(bss_enable));
5009 bphy_err(drvr, "bss_enable config failed %d\n", err);
5011 brcmf_set_mpc(ifp, 1);
5012 brcmf_configure_arp_nd_offload(ifp, true);
5013 clear_bit(BRCMF_VIF_STATUS_AP_CREATED, &ifp->vif->sme_state);
5014 brcmf_net_setcarrier(ifp, false);
5020 brcmf_cfg80211_change_beacon(struct wiphy *wiphy, struct net_device *ndev,
5021 struct cfg80211_beacon_data *info)
5023 struct brcmf_if *ifp = netdev_priv(ndev);
5026 brcmf_dbg(TRACE, "Enter\n");
5028 err = brcmf_config_ap_mgmt_ie(ifp->vif, info);
5034 brcmf_cfg80211_del_station(struct wiphy *wiphy, struct net_device *ndev,
5035 struct station_del_parameters *params)
5037 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5038 struct brcmf_pub *drvr = cfg->pub;
5039 struct brcmf_scb_val_le scbval;
5040 struct brcmf_if *ifp = netdev_priv(ndev);
5046 brcmf_dbg(TRACE, "Enter %pM\n", params->mac);
5048 if (ifp->vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif)
5049 ifp = cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif->ifp;
5050 if (!check_vif_up(ifp->vif))
5053 memcpy(&scbval.ea, params->mac, ETH_ALEN);
5054 scbval.val = cpu_to_le32(params->reason_code);
5055 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SCB_DEAUTHENTICATE_FOR_REASON,
5056 &scbval, sizeof(scbval));
5058 bphy_err(drvr, "SCB_DEAUTHENTICATE_FOR_REASON failed %d\n",
5061 brcmf_dbg(TRACE, "Exit\n");
5066 brcmf_cfg80211_change_station(struct wiphy *wiphy, struct net_device *ndev,
5067 const u8 *mac, struct station_parameters *params)
5069 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5070 struct brcmf_pub *drvr = cfg->pub;
5071 struct brcmf_if *ifp = netdev_priv(ndev);
5074 brcmf_dbg(TRACE, "Enter, MAC %pM, mask 0x%04x set 0x%04x\n", mac,
5075 params->sta_flags_mask, params->sta_flags_set);
5077 /* Ignore all 00 MAC */
5078 if (is_zero_ether_addr(mac))
5081 if (!(params->sta_flags_mask & BIT(NL80211_STA_FLAG_AUTHORIZED)))
5084 if (params->sta_flags_set & BIT(NL80211_STA_FLAG_AUTHORIZED))
5085 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SCB_AUTHORIZE,
5086 (void *)mac, ETH_ALEN);
5088 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SCB_DEAUTHORIZE,
5089 (void *)mac, ETH_ALEN);
5091 bphy_err(drvr, "Setting SCB (de-)authorize failed, %d\n", err);
5097 brcmf_cfg80211_update_mgmt_frame_registrations(struct wiphy *wiphy,
5098 struct wireless_dev *wdev,
5099 struct mgmt_frame_regs *upd)
5101 struct brcmf_cfg80211_vif *vif;
5103 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5105 vif->mgmt_rx_reg = upd->interface_stypes;
5110 brcmf_cfg80211_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev,
5111 struct cfg80211_mgmt_tx_params *params, u64 *cookie)
5113 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5114 struct ieee80211_channel *chan = params->chan;
5115 struct brcmf_pub *drvr = cfg->pub;
5116 const u8 *buf = params->buf;
5117 size_t len = params->len;
5118 const struct ieee80211_mgmt *mgmt;
5119 struct brcmf_cfg80211_vif *vif;
5123 struct brcmf_fil_action_frame_le *action_frame;
5124 struct brcmf_fil_af_params_le *af_params;
5129 brcmf_dbg(TRACE, "Enter\n");
5133 mgmt = (const struct ieee80211_mgmt *)buf;
5135 if (!ieee80211_is_mgmt(mgmt->frame_control)) {
5136 bphy_err(drvr, "Driver only allows MGMT packet type\n");
5140 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5142 if (ieee80211_is_probe_resp(mgmt->frame_control)) {
5143 /* Right now the only reason to get a probe response */
5144 /* is for p2p listen response or for p2p GO from */
5145 /* wpa_supplicant. Unfortunately the probe is send */
5146 /* on primary ndev, while dongle wants it on the p2p */
5147 /* vif. Since this is only reason for a probe */
5148 /* response to be sent, the vif is taken from cfg. */
5149 /* If ever desired to send proberesp for non p2p */
5150 /* response then data should be checked for */
5151 /* "DIRECT-". Note in future supplicant will take */
5152 /* dedicated p2p wdev to do this and then this 'hack'*/
5153 /* is not needed anymore. */
5154 ie_offset = DOT11_MGMT_HDR_LEN +
5155 DOT11_BCN_PRB_FIXED_LEN;
5156 ie_len = len - ie_offset;
5157 if (vif == cfg->p2p.bss_idx[P2PAPI_BSSCFG_PRIMARY].vif)
5158 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
5159 err = brcmf_vif_set_mgmt_ie(vif,
5160 BRCMF_VNDR_IE_PRBRSP_FLAG,
5163 cfg80211_mgmt_tx_status(wdev, *cookie, buf, len, true,
5165 } else if (ieee80211_is_action(mgmt->frame_control)) {
5166 if (len > BRCMF_FIL_ACTION_FRAME_SIZE + DOT11_MGMT_HDR_LEN) {
5167 bphy_err(drvr, "invalid action frame length\n");
5171 af_params = kzalloc(sizeof(*af_params), GFP_KERNEL);
5172 if (af_params == NULL) {
5173 bphy_err(drvr, "unable to allocate frame\n");
5177 action_frame = &af_params->action_frame;
5178 /* Add the packet Id */
5179 action_frame->packet_id = cpu_to_le32(*cookie);
5181 memcpy(&action_frame->da[0], &mgmt->da[0], ETH_ALEN);
5182 memcpy(&af_params->bssid[0], &mgmt->bssid[0], ETH_ALEN);
5183 /* Add the length exepted for 802.11 header */
5184 action_frame->len = cpu_to_le16(len - DOT11_MGMT_HDR_LEN);
5185 /* Add the channel. Use the one specified as parameter if any or
5186 * the current one (got from the firmware) otherwise
5189 freq = chan->center_freq;
5191 brcmf_fil_cmd_int_get(vif->ifp, BRCMF_C_GET_CHANNEL,
5193 chan_nr = ieee80211_frequency_to_channel(freq);
5194 af_params->channel = cpu_to_le32(chan_nr);
5195 af_params->dwell_time = cpu_to_le32(params->wait);
5196 memcpy(action_frame->data, &buf[DOT11_MGMT_HDR_LEN],
5197 le16_to_cpu(action_frame->len));
5199 brcmf_dbg(TRACE, "Action frame, cookie=%lld, len=%d, freq=%d\n",
5200 *cookie, le16_to_cpu(action_frame->len), freq);
5202 ack = brcmf_p2p_send_action_frame(cfg, cfg_to_ndev(cfg),
5205 cfg80211_mgmt_tx_status(wdev, *cookie, buf, len, ack,
5209 brcmf_dbg(TRACE, "Unhandled, fc=%04x!!\n", mgmt->frame_control);
5210 brcmf_dbg_hex_dump(true, buf, len, "payload, len=%zu\n", len);
5217 static int brcmf_cfg80211_set_cqm_rssi_range_config(struct wiphy *wiphy,
5218 struct net_device *ndev,
5219 s32 rssi_low, s32 rssi_high)
5221 struct brcmf_cfg80211_vif *vif;
5222 struct brcmf_if *ifp;
5225 brcmf_dbg(TRACE, "low=%d high=%d", rssi_low, rssi_high);
5227 ifp = netdev_priv(ndev);
5230 if (rssi_low != vif->cqm_rssi_low || rssi_high != vif->cqm_rssi_high) {
5231 /* The firmware will send an event when the RSSI is less than or
5232 * equal to a configured level and the previous RSSI event was
5233 * less than or equal to a different level. Set a third level
5234 * so that we also detect the transition from rssi <= rssi_high
5235 * to rssi > rssi_high.
5237 struct brcmf_rssi_event_le config = {
5238 .rate_limit_msec = cpu_to_le32(0),
5239 .rssi_level_num = 3,
5241 clamp_val(rssi_low, S8_MIN, S8_MAX - 2),
5242 clamp_val(rssi_high, S8_MIN + 1, S8_MAX - 1),
5247 err = brcmf_fil_iovar_data_set(ifp, "rssi_event", &config,
5252 vif->cqm_rssi_low = rssi_low;
5253 vif->cqm_rssi_high = rssi_high;
5261 brcmf_cfg80211_cancel_remain_on_channel(struct wiphy *wiphy,
5262 struct wireless_dev *wdev,
5265 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5266 struct brcmf_pub *drvr = cfg->pub;
5267 struct brcmf_cfg80211_vif *vif;
5270 brcmf_dbg(TRACE, "Enter p2p listen cancel\n");
5272 vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
5274 bphy_err(drvr, "No p2p device available for probe response\n");
5278 brcmf_p2p_cancel_remain_on_channel(vif->ifp);
5283 static int brcmf_cfg80211_get_channel(struct wiphy *wiphy,
5284 struct wireless_dev *wdev,
5285 struct cfg80211_chan_def *chandef)
5287 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5288 struct net_device *ndev = wdev->netdev;
5289 struct brcmf_pub *drvr = cfg->pub;
5290 struct brcmu_chan ch;
5291 enum nl80211_band band = 0;
5292 enum nl80211_chan_width width = 0;
5296 if (!ndev || drvr->bus_if->state != BRCMF_BUS_UP)
5299 err = brcmf_fil_iovar_int_get(netdev_priv(ndev), "chanspec", &chanspec);
5301 bphy_err(drvr, "chanspec failed (%d)\n", err);
5305 ch.chspec = chanspec;
5306 cfg->d11inf.decchspec(&ch);
5309 case BRCMU_CHAN_BAND_2G:
5310 band = NL80211_BAND_2GHZ;
5312 case BRCMU_CHAN_BAND_5G:
5313 band = NL80211_BAND_5GHZ;
5318 case BRCMU_CHAN_BW_80:
5319 width = NL80211_CHAN_WIDTH_80;
5321 case BRCMU_CHAN_BW_40:
5322 width = NL80211_CHAN_WIDTH_40;
5324 case BRCMU_CHAN_BW_20:
5325 width = NL80211_CHAN_WIDTH_20;
5327 case BRCMU_CHAN_BW_80P80:
5328 width = NL80211_CHAN_WIDTH_80P80;
5330 case BRCMU_CHAN_BW_160:
5331 width = NL80211_CHAN_WIDTH_160;
5335 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band);
5336 chandef->chan = ieee80211_get_channel(wiphy, freq);
5337 chandef->width = width;
5338 chandef->center_freq1 = ieee80211_channel_to_frequency(ch.chnum, band);
5339 chandef->center_freq2 = 0;
5344 static int brcmf_cfg80211_crit_proto_start(struct wiphy *wiphy,
5345 struct wireless_dev *wdev,
5346 enum nl80211_crit_proto_id proto,
5349 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5350 struct brcmf_cfg80211_vif *vif;
5352 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5354 /* only DHCP support for now */
5355 if (proto != NL80211_CRIT_PROTO_DHCP)
5358 /* suppress and abort scanning */
5359 set_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
5360 brcmf_abort_scanning(cfg);
5362 return brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_DISABLED, duration);
5365 static void brcmf_cfg80211_crit_proto_stop(struct wiphy *wiphy,
5366 struct wireless_dev *wdev)
5368 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5369 struct brcmf_cfg80211_vif *vif;
5371 vif = container_of(wdev, struct brcmf_cfg80211_vif, wdev);
5373 brcmf_btcoex_set_mode(vif, BRCMF_BTCOEX_ENABLED, 0);
5374 clear_bit(BRCMF_SCAN_STATUS_SUPPRESS, &cfg->scan_status);
5378 brcmf_notify_tdls_peer_event(struct brcmf_if *ifp,
5379 const struct brcmf_event_msg *e, void *data)
5381 switch (e->reason) {
5382 case BRCMF_E_REASON_TDLS_PEER_DISCOVERED:
5383 brcmf_dbg(TRACE, "TDLS Peer Discovered\n");
5385 case BRCMF_E_REASON_TDLS_PEER_CONNECTED:
5386 brcmf_dbg(TRACE, "TDLS Peer Connected\n");
5387 brcmf_proto_add_tdls_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
5389 case BRCMF_E_REASON_TDLS_PEER_DISCONNECTED:
5390 brcmf_dbg(TRACE, "TDLS Peer Disconnected\n");
5391 brcmf_proto_delete_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
5398 static int brcmf_convert_nl80211_tdls_oper(enum nl80211_tdls_operation oper)
5403 case NL80211_TDLS_DISCOVERY_REQ:
5404 ret = BRCMF_TDLS_MANUAL_EP_DISCOVERY;
5406 case NL80211_TDLS_SETUP:
5407 ret = BRCMF_TDLS_MANUAL_EP_CREATE;
5409 case NL80211_TDLS_TEARDOWN:
5410 ret = BRCMF_TDLS_MANUAL_EP_DELETE;
5413 brcmf_err("unsupported operation: %d\n", oper);
5419 static int brcmf_cfg80211_tdls_oper(struct wiphy *wiphy,
5420 struct net_device *ndev, const u8 *peer,
5421 enum nl80211_tdls_operation oper)
5423 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5424 struct brcmf_pub *drvr = cfg->pub;
5425 struct brcmf_if *ifp;
5426 struct brcmf_tdls_iovar_le info;
5429 ret = brcmf_convert_nl80211_tdls_oper(oper);
5433 ifp = netdev_priv(ndev);
5434 memset(&info, 0, sizeof(info));
5435 info.mode = (u8)ret;
5437 memcpy(info.ea, peer, ETH_ALEN);
5439 ret = brcmf_fil_iovar_data_set(ifp, "tdls_endpoint",
5440 &info, sizeof(info));
5442 bphy_err(drvr, "tdls_endpoint iovar failed: ret=%d\n", ret);
5448 brcmf_cfg80211_update_conn_params(struct wiphy *wiphy,
5449 struct net_device *ndev,
5450 struct cfg80211_connect_params *sme,
5453 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5454 struct brcmf_pub *drvr = cfg->pub;
5455 struct brcmf_if *ifp;
5458 if (!(changed & UPDATE_ASSOC_IES))
5461 ifp = netdev_priv(ndev);
5462 err = brcmf_vif_set_mgmt_ie(ifp->vif, BRCMF_VNDR_IE_ASSOCREQ_FLAG,
5463 sme->ie, sme->ie_len);
5465 bphy_err(drvr, "Set Assoc REQ IE Failed\n");
5467 brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc request\n");
5474 brcmf_cfg80211_set_rekey_data(struct wiphy *wiphy, struct net_device *ndev,
5475 struct cfg80211_gtk_rekey_data *gtk)
5477 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
5478 struct brcmf_pub *drvr = cfg->pub;
5479 struct brcmf_if *ifp = netdev_priv(ndev);
5480 struct brcmf_gtk_keyinfo_le gtk_le;
5483 brcmf_dbg(TRACE, "Enter, bssidx=%d\n", ifp->bsscfgidx);
5485 memcpy(gtk_le.kck, gtk->kck, sizeof(gtk_le.kck));
5486 memcpy(gtk_le.kek, gtk->kek, sizeof(gtk_le.kek));
5487 memcpy(gtk_le.replay_counter, gtk->replay_ctr,
5488 sizeof(gtk_le.replay_counter));
5490 ret = brcmf_fil_iovar_data_set(ifp, "gtk_key_info", >k_le,
5493 bphy_err(drvr, "gtk_key_info iovar failed: ret=%d\n", ret);
5499 static int brcmf_cfg80211_set_pmk(struct wiphy *wiphy, struct net_device *dev,
5500 const struct cfg80211_pmk_conf *conf)
5502 struct brcmf_if *ifp;
5504 brcmf_dbg(TRACE, "enter\n");
5506 /* expect using firmware supplicant for 1X */
5507 ifp = netdev_priv(dev);
5508 if (WARN_ON(ifp->vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_1X))
5511 if (conf->pmk_len > BRCMF_WSEC_MAX_PSK_LEN)
5514 return brcmf_set_pmk(ifp, conf->pmk, conf->pmk_len);
5517 static int brcmf_cfg80211_del_pmk(struct wiphy *wiphy, struct net_device *dev,
5520 struct brcmf_if *ifp;
5522 brcmf_dbg(TRACE, "enter\n");
5523 ifp = netdev_priv(dev);
5524 if (WARN_ON(ifp->vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_1X))
5527 return brcmf_set_pmk(ifp, NULL, 0);
5530 static struct cfg80211_ops brcmf_cfg80211_ops = {
5531 .add_virtual_intf = brcmf_cfg80211_add_iface,
5532 .del_virtual_intf = brcmf_cfg80211_del_iface,
5533 .change_virtual_intf = brcmf_cfg80211_change_iface,
5534 .scan = brcmf_cfg80211_scan,
5535 .set_wiphy_params = brcmf_cfg80211_set_wiphy_params,
5536 .join_ibss = brcmf_cfg80211_join_ibss,
5537 .leave_ibss = brcmf_cfg80211_leave_ibss,
5538 .get_station = brcmf_cfg80211_get_station,
5539 .dump_station = brcmf_cfg80211_dump_station,
5540 .set_tx_power = brcmf_cfg80211_set_tx_power,
5541 .get_tx_power = brcmf_cfg80211_get_tx_power,
5542 .add_key = brcmf_cfg80211_add_key,
5543 .del_key = brcmf_cfg80211_del_key,
5544 .get_key = brcmf_cfg80211_get_key,
5545 .set_default_key = brcmf_cfg80211_config_default_key,
5546 .set_default_mgmt_key = brcmf_cfg80211_config_default_mgmt_key,
5547 .set_power_mgmt = brcmf_cfg80211_set_power_mgmt,
5548 .connect = brcmf_cfg80211_connect,
5549 .disconnect = brcmf_cfg80211_disconnect,
5550 .suspend = brcmf_cfg80211_suspend,
5551 .resume = brcmf_cfg80211_resume,
5552 .set_pmksa = brcmf_cfg80211_set_pmksa,
5553 .del_pmksa = brcmf_cfg80211_del_pmksa,
5554 .flush_pmksa = brcmf_cfg80211_flush_pmksa,
5555 .start_ap = brcmf_cfg80211_start_ap,
5556 .stop_ap = brcmf_cfg80211_stop_ap,
5557 .change_beacon = brcmf_cfg80211_change_beacon,
5558 .del_station = brcmf_cfg80211_del_station,
5559 .change_station = brcmf_cfg80211_change_station,
5560 .sched_scan_start = brcmf_cfg80211_sched_scan_start,
5561 .sched_scan_stop = brcmf_cfg80211_sched_scan_stop,
5562 .update_mgmt_frame_registrations =
5563 brcmf_cfg80211_update_mgmt_frame_registrations,
5564 .mgmt_tx = brcmf_cfg80211_mgmt_tx,
5565 .set_cqm_rssi_range_config = brcmf_cfg80211_set_cqm_rssi_range_config,
5566 .remain_on_channel = brcmf_p2p_remain_on_channel,
5567 .cancel_remain_on_channel = brcmf_cfg80211_cancel_remain_on_channel,
5568 .get_channel = brcmf_cfg80211_get_channel,
5569 .start_p2p_device = brcmf_p2p_start_device,
5570 .stop_p2p_device = brcmf_p2p_stop_device,
5571 .crit_proto_start = brcmf_cfg80211_crit_proto_start,
5572 .crit_proto_stop = brcmf_cfg80211_crit_proto_stop,
5573 .tdls_oper = brcmf_cfg80211_tdls_oper,
5574 .update_connect_params = brcmf_cfg80211_update_conn_params,
5575 .set_pmk = brcmf_cfg80211_set_pmk,
5576 .del_pmk = brcmf_cfg80211_del_pmk,
5579 struct cfg80211_ops *brcmf_cfg80211_get_ops(struct brcmf_mp_device *settings)
5581 struct cfg80211_ops *ops;
5583 ops = kmemdup(&brcmf_cfg80211_ops, sizeof(brcmf_cfg80211_ops),
5586 if (ops && settings->roamoff)
5587 ops->update_connect_params = NULL;
5592 struct brcmf_cfg80211_vif *brcmf_alloc_vif(struct brcmf_cfg80211_info *cfg,
5593 enum nl80211_iftype type)
5595 struct brcmf_cfg80211_vif *vif_walk;
5596 struct brcmf_cfg80211_vif *vif;
5598 struct brcmf_if *ifp = brcmf_get_ifp(cfg->pub, 0);
5600 brcmf_dbg(TRACE, "allocating virtual interface (size=%zu)\n",
5602 vif = kzalloc(sizeof(*vif), GFP_KERNEL);
5604 return ERR_PTR(-ENOMEM);
5606 vif->wdev.wiphy = cfg->wiphy;
5607 vif->wdev.iftype = type;
5609 brcmf_init_prof(&vif->profile);
5611 if (type == NL80211_IFTYPE_AP &&
5612 brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS)) {
5614 list_for_each_entry(vif_walk, &cfg->vif_list, list) {
5615 if (vif_walk->wdev.iftype == NL80211_IFTYPE_AP) {
5623 list_add_tail(&vif->list, &cfg->vif_list);
5627 void brcmf_free_vif(struct brcmf_cfg80211_vif *vif)
5629 list_del(&vif->list);
5633 void brcmf_cfg80211_free_netdev(struct net_device *ndev)
5635 struct brcmf_cfg80211_vif *vif;
5636 struct brcmf_if *ifp;
5638 ifp = netdev_priv(ndev);
5642 brcmf_free_vif(vif);
5645 static bool brcmf_is_linkup(struct brcmf_cfg80211_vif *vif,
5646 const struct brcmf_event_msg *e)
5648 u32 event = e->event_code;
5649 u32 status = e->status;
5651 if ((vif->profile.use_fwsup == BRCMF_PROFILE_FWSUP_PSK ||
5652 vif->profile.use_fwsup == BRCMF_PROFILE_FWSUP_SAE) &&
5653 event == BRCMF_E_PSK_SUP &&
5654 status == BRCMF_E_STATUS_FWSUP_COMPLETED)
5655 set_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
5656 if (event == BRCMF_E_SET_SSID && status == BRCMF_E_STATUS_SUCCESS) {
5657 brcmf_dbg(CONN, "Processing set ssid\n");
5658 memcpy(vif->profile.bssid, e->addr, ETH_ALEN);
5659 if (vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_PSK &&
5660 vif->profile.use_fwsup != BRCMF_PROFILE_FWSUP_SAE)
5663 set_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
5666 if (test_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state) &&
5667 test_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state)) {
5668 clear_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
5669 clear_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
5675 static bool brcmf_is_linkdown(struct brcmf_cfg80211_vif *vif,
5676 const struct brcmf_event_msg *e)
5678 u32 event = e->event_code;
5679 u16 flags = e->flags;
5681 if ((event == BRCMF_E_DEAUTH) || (event == BRCMF_E_DEAUTH_IND) ||
5682 (event == BRCMF_E_DISASSOC_IND) ||
5683 ((event == BRCMF_E_LINK) && (!(flags & BRCMF_EVENT_MSG_LINK)))) {
5684 brcmf_dbg(CONN, "Processing link down\n");
5685 clear_bit(BRCMF_VIF_STATUS_EAP_SUCCESS, &vif->sme_state);
5686 clear_bit(BRCMF_VIF_STATUS_ASSOC_SUCCESS, &vif->sme_state);
5692 static bool brcmf_is_nonetwork(struct brcmf_cfg80211_info *cfg,
5693 const struct brcmf_event_msg *e)
5695 u32 event = e->event_code;
5696 u32 status = e->status;
5698 if (event == BRCMF_E_LINK && status == BRCMF_E_STATUS_NO_NETWORKS) {
5699 brcmf_dbg(CONN, "Processing Link %s & no network found\n",
5700 e->flags & BRCMF_EVENT_MSG_LINK ? "up" : "down");
5704 if (event == BRCMF_E_SET_SSID && status != BRCMF_E_STATUS_SUCCESS) {
5705 brcmf_dbg(CONN, "Processing connecting & no network found\n");
5709 if (event == BRCMF_E_PSK_SUP &&
5710 status != BRCMF_E_STATUS_FWSUP_COMPLETED) {
5711 brcmf_dbg(CONN, "Processing failed supplicant state: %u\n",
5719 static void brcmf_clear_assoc_ies(struct brcmf_cfg80211_info *cfg)
5721 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5723 kfree(conn_info->req_ie);
5724 conn_info->req_ie = NULL;
5725 conn_info->req_ie_len = 0;
5726 kfree(conn_info->resp_ie);
5727 conn_info->resp_ie = NULL;
5728 conn_info->resp_ie_len = 0;
5731 u8 brcmf_map_prio_to_prec(void *config, u8 prio)
5733 struct brcmf_cfg80211_info *cfg = (struct brcmf_cfg80211_info *)config;
5736 return (prio == PRIO_8021D_NONE || prio == PRIO_8021D_BE) ?
5739 /* For those AC(s) with ACM flag set to 1, convert its 4-level priority
5740 * to an 8-level precedence which is the same as BE's
5742 if (prio > PRIO_8021D_EE &&
5743 cfg->ac_priority[prio] == cfg->ac_priority[PRIO_8021D_BE])
5744 return cfg->ac_priority[prio] * 2;
5746 /* Conversion of 4-level priority to 8-level precedence */
5747 if (prio == PRIO_8021D_BE || prio == PRIO_8021D_BK ||
5748 prio == PRIO_8021D_CL || prio == PRIO_8021D_VO)
5749 return cfg->ac_priority[prio] * 2;
5751 return cfg->ac_priority[prio] * 2 + 1;
5754 u8 brcmf_map_prio_to_aci(void *config, u8 prio)
5756 /* Prio here refers to the 802.1d priority in range of 0 to 7.
5757 * ACI here refers to the WLAN AC Index in range of 0 to 3.
5758 * This function will return ACI corresponding to input prio.
5760 struct brcmf_cfg80211_info *cfg = (struct brcmf_cfg80211_info *)config;
5763 return cfg->ac_priority[prio];
5768 static void brcmf_init_wmm_prio(u8 *priority)
5770 /* Initialize AC priority array to default
5771 * 802.1d priority as per following table:
5772 * 802.1d prio 0,3 maps to BE
5773 * 802.1d prio 1,2 maps to BK
5774 * 802.1d prio 4,5 maps to VI
5775 * 802.1d prio 6,7 maps to VO
5777 priority[0] = BRCMF_FWS_FIFO_AC_BE;
5778 priority[3] = BRCMF_FWS_FIFO_AC_BE;
5779 priority[1] = BRCMF_FWS_FIFO_AC_BK;
5780 priority[2] = BRCMF_FWS_FIFO_AC_BK;
5781 priority[4] = BRCMF_FWS_FIFO_AC_VI;
5782 priority[5] = BRCMF_FWS_FIFO_AC_VI;
5783 priority[6] = BRCMF_FWS_FIFO_AC_VO;
5784 priority[7] = BRCMF_FWS_FIFO_AC_VO;
5787 static void brcmf_wifi_prioritize_acparams(const
5788 struct brcmf_cfg80211_edcf_acparam *acp, u8 *priority)
5795 u8 ranking_basis[EDCF_AC_COUNT];
5796 u8 aci_prio[EDCF_AC_COUNT]; /* AC_BE, AC_BK, AC_VI, AC_VO */
5799 for (aci = 0; aci < EDCF_AC_COUNT; aci++, acp++) {
5800 aifsn = acp->ACI & EDCF_AIFSN_MASK;
5801 acm = (acp->ACI & EDCF_ACM_MASK) ? 1 : 0;
5802 ecwmin = acp->ECW & EDCF_ECWMIN_MASK;
5803 ecwmax = (acp->ECW & EDCF_ECWMAX_MASK) >> EDCF_ECWMAX_SHIFT;
5804 brcmf_dbg(CONN, "ACI %d aifsn %d acm %d ecwmin %d ecwmax %d\n",
5805 aci, aifsn, acm, ecwmin, ecwmax);
5806 /* Default AC_VO will be the lowest ranking value */
5807 ranking_basis[aci] = aifsn + ecwmin + ecwmax;
5808 /* Initialise priority starting at 0 (AC_BE) */
5811 /* If ACM is set, STA can't use this AC as per 802.11.
5812 * Change the ranking to BE
5814 if (aci != AC_BE && aci != AC_BK && acm == 1)
5815 ranking_basis[aci] = ranking_basis[AC_BE];
5818 /* Ranking method which works for AC priority
5819 * swapping when values for cwmin, cwmax and aifsn are varied
5820 * Compare each aci_prio against each other aci_prio
5822 for (aci = 0; aci < EDCF_AC_COUNT; aci++) {
5823 for (index = 0; index < EDCF_AC_COUNT; index++) {
5825 /* Smaller ranking value has higher priority,
5826 * so increment priority for each ACI which has
5827 * a higher ranking value
5829 if (ranking_basis[aci] < ranking_basis[index])
5835 /* By now, aci_prio[] will be in range of 0 to 3.
5836 * Use ACI prio to get the new priority value for
5837 * each 802.1d traffic type, in this range.
5839 if (!(aci_prio[AC_BE] == aci_prio[AC_BK] &&
5840 aci_prio[AC_BK] == aci_prio[AC_VI] &&
5841 aci_prio[AC_VI] == aci_prio[AC_VO])) {
5842 /* 802.1d 0,3 maps to BE */
5843 priority[0] = aci_prio[AC_BE];
5844 priority[3] = aci_prio[AC_BE];
5846 /* 802.1d 1,2 maps to BK */
5847 priority[1] = aci_prio[AC_BK];
5848 priority[2] = aci_prio[AC_BK];
5850 /* 802.1d 4,5 maps to VO */
5851 priority[4] = aci_prio[AC_VI];
5852 priority[5] = aci_prio[AC_VI];
5854 /* 802.1d 6,7 maps to VO */
5855 priority[6] = aci_prio[AC_VO];
5856 priority[7] = aci_prio[AC_VO];
5858 /* Initialize to default priority */
5859 brcmf_init_wmm_prio(priority);
5862 brcmf_dbg(CONN, "Adj prio BE 0->%d, BK 1->%d, BK 2->%d, BE 3->%d\n",
5863 priority[0], priority[1], priority[2], priority[3]);
5865 brcmf_dbg(CONN, "Adj prio VI 4->%d, VI 5->%d, VO 6->%d, VO 7->%d\n",
5866 priority[4], priority[5], priority[6], priority[7]);
5869 static s32 brcmf_get_assoc_ies(struct brcmf_cfg80211_info *cfg,
5870 struct brcmf_if *ifp)
5872 struct brcmf_pub *drvr = cfg->pub;
5873 struct brcmf_cfg80211_assoc_ielen_le *assoc_info;
5874 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5875 struct brcmf_cfg80211_edcf_acparam edcf_acparam_info[EDCF_AC_COUNT];
5880 brcmf_clear_assoc_ies(cfg);
5882 err = brcmf_fil_iovar_data_get(ifp, "assoc_info",
5883 cfg->extra_buf, WL_ASSOC_INFO_MAX);
5885 bphy_err(drvr, "could not get assoc info (%d)\n", err);
5889 (struct brcmf_cfg80211_assoc_ielen_le *)cfg->extra_buf;
5890 req_len = le32_to_cpu(assoc_info->req_len);
5891 resp_len = le32_to_cpu(assoc_info->resp_len);
5893 err = brcmf_fil_iovar_data_get(ifp, "assoc_req_ies",
5897 bphy_err(drvr, "could not get assoc req (%d)\n", err);
5900 conn_info->req_ie_len = req_len;
5902 kmemdup(cfg->extra_buf, conn_info->req_ie_len,
5904 if (!conn_info->req_ie)
5905 conn_info->req_ie_len = 0;
5907 conn_info->req_ie_len = 0;
5908 conn_info->req_ie = NULL;
5911 err = brcmf_fil_iovar_data_get(ifp, "assoc_resp_ies",
5915 bphy_err(drvr, "could not get assoc resp (%d)\n", err);
5918 conn_info->resp_ie_len = resp_len;
5919 conn_info->resp_ie =
5920 kmemdup(cfg->extra_buf, conn_info->resp_ie_len,
5922 if (!conn_info->resp_ie)
5923 conn_info->resp_ie_len = 0;
5925 err = brcmf_fil_iovar_data_get(ifp, "wme_ac_sta",
5927 sizeof(edcf_acparam_info));
5929 brcmf_err("could not get wme_ac_sta (%d)\n", err);
5933 brcmf_wifi_prioritize_acparams(edcf_acparam_info,
5936 conn_info->resp_ie_len = 0;
5937 conn_info->resp_ie = NULL;
5939 brcmf_dbg(CONN, "req len (%d) resp len (%d)\n",
5940 conn_info->req_ie_len, conn_info->resp_ie_len);
5946 brcmf_bss_roaming_done(struct brcmf_cfg80211_info *cfg,
5947 struct net_device *ndev,
5948 const struct brcmf_event_msg *e)
5950 struct brcmf_if *ifp = netdev_priv(ndev);
5951 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
5952 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
5953 struct wiphy *wiphy = cfg_to_wiphy(cfg);
5954 struct ieee80211_channel *notify_channel = NULL;
5955 struct ieee80211_supported_band *band;
5956 struct brcmf_bss_info_le *bi;
5957 struct brcmu_chan ch;
5958 struct cfg80211_roam_info roam_info = {};
5963 brcmf_dbg(TRACE, "Enter\n");
5965 brcmf_get_assoc_ies(cfg, ifp);
5966 memcpy(profile->bssid, e->addr, ETH_ALEN);
5967 brcmf_update_bss_info(cfg, ifp);
5969 buf = kzalloc(WL_BSS_INFO_MAX, GFP_KERNEL);
5975 /* data sent to dongle has to be little endian */
5976 *(__le32 *)buf = cpu_to_le32(WL_BSS_INFO_MAX);
5977 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BSS_INFO,
5978 buf, WL_BSS_INFO_MAX);
5983 bi = (struct brcmf_bss_info_le *)(buf + 4);
5984 ch.chspec = le16_to_cpu(bi->chanspec);
5985 cfg->d11inf.decchspec(&ch);
5987 if (ch.band == BRCMU_CHAN_BAND_2G)
5988 band = wiphy->bands[NL80211_BAND_2GHZ];
5990 band = wiphy->bands[NL80211_BAND_5GHZ];
5992 freq = ieee80211_channel_to_frequency(ch.control_ch_num, band->band);
5993 notify_channel = ieee80211_get_channel(wiphy, freq);
5998 roam_info.channel = notify_channel;
5999 roam_info.bssid = profile->bssid;
6000 roam_info.req_ie = conn_info->req_ie;
6001 roam_info.req_ie_len = conn_info->req_ie_len;
6002 roam_info.resp_ie = conn_info->resp_ie;
6003 roam_info.resp_ie_len = conn_info->resp_ie_len;
6005 cfg80211_roamed(ndev, &roam_info, GFP_KERNEL);
6006 brcmf_dbg(CONN, "Report roaming result\n");
6008 if (profile->use_fwsup == BRCMF_PROFILE_FWSUP_1X && profile->is_ft) {
6009 cfg80211_port_authorized(ndev, profile->bssid, GFP_KERNEL);
6010 brcmf_dbg(CONN, "Report port authorized\n");
6013 set_bit(BRCMF_VIF_STATUS_CONNECTED, &ifp->vif->sme_state);
6014 brcmf_dbg(TRACE, "Exit\n");
6019 brcmf_bss_connect_done(struct brcmf_cfg80211_info *cfg,
6020 struct net_device *ndev, const struct brcmf_event_msg *e,
6023 struct brcmf_if *ifp = netdev_priv(ndev);
6024 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
6025 struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
6026 struct cfg80211_connect_resp_params conn_params;
6028 brcmf_dbg(TRACE, "Enter\n");
6030 if (test_and_clear_bit(BRCMF_VIF_STATUS_CONNECTING,
6031 &ifp->vif->sme_state)) {
6032 memset(&conn_params, 0, sizeof(conn_params));
6034 brcmf_get_assoc_ies(cfg, ifp);
6035 brcmf_update_bss_info(cfg, ifp);
6036 set_bit(BRCMF_VIF_STATUS_CONNECTED,
6037 &ifp->vif->sme_state);
6038 conn_params.status = WLAN_STATUS_SUCCESS;
6040 conn_params.status = WLAN_STATUS_AUTH_TIMEOUT;
6042 conn_params.bssid = profile->bssid;
6043 conn_params.req_ie = conn_info->req_ie;
6044 conn_params.req_ie_len = conn_info->req_ie_len;
6045 conn_params.resp_ie = conn_info->resp_ie;
6046 conn_params.resp_ie_len = conn_info->resp_ie_len;
6047 cfg80211_connect_done(ndev, &conn_params, GFP_KERNEL);
6048 brcmf_dbg(CONN, "Report connect result - connection %s\n",
6049 completed ? "succeeded" : "failed");
6051 brcmf_dbg(TRACE, "Exit\n");
6056 brcmf_notify_connect_status_ap(struct brcmf_cfg80211_info *cfg,
6057 struct net_device *ndev,
6058 const struct brcmf_event_msg *e, void *data)
6060 struct brcmf_pub *drvr = cfg->pub;
6061 static int generation;
6062 u32 event = e->event_code;
6063 u32 reason = e->reason;
6064 struct station_info *sinfo;
6066 brcmf_dbg(CONN, "event %s (%u), reason %d\n",
6067 brcmf_fweh_event_name(event), event, reason);
6068 if (event == BRCMF_E_LINK && reason == BRCMF_E_REASON_LINK_BSSCFG_DIS &&
6069 ndev != cfg_to_ndev(cfg)) {
6070 brcmf_dbg(CONN, "AP mode link down\n");
6071 complete(&cfg->vif_disabled);
6075 if (((event == BRCMF_E_ASSOC_IND) || (event == BRCMF_E_REASSOC_IND)) &&
6076 (reason == BRCMF_E_STATUS_SUCCESS)) {
6078 bphy_err(drvr, "No IEs present in ASSOC/REASSOC_IND\n");
6082 sinfo = kzalloc(sizeof(*sinfo), GFP_KERNEL);
6086 sinfo->assoc_req_ies = data;
6087 sinfo->assoc_req_ies_len = e->datalen;
6089 sinfo->generation = generation;
6090 cfg80211_new_sta(ndev, e->addr, sinfo, GFP_KERNEL);
6093 } else if ((event == BRCMF_E_DISASSOC_IND) ||
6094 (event == BRCMF_E_DEAUTH_IND) ||
6095 (event == BRCMF_E_DEAUTH)) {
6096 cfg80211_del_sta(ndev, e->addr, GFP_KERNEL);
6102 brcmf_notify_connect_status(struct brcmf_if *ifp,
6103 const struct brcmf_event_msg *e, void *data)
6105 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6106 struct net_device *ndev = ifp->ndev;
6107 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
6108 struct ieee80211_channel *chan;
6111 if ((e->event_code == BRCMF_E_DEAUTH) ||
6112 (e->event_code == BRCMF_E_DEAUTH_IND) ||
6113 (e->event_code == BRCMF_E_DISASSOC_IND) ||
6114 ((e->event_code == BRCMF_E_LINK) && (!e->flags))) {
6115 brcmf_proto_delete_peer(ifp->drvr, ifp->ifidx, (u8 *)e->addr);
6118 if (brcmf_is_apmode(ifp->vif)) {
6119 err = brcmf_notify_connect_status_ap(cfg, ndev, e, data);
6120 } else if (brcmf_is_linkup(ifp->vif, e)) {
6121 brcmf_dbg(CONN, "Linkup\n");
6122 if (brcmf_is_ibssmode(ifp->vif)) {
6123 brcmf_inform_ibss(cfg, ndev, e->addr);
6124 chan = ieee80211_get_channel(cfg->wiphy, cfg->channel);
6125 memcpy(profile->bssid, e->addr, ETH_ALEN);
6126 cfg80211_ibss_joined(ndev, e->addr, chan, GFP_KERNEL);
6127 clear_bit(BRCMF_VIF_STATUS_CONNECTING,
6128 &ifp->vif->sme_state);
6129 set_bit(BRCMF_VIF_STATUS_CONNECTED,
6130 &ifp->vif->sme_state);
6132 brcmf_bss_connect_done(cfg, ndev, e, true);
6133 brcmf_net_setcarrier(ifp, true);
6134 } else if (brcmf_is_linkdown(ifp->vif, e)) {
6135 brcmf_dbg(CONN, "Linkdown\n");
6136 if (!brcmf_is_ibssmode(ifp->vif) &&
6137 test_bit(BRCMF_VIF_STATUS_CONNECTED,
6138 &ifp->vif->sme_state)) {
6139 if (memcmp(profile->bssid, e->addr, ETH_ALEN))
6142 brcmf_bss_connect_done(cfg, ndev, e, false);
6143 brcmf_link_down(ifp->vif,
6144 brcmf_map_fw_linkdown_reason(e),
6146 (BRCMF_E_DEAUTH_IND |
6147 BRCMF_E_DISASSOC_IND)
6149 brcmf_init_prof(ndev_to_prof(ndev));
6150 if (ndev != cfg_to_ndev(cfg))
6151 complete(&cfg->vif_disabled);
6152 brcmf_net_setcarrier(ifp, false);
6154 } else if (brcmf_is_nonetwork(cfg, e)) {
6155 if (brcmf_is_ibssmode(ifp->vif))
6156 clear_bit(BRCMF_VIF_STATUS_CONNECTING,
6157 &ifp->vif->sme_state);
6159 brcmf_bss_connect_done(cfg, ndev, e, false);
6166 brcmf_notify_roaming_status(struct brcmf_if *ifp,
6167 const struct brcmf_event_msg *e, void *data)
6169 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6170 u32 event = e->event_code;
6171 u32 status = e->status;
6173 if (event == BRCMF_E_ROAM && status == BRCMF_E_STATUS_SUCCESS) {
6174 if (test_bit(BRCMF_VIF_STATUS_CONNECTED,
6175 &ifp->vif->sme_state)) {
6176 brcmf_bss_roaming_done(cfg, ifp->ndev, e);
6178 brcmf_bss_connect_done(cfg, ifp->ndev, e, true);
6179 brcmf_net_setcarrier(ifp, true);
6187 brcmf_notify_mic_status(struct brcmf_if *ifp,
6188 const struct brcmf_event_msg *e, void *data)
6190 u16 flags = e->flags;
6191 enum nl80211_key_type key_type;
6193 if (flags & BRCMF_EVENT_MSG_GROUP)
6194 key_type = NL80211_KEYTYPE_GROUP;
6196 key_type = NL80211_KEYTYPE_PAIRWISE;
6198 cfg80211_michael_mic_failure(ifp->ndev, (u8 *)&e->addr, key_type, -1,
6204 static s32 brcmf_notify_rssi(struct brcmf_if *ifp,
6205 const struct brcmf_event_msg *e, void *data)
6207 struct brcmf_cfg80211_vif *vif = ifp->vif;
6208 struct brcmf_rssi_be *info = data;
6209 s32 rssi, snr, noise;
6210 s32 low, high, last;
6212 if (e->datalen < sizeof(*info)) {
6213 brcmf_err("insufficient RSSI event data\n");
6217 rssi = be32_to_cpu(info->rssi);
6218 snr = be32_to_cpu(info->snr);
6219 noise = be32_to_cpu(info->noise);
6221 low = vif->cqm_rssi_low;
6222 high = vif->cqm_rssi_high;
6223 last = vif->cqm_rssi_last;
6225 brcmf_dbg(TRACE, "rssi=%d snr=%d noise=%d low=%d high=%d last=%d\n",
6226 rssi, snr, noise, low, high, last);
6228 vif->cqm_rssi_last = rssi;
6230 if (rssi <= low || rssi == 0) {
6231 brcmf_dbg(INFO, "LOW rssi=%d\n", rssi);
6232 cfg80211_cqm_rssi_notify(ifp->ndev,
6233 NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW,
6235 } else if (rssi > high) {
6236 brcmf_dbg(INFO, "HIGH rssi=%d\n", rssi);
6237 cfg80211_cqm_rssi_notify(ifp->ndev,
6238 NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH,
6245 static s32 brcmf_notify_vif_event(struct brcmf_if *ifp,
6246 const struct brcmf_event_msg *e, void *data)
6248 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
6249 struct brcmf_if_event *ifevent = (struct brcmf_if_event *)data;
6250 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
6251 struct brcmf_cfg80211_vif *vif;
6253 brcmf_dbg(TRACE, "Enter: action %u flags %u ifidx %u bsscfgidx %u\n",
6254 ifevent->action, ifevent->flags, ifevent->ifidx,
6255 ifevent->bsscfgidx);
6257 spin_lock(&event->vif_event_lock);
6258 event->action = ifevent->action;
6261 switch (ifevent->action) {
6262 case BRCMF_E_IF_ADD:
6263 /* waiting process may have timed out */
6264 if (!cfg->vif_event.vif) {
6265 spin_unlock(&event->vif_event_lock);
6272 vif->wdev.netdev = ifp->ndev;
6273 ifp->ndev->ieee80211_ptr = &vif->wdev;
6274 SET_NETDEV_DEV(ifp->ndev, wiphy_dev(cfg->wiphy));
6276 spin_unlock(&event->vif_event_lock);
6277 wake_up(&event->vif_wq);
6280 case BRCMF_E_IF_DEL:
6281 spin_unlock(&event->vif_event_lock);
6282 /* event may not be upon user request */
6283 if (brcmf_cfg80211_vif_event_armed(cfg))
6284 wake_up(&event->vif_wq);
6287 case BRCMF_E_IF_CHANGE:
6288 spin_unlock(&event->vif_event_lock);
6289 wake_up(&event->vif_wq);
6293 spin_unlock(&event->vif_event_lock);
6299 static void brcmf_init_conf(struct brcmf_cfg80211_conf *conf)
6301 conf->frag_threshold = (u32)-1;
6302 conf->rts_threshold = (u32)-1;
6303 conf->retry_short = (u32)-1;
6304 conf->retry_long = (u32)-1;
6307 static void brcmf_register_event_handlers(struct brcmf_cfg80211_info *cfg)
6309 brcmf_fweh_register(cfg->pub, BRCMF_E_LINK,
6310 brcmf_notify_connect_status);
6311 brcmf_fweh_register(cfg->pub, BRCMF_E_DEAUTH_IND,
6312 brcmf_notify_connect_status);
6313 brcmf_fweh_register(cfg->pub, BRCMF_E_DEAUTH,
6314 brcmf_notify_connect_status);
6315 brcmf_fweh_register(cfg->pub, BRCMF_E_DISASSOC_IND,
6316 brcmf_notify_connect_status);
6317 brcmf_fweh_register(cfg->pub, BRCMF_E_ASSOC_IND,
6318 brcmf_notify_connect_status);
6319 brcmf_fweh_register(cfg->pub, BRCMF_E_REASSOC_IND,
6320 brcmf_notify_connect_status);
6321 brcmf_fweh_register(cfg->pub, BRCMF_E_ROAM,
6322 brcmf_notify_roaming_status);
6323 brcmf_fweh_register(cfg->pub, BRCMF_E_MIC_ERROR,
6324 brcmf_notify_mic_status);
6325 brcmf_fweh_register(cfg->pub, BRCMF_E_SET_SSID,
6326 brcmf_notify_connect_status);
6327 brcmf_fweh_register(cfg->pub, BRCMF_E_PFN_NET_FOUND,
6328 brcmf_notify_sched_scan_results);
6329 brcmf_fweh_register(cfg->pub, BRCMF_E_IF,
6330 brcmf_notify_vif_event);
6331 brcmf_fweh_register(cfg->pub, BRCMF_E_P2P_PROBEREQ_MSG,
6332 brcmf_p2p_notify_rx_mgmt_p2p_probereq);
6333 brcmf_fweh_register(cfg->pub, BRCMF_E_P2P_DISC_LISTEN_COMPLETE,
6334 brcmf_p2p_notify_listen_complete);
6335 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_RX,
6336 brcmf_p2p_notify_action_frame_rx);
6337 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_COMPLETE,
6338 brcmf_p2p_notify_action_tx_complete);
6339 brcmf_fweh_register(cfg->pub, BRCMF_E_ACTION_FRAME_OFF_CHAN_COMPLETE,
6340 brcmf_p2p_notify_action_tx_complete);
6341 brcmf_fweh_register(cfg->pub, BRCMF_E_PSK_SUP,
6342 brcmf_notify_connect_status);
6343 brcmf_fweh_register(cfg->pub, BRCMF_E_RSSI, brcmf_notify_rssi);
6346 static void brcmf_deinit_priv_mem(struct brcmf_cfg80211_info *cfg)
6350 kfree(cfg->extra_buf);
6351 cfg->extra_buf = NULL;
6352 kfree(cfg->wowl.nd);
6353 cfg->wowl.nd = NULL;
6354 kfree(cfg->wowl.nd_info);
6355 cfg->wowl.nd_info = NULL;
6356 kfree(cfg->escan_info.escan_buf);
6357 cfg->escan_info.escan_buf = NULL;
6360 static s32 brcmf_init_priv_mem(struct brcmf_cfg80211_info *cfg)
6362 cfg->conf = kzalloc(sizeof(*cfg->conf), GFP_KERNEL);
6364 goto init_priv_mem_out;
6365 cfg->extra_buf = kzalloc(WL_EXTRA_BUF_MAX, GFP_KERNEL);
6366 if (!cfg->extra_buf)
6367 goto init_priv_mem_out;
6368 cfg->wowl.nd = kzalloc(sizeof(*cfg->wowl.nd) + sizeof(u32), GFP_KERNEL);
6370 goto init_priv_mem_out;
6371 cfg->wowl.nd_info = kzalloc(sizeof(*cfg->wowl.nd_info) +
6372 sizeof(struct cfg80211_wowlan_nd_match *),
6374 if (!cfg->wowl.nd_info)
6375 goto init_priv_mem_out;
6376 cfg->escan_info.escan_buf = kzalloc(BRCMF_ESCAN_BUF_SIZE, GFP_KERNEL);
6377 if (!cfg->escan_info.escan_buf)
6378 goto init_priv_mem_out;
6383 brcmf_deinit_priv_mem(cfg);
6388 static s32 wl_init_priv(struct brcmf_cfg80211_info *cfg)
6392 cfg->scan_request = NULL;
6393 cfg->pwr_save = true;
6394 cfg->dongle_up = false; /* dongle is not up yet */
6395 err = brcmf_init_priv_mem(cfg);
6398 brcmf_register_event_handlers(cfg);
6399 mutex_init(&cfg->usr_sync);
6400 brcmf_init_escan(cfg);
6401 brcmf_init_conf(cfg->conf);
6402 brcmf_init_wmm_prio(cfg->ac_priority);
6403 init_completion(&cfg->vif_disabled);
6407 static void wl_deinit_priv(struct brcmf_cfg80211_info *cfg)
6409 cfg->dongle_up = false; /* dongle down */
6410 brcmf_abort_scanning(cfg);
6411 brcmf_deinit_priv_mem(cfg);
6414 static void init_vif_event(struct brcmf_cfg80211_vif_event *event)
6416 init_waitqueue_head(&event->vif_wq);
6417 spin_lock_init(&event->vif_event_lock);
6420 static s32 brcmf_dongle_roam(struct brcmf_if *ifp)
6422 struct brcmf_pub *drvr = ifp->drvr;
6425 __le32 roamtrigger[2];
6426 __le32 roam_delta[2];
6428 /* Configure beacon timeout value based upon roaming setting */
6429 if (ifp->drvr->settings->roamoff)
6430 bcn_timeout = BRCMF_DEFAULT_BCN_TIMEOUT_ROAM_OFF;
6432 bcn_timeout = BRCMF_DEFAULT_BCN_TIMEOUT_ROAM_ON;
6433 err = brcmf_fil_iovar_int_set(ifp, "bcn_timeout", bcn_timeout);
6435 bphy_err(drvr, "bcn_timeout error (%d)\n", err);
6436 goto roam_setup_done;
6439 /* Enable/Disable built-in roaming to allow supplicant to take care of
6442 brcmf_dbg(INFO, "Internal Roaming = %s\n",
6443 ifp->drvr->settings->roamoff ? "Off" : "On");
6444 err = brcmf_fil_iovar_int_set(ifp, "roam_off",
6445 ifp->drvr->settings->roamoff);
6447 bphy_err(drvr, "roam_off error (%d)\n", err);
6448 goto roam_setup_done;
6451 roamtrigger[0] = cpu_to_le32(WL_ROAM_TRIGGER_LEVEL);
6452 roamtrigger[1] = cpu_to_le32(BRCM_BAND_ALL);
6453 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_TRIGGER,
6454 (void *)roamtrigger, sizeof(roamtrigger));
6456 bphy_err(drvr, "WLC_SET_ROAM_TRIGGER error (%d)\n", err);
6458 roam_delta[0] = cpu_to_le32(WL_ROAM_DELTA);
6459 roam_delta[1] = cpu_to_le32(BRCM_BAND_ALL);
6460 err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_DELTA,
6461 (void *)roam_delta, sizeof(roam_delta));
6463 bphy_err(drvr, "WLC_SET_ROAM_DELTA error (%d)\n", err);
6472 brcmf_dongle_scantime(struct brcmf_if *ifp)
6474 struct brcmf_pub *drvr = ifp->drvr;
6477 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_CHANNEL_TIME,
6478 BRCMF_SCAN_CHANNEL_TIME);
6480 bphy_err(drvr, "Scan assoc time error (%d)\n", err);
6481 goto dongle_scantime_out;
6483 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_UNASSOC_TIME,
6484 BRCMF_SCAN_UNASSOC_TIME);
6486 bphy_err(drvr, "Scan unassoc time error (%d)\n", err);
6487 goto dongle_scantime_out;
6490 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_SCAN_PASSIVE_TIME,
6491 BRCMF_SCAN_PASSIVE_TIME);
6493 bphy_err(drvr, "Scan passive time error (%d)\n", err);
6494 goto dongle_scantime_out;
6497 dongle_scantime_out:
6501 static void brcmf_update_bw40_channel_flag(struct ieee80211_channel *channel,
6502 struct brcmu_chan *ch)
6506 ht40_flag = channel->flags & IEEE80211_CHAN_NO_HT40;
6507 if (ch->sb == BRCMU_CHAN_SB_U) {
6508 if (ht40_flag == IEEE80211_CHAN_NO_HT40)
6509 channel->flags &= ~IEEE80211_CHAN_NO_HT40;
6510 channel->flags |= IEEE80211_CHAN_NO_HT40PLUS;
6512 /* It should be one of
6513 * IEEE80211_CHAN_NO_HT40 or
6514 * IEEE80211_CHAN_NO_HT40PLUS
6516 channel->flags &= ~IEEE80211_CHAN_NO_HT40;
6517 if (ht40_flag == IEEE80211_CHAN_NO_HT40)
6518 channel->flags |= IEEE80211_CHAN_NO_HT40MINUS;
6522 static int brcmf_construct_chaninfo(struct brcmf_cfg80211_info *cfg,
6525 struct wiphy *wiphy = cfg_to_wiphy(cfg);
6526 struct brcmf_pub *drvr = cfg->pub;
6527 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0);
6528 struct ieee80211_supported_band *band;
6529 struct ieee80211_channel *channel;
6530 struct brcmf_chanspec_list *list;
6531 struct brcmu_chan ch;
6538 pbuf = kzalloc(BRCMF_DCMD_MEDLEN, GFP_KERNEL);
6543 list = (struct brcmf_chanspec_list *)pbuf;
6545 err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf,
6548 bphy_err(drvr, "get chanspecs error (%d)\n", err);
6552 band = wiphy->bands[NL80211_BAND_2GHZ];
6554 for (i = 0; i < band->n_channels; i++)
6555 band->channels[i].flags = IEEE80211_CHAN_DISABLED;
6556 band = wiphy->bands[NL80211_BAND_5GHZ];
6558 for (i = 0; i < band->n_channels; i++)
6559 band->channels[i].flags = IEEE80211_CHAN_DISABLED;
6561 total = le32_to_cpu(list->count);
6562 for (i = 0; i < total; i++) {
6563 ch.chspec = (u16)le32_to_cpu(list->element[i]);
6564 cfg->d11inf.decchspec(&ch);
6566 if (ch.band == BRCMU_CHAN_BAND_2G) {
6567 band = wiphy->bands[NL80211_BAND_2GHZ];
6568 } else if (ch.band == BRCMU_CHAN_BAND_5G) {
6569 band = wiphy->bands[NL80211_BAND_5GHZ];
6571 bphy_err(drvr, "Invalid channel Spec. 0x%x.\n",
6577 if (!(bw_cap[band->band] & WLC_BW_40MHZ_BIT) &&
6578 ch.bw == BRCMU_CHAN_BW_40)
6580 if (!(bw_cap[band->band] & WLC_BW_80MHZ_BIT) &&
6581 ch.bw == BRCMU_CHAN_BW_80)
6585 for (j = 0; j < band->n_channels; j++) {
6586 if (band->channels[j].hw_value == ch.control_ch_num) {
6587 channel = &band->channels[j];
6592 /* It seems firmware supports some channel we never
6593 * considered. Something new in IEEE standard?
6595 bphy_err(drvr, "Ignoring unexpected firmware channel %d\n",
6600 if (channel->orig_flags & IEEE80211_CHAN_DISABLED)
6603 /* assuming the chanspecs order is HT20,
6604 * HT40 upper, HT40 lower, and VHT80.
6607 case BRCMU_CHAN_BW_160:
6608 channel->flags &= ~IEEE80211_CHAN_NO_160MHZ;
6610 case BRCMU_CHAN_BW_80:
6611 channel->flags &= ~IEEE80211_CHAN_NO_80MHZ;
6613 case BRCMU_CHAN_BW_40:
6614 brcmf_update_bw40_channel_flag(channel, &ch);
6617 wiphy_warn(wiphy, "Firmware reported unsupported bandwidth %d\n",
6620 case BRCMU_CHAN_BW_20:
6621 /* enable the channel and disable other bandwidths
6622 * for now as mentioned order assure they are enabled
6623 * for subsequent chanspecs.
6625 channel->flags = IEEE80211_CHAN_NO_HT40 |
6626 IEEE80211_CHAN_NO_80MHZ |
6627 IEEE80211_CHAN_NO_160MHZ;
6628 ch.bw = BRCMU_CHAN_BW_20;
6629 cfg->d11inf.encchspec(&ch);
6630 chaninfo = ch.chspec;
6631 err = brcmf_fil_bsscfg_int_get(ifp, "per_chan_info",
6634 if (chaninfo & WL_CHAN_RADAR)
6636 (IEEE80211_CHAN_RADAR |
6637 IEEE80211_CHAN_NO_IR);
6638 if (chaninfo & WL_CHAN_PASSIVE)
6640 IEEE80211_CHAN_NO_IR;
6650 static int brcmf_enable_bw40_2g(struct brcmf_cfg80211_info *cfg)
6652 struct brcmf_pub *drvr = cfg->pub;
6653 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0);
6654 struct ieee80211_supported_band *band;
6655 struct brcmf_fil_bwcap_le band_bwcap;
6656 struct brcmf_chanspec_list *list;
6660 struct brcmu_chan ch;
6664 /* verify support for bw_cap command */
6666 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &val);
6669 /* only set 2G bandwidth using bw_cap command */
6670 band_bwcap.band = cpu_to_le32(WLC_BAND_2G);
6671 band_bwcap.bw_cap = cpu_to_le32(WLC_BW_CAP_40MHZ);
6672 err = brcmf_fil_iovar_data_set(ifp, "bw_cap", &band_bwcap,
6673 sizeof(band_bwcap));
6675 brcmf_dbg(INFO, "fallback to mimo_bw_cap\n");
6676 val = WLC_N_BW_40ALL;
6677 err = brcmf_fil_iovar_int_set(ifp, "mimo_bw_cap", val);
6681 /* update channel info in 2G band */
6682 pbuf = kzalloc(BRCMF_DCMD_MEDLEN, GFP_KERNEL);
6687 ch.band = BRCMU_CHAN_BAND_2G;
6688 ch.bw = BRCMU_CHAN_BW_40;
6689 ch.sb = BRCMU_CHAN_SB_NONE;
6691 cfg->d11inf.encchspec(&ch);
6693 /* pass encoded chanspec in query */
6694 *(__le16 *)pbuf = cpu_to_le16(ch.chspec);
6696 err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf,
6699 bphy_err(drvr, "get chanspecs error (%d)\n", err);
6704 band = cfg_to_wiphy(cfg)->bands[NL80211_BAND_2GHZ];
6705 list = (struct brcmf_chanspec_list *)pbuf;
6706 num_chan = le32_to_cpu(list->count);
6707 for (i = 0; i < num_chan; i++) {
6708 ch.chspec = (u16)le32_to_cpu(list->element[i]);
6709 cfg->d11inf.decchspec(&ch);
6710 if (WARN_ON(ch.band != BRCMU_CHAN_BAND_2G))
6712 if (WARN_ON(ch.bw != BRCMU_CHAN_BW_40))
6714 for (j = 0; j < band->n_channels; j++) {
6715 if (band->channels[j].hw_value == ch.control_ch_num)
6718 if (WARN_ON(j == band->n_channels))
6721 brcmf_update_bw40_channel_flag(&band->channels[j], &ch);
6728 static void brcmf_get_bwcap(struct brcmf_if *ifp, u32 bw_cap[])
6730 struct brcmf_pub *drvr = ifp->drvr;
6731 u32 band, mimo_bwcap;
6735 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &band);
6737 bw_cap[NL80211_BAND_2GHZ] = band;
6739 err = brcmf_fil_iovar_int_get(ifp, "bw_cap", &band);
6741 bw_cap[NL80211_BAND_5GHZ] = band;
6747 brcmf_dbg(INFO, "fallback to mimo_bw_cap info\n");
6749 err = brcmf_fil_iovar_int_get(ifp, "mimo_bw_cap", &mimo_bwcap);
6751 /* assume 20MHz if firmware does not give a clue */
6752 mimo_bwcap = WLC_N_BW_20ALL;
6754 switch (mimo_bwcap) {
6755 case WLC_N_BW_40ALL:
6756 bw_cap[NL80211_BAND_2GHZ] |= WLC_BW_40MHZ_BIT;
6758 case WLC_N_BW_20IN2G_40IN5G:
6759 bw_cap[NL80211_BAND_5GHZ] |= WLC_BW_40MHZ_BIT;
6761 case WLC_N_BW_20ALL:
6762 bw_cap[NL80211_BAND_2GHZ] |= WLC_BW_20MHZ_BIT;
6763 bw_cap[NL80211_BAND_5GHZ] |= WLC_BW_20MHZ_BIT;
6766 bphy_err(drvr, "invalid mimo_bw_cap value\n");
6770 static void brcmf_update_ht_cap(struct ieee80211_supported_band *band,
6771 u32 bw_cap[2], u32 nchain)
6773 band->ht_cap.ht_supported = true;
6774 if (bw_cap[band->band] & WLC_BW_40MHZ_BIT) {
6775 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_40;
6776 band->ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
6778 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_20;
6779 band->ht_cap.cap |= IEEE80211_HT_CAP_DSSSCCK40;
6780 band->ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
6781 band->ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_16;
6782 memset(band->ht_cap.mcs.rx_mask, 0xff, nchain);
6783 band->ht_cap.mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED;
6786 static __le16 brcmf_get_mcs_map(u32 nchain, enum ieee80211_vht_mcs_support supp)
6791 for (i = 0, mcs_map = 0xFFFF; i < nchain; i++)
6792 mcs_map = (mcs_map << 2) | supp;
6794 return cpu_to_le16(mcs_map);
6797 static void brcmf_update_vht_cap(struct ieee80211_supported_band *band,
6798 u32 bw_cap[2], u32 nchain, u32 txstreams,
6799 u32 txbf_bfe_cap, u32 txbf_bfr_cap)
6803 /* not allowed in 2.4G band */
6804 if (band->band == NL80211_BAND_2GHZ)
6807 band->vht_cap.vht_supported = true;
6808 /* 80MHz is mandatory */
6809 band->vht_cap.cap |= IEEE80211_VHT_CAP_SHORT_GI_80;
6810 if (bw_cap[band->band] & WLC_BW_160MHZ_BIT) {
6811 band->vht_cap.cap |= IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
6812 band->vht_cap.cap |= IEEE80211_VHT_CAP_SHORT_GI_160;
6814 /* all support 256-QAM */
6815 mcs_map = brcmf_get_mcs_map(nchain, IEEE80211_VHT_MCS_SUPPORT_0_9);
6816 band->vht_cap.vht_mcs.rx_mcs_map = mcs_map;
6817 band->vht_cap.vht_mcs.tx_mcs_map = mcs_map;
6819 /* Beamforming support information */
6820 if (txbf_bfe_cap & BRCMF_TXBF_SU_BFE_CAP)
6821 band->vht_cap.cap |= IEEE80211_VHT_CAP_SU_BEAMFORMEE_CAPABLE;
6822 if (txbf_bfe_cap & BRCMF_TXBF_MU_BFE_CAP)
6823 band->vht_cap.cap |= IEEE80211_VHT_CAP_MU_BEAMFORMEE_CAPABLE;
6824 if (txbf_bfr_cap & BRCMF_TXBF_SU_BFR_CAP)
6825 band->vht_cap.cap |= IEEE80211_VHT_CAP_SU_BEAMFORMER_CAPABLE;
6826 if (txbf_bfr_cap & BRCMF_TXBF_MU_BFR_CAP)
6827 band->vht_cap.cap |= IEEE80211_VHT_CAP_MU_BEAMFORMER_CAPABLE;
6829 if ((txbf_bfe_cap || txbf_bfr_cap) && (txstreams > 1)) {
6830 band->vht_cap.cap |=
6831 (2 << IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT);
6832 band->vht_cap.cap |= ((txstreams - 1) <<
6833 IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT);
6834 band->vht_cap.cap |=
6835 IEEE80211_VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB;
6839 static int brcmf_setup_wiphybands(struct brcmf_cfg80211_info *cfg)
6841 struct brcmf_pub *drvr = cfg->pub;
6842 struct brcmf_if *ifp = brcmf_get_ifp(drvr, 0);
6843 struct wiphy *wiphy = cfg_to_wiphy(cfg);
6846 u32 bw_cap[2] = { WLC_BW_20MHZ_BIT, WLC_BW_20MHZ_BIT };
6851 struct ieee80211_supported_band *band;
6853 u32 txbf_bfe_cap = 0;
6854 u32 txbf_bfr_cap = 0;
6856 (void)brcmf_fil_iovar_int_get(ifp, "vhtmode", &vhtmode);
6857 err = brcmf_fil_iovar_int_get(ifp, "nmode", &nmode);
6859 bphy_err(drvr, "nmode error (%d)\n", err);
6861 brcmf_get_bwcap(ifp, bw_cap);
6863 brcmf_dbg(INFO, "nmode=%d, vhtmode=%d, bw_cap=(%d, %d)\n",
6864 nmode, vhtmode, bw_cap[NL80211_BAND_2GHZ],
6865 bw_cap[NL80211_BAND_5GHZ]);
6867 err = brcmf_fil_iovar_int_get(ifp, "rxchain", &rxchain);
6869 /* rxchain unsupported by firmware of older chips */
6871 bphy_info_once(drvr, "rxchain unsupported\n");
6873 bphy_err(drvr, "rxchain error (%d)\n", err);
6877 for (nchain = 0; rxchain; nchain++)
6878 rxchain = rxchain & (rxchain - 1);
6880 brcmf_dbg(INFO, "nchain=%d\n", nchain);
6882 err = brcmf_construct_chaninfo(cfg, bw_cap);
6884 bphy_err(drvr, "brcmf_construct_chaninfo failed (%d)\n", err);
6889 (void)brcmf_fil_iovar_int_get(ifp, "txstreams", &txstreams);
6890 (void)brcmf_fil_iovar_int_get(ifp, "txbf_bfe_cap",
6892 (void)brcmf_fil_iovar_int_get(ifp, "txbf_bfr_cap",
6896 for (i = 0; i < ARRAY_SIZE(wiphy->bands); i++) {
6897 band = wiphy->bands[i];
6902 brcmf_update_ht_cap(band, bw_cap, nchain);
6904 brcmf_update_vht_cap(band, bw_cap, nchain, txstreams,
6905 txbf_bfe_cap, txbf_bfr_cap);
6911 static const struct ieee80211_txrx_stypes
6912 brcmf_txrx_stypes[NUM_NL80211_IFTYPES] = {
6913 [NL80211_IFTYPE_STATION] = {
6915 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6916 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6918 [NL80211_IFTYPE_P2P_CLIENT] = {
6920 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6921 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6923 [NL80211_IFTYPE_P2P_GO] = {
6925 .rx = BIT(IEEE80211_STYPE_ASSOC_REQ >> 4) |
6926 BIT(IEEE80211_STYPE_REASSOC_REQ >> 4) |
6927 BIT(IEEE80211_STYPE_PROBE_REQ >> 4) |
6928 BIT(IEEE80211_STYPE_DISASSOC >> 4) |
6929 BIT(IEEE80211_STYPE_AUTH >> 4) |
6930 BIT(IEEE80211_STYPE_DEAUTH >> 4) |
6931 BIT(IEEE80211_STYPE_ACTION >> 4)
6933 [NL80211_IFTYPE_P2P_DEVICE] = {
6935 .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
6936 BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
6938 [NL80211_IFTYPE_AP] = {
6940 .rx = BIT(IEEE80211_STYPE_ASSOC_REQ >> 4) |
6941 BIT(IEEE80211_STYPE_REASSOC_REQ >> 4) |
6942 BIT(IEEE80211_STYPE_PROBE_REQ >> 4) |
6943 BIT(IEEE80211_STYPE_DISASSOC >> 4) |
6944 BIT(IEEE80211_STYPE_AUTH >> 4) |
6945 BIT(IEEE80211_STYPE_DEAUTH >> 4) |
6946 BIT(IEEE80211_STYPE_ACTION >> 4)
6951 * brcmf_setup_ifmodes() - determine interface modes and combinations.
6953 * @wiphy: wiphy object.
6954 * @ifp: interface object needed for feat module api.
6956 * The interface modes and combinations are determined dynamically here
6957 * based on firmware functionality.
6959 * no p2p and no mbss:
6961 * #STA <= 1, #AP <= 1, channels = 1, 2 total
6965 * #STA <= 1, #AP <= 1, channels = 1, 2 total
6966 * #AP <= 4, matching BI, channels = 1, 4 total
6969 * #STA <= 1, #AP <= 2, channels = 2, 4 total
6971 * p2p, no mchan, and mbss:
6973 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 1, channels = 1, 3 total
6974 * #STA <= 1, #P2P-DEV <= 1, #AP <= 1, #P2P-CL <= 1, channels = 1, 4 total
6975 * #AP <= 4, matching BI, channels = 1, 4 total
6977 * p2p, mchan, and mbss:
6979 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 1, channels = 2, 3 total
6980 * #STA <= 1, #P2P-DEV <= 1, #AP <= 1, #P2P-CL <= 1, channels = 1, 4 total
6981 * #AP <= 4, matching BI, channels = 1, 4 total
6983 * p2p, rsdb, and no mbss:
6984 * #STA <= 1, #P2P-DEV <= 1, #{P2P-CL, P2P-GO} <= 2, AP <= 2,
6985 * channels = 2, 4 total
6987 static int brcmf_setup_ifmodes(struct wiphy *wiphy, struct brcmf_if *ifp)
6989 struct ieee80211_iface_combination *combo = NULL;
6990 struct ieee80211_iface_limit *c0_limits = NULL;
6991 struct ieee80211_iface_limit *p2p_limits = NULL;
6992 struct ieee80211_iface_limit *mbss_limits = NULL;
6993 bool mon_flag, mbss, p2p, rsdb, mchan;
6994 int i, c, n_combos, n_limits;
6996 mon_flag = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MONITOR_FLAG);
6997 mbss = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS);
6998 p2p = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_P2P);
6999 rsdb = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_RSDB);
7000 mchan = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MCHAN);
7002 n_combos = 1 + !!(p2p && !rsdb) + !!mbss;
7003 combo = kcalloc(n_combos, sizeof(*combo), GFP_KERNEL);
7007 wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
7008 BIT(NL80211_IFTYPE_ADHOC) |
7009 BIT(NL80211_IFTYPE_AP);
7011 wiphy->interface_modes |= BIT(NL80211_IFTYPE_MONITOR);
7013 wiphy->interface_modes |= BIT(NL80211_IFTYPE_P2P_CLIENT) |
7014 BIT(NL80211_IFTYPE_P2P_GO) |
7015 BIT(NL80211_IFTYPE_P2P_DEVICE);
7019 n_limits = 1 + mon_flag + (p2p ? 2 : 0) + (rsdb || !p2p);
7020 c0_limits = kcalloc(n_limits, sizeof(*c0_limits), GFP_KERNEL);
7024 combo[c].num_different_channels = 1 + (rsdb || (p2p && mchan));
7025 c0_limits[i].max = 1;
7026 c0_limits[i++].types = BIT(NL80211_IFTYPE_STATION);
7028 c0_limits[i].max = 1;
7029 c0_limits[i++].types = BIT(NL80211_IFTYPE_MONITOR);
7032 c0_limits[i].max = 1;
7033 c0_limits[i++].types = BIT(NL80211_IFTYPE_P2P_DEVICE);
7034 c0_limits[i].max = 1 + rsdb;
7035 c0_limits[i++].types = BIT(NL80211_IFTYPE_P2P_CLIENT) |
7036 BIT(NL80211_IFTYPE_P2P_GO);
7039 c0_limits[i].max = 2;
7040 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP);
7041 combo[c].max_interfaces = 4;
7043 combo[c].max_interfaces = i;
7045 c0_limits[i].max = 2;
7046 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP);
7047 combo[c].max_interfaces = 3;
7049 c0_limits[i].max = 1;
7050 c0_limits[i++].types = BIT(NL80211_IFTYPE_AP);
7051 combo[c].max_interfaces = i;
7053 combo[c].n_limits = i;
7054 combo[c].limits = c0_limits;
7059 p2p_limits = kcalloc(4, sizeof(*p2p_limits), GFP_KERNEL);
7062 p2p_limits[i].max = 1;
7063 p2p_limits[i++].types = BIT(NL80211_IFTYPE_STATION);
7064 p2p_limits[i].max = 1;
7065 p2p_limits[i++].types = BIT(NL80211_IFTYPE_AP);
7066 p2p_limits[i].max = 1;
7067 p2p_limits[i++].types = BIT(NL80211_IFTYPE_P2P_CLIENT);
7068 p2p_limits[i].max = 1;
7069 p2p_limits[i++].types = BIT(NL80211_IFTYPE_P2P_DEVICE);
7070 combo[c].num_different_channels = 1;
7071 combo[c].max_interfaces = i;
7072 combo[c].n_limits = i;
7073 combo[c].limits = p2p_limits;
7079 n_limits = 1 + mon_flag;
7080 mbss_limits = kcalloc(n_limits, sizeof(*mbss_limits),
7084 mbss_limits[i].max = 4;
7085 mbss_limits[i++].types = BIT(NL80211_IFTYPE_AP);
7087 mbss_limits[i].max = 1;
7088 mbss_limits[i++].types = BIT(NL80211_IFTYPE_MONITOR);
7090 combo[c].beacon_int_infra_match = true;
7091 combo[c].num_different_channels = 1;
7092 combo[c].max_interfaces = 4 + mon_flag;
7093 combo[c].n_limits = i;
7094 combo[c].limits = mbss_limits;
7097 wiphy->n_iface_combinations = n_combos;
7098 wiphy->iface_combinations = combo;
7110 static const struct wiphy_wowlan_support brcmf_wowlan_support = {
7111 .flags = WIPHY_WOWLAN_MAGIC_PKT | WIPHY_WOWLAN_DISCONNECT,
7112 .n_patterns = BRCMF_WOWL_MAXPATTERNS,
7113 .pattern_max_len = BRCMF_WOWL_MAXPATTERNSIZE,
7114 .pattern_min_len = 1,
7115 .max_pkt_offset = 1500,
7119 static void brcmf_wiphy_wowl_params(struct wiphy *wiphy, struct brcmf_if *ifp)
7122 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
7123 struct brcmf_pub *drvr = cfg->pub;
7124 struct wiphy_wowlan_support *wowl;
7126 wowl = kmemdup(&brcmf_wowlan_support, sizeof(brcmf_wowlan_support),
7129 bphy_err(drvr, "only support basic wowlan features\n");
7130 wiphy->wowlan = &brcmf_wowlan_support;
7134 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO)) {
7135 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_ND)) {
7136 wowl->flags |= WIPHY_WOWLAN_NET_DETECT;
7137 wowl->max_nd_match_sets = BRCMF_PNO_MAX_PFN_COUNT;
7138 init_waitqueue_head(&cfg->wowl.nd_data_wait);
7141 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_GTK)) {
7142 wowl->flags |= WIPHY_WOWLAN_SUPPORTS_GTK_REKEY;
7143 wowl->flags |= WIPHY_WOWLAN_GTK_REKEY_FAILURE;
7146 wiphy->wowlan = wowl;
7150 static int brcmf_setup_wiphy(struct wiphy *wiphy, struct brcmf_if *ifp)
7152 struct brcmf_pub *drvr = ifp->drvr;
7153 const struct ieee80211_iface_combination *combo;
7154 struct ieee80211_supported_band *band;
7155 u16 max_interfaces = 0;
7161 wiphy->max_scan_ssids = WL_NUM_SCAN_MAX;
7162 wiphy->max_scan_ie_len = BRCMF_SCAN_IE_LEN_MAX;
7163 wiphy->max_num_pmkids = BRCMF_MAXPMKID;
7165 err = brcmf_setup_ifmodes(wiphy, ifp);
7169 for (i = 0, combo = wiphy->iface_combinations;
7170 i < wiphy->n_iface_combinations; i++, combo++) {
7171 max_interfaces = max(max_interfaces, combo->max_interfaces);
7174 for (i = 0; i < max_interfaces && i < ARRAY_SIZE(drvr->addresses);
7176 u8 *addr = drvr->addresses[i].addr;
7178 memcpy(addr, drvr->mac, ETH_ALEN);
7181 addr[ETH_ALEN - 1] ^= i;
7184 wiphy->addresses = drvr->addresses;
7185 wiphy->n_addresses = i;
7187 wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM;
7188 wiphy->cipher_suites = brcmf_cipher_suites;
7189 wiphy->n_cipher_suites = ARRAY_SIZE(brcmf_cipher_suites);
7190 if (!brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP))
7191 wiphy->n_cipher_suites--;
7192 wiphy->bss_select_support = BIT(NL80211_BSS_SELECT_ATTR_RSSI) |
7193 BIT(NL80211_BSS_SELECT_ATTR_BAND_PREF) |
7194 BIT(NL80211_BSS_SELECT_ATTR_RSSI_ADJUST);
7196 wiphy->flags |= WIPHY_FLAG_NETNS_OK |
7197 WIPHY_FLAG_PS_ON_BY_DEFAULT |
7198 WIPHY_FLAG_HAVE_AP_SME |
7199 WIPHY_FLAG_OFFCHAN_TX |
7200 WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
7201 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_TDLS))
7202 wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS;
7203 if (!ifp->drvr->settings->roamoff)
7204 wiphy->flags |= WIPHY_FLAG_SUPPORTS_FW_ROAM;
7205 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_FWSUP)) {
7206 wiphy_ext_feature_set(wiphy,
7207 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK);
7208 wiphy_ext_feature_set(wiphy,
7209 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X);
7210 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SAE))
7211 wiphy_ext_feature_set(wiphy,
7212 NL80211_EXT_FEATURE_SAE_OFFLOAD);
7214 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_FWAUTH)) {
7215 wiphy_ext_feature_set(wiphy,
7216 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_AP_PSK);
7217 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SAE))
7218 wiphy_ext_feature_set(wiphy,
7219 NL80211_EXT_FEATURE_SAE_OFFLOAD_AP);
7221 wiphy->mgmt_stypes = brcmf_txrx_stypes;
7222 wiphy->max_remain_on_channel_duration = 5000;
7223 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_PNO)) {
7224 gscan = brcmf_feat_is_enabled(ifp, BRCMF_FEAT_GSCAN);
7225 brcmf_pno_wiphy_params(wiphy, gscan);
7227 /* vendor commands/events support */
7228 wiphy->vendor_commands = brcmf_vendor_cmds;
7229 wiphy->n_vendor_commands = BRCMF_VNDR_CMDS_LAST - 1;
7231 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL))
7232 brcmf_wiphy_wowl_params(wiphy, ifp);
7233 err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BANDLIST, &bandlist,
7236 bphy_err(drvr, "could not obtain band info: err=%d\n", err);
7239 /* first entry in bandlist is number of bands */
7240 n_bands = le32_to_cpu(bandlist[0]);
7241 for (i = 1; i <= n_bands && i < ARRAY_SIZE(bandlist); i++) {
7242 if (bandlist[i] == cpu_to_le32(WLC_BAND_2G)) {
7243 band = kmemdup(&__wl_band_2ghz, sizeof(__wl_band_2ghz),
7248 band->channels = kmemdup(&__wl_2ghz_channels,
7249 sizeof(__wl_2ghz_channels),
7251 if (!band->channels) {
7256 band->n_channels = ARRAY_SIZE(__wl_2ghz_channels);
7257 wiphy->bands[NL80211_BAND_2GHZ] = band;
7259 if (bandlist[i] == cpu_to_le32(WLC_BAND_5G)) {
7260 band = kmemdup(&__wl_band_5ghz, sizeof(__wl_band_5ghz),
7265 band->channels = kmemdup(&__wl_5ghz_channels,
7266 sizeof(__wl_5ghz_channels),
7268 if (!band->channels) {
7273 band->n_channels = ARRAY_SIZE(__wl_5ghz_channels);
7274 wiphy->bands[NL80211_BAND_5GHZ] = band;
7278 if (wiphy->bands[NL80211_BAND_5GHZ] &&
7279 brcmf_feat_is_enabled(ifp, BRCMF_FEAT_DOT11H))
7280 wiphy_ext_feature_set(wiphy,
7281 NL80211_EXT_FEATURE_DFS_OFFLOAD);
7283 wiphy_ext_feature_set(wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST);
7285 wiphy_read_of_freq_limits(wiphy);
7290 static s32 brcmf_config_dongle(struct brcmf_cfg80211_info *cfg)
7292 struct brcmf_pub *drvr = cfg->pub;
7293 struct net_device *ndev;
7294 struct wireless_dev *wdev;
7295 struct brcmf_if *ifp;
7302 ndev = cfg_to_ndev(cfg);
7303 wdev = ndev->ieee80211_ptr;
7304 ifp = netdev_priv(ndev);
7306 /* make sure RF is ready for work */
7307 brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 0);
7309 brcmf_dongle_scantime(ifp);
7311 power_mode = cfg->pwr_save ? PM_FAST : PM_OFF;
7312 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_PM, power_mode);
7314 goto default_conf_out;
7315 brcmf_dbg(INFO, "power save set to %s\n",
7316 (power_mode ? "enabled" : "disabled"));
7318 err = brcmf_dongle_roam(ifp);
7320 goto default_conf_out;
7321 err = brcmf_cfg80211_change_iface(wdev->wiphy, ndev, wdev->iftype,
7324 goto default_conf_out;
7326 brcmf_configure_arp_nd_offload(ifp, true);
7328 err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_FAKEFRAG, 1);
7330 bphy_err(drvr, "failed to set frameburst mode\n");
7331 goto default_conf_out;
7334 cfg->dongle_up = true;
7341 static s32 __brcmf_cfg80211_up(struct brcmf_if *ifp)
7343 set_bit(BRCMF_VIF_STATUS_READY, &ifp->vif->sme_state);
7345 return brcmf_config_dongle(ifp->drvr->config);
7348 static s32 __brcmf_cfg80211_down(struct brcmf_if *ifp)
7350 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
7353 * While going down, if associated with AP disassociate
7354 * from AP to save power
7356 if (check_vif_up(ifp->vif)) {
7357 brcmf_link_down(ifp->vif, WLAN_REASON_UNSPECIFIED, true);
7359 /* Make sure WPA_Supplicant receives all the event
7360 generated due to DISASSOC call to the fw to keep
7361 the state fw and WPA_Supplicant state consistent
7366 brcmf_abort_scanning(cfg);
7367 clear_bit(BRCMF_VIF_STATUS_READY, &ifp->vif->sme_state);
7372 s32 brcmf_cfg80211_up(struct net_device *ndev)
7374 struct brcmf_if *ifp = netdev_priv(ndev);
7375 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
7378 mutex_lock(&cfg->usr_sync);
7379 err = __brcmf_cfg80211_up(ifp);
7380 mutex_unlock(&cfg->usr_sync);
7385 s32 brcmf_cfg80211_down(struct net_device *ndev)
7387 struct brcmf_if *ifp = netdev_priv(ndev);
7388 struct brcmf_cfg80211_info *cfg = ifp->drvr->config;
7391 mutex_lock(&cfg->usr_sync);
7392 err = __brcmf_cfg80211_down(ifp);
7393 mutex_unlock(&cfg->usr_sync);
7398 enum nl80211_iftype brcmf_cfg80211_get_iftype(struct brcmf_if *ifp)
7400 struct wireless_dev *wdev = &ifp->vif->wdev;
7402 return wdev->iftype;
7405 bool brcmf_get_vif_state_any(struct brcmf_cfg80211_info *cfg,
7406 unsigned long state)
7408 struct brcmf_cfg80211_vif *vif;
7410 list_for_each_entry(vif, &cfg->vif_list, list) {
7411 if (test_bit(state, &vif->sme_state))
7417 static inline bool vif_event_equals(struct brcmf_cfg80211_vif_event *event,
7422 spin_lock(&event->vif_event_lock);
7423 evt_action = event->action;
7424 spin_unlock(&event->vif_event_lock);
7425 return evt_action == action;
7428 void brcmf_cfg80211_arm_vif_event(struct brcmf_cfg80211_info *cfg,
7429 struct brcmf_cfg80211_vif *vif)
7431 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
7433 spin_lock(&event->vif_event_lock);
7436 spin_unlock(&event->vif_event_lock);
7439 bool brcmf_cfg80211_vif_event_armed(struct brcmf_cfg80211_info *cfg)
7441 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
7444 spin_lock(&event->vif_event_lock);
7445 armed = event->vif != NULL;
7446 spin_unlock(&event->vif_event_lock);
7451 int brcmf_cfg80211_wait_vif_event(struct brcmf_cfg80211_info *cfg,
7452 u8 action, ulong timeout)
7454 struct brcmf_cfg80211_vif_event *event = &cfg->vif_event;
7456 return wait_event_timeout(event->vif_wq,
7457 vif_event_equals(event, action), timeout);
7460 static s32 brcmf_translate_country_code(struct brcmf_pub *drvr, char alpha2[2],
7461 struct brcmf_fil_country_le *ccreq)
7463 struct brcmfmac_pd_cc *country_codes;
7464 struct brcmfmac_pd_cc_entry *cc;
7468 if ((alpha2[0] == ccreq->country_abbrev[0]) &&
7469 (alpha2[1] == ccreq->country_abbrev[1])) {
7470 brcmf_dbg(TRACE, "Country code already set\n");
7474 country_codes = drvr->settings->country_codes;
7475 if (!country_codes) {
7476 brcmf_dbg(TRACE, "No country codes configured for device, using ISO3166 code and 0 rev\n");
7477 memset(ccreq, 0, sizeof(*ccreq));
7478 ccreq->country_abbrev[0] = alpha2[0];
7479 ccreq->country_abbrev[1] = alpha2[1];
7480 ccreq->ccode[0] = alpha2[0];
7481 ccreq->ccode[1] = alpha2[1];
7486 for (i = 0; i < country_codes->table_size; i++) {
7487 cc = &country_codes->table[i];
7488 if ((cc->iso3166[0] == '\0') && (found_index == -1))
7490 if ((cc->iso3166[0] == alpha2[0]) &&
7491 (cc->iso3166[1] == alpha2[1])) {
7496 if (found_index == -1) {
7497 brcmf_dbg(TRACE, "No country code match found\n");
7500 memset(ccreq, 0, sizeof(*ccreq));
7501 ccreq->rev = cpu_to_le32(country_codes->table[found_index].rev);
7502 memcpy(ccreq->ccode, country_codes->table[found_index].cc,
7503 BRCMF_COUNTRY_BUF_SZ);
7504 ccreq->country_abbrev[0] = alpha2[0];
7505 ccreq->country_abbrev[1] = alpha2[1];
7506 ccreq->country_abbrev[2] = 0;
7511 static void brcmf_cfg80211_reg_notifier(struct wiphy *wiphy,
7512 struct regulatory_request *req)
7514 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
7515 struct brcmf_if *ifp = brcmf_get_ifp(cfg->pub, 0);
7516 struct brcmf_pub *drvr = cfg->pub;
7517 struct brcmf_fil_country_le ccreq;
7522 err = brcmf_fil_iovar_data_get(ifp, "country", &ccreq, sizeof(ccreq));
7524 bphy_err(drvr, "Country code iovar returned err = %d\n", err);
7528 /* The country code gets set to "00" by default at boot - substitute
7529 * any saved ccode from the nvram file unless there is a valid code
7532 alpha2 = req->alpha2;
7533 if (alpha2[0] == '0' && alpha2[1] == '0') {
7534 extern char saved_ccode[2];
7536 if ((isupper(ccreq.country_abbrev[0]) &&
7537 isupper(ccreq.country_abbrev[1])) ||
7540 alpha2 = saved_ccode;
7541 pr_debug("brcmfmac: substituting saved ccode %c%c\n",
7542 alpha2[0], alpha2[1]);
7545 /* ignore non-ISO3166 country codes */
7546 for (i = 0; i < 2; i++)
7547 if (alpha2[i] < 'A' || alpha2[i] > 'Z') {
7548 bphy_err(drvr, "not an ISO3166 code (0x%02x 0x%02x)\n",
7549 alpha2[0], alpha2[1]);
7553 brcmf_dbg(TRACE, "Enter: initiator=%d, alpha=%c%c\n", req->initiator,
7554 alpha2[0], alpha2[1]);
7556 err = brcmf_translate_country_code(ifp->drvr, alpha2, &ccreq);
7560 err = brcmf_fil_iovar_data_set(ifp, "country", &ccreq, sizeof(ccreq));
7562 bphy_err(drvr, "Firmware rejected country setting\n");
7565 brcmf_setup_wiphybands(cfg);
7568 static void brcmf_free_wiphy(struct wiphy *wiphy)
7575 if (wiphy->iface_combinations) {
7576 for (i = 0; i < wiphy->n_iface_combinations; i++)
7577 kfree(wiphy->iface_combinations[i].limits);
7579 kfree(wiphy->iface_combinations);
7580 if (wiphy->bands[NL80211_BAND_2GHZ]) {
7581 kfree(wiphy->bands[NL80211_BAND_2GHZ]->channels);
7582 kfree(wiphy->bands[NL80211_BAND_2GHZ]);
7584 if (wiphy->bands[NL80211_BAND_5GHZ]) {
7585 kfree(wiphy->bands[NL80211_BAND_5GHZ]->channels);
7586 kfree(wiphy->bands[NL80211_BAND_5GHZ]);
7588 #if IS_ENABLED(CONFIG_PM)
7589 if (wiphy->wowlan != &brcmf_wowlan_support)
7590 kfree(wiphy->wowlan);
7594 struct brcmf_cfg80211_info *brcmf_cfg80211_attach(struct brcmf_pub *drvr,
7595 struct cfg80211_ops *ops,
7598 struct wiphy *wiphy = drvr->wiphy;
7599 struct net_device *ndev = brcmf_get_ifp(drvr, 0)->ndev;
7600 struct brcmf_cfg80211_info *cfg;
7601 struct brcmf_cfg80211_vif *vif;
7602 struct brcmf_if *ifp;
7608 bphy_err(drvr, "ndev is invalid\n");
7612 cfg = kzalloc(sizeof(*cfg), GFP_KERNEL);
7614 bphy_err(drvr, "Could not allocate wiphy device\n");
7620 init_vif_event(&cfg->vif_event);
7621 INIT_LIST_HEAD(&cfg->vif_list);
7623 vif = brcmf_alloc_vif(cfg, NL80211_IFTYPE_STATION);
7627 ifp = netdev_priv(ndev);
7629 vif->wdev.netdev = ndev;
7630 ndev->ieee80211_ptr = &vif->wdev;
7631 SET_NETDEV_DEV(ndev, wiphy_dev(cfg->wiphy));
7633 err = wl_init_priv(cfg);
7635 bphy_err(drvr, "Failed to init iwm_priv (%d)\n", err);
7636 brcmf_free_vif(vif);
7641 /* determine d11 io type before wiphy setup */
7642 err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_VERSION, &io_type);
7644 bphy_err(drvr, "Failed to get D11 version (%d)\n", err);
7647 cfg->d11inf.io_type = (u8)io_type;
7648 brcmu_d11_attach(&cfg->d11inf);
7650 /* regulatory notifer below needs access to cfg so
7655 err = brcmf_setup_wiphy(wiphy, ifp);
7659 brcmf_dbg(INFO, "Registering custom regulatory\n");
7660 wiphy->reg_notifier = brcmf_cfg80211_reg_notifier;
7661 wiphy->regulatory_flags |= REGULATORY_CUSTOM_REG;
7662 wiphy_apply_custom_regulatory(wiphy, &brcmf_regdom);
7664 /* firmware defaults to 40MHz disabled in 2G band. We signal
7665 * cfg80211 here that we do and have it decide we can enable
7666 * it. But first check if device does support 2G operation.
7668 if (wiphy->bands[NL80211_BAND_2GHZ]) {
7669 cap = &wiphy->bands[NL80211_BAND_2GHZ]->ht_cap.cap;
7670 *cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
7673 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_WOWL_GTK))
7674 ops->set_rekey_data = brcmf_cfg80211_set_rekey_data;
7676 err = wiphy_register(wiphy);
7678 bphy_err(drvr, "Could not register wiphy device (%d)\n", err);
7682 err = brcmf_setup_wiphybands(cfg);
7684 bphy_err(drvr, "Setting wiphy bands failed (%d)\n", err);
7685 goto wiphy_unreg_out;
7688 /* If cfg80211 didn't disable 40MHz HT CAP in wiphy_register(),
7689 * setup 40MHz in 2GHz band and enable OBSS scanning.
7691 if (cap && (*cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40)) {
7692 err = brcmf_enable_bw40_2g(cfg);
7694 err = brcmf_fil_iovar_int_set(ifp, "obss_coex",
7695 BRCMF_OBSS_COEX_AUTO);
7697 *cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
7700 err = brcmf_fweh_activate_events(ifp);
7702 bphy_err(drvr, "FWEH activation failed (%d)\n", err);
7703 goto wiphy_unreg_out;
7706 err = brcmf_p2p_attach(cfg, p2pdev_forced);
7708 bphy_err(drvr, "P2P initialisation failed (%d)\n", err);
7709 goto wiphy_unreg_out;
7711 err = brcmf_btcoex_attach(cfg);
7713 bphy_err(drvr, "BT-coex initialisation failed (%d)\n", err);
7714 brcmf_p2p_detach(&cfg->p2p);
7715 goto wiphy_unreg_out;
7717 err = brcmf_pno_attach(cfg);
7719 bphy_err(drvr, "PNO initialisation failed (%d)\n", err);
7720 brcmf_btcoex_detach(cfg);
7721 brcmf_p2p_detach(&cfg->p2p);
7722 goto wiphy_unreg_out;
7725 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_TDLS)) {
7726 err = brcmf_fil_iovar_int_set(ifp, "tdls_enable", 1);
7728 brcmf_dbg(INFO, "TDLS not enabled (%d)\n", err);
7729 wiphy->flags &= ~WIPHY_FLAG_SUPPORTS_TDLS;
7731 brcmf_fweh_register(cfg->pub, BRCMF_E_TDLS_PEER_EVENT,
7732 brcmf_notify_tdls_peer_event);
7736 /* (re-) activate FWEH event handling */
7737 err = brcmf_fweh_activate_events(ifp);
7739 bphy_err(drvr, "FWEH activation failed (%d)\n", err);
7743 /* Fill in some of the advertised nl80211 supported features */
7744 if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_SCAN_RANDOM_MAC)) {
7745 wiphy->features |= NL80211_FEATURE_SCHED_SCAN_RANDOM_MAC_ADDR;
7747 if (wiphy->wowlan &&
7748 wiphy->wowlan->flags & WIPHY_WOWLAN_NET_DETECT)
7749 wiphy->features |= NL80211_FEATURE_ND_RANDOM_MAC_ADDR;
7756 brcmf_pno_detach(cfg);
7757 brcmf_btcoex_detach(cfg);
7758 brcmf_p2p_detach(&cfg->p2p);
7760 wiphy_unregister(cfg->wiphy);
7762 wl_deinit_priv(cfg);
7763 brcmf_free_vif(vif);
7766 brcmf_free_wiphy(wiphy);
7771 void brcmf_cfg80211_detach(struct brcmf_cfg80211_info *cfg)
7776 brcmf_pno_detach(cfg);
7777 brcmf_btcoex_detach(cfg);
7778 wiphy_unregister(cfg->wiphy);
7779 wl_deinit_priv(cfg);
7780 brcmf_free_wiphy(cfg->wiphy);